On Thu, Aug 7, 2008 at 4:40 AM, Michael Ströder <[EMAIL PROTECTED]> wrote: > > Ok, I've extracted > ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_11_4_RTM/Linux2.6_x86_glibc_PTH_DBG.OBJ/nss-3.11.4.tar.gz > > and set LD_LIBRARY_PATH to the extracted lib/ dir (see output of ldd > below). Is signver statically linked? Note that locally installed RPM > package mozilla-nspr-4.7.1-18.2 provides > /usr/lib/libnspr4.so > /usr/lib/libplc4.so > /usr/lib/libplds4.so > > Is this compatible to the binary from the above URL?
Yes. The binary from the above URL was built against NSPR 4.6.4. NSPR 4.7.1 is backward compatible with NSPR 4.6.4. The caveat is that we don't know if the RPM package mozilla-nspr-4.7.1-18.2 has been patched in some way that made it incompatible. It's very unlikely though. Which Linux distribution is this? > $ ldd bin/signver > linux-gate.so.1 => (0xffffe000) > libplc4.so => /usr/lib/libplc4.so (0xb7fe8000) > libplds4.so => /usr/lib/libplds4.so (0xb7fe4000) > libnspr4.so => /usr/lib/libnspr4.so (0xb7fae000) > libpthread.so.0 => /lib/libpthread.so.0 (0xb7f96000) > libdl.so.2 => /lib/libdl.so.2 (0xb7f92000) > libc.so.6 => /lib/libc.so.6 (0xb7e4e000) > /lib/ld-linux.so.2 (0xb8002000) This ldd output suggests that signver is linked with NSS static libraries. I verified it in our source tree: http://mxr.mozilla.org/security/source/security/nss/cmd/signver/manifest.mn#58 56 ARCHIVE_NAME = signver 57 58 USE_STATIC_LIBS = 1 Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
