[openssl-project] To use or not use the iconv API, and to use or not use other libraries
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jun 7 15:56:00 UTC 2018
> On Jun 7, 2018, at 11:19 AM, Richard Levitte <levitte at openssl.org> wrote:
>
> Regarding general use of other libraries, please think carefully before voting, 'cause this *is* tricky. If you have a look, you will see that we *currently* depend on certain standard libraries, such as, for example, libdl. And perhaps we should also mention the pile of libraries used with windows.
>
> In my mind, this makes that more general vote ridiculous, but the matter was brought up to me, and I wasn't going to ignore it, no matter what my personal feelings are.
My concern is not so much whether a dependency on libiconv in libcrypto
should be allowed, but rather wether we actually need it. I rather
think that all codepage conversions should be the application's job.
Thus, it is OK for *apps* where we prompt for passwords to support
conversion to UTF-8, perhaps via libiconv. So I see /usr/bin/openssl
linked against the iconv API (which is, for example, in libc on NetBSD
and FreeBSD, and does not require a separate library). We probably
require libiconv for "openssl pkcs12" to work correctly, but the
dependency should IMHO be in apps not libcrypto.
--
Viktor.
More information about the openssl-project
mailing list