Date: Sat, 16 May 2026 18:42:26 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 295336] openssh: pkcs11 is broken in new version (10.3p1) Message-ID: <bug-295336-227-q3L5NRhPdU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-295336-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295336 --- Comment #4 from Pouria Mousavizadeh Tehrani <pouria@freebsd.org> --- It seems the lib_contains_symbol function fails to verify the existence of the C_GetFunctionList symbol using nlist(3) in PKCS11 libraries. % grep -A2 C_GetFunctionList crypto/openssh/ssh-pkcs11.c if (lib_contains_symbol(provider_id, "C_GetFunctionList") != 0) { error("provider %s is not a PKCS11 library", provider_id); goto fail; But I can see it exists: ``` elfdump -s /usr/local/lib/libykcs11.so | grep -A4 -B1 C_GetFunctionList entry: 240 st_name: C_GetFunctionList st_value: 0x136e0 st_size: 157 st_info: STT_FUNC STB_GLOBAL st_shndx: 13 ``` -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-295336-227-q3L5NRhPdU>