[PATCH]: Port to Mac OS X/Darwin, misc

Wilfredo S á nchez wsanchez at apple.com
Tue Aug 15 13:31:22 EST 2000 

  Below I've includes a patch which helps build OpenSSH outside from a
read-only source tree, find OpenSSL on Mac OS X, and fix a typo.

  This applies to OpenSSH 2.1.1p4.

  You should already have gotten a note from Melissa O'Neil about a
conflict with the crc32() symbol in zlib, which was causing a crash on
Darwin.

  I've noticed another bug.  If ssh is setuid, I get a permission denied
error while it tries to open ~/.ssh/prng_seed.  I'm guessing this is
because ssh is running with euid=0 at that point; since my home dir
is exported from an NFS server with maproot=nobody, this fails.  Aside
from that problem, there may be a larger problem that ssh is running
with euid=0 when it doesn't need to be.

	Thanks,
	-Fred


Summary:

Makefile.in:
 - OpenSSH doesn't build well if you are building outside of the source tree.
   - mkinstalldirs lives in $(srcdir), not necessarily '.'.
   - fixprogs lives in $(srcdir), not necessarily '.'.
 - Separate CFLAGS from CPPFLAGS, so one can override CFLAGS from the command
   line without whacking include paths.

configure.in:
 - Find OpenSSL install as a framework.
   (-framework OpenSSL instead of -lcrypto)

uidswap.c:
 - Fix apparent typo.



Index: Services/OpenSSH/openssh/Makefile.in
diff -u Services/OpenSSH/openssh/Makefile.in:1.1.1.3  
Services/OpenSSH/openssh/Makefile.in:1.7
--- Services/OpenSSH/openssh/Makefile.in:1.1.1.3	Wed Jul 12 20:13:08 2000
+++ Services/OpenSSH/openssh/Makefile.in	Mon Aug 14 19:36:09 2000
@@ -21,7 +21,8 @@
 CC=@CC@
 LD=@LD@
 PATHS=-DETCDIR=\"$(sysconfdir)\" -DSSH_PROGRAM=\"$(SSH_PROGRAM)\"  
-DSSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\"
-CFLAGS=@CFLAGS@ $(PATHS) @DEFS@
+CFLAGS=@CFLAGS@
+CPPFLAGS=@CPPFLAGS@ $(PATHS) @DEFS@ -I. -I$(srcdir)
 LIBS=@LIBS@
 AR=@AR@
 RANLIB=@RANLIB@
@@ -118,11 +119,11 @@
 install: manpages $(TARGETS) install-files host-key

 install-files:
-       ./mkinstalldirs $(DESTDIR)$(bindir)
-       ./mkinstalldirs $(DESTDIR)$(sbindir)
-       ./mkinstalldirs $(DESTDIR)$(mandir)
-       ./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
-       ./mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
+       $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
+       $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
+       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
+       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
+       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
        $(INSTALL) -m 4755 -s ssh $(DESTDIR)$(bindir)/ssh
        $(INSTALL) -s scp $(DESTDIR)$(bindir)/scp
        $(INSTALL) -s ssh-add $(DESTDIR)$(bindir)/ssh-add
@@ -140,12 +141,12 @@
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 	ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 	if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config -a ! -f  
$(DESTDIR)$(sysconfdir)/sshd_config ]; then \
-		./mkinstalldirs $(DESTDIR)$(sysconfdir); \
+		$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
 		$(INSTALL) -m 644 ssh_config.out  
$(DESTDIR)$(sysconfdir)/ssh_config; \
 		$(INSTALL) -m 644 sshd_config.out  
$(DESTDIR)$(sysconfdir)/sshd_config; \
 	fi
 	if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
-		$(PERL) fixprogs ssh_prng_cmds $(ENT); \
+		$(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \
 		$(INSTALL) -m 644 ssh_prng_cmds.out  
$(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \
 	fi

Index: Services/OpenSSH/openssh/configure.in
diff -u Services/OpenSSH/openssh/configure.in:1.1.1.4  
Services/OpenSSH/openssh/configure.in:1.5
--- Services/OpenSSH/openssh/configure.in:1.1.1.4	Thu Aug  3 14:29:33 2000
+++ Services/OpenSSH/openssh/configure.in	Mon Aug 14 19:38:51 2000
@@ -323,19 +326,25 @@
 	tryssldir="$tryssldir $prefix"
 fi
 AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
-
-	for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl  
/usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
-		if test ! -z "$ssldir" ; then
+	for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl  
/usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl FRAMEWORK  
; do
+		if test "x$ssldir" = "xFRAMEWORK" ; then
+			LDFLAGS="$saved_LDFLAGS"
+			CFLAGS="$saved_CFLAGS"
+			LIBCRYPTO="-framework openssl"
+		elif test ! -z "$ssldir" ; then
 			LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
 			CFLAGS="$saved_CFLAGS -I$ssldir/include"
 			if test ! -z "$need_dash_r" ; then
 				LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
 			fi
+			LIBCRYPTO="-lcrypto"
 		else
 			LDFLAGS="$saved_LDFLAGS"
+			CFLAGS="$saved_CFLAGS"
+			LIBCRYPTO="-lcrypto"
 		fi

-		LIBS="$saved_LIBS -lcrypto"
+		LIBS="$saved_LIBS $LIBCRYPTO"

 		# Basic test to check for compatible version and correct linking
 		# *does not* test for RSA - that comes later.
@@ -372,7 +381,13 @@
 	ac_cv_openssldir=$ssldir
 ])

-if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" !=  
"x(system)") ; then
+if test "x$ssldir" = "xFRAMEWORK" ; then
+	AC_DEFINE(HAVE_OPENSSL)
+	ssldir="(framework)"
+	LDFLAGS="$saved_LDFLAGS"
+	CFLAGS="$saved_CFLAGS"
+	LIBCRYPTO="-framework openssl"
+elif test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" !=  
"x(system)" ; then
 	AC_DEFINE(HAVE_OPENSSL)
 	dnl Need to recover ssldir - test above runs in subshell
 	ssldir=$ac_cv_openssldir
@@ -384,8 +399,9 @@
 	if test ! -z "$blibpath" ; then
 		blibpath="$blibpath:$ssldir:$ssldir/lib"
 	fi
+	LIBCRYPTO="-lcrypto"
 fi
-LIBS="$saved_LIBS -lcrypto"
+LIBS="$saved_LIBS $LIBCRYPTO"

 # Now test RSA support
 saved_LIBS="$LIBS"
@@ -432,7 +448,7 @@
 		else
 			RSA_MSG="yes (using RSAref)"
 			AC_MSG_RESULT(using RSAref)
-			LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"
+			LIBS="$saved_LIBS $LIBCRYPTO -lRSAglue -lrsaref"
 		fi
 	fi
 fi
Index: Services/OpenSSH/openssh/uidswap.c
diff -u Services/OpenSSH/openssh/uidswap.c:1.1.1.3  
Services/OpenSSH/openssh/uidswap.c:1.3
--- Services/OpenSSH/openssh/uidswap.c:1.1.1.3	Wed Jul 12 20:13:17 2000
+++ Services/OpenSSH/openssh/uidswap.c	Wed Jul 12 20:27:37 2000
@@ -48,7 +48,7 @@
 	/* Set the effective uid to the given (unprivileged) uid. */
 	if (seteuid(uid) == -1)
 		debug("seteuid %d: %.100s", (int) uid, strerror(errno));
-#else /* SAVED_IDS_WORK_WITH_SETUID */
+#else /* SAVED_IDS_WORK_WITH_SETEUID */
 	/* Propagate the privileged uid to all of our uids. */
 	if (setuid(geteuid()) < 0)
 		debug("setuid %d: %.100s", (int) geteuid(), strerror(errno));

Wilfredo Sánchez, wsanchez at apple.com
Open Source Engineering Lead
Apple Computer, Inc., Core Operating System Group
1 Infinite Loop, Cupertino, CA 94086, 408.974-5174

More information about the openssh-unix-dev mailing list