similar to: openssh 6.5p1 configure and ssl location/shared

these days many unix-based systems contain crypt() with more than DES support (for instance, MD5 in freebsd/openbsd/netbsd, bcrypt in openbsd/netbsd). we need to use crypt() in libcrypt, not in licrypto, as much as possible. itojun --- configure.ac.orig Tue Jun 25 10:56:47 2002 +++ configure.ac Tue Jun 25 10:57:25 2002 @@ -697,6 +702,9 @@ ) fi +# use libcrypt if there is

Hello, I am trying to compile openssh v6.5p1 with openssl-1.0.1f and it doesn't seem to find my custom openssl libraries and defaults to the system version. This has been working on all previous openssh version until v6.5. Is this a bug ? More details below: [root at test openssh-6.5p1]# ./configure --prefix=/usr/local/openssh-6.5p1 --with-tcp-wrappers --with-selinux --with-kerberos5

Anyone see any reason not to add these extra compiler/linker flags if they're supported? Index: aclocal.m4 =================================================================== RCS file: /home/dtucker/openssh/cvs/openssh/aclocal.m4,v retrieving revision 1.8 diff -u -p -r1.8 aclocal.m4 --- aclocal.m4 20 May 2011 01:45:25 -0000 1.8 +++ aclocal.m4 17 Dec 2012 03:56:32 -0000 @@ -21,6 +21,23 @@

Hi all. Any reason not to turn these on if the system supports them? They're cheap but not free (a bit under 1% slower to run the complete regress suite in a completely unscientific test). They're based on info from these places: https://wiki.ubuntu.com/ToolChain/CompilerFlags http://wiki.debian.org/Hardening http://www.gentoo.org/proj/en/hardened/gnu-stack.xml and I've attempted to

On Thu, Jun 07, 2018 at 06:14:42PM -0700, PGNet Dev wrote: > On 6/7/18 6:08 PM, Darren Tucker wrote: > > Well the intent is you should be able to set CC and LD to whatever you > > want as long as they work. In this case, the OSSH_CHECK_LDFLAG_LINK > > test invokes autoconf's AC_LINK_IFELSE with uses CC not LD. I'm not > > sure what to do about it yet though. I

hi all, > configure fails w/: > > ... > checking whether getpgrp requires zero arguments... yes > checking OpenSSL header version... not found > configure: error: OpenSSL version header not found. i first suspected the 'culprit' to be the following stanza in "contrib/findssl.sh": ... echo Searching for OpenSSL header files. if [ -x "`which

http://bugzilla.mindrot.org/show_bug.cgi?id=168 Summary: "Could not find working OpenSSL library" Product: Portable OpenSSH Version: older versions Platform: All OS/Version: All Status: NEW Severity: minor Priority: P1 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:21.openssl Security Advisory The FreeBSD Project Topic: Potential SSL 2.0 rollback Category: contrib Module: openssl Announced: 2005-10-11

Hi, Here is the gdb output. Arvid GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show

Below I've includes a patch which helps build OpenSSH outside from a read-only source tree, find OpenSSL on Mac OS X, and fix a typo. This applies to OpenSSH 2.1.1p4. You should already have gotten a note from Melissa O'Neil about a conflict with the crc32() symbol in zlib, which was causing a crash on Darwin. I've noticed another bug. If ssh is setuid, I get a permission

In opus-tools, the current PIE configure test assumes that the opus headers have been installed under the default header search path of the compiler. This isn't necessarily the case (/usr/local, /opt, ...). Straightforward fix: --- configure.ac.orig Thu Jun 12 02:11:24 2014 +++ configure.ac Wed Jan 27 16:50:22 2016 @@ -261,11 +261,11 @@ saved_CFLAGS="$CFLAGS"

Hi, I switched back to 2.2.27 with the same config that I am using for 2.2.32 and it work fine. Sep 11 11:49:37 imap-login: Info: Login: user=<viboge>, method=PLAIN, rip=88.89.118.45, lip=148.123.160.116, mpid=18709, TLS, session=<v7o22OZYrsdYWXYt> Sep 11 11:49:40 imap(mailuser) Session-ID v7o22OZYrsdYWXYt RemoteIP 88.89.118.45 Maildir /var/nextmail/nfs2.flex14/49/79/841 Info:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:05.openssl Security Advisory The FreeBSD Project Topic: Denial-of-service vulnerability in OpenSSL Category: crypto Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:05.openssl Security Advisory The FreeBSD Project Topic: Denial-of-service vulnerability in OpenSSL Category: crypto Module: openssl Announced:

Hi, I'm in the process of migrating from clang5 to clang10. Unfortunately clang10 introduced a negative performance impact. The cause is an increase of PLT entries from this patch (first released in clang7): https://bugs.llvm.org/show_bug.cgi?id=36370 https://reviews.llvm.org/D43383 If I revert that clang patch locally, the additional PLT entries and the performance impact disappear. This

Hi there, When I compile my code with -fdata-sections and -ffunction-sections, I still see some unused string in my shared library (Android). Actually, the strings appear together inside a .rodata.str1.1 section instead of getting their own section. It seems that the C-string literal are considered differently than other constant and the -fdata-sections is not respected in

---------- Forwarded message ---------- Date: Fri, 18 Jan 2013 10:19:35 +1100 (EST) From: Damien Miller <djm at mindrot.org> To: Iain Morgan <Iain.Morgan at nasa.gov> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Thu, 17 Jan 2013, Iain Morgan wrote: > > Could you tell me the declaration of the function pointer do_cipher in > > OpenSSL's evp.h on your

> You used -noinhibit-exec to ignore the diagnostic, which is usually a bad thing. I certainly agree with that. The point I was trying to make in my original email is that, specifically for kernel objects, this diagnostic is incorrect. R_X86_64_PC32 can be used safely against the symbol foo in that specific context, and should be possible without ignoring diagnostics. I wondered if there

Hi, we got a report on the Cygwin mailing list showing that there's a spurious error message when using the -W option. This didn't occur with OpenSSH 6.4p1. Here's an example: $ ssh machine1 -W machine2:22 getsockname failed: Bad file descriptor SSH-2.0-OpenSSH_6.1 The error message is a result of getsockname being called with a file descriptor -1. The call stack at the

https://bugzilla.mindrot.org/show_bug.cgi?id=2202 Bug ID: 2202 Summary: [ DRAFT PATCH ] - FIPS 140-2 patch for OpenSSH 6.5p1 Product: Portable OpenSSH Version: 6.5p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: Miscellaneous Assignee: