From owner-freebsd-arch Thu Aug 1 17: 7:59 2002 Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D7E337B400 for ; Thu, 1 Aug 2002 17:07:56 -0700 (PDT) Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 670E443E70 for ; Thu, 1 Aug 2002 17:07:55 -0700 (PDT) (envelope-from mi@aldan.algebra.com) Received: from aldan.algebra.com (localhost [127.0.0.1]) by aldan.algebra.com (8.12.5/8.12.5) with ESMTP id g7206Ttg074466; Thu, 1 Aug 2002 20:06:29 -0400 (EDT) (envelope-from mi@aldan.algebra.com) Received: (from mi@localhost) by aldan.algebra.com (8.12.5/8.12.5/Submit) id g7206PgF074368; Thu, 1 Aug 2002 20:06:25 -0400 (EDT) Content-Type: text/plain; charset="iso-8859-1" From: Mikhail Teterin To: Terry Lambert Subject: Re: OpenSSL vs. -lmd Date: Thu, 1 Aug 2002 20:06:25 -0400 User-Agent: KMail/1.4.1 References: <200207311641.g6VGfRWj099655@freefall.freebsd.org> <200208011830.20096.mi+mx@aldan.algebra.com> <3D49BBEF.F1156C79@mindspring.com> In-Reply-To: <3D49BBEF.F1156C79@mindspring.com> Cc: arch@FreeBSD.ORG X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7whJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thursday 01 August 2002 06:53 pm, you wrote: = Mikhail Teterin wrote: = > = Asking every software vendor out there to perform the same contortions = > = so that their applications aren't FreeBSD-specific after they're = > = written is unacceptable. = > = > Nobody is planning to ask them. If your application only compiles with a = > particular version of OpenSSL means the app is broken. = = If your OS doesn't allow my application to compile with a = particular version of OpenSSL, it means your OS is broken. Ours does... You _can_ easily install OpenSSL of your choice (you should use the port, but you don't have to). And yes, you need to make sure your -I and -L settings point to the right locations, but that is always the case. In addition, the openssl port has a setting, with which you overwrite the base openssl -- letting you easily install the latest and greatest OpenSSL on a not so latest OS. I wonder, why you are not complaining about us having -lc in the base system :-) After all, with Linux systems you usually have a choice -- glibc/libc/etc. = The sword cuts both ways. = = Try to think like an application vendor instead of an OS vendor. = = = > In any case, to bring this thread back to the SUBJECT, having -lmd does = > not help those poor vendors a bit. I'd suggest using -lmd _inside_ = > -lcrypto, if OpenSSL's implementations of the digests weren't faster... = > = > Since they are, -lmd should be dropped. Whatever your opinion on the = > rest of OpenSSL, its API(s) did not change in a while... Especially in = > the Message Digest area. = That'd be peachy, if the shared library version number only = applied to the Message Digest area. Unfortunately, it applies = to the whole thing, so when something unrelated to message = digests changes its API, programs linked against the same = digest API can notcontinue to use the system shared library = when installed on future versions of FreeBSD, unless backward = compatability packages are also installed. The digests are in -lcrypto. It is the -lssl, that changes (or should change) more often. In any case, I have the same -lcrypto and -lssl versions on my -current and -stable systems. The libs are quite stable, even if less so, than the -lmd. In any case, the same problem (if it is a problem) exists with -lc, -lm (oh, yes!) and other libraries. Why pick on OpenSSL? -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message