[openssl-project] The problem of (implicit) relinking and changed behaviour
openssl-users at dukhovni.org
Sat Apr 14 20:24:56 UTC 2018
> On Apr 14, 2018, at 4:18 PM, Richard Levitte <levitte at openssl.org> wrote:
>> Will real applications run into any meaningful problems?
> This is an argument that I find *terribly* frustrating. Are you
> suggesting that we have no test that tries to do what can be expect
> from a "real" application?
I am suggesting that we ignore test failures that test for rather
artificial conditions. If our test negotiates TLS with our own
server and tests that it got exactly TLS 1.2 (because that's the
highest version our test expected to support by default) that's an
artificial test, and its failure is fine. Real applications that
want no more than TLS 1.2 need to set the max version, or not expect
that maximum. Anything else is an application bug.
Do we have any meaningful test failures that are not artificial like
the above? If so, we should fix them, if not we possibly need more
tests, but are otherwise fine as best we know.
More information about the openssl-project