From owner-freebsd-current Sun Sep 13 10:57:44 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA29689 for freebsd-current-outgoing; Sun, 13 Sep 1998 10:57:44 -0700 (PDT) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from picnic.mat.net (picnic.mat.net [206.246.122.117]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA29665; Sun, 13 Sep 1998 10:57:18 -0700 (PDT) (envelope-from chuckr@mat.net) Received: from localhost (chuckr@localhost) by picnic.mat.net (8.9.1/8.8.5) with SMTP id MAA10018; Sun, 13 Sep 1998 12:52:42 -0400 (EDT) Date: Sun, 13 Sep 1998 12:52:42 -0400 (EDT) From: Chuck Robey To: Brian Feldman cc: William Woods , FreebSD Current Subject: Re: ssh port problem..... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-873016620-905705562=:343" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-873016620-905705562=:343 Content-Type: TEXT/PLAIN; charset=US-ASCII On Sun, 13 Sep 1998, Brian Feldman wrote: > Look in /usr/local/include. Delete /usr/local/include/arpa/inet.h et al. No, Brian, I don't think that's the answer. I have an answer, but only a security person could tell me if it's ok. Let me describe the problem (I left in the fault listing, or at least enough of it so you can check me). The problem is, for the gmp and z libs, those are system libs, but the lib callouts for them assume that they aren't system libs. The difference is that you use a -L switch for non-system libs, to tell the compiler where to look for them. You *don't* do that for sytem libs, the system does that. This is most especially critically important for FreeBSD-current, where the lib situation is (shall we say) a little muddy right now. Those -L/usr/lib switches have to go away. They're encapsulated in the patch-ac. I included a new patch-ac with a couple of small edits to take the -L's out of libz and libgmp. Doing this, tho, I think might have some impact on security. I don't know what it is. I hope maybe someone who knows security might comment. Don't have to know ports, just tell me if the concept is good or bad, or what other solution _would_ be PC for a security-type application. > Cheers, > Brian Feldman > > On Sat, 12 Sep 1998, William Woods wrote: > > > OK, I just installed rsarf from the ports useing make OBJFORMAT=aout and that > > worked fine, but when I do a make OBJFORMAT=aout for ssh I get the following... > > > > ------------------------------------------------------------- > > rm -f ssh > > cc -pipe -Lrsaref2/source -L/usr/local/lib -o ssh ssh.o sshconnect.o > > log-client.o readconf.o hostfile.o readpass.o tildexpand.o clientloop.o can > > ohost.o idea.o rsa.o randoms.o md5.o buffer.o emulate.o packet.o compress.o > > xmalloc.o ttymodes.o newchannels.o bufaux.o authfd.o authfile.o c > > rc32.o rsaglue.o cipher.o des.o match.o arcfour.o mpaux.o userfile.o signals.o > > blowfish.o deattack.o -L/usr/lib -lgmp -L/usr/lib -lz -lwrap -l > > rsaref -lcrypt -L/usr/local/lib -lutil > > sshconnect.o: Undefined symbol `___inet_addr' referenced from text segment > > sshconnect.o: Undefined symbol `___inet_ntoa' referenced from text segment > > sshconnect.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > canohost.o: Undefined symbol `___inet_ntoa' referenced from text segment > > newchannels.o: Undefined symbol `___inet_addr' referenced from text segment > > newchannels.o: Undefined symbol `___inet_addr' referenced from text segment > > newchannels.o: Undefined symbol `___inet_addr' referenced from text segment > > *** Error code 1 > > > > Stop. > > -------------------------------------------------------- > > > > Anyideas here folks ? ----------------------------+----------------------------------------------- Chuck Robey | Interests include any kind of voice or data chuckr@glue.umd.edu | communications topic, C programming, and Unix. 213 Lakeside Drive Apt T-1 | Greenbelt, MD 20770 | I run Journey2 and picnic (FreeBSD-current) (301) 220-2114 | and jaunt (NetBSD). ----------------------------+----------------------------------------------- --0-873016620-905705562=:343 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=patch-ac Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename=patch-ac LS0tIE1ha2VmaWxlLmluLm9yaWcJV2VkIEp1bCAgOCAxMjo0MDozOSAxOTk4 DQorKysgTWFrZWZpbGUuaW4JU3VuIFNlcCAxMyAxMjozODo0MyAxOTk4DQpA QCAtMjk0LDEyICsyOTQsMTcgQEANCiBTSEVMTCA9IC9iaW4vc2gNCiANCiBH TVBESVIgCQk9IGdtcC0yLjAuMi1zc2gtMg0KLUdNUExJQlMgCT0gLUwkKEdN UERJUikgLWxnbXANCi1HTVBERVAgCQk9ICQoR01QRElSKS9nbXAuaCAkKEdN UERJUikvbGliZ21wLmENCisjIFdlIGhhdmUgdGhlIHNhbWUgbGliZ21wIGlu IHRoZSBzeXN0ZW0sIHNvIHVzZSBpdCBpbnN0ZWFkDQorR01QSU5DRElSCT0g L3Vzci9pbmNsdWRlDQorR01QTElCRElSCT0gL3Vzci9saWINCitHTVBMSUJT IAk9IC1sZ21wDQorR01QREVQIAkJPSAkKEdNUElOQ0RJUikvZ21wLmggJChH TVBMSUJESVIpL2xpYmdtcC5hDQogDQogWkxJQkRJUgkJPSB6bGliLTEuMC40 DQotWkxJQkRFUAkJPSAkKFpMSUJESVIpL2xpYnouYQ0KLVpMSUJMSUJTCT0g LUwkKFpMSUJESVIpIC1seg0KK1pMSUJJTkNESVIJPSAvdXNyL2luY2x1ZGUN CitaTElCTElCRElSCT0gL3Vzci9saWINCitaTElCREVQCQk9ICQoWkxJQklO Q0RJUikvbGliei5hDQorWkxJQkxJQlMJPSAtbHoNCiANCiBSU0FSRUZESVIJ PSByc2FyZWYyDQogUlNBUkVGU1JDRElSIAk9ICQoUlNBUkVGRElSKS9zb3Vy Y2UNCkBAIC00MDQsNyArNDA5LDcgQEANCiAJJChDQykgLW8gcmZjLXBnIHJm Yy1wZy5vDQogDQogLmMubzoNCi0JJChDQykgLWMgLUkuICQoS0VSQkVST1Nf SU5DUykgLUkkKHNyY2RpcikvJChHTVBESVIpIC1JJChzcmNkaXIpLyQoWkxJ QkRJUikgJChERUZTKSAtREhPU1RfS0VZX0ZJTEU9XCIkKEhPU1RfS0VZX0ZJ TEUpXCIgLURIT1NUX0NPTkZJR19GSUxFPVwiJChIT1NUX0NPTkZJR19GSUxF KVwiIC1EU0VSVkVSX0NPTkZJR19GSUxFPVwiJChTRVJWRVJfQ09ORklHX0ZJ TEUpXCIgLURTU0hfUFJPR1JBTT1cIiQoU1NIX1BST0dSQU0pXCIgLURFVENE SVI9XCIkKGV0Y2RpcilcIiAtRFBJRERJUj1cIiQocGlkZGlyKVwiIC1EU1NI X0JJTkRJUj1cIiQoYmluZGlyKVwiIC1EVElTX01BUF9GSUxFPVwiJChUSVNf TUFQX0ZJTEUpXCIgJChDRkxBR1MpICQoWF9DRkxBR1MpICQ8DQorCSQoQ0Mp IC1jIC1JLiAkKEtFUkJFUk9TX0lOQ1MpIC1JJChzcmNkaXIpLyQoR01QSU5D RElSKSAtSSQoc3JjZGlyKS8kKFpMSUJJTkNESVIpICQoREVGUykgLURIT1NU X0tFWV9GSUxFPVwiJChIT1NUX0tFWV9GSUxFKVwiIC1ESE9TVF9DT05GSUdf RklMRT1cIiQoSE9TVF9DT05GSUdfRklMRSlcIiAtRFNFUlZFUl9DT05GSUdf RklMRT1cIiQoU0VSVkVSX0NPTkZJR19GSUxFKVwiIC1EU1NIX1BST0dSQU09 XCIkKFNTSF9QUk9HUkFNKVwiIC1ERVRDRElSPVwiJChldGNkaXIpXCIgLURQ SURESVI9XCIkKHBpZGRpcilcIiAtRFNTSF9CSU5ESVI9XCIkKGJpbmRpcilc IiAtRFRJU19NQVBfRklMRT1cIiQoVElTX01BUF9GSUxFKVwiICQoQ0ZMQUdT KSAkKFhfQ0ZMQUdTKSAkPA0KIA0KIHNzaGQ6ICQoU1NIRF9PQkpTKSAkKEdN UERFUCkgJChSU0FSRUZERVApICQoWkxJQkRFUCkNCiAJLXJtIC1mIHNzaGQN CkBAIC00NDcsMTkgKzQ1MiwxOSBAQA0KIAlzZWQgInMjJlBFUkwmIyQoUEVS TCkjIiA8JChzcmNkaXIpL21ha2Utc3NoLWtub3duLWhvc3RzLnBsID5tYWtl LXNzaC1rbm93bi1ob3N0cw0KIAljaG1vZCAreCBtYWtlLXNzaC1rbm93bi1o b3N0cw0KIA0KLUdNUF9DT1BZX1NPVVJDRVMgPSBtcHpfZ2NkLmMgbXB6X3Bv d20uYyBtcHpfcG93X3VpLmMgbXB6X2FkZC5jIG1wel9zdWIuYyBcDQotCQlt cHpfbXVsLmMgbXB6X2NtcC5jIG1wel9zcXJ0cmVtLmMNCi0kKEdNUERJUikv bGliZ21wLmE6DQotCWNkICQoR01QRElSKTsgJChNQUtFKQ0KLQ0KLSQoWkxJ QkRFUCk6DQotCS1pZiB0ZXN0ICchJyAtZCAkKFpMSUJESVIpOyB0aGVuIFwN Ci0JICBta2RpciAkKFpMSUJESVIpOyBcDQotCSAgY3AgJChzcmNkaXIpLyQo WkxJQkRJUikvTWFrZWZpbGUgJChaTElCRElSKTsgXA0KLQlmaQ0KLQljZCAk KFpMSUJESVIpOyAkKE1BS0UpIFZQQVRIPSQoc3JjZGlyKS8kKFpMSUJESVIp Oi4uLyQoc3JjZGlyKS8kKFpMSUJESVIpIFwNCi0JICBDQz0iJChDQykiIENG TEFHUz0iJChDRkxBR1MpIC1JLiAtSSQoc3JjZGlyKS8kKFpMSUJESVIpIFwN Ci0JICAgIC1JLi4vJChzcmNkaXIpLyQoR01QRElSKSIgUkFOTElCPSIkKFJB TkxJQikiIGxpYnouYQ0KKyNHTVBfQ09QWV9TT1VSQ0VTID0gbXB6X2djZC5j IG1wel9wb3dtLmMgbXB6X3Bvd191aS5jIG1wel9hZGQuYyBtcHpfc3ViLmMg XA0KKyMJCW1wel9tdWwuYyBtcHpfY21wLmMgbXB6X3NxcnRyZW0uYw0KKyMk KEdNUERJUikvbGliZ21wLmE6DQorIwljZCAkKEdNUERJUik7ICQoTUFLRSkN CisjDQorIyQoWkxJQkRFUCk6DQorIwktaWYgdGVzdCAnIScgLWQgJChaTElC RElSKTsgdGhlbiBcDQorIwkgIG1rZGlyICQoWkxJQkRJUik7IFwNCisjCSAg Y3AgJChzcmNkaXIpLyQoWkxJQkRJUikvTWFrZWZpbGUgJChaTElCRElSKTsg XA0KKyMJZmkNCisjCWNkICQoWkxJQkRJUik7ICQoTUFLRSkgVlBBVEg9JChz cmNkaXIpLyQoWkxJQkRJUik6Li4vJChzcmNkaXIpLyQoWkxJQkRJUikgXA0K KyMJICBDQz0iJChDQykiIENGTEFHUz0iJChDRkxBR1MpIC1JLiAtSSQoc3Jj ZGlyKS8kKFpMSUJESVIpIFwNCisjCSAgICAtSS4uLyQoc3JjZGlyKS8kKEdN UERJUikiIFJBTkxJQj0iJChSQU5MSUIpIiBsaWJ6LmENCiANCiAkKFJTQVJF RlNSQ0RJUikvbGlicnNhcmVmLmE6DQogCS1pZiB0ZXN0ICchJyAtZCAkKFJT QVJFRkRJUik7IHRoZW4gXA0KQEAgLTUxNiw3ICs1MjEsNyBAQA0KICMgKG90 aGVyd2lzZSBpdCBjYW4gb25seSBsb2cgaW4gYXMgdGhlIHVzZXIgaXQgcnVu cyBhcywgYW5kIG11c3QgYmUNCiAjIGJvdW5kIHRvIGEgbm9uLXByaXZpbGVn ZWQgcG9ydCkuICBBbHNvLCBwYXNzd29yZCBhdXRoZW50aWNhdGlvbiBtYXkN CiAjIG5vdCBiZSBhdmFpbGFibGUgaWYgbm9uLXJvb3QgYW5kIHVzaW5nIHNo YWRvdyBwYXNzd29yZHMuDQotaW5zdGFsbDogJChQUk9HUkFNUykgbWFrZS1k aXJzIGdlbmVyYXRlLWhvc3Qta2V5IGluc3RhbGwtY29uZmlncw0KK2luc3Rh bGw6ICQoUFJPR1JBTVMpIG1ha2UtZGlycyBpbnN0YWxsLWNvbmZpZ3MNCiAJ LXJtIC1mICQoaW5zdGFsbF9wcmVmaXgpJChiaW5kaXIpL3NzaDEub2xkDQog CS1jaG1vZCA3NTUgJChpbnN0YWxsX3ByZWZpeCkkKGJpbmRpcikvc3NoMQ0K IAktY2htb2QgNzU1ICQoaW5zdGFsbF9wcmVmaXgpJChiaW5kaXIpL3NzaA0K QEAgLTY3MiwxNSArNjc3LDE1IEBADQogDQogY2xlYW46DQogCS1ybSAtZiAq Lm8gZ21vbi5vdXQgKmNvcmUgJChQUk9HUkFNUykgcmZjLXBnDQotCWNkICQo R01QRElSKTsgJChNQUtFKSBjbGVhbg0KKyMJY2QgJChHTVBESVIpOyAkKE1B S0UpIGNsZWFuDQogIwljZCAkKFJTQVJFRlNSQ0RJUik7IHJtIC1mICoubyAq LmENCi0JY2QgJChaTElCRElSKTsgJChNQUtFKSBjbGVhbg0KKyMJY2QgJCha TElCRElSKTsgJChNQUtFKSBjbGVhbg0KIA0KIGRpc3RjbGVhbjogY2xlYW4N CiAJLXJtIC1mIE1ha2VmaWxlIGNvbmZpZy5zdGF0dXMgY29uZmlnLmNhY2hl IGNvbmZpZy5sb2cgY29uZmlnLmgNCiAJLXJtIC1mIHNzaC4xIHNzaGQuOCBt YWtlLXNzaC1rbm93bi1ob3N0cy4xDQotCWNkICQoR01QRElSKTsgJChNQUtF KSBkaXN0Y2xlYW4NCi0JY2QgJChaTElCRElSKTsgJChNQUtFKSBkaXN0Y2xl YW4NCisjCWNkICQoR01QRElSKTsgJChNQUtFKSBkaXN0Y2xlYW4NCisjCWNk ICQoWkxJQkRJUik7ICQoTUFLRSkgZGlzdGNsZWFuDQogDQogZGlzdDogZGlz dC1mcmVlDQogDQpAQCAtNzA5LDEyICs3MTQsMTIgQEANCiAJLW1rZGlyICQo RElTVE5BTUUpDQogCWNwICQoRElTVEZJTEVTKSAkKERJU1ROQU1FKQ0KIAlm b3IgaSBpbiAkKERJU1RTUkNTKTsgZG8gY3AgJChzcmNkaXIpLyQkaSAkKERJ U1ROQU1FKTsgZG9uZQ0KLQkoY2QgJChHTVBESVIpOyBtYWtlIGRpc3QpDQot CWd6aXAgLWNkICQoR01QRElSKS8kKEdNUERJUikudGFyLmd6IHwgKGNkICQo RElTVE5BTUUpOyB0YXIgcHhmIC0gKQ0KKyMJKGNkICQoR01QRElSKTsgbWFr ZSBkaXN0KQ0KKyMJZ3ppcCAtY2QgJChHTVBESVIpLyQoR01QRElSKS50YXIu Z3ogfCAoY2QgJChESVNUTkFNRSk7IHRhciBweGYgLSApDQogIwl0YXIgY2Yg LSAkKFJTQVJFRkRJUikgfCAoY2QgJChESVNUTkFNRSk7IHRhciB4ZiAtKQ0K ICMJY2QgJChESVNUTkFNRSkvJChSU0FSRUZTUkNESVIpOyBybSAtZiAqLm8g Ki5hDQotCShjZCAgJChzcmNkaXIpOyB0YXIgcGNmIC0gJChaTElCRElSKSAp fCAoY2QgJChESVNUTkFNRSk7IHRhciBweGYgLSkNCi0JY2QgJChESVNUTkFN RSkvJChaTElCRElSKTsgcm0gLWYgKi5vICouYTsgcm0gLXJmIENWUw0KKyMJ KGNkICAkKHNyY2Rpcik7IHRhciBwY2YgLSAkKFpMSUJESVIpICl8IChjZCAk KERJU1ROQU1FKTsgdGFyIHB4ZiAtKQ0KKyMJY2QgJChESVNUTkFNRSkvJCha TElCRElSKTsgcm0gLWYgKi5vICouYTsgcm0gLXJmIENWUw0KIA0KICNpZmRl ZiBGX1NFQ1VSRV9DT01NRVJDSUFMDQogIw0KQEAgLTc0Miw3ICs3NDcsNyBA QA0KIAkgKGVjaG8gInMvXC4kJG9sZF92ZXJzaW9uXCIvLiQkbmV3X3ZlcnNp b25cIi9nIjsgZWNobyB3OyBlY2hvIHEpIHwgZWQgJChzcmNkaXIpL3ZlcnNp b24uaCA+L2Rldi9udWxsDQogDQogZGVwZW5kOg0KLQkkKE1BS0VERVApIC1J JChzcmNkaXIpIC1JLiAtSSQoR01QRElSKSAtSSQoWkxJQkRJUikgJChERUZT KSAkKFNSQ1MpDQorCSQoTUFLRURFUCkgLUkkKHNyY2RpcikgLUkuICQoREVG UykgJChTUkNTKQ0KIA0KIHRhZ3M6DQogCS1ybSAtZiBUQUdTDQo= --0-873016620-905705562=:343-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message