Subject: pkg/10681: 20000722 openssh 2.1.1p4 upgrade breaks with RSA
To: None <gnats-bugs@gnats.netbsd.org>
From: None <Erich.T.Enke@wheaton.edu>
List: netbsd-bugs
Date: 07/25/2000 17:59:29
>Number: 10681
>Category: pkg
>Synopsis: openssh was upgraded 3 days ago, breaking(?) RSA
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jul 25 18:00:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Erich T. Enke
>Release: July 24 pkgsrc
>Organization:
>Environment:
System: NetBSD scilab3.wheaton.edu 1.4.1 NetBSD 1.4.1 (SCILAB) #0: Wed Oct 13 12:56:12 CDT 1999 jdarrow@abigail.wheaton.edu:/var/src/sys/arch/i386/compile/SCILAB i386
(But all the action is on a 1.5_ALPHA machine)
>Description:
openssh has historically had problems with RSA (cf. pr #9820).
Previous fixes for RSA were centered around the Makefile.in.
During the upgrade, this change was made:
* Check for usable installed version of OpenSSL. This bit
possibly closes the following PRs: 10404, 10501, 10593
without concern for the RSA matters. Hence, config fails with:
checking for OpenSSL directory... configure: error: Could not find working
SSLeay / OpenSSL libraries, please install
*** Error code 1
caused by (from config.log):
configure:2795: cc -o conftest -O2 -Wall -I/usr/pkg/include -Wl,-R/usr/pkg/lib -L/usr/pkg/lib -Wl,-R/usr/pkg/lib -L/usr/pkg/ lib -L/usr/pkg/lib -L/usr/pkg -R/usr/pkg/lib -R/usr/pkg conftest.c -lz -lutil -lcrypto 1>&5
/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomUpdate'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_GetRandomBytesNeeded'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPrivateDecrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPublicEncrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomFinal'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPrivateEncrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomInit'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPublicDecrypt'
collect2: ld returned 1 exit status
configure: failed program was:
#line 2781 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
>How-To-Repeat:
cd /usr/pkgsrc/security/openssh
make
>Fix:
workaround: patch configure.in:
--- configure.in.old Tue Jul 25 10:01:25 2000
+++ configure.in Tue Jul 25 10:02:02 2000
@@ -106,6 +106,7 @@
;;
*-*-netbsd*)
need_dash_r=1
+ LIBS="$LIBS -lRSAglue -lrsaref"
;;
*-next-*)
# hardwire lastlog location (can't detect it on some versions)
This gives warnings, but at least keeps building.
>Release-Note:
>Audit-Trail:
>Unformatted: