vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
PGNet Dev
pgnet.dev at gmail.com
Fri Jun 8 13:27:19 AEST 2018
On 6/7/18 7:13 PM, PGNet Dev wrote:
> On 6/7/18 6:52 PM, Darren Tucker wrote:
>> What included pthread.h? That's explicitly not supported by sshd:
>
> I'll poke around
cd /usr/local/src/openssh/openssh-7.7p1/
source ~/.bashrc
unset LDFLAGS
unset CFLAGS CXXFLAGS CPPFLAGS
make distclean
export LD=gcc
autoreconf -fiv
./configure \
--prefix="/usr/local/sshtest" \
--without-openssl \
--with-pam
make V=1
...
(cd openbsd-compat && make)
make[1]: Entering directory '/usr/local/src/openssh/openssh-7.7p1/openbsd-compat'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/usr/local/src/openssh/openssh-7.7p1/openbsd-compat'
ar rv libssh.a ssh_api.o ssherr.o sshbuf.o sshkey.o sshbuf-getput-basic.o sshbuf-misc.o sshbuf-getput-crypto.o krl.o bitmap.o ssh-xmss.o sshkey-xmss.o xmss_commons.o xmss_fast.o xmss_hash.o xmss_hash_address.o xmss_wots.o authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o cipher-ctr.o cleanup.o compat.o crc32.o fatal.o hostfile.o log.o match.o moduli.o nchan.o packet.o opacket.o readpass.o ttymodes.o xmalloc.o addrmatch.o atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf8.o monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o ssh-pkcs11.o smult_curve25519_ref.o poly1305.o chacha.o cipher-chachapoly.o ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o platform-pledge.o platform-tracing.o platform-misc.o
ar: creating libssh.a
a - ssh_api.o
a - ssherr.o
a - sshbuf.o
a - sshkey.o
a - sshbuf-getput-basic.o
a - sshbuf-misc.o
a - sshbuf-getput-crypto.o
a - krl.o
a - bitmap.o
a - ssh-xmss.o
a - sshkey-xmss.o
a - xmss_commons.o
a - xmss_fast.o
a - xmss_hash.o
a - xmss_hash_address.o
a - xmss_wots.o
a - authfd.o
a - authfile.o
a - bufaux.o
a - bufbn.o
a - bufec.o
a - buffer.o
a - canohost.o
a - channels.o
a - cipher.o
a - cipher-aes.o
a - cipher-aesctr.o
a - cipher-ctr.o
a - cleanup.o
a - compat.o
a - crc32.o
a - fatal.o
a - hostfile.o
a - log.o
a - match.o
a - moduli.o
a - nchan.o
a - packet.o
a - opacket.o
a - readpass.o
a - ttymodes.o
a - xmalloc.o
a - addrmatch.o
a - atomicio.o
a - key.o
a - dispatch.o
a - mac.o
a - uidswap.o
a - uuencode.o
a - misc.o
a - utf8.o
a - monitor_fdpass.o
a - rijndael.o
a - ssh-dss.o
a - ssh-ecdsa.o
a - ssh-rsa.o
a - dh.o
a - msg.o
a - progressmeter.o
a - dns.o
a - entropy.o
a - gss-genr.o
a - umac.o
a - umac128.o
a - ssh-pkcs11.o
a - smult_curve25519_ref.o
a - poly1305.o
a - chacha.o
a - cipher-chachapoly.o
a - ssh-ed25519.o
a - digest-openssl.o
a - digest-libc.o
a - hmac.o
a - sc25519.o
a - ge25519.o
a - fe25519.o
a - ed25519.o
a - verify.o
a - hash.o
a - kex.o
a - kexdh.o
a - kexgex.o
a - kexecdh.o
a - kexc25519.o
a - kexdhc.o
a - kexgexc.o
a - kexecdhc.o
a - kexc25519c.o
a - kexdhs.o
a - kexgexs.o
a - kexecdhs.o
a - kexc25519s.o
a - platform-pledge.o
a - platform-tracing.o
a - platform-misc.o
ranlib libssh.a
gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect2.o mux.o -L. -Lopenbsd-compat/ -Wl,-z,retpolineplt -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -fstack-protector-strong -pie -lssh -lopenbsd-compat -lutil -lz -lcrypt -lresolv
/usr/lib64/gcc/x86_64-suse-linux/8/../../../../x86_64-suse-linux/bin/ld: warning: -z retpolineplt ignored.
/usr/bin/gcc-8 -g -O2 -pipe -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -mfunction-return=thunk -mindirect-branch=thunk -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/usr/local/sshtest/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/sshtest/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/sshtest/lib/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/sshtest/lib/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/sshtest/lib/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/sshtest/lib/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c auth-pam.c -o auth-pam.o
auth-pam.c:179:1: error: static declaration of ‘pthread_exit’ follows non-static declaration
pthread_exit(void *value)
^~~~~~~~~~~~
In file included from /usr/include/openssl/crypto.h:415,
from /usr/include/openssl/bio.h:20,
from /usr/include/openssl/objects.h:915,
from buffer.h:50,
from entropy.h:28,
from includes.h:177,
from auth-pam.c:50:
/usr/include/pthread.h:243:13: note: previous declaration of ‘pthread_exit’ was here
extern void pthread_exit (void *__retval) __attribute__ ((__noreturn__));
^~~~~~~~~~~~
auth-pam.c:186:1: error: conflicting types for ‘pthread_create’
pthread_create(sp_pthread_t *thread, const void *attr,
^~~~~~~~~~~~~~
In file included from /usr/include/openssl/crypto.h:415,
from /usr/include/openssl/bio.h:20,
from /usr/include/openssl/objects.h:915,
from buffer.h:50,
from entropy.h:28,
from includes.h:177,
from auth-pam.c:50:
/usr/include/pthread.h:234:12: note: previous declaration of ‘pthread_create’ was here
extern int pthread_create (pthread_t *__restrict __newthread,
^~~~~~~~~~~~~~
auth-pam.c:212:1: error: conflicting types for ‘pthread_cancel’
pthread_cancel(sp_pthread_t thread)
^~~~~~~~~~~~~~
In file included from /usr/include/openssl/crypto.h:415,
from /usr/include/openssl/bio.h:20,
from /usr/include/openssl/objects.h:915,
from buffer.h:50,
from entropy.h:28,
from includes.h:177,
from auth-pam.c:50:
/usr/include/pthread.h:514:12: note: previous declaration of ‘pthread_cancel’ was here
extern int pthread_cancel (pthread_t __th);
^~~~~~~~~~~~~~
auth-pam.c:220:1: error: conflicting types for ‘pthread_join’
pthread_join(sp_pthread_t thread, void **value)
^~~~~~~~~~~~
In file included from /usr/include/openssl/crypto.h:415,
from /usr/include/openssl/bio.h:20,
from /usr/include/openssl/objects.h:915,
from buffer.h:50,
from entropy.h:28,
from includes.h:177,
from auth-pam.c:50:
/usr/include/pthread.h:251:12: note: previous declaration of ‘pthread_join’ was here
extern int pthread_join (pthread_t __th, void **__thread_return);
^~~~~~~~~~~~
make: *** [Makefile:160: auth-pam.o] Error 1
checking
cat /usr/include/openssl/crypto.h
...
# if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
# if defined(_WIN32)
# if defined(BASETYPES) || defined(_WINDEF_H)
/* application has to include <windows.h> in order to use this */
typedef DWORD CRYPTO_THREAD_LOCAL;
typedef DWORD CRYPTO_THREAD_ID;
typedef LONG CRYPTO_ONCE;
# define CRYPTO_ONCE_STATIC_INIT 0
# endif
# else
415 # include <pthread.h>
typedef pthread_once_t CRYPTO_ONCE;
typedef pthread_key_t CRYPTO_THREAD_LOCAL;
typedef pthread_t CRYPTO_THREAD_ID;
# define CRYPTO_ONCE_STATIC_INIT PTHREAD_ONCE_INIT
# endif
# endif
...
pulled in ultimately by include in
buffer.h
...
int buffer_get_ret(Buffer *, void *, u_int);
int buffer_consume_ret(Buffer *, u_int);
int buffer_consume_end_ret(Buffer *, u_int);
50 #include <openssl/objects.h>
#include <openssl/bn.h>
void buffer_put_bignum2(Buffer *, const BIGNUM *);
void buffer_get_bignum2(Buffer *, BIGNUM *);
void buffer_put_bignum2_from_string(Buffer *, const u_char *, u_int);
...
given that
--without-openssl
*is* passed on config line, looks like those includes should possibley be wrapped in a with/without ssl conditional?
More information about the openssh-unix-dev
mailing list