>Number:         12964
>Category:       lib
>Synopsis:       libcrypto_{idea,rc5} not useful if application calls EVP_idea_*
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed May 16 19:16:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Jun-ichiro itojun Hagino
>Release:        1.5V, and 1.5.[0-9]
>Organization:
	itojun.org
>Environment:
System: NetBSD starfruit.itojun.org 1.5V NetBSD 1.5V (STARFRUIT) #477: Sat May 12 05:32:45 JST 2001 itojun@starfruit.itojun.org:/usr/home/itojun/NetBSD/src/sys/arch/i386/compile/STARFRUIT i386
Architecture: i386
Machine: i386
>Description:
	src/lib/libcrypto_{idea,rc5} are supplied so that people can use
	IDEA/RC5 applications, if they are okay with licensing twists.

	however, due to library dependency issues, it is not possible when
	application calls EVP_idea_* and such.  if the application links
	against e_idea.o (in libcrypto) idea_* functions will get resolved
	inside libcrypto, and libcrypto_idea will not be visited.
>How-To-Repeat:
% nm e_idea.o
e_idea.o:
         U EVP_CIPHER_get_asn1_iv
         U EVP_CIPHER_set_asn1_iv
000000c8 T EVP_idea_cbc
000000d4 T EVP_idea_cfb
000000ec T EVP_idea_ecb
000000e0 T EVP_idea_ofb
         U idea_cbc_encrypt
         U idea_cfb64_encrypt
         U idea_ecb_encrypt
         U idea_ofb64_encrypt
         U idea_set_decrypt_key
         U idea_set_encrypt_key
>Fix:
	not sure. 

	(1) remove all idea_* function from libcrypto, and bump libcrypto
	major again.  programs with idea/rc5 will never link successfully
	if the user do not specify libcrypto_{idea,rc5} in his compilation
	command line.
	(2) have idea_* functions that would dynamically load
	/usr/lib/libcrypto_idea.so if certain conditions are satisfied.
>Release-Note:
>Audit-Trail:
>Unformatted: