[PATCH (sort of)] Portable openssh-7.9-p1 build with Kerberos.

Markus Schmidt markus at blueflash.cc
Fri Mar 22 22:30:12 AEDT 2019

I tried to build openssh-portable on OpenBSD 6.4 with Kerberos support 
(I tried this initially because I failed to get the BSD version of 
openssh to work).

The OpenBSD 6.4 had heimdal kerberos support (self built from the ports 

I configured as
   ./configure --with-kerberos5=/usr/local/heimdal --prefx=

There are a few minor problems in the build system:

- ports offers the krb5_free_error_message() call but configure does not 
detect (or check for it), so "#define HAVE_KRB5_FREE_ERROR_MESSAGE" had 
to be added manually to config.h.

- /usr/local/lib needs to be added to the LDFLAGS because it will 
contain libcom_err.a

- openbsd-compat/port-aix.c fails to compile because of header files, 
although (obviously) the file does not apply to an OpenBSD build. To fix 
this, the #ifdef _AIX had to be moved further up.

I'm attaching a patch with the changes.  Naturally these have to be 
worked into the build-system itself, but I'm lacking the expertise to 
even understand where to start.

-------------- next part --------------
diff -ur openssh-7.9p1-orig/Makefile openssh-7.9p1-bsd/Makefile
--- openssh-7.9p1-orig/Makefile	Fri Mar 22 11:58:54 2019
+++ openssh-7.9p1-bsd/Makefile	Thu Mar 21 12:48:15 2019
@@ -44,7 +44,7 @@
 CPPFLAGS=-I. -I$(srcdir)  -I/usr/local/heimdal/include -I/usr/local/include -I/usr/local/heimdal/include -I/usr/local/include $(PATHS) -DHAVE_CONFIG_H
 LIBS=-lcrypto -lutil -lz 
 K5LIBS=-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/local/heimdal/lib -L/usr/local/heimdal/lib -lkrb5
-GSSLIBS=-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/local/heimdal/lib -L/usr/local/heimdal/lib -lgssapi
+GSSLIBS=-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/local/heimdal/lib -L/usr/local/lib -L/usr/local/heimdal/lib -lgssapi
diff -ur openssh-7.9p1-orig/config.h openssh-7.9p1-bsd/config.h
--- openssh-7.9p1-orig/config.h	Fri Mar 22 11:49:45 2019
+++ openssh-7.9p1-bsd/config.h	Fri Mar 22 10:39:12 2019
@@ -764,7 +764,7 @@
 /* #undef HAVE_KRB5_CC_NEW_UNIQUE */
 /* Define to 1 if you have the `krb5_free_error_message' function. */
 /* Define to 1 if you have the `krb5_get_error_message' function. */
diff -ur openssh-7.9p1-orig/config.status openssh-7.9p1-bsd/config.status
--- openssh-7.9p1-orig/config.status	Fri Mar 22 11:58:53 2019
+++ openssh-7.9p1-bsd/config.status	Thu Mar 21 12:36:43 2019
@@ -433,7 +433,7 @@
 This config.status script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it."
 INSTALL='/usr/bin/install -c'
 MKDIR_P='./install-sh -c -d'
diff -ur openssh-7.9p1-orig/openbsd-compat/port-aix.c openssh-7.9p1-bsd/openbsd-compat/port-aix.c
--- openssh-7.9p1-orig/openbsd-compat/port-aix.c	Wed Oct 17 02:01:20 2018
+++ openssh-7.9p1-bsd/openbsd-compat/port-aix.c	Fri Mar 22 10:28:35 2019
@@ -26,6 +26,7 @@
 #include "includes.h"
+#ifdef _AIX
 #include "xmalloc.h"
 #include "sshbuf.h"
 #include "ssherr.h"
@@ -36,7 +37,6 @@
 #include "ssh_api.h"
 #include "log.h"
-#ifdef _AIX
 #include <errno.h>
 #if defined(HAVE_NETDB_H)

More information about the openssh-unix-dev mailing list