On 2016-12-11 21:07:14 [+0100], Michael Meskes wrote: > Sorry, wasn't precise enough it seems. I was wondering why you left out > the third possible option, namely the compatibility API in libssl 1.1.
Ach. It does not work that way, this "compatibility" API is defined by the openssl build and should not be changed by a program. It only works for a few functions like SSL_load_error_strings() which point to the right functions. Those are enabled in the Debian build. The *main* problem is that structs like SSL are opaque and can't be dereferenced. There is no "compatibility" for that. Therefore the two options I mentioned are the valid candidates (a third might be to switch away from openssl to a different toolkit). > Michael Sebastian