Bug#654694: proftpd-basic: mod_tls and mod_sftp check for the exact OpenSSL version that they were compiled with
Stefano Rivera
stefanor at debian.org
Thu Jan 5 10:09:38 UTC 2012
Package: proftpd-basic
Version: 1.3.4a-1
Severity: minor
I quote from contrib/mod_tls.c:
| static int tls_init(void) {
|
| /* Check that the OpenSSL headers used match the version of the
| * OpenSSL library used.
| *
| * For now, we only log if there is a difference.
| */
| if (SSLeay() != OPENSSL_VERSION_NUMBER) {
| pr_log_pri(PR_LOG_ERR, MOD_TLS_VERSION
| ": compiled using OpenSSL version '%s' headers, but linked to "
| "OpenSSL version '%s' library", OPENSSL_VERSION_TEXT,
| SSLeay_version(SSLEAY_VERSION));
| tls_log("compiled using OpenSSL version '%s' headers, but linked to "
| "OpenSSL version '%s' library", OPENSSL_VERSION_TEXT,
| SSLeay_version(SSLEAY_VERSION));
| }
|
| pr_log_debug(DEBUG2, MOD_TLS_VERSION ": using " OPENSSL_VERSION_TEXT);
...
Either this check should be removed, or we should make our dependencies
stricter (if it really needs an exact version match, which I doubt).
This is causing some user confusion:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/873984
SR
More information about the Pkg-proftpd-maintainers
mailing list