Call for testing: OpenSSH 6.7

Thu Aug 21 13:35:39 EST 2014

No cross-compiling at all.  Completely native builds on the appropriate
OS.  The ./configure script is correctly reporting the library and header
versions listed in the build reports. (0.9.8k, etc).  But I'll do more runs
in the morning and paste the configure detections.

On Wed, Aug 20, 2014 at 5:47 PM, Damien Miller <djm at mindrot.org> wrote:

> On Wed, 20 Aug 2014, Kevin Brott wrote:
>
> > FAIL*1 - configure completes without errors ...
> >    make[1]: Entering directory `/usr/src/openssh/openbsd-compat'
> >    gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare
> > -Wformat-security -fno-strict-aliasing -D_FORTIFY_SOURCE=2
> > -fno-builtin-memset -std=gnu99  -I. -I.. -I. -I./..  -DHAVE_CONFIG_H -c
> > openssl-compat.c
> >    In file included from openssl-compat.c:32:
> >    openssl-compat.h:28:2: #error OpenSSL 0.9.8f or greater is required
>
> that's strange - you aren't cross-compiling? The test in configure.ac
> won't work for x-compiles.
>
> If not, what does configure report your OpenSSL version as? e.g.
>
> checking OpenSSL header version... 1000106f (OpenSSL 1.0.1f 6 Jan 2014)
> checking OpenSSL library version... 1000106f (OpenSSL 1.0.1f 6 Jan 2014)
>
> >    make[1]: Leaving directory `/usr/src/openssh/openbsd-compat'
> >    make: *** [openbsd-compat/libopenbsd-compat.a] Error 2
> >
> > FAIL*2 - port-aix.c still fails to compile on RHEL and AIX where ec.h
> isn't
> > part of openssl ...
> >    gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare
> > -Wformat-security -Wno-pointer-sign -fno-strict-aliasing
> -D_FORTIFY_SOURCE=2
> > -ftrapv -fno-builtin-memset -fstack-protector-all -fPIE  -I. -I.. -I.
> > -I./..  -DHAVE_CONFIG_H -c port-aix.c
> >    In file included from port-aix.c:31:
> >    ../key.h:85: warning: type defaults to ?int? in declaration of
> ?EC_GROUP?
> >    ../key.h:85: error: expected ?;?, ?,? or ?)? before ?*? token
> >    ../key.h:86: warning: type defaults to ?int? in declaration of
> ?EC_KEY?
> >    ../key.h:86: error: expected ?;?, ?,? or ?)? before ?*? token
>
> another missing check for no-ECC OpenSSL:
>
> Index: key.h
> ===================================================================
> RCS file: /var/cvs/openssh/key.h,v
> retrieving revision 1.45
> diff -u -p -r1.45 key.h
> --- key.h       2 Jul 2014 05:28:03 -0000       1.45
> +++ key.h       21 Aug 2014 00:46:48 -0000
> @@ -81,10 +81,10 @@ int  key_cert_check_authority(const Key
>             const char **);
>  char   *key_alg_list(int, int);
>
> -#ifdef WITH_OPENSSL
> +#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC)
>  int     key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
>  int     key_ec_validate_private(const EC_KEY *);
> -#endif /* WITH_OPENSSL */
> +#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
>
>  Key    *key_from_blob(const u_char *, u_int);
>  int     key_to_blob(const Key *, u_char **, u_int *);
>

-- 
# include <stddisclaimer.h>
/* Kevin  Brott <Kevin.Brott at gmail.com> */