OpenSSL 3.0 (or 4.0) API goals

Paul Smith paul at
Fri Mar 1 22:26:01 UTC 2019

Hi all.

I'm reading with interest the details coming out with respect to the
next release of OpenSSL.

I'm curious if there's any consideration being given to updating the
API for existing interfaces, and/or checking the APIs of any new
interfaces for issues that are seen in the current API.

I'm talking about things like:

 * Const-correctness for arguments
 * Signed vs. unsigned values for integer values
 * Avoiding non-portable types in the API (the most obvious example:
   using "int" as the type for socket descriptors, which is only
   portable to Windows due to an implementation detail).
 * Possibly using something like uint8_t* for pointers to buffers
   containing binary "stuff" (this could be more annoying than helpful,
   requiring a lot of casting, so I'm not sure about that).

Just wondering... seems like a good time to think about cleanups like
that, if feasible.

More information about the openssl-users mailing list