Date: Sun, 31 May 2015 23:55:06 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 200558] [patch] security/nmap: partially ignores WITH_OPENSSL_PORT=yes Message-ID: <bug-200558-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200558 Bug ID: 200558 Summary: [patch] security/nmap: partially ignores WITH_OPENSSL_PORT=yes Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ohauer@FreeBSD.org Reporter: truckman@FreeBSD.org Flags: maintainer-feedback?(ohauer@FreeBSD.org) Assignee: ohauer@FreeBSD.org Keywords: patch Created attachment 157318 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157318&action=edit patch to make security/nmap fully obey WITH_OPENSSL_PORT=yes If security/nmap is build with WITH_OPENSSL_PORT=yes on FreeBSD 8 (and probably 9), nping and ncat are linked to the base openssl libraries. % ldd /usr/local/bin/nmap /usr/local/bin/nmap: libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x33dae000) libpcap.so.7 => /lib/libpcap.so.7 (0x33e1a000) libssl.so.8 => /usr/local/lib/libssl.so.8 (0x33e48000) libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x33eaa000) libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x34038000) libm.so.5 => /lib/libm.so.5 (0x34127000) libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x34141000) libc.so.7 => /lib/libc.so.7 (0x3414c000) libthr.so.3 => /lib/libthr.so.3 (0x34268000) % ldd /usr/local/bin/ncat /usr/local/bin/ncat: libssl.so.6 => /usr/lib/libssl.so.6 (0x33cd5000) libcrypto.so.6 => /lib/libcrypto.so.6 (0x33d21000) libpcap.so.7 => /lib/libpcap.so.7 (0x33e7d000) libm.so.5 => /lib/libm.so.5 (0x33eab000) libc.so.7 => /lib/libc.so.7 (0x33ec5000) ldd /usr/local/bin/nping /usr/local/bin/nping: libssl.so.6 => /usr/lib/libssl.so.6 (0x33ced000) libcrypto.so.6 => /lib/libcrypto.so.6 (0x33d39000) libpcap.so.7 => /lib/libpcap.so.7 (0x33e95000) libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x33ec3000) libm.so.5 => /lib/libm.so.5 (0x33fb2000) libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x33fcc000) libc.so.7 => /lib/libc.so.7 (0x33fd7000) The culprit appears to be this code in Makefile: # fix for gcc from ports .if ${CHOSEN_COMPILER_TYPE} == gcc GCCLIBDIR_CMDS= ${CC} -print-file-name=libstdc++.so | ${SED} -e 's/libstdc++.so//' CONFIGURE_ARGS+=LDFLAGS="-L$$(${GCCLIBDIR_CMDS})" NOT_BASE_CC= true .endif There is nothing in this Makefile that causes anything other than the base compiler to be used. On FreeBSD 8 and 9, the base compiler is gcc, so the .if condition is satisfied. The code inside the conditional block then causes LDFLAGS=-L/usr/lib to be added to CONFIGURE_ARGS. When configure is run for ncat and nping, this directory is prepended to the directory specified by the --with-openssl=DIR option, so libssl and libcrypto from base get linked into these applications. *If* gcc from ports is somehow selected by USES=compiler:something or USE_GCC=yes, then the ports frameworks adds the necessary stuff to find the proper version of libstdc++ to LDFLAGS, which gets included in CONFIGURE_ENV. If passing this as an argument to configure turns out to be necessary, then it could be done like this: CONFIGURE_ARGS+=LDFLAGS=${LDFLAGS} Further down there is the code fragment: # gcc from ports is in use .if defined(NOT_BASE_CC) @${ECHO_MSG} do not forget to adjust libnmap.conf .endif In addition to the problem of of CHOSEN_COMPILER_TYPE==gcc not indicating that gcc from ports is in use, this message should probably go into pkg-message instead of being echoed during the build. Also, I have found no documentation about libnmap.conf. Is this supposed to be libmap.conf? If so, this should not be necessary because the base compiler is always used, and even if ports gcc is used, the executables will be built with the necessary rpath to find the correct libstdc++. I think all this extra stuff in the Makefile is unnecessary. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-200558-13>