【介绍】
p11-kit provides a way to load and enumerate PKCS#11 modules.
官网:https://p11-glue.freedesktop.org/p11-kit.html
官网:https://p11-glue.github.io/p11-glue/p11-kit.html
【yum安装】
yum install p11-kit p11-kit-devel
如果发现冲突,可以卸载系统安装的较低版本:
rpm -e --nodeps p11-kit && rpm -e --nodeps p11-kit-devel
【源码编译安装最新版本】
安装 libtasn1 :
安装 p11-kit :
参考:http://linuxfromscratch.org/blfs/view/svn/postlfs/p11-kit.html
最高版本:p11-kit-0.23.15
wget https://github.com/p11-glue/p11-kit/releases/download/0.23.15/p11-kit-0.23.15.tar.gz && tar -xzvf p11-kit-0.23.15.tar.gz && cd p11-kit-0.23.15 export LIBTASN1_CFLAGS="-I/usr/include" LIBTASN1_LIBS="-L/usr/lib -ltasn1" ./configure --prefix=/usr --sysconfdir=/etc --with-trust-paths=/etc/pki/anchors make && make check make install
配置信息:
configure: build options:
Host: x86_64-unknown-linux-gnu
Debug build: default (-g, debug output)
Strict build: no
Build documentation: no (no manual or reference)
System global config: /etc/pkcs11/pkcs11.conf
System module config directory: /etc/pkcs11/modules
Package module config directory: ${pkgdatadir}/modules
User global config: ~/.config/pkcs11/pkcs11.conf
User module config directory: ~/.config/pkcs11/modules
Load relative module paths from: ${exec_prefix}/lib/pkcs11
With libtasn1 dependency: yes
With libffi: yes
With hash implementation: internal
Build trust module: yes
Trust module paths: /etc/pki/tls/certs/ca-bundle.crt
注意:make check 时报错:FAIL: test-token ,这个没关系:“The test-token test is known to fail. ”
输出:
... ---------------------------------------------------------------------- Libraries have been installed in: /usr/lib ... /usr/bin/mkdir -p '/usr/bin' /bin/sh ./libtool --mode=install /usr/bin/install -c p11-kit/p11-kit trust/trust '/usr/bin' libtool: install: /usr/bin/install -c p11-kit/.libs/p11-kit /usr/bin/p11-kit libtool: install: /usr/bin/install -c trust/.libs/trust /usr/bin/trust ... ---------------------------------------------------------------------- Libraries have been installed in: /usr/lib/pkcs11 ... /usr/bin/mkdir -p '/usr/lib/pkgconfig' /usr/bin/install -c -m 644 p11-kit/p11-kit-1.pc '/usr/lib/pkgconfig' /usr/bin/mkdir -p '/usr/libexec/p11-kit' /bin/sh ./libtool --mode=install /usr/bin/install -c p11-kit-remote p11-kit-server '/usr/libexec/p11-kit' ...
更新系统动态连接库配置:
echo /usr/lib >> /etc/ld.so.conf echo /usr/lib/pkcs11 >> /etc/ld.so.conf && ldconfig
安装完成。
相关路径:
/usr/lib/p11-kit-proxy.so /usr/include/p11-kit-1/p11-kit /usr/lib/pkcs11/p11-kit-trust.so /etc/pkcs11/pkcs11.conf /etc/pki/tls/certs/ca-bundle.crt
【排错】
configure时可能报错:No package ‘libffi’ found
configure: error: Package requirements (libffi >= 3.0.0) were not met: No package 'libffi' found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables LIBFFI_CFLAGS and LIBFFI_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details.
需要指定 libffi 目录。
先查看pkgconfig目录下是否有 libffi.pc:
cd /usr/local/lib/pkgconfig/ && ls
没有哦!
编译libffi:
中间有Perl关联的报错,用命令 cpanm 安装即可。
cpanm Locale/Messages.pm
安装完成!
重新开始p11-kit的编译。
修正路径:
./configure LIBFFI_CFLAGS=-I/usr/local/lib/libffi-3.0.13/include LIBFFI_LIBS="-L/usr/local/lib -lffi"
【参考】
参考:https://gitlab.com/gnutls/gnutls/blob/master/NEWS
参考:http://www.gnutls.org/reference/gnutls-pkcs11
参考:https://github.com/joyent/pkgsrc/commit/b2f90097464690fd1dd95c6c1b9aa02866a38803
参考:http://p11-glue.freedesktop.org/p11-kit
参考:http://www.cnblogs.com/xiaouisme/archive/2012/05/23/2515151
参考:https://github.com/openwrt/packages/pull/2015/commits/869c22565c1a1d9269eaac31fb847f416c8e5cff
参考:http://stackoverflow.com/questions/12494072/compiling-glib-with-non-standard-paths
参考:http://superuser.com/questions/600279/how-to-adjust-the-pkg-config-path-environment-variable-while-running-configur