René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Check consistency of OpenSSL data headers","articleBody":"# Feature or enhancement\n\n### Proposal:\n\nOpenSSL mnemonics may change in minor releases and/or they may have clashes. Clashes are annoying because we cannot build 1-to-1 hash tables out of it while inconsistencies mean that error messages would be incorrectly rendered. Note that only error reporting is affected but not error handling as code paths are using the macros defined by OpenSSL (so it doesn't matter which version we're using, as soon as they are available)\n\nI want to create a tool that checks the OpenSSL mnemonics themselves to see if there are duplicates for instance, as well as a tool that bisects whether the latest OpenSSL version has changed its mnemonics. Currently, `_ssl.c` contains this:\n\n```c\n/* Include generated data (error codes) */\n/* See make_ssl_data.h for notes on adding a new version. */\n#if (OPENSSL_VERSION_NUMBER \u003e= 0x30100000L)\n#include \"_ssl_data_34.h\"\n#elif (OPENSSL_VERSION_NUMBER \u003e= 0x30000000L)\n#include \"_ssl_data_300.h\"\n#elif (OPENSSL_VERSION_NUMBER \u003e= 0x10101000L)\n#include \"_ssl_data_111.h\"\n#else\n#error Unsupported OpenSSL version\n#endif\n```\n\nIn other words, we make the assumption that error codes from OpenSSL 3.1.x up to now have not been changed, but this is not necessarily correct (if new codes are added, it's fine, but if mnemonics are renumbered, it's not: this happened in 3.4.0 -\u003e 3.4.1).\n\nIn addition, the reason why 3.4.1 mnemonics changed is because there were mismatched values (see https://github.com/openssl/openssl/issues/26388). The tool would then be doing the following:\n\n- check whether OpenSSL mnemonics are valid after pulling them; namely check that we don't have mismatched values or clashing values.\n- compute the diff between the latest known mnemonics and the pulled mnemonics. If there are more entries, we can use the same file; otherwise a new file must be created.\n\nTo ease development, I also suggest a separate `_ssl_data.h` file, also automatically generated, and that would be responsible to hold the above code snippet. It's easier than adding more and more lines to `_ssl.c` in the future. I also suggest moving the `_ssl_data_*` files into a dedicated folder as we may have more and more files in the future. \n\n### Has this already been discussed elsewhere?\n\nThis is a minor feature, which does not need previous discussion elsewhere\n\n### Links to previous discussion of this feature:\n\n_No response_","author":{"url":"https://github.com/picnixz","@type":"Person","name":"picnixz"},"datePublished":"2025-04-20T10:33:14.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/132745/cpython/issues/132745"}