[openssl-project] The problem of (implicit) relinking and changed behaviour
levitte at openssl.org
Mon Apr 16 06:22:59 UTC 2018
In message <877ep8s738.fsf at fifthhorseman.net> on Sun, 15 Apr 2018 10:38:35 -0700, Daniel Kahn Gillmor <dkg at fifthhorseman.net> said:
dkg> Ideally, the semantics of the OpenSSL API for *most* users of the
dkg> library should be roughly "give me the best TLS session you can give".
dkg> There's no breakage in that API if the underlying library suddenly
dkg> starts negotiating TLS 1.3.
I generally agree.
dkg> An application which uses that API and then breaks because it got a
dkg> version of TLS or a ciphersuite that it didn't expect is mis-using the
dkg> API (or, is part of the test suite, which is actually testing the
dkg> internals of the library it was built against and we should expect a
dkg> failure if the library used is changed out from under it).
Generally speaking, I don't necesseraly agree. If the use of an API
is perfectly valid for the conditions a program was built for, and
then suddenly breaks down because the new kid in town wanna play,
I find it hard to call that mis-use. I would much rather have libssl
do something along the lines of "oh, you're one of the old guys, let's
use something that works for you".
dkg> I'm all for making a breaking changes in the OpenSSL API to discourage
dkg> use of bad/legacy API.
That calls for a major version change (in OpenSSL versioning, that
would be 1.2.0). I think we've all come to some kind of agreement
that doing this isn't desirable at this point...
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project