1 |
> |
2 |
> On 15-05-2008 22:46:13 +1000, Matt Michalowski wrote: |
3 |
> > This is what I get with openssh-5.0_p1-r1 on amd64-linux: |
4 |
> > x86_64-pc-linux-gnu-gcc -o ssh ssh.o readconf.o clientloop.o sshtty.o |
5 |
> > sshconnect.o sshconnect1.o sshconnect2.o -L. -Lopenbsd-compat/ |
6 |
> > -fstack-protector -lssh -lopenbsd-compat -L/opt/hwbp/usr/lib64 -lssl |
7 |
> > -lcrypto -ldl -lutil -lz -lnsl -lcrypt -lresolv -lresolv |
8 |
> > ssh.o: In function `env_permitted': |
9 |
> > ssh.c:(.text+0x220): undefined reference to `__stack_chk_fail' |
10 |
> [snip] |
11 |
> > The problem is that the openssh configure checks that the compiler supports |
12 |
> > -fstack-protector which succeeds: |
13 |
> > configure:5418: checking if x86_64-pc-linux-gnu-gcc supports |
14 |
> > -fstack-protector |
15 |
> [snip] |
16 |
> > Yet the toolchain.eclass has configured gcc with --disable-libssp, so I |
17 |
> > don't have libssp. A couple of solutions I can think of but haven't tried: |
18 |
> > - configure openssh with --without-stackprotect |
19 |
> > - get toolchain.eclass to --enable-libssp and ensure SSP works |
20 |
> > |
21 |
> > So in my opinion, best left masked for now. |
22 |
|
23 |
That would explain why it's working here, since I think interix doesn't support the ssp. |
24 |
Still I don't understand how the check program can link without libssp...? I think the check is fishy... |
25 |
|
26 |
> |
27 |
> Thanks for the in depth explanation. I'd not be surprised if Solaris |
28 |
> actually has the same problem. |
29 |
|
30 |
If solaris supports ssp, yes, i think so too. |
31 |
|
32 |
> |
33 |
> I've no idea of it in the main tree, but since it doesn't even compile |
34 |
> on Linux, I'd say, keep it masked. |
35 |
|
36 |
Yeah, but maybe disabling the ssp for configure is the right way to go, since ssp is explicitly disabled when building gcc. I don't think that it will help sitting it out. |
37 |
|
38 |
> |
39 |
> If Interix needs it, and has it compiling all the way, Markus use |
40 |
> package.unmask in the interix profile. |
41 |
|
42 |
I could live with 4.7 too, if I must... also somehow I didn't manage to get it unmasked other than commenting out the mask... I tried almost half an hour with package.unmask in different locations, etc.... it didn't work *arg*... |
43 |
|
44 |
Cheers, Markus |
45 |
|
46 |
> |
47 |
> |
48 |
> -- |
49 |
> Fabian Groffen |
50 |
> Gentoo on a different level |
51 |
> -- |
52 |
> gentoo-alt@l.g.o mailing list |
53 |
|
54 |
|
55 |
-- |
56 |
gentoo-alt@l.g.o mailing list |