Hey there,
On Mon, 11 Sep 2000 [EMAIL PROTECTED] wrote:
> We danced around this question awhile ago, but never came to a conclusion
> that I can recall:
> What binary compatibility is intended (or guaranteed)
> across releases?
>
> I vaguely recall "no promises until 1.0" but I could well be wrong.
Sounds about right - it is certainly the case that the last few versions
of OpenSSL have not been backward compatible, but most people didn't seem
to care as it was behavioural compatibility rather than binary
compatibility that had suffered most. There's been a lot that needs
addressing and a certain amount of overhaul is inevitable if OpenSSL is to
go from what it is to what it can be. As much as possible, the overhauling
has been done underneath the "API" so most people don't see the (binary)
differences - but anyone doing cert-chain verification, for example, will
have certainly noticed things changing between versions (here changing ==
improving). Unfortunately, a lot of the stuff in the code that needs work
is directly related to why backward compatibility is painful to maintain.
The stack functions that Richard had been talking about are one such case
where something has been improved and that's just that. The multiplicity
of functions had been there in the name of debugging, of all things.
However, a much nicer way was arrived at to protect programmers from
them/ourselves that didn't require that multiplicity of functions so it
was changed. I don't think there's ever been any illusion that one version
of OpenSSL will be so binary compatible from one version to the next that
you can mix'n'match shared libraries and expect things to work. In fact,
an examination of the source code should show one why using OpenSSL in a
shared-library form is probably not the safest way of going about version
control - it's simply there because some people have memory limitations
and/or hate static libs.
So, in other words, I can personally join Richard is saying that binary
compatibility is not intended except insofar as noone will go out of their
way to break it just for the fun of it. If people have been relying on
binary compatibility before now, then that's a little worrying -
functionality and behaviour has changed quite a bit, even where static
and/or shared library linkage seems to have remained intact. If your
program works with OpenSSL 0.9.5a, great. OpenSSL 0.9.6 is a better
library, and I recommend taking the time to aquaint oneself with its
differences to make your program work with that.
Yes, I would also like to see reliable backwards compatibility acheivable,
but there's too much surgery required before that becomes a major
priority.
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
