RE: Incoming DES headache with OpenSSL 3
Date: Thu, 30 Apr 2020 08:10:28 +0200 (CEST)
On Thu, 30 Apr 2020, Steve Holme via curl-library wrote:
>> D) Use another 3rd party DES lib (which?) when OpenSSLv3 is used.
>
> I contemplated something similar as well and looked at using third-party
> crypto libraries, such as libcrypt, for MD4, MD5 and DES should an SSL
> backend not support these.
For the OpenSSL case however, which is the one I was mostly concerned about in
this thread, I believe the answer is one that wasn't included among my list of
options:
E) Switch to the API that still offers the functionality (EVP*) once the one
we currently use goes away. We will have a few years until this happens.
I also made configure set -DOPENSSL_SUPPRESS_DEPRECATED when we build with
OpenSSL 3 so we won't get those annoying deprecation warnings.
> Hopefully I will get back onto curl stuff and get some contributions into
> the next release 😉
Music to my ears! =)
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-30