Subject: Re: src/domestic/libexec/telnetd
To: None <thieleke@icaen.uiowa.edu>
From: Greg Earle <earle@isolar.Tujunga.CA.US>
List: current-users
Date: 03/28/1996 15:30:47
>>> src/domestic/libexec/telnetd/Makefile needs -lcrypt added to its
>>> encryption LDADD+, or the domestic telnetd will fail.
>
>> Are you sure about this? I mean, on the surface it seems perfectly
>> reasonable, but I just built the world yesterday (March 26th sup) -
>> without this patch - and I can telnet into the machine just fine.
>
> Yep. With the sans -lcrypt linked telnetd installed:
>
> thieleke% telnet localhost
> Trying 127.0.0.1...
> Connected to localhost.icaen.uiowa.edu.
> Escape character is '^]'.
> /usr/libexec/ld.so: Undefined symbol "_crypt" in \
> telnetd:/usr/lib/libkrb.so.2.0
>
> Connection closed by foreign host.
>
> This is using a system with Mar 26 binaries.
The plot sickens! I'm also using Mar 26 binaries, and as quoted,
>> isolar:1:41 % telnet scipio.jpl.nasa.gov.
>> Trying 137.78.70.110 ...
>> Connected to scipio.jpl.nasa.gov.
>> Escape character is '^]'.
>>
>> NetBSD/i386 (scipio.jpl.nasa.gov) (ttyp3)
>>
>> login: root
i.e., it works fine for me without -lcrypt. Why is this, folks?!?
Especially given that I have
scipio# nm /usr/lib/libkrb.a
[...]
str2key.o:
00000224 T _afs_string_to_key
U _crypt
scipio# strings - /usr/lib/libkrb.so.2.0 | egrep crypt
_des_pcbc_encrypt
_crypt
The invocation of "crypt()" is in libkrb's str2key.c::afs_cmu_StringToKey()
function, which is called by afs_string_to_key() (bottom of str2key.c).
I can't find *anything* that calls this "afs_string_to_key()" function:
scipio# find /usr/src -type f \! -name \*.o -print | xargs egrep -l \
afs_string_to_key
/usr/src/.obj.i386/domestic/lib/libkrb/libkrb.a
/usr/src/.obj.i386/domestic/lib/libkrb/libkrb_p.a
/usr/src/.obj.i386/domestic/lib/libkrb/str2key.po
/usr/src/.obj.i386/domestic/lib/libkrb/libkrb_pic.a
/usr/src/.obj.i386/domestic/lib/libkrb/str2key.so
/usr/src/.obj.i386/domestic/lib/libkrb/libkrb.so.2.0
/usr/src/domestic/lib/libkrb/str2key.c
/usr/src/domestic/include/kerberosIV/krb.h
(My /usr/obj -> /usr/src/.obj.i386)
I guess this raises 2 questions:
(1) Why does it "work" for me but not for Jeff?
(2) I had this vague notion that the run-time loader made sure that all
shared-library references were resolved at run-time; i.e. as opposed to
tripping over an unresolved reference while actually running the code.
Given that my /usr/lib/libkrb.so.2.0 shows the unresolved "_crypt"
reference (even though no function apparently ever calls the one which
in turn would call the one invoking crypt() ... ), why am I not getting
the same result? (i.e., I thought maybe he was using AFS, and perhaps
that was causing it to trip over that code; but again, I thought shared
library references were all resolved at run-time, and there doesn't
seem to be any code that actually calls the thing to trip over it)
(3) By this reasoning, shouldn't my Kerberos server (/usr/sbin/kerberos)
immediately fall over as well?
scipio# ldd /usr/sbin/kerberos
/usr/sbin/kerberos:
-lkdb.2 => /usr/lib/libkdb.so.2.0 (0x1001c000)
-lkrb.2 => /usr/lib/libkrb.so.2.0 (0x1001f000)
-ldes.2 => /usr/lib/libdes.so.2.0 (0x10030000)
-lc.12 => /usr/lib/libc.so.12.4 (0x1003a000)
(Note libkrb dependancy without libcrypt here as well.)
scipio# kerberos
Kerberos server starting
Sleep forever on error
Log file is /var/log/kerberos.log
Puzzled in Pasadena,
- Greg
P.S. /usr/src/domestic/usr.sbin/kerberos/kerberos.8 is completely wrong, btw.
It should document the /usr/sbin/kerberos server, but instead it's a
non-NetBSD'ized replicant of /usr/src/domestic/lib/libkrb/kerberos.1.