From owner-cvs-all Wed Jan 23 4: 0: 3 2002 Delivered-To: cvs-all@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 1BAC537B41C; Wed, 23 Jan 2002 03:58:51 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0NBv6Q73050; Wed, 23 Jan 2002 13:57:06 +0200 (EET) (envelope-from ru) Date: Wed, 23 Jan 2002 13:57:06 +0200 From: Ruslan Ermilov To: Mark Murray Cc: Dag-Erling Smorgrav , Mark Murray , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/share/mk bsd.libnames.mk Message-ID: <20020123135705.A66702@sunbay.com> References: <200201222152.g0MLqVt61756@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="0F1p//8PRICkK4MW" Content-Disposition: inline In-Reply-To: <200201222152.g0MLqVt61756@grimreaper.grondar.org> User-Agent: Mutt/1.3.23i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --0F1p//8PRICkK4MW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jan 22, 2002 at 09:52:31PM +0000, Mark Murray wrote: > > > Please ensure you are dealing with the right problem set. Ruslan has > > > a clean patch that fixes the first problem, and I disagree with his > > > solution for the second. In the second case, I believe that libssh > > > needs to be installed in /usr/lib as any other system library. > > > > That's my opinion as well (where else would we install it? what's the > > use of dynamic libraries if programs aren't allowed to use them?) > > The counter-aurgument is a libtelnet-style thing where you make the > libraries but do not install them. Then, telnet can link against > libtelnet.a and be done with it. > Yes, libssh is internal library, it's used solely inside SSH suite, and doesn't have a documented API to qualify as a general purpose library. For this same reason, we don't install libgroff.a which is part of the groff package, nor do we install libtelnet.a. This is what makes it an INTERNALLIB. > In Ruslan's proposed case, "# make" will fail for PAM unless there > is an appropriate build of libssh already in place. > This sounds like a weak argument to me -- the /usr/lib version may be not up-to-date. > With my approach, PAM is standalone. > Actually, if you still recall it, it was me who initially proposed to make libssh.a a standard library in my message <20011210210742.B52807@sunbay.com>, to which you disagreed (see below), and to which I later agreed, and to which you and BDE later disagreed. I even sent a working patch there, which DES now tries to re-invent, modulo style fixes in Makefiles, IPv4or6 thing, and bsd.libnames.mk part, please see below. On Tue, Dec 11, 2001 at 10:53:26AM +0000, Mark Murray wrote: > > What's all the fuss about it? Why can't we just use libssh.so? > > Because like libtelnet.*, this library is not general purpose enough. > This _IS_ the argument I consider as most important. We now spam /usr/lib with the non-general-purpose libraries like this. The good news are that I'm flexible enough, and I don't like two parts in my second patch, specifically the hack to put libssh.a into pam_static_modules.o, and hack to make sshd compile in the !NOSHARED case (sshd is special in that it uses libssh two times; first time as an SSH utility, and second time through PAM for authentication via libpam_ssh). Here attached please find the version of my first patch against today's -CURRENT, that compared to DES's last patch additionally: - unspams bsd.libnames.mk - removes not needed xstrdup.c and fixes world breakage in lib/libpam/libpam/Makefile (libpam_ssh.a was attempted to be compiled in unconditionally) - fixes lib/libpam/modules/pam_ssh/Makefile - removes (now unnecessary) IPv4or6 from lib/libpam/modules/pam_ssh/pam_ssh.c Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --0F1p//8PRICkK4MW Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p Index: share/mk/bsd.libnames.mk =================================================================== RCS file: /home/ncvs/src/share/mk/bsd.libnames.mk,v retrieving revision 1.49 diff -u -p -r1.49 bsd.libnames.mk --- share/mk/bsd.libnames.mk 2002/01/21 20:42:25 1.49 +++ share/mk/bsd.libnames.mk 2002/01/23 11:37:50 @@ -73,13 +73,15 @@ MINUSLPAM+= -lkrb5 -lasn1 -lroken LIBPAM+= ${LIBCOM_ERR} MINUSLPAM+= -lcom_err .endif -LIBPAM+= -LIBPAM+= ${LIBRADIUS} ${LIBRPCSVC} ${LIBTACPLUS} \ - ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBUTIL} ${LIBOPIE} ${LIBMD} ${LIBZ} -MINUSLPAM+= -lradius -lrpcsvc -ltacplus -lssh -lcrypto -lcrypt \ - -lutil -lopie -lmd -lz +LIBPAM+= ${LIBRADIUS} ${LIBRPCSVC} ${LIBTACPLUS} ${LIBCRYPT} \ + ${LIBUTIL} ${LIBOPIE} ${LIBMD} +MINUSLPAM+= -lradius -lrpcsvc -ltacplus -lcrypt \ + -lutil -lopie -lmd +.if !defined(NOCRYPT) && !defined(NO_OPENSSL) && !defined(NO_OPENSSH) +LIBPAM+= ${LIBSSH} ${LIBCRYPTO} +MINUSLPAM+= -lssh -lcrypto .endif +.endif LIBPANEL?= ${DESTDIR}${LIBDIR}/libpanel.a LIBPC?= ${DESTDIR}${LIBDIR}/libpc.a # XXX doesn't exist @@ -93,6 +95,7 @@ LIBROKEN?= ${DESTDIR}${LIBDIR}/libroken. LIBRPCSVC?= ${DESTDIR}${LIBDIR}/librpcsvc.a LIBSBUF?= ${DESTDIR}${LIBDIR}/libsbuf.a LIBSMB?= ${DESTDIR}${LIBDIR}/libsmb.a +LIBSSH?= ${DESTDIR}${LIBDIR}/libssh.a # XXX in secure dist, not base LIBSSL?= ${DESTDIR}${LIBDIR}/libssl.a # XXX in secure dist, not base LIBSTDCPLUSPLUS?= ${DESTDIR}${LIBDIR}/libstdc++.a LIBTACPLUS?= ${DESTDIR}${LIBDIR}/libtacplus.a Index: lib/libpam/libpam/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libpam/libpam/Makefile,v retrieving revision 1.24 diff -u -p -r1.24 Makefile --- lib/libpam/libpam/Makefile 2002/01/21 20:43:01 1.24 +++ lib/libpam/libpam/Makefile 2002/01/23 11:38:05 @@ -60,7 +60,7 @@ MLINKS+= pam.8 pam.conf.5 pam.8 pam.d.5 HDRS0= pam_client.h # Files from ${PAMDIR}/libpam_misc: -SRCS+= help_env.c misc_conv.c xstrdup.c +SRCS+= help_env.c misc_conv.c HDRS2= pam_misc.h # Files from ${.CURDIR}: @@ -86,7 +86,9 @@ STATIC_MODULES+= ${MODOBJDIR}/pam_radius STATIC_MODULES+= ${MODOBJDIR}/pam_rootok/libpam_rootok.a STATIC_MODULES+= ${MODOBJDIR}/pam_securetty/libpam_securetty.a STATIC_MODULES+= ${MODOBJDIR}/pam_self/libpam_self.a +.if !defined(NOCRYPT) && !defined(NO_OPENSSL) && !defined(NO_OPENSSH) STATIC_MODULES+= ${MODOBJDIR}/pam_ssh/libpam_ssh.a +.endif STATIC_MODULES+= ${MODOBJDIR}/pam_tacplus/libpam_tacplus.a STATIC_MODULES+= ${MODOBJDIR}/pam_unix/libpam_unix.a STATIC_MODULES+= ${MODOBJDIR}/pam_wheel/libpam_wheel.a Index: lib/libpam/modules/pam_ssh/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_ssh/Makefile,v retrieving revision 1.7 diff -u -p -r1.7 Makefile --- lib/libpam/modules/pam_ssh/Makefile 2001/12/05 16:02:50 1.7 +++ lib/libpam/modules/pam_ssh/Makefile 2002/01/23 11:38:05 @@ -7,9 +7,8 @@ LIB= pam_ssh SHLIB_NAME= pam_ssh.so SRCS= pam_ssh.c CFLAGS+= -I${SSHSRC} -DPADD= ${LIBCRYPTO} ${LIBCRYPT} ${LIBUTIL} ${LIBZ} -LDADD= -L${.OBJDIR}/../../../../secure/lib/libssh -lssh -lcrypto \ - -lcrypt -lutil -lz +DPADD= ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBUTIL} ${LIBZ} +LDADD= -lssh -lcrypto -lcrypt -lutil -lz MAN= pam_ssh.8 .include Index: lib/libpam/modules/pam_ssh/pam_ssh.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_ssh/pam_ssh.c,v retrieving revision 1.21 diff -u -p -r1.21 pam_ssh.c --- lib/libpam/modules/pam_ssh/pam_ssh.c 2001/12/09 15:11:55 1.21 +++ lib/libpam/modules/pam_ssh/pam_ssh.c 2002/01/23 11:38:25 @@ -68,8 +68,6 @@ __FBSDID("$FreeBSD: src/lib/libpam/modul #include "log.h" #include "pam_ssh.h" -int IPv4or6 = AF_UNSPEC; - /* * Generic cleanup function for SSH "Key" type. */ Index: crypto/openssh/channels.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/channels.c,v retrieving revision 1.6 diff -u -p -r1.6 channels.c --- crypto/openssh/channels.c 2001/06/26 15:15:22 1.6 +++ crypto/openssh/channels.c 2002/01/23 11:38:56 @@ -133,7 +133,7 @@ static int all_opens_permitted = 0; static int have_hostname_in_open = 0; /* AF_UNSPEC or AF_INET or AF_INET6 */ -extern int IPv4or6; +int IPv4or6 = AF_UNSPEC; void port_open_helper(Channel *c, char *rtype); Index: crypto/openssh/ssh.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/ssh.c,v retrieving revision 1.16 diff -u -p -r1.16 ssh.c --- crypto/openssh/ssh.c 2001/09/27 18:54:42 1.16 +++ crypto/openssh/ssh.c 2002/01/23 11:39:08 @@ -74,7 +74,7 @@ extern char *__progname; /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. Default value is AF_UNSPEC means both IPv4 and IPv6. */ -int IPv4or6 = AF_UNSPEC; +extern int IPv4or6; /* Flag indicating whether debug mode is on. This can be set on the command line. */ int debug_flag = 0; Index: crypto/openssh/sshd.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/sshd.c,v retrieving revision 1.25 diff -u -p -r1.25 sshd.c --- crypto/openssh/sshd.c 2001/09/04 13:27:04 1.25 +++ crypto/openssh/sshd.c 2002/01/23 11:39:37 @@ -103,7 +103,7 @@ char *config_file_name = _PATH_SERVER_CO * Flag indicating whether IPv4 or IPv6. This can be set on the command line. * Default value is AF_UNSPEC means both IPv4 and IPv6. */ -int IPv4or6 = AF_UNSPEC; +extern int IPv4or6; /* * Debug mode flag. This can be set on the command line. If debug Index: secure/Makefile.inc =================================================================== RCS file: /home/ncvs/src/secure/Makefile.inc,v retrieving revision 1.18 diff -u -p -r1.18 Makefile.inc --- secure/Makefile.inc 2001/03/28 12:08:18 1.18 +++ secure/Makefile.inc 2002/01/23 11:39:38 @@ -21,9 +21,4 @@ CFLAGS+= -DNO_IDEA .if !defined(NO_OPENSSH) SSHDIR= ${.CURDIR}/../../../crypto/openssh -.if exists(${.OBJDIR}/../../lib/libssh) -LIBSSH= ${.OBJDIR}/../../lib/libssh/libssh.a -.else -LIBSSH= ${.CURDIR}/../../lib/libssh/libssh.a -.endif .endif Index: secure/lib/libssh/Makefile =================================================================== RCS file: /home/ncvs/src/secure/lib/libssh/Makefile,v retrieving revision 1.11 diff -u -p -r1.11 Makefile --- secure/lib/libssh/Makefile 2001/10/30 19:45:00 1.11 +++ secure/lib/libssh/Makefile 2002/01/23 11:39:38 @@ -10,8 +10,6 @@ SRCS= authfd.c authfile.c bufaux.c buf cli.c rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ version.c -INSTALL_PIC_ARCHIVE= yes - .if defined(COMPAT_GETADDRINFO) SRCS+= getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c .endif Index: secure/libexec/sftp-server/Makefile =================================================================== RCS file: /home/ncvs/src/secure/libexec/sftp-server/Makefile,v retrieving revision 1.3 diff -u -p -r1.3 Makefile --- secure/libexec/sftp-server/Makefile 2001/05/04 04:21:20 1.3 +++ secure/libexec/sftp-server/Makefile 2002/01/23 11:39:38 @@ -5,8 +5,8 @@ PROG= sftp-server SRCS= sftp-server.c sftp-common.c MAN= sftp-server.8 -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.bin/scp/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/scp/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- secure/usr.bin/scp/Makefile 2001/05/04 04:21:21 1.5 +++ secure/usr.bin/scp/Makefile 2002/01/23 11:39:38 @@ -4,7 +4,7 @@ PROG= scp SRCS= scp.c scp-common.c -LDADD+= ${LIBSSH} -lcrypto -lutil -lz +LDADD+= -lssh -lcrypto -lutil -lz DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} .include Index: secure/usr.bin/sftp/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/sftp/Makefile,v retrieving revision 1.1 diff -u -p -r1.1 Makefile --- secure/usr.bin/sftp/Makefile 2001/05/04 04:21:21 1.1 +++ secure/usr.bin/sftp/Makefile 2002/01/23 11:39:38 @@ -4,8 +4,8 @@ PROG= sftp SRCS= sftp.c sftp-client.c sftp-int.c sftp-common.c sftp-glob.c scp-common.c -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.bin/ssh/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- secure/usr.bin/ssh/Makefile 2001/05/04 04:21:21 1.13 +++ secure/usr.bin/ssh/Makefile 2002/01/23 11:39:38 @@ -31,7 +31,7 @@ DPADD+= ${LIBKRB5} ${LIBCOM_ERR} ${LIBA CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\" .endif -LDADD+= ${LIBSSH} -lcrypto -lutil -lz +LDADD+= -lssh -lcrypto -lutil -lz DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} .include Index: secure/usr.bin/ssh-add/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-add/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- secure/usr.bin/ssh-add/Makefile 2001/05/04 04:21:22 1.5 +++ secure/usr.bin/ssh-add/Makefile 2002/01/23 11:39:38 @@ -4,8 +4,8 @@ PROG= ssh-add SRCS= ssh-add.c -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.bin/ssh-agent/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-agent/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- secure/usr.bin/ssh-agent/Makefile 2001/05/04 04:21:25 1.5 +++ secure/usr.bin/ssh-agent/Makefile 2002/01/23 11:39:39 @@ -4,8 +4,8 @@ PROG= ssh-agent SRCS= ssh-agent.c -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.bin/ssh-keygen/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-keygen/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- secure/usr.bin/ssh-keygen/Makefile 2001/05/04 04:21:25 1.6 +++ secure/usr.bin/ssh-keygen/Makefile 2002/01/23 11:39:39 @@ -4,8 +4,8 @@ PROG= ssh-keygen SRCS= ssh-keygen.c -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.bin/ssh-keyscan/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-keyscan/Makefile,v retrieving revision 1.1 diff -u -p -r1.1 Makefile --- secure/usr.bin/ssh-keyscan/Makefile 2001/05/04 04:21:25 1.1 +++ secure/usr.bin/ssh-keyscan/Makefile 2002/01/23 11:39:39 @@ -4,8 +4,8 @@ PROG= ssh-keyscan SRCS= ssh-keyscan.c -LDADD+= ${LIBSSH} -lcrypto -DPADD+= ${LIBSSH} ${LIBCRYPTO} +LDADD+= -lssh -lcrypto -lz +DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} .include Index: secure/usr.sbin/sshd/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.sbin/sshd/Makefile,v retrieving revision 1.19 diff -u -p -r1.19 Makefile --- secure/usr.sbin/sshd/Makefile 2001/08/29 07:07:48 1.19 +++ secure/usr.sbin/sshd/Makefile 2002/01/23 11:39:39 @@ -38,7 +38,7 @@ DPADD+= ${LIBOPIE} ${LIBMD} CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\" .endif -LDADD+= ${LIBSSH} -lcrypt -lcrypto -lutil -lz -lwrap ${MINUSLPAM} +LDADD+= -lssh -lcrypt -lcrypto -lutil -lz -lwrap ${MINUSLPAM} DPADD+= ${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} ${LIBWRAP} ${LIBPAM} .include --0F1p//8PRICkK4MW-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message