[Vortex] [ISSUE] API mismatch using custom SSL contexts

Benoit Amiaux b.amiaux at ateme.com
Tue Apr 22 10:14:54 CEST 2008


In current Vortex API, when the automagic TLS setup using file-based 
certificates isn't enough, it is possible to use SSL contexts.
The issue is that the proposed API only allow us to create the context 
but not how to destroy it. This is cumbersome because, as usual, when 
vortex is used as a DLL, it forces us to use the exact same version of 
openssl under which the dll has been linked or you wil suffer instant 
heap corruption when any SLL context is deallocated.
I see two possible solutions:
- add another API to offer buffer-based certificates and private keys 
for vortex. In this case it will only use SSL functions from the library 
it has been linked with, which guarantee proper behavior.
- add an abstraction layer above SSL functions, which allows us to use 
any SSL implementation. This abstraction have to be complete, including 
allocation, processing and deallocation functions. A default file-based 
SSL implementation could be added.

Maybe there are better solutions ?


More information about the Vortex mailing list