Re: [crypto] Updated to Support OpenSSL 1.1.0i
There have been other attempts at this (e.g.
https://github.com/apache/commons-crypto/pull/90), and my main concern
with those is that they require different builds for OpenSSL 1.0 and
1.1. It seems your approach falls in that bucket, at least without
The problem with that is that it becomes super annoying to consume
commons-crypto in other projects. Which maven coordinates do you use?
If you're building something like Spark, which is meant to be deployed
in a bunch of different places with potentially different OpenSSL
versions, how do you even do it?
So IMO any approach to this needs to support both OpenSSL versions in
the same commons-crypto jar file. That doesn't necessarily mean the
same underlying JNI library, although doing that would make creating a
binary releases easier (less build platforms to juggle).
On Tue, Nov 27, 2018 at 1:25 AM Alex Remily <alex.remily@xxxxxxxxx> wrote:
> Commons Crypto Dev Team,
> I modified a copy of the commons crypto codebase to support OpenSSL 1.1.0i
> (this was before I saw JIRA CRYPTO-140 "adding suuport for openssl 1.1.0g
> in common crypto"). It successfully runs mvn clean test on Mac OS X
> 10.13.6 and Ubuntu 18.04 with Java 8 and OpenSSL 1.1.0i. I was unable to
> test on Windows, presumably because of CRYPTO-137 Error compiling on Win64
> with Mingw. I did not preserve compatibility with previous versions of
> OpenSSL because I don't need it for the project for which I'm using commons
> Is there is interest in maintaining separate branches for different
> versions of OpenSSL or for incorporating some of my 1.1.0i-compatible code
> into a master that supports multiple underlying OpenSSL versions? If so,
> I'll fork the repo and send a pull request. I also need to incorporate
> message digest functionality, so if there's interest in expanding that
> functionality I'll be glad to share the end product.
To unsubscribe, e-mail: dev-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: dev-help@xxxxxxxxxxxxxxxxxx