Recent openssl is required for OPENSSL_free [Re: Please test snapshots for 3.0 release] (fwd)

Pekka Savola pekkas at netcore.fi
Sun Oct 21 06:41:24 EST 2001 

No response yet, so resending.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

---------- Forwarded message ----------
Date: Fri, 12 Oct 2001 09:44:54 +0300 (EEST)
From: Pekka Savola <pekkas at netcore.fi>
To: Damien Miller <djm at mindrot.org>
Cc: openssh-unix-dev at mindrot.org
Subject: Recent openssl is required for OPENSSL_free [Re: Please test
    snapshots for 3.0 release]

On Fri, 12 Oct 2001, Damien Miller wrote:
> Could everyone please test the latest snapshots as we will be making a
> new release soon.
>
> If you have any patches you would like us to consider, please resend
> them to the list ASAP.

1) As sshd -t is used when restarting sshd with RH scripts now, I think
sshd_config is better marked with noreplace as config files should.

2) I'd probably remove '--with-ipv4-default'; it's a major release after
all.  I haven't noticed problems with this, and if you'd have to run 'sshd
-6', IPv4 port forwarding through mapped addresses won't work.

3) Building appears to rely on the existance of rather recent openssl.
This is good from security perspective, but will make building with e.g.
0.9.5a impossible.  If this is intended to be requirement (there _have_
been security fixes), at least Requires:  openssl >= 0.9.6 or whatever
should be added and the requirement noted in the docs.

The build failed on my RHL62 with:

./libssh.a(key.o): In function `write_bignum':
key.o(.text+0x7f7): undefined reference to `OPENSSL_free'

I bet this is an issue that people might complain about.

Build works ok on RHL72 beta w/ openssh 0.9.6b.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords
-------------- next part --------------
Index: openssh.spec
===================================================================
RCS file: /cvs/openssh_cvs/contrib/redhat/openssh.spec,v
retrieving revision 1.86
diff -u -r1.86 openssh.spec
--- openssh.spec	2001/09/26 14:24:21	1.86
+++ openssh.spec	2001/09/27 15:51:33
@@ -264,8 +264,7 @@
 %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
 %attr(0644,root,root) %{_mandir}/man8/sshd.8*
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
-#%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config
-%attr(0600,root,root) %config %{_sysconfdir}/sshd_config
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config
 %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
 %attr(0755,root,root) %config /etc/rc.d/init.d/sshd

More information about the openssh-unix-dev mailing list