#2180 closed enhancement (fixed)
Refactoring SSL socket backend implementations
Reported by: | ming | Owned by: | ming |
---|---|---|---|
Priority: | normal | Milestone: | release-2.9 |
Component: | pjlib | Version: | trunk |
Keywords: | Cc: | ||
Backport to 1.x milestone: | Backported: | no |
Description
There are currently a lot of duplication in the SSL backend implementation, which causes major issues, maintenance difficulties, as well as unnecessary complexity when trying to add a new SSL backend.
The major issues are primarily due to revision differences (one backend (OpenSSL) gets updated/fixed a lot, while the other (GnuTLS) lags way behind). These create behavioral differences, where new features such as the new callback on_accept2() is only available for OpenSSL, and potential security problem, since bug fixes are only applied to one backend, while leaving the others exposed.
Thus refactoring is necessary, to make sure that shared codes are put in a separate file.
Change History (5)
comment:1 Changed 6 years ago by ming
- Owner set to ming
- Resolution set to fixed
- Status changed from new to closed
comment:2 Changed 6 years ago by ming
In 5940:
comment:3 Changed 6 years ago by ming
In 5941:
comment:4 Changed 6 years ago by nanang
In 5951:
comment:5 Changed 6 years ago by riza
In 5966:
In 5938: