Actually it really never was answered, but here's how I fixed (worked
around) it. At first I thought installing patch PHNE_27796 (libnss_dns
DNS backend patch) had fixed it. It didn't. It just flip-flopped the
problem. Prior to installing that patch, ssh would never go to DNS no
matter what was in nsswitch.conf. It appeared to only look in
/etc/hosts. After installing the patch, ssh would now only go to DNS,
no matter what was in nsswitch.conf. So if you had a test box that was
only in your local hosts file, you were SOL no matter what you had in
nsswitch.conf. Having ssh only go to DNS was better than the converse,
but it still was a problem.
The problem ultimately appears to be with the getaddrinfo that is
supplied with HP-UX 11i. In the ssh configure, it tries to see if
there's a getaddrinfo available. If so, it doesn't use the one in the
openbsd-compat directory (file is fake-rfc2553.[ch]). (this is what
11.00 automatically uses). Since 11i does have a getaddrinfo, it tries
to use that, but it appears to be broken. So I just added the following
lines to configure (around line 3782)
cat >>confdefs.h <<\EOF
#define BROKEN_GETADDRINFO 1
EOF
There's a whole bunch of these constructs there, I just cut-n-pasted,
ran the new configure, and presto, problem solved.
-Tom
>>> Tim Rice <tim at multitalents.net> 12/04/03 06:30PM
>>>
I can't remember if this was answered or not. (cleaning out old mail)
This might help.
http://bugzilla.mindrot.org/show_bug.cgi?id=748
On Tue, 28 Oct 2003, Tom Orban wrote:
>
> I posted a message about this problem late last week, never heard
> anything back, so I have to assume other folks did get a working ssh
> (3.7.1p2) binary built on HP-UX 11i. Just to refresh, my ssh package
> that I built on HP-UX 11i works fine, except that the ssh binary
doesn't> seem to go to DNS to resolve host names. So the only way I can ssh
to> other machines is to put their host entries in my /etc/hosts file,
or> type their IP address instead of the hostname on the command line.
> Since that's a really unsustainable workaround, I've grabbed the
3.7.1p2> ssh binary that I built on an hp-ux 11.00 box and use it with the
rest> of the package that I build on 11i. Ugly, but it seems to work.
[snip]
--
Tim Rice Multitalents (707) 887-1469
tim at multitalents.net
On Thu, 4 Dec 2003, Tom Orban wrote: [snip]> The problem ultimately appears to be with the getaddrinfo that is > supplied with HP-UX 11i. In the ssh configure, it tries to see if > there's a getaddrinfo available. If so, it doesn't use the one in the > openbsd-compat directory (file is fake-rfc2553.[ch]). (this is what > 11.00 automatically uses). Since 11i does have a getaddrinfo, it tries > to use that, but it appears to be broken. So I just added the following > lines to configure (around line 3782) > > cat >>confdefs.h <<\EOF > #define BROKEN_GETADDRINFO 1 > EOF >Is it safe to define BROKEN_GETADDRINFO on all HP-UX 11 machines? Ie. can we match *-*-hpux11* from config.guess? Or do some 11 machines work? [snip]> > >>> Tim Rice <tim at multitalents.net> 12/04/03 06:30PM >>> > > I can't remember if this was answered or not. (cleaning out old mail) > > This might help. > http://bugzilla.mindrot.org/show_bug.cgi?id=748 >[snip] -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
Well, as I said below, on HP-UX 11.00, there isn't a getaddrinfo library call provided by HP. So when configure runs, it doesn't find getaddrinfo at all, and tells config.h to use the getaddrinfo that's provided in openbsd-compat/fake-rfc2553.c. To be more specific, in config.h on HP-UX 11.00, this is how the relevent symbols are defined (or undef'd, as the case may be): /* #undef HAVE_GETADDRINFO */ /* #undef BROKEN_GETADDRINFO */ While on the HP-UX 11i ( or HP-UX 11.11) build, config.h has those symbols defined like so: #define HAVE_GETADDRINFO 1 #define BROKEN_GETADDRINFO 1 Actually, when I did a diff on the config.h's from the different OS builds, there's a bunch of related *INFO differences, where they're /* #undef'd */ in 11.00, and #define'd in the 11i config.h Some include FREEADDRINFO GETNAMEINFO, STRUCT_ADDRINFO, etc. If you want, I can send you a diff of them, or for that matter the config.h's from each build if that will help you. NOTE: the only reason I got BROKEN_GETADDRINFO defined to 1 in 11i is because of the little modification to the configure script that I describe below (adding that stuff to confdefs.h around line 3782). If you don't do that, you won't get BROKEN_GETADDRINFO defined on 11i, and you'll end up using HP's one, which appears to be fudged up. Hmmm... On the tie in from *-*-hpux11* to config.guess, I'm not following you. I don't find that symbol (hpux11) in config.guess at all. Perhaps you mean just to add the BROKEN_GETADDRINFO thing to configure for all hpux11 builds (like what I described below)? If so, I'd imagine that would work, since even though it would define BROKEN_GETADDRINFO to 1 for both 11.00 and 11i machines, it really wouldn't matter in 11.00, since I'm assuming that it would still end up with /* #undef HAVE_GETADDRINFO */. As long as HAVE_GETADDRINFO is NOT defined, I think everything should work, (since the getaddrinfo routines in openbsd-compat/fake-rfc2553.c will get built and linked. Is this what you were asking? To answer your 2nd question (or do some 11 machines work?) -- let me summarize: HP-UX 11.00: works with no modifications because it uses the getaddrinfo out of fake-rfc2553.c (because HP doesn't provide a getaddrinfo call) HP-UX 11i (or 11.11): does NOT work if you allow it to use HP's getaddrinfo. My solution was to make sure BROKEN_GETADDRINFO was defined. So is this what you were asking? -Tom>>> Tim Rice <tim at multitalents.net> 12/04/03 10:03PM >>>On Thu, 4 Dec 2003, Tom Orban wrote: [snip]> The problem ultimately appears to be with the getaddrinfo that is > supplied with HP-UX 11i. In the ssh configure, it tries to see if > there's a getaddrinfo available. If so, it doesn't use the one inthe> openbsd-compat directory (file is fake-rfc2553.[ch]). (this is what > 11.00 automatically uses). Since 11i does have a getaddrinfo, ittries> to use that, but it appears to be broken. So I just added thefollowing> lines to configure (around line 3782) > > cat >>confdefs.h <<\EOF > #define BROKEN_GETADDRINFO 1 > EOF >Is it safe to define BROKEN_GETADDRINFO on all HP-UX 11 machines? Ie. can we match *-*-hpux11* from config.guess? Or do some 11 machines work? [snip]> > >>> Tim Rice <tim at multitalents.net> 12/04/03 06:30PM >>> > > I can't remember if this was answered or not. (cleaning out oldmail)> > This might help. > http://bugzilla.mindrot.org/show_bug.cgi?id=748 >[snip] -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
On Fri, 5 Dec 2003, Tom Orban wrote:> > Well, as I said below, on HP-UX 11.00, there isn't a getaddrinfo > library call provided by HP. So when configure runs, it doesn't findSorry, missed that. Is 11.11 the first version that has it? What does ./config.guess say on the 2 machines? What does uname -r say on the 2 machines? What does uname -v say on the 2 machines? I'd rather not AC_DEFINE(BROKEN_GETADDRINFO) on a machine that does not have getaddrinfo. -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
>>> Tim Rice <tim at multitalents.net> 12/05/03 03:09PM >>>> Is 11.11 the first version that has it?As far as I know, yes. (there's some oddball HP releases that I can't speak to -- I believe like VVOS (Virtual Vault), and perhaps some others). As far as the "mainstream" production OS's, it went from 11.00 to 11.11 (or 11i). And yes, 11.11 is the first time getaddrinfo is included.> What does ./config.guess say on the 2 machines?On an 11.00 box: hppa2.0w-hp-hpux11.00 On the 11.11 box: hppa2.0w-hp-hpux11.11> What does uname -r say on the 2 machines?B.11.00 B.11.11 I'm assuming you can figure which is which :-)> What does uname -v say on the 2 machines?On the 11.00 box: A On the 11.11 box: U>I'd rather not AC_DEFINE(BROKEN_GETADDRINFO) on a machine >that does not have getaddrinfo.How much will it really matter? I believe the key symbol when compiling really is HAVE_GETADDRINFO. I think BROKEN_GETADDRINFO is only used to determine whether to undef HAVE_GETADDRINFO. (If I read what's going on in defines.h correctly) In either case, that seems more like a developer's call than an SA type (like myself). I just have to get it running. :-) -Tom
Tom Orban wrote:> How much will it really matter? I believe the key symbol when > compiling really is HAVE_GETADDRINFO. I think BROKEN_GETADDRINFO is > only used to determine whether to undef HAVE_GETADDRINFO.Defining BROKEN_GETADDRINFO will disable IPv6 support. Do you know if OpenSSH works with IPv6 on HP-UX 11.11 (ignoring the name resolution issues)? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Geez, you bring up a good issue. No, I have only run ssh on IPv4. -Tom>>> Darren Tucker <dtucker at zip.com.au> 12/07/03 03:10AM >>>Tom Orban wrote:> How much will it really matter? I believe the key symbol when > compiling really is HAVE_GETADDRINFO. I think BROKEN_GETADDRINFO is > only used to determine whether to undef HAVE_GETADDRINFO.Defining BROKEN_GETADDRINFO will disable IPv6 support. Do you know if OpenSSH works with IPv6 on HP-UX 11.11 (ignoring the name resolution issues)? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.