1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-26 05:02:18 +00:00

Fix build and run problems in conjunction with OpenSSL.

Natively SSLtelnet works with SSLeay, only.

PR:		ports/12973
Submitted by:	Issei Suzuki <issei@jp.FreeBSD.ORG> (maintainer)
This commit is contained in:
Dirk Froemberg 1999-08-05 08:00:25 +00:00
parent 5a3d2e54f9
commit 6ea24563ed
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=20534
15 changed files with 211 additions and 198 deletions

View File

@ -3,7 +3,7 @@
# Date created: Mar 29, 1998
# Whom: issei@jp.FreeBSD.ORG
#
# $Id: Makefile,v 1.6 1999/01/10 14:11:16 dirk Exp $
# $Id: Makefile,v 1.7 1999/03/26 08:44:57 dirk Exp $
DISTNAME= SSLtelnet-0.13
CATEGORIES= net security
@ -11,8 +11,6 @@ MASTER_SITES= ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
MAINTAINER= issei@jp.FreeBSD.ORG
BROKEN= does not work with openssl-0.9.2b at the moment
.if defined(USA_RESIDENT) && ${USA_RESIDENT} != YES && ${USA_RESIDENT} != NO
pre-fetch:
@echo

View File

@ -1,11 +1,11 @@
--- Makefile.orig Wed Jul 22 15:23:12 1998
+++ Makefile Wed Jul 22 15:24:43 1998
--- Makefile.orig Thu Aug 5 09:03:59 1999
+++ Makefile Thu Aug 5 09:05:32 1999
@@ -98,7 +98,7 @@
#BSD386
CC = gcc -DTERMCAP $(socksflags)
CC += -DTERMCAP $(socksflags)
-LDADD = -ltermcap $(sockslib)
+LDADD = -L$(SSLTOP)/lib -lssl -lcrypto -lRSAglue -lrsaref -ltermcap $(sockslib)
+LDADD = -L$(SSLTOP)/lib -lssl -lcrypto -lRSAglue -lrsaref -ltermcap $(sockslib)
all:
@-mkdir bin 2>/dev/null

View File

@ -1,5 +1,5 @@
--- Makefile.orig Thu Sep 24 23:50:59 1998
+++ Makefile Wed Mar 24 19:07:12 1999
+++ Makefile Thu Aug 5 08:57:44 1999
@@ -47,7 +47,7 @@
# the location where SSLeay is installed ...
@ -26,7 +26,7 @@
#LDADD = -ltermcap $(sockslib)
+
+#BSD386
+CC = gcc -DTERMCAP $(socksflags)
+CC += -DTERMCAP $(socksflags)
+LDADD = -ltermcap $(sockslib)
all:
@ -51,23 +51,14 @@
certificate:
(\
+ [ -f $(INSTALLTOP)/certs/telnetd.pem ] && exit; \
cd $(INSTALLTOP)/certs; \
- cd $(INSTALLTOP)/certs; \
- ssleay req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; \
- ln -s telnetd.pem `ssleay x509 -noout -hash < telnetd.pem`.0 ;\
- chmod 600 $(INSTALLTOP)/certs/telnetd.pem; \
+ [ -f $(INSTALLTOP)/openssl/certs/telnetd.pem ] && exit; \
+ cd $(INSTALLTOP)/openssl/certs; \
+ openssl req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; \
+ ln -s telnetd.pem `openssl x509 -noout -hash < telnetd.pem`.0 ;\
chmod 600 $(INSTALLTOP)/certs/telnetd.pem; \
+ chmod 600 $(INSTALLTOP)/openssl/certs/telnetd.pem; \
)
--- lib/Makefile.orig Wed Sep 2 13:11:39 1998
+++ lib/Makefile Wed Sep 2 13:11:49 1998
@@ -1,7 +1,7 @@
#SUBDIRS= gmp-1.2 kerberosIV/krb libbsd libdes/des libpk libtelnet libutil
SUBDIRS= gmp-1.3.2 libbsd libpk libtelnet libutil
-SUBDIRS= libbsd libtelnet libutil
+SUBDIRS= libtelnet
all:
@for i in $(SUBDIRS); \

View File

@ -9,142 +9,3 @@
#define _PATH_LOGIN "/usr/bin/login"
#else
#define _PATH_LOGIN "/bin/login"
--- telnetd/sys_term.c.orig Sat Aug 2 14:37:00 1997
+++ telnetd/sys_term.c Sat Oct 17 22:11:51 1998
@@ -531,7 +531,7 @@
return(p);
#else
- register char c, *p1, *p2;
+ register char c, *p1, *p2, *cp;
register int i;
#if defined(__GNUC__) || defined(__sgi)
@@ -548,20 +548,40 @@
p1 = &line[8];
p2 = &line[9];
#endif
-
- for (c = 'p'; c <= 's'; c++) {
+ for (cp = "pqrsPQRS"; *cp; cp++) {
struct stat stb;
- *p1 = c;
+ *p1 = *cp;
*p2 = '0';
+ /*
+ * This stat() check is just to keep us from
+ * looping through all 256 combinations if there
+ * aren't that many ptys available.
+ */
if (stat(line, &stb) < 0)
break;
- for (i = 0; i < 16; i++) {
- *p2 = "0123456789abcdef"[i];
+ for (i = 0; i < 32; i++) {
+ *p2 = "0123456789abcdefghijklmnopqrstuv"[i];
p = open(line, 2);
if (p > 0) {
+#ifndef __hpux
line[5] = 't';
- return(p);
+#else
+ for (p1 = &line[8]; *p1; p1++)
+ *p1 = *(p1+1);
+ line[9] = 't';
+#endif
+ chown(line, 0, 0);
+ chmod(line, 0600);
+#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207
+ if (ioctl(p, TIOCGPGRP, &dummy) == 0
+ || errno != EIO) {
+ chmod(line, 0666);
+ close(p);
+ line[5] = 'p';
+ } else
+#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */
+ return(p);
}
}
}
@@ -733,11 +753,7 @@
else
termbuf.lflags &= ~LPASS8;
#else
- if (on) {
- termbuf.c_iflag &= ~ISTRIP;
- } else {
- termbuf.c_iflag |= ISTRIP;
- }
+ termbuf.c_iflag &= ~ISTRIP;
#endif
}
--- telnetd/telnetd.c.orig Sat Aug 2 14:40:48 1997
+++ telnetd/telnetd.c Sat Oct 17 22:13:52 1998
@@ -140,7 +140,7 @@
highpty = getnpty();
#endif /* CRAY */
- while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:")) != EOF) {
+ while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:q")) != EOF) {
switch(ch) {
#ifdef USE_SSL
@@ -203,6 +203,11 @@
}
break;
+
+ case 'q':
+ ssl_quiet_flag = 1;
+ break;
+
#endif /* USE_SSL */
#ifdef AUTHENTICATE
@@ -584,7 +589,7 @@
#ifdef USE_SSL
/* might as well output something useful here ... */
fprintf(stderr, " [-z ssl] [-z secure] [-z debug] [-z verify=int]\n\t");
- fprintf(stderr, " [-z cert=file] [-z key=file]\n\t");
+ fprintf(stderr, " [-z cert=file] [-z key=file] [-q]\n\t");
#endif /* USE_SSL */
fprintf(stderr, " [port]\n");
exit(1);
@@ -656,7 +661,12 @@
fflush(stderr);
}
- fatal(net,"[SSL required - connection rejected]");
+ if (ssl_quiet_flag) {
+ sleep(1);
+ exit(1);
+ }
+ else
+ fatal(net,"[SSL required - connection rejected]");
}
}
--- telnetd/Makefile.orig Tue Sep 12 10:22:51 1995
+++ telnetd/Makefile Sat Oct 17 22:11:51 1998
@@ -4,16 +4,13 @@
PROG= telnetd
-CFLAGS= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
- -DDIAGNOSTICS -DFILIO_H \
- -I../lib -I../lib/libbsd/include \
+CFLAGS+= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
+ -DDIAGNOSTICS -DFILIO_H -I../lib -I../lib/libbsd/include \
-I$(SSLTOP)/include
LIBS= ../lib/libtelnet/libtelnet.a \
- ../lib/libbsd/libbsd.a \
- ../lib/libutil/libutil.a \
$(SSLTOP)/lib/libssl.a \
- $(SSLTOP)/lib/libcrypto.a
+ $(SSLTOP)/lib/libcrypto.a -lutil
# $(SSLTOP)/lib/libdes.a
OBJS= authenc.o global.o slc.o state.o sys_term.o telnetd.o \

View File

@ -12,22 +12,3 @@
if (f & MODE_OUTBIN) {
tmp_tc.c_cflag &= ~(CSIZE|PARENB);
tmp_tc.c_cflag |= CS8;
--- telnet/Makefile.orig Sat Aug 2 13:30:16 1997
+++ telnet/Makefile Fri Oct 16 20:42:09 1998
@@ -6,14 +6,12 @@
PROG= telnet
-CFLAGS= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
- -DFILIO_H \
- -I../lib/libbsd/include -I../lib \
+CFLAGS+= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
+ -DFILIO_H -I../lib -I../lib/libbsd/include \
-I$(SSLTOP)/include
LIBS= ../lib/libtelnet/libtelnet.a \
- ../lib/libbsd/libbsd.a \
$(SSLTOP)/lib/libssl.a \
$(SSLTOP)/lib/libcrypto.a
# $(SSLTOP)/lib/libdes.a

View File

@ -8,15 +8,3 @@
extern char *ssl_log_file;
extern char *ssl_cert_file;
--- lib/libtelnet/Makefile.orig Sat Aug 2 13:31:37 1997
+++ lib/libtelnet/Makefile Wed Sep 2 13:16:15 1998
@@ -12,8 +12,7 @@
#CFLAGS= -DENCRYPT -DAUTHENTICATE -DSRA -DUSE_SSL -DDES_ENCRYPTION \
#-I../libbsd/include -I../libpk
-CFLAGS= -DAUTHENTICATE -DUSE_SSL \
--I../libbsd/include -I$(SSLTOP)/include -I../libpk -g
+CFLAGS+= -DAUTHENTICATE -DUSE_SSL -I$(SSLTOP)/include -I../libbsd/include
lib${LIB}.a: ${OBJS}
echo building standard ${LIB} library

View File

@ -0,0 +1,11 @@
--- lib/Makefile.orig Wed Sep 2 13:11:39 1998
+++ lib/Makefile Wed Sep 2 13:11:49 1998
@@ -1,7 +1,7 @@
#SUBDIRS= gmp-1.2 kerberosIV/krb libbsd libdes/des libpk libtelnet libutil
SUBDIRS= gmp-1.3.2 libbsd libpk libtelnet libutil
-SUBDIRS= libbsd libtelnet libutil
+SUBDIRS= libtelnet
all:
@for i in $(SUBDIRS); \

View File

@ -0,0 +1,70 @@
--- telnetd/sys_term.c.orig Sat Aug 2 14:37:00 1997
+++ telnetd/sys_term.c Sat Oct 17 22:11:51 1998
@@ -531,7 +531,7 @@
return(p);
#else
- register char c, *p1, *p2;
+ register char c, *p1, *p2, *cp;
register int i;
#if defined(__GNUC__) || defined(__sgi)
@@ -548,20 +548,40 @@
p1 = &line[8];
p2 = &line[9];
#endif
-
- for (c = 'p'; c <= 's'; c++) {
+ for (cp = "pqrsPQRS"; *cp; cp++) {
struct stat stb;
- *p1 = c;
+ *p1 = *cp;
*p2 = '0';
+ /*
+ * This stat() check is just to keep us from
+ * looping through all 256 combinations if there
+ * aren't that many ptys available.
+ */
if (stat(line, &stb) < 0)
break;
- for (i = 0; i < 16; i++) {
- *p2 = "0123456789abcdef"[i];
+ for (i = 0; i < 32; i++) {
+ *p2 = "0123456789abcdefghijklmnopqrstuv"[i];
p = open(line, 2);
if (p > 0) {
+#ifndef __hpux
line[5] = 't';
- return(p);
+#else
+ for (p1 = &line[8]; *p1; p1++)
+ *p1 = *(p1+1);
+ line[9] = 't';
+#endif
+ chown(line, 0, 0);
+ chmod(line, 0600);
+#if defined(sun) && defined(TIOCGPGRP) && BSD < 199207
+ if (ioctl(p, TIOCGPGRP, &dummy) == 0
+ || errno != EIO) {
+ chmod(line, 0666);
+ close(p);
+ line[5] = 'p';
+ } else
+#endif /* defined(sun) && defined(TIOCGPGRP) && BSD < 199207 */
+ return(p);
}
}
}
@@ -733,11 +753,7 @@
else
termbuf.lflags &= ~LPASS8;
#else
- if (on) {
- termbuf.c_iflag &= ~ISTRIP;
- } else {
- termbuf.c_iflag |= ISTRIP;
- }
+ termbuf.c_iflag &= ~ISTRIP;
#endif
}

View File

@ -0,0 +1,46 @@
--- telnetd/telnetd.c.orig Sat Aug 2 14:40:48 1997
+++ telnetd/telnetd.c Sat Oct 17 22:13:52 1998
@@ -140,7 +140,7 @@
highpty = getnpty();
#endif /* CRAY */
- while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:")) != EOF) {
+ while ((ch = getopt(argc, argv, "d:a:e:lhnr:I:D:B:sS:a:X:z:q")) != EOF) {
switch(ch) {
#ifdef USE_SSL
@@ -203,6 +203,11 @@
}
break;
+
+ case 'q':
+ ssl_quiet_flag = 1;
+ break;
+
#endif /* USE_SSL */
#ifdef AUTHENTICATE
@@ -584,7 +589,7 @@
#ifdef USE_SSL
/* might as well output something useful here ... */
fprintf(stderr, " [-z ssl] [-z secure] [-z debug] [-z verify=int]\n\t");
- fprintf(stderr, " [-z cert=file] [-z key=file]\n\t");
+ fprintf(stderr, " [-z cert=file] [-z key=file] [-q]\n\t");
#endif /* USE_SSL */
fprintf(stderr, " [port]\n");
exit(1);
@@ -656,7 +661,12 @@
fflush(stderr);
}
- fatal(net,"[SSL required - connection rejected]");
+ if (ssl_quiet_flag) {
+ sleep(1);
+ exit(1);
+ }
+ else
+ fatal(net,"[SSL required - connection rejected]");
}
}

View File

@ -0,0 +1,23 @@
--- telnetd/Makefile.orig Tue Sep 12 11:22:51 1995
+++ telnetd/Makefile Thu Aug 5 03:54:59 1999
@@ -4,16 +4,13 @@
PROG= telnetd
-CFLAGS= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
- -DDIAGNOSTICS -DFILIO_H \
- -I../lib -I../lib/libbsd/include \
- -I$(SSLTOP)/include
+CFLAGS+= -DTERMCAP -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
+ -DDIAGNOSTICS -DFILIO_H -I../lib -I../lib/libbsd/include \
+ -I$(SSLTOP)/include -I$(SSLTOP)/include/openssl
LIBS= ../lib/libtelnet/libtelnet.a \
- ../lib/libbsd/libbsd.a \
- ../lib/libutil/libutil.a \
$(SSLTOP)/lib/libssl.a \
- $(SSLTOP)/lib/libcrypto.a
+ $(SSLTOP)/lib/libcrypto.a -lutil
# $(SSLTOP)/lib/libdes.a
OBJS= authenc.o global.o slc.o state.o sys_term.o telnetd.o \

View File

@ -0,0 +1,20 @@
--- telnet/Makefile.orig Sat Aug 2 14:30:16 1997
+++ telnet/Makefile Thu Aug 5 03:54:01 1999
@@ -6,14 +6,12 @@
PROG= telnet
-CFLAGS= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
- -DFILIO_H \
- -I../lib/libbsd/include -I../lib \
- -I$(SSLTOP)/include
+CFLAGS+= -DKLUDGELINEMODE -DUSE_TERMIO -DAUTHENTICATE -DUSE_SSL \
+ -DFILIO_H -I../lib -I../lib/libbsd/include \
+ -I$(SSLTOP)/include -I$(SSLTOP)/include/openssl
LIBS= ../lib/libtelnet/libtelnet.a \
- ../lib/libbsd/libbsd.a \
$(SSLTOP)/lib/libssl.a \
$(SSLTOP)/lib/libcrypto.a
# $(SSLTOP)/lib/libdes.a

View File

@ -0,0 +1,13 @@
--- lib/libtelnet/Makefile.orig Sat Aug 2 14:31:37 1997
+++ lib/libtelnet/Makefile Thu Aug 5 03:52:45 1999
@@ -12,8 +12,8 @@
#CFLAGS= -DENCRYPT -DAUTHENTICATE -DSRA -DUSE_SSL -DDES_ENCRYPTION \
#-I../libbsd/include -I../libpk
-CFLAGS= -DAUTHENTICATE -DUSE_SSL \
--I../libbsd/include -I$(SSLTOP)/include -I../libpk -g
+CFLAGS+= -DAUTHENTICATE -DUSE_SSL -I$(SSLTOP)/include \
+ -I$(SSLTOP)/include/openssl -I../libbsd/include
lib${LIB}.a: ${OBJS}
echo building standard ${LIB} library

View File

@ -0,0 +1,11 @@
--- lib/libtelnet/sslapp.c.old Thu Aug 5 03:36:35 1999
+++ lib/libtelnet/sslapp.c Thu Aug 5 03:36:55 1999
@@ -81,7 +81,7 @@
if (ssl_debug_flag)
BIO_printf(bio_err,"Generating temp (512 bit) RSA key ...\r\n");
- rsa=RSA_generate_key(512,RSA_F4,NULL);
+ rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
if (ssl_debug_flag)
BIO_printf(bio_err,"Generation of temp (512 bit) RSA key done\r\n");

View File

@ -1,13 +1,13 @@
This program suports both certification and cryptogoraphic with using SSL.
If you do not have certification (/usr/local/certs/telnet.pem) provided by CA,
this port make dummy certification. Of cource it is useless to certify but you
can use SSL telnet/telnetd in encryption only mode with it.
If you do not have certification (/usr/local/openssl/certs/telnet.pem) provided
by CA, this port make dummy certification. Of cource it is useless to certify
but you can use SSL telnet/telnetd in encryption only mode with it.
You must edit /etc/inetd.conf to make SSL telnetd available. Some examples
below:
1. Accept both normail telnet client and SSL telnet client.
1. Accept both normal telnet client and SSL telnet client.
telnet stream tcp nowait root /usr/local/libexec/telnetd telnetd

View File

@ -1,3 +1,3 @@
bin/telnet
libexec/telnetd
@exec ( [ -f %D/certs/telnetd.pem ] && exit ; echo "Making certificate files" ; cd %D/certs ; ssleay req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; ln -s telnetd.pem `ssleay x509 -noout -hash < telnetd.pem`.0 ; chmod 644 %D/certs/telnetd.pem )
@exec ( [ -f %D/openssl/certs/telnetd.pem ] && exit ; echo "Making certificate files" ; cd %D/openssl/certs ; %D/bin/openssl req -new -x509 -nodes -days 365 -out telnetd.pem -keyout telnetd.pem; ln -s telnetd.pem `%D/bin/openssl x509 -noout -hash < telnetd.pem`.0 ; chmod 644 %D/openssl/certs/telnetd.pem )