Date: Thu, 17 Jan 2013 23:35:48 +0200 From: Kimmo Paasiala <kpaasial@gmail.com> To: Dimitry Andric <dim@freebsd.org> Cc: Brooks Davis <brooks@freebsd.org>, freebsd-stable@freebsd.org Subject: Re: CLANG 3.2 breaks security/pam_ssh_agent_auth on stable/9 Message-ID: <CA%2B7WWSfrpvJXAqrn8d=j1yXZmUw_itxtxJyxYExPnE-JNE2%2Bpw@mail.gmail.com> In-Reply-To: <50F81588.5020106@FreeBSD.org> References: <CA%2B7WWSeOpuAv9PL2_G6Z1Q_SLv5xcTjcujiw6Rs8tdBsrLO7wQ@mail.gmail.com> <50F6D20A.6070306@FreeBSD.org> <CA%2B7WWSfE1bAr7GriRGAKBVpkiNE%2Btn-%2Bd0cO3vpNPY-SWxfghg@mail.gmail.com> <20130117001116.GD29437@lor.one-eyed-alien.net> <CA%2B7WWSdW95=qBthPKWtn1uT_FTD2ka-oQXLo-owFEn=kO4GYRg@mail.gmail.com> <50F81588.5020106@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 17, 2013 at 5:15 PM, Dimitry Andric <dim@freebsd.org> wrote: > On 2013-01-17 14:07, Kimmo Paasiala wrote: >> >> On Thu, Jan 17, 2013 at 2:11 AM, Brooks Davis <brooks@freebsd.org> wrote: > > ... >>> >>> NetBSD and OpenBSD use different signatures for strnvis(). :( >>> pam_ssh_agent_auth assumes that if the system has one it is the OpenBSD >>> one but ours is the NetBSD one. The port will need to be patched to use >>> the openbsd version like it was doing or to swap the second and third >>> arguments when build on newer versions of FreeBSD. >> >> It turns out that security/pam_ssh_agent_auth compiles its own version >> >> of strnvis() when HAVE_STRNVIS is not defined. This in turn results in >> an exported dynamic strnvis symbol in the plugin binary. I guess >> that's what is breaking things when the plugin binary is loaded on >> post r245439 world. >> >> First thing that comes to my mind for a fix is renaming the local >> strnvis() to something else conditionally based on HAVE_STRNVIS. > > > Please try the following patch, which tells configure that HAVE_STRNVIS > is always false. I think this is the easiest way, unless we really want > the port to use our own strnvis. This will still leave the exported symbol in the plugin binary with the name strnvis. What would be needed is renaming of the function to something else, like pam_ssh_agent_auth_strnvis(), maybe using a macro #define strnvis pam_ssh_agent_auth_strnvis somewhere. I can try my hand on coming up with a fix but its going to take some time, the source code of the plugin and not to mention the configure script look quite hairy. -Kimmo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B7WWSfrpvJXAqrn8d=j1yXZmUw_itxtxJyxYExPnE-JNE2%2Bpw>