Salz, Rich wrote:
This feedback is very useful.
1) There is no accessor for the "num" field in the BIO struct.
This is typically used to store a file descriptor or similar value. As can be
seen
by its explicit access in BIO_dup_chain(), there may be legitimate reasons to
get at its value, even if you are not writing your own new BIO
implementation.
Can you explain when/how/why you need it?
My old code was initializing this field to zero in the BIO's "create"
method. I honestly don't remember why, or even if this is necessary, I
just noticed the gap in the API when looking for a replacement.
2) The API documentation for BIO_meth_new() says that "type" should be a
unique integer, but provides no way to ensure this is true.
That sounds like a bug we need to fix. Perhaps something like
int BIO_meth_new_index([int flags?])
?
Something like that would probably work. However, with the new opaque
struct approach, I now create a new BIO_METHOD from scratch for every
connection attempt, and don't really have a convenient place to store
this value, so this will get called rather a lot unless I restructure my
code to cache a value somewhere. Because I am writing a library, which I
intend to be re-entrant, but which does not have any explicit threading
support (or dependencies), I don't have any convenient global place to
cache it. I haven't needed one for anything else. See point #3.
If there was also some way to give these back when no longer needed,
then at least I could ensure my code wouldn't use up the whole namespace
and start failing after a few million connections.
But I think even just some advice on _how_ to pick a value here would be
sufficient. As long as the space is sufficiently sparse, picking a
static value with reasonably low probability of colliding with anything
else would be good enough for me.
3) I'm not sure the conversion of BIO_METHOD to an opaque struct is really a
good idea.
Did you see BIO_meth_set_write etc ?
I did. I also saw that exactly no code in OpenSSL itself uses this API.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
