blibpath changes for AIX
Darren Tucker
dtucker at zip.com.au
Fri May 16 00:40:01 EST 2003
Markus Alt wrote:
> This has worked fine for former versions of OpenSSH, but with 3.6.1p2,
> /opt/freeware/lib apparently does not get added to blibpath during the
> build. As a matter of fact, after installing the RPM, sshd refuses to
> start as it cannot find libcrypto.a in /usr/lib or /lib.
Yeah, there's a reason for this:
"Portable OpenSSH: Dangerous AIX linker behavior"
http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=105167884027821
> If I add 'export blibpath="/opt/freeware/lib:/usr/lib:/lib"' to the SPEC
> file before running configure, all works well. But I would expect to get
> /opt/freeware/lib added to blibpath automatically by the --with-ssl-dir
> option.
Good idea, but it would need to be sanity checked (eg
--with-ssl-dir=../openssl-0.9.7b/ or --with-ssl-dir=/tmp/openssl-0.9.7b
would produce exploitable binaries).
It's only required if you're using an openssl shared library (which is
still marked as as "experimental").
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list