> On Fri, Sep 02, 2005 at 04:04:27AM -0700, Steve Langasek wrote: > > But no one has yet answered my question: *why* are there ABI > > differences between the gnutls and openssl builds?
To the best of my knowledge (I could be wrong), ATM the only ABI difference is that when OpenSSL is used, curl_easy_setopt(handle, CURLOPT_SSL_CTX_FUNCTION, param) is supported. That CURLOPT_SSL_CTX_FUNCTION code cannot be supported if GnuTLS is used because GnuTLS does not offer comparable functionality. "param" above is a pointer to an OpenSSL SSL_CTX struct. According to the curl_easy_setopt manpage: This function gets called by libcurl just before the initialization of an SSL connection after having processed all other SSL related options to give a last chance to an application to modify the behaviour of openssl's ssl initialization. IMHO this incompatibility is quite minor - very few programs will actually register that callback. However, Daniel (curl upstream) believes it possible that future versions of the library will provide other SSL-related hooks of this sort. On Sat, Sep 03, 2005 at 12:47:06AM +1000, Paul TBBle Hampson wrote: > If I've understood correctly, it is because curl expects the client program > or library to -lgnutls or -lopenssl and therefore provide the SSL symbols > to match the symbols which that build of the .so file is expecting. > > This is the point I move from suggesting things to spectating, 'cause I > can't wrap my head above the reason for the above. No, you're mixing things up. I believe you're talking about what is described towards the end of <http://curl.haxx.se/legal/distro-dilemma.html>. Whenever libcurl switches to the described mechanism, then _at_that_moment_ it might be necessary to increase the .so version. That's because programs are then required to link explicitly against one of the SSL-enabling "backend libs", called "lib2" on the page above. You don't suddenly want your old libcurl3-using programs to fail with run-time link errors... HTH, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: | \/¯| http://atterer.net | 0x888354F7 ¯ '` ¯ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]