Date: Fri, 17 Nov 2000 13:38:12 +0100 (CET) From: bg@sics.se To: FreeBSD-gnats-submit@freebsd.org Cc: bg@sics.se Subject: conf/22916: Ssh/sshd binaries lacks kerberos support (patch included) Message-ID: <200011171238.eAHCcCO36750@bg.sics.se>
next in thread | raw e-mail | index | archive | help
>Number: 22916
>Category: conf
>Synopsis: Ssh/sshd binaries lacks kerberos support (patch included)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Nov 17 04:40:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Bjoern Groenvall
>Release: FreeBSD 4.2-BETA i386
>Organization:
>Environment:
FreeBSD 4.2-BETA i386 with kerberosIV distribution installed
>Description:
Both /usr/bin/ssh and /usr/sbin/sshd lack support for kerberos even
though the binary distribution for kerberosIV is installed.
>How-To-Repeat:
Install a machine with the binary kerberosIV distribution and run
ldd /usr/bin/ssh.
>Fix:
When kerberosIV is built both telnet and telnetd are rebuilt (from the
same sources) with kerberos enabled. I suggest that ssh and sshd are
rebuilt in a similar fashion. The attached patch does that and has
been tested with tag=RELEASE_4 and cvsup:ed sources from November 15.
Cheers,
Bjorn
diff -ur -P kerberosIV.org/usr.bin/Makefile kerberosIV/usr.bin/Makefile
--- kerberosIV.org/usr.bin/Makefile Sat Aug 28 03:31:26 1999
+++ kerberosIV/usr.bin/Makefile Fri Nov 17 10:35:15 2000
@@ -1,5 +1,5 @@
# $FreeBSD: src/kerberosIV/usr.bin/Makefile,v 1.2 1999/08/28 01:31:26 peter Exp $
-SUBDIR= kadmin kauth kdestroy kinit klist ksrvtgt telnet
+SUBDIR= kadmin kauth kdestroy kinit klist ksrvtgt telnet ssh
.include <bsd.subdir.mk>
diff -ur -P kerberosIV.org/usr.bin/ssh/Makefile kerberosIV/usr.bin/ssh/Makefile
--- kerberosIV.org/usr.bin/ssh/Makefile Thu Jan 1 01:00:00 1970
+++ kerberosIV/usr.bin/ssh/Makefile Fri Nov 17 10:29:07 2000
@@ -0,0 +1,44 @@
+# $FreeBSD: src/secure/usr.bin/ssh/Makefile,v 1.4.2.3 2000/10/28 23:05:13 kris Exp $
+#
+
+SSHSRC= ${.CURDIR}/../../../crypto/openssh
+
+PROG= ssh
+BINOWN= root
+BINMODE=4555
+MAN1= ssh.1
+LINKS= ${BINDIR}/ssh ${BINDIR}/slogin
+MLINKS= ssh.1 slogin.1
+
+SRCS= ssh.c log-client.c readconf.c clientloop.c sshconnect.c \
+ sshconnect1.c sshconnect2.c
+
+.include <bsd.own.mk>
+
+.PATH: ${SSHSRC}
+.PATH: ${SSHSRC}/lib
+
+.if defined(MAKE_KERBEROS4) && \
+ ((${MAKE_KERBEROS4} == "yes") || (${MAKE_KERBEROS4} == "YES"))
+DISTRIBUTION=krb4
+CFLAGS+= -DKRB4
+LDADD+= -lkrb -lcom_err
+DPADD+= ${LIBKRB} ${LIBCOM_ERR}
+.endif # MAKE_KERBEROS4
+
+.if defined(MAKE_KERBEROS5) && \
+ ((${MAKE_KERBEROS5} == "yes") || (${MAKE_KERBEROS5} == "YES"))
+DISTRIBUTION=krb5
+CFLAGS+= -DKRB5
+LDADD+= -lkrb5 -lasn1 -lcom_err -lmd -L${.OBJDIR}/../../../kerberos5/lib/libroken -lroken -lcrypt
+DPADD+= ${LIBKRB5} ${LIBCOM_ERR} ${LIBASN1} ${LIBMD} ${LIBCRYPT}
+.endif # MAKE_KERBEROS5
+
+.if defined(X11BASE)
+CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\"
+.endif
+
+LDADD+= -L${.OBJDIR}/../../../secure/lib/libssh -lssh -lcrypto -lutil -lz
+DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
+
+.include <bsd.prog.mk>
diff -ur -P kerberosIV.org/usr.sbin/Makefile kerberosIV/usr.sbin/Makefile
--- kerberosIV.org/usr.sbin/Makefile Sat Aug 28 03:31:33 1999
+++ kerberosIV/usr.sbin/Makefile Fri Nov 17 10:35:51 2000
@@ -1,6 +1,6 @@
# $FreeBSD: src/kerberosIV/usr.sbin/Makefile,v 1.2 1999/08/28 01:31:33 peter Exp $
SUBDIR= ext_srvtab kadmind kdb_destroy kdb_edit kdb_init kdb_util \
- kerberos kip kprop ksrvutil kstash
+ kerberos kip kprop ksrvutil kstash sshd
.include <bsd.subdir.mk>
diff -ur -P kerberosIV.org/usr.sbin/sshd/Makefile kerberosIV/usr.sbin/sshd/Makefile
--- kerberosIV.org/usr.sbin/sshd/Makefile Thu Jan 1 01:00:00 1970
+++ kerberosIV/usr.sbin/sshd/Makefile Fri Nov 17 10:37:01 2000
@@ -0,0 +1,51 @@
+# $FreeBSD: src/secure/usr.sbin/sshd/Makefile,v 1.5.2.4 2000/10/28 23:05:14 kris Exp $
+#
+
+SSHSRC= ${.CURDIR}/../../../crypto/openssh
+LOGINSRC= ${.CURDIR}/../../../usr.bin/login
+
+PROG= sshd
+BINOWN= root
+BINMODE=555
+MAN8= sshd.8
+
+SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \
+ pty.c log-server.c login.c servconf.c serverloop.c \
+ auth.c auth1.c auth2.c auth-options.c session.c login_access.c
+
+CFLAGS+= -DLIBWRAP -DHAVE_LOGIN_CAP -DLOGIN_ACCESS -I${LOGINSRC}
+
+.include <bsd.own.mk>
+
+.PATH: ${SSHSRC} ${LOGINSRC}
+
+.if defined(MAKE_KERBEROS4) && \
+ ((${MAKE_KERBEROS4} == "yes") || (${MAKE_KERBEROS4} == "YES"))
+DISTRIBUTION=krb4
+CFLAGS+= -DKRB4
+SRCS+= auth-krb4.c
+LDADD+= -lkrb -lcom_err
+DPADD+= ${LIBKRB} ${LIBCOM_ERR}
+.endif # MAKE_KERBEROS4
+
+.if defined(MAKE_KERBEROS5) && \
+ ((${MAKE_KERBEROS5} == "yes") || (${MAKE_KERBEROS5} == "YES"))
+DISTRIBUTION=krb5
+CFLAGS+= -DKRB5
+SRCS+= auth-krb5.c
+LDADD+= -lkrb5 -lasn1 -lcom_err -lmd -L${.OBJDIR}/../../../kerberos5/lib/libroken -lroken
+DPADD+= ${LIBKRB5} ${LIBCOM_ERR} ${LIBASN1} ${LIBMD}
+.endif # MAKE_KERBEROS5
+
+CFLAGS+= -DSKEY
+LDADD+= -lopie -lmd
+DPADD+= ${LIBOPIE} ${LIBMD}
+
+.include <bsd.prog.mk>
+
+.if defined(X11BASE)
+CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\"
+.endif
+
+LDADD+= -L${.OBJDIR}/../../../secure/lib/libssh -lssh -lcrypt -lcrypto -lutil -lz -lwrap
+DPADD+= ${LIBCRYPT} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} ${LIBWRAP}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011171238.eAHCcCO36750>