serf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Branko Čibej <>
Subject Re: svn commit: r1774473 - in /serf/branches/ocsp-verification: buckets/ssl_buckets.c serf_bucket_types.h test/test_ssl.c
Date Sat, 17 Dec 2016 12:00:31 GMT
On 16.12.2016 20:23, Daniel Shahaf wrote:
> Branko Čibej wrote on Fri, Dec 16, 2016 at 13:56:34 +0100:
>> I have no interest in making Serf support /all/ possible OpenSSL
>> options. On trunk, we already use OPENSSL_NO_TLSEXT and OPENSSL_NO_OCSP
>> in the code, but it doesn't compile if either or both of these are
>> actually defined.
>> I have that fixed locally (see attached patch), although the fix
>> unfortunately involves adding some conditional blocks to the code ...
>> not nice, but I can't think of a better way to make things work, other
>> than removing the dependency on those symbols altogether.
> Have you considered making it a configure-time error¹ to use an openssl
> that doesn't have those two symbols defined?  At least, until somebody
> comes along and asks for them to be supported?
> The less knobs the better, and all that...

Truthfully, I have not considered that. Because the knobs are already in
the code on trunk. I'm not even really eager to make the knobs actually
work as advertised, because I've no need to, e.g., use an OpenSSL
without OCSP support -- quite the opposite in fact!

The only reason I've been fiddling with #ifdefs to make trunk compile is
a desire to keep things shipshape.

-- Brane

View raw message