[MacPorts] #67539: openssh @9.3p1_1 Nearly all client programs crash with Segmentation Fault.
MacPorts
noreply at macports.org
Wed May 31 19:25:36 UTC 2023
#67539: openssh @9.3p1_1 Nearly all client programs crash with Segmentation Fault.
------------------------+----------------------
Reporter: snowflake | Owner: artkiver
Type: defect | Status: assigned
Priority: Normal | Milestone:
Component: ports | Version: 2.8.99
Resolution: | Keywords:
Port: openssh |
------------------------+----------------------
Comment (by artkiver):
Thanks for reporting this!
As elventear speculated, I think this is related to the PR
https://github.com/macports/macports-ports/pull/18879 which neverpanic
merged with a revision increment to cause OpenSSH to rebuild relative to
OpenSSL yesterday.
I attempted to reassign it for the time though I thought Trac had a way to
CC people on issues, I am not seeing that option presently. Unfortunately,
it seems as if I do not have sufficient permissions to reassign the ticket
either.
Locally:
{{{
% ssh -V
OpenSSH_9.3p1, LibreSSL 3.8.0
}}}
{{{
% ssh-agent -dD
usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]
[-O option] [-P allowed_providers] [-t life]
ssh-agent [-a bind_address] [-E fingerprint_hash] [-O option]
[-P allowed_providers] [-t life] command [arg ...]
ssh-agent [-c | -s] -k
}}}
{{{
% ssh-keygen
Generating public/private rsa key pair.
^C
}}}
So, speculatively, if building against libressl or libressl-devel I am
guessing OpenSSH is still OK and this is more related to the TLS library
choice?
However, the compiler workaround is also fascinating, at least locally I
am typically using llvm-devel or llvm-16 on my laptops so I am thinking
that may be another potential alternative to test if gcc isn't desired?
I had been testing some things related to a different issue (specifically
for the kerberos5 variant which is presently broken with LibreSSL
mentioned in this: https://trac.macports.org/ticket/67442#comment:11) and
had planned to add a "conflicts libressl" to that variant after getting a
response from the individual who had filed it, though I have had half a
mind to augment the Portfile similar to the modifications made to rpki-
client to attempt to auto-detect which TLS library may already be
installed and default to LibreSSL if none had previously been used (which
is more in alignment with what macOS ships as well as the upstream non
-portable branch of OpenSSH); but just because my present setups can't
replicate these errors, doesn't mean there may not be some other ways to
address it!
Unfortunately, I probably won't have much opportunity to look at this
again until tomorrow, but I wanted to at least reply with some preliminary
perspective and hopefully Clemens may be able to provide some additional
insights!
--
Ticket URL: <https://trac.macports.org/ticket/67539#comment:11>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list