Application linking to both libcrypto.so.1.0.0 and libcrypto.so.1.1
Viktor Dukhovni
openssl-users at dukhovni.org
Wed May 29 18:33:00 UTC 2019
> On May 29, 2019, at 9:43 AM, Michael Wojcik <Michael.Wojcik at microfocus.com> wrote:
>
> So either the application program depends on libcrypto.so.1.0.0, or one of the preceding libraries does. Some path through the dependency graph leads to libcrypto.so.1.0.0.
Not only is the application (dynamically) linked against two different
versions of OpenSSL's crypto library, it is also using both Heimdal and
MIT Kerberos, which may also cause some confusion if symbol versioning
does not fully take care of the overlapping APIs.
> Kerberos seems like a candidate, but a quick ldd on libk5crypto and libkrb5support doesn't show any libcrypto dependency. The same is true of libgssapi_krb5. Neither does libkeyutils.
Heimdal might be linked against OpenSSL.
> OpenLDAP (libldap) is generally built using NSS rather than OpenSSL, so it doesn't usually link libcrypto.
It is also often built against OpenSSL, the choice is rather platform-dependent.
This application is a classic case of DLL-hell. On the OpenSSL side, it could
benefit from the "shlib_variant" feature of the 1.1.1 builds. But if the base
system's OpenSSL libraries are adequate, the OP may be better off just using
those.
--
Viktor.
More information about the openssl-users
mailing list