Dear Gary,
On Tue, Apr 2, 2024 at 5:39 PM Gary Buhrmaster gary.buhrmaster@gmail.com wrote:
On Tue, Apr 2, 2024 at 3:12 PM Dmitry Belyavskiy dbelyavs@redhat.com wrote:
Third-party engines may be a problem but as we don't break ABI, it's not
a problem of the moment.
The fact you are removing the headers means it is a problem for 3rd party engines who build from source (and everyone should at least occasionally be building from source as part of their CI).
I consider removing the headers as breaking the API, as the headers define the API.
I agree with moving the engine header package to a separate devel package instead of removing it.
The headers already mark the engine APIs as deprecated. Orgs with resources should be starting their migration, although some will defer it to the next quarter (and the next....)
Yes. That's why I think the pressure in this direction is worth the effort.
I believe this should be part of OpenSSL 4.0.
It will be a clear change. There is no compelling reason for this to happen today via the headers. Instead this should be a marketing campaign by OpenSSL to remind everyone that engines are going away with OpenSSL 4.0 with every new set of release notes (first item, in double bold), and that orgs need to start their migration. And then do it again. And then do it again. And when OpenSSL 4.0 is released, you can remind everyone you warned them.
I agree that removing the engine stuff is clearly 4.0 stuff (or earlier version if .so version changes). But there are steps that will indicate our moving in this direction and will allow reducing the number of packages to be changed.