On 02/26/2017 02:10 AM, Richard Levitte wrote:
> In message <a2e37ebc-183e-023d-f059-7b89d6e3a...@akamai.com> on Fri, 27 Jan 
> 2017 10:54:35 -0600, Benjamin Kaduk via openssl-dev <openssl-dev@openssl.org> 
> said:
> openssl-dev> There was some discussion about 1.0.1 being EoL on a FreeBSD 
> list [0],
> openssl-dev> and whether it would make sense to move to 1.0.2 on their stable
> openssl-dev> branch, which led to someone making the claim that 1.0.2 has 
> removed 4
> openssl-dev> symbols compared to 1.0.1, and thus is not strictly ABI 
> compatible,
> openssl-dev> linking to https://abi-laboratory.pro/tracker/timeline/openssl/ 
> . If I
> openssl-dev> start semi-randomly clicking around, I can find a page [1] that 
> seems
> openssl-dev> to claim the missing symbols are:
> openssl-dev> ASN1_STRING_clear_free()
> openssl-dev> ENGINE_load_rsax()
> openssl-dev> SRP_user_pwd_free()
> openssl-dev> SRP_VBASE_get1_by_user()
> I haven't make a complete analysis over versions, just did a
> comparison of the files that define what we regard as public symbols
> (util/libeay.num and util/libssl.num) in the latest 1.0.1 and 1.0.2
> releases.  Diffs attached.
> As you can see, ENGINE_load_rsax *did* go away.  That happened here:
>     commit 74184b6f21e095dacd6193a78785a47dd515f0dc
>     Author: Dr. Stephen Henson <st...@openssl.org>
>     Date:   Sun Dec 1 23:06:33 2013 +0000
>         RSAX no longer compiled.
> I'm afraid I can't remember the reasoning behind this commit...
> The rest of those mentioned above haven't moved at all as far as I can
> see.  You may notice that some of the symbols in libssl (ssleay.num)
> did move between "modules" (which in this case can be defined as a
> keyword you can say no to when configuring).  I'm unsure how that
> affects your view on our stability, suffice to say that with default
> configuration, it doesn't affect the ABI one bit.

Agreed.  Though, just the presence of a function/symbol does not
preclude ABI changes for that symbol, if the function signature (or
behavior) changed.

openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to