On Mon, 15 May 2023, Priyanka Chauhan4 via curl-library wrote:

Is there any specific change required to integrate with Openssl 3.0

No. The source code has been adjusted to work with the provided OpenSSL version all since 0.9.x. The 3.y.z series is no different to us in this aspect. We also work with the big known OpenSSL forks like libressl, BoringSSL, quictls and AWS-LC in a similar fashion.

I see some functions are not there in openssl 3.0 like MD5_Update

First: That is incorrect. MD5_Update and a bunch of other functions are marked deprecated and they *can* be hidden from the API, but that's not the default build from what I understand.

libcurl can also use its own MD5 code if needed.

openssl v3.0 recommended using high level function like EVP_DigestUpdate and
other changes related to context, some of the functions are now expecting context.

Such changes we have to take care while integrating. Can you confirm ?

I can confirm that they have added functions and marked functions as deprecated, sure.

curl inhibits the deprecation warnings because it has not adapted the code to these OpenSSL ideas, so yes at some future point we might need to update our OpenSSL using code if they actually go ahead and remove functions we rely on.

Everyone is free to go ahead and do it now if they feel inclined. I personally have trust issues with OpenSSL and their future directions so I figure it is better for us (me at least) to not do anything ahead of time based on speculations of where they might end up.

There are plenty of good alternative libs if OpenSSL falls off the road.

I'm asking this because in future if there is libcurl upgrade, we need to make sure of changes according to openssl 3.0

If OpenSSL breaks backwards compatibility in a future release, then yes curl will need to adapt to that. Like we have always done. OpenSSL 3 is not adding anything new to this circle of life.

--

 / daniel.haxx.se
 | Commercial curl support up to 24x7 is available!
 | Private help, bug fixes, support, ports, new features
 | https://curl.se/support.html
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html

Reply via email to