[openssl-project] A proposal for an updated OpenSSL version scheme (v2)

Viktor Dukhovni openssl-users at dukhovni.org
Fri Sep 21 15:20:58 UTC 2018



> On Sep 21, 2018, at 11:13 AM, Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com> wrote:
> 
> I like Richard's approach (with the '8' or another number) and  I don't think it is
> contradicting semantic versioning. Maybe a good compromise between  your two
> opposing views would be to make the encoding irrelevant to our users by introducing
> version check macros like
> 
>        OPENSSL_MAKE_VERSION(maj,min,patch)    and
>        OPENSSL_VERSION_AT_LEAST(maj,min)
> 
> (note: the patch level was omitted from the second macro on purpose)
> 
> which enable the application programmer to write code like
> 
> 
>     #if OPENSSL_MAKE_VERSION(2,0,0) <= OPENSSL_VERSION_NUMBER
>         ...
>     #endif

The macros would help new software, and should be added, but existing
software should continue to work with the version-dependent bits
unmodified.  To that end, Richard's encoding does the job (modulo a
minor quibble over the high bit vs. just an epoch nibble of 0x2 or 0x3).

-- 
	Viktor.



More information about the openssl-project mailing list