[Pkg-openssl-devel] Bug#623596: Processed: Re: Bug#623596: mumble: Problem with the import certificats

Kurt Roeckx kurt at roeckx.be
Sun Apr 24 22:00:29 UTC 2011


On Sun, Apr 24, 2011 at 01:50:53PM -0700, Thorvald Natvig wrote:
> On 23.04.2011 15:58, Kurt Roeckx wrote:
> 
> > 
> > Why do you believe this is a bug in openssl other than that it
> > breaks with 1.0.0?
> > 
> 
> I did some further digging, and the problem is that both 1.0.0 and 0.9.8
> is loaded at the same time.
> 
> Mumble is linked directly to libcrypto and libssl, so it loads the 1.0.0
> version. Mumble is also linked to libQtNetwork, which dlopen()s the
> 0.9.8 version at runtime. Having both in memory at the same time causes
> the cipher and mac algorithm lookups to fail.

dlopen will cause problems if you don't use dlvsym() to select the
right version.  It's very unlikely dlvsym() is used, and it
probably just uses dlsym() instead.

Why doesn't it open the 0.9.8 soname and not the 1.0.0 one?  Is
that hardcoded or something?

> I'm not sure what the right path forward is here; either namespace the
> runtime symbols of 1.0.0 so both libraries can be loaded at the same
> time

We already use symbol versioning to give them a separate
namespace, but that only works properly if you request the right
version.  Normal linking should not have any problems, it
just dlopen + dlsym() that's a problem.

> or change Qt so it uses the 1.0.0 version. The latter will then
> break any application that is directly linked to both QtNetwork and
> openssl 0.9.8.

I will remove 0.9.8 before the release, so it needs to happen
at some point.  And the rest will most likely already link
to 1.0.0.


Kurt






More information about the Pkg-openssl-devel mailing list