Created attachment 2642 [details] Log of running "make tests" When compiling and running unit tests on the latest OpenSSH 6.9p1 snapshot from 05/31, I saw a number of compiler warnings output related to the use of deprecated APIs. Most of the deprecations go back to OS X version 10.7 -- I'm currently compiling it on 10.10.3. There were several hundred of these, referencing various bignum and crypto APIs. In addition to the deprecation warnings, I also got multiple instances of the following warning: clang: warning: argument unused during compilation: '-pie' and one instance of: cipher-3des1.c:152:22: warning: incompatible pointer types assigning to 'int (*)(EVP_CIPHER_CTX *, unsigned char *, const unsigned char *, unsigned int)' from 'int (EVP_CIPHER_CTX *, u_char *, const u_char *, size_t)' [-Wincompatible-pointer-types] ssh1_3des.do_cipher = ssh1_3des_cbc; ^ ~~~~~~~~~~~~~ I've attached the complete output from the compile and running the tests. Despite all these warnings, the tests all passed in the end.
Yes, Apple have deprecated their system copy of the OpenSSL libcrypto API. If you want to avoid these errors then you should build against a copy of OpenSSL that you've installed yourself (AFAIK macports, etc do this) We don't have any plans to port OpenSSH to whatever Apple is replacing OpenSSL with.
Pointing at a version of OpenSSL in /opt/local (from MacPorts) did help. However, it didn't completely eliminate the warnings. The following warnings not related to SSL remained: In ssh.c: ssh.c:1409:2: warning: 'daemon' is deprecated: first deprecated in OS X 10.5 - Use posix_spawn APIs instead. [-Wdeprecated-declarations] daemon(1, 1); ^ /usr/include/stdlib.h:267:6: note: 'daemon' has been explicitly marked deprecated here int daemon(int, int) __DARWIN_1050(daemon) __OSX_AVAILABLE_BUT_DEPR... ^ ssh.c:1421:6: warning: 'daemon' is deprecated: first deprecated in OS X 10.5 - Use posix_spawn APIs instead. [-Wdeprecated-declarations] if (daemon(1, 1) < 0) ^ /usr/include/stdlib.h:267:6: note: 'daemon' has been explicitly marked deprecated here int daemon(int, int) __DARWIN_1050(daemon) __OSX_AVAILABLE_BUT_DEPR... ^ In sshd.c: sshd.c:1972:7: warning: 'daemon' is deprecated: first deprecated in OS X 10.5 - Use posix_spawn APIs instead. [-Wdeprecated-declarations] if (daemon(0, 0) < 0) ^ /usr/include/stdlib.h:267:6: note: 'daemon' has been explicitly marked deprecated here int daemon(int, int) __DARWIN_1050(daemon) __OSX_AVAILABLE_BUT_DEPR... ^ In loginrec.c: loginrec.c:188:49: warning: 'utmp' is deprecated [-Wdeprecated-declarations] void set_utmp_time(struct logininfo *li, struct utmp *ut); ^ /usr/include/util.h:88:8: note: 'utmp' has been explicitly marked deprecated here struct utmp; /* forward reference to /usr/include/utmp.h */ ^ loginrec.c:189:50: warning: 'utmp' is deprecated [-Wdeprecated-declarations] void construct_utmp(struct logininfo *li, struct utmp *ut); ^ /usr/include/util.h:88:8: note: 'utmp' has been explicitly marked deprecated here struct utmp; /* forward reference to /usr/include/utmp.h */ ^ loginrec.c:632:44: warning: 'utmp' is deprecated [-Wdeprecated-declarations] set_utmp_time(struct logininfo *li, struct utmp *ut) ^ /usr/include/util.h:88:8: note: 'utmp' has been explicitly marked deprecated here struct utmp; /* forward reference to /usr/include/utmp.h */ ^ loginrec.c:644:14: warning: 'utmp' is deprecated [-Wdeprecated-declarations] struct utmp *ut) ^ /usr/include/util.h:88:8: note: 'utmp' has been explicitly marked deprecated here struct utmp; /* forward reference to /usr/include/utmp.h */ ^ loginrec.c:1416:9: warning: 'utmp' is deprecated [-Wdeprecated-declarations] struct utmp *ut; ^ /usr/include/util.h:88:8: note: 'utmp' has been explicitly marked deprecated here struct utmp; /* forward reference to /usr/include/utmp.h */ ^ loginrec.c:1420:2: warning: 'login' is deprecated: first deprecated in OS X 10.5 [-Wdeprecated-declarations] login(ut); ^ /usr/include/util.h:89:6: note: 'login' has been explicitly marked deprecated here void login(struct utmp *) __OSX_AVAILABLE_BUT_DEPRECATED(_... ^ loginrec.c:1434:7: warning: 'logout' is deprecated: first deprecated in OS X 10.5 [-Wdeprecated-declarations] if (!logout(line)) ^ /usr/include/util.h:91:5: note: 'logout' has been explicitly marked deprecated here int logout(const char *) __OSX_AVAILABLE_BUT_DEPRECATED(_... ^ loginrec.c:1438:3: warning: 'logwtmp' is deprecated: first deprecated in OS X 10.5 [-Wdeprecated-declarations] logwtmp(line, "", ""); ^ /usr/include/util.h:92:6: note: 'logwtmp' has been explicitly marked deprecated here void logwtmp(const char *, const char *, const char *) __OSX_AVAILABL... ^ In sandbox-darwin.c: sandbox-darwin.c:43:25: warning: declaration of 'struct monitor' will not be visible outside of this function [-Wvisibility] ssh_sandbox_init(struct monitor *monitor) ^ sandbox-darwin.c:65:6: warning: 'sandbox_init' is deprecated: first deprecated in OS X 10.8 [-Wdeprecated-declarations] if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED, ^ /usr/include/sandbox.h:65:5: note: 'sandbox_init' has been explicitly marked deprecated here int sandbox_init(const char *profile, uint64_t flags, char **errorbuf); ^ sandbox-darwin.c:65:19: warning: 'kSBXProfilePureComputation' is deprecated: first deprecated in OS X 10.8 [-Wdeprecated-declarations] if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED, ^ /usr/include/sandbox.h:97:19: note: 'kSBXProfilePureComputation' has been explicitly marked deprecated here extern const char kSBXProfilePureComputation[]; ^ These warnings were found in compiling 6.9p1, which I used since that's what this bug was originally filed against. Also, for what it's worth, OS X 10.11 (El Capitan) is now shipping from Apple with OpenSSH 6.9p1 compiled against LibreSSL 2.1.7.
Close all resolved bugs after 7.3p1 release