... or does size_t matter:-) I had a look at BRANCH_WIN64 last night and here're some thoughts. First of all I want to point out that I had rather fast look so that this is probably not a final judgment:-)
As discussed earlier Win64 implements P64 programming model and so the discussion started ignited at casting size_t (which is 64-bit) to int vs. real size_t-ification. But for some reason the question if it's a Win64-specific problem or a generic OpenSSL deficiency didn't get proper attention. At least in my opinion. And the simple fact is that it appears to be a *generic* OpenSSL deficiency. Indeed! Most of those casts from size_t were proposed to be made to int, meaning that if there're any bits lost in on P64 platform, same bits will be lost even on LP64 platform! Now having figured this I wonder how come did Win64 deserve so special treatment? I mean being effectively mobbed by branching it to a separate branch basically without any specified release schedule? Do note that I personally have no "special feelings" for Win64 and "emotionally" I'm fine with Win64 being mobbed:-) It's just that I see that by putting Win64 support to prime line development line, we can use Win64 developers [or their tools] to eliminate [yet another] *generic* OpenSSL deficiency. In other words. The way I see it is this. *If* OpenSSL compiles on Win64 with "possible loss of data" warning off (/wd4267 and /wd4244 to be specific, and it does compile!) and passes the test (no hardware, can't tell), it means exactly the same thing as on any other LP64 *supported* platform and therefore might as well be supported. Moreover, it's possible to support it a little better actually, because we have the option to denote the fact that support is in fact limited by "branding" the object modules with #pragma comment(linker,"/largeaddressaware:no") which provides for ILP32 run-time option (as was discussed earlier in another context). But the above does *not* mean that I'm suggesting to skip the size_t-ification of the toolkit! All I'm saying is that it's not a Win64 specific issue and shouldn't be treated as one. As for size_t-ification itself. My feeling after looking at the BRANCH_WIN64 was "do prioritize." There're two ways to tackle the problem. 1. Promote types. 2. Recognize legitimate casts and cast. Take BN code for example. Original code from HEAD and 0.9.7 compiles without a single warning. Code from BRANCH_WIN64 is filled with warnings. Can HEAD break on [L]P64? Yes. What one can do? 1. Promote relevant variables/structure members. 2. Insert couple of assertions which would make BN [gracefully] fail, thus ensuring that casts are legitimate (well, it compiles without a single warning, so that casts are legitimate). I believe there're assertions in place already, one has to verify it. In either case I'd go for 2, because it also effectively protects users from DoS. Indeed, if BN is actually asked to operate on >128Gbit numbers, it's *definitely* a mistake and the library should fail, not start >consuming hours of CPU time. Symmetric algorithms on the contrary has to be type >promoted, and it has to be done in first hand, they apparently not... What to do? I have promoted message digests and few symmetric algorithms already and the question I'm facing now is which branch to commit to. Of course there is BRANCH_WIN64, but I fear that it ends up one bit too different from HEAD to maintain the situation under control. I mean I fear that synching BRANCH_WIN64 to HEAD might become as time consuming as implementation. Cheers. A. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
