On 22.07.2016 16:53, Simo Sorce wrote: > On Fri, 2016-07-22 at 16:48 +0200, Tomas Mraz wrote: >> >> 2. Add compat 1.0.2 package which would be used by 3rd party >> applications and also temporarily by applications that are not yet >> ported to the new API. However the current plan is to not provide >> -devel subpackage for 1.0.2 compat packages so if you needed to rebuild >> something on rawhide you would have to fix the build issues with the >> new openssl. >> > I am concerned about a compat package because there are a lot of > components lining to openssl often libraries or modules, from different > source RPMS. So we incur the risk of getting a binary to link with both > version via modules/library dependencies and that would cause issues > (probably crashes, or perhaps bad behavior) only at runtime due to > symbol aliasing between the two versions. urgh, yes, that's practically guaranteed to crash LibreOffice which could pull in openssl via neon, python-stmp, postgresql-libs, openldap, curl, librdf, any gnome-vfs backend, and probably other ways i'm not aware of. the only safe way to provide a compat openssl package is as a -devel package that only contains a static library :P -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
