50562 – openssl 0.9.6 RPM removes libssl.so.0

Bug 50562 - openssl 0.9.6 RPM removes libssl.so.0

Summary: openssl 0.9.6 RPM removes libssl.so.0

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	openssl
Sub Component:
Version:	7.0
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-08-01 09:14 UTC by Simon A Watts
Modified:	2008-05-01 15:38 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2001-08-02 21:37:33 UTC
Embargoed:

Attachments	(Terms of Use)

Description Simon A Watts 2001-08-01 09:14:53 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.16-22 i686; en-US; rv:0.9.1)
Gecko/20010621

Description of problem:
Trying to u/g from openssl-0.9.5a-14 to openssl-0.9.6-9, for libssl.so.1
and libcrypto.so.1.  Newer openssl does not provide for libssl.so.0 and
libcrypto.so.0 support, which are required by a large number of packages. 
Upgrade packages *should* be backwards compatible with versions they replace!?

How reproducible:
Always

Steps to Reproduce:
1. Try to u/g to openssl-0.9.6-9.i386.rpm on a system which packages
dependant on libssl.so.0 and/or libcrypto.so.1

	

Actual Results:  Fails with a long list of dependancy failures, as packages
require libssl.so.0, libcrypto.so.0, which are provided by
openssl-0.9.5a-14, which would be superceeded by openssl-0.9.6.  The latter
does not provide an equivalent for these libraries (provides libssl.so.1
and libcrypto.so.1 instead).

Expected Results:  openssl-0.9.6 should provide equivalents for libssl.so.0
and libcryto.so.0, either symlink to versions .1 if appropriate, or keep
the previous versions (reinstall).

Additional info:

This seems to be a common failing with replacement packages where new
versions of libraries with different snames are provided.  Upgrades should
be backwards compatible, which includes maintaining the so snames from the
previous version (either in fact or in link).

Comment 1 Need Real Name 2001-08-02 21:37:28 UTC

I have also run into this bug.  Please let me know of a workaround if it exists.

Comment 2 Nalin Dahyabhai 2001-08-08 19:16:35 UTC

Install the openssl095a package, which should be in the same location as the new
openssl package you're attempting to install.

Comment 3 Simon A Watts 2001-08-28 10:23:37 UTC

This definitely *is* a bug.  You cannot upgrade from the older to newer openssl
package -- which really should be the case, as otherwise it breaks upgrade schemes.

The openssl095a package is a workaround at best -- now to upgrade you need a
third package, the existance of which cannot be determined from the new package
being u/g.  Unless there is something in RPM which would allow this to be
specified when upgrading rather than installing?  But that would not work if
later you had packages which required the libraries in the old package and not
in the new?  

This is all very sloppy.  RPM is a good system, so long as packages maintain
their inheritance.

Note You need to log in before you can comment on or make changes to this bug.