Bug 458631 - Setkey is unnecessarily linked to libcrypto and other libraries
Summary: Setkey is unnecessarily linked to libcrypto and other libraries
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipsec-tools
Version: 5.2
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-08-11 07:58 UTC by Tomas Mraz
Modified: 2009-01-20 22:13 UTC (History)
3 users (show)

Fixed In Version: ipsec-tools-0.6.5-11.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-01-20 22:13:33 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0239 0 normal SHIPPED_LIVE ipsec-tools bug fix update 2009-01-20 16:06:41 UTC

Description Tomas Mraz 2008-08-11 07:58:19 UTC 
Setkey and some other binaries in ipsec-tools are unnecessarily linked to libcrypto and other libraries (gssapi, krb5 and so on). Only racoon needs to be linked to these libraries.

This problem was fixed in RHEL-4 by adding -Wl,--as-needed to LDFLAGS but unfortunately although the patch is still applied the change is overwritten by autoconf run. So this is a regression against RHEL-4.
Comment 1 RHEL Program Management 2008-08-11 08:07:13 UTC 
This bugzilla has Keywords: Regression.  

Since no regressions are allowed between releases, 
it is also being proposed as a blocker for this release.  

Please resolve ASAP.
Comment 6 errata-xmlrpc 2009-01-20 22:13:33 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0239.html
Note You need to log in before you can comment on or make changes to this bug.