From owner-freebsd-bugs Fri Nov 17 4:40:10 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 78DD337B4C5 for ; Fri, 17 Nov 2000 04:40:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id EAA73313; Fri, 17 Nov 2000 04:40:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from bg.sics.se (unknown [193.10.66.124]) by hub.freebsd.org (Postfix) with ESMTP id D56F637B4C5; Fri, 17 Nov 2000 04:38:12 -0800 (PST) Received: (from bg@localhost) by bg.sics.se (8.11.0/8.11.0) id eAHCcCO36750; Fri, 17 Nov 2000 13:38:12 +0100 (CET) (envelope-from bg) Message-Id: <200011171238.eAHCcCO36750@bg.sics.se> Date: Fri, 17 Nov 2000 13:38:12 +0100 (CET) From: bg@sics.se Reply-To: bg@sics.se To: FreeBSD-gnats-submit@freebsd.org Cc: bg@sics.se X-Send-Pr-Version: 3.2 Subject: conf/22916: Ssh/sshd binaries lacks kerberos support (patch included) Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 22916 >Category: conf >Synopsis: Ssh/sshd binaries lacks kerberos support (patch included) >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Nov 17 04:40:01 PST 2000 >Closed-Date: >Last-Modified: >Originator: Bjoern Groenvall >Release: FreeBSD 4.2-BETA i386 >Organization: >Environment: FreeBSD 4.2-BETA i386 with kerberosIV distribution installed >Description: Both /usr/bin/ssh and /usr/sbin/sshd lack support for kerberos even though the binary distribution for kerberosIV is installed. >How-To-Repeat: Install a machine with the binary kerberosIV distribution and run ldd /usr/bin/ssh. >Fix: When kerberosIV is built both telnet and telnetd are rebuilt (from the same sources) with kerberos enabled. I suggest that ssh and sshd are rebuilt in a similar fashion. The attached patch does that and has been tested with tag=RELEASE_4 and cvsup:ed sources from November 15. Cheers, Bjorn diff -ur -P kerberosIV.org/usr.bin/Makefile kerberosIV/usr.bin/Makefile --- kerberosIV.org/usr.bin/Makefile Sat Aug 28 03:31:26 1999 +++ kerberosIV/usr.bin/Makefile Fri Nov 17 10:35:15 2000 @@ -1,5 +1,5 @@ # $FreeBSD: src/kerberosIV/usr.bin/Makefile,v 1.2 1999/08/28 01:31:26 peter Exp $ -SUBDIR= kadmin kauth kdestroy kinit klist ksrvtgt telnet +SUBDIR= kadmin kauth kdestroy kinit klist ksrvtgt telnet ssh .include diff -ur -P kerberosIV.org/usr.bin/ssh/Makefile kerberosIV/usr.bin/ssh/Makefile --- kerberosIV.org/usr.bin/ssh/Makefile Thu Jan 1 01:00:00 1970 +++ kerberosIV/usr.bin/ssh/Makefile Fri Nov 17 10:29:07 2000 @@ -0,0 +1,44 @@ +# $FreeBSD: src/secure/usr.bin/ssh/Makefile,v 1.4.2.3 2000/10/28 23:05:13 kris Exp $ +# + +SSHSRC= ${.CURDIR}/../../../crypto/openssh + +PROG= ssh +BINOWN= root +BINMODE=4555 +MAN1= ssh.1 +LINKS= ${BINDIR}/ssh ${BINDIR}/slogin +MLINKS= ssh.1 slogin.1 + +SRCS= ssh.c log-client.c readconf.c clientloop.c sshconnect.c \ + sshconnect1.c sshconnect2.c + +.include + +.PATH: ${SSHSRC} +.PATH: ${SSHSRC}/lib + +.if defined(MAKE_KERBEROS4) && \ + ((${MAKE_KERBEROS4} == "yes") || (${MAKE_KERBEROS4} == "YES")) +DISTRIBUTION=krb4 +CFLAGS+= -DKRB4 +LDADD+= -lkrb -lcom_err +DPADD+= ${LIBKRB} ${LIBCOM_ERR} +.endif # MAKE_KERBEROS4 + +.if defined(MAKE_KERBEROS5) && \ + ((${MAKE_KERBEROS5} == "yes") || (${MAKE_KERBEROS5} == "YES")) +DISTRIBUTION=krb5 +CFLAGS+= -DKRB5 +LDADD+= -lkrb5 -lasn1 -lcom_err -lmd -L${.OBJDIR}/../../../kerberos5/lib/libroken -lroken -lcrypt +DPADD+= ${LIBKRB5} ${LIBCOM_ERR} ${LIBASN1} ${LIBMD} ${LIBCRYPT} +.endif # MAKE_KERBEROS5 + +.if defined(X11BASE) +CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\" +.endif + +LDADD+= -L${.OBJDIR}/../../../secure/lib/libssh -lssh -lcrypto -lutil -lz +DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} + +.include diff -ur -P kerberosIV.org/usr.sbin/Makefile kerberosIV/usr.sbin/Makefile --- kerberosIV.org/usr.sbin/Makefile Sat Aug 28 03:31:33 1999 +++ kerberosIV/usr.sbin/Makefile Fri Nov 17 10:35:51 2000 @@ -1,6 +1,6 @@ # $FreeBSD: src/kerberosIV/usr.sbin/Makefile,v 1.2 1999/08/28 01:31:33 peter Exp $ SUBDIR= ext_srvtab kadmind kdb_destroy kdb_edit kdb_init kdb_util \ - kerberos kip kprop ksrvutil kstash + kerberos kip kprop ksrvutil kstash sshd .include diff -ur -P kerberosIV.org/usr.sbin/sshd/Makefile kerberosIV/usr.sbin/sshd/Makefile --- kerberosIV.org/usr.sbin/sshd/Makefile Thu Jan 1 01:00:00 1970 +++ kerberosIV/usr.sbin/sshd/Makefile Fri Nov 17 10:37:01 2000 @@ -0,0 +1,51 @@ +# $FreeBSD: src/secure/usr.sbin/sshd/Makefile,v 1.5.2.4 2000/10/28 23:05:14 kris Exp $ +# + +SSHSRC= ${.CURDIR}/../../../crypto/openssh +LOGINSRC= ${.CURDIR}/../../../usr.bin/login + +PROG= sshd +BINOWN= root +BINMODE=555 +MAN8= sshd.8 + +SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ + pty.c log-server.c login.c servconf.c serverloop.c \ + auth.c auth1.c auth2.c auth-options.c session.c login_access.c + +CFLAGS+= -DLIBWRAP -DHAVE_LOGIN_CAP -DLOGIN_ACCESS -I${LOGINSRC} + +.include + +.PATH: ${SSHSRC} ${LOGINSRC} + +.if defined(MAKE_KERBEROS4) && \ + ((${MAKE_KERBEROS4} == "yes") || (${MAKE_KERBEROS4} == "YES")) +DISTRIBUTION=krb4 +CFLAGS+= -DKRB4 +SRCS+= auth-krb4.c +LDADD+= -lkrb -lcom_err +DPADD+= ${LIBKRB} ${LIBCOM_ERR} +.endif # MAKE_KERBEROS4 + +.if defined(MAKE_KERBEROS5) && \ + ((${MAKE_KERBEROS5} == "yes") || (${MAKE_KERBEROS5} == "YES")) +DISTRIBUTION=krb5 +CFLAGS+= -DKRB5 +SRCS+= auth-krb5.c +LDADD+= -lkrb5 -lasn1 -lcom_err -lmd -L${.OBJDIR}/../../../kerberos5/lib/libroken -lroken +DPADD+= ${LIBKRB5} ${LIBCOM_ERR} ${LIBASN1} ${LIBMD} +.endif # MAKE_KERBEROS5 + +CFLAGS+= -DSKEY +LDADD+= -lopie -lmd +DPADD+= ${LIBOPIE} ${LIBMD} + +.include + +.if defined(X11BASE) +CFLAGS+= -DXAUTH_PATH=\"${X11BASE}/bin/xauth\" +.endif + +LDADD+= -L${.OBJDIR}/../../../secure/lib/libssh -lssh -lcrypt -lcrypto -lutil -lz -lwrap +DPADD+= ${LIBCRYPT} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} ${LIBWRAP} >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message