Libssl version provided by KMM AppImages

Paul_Worrall · February 10, 2025, 6:24pm

Hello.

I’m interested in developing an Online Quotes source using the JSON currency exchange data from floatrates.com.

I’ve got a script that uses curl to retrieve the data, and that works fine on the command line, but when called by my AppImage version of KMM [1] it fails with this message in the logs:

curl: /tmp/.mount_kmymonboc8y7/usr/lib/libssl.so.3: version `OPENSSL_3.3.0' not found (required by /usr/lib/libcurl.so.4)

I’m not an expert on AppImages, but I think this means a version of libssl is provided by the AppImage that doesn’t support the version required by my locally-installed curl.

Does that sound right? Is there anything I can do about it?

[1] kmymoney-master-4085-linux-gcc-x86_64.AppImage

ipwizard · February 10, 2025, 7:57pm

I looked at my system (openSUSE Leap 15.6) and found

/usr/lib64/libssl3.so

which has the same checksum as the one contained in the AppImage.

ipwizard $ file /tmp/.mount_kmymonJpw0mO/usr/lib/libssl3.so
libssl3.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=23bfbead1656ea26fdd799440f2cfebccec20344, stripped
ipwizard $ file /usr/lib64/libssl3.so
libssl3.so: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=23bfbead1656ea26fdd799440f2cfebccec20344, stripped

The file itself is contained in package mozilla-nss-3.101.2-150400.3.51.1.x86_64 which lists the following info:

Name        : mozilla-nss
Version     : 3.101.2
Release     : 150400.3.51.1
Architecture: x86_64
Install Date: Mi 04 Sep 2024 19:49:10 CEST
Group       : System/Libraries
Size        : 2097272
License     : MPL-2.0
Signature   : RSA/SHA256, Di 27 Aug 2024 14:29:30 CEST, Key ID 70af9e8139db7c82
Source RPM  : mozilla-nss-3.101.2-150400.3.51.1.src.rpm
Build Date  : Di 27 Aug 2024 14:28:56 CEST
Build Host  : h01-ch3c
Relocations : (not relocatable)
Packager    : https://www.suse.com/
Vendor      : SUSE LLC <https://www.suse.com/>
URL         : https://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled server
applications. Applications built with NSS can support SSL v3,
TLS v1.0, v1.1, v1.2, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.
Distribution: SUSE Linux Enterprise 15

So it is not OpenSSL3 which is contained in the following files on my system:

-rwxr-xr-x 1 root root 743784 23. Okt 18:01 /usr/lib64/libssl.so.3.1.4
lrwxrwxrwx 1 root root     15 23. Okt 18:01 /usr/lib64/libssl.so.3 -> libssl.so.3.1.4
lrwxrwxrwx 1 root root     15 23. Okt 18:01 /usr/lib64/libssl.so -> libssl.so.3.1.4

which are part of package libopenssl3-3.1.4-150600.5.21.1.x86_64.

It looks like some of the KF libs have a dependency on it. At least I found KIO which is one of the core libs we need. I have no idea what to do next. Anyone else?

Paul_Worrall · February 11, 2025, 8:49am

@ipwizard, thanks for looking into this.

I’ve found that downgrading curl on my system 8.12.0 => 8.7.1 resolves the problem for me for now.