Page 1 of 1
SSL Version Mismatch
Posted: Sun Jan 09, 2005 8:22 am
by Stealth
I have upgraded my OpenSSL to version 0.9.7e, and Unreal gives me this error:
Code: Select all
./unreal start
Starting UnrealIRCd
[!!!] OpenSSL version mismatch: compiled for 'OpenSSL 0.9.7e 25 Oct 2004', library is 'OpenSSL 0.9.7a Feb 19 2003'
[!!!] Header<->library mismatches can make UnrealIRCd *CRASH*! Make sure you don't have multiple versions of openssl or zlib installed (eg: one in /usr and one in /usr/local). And, if you recently upgraded them, be sure to recompile Unreal.
This is after a "make clean". I have even tried it on a fresh install of Unreal. There is no duplicate OpenSSL installations on my system.
Unreal 3.2 (Ya, I know its old) compiled and ran fine with OpenSSL, and 3.2.2 compiled and ran fine on my test box after using the same method of upgrading OpenSSL.
Any suggestions would be appreciated.
EDIT: Forgot to mention this is RedHat 9
Posted: Sun Jan 09, 2005 4:05 pm
by Syzop
So this is after you recompiled unreal which was after you recompiled/upgraded openssl?
Well, it didn't make the 0.9.7a up to annoy you or anything ;p.
There must be some older version lying around then..
ls -al /usr/lib/libssl* /usr/local/lib/libssl*
Sometimes only 1 of the 2 things get upgraded, like the static version and not the .so, or the other way around. Or of course, it could be in a different path.. lots of possibilities here.
Reason for the required recompile is that openssl tends to change data structures etc so it could lead to mysterious crashes. If you read the openssl README they even say .so (dynamic libraries) support is experimental! ;p. Fortunately most distributions port back fixes so then this isn't a problem (in that case, the version nr # still shows up a vulnerable version but it is in fact patched).
Posted: Sun Jan 09, 2005 7:13 pm
by Stealth
Yes, I found a .so from the old version in /usr/lib which was a link to /lib, unfortunatly, I don't know where the new one went, if it even made a new one.
EDIT:
Code: Select all
ll /usr/lib/libssl*
-rwxr-xr-x 1 root root 123800 Feb 25 2003 /usr/lib/libssl3.so
-rw-r--r-- 1 root root 261784 Jan 9 00:31 /usr/lib/libssl.a
lrwxrwxrwx 1 root root 26 May 29 2004 /usr/lib/libssl.so -> ../../lib/libssl.so.0.9.7a
Code: Select all
ll /usr/local/lib/libssl*
ls: /usr/local/lib/libssl*: No such file or directory
Posted: Sun Jan 23, 2005 6:02 pm
by Darvocet
Stealth wrote:Yes, I found a .so from the old version in /usr/lib which was a link to /lib, unfortunatly, I don't know where the new one went, if it even made a new one.
I've actually had this same error on a BSD machine that had receintly upgraded BSD. The machine didnt have any other noticable problems except the Unreal error on start. When OpenSSL was uninstalled from the machine I saw the same error for ZLib. I did try to copy the old .so's over the new ones, and vice versa with no help. In the end I have just slated that server for a fresh install. I worked on it for a good couple hours, changing OpenSSL versions, and moving them around, specifying directories at compile time, etc. These attempts to repair the problem did not help.
So... in the meantime if someone does figure out how to correcly solve this problem would be great to hear. If not I'll just re-install the OS on that server and pretend it never happened!
Darvocet.
Posted: Sun Jan 23, 2005 9:11 pm
by codemastr
Darvocet wrote:
So... in the meantime if someone does figure out how to correcly solve this problem would be great to hear. If not I'll just re-install the OS on that server and pretend it never happened!
There really isn't anything to it. The new version was apparently installed to a different directory. You must inform Unreal of this. The reason Unreal is the only one to report a problem is because as far as I know, we're the only ones to check for this problem. If the headers and libraries do not match, the program can crash randomly (OpenSSL is not ABI compatible between versions). Rather than allow that to happen, we warn you at startup.