Call for testing: OpenSSH 6.8
Michael Felt
aixtools at gmail.com
Sat Feb 28 01:19:03 AEDT 2015
New test - using AIX 5.3 TL7 - but against libressl-2.1.4
configure: creating ./config.status
config.status: creating Makefile
config.status: creating buildpkg.sh
config.status: creating opensshd.init
config.status: creating openssh.xml
config.status: creating openbsd-compat/Makefile
config.status: creating openbsd-compat/regress/Makefile
config.status: creating survey.sh
config.status: creating config.h
config.status: config.h is unchanged
OpenSSH has been configured with the following options:
User binaries: /opt/bin
System binaries: /opt/sbin
Configuration files: /opt/etc
Askpass program: /opt/libexec/ssh-askpass
Manual pages: /opt/share/man/manX
PID file: /opt/etc
Privilege separation chroot path: /var/empty
sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/opt/bin
Manpage format: man
PAM support: no
OSF SIA support: no
KerberosV support: no
SELinux support: no
Smartcard support:
S/KEY support: no
MD5 password support: no
libedit support: no
Solaris process contract support: no
Solaris project support: no
IP address in $DISPLAY hack: no
Translate v4 in v6 hack: no
BSD Auth support: no
Random number source: OpenSSL internal ONLY
Privsep sandbox style: rlimit
Host: powerpc-ibm-aix5.3.0.0
Compiler: xlc
Compiler flags: -g
Preprocessor flags: -I/opt/libressl/include
Linker flags: -L/opt/libressl/lib -blibpath:/usr/lib:/lib
Libraries: -lcrypto -lz
One problem coming directly is that the -L flag (-L/opt/libressl/lib is not
being included in the -blibpath so the programs link, but do not run.
I am sure there is a way for me to modify the blibpath - BUT - I ask you do
consider inserting an openssl-dir path when it is not
already in the blibpath variable.
rm ssh
make
xlc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o
sshconnect1.o sshconnect2.o mux.o roaming_common.o roaming_client.o -L.
-Lopenbsd-compat/ -L/opt/libressl/lib -blibpath:/usr/lib:/lib -lssh
-lopenbsd-compat -lcrypto -lz
root at x064:[/data/prj/openbsd/openssh/openssh]dump -H ssh
ssh:
***Loader Section***
Loader Header Information
VERSION# #SYMtableENT #RELOCent LENidSTR
0x00000001 0x0000014a 0x0000075a 0x0000003b
#IMPfilID OFFidSTR LENstrTBL OFFstrTBL
0x00000003 0x00007748 0x00000c6d 0x00007783
***Import File Strings***
INDEX PATH BASE
MEMBER
0
/usr/lib:/lib
1 libc.a
shr.o
2 libcrypto.a
libcrypto.so.32
root at x064:[/data/prj/openbsd/openssh/openssh]ldd ssh
ssh needs:
/usr/lib/libc.a(shr.o)
/usr/lib/libcrypto.a(libcrypto.so.32)
ar: 0707-109 Member name libcrypto.so.32 does not exist.
dump: /tmp/tmpdir733264/extract/libcrypto.so.32: 0654-106 Cannot open the
specified file.
/unix
/usr/lib/libcrypt.a(shr.o)
Modified blibpath:
xlc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o
sshconnect1.o sshconnect2.o mux.o roaming_common.o roaming_client.o -L.
-Lopenbsd-compat/ -L/opt/libressl/lib -blibpath:/opt/libressl/
lib:/usr/lib:/lib -lssh -lopenbsd-compat -lcrypto -lz
root at x064:[/data/prj/openbsd/openssh/openssh]ldd ssh
ssh needs:
/usr/lib/libc.a(shr.o)
/opt/libressl/lib/libcrypto.a(libcrypto.so.32)
/unix
/usr/lib/libcrypt.a(shr.o)
/usr/lib/libperfstat.a(shr.o)
/usr/lib/libpthread.a(shr_xpg5.o)
/usr/lib/libpthreads.a(shr_xpg5.o)
/usr/lib/libcfg.a(shr.o)
/usr/lib/libodm.a(shr.o)
/usr/lib/liblvm.a(shr.o)
/usr/lib/libpthreads.a(shr_comm.o)
This can be corrected with LIBPATH
root at x064:[/data/prj/openbsd/openssh/openssh]ldd
ssh
ssh needs:
/usr/lib/libc.a(shr.o)
/usr/lib/libcrypto.a(libcrypto.so.32)
ar: 0707-109 Member name libcrypto.so.32 does not exist.
dump: /tmp/tmpdir733294/extract/libcrypto.so.32: 0654-106 Cannot open the
specified file.
/unix
/usr/lib/libcrypt.a(shr.o)
root at x064:[/data/prj/openbsd/openssh/openssh]LIBPATH=/opt/libressl/lib ldd
ssh
ssh needs:
/usr/lib/libc.a(shr.o)
/opt/libressl/lib/libcrypto.a(libcrypto.so.32)
/unix
/usr/lib/libcrypt.a(shr.o)
/usr/lib/libperfstat.a(shr.o)
/usr/lib/libpthread.a(shr_xpg5.o)
/usr/lib/libpthreads.a(shr_xpg5.o)
/usr/lib/libcfg.a(shr.o)
/usr/lib/libodm.a(shr.o)
/usr/lib/liblvm.a(shr.o)
/usr/lib/libpthreads.a(shr_comm.o)
I shall use LIBPATH - and post - I expect all test successful - later.
On Fri, Feb 27, 2015 at 2:07 PM, Michael Felt <aixtools at gmail.com> wrote:
> Update - for AIX 6.1 TL9 -
> configure: creating ./config.status
> config.status: creating Makefile
> config.status: creating buildpkg.sh
> config.status: creating opensshd.init
> config.status: creating openssh.xml
> config.status: creating openbsd-compat/Makefile
> config.status: creating openbsd-compat/regress/Makefile
> config.status: creating survey.sh
> config.status: creating config.h
>
> OpenSSH has been configured with the following options:
> User binaries: /opt/bin
> System binaries: /opt/sbin
> Configuration files: /opt/etc
> Askpass program: /opt/libexec/ssh-askpass
> Manual pages: /opt/share/man/manX
> PID file: /var/run
> Privilege separation chroot path: /var/empty
> sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/opt/bin
> Manpage format: man
> PAM support: no
> OSF SIA support: no
> KerberosV support: no
> SELinux support: no
> Smartcard support:
> S/KEY support: no
> MD5 password support: no
> libedit support: no
> Solaris process contract support: no
> Solaris project support: no
> IP address in $DISPLAY hack: no
> Translate v4 in v6 hack: no
> BSD Auth support: no
> Random number source: OpenSSL internal ONLY
> Privsep sandbox style: rlimit
>
> Host: powerpc-ibm-aix6.1.0.0
> Compiler: xlc
> Compiler flags: -g
> Preprocessor flags:
> Linker flags: -blibpath:/usr/lib:/lib
> Libraries: -lcrypto -lz
>
> michael at x071:[/home/michael]lslpp -L | grep ssl
> openssl.base 1.0.1.510 C F Open Secure Socket Layer
> openssl.man.en_US 1.0.1.510 C F Open Secure Socket Layer
>
> ...
> tests && echo all tests passed
> make[1]: Entering directory `/data/prj/openbsd/openssh/openssh/regress'
> set -e ; if test -z "" ; then \
>
> /data/prj/openbsd/openssh/openssh/regress/unittests/sshbuf/test_sshbuf ; \
>
> /data/prj/openbsd/openssh/openssh/regress/unittests/sshkey/test_sshkey \
> -d
> /data/prj/openbsd/openssh/openssh/regress/unittests/sshkey/testdata ; \
>
> /data/prj/openbsd/openssh/openssh/regress/unittests/bitmap/test_bitmap ; \
> /data/prj/openbsd/openssh/openssh/regress/unittests/kex/test_kex ;
> \
>
> /data/prj/openbsd/openssh/openssh/regress/unittests/hostkeys/test_hostkeys \
> -d
> /data/prj/openbsd/openssh/openssh/regress/unittests/hostkeys/testdata ; \
> fi
> test_sshbuf:
> ...................................................................................................
> 100 tests ok
> test_sshkey:
> .............................................................................................
>
> ...
> many minutes later ...
> ...
> learn new primary hostkey
> rotate primary hostkey
> check rotate primary hostkey
> ok hostkey rotate
> make[1]: Leaving directory `/data/prj/openbsd/openssh/openssh/regress'
> all tests passed
>
>
>
> On Thu, Feb 19, 2015 at 11:45 PM, Damien Miller <djm at mindrot.org> wrote:
>
>> On Fri, 20 Feb 2015, Damien Miller wrote:
>>
>> > Hi,
>> >
>> > OpenSSH 6.8 is almost ready for release, so we would appreciate testing
>> > on as many platforms and systems as possible. This release contains
>> > some substantial new features and a number of bugfixes.
>>
>> ...
>>
>> > * ssh(1), sshd(8): Host key rotation support. Add a protocol
>> > extension for a server to inform a client of all its available
>> > host keys after authentication has completed. The client may
>> > record the keys in known_hosts, allowing it to upgrade to better
>> > host key algorithms and a server to gracefully rotate its keys.
>> >
>> > The client side of this is controlled by a UpdateHostkeys config
>> > option (default on).
>>
>> Actually, the default is off. You can enable it using UpdateHostKeys=yes
>> or UpdateHostKeys=ask
>>
>> -d
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>>
>
>
More information about the openssh-unix-dev
mailing list