Heads-up: DSA key support being removed from OpenSSH
Upstream OpenSSH has been working on deprecating DSA keys for some time, and I intend to follow suit in FreeBSD. >From the OpenSSH 9.8p1 release notes: === OpenSSH has disabled DSA keys by default since 2015 but has retained run-time optional support for them. DSA was the only mandatory-to- implement algorithm in the SSHv2 RFCs, mostly because alternative algorithms were encumbered by patents when the SSHv2 protocol was specified. This has not been the case for decades at this point and better algorithms are well supported by all actively-maintained SSH implementations. We do not consider the costs of maintaining DSA in OpenSSH to be justified and hope that removing it from OpenSSH can accelerate its wider deprecation in supporting cryptography libraries. This release, and its deactivation of DSA by default at compile-time, marks the second step in our timeline to finally deprecate DSA. The final step of removing DSA support entirely is planned for the first OpenSSH release of 2025. === As part of the update to OpenSSH 9.8p1 I intend to disable DSA key support at compile time. I intend to make this change in main only, leaving DSA key support enabled in stable/14 and stable/13. The change is a trivial update in config.h -- https://reviews.freebsd.org/D48910
Re: __cxa_thread_call_dtors: dtr 0x........ from unloaded dso, skipping
On Tue, Feb 11, 2025 at 12:21:29AM +, Bjoern A. Zeeb wrote:
> On Mon, 26 Jun 2023, Dimitry Andric wrote:
>
> > On 26 Jun 2023, at 17:29, Bjoern A. Zeeb
> > wrote:
> > >
> > > On Mon, 26 Jun 2023, Dimitry Andric wrote:
> > >
> > > > On 26 Jun 2023, at 17:00, Bjoern A. Zeeb
> > > > wrote:
> > > > >
> > > > > while building world and current I see a lot of:
> > > > >
> > > > > __cxa_thread_call_dtors: dtr 0x.. from unloaded dso, skipping
> > > > >
> > > > > Can anyone shed light on that?
> > > >
> > > > You need (thanks to Kostik):
> > > > https://cgit.freebsd.org/src/commit/?id=42ceab3ea1a997db93b65404be0ee4b17b5382d7
> > > >
> > > > Build libc and install it, then the messages should disappear.
> > >
> > > Great! Basically update world and it'll go.
> > > Do we add an UPDATING note for this or do we consider it developer noise?
> >
> > I think the message has been there for a long time, but was not often
> > noticed. It happened when the buildworld bootstrap decides to build a
> > static bootstrap lld ("SYSTEM_LINKER: libclang will be built for
> > bootstrapping a cross-linker"), so usually when lld's version is bumped.
> > And that is because lld is one of the few threaded build tools in the
> > tree.
> >
> > The messages themselves are harmless and can be ignored. Feel free to
> > add an UPDATING note to that effect, otherwise worried users might think
> > something is off. :)
>
> And it seems to be back after I updated to main from a few days ago:
>
> During make buildkernel I now see:
>
> ...
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xf043d0 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe7bc90 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xf043d0 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe7bc90 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
> ...
Your linker is old. I believe this should cure itself after the upgrade
is done.
Re: __cxa_thread_call_dtors: dtr 0x........ from unloaded dso, skipping
On Tue, 11 Feb 2025, Konstantin Belousov wrote: __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping ... Your linker is old. I believe this should cure itself after the upgrade is done. I am long past installworld and installkerel and reboot; and am compiling a next kernel. I wouldn't rule out something old as I haven't run delete-old delete-old-libs yet. How and what would I specifically check? -- Bjoern A. Zeeb r15:7
Re: __cxa_thread_call_dtors: dtr 0x........ from unloaded dso, skipping
On Mon, 26 Jun 2023, Dimitry Andric wrote:
On 26 Jun 2023, at 17:29, Bjoern A. Zeeb wrote:
On Mon, 26 Jun 2023, Dimitry Andric wrote:
On 26 Jun 2023, at 17:00, Bjoern A. Zeeb wrote:
while building world and current I see a lot of:
__cxa_thread_call_dtors: dtr 0x.. from unloaded dso, skipping
Can anyone shed light on that?
You need (thanks to Kostik):
https://cgit.freebsd.org/src/commit/?id=42ceab3ea1a997db93b65404be0ee4b17b5382d7
Build libc and install it, then the messages should disappear.
Great! Basically update world and it'll go.
Do we add an UPDATING note for this or do we consider it developer noise?
I think the message has been there for a long time, but was not often
noticed. It happened when the buildworld bootstrap decides to build a
static bootstrap lld ("SYSTEM_LINKER: libclang will be built for
bootstrapping a cross-linker"), so usually when lld's version is bumped.
And that is because lld is one of the few threaded build tools in the
tree.
The messages themselves are harmless and can be ignored. Feel free to
add an UPDATING note to that effect, otherwise worried users might think
something is off. :)
And it seems to be back after I updated to main from a few days ago:
During make buildkernel I now see:
...
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xf043d0 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe7bc90 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xf043d0 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe7bc90 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
__cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping
...
--
Bjoern A. Zeeb r15:7
Re: __cxa_thread_call_dtors: dtr 0x........ from unloaded dso, skipping
On Tue, Feb 11, 2025 at 02:16:13AM +, Bjoern A. Zeeb wrote: > On Tue, 11 Feb 2025, Konstantin Belousov wrote: > > > > __cxa_thread_call_dtors: dtr 0xe67c10 from unloaded dso, skipping > > > ... > > > > Your linker is old. I believe this should cure itself after the upgrade > > is done. > > I am long past installworld and installkerel and reboot; and am > compiling a next kernel. > > I wouldn't rule out something old as I haven't run delete-old > delete-old-libs yet. > > How and what would I specifically check? Could you identify which specific binary issues the warning? [Try to rm -rf $OBJ?]
