On Thu, 26 Feb 2015, Damien Miller wrote:> > Yes I saw that later. > > > > The testsuite build fails on Solaris 2.6 thusly: > [...] > > regress/netcat.c:1037: error: 'struct msghdr' has no member named > > 'msg_control' > > ah, looks like we need to copy some bits from monitor_fdpass.cPerhaps like this: diff --git regress/netcat.c regress/netcat.c index 3f100bd..29e85bf 100644 --- regress/netcat.c +++ regress/netcat.c @@ -1014,43 +1014,44 @@ fillbuf(int fd, unsigned char *buf, size_t *bufpos) void fdpass(int nfd) { - struct msghdr mh; +#if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) + struct msghdr msg; +#ifndef HAVE_ACCRIGHTS_IN_MSGHDR union { struct cmsghdr hdr; char buf[CMSG_SPACE(sizeof(int))]; } cmsgbuf; struct cmsghdr *cmsg; - struct iovec iov; - char c = '\0'; - ssize_t r; +#endif + struct iovec vec; + char ch = '\0'; struct pollfd pfd; + ssize_t r; - /* Avoid obvious stupidity */ - if (isatty(STDOUT_FILENO)) - errx(1, "Cannot pass file descriptor to tty"); - - bzero(&mh, sizeof(mh)); - bzero(&cmsgbuf, sizeof(cmsgbuf)); - bzero(&iov, sizeof(iov)); - bzero(&pfd, sizeof(pfd)); - - mh.msg_control = (caddr_t)&cmsgbuf.buf; - mh.msg_controllen = sizeof(cmsgbuf.buf); - cmsg = CMSG_FIRSTHDR(&mh); + memset(&msg, 0, sizeof(msg)); +#ifdef HAVE_ACCRIGHTS_IN_MSGHDR + msg.msg_accrights = (caddr_t)&nfd; + msg.msg_accrightslen = sizeof(nfd); +#else + memset(&cmsgbuf, 0, sizeof(cmsgbuf)); + msg.msg_control = (caddr_t)&cmsgbuf.buf; + msg.msg_controllen = sizeof(cmsgbuf.buf); + cmsg = CMSG_FIRSTHDR(&msg); cmsg->cmsg_len = CMSG_LEN(sizeof(int)); cmsg->cmsg_level = SOL_SOCKET; cmsg->cmsg_type = SCM_RIGHTS; *(int *)CMSG_DATA(cmsg) = nfd; +#endif - iov.iov_base = &c; - iov.iov_len = 1; - mh.msg_iov = &iov; - mh.msg_iovlen = 1; + vec.iov_base = &ch; + vec.iov_len = 1; + msg.msg_iov = &vec; + msg.msg_iovlen = 1; bzero(&pfd, sizeof(pfd)); pfd.fd = STDOUT_FILENO; for (;;) { - r = sendmsg(STDOUT_FILENO, &mh, 0); + r = sendmsg(STDOUT_FILENO, &msg, 0); if (r == -1) { if (errno == EAGAIN || errno == EINTR) { pfd.events = POLLOUT; @@ -1065,6 +1066,9 @@ fdpass(int nfd) break; } exit(0); +#else + errx(1, "%s: file descriptor passing not supported", __func__); +#endif } /* Deal with RFC 854 WILL/WONT DO/DONT negotiation. */
On 26/02/15 01:27, Damien Miller wrote:> On Thu, 26 Feb 2015, Damien Miller wrote: > >>> Yes I saw that later. >>> >>> The testsuite build fails on Solaris 2.6 thusly: >> [...] >>> regress/netcat.c:1037: error: 'struct msghdr' has no member named >>> 'msg_control' >> >> ah, looks like we need to copy some bits from monitor_fdpass.c > > Perhaps like this: ><snip> Seems to work. Tested it with Solaris 2.6 and 9. ssh-keygen still segfaults in keygen-change.sh. It works for ssh-ed25519 but the other types segfault. ssh-keygen -p failed for ssh-rsa-key ssh-keygen -p failed for ssh-dss-key ssh-keygen -p failed for ecdsa-sha2-nistp256-key ssh-keygen -p failed for ecdsa-sha2-nistp384-key ssh-keygen -p failed for ecdsa-sha2-nistp521-key Example: Core was generated by `/export/home/tgc/buildpkg/openssh/src/openssh-git/ssh-keygen -p -P secret1 -N 2'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0xfedb4b14 in strlen () from /usr/lib/libc.so.1 (gdb) bt #0 0xfedb4b14 in strlen () from /usr/lib/libc.so.1 #1 0xfee07a20 in _doprnt () from /usr/lib/libc.so.1 #2 0xfee095e0 in printf () from /usr/lib/libc.so.1 #3 0x00054650 in do_change_passphrase (pw=pw at entry=0x92b04) at ssh-keygen.c:1279 #4 0x000593c0 in main (argc=0, argv=0xffbfe6ac) at ssh-keygen.c:2530 (gdb) fram 3 #3 0x00054650 in do_change_passphrase (pw=pw at entry=0x92b04) at ssh-keygen.c:1279 1279 printf("Key has comment '%s'\n", comment); (gdb) print comment $1 = 0x0 (gdb) $ ./ssh-keygen -q -N secret1 -t ssh-rsa -f /tmp/sshkey $ ./ssh-keygen -p -P secret1 -N 2secret -f /tmp/sshkey Segmentation Fault (core dumped) $ They key seems to be fine though, ssh-keygen from 6.7p1 has no problems with it: $ ssh-keygen -p -P secret1 -N 2secret -f /tmp/sshkey Key has comment 'rsa w/o comment' Your identification has been saved with the new passphrase. $ -tgc
On Thu, 26 Feb 2015, Tom G. Christensen wrote:> Seems to work. Tested it with Solaris 2.6 and 9. > > ssh-keygen still segfaults in keygen-change.sh. > It works for ssh-ed25519 but the other types segfault.Thanks for the backtrace:> #3 0x00054650 in do_change_passphrase (pw=pw at entry=0x92b04) at > ssh-keygen.c:1279I've commited this fix: diff --git ssh-keygen.c ssh-keygen.c index 4a5c402..facee42 100644 --- ssh-keygen.c +++ ssh-keygen.c @@ -1276,7 +1276,8 @@ do_change_passphrase(struct passwd *pw) identity_file, ssh_err(r)); exit(1); } - printf("Key has comment '%s'\n", comment); + if (comment) + printf("Key has comment '%s'\n", comment); /* Ask the new passphrase (twice). */ if (identity_new_passphrase) {
On Thu, 26 Feb 2015, Damien Miller wrote: | On Thu, 26 Feb 2015, Damien Miller wrote: | | > > Yes I saw that later. | > > | > > The testsuite build fails on Solaris 2.6 thusly: | > [...] | > > regress/netcat.c:1037: error: 'struct msghdr' has no member named | > > 'msg_control' | > | > ah, looks like we need to copy some bits from monitor_fdpass.c | | Perhaps like this: | | diff --git regress/netcat.c regress/netcat.c [snip] Netcat now builds on OmniOS and Solaris Express Community Edition. I'll try it on my Solaris 10 machine the next time I power it up. -- Tim Rice Multitalents (707) 456-1146 tim at multitalents.net
On Thu, 26 Feb 2015, Tim Rice wrote:> Netcat now builds on OmniOS and Solaris Express Community Edition. > I'll try it on my Solaris 10 machine the next time I power it up.Thanks - it's not worse at least, so I've committed and pushed it.