Kurt Roeckx kurt at
Fri Feb 21 08:06:39 UTC 2020


We seem to be deprecating a lot of the old APIs, which I think is
a good thing. But I think we might either be deprecating too much,
or not actually using the alternatives ourself.

In the apps, a lot of the files define
OPENSSL_SUPPRESS_DEPRECATED, which I think is the wrong way to do
it. We should stop using the deprecated functions ourself. If
there is no way to do this using non-deprecated functions, the
function should probably not have been deprecated in the first

The apps might have functionality that we want to deprecate too,
that depends on the deprecated functions. In which case we should
also mark that as deprecated, and the apps should always build in
no-deprecation mode.

We might also be deprecating APIs that we don't use ourself, so
it's harder to know if there are alternatives for it.

It would also be nice that if you deprecate a function, that you
point to the alternative way to do the same thing in the manual.


More information about the openssl-project mailing list