> On Apr 15, 2018, at 12:55 PM, Salz, Rich <rs...@akamai.com> wrote:
> Do our 1.1.0 tests work when linked against the 1.1.1 library?

Our tests don't, but Richard (valiantly I must say) went to the trouble
of doing just that.  And found some tests that failed, ...

> Even then, there might be some failures because some of those tests probably 
> say "pick any protocol" and they were written at a time when 1.3 was not 
> available so might explicitly test, for example, that "any protocol" meant 
> "got 1.2"

in particular this type of failure.

> It would be interesting to test 1.1.0 against the 1.1.1 library, and then 
> analyze the failures and see which, if any, indicate bugs in the 1.1.1 
> compatibility.

This is what Richard was doing, and I commend his efforts.

> Again, to repeat myself, we have datapoints that 1.1.0 programs can use 1.1.1 
> library with no problems. We do not have any datapoints that typical 1.1.0 
> programs fail when using 1.1.1 library. 

I think that tests of this sort are valuable, and should in some cases make the 
test's assumptions more explicit, so that they will also pass with later 
libraries.  Then we can focus on any "real" issues that come up, and decide 
whether they are bugs, significant incompatibilities or "artificial" issues not 
substantive for "real" applications.


openssl-project mailing list

Reply via email to