[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 635] openssh-SNAP-20030903: configure does not work well withheimdal(krb5) (fwd)
Just FYI, could anyone help them with support for heimdal when you
aggree krb4 is dead? If I had to compile heimdal without support for
openssl, then it should be documented somewhere. Otherwise I guess someone
has to make openssh/configure more clever when heimdal was build with or
without libdes. :)
--
Martin Mokrejs <mmokrejs@natur.cuni.cz>, <m.mokrejs@gsf.de>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany
tel.: +49-89-3187 3683 , fax: +49-89-3187 3585
---------- Forwarded message ----------
From: bugzilla-daemon@mindrot.org
To: mmokrejs@natur.cuni.cz
Date: Fri, 5 Sep 2003 18:47:35 +1000 (EST)
Subject: [Bug 635] openssh-SNAP-20030903: configure does not work well with
heimdal(krb5)
http://bugzilla.mindrot.org/show_bug.cgi?id=635
Summary: openssh-SNAP-20030903: configure does not work well with
heimdal(krb5)
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: mmokrejs@natur.cuni.cz
I see configure did not manage to realize my heimdal installation does not have
libdes. When heimdal detects during build libcrypto installed, it does not build
libdes.
Second problem is that
$ ./configure --prefix=/usr/local --with-tcp-wrappers
--with-ssl-dir=/usr/local/openssl --with-prngd-socket=/tmp/entropy
--with-default-path=/usr/bin:/bin:/sbin:/usr/local/bin:/usr/local/sbin:/software/@sys/usr/bin:/software/@sys/usr/sbin:/usr/bin/X11:/usr/afs/bin:/usr/athena/bin:/usr/local/openssl/bin:/usr/opt/svr4/bin:/usr/opt/svr4/sbin
--with-xauth=/usr/bin/X11/xauth --with-zlib --with-osfsia
--with-login=/usr/bin/login --with-privsep --with-kerberos5=/usr/heimdal
--with-afs=/usr/afsws
[cut]
checking whether we are using Heimdal... yes
checking for library containing dn_expand... none required
checking for gss_init_sec_context in -lgssapi... no
checking for gss_init_sec_context in -lgssapi_krb5... no
configure: WARNING: Cannot find any suitable gss-api library - build may fail
checking for gssapi.h... yes
checking for gssapi_krb5.h... no
[cut]
OpenSSH has been configured with the following options:
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /usr/local/etc
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/man/manX
PID file: /var/run
Privilege separation chroot path: /var/empty
sshd default user PATH:
/usr/bin:/bin:/sbin:/usr/local/bin:/usr/local/sbin:/software/@sys/usr/bin:/software/@sys/usr/sbin:/usr/bin/X11:/usr/afs/bin:/usr/athena/bin:/usr/local/openssl/bin:/usr/opt/svr4/bin:/usr/opt/svr4/sbin
Manpage format: man
DNS support: no
PAM support: no
KerberosV support: yes
Smartcard support: no
S/KEY support: no
TCP Wrappers support: yes
MD5 password support: no
IP address in $DISPLAY hack: no
Translate v4 in v6 hack: no
BSD Auth support: no
Random number source: OpenSSL internal ONLY
Host: alphaev67-dec-osf5.1
Compiler: cc
Compiler flags: -O2 -arch ev56
Preprocessor flags: -I/usr/local/openssl/include -Iyes
-I/software/@sys/usr/include -I/usr/local/include -I/usr/local/openssl/include
-I/usr/heimdal/include
Linker flags: -L/usr/local/openssl/lib -Lyes -L/usr/heimdal/lib
Libraries: -lwrap -lrt -lz -L/usr/local/lib -L/software/@sys/usr/lib
-L/usr/local/openssl/lib -L/usr/lib -lsecurity -ldb -lm -laud -lcrypto -lkrb5
-ldes -lcom_err -lasn1 -lroken
You see, the "Linker flags" contain properly -L/usr/heimdal/lib , that's where
libgssapi.a is.
The problem is when heimdal is installed with support for openssl, it does not
build libdes:
configure:14199: checking whether we are using Heimdal
configure:14214: cc -c -O2 -arch ev56 -I/usr/local/openssl/include -Iyes
-I/software/@sys/usr/include -I/usr/local/include -I/usr/local/
openssl/include -I/usr/heimdal/include conftest.c >&5
cc: Warning: configure, line 14207: In the initializer for tmp, the referenced
type of the pointer value "heimdal_version" is const, but
the referenced type of the target of this assignment is not. (notconstqual)
char *tmp = heimdal_version;
-------------^
configure:14217: $? = 0
configure:14220: test -s conftest.o
configure:14223: $? = 0
configure:14225: result: yes
configure:14248: checking for library containing dn_expand
configure:14275: cc -o conftest -O2 -arch ev56 -I/usr/local/openssl/include
-Iyes -I/software/@sys/usr/include -I/usr/local/include -I/u
sr/local/openssl/include -I/usr/heimdal/include -L/usr/local/openssl/lib -Lyes
-L/usr/heimdal/lib conftest.c -lrt -lz -L/usr/local/lib
-L/software/@sys/usr/lib -L/usr/local/openssl/lib -L/usr/lib -lsecurity -ldb -lm
-laud -lcrypto >&5
configure:14278: $? = 0
configure:14281: test -s conftest
configure:14284: $? = 0
configure:14337: result: none required
configure:14344: checking for gss_init_sec_context in -lgssapi
configure:14371: cc -o conftest -O2 -arch ev56 -I/usr/local/openssl/include
-Iyes -I/software/@sys/usr/include -I/usr/local/include -I/u
sr/local/openssl/include -I/usr/heimdal/include -L/usr/local/openssl/lib -Lyes
-L/usr/heimdal/lib conftest.c -lgssapi -lkrb5 -ldes -lco
m_err -lasn1 -lroken -lrt -lz -L/usr/local/lib -L/software/@sys/usr/lib
-L/usr/local/openssl/lib -L/usr/lib -lsecurity -ldb -lm -laud -l
crypto >&5
ld:
Can't locate file for: -ldes
configure:14374: $? = 1
configure: failed program was:
#line 14352 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char gss_init_sec_context ();
int
main ()
{
gss_init_sec_context ();
;
return 0;
}
configure:14391: result: no
configure:14400: checking for gss_init_sec_context in -lgssapi_krb5
configure:14427: cc -o conftest -O2 -arch ev56 -I/usr/local/openssl/include
-Iyes -I/software/@sys/usr/include -I/usr/local/include -I/u
sr/local/openssl/include -I/usr/heimdal/include -L/usr/local/openssl/lib -Lyes
-L/usr/heimdal/lib conftest.c -lgssapi_krb5 -lkrb5 -ldes
-lcom_err -lasn1 -lroken -lrt -lz -L/usr/local/lib -L/software/@sys/usr/lib
-L/usr/local/openssl/lib -L/usr/lib -lsecurity -ldb -lm -la
ud -lcrypto >&5
ld:
Can't locate file for: -lgssapi_krb5
configure:14430: $? = 1
configure: failed program was:
#line 14408 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char gss_init_sec_context ();
int
main ()
{
gss_init_sec_context ();
;
return 0;
}
configure:14447: result: no
configure:14456: WARNING: Cannot find any suitable gss-api library - build may fail
configure:14462: checking for gssapi.h
configure:14472: cc -E -I/usr/local/openssl/include -Iyes
-I/software/@sys/usr/include -I/usr/local/include -I/usr/local/openssl/include
-I/usr/heimdal/include conftest.c
configure:14478: $? = 0
configure:14497: result: yes
configure:14561: checking for gssapi_krb5.h
configure:14571: cc -E -I/usr/local/openssl/include -Iyes
-I/software/@sys/usr/include -I/usr/local/include -I/usr/local/openssl/include
-I/usr/heimdal/include -I/usr/heimdal/include/gssapi conftest.c
cc: Error: configure, line 14568: Cannot find file <gssapi_krb5.h> specified in
#include directive. (noinclfile)
#include <gssapi_krb5.h>
-^
configure:14577: $? = 1
configure: failed program was:
#line 14567 "configure"
#include "confdefs.h"
#include <gssapi_krb5.h>
configure:14596: result: no
To help you out with what is available and what isn't when latest cvs snapshot
of heimdal is installed(with support for openssl, i.e. without libdes.a build):
serow# ls /usr/heimdal/include
asn1_err.h fnmatch.h hdb_asn1.h krb5-private.h parse_bytes.h sl.h
base64.h getarg.h hdb_err.h krb5-protos.h parse_time.h ss
com_err.h glob.h heim_err.h krb5-types.h parse_units.h vis.h
com_right.h gssapi.h ifaddrs.h krb5.h resolve.h xdbm.h
der.h hdb-private.h k524_err.h krb5_asn1.h roken-common.h
editline.h hdb-protos.h kadm5 krb5_err.h roken.h
err.h hdb.h kafs.h otp.h rtbl.h
serow# ls /usr/heimdal/lib
lib45.a libeditline.la libkadm5clnt.la libkrb5.la libsl.a
libasn1.a libgssapi.a libkadm5srv.a libotp.a libsl.la
libasn1.la libgssapi.la libkadm5srv.la libotp.la libss.a
libcom_err.a libhdb.a libkafs.a libroken.a libss.la
libcom_err.la libhdb.la libkafs.la libroken.la
libeditline.a libkadm5clnt.a libkrb5.a libsia_krb5.so
serow#
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.