Return-Path: Delivered-To: apmail-apr-dev-archive@www.apache.org Received: (qmail 46058 invoked from network); 22 Nov 2007 16:06:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Nov 2007 16:06:06 -0000 Received: (qmail 96669 invoked by uid 500); 22 Nov 2007 16:05:53 -0000 Delivered-To: apmail-apr-dev-archive@apr.apache.org Received: (qmail 96294 invoked by uid 500); 22 Nov 2007 16:05:53 -0000 Mailing-List: contact dev-help@apr.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Id: Delivered-To: mailing list dev@apr.apache.org Received: (qmail 96266 invoked by uid 99); 22 Nov 2007 16:05:52 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Nov 2007 08:05:52 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of minfrin@sharp.fm designates 64.49.220.200 as permitted sender) Received: from [64.49.220.200] (HELO chandler.sharp.fm) (64.49.220.200) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Nov 2007 16:05:55 +0000 Received: from chandler.sharp.fm (localhost [127.0.0.1]) by chandler.sharp.fm (Postfix) with ESMTP id 851EEE6CE4 for ; Thu, 22 Nov 2007 10:05:34 -0600 (CST) Received: from www.pier29.net (secure.pier29.net [209.61.173.189]) by chandler.sharp.fm (Postfix) with ESMTP id 64EF2E6CE3 for ; Thu, 22 Nov 2007 10:05:34 -0600 (CST) Received: from 84.233.182.145 (SquirrelMail authenticated user minfrin@sharp.fm) by www.pier29.net with HTTP; Thu, 22 Nov 2007 18:05:34 +0200 (SAST) Message-ID: <34643.84.233.182.145.1195747534.squirrel@www.pier29.net> In-Reply-To: <20071122153025.GA10465@redhat.com> References: <20071121210203.87D121A9832@eris.apache.org> <20071122144040.GA8963@redhat.com> <47030.84.233.182.145.1195743409.squirrel@www.pier29.net> <20071122153025.GA10465@redhat.com> Date: Thu, 22 Nov 2007 18:05:34 +0200 (SAST) Subject: Re: svn commit: r597209 - in /apr/apr-util/trunk: CHANGES build/ssl.m4 include/apr_buckets.h include/apr_ssl.h include/private/apr_ssl_openssl_private.h ssl/apr_ssl_openssl.c ssl/apr_ssl_winsock.c From: "Graham Leggett" To: dev@apr.apache.org User-Agent: SquirrelMail/1.4.8-4.0.1.el4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: ClamAV using ClamSMTP X-Virus-Checked: Checked by ClamAV on apache.org On Thu, November 22, 2007 5:30 pm, Joe Orton wrote: > If I have to know whether apr-util is built against OpenSSL to be able > to use this code, it's completely useless. It is the same pattern used by mod_ssl, and the existing apr_ssl code, so if this is useless, then it is part of a wider problem. The EVP interface as it stands does not attempt to address every possible encryption issue, if it did, the code would never see the light of day. Instead it represents a base on which an EVP interface can be built. I could not find an OpenSSL function that would provide a canonical list of supported ciphers (that is not to say such a funtion definitely does not exist). > I can just code directly > against the OpenSSL EVP interface and cut out the unnecessary overhead > of the layer in between. Assuming OpenSSL is available on your platform, which in the case of Windows, by looking at the existing code, not likely. Remember that the point of APR is to try and present a standard interface to end users, where that standard interface hides system specific custom implementations like CryptoApi or OpenSSL. APR cannot claim to offer every feature of every library out there (although is it good to try). Regards, Graham --