Xmlsecをインストールしましたが、XMLドキュメントを検証しようとするとエラーが発生し続けます。
yum install xmlsec1
yum install xmlsec1-openssl
[vagrant@localhost SSO-ROR-development]$ xmlsec1 --verify ../tmp_SAML_Sample.xml
func=xmlSecCryptoDLLibraryCreate:file=dl.c:line=146:obj=lt_dlopenext:subj=unknown:error=7:io function failed:filename=libxmlsec1-openssl
func=xmlSecCryptoDLGetLibraryFunctions:file=dl.c:line=498:obj=unknown:subj=xmlSecCryptoDLLibraryCreate:error=1:xmlsec library function failed:crypto=openssl
func=xmlSecCryptoDLLoadLibrary:file=dl.c:line=449:obj=unknown:subj=xmlSecCryptoDLGetLibraryFunctions:error=1:xmlsec library function failed:
Error: unable to load xmlsec-openssl library. Make sure that you have
this it installed, check shared libraries path (LD_LIBRARY_PATH)
envornment variable or use "--crypto" option to specify different
crypto engine.
Error: initialization failed
Usage: xmlsec <command> [<options>] [<files>]
Report bugs to http://www.aleksey.com/xmlsec/bugs.html
Written by Aleksey Sanin <[email protected]>.
Copyright (C) 2002-2003 Aleksey Sanin.
This is free software: see the source for copying information.
func=xmlSecCryptoShutdown:file=app.c:line=69:obj=unknown:subj=cryptoShutdown:error=9:feature is not implemented:
func=xmlSecAppCryptoShutdown:file=crypto.c:line=48:obj=unknown:subj=xmlSecCryptoShutdown:error=1:xmlsec library function failed:
Error: xmlsec crypto shutdown failed.
[vagrant@localhost SSO-ROR-development]$ ls $LD_LIBRARY_PATH/*xmlsec*
/usr/lib64/libxmlsec1-openssl.so.1 /usr/lib64/libxmlsec1-openssl.so.1.2.16 /usr/lib64/libxmlsec1.so.1 /usr/lib64/libxmlsec1.so.1.2.16
[root@localhost SSO-ROR-development]# uname -a
Linux localhost.localdomain 2.6.32-279.14.1.el6.x86_64 #1 SMP Tue Nov 6 23:43:09 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
このバグ に遭遇したと思います。これは、CentOS5マシンとEPEL5で複製したものです。私に言わせれば、出荷RPMにあるのはかなり悪いバグです。
幸いなことに、回避策はそれほど悪くはありません。通常の場所にシンボリックリンクを作成するか(通常はお勧めしません)、ディレクトリを作成してそこにシンボリックリンクを配置し、LD_LIBRARY_PATHを使用してそこをポイントします。 (デバッグの試みでない限り、環境にLD_LIBRARY_PATHがすでに設定されている理由はわかりません。)
# rpm -ql xmlsec1-openssl
/usr/lib64/libxmlsec1-openssl.so.1
/usr/lib64/libxmlsec1-openssl.so.1.2.16
Strace出力からわかるように
open("/lib64/libxmlsec1-openssl.la", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libxmlsec1-openssl.la", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libxmlsec1-openssl.la", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/lib/libxmlsec1-openssl.la", O_RDONLY) = -1 ENOENT (No such file or directory)
access("/lib64/libxmlsec1-openssl.so", R_OK) = -1 ENOENT (No such file or directory)
access("/usr/lib64/libxmlsec1-openssl.so", R_OK) = -1 ENOENT (No such file or directory)
access("/lib/libxmlsec1-openssl.so", R_OK) = -1 ENOENT (No such file or directory)
access("/usr/lib/libxmlsec1-openssl.so", R_OK) = -1 ENOENT (No such file or directory)
open("tls/x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
open("tls/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
open("x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
open("libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=38616, ...}) = 0
mmap(NULL, 38616, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fc634861000
close(3) = 0
open("/lib64/tls/x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/lib64/tls/x86_64", 0x7fff6b286950) = -1 ENOENT (No such file or directory)
open("/lib64/tls/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/lib64/tls", {st_mode=S_IFDIR|0555, st_size=4096, ...}) = 0
open("/lib64/x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/lib64/x86_64", 0x7fff6b286950) = -1 ENOENT (No such file or directory)
open("/lib64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/lib64", {st_mode=S_IFDIR|0555, st_size=12288, ...}) = 0
open("/usr/lib64/tls/x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls/x86_64", 0x7fff6b286950) = -1 ENOENT (No such file or directory)
open("/usr/lib64/tls/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/tls", {st_mode=S_IFDIR|0555, st_size=4096, ...}) = 0
open("/usr/lib64/x86_64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64/x86_64", 0x7fff6b286950) = -1 ENOENT (No such file or directory)
open("/usr/lib64/libxmlsec1-openssl.so", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/usr/lib64", {st_mode=S_IFDIR|0555, st_size=36864, ...}) = 0
munmap(0x7fc634861000, 38616) = 0
write(2, "func=xmlSecCryptoDLLibraryCreate"..., 137func=xmlSecCryptoDLLibraryCreate:file=dl.c:line=146:obj=lt_dlopenext:subj=unknown:error=7:io function failed:filename=libxmlsec1-openssl
) = 137
write(2, "func=xmlSecCryptoDLGetLibraryFun"..., 157func=xmlSecCryptoDLGetLibraryFunctions:file=dl.c:line=498:obj=unknown:subj=xmlSecCryptoDLLibraryCreate:error=1:xmlsec library function failed:crypto=openssl
) = 157
write(2, "func=xmlSecCryptoDLLoadLibrary:f"..., 142func=xmlSecCryptoDLLoadLibrary:file=dl.c:line=449:obj=unknown:subj=xmlSecCryptoDLGetLibraryFunctions:error=1:xmlsec library function failed:
) = 142
write(2, "Error: unable to load xmlsec-ope"..., 216Error: unable to load xmlsec-openssl library. Make sure that you have
this it installed, check shared libraries path (LD_LIBRARY_PATH)
envornment variable or use "--crypto" option to specify different
crypto engine.
) = 216
write(2, "Error: initialization failed\n", 29Error: initialization failed
xmlsec1-opensslは、libxmlsec1-openssl.so.1ではなくlibxmlsec1-openssl.soを検索しました。あなたはトリックを試みることができます
# cd /usr/lib64/
# ln -s libxmlsec1-openssl.so.1 libxmlsec1-openssl.so