rpmlint warnings/errors
Hans de Goede
j.w.r.degoede at hhs.nl
Wed Jun 7 18:01:57 UTC 2006
Kent E Yoder wrote:
> fedora-extras-list-bounces at redhat.com wrote on 06/07/2006 09:18:15 AM:
>
>> On Wed, 7 Jun 2006 07:58:33 -0500, Daniel H Jones wrote:
>>
>>> There is a versioned .so file, however, applications that use this
> package
>>> often perform a dlopen(libopencryptoki.so, ...) at runtime. Removing
> this
>>> link from the base package would cause problems for those applications
>>> (or force the installer to create the symlinks themselves).
>> No application should ever dlopen the non-versioned .so at run-time. If
> it
>> does, it needs to be patched. An application is built for a specific
>> API/ABI and must not expect an arbitrary .so to be the right one.
>
> You are absolutely correct under normal circumstances, but this is a bit
> of a special case. libopencryptoki.so implements the PKCS#11 API, which
> is designed to be used in exactly this way. PKCS#11 apps routinely provide
> a way for you to specify which PKCS#11 API .so you'd like to use. This is
> because different PKCS#11 implementations *should* be interchangeable,
> since they each provide the same API, but may support different hardware
> under the covers. In fact, fedora already ships one such program with the
> opensc package, "pkcs11-tool".
>
Then this is indeed very similar to the ctapi case, to be more precise,
its exactly the same. May I suggest that you take a look at the
ctapi-cyberjack review:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188369
An identical problem has been discussed and solved in this review and
Ville, the maintainer of opensc was involved in this fix, I'm sure he is
more then willing to "fix" opensc in much the same way he fixed the
ctapi part of openct.
Regards,
Hans
More information about the fedora-extras-list
mailing list