netbsd-bugs: pkg/10681: 20000722 openssh 2.1.1p4 upgrade breaks with RSA

Subject: pkg/10681: 20000722 openssh 2.1.1p4 upgrade breaks with RSA
To: None <gnats-bugs@gnats.netbsd.org>
From: None <Erich.T.Enke@wheaton.edu>
List: netbsd-bugs
Date: 07/25/2000 17:59:29
>Number:         10681
>Category:       pkg
>Synopsis:       openssh was upgraded 3 days ago, breaking(?) RSA
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 25 18:00:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Erich T. Enke
>Release:        July 24 pkgsrc
>Organization:
	
>Environment:
	
System: NetBSD scilab3.wheaton.edu 1.4.1 NetBSD 1.4.1 (SCILAB) #0: Wed Oct 13 12:56:12 CDT 1999 jdarrow@abigail.wheaton.edu:/var/src/sys/arch/i386/compile/SCILAB i386
(But all the action is on a 1.5_ALPHA machine)


>Description:
	openssh has historically had problems with RSA (cf. pr #9820).
	Previous fixes for RSA were centered around the Makefile.in.
	During the upgrade, this change was made:
	    * Check for usable installed version of OpenSSL.  This bit
	    possibly closes the following PRs: 10404, 10501, 10593
	without concern for the RSA matters.  Hence, config fails with:

checking for OpenSSL directory... configure: error: Could not find working
SSLeay / OpenSSL libraries, please install
*** Error code 1

	caused by (from config.log):

configure:2795: cc -o conftest -O2 -Wall -I/usr/pkg/include -Wl,-R/usr/pkg/lib -L/usr/pkg/lib -Wl,-R/usr/pkg/lib -L/usr/pkg/ lib -L/usr/pkg/lib -L/usr/pkg -R/usr/pkg/lib -R/usr/pkg conftest.c -lz  -lutil -lcrypto 1>&5

/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomUpdate'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_GetRandomBytesNeeded'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPrivateDecrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPublicEncrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomFinal'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPrivateEncrypt'
/usr/pkg/lib/libcrypto.so: undefined reference to `R_RandomInit'
/usr/pkg/lib/libcrypto.so: undefined reference to `RSAPublicDecrypt'
collect2: ld returned 1 exit status
configure: failed program was:
#line 2781 "configure"
#include "confdefs.h"

#include <string.h>
#include <openssl/rand.h>
int main(void) 
{
	char a[2048];
	memset(a, 0, sizeof(a));
	RAND_add(a, sizeof(a), sizeof(a));
	return(RAND_status() <= 0);
}

	
>How-To-Repeat:
	cd /usr/pkgsrc/security/openssh
	make
	
>Fix:
	workaround: patch configure.in:

--- configure.in.old    Tue Jul 25 10:01:25 2000
+++ configure.in        Tue Jul 25 10:02:02 2000
@@ -106,6 +106,7 @@
        ;;
 *-*-netbsd*)
        need_dash_r=1
+       LIBS="$LIBS -lRSAglue -lrsaref"
        ;;
 *-next-*)
        # hardwire lastlog location (can't detect it on some versions)

	This gives warnings, but at least keeps building.

	
>Release-Note:
>Audit-Trail:
>Unformatted: