Romain Naour dd244feb37 package/openssh: add libxcrypt optional dependency for sshd ... When glibc was bumped to version 2.39 in commit b5680f53d6 it removed the deprecated libcrypt support. As glibc's libcrypt was providing sshd's libcrypt dependency this broke the sshd password authentification at runtime using glibc version 2.39. # sshpass -p testpwd ssh -oStrictHostKeyChecking=no localhost /bin/true Permission denied, please try again. Without libcrypt, OpenSSH >= 6.2 fall back to using openssl's DES_crypt function on platorms that don't have a native crypt() function [1]. Note that DES_crypt is deprecated since openssl 3.0 [2] [3]. "Use of the low level DES functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions." Also DES_crypt is provided by openssl only if BR2_PACKAGE_LIBOPENSSL_ENABLE_DES is enabled. Otherwise crypt() is never defined: sd-compat.a(xcrypt.o): in function `xcrypt': xcrypt.c:(.text+0x48): undefined reference to `crypt' It's not clear why the password authentification fail with openssl's DES_crypt but since it's deprecated we use libxcrypt to provide a working crypt() function for glibc based toolchains. [1] https://github.com/openssh/openssh-portable/blob/V_9_7/openbsd-compat/xcrypt.c#L57 [2] c6fec81b88 [3] https://www.openssl.org/docs/man3.2/man3/DES_crypt.html Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6623402147 Signed-off-by: Romain Naour <romain.naour@smile.fr>		2024-04-30 23:00:24 +02:00
..
Config.in	package/openssh: add libxcrypt optional dependency for sshd	2024-04-30 23:00:24 +02:00
openssh.hash	package/openssh: bump to version 9.7p1	2024-03-24 16:01:58 +01:00
openssh.mk	package/openssh: add libxcrypt optional dependency for sshd	2024-04-30 23:00:24 +02:00
S50sshd
sshd-sysusers.conf
sshd.service