#49 tcpwrappers broken on OpenBSD
(also on netatalk-devel@lists.sourceforge.net with
subject "OpenBSD: tcp-wrappers / setdirowner" Date:
Mon, 26 Mar 2001)
Expanding on Jean-Philippe Rey's notes, to get 1.5pre5
to compile and make on OpenBSD:
Summary
./configure --with-tcp-wrappers --with-ssl-dirs=/usr
vi libtool -> 368a output_objdir=.
vi config.h -> 6a #define NO_CRYPT_H 1
#define DLSYM_PREPEND_UNDERSCORE 1
gmake
gmake install
When compiling with both --tcp-wrappers and -ssl, I get
these errors when starting the daemons from rc.local,
and atalkd never successfully starts:
/usr/libexec/ld.so: Undefined symbol "_deny_severity"
in atalkd:/usr/lib/libwrap.so.1.1
/usr/libexec/ld.so: Undefined symbol "_deny_severity"
in nbprgstr:/usr/lib/libwrap.so.1.1
/usr/libexec/ld.so: Undefined symbol "_deny_severity"
in timelord:/usr/lib/libwrap.so.1.1
When I compiled without tcp-wrappers, I was getting
this error: afpd[] Can't register machine:AFPServer&*
However, adding my interface, fxp0 to my atalkd.conf
file fixed that immediately. Now all of my passwords
are being sent encrypted! Thank you very much!
Logged In: YES
user_id=55096
This actually sounds like a bug in the build process. None
of those programs above (atalkd, nbprgstr, timelord) support
tcp-wrappers or use TCP/IP at all. To my knowledge, only
afpd should be compiled and linked to tcp-wrappers.
However, I thought that unused libraries would be discarded
from the program, so I don't know why it linked to
libwrap.so... Jeff?
Logged In: YES
user_id=102909
I think I have a related problem.
15pre6, configured on linux (rh 7.0) with
./configure --with-flock-locks --with-tcp-wrappers
--enable-redhat --with-pam --prefix=/usr/local/atalk
manages to configure and build without fatal errors, and
generally runs. However, it doesn't seem to be using tcp
wrappers (afpd ignores everything in /etc/hosts.allow and
/etc/hosts.deny), whereas it used to work for me with
2.1.4preasun
Here's what seems to be the relevant bit from config.log:
configure:4989: checking for hosts_access in -lwrap
configure:5008: gcc -o conftest -g -O2 conftest.c -lwrap
-lrpcsvc -lresolv -lnsl -ldl -ldb -lcrypt -lcom_err -lpam
1>&5
/usr/lib/gcc-lib/i386-redhat-linux/2.96/../../../libwrap.a(options.o):
In function
twist_option': options.o(.text+0x6d1): undefined reference todeny_severity'/usr/lib/gcc-lib/i386-redhat-linux/2.96/../../../libwrap.a(options.o):
In function
severity_option': options.o(.text+0x922): undefined reference todeny_severity'options.o(.text+0x92b): undefined reference to
`allow_severity'
collect2: ld returned 1 exit status
configure: failed program was:
line 4997 "configure"
include "confdefs.h"
/ Override any gcc2 internal prototype to avoid an error.
/
/ We use char because int might match the return type of a
gcc2
builtin and then its argument prototype would still
apply. /
char hosts_access();
int main() {
hosts_access()
; return 0; }
Logged In: YES
user_id=42397
This is still occurring in 1.5pre6 on OpenBSD 2.8.
Is there a way to unlink the extras from tcp-wrappers? I don't code, but I can read and comment out stuff...
Logged In: YES
user_id=55096
fixed in 2.0, likely fixed in 1.6