* * * * *

         It seems that checking the TLS API version number is useless

I've pretty much finished the Lua TLS (Transport Security Layer) module [1]
and before releasing it, I thought it might be nice to ensure it compiles
with previous versions of libtls [2]. The main header file contains the
defined value TLS_API, which I assume is updated whenever the API
(Application Programming Interface) is updated. So I began the arduous
procedure of downloading previous versions of libtls to ensure I can compile
against any version.

I started with LibreSSL [3] version 2.7.4 (current when I started—they are
now up to 2.8.0 as I write this). The defined value TLS_API had a value of
“20180210”. I checked version 2.7.0 and no change in libtls. It wasn't until
I got into the pre-2.7 versions that things started going south.

The previous version of TLS_API, “20170126”, was first defined in 2.5.1, and
last used in 2.6.5. But the API changed quite a bit between versions 2.5.1
and 2.6.5. Five functions were added:

 1. tls_config_set_crl_file()
 2. tls_config_set_crl_mem()
 3. tls_config_set_ecdhecurves()
 4. tls_peer_cert_chain_pem()
 5. tls_unload_file()

What's the point of having a defined value like TLS_API if it doesn't change
when you add new functions?

Fortunately, the defined value LIBRESSL_VERSION_NUMBER is updated per
version, so at least I can use that.

Sigh.

[1] gopher://gopher.conman.org/0Phlog:2018/07/23.1
[2] https://man.openbsd.org/tls_init.3
[3] https://www.libressl.org/

Email author at [email protected]

You are viewing proxied material from gopher.conman.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.