Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#37780 - [qca-ossl] Needs MD2 algorithm which is not included in openssl anymore
Attached to Project:
Arch Linux
Opened by Sebastian Ziebarth (voeck) - Friday, 15 November 2013, 16:52 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 15 November 2013, 21:07 GMT
Opened by Sebastian Ziebarth (voeck) - Friday, 15 November 2013, 16:52 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 15 November 2013, 21:07 GMT
|
DetailsDescription:
The package uses functions for the MD2 algorithm from openssl. Since openssl in core is not built with MD2, qca-ossl does not compile anymore. Additionally this can cause QCA to crash when the ossl plugin is loaded. See https://bugs.kde.org/show_bug.cgi?id=327532 for an issue with kdeconnect caused by this bug. The solution would be to remove the problematic function calls from the package. I have attached a patch which removes anything MD2 related and fixes the kdeconnect issue. Additional info: * version 2.0.0-6 Steps to reproduce: Rebuild qca-ossl from ABS -> Error about missing MD2 functions. 
no-md2.patch
(2.5 KiB)
|
This task depends upon
Comment by Pierre Schmitz (Pierre) -
Friday, 15 November 2013, 17:09 GMT
This should be applied upstream. Openssl disables md2 for some time now.
Comment by Sebastian Ziebarth (voeck) -
Friday, 15 November 2013, 18:28 GMT
It looks like the git version already checks for md2 since 2010. But this feature doesn't see to be in the release version yet. Would you disable md2 in the package until they make a new release? Otherwise it cannot be used at all on Arch.
Comment by Pierre Schmitz (Pierre) -
Friday, 15 November 2013, 21:07 GMT
I'll just follow Gentoo here which provide a patch for openssl 1.0 compatibility. This also disables MD2 support if it does not exist in openssl. Too bad KDE projects still rely on this unmaintained library.