Date: Thu, 24 Apr 2025 23:00:18 +0000 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Jessica Clarke <jrtc27@freebsd.org> Cc: John Baldwin <jhb@freebsd.org>, src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: a098111a28ed - main - secure: Add ssh-sk-client to all consumers of libssh Message-ID: <gjcmsmrguuj5ai3viktcoo74d2of57lckllvvnpp7t2bopez2u@kxmkme64vnye> In-Reply-To: <A78D317E-914E-4F6B-AFA4-438D4B50FEA8@freebsd.org> References: <202504220207.53M27okn077850@gitrepo.freebsd.org> <kwr5lq63fzct3dkyi5c3x6s7v5mdu3e47tfci7c43fw27fvljv@x4p5zr6s4auf> <A78D317E-914E-4F6B-AFA4-438D4B50FEA8@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--awq4bouiw4c2uwed Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Subject: Re: git: a098111a28ed - main - secure: Add ssh-sk-client to all consumers of libssh MIME-Version: 1.0 On Thu, Apr 24, 2025 at 11:56:03PM +0100, Jessica Clarke wrote: > On 24 Apr 2025, at 23:45, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > > On Tue, Apr 22, 2025 at 02:07:50AM +0000, John Baldwin wrote: > >> The branch main has been updated by jhb: > >>=20 > >> URL: https://cgit.FreeBSD.org/src/commit/?id=3Da098111a28ed59e1ab1101a= d09913f0235ebd28f > >>=20 > >> commit a098111a28ed59e1ab1101ad09913f0235ebd28f > >> Author: John Baldwin <jhb@FreeBSD.org> > >> AuthorDate: 2025-04-22 02:05:28 +0000 > >> Commit: John Baldwin <jhb@FreeBSD.org> > >> CommitDate: 2025-04-22 02:05:28 +0000 > >>=20 > >> secure: Add ssh-sk-client to all consumers of libssh > >>=20 > >> These all failed to link with ld.bfd used by GCC due to > >> Fssh_sshsk_sign being an unresolved symbol. > >>=20 > >> Fixes: 65d8491719bb ("secure: Adapt Makefile to ssh-sk-cli= ent everywhere") > >=20 > > Hey John, > >=20 > > I'm getting the following error from the RTLD when the rc scripts > > start sshd: > >=20 > > =3D=3D=3D=3D BEGIN LOG =3D=3D=3D=3D > > ld-elf.so.1: /usr/lib/libprivatessh.so.5: Undefined symbol "Fssh_sshsk_= sign > > =3D=3D=3D=3D END LOG =3D=3D=3D=3D > >=20 > > This is on HardenedBSD 15-CURRENT/amd64. I'll try to reproduce next > > week with vanilla FreeBSD, unless someone else beats me to it. >=20 > I don=E2=80=99t understand how this is meant to work. sshsk_sign is used = by > sshkey.c, which is in libssh, so why are we putting the definition of > sshsk_sign (namespaced) in each and every program? I'm not sure. Looking more closely at this commit and the commit referenced on the Fixes: line, I'm wondering if the use of $() is valid instead of ${}. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Signal Username: shawn_webb.74 Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --awq4bouiw4c2uwed Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmgKwnsACgkQ/y5nonf4 4fro3xAAi2AWJIwo4z6A3H/fWfop/nh8RaV9OVLtoGp1S9Kucq+UQwofWlF7lB5G +y9YJpxQpoFQmO5PVWOn9J/oFPUIbmHy1Th8SXdgE082AmTpIbreoSJkbeXGGRTd boFI7Fb+8jrofRks7d0/N5IM5APB6U/D3fQYXeoWYFEL6PDMhN2nUXX7kIn1qQ+Y W0iBhp/apYXI8A8jffPLZyz4vYNNkVblGTbZAcuX7UcX64LPe4nzN/Osf11Wc8DZ fFNU4mME1imBKwoX+9Ayk7rWiszK3LVHYNtjOUaDoxcvVU37NqAaYkxXK0tLLONk H33PMWUVKV5CWyFBg33RVTbiH+3sNEH/Wi1OIez735B0xUtTVIbXrJlAEBKavR/c 9qUcQY0RepmeWixCv+Loj2CHQiAQ9unPeKFxPczmAeR0mEaYksbsa5yePDxeLgUI 9KrQF94iiINhr6Cypr1M0t5THUwQElaH0bpxNCDIWk833h+1Bns9zj8KOP6+c+GP XydgsHo79sw/mdJAyvC+lilWZ/lNF5wx94sRxYyIPPtWYCnlY1MMzdaCHTSprnty QYddjnvz2I+bIxLI4gd6AfEBS+Azfs3w26HtY9AT4mAnC3axnhYuO28KwJ1yup8k qutfBID4PqHW5VUhJmZoeqBIrTJITx4T/ifg3G5AGuJN45h3aVg= =3vLm -----END PGP SIGNATURE----- --awq4bouiw4c2uwed--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?gjcmsmrguuj5ai3viktcoo74d2of57lckllvvnpp7t2bopez2u>