Technically an API break

Tomas Mraz tmraz at
Thu May 7 08:31:42 UTC 2020

On Thu, 2020-05-07 at 09:24 +0100, Matt Caswell wrote:
> PR11589 makes a change to the public API function
> `SSL_set_record_padding_callback` to change its return type from void
> to
> int:
> This is technically an API break - but it doesn't seem too serious.
> It's
> possible, I suppose, that existing applications that use this will
> fail
> to spot the error return since this function can now fail. The
> function
> itself was only recently added (in 1.1.1), and I suspect real-world
> usage is very small (or possibly nil).
> Is this considered ok?

I would say this is an acceptable thing if it is documented (which it
is in the PR). Especially because the error return can happen only when
the application sets up the SSL to use kernel TLS.

Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your

More information about the openssl-project mailing list