> Danek Duvall wrote: >> On Wed, Dec 05, 2007 at 11:37:59PM -0500, Dennis Clarke wrote: >> >>> I go hunting through src/modules/elf.c to find the calls that require >>> libmd >>> but it is not obvious. Either that .. or I simply don't know what to look >>> for. >>> >>> It is quite frustrating. >> >> If you build on a system with libmd, and enable direct binding at link >> time: >> >> cc -B direct -G -lelf -lmd elf.o liblist.o elfextract.o -o elf.so >> >> then the .SUNW_syminfo section of elf.so will contain a list of symbols >> that need binding, as well as what object the symbol can be resolved in. >> Then elfdump -y will dump that section: >> >> % elfdump -y elf.so | grep libmd >> [16] DBL [3] libmd.so.1 SHA1Final >> [42] DBL [3] libmd.so.1 SHA1Init >> [45] DBL [3] libmd.so.1 SHA1Update >> >> I've no idea how much of this is available on releases prior to Nevada. > > libmd is in Solaris 10 u3 (or maybe it was u4) it is not in any prior > release and (as its creator) I have no plans to put it back any further > nor is there a release vehicle for me to do so.
It is always good to hear from you Darren. I have the utmost respect for your work primarily because it must be exact and elegant. You actually implement solutions that solve[1] ( or at least address ) serious issues in the world of security. People on these maillists sometimes fail to give credit where credit is due and I *feel* that Solaris has the benefit of some really world class software engineers and scientists. In the spirit of Christmas I just wanted to point out that your work is respected, greatly. Looks to be in Solaris 10 7/07 HW What's New : http://docs.sun.com/app/docs/doc/820-2714/gevgl?l=en&a=view The required functionality for SHA1 can be found in any respected ( like your work ) implementation of the FIPS PUB 180-1 algorithms. Darren, I know that you *know* these things backwards and forwards and I think it makes good sense for the IPS package software to use the libmd libraries on Solaris 10u4 upwards. This will be a blocking factor in porting to any thing previous to Solaris 10 update 4 ( Solaris 10 7/07 ). So when we talk of "cross-platform" what do we mean ? I could make the effort to get the necessary code bits from the BSD world or the sources for libmd and perhaps solve the SHA1Final etc calls that way. Then the whole thing will compile on Solaris 8 ( if desired ) and run on any Solaris. So the first question I have to ask, if I may, is what do we mean by "cross platform"? Please bear in mind that I use Solaris 8 as my crucible where code will melt down and reveal all. If it compiles clean there ( and works ) then by definition it will work anywhere in the Solaris world. That explains why I took the sources back to a Solaris 8 x86 machine. Just to see what breaks and then how to fix it. The SHA1 calls require a bit more work than a simple #include <sha1.h> :-) Dennis Clarke [1] I would not even begin to attempt a mathematical proof of the strengh of SHA1 or MD5 hashs as a way to uniquely assure a message has not been modified. I *feel* that a collision can be generated for any given digest .. but can't proove it. Quantum computing may change everything in 30 years. _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
