[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSL 1.1.0

On Fri, Nov 11, 2016 at 03:15:09PM +0100, Kurt Roeckx wrote:
> At least something like that also came up with xmltooling.
> It's probably caused by this:
> curl_easy_setopt(easy, CURLOPT_SSL_CTX_FUNCTION, &sslCtxFunction_cb);
> 
> You get an SSL_CTX from OpenSSL 1.1 and you call an OpenSSL 1.0
> function with that handle. And libcurl really shouldn't have been
> exposing such functions directly. If something like that is
> really needed libcurl should have made a proper wrapper.

Yes, I agree that libcurl shouldn't expose such functions. But it does,
and it's to late to change that.

By exposing that function, SSL_CTX became part of curl's ABI.

So by linking to a different OpenSSL version with a different
representation of SSL_CTX, curl indeed changed its ABI and must
change SONAME, right?

Jan
Reply to: