Date: Mon, 22 Feb 1999 00:11:56 +1300 (NZDT) From: jabley@clear.co.nz To: FreeBSD-gnats-submit@freebsd.org Cc: asami@freebsd.org, freebsd-ports@freebsd.org Subject: ports/10178: USE-SOCKS broken for security/ssh Message-ID: <199902211111.AAA20550@buddha.clear.net.nz>
next in thread | raw e-mail | index | archive | help
>Number: 10178
>Category: ports
>Synopsis: USE_SOCKS=YES option broken for security/ssh
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Feb 21 03:20:00 PST 1999
>Closed-Date:
>Last-Modified:
>Originator: Joe Abley
>Release: FreeBSD 4.0-CURRENT i386
>Organization:
CLEAR Communications Ltd
>Environment:
# uname -a
FreeBSD buddha.clear.net.nz 4.0-CURRENT FreeBSD 4.0-CURRENT #30: Tue Feb 2 13:14:03 NZDT 1999 root@buddha.clear.net.nz:/usr/src/sys/compile/TIMELORD i386
# ident /usr/ports/security/ssh/Makefile /usr/ports/net/socks5/Makefile
/usr/ports/security/ssh/Makefile:
$Id: Makefile,v 1.72 1999/01/02 00:12:20 asami Exp $
/usr/ports/net/socks5/Makefile:
$Id: Makefile,v 1.23 1999/01/06 04:49:29 imp Exp $
>Description:
The autoconf script in ssh, when prompted to check for the socks5 library,
compiles a short test program with -L$(PREFIX)/lib -lsocks5, which calls
SOCKSconnect. SOCKSconnect does not exist in the shared socks5 library,
however.
>How-To-Repeat:
# cd /usr/ports/security/ssh
# make USE_SOCKS=YES
>Fix:
The static library, $(PREFIX)/lib/libsocks5.a contains the SOCKSconnect
symbol. By forcing linking with the static library, ssh compiles socksified
just fine.
As a bonus, the ssh client is compiled static - surely this is a Good
Thing securitywise, if not disk-bloat-wise :)
This patch seems to fix the socks5 issue. It also allows ssh to build
without socks support - I haven't tried any of the other options.
# diff --context Makefile.orig Makefile
*** Makefile.orig Thu Feb 18 19:50:57 1999
--- Makefile Mon Feb 22 00:01:54 1999
***************
*** 150,155 ****
--- 150,156 ----
# Include SOCKS firewall support
.if defined(USE_SOCKS) && ${USE_SOCKS} == YES
CONFIGURE_ARGS+= --with-socks="-L${PREFIX}/lib -lsocks5" --with-socks5
+ CONFIGURE_ENV+= LDFLAGS=-static
.endif
.include <bsd.port.post.mk>
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902211111.AAA20550>