Subject: Serious shared library lossage with OpenSSL and Heimdal
To: None <email@example.com>
From: Jason Thorpe <firstname.lastname@example.org>
Date: 09/23/2003 15:20:34
I have a 3rd-party Krb5-using app (sudo) installed on my system. I
recently updated my userland and sudo started failing with:
/usr/lib/libkrb5.so.18: Undefined PLT symbol "DES_set_odd_parity"
(symnum = 117)
-lcrypt.0 => /usr/lib/libcrypt.so.0
-lkrb5.18 => /usr/lib/libkrb5.so.18
-lasn1.6 => /usr/lib/libasn1.so.6
-lcrypto.1 => /usr/lib/libcrypto.so.1
-lroken.12 => /usr/lib/libroken.so.12
-lcom_err.4 => /usr/lib/libcom_err.so.4
-lkrb.5 => /usr/lib/libkrb.so.5
-lskey.1 => /usr/lib/libskey.so.1
-lc.12 => /usr/lib/libc.so.12
This is the classic "dependent shared library didn't get its major
bumped" problem. In short:
- libcrypto's version was recently bumped to version 2,
due to DES API changes.
- libkrb5 was changed to use the new DES API present in
version 2 of libcrypto.
- libkrb5's version was NOT changed, i.e. stayed at 18.
- My sudo binary has recorded dependencies on libcrypto
version 1 and libkrb5 version 18. The libcrypto that
sudo sluprs in DOES NOT provide the DES functions that
libkrb5 expects, thus the failure.
I suggest we bump libkrb5's major number to 19 ASAP. We then also need
to hunt down any other libraries out there that depend on libkrb5 and
adjust them accordingly.
-- Jason R. Thorpe <email@example.com>