openssh 3.7.1p1 needs a patch to compile against openssl-0.9.7a

[Dan Burcaw]

Kevin,

Yes, they've been backported.

Regards,
Dan

On Thu, 2003-09-18 at 10:32, Kevin B. Hendricks wrote:
> Hi,
> 
> I tried yum-update on openssh to get the latest security patch but it seems to 
> come back with openssh-3.5 and not the very latest version openssh-3.7.1p1
> that is the version with  the security fix.
> 
> Is this a mistake or have the required security patches been backported to 
> this version?
> 
> Since I was unsure if all patches from 3.71 have made it into the 3.5 version 
> available via yum update openssh, I decided to build my own form source.
> 
> The problem is that openssh source seems to be incompatible with changes done 
> for openssl - 0.9.7a versus 0.9.6
> 
> I tried to build openssh-3.7.1p1 against openssl-0.9.7a that comes with YDL 3 
> and found that openssl-0.9.7a libcrypto.so no longer exports BN_mod since it 
> is now simply defined as:
> 
> #define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
> 
> in /usr/include/openssl/bn.h
> 
> But openssh-3.7.1p1/ in rsa.c and auth-rsa.c need this symbol to work (they do 
> not include openssl/bn.h and so they expect BN_mod to be defined in 
> libcrypto.so.0.9.7a but it is not.
> 
> So I had to add the define above to the openssh source in rsa.c and auth-rsa.c 
> to get things to compile and link against openssl-0.9.7a
> 
> With that change in place it all seems to work.
> 
> Kevin
> 
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general