Re: Why is dso a part of openssl?

Fri, 07 Apr 2000 06:05:07 -0700 

Hi there,

At 08:00 AM 4/7/00 +0200, Richard Levitte (in reply to mixmaster) wrote:
>mixmaster> The new dso stuff looks like a general purpose portable
>mixmaster> interface to shared libraries.  If that is really all it is

[snip]

>mixmaster> What am I missing?
>
>That DSO is going to be used as a general purpose "plugin" loader,
>primarly to load interfaces to diverse hardware cipherboxes, from
>within OpenSSL.
>
>Let's face it, there are a whole bunch of things like that in OpenSSL
>that are not really connected in any way to OpenSSL, except for being
>used by the rest of OpenSSL.  A couple of examples are lhash and conf.

And if you compile with "./config no-dso" (or "perl Configure no-dso ...")
then you'll only have a few pieces of shell dso support code compiled in to
keep linkers happy, and that code won't do any real DSO operations (and
will return NOTSUPPORTED type error values). Support for hardware
acceleration is on its way that will use DSOs, this is so that the library
and applications can have acceleration support but still run on platforms
that don't have the acceleration drivers. Eg. you could even build
applications that *can* support hardware acceleration using platforms
without the hardware/drivers.

lhash, conf, bio, bn, stack, rand, and dso could all be used by
applications for non-crypto/ssl purposes if they are already going to link
with OpenSSL and so can't be bothered using something else as well. OpenSSL
on the other hand shouldn't have any dependencies on other libraries if at
all possible - for reasons of license inhibitions, platform support, and
loss of control over the code (we may not be able to fix things if the
problem is not in the code we control). For lots of things (dso included),
you can patch in your own callbacks (or DSO_METHOD for example) if you have
functionality or support of another form that you'd prefer to use ... if
you compile with "no-dso", you still have the framework in place to hook in
your own DSO_METHOD at run-time. Eg. so that OpenSSL has no built-in shared
library code, but can use functionality from somewhere else that you point
it to.

Cheers,
Geoff


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to