cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [PATCH] PolarSSL support in cURL

From: Hoi-Ho Chan <hoiho.chan_at_gmail.com>
Date: Wed, 5 May 2010 18:04:02 -0700

Hi Daniel,

Thanks a lot for pushing the patch. Some answers to your questions:

On Wed, May 5, 2010 at 1:33 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:

>
> o I'm very puzzled by the differences between HAVE_POLARSSL_GPL and without
> it, as it seems the API and all sorts of stuff differences. Is this
> documented anywhere? In fact, I'm a bit sad to see that polarssl seems to
> be
> even worse than the other SSL libraries in the docs department and I fail
> to
> find *ANY* docs for *ANY* function calls? Am I just not looking at the
> right
> places? The web site seems to indicate that polarssl is available as GPL
> or
> proprietary licenced but I can't see anything about them not having the
> same
> API or functionality?
>
>
Yes the #defines are mainly to take care of the minor API differences. I
could have not support the BSD version and start solely with GPL version of
PolarSSL, but I think some people would prefer to stick with the BSD
version.

o If HAVE_POLARSSL_GPL is not defined, what does x509parse_cert_info()
> return?
> Isn't that allocated memory that need to be freed somehow and thus your
> patch introduces a memory leak?
>
>
BSD version of PolarSSL uses a static buffer inside x509parse_cert_info(),
which doesn't need to be freed.

> o Regarding the weird work-around for a bug that is commented as:
> /* FIXME: PolarSSL has a bug where we need to import it twice */
> Won't that introduce a memory leak once the function works the first time?
> Shouldn't the conditional check a specific polarssl version for which to
> use
> this kludge?
>

I remember this bug is fixed in 0.11.0. Maybe I should define
HAVE_POLARSSL_GPL as "the first release where PolarSSL has a GPL-only
release".

> o Speaking of version, is there really no way (build time or run time) to
> figure out what PolarSSL version that is used?
>
>
As far as I know, no. I tried my best to come up with the #defines.

Thanks
Hoi-Ho

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-05-06

This message: [ Message body ]
Next message: Xu, Qiang (FXSGSC): "RE: Reflection for Secure IT Server"
Previous message: Chad Monroe: "Re: Handling of timeouts on clock jump"
In reply to: Daniel Stenberg: "Re: [PATCH] PolarSSL support in cURL"
Next in thread: Paul Bakker: "Re: [PATCH] PolarSSL support in cURL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]