Introduce a namespace munging hack inspired by NetBSD to avoid polluting

the namespace of applications which inadvertantly link in libssh (usually through pam_ssh) Suggested by: lukem@netbsd.org MFC after: 6 weeks
svn path=/head/; revision=158519
2006-05-13 13:47:45 +00:00 · 2006-05-13 13:47:45 +00:00 · ed22e27d8a · 2020-12-20 02:59:44 +00:00
commit ed22e27d8a
parent 2d39807f07
14 changed files with 367 additions and 12 deletions
--- a/crypto/openssh/loginrec.c
+++ b/crypto/openssh/loginrec.c
@ -1388,8 +1388,10 @@ syslogin_perform_login(struct logininfo *li)
 {
 	struct utmp *ut;

+	debug("%s(%s)", __func__, li->username);
 	ut = xmalloc(sizeof(*ut));
 	construct_utmp(li, ut);
+	debug("login({%s, %s, %s, %u})", ut->ut_line, ut->ut_name, ut->ut_host, ut->ut_time);
 	login(ut);
 	free(ut);

--- a/crypto/openssh/ssh_namespace.h
+++ b/crypto/openssh/ssh_namespace.h
@ -0,0 +1,353 @@
+/*
+ * Namespace munging inspired by an equivalent hack in NetBSD's tree: add
+ * the "ssh_" prefix to every symbol in libssh which doesn't already have
+ * it.  This prevents collisions between symbols in libssh and symbols in
+ * other libraries or applications which link with libssh, either directly
+ * or indirectly (e.g. through PAM loading pam_ssh).
+ *
+ * A list of symbols which need munging is obtained as follows:
+ *
+ * nm libssh.a | awk '$2 == "T" && $3 !~ /^ssh_/ { print $3 }'
+ *
+ * $FreeBSD$
+ */
+
+#define a2port					ssh_a2port
+#define a2tun					ssh_a2tun
+#define acss					ssh_acss
+#define acss_setkey				ssh_acss_setkey
+#define acss_setsubkey				ssh_acss_setsubkey
+#define add_host_to_hostfile			ssh_add_host_to_hostfile
+#define addargs					ssh_addargs
+#define ask_permission				ssh_ask_permission
+#define atomicio				ssh_atomicio
+#define auth_request_forwarding	       		ssh_auth_request_forwarding
+#define buffer_append				ssh_buffer_append
+#define buffer_append_space			ssh_buffer_append_space
+#define buffer_clear				ssh_buffer_clear
+#define buffer_compress				ssh_buffer_compress
+#define buffer_compress_init_recv		ssh_buffer_compress_init_recv
+#define buffer_compress_init_send		ssh_buffer_compress_init_send
+#define buffer_compress_uninit			ssh_buffer_compress_uninit
+#define buffer_consume				ssh_buffer_consume
+#define buffer_consume_end			ssh_buffer_consume_end
+#define buffer_consume_end_ret			ssh_buffer_consume_end_ret
+#define buffer_consume_ret			ssh_buffer_consume_ret
+#define buffer_dump				ssh_buffer_dump
+#define buffer_free				ssh_buffer_free
+#define buffer_get				ssh_buffer_get
+#define buffer_get_bignum			ssh_buffer_get_bignum
+#define buffer_get_bignum2			ssh_buffer_get_bignum2
+#define buffer_get_bignum2_ret			ssh_buffer_get_bignum2_ret
+#define buffer_get_bignum_ret			ssh_buffer_get_bignum_ret
+#define buffer_get_char				ssh_buffer_get_char
+#define buffer_get_char_ret			ssh_buffer_get_char_ret
+#define buffer_get_int				ssh_buffer_get_int
+#define buffer_get_int64			ssh_buffer_get_int64
+#define buffer_get_int64_ret			ssh_buffer_get_int64_ret
+#define buffer_get_int_ret			ssh_buffer_get_int_ret
+#define buffer_get_ret				ssh_buffer_get_ret
+#define buffer_get_short			ssh_buffer_get_short
+#define buffer_get_short_ret			ssh_buffer_get_short_ret
+#define buffer_get_string			ssh_buffer_get_string
+#define buffer_get_string_ret			ssh_buffer_get_string_ret
+#define buffer_init				ssh_buffer_init
+#define buffer_len				ssh_buffer_len
+#define buffer_ptr				ssh_buffer_ptr
+#define buffer_put_bignum			ssh_buffer_put_bignum
+#define buffer_put_bignum2			ssh_buffer_put_bignum2
+#define buffer_put_bignum2_ret			ssh_buffer_put_bignum2_ret
+#define buffer_put_bignum_ret			ssh_buffer_put_bignum_ret
+#define buffer_put_char				ssh_buffer_put_char
+#define buffer_put_cstring			ssh_buffer_put_cstring
+#define buffer_put_int				ssh_buffer_put_int
+#define buffer_put_int64			ssh_buffer_put_int64
+#define buffer_put_short			ssh_buffer_put_short
+#define buffer_put_string			ssh_buffer_put_string
+#define buffer_uncompress			ssh_buffer_uncompress
+#define chan_ibuf_empty				ssh_chan_ibuf_empty
+#define chan_is_dead				ssh_chan_is_dead
+#define chan_mark_dead				ssh_chan_mark_dead
+#define chan_obuf_empty				ssh_chan_obuf_empty
+#define chan_rcvd_ieof				ssh_chan_rcvd_ieof
+#define chan_rcvd_oclose	       		ssh_chan_rcvd_oclose
+#define chan_read_failed	       		ssh_chan_read_failed
+#define chan_write_failed	       		ssh_chan_write_failed
+#define channel_add_permitted_opens    		ssh_channel_add_permitted_opens
+#define channel_after_select	       		ssh_channel_after_select
+#define channel_by_id				ssh_channel_by_id
+#define channel_cancel_cleanup	       		ssh_channel_cancel_cleanup
+#define channel_cancel_rport_listener  		ssh_channel_cancel_rport_listener
+#define channel_clear_permitted_opens  		ssh_channel_clear_permitted_opens
+#define channel_close_all			ssh_channel_close_all
+#define channel_close_fd			ssh_channel_close_fd
+#define channel_connect_by_listen_address	ssh_channel_connect_by_listen_address
+#define channel_connect_to			ssh_channel_connect_to
+#define channel_find_open			ssh_channel_find_open
+#define channel_free				ssh_channel_free
+#define channel_free_all			ssh_channel_free_all
+#define channel_input_close			ssh_channel_input_close
+#define channel_input_close_confirmation	ssh_channel_input_close_confirmation
+#define channel_input_data			ssh_channel_input_data
+#define channel_input_extended_data		ssh_channel_input_extended_data
+#define channel_input_ieof			ssh_channel_input_ieof
+#define channel_input_oclose			ssh_channel_input_oclose
+#define channel_input_open_confirmation		ssh_channel_input_open_confirmation
+#define channel_input_open_failure		ssh_channel_input_open_failure
+#define channel_input_port_forward_request	ssh_channel_input_port_forward_request
+#define channel_input_port_open			ssh_channel_input_port_open
+#define channel_input_window_adjust		ssh_channel_input_window_adjust
+#define channel_lookup				ssh_channel_lookup
+#define channel_new				ssh_channel_new
+#define channel_not_very_much_buffered_data	ssh_channel_not_very_much_buffered_data
+#define channel_open_message			ssh_channel_open_message
+#define channel_output_poll			ssh_channel_output_poll
+#define channel_permit_all_opens		ssh_channel_permit_all_opens
+#define channel_prepare_select			ssh_channel_prepare_select
+#define channel_register_cleanup		ssh_channel_register_cleanup
+#define channel_register_confirm		ssh_channel_register_confirm
+#define channel_register_filter			ssh_channel_register_filter
+#define channel_request_remote_forwarding	ssh_channel_request_remote_forwarding
+#define channel_request_rforward_cancel		ssh_channel_request_rforward_cancel
+#define channel_request_start			ssh_channel_request_start
+#define channel_send_open			ssh_channel_send_open
+#define channel_send_window_changes		ssh_channel_send_window_changes
+#define channel_set_af				ssh_channel_set_af
+#define channel_set_fds				ssh_channel_set_fds
+#define channel_setup_local_fwd_listener	ssh_channel_setup_local_fwd_listener
+#define channel_setup_remote_fwd_listener	ssh_channel_setup_remote_fwd_listener
+#define channel_still_open			ssh_channel_still_open
+#define channel_stop_listening			ssh_channel_stop_listening
+#define check_host_in_hostfile			ssh_check_host_in_hostfile
+#define choose_dh				ssh_choose_dh
+#define chop					ssh_chop
+#define cipher_blocksize			ssh_cipher_blocksize
+#define cipher_by_name				ssh_cipher_by_name
+#define cipher_by_number			ssh_cipher_by_number
+#define cipher_cleanup				ssh_cipher_cleanup
+#define cipher_crypt				ssh_cipher_crypt
+#define cipher_get_keycontext			ssh_cipher_get_keycontext
+#define cipher_get_keyiv	       		ssh_cipher_get_keyiv
+#define cipher_get_keyiv_len	       		ssh_cipher_get_keyiv_len
+#define cipher_get_number	       		ssh_cipher_get_number
+#define cipher_init				ssh_cipher_init
+#define cipher_keylen				ssh_cipher_keylen
+#define cipher_mask_ssh1	       		ssh_cipher_mask_ssh1
+#define cipher_name				ssh_cipher_name
+#define cipher_number				ssh_cipher_number
+#define cipher_set_key_string	       		ssh_cipher_set_key_string
+#define cipher_set_keycontext	       		ssh_cipher_set_keycontext
+#define cipher_set_keyiv	       		ssh_cipher_set_keyiv
+#define ciphers_valid				ssh_ciphers_valid
+#define cleanhostname				ssh_cleanhostname
+#define cleanup_exit				ssh_cleanup_exit
+#define closefrom				ssh_closefrom
+#define colon					ssh_colon
+#define compat_cipher_proposal			ssh_compat_cipher_proposal
+#define compat_datafellows			ssh_compat_datafellows
+#define convtime				ssh_convtime
+#define decode_reply				ssh_decode_reply
+#define deny_input_open				ssh_deny_input_open
+#define derive_ssh1_session_id			ssh_derive_ssh1_session_id
+#define detect_attack				ssh_detect_attack
+#define dh_estimate				ssh_dh_estimate
+#define dh_gen_key				ssh_dh_gen_key
+#define dh_new_group				ssh_dh_new_group
+#define dh_new_group1				ssh_dh_new_group1
+#define dh_new_group14				ssh_dh_new_group14
+#define dh_new_group_asc			ssh_dh_new_group_asc
+#define dh_pub_is_valid				ssh_dh_pub_is_valid
+#define dispatch_init				ssh_dispatch_init
+#define dispatch_protocol_error			ssh_dispatch_protocol_error
+#define dispatch_protocol_ignore		ssh_dispatch_protocol_ignore
+#define dispatch_range				ssh_dispatch_range
+#define dispatch_run				ssh_dispatch_run
+#define dispatch_set				ssh_dispatch_set
+#define do_log					ssh_do_log
+#define dump_base64				ssh_dump_base64
+#define enable_compat13				ssh_enable_compat13
+#define enable_compat20				ssh_enable_compat20
+#define evp_acss				ssh_evp_acss
+#define evp_aes_128_ctr				ssh_evp_aes_128_ctr
+#define evp_rijndael				ssh_evp_rijndael
+#define evp_ssh1_3des				ssh_evp_ssh1_3des
+#define evp_ssh1_bf				ssh_evp_ssh1_bf
+#define export_dns_rr				ssh_export_dns_rr
+#define freeargs				ssh_freeargs
+#define freerrset				ssh_freerrset
+#define gen_candidates				ssh_gen_candidates
+#define get_canonical_hostname			ssh_get_canonical_hostname
+#define get_local_ipaddr			ssh_get_local_ipaddr
+#define get_local_name				ssh_get_local_name
+#define get_local_port				ssh_get_local_port
+#define get_peer_ipaddr				ssh_get_peer_ipaddr
+#define get_peer_port				ssh_get_peer_port
+#define get_remote_ipaddr			ssh_get_remote_ipaddr
+#define get_remote_name_or_ip			ssh_get_remote_name_or_ip
+#define get_remote_port				ssh_get_remote_port
+#define getrrsetbyname				ssh_getrrsetbyname
+#define host_hash				ssh_host_hash
+#define hostfile_read_key			ssh_hostfile_read_key
+#define hpdelim					ssh_hpdelim
+#define init_rng				ssh_init_rng
+#define ipv64_normalise_mapped			ssh_ipv64_normalise_mapped
+#define kex_derive_keys				ssh_kex_derive_keys
+#define kex_dh_hash				ssh_kex_dh_hash
+#define kex_finish				ssh_kex_finish
+#define kex_get_newkeys				ssh_kex_get_newkeys
+#define kex_input_kexinit			ssh_kex_input_kexinit
+#define kex_send_kexinit			ssh_kex_send_kexinit
+#define kex_setup				ssh_kex_setup
+#define kexdh_client				ssh_kexdh_client
+#define kexgex_client				ssh_kexgex_client
+#define kexgex_hash				ssh_kexgex_hash
+#define key_demote				ssh_key_demote
+#define key_equal				ssh_key_equal
+#define key_fingerprint				ssh_key_fingerprint
+#define key_fingerprint_raw			ssh_key_fingerprint_raw
+#define key_free				ssh_key_free
+#define key_from_blob				ssh_key_from_blob
+#define key_from_private			ssh_key_from_private
+#define key_generate				ssh_key_generate
+#define key_load_private			ssh_key_load_private
+#define key_load_private_pem			ssh_key_load_private_pem
+#define key_load_private_type			ssh_key_load_private_type
+#define key_load_public				ssh_key_load_public
+#define key_load_public_type			ssh_key_load_public_type
+#define key_names_valid2			ssh_key_names_valid2
+#define key_new					ssh_key_new
+#define key_new_private				ssh_key_new_private
+#define key_read				ssh_key_read
+#define key_save_private			ssh_key_save_private
+#define key_sign				ssh_key_sign
+#define key_size				ssh_key_size
+#define key_ssh_name				ssh_key_ssh_name
+#define key_to_blob				ssh_key_to_blob
+#define key_type				ssh_key_type
+#define key_type_from_name			ssh_key_type_from_name
+#define key_verify				ssh_key_verify
+#define key_write				ssh_key_write
+#define log_facility_number			ssh_log_facility_number
+#define log_init				ssh_log_init
+#define log_level_number			ssh_log_level_number
+#define lookup_key_in_hostfile_by_type		ssh_lookup_key_in_hostfile_by_type
+#define mac_compute				ssh_mac_compute
+#define mac_init				ssh_mac_init
+#define mac_valid				ssh_mac_valid
+#define match_host_and_ip			ssh_match_host_and_ip
+#define match_hostname				ssh_match_hostname
+#define match_list				ssh_match_list
+#define match_pattern				ssh_match_pattern
+#define match_pattern_list			ssh_match_pattern_list
+#define match_user				ssh_match_user
+#define mm_receive_fd				ssh_mm_receive_fd
+#define mm_send_fd				ssh_mm_send_fd
+#define mysignal				ssh_mysignal
+#define packet_add_padding			ssh_packet_add_padding
+#define packet_close				ssh_packet_close
+#define packet_connection_is_ipv4		ssh_packet_connection_is_ipv4
+#define packet_connection_is_on_socket		ssh_packet_connection_is_on_socket
+#define packet_disconnect			ssh_packet_disconnect
+#define packet_get_bignum			ssh_packet_get_bignum
+#define packet_get_bignum2			ssh_packet_get_bignum2
+#define packet_get_char				ssh_packet_get_char
+#define packet_get_connection_in		ssh_packet_get_connection_in
+#define packet_get_connection_out		ssh_packet_get_connection_out
+#define packet_get_encryption_key		ssh_packet_get_encryption_key
+#define packet_get_int				ssh_packet_get_int
+#define packet_get_keycontext			ssh_packet_get_keycontext
+#define packet_get_keyiv			ssh_packet_get_keyiv
+#define packet_get_keyiv_len			ssh_packet_get_keyiv_len
+#define packet_get_protocol_flags		ssh_packet_get_protocol_flags
+#define packet_get_raw				ssh_packet_get_raw
+#define packet_get_ssh1_cipher			ssh_packet_get_ssh1_cipher
+#define packet_get_state			ssh_packet_get_state
+#define packet_get_string			ssh_packet_get_string
+#define packet_have_data_to_write		ssh_packet_have_data_to_write
+#define packet_is_interactive			ssh_packet_is_interactive
+#define packet_need_rekeying			ssh_packet_need_rekeying
+#define packet_not_very_much_data_to_write	ssh_packet_not_very_much_data_to_write
+#define packet_process_incoming			ssh_packet_process_incoming
+#define packet_put_bignum			ssh_packet_put_bignum
+#define packet_put_bignum2			ssh_packet_put_bignum2
+#define packet_put_char				ssh_packet_put_char
+#define packet_put_cstring			ssh_packet_put_cstring
+#define packet_put_int				ssh_packet_put_int
+#define packet_put_raw				ssh_packet_put_raw
+#define packet_put_string			ssh_packet_put_string
+#define packet_read				ssh_packet_read
+#define packet_read_expect			ssh_packet_read_expect
+#define packet_read_poll			ssh_packet_read_poll
+#define packet_read_poll_seqnr			ssh_packet_read_poll_seqnr
+#define packet_read_seqnr			ssh_packet_read_seqnr
+#define packet_remaining			ssh_packet_remaining
+#define packet_send				ssh_packet_send
+#define packet_send_debug			ssh_packet_send_debug
+#define packet_send_ignore			ssh_packet_send_ignore
+#define packet_set_authenticated		ssh_packet_set_authenticated
+#define packet_set_connection			ssh_packet_set_connection
+#define packet_set_encryption_key		ssh_packet_set_encryption_key
+#define packet_set_interactive			ssh_packet_set_interactive
+#define packet_set_iv				ssh_packet_set_iv
+#define packet_set_keycontext			ssh_packet_set_keycontext
+#define packet_set_maxsize			ssh_packet_set_maxsize
+#define packet_set_nonblocking			ssh_packet_set_nonblocking
+#define packet_set_protocol_flags		ssh_packet_set_protocol_flags
+#define packet_set_rekey_limit			ssh_packet_set_rekey_limit
+#define packet_set_server			ssh_packet_set_server
+#define packet_set_state			ssh_packet_set_state
+#define packet_start				ssh_packet_start
+#define packet_start_compression		ssh_packet_start_compression
+#define packet_write_poll			ssh_packet_write_poll
+#define packet_write_wait			ssh_packet_write_wait
+#define percent_expand				ssh_percent_expand
+#define permanently_set_uid			ssh_permanently_set_uid
+#define prime_test				ssh_prime_test
+#define proto_spec				ssh_proto_spec
+#define pwcopy					ssh_pwcopy
+#define read_keyfile_line			ssh_read_keyfile_line
+#define read_passphrase				ssh_read_passphrase
+#define refresh_progress_meter			ssh_refresh_progress_meter
+#define replacearg				ssh_replacearg
+#define restore_uid				ssh_restore_uid
+#define rijndael_decrypt	       		ssh_rijndael_decrypt
+#define rijndael_encrypt	       		ssh_rijndael_encrypt
+#define rijndael_set_key	       		ssh_rijndael_set_key
+#define rsa_generate_additional_parameters	ssh_rsa_generate_additional_parameters
+#define rsa_private_decrypt			ssh_rsa_private_decrypt
+#define rsa_public_encrypt			ssh_rsa_public_encrypt
+#define sanitise_stdfd				ssh_sanitise_stdfd
+#define seed_rng				ssh_seed_rng
+#define set_newkeys				ssh_set_newkeys
+#define set_nodelay				ssh_set_nodelay
+#define set_nonblock				ssh_set_nonblock
+#define shadow_pw				ssh_shadow_pw
+#define ssh1_3des_iv				ssh_ssh1_3des_iv
+#define start_progress_meter			ssh_start_progress_meter
+#define stop_progress_meter			ssh_stop_progress_meter
+#define strdelim				ssh_strdelim
+#define strnvis					ssh_strnvis
+#define strvis					ssh_strvis
+#define strvisx					ssh_strvisx
+#define sys_tun_open				ssh_sys_tun_open
+#define temporarily_use_uid			ssh_temporarily_use_uid
+#define tilde_expand_filename			ssh_tilde_expand_filename
+#define tohex					ssh_tohex
+#define tty_make_modes				ssh_tty_make_modes
+#define tty_parse_modes				ssh_tty_parse_modes
+#define tun_open				ssh_tun_open
+#define unset_nonblock				ssh_unset_nonblock
+#define uudecode				ssh_uudecode
+#define uuencode				ssh_uuencode
+#define verify_host_key_dns			ssh_verify_host_key_dns
+#define vis					ssh_vis
+#define x11_connect_display			ssh_x11_connect_display
+#define x11_create_display_inet			ssh_x11_create_display_inet
+#define x11_input_open				ssh_x11_input_open
+#define x11_request_forwarding_with_spoofing	ssh_x11_request_forwarding_with_spoofing
+#define xcrypt					ssh_xcrypt
+#define xfree					ssh_xfree
+#define xmalloc					ssh_xmalloc
+#define xmmap					ssh_xmmap
+#define xrealloc				ssh_xrealloc
+#define xstrdup					ssh_xstrdup
--- a/lib/libpam/modules/pam_ssh/Makefile
+++ b/lib/libpam/modules/pam_ssh/Makefile
@ -8,7 +8,7 @@ MAN=	pam_ssh.8
 SRCS=	pam_ssh.c

 WARNS?=	0
-CFLAGS+= -I${SSHSRC}
+CFLAGS+= -I${SSHSRC} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT}
 LDADD=	-lssh -lcrypto -lcrypt
--- a/secure/lib/libssh/Makefile
+++ b/secure/lib/libssh/Makefile
@ -28,7 +28,7 @@ SRCS+=	version.c
 SRCS+=	getaddrinfo.c getnameinfo.c name6.c rcmd.c bindresvport.c
 .endif

-CFLAGS+= -I${SSHDIR}
+CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
 DPADD=	${LIBZ}
 LDADD=	-lz

--- a/secure/libexec/sftp-server/Makefile
+++ b/secure/libexec/sftp-server/Makefile
@ -3,7 +3,7 @@
 PROG=   sftp-server
 SRCS=   sftp-server.c sftp-common.c
 MAN=	sftp-server.8
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/libexec/ssh-keysign/Makefile
+++ b/secure/libexec/ssh-keysign/Makefile
@ -3,7 +3,7 @@
 PROG=	ssh-keysign
 SRCS=	ssh-keysign.c readconf.c
 MAN=	ssh-keysign.8
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h
 .if defined(ENABLE_SUID_SSH)
 BINMODE=4511
 .endif
--- a/secure/usr.bin/scp/Makefile
+++ b/secure/usr.bin/scp/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PROG=	scp
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/usr.bin/sftp/Makefile
+++ b/secure/usr.bin/sftp/Makefile
@ -2,7 +2,7 @@

 PROG=	sftp
 SRCS=   sftp.c sftp-client.c sftp-common.c sftp-glob.c progressmeter.c
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} ${LIBEDIT}
 LDADD=	-lssh -lcrypt -lcrypto -lz -ledit
--- a/secure/usr.bin/ssh-add/Makefile
+++ b/secure/usr.bin/ssh-add/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PROG=	ssh-add
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/usr.bin/ssh-agent/Makefile
+++ b/secure/usr.bin/ssh-agent/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PROG=	ssh-agent
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/usr.bin/ssh-keygen/Makefile
+++ b/secure/usr.bin/ssh-keygen/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PROG=	ssh-keygen
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/usr.bin/ssh-keyscan/Makefile
+++ b/secure/usr.bin/ssh-keyscan/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PROG=	ssh-keyscan
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz
--- a/secure/usr.bin/ssh/Makefile
+++ b/secure/usr.bin/ssh/Makefile
@ -4,7 +4,7 @@
 .include <bsd.own.mk>

 PROG=	ssh
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h
 LINKS=	${BINDIR}/ssh ${BINDIR}/slogin
 MAN=	ssh.1 ssh_config.5
 MLINKS=	ssh.1 slogin.1
--- a/secure/usr.sbin/sshd/Makefile
+++ b/secure/usr.sbin/sshd/Makefile
@ -20,7 +20,7 @@ SRCS=	sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \
 # gss-genr.c really belongs in libssh; see src/secure/lib/libssh/Makefile

 MAN=	sshd.8 sshd_config.5
-CFLAGS+=-I${SSHDIR}
+CFLAGS+=-I${SSHDIR} -include ssh_namespace.h

 DPADD=	${LIBSSH} ${LIBUTIL} ${LIBZ} ${LIBWRAP} ${LIBPAM}
 LDADD=	-lssh -lutil -lz -lwrap ${MINUSLPAM}