[Pkg-openssl-devel] Bug#804487: openssl_1.0.2d-3 breaks mumble and mumble-server after binNMU
Chris Knadle
Chris.Knadle at coredump.us
Sat Mar 12 01:04:12 UTC 2016
Discussions with mumble upstream about this problem have continued, and the
situation seems much more muddied than I previously knew. This is likely
not an OpenSSL issue per se but rather seems to be an issue whenever OpenSSL
ships renamed libssl and libcrypto files for soname changes.
Mumble links against OpenSSL but it seems Qt actually loads the libssl
librar(y|ies) via dlopen(). [In the link below see lines 634-654 concerning
SHLIB_VERSION_NUMBER.]
https://github.com/qtproject/qtbase/blob/dev/src/network/ssl/qsslsocket_openssl_symbols.cpp#L624-L727
Mumble has broken before in the past for the same reason:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623596#33
The "big" question is this:
If Mumble starts and two different copies of libssl and libcrypto
are loaded into memory and initialized, is that okay?
I feel I need to know this because I think we're basically down to somewhat
ugly options to deal with this issue long-term:
A) continue to use the current SSL initialization patch, and have
two copies of libssl and/or libcrypto loaded during periods where
Qt hasn't yet been binNMUed against a newer renamed libssl for
a major soname change
B) include a Mumble patch to have Mumble intentionally quit if it
finds two copies of libssl and/or libcrypto loaded. Mumble will
then be broken until Qt is binNMUed.
-- Chris
--
Chris Knadle
Chris.Knadle at coredump.us
More information about the Pkg-openssl-devel
mailing list