On 7/12/2011 8:33 PM, Bryan wrote:> I did this as a project back in the early 2002, and I had a nice
> little how-to to walk me through it. Many work places and moves, and
> I've lost it. I have a friend who asked me about this recently, and I
> can't seem to find anything on the web, or the how-to I used (not
> surprised).
>
> If I remember correctly, you needed an up-to-date zlib, egd (or prng),
> OpenSSL, tcpwrappers, and OpenSSH.
>
> Have I forgotten anything? I remember you had to build zlib, then
> egd, then it gets fuzzy.
>
> He wants to enable FIPS as well. I've built OpenSSL/OpenSSH with fips
> for Windows, but is something like that possible with HP-UX?
>
> if anyone has a how-to with directions, my friend (and I) would
> appreciate. I don't have access to that horrid OS anymore, so I
can't
> help him short of what I gave him... which isn't much..
For what it is worth, my configure/build scripts from OpenSSH-5.1
had this for HPUX, but I never build 5.1 for HP. The scripts where
carried over from previous versions and still had the HP parameters:
[...]
MYCFLAGS="-O"
MYCPPFLAGS=""
MYLDFLAGS=""
MYPAM="yes"
MYRAND=""
{...]
MYK5= (to krb5 directory)
MYZLIB= (to zlib)
MYWRAPPER= (to wrapper)
MYSSL= (to OpenSSL)
[...]
# configure tests SSL and Kerberos and we need to make sure
# the libs we want to build against are in LD_LIBRARY_PATH
# Note: on Linux LD_LIBRARY_PATH does not override -rpath!!!
# This can cause problems in configure testing the header and libs
# and both 0.9.7d and 0.9.7e are called 0.9.7
# hp_ux102 has similar problems.
LD_LIBRARY_PATH=$MYSSL/lib:$MYK5/lib
SHLIB_PATH=$MYSSL/lib:$MYK5/lib
LIBPATH=$MYSSL/lib:$MYK5/lib
DYLD_LIBRARY_PATH=$MYSSL/lib:$MYK5/lib
export LD_LIBRARY_PATH
export SHLIB_PATH
export LIBPATH
export DYLD_LIBRARY_PATH
[...]
case $SYS in
[... other system types]
hp_ux102)
MYLDFLAGS="$MYLDFLAGS -Wl,+vnocompatwarnings,+b,/krb5/lib
-Wl,+cdp,$MYSSL/lib:/krb5/lib,+cdp,$MYK5/lib:/krb5/lib"
MYWRAPPER="no"
MYRAND=""
MYPAM="no"
MYCPPFLAGS="$MYCPPFLAGS -DUNSUPPORTED_POSIX_THREADS_HACK
-D__hpux"
;;
hp_ux*)
MYLDFLAGS="$MYLDFLAGS -Wl,+vnocompatwarnings,+b,/krb5/lib
-Wl,+cdp,$MYSSL/lib:/krb5/lib,+cdp,$MYK5/lib:/krb5/lib"
MYWRAPPER="no"
MYRAND="--with-prngd-socket=yes"
MYCPPFLAGS="$MYCPPFLAGS -DUNSUPPORTED_POSIX_THREADS_HACK
-D__hpux"
;;
ia64_hpux112*)
MYLDFLAGS="$MYLDFLAGS -Wl,+vnocompatwarnings,+b,/krb5/lib
-Wl,+cdp,$MYSSL/lib:/krb5/lib,+cdp,$MYK5/lib:/krb5/lib"
MYWRAPPER="no"
MYRAND="--with-prngd-socket=yes"
# hpux 11.23 had xom.h, used to need to fix rpcsec_gss.h
# MYCPPFLAGS="$MYCPPFLAGS -DUSE_POSIX_THREADS -D__hpux
-Dgss_OID_desc_struct=OM_object_identifier"
MYCPPFLAGS="$MYCPPFLAGS -DUNSUPPORTED_POSIX_THREADS_HACK
-D__hpux"
;;
esac
[...]
../src/configure \
--with-cflags="$MYCFLAGS" \
--with-ldflags="$MYLDFLAGS" \
--with-cppflags="$MYCPPFLAGS" \
--prefix=/krb5 \
--sysconfdir=/etc/ssh \
--localstatedir=/var \
--with-zlib=$MYZLIB \
--with-ssl-dir=$MYSSL \
--with-kerberos5=$MYK5 \
--with-tcp-wrappers=$MYWRAPPER \
--with-mantype=man \
--with-pam=$MYPAM \
--with-rsh=/krb5/bin/rsh \
$MYRAND \
--with-rpath=no \
--disable-suid-ssh
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444