| 1 |
> |
| 2 |
> On 15-05-2008 22:46:13 +1000, Matt Michalowski wrote: |
| 3 |
> > This is what I get with openssh-5.0_p1-r1 on amd64-linux: |
| 4 |
> > x86_64-pc-linux-gnu-gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o |
| 5 |
> > sshconnect.o sshconnect1.o sshconnect2.o -L. -Lopenbsd-compat/ |
| 6 |
> > -fstack-protector -lssh -lopenbsd-compat -L/opt/hwbp/usr/lib64 -lssl |
| 7 |
> > -lcrypto -ldl -lutil -lz -lnsl -lcrypt -lresolv -lresolv |
| 8 |
> > ssh.o: In function `env_permitted': |
| 9 |
> > ssh.c:(.text+0x220): undefined reference to `__stack_chk_fail' |
| 10 |
> [snip] |
| 11 |
> > The problem is that the openssh configure checks that the compiler supports |
| 12 |
> > -fstack-protector which succeeds: |
| 13 |
> > configure:5418: checking if x86_64-pc-linux-gnu-gcc supports |
| 14 |
> > -fstack-protector |
| 15 |
> [snip] |
| 16 |
> > Yet the toolchain.eclass has configured gcc with --disable-libssp, so I |
| 17 |
> > don't have libssp. A couple of solutions I can think of but haven't tried: |
| 18 |
> > - configure openssh with --without-stackprotect |
| 19 |
> > - get toolchain.eclass to --enable-libssp and ensure SSP works |
| 20 |
> > |
| 21 |
> > So in my opinion, best left masked for now. |
| 22 |
|
| 23 |
That would explain why it's working here, since I think interix doesn't support the ssp. |
| 24 |
Still I don't understand how the check program can link without libssp...? I think the check is fishy... |
| 25 |
|
| 26 |
> |
| 27 |
> Thanks for the in depth explanation. I'd not be surprised if Solaris |
| 28 |
> actually has the same problem. |
| 29 |
|
| 30 |
If solaris supports ssp, yes, i think so too. |
| 31 |
|
| 32 |
> |
| 33 |
> I've no idea of it in the main tree, but since it doesn't even compile |
| 34 |
> on Linux, I'd say, keep it masked. |
| 35 |
|
| 36 |
Yeah, but maybe disabling the ssp for configure is the right way to go, since ssp is explicitly disabled when building gcc. I don't think that it will help sitting it out. |
| 37 |
|
| 38 |
> |
| 39 |
> If Interix needs it, and has it compiling all the way, Markus use |
| 40 |
> package.unmask in the interix profile. |
| 41 |
|
| 42 |
I could live with 4.7 too, if I must... also somehow I didn't manage to get it unmasked other than commenting out the mask... I tried almost half an hour with package.unmask in different locations, etc.... it didn't work *arg*... |
| 43 |
|
| 44 |
Cheers, Markus |
| 45 |
|
| 46 |
> |
| 47 |
> |
| 48 |
> -- |
| 49 |
> Fabian Groffen |
| 50 |
> Gentoo on a different level |
| 51 |
> -- |
| 52 |
> gentoo-alt@l.g.o mailing list |
| 53 |
|
| 54 |
|
| 55 |
-- |
| 56 |
gentoo-alt@l.g.o mailing list |
Archives