Symbol conflict between libgnutls-openssl and real openssl
tmraz at redhat.com
Wed Aug 27 17:15:15 CEST 2008
some symbols in libgnutls-openssl are not renamed from their originals
in OpenSSL. Unfortunately this causes conflicts when the application
indirectly links to some library which then links to openssl. The
situation can happen for example in case the system is configured to use
ldap in the nsswitch.conf.
The nss_ldap links to openldap libraries which is itself linked to the
real OpenSSL libraries. Some symbols are then resolved from real OpenSSL
and some from libgnutls-openssl which causes crashes because they are of
course ABI incompatible.
The proposal is to use #defines in the public headers of
gnutls/openssl.h to rename the symbols so they do not clash with real
OpenSSL. It would of course require SONAME bump of libgnutls-openssl and
rebuild of the dependent applications.
What do you think about this proposal?
No matter how far down the wrong road you've gone, turn back.
More information about the Gnutls-devel