On Wed, Dec 10, 2014 at 6:27 PM, Stuart Henderson <st...@openbsd.org> wrote: > On 2014/12/10 22:57, Lukas Tribus wrote: >> I get your point, but I don't believe its always that simple. Should we >> really >> exclusively care about users of the packaging systems provided by the OS, >> nobody else? > > The standard way to handle this for build-from-source is with > pkg-config. I haven't looked at what changes have been made to .pc files > but I'd hope that versions there are updated when there's an API change.
Double-checking this, I think there is a mistake that needs correcting. The packaging currently uses used the standard autotools @VERSION@ macro for the .pc files, which derives from AC_INIT's argument (which only allows one version nuber), but it should actually match the library version, correct? $ pkg-config --modversion libcrypto 2.1.2 $ ls -l /usr/local/lib/libssl.* lrwxrwxrwx 1 root root 16 Dec 10 20:38 /usr/local/lib/libssl.so -> libssl.so.29.0.0 lrwxrwxrwx 1 root root 16 Dec 10 20:38 /usr/local/lib/libssl.so.29 -> libssl.so.29.0.0 -rw-r--r-- 1 root root 1701498 Dec 10 20:38 /usr/local/lib/libssl.so.29.0.0 That's the trouble with having multiple libraries in a single package :P >> Having no idea what libssl/lilbcrypto release the application was build >> against >> is not very pleasant when you have to troubleshoot strange problems or crahes >> and in the end the simple reason is that there is no ABI or even API >> compatibility between the library the application was build against and the >> library that is actually running. > > For shared library version numbers, you can expect OpenBSD code to > follow the usual rules, major bump = incompatible change (function > removed or parameters changed), minor bump = addition (code compiled > against older minor versions works with a newer one; code compiled > against newer minor version won't work against an older one). Indeed. From LibreSSL 2.0.0 through 2.1.2, libssl has gone from 26.0.0 to 29.0.0, and libcrypto from 29.0.0 to 30.0.3. These bumps happen whenever they need to, though they are coordinated somewhat to avoid too much churn. You should not see crashes and weird behavior related to ABI mismatches when building against LibreSSL though.
