On Mon, 4 Mar 2019 at 20:03, Giorgi Modebadze <[email protected]> wrote: > > Package: vsftpd > Version: 3.0.3-8+b1 > > Whenever a client connects to vsftpd, Libgcrypt seems to complain. Output in > syslog: > > > vsftpd: Libgcrypt warning: missing initialization - please fix the > > application > > > Dependencies of vsftpd: > > $ ldd /usr/sbin/vsftpd > linux-vdso.so.1 (0x00007fffb43e6000) > libwrap.so.0 => /lib/x86_64-linux-gnu/libwrap.so.0 > (0x00007fc652b55000) > libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007fc652947000) > libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 > (0x00007fc6526db000) > libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 > (0x00007fc652242000) > libcap.so.2 => /lib/x86_64-linux-gnu/libcap.so.2 (0x00007fc65203c000) > libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fc651c9d000) > libnsl.so.1 => /lib/x86_64-linux-gnu/libnsl.so.1 (0x00007fc651a85000) > libaudit.so.1 => /lib/x86_64-linux-gnu/libaudit.so.1 > (0x00007fc65185d000) > libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fc651659000) > libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 > (0x00007fc65143c000) > /lib64/ld-linux-x86-64.so.2 (0x00007fc652f88000) > libcap-ng.so.0 => /lib/x86_64-linux-gnu/libcap-ng.so.0 > (0x00007fc651236000) > > $ > > I believe Libgcrypt initialization is missing. The maintainers of libgcrypt > consider that a bug. Even though the issue seems harmless, it heavily spams > the syslog. > > I am using Debian GNU/Linux 9 (stretch), kernel 4.19.0-0.bpo.2-amd64 and > libc-2.24.so.
Hi there, vsftpd does not use libgcrypto directly. From the ldd log, libcrypto is from openssl (no "g"). I think this issue should be fixed from PAM. From https://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html: Function: const char * gcry_check_version (const char *req_version) The function gcry_check_version initializes some subsystems used by Libgcrypt and must be invoked before any other function in the library. gcry_check_version() does not only check the version, it also initializes something. Can you help re-filing the bug to PAM package? Thanks, -kengyu
