On 17 Jun 2014, at 11:01, Phil Mayers <p.mayers@IMPERIAL.AC.UK> wrote:
On 17/06/14 10:50, Arran Cudbard-Bell wrote:
I'm not seeing what the issue is.
OpenSSL has broken ABI in the past without a .soname bump. Very annoying. That does not make it your business to hard-code a version number into the application IMO.
Let's say the OpenSSL guys get really clued up all of a sudden, and/or LibreSSL takes off. Assume that the ABI via the .soname becomes really solid, but the version number starts to increment rapidly. Not impossible. I shouldn't have to re-compile FreeRADIUS to take advantage of that.
The FreeRADIUS check is mutable. If that happens, we can change the code.
I don't think applications should be enforcing this, full stop. I don't expect you'll agree with me, but never mind.
No, I don't agree. Developer time is a finite resource. I don't want our time wasted helping people debug issues caused by libssl compatibility issues. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2