cryptlib embeds a parts of OpenSSL, and does not mangle those symbols: 0000000000056860 T BN_add 0000000000056080 T BN_add_word 00000000000575a0 T BN_bin2bn 00000000000578a0 T BN_bn2bin 0000000000054b00 T BN_clear 0000000000055ca0 T BN_cmp_word 0000000000054be0 T BN_copy 00000000000553a0 T BN_CTX_end 0000000000055530 T BN_CTX_end_ext 0000000000055220 T BN_CTX_final … As a result, cryptlib and OpenSSL may interpose parts of each other. (Symbol versioning on the OpenSSL does not prevent this.) Since OpenSSL was there first, I think cryptlib should change, and hide these symbols in some way (or introduce symbol versioning).
This bug appears to have been reported against 'rawhide' during the Fedora 25 development cycle. Changing version to '25'.
Discussion with upstream is still ongoing about how to best resolve this issue.
cryptlib-3.4.3-8.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0b36efc363
cryptlib-3.4.3-8.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-1316072286
cryptlib-3.4.3-8.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-3095850777
For the sake of reference, let's back up with a bit of information: OpenSSL, which comprises of two libraries (libssl.so.1.0.2h and libcrypto.so.1.0.2h) have 1052 and 4429 symbols respectivly. Both libraries share only 3 symbols with the same name. In comparison to cryptlib-3.4.3 the smaller library libssl.so.1.0.2h does not share any symbols with cryptlib, but the larger library libcrypto.so.1.0.2h shares a total of 109 symbols with cryptlib. (see below) To resolve any possible interference between the two libraries and to ensure peaceful co-existence, I will rename all of those shared symbols and prefix these symbols with "cl_". So, for instance BN_mod_exp becomes cl_BN_mod_exp. This renaming will start with the next release, cryptlib-3.4.3-8. The symbols affected are: BN_CTX_end BN_CTX_get BN_CTX_init BN_CTX_start BN_MONT_CTX_free BN_MONT_CTX_init BN_MONT_CTX_new BN_MONT_CTX_set BN_RECP_CTX_free BN_RECP_CTX_init BN_RECP_CTX_set BN_add BN_add_word BN_bin2bn BN_bn2bin BN_clear BN_copy BN_div BN_div_recp BN_dup BN_exp BN_free BN_from_montgomery BN_gcd BN_get_word BN_init BN_is_bit_set BN_lshift BN_mod_exp BN_mod_exp2_mont BN_mod_exp_mont BN_mod_exp_mont_consttime BN_mod_exp_mont_word BN_mod_exp_recp BN_mod_exp_simple BN_mod_inverse BN_mod_mul BN_mod_mul_montgomery BN_mod_mul_reciprocal BN_mod_sqr BN_mod_word BN_mul BN_mul_word BN_new BN_nnmod BN_num_bits BN_num_bits_word BN_reciprocal BN_rshift BN_set_bit BN_set_negative BN_set_word BN_sqr BN_sub BN_sub_word BN_swap BN_uadd BN_ucmp BN_usub BN_value_one CAST_S_table0 CAST_S_table1 CAST_S_table2 CAST_S_table3 CAST_S_table4 CAST_S_table5 CAST_S_table6 CAST_S_table7 CAST_cbc_encrypt CAST_decrypt CAST_ecb_encrypt CAST_encrypt CAST_set_key MD5_Final MD5_Init MD5_Transform MD5_Update RC4 SHA1_Final SHA1_Init SHA1_Transform SHA1_Update bn_add_part_words bn_add_words bn_cmp_part_words bn_cmp_words bn_div_words bn_mul_add_words bn_mul_comba4 bn_mul_comba8 bn_mul_high bn_mul_low_normal bn_mul_low_recursive bn_mul_normal bn_mul_part_recursive bn_mul_recursive bn_mul_words bn_sqr_comba4 bn_sqr_comba8 bn_sqr_words bn_sub_part_words bn_sub_words idea_cbc_encrypt idea_ecb_encrypt idea_encrypt idea_options idea_set_decrypt_key idea_set_encrypt_key sha1_block_data_order
cryptlib-3.4.3-8.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-1316072286
cryptlib-3.4.3-8.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-3095850777
cryptlib-3.4.3-8.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-0b36efc363
cryptlib-3.4.3-8.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
cryptlib-3.4.3-8.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
cryptlib-3.4.3-8.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.