Opened 4 years ago

Last modified 3 years ago

#5462 assigned Enhancement

Use CommonCrypto instead of OpenSSL in libtransmission on OS X

Reported by: Ancient Owned by: mike.dld
Priority: Low Milestone: Sometime
Component: libtransmission Version: 2.82
Severity: Normal Keywords: commoncrypto, openssl
Cc:

Description

Apple deprecated dynamically linking OpenSSL back in OS X 10.7, the reason for this was that OpenSSL doesn't assure compatibility between releases and in the event of a security update being pushed, it is possible that applications using OpenSSL would find themselves broken.

I should also note that I suspect that 10.9 or the next major release may remove the deprecated methods entirely, I have observed breakage relating to them in my light testing on 10.9. I have little evidence to back this up however.

I have completed a portion of the work involved already. If this is of interest I will gladly work on the necessary details to get this ready for inclusion in libtransmission. I just need to know how you would like to proceed, my discussions with jordan indicated an interest in using an interface to select between OpenSSL, CommonCrypto? and other backends for use in libtransmission.

Change History (5)

comment:1 Changed 4 years ago by livings124

That sounds pretty good to me.

comment:2 Changed 4 years ago by mike.dld

CommonCrypto doesn't seem to [publicly] provide all the necessary openssl counterparts T uses at the moment. Is that the reason for this ticket being halted?

comment:3 Changed 4 years ago by Ancient

I'm afraid the hold up on my part simply had to do with some discussions about implementation details not happening yet and my time drying up temporarily (in addition to a reduction in urgency as openssl is still in OS X 10.9).

What appears to be missing in CommonCrypto??

comment:4 Changed 4 years ago by mike.dld

I cannot find Diffie-Hellman routines. The ones I did find are in private headers: http://www.opensource.apple.com/source/CommonCrypto/CommonCrypto-60026/Source/CommonCryptoSPI/CommonDH.h (grepping for CCDHComputeKey on my drive yields nothing, although I have 10.9 and latest Xcode installed).

I can on the other hand find these routines in CSSM API (Security framework), but it's also deprecated as of 10.7.

comment:5 Changed 3 years ago by mike.dld

  • Owner changed from jordan to mike.dld
  • Status changed from new to assigned
Note: See TracTickets for help on using tickets.