[Vortex] [ISSUE] API mismatch using custom SSL contexts
b.amiaux at ateme.com
Tue Apr 22 10:14:54 CEST 2008
In current Vortex API, when the automagic TLS setup using file-based
certificates isn't enough, it is possible to use SSL contexts.
The issue is that the proposed API only allow us to create the context
but not how to destroy it. This is cumbersome because, as usual, when
vortex is used as a DLL, it forces us to use the exact same version of
openssl under which the dll has been linked or you wil suffer instant
heap corruption when any SLL context is deallocated.
I see two possible solutions:
- add another API to offer buffer-based certificates and private keys
for vortex. In this case it will only use SSL functions from the library
it has been linked with, which guarantee proper behavior.
- add an abstraction layer above SSL functions, which allows us to use
any SSL implementation. This abstraction have to be complete, including
allocation, processing and deallocation functions. A default file-based
SSL implementation could be added.
Maybe there are better solutions ?
More information about the Vortex