Re: git: a098111a28ed - main - secure: Add ssh-sk-client to all consumers of libssh

From: Shawn Webb <shawn.webb_at_hardenedbsd.org>
Date: Thu, 24 Apr 2025 22:45:12 UTC
On Tue, Apr 22, 2025 at 02:07:50AM +0000, John Baldwin wrote:
> The branch main has been updated by jhb:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=a098111a28ed59e1ab1101ad09913f0235ebd28f
> 
> commit a098111a28ed59e1ab1101ad09913f0235ebd28f
> Author:     John Baldwin <jhb@FreeBSD.org>
> AuthorDate: 2025-04-22 02:05:28 +0000
> Commit:     John Baldwin <jhb@FreeBSD.org>
> CommitDate: 2025-04-22 02:05:28 +0000
> 
>     secure: Add ssh-sk-client to all consumers of libssh
>     
>     These all failed to link with ld.bfd used by GCC due to
>     Fssh_sshsk_sign being an unresolved symbol.
>     
>     Fixes:          65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere")

Hey John,

I'm getting the following error from the RTLD when the rc scripts
start sshd:

==== BEGIN LOG ====
ld-elf.so.1: /usr/lib/libprivatessh.so.5: Undefined symbol "Fssh_sshsk_sign
==== END LOG ====

This is on HardenedBSD 15-CURRENT/amd64. I'll try to reproduce next
week with vanilla FreeBSD, unless someone else beats me to it.

Thanks,

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Signal Username:  shawn_webb.74
Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc