On Fri, Nov 11, 2016 at 03:15:09PM +0100, Kurt Roeckx wrote: > At least something like that also came up with xmltooling. > It's probably caused by this: > curl_easy_setopt(easy, CURLOPT_SSL_CTX_FUNCTION, &sslCtxFunction_cb); > > You get an SSL_CTX from OpenSSL 1.1 and you call an OpenSSL 1.0 > function with that handle. And libcurl really shouldn't have been > exposing such functions directly. If something like that is > really needed libcurl should have made a proper wrapper.
Yes, I agree that libcurl shouldn't expose such functions. But it does, and it's to late to change that. By exposing that function, SSL_CTX became part of curl's ABI. So by linking to a different OpenSSL version with a different representation of SSL_CTX, curl indeed changed its ABI and must change SONAME, right? Jan
