|
Initializing the csfle shared library fails on RHEL 7.6, SLES 12, and possibly others.
In a standalone binary that only loads the shared library, dlopen() fails with:
symbol SSL_CTX_get0_certificate, version OPENSSL_1.0.0 not defined in file libssl.so.1.0.0 with link time reference
|
In a Node.js process (where OpenSSL is statically linked in – tested with Node.js 14.19.1/OpenSSL 1.1.1n), lib_create() fails with:
csfle lib_create() failed: Global initialization failed :: caused by :: Can not set supported cipher suites with config string "HIGH:!EXPORT:!aNULL@STRENGTH": error:08064066:object identifier routines:OBJ_create:oid exists [Error 2, code 140]
|
This has some potential overlap with SERVER-63703 in that removing uses of OpenSSL inside the shared library seems like a good potential fix.
|