info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1006989: nim: incompatible with OpenSSL 3.0
180 views
Skip to first unread message
Steve Langasek
Mar 9, 2022, 9:20:04 PM3/9/22
to
Source: nim
Version: 1.6.4-1
Severity: serious
Tags: experimental
User: ubuntu...@lists.ubuntu.com
Usertags: origin-ubuntu jammy
Hi Federico,
The nim source package currently has a hard-coded build-dependency (and
runtime dependency) on libssl1.1. Attempting to switch to libssl3 results
in an unusable binary:
$ ./bin/nimble
could not import: SSL_get_peer_certificate
$
libssl3 is currently in experimental and expected to be the version of
OpenSSL shipped with the next version of Debian. Please work with upstream
to ensure this package can be updated for compatibility with OpenSSL 3.
Here is a (not comprehensive or entirely accurate) attempt to check for use
of obsolete symbols by nim:
$ for sym in $(sed -n -e'/proc.*dynlib:/ { s/^\s*proc\s\+//; s/\**(.*//; p }' lib/wrappers/openssl.nim); do objdump -T /usr/lib/x86_64-linux-gnu/libssl.so.3 /usr/lib/x86_64-linux-gnu/libcrypto.so.3 |grep -q $sym\$ || echo "missing symbol $sym"; done
missing symbol SSL_library_init
missing symbol SSL_load_error_strings
missing symbol SSLv23_method
missing symbol SSLeay
missing symbol SSL_state
missing symbol SSLv23_client_method
missing symbol SSLv2_method
missing symbol SSLv3_method
missing symbol SSL_CTX_get_ex_new_index
missing symbol bioNew
missing symbol bioFreeAll
missing symbol bioSMem
missing symbol bioCtrlPending
missing symbol ErrClearError
missing symbol ErrFreeStrings
missing symbol ErrRemoveState
missing symbol SSL_get_peer_certificate
$
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slan...@ubuntu.com vor...@debian.org
Version: 1.6.4-1
Severity: serious
Tags: experimental
User: ubuntu...@lists.ubuntu.com
Usertags: origin-ubuntu jammy
Hi Federico,
The nim source package currently has a hard-coded build-dependency (and
runtime dependency) on libssl1.1. Attempting to switch to libssl3 results
in an unusable binary:
$ ./bin/nimble
could not import: SSL_get_peer_certificate
$
libssl3 is currently in experimental and expected to be the version of
OpenSSL shipped with the next version of Debian. Please work with upstream
to ensure this package can be updated for compatibility with OpenSSL 3.
Here is a (not comprehensive or entirely accurate) attempt to check for use
of obsolete symbols by nim:
$ for sym in $(sed -n -e'/proc.*dynlib:/ { s/^\s*proc\s\+//; s/\**(.*//; p }' lib/wrappers/openssl.nim); do objdump -T /usr/lib/x86_64-linux-gnu/libssl.so.3 /usr/lib/x86_64-linux-gnu/libcrypto.so.3 |grep -q $sym\$ || echo "missing symbol $sym"; done
missing symbol SSL_library_init
missing symbol SSL_load_error_strings
missing symbol SSLv23_method
missing symbol SSLeay
missing symbol SSL_state
missing symbol SSLv23_client_method
missing symbol SSLv2_method
missing symbol SSLv3_method
missing symbol SSL_CTX_get_ex_new_index
missing symbol bioNew
missing symbol bioFreeAll
missing symbol bioSMem
missing symbol bioCtrlPending
missing symbol ErrClearError
missing symbol ErrFreeStrings
missing symbol ErrRemoveState
missing symbol SSL_get_peer_certificate
$
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slan...@ubuntu.com vor...@debian.org
Nilesh Patra
Jun 25, 2022, 11:40:04 AM6/25/22
to
Hi Federico,
On Wed, 9 Mar 2022 18:04:36 -0800 Steve Langasek <steve.l...@canonical.com> wrote:
> Source: nim
https://tracker.debian.org/news/1334488/nim-removed-from-testing/
Would you know if the support is there yet or is under-way?
--
Best,
Nilesh
On Wed, 9 Mar 2022 18:04:36 -0800 Steve Langasek <steve.l...@canonical.com> wrote:
> Source: nim
> $ ./bin/nimble
> could not import: SSL_get_peer_certificate
> $
>
> libssl3 is currently in experimental and expected to be the version of
> OpenSSL shipped with the next version of Debian. Please work with upstream
> to ensure this package can be updated for compatibility with OpenSSL 3.
Unfortunately now nim has been removed from testing :(
> could not import: SSL_get_peer_certificate
> $
>
> libssl3 is currently in experimental and expected to be the version of
> OpenSSL shipped with the next version of Debian. Please work with upstream
> to ensure this package can be updated for compatibility with OpenSSL 3.
https://tracker.debian.org/news/1334488/nim-removed-from-testing/
Would you know if the support is there yet or is under-way?
--
Best,
Nilesh
0 new messages