On 17 Jun 2014, at 07:12, Christian Hesse <list@eworm.de> wrote:
From: Christian Hesse <mail@eworm.de>
Even if dynamic linking is just fine, radiusd fails after ever openssl update. (Distribution toolkits do not detect this, so distribution packages break on a regular basis.) This changes behavior so that it still fails on library downgrade, but just warns if openssl library has been upgraded.
The point of adding the check, was because even minor versions of libssl had changes which broke ABI compatibility. I'm not sure how your suggestion helps? If there's any change in libssl version it could cause ABI incompatibility, it doesn't matter if it's an upgrade or downgrade. -Arran
--- src/main/version.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/main/version.c b/src/main/version.c index fb72c86..289a4f3 100644 --- a/src/main/version.c +++ b/src/main/version.c @@ -48,13 +48,17 @@ int ssl_check_consistency(void)
ssl_linked = SSLeay();
- if (ssl_linked != ssl_built) { - ERROR("libssl version mismatch. built: %lx linked: %lx", + if (ssl_linked < ssl_built) { + ERROR("libssl version mismatch. built: %lx linked: %lx", (unsigned long) ssl_built, (unsigned long) ssl_linked);
return -1; - }; + } else if (ssl_linked > ssl_built) { + WARN("libssl version mismatch. built: %lx linked: %lx", + (unsigned long) ssl_built, + (unsigned long) ssl_linked); + }
return 0; } -- 2.0.0
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2