On Tue, 24 Mar 2020, Daniel Stenberg wrote: > The current git master of OpenSSL gives us some clues of what's going to > happen when OpenSSL version 3 ships, planned for Q3 2020 I believe. I make a > curl build against that every once in a while to see if anything falls over. > > Now for the one that gives me problems: > > 3. The DES functions are deprecated. Meaning they're marked as such in the > public headers and they will cause compiler warnings when used and if we > build curl with -Werror we get build errors.
Sorry I’ve only just seen this, so apologies for being a bit late to the party, but as you know I don’t hang out in these parts much these days and I keep getting distracted with client commitments! > So what do we do? I can think of at least 4 different ways to go with this, > each choice with its own set of baggage to carry: > > > C) Import DES code (as we have done for MD4 and MD5) and build with that code > when OpenSSLv3 is used. I started work on an internal implementation of DES back in February, when I was fixing up some of the MD4 and MD5 code. > I think I personally am in the C or D camp for the moment. It’s still work in progress but so far I have: * Moved the DES specific code from NTLM to the DES module * Started writing unit tests for it * Selected a version of DES that I believe will help us out > D) Use another 3rd party DES lib (which?) when OpenSSLv3 is used. I contemplated something similar as well and looked at using third-party crypto libraries, such as libcrypt, for MD4, MD5 and DES should an SSL backend not support these. > Thoughts? For my own personal gratification I would like to support C initially and an extended D. Unfortunately I was rather busy with my client during March and April, racking up some hours again! Hopefully I will get back onto curl stuff and get some contributions into the next release 😉 Kind Regards Steve
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html