[botan-devel] Deprecating public use of many Botan headers

Jack Lloyd jack at randombit.net
Tue Aug 6 09:05:58 EDT 2019


On Tue, Aug 06, 2019 at 12:55:48PM +0000, Christian Kandeler wrote:
> On Tue, 6 Aug 2019 07:42:51 -0400
> Jack Lloyd <jack at randombit.net> wrote:
> 
> >  * Reducing shared lib exports. If the compiler knows a symbol is not exported
> >    (and thus cannot be overridden eg via LD_PRELOAD) then it can optimize
> >    somewhat better. This last is a bit marginal since a lot of functionality is
> >    already exported (only) for tests which use them via the internal headers.
> 
> Isn't this easily solved by using a separate AUTOTEST_EXPORT macro which expands to an actual export only if tests are enabled?

Yes that is an option, basically add some configure-time flag which
disables building/running tests, and then sets such APIs to non-exported.
Since in the visibility/export macros we already make a distinction of
public API (BOTAN_PUBLIC_API) vs API which is only exposed for tests
(BOTAN_TEST_API), that would probably be simple to do.

However I get nervous about someome shipping binaries that have not
been tested. That seems like a recipe for problems. But, something to
think about!

The vast majority of the tests don't rely on non-public symbols so
another option would be to just selectively disable tests which rely
on non-public APIs, which is probably a bit safer albeit more work to
accomplish.

Thanks,
  Jack


More information about the botan-devel mailing list