2022 and we discuss strcasecmp() again?
Background: OpenSSL 3.0.3 added OPENSSL_strcasecmp() and friends and there are several issue around their implementation. Up to this version, they relied on the POSIX strcasecmp(). Whatever their reasons for their change...
Checking our sources, we have ap_cstr_casecmp() that does the right thing. But
- we do not use it everywhere
- it is not part of APR which relies on the POSIX strcasecmp(), esp. apr_table does.
I want to handshake with you regarding this:
1. should we scan our sources for strcasecmp and replace it with ap_cstr_casecmp()?
2. should we talk to the ARP people about their use? I heard that some of them are here as well.
Kind Regards,
Stefan
Background: OpenSSL 3.0.3 added OPENSSL_strcasecmp() and friends and there are several issue around their implementation. Up to this version, they relied on the POSIX strcasecmp(). Whatever their reasons for their change...
Checking our sources, we have ap_cstr_casecmp() that does the right thing. But
- we do not use it everywhere
- it is not part of APR which relies on the POSIX strcasecmp(), esp. apr_table does.
I want to handshake with you regarding this:
1. should we scan our sources for strcasecmp and replace it with ap_cstr_casecmp()?
2. should we talk to the ARP people about their use? I heard that some of them are here as well.
Kind Regards,
Stefan