Darren Tucker <dtucker@xxxxxxxxxxx> writes: > On Mon, 8 May 2023 at 06:13, <rsbecker@xxxxxxxxxxxxx> wrote: > [...] >> Is this not already covered using the --without-openssl-header-check >> configuration option? > > No. That configure option will disable the consistency check between > the headers and library versions at compile time, ie the API. It was > added when some vendors (from memory, Apple) started shipping > libcrypto updates without the corresponding header updates. > > This diff posted affects the check between the version it was compiled > against and the currently installed library version, ie the ABI. > OpenSSL improved the ABI compatibility from "must be the same minor > release" in 1.x to "must be the same major release" in 3.x but we > currently only have the 1.x checks. Damien had a slightly different > diff that also fixed this, not sure what happened to it. IIRC not committed yet. It's https://bugzilla.mindrot.org/show_bug.cgi?id=3548 which I also posted about at https://lore.kernel.org/distributions/87lejy7ilz.fsf@xxxxxxxxxx/T/#u. best, sam
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
