New test - using AIX 5.3 TL7 - but against libressl-2.1.4 configure: creating ./config.status config.status: creating Makefile config.status: creating buildpkg.sh config.status: creating opensshd.init config.status: creating openssh.xml config.status: creating openbsd-compat/Makefile config.status: creating openbsd-compat/regress/Makefile config.status: creating survey.sh config.status: creating config.h config.status: config.h is unchanged OpenSSH has been configured with the following options: User binaries: /opt/bin System binaries: /opt/sbin Configuration files: /opt/etc Askpass program: /opt/libexec/ssh-askpass Manual pages: /opt/share/man/manX PID file: /opt/etc Privilege separation chroot path: /var/empty sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/opt/bin Manpage format: man PAM support: no OSF SIA support: no KerberosV support: no SELinux support: no Smartcard support: S/KEY support: no MD5 password support: no libedit support: no Solaris process contract support: no Solaris project support: no IP address in $DISPLAY hack: no Translate v4 in v6 hack: no BSD Auth support: no Random number source: OpenSSL internal ONLY Privsep sandbox style: rlimit Host: powerpc-ibm-aix5.3.0.0 Compiler: xlc Compiler flags: -g Preprocessor flags: -I/opt/libressl/include Linker flags: -L/opt/libressl/lib -blibpath:/usr/lib:/lib Libraries: -lcrypto -lz One problem coming directly is that the -L flag (-L/opt/libressl/lib is not being included in the -blibpath so the programs link, but do not run. I am sure there is a way for me to modify the blibpath - BUT - I ask you do consider inserting an openssl-dir path when it is not already in the blibpath variable. rm ssh make xlc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o roaming_common.o roaming_client.o -L. -Lopenbsd-compat/ -L/opt/libressl/lib -blibpath:/usr/lib:/lib -lssh -lopenbsd-compat -lcrypto -lz root@x064:[/data/prj/openbsd/openssh/openssh]dump -H ssh ssh: ***Loader Section*** Loader Header Information VERSION# #SYMtableENT #RELOCent LENidSTR 0x00000001 0x0000014a 0x0000075a 0x0000003b #IMPfilID OFFidSTR LENstrTBL OFFstrTBL 0x00000003 0x00007748 0x00000c6d 0x00007783 ***Import File Strings*** INDEX PATH BASE MEMBER 0 /usr/lib:/lib 1 libc.a shr.o 2 libcrypto.a libcrypto.so.32 root@x064:[/data/prj/openbsd/openssh/openssh]ldd ssh ssh needs: /usr/lib/libc.a(shr.o) /usr/lib/libcrypto.a(libcrypto.so.32) ar: 0707-109 Member name libcrypto.so.32 does not exist. dump: /tmp/tmpdir733264/extract/libcrypto.so.32: 0654-106 Cannot open the specified file. /unix /usr/lib/libcrypt.a(shr.o) Modified blibpath: xlc -o ssh ssh.o readconf.o clientloop.o sshtty.o sshconnect.o sshconnect1.o sshconnect2.o mux.o roaming_common.o roaming_client.o -L. -Lopenbsd-compat/ -L/opt/libressl/lib -blibpath:/opt/libressl/ lib:/usr/lib:/lib -lssh -lopenbsd-compat -lcrypto -lz root@x064:[/data/prj/openbsd/openssh/openssh]ldd ssh ssh needs: /usr/lib/libc.a(shr.o) /opt/libressl/lib/libcrypto.a(libcrypto.so.32) /unix /usr/lib/libcrypt.a(shr.o) /usr/lib/libperfstat.a(shr.o) /usr/lib/libpthread.a(shr_xpg5.o) /usr/lib/libpthreads.a(shr_xpg5.o) /usr/lib/libcfg.a(shr.o) /usr/lib/libodm.a(shr.o) /usr/lib/liblvm.a(shr.o) /usr/lib/libpthreads.a(shr_comm.o) This can be corrected with LIBPATH root@x064:[/data/prj/openbsd/openssh/openssh]ldd ssh ssh needs: /usr/lib/libc.a(shr.o) /usr/lib/libcrypto.a(libcrypto.so.32) ar: 0707-109 Member name libcrypto.so.32 does not exist. dump: /tmp/tmpdir733294/extract/libcrypto.so.32: 0654-106 Cannot open the specified file. /unix /usr/lib/libcrypt.a(shr.o) root@x064:[/data/prj/openbsd/openssh/openssh]LIBPATH=/opt/libressl/lib ldd ssh ssh needs: /usr/lib/libc.a(shr.o) /opt/libressl/lib/libcrypto.a(libcrypto.so.32) /unix /usr/lib/libcrypt.a(shr.o) /usr/lib/libperfstat.a(shr.o) /usr/lib/libpthread.a(shr_xpg5.o) /usr/lib/libpthreads.a(shr_xpg5.o) /usr/lib/libcfg.a(shr.o) /usr/lib/libodm.a(shr.o) /usr/lib/liblvm.a(shr.o) /usr/lib/libpthreads.a(shr_comm.o) I shall use LIBPATH - and post - I expect all test successful - later. On Fri, Feb 27, 2015 at 2:07 PM, Michael Felt <aixtools@xxxxxxxxx> wrote: > Update - for AIX 6.1 TL9 - > configure: creating ./config.status > config.status: creating Makefile > config.status: creating buildpkg.sh > config.status: creating opensshd.init > config.status: creating openssh.xml > config.status: creating openbsd-compat/Makefile > config.status: creating openbsd-compat/regress/Makefile > config.status: creating survey.sh > config.status: creating config.h > > OpenSSH has been configured with the following options: > User binaries: /opt/bin > System binaries: /opt/sbin > Configuration files: /opt/etc > Askpass program: /opt/libexec/ssh-askpass > Manual pages: /opt/share/man/manX > PID file: /var/run > Privilege separation chroot path: /var/empty > sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin:/opt/bin > Manpage format: man > PAM support: no > OSF SIA support: no > KerberosV support: no > SELinux support: no > Smartcard support: > S/KEY support: no > MD5 password support: no > libedit support: no > Solaris process contract support: no > Solaris project support: no > IP address in $DISPLAY hack: no > Translate v4 in v6 hack: no > BSD Auth support: no > Random number source: OpenSSL internal ONLY > Privsep sandbox style: rlimit > > Host: powerpc-ibm-aix6.1.0.0 > Compiler: xlc > Compiler flags: -g > Preprocessor flags: > Linker flags: -blibpath:/usr/lib:/lib > Libraries: -lcrypto -lz > > michael@x071:[/home/michael]lslpp -L | grep ssl > openssl.base 1.0.1.510 C F Open Secure Socket Layer > openssl.man.en_US 1.0.1.510 C F Open Secure Socket Layer > > ... > tests && echo all tests passed > make[1]: Entering directory `/data/prj/openbsd/openssh/openssh/regress' > set -e ; if test -z "" ; then \ > > /data/prj/openbsd/openssh/openssh/regress/unittests/sshbuf/test_sshbuf ; \ > > /data/prj/openbsd/openssh/openssh/regress/unittests/sshkey/test_sshkey \ > -d > /data/prj/openbsd/openssh/openssh/regress/unittests/sshkey/testdata ; \ > > /data/prj/openbsd/openssh/openssh/regress/unittests/bitmap/test_bitmap ; \ > /data/prj/openbsd/openssh/openssh/regress/unittests/kex/test_kex ; > \ > > /data/prj/openbsd/openssh/openssh/regress/unittests/hostkeys/test_hostkeys \ > -d > /data/prj/openbsd/openssh/openssh/regress/unittests/hostkeys/testdata ; \ > fi > test_sshbuf: > ................................................................................................... > 100 tests ok > test_sshkey: > ............................................................................................. > > ... > many minutes later ... > ... > learn new primary hostkey > rotate primary hostkey > check rotate primary hostkey > ok hostkey rotate > make[1]: Leaving directory `/data/prj/openbsd/openssh/openssh/regress' > all tests passed > > > > On Thu, Feb 19, 2015 at 11:45 PM, Damien Miller <djm@xxxxxxxxxxx> wrote: > >> On Fri, 20 Feb 2015, Damien Miller wrote: >> >> > Hi, >> > >> > OpenSSH 6.8 is almost ready for release, so we would appreciate testing >> > on as many platforms and systems as possible. This release contains >> > some substantial new features and a number of bugfixes. >> >> ... >> >> > * ssh(1), sshd(8): Host key rotation support. Add a protocol >> > extension for a server to inform a client of all its available >> > host keys after authentication has completed. The client may >> > record the keys in known_hosts, allowing it to upgrade to better >> > host key algorithms and a server to gracefully rotate its keys. >> > >> > The client side of this is controlled by a UpdateHostkeys config >> > option (default on). >> >> Actually, the default is off. You can enable it using UpdateHostKeys=yes >> or UpdateHostKeys=ask >> >> -d >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev@xxxxxxxxxxx >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >> > > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev