FS#53996 - [c-client] Not linked to libssl/libcrypto ?
Attached to Project:
Arch Linux
Opened by mickael9 (mickael9) - Tuesday, 09 May 2017, 22:56 GMT
Last edited by Toolybird (Toolybird) - Friday, 09 June 2023, 23:43 GMT
Opened by mickael9 (mickael9) - Tuesday, 09 May 2017, 22:56 GMT
Last edited by Toolybird (Toolybird) - Friday, 09 June 2023, 23:43 GMT
|
Details
Description: c-client uses OpenSSL functions but doesn't
actually link to it
This doesn't seem to be a problem with the only two packages currently using it (php-imap and imap itself) because those directly link to libssl 1.1. However, as a maintainer of PHP 5.6 on AUR (which uses openssl 1.0) I got report of crashes using php56-imap. Since both libssl versions are loaded, and because libc-client doesn't link to them at all, it seems to call some functions from openssl 1.1 and others from 1.0 which ultimately causes a segfault. Adding -lssl -lcrypto to the 'make' command line in the imap PKGBUILD fixes the issue: make lnp EXTRAAUTHENTICATORS=gss PASSWDTYPE=pam SPECIALAUTHENTICATORS=ssl SSLTYPE=unix EXTRACFLAGS="${CFLAGS} -fPIC -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lpam -lssl -lcrypto" I'll try to workaround this on the php56 side but I still believe that it isn't normal for a library to use symbols without linking to them (unless dlopen is involved of course). Additional info: * package version: 2007f-7 |
This task depends upon
Closed by Toolybird (Toolybird)
Friday, 09 June 2023, 23:43 GMT
Reason for closing: Won't fix
Additional comments about closing: No longer in the repos.
Friday, 09 June 2023, 23:43 GMT
Reason for closing: Won't fix
Additional comments about closing: No longer in the repos.
The only reason imap is static is because lack of ABI stability. Given the fact that imap hasn't seen a release for several years and probably will not see new releases in the future, I assume the ABI can be considered stable.
It uses openssl but isn't linked to openssl.
You can check by doing "ldd /usr/lib/libc-client.so" you'll see that it doesn't include libssl.
Yet "objdump -T /usr/lib/libc-client.so | grep SSL" will show you that a bunch of openssl symbols are imported.
I downloaded the deb for amd64 from Debian and it is correctly linked with openssl
https://packages.debian.org/jessie/libc-client2007e