On 28 Oct 2015, at 12:49, Michael Ströder <michael@stroeder.com> wrote:
Stefan Paetow wrote:
Because it would be unnecessary bloat in cross-version .spec files.
Oh dear. It's the end of the world that! I'd rather have a .spec file that properly manages dependencies than install something only for it to blow up because someone didn't specify the dependencies properly :-)
I'm not sure spec file bloat is a valid reason anyway. It would be fairly easy to query the version of the OpenSSL rpm used on the build system, and use version components from that to set the correct version for the dependency. It would also protect users from accidentally installing a newer OpenSSL RPM from a none Suse source, and breaking their RADIUS server. There are good, valid, proven reasons for having such strict dependencies. If you build FreeRADIUS with OpenSSL 1.0.1 and try to use it with OpenSSL 1.0.2 it will not work correctly with rlm_eap. If you build FreeRADIUS with OpenSSL 1.0.0 and use it with OpenSSL >= 1.0.1 authentication will appear to succeed, but the MPPE keys will be calculated incorrectly. The nature of the protocols that FreeRADIUS is implementing requires tight integration with whatever OpenSSL library. The RPM dependencies should reflect this. -Arran Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2