bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-12 14:38 UTC
[Bug 2465] New: openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 Bug ID: 2465 Summary: openssh portable does not check if arc4random_buf is declared in the system headers? Product: Portable OpenSSH Version: 7.1p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: Build system Assignee: unassigned-bugs at mindrot.org Reporter: busterb at gmail.com Hi, I got this report about the build process of openssh portable only checking if arc4random_buf links, not if it is declared in a header. It should probably ensure that the function exists in a header and set the local compatibility header define appropriately. https://github.com/libressl-portable/portable/issues/109 Thanks! -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-13 04:12 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- So libressl implements this but doesn't provide a prototype for it? IMO that's broken - it should use symbol visibility to hide functions that it uses internally but doesn't intend to provide to library users. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-13 10:19 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 --- Comment #2 from Brent Cook <busterb at gmail.com> --- We could perhaps conditionally provide a prototype, but it would be in a nonstandard location. It would be better if programs did not have to guess whether arc4random_buf is in stdlib.h or some random libressl header, no? In other words, even if we did expose the prototype, I believe openssh would still have to do a header check to see if it is stdlib.h or elsewhere. The symbol export is intentional, as the arc4random_buf in libcrypto then shared between libssl, openssl(1) and libtls. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-13 23:36 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 --- Comment #3 from Damien Miller <djm at mindrot.org> --- I was wondering why this was causing problems at all - normally we wouldn't pick up these symbols from libcrypto because most library tests are done only against libc. So I checked this history to see why these were done late:> commit 00f9cd230709c04399ef5ff80492d70a55230694 > Author: Damien Miller <djm at mindrot.org> > Date: Tue Jul 15 10:41:38 2014 +1000 > > - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto > has been located; fixes builds agains libressl-portableSo this used to work. What changed? IMO if you're going to provide replacements for functions usually in libc, then you should provide prototypes for them too. You can't expect programs to pick up your symbols but provide their own prototypes - what if your prototype doesn't match ours? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Oct-05 20:27 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Created attachment 2721 --> https://bugzilla.mindrot.org/attachment.cgi?id=2721&action=edit unconditionally define prototypes for libressl -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Oct-05 21:52 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2721|0 |1 is obsolete| | --- Comment #5 from Damien Miller <djm at mindrot.org> --- Created attachment 2722 --> https://bugzilla.mindrot.org/attachment.cgi?id=2722&action=edit fixed diff -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Oct-23 02:38 UTC
[Bug 2465] openssh portable does not check if arc4random_buf is declared in the system headers?
https://bugzilla.mindrot.org/show_bug.cgi?id=2465 --- Comment #6 from Damien Miller <djm at mindrot.org> --- could you please try the patch on this bug and see if it fixes things for you? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Reasonably Related Threads
- Regarding the optional OpenSSL integration for the portable version
- openssh portable and libressl portable cause recursion between arc4random and RAND_bytes
- v2.2.28: patches (to use libressl 2.4.5) and test error (strftime)
- [PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
- v2.2.28: patches (to use libressl 2.4.5) and test error (strftime)