Wan-Teh Chang wrote:
On Thu, Aug 7, 2008 at 4:40 AM, Michael Ströder <[EMAIL PROTECTED]> wrote:
Ok, I've extracted
ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_11_4_RTM/Linux2.6_x86_glibc_PTH_DBG.OBJ/nss-3.11.4.tar.gz

and set LD_LIBRARY_PATH to the extracted lib/ dir (see output of ldd
below). Is signver statically linked? Note that locally installed RPM
package mozilla-nspr-4.7.1-18.2 provides
/usr/lib/libnspr4.so
/usr/lib/libplc4.so
/usr/lib/libplds4.so

Is this compatible to the binary from the above URL?

Yes.  The binary from the above URL was built against NSPR 4.6.4.
NSPR 4.7.1 is backward compatible with NSPR 4.6.4.

The caveat is that we don't know if the RPM package mozilla-nspr-4.7.1-18.2
has been patched in some way that made it incompatible.  It's very
unlikely though.  Which Linux distribution is this?

$ ldd bin/signver
       linux-gate.so.1 =>  (0xffffe000)
       libplc4.so => /usr/lib/libplc4.so (0xb7fe8000)
       libplds4.so => /usr/lib/libplds4.so (0xb7fe4000)
       libnspr4.so => /usr/lib/libnspr4.so (0xb7fae000)
       libpthread.so.0 => /lib/libpthread.so.0 (0xb7f96000)
       libdl.so.2 => /lib/libdl.so.2 (0xb7f92000)
       libc.so.6 => /lib/libc.so.6 (0xb7e4e000)
       /lib/ld-linux.so.2 (0xb8002000)

This ldd output suggests that signver is linked with NSS static libraries.
I verified it in our source tree:
http://mxr.mozilla.org/security/source/security/nss/cmd/signver/manifest.mn#58

56 ARCHIVE_NAME  = signver
57
58 USE_STATIC_LIBS = 1
signver was finally made to link with the dynamic NSS libraries in NSS 3.12.1 (not yet released), so pretty much any package will have static linked version of it.

bob
Wan-Teh
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to