Date: Thu, 22 Aug 1996 11:26:41 -0700 (PDT) From: Douglas Ambrisko <ambrisko@tcsi.com> To: taob@io.org (Brian Tao) Cc: freebsd-ports@FreeBSD.org, freebsd-current@FreeBSD.org, ambrisko@ambrisko.roble.com Subject: Re: Building SOCKS5 port, linking into ssh 1.2.14 Message-ID: <199608221826.LAA11282@cozumel.tcs.com> In-Reply-To: <Pine.NEB.3.92.960822111408.6037A-100000@zot.io.org> from "Brian Tao" at Aug 22, 96 11:48:09 am
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Tao writes: | | I must be overlooking something really simple here... I grabbed | the ports-current/net/socks5 port (SOCKS5 0.16.6), and it compiled | without any complaints (thanks, Doug). Now I want to recompile ssh | 1.2.14 with SOCKS support. This is my ssh configure command line: | | ./configure --with-etcdir=/usr/local/etc \ | --with-rsaref \ | --with-libwrap \ | --with-socks | | The configure fails with: | [...] | checking whether to support SOCKS... yes | configure: error: Could not find the -lsocks5 library. You must first install socks. | | It is failing because the small test program references the | "Rconnect()" symbol (it does, however, appear to find libsocks5.a). | I've grepped all the files in the socks5 distribution, and there isn't | a single mention of Rconnect or Rbind or Rlisten or any of the R* | functions. The SOCKS FAQ even says to use these functions when | socksifying a client. I've just ran into this, and need to add the patch to ssh for Socks5. I'm doing this from memory at work since my stuff is at home. Note if you remove the suid bits from ssh then you can do a "runsocks ssh" and it will work. [Also John, I just heard but not validated that Solaris will use LD_PRELOAD specified libs if the are installed in /usr/lib even if the suid bits are on. This probably won't help Socks since it is installed in /usr/local/lib but maybe something to think about if we really want to be Solaris like.] Okay, the big change from Socks 4 to 5 was the change of the libsocks.a to libsocks5.a and the proxy functions of R<name> to SOCKS<name>. If you make these changes, then you can link and build it. This is probably the best bet since then it will also work with ssh installed as suid. Also it has the side benefit that if some tried "runsocks ssh" that would still work since the suid version would ignore the LD_PRELOAD option. Doing a runsocks on a socks'ified program is not good, or atleast wasn't when I last checked. This could be fixed since he does check some functions for being called again in a virtual loop. Anyways, I made this change in a brut force method to test it, but the real fix is to modify ssh to look for socks4 or socks5 type names which I haven't done yet. It should be fairly trivial. Doug A.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608221826.LAA11282>