Hello. Thanks for the quick reply. While openssh may have dropped
libwrap and
libblocklist support in version 6.7, NetBSD had it until the import of
openssh-9.9. I see no
notation of this large change in behavior either in the cvs log file for the
Makefile for sshd
diff shown below for when this support was dropped, nor in the doc/CHANGES
file, although the
import of OpenSSH-9.9 is noted there.
So, is it the case this was entirely intentional? If so, I'm very surprised it
wasn't noted
more prominently in either the cvs log file of the Makefile itself or in the
doc/CHANGES file,
preferably both.
Might Christos be able to shed light on this?
-thanks
-Brian
Index: Makefile
===================================================================
RCS file: /cvsroot/src/crypto/external/bsd/openssh/bin/sshd/Makefile,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- Makefile 3 Jun 2023 09:09:02 -0000 1.27
+++ Makefile 8 Jul 2024 22:33:43 -0000 1.28
@@ -1,79 +1,17 @@
-# $NetBSD: Makefile,v 1.27 2023/06/03 09:09:02 lukem Exp $
+# $NetBSD: Makefile,v 1.28 2024/07/08 22:33:43 christos Exp $
.include <bsd.own.mk>
+USE_LDAP= no
PROG= sshd
MAN= sshd.8 sshd_config.5 moduli.5
BINDIR= /usr/sbin
-SRCS= sshd.c auth-rhosts.c auth-passwd.c auth2-pubkeyfile.c \
- sshpty.c sshlogin.c servconf.c serverloop.c \
- auth.c auth2.c auth-options.c session.c \
- auth-krb5.c auth2-chall.c groupaccess.c \
- auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
- auth2-none.c auth2-passwd.c auth2-pubkey.c \
- monitor.c monitor_wrap.c srclimit.c \
- kexgexs.c sftp-server.c sftp-common.c \
- sftp-realpath.c sandbox-rlimit.c pfilter.c
-
-COPTS.auth-options.c+= -Wno-pointer-sign
-COPTS.ldapauth.c+= -Wno-format-nonliteral # XXX: should fix
-
-.if (${USE_PAM} != "no")
-SRCS+= auth-pam.c
-LDADD+= -lpam ${PAM_STATIC_LDADD}
-DPADD+= ${LIBPAM} ${PAM_STATIC_DPADD}
-
-.if ${USE_YP} != "no"
-LDADD+= -lrpcsvc
-DPADD+= ${LIBRPCSVC}
-.endif
-
-.else # USE_PAM == no
-
-.if (${USE_SKEY} != "no")
-LDADD+= -lskey
-DPADD+= ${LIBSKEY}
-.endif
-
-.endif # USE_PAM == no
-
-.if (${USE_KERBEROS} != "no")
-SRCS+= gss-genr.c auth2-gss.c gss-serv.c gss-serv-krb5.c
-LDADD+= -lgssapi -lheimntlm
-DPADD+= ${LIBGSSAPI} ${LIBHEIMNTLM}
-
-LDADD+= -lkafs
-DPADD+= ${LIBKAFS}
-
-SRCS+= auth2-krb5.c
-LDADD+= ${LIBKRB5_LDADD}
-DPADD+= ${LIBKRB5_DPADD}
-.endif
-
-.if (${USE_LDAP} != "no")
-SRCS+= ldapauth.c
-LDADD+= ${LIBLDAP_LDADD}
-DPADD+= ${LIBLDAP_DPADD}
-.endif
-
-LDADD+= -lcrypt -lutil
-DPADD+= ${LIBCRYPT} ${LIBUTIL}
-
-LDADD+= -lwrap
-DPADD+= ${LIBWRAP}
-
-.ifdef CRUNCHEDPROG
-CPPFLAGS+=-DSMALL
-.else
-LDADD+= -lblocklist
-DPADD+= ${LIBBLOCKLIST}
-.endif
-
-COPTS.sshlogin.c+= ${CC_WNO_STRINGOP_TRUNCATION}
-COPTS.ldapauth.c+= ${CC_WNO_STRINGOP_TRUNCATION}
${CC_WNO_STRINGOP_OVERFLOW}
-COPTS.monitor.c+= -Wno-error=deprecated-declarations
-COPTS.kexgexs.c+= -Wno-error=deprecated-declarations
+SRCS= sshd.c sshpty.c srclimit.c servconf.c auth2-methods.c \
+ groupaccess.c
+
+LDADD+= -lutil
+DPADD+= ${LIBUTIL}
.include <bsd.prog.mk>
