Opened 3 months ago

Closed 3 months ago

Last modified 6 weeks ago

#2180 closed enhancement (fixed)

Refactoring SSL socket backend implementations

Reported by: ming Owned by: ming
Priority: normal Milestone: release-2.9
Component: pjlib Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

There are currently a lot of duplication in the SSL backend implementation, which causes major issues, maintenance difficulties, as well as unnecessary complexity when trying to add a new SSL backend.

The major issues are primarily due to revision differences (one backend (OpenSSL) gets updated/fixed a lot, while the other (GnuTLS) lags way behind). These create behavioral differences, where new features such as the new callback on_accept2() is only available for OpenSSL, and potential security problem, since bug fixes are only applied to one backend, while leaving the others exposed.

Thus refactoring is necessary, to make sure that shared codes are put in a separate file.

Change History (5)

comment:1 Changed 3 months ago by ming

  • Owner set to ming
  • Resolution set to fixed
  • Status changed from new to closed

In 5938:

Fixed #2180: Refactoring SSL socket backend implementations

comment:2 Changed 3 months ago by ming

In 5940:

Re #2180: Fixed incorrect early return in pj_ssl_sock_renegotiate()

comment:3 Changed 3 months ago by ming

In 5941:

Re #2180: Suppress warning of unreferenced function parameters

comment:4 Changed 2 months ago by nanang

In 5951:

Re #2180: Added ssl_sock_imp_common.h/c to PJLIB MSVC2005 project (excluded for build).

comment:5 Changed 6 weeks ago by riza

In 5966:

Re #2180: Added ssl_sock_imp_common.h/c to PJLIB VS2015 project (excluded for build).

Note: See TracTickets for help on using tickets.