Re: [HACKERS] About BoringSSL, an OpenSSL fork
On 26 October 2015 at 00:59, Michael Paquier wrote: > https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md > Looking at the porting section many routines have changed compared to > OpenSSL. I can't imagine this fork to become a complete replacement of > OpenSSL, but it may be worth considering an integration in Postgres > code depending on the features it will have (Curve25519, > Ed25519 mentioned). Also since 9.4 the SSL code paths have been > rearranged to allow more implementations to be done with other SSL > libraries. > Quote: Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don’t recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability. Sounds like a subscription to a world of pain. Geoff
[HACKERS] About BoringSSL, an OpenSSL fork
Hi all, Perhaps some of you guys knew about that, but I just found about this stuff this morning: https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md Looking at the porting section many routines have changed compared to OpenSSL. I can't imagine this fork to become a complete replacement of OpenSSL, but it may be worth considering an integration in Postgres code depending on the features it will have (Curve25519, Ed25519 mentioned). Also since 9.4 the SSL code paths have been rearranged to allow more implementations to be done with other SSL libraries. Note that I am wondering also about the long-term stability and potential backward-incompatibilities of the routines in this fork though (recall for example v8 major breakage wround 3.14, if I recall correctly this version number). Thoughts? -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
