On 02/20/10 01:57 PM, Kevin Reinholz wrote:
On 02/17/10 04:27 AM, Robert Relyea wrote:
On 02/13/2010 11:07 PM, Kevin Reinholz wrote:
<snip>
Here are the compiler flags I used to compile pcsc-lite-1.5.6-svn-4744
with gcc-3.4.3:
env CFLAGS="-g" CPPFLAGS="-DDEBUG" LDFLAGS="-g"
PTHREAD_CFLAGS="-pthreads" LIBUSB_CFLAGS="-I/usr/include"
LIBUSB_LDFLAGS="-L/usr/lib -lusb" CPPFLAGS="-D_TS_ERRNO"
LDFLAGS="-R/usr/local/lib:/usr/lib"
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure --disable-libhal
--enable-libusb
make
pfexec make install
And ccid-1.3.11-svn-4750 also using gcc-3.4.3:
env PCSC_CFLAGS=-I/usr/local/include/PCSC PCSC_LIBS="-L/usr/local/lib
-lpcsclite" LIBUSB_CFLAGS=-I/usr/include LIBUSB_LIBS="-L/usr/lib -lusb"
./configure --sysconfdir=/etc --prefix=/usr/local
--enable-usbdropdir=/usr/local/pcsc/drivers
make
pfexec make install
And coolkey-1.1.0 is compiled as noted above, once again with gcc-3.4.3.
There are no more readily apparent linker errors at runtime, and the
gcc-compiled pcsc-lite and ccid appear to function normally.
Unfortunately, attempting to add
/usr/local/lib/pkcs11/libcoolkeypk11.so as a Security Module in
Firefox-3.5.7 fails with an "unable to add module" error. This error
occurs whether pcscd is running or not, whether a card reader is
plugged in or not, and whether a Common Access Card is inserted into
the card reader and recognized by pcsc or not. Firefox refuses to add
the module every time.
I don't suppose I'm missing anything obvious here?
Nothing I can see.
I would expect libcoolkeypk11 to load even if there are no readers.
The most obvious issue would be missing library dependencies. On linux
we have an ldd command that will dump what libraries are used, I
suspsect solaris has something similar.
Here's what ldd reveals:
reinholz@etrenank:~$ ldd /usr/local/lib/pkcs11/libcoolkeypk11.so
libckyapplet.so.1 => /usr/local/lib/libckyapplet.so.1
libdl.so.1 => /lib/libdl.so.1
libz.so.1 => /lib/libz.so.1
libstdc++.so.6 => /usr/lib/libstdc++.so.6
libm.so.2 => /lib/libm.so.2
libgcc_s.so.1 => /usr/lib/libgcc_s.so.1
libc.so.1 => /lib/libc.so.1
Looks normal, but ld reveals a problem:
reinholz@etrenank:~$ ld /usr/local/lib/pkcs11/libcoolkeypk11.so
ld: warning: cannot find entry symbol _start; not setting start address
So it looks like something is not linked correctly...
A little research and the offender seems to be a failure to link
libcoolkeypk11.so against /usr/lib/crt1.o as it is found on OpenSolaris
snv_133.
There is also a /usr/lib/amd64/crt1.o but I built coolkey for
i386-pc-solaris2.11 so I don't think it should be confused about where
to find crt1.o...
It seems this object can also be found as crt0.o on some systems so
perhaps the numbering is throwing gcc off?
The next think might be grab a copy of NSS and build it
(https://developer.mozilla.org/NSS_3.12.5_release_notes).
In
the
mozilla/security/nss/cmd there is a tool called pk11util, and some
sample scripts. It will let you try to initialize pkcs 11 modules
without all the rest of NSS and firefox.
You can at least see what stage the failure is coming from (dlopen,
C_Initialize, etc).
bob
I messed around with the nss source a little. I can build it on
OpenSolaris by executing the following commands within the
mozilla/security/nss subdirectories of the nss source:
make NS_USE_GCC=1 NO_MDUPDATE=1 nss_build_all
pfexec make NS_USE_GCC=1 NO_MDUPDATE=1 install
However, attempting to run modutil results in an error about ssl3:
ld.so.1: modutil: fatal: libssl3.so: open failed: No such file or
directory
Killed
I'm not particularly inclined to troubleshoot nss and turn this project
into something bigger than it already is. I think the ld error relating
to libcoolkeypk11.so is a good hint that something is not linked
correctly. Perhaps with more tinkering I can figure out a way forward.
Unfortunately, Solaris on x86 seems to have some compiling problems
that Solaris on SPARC doesn't face. Although I've read reports of folks
successfully building and running coolkey on Solaris SPARC, I wonder if
anyone's gotten it working on x86?
_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel
|
_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel
