> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Patrice Guérin > Sent: Wednesday, 12 November, 2014 13:28 > > My second question is, in this case, is there problems to have loaded > DLLs that do not match the headers I used for compilation ?
Yes. I don't know offhand of a specific case on Windows where this may be a problem, if your headers are from *exactly* the same version as the library your application has loaded; but I would bet that there are some. Calling an OpenSSL library that was built with different configuration options than you used when generating the headers can definitely lead to problems, including undefined behavior (and so crashing, silent memory corruption, etc). I recently diagnosed a problem of this sort on AIX. > Do I need to do static linkage of OpenSSL 0.9.8 in my DLL to avoid > incompatibilities ? If you have third-party code that's loading incompatible versions of OpenSSL, it's difficult to guarantee correct behavior without statically linking it for your own use. This isn't a problem that's specific to OpenSSL; it's generally the case when dynamic linking isn't protected by strong versioning (or a highly abstracted API), and one or more dynamically-linked objects are used by independent components of the program. And strong versioning is nearly impossible with open-source projects, because - as in this case - incompatible versions can be built independently and used together in the same process. I've also seen this happen with the OpenLDAP client library, for example. -- Michael Wojcik Technology Specialist, Micro Focus This message has been scanned for malware by Websense. www.websense.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
