[haiku-commits] Re: haiku: hrev50368 - src/kits/network/libnetapi headers/os/net

  • From: Axel Dörfler <axeld@xxxxxxxxxxxxxxxx>
  • To: haiku-commits@xxxxxxxxxxxxx
  • Date: Tue, 28 Jun 2016 09:38:23 +0200

Am 27/06/2016 um 07:20 schrieb Adrien Destugues:

I think it is a good idea to provide a higher level API to developers.
If we require the server name to be set twice when working with SSL (or
HTTPS), the API will be more flexible, but more confusing. It is known
that a lot of apps working irectly with OpenSSL run into security
problems because so many things need to be checked or done manually:
SNI, requesting validation of the certificate chain, etc.

The single responsibility principle is good for designing the internals
of the classes, but not always the best approach when it comes to
designing an user facing API.

I disagree. How about adding constructors to BSecureSocket like those in BNetworkAddress instead:

                                                                
BNetworkAddress(const char* address,
        uint16 port = 0, uint32 flags = 0);
BNetworkAddress(const char* address,
        const char* service, uint32 flags = 0);
BNetworkAddress(int family, const char* address,
        uint16 port = 0, uint32 flags = 0);
BNetworkAddress(int family, const char* address,
        const char* service, uint32 flags = 0);

?
Another option would be to add a class BHostAddress that contains a BNetworkAddress and a host name. But please leave BNetworkAddress as it is, er... was :-)

Bye,
   Axel.


Other related posts: