[Pkg-openssl-devel] Bug#728472: libssl1.0.0: Missing symbols in libssl.so
Adam Hasselbalch Hansen
ahh at one.com
Fri Nov 1 16:51:26 UTC 2013
Package: libssl1.0.0
Version: 1.0.1-4ubuntu5.10
Severity: normal
Dear Maintainer,
Several symbols are missing from the debian version of libssl.so.
In version 0.9.8, these symbols were all present, due to the openssl.ld-file
containing only
OPENSSL_0.9.8 {
global:
*;
};
That is, a wildcard.
In subsequent versions, that file explicitly lists all the symbols that
libssl.so should export, and that list is incomplete compared to 0.9.8 and to
upstream.
What triggered it for me is the functions ssl_cert_dup and ssl_cert_free, but
many more are missing.
I have included a diff of an objdump I have performed on a vanilla libssl.so
from openssl.org and the libssl.so file from the debian package.
This potentially breaks packages dynamically linking to libssl, requiring them
to use 0.9.8.
-- System Information:
Debian Release: wheezy/sid
APT prefers precise-updates
APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-49-generic (SMP w/4 CPU cores)
Locale: LANG=en_DK.ISO-8859-15, LC_CTYPE=en_DK.ISO-8859-15 (charmap=ISO-8859-15) (ignored: LC_ALL set to en_DK.ISO-8859-15)
Shell: /bin/sh linked to /bin/dash
Versions of packages libssl1.0.0 depends on:
ii debconf [debconf-2.0] 1.5.42ubuntu1
ii libc6 2.15-0ubuntu10.4
ii multiarch-support 2.15-0ubuntu10.4
ii zlib1g 1:1.2.3.4.dfsg-3ubuntu4
libssl1.0.0 recommends no packages.
libssl1.0.0 suggests no packages.
-- debconf information excluded
-------------- next part --------------
368,370d367
<
<
<
377d373
< __bss_start
380,433d375
< do_dtls1_write
< dtls1_accept
< dtls1_buffer_message
< dtls1_check_timeout_num
< dtls1_clear
< dtls1_clear_record_buffer
< dtls1_client_hello
< dtls1_connect
< dtls1_ctrl
< dtls1_default_timeout
< dtls1_dispatch_alert
< dtls1_double_timeout
< dtls1_do_write
< dtls1_enc
< dtls1_free
< dtls1_get_ccs_header
< dtls1_get_cipher
< dtls1_get_message
< dtls1_get_message_header
< dtls1_get_queue_priority
< dtls1_get_record
< dtls1_get_timeout
< dtls1_handle_timeout
< dtls1_heartbeat
< dtls1_is_timer_expired
< dtls1_listen
< dtls1_min_mtu
< dtls1_new
< dtls1_output_cert_chain
< dtls1_process_heartbeat
< dtls1_read_bytes
< dtls1_read_failed
< dtls1_reset_seq_numbers
< dtls1_retransmit_buffered_messages
< dtls1_retransmit_message
< dtls1_send_certificate_request
< dtls1_send_change_cipher_spec
< dtls1_send_client_certificate
< dtls1_send_client_key_exchange
< dtls1_send_client_verify
< dtls1_send_finished
< dtls1_send_hello_request
< dtls1_send_newsession_ticket
< dtls1_send_server_certificate
< dtls1_send_server_done
< dtls1_send_server_hello
< dtls1_send_server_key_exchange
< dtls1_set_message_header
< dtls1_shutdown
< dtls1_start_timer
< dtls1_stop_timer
< dtls1_version_str
< dtls1_write_app_data_bytes
< dtls1_write_bytes
435d376
< DTLSv1_enc_data
438,439d378
< _edata
< _end
441d379
< _fini
443,445c381,382
< _init
< n_ssl3_mac
< OBJ_bsearch_ssl_cipher_id
---
> OPENSSL_1.0.0
> OPENSSL_1.0.1
453,587d389
< ssl23_accept
< ssl23_connect
< ssl23_default_timeout
< ssl23_get_cipher
< ssl23_get_cipher_by_char
< ssl23_get_client_hello
< ssl23_num_ciphers
< ssl23_peek
< ssl23_put_cipher_by_char
< ssl23_read
< ssl23_read_bytes
< ssl23_write
< ssl23_write_bytes
< ssl2_accept
< ssl2_callback_ctrl
< ssl2_ciphers
< ssl2_clear
< ssl2_connect
< ssl2_ctrl
< ssl2_ctx_callback_ctrl
< ssl2_ctx_ctrl
< ssl2_default_timeout
< ssl2_do_write
< ssl2_enc
< ssl2_enc_init
< ssl2_free
< ssl2_generate_key_material
< ssl2_get_cipher
< ssl2_get_cipher_by_char
< ssl2_mac
< ssl2_new
< ssl2_num_ciphers
< ssl2_part_read
< ssl2_peek
< ssl2_pending
< ssl2_put_cipher_by_char
< ssl2_read
< ssl2_return_error
< ssl2_set_certificate
< ssl2_shutdown
< ssl2_version_str
< ssl2_write
< ssl2_write_error
< ssl3_accept
< ssl3_alert_code
< ssl3_callback_ctrl
< ssl3_cbc_copy_mac
< ssl3_cbc_digest_record
< ssl3_cbc_record_digest_supported
< ssl3_cbc_remove_padding
< ssl3_cert_verify_mac
< ssl3_change_cipher_state
< ssl3_check_cert_and_algorithm
< ssl3_check_client_hello
< ssl3_check_finished
< ssl3_choose_cipher
< ssl3_ciphers
< ssl3_cleanup_key_block
< ssl3_clear
< ssl3_client_hello
< ssl3_comp_find
< ssl3_connect
< ssl3_ctrl
< ssl3_ctx_callback_ctrl
< ssl3_ctx_ctrl
< ssl3_default_timeout
< ssl3_digest_cached_records
< ssl3_dispatch_alert
< ssl3_do_change_cipher_spec
< ssl3_do_compress
< ssl3_do_uncompress
< ssl3_do_write
< ssl3_enc
< ssl3_final_finish_mac
< ssl3_finish_mac
< ssl3_free
< ssl3_free_digest_list
< ssl3_generate_master_secret
< ssl3_get_certificate_request
< ssl3_get_cert_status
< ssl3_get_cert_verify
< ssl3_get_cipher
< ssl3_get_cipher_by_char
< ssl3_get_client_certificate
< ssl3_get_client_hello
< ssl3_get_client_key_exchange
< ssl3_get_finished
< ssl3_get_key_exchange
< ssl3_get_message
< ssl3_get_new_session_ticket
< ssl3_get_next_proto
< ssl3_get_req_cert_type
< ssl3_get_server_certificate
< ssl3_get_server_done
< ssl3_get_server_hello
< ssl3_init_finished_mac
< ssl3_new
< ssl3_num_ciphers
< ssl3_output_cert_chain
< ssl3_peek
< ssl3_pending
< ssl3_put_cipher_by_char
< ssl3_read
< ssl3_read_bytes
< ssl3_read_n
< ssl3_record_sequence_update
< ssl3_release_read_buffer
< ssl3_release_write_buffer
< ssl3_renegotiate
< ssl3_renegotiate_check
< ssl3_send_alert
< ssl3_send_certificate_request
< ssl3_send_cert_status
< ssl3_send_change_cipher_spec
< ssl3_send_client_certificate
< ssl3_send_client_key_exchange
< ssl3_send_client_verify
< ssl3_send_finished
< ssl3_send_hello_request
< ssl3_send_newsession_ticket
< ssl3_send_next_proto
< ssl3_send_server_certificate
< ssl3_send_server_done
< ssl3_send_server_hello
< ssl3_send_server_key_exchange
< ssl3_setup_buffers
< ssl3_setup_key_block
< ssl3_setup_read_buffer
< ssl3_setup_write_buffer
< ssl3_shutdown
< ssl3_undef_enc_method
< ssl3_version_str
< ssl3_write
< ssl3_write_bytes
< ssl3_write_pending
590,592d391
< ssl_add_clienthello_renegotiate_ext
< ssl_add_clienthello_tlsext
< ssl_add_clienthello_use_srtp_ext
595,597d393
< ssl_add_serverhello_renegotiate_ext
< ssl_add_serverhello_tlsext
< ssl_add_serverhello_use_srtp_ext
602,603d397
< ssl_bad_method
< ssl_bytes_to_cipher_list
606,612d399
< ssl_cert_dup
< ssl_cert_free
< ssl_cert_inst
< ssl_cert_new
< ssl_cert_type
< ssl_check_clienthello_tlsext_early
< ssl_check_clienthello_tlsext_late
614,615d400
< ssl_check_serverhello_tlsext
< ssl_check_srvr_ecc_cert_and_alg
618d402
< ssl_cipher_get_evp
622,624d405
< ssl_cipher_id_cmp
< ssl_cipher_list_to_bytes
< ssl_cipher_ptr_id_cmp
626,628d406
< ssl_clear_bad_session
< ssl_clear_cipher_ctx
< ssl_clear_hash_ctx
634d411
< ssl_create_cipher_list
716d492
< ssl_do_client_cert_cb
722d497
< ssl_free_wbio_buffer
725d499
< ssl_get_algorithm2
729d502
< ssl_get_ciphers_by_id
741d513
< ssl_get_handshake_digest
743d514
< ssl_get_new_session
747d517
< ssl_get_prev_session
758,759d527
< ssl_get_server_send_cert
< ssl_get_server_send_pkey
763d530
< ssl_get_sign_pkey
779d545
< ssl_init_wbio_buffer
781d546
< ssl_load_ciphers
785,791d549
< ssl_ok
< ssl_parse_clienthello_renegotiate_ext
< ssl_parse_clienthello_tlsext
< ssl_parse_clienthello_use_srtp_ext
< ssl_parse_serverhello_renegotiate_ext
< ssl_parse_serverhello_tlsext
< ssl_parse_serverhello_use_srtp_ext
794,795d551
< ssl_prepare_clienthello_tlsext
< ssl_prepare_serverhello_tlsext
800d555
< ssl_replace_hash
804,805d558
< ssl_sess_cert_free
< ssl_sess_cert_new
824d576
< ssl_set_cert_masks
834d585
< ssl_set_peer_cert_type
868,871d618
< ssl_undefined_const_function
< ssl_undefined_function
< ssl_undefined_void_function
< ssl_update_cache
885,887d631
< SSLv2_client_method
< SSLv2_method
< SSLv2_server_method
889d632
< SSLv3_enc_data
892,893d634
< ssl_verify_alarm_type
< ssl_verify_cert_chain
895d635
< SSL_version_str
898,922d637
< tls12_get_hash
< tls12_get_req_sig_algs
< tls12_get_sigandhash
< tls12_get_sigid
< tls1_alert_code
< tls1_cbc_remove_padding
< tls1_cert_verify_mac
< tls1_change_cipher_state
< tls1_clear
< tls1_default_timeout
< tls1_ec_curve_id2nid
< tls1_ec_nid2curve_id
< tls1_enc
< tls1_export_keying_material
< tls1_final_finish_mac
< tls1_free
< tls1_generate_master_secret
< tls1_heartbeat
< tls1_mac
< tls1_new
< tls1_process_heartbeat
< tls1_process_sigalgs
< tls1_process_ticket
< tls1_setup_key_block
< tls1_version_str
930d644
< TLSv1_enc_data
More information about the Pkg-openssl-devel
mailing list