HEADS UP: OpenSSH with DNSSEC support in 10
Ian Lepore
ian at FreeBSD.org
Sat Sep 14 15:40:25 UTC 2013
On Sat, 2013-09-14 at 16:03 +0200, Dag-Erling Smørgrav wrote:
> Ian Lepore <ian at FreeBSD.org> writes:
> > I just ran into a build error related to this:
> > [...]
> > I find that the attached patch fixes it for me.
> > [...]
> > @@ -1468,7 +1468,7 @@ lib/libcxxrt__L: gnu/lib/libgcc__L
> > lib/libradius lib/libsbuf lib/libtacplus \
> > ${_cddl_lib_libumem} ${_cddl_lib_libnvpair} \
> > ${_cddl_lib_libzfs_core} \
> > - lib/libutil ${_lib_libypclnt} lib/libz lib/msun \
> > + lib/libutil ${_lib_libypclnt} lib/libldns lib/libz lib/msun \
> > ${_secure_lib_libcrypto} ${_secure_lib_libssh} \
> > ${_secure_lib_libssl}
> >
>
> That's not going to work, because libldns requires libcrypto. You
> should try the following:
>
> @@ -1470,8 +1470,8 @@
> ${_cddl_lib_libumem} ${_cddl_lib_libnvpair} \
> ${_cddl_lib_libzfs_core} \
> lib/libutil ${_lib_libypclnt} lib/libz lib/msun \
> - ${_secure_lib_libcrypto} ${_secure_lib_libssh} \
> - ${_secure_lib_libssl}
> + ${_secure_lib_libcrypto} ${_lib_libldns} \
> + ${_secure_lib_libssh} ${_secure_lib_libssl}
>
> .if ${MK_ATF} != "no"
> _lib_atf_libatf_c= lib/atf/libatf-c
>
> Oh, wait, that's actually an excerpt from the commit that enabled LDNS
> in OpenSSH. What a coincidence!
>
> DES
Hrm, sure enough, even though that sandbox claims to be at r255532, your
changes from r255460 are not in Makefile.inc1. So I've got some sort of
brokeness/pollution in my sandbox I'll look into, sorry for the noise.
-- Ian
More information about the freebsd-security
mailing list