[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libcurl and moc

> On Fri, Sep 02, 2005 at 04:04:27AM -0700, Steve Langasek wrote:
> > But no one has yet answered my question: *why* are there ABI
> > differences between the gnutls and openssl builds? 

To the best of my knowledge (I could be wrong), ATM the only ABI difference
is that when OpenSSL is used,
curl_easy_setopt(handle, CURLOPT_SSL_CTX_FUNCTION, param)
is supported. That CURLOPT_SSL_CTX_FUNCTION code cannot be supported if
GnuTLS is used because GnuTLS does not offer comparable functionality.

"param" above is a pointer to an OpenSSL SSL_CTX struct. According to the
curl_easy_setopt manpage:

  This function gets called by libcurl just before the initialization of an
  SSL connection after having processed all other SSL related options to
  give a last chance to an application to modify the behaviour of openssl's
  ssl initialization.

IMHO this incompatibility is quite minor - very few programs will actually
register that callback. However, Daniel (curl upstream) believes it
possible that future versions of the library will provide other SSL-related
hooks of this sort.

On Sat, Sep 03, 2005 at 12:47:06AM +1000, Paul TBBle Hampson wrote:
> If I've understood correctly, it is because curl expects the client program
> or library to -lgnutls or -lopenssl and therefore provide the SSL symbols
> to match the symbols which that build of the .so file is expecting.
> This is the point I move from suggesting things to spectating, 'cause I
> can't wrap my head above the reason for the above.

No, you're mixing things up. I believe you're talking about what is
described towards the end of
<http://curl.haxx.se/legal/distro-dilemma.html>. Whenever libcurl switches
to the described mechanism, then _at_that_moment_ it might be necessary to
increase the .so version.

That's because programs are then required to link explicitly against one of 
the SSL-enabling "backend libs", called "lib2" on the page above. You don't 
suddenly want your old libcurl3-using programs to fail with run-time link 



  __   _
  |_) /|  Richard Atterer     |  GnuPG key:
  | \/¯|  http://atterer.net  |  0x888354F7
  ¯ '` ¯

Reply to: