[Pkg-openssl-devel] Re: Proposal for symbol versioning of openssl
Vincent Danen
vdanen at mandriva.com
Fri Oct 14 00:43:17 UTC 2005
* Christoph Martin <martin at uni-mainz.de> [2005-10-13 23:24:58 +0200]:
> openssl has evolved to a very important library in Linux distribution. A
> lot of cryptographic applications link to it including system libraries
> like pam modules and apache modules. Now it becomes more and more
> difficult to get all the binaries and libraries to link to the same
> version of openssl. This leads to situations where an application uses
> some libraries where on links to openssl 0.9.7 and another one to
> version 0.9.8. Since the symbols of the libraries are not yet versioned
> this leads to severe segfaults.
>
> For the Debian project we want to introduce symbol versioning like it is
> done not only in glibc. Since we want to maintain binary compatibility
> with as much other distributions we want to coordinate this work with
> you. At this time I only have contact addresses to a few maintainers.
[...]
I'm not against this, but this seems like something that should be
adopted by the openssl folks rather than a handful of maintainers of
various distributions. Obviously this could be of use to other
platforms as well (OS X, OpenBSD, FreeBSD, etc.).
It would also lessen maintenance quite a bit of this was adopted
upstream (I see openssl-dev in the cc so obviously they need to
comment).
I can't speak for Mandriva (I'm not the openssl maintainer here), but I
would prefer to have openssl as "vanilla" as possible and don't look
forward to long-term maintenance of something that the openssl team
won't adopt.
Having said that, I definitely see the use of this, and don't really see
any drawbacks so I hope the openssl team takes this under consideration
so everyone can benefit from it.
--
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20051013/532702be/attachment-0001.pgp
More information about the Pkg-openssl-devel
mailing list