[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
linking heimdal to an openssl library other than the one in the defaultsearch path.
Hello,
I am trying to set up heimdal pkinit to use opensc's engine-pkcs11, and
Love's soft-pkcs11. I was having difficulty(kinit core dumping in
openssl somewhere) so went to build heimdal against an openssl that was
built with debugging enabled. I was able to build opensc against the new
openssl, however even when I pass
"--with-openssl=/usr/local/openssl-0.9.8" to the heimdal configure, I
still end up with heimdal binaries that are linked against the system
openssl libraries.
when I run kinit in gdb and walk through eval_pairs(), I get a failure
when running ENGINE_ctrl_cmd_string() for the LOAD comand.
and when I print context->error_string after the krb5_set_error_string()
call I see the following:
(gdb) p context->error_string
$1 = 0x99ff4c8 "PKINIT: Failed precommand (dynamic - LOAD:(NULL)):
error:260B6091:engine routines:DYNAMIC_LOAD:version incompatibility"
I began getting this error after re-compiling opensc against the version
of openssl that I built with debugging.
ldd of kinit shows the following:
% ldd /opt/heimdal-20050927-debug/bin/kinit
libkafs.so.0 => /opt/heimdal-20050927-debug/lib/libkafs.so.0
(0x00619000)
libkrb5.so.17 => /opt/heimdal-20050927-debug/lib/libkrb5.so.17
(0x0044e000)
libasn1.so.5 => /opt/heimdal-20050927-debug/lib/libasn1.so.5
(0x003f9000)
libroken.so.16 => /opt/heimdal-20050927-debug/lib/libroken.so.16
(0x00b7c000)
libdl.so.2 => /lib/libdl.so.2 (0x007be000)
libcom_err.so.1 =>
/opt/heimdal-20050927-debug/lib/libcom_err.so.1 (0x00b2a000)
libdb-4.1.so => /lib/libdb-4.1.so (0x00f28000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x00111000)
libresolv.so.2 => /lib/libresolv.so.2 (0x0013e000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0x00831000)
libc.so.6 => /lib/tls/libc.so.6 (0x002bc000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x00cf7000)
any thoughts on how to get heimdal to be linked against the new version
of the openssl library, and to ignore the one /usr?
-Matt