From owner-freebsd-stable@FreeBSD.ORG Thu Jan 17 21:35:56 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 6BEB2ED1; Thu, 17 Jan 2013 21:35:56 +0000 (UTC) (envelope-from kpaasial@gmail.com) Received: from mail-wi0-f179.google.com (mail-wi0-f179.google.com [209.85.212.179]) by mx1.freebsd.org (Postfix) with ESMTP id 8A12C228; Thu, 17 Jan 2013 21:35:55 +0000 (UTC) Received: by mail-wi0-f179.google.com with SMTP id o1so2616312wic.6 for ; Thu, 17 Jan 2013 13:35:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=FwOAsgqSsqjYCBq8hT6OSG/UY6Q4aGH3C5UNr2WgBGU=; b=xIqZy6Z30s306mrFlAXHfAQzDHZCz4miRsOf7uNDy4d66jke0oHFzRtYc9kh9pV8tJ sOTLvq1gmIkQC4EomKNE94sbfS6Tl2YCheRvhpB9R81NLyWFfnPE+5uBKJBE03tlaxNO z4NPG6mSPUZ64bBNh9xa/2i9Zi9l56nRNOan5P8Wnf+pzuRjv10okZ9hTlMbAgC0SMjy hF9aohKaGLB0Esa2spDssrtHWmOUa45q9P+X0cNYvlrrSaavqm0FHXV1UMzWsDCpEVDq vxREgFfJ4RdfiGFKCm0tzESRV/wvXFmwZR47IDgP3rrxs049hrnNRurlxao6zQor1Exx HK/Q== MIME-Version: 1.0 X-Received: by 10.194.23.37 with SMTP id j5mr10766612wjf.28.1358458548774; Thu, 17 Jan 2013 13:35:48 -0800 (PST) Received: by 10.216.172.197 with HTTP; Thu, 17 Jan 2013 13:35:48 -0800 (PST) In-Reply-To: <50F81588.5020106@FreeBSD.org> References: <50F6D20A.6070306@FreeBSD.org> <20130117001116.GD29437@lor.one-eyed-alien.net> <50F81588.5020106@FreeBSD.org> Date: Thu, 17 Jan 2013 23:35:48 +0200 Message-ID: Subject: Re: CLANG 3.2 breaks security/pam_ssh_agent_auth on stable/9 From: Kimmo Paasiala To: Dimitry Andric Content-Type: text/plain; charset=UTF-8 Cc: Brooks Davis , freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jan 2013 21:35:56 -0000 On Thu, Jan 17, 2013 at 5:15 PM, Dimitry Andric wrote: > On 2013-01-17 14:07, Kimmo Paasiala wrote: >> >> On Thu, Jan 17, 2013 at 2:11 AM, Brooks Davis wrote: > > ... >>> >>> NetBSD and OpenBSD use different signatures for strnvis(). :( >>> pam_ssh_agent_auth assumes that if the system has one it is the OpenBSD >>> one but ours is the NetBSD one. The port will need to be patched to use >>> the openbsd version like it was doing or to swap the second and third >>> arguments when build on newer versions of FreeBSD. >> >> It turns out that security/pam_ssh_agent_auth compiles its own version >> >> of strnvis() when HAVE_STRNVIS is not defined. This in turn results in >> an exported dynamic strnvis symbol in the plugin binary. I guess >> that's what is breaking things when the plugin binary is loaded on >> post r245439 world. >> >> First thing that comes to my mind for a fix is renaming the local >> strnvis() to something else conditionally based on HAVE_STRNVIS. > > > Please try the following patch, which tells configure that HAVE_STRNVIS > is always false. I think this is the easiest way, unless we really want > the port to use our own strnvis. This will still leave the exported symbol in the plugin binary with the name strnvis. What would be needed is renaming of the function to something else, like pam_ssh_agent_auth_strnvis(), maybe using a macro #define strnvis pam_ssh_agent_auth_strnvis somewhere. I can try my hand on coming up with a fix but its going to take some time, the source code of the plugin and not to mention the configure script look quite hairy. -Kimmo