Allow --without-privsep build.

David Woodhouse dwmw2 at
Sun Jan 8 12:46:55 EST 2006

On Sun, 2006-01-08 at 12:27 +1100, Damien Miller wrote:
> Probably not, we aren't interested in removing security features for
> size benefits. Making things like compression, SSH1, X forwarding, etc.
> optional would stand a better chance though.

Yeah, that figures. Of those, I'll probably have a look at removing SSH1
support. X forwarding doesn't take much code (not even with the hacks to
handle multiple servers), and compression is actually a must-have
feature for SSH on the machine in question, because it spends a lot of
its active life doing IMAP over SSH over GPRS.

> That is pretty much makefile changes. We don't do this because libssh.a
> is really just a compilation shortcut and isn't intended to be any sort
> of public API..

Yeah -- the dynamic library doesn't make much sense unless you care
deeply about the amount of space you're taking up. Since I'm unlikely to
spend much time actually hacking SSH on the toy, I'm happy enough with a
dynamic library there, but I'll keep the patch local.

> This looks weird. My channel_register_fds() has this already:

My apologies; this is caused by the patch to support multiple displays
over the ControlSocket, which does this...

@@ -167,6 +180,14 @@
 channel_register_fds(Channel *c, int rfd, int wfd, int efd,
     int extusage, int nonblock)
+       c->rfd = rfd;
+       c->wfd = wfd;
+       c->efd = efd;
+       channel_fds_changed = 1;
+       if (rfd == -1 && wfd == -1 && efd == -1)
+               return;
        /* Update the maximum file descriptor value. */
        channel_max_fd = MAX(channel_max_fd, rfd);
        channel_max_fd = MAX(channel_max_fd, wfd);
@@ -174,11 +195,8 @@

        /* XXX set close-on-exec -markus */

-       c->rfd = rfd;
-       c->wfd = wfd;
        c->sock = (rfd == wfd) ? rfd : -1;
        c->ctl_fd = -1; /* XXX: set elsewhere */
-       c->efd = efd;
        c->extended_usage = extusage;

        /* XXX ugly hack: nonblock is only set by the server */


More information about the openssh-unix-dev mailing list