On Thu, Aug 15, 2013 at 11:51:05PM -0700, Patrick Pelletier wrote:
> >Oh.  Is there any reason not to blow that away, or at least build-time
> >select which to use?
> I'm in agreement with you; I just don't think you're going to get
> the OpenSSL folks on board.  They'll probably say something like "we
> want to be totally agnostic to threading library" without
> acknowledging that pthreads and Windows threads cover the vast
> majority of modern mainstream operating systems.

Ah...  I need OpenSSL developers to consider this.  Would that mean
re-posting to the openssl-dev list?

> >Great.  I was hoping that the response wouldn't be something like "no
> >way, we need these callback setting functions for XYZ reasons" or,
> >worse, "no way".
> Unfortunately, I think the response will be that.  (The OpenSSL
> folks just haven't weighed in on this thread yet.)  That's why I was

I'm ever an optimist and I fail to see any reason to not make
initialization automatic and safe on all major platforms, keeping the
old callback setters as no-ops and as fallbacks in cases where
build-time configuration specifically requires that those setters not be

The alternative has to be "don't *EVER* use OpenSSL from a library", or
"always link with and initialize OpenSSL in every program that might -no
matter how indirectly- use an OpenSSL-using library", and *clearly* that
can't be what the OpenSSL devs want, or if it is, then it's clearly way
too late.

> floating the idea of writing an unofficial companion library that
> would smooth over these rough spots and provide a "batteries
> included" approach to people who want it, without having to convince
> the OpenSSL project to change the core library, which I think would
> be an uphill battle at best.

That can't really work unless *every* OpenSSL-using library used it, or
unless we specifically go for using symbol interposition (which means
dynamic linking, FYI, so it'd not work for statically-linked builds).

I'd like to get authoritative answers to my questions before considering

OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to