Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: openssl breakage: apache2, kdelibs3, mutt-devel

On Tue, Aug 25, 2009 at 07:48:30AM +0200, Thomas Klausner wrote:
> Hi!
> On current/amd64, apache, mutt-devel and kdelibs3 fail with similar
> errors:

The "pointer target type" errors are because the OpenSSL guys finally
applied some const poisoning.  Unfortunately, they took so long to do so
that most applications' default GCC settings now make this an effective
API change.

The STACK errors are just annoying.  It's one of those pseudo-openssl-
internal parts of the API (like OPENSSL_malloc()/OPENSSL_free()) that
is documented in the manual pages for other parts of the API and can't
be avoided if you want to do certain things that are allegedly supported;
yet since it's not directly documented itself I guess they feel free to
change it and break people's application code.

These problems are making me think that, despite the pain, it might be
best to back OpenSSL down to 1.0.0-beta3 in our tree.  That would also
make life easier for people who want to use the FIPS canister in the
future, I think.


Home | Main Index | Thread Index | Old Index