PAM with OpenSSL - urgent help needed
Boris Breslav
boris at bsafesolutions.com
Thu Feb 3 01:22:02 UTC 2005
Hi Thorsten,
> Else I can only say I had never problems with that.
thanks for the reply.
The /usr/local/ssl/lib directory contains both libcrypto.so and libcrypto.a
I understand that I'm lacking some basics here, so I renamed the latter to
make sure I work with the shared library only.
You said that you used OpenSSL library (or any library for that matter). Did
you load it dynamically?
It looks like the problem is that I'm trying to statically load the library
by:
gcc -shared mymodule.o -o pam_mymodule.so -L/usr/local/ssl/lib -lcrypto
The PAM Developers Guide refers to statically loaded modules. Does it mean
that I have to take the same considerations in case of dynamically loaded
module, which in his turn statically load an external library (libcrypto.so
in my case)?
I put my module in /ect/pam.d/sshd - I'm not even getting to the
pam_sm_authenticate function and the response to the client is always
"Access denied".
Thanks again.
----- Original Message -----
From: "Thorsten Kukuk" <kukuk at suse.de>
To: "Pluggable Authentication Modules" <pam-list at redhat.com>
Sent: Wednesday, February 02, 2005 2:38 PM
Subject: Re: PAM with OpenSSL - urgent help needed
>
> On Wed, Feb 02, Boris Breslav wrote:
>
>> Hi
>> is there any reason that I should not use OpenSSL library (libcrypto)
>> with
>> PAM?
>> The same piece of code works in a command line program and fails with my
>> custom PAM module.
>> I compile the module like this:
>> gcc -c -fpic -I/usr/local/ssl/include mymodule.c
>> gcc -shared mymodule.o -o pam_mymodule.so -L/usr/local/ssl/lib -lcrypto
>>
>> Could it be a problem that /usr/local/ssl/lib/libcrypto.a is a static
>> library?
>
> Linking a static library into a shared one is always a mistake and
> should never be made.
> Else I can only say I had never problems with that.
>
> Thorsten
>
> --
> Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk at suse.de
> SuSE Linux Products GmbH Maxfeldstr. 5 D-90409 Nuernberg
> --------------------------------------------------------------------
> Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list