Douglas E. Engert wrote:
Yes, see the patch in the 12/09/2006 note from Love:Index: crypto.c ===================================================================RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/lib/hx509/crypto.c,vretrieving revision 1.60 retrieving revision 1.61 diff -u -p -u -w -r1.60 -r1.61 --- lib/hx509/crypto.c 6 Dec 2006 10:23:14 -0000 1.60 +++ lib/hx509/crypto.c 9 Dec 2006 12:56:34 -0000 1.61 @@ -1264,6 +1264,7 @@ _hx509_private_key_assign_rsa(hx509_priv if (key->private_key.rsa) RSA_free(key->private_key.rsa); key->private_key.rsa = ptr; + key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); key->md = &pkcs1_rsa_sha1_alg; }
ok. Btw, I tried today's build and I couldn't compile it. Any known problems ?
P.S. is this testing with coolkey?
Yes. Axalto e-gate 32k smartcards. --Chandra
Chandrasekar Kannan wrote:I'm using Hiemdal - ftp://ftp.pdc.kth.se/pub/heimdal/src/snapshots/heimdal-0.8-rc2.tar.gzI managed finally to compile Hiemdal KDC and have set it up. Now I'm trying to do a kinit to get a ticket, and I'm noticing that kinit is segfaulting.[EMAIL PROTECTED] ~]# /usr/heimdal/bin/kinit -D /etc/pkinit/anchors -C PKCS11:/usr/lib/pkcs11/libcoolkeypk11.soPIN code for E-Gate 00 00: Segmentation fault Here's the stack trace for that. [EMAIL PROTECTED] ~]# gdb /usr/heimdal/bin/kinit ./core.9014 GNU gdb Red Hat Linux (6.5-12.el5rh) Copyright (C) 2006 Free Software Foundation, Inc.GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions.Type "show copying" to see the conditions.There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/i686/nosegneg/libthread_db.so.1".warning: Can't read pathname for load map: Input/output error. Reading symbols from /lib/libdl.so.2...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/libcrypto.so.6...done. Loaded symbols for /lib/libcrypto.so.6 Reading symbols from /lib/libcom_err.so.2...done. Loaded symbols for /lib/libcom_err.so.2 Reading symbols from /lib/libcrypt.so.1...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/i686/nosegneg/libpthread.so.0...done. Loaded symbols for /lib/i686/nosegneg/libpthread.so.0 Reading symbols from /lib/i686/nosegneg/libc.so.6...done. Loaded symbols for /lib/i686/nosegneg/libc.so.6 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /usr/lib/pkcs11/libcoolkeypk11.so...done. Loaded symbols for /usr/lib/pkcs11/libcoolkeypk11.so Reading symbols from /usr/lib/libckyapplet.so.1...done. Loaded symbols for /usr/lib/libckyapplet.so.1 Reading symbols from /usr/lib/libstdc++.so.6...done. Loaded symbols for /usr/lib/libstdc++.so.6 Reading symbols from /lib/i686/nosegneg/libm.so.6...done. Loaded symbols for /lib/i686/nosegneg/libm.so.6 Reading symbols from /lib/libgcc_s.so.1...done. Loaded symbols for /lib/libgcc_s.so.1 Reading symbols from /usr/lib/libpcsclite.so.1...done. Loaded symbols for /usr/lib/libpcsclite.so.1 Failed to read a valid object file image from memory.Core was generated by `/usr/heimdal/bin/kinit -D /etc/pkinit/anchors/ -C PKCS11:/usr/lib/pkcs11/libcoo'.Program terminated with signal 11, Segmentation fault. #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39 39 if (p->length != q->length) (gdb) where #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39 #1 0x0807ff21 in find_sig_alg (oid=0x0) at crypto.c:836#2 0x0807ff58 in find_keytype (key=<value optimized out>) at crypto.c:2086 #3 0x08080b6e in hx509_crypto_select (context=0x9aad340, type=1, source=0x9ab2718,peer=0x0, selected=0xbf84959c) at crypto.c:2120#4 0x0807e245 in hx509_cms_create_signed_1 (context=0x9aad340, eContentType=0x80d30b4, data=0x9ab8748, length=658, digest_alg=0x0, cert=0x9ab2498, peer=0x0, anchors=0x0,pool=0x9ab00b8, signed_data=0xbf8496e0) at cms.c:980#5 0x0806ee5d in _krb5_pk_mk_padata (context=0x9aad008, c=0x9aae060, req_body=0xbf84f978,nonce=2835618996, md=0x9ab2628) at pkinit.c:154#6 0x08062ac9 in krb5_get_init_creds (context=0x9aad008, creds=0xbf851cd4, client=0x9aad2a8, prompter=0x8070ea0 <krb5_prompter_posix>, data=0x0, start_time=0,in_tkt_service=0x0, options=0x9ab5570) at init_creds_pw.c:1026#7 0x08063737 in krb5_get_init_creds_password (context=0x9aad008, creds=0xbf851cd4, client=0x9aad2a8, password=0xbf851bd4 "", prompter=0x8070ea0 <krb5_prompter_posix>,data=0x0, start_time=0, in_tkt_service=0x0, in_options=0x9aae028) at init_creds_pw.c:1524#8 0x0804c104 in get_new_tickets (context=0x9aad008, principal=0x9aad2a8,ccache=0x9aad1d0, ticket_life=0, interactive=1) at kinit.c:591 #9 0x0804cf57 in main (argc=7, argv=0x80d6b54) at kinit.c:892 (gdb) Any ideas? thanks. --Chandra
smime.p7s
Description: S/MIME Cryptographic Signature