Douglas E. Engert wrote: > Yes, see the patch in the 12/09/2006 note from Love: > > > Index: crypto.c > =================================================================== > RCS file: > /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/lib/hx509/crypto.c,v > > retrieving revision 1.60 > retrieving revision 1.61 > diff -u -p -u -w -r1.60 -r1.61 > --- lib/hx509/crypto.c 6 Dec 2006 10:23:14 -0000 1.60 > +++ lib/hx509/crypto.c 9 Dec 2006 12:56:34 -0000 1.61 > @@ -1264,6 +1264,7 @@ _hx509_private_key_assign_rsa(hx509_priv > if (key->private_key.rsa) > RSA_free(key->private_key.rsa); > key->private_key.rsa = ptr; > + key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption(); > key->md = &pkcs1_rsa_sha1_alg; > } > > ok. Btw, I tried today's build and I couldn't compile it. Any known problems ? > > P.S. is this testing with coolkey? Yes. Axalto e-gate 32k smartcards. --Chandra > > Chandrasekar Kannan wrote: > >> >> I'm using Hiemdal - >> ftp://ftp.pdc.kth.se/pub/heimdal/src/snapshots/heimdal-0.8-rc2.tar.gz >> >> I managed finally to compile Hiemdal KDC and have set it up. >> Now I'm trying to do a kinit to get a ticket, and I'm noticing >> that kinit is segfaulting. >> >> [root@magic ~]# /usr/heimdal/bin/kinit -D /etc/pkinit/anchors -C >> PKCS11:/usr/lib/pkcs11/libcoolkeypk11.so >> PIN code for E-Gate 00 00: >> Segmentation fault >> >> Here's the stack trace for that. >> >> [root@rhcs ~]# gdb /usr/heimdal/bin/kinit ./core.9014 >> GNU gdb Red Hat Linux (6.5-12.el5rh) >> Copyright (C) 2006 Free Software Foundation, Inc. >> GDB is free software, covered by the GNU General Public License, and >> you are >> welcome to change it and/or distribute copies of it under certain >> conditions. >> Type "show copying" to see the conditions. >> There is absolutely no warranty for GDB. Type "show warranty" for >> details. >> This GDB was configured as "i386-redhat-linux-gnu"...Using host >> libthread_db library "/lib/i686/nosegneg/libthread_db.so.1". >> >> >> warning: Can't read pathname for load map: Input/output error. >> Reading symbols from /lib/libdl.so.2...done. >> Loaded symbols for /lib/libdl.so.2 >> Reading symbols from /lib/libcrypto.so.6...done. >> Loaded symbols for /lib/libcrypto.so.6 >> Reading symbols from /lib/libcom_err.so.2...done. >> Loaded symbols for /lib/libcom_err.so.2 >> Reading symbols from /lib/libcrypt.so.1...done. >> Loaded symbols for /lib/libcrypt.so.1 >> Reading symbols from /lib/libresolv.so.2...done. >> Loaded symbols for /lib/libresolv.so.2 >> Reading symbols from /lib/i686/nosegneg/libpthread.so.0...done. >> Loaded symbols for /lib/i686/nosegneg/libpthread.so.0 >> Reading symbols from /lib/i686/nosegneg/libc.so.6...done. >> Loaded symbols for /lib/i686/nosegneg/libc.so.6 >> Reading symbols from /lib/ld-linux.so.2...done. >> Loaded symbols for /lib/ld-linux.so.2 >> Reading symbols from /usr/lib/libz.so.1...done. >> Loaded symbols for /usr/lib/libz.so.1 >> Reading symbols from /usr/lib/pkcs11/libcoolkeypk11.so...done. >> Loaded symbols for /usr/lib/pkcs11/libcoolkeypk11.so >> Reading symbols from /usr/lib/libckyapplet.so.1...done. >> Loaded symbols for /usr/lib/libckyapplet.so.1 >> Reading symbols from /usr/lib/libstdc++.so.6...done. >> Loaded symbols for /usr/lib/libstdc++.so.6 >> Reading symbols from /lib/i686/nosegneg/libm.so.6...done. >> Loaded symbols for /lib/i686/nosegneg/libm.so.6 >> Reading symbols from /lib/libgcc_s.so.1...done. >> Loaded symbols for /lib/libgcc_s.so.1 >> Reading symbols from /usr/lib/libpcsclite.so.1...done. >> Loaded symbols for /usr/lib/libpcsclite.so.1 >> Failed to read a valid object file image from memory. >> Core was generated by `/usr/heimdal/bin/kinit -D /etc/pkinit/anchors/ >> -C PKCS11:/usr/lib/pkcs11/libcoo'. >> Program terminated with signal 11, Segmentation fault. >> #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39 >> 39 if (p->length != q->length) >> (gdb) where >> #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39 >> #1 0x0807ff21 in find_sig_alg (oid=0x0) at crypto.c:836 >> #2 0x0807ff58 in find_keytype (key=<value optimized out>) at >> crypto.c:2086 >> #3 0x08080b6e in hx509_crypto_select (context=0x9aad340, type=1, >> source=0x9ab2718, >> peer=0x0, selected=0xbf84959c) at crypto.c:2120 >> #4 0x0807e245 in hx509_cms_create_signed_1 (context=0x9aad340, >> eContentType=0x80d30b4, >> data=0x9ab8748, length=658, digest_alg=0x0, cert=0x9ab2498, >> peer=0x0, anchors=0x0, >> pool=0x9ab00b8, signed_data=0xbf8496e0) at cms.c:980 >> #5 0x0806ee5d in _krb5_pk_mk_padata (context=0x9aad008, c=0x9aae060, >> req_body=0xbf84f978, >> nonce=2835618996, md=0x9ab2628) at pkinit.c:154 >> #6 0x08062ac9 in krb5_get_init_creds (context=0x9aad008, >> creds=0xbf851cd4, >> client=0x9aad2a8, prompter=0x8070ea0 <krb5_prompter_posix>, >> data=0x0, start_time=0, >> in_tkt_service=0x0, options=0x9ab5570) at init_creds_pw.c:1026 >> #7 0x08063737 in krb5_get_init_creds_password (context=0x9aad008, >> creds=0xbf851cd4, >> client=0x9aad2a8, password=0xbf851bd4 "", prompter=0x8070ea0 >> <krb5_prompter_posix>, >> data=0x0, start_time=0, in_tkt_service=0x0, in_options=0x9aae028) >> at init_creds_pw.c:1524 >> #8 0x0804c104 in get_new_tickets (context=0x9aad008, >> principal=0x9aad2a8, >> ccache=0x9aad1d0, ticket_life=0, interactive=1) at kinit.c:591 >> #9 0x0804cf57 in main (argc=7, argv=0x80d6b54) at kinit.c:892 >> (gdb) >> >> >> >> Any ideas? >> >> thanks. >> --Chandra >> >> >
S/MIME Cryptographic Signature