I upgraded sendmail n a Solaris 7 server from version 8.13.6 to version 8.14.3.
[ More Info ]
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
[ More Info ]
HEAD / HTTP/1.0
command.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Fri, 25 Jan 2008 03:29:30 GMT
Server: Apache/2.0.39 (Unix)
Last-Modified: Thu, 29 Nov 2007 04:39:44 GMT
ETag: "89124-5df-e729c400"
Accept-Ranges: bytes
Content-Length: 1503
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Connection closed by foreign host.The version was 2.0.39, so it was out-of-date.
You can also check the version with the apachectl command.
# /usr/local/apache2/bin/apachectl -v
Server version: Apache/2.0.39
Server built: Jun 26 2002 01:03:14Version 2.0.59 is the current version listed at Sunfreeware.com - SPARC/Solaris 7 Packages.
The dependencies statement for Apache 2.0.59 listed libiconv as a
dependency and stated "you may need /usr/local/lib/libgcc_s.so.1 either from
the libgcc-3.3 or gcc-3.3.2 or higher packages." When I checked the version
of gcc with gcc -v, I saw it was 3.0.4. So I first
upgraded libiconv.
I installed libiconv 1.11 on a Sun SPARC Solaris 7 system. I obtained the package from Sunfreeware.com - SPARC/Solaris 7 Packages.
# gunzip libiconv-1.11-sol7-sparc-local.gz
# pkgadd -d libiconv-1.11-sol7-sparc-local
The following packages are available:
1 SMCliconv libiconv
(sparc) 1.11
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: all
Processing package instance <SMCliconv> from </home/jdoe/libiconv-1.11-sol7-sparc-local>
libiconv
(sparc) 1.11
Bruno Haible
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
12 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
[Hit <RETURN> to continue display]
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so
/usr/local/lib/libiconv.so.2
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.
Installing libiconv as <SMCliconv>
## Installing part 1 of 1.
/usr/local/bin/iconv
/usr/local/doc/libiconv/ABOUT-NLS
/usr/local/doc/libiconv/AUTHORS
/usr/local/doc/libiconv/COPYING.LIB
/usr/local/doc/libiconv/ChangeLog
/usr/local/doc/libiconv/DESIGN
/usr/local/doc/libiconv/INSTALL.generic
/usr/local/doc/libiconv/NEWS
/usr/local/doc/libiconv/NOTES
/usr/local/doc/libiconv/PORTS
/usr/local/doc/libiconv/README
/usr/local/doc/libiconv/README.djgpp
/usr/local/doc/libiconv/README.os2
/usr/local/doc/libiconv/README.woe32
/usr/local/doc/libiconv/THANKS
/usr/local/include/iconv.h
/usr/local/include/libcharset.h
/usr/local/include/localcharset.h
/usr/local/lib/libcharset.a
/usr/local/lib/libcharset.la
/usr/local/lib/libcharset.so.1.0.0
/usr/local/lib/libiconv.la
/usr/local/lib/libiconv.so <symbolic link>
/usr/local/lib/libiconv.so.2 <symbolic link>
/usr/local/lib/libiconv.so.2.4.0
/usr/local/lib/preloadable_libiconv.so
/usr/local/man/man1/iconv.1
/usr/local/man/man3/iconv.3
/usr/local/man/man3/iconv_close.3
/usr/local/man/man3/iconv_open.3
/usr/local/man/man3/iconvctl.3
/usr/local/share/doc/iconv.1.html
/usr/local/share/doc/iconv.3.html
/usr/local/share/doc/iconv_close.3.html
/usr/local/share/doc/iconv_open.3.html
/usr/local/share/doc/iconvctl.3.html
[ verifying class <none> ]
Installation of <SMCliconv> was successful.
Since libintl was listed as a dependency for
libiconv, I tried to determine if libintl
on the system was the latest version.
I looked for libiintl files on the system. I found several.
# find / -name libintl\* -print
/usr/lib/sparcv9/libintl.so
/usr/lib/sparcv9/libintl.so.1
/usr/lib/libintl.so
/usr/lib/libintl.so.1
/usr/lib/libintl.a
/usr/include/libintl.h
/usr/share/man/sman4/libintl.4
/usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.4/include/libintl.h
When I looked in /usr/include/libintl.h, I saw it was version
1.12, so I upgraded libintl to the 3.4.0 version from
Sunfreeware.com -
SPARC/Solaris 7 Packages.
# gunzip libintl-3.4.0-sol7-sparc-local.gz
# pkgadd -d libintl-3.4.0-sol7-sparc-local
The following packages are available:
1 SMClintl libintl
(sparc) 3.4.0
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMClintl> from </home/jdoe/libintl-3.4.0-sol7-sparc-local>
libintl
(sparc) 3.4.0
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
2 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
Installing libintl as <SMClintl>
## Installing part 1 of 1.
/usr/local/include/libintl.h
/usr/local/lib/libintl.a
/usr/local/lib/libintl.la
/usr/local/lib/libintl.so <symbolic link>
/usr/local/lib/libintl.so.3 <symbolic link>
/usr/local/lib/libintl.so.3.4.0
/usr/local/lib/libintl.so.8 <symbolic link>
/usr/local/lib/libintl.so.8.0.2
[ verifying class <none> ]
Installation of <SMClintl> was successful.
I then upgraded gcc.
# gunzip gcc-3.4.6-sol7-sparc-local.gz
# pkgadd -d gcc-3.4.6-sol7-sparc-local
The following packages are available:
1 SMCgcc gcc
(sparc) 3.4.6
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCgcc> from </tmp/testing/gcc-3.4.6-sol7-sparc-local>
gcc
(sparc) 3.4.6
FSF
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
10 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/bin/c++
* /usr/local/bin/cpp
* /usr/local/bin/g++
* /usr/local/bin/g77
* /usr/local/bin/gcc
* /usr/local/bin/gccbug
* /usr/local/bin/gcov
* /usr/local/bin/sparc-sun-solaris2.7-c++
* /usr/local/bin/sparc-sun-solaris2.7-g++
* /usr/local/bin/sparc-sun-solaris2.7-gcc
* /usr/local/info <attribute change only>
* /usr/local/info/cpp.info
* /usr/local/info/cppinternals.info
* /usr/local/info/g77.info
* /usr/local/info/gcc.info
* /usr/local/lib/libgcc_s.so.1
* /usr/local/lib/libiberty.a
* /usr/local/lib/libstdc++.a
* /usr/local/lib/libstdc++.la
[Hit <RETURN> to continue display]
* /usr/local/lib/libsupc++.a
* /usr/local/lib/libsupc++.la
* /usr/local/man/man1/cpp.1
* /usr/local/man/man1/g++.1
* /usr/local/man/man1/g77.1
* /usr/local/man/man1/gcc.1
* /usr/local/man/man1/gcov.1
* /usr/local/man/man7 <attribute change only>
* /usr/local/man/man7/fsf-funding.7
* /usr/local/man/man7/gfdl.7
* /usr/local/man/man7/gpl.7
* /usr/local/share/locale <attribute change only>
* /usr/local/share/locale/be <attribute change only>
* /usr/local/share/locale/be/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ca <attribute change only>
* /usr/local/share/locale/ca/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/da <attribute change only>
* /usr/local/share/locale/da/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/de <attribute change only>
* /usr/local/share/locale/de/LC_MESSAGES <attribute change only>
[Hit <RETURN< to continue display]
* /usr/local/share/locale/el <attribute change only>
* /usr/local/share/locale/el/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/es <attribute change only>
* /usr/local/share/locale/es/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/fr <attribute change only>
* /usr/local/share/locale/fr/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/ja <attribute change only>
* /usr/local/share/locale/ja/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/nl <attribute change only>
* /usr/local/share/locale/nl/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/sv <attribute change only>
* /usr/local/share/locale/sv/LC_MESSAGES <attribute change only>
* /usr/local/share/locale/tr <attribute change only>
* /usr/local/share/locale/tr/LC_MESSAGES <attribute change only>
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
<text snipped>
/usr/local/share/locale/tr/LC_MESSAGES/gcc.mo
[ verifying class <none> ]
Installation of <SMCgcc> was successful.I then downloaded the 2.0.59 version of Apache and installed it.
# gunzip apache-2.0.59-sol7-sparc-local.gz
# pkgadd -d apache-2.0.59-sol7-sparc-local
The following packages are available:
1 SMCap2059 apache
(sparc) 2.0.59
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]:
Processing package instance <SMCap2059> from </home/jdoe/apache-2.0.59-sol7-sparc-local>
apache
(sparc) 2.0.59
The Apache Group
Using </usr/local/apache2> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/apache2/bin <attribute change only>
* /usr/local/apache2/bin/ab
* /usr/local/apache2/bin/apachectl
* /usr/local/apache2/bin/apr-config
* /usr/local/apache2/bin/apu-config
* /usr/local/apache2/bin/apxs
* /usr/local/apache2/bin/checkgid
* /usr/local/apache2/bin/dbmmanage
* /usr/local/apache2/bin/envvars
* /usr/local/apache2/bin/envvars-std
* /usr/local/apache2/bin/htdbm
* /usr/local/apache2/bin/htdigest
* /usr/local/apache2/bin/htpasswd
* /usr/local/apache2/bin/httpd
* /usr/local/apache2/bin/logresolve
* /usr/local/apache2/bin/rotatelogs
* /usr/local/apache2/build <attribute change only>
* /usr/local/apache2/build/config_vars.mk
* /usr/local/apache2/build/instdso.sh
[Hit <RETURN> to continue display]
<text snipped>
* /usr/local/apache2/manual/vhosts/index.html.en
* /usr/local/apache2/manual/vhosts/ip-based.html
* /usr/local/apache2/manual/vhosts/mass.html
* /usr/local/apache2/manual/vhosts/name-based.html
* /usr/local/apache2/manual/vhosts/name-based.html.en
* /usr/local/apache2/modules <attribute change only>
* /usr/local/apache2/modules/httpd.exp
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
[ verifying class <none> ]
Installation of <SMCap2059> was successful.When I tried to restart Apache to run the new version, I received the message below:
# ../bin/apachectl restart
Syntax error on line 344 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
When I checked what was at line 344, I found Order allow,deny.
<Directory "/usr/local/apache2/htdocs">
<text snipped>
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
I commented out the "order" and "allow" lines to see what would happen. I
then received an error message concerning the UserDir command
in httpd.conf.
I checked the compiled-in modules for Apache with httpd -l and
saw the following:
# ../bin/httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
The order command requires the mod_access module
to be loaded in Apache. It was apparently compiled into the previous version
I had running on the system, but it isn't compiled into the current version,
so I added
LoadModule access_module /usr/local/apache2/modules/mod_access.so
to /usr/local/apache2/conf/httpd.conf.
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
Note: the location of mod_access.so and other modules
may be in a different location on other systems, e.g. under Linux it may be at
/etc/httpd/modules/mod_access.so. I also discovered later
that I should have put LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so in as well to address
this error as shown at
Adding Modules to httpd.conf With Apache 2.
When I added the mod_access.so line and ran apachectl
restart, I then received the error message below:
# ../bin/apachectl restart
Syntax error on line 354 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'UserDir', perhaps mis-spelled or defined by a module not
included in the server configuration
I then added the line LoadModule userdir_module
/usr/local/apache2/modules/mod_userdir.so below the
LoadModule access_module /usr/local/apache2/modules/mod_access.so
line in httpd.conf. That eliminated the error related to the
UserDir command, but I then saw another module related error
message.
# ../bin/apachectl restart
Syntax error on line 382 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'DirectoryIndex', perhaps mis-spelled or defined by a module not included in the server configuration
I added LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
beneath the other LoadModule statements and reran
apacectl restart. The error message for DirectoryIndex
was eliminated and I got further in the configuration file, but I received
another error message when I restarted Apache.
# ../bin/apachectl restart
Syntax error on line 403 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'TypesConfig', perhaps mis-spelled or defined by a module not included in the server configuration
So I then added LoadModule mime_module
/usr/local/apache2/modules/mod_mime.so and attempted again to restart
Apache. The next error message is shown below.
# ../bin/apachectl restart
Syntax error on line 456 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LogFormat', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule log_config_module
/usr/local/apache2/modules/mod_log_config.so. When I attempted to
restart Apache, I then saw the message below.
# ../bin/apachectl restart
Syntax error on line 506 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Alias', perhaps mis-spelled or defined by a module not included in the server configurationI then added LoadModule alias_module
/usr/local/apache2/modules/mod_alias.so, which led to the next
error message.
# ../bin/apachectl restart
Syntax error on line 576 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'IndexOptions', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule autoindex_module
/usr/local/apache2/modules/mod_audoindex.so and attempted to restart
Apache again.
# ../bin/apachectl restart
Syntax error on line 724 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'LanguagePriority', perhaps mis-spelled or defined by a module not included in the server configurationI added LoadModule negotiation_module
/usr/local/apache2/modules/mod_negotiation.so to address that error.
# ../bin/apachectl restart
Syntax error on line 908 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'BrowserMatch', perhaps mis-spelled or defined by a module not included in the server configuration
I then added LoadModule setenvif_module
/usr/local/apache2/modules/mod_setevnif.so and attempted to restart
again with apachectl restart. At last it restarted without an
error message. Yeah! Except when I tried telnet 1270.0.1 80 to
connect to the default HTTP port on the local loopback address, it failed.
# telnet 127.0.0.1 80
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
When I looked in /usr/local/apache2/logs/error_log, I saw the
following:
[Sun Jan 27 22:09:30 2008] [notice] SIGHUP received. Attempting to restart
Syntax error on line 219 of /usr/local/apache2/conf/httpd.conf:
module access_module is built-in and can't be loaded
So I removed LoadModule access_module
/usr/local/apache2/modules/mod_access.so from httpd.conf.
But then I got the Invalid command 'Order' error message again.
# ../bin/apachectl restart
Syntax error on line 352 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not included in the server configuration
I put LoadModule access_module
/usr/local/apache2/modules/mod_access.so
and added LoadModule auth_module
/usr/local/apache2/modules/mod_auth.so below it.
# ../bin/apachectl restart
httpd not running, trying to startI tried connecting to port 80 on the loopback address again. This time
I was successful. I entered the command HEAD / HTTP/1.0 and
hit return a couple of times. Apache then responded with information showing
me that version 2.0.59 was running at last.
I now have the following module section in httpd.conf
#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule access_module /usr/local/apache2/modules/mod_access.so
LoadModule auth_module /usr/local/apache2/modules/mod_auth.so
LoadModule userdir_module /usr/local/apache2/modules/mod_userdir.so
LoadModule dir_module /usr/local/apache2/modules/mod_dir.so
LoadModule mime_module /usr/local/apache2/modules/mod_mime.so
LoadModule log_config_module /usr/local/apache2/modules/mod_log_config.so
LoadModule alias_module /usr/local/apache2/modules/mod_alias.so
LoadModule autoindex_module /usr/local/apache2/modules/mod_autoindex.so
LoadModule negotiation_module /usr/local/apache2/modules/mod_negotiation.so
LoadModule setenvif_module /usr/local/apache2/modules/mod_setenvif.soReferences:
# ssh -V
OpenSSH_3.7.1p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
Note: if you need to check the version of the SSH daemon software on a remote
system, you can ssh to the system using the -v option to obtain
verbose debugging messages, which will reveal the version number on the remote
system in the "remote protocol version" line. Note: the version you see on the
first line is the version of the ssh client you are using, not the version on
the remote SSH server.
# ssh -v jsmith@192.168.0.11
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to example.com [192.168.0.11] port 22.
debug1: Connection established.
debug1: identity file /home/jim/.ssh/identity type -1
debug1: identity file /home/jim/.ssh/id_rsa type -1
debug1: identity file /home/jim/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.7.1p1
debug1: match: OpenSSH_3.7.1p1 pat OpenSSH*Installation of that version also requires the installation of the packages openssl-0.9.8e (do not use the older openssl packages), zlib, libgcc-3.3 or gcc-3.3.2, prngd and optionally, but highly recommended, the perl, egd and tcp_wrappers packages.
When I checked the OpenSSL version on the system, I found it also needed to be updated.
# /usr/local/ssl/bin/openssl version
OpenSSL 0.9.7b 10 Apr 2003The information for the OpenSSL 0.9.8e package stated that you "may also need to install either gcc-3.4.6 or libgcc-3.4.6 to obtain the libgcc_s.so.1 library.
I found that gcc was also outdated.
# gcc -v
Reading specs from /usr/local/lib/gcc-lib/sparc-sun-solaris2.7/3.0.4/specs
Configured with: ../gcc-3.0.4/configure
Thread model: posix
gcc version 3.0.4
The gcc package requires the installation of libiconv, but that
was already on the system in /usr/local/lib. The gcc package is
fairly large; since I already had an earlier version of gcc on the system,
I decided to proceed with the installation of OpenSSL 0.9.8e instead of waiting
over a 1/2 hour to download the latest version of the gcc package.
# gunzip openssl-0.9.8e-sol7-sparc-local.gz
# pkgadd -d ./openssl-0.9.8e-sol7-sparc-local
The following packages are available:
1 SMCossl openssl
(sparc) 0.9.8e
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
Processing package instance <SMCossl> from
</tmp/openssl-0.9.8e-sol7-sparc-local>
openssl
(sparc) 0.9.8e
The OpenSSL Group
Using as the package base directory.
## Processing package information.
## Processing system information.
711 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/ssl
* /usr/local/ssl/bin
* /usr/local/ssl/bin/c_rehash
* /usr/local/ssl/bin/openssl
* /usr/local/ssl/certs
* /usr/local/ssl/include
* /usr/local/ssl/include/openssl
* /usr/local/ssl/include/openssl/aes.h
* /usr/local/ssl/include/openssl/asn1.h
* /usr/local/ssl/include/openssl/asn1_mac.h
* /usr/local/ssl/include/openssl/asn1t.h
* /usr/local/ssl/include/openssl/bio.h
* /usr/local/ssl/include/openssl/blowfish.h
* /usr/local/ssl/include/openssl/bn.h
* /usr/local/ssl/include/openssl/buffer.h
* /usr/local/ssl/include/openssl/cast.h
* /usr/local/ssl/include/openssl/comp.h
* /usr/local/ssl/include/openssl/conf.h
* /usr/local/ssl/include/openssl/conf_api.h
[Hit to continue display]
* /usr/local/ssl/include/openssl/crypto.h
* /usr/local/ssl/include/openssl/des.h
* /usr/local/ssl/include/openssl/des_old.h
* /usr/local/ssl/include/openssl/dh.h
* /usr/local/ssl/include/openssl/dsa.h
* /usr/local/ssl/include/openssl/dso.h
* /usr/local/ssl/include/openssl/e_os2.h
* /usr/local/ssl/include/openssl/ebcdic.h
* /usr/local/ssl/include/openssl/ec.h
* /usr/local/ssl/include/openssl/engine.h
* /usr/local/ssl/include/openssl/err.h
* /usr/local/ssl/include/openssl/evp.h
* /usr/local/ssl/include/openssl/hmac.h
* /usr/local/ssl/include/openssl/idea.h
* /usr/local/ssl/include/openssl/krb5_asn.h
* /usr/local/ssl/include/openssl/kssl.h
* /usr/local/ssl/include/openssl/lhash.h
* /usr/local/ssl/include/openssl/md2.h
* /usr/local/ssl/include/openssl/md4.h
* /usr/local/ssl/include/openssl/md5.h
[Hit to continue display]
* /usr/local/ssl/include/openssl/obj_mac.h
* /usr/local/ssl/include/openssl/objects.h
* /usr/local/ssl/include/openssl/ocsp.h
* /usr/local/ssl/include/openssl/opensslconf.h
* /usr/local/ssl/include/openssl/opensslv.h
* /usr/local/ssl/include/openssl/ossl_typ.h
* /usr/local/ssl/include/openssl/pem.h
* /usr/local/ssl/include/openssl/pem2.h
* /usr/local/ssl/include/openssl/pkcs12.h
* /usr/local/ssl/include/openssl/pkcs7.h
* /usr/local/ssl/include/openssl/rand.h
* /usr/local/ssl/include/openssl/rc2.h
* /usr/local/ssl/include/openssl/rc4.h
* /usr/local/ssl/include/openssl/ripemd.h
* /usr/local/ssl/include/openssl/rsa.h
* /usr/local/ssl/include/openssl/safestack.h
* /usr/local/ssl/include/openssl/sha.h
* /usr/local/ssl/include/openssl/ssl.h
* /usr/local/ssl/include/openssl/ssl2.h
* /usr/local/ssl/include/openssl/ssl23.h
[Hit to continue display]
* /usr/local/ssl/include/openssl/ssl3.h
* /usr/local/ssl/include/openssl/stack.h
* /usr/local/ssl/include/openssl/symhacks.h
* /usr/local/ssl/include/openssl/tls1.h
* /usr/local/ssl/include/openssl/tmdiff.h
* /usr/local/ssl/include/openssl/txt_db.h
* /usr/local/ssl/include/openssl/ui.h
* /usr/local/ssl/include/openssl/ui_compat.h
* /usr/local/ssl/include/openssl/x509.h
* /usr/local/ssl/include/openssl/x509_vfy.h
* /usr/local/ssl/include/openssl/x509v3.h
* /usr/local/ssl/lib
* /usr/local/ssl/lib/libcrypto.a
* /usr/local/ssl/lib/libssl.a
* /usr/local/ssl/lib/pkgconfig
* /usr/local/ssl/lib/pkgconfig/openssl.pc
* /usr/local/ssl/man
* /usr/local/ssl/man/man1
* /usr/local/ssl/man/man1/CA.pl.1
* /usr/local/ssl/man/man1/asn1parse.1
[Hit to continue display]
* /usr/local/ssl/man/man1/ca.1
* /usr/local/ssl/man/man1/ciphers.1
* /usr/local/ssl/man/man1/crl.1
* /usr/local/ssl/man/man1/crl2pkcs7.1
* /usr/local/ssl/man/man1/dgst.1
* /usr/local/ssl/man/man1/dhparam.1
* /usr/local/ssl/man/man1/dsa.1
* /usr/local/ssl/man/man1/dsaparam.1
* /usr/local/ssl/man/man1/enc.1
* /usr/local/ssl/man/man1/gendsa.1
* /usr/local/ssl/man/man1/genrsa.1
* /usr/local/ssl/man/man1/nseq.1
* /usr/local/ssl/man/man1/ocsp.1
* /usr/local/ssl/man/man1/openssl.1
* /usr/local/ssl/man/man1/passwd.1
* /usr/local/ssl/man/man1/pkcs12.1
* /usr/local/ssl/man/man1/pkcs7.1
* /usr/local/ssl/man/man1/pkcs8.1
* /usr/local/ssl/man/man1/rand.1
* /usr/local/ssl/man/man1/req.1
[Hit to continue display]
* /usr/local/ssl/man/man1/rsa.1
* /usr/local/ssl/man/man1/rsautl.1
* /usr/local/ssl/man/man1/s_client.1
* /usr/local/ssl/man/man1/s_server.1
* /usr/local/ssl/man/man1/sess_id.1
* /usr/local/ssl/man/man1/smime.1
* /usr/local/ssl/man/man1/speed.1
* /usr/local/ssl/man/man1/spkac.1
* /usr/local/ssl/man/man1/verify.1
* /usr/local/ssl/man/man1/version.1
* /usr/local/ssl/man/man1/x509.1
* /usr/local/ssl/man/man3
* /usr/local/ssl/man/man3/ASN1_OBJECT_new.3
* /usr/local/ssl/man/man3/ASN1_STRING_length.3
* /usr/local/ssl/man/man3/ASN1_STRING_new.3
* /usr/local/ssl/man/man3/ASN1_STRING_print_ex.3
* /usr/local/ssl/man/man3/BIO_ctrl.3
* /usr/local/ssl/man/man3/BIO_f_base64.3
* /usr/local/ssl/man/man3/BIO_f_buffer.3
* /usr/local/ssl/man/man3/BIO_f_cipher.3
[Hit to continue display]
* /usr/local/ssl/man/man3/BIO_f_md.3
* /usr/local/ssl/man/man3/BIO_f_null.3
* /usr/local/ssl/man/man3/BIO_f_ssl.3
* /usr/local/ssl/man/man3/BIO_find_type.3
* /usr/local/ssl/man/man3/BIO_new.3
* /usr/local/ssl/man/man3/BIO_push.3
* /usr/local/ssl/man/man3/BIO_read.3
* /usr/local/ssl/man/man3/BIO_s_accept.3
* /usr/local/ssl/man/man3/BIO_s_bio.3
* /usr/local/ssl/man/man3/BIO_s_connect.3
* /usr/local/ssl/man/man3/BIO_s_fd.3
* /usr/local/ssl/man/man3/BIO_s_file.3
* /usr/local/ssl/man/man3/BIO_s_mem.3
* /usr/local/ssl/man/man3/BIO_s_null.3
* /usr/local/ssl/man/man3/BIO_s_socket.3
* /usr/local/ssl/man/man3/BIO_set_callback.3
* /usr/local/ssl/man/man3/BIO_should_retry.3
* /usr/local/ssl/man/man3/BN_CTX_new.3
* /usr/local/ssl/man/man3/BN_CTX_start.3
* /usr/local/ssl/man/man3/BN_add.3
[Hit to continue display]
* /usr/local/ssl/man/man3/BN_add_word.3
* /usr/local/ssl/man/man3/BN_bn2bin.3
* /usr/local/ssl/man/man3/BN_cmp.3
* /usr/local/ssl/man/man3/BN_copy.3
* /usr/local/ssl/man/man3/BN_generate_prime.3
* /usr/local/ssl/man/man3/BN_mod_inverse.3
* /usr/local/ssl/man/man3/BN_mod_mul_montgomery.3
* /usr/local/ssl/man/man3/BN_mod_mul_reciprocal.3
* /usr/local/ssl/man/man3/BN_new.3
* /usr/local/ssl/man/man3/BN_num_bytes.3
* /usr/local/ssl/man/man3/BN_rand.3
* /usr/local/ssl/man/man3/BN_set_bit.3
* /usr/local/ssl/man/man3/BN_swap.3
* /usr/local/ssl/man/man3/BN_zero.3
* /usr/local/ssl/man/man3/CRYPTO_set_ex_data.3
* /usr/local/ssl/man/man3/DH_generate_key.3
* /usr/local/ssl/man/man3/DH_generate_parameters.3
* /usr/local/ssl/man/man3/DH_get_ex_new_index.3
* /usr/local/ssl/man/man3/DH_new.3
* /usr/local/ssl/man/man3/DH_set_method.3
[Hit to continue display]
* /usr/local/ssl/man/man3/DH_size.3
* /usr/local/ssl/man/man3/DSA_SIG_new.3
* /usr/local/ssl/man/man3/DSA_do_sign.3
* /usr/local/ssl/man/man3/DSA_dup_DH.3
* /usr/local/ssl/man/man3/DSA_generate_key.3
* /usr/local/ssl/man/man3/DSA_generate_parameters.3
* /usr/local/ssl/man/man3/DSA_get_ex_new_index.3
* /usr/local/ssl/man/man3/DSA_new.3
* /usr/local/ssl/man/man3/DSA_set_method.3
* /usr/local/ssl/man/man3/DSA_sign.3
* /usr/local/ssl/man/man3/DSA_size.3
* /usr/local/ssl/man/man3/ERR_GET_LIB.3
* /usr/local/ssl/man/man3/ERR_clear_error.3
* /usr/local/ssl/man/man3/ERR_error_string.3
* /usr/local/ssl/man/man3/ERR_get_error.3
* /usr/local/ssl/man/man3/ERR_load_crypto_strings.3
* /usr/local/ssl/man/man3/ERR_load_strings.3
* /usr/local/ssl/man/man3/ERR_print_errors.3
* /usr/local/ssl/man/man3/ERR_put_error.3
* /usr/local/ssl/man/man3/ERR_remove_state.3
[Hit to continue display]
* /usr/local/ssl/man/man3/EVP_BytesToKey.3
* /usr/local/ssl/man/man3/EVP_DigestInit.3
* /usr/local/ssl/man/man3/EVP_EncryptInit.3
* /usr/local/ssl/man/man3/EVP_OpenInit.3
* /usr/local/ssl/man/man3/EVP_PKEY_new.3
* /usr/local/ssl/man/man3/EVP_PKEY_set1_RSA.3
* /usr/local/ssl/man/man3/EVP_SealInit.3
* /usr/local/ssl/man/man3/EVP_SignInit.3
* /usr/local/ssl/man/man3/EVP_VerifyInit.3
* /usr/local/ssl/man/man3/OBJ_nid2obj.3
* /usr/local/ssl/man/man3/OPENSSL_VERSION_NUMBER.3
* /usr/local/ssl/man/man3/OpenSSL_add_all_algorithms.3
* /usr/local/ssl/man/man3/PKCS12_create.3
* /usr/local/ssl/man/man3/PKCS12_parse.3
* /usr/local/ssl/man/man3/PKCS7_decrypt.3
* /usr/local/ssl/man/man3/PKCS7_encrypt.3
* /usr/local/ssl/man/man3/PKCS7_sign.3
* /usr/local/ssl/man/man3/PKCS7_verify.3
* /usr/local/ssl/man/man3/RAND_add.3
* /usr/local/ssl/man/man3/RAND_bytes.3
[Hit to continue display]
* /usr/local/ssl/man/man3/RAND_cleanup.3
* /usr/local/ssl/man/man3/RAND_egd.3
* /usr/local/ssl/man/man3/RAND_load_file.3
* /usr/local/ssl/man/man3/RAND_set_rand_method.3
* /usr/local/ssl/man/man3/RSA_blinding_on.3
* /usr/local/ssl/man/man3/RSA_check_key.3
* /usr/local/ssl/man/man3/RSA_generate_key.3
* /usr/local/ssl/man/man3/RSA_get_ex_new_index.3
* /usr/local/ssl/man/man3/RSA_new.3
* /usr/local/ssl/man/man3/RSA_padding_add_PKCS1_type_1.3
* /usr/local/ssl/man/man3/RSA_print.3
* /usr/local/ssl/man/man3/RSA_private_encrypt.3
* /usr/local/ssl/man/man3/RSA_public_encrypt.3
* /usr/local/ssl/man/man3/RSA_set_method.3
* /usr/local/ssl/man/man3/RSA_sign.3
* /usr/local/ssl/man/man3/RSA_sign_ASN1_OCTET_STRING.3
* /usr/local/ssl/man/man3/RSA_size.3
* /usr/local/ssl/man/man3/SMIME_read_PKCS7.3
* /usr/local/ssl/man/man3/SMIME_write_PKCS7.3
* /usr/local/ssl/man/man3/SSL_CIPHER_get_name.3
[Hit to continue display]
* /usr/local/ssl/man/man3/SSL_COMP_add_compression_method.3
* /usr/local/ssl/man/man3/SSL_CTX_add_extra_chain_cert.3
* /usr/local/ssl/man/man3/SSL_CTX_add_session.3
* /usr/local/ssl/man/man3/SSL_CTX_ctrl.3
* /usr/local/ssl/man/man3/SSL_CTX_flush_sessions.3
* /usr/local/ssl/man/man3/SSL_CTX_free.3
* /usr/local/ssl/man/man3/SSL_CTX_get_ex_new_index.3
* /usr/local/ssl/man/man3/SSL_CTX_get_verify_mode.3
* /usr/local/ssl/man/man3/SSL_CTX_load_verify_locations.3
* /usr/local/ssl/man/man3/SSL_CTX_new.3
* /usr/local/ssl/man/man3/SSL_CTX_sess_number.3
* /usr/local/ssl/man/man3/SSL_CTX_sess_set_cache_size.3
* /usr/local/ssl/man/man3/SSL_CTX_sess_set_get_cb.3
* /usr/local/ssl/man/man3/SSL_CTX_sessions.3
* /usr/local/ssl/man/man3/SSL_CTX_set_cert_store.3
* /usr/local/ssl/man/man3/SSL_CTX_set_cert_verify_callback.3
* /usr/local/ssl/man/man3/SSL_CTX_set_cipher_list.3
* /usr/local/ssl/man/man3/SSL_CTX_set_client_CA_list.3
* /usr/local/ssl/man/man3/SSL_CTX_set_client_cert_cb.3
* /usr/local/ssl/man/man3/SSL_CTX_set_default_passwd_cb.3
[Hit to continue display]
* /usr/local/ssl/man/man3/SSL_CTX_set_generate_session_id.3
* /usr/local/ssl/man/man3/SSL_CTX_set_info_callback.3
* /usr/local/ssl/man/man3/SSL_CTX_set_max_cert_list.3
* /usr/local/ssl/man/man3/SSL_CTX_set_mode.3
* /usr/local/ssl/man/man3/SSL_CTX_set_msg_callback.3
* /usr/local/ssl/man/man3/SSL_CTX_set_options.3
* /usr/local/ssl/man/man3/SSL_CTX_set_quiet_shutdown.3
* /usr/local/ssl/man/man3/SSL_CTX_set_session_cache_mode.3
* /usr/local/ssl/man/man3/SSL_CTX_set_session_id_context.3
* /usr/local/ssl/man/man3/SSL_CTX_set_ssl_version.3
* /usr/local/ssl/man/man3/SSL_CTX_set_timeout.3
* /usr/local/ssl/man/man3/SSL_CTX_set_tmp_dh_callback.3
* /usr/local/ssl/man/man3/SSL_CTX_set_tmp_rsa_callback.3
* /usr/local/ssl/man/man3/SSL_CTX_set_verify.3
* /usr/local/ssl/man/man3/SSL_CTX_use_certificate.3
* /usr/local/ssl/man/man3/SSL_SESSION_free.3
* /usr/local/ssl/man/man3/SSL_SESSION_get_ex_new_index.3
* /usr/local/ssl/man/man3/SSL_SESSION_get_time.3
* /usr/local/ssl/man/man3/SSL_accept.3
* /usr/local/ssl/man/man3/SSL_alert_type_string.3
[Hit to continue display]
* /usr/local/ssl/man/man3/SSL_clear.3
* /usr/local/ssl/man/man3/SSL_connect.3
* /usr/local/ssl/man/man3/SSL_do_handshake.3
* /usr/local/ssl/man/man3/SSL_free.3
* /usr/local/ssl/man/man3/SSL_get_SSL_CTX.3
* /usr/local/ssl/man/man3/SSL_get_ciphers.3
* /usr/local/ssl/man/man3/SSL_get_client_CA_list.3
* /usr/local/ssl/man/man3/SSL_get_current_cipher.3
* /usr/local/ssl/man/man3/SSL_get_default_timeout.3
* /usr/local/ssl/man/man3/SSL_get_error.3
* /usr/local/ssl/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3
* /usr/local/ssl/man/man3/SSL_get_ex_new_index.3
* /usr/local/ssl/man/man3/SSL_get_fd.3
* /usr/local/ssl/man/man3/SSL_get_peer_cert_chain.3
* /usr/local/ssl/man/man3/SSL_get_peer_certificate.3
* /usr/local/ssl/man/man3/SSL_get_rbio.3
* /usr/local/ssl/man/man3/SSL_get_session.3
* /usr/local/ssl/man/man3/SSL_get_verify_result.3
* /usr/local/ssl/man/man3/SSL_get_version.3
* /usr/local/ssl/man/man3/SSL_library_init.3
[Hit to continue display]
* /usr/local/ssl/man/man3/SSL_load_client_CA_file.3
* /usr/local/ssl/man/man3/SSL_new.3
* /usr/local/ssl/man/man3/SSL_pending.3
* /usr/local/ssl/man/man3/SSL_read.3
* /usr/local/ssl/man/man3/SSL_rstate_string.3
* /usr/local/ssl/man/man3/SSL_session_reused.3
* /usr/local/ssl/man/man3/SSL_set_bio.3
* /usr/local/ssl/man/man3/SSL_set_connect_state.3
* /usr/local/ssl/man/man3/SSL_set_fd.3
* /usr/local/ssl/man/man3/SSL_set_session.3
* /usr/local/ssl/man/man3/SSL_set_shutdown.3
* /usr/local/ssl/man/man3/SSL_set_verify_result.3
* /usr/local/ssl/man/man3/SSL_shutdown.3
* /usr/local/ssl/man/man3/SSL_state_string.3
* /usr/local/ssl/man/man3/SSL_want.3
* /usr/local/ssl/man/man3/SSL_write.3
* /usr/local/ssl/man/man3/X509_NAME_ENTRY_get_object.3
* /usr/local/ssl/man/man3/X509_NAME_add_entry_by_txt.3
* /usr/local/ssl/man/man3/X509_NAME_get_index_by_NID.3
* /usr/local/ssl/man/man3/X509_NAME_print_ex.3
[Hit to continue display]
* /usr/local/ssl/man/man3/X509_new.3
* /usr/local/ssl/man/man3/bio.3
* /usr/local/ssl/man/man3/blowfish.3
* /usr/local/ssl/man/man3/bn.3
* /usr/local/ssl/man/man3/bn_internal.3
* /usr/local/ssl/man/man3/buffer.3
* /usr/local/ssl/man/man3/crypto.3
* /usr/local/ssl/man/man3/d2i_ASN1_OBJECT.3
* /usr/local/ssl/man/man3/d2i_DHparams.3
* /usr/local/ssl/man/man3/d2i_DSAPublicKey.3
* /usr/local/ssl/man/man3/d2i_PKCS8PrivateKey.3
* /usr/local/ssl/man/man3/d2i_RSAPublicKey.3
* /usr/local/ssl/man/man3/d2i_SSL_SESSION.3
* /usr/local/ssl/man/man3/d2i_X509.3
* /usr/local/ssl/man/man3/d2i_X509_ALGOR.3
* /usr/local/ssl/man/man3/d2i_X509_CRL.3
* /usr/local/ssl/man/man3/d2i_X509_NAME.3
* /usr/local/ssl/man/man3/d2i_X509_REQ.3
* /usr/local/ssl/man/man3/d2i_X509_SIG.3
* /usr/local/ssl/man/man3/des.3
[Hit to continue display]
* /usr/local/ssl/man/man3/dh.3
* /usr/local/ssl/man/man3/dsa.3
* /usr/local/ssl/man/man3/engine.3
* /usr/local/ssl/man/man3/err.3
* /usr/local/ssl/man/man3/evp.3
* /usr/local/ssl/man/man3/hmac.3
* /usr/local/ssl/man/man3/lh_stats.3
* /usr/local/ssl/man/man3/lhash.3
* /usr/local/ssl/man/man3/md5.3
* /usr/local/ssl/man/man3/mdc2.3
* /usr/local/ssl/man/man3/pem.3
* /usr/local/ssl/man/man3/rand.3
* /usr/local/ssl/man/man3/rc4.3
* /usr/local/ssl/man/man3/ripemd.3
* /usr/local/ssl/man/man3/rsa.3
* /usr/local/ssl/man/man3/sha.3
* /usr/local/ssl/man/man3/ssl.3
* /usr/local/ssl/man/man3/threads.3
* /usr/local/ssl/man/man3/ui.3
* /usr/local/ssl/man/man3/ui_compat.3
[Hit to continue display]
* /usr/local/ssl/man/man5
* /usr/local/ssl/man/man5/config.5
* /usr/local/ssl/man/man7
* /usr/local/ssl/man/man7/des_modes.7
* /usr/local/ssl/misc
* /usr/local/ssl/misc/CA.pl
* /usr/local/ssl/misc/CA.sh
* /usr/local/ssl/misc/c_hash
* /usr/local/ssl/misc/c_info
* /usr/local/ssl/misc/c_issuer
* /usr/local/ssl/misc/c_name
* /usr/local/ssl/openssl.cnf
* /usr/local/ssl/private
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
...
/usr/local/ssl/misc/c_hash
/usr/local/ssl/misc/c_info
/usr/local/ssl/misc/c_issuer
/usr/local/ssl/misc/c_name
/usr/local/ssl/openssl.cnf
[ verifying class ]
Installation of <SMCossl> was successful.
# I chose to replace the outdated versions of files when prompted as to whether I wanted to "install these conflicting files". I checked the version of OpenSSL afterwards and saw the new version listed.
# /usr/local/ssl/bin/openssl version
OpenSSL 0.9.8e 23 Feb 2007I then installed OpenSSH 4.7.1
# gunzip openssh-4.7p1-sol7-sparc-local.gz
# pkgadd -d openssh-4.7p1-sol7-sparc-local
The following packages are available:
1 SMCosh471 openssh
(sparc) 4.7p1
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
Processing package instance <SMCosh471> from </tmp/openssh-4.7p1-sol7-sparc-local>
openssh
(sparc) 4.7p1
The OpenSSH Group
Using as the package base directory.
## Processing package information.
## Processing system information.
9 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/bin/scp
* /usr/local/bin/sftp
* /usr/local/bin/ssh
* /usr/local/bin/ssh-add
* /usr/local/bin/ssh-agent
* /usr/local/bin/ssh-keygen
* /usr/local/bin/ssh-keyscan
* /usr/local/etc/moduli
* /usr/local/etc/ssh_config
* /usr/local/etc/sshd_config
* /usr/local/libexec
* /usr/local/libexec/sftp-server
* /usr/local/libexec/ssh-keysign
* /usr/local/libexec/ssh-rand-helper
* /usr/local/man/man1/scp.1
* /usr/local/man/man1/sftp.1
* /usr/local/man/man1/ssh-add.1
* /usr/local/man/man1/ssh-agent.1
* /usr/local/man/man1/ssh-keygen.1
[Hit to continue display]
* /usr/local/man/man1/ssh-keyscan.1
* /usr/local/man/man1/ssh.1
* /usr/local/man/man5/ssh_config.5
* /usr/local/man/man5/sshd_config.5
* /usr/local/man/man8
* /usr/local/man/man8/sftp-server.8
* /usr/local/man/man8/ssh-keysign.8
* /usr/local/man/man8/ssh-rand-helper.8
* /usr/local/man/man8/sshd.8
* /usr/local/sbin
* /usr/local/sbin/sshd
* /usr/local/share/Ssh.bin
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.
Installing openssh as
## Installing part 1 of 1.
/usr/local/bin/scp
/usr/local/bin/sftp
/usr/local/bin/ssh
/usr/local/bin/ssh-add
/usr/local/bin/ssh-agent
/usr/local/bin/ssh-keygen
/usr/local/bin/ssh-keyscan
/usr/local/doc/openssh/CREDITS
/usr/local/doc/openssh/ChangeLog
/usr/local/doc/openssh/INSTALL
/usr/local/doc/openssh/LICENCE
/usr/local/doc/openssh/OVERVIEW
/usr/local/doc/openssh/README
/usr/local/doc/openssh/README.dns
/usr/local/doc/openssh/README.platform
/usr/local/doc/openssh/README.privsep
/usr/local/doc/openssh/README.smartcard
/usr/local/doc/openssh/README.tun
/usr/local/doc/openssh/TODO
/usr/local/doc/openssh/WARNING.RNG
/usr/local/doc/openssh/contrib/Makefile
/usr/local/doc/openssh/contrib/README
/usr/local/doc/openssh/contrib/aix/README
/usr/local/doc/openssh/contrib/aix/buildbff.sh
/usr/local/doc/openssh/contrib/aix/inventory.sh
/usr/local/doc/openssh/contrib/aix/pam.conf
/usr/local/doc/openssh/contrib/caldera/openssh.spec
/usr/local/doc/openssh/contrib/caldera/ssh-host-keygen
/usr/local/doc/openssh/contrib/caldera/sshd.init
/usr/local/doc/openssh/contrib/caldera/sshd.pam
/usr/local/doc/openssh/contrib/cygwin/Makefile
/usr/local/doc/openssh/contrib/cygwin/README
/usr/local/doc/openssh/contrib/cygwin/ssh-host-config
/usr/local/doc/openssh/contrib/cygwin/ssh-user-config
/usr/local/doc/openssh/contrib/findssl.sh
/usr/local/doc/openssh/contrib/gnome-ssh-askpass1.c
/usr/local/doc/openssh/contrib/gnome-ssh-askpass2.c
/usr/local/doc/openssh/contrib/hpux/README
/usr/local/doc/openssh/contrib/hpux/egd
/usr/local/doc/openssh/contrib/hpux/egd.rc
/usr/local/doc/openssh/contrib/hpux/sshd
/usr/local/doc/openssh/contrib/hpux/sshd.rc
/usr/local/doc/openssh/contrib/redhat/gnome-ssh-askpass.csh
/usr/local/doc/openssh/contrib/redhat/gnome-ssh-askpass.sh
/usr/local/doc/openssh/contrib/redhat/openssh.spec
/usr/local/doc/openssh/contrib/redhat/sshd.init
/usr/local/doc/openssh/contrib/redhat/sshd.init.old
/usr/local/doc/openssh/contrib/redhat/sshd.pam
/usr/local/doc/openssh/contrib/redhat/sshd.pam.old
/usr/local/doc/openssh/contrib/solaris/README
/usr/local/doc/openssh/contrib/ssh-copy-id
/usr/local/doc/openssh/contrib/ssh-copy-id.1
/usr/local/doc/openssh/contrib/sshd.pam.freebsd
/usr/local/doc/openssh/contrib/sshd.pam.generic
/usr/local/doc/openssh/contrib/suse/openssh.spec
/usr/local/doc/openssh/contrib/suse/rc.config.sshd
/usr/local/doc/openssh/contrib/suse/rc.sshd
/usr/local/doc/openssh/contrib/suse/sysconfig.ssh
/usr/local/etc/moduli
/usr/local/etc/ssh_config
/usr/local/etc/sshd_config
/usr/local/libexec/sftp-server
/usr/local/libexec/ssh-keysign
/usr/local/libexec/ssh-rand-helper
/usr/local/man/man1/scp.1
/usr/local/man/man1/sftp.1
/usr/local/man/man1/ssh-add.1
/usr/local/man/man1/ssh-agent.1
/usr/local/man/man1/ssh-keygen.1
/usr/local/man/man1/ssh-keyscan.1
/usr/local/man/man1/ssh.1
/usr/local/man/man5/ssh_config.5
/usr/local/man/man5/sshd_config.5
/usr/local/man/man8/sftp-server.8
/usr/local/man/man8/ssh-keysign.8
/usr/local/man/man8/ssh-rand-helper.8
/usr/local/man/man8/sshd.8
/usr/local/sbin/sshd
/usr/local/share/Ssh.bin
[ verifying class ]
Installation of <SMCosh471> was successful.
When I tried to run ssh afterwards, though, I got an error message.
# ssh -v
ld.so.1: ssh: fatal: libz.so: open failed: No such file or directory
KilledAccording to information I found at Re: OpenSSH 3.7.1p1, that occurs when OpenSSH has been compiled with a shared libz and the ssh binary can't find libz on the target system. The suggested solution was to put libz on the target system or rebuild the source code with a static library. At Minimizing the Solaris Operating Environment for Security: Updated for Solaris 9 Operating Environment, I found libz.so.1 associated with the SUNWzlib package, which has a description of "The Zip compression library".
At Very nice OpenSSH 4.3p2 packages for 8,9,10, I found a reference to someone building packages for Solaris 8, 9, and 10 which are built against the static version of zlib (1.2.3), so SUNWzlib is no longer required. Those packages are available from http://firewallworks.com/downloads/unsupported/Solaris-sparc/
I decided to download zlib-1.2.3 from the Sunfreeware site instead. The package contains zlib compression libraries - installs in /usr/local. This package has both libz.a and libz.so libraries. The package requires that libgcc_s.so.1 be in /usr/local/lib. This can be done by installing libgcc-3.3 or gcc or higher. This package contains the patch for the security vulnerability described, for example, in USN-148-1 zlib vulnerability.
I installed that package.
# pkgadd -d ./zlib-1.2.3-sol7-sparc-local
The following packages are available:
1 SMCzlib zlib
(sparc) 1.2.3
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
Processing package instance <SMCzlib> from </tmp/zlib-1.2.3-sol7-sparc-local>
zlib
(sparc) 1.2.3
Jean-loup Gailly
Using as the package base directory.
## Processing package information.
## Processing system information.
6 package pathnames are already properly installed.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
The following files are already installed on the system and are being
used by another package:
* /usr/local/include/zconf.h
* /usr/local/include/zlib.h
* /usr/local/lib/libz.a
* - conflict with a file which does not belong to any package.
Do you want to install these conflicting files [y,n,?,q] y
## Checking for setuid/setgid programs.
Installing zlib as
## Installing part 1 of 1.
/usr/local/bin/minigzip
/usr/local/doc/zlib/ChangeLog
/usr/local/doc/zlib/FAQ
/usr/local/doc/zlib/INDEX
/usr/local/doc/zlib/README
/usr/local/doc/zlib/algorithm.txt
/usr/local/doc/zlib/contrib/README.contrib
/usr/local/doc/zlib/contrib/ada/buffer_demo.adb
/usr/local/doc/zlib/contrib/ada/mtest.adb
/usr/local/doc/zlib/contrib/ada/read.adb
/usr/local/doc/zlib/contrib/ada/readme.txt
/usr/local/doc/zlib/contrib/ada/test.adb
/usr/local/doc/zlib/contrib/ada/zlib-streams.adb
/usr/local/doc/zlib/contrib/ada/zlib-streams.ads
/usr/local/doc/zlib/contrib/ada/zlib-thin.adb
/usr/local/doc/zlib/contrib/ada/zlib-thin.ads
/usr/local/doc/zlib/contrib/ada/zlib.adb
/usr/local/doc/zlib/contrib/ada/zlib.ads
/usr/local/doc/zlib/contrib/ada/zlib.gpr
/usr/local/doc/zlib/contrib/asm586/README.586
/usr/local/doc/zlib/contrib/asm586/match.S
/usr/local/doc/zlib/contrib/asm686/README.686
/usr/local/doc/zlib/contrib/asm686/match.S
/usr/local/doc/zlib/contrib/blast/Makefile
/usr/local/doc/zlib/contrib/blast/README
/usr/local/doc/zlib/contrib/blast/blast.c
/usr/local/doc/zlib/contrib/blast/blast.h
/usr/local/doc/zlib/contrib/blast/test.pk
/usr/local/doc/zlib/contrib/blast/test.txt
/usr/local/doc/zlib/contrib/delphi/ZLib.pas
/usr/local/doc/zlib/contrib/delphi/ZLibConst.pas
/usr/local/doc/zlib/contrib/delphi/readme.txt
/usr/local/doc/zlib/contrib/delphi/zlibd32.mak
/usr/local/doc/zlib/contrib/dotzlib/DotZLib.build
/usr/local/doc/zlib/contrib/dotzlib/DotZLib.chm
/usr/local/doc/zlib/contrib/dotzlib/DotZLib.sln
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/AssemblyInfo.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/ChecksumImpl.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/CircularBuffer.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/CodecBase.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/Deflater.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/DotZLib.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/DotZLib.csproj
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/GZipStream.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/Inflater.cs
/usr/local/doc/zlib/contrib/dotzlib/DotZLib/UnitTests.cs
/usr/local/doc/zlib/contrib/dotzlib/LICENSE_1_0.txt
/usr/local/doc/zlib/contrib/dotzlib/readme.txt
/usr/local/doc/zlib/contrib/infback9/README
/usr/local/doc/zlib/contrib/infback9/infback9.c
/usr/local/doc/zlib/contrib/infback9/infback9.h
/usr/local/doc/zlib/contrib/infback9/inffix9.h
/usr/local/doc/zlib/contrib/infback9/inflate9.h
/usr/local/doc/zlib/contrib/infback9/inftree9.c
/usr/local/doc/zlib/contrib/infback9/inftree9.h
/usr/local/doc/zlib/contrib/inflate86/inffas86.c
/usr/local/doc/zlib/contrib/inflate86/inffast.S
/usr/local/doc/zlib/contrib/iostream/test.cpp
/usr/local/doc/zlib/contrib/iostream/zfstream.cpp
/usr/local/doc/zlib/contrib/iostream/zfstream.h
/usr/local/doc/zlib/contrib/iostream2/zstream.h
/usr/local/doc/zlib/contrib/iostream2/zstream_test.cpp
/usr/local/doc/zlib/contrib/iostream3/README
/usr/local/doc/zlib/contrib/iostream3/TODO
/usr/local/doc/zlib/contrib/iostream3/test.cc
/usr/local/doc/zlib/contrib/iostream3/zfstream.cc
/usr/local/doc/zlib/contrib/iostream3/zfstream.h
/usr/local/doc/zlib/contrib/masm686/match.asm
/usr/local/doc/zlib/contrib/masmx64/bld_ml64.bat
/usr/local/doc/zlib/contrib/masmx64/gvmat64.asm
/usr/local/doc/zlib/contrib/masmx64/gvmat64.obj
/usr/local/doc/zlib/contrib/masmx64/inffas8664.c
/usr/local/doc/zlib/contrib/masmx64/inffasx64.asm
/usr/local/doc/zlib/contrib/masmx64/inffasx64.obj
/usr/local/doc/zlib/contrib/masmx64/readme.txt
/usr/local/doc/zlib/contrib/masmx86/bld_ml32.bat
/usr/local/doc/zlib/contrib/masmx86/gvmat32.asm
/usr/local/doc/zlib/contrib/masmx86/gvmat32.obj
/usr/local/doc/zlib/contrib/masmx86/gvmat32c.c
/usr/local/doc/zlib/contrib/masmx86/inffas32.asm
/usr/local/doc/zlib/contrib/masmx86/inffas32.obj
/usr/local/doc/zlib/contrib/masmx86/mkasm.bat
/usr/local/doc/zlib/contrib/masmx86/readme.txt
/usr/local/doc/zlib/contrib/minizip/ChangeLogUnzip
/usr/local/doc/zlib/contrib/minizip/Makefile
/usr/local/doc/zlib/contrib/minizip/crypt.h
/usr/local/doc/zlib/contrib/minizip/ioapi.c
/usr/local/doc/zlib/contrib/minizip/ioapi.h
/usr/local/doc/zlib/contrib/minizip/iowin32.c
/usr/local/doc/zlib/contrib/minizip/iowin32.h
/usr/local/doc/zlib/contrib/minizip/miniunz.c
/usr/local/doc/zlib/contrib/minizip/minizip.c
/usr/local/doc/zlib/contrib/minizip/mztools.c
/usr/local/doc/zlib/contrib/minizip/mztools.h
/usr/local/doc/zlib/contrib/minizip/unzip.c
/usr/local/doc/zlib/contrib/minizip/unzip.h
/usr/local/doc/zlib/contrib/minizip/zip.c
/usr/local/doc/zlib/contrib/minizip/zip.h
/usr/local/doc/zlib/contrib/pascal/example.pas
/usr/local/doc/zlib/contrib/pascal/readme.txt
/usr/local/doc/zlib/contrib/pascal/zlibd32.mak
/usr/local/doc/zlib/contrib/pascal/zlibpas.pas
/usr/local/doc/zlib/contrib/puff/Makefile
/usr/local/doc/zlib/contrib/puff/README
/usr/local/doc/zlib/contrib/puff/puff.c
/usr/local/doc/zlib/contrib/puff/puff.h
/usr/local/doc/zlib/contrib/puff/zeros.raw
/usr/local/doc/zlib/contrib/testzlib/testzlib.c
/usr/local/doc/zlib/contrib/testzlib/testzlib.txt
/usr/local/doc/zlib/contrib/untgz/Makefile
/usr/local/doc/zlib/contrib/untgz/Makefile.msc
/usr/local/doc/zlib/contrib/untgz/untgz.c
/usr/local/doc/zlib/contrib/vstudio/readme.txt
/usr/local/doc/zlib/contrib/vstudio/vc7/miniunz.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc7/minizip.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc7/testzlib.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc7/zlib.rc
/usr/local/doc/zlib/contrib/vstudio/vc7/zlibstat.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc7/zlibvc.def
/usr/local/doc/zlib/contrib/vstudio/vc7/zlibvc.sln
/usr/local/doc/zlib/contrib/vstudio/vc7/zlibvc.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/miniunz.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/minizip.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/testzlib.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/testzlibdll.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/zlib.rc
/usr/local/doc/zlib/contrib/vstudio/vc8/zlibstat.vcproj
/usr/local/doc/zlib/contrib/vstudio/vc8/zlibvc.def
/usr/local/doc/zlib/contrib/vstudio/vc8/zlibvc.sln
/usr/local/doc/zlib/contrib/vstudio/vc8/zlibvc.vcproj
/usr/local/doc/zlib/example.c
/usr/local/include/zconf.h
/usr/local/include/zlib.h
/usr/local/lib/libz.a
/usr/local/lib/libz.so
/usr/local/lib/libz.so.1
/usr/local/lib/libz.so.1.2.3
/usr/local/man/man3/zlib.3
[ verifying class ]
Installation of <SMCzlib> was successful. I was then able to run ssh and could see that the new version was in use.
# ssh -v
OpenSSH_4.7p1, OpenSSL 0.9.8e 23 Feb 2007Zlib was listed as a requirement for OpenSSH 4.7.1; I thought it was already present and hadn't bothered to check before installing that version of OpenSSH.
I then tried to restart the sshd daemon. I created a file
/tmp.ssh_restart, which I made executable with chmod 700
ssh_restart, with the following commands:
/etc/init.d/sshd stop
sleep 10
/etc/init.d/sshd startI then set it to run in the background, hoping I wouldn't lose SSH access to the system, since I was trying to restart the SSH daemon from a remote location.
# /tmp/ssh_restart &
16314
# Stopping sshd
Starting sshd
Privilege separation user sshd does not existIt did not restart. Though I remained connected, I could not establish new ssh connections.
# ssh -v 127.0.0.1
OpenSSH_4.7p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host 127.0.0.1 port 22: Connection refused
I resolved the "privilege separation" problem by creating an sshd
group and account on the system.
# groupadd -g 74 sshd
UX: groupadd: WARNING: gid 74 is reserved.
# useradd -u 74 -g 74 -c "Privilege-separated SSH" -d /var/empty/sshd -s /bin/false sshd
UX: useradd: WARNING: uid 74 is reserved.I then reran the /tmp/ssh_restart script.
# /tmp/ssh &
22647
#
# Starting sshdWhen I then tried connecting to the system via SSH, I could see that the new 4.7.1 version was running.
# ssh -v 127.0.0.1
OpenSSH_4.7p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/1
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.7
References:
