[Pkg-openssl-devel] Bug#623596: Processed: Re: Bug#623596: mumble: Problem with the import certificats

Thorvald Natvig thorvald at debian.org
Sun Apr 24 20:50:53 UTC 2011


On 23.04.2011 15:58, Kurt Roeckx wrote:

> 
> Why do you believe this is a bug in openssl other than that it
> breaks with 1.0.0?
> 

I did some further digging, and the problem is that both 1.0.0 and 0.9.8
is loaded at the same time.

Mumble is linked directly to libcrypto and libssl, so it loads the 1.0.0
version. Mumble is also linked to libQtNetwork, which dlopen()s the
0.9.8 version at runtime. Having both in memory at the same time causes
the cipher and mac algorithm lookups to fail.

I tried removing all .so files for 0.9.8, and Mumble's cert handling now
works fine. But now libQtNetwork naturally fails to load its ciphers, so
its SSL/TLS functionality is completely broken.

I'm not sure what the right path forward is here; either namespace the
runtime symbols of 1.0.0 so both libraries can be loaded at the same
time, or change Qt so it uses the 1.0.0 version. The latter will then
break any application that is directly linked to both QtNetwork and
openssl 0.9.8.






More information about the Pkg-openssl-devel mailing list