On Mon, Jan 12, 2009 at 6:28 PM, Steven M. Schweda <s...@antinode.info> wrote: > Before I forget, is there some good reason not to have the usual > > #ifndef _OPENSSLCONF_H > # define _OPENSSLCONF_H > <everything useful> > #endif /* ndef _OPENSSLCONF_H */ > > guards in "opensslconf.h"?
Well, yes, there is. (I ran into this issue myself way back when and forgetting the why, had it happen to me again a sort while ago) Check out the master file opensslconf.h.in and see this bit for example: ------------------------------ #if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) #define CONFIG_HEADER_RC4_LOCL_H /* if this is defined data[i] is used instead of *data, this is a 20% * speedup on x86 */ #undef RC4_INDEX #endif #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) #define CONFIG_HEADER_BF_LOCL_H #define BF_PTR2 #endif /* HEADER_BF_LOCL_H */ #if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) #define CONFIG_HEADER_DES_LOCL_H #ifndef DES_DEFAULT_OPTIONS /* the following is tweaked from a config script, that is why it is a * protected undef/define */ #ifndef DES_PTR #undef DES_PTR #endif ------------------------------ Notice that there's all those #if defined(HEADER_XYZ_H... checks in there. Putting 'load once' ifdef/define/endif around the file like you would normally do for headerfiles like these, this stuff would fail dramatically. (mind you, this is me, not part of the core dev team, guestimating^H^H^H^H^H^H^H^H^H^H^H'reverse engineering' their original intent with 1/20 hindsight -- I wear glasses so can't claim 20/20 ;-) ) In essence those #if defined(HEADER_XYZ_H... ... #endif bits of code are there to keep those #define'd bits in there as locally as possible. In other words, it's an attempt to accomplish two things, each making life a little easier for some, all at the same time: 1) keep all system-dependent configurable settings in a single headerfile (so the ./config script only has a single file to patch/augment) 2) make #defines, which risk collision with other, unknown entities, *only* *available* for a *limited* set of source files. In this case, DES_PTR only being created and available for OpenSSL-internal source code which implements the DES cipher (HEADER_DES_LOCL_H), etc. The most tricky bits regarding those 'localized defines' in there are OPENSSLDIR and ENGINESDIR as they are only brought into existence when: #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) i.e. only when a source file loads <openssl/crypto.h>, which is a public headerfile and thus can/will be loaded by OpenSSL-using third party source code (= anyone using OpenSSL in their projects). For a suitable contrast [for when you wish to do without those 'localizing' #ifdef HEADER_YADA_H checks aroudn each bit], see this list's history for an ongoing slew of fatal Windows/winsock collisions with X509 and other OpenSSL public APIs definitions: those are then resolved by juggling header file load order and forcibly overriding the winsock stuff, but it's not a nice game that way either. Of course, one can question why such defines are in opensslconf.h this way, but it's part of our heritage by now -- and I don't mind it. It's just that about once every 5 years or so, I do something akin to what you suggested and get my memory refreshed by compile error torrent. No sweat. -- Met vriendelijke groeten / Best regards, Ger Hobbelt -------------------------------------------------- web: http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -------------------------------------------------- ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
