Package Details: safesignidentityclient 4.0.0.0-3

Git Clone URL: https://aur.archlinux.org/safesignidentityclient.git (read-only, click to copy)
Package Base: safesignidentityclient
Description: Smart card PKCS#11 provider and token manager
Upstream URL: https://certificaat.kpn.com/installatie-en-gebruik/installatie/pas-usb-stick/linux/
Licenses: custom:copyright
Conflicts: safesign-lib
Submitter: denisfalqueto
Maintainer: pedrohqb (geyslan)
Last Packager: pedrohqb
Votes: 12
Popularity: 0.019241
First Submitted: 2015-04-10 02:25 (UTC)
Last Updated: 2024-05-28 00:42 (UTC)

Pinned Comments

pedrohqb commented on 2024-05-27 02:53 (UTC) (edited on 2024-05-27 03:01 (UTC) by pedrohqb)

It seems now to be fixed after using the libs from the deb package.

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 11 Next › Last »

denisfalqueto commented on 2018-04-19 15:49 (UTC)

@loliveira

Hi. You should never symlink for different versions of libraries. If some library or program links to an specific version of another, there's a reason for that and if you symlink to a different version, all hell will break lose. So, don't do that.

According to your ldd output, your version of libaetpkss.so.3 is wrongly linked to libgdbm.so.2. That should be libgdbm.so.3, which is provided by gdbm183. As libaetpkss.so.3 is a binary provided by AET Software (through some hardware vendor), I believe that you should uninstall and reinstall SafeSign again. Make sure that the original source is the same as the source url in this page.

loliveira commented on 2018-04-19 15:25 (UTC) (edited on 2018-04-19 15:26 (UTC) by loliveira)

hi @denisfalqueto!

Same thing over here as you can see (I updated the gist): https://gist.github.com/devlucas/79c9e4639a370b51ddef6f00c750d0bb

I don't have the libgdbm.so.2 missing error anymore, as I have fixed it with a symlink to libgdbm.so.3.0.0.

Do you have firefox integrated with libaetpkss (by clicking on tokenadmin's "Integration > Install SafeSign in Firefox")? When I click that, it says the integration has been successfully installed, but when I trigger firefox from my terminal I get:

$ firefox

/usr/lib/firefox/firefox: symbol lookup error: /usr/lib/libaetpkss.so.3.0: undefined symbol: EVP_md2

I am fighting this one now by trying to compile openssl098 with enable-md2, not sure if this will fix the issue though..

denisfalqueto commented on 2018-04-19 13:01 (UTC)

@loliveira

I also have a warning for libopenssl, I think that's normal. But I don't have any messages about missing libgdbm.so.2. ldd tokenadmin gave the same results as yours. Could you provide the output for ldd /usr/lib/libaetpkss.so? This is the library that links to libgdbm and here in my box is links to libgdbm.so.3.

loliveira commented on 2018-04-19 06:06 (UTC) (edited on 2018-04-19 06:07 (UTC) by loliveira)

Turns out the issue was this:

libgdbm.so.2: cannot open shared object file: No such file or directory

I looked up what .so files I had for libgdbm and I found this:

$ find /usr/lib -type f -name "libgdbm*" | awk '!/compat/'

/usr/lib/libgdbm.so.5.0.0

/usr/lib/libgdbm.so.3.0.0

So I created a symlink for the closest version:

$ sudo ln -s /usr/lib/libgdbm.so.3.0.0 /usr/lib/libgdbm.so.2

Now I am able to run tokenadmin although it crashes as soon as I try to do basically anything, screaming about undefined symbols on libaetpkss.so.3.0 like this:

tokenadmin: symbol lookup error: /usr/lib/libaetpkss.so.3.0: undefined symbol: dbm_open

I believe this has to do with the first error that shows up on my terminal when I run tokenadmin (although it doesn't blow up right there):

tokenadmin: /usr/lib/libcrypto.so.0.9.8: no version information available (required by tokenadmin)

I am able to install the firefox integration though, but when I do it crashes firefox like this:

$ firefox

/usr/lib/firefox/firefox: symbol lookup error: /usr/lib/libaetpkss.so.3.0: undefined symbol: EVP_md2

Digging deeper on google I found this: http://openssl.6102.n7.nabble.com/EVP-md2-error-td24359.html

So tomorrow I am gonna try to recompile openssl098 with enable-md2 and see how it goes, I wonder if anyone is facing these issues as well, but anyway I will keep posting here for the sake of information.

loliveira commented on 2018-04-19 04:19 (UTC) (edited on 2018-04-19 04:21 (UTC) by loliveira)

Hi folks!

First, thank you for the amazing effort you have put onto this :)

I got this package installed this week, but when I try to open tokenadmin, I am facing a few issues, some I think are fine, but there is one in particular that prevents me from using the program:

~ » tokenadmin

tokenadmin: /usr/lib/libcrypto.so.0.9.8: no version information available (required by tokenadmin)

01:12:24 AM: Deleted stale lock file '/tmp/{B58139E8-7087-C745ACBE-5EE8B60C3D32} - lucas'.

libgdbm.so.2: cannot open shared object file: No such file or directory

The above shows up on my terminal but doesn't prevent the program from starting up, the thing is that when it starts, I get a GUI titled "Fatal Error" with the following message: "Unable to load libaetpkss.so.3.0"

This is the relevant info I can get about libaetpkss.so.3.0:

~ » ll /usr/lib/libaetpkss.so.3.0

lrwxrwxrwx 1 root root 22 Apr 19 00:55 /usr/lib/libaetpkss.so.3.0 -> libaetpkss.so.3.0.3930

~ » pacman -Qo /usr/lib/libaetpkss.so.3.0 /usr/lib/libaetpkss.so.3.0 is owned by safesignidentityclient 3.0.101-5

You can see the output of "ldd /usr/bin/tokenadmin" on my machine here: https://gist.github.com/devlucas/79c9e4639a370b51ddef6f00c750d0bb

Any chance someone can help me figure out what's going on?

Thanks a lot in advance!

denisfalqueto commented on 2018-03-15 22:17 (UTC)

Changelog for 3.0.101-5:

  • Remove use of deb2targz
  • Make ccid obligatory dependency

Thanks @la-mj for pointing that out.

denisfalqueto commented on 2017-12-15 16:13 (UTC)

@la-mj

"fetching binary packages from github makes me sad => who knows how they were REALLY obtained"

This is certainly a valid point, but on the other hand, our providers also don't have a source from where they get it. For example, "Valid AC" can get a version of Safesign different from "Caixa AC". So, that's a moot point.

"deb2targz is a builddep => please add it"

Point taken, I'll change it.

"using wxgtk3 is no good => confirmed"

Also had confirmed it before.

"ccid is not optional for this unit"

Thanks. I'll fix it.

"Warning: Mismatch between the program and library build versions detected. The library used 2.8 (no debug,Unicode,compiler with C++ ABI 1011,wx containers,compatible with 2.6), and your program used 2.8 (no debug,Unicode,compiler with C++ ABI 1002,wx containers,compatible with 2.6)."

This mean your version of wxgtk was built with a different version of toolchain than the one used to build Safesign. That could be fixed by rebuilding wxgtk2.8 with the right options.

"locally available win-only version is 3.0.124 => vendor & provider are grade A holes"

That's true. Unfortunately, we're on their hands for Linux support, which is always an afterthought.

"seems to work kinda..."

Yeah, unfortunately also not under our control.

"firefox picks it up but I am getting SSL_ERROR_UNKNOWN_CA_ALERT on a site that should recognize it"

That problem is related to missing intermediary CA certs known to Firefox. That's nothing Safesign can do about it.

"too bad nothing free handles pdf signing"

Also not related to Safesign.

Thanks for commenting. I'll try to fix what I can as soon as possible.

geyslan commented on 2017-12-14 16:55 (UTC) (edited on 2017-12-14 16:59 (UTC) by geyslan)

@la-mj,

My cents about some concerns.

  • "fetching binary packages from github makes me sad => who knows how they were REALLY obtained"
  • https://github.com/geyslan/morpho/blob/master/README.md

  • "deb2targz is a builddep => please add it"

  • Actually tar can handle it alone. There's no need of deb2targz. Eg. tar xf data.tar.xz

LA-MJ commented on 2017-12-14 16:10 (UTC) (edited on 2017-12-14 16:11 (UTC) by LA-MJ)

Notes on trying 3.0.101-4 with 1059:0019 Giesecke & Devrient GmbH:

  • fetching binary packages from github makes me sad => who knows how they were REALLY obtained
  • deb2targz is a builddep => please add it
  • using wxgtk3 is no good => confirmed
  • ccid is not optional for this unit
  • Warning: Mismatch between the program and library build versions detected. The library used 2.8 (no debug,Unicode,compiler with C++ ABI 1011,wx containers,compatible with 2.6), and your program used 2.8 (no debug,Unicode,compiler with C++ ABI 1002,wx containers,compatible with 2.6).
  • locally available win-only version is 3.0.124 => vendor & provider are grade A holes
  • seems to work kinda...
  • firefox picks it up but I am getting SSL_ERROR_UNKNOWN_CA_ALERT on a site that should recognize it
  • too bad nothing free handles pdf signing

denisfalqueto commented on 2017-09-04 12:30 (UTC)

@mehdisadeghi: I tested it with wxgtk3 and couldn't open Token Administrator. It failed with a missing dependency on a symbol provided by wxgtk2.8-light. So I won't change the dependency for now.