[Bug 1991] openssl version checking needs updating

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 30 19:09:45 EST 2012


--- Comment #10 from Darren Tucker <dtucker at zip.com.au> 2012-03-30 19:09:45 EST ---
(In reply to comment #9)
> Note that beta versions on the same fix release (1.0.z should be ABI
> compatible. Only when the major or minor release changes there should
> be ABI breakers (that is when x or y in x.y.z changes).

You'd hope so, however from the CHANGES file in openssl 1.0.1 under
"Changes between 1.0.0h and 1.0.1" (a "fix" release, in openssl's
parlance) shows, amongst other things:

  *) Functions FIPS_mode_set() and FIPS_mode() which call the
     FIPS modules versions.
     [Steve Henson]

  *) [...] This enables the following EC_METHODs:

so, new functions introduced in "fix" releases.  Given this, we are yet
to be convinced that "fix" releases both are forward and backward ABI

> Also as the patch level (the letter after version) changes there should
> be strictly only bugfixes, these should be even forward-backwards
> compatible.

Patch level is covered by the 0xff0 mask in both cases.

> So for the after 1.0 versions I'd suggest the version_mask to be
> ~0xfffffL

That'd allow development and release versions to mix too.  For now
we're only considering release versions.

Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list