Bug#622141: tomcat-native: Using SSLv2_method
Kurt Roeckx
kurt at roeckx.be
Sun Apr 10 15:23:04 UTC 2011
Source: tomcat-native
Version: 1.1.20-1
Severity: serious
Tags: sid wheezy
Hi,
When building the package with openssl 1.0.0 you get:
src/sslcontext.c:78:17: warning: implicit declaration of function 'SSLv2_client_method'
src/sslcontext.c:80:17: warning: implicit declaration of function 'SSLv2_server_method'
src/sslcontext.c:82:17: warning: implicit declaration of function 'SSLv2_method'
dpkg-shlibdeps: warning: symbol SSLv2_server_method used by debian/libtcnative-1/usr/lib/libtcnative-1.so.0.1.20 found in none of the libraries.
dpkg-shlibdeps: warning: symbol SSLv2_method used by debian/libtcnative-1/usr/lib/libtcnative-1.so.0.1.20 found in none of the libraries.
dpkg-shlibdeps: warning: symbol SSLv2_client_method used by debian/libtcnative-1/usr/lib/libtcnative-1.so.0.1.20 found in none of the libraries.
SSLv2 support got removed and so the SSLv2_* methods too. Even
with the functions removed from the headers and library the
package builds fine, you just get some warnings instead of
failing at compile time. You will probably get errors at runtime
instead.
You can check that SSLv2 support is available by checking the
OPENSSL_NO_SSL2 define. But I suggest you completly remove
SSLv2 support.
Kurt
More information about the pkg-java-maintainers
mailing list