[openssl-project] To use or not use the iconv API, and to use or not use other libraries

Viktor Dukhovni openssl-users at dukhovni.org
Thu Jun 7 19:16:53 UTC 2018

On Thu, Jun 07, 2018 at 09:01:15PM +0200, Richard Levitte wrote:

> We don't have to answer the question "how high" now.  I'm fully
> prepared to have the use of iconv limited to platforms where we know
> it's available (for example, we - or well, *I* - know that VMS has the
> iconv API in the C RTL, not even any need to link with any extra
> library...  and we *know* it's available in glibc since version
> 2.something).  I'm fully prepared to have to deal with people saying
> "hey, we have that too!" and having to edit config targets as we go.
> I do not expect any support of iconv to cover more than what we can
> test or get patches for, as with anything else.

There's also apparently some variation in the iconv API function
prototypes (possibly "const char **" vs. "char **").  So some
platform-dependent casting may be required...

My peers suggest that this late in the release cycle, we leave the
responsibility of ensuring UTF-8 input to the user.  We could
describe work-arounds in documentation.  Personally, if this is
off by default, and requires a new option to enable, and is just
in openssl(1) and not libcrypto, I'm disinclined to say "no" until
I see a PR (with documentation) that we can decide to leave for
post 1.1.1 or adopt.


More information about the openssl-project mailing list