如何确保curl使用openssl,而不是nss? [英] How can I ensure that curl uses openssl, and not nss?
本文介绍了如何确保curl使用openssl,而不是nss?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
可以通过配置确保 参数
, curl
使用 OpenSSL ,并且不是 NSS 检索https内容?我需要确保这一点,以便强制遵守 FIPS140-2 ,RHEL6.2已经认证?
Is it possible to ensure by a configuration parameter
, that curl
uses OpenSSL, and not NSS to retrieve https content? I need to ensure this, in order to enforce compliance with FIPS140-2, which RHEL6.2 has certified?
我认为答案是否。
所以我会问这里的跟进...我可以重新编译curl,以确保它使用libssl而不是libnss?我尝试过:
So I'll ask the follow-up here as well... Can I recompile curl to ensure that it uses libssl and not libnss? I've tried:
./configure --with-ssl --without-nss
我还是用curl二进制文件动态链接 libnss3.so
and I still end up with a curl binary that dynamically links against libnss3.so
.
[root@fips curl-7.19.7]# ldd /usr/bin/curl
linux-vdso.so.1 => (0x00007fffacbe8000)
libcurl.so.4 => /usr/lib64/libcurl.so.4 (0x00007f5d8fe03000)
libidn.so.11 => /lib64/libidn.so.11 (0x00007f5d8fbd1000)
libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007f5d8f983000)
librt.so.1 => /lib64/librt.so.1 (0x00007f5d8f77b000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f5d8f537000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f5d8f250000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f5d8f024000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f5d8ee20000)
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f5d8ebc2000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f5d8e828000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f5d8e624000)
libssh2.so.1 => /usr/lib64/libssh2.so.1 (0x00007f5d8e3fb000)
libz.so.1 => /lib64/libz.so.1 (0x00007f5d8e1e5000)
libc.so.6 => /lib64/libc.so.6 (0x00007f5d8de52000)
liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00007f5d8dc42000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f5d8da28000)
libssl3.so => /usr/lib64/libssl3.so (0x00007f5d8d7f2000)
libsmime3.so => /usr/lib64/libsmime3.so (0x00007f5d8d5c5000)
---> libnss3.so => /usr/lib64/libnss3.so (0x00007f5d8d28a000)
---> libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f5d8d05f000)
libplds4.so => /lib64/libplds4.so (0x00007f5d8ce5a000)
libplc4.so => /lib64/libplc4.so (0x00007f5d8cc55000)
libnspr4.so => /lib64/libnspr4.so (0x00007f5d8ca18000)
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007f5d8c7fd000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5d8c5e0000)
/lib64/ld-linux-x86-64.so.2 (0x00007f5d90062000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f5d8c3d5000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f5d8c1d1000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f5d8bf99000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f5d8bd7a000)
libfreebl3.so => /lib64/libfreebl3.so (0x00007f5d8bb18000)
推荐答案
./configure --with-ssl=/usr/include --without-nss
这篇关于如何确保curl使用openssl,而不是nss?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文