Call for testing: OpenSSH 6.9
Ron Frederick
ronf at timeheart.net
Sun May 31 03:37:38 AEST 2015
On May 29, 2015, at 12:12 AM, Damien Miller <djm at mindrot.org> wrote:
> OpenSSH 6.9 is almost ready for release, so we would appreciate testing
> on as many platforms and systems as possible. This release contains
> some substantial new features and a number of bug fixes.
I just compiled and ran the tests for openssl-snap-20150531 on Linux (Ubuntu 14.04.2 LTS) and MacOS (10.10.3).
On Linux, the code compiled cleanly. However, during “make tests” I got the following error a number of times:
WARNING: /usr/local/etc/moduli does not exist, using fixed modulus
Later in the test sequence I got the error:
run test connect.sh ...
Missing privilege separation directory: /var/empty
FATAL: sshd_proxy broken
make[1]: *** [t-exec] Error 1
make[1]: Leaving directory `/tmp/openssh/regress'
make: *** [tests] Error 2
make tests 153.92s user 4.68s system 98% cpu 2:41.52 total
I was not running as root at the time, as I wasn’t intending to install this version. It looks like it assumes that /var/empty will already exist, though, which it doesn’t on my system. The currently installed sshd does have UsePrivilegeSeparation enabled, and it looks like the sshd user is set up with have /var/run/sshd as its home directory on this system, but the test script didn’t pick that up.
On MacOS, the code compiled, but there were a large number of warnings about constructs that were deprecated back in OS X 10.7. The output is quite large, but I’d be happy to provide it to anyone who wants it. Here’s an example of the first warning:
gcc -g -O2 -Qunused-arguments -Wunknown-warning-option -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c ssh_api.c -o ssh_api.o
ssh_api.c:85:3: warning: 'OPENSSL_add_all_algorithms_noconf' is deprecated:
first deprecated in OS X 10.7 [-Wdeprecated-declarations]
OpenSSL_add_all_algorithms();
^
/usr/include/openssl/evp.h:829:3: note: expanded from macro
'OpenSSL_add_all_algorithms'
OPENSSL_add_all_algorithms_noconf()
^
/usr/include/openssl/evp.h:821:6: note: 'OPENSSL_add_all_algorithms_noconf' has
been explicitly marked deprecated here
void OPENSSL_add_all_algorithms_noconf(void) DEPRECATED_IN_MAC_OS_X_VERS...
^
1 warning generated.
Other than these warnings, the code did compile on MacOS and successfully passed all the tests.
I can also confirm that this version fixes bz#2366, as noted in the change log.
--
Ron Frederick
ronf at timeheart.net
More information about the openssh-unix-dev
mailing list