Eric Irrgang wrote on 10/12/2004, 12:07 PM: > On Fri, 8 Oct 2004, Julien Pierre wrote: > > >pk12util will work cert8.db as well, if you use the correct build of it, > >which is dynamically linked to NSS. > >The NSS 3.9 version of pk12util will work fine. > > Is there a good way to determine what version or build a compiled binary > is from? There doesn't seem to be a version flag and the version does not > appear as an ASCII string in all of the tools.
There is a good way to determine the version of a compiled shared library. On Unix, use the 'what' or 'ident' command: % what libnss3.so | grep NSS % ident libnss3.so | grep NSS Unfortunately we don't build version strings into the executable programs such as certutil, so you need to look at the shared libraries they link with instead. > Incidentally, the certutil that Sun is distributing these days claims to > be from NSS 3.3.10. Is there such a thing or did they just go off on > their own branch? > $ strings /usr/sfw/bin/sparcv9/certutil |head -2 > $Header: NSS 3.3.10 Mar 25 2004 01:04:11 $ > @(#)NSS 3.3.10 Mar 25 2004 01:04:11 NSS 3.3.10 is produced off an official NSS 3.x branch. Sun hires full-time engineers to work on NSS and is using official NSS releases. (By the way, in NSS 3.x, certutil statically links with the NSS libraries, which is why it contains version strings. In general you should try to use 'what' or 'ident' on libnss3.so to determine the version.) Wan-Teh
smime.p7s
Description: S/MIME Cryptographic Signature
