OK, I've dinked around with this some more and I think I might have at
least a partial solution to this whole mess (it still doesn't make
openssl actually useful to us, it just makes it less annoying :).
First, apply the following patch:
Index: Makefile
===================================================================
RCS file: /home/ncvs/src/secure/lib/librsaglue/Makefile,v
retrieving revision 1.1
diff -u -u -r1.1 Makefile
--- Makefile 2000/01/20 07:24:40 1.1
+++ Makefile 2000/02/21 03:01:09
@@ -11,7 +11,7 @@
CFLAGS+= -I${.OBJDIR}
# rsaref
-SRCS+= rsar_err.c rsaref.c
+SRCS+= rsar_err.c rsaref.c rsaref_stubs.c
HDRS= asn1/asn1.h asn1/asn1_mac.h bio/bio.h bf/blowfish.h bn/bn.h \
buffer/buffer.h cast/cast.h comp/comp.h conf/conf.h crypto.h \
Then stick the code below in /usr/src/crypto/openssl/rsaref/rsaref_stubs.c
and rebuild/install from /usr/src/secure/lib/librsaglue. If you
then proceed to /usr/ports/security/openssh and make this change:
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/security/openssh/Makefile,v
retrieving revision 1.45
diff -u -u -r1.45 Makefile
--- Makefile 2000/02/16 04:52:59 1.45
+++ Makefile 2000/02/21 03:30:44
@@ -31,7 +31,7 @@
:pserver:[EMAIL PROTECTED]:/cvs
CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto
.if defined(OPENSSL_RSAREF)
-CRYPTOLIBS+= -lRSAglue -L${LOCALBASE}/lib -lrsaref
+CRYPTOLIBS+= -lRSAglue
.endif
# Here, MANDIR is concetenated to DESTDIR which all forms the man install dir...
MAKE_ENV+= DESTDIR=${PREFIX} MANDIR=/man/man CRYPTOLIBS="${CRYPTOLIBS}"
You'll create an ssh which either whines at you for having no librsaref.so
or, if you do have one, will load and use it seamlessly.
- Jordan
/*
* $FreeBSD$
*
* Copyright (c) 2000
* Jordan Hubbard. All rights reserved.
*
* Stub functions for RSA code. If you link with this code, you will
* get a full set of weak symbol references to the rsaref library
* functions which are required by openssl. These can then be occluded
* by the real rsaref library by implicitly linking with it or, failing
* that, these stub functions will attempt to dlopen() the appropriate
* rsaref library if it can be found in the library search path.
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer,
* verbatim and that no modifications are made prior to this
* point in the file.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY JORDAN HUBBARD ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL JORDAN HUBBARD OR HIS PETS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, LIFE OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#ifndef NO_RSA
#include <dlfcn.h>
#include <stdio.h>
#define RSA_SHLIB "librsaref.so" /* be more exact if you need to */
#define VERBOSE_STUBS /* undef if you don't want missing rsaref reported */
static void *
getsym(const char *sym)
{
static void *rsalib;
static int whined;
void *ret = NULL;
if (!rsalib)
rsalib = dlopen(RSA_SHLIB, RTLD_LAZY);
if (rsalib)
ret = dlsym(rsalib, sym);
#ifdef VERBOSE_STUBS
if (!ret && !whined) {
fprintf(stderr, "** %s: Unable to find an rsaref shared library (%s).\n", sym,
RSA_SHLIB);
fprintf(stderr, "** Install an RSA package on your system and run this program
again\n", RSA_SHLIB);
whined = 1;
}
#endif
return ret;
}
#pragma weak RSAPrivateDecrypt=RSAPrivateDecrypt_stub
int
RSAPrivateDecrypt_stub(unsigned char *output, unsigned int *outlen,
unsigned char *input, int inputlen, void *RSAkey)
{
static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);
if (sym || (sym = getsym("RSAPrivateDecrypt")))
return sym(output, outlen, input, inputlen, RSAkey);
return 0;
}
#pragma weak RSAPrivateEncrypt=RSAPrivateEncrypt_stub
int
RSAPrivateEncrypt_stub(unsigned char *output, unsigned int *outlen,
unsigned char *input, int inputlen, void *RSAkey)
{
static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);
if (sym || (sym = getsym("RSAPrivateEncrypt")))
return sym(output, outlen, input, inputlen, RSAkey);
return 0;
}
#pragma weak RSAPublicDecrypt=RSAPublicDecrypt_stub
int
RSAPublicDecrypt_stub(unsigned char *output, unsigned int *outlen,
unsigned char *input, int inputlen, void *RSAkey)
{
static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int, void *);
if (sym || (sym = getsym("RSAPublicDecrypt")))
return sym(output, outlen, input, inputlen, RSAkey);
return 0;
}
#pragma weak RSAPublicEncrypt=RSAPublicEncrypt_stub
int
RSAPublicEncrypt_stub(unsigned char *output, unsigned int *outlen,
unsigned char *input, int inputlen, void *RSAkey, void *randomStruct)
{
static int (*sym)(unsigned char *, unsigned int *, unsigned char *, int,
void *, void *);
if (sym || (sym = getsym("RSAPublicEncrypt")))
return sym(output, outlen, input, inputlen, RSAkey, randomStruct);
return 0;
}
#pragma weak R_GetRandomBytesNeeded=R_GetRandomBytesNeeded_stub
int
R_GetRandomBytesNeeded_stub(unsigned int *bytesNeeded, void *randomStruct)
{
static int (*sym)(unsigned int *, void *);
if (sym || (sym = getsym("R_GetRandomBytesNeeded")))
return sym(bytesNeeded, randomStruct);
return 0;
}
#pragma weak R_RandomFinal=R_RandomFinal_stub
void
R_RandomFinal_stub(void *randomStruct)
{
static void (*sym)(void *);
if (sym || (sym = getsym("R_RandomFinal")))
sym(randomStruct);
}
#pragma weak R_RandomInit=R_RandomInit_stub
int
R_RandomInit_stub(void *randomStruct)
{
static int (*sym)(void *);
if (sym || (sym = getsym("R_RandomInit")))
sym(randomStruct);
}
#pragma weak R_RandomUpdate=R_RandomUpdate_stub
int
R_RandomUpdate_stub(void *randomStruct,
unsigned char *block, unsigned int blockLen)
{
static int (*sym)(void *, unsigned char *, unsigned int);
if (sym || (sym = getsym("R_RandomUpdate")))
sym(randomStruct, block, blockLen);
}
#endif /* NO_RSA */
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message