----- Opprinnelig melding ----- > Fra: "Gert Doering" <g...@greenie.muc.de> > Til: openvpn-devel@lists.sourceforge.net > Sendt: 13. april 2014 17:26:13 > Emne: [Openvpn-devel] RFD: ssl library version numbers > > Hi, > > OpenVPN does not currently report the version of the SSL library it is > using - which I'm not sure whether it's by design or just because nobody > ever added it. Anyway, right now I think we need it, to help future > cases. > > There are a few questions that go along with that, which I want to discuss > here :-) > > - shall we report compile-time versions as well, or only run-time version?
I'd say we should return *run-time* versions. For RPM based distros at least, the OpenSSL library can be upgraded without a rebuild of OpenVPN (as long as the ABI doesn't change, which most enterprise level distros will beware of). In that perspective there is not much value which compile-time version OpenVPN was compiled against. The only time OpenSSL compile-time versions is interesting is when there are #define constants and macros which would directly change the OpenVPN runtime behaviour. But such changes is actually breaking the OpenSSL ABI, which again most enterprise level distros will beware of and avoid. And I even believe, at least for OpenSSL, that such ABI breaking changes goes into their major releases, not the minor updates. -- kind regards, David Sommerseth
