Symbol conflict between libgnutls-openssl and real openssl

Tomas Mraz tmraz at
Wed Aug 27 17:15:15 CEST 2008


some symbols in libgnutls-openssl are not renamed from their originals
in OpenSSL. Unfortunately this causes conflicts when the application
indirectly links to some library which then links to openssl. The
situation can happen for example in case the system is configured to use
ldap in the nsswitch.conf.

The nss_ldap links to openldap libraries which is itself linked to the
real OpenSSL libraries. Some symbols are then resolved from real OpenSSL
and some from libgnutls-openssl which causes crashes because they are of
course ABI incompatible.


The proposal is to use #defines in the public headers of
gnutls/openssl.h to rename the symbols so they do not clash with real
OpenSSL. It would of course require SONAME bump of libgnutls-openssl and
rebuild of the dependent applications.

What do you think about this proposal?
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

More information about the Gnutls-devel mailing list