Viktor Dukhovni via Postfix-users wrote in <[email protected]>: |On Sat, Jun 08, 2024 at 07:12:01PM -0400, Wietse Venema via Postfix-users \ |wrote: |>>|> Jun 7 23:41:16 outwall/smtpd[19222]: warning: run-time library \ |>>|> vs. compile-time header version mismatch: OpenSSL 3.3.0 may not \ |>>|> be compatible with OpenSSL 3.2.0 |>> ... |>>|[.] OpenSSL 3.2.0 and 3.3.0 |>>|are ABI and API compatible. I would not expect to see a warning or |>>|error. See <https://www.openssl.org/policies/general/versioning-policy.h\ |>>|\ |>>|tml>. |> |> Some irrelevant background: that document covers OpenSSL 3.0 and |> later (earlier releases use a different versioning scheme). | |Correct. OpenSSL 3.0 updated the ABI contract to more closely align |with other "more typical" projects. Hence the SONAMEs of OpenSSL 3.x |libraries (libssl and libcrypto) now just end in ".so.3" with the minor |number absent, which is how the reporter ended up being able to run with |a newer library. | |While newer minor numbers are compatible, older minor numbers may be |lacking newly introduced functions. We could consider skipping the |warning for 3.x onward, so long as the minor version is not older than |expected.
That sounds cool. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) _______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
