1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-15 10:17:20 +00:00
Commit Graph

443 Commits

Author SHA1 Message Date
Mark Murray
563df95270 Revamp and diff-reduce the various secure telnets. Make sure that
Kerberos5 has _a_ telnet (which is not currently K5 enabled).
Incorporate BDE's static linking fixes.
2001-08-03 16:03:26 +00:00
Bruce Evans
4c05509cd0 Fixed world breakage when NOSHARED=yes. libmp now depends on libcrypto,
so it must be linked before libcrypto to work right.
2001-07-30 14:36:19 +00:00
Ruslan Ermilov
f091f0029a Added missing DPADD and CLEANFILES. 2001-07-12 09:17:51 +00:00
Ruslan Ermilov
9fe48c6e8d mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 11:04:34 +00:00
Kris Kennaway
d6580eb1a8 Remove stale file. 2001-07-04 21:27:10 +00:00
Brian Feldman
e7edf5a116 Enable Kerberos 5 support in sshd again. 2001-06-12 03:43:47 +00:00
Kris Kennaway
a3ea7e2448 Update for OpenSSL 0.9.6a
MFC after:	2 weeks
2001-05-20 03:43:14 +00:00
Bruce Evans
e2413c56ed Fixed world breakage in previous commit. -lpam must never be used
directly (except in the definition of MINUSLPAM in bsd.libnames.mk)
since it doesn't give all the libraries necessary for static linkage.

Fixed missing ${LIBPAM} in DPADD.

Fixed some style bugs in DPADD and LDADD.
2001-05-09 14:30:49 +00:00
Bruce Evans
f61dcf5281 Fixed world breakage in previous commit. -lpam must never be used
directly (except in the definition of MINUSLPAM in bsd.libnames.mk)
since it doesn't give all the lbraries necessary for static linkage.

Fixed new and old bugs in DPADD.  ${LIBPAM} was missing, and the
library order was different from that in LDADD so `make checkdpadd'
reported a non-bug.
2001-05-09 14:23:54 +00:00
Nick Sayer
76235b992b Add PAM support to SRA authentication. Cribbed mostly from ftpd. This
doesn't solve the problem of root being allowed to log in, but that sort
of thing is something PAM should be doing anyway.
2001-05-07 20:38:39 +00:00
Brian Feldman
d70e08c642 Update to OpenSSH 2.9. Somehow this missed getting committed yesterday. 2001-05-04 23:55:18 +00:00
Brian Feldman
9513e1a83d Don't build with Kerberos 5 support for now. I'll fix this soon,
but I don't want to break Kerberos 5 users' worlds too much in the
meantime.
2001-05-04 05:07:43 +00:00
Brian Feldman
d350064e0b Follow the OpenSSH 2.9 upgrade with the infrastructure. Two new
programs are now included: sftp(1) and ssh-keyscan(1).
2001-05-04 04:21:25 +00:00
Brian Feldman
718acf91af Add the new version.c to libssh. 2001-05-03 00:45:03 +00:00
Nick Sayer
6a1fe28e41 Reactivate SRA.
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
2001-04-05 14:09:15 +00:00
Ruslan Ermilov
47f3c9a746 Merged src/lib/libtelnet rev.1.9 (fixed removing of obsolete shared
library: wrong library directory, wrong library extension and wrong
comment).  This is mainly of historical interest, if any.  The library
that gets removed is aout.

Also, backout the beforeinstall -> afterinstall change in rev.1.20
that was required to install proper telnet.h into /usr/include/arpa.
The actual problem is in <bsd.lib.mk>, and I am going to fix it.
2001-03-28 12:15:22 +00:00
Ruslan Ermilov
4ecbb30346 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
Ruslan Ermilov
b8cba406f2 secure/ build fixes:
- TELNETOBJDIR is gone.  `buildworld' already installs libtelnet.a
  in ${WORLDTMP}/usr/lib, and we have LIBRARY_PATH pointing there.

- SSHDIR (formerly SSHSRC) is now shared between all SSH modules.
  New LIBSSH is introduced for libssh.a (an internal static lib).
  Previously, build without prior `obj' was broken; SSH modules
  always looked for libssh.a in ${.OBJDIR}.  Also, the dependancies
  on the libssh.a were missing.

- libtelnet/ did not install the crypto version of telnet.h into
  /usr/include/arpa.

- Removed BINOWN, BINMODE, BINDIR and SRCS with default values.

Reviewed by:	markm

- MAN[1-9] -> MAN.
2001-03-26 14:53:33 +00:00
Assar Westerlund
0dc115d939 disable SRA
this impacts negatively to POLA since once autologin is enabled,
telnet will prompt for a password using getpass() and thus not allow
the usual signal characters or C-]
2001-03-23 19:38:21 +00:00
Kris Kennaway
50c83208db Attempt to fix the problem with -j builds, and du-uglify the asm code
generation and assembly targets.

Help from:	bde, obrien
2001-03-14 10:10:11 +00:00
Mark Murray
5c1296168b Add OpenBSD-style blowfish password hashing. This makes one less
gratuitous difference between us and our sister project.

This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.

Obtained from:	Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by:	Paul Herman <pherman@frenchfries.net>
2001-03-11 16:05:43 +00:00
Kris Kennaway
81ddd82853 MFS: Belatedly bump SHLIB_MAJOR corresponding to OpenSSL 0.9.6 2001-03-08 07:57:49 +00:00
Kris Kennaway
ab27f17f05 Install the des.h link under ${DESTDIR}. Fixes buildworld.
Submitted by:   Christian Weisgerber <naddy@mips.inka.de>
2001-03-04 23:14:50 +00:00
Kris Kennaway
722541555f Clean up the installation of the compatibility libdes header/library
symlinks

Pointed out by:	bde
2001-03-04 06:51:51 +00:00
Kris Kennaway
2600f312d7 Don't override CPUTYPE (actually this predates the <bsd.cpu.mk> use of
CPUTYPE, and I forgot I used it here already)

Pointed out by:	bde
2001-03-04 05:51:43 +00:00
Ruslan Ermilov
afcf05e46a setlocale(3) has been fixed to match POSIX standard:
LC_ALL takes precedence over other LC_* envariables.
2001-03-02 16:52:14 +00:00
Kris Kennaway
247b759d92 Update the list of OpenSSL manpages (now contains many more describing
libssl, for example), and hide it behind a make.conf option,
WANT_OPENSSL_MANPAGES, instead of having it commented out.  We still can't
install these by default because of clobbering of a number of system
manpages with the same name, but they're there for people who want them.
2001-02-25 21:42:12 +00:00
Kris Kennaway
47585c927f Add back a missing file from the no-asm case
Submitted by:	gallatin
2001-02-20 01:50:25 +00:00
Kris Kennaway
b9d37a4027 Remove a remnant of my attempt to get alpha asm code working. OpenSSL
does include code for the alpha, but as far as I can tell, it is
non-functional (e.g. it's not even compiled by the native openssl build on
the alpha).

Noticed by:	gallatin
2001-02-19 23:31:53 +00:00
Kris Kennaway
0937df81ca Introduce support for using OpenSSL ASM optimizations. This is done
through the use of a new build directive, MACHINE_CPU, which contains a
list of the CPU generations/features for which optimizations are desired.
This feature will be extended to cover the ports tree in the future.

Currently OpenSSL provides optimizations for i386, i586 and i686-class
CPUs. Currently it has not been tested on an i386 or i486.

Teach make(1) to provide sensible defaults for MACHINE_CPU if it is not
defined (namely, the lowest common denominator CPU we support for each
architecture).  Currently this is i386 for the i386 architecture and ev4
for the alpha.  sys.mk also sets the variable as a last resort for
consistency with MACHINE_ARCH and bootstrapping from very old versions of
make.

Benchmarks show a significant speed increase even in the i386 case, with
additional improvements for i586 and i686 systems.  For maximum performance
define MACHINE_CPU=i686 i586 i386 in /etc/make.conf.

Based on a patch submitted by:  Mike Silbersack <silby@silby.com>
Reviewed by:    current
2001-02-19 03:59:05 +00:00
Jacques Vidrine
18ae4e64cf Define HAVE_PAM_GETENVLIST for build. Now environmental variables set
by PAM modules will be exported (correctly).
2001-02-08 21:16:34 +00:00
Bruce Evans
0be3a10c91 Fixed missing include of <unistd.h> and wrong prototype for setkey(). 2001-02-06 01:17:59 +00:00
Ben Smithurst
48cd1cfb63 Add .Lb libcipher
PR:		24434
Submitted by:	Bill Cheswick <ches@bell-labs.com>
2001-01-24 14:27:30 +00:00
Ruslan Ermilov
e9f98cd047 man(7) -> mdoc(7). 2001-01-16 15:28:12 +00:00
Peter Wemm
9886bcdf93 Merge into a single US-exportable libcrypt, which only provides
one-way hash functions for authentication purposes.  There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before.  If this is
  not called, it tries to heuristically figure out the hash format, and
  if all else fails, it uses the optional auth.conf entry to chose the
  overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
  having the source it in some countries, so preserve the "secure/*"
  division.  You can still build a des-free libcrypt library if you want
  to badly enough.  This should not be a problem in the US or exporting
  from the US as freebsd.org had notified BXA some time ago.  That makes
  this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5.  This
  is to try and minimize POLA across buildworld where folk may suddenly
  be activating des-crypt()-hash support.  Since the des hash may not
  always be present, it seemed sensible to make the stronger md5 algorithm
  the default.
All things being equal, no functionality is lost.

Reviewed-by: jkh

(flame-proof suit on)
2000-12-28 10:32:02 +00:00
Brian Feldman
94193b581b Update for OpenSSH 2.3.0. 2000-12-05 03:01:33 +00:00
Ruslan Ermilov
2b7f803bd3 Fixed a typo from the last commit.
Submitted by:	Mike Heffner <mheffner@vt.edu>
2000-11-15 07:45:23 +00:00
Kris Kennaway
326df993d7 Correct some fallout from the semi-automated way I updated the makefile.
Submitted by:	roberto
2000-11-14 22:12:02 +00:00
Brian Feldman
087815f8bc Disable /usr/bin/ssh being setuid root by default. Let the variable
ENABLE_SUID_SSH being defined reenable it for those that want it.

This follows discussion favoring the change from September.  It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).

Submitted by:	jedgar
2000-11-14 04:42:25 +00:00
Kris Kennaway
95200624a6 Update for OpenSSL 0.9.6 2000-11-13 02:21:38 +00:00
Gregory Neil Shapiro
85e427cc94 Fix up the build for the STARTTLS version of sendmail (again). This method
mimics that of tcpdump in that for normal builds, sendmail will only be
built once.  For 'make release', it is built once for the bin dist and
once for the crypto dist.  This method also removes the need for two separate
Makefiles (which could become out of sync).

Suggested by: bde
Assisted by: kris
2000-10-24 16:04:56 +00:00
Gregory Neil Shapiro
e11cbdb767 Do not override BINDIR settings from subdirectory Makefiles.
Submitted by:	bde
2000-10-13 16:57:03 +00:00
Gregory Neil Shapiro
1e503e9884 ../Makefile.inc was clobbering BINDIR so sendmail was being installed in
/usr/sbin/ instead of /usr/libexec/sendmail/

Submitted by:	bde
2000-10-13 16:51:05 +00:00
Gregory Neil Shapiro
c1f12b17ff Activate the 'secure' (TLS) version of sendmail if !NO_SENDMAIL && !NO_OPENSSL 2000-10-13 03:21:37 +00:00
Gregory Neil Shapiro
fa54144cce Given that sendmail's STARTTLS support requires OpenSSL and the bootstrap
issues that brings, build the non-TLS version of sendmail in
src/usr.sbin/sendmail and the TLS version in src/secure/usr.sbin/sendmail.
This allows the TLS version to be part of the secure distribution when
building a release.
2000-10-13 03:20:43 +00:00
Gregory Neil Shapiro
cec19acfbc Remove STARTTLS support as it breaks builds without crypto installed.
Waiting to hear back regarding the best way to do this.
2000-10-12 17:04:32 +00:00
Peter Wemm
0a69c17a48 With apoligies to Greg Shapiro, fix the world. The previous commit
lost -lutil and -lwrap by replacing $LDADD and $DPADD rather than
appending to them with +=.
2000-10-11 12:19:42 +00:00
Gregory Neil Shapiro
c6cc60252d Style fixes 2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
79c8873163 NOCRYPT imples NO_OPENSSL.
Still need to solve the distribution problem.

Submitted by:	kris
2000-10-11 03:35:32 +00:00
Gregory Neil Shapiro
0c2b976cf8 Build sendmail with STARTTLS support unless NO_OPENSSL is set. 2000-10-10 18:15:41 +00:00
Kris Kennaway
b5a1cc3a5c Overhaul of the build-time include file generation. Don't break in evp.h
if bootstrapping from a system on which the openssl headers are not
already present.
2000-09-17 06:45:27 +00:00
Gregory Neil Shapiro
cf1fec423a Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
Kris Kennaway
65c9b74cc6 Only build sftp-server conditionally 2000-09-16 22:43:00 +00:00
Andrey A. Chernov
89cdeb294d Add sftp-server 2000-09-15 01:04:32 +00:00
Gregory Neil Shapiro
da69ece541 Allow users to add libraries for sendmail (e.g. Cyrus SASL)
Obtained from:	Sergei Vyshenski <svysh@pn.sinp.msu.ru>
2000-09-13 04:16:16 +00:00
Kris Kennaway
2f538dadf7 Update for OpenSSH 2.2.0 2000-09-10 09:43:29 +00:00
Kris Kennaway
690a362571 Nuke RSAREF support from orbit.
It's the only way to be sure.
2000-09-10 00:09:37 +00:00
Kris Kennaway
e1f99b045c ``Anyone is now free to rub two primes together for their own gratification''
-- Unknown

Now that the RSA algorithm is released into the public domain, build
librsaintl by default unless NO_RSAINTL is set in make.conf.

The native OpenSSL implementation of RSA is much faster, doesn't have
an artificial keysize limitation, has 30% fewer calories and tastes great!
2000-09-06 23:46:50 +00:00
Kris Kennaway
939c32909c Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
was using this feature.
2000-09-02 07:32:05 +00:00
Brian Feldman
dd62c1ebeb Make the temporary file _evp.h instead of evp.h to not conflict with
the real evp.h.

Reported by:	markm
2000-08-24 19:06:55 +00:00
Andrey A. Chernov
0305cfcec6 Add missing quotes around xauth path 2000-08-23 19:14:48 +00:00
Brian Feldman
4eb207a1ae Generate a new evp.h at build-time instead of install-time to properly
support NFS(ro) installworlds.
2000-08-23 11:41:01 +00:00
Kris Kennaway
4d858ef441 Respect X11BASE to derive the location of xauth(1)
PR:		17818
Submitted by:	Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-08-23 09:39:20 +00:00
Brian Feldman
04c9749ff0 Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
2000-08-22 02:15:54 +00:00
Gregory Neil Shapiro
d0b3252609 Turn on support for IPv6 2000-08-14 02:36:29 +00:00
Gregory Neil Shapiro
478c940682 Get rid of the /etc/aliases -> /etc/mail/aliases hack. /etc/mail/aliases
now exists in the distribution.
2000-08-13 08:36:40 +00:00
Gregory Neil Shapiro
88c75941e6 The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
Brian Feldman
314844b39a Unbreak the OpenSSL headers for those of us who don't/can't use IDEA by
getting rid of the check for NO_IDEA (in evp.h) completely if it's
installed without MAKE_IDEA=YES.
2000-08-04 04:25:59 +00:00
Kris Kennaway
283cfe50ae Install the openssl(1) manpage with an MLINK from ssl(8) to at least put
something in the location where OpenSSH likes to point.
2000-08-03 05:29:04 +00:00
Kris Kennaway
b682213c87 Don't build sshd if NO_OPENSSL defined.
Submitted by:	stephen@math.missouri.edu
2000-07-30 22:25:54 +00:00
Kris Kennaway
abe829c0e3 Don't build crypto-enabled telnetd if NO_OPENSSL is defined, since it
attempts to link against libcrypto.
2000-07-25 01:11:17 +00:00
Mark Murray
1200a0a6e4 WITH_IDEA --> MAKE_IDEA fix. 2000-07-16 12:20:28 +00:00
Peter Wemm
ecece7e319 Add missing $FreeBSD$ to files that are NOT still on vendor a branch. 2000-07-16 05:48:49 +00:00
Peter Wemm
97e8e70bd1 Be consistant about WITH_ vs MAKE_ flags. We have a precedent of using
MAKE_foo for things like MAKE_KERBEROS etc.  Use that.  I managed to
confuse myself last time and made make.conf different to the code. ;-(

Reported by:  Jun Kuriyama <kuriyama@FreeBSD.org>
2000-07-14 09:18:21 +00:00
Peter Wemm
8e7cbb3c91 Argh. Cut/paste transcription error. Fix syntax of previous commit. 2000-07-03 06:26:30 +00:00
Peter Wemm
86c9b3ab20 USA_RESIDENT is forced to YES or NO at the start of Makefile.inc1
Use that to be the final arbiter of whether or not to build the
librsaintl.so plugin for openssl/openssh.  Add a magic WANT_RSAINTL flag
to force building even if USA_RESIDENT=YES.
2000-07-03 06:24:23 +00:00
Mark Murray
ce09ad5098 MFI. This is a documentation-only, diffreducing patch, that if
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
Kris Kennaway
957dc12dec Link explicitly against -lmd. I'm not sure what was pulling this in
on -current, but it doesnt do it on -stable.
2000-06-11 05:30:52 +00:00
Kris Kennaway
d52b295063 Add a new file to SRCS 2000-06-03 10:04:31 +00:00
David E. O'Brien
14a8a54168 /dev/urandom is the default random device, so no use in stateing it here.
Also simplify the conditionals a little.
2000-05-15 23:29:03 +00:00
David E. O'Brien
f254f0ac49 This version is slightly better than rev 1.10. There are still missing
dependencies for openssl/*.h.  I cannot reproduce any critical race
conditions with this revision.
2000-05-15 17:28:06 +00:00
David E. O'Brien
f80c5c4a34 Use unadorned `mkdir -p', removing the "test ... ||".
There are sometimes problems with "&&" and "||" in the `make -j' case, as
it appears multiple processes may process parts of the execution line.
2000-05-15 16:52:57 +00:00
Kris Kennaway
4fc9354419 Update for OpenSSH 2.1 2000-05-15 05:26:50 +00:00
Kris Kennaway
0ae5a27cf8 Use the C locale for running date(1).
Submitted by:	ache
2000-04-20 07:26:46 +00:00
Kris Kennaway
9ccbd450e8 Update for OpenSSL 0.9.5a and clean up a bit. 2000-04-13 07:37:35 +00:00
Kris Kennaway
a7aaf459e7 Update for OpenSSL 0.9.5a and clean up a bit.
Take responsibility for this makefile again :-)
2000-04-13 07:37:26 +00:00
David E. O'Brien
63bfdbdb0a * Fix dependancies so that ``make depend'' is not required.
* Some style fixes

Approved by:	kris
2000-04-11 09:27:24 +00:00
David E. O'Brien
2461ce422b * Fix dependancies so that ``make depend'' is not required.
* Some style fixes

Approved by:	kris
2000-04-11 08:28:47 +00:00
Kris Kennaway
aad873b098 Add libcrypto to LDADD. This fixes problems seen with e.g. apache-modssl
Submitted by:	Jim Bloom <bloom@acm.org>
2000-04-04 07:31:01 +00:00
Kris Kennaway
fcd9d76716 Missed a fix for the new openssh; this fixes make world. 2000-03-26 21:17:11 +00:00
Kris Kennaway
1ef4beca5f Update for latest OpenSSH 2000-03-26 07:54:12 +00:00
Kris Kennaway
9fd4066575 Add a new function stub to libcrypto() which resolves to a symbol in
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.

This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'

This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
Mark Murray
283073b4e6 Make LOGIN_CAP work properly.
Submitted by:	ache
2000-03-09 14:54:00 +00:00
Kris Kennaway
bb49f794f5 Buildworld fixes for NO_OPENSSH and NO_OPENSSL
Approved by:	jkh
2000-03-09 06:29:05 +00:00
Kris Kennaway
d7d9ad4214 Build a shared library too - ports expect it.
Reviewed by:	peter
Approved by:	jkh
2000-03-07 20:55:55 +00:00
Peter Wemm
5a0a2ee966 Merge from internat.freebsd.org; cleanup stray rsaref glue code reference 2000-03-05 14:20:57 +00:00
John Hay
aa77fdaa47 MFI: Make ssh and sshd link in the krb5 part of make release.
Reviewed by:	markm
2000-03-03 20:34:05 +00:00
Kris Kennaway
a5ee11a77a Resurrect the old libdes manpages (after a repo copy) until we have better
ones.
2000-03-02 06:06:35 +00:00
Peter Wemm
3187486c8a Merge from internat.freebsd.org: add libcrypto to librsaUSA's symbol search
path so that ERR_load_strings() is found in certain circumstances
involving dlopen().  eg: main program dlopened foo.so which is linked
against libcrypto.  If libcrypto then dlopens librsaUSA.so, then it's
search path doens't find libcrypto (!).  One "fix" is to force
modules (eg main opening foo.so) to use the RTLD_GLOBAL flag, the other
is to explicitly declare dependencies (as done here).
2000-03-02 05:22:46 +00:00
Mark Murray
87afaaf75a MFI: stupid typo of mine. 2000-02-29 09:56:11 +00:00
Kris Kennaway
06f13592e1 Add NODESCRYPTLINKS knob to prevent spamming of libcrypt -> libscrypt
symlinks. The name is against my better judgement, but I defer to ancient
tradition here because I'm a nice guy.

Reviewed by:	-current
2000-02-29 05:47:52 +00:00
Mark Murray
e1eaf14cd7 New distribution names. 2000-02-28 19:25:34 +00:00
Mark Murray
c62e13f4cf New distribution name. 2000-02-28 19:24:33 +00:00
Peter Wemm
9fa5f5fd96 Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
Peter Wemm
42a75d55f1 Merge from internat.freebsd.org; deal with -DRSAref the same way as
libcrypto - not that it means much on the US code tree.
2000-02-25 14:15:31 +00:00
Peter Wemm
cfd62b902e Merge from internat.freebsd.org; make RSAREF=YES work correctly, although
this is not very useful as the US repo is missing bits.
2000-02-25 14:08:35 +00:00
Peter Wemm
6681286022 Create a stub libRSAglue for bsd.port.mk's sake 2000-02-25 09:47:17 +00:00
Peter Wemm
8df7a1fa29 Don't pull in libRSAglue for the rsaref case. Since this is linked
dynamically by default, we use the dlopen() calls to load librsaref.so
on US code trees.
2000-02-25 08:21:35 +00:00
Peter Wemm
07a0979e84 Fold libRSAglue into libcrypto so we don't have to special-case
all the builds.  There is still no actual RSA implementation code
in libcrypto or src/* on US code trees.
2000-02-25 08:18:43 +00:00
Peter Wemm
08c0f1c7dd Sync with internat; delete a trailing space 2000-02-25 05:35:37 +00:00
Mark Murray
51a4536595 Remove port components not needed in 4.n+
Submitted by:	Half the freaking planet....
2000-02-24 22:39:24 +00:00
Mark Murray
b87f0bc988 libdes is OBE 2000-02-24 19:08:24 +00:00
Mark Murray
c9f2d5f483 Build everything properly. This means:
o Don't b uild libdes.

o Crypto is now housed in libcrypto (with a compatability symlink to
  libdes)

o RSA may depend on RSAREF at your locale.

o OpenSSH is now a part of the base system.
2000-02-24 18:59:34 +00:00
Mark Murray
c23e256eef Add the OpenSSH userland-building Makefiles. 2000-02-24 17:00:55 +00:00
Mark Murray
228c5a5af7 Freefall/Internat diff reducer. 2000-02-24 10:37:29 +00:00
Mark Murray
22dcf83566 Freefall/Internat diff reducer. 2000-02-24 10:21:56 +00:00
Mark Murray
1b87af6b57 Freefall/Internat diff reducer. 2000-02-24 10:06:57 +00:00
Mark Murray
97dacfda2b Diff reducer. Comes from Internat. 2000-02-24 09:52:37 +00:00
Mark Murray
4486a1f099 Remove useless whitespace.
Part of big commit OK'ed by: JKH
2000-02-24 09:48:58 +00:00
Kris Kennaway
0c7304fede Back out the previous commit - it broke world and was not approved.
I don't know what I was thinking committing without approval - sorry.
2000-02-14 08:09:52 +00:00
Kris Kennaway
b0ba1374bc Link dynamically, not statically. 2000-02-13 00:53:12 +00:00
Kris Kennaway
8c52579a78 Add NO_OPENSSL knob to turn off building of openssl
Requested by:   wollman
2000-01-30 04:12:49 +00:00
Kris Kennaway
c6680962bf Add NO_OPENSSL knob to turn off building of openssl
Requested by:	wollman
2000-01-30 04:11:37 +00:00
Yoshinobu Inoue
4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Kris Kennaway
a5c3c93893 Don't search for libraries in ${LOCALBASE}. This should fix the problems
people were seeing with conflicts with the openssl port.
2000-01-20 07:29:01 +00:00
Kris Kennaway
04c111ac5f Activate librsaglue 2000-01-20 07:27:49 +00:00
Kris Kennaway
486bbb25ef Move the rsaref gunk to libRSAglue where ports expect it. 2000-01-20 07:27:38 +00:00
Kris Kennaway
5afe765e66 Build infrastructure for libRSAglue, required for compatability with
ports even though it doesn't seem to do anything which requires it
to be separate from libcrypto.
2000-01-20 07:24:40 +00:00
Kris Kennaway
e36de8f1b1 The wrong version of the file was committed previously which explains the
problems seen here.
2000-01-16 21:00:06 +00:00
Kris Kennaway
f9992f30fc Turn back on openssl building. 2000-01-16 05:25:26 +00:00
Kris Kennaway
3e3bfbad52 Turn back on libcrypto and libssl building. 2000-01-16 05:24:47 +00:00
Kris Kennaway
ac242a29d9 *** empty log message *** 2000-01-16 05:19:27 +00:00
Kris Kennaway
2f00e5fdc4 Add MAINTAINER tag so people don't feel the need to randomly frob with this. 2000-01-16 02:20:03 +00:00
Brian Feldman
d82f495687 We cannot have libcrypto, and therefore OpenSSL at all, without RSA.
If you need examples of breakage, I'm ready to provide more than a
few.
2000-01-15 18:02:10 +00:00
Kris Kennaway
45b8027e25 Connect OpenSSL to the build. 2000-01-14 08:01:51 +00:00
Kris Kennaway
41e8e5da52 Build infrastructure for OpenSSL 2000-01-14 05:49:29 +00:00
Kris Kennaway
63f691b33c Really really remove SHA-1 support. 2000-01-09 21:22:48 +00:00
Mark Murray
8ab773c3cf Routines needed by new kerberos. 2000-01-09 10:09:40 +00:00
Jordan K. Hubbard
e63a240576 Remove the SHA stuff properly. 2000-01-08 03:01:13 +00:00
Peter Wemm
049239a46c Since /etc/sendmail.cf got moved to /etc/mail/sendmail.cf, a 'make world'
would leave you with a broken sendmail and local mail loss.
This evil hack moves sendmail.cf from the old location to the new one (if
required) at install time.
1999-12-29 18:56:55 +00:00
Peter Wemm
8ea9610d48 Install sendmail in it's new location. 1999-12-29 18:40:56 +00:00
Mark Murray
1c7d04a82f RIP xntpd. 1999-12-22 19:15:02 +00:00
Peter Wemm
1a9527eaaa I missed the LDADD/DPADD for -lmd in the secure cases. :-(
Pointed out by: marcel
1999-12-19 16:50:33 +00:00
Peter Wemm
ed9823add9 Revert -lmd changes now that libcrypt doesn't expose this binutils/ld
bug any more.
1999-12-18 16:42:33 +00:00
Marcel Moolenaar
6b5f58c5c3 Add libmd to DPADD and LDADD. 1999-12-17 11:45:28 +00:00
Mark Murray
1a19815c14 Dont build telenet if we are going for kerberised telnet; this just
jumps all over kerberised telnet otherwise.
1999-10-12 19:48:05 +00:00
Mark Murray
d14fc57cb7 Make telnet with SRA work.
Submitted by:	Nick Sayer
1999-10-07 19:47:09 +00:00
Mark Murray
e267a66620 Colour me stupid. This is a better way of using the macros. 1999-09-21 22:13:07 +00:00
Mark Murray
af37a7967b Do this the same way as Internat to reduce diffs. 1999-09-21 17:57:09 +00:00
Dmitrij Tejblum
462da152d2 Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
Revert the major number back to 2.

libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
1999-09-21 17:52:05 +00:00
Peter Wemm
6fd36d7d11 Restore SONAME setting, otherwise libdescrypt.so.3 doesn't end up with
a special SONAME of libcrypt.so.3 and the runtime symlink doesn't work.
1999-09-21 14:47:36 +00:00
Mark Murray
e1e54354b5 Make this completely dependant on the exportable libcrypt, to avoid
duplication of effort. Also a large cleanup of the code, inspired
by Brandon Gillespie.
1999-09-20 12:40:06 +00:00
Mark Murray
5cd82127f8 libdes is bmaked and built from src/crypto/... now. 1999-09-19 18:49:58 +00:00
Mark Murray
056bcb03a1 This commit was generated by cvs2svn to compensate for changes in r50894,
which included commits to RCS files with non-trunk default branches.
1999-09-04 12:45:43 +00:00
Mark Murray
caf39ecc96 Vendor import EAY's LIBSSL to fix comments, etc. 1999-09-04 12:45:43 +00:00
Mark Murray
0a21b04f59 Drat. Import this into the right place. Pass me the pointy hat. 1999-09-01 19:59:25 +00:00
Mark Murray
778981c288 This commit was generated by cvs2svn to compensate for changes in r50760,
which included commits to RCS files with non-trunk default branches.
1999-09-01 19:59:25 +00:00
Peter Wemm
a1a4f1a0d8 $Header$ -> $FreeBSD$ 1999-08-28 05:11:36 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Mark Murray
e3f08ba406 Claim ownership 1999-08-17 13:39:28 +00:00
Mike Pritchard
36b3fda178 Various man page cleanup:
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.
1999-08-15 10:01:15 +00:00
Kris Kennaway
3e977c59cf Typo in comment. 1999-04-25 13:14:36 +00:00
Mark Murray
2331d1600b Enable tcp_wrapper support by default. 1999-03-28 10:55:03 +00:00
Peter Wemm
9e5e26b31a MaxHeaderLines is now MaxHeadersLength (in bytes) 1999-02-07 09:48:52 +00:00
Peter Wemm
5e418b65f6 Support 'O MaxHeaderLines=' to override the default header count and line
length limits.  The configuration keyword is: confMAX_HEADER_LINES
1999-01-24 07:54:30 +00:00
Mark Murray
1b340441b7 Fix symlinking. Without the -f "force" option, the wrong version
can be found.
Submitted by:   Bruce
1999-01-24 07:51:33 +00:00
Mark Murray
945c0b6dde The new crypt code breaks "make world". Back it out. 1999-01-23 08:26:11 +00:00
Brandon Gillespie
5287069da8 Removed from the secure/lib/libcrypt area, because of the rewrite to how
the Makefile handles des support by just including the single .c file.

Reviewed by:	Mark Murray
1999-01-21 13:51:49 +00:00
Peter Wemm
3539ed8b65 Update for 8.9.2 (new file, control.c)
Also, turn on support for the MaxMimeHeaderLength option in sendmail.cf.
1999-01-12 12:47:54 +00:00
David E. O'Brien
2887f586f0 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:14 +00:00
John Birrell
7dcd8b7c45 BINFORMAT -> OBJFORMAT ready for E-day. Untested 'cause I'm outside
the US and not allowed to see this. I kept my eyes closed. 8-)
1998-08-31 00:35:10 +00:00
Peter Wemm
22751f562c Connect up sendmail-8.9.1 1998-08-04 15:24:04 +00:00
Mark Murray
4586e1abc5 Staticise a variable.
PR:		4722
Submitted by:	Karl Denninger
1997-10-08 07:02:48 +00:00
Jordan K. Hubbard
97fe7f477f Changes to support full make parallelism (-j<n>) in the world
target.
Reviewed by:	<many different folks>
Submitted by:	Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
1997-10-05 09:40:24 +00:00
Peter Wemm
a99f0e8211 Teach libdescrypt about elf builds. 1997-09-05 12:21:22 +00:00
Peter Wemm
c0ec1f37ef Revert $FreeBSD$ to $Id$ 1997-02-22 14:40:44 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Wolfram Schneider
af20215665 Sort cross references. 1997-01-13 00:25:51 +00:00
Mark Murray
4ee026279c Secure telnet is now in eBones. 1996-11-07 14:42:57 +00:00
Mark Murray
846c5a6cb7 Remove references to TELNET*. 1996-11-07 14:41:20 +00:00
Peter Wemm
82c2534fd0 Fold sendmail-8.8.2 changes into files that have been touched.
(^!&@$#&^! delete !!@^@^ trailing !@^&#$!& whitespace!!!)
1996-10-24 05:07:25 +00:00
Peter Wemm
e7d24931fe cmp -s || install -c --> install -C 1996-08-30 04:07:04 +00:00
Peter Wemm
fb128913a9 Same as non-secure telnetd, add support for ``-P altlogin'' to specify
an alternate /usr/bin/login type program to be run.
1996-08-13 07:53:54 +00:00
Mark Murray
43e844cb02 Next version from the author - from SSLeay.0.6.3 1996-08-10 17:19:16 +00:00
Mark Murray
67d29e2c6c This commit was generated by cvs2svn to compensate for changes in r17497,
which included commits to RCS files with non-trunk default branches.
1996-08-10 17:19:16 +00:00
Mark Murray
f3d1114f33 Some breakeages sneaked in. This fixes them.
(this relates to a name change in a library that was not properly backed
up by the author)
Reported by: too mant :-(
1996-07-30 21:09:48 +00:00
Mark Murray
43f15e7154 Merge, remove rubbish and bump the MAJOR.MINOR to 3.0 1996-07-29 18:01:42 +00:00
Mark Murray
f2c335efd5 Rats. Just when a piece of code is nice and stable, the author has to
release an upgrade.
1996-07-29 17:54:40 +00:00
Mark Murray
1700adf407 This commit was generated by cvs2svn to compensate for changes in r17330,
which included commits to RCS files with non-trunk default branches.
1996-07-29 17:54:40 +00:00
Mark Murray
6c4a37eb3a Mrege conflicts etc. 1996-07-28 08:23:19 +00:00
Mark Murray
de59bba0c5 Latest libdes from Eric Young. Mainly code beautification. 1996-07-28 08:18:06 +00:00
Mark Murray
9f2bc96e40 This commit was generated by cvs2svn to compensate for changes in r17315,
which included commits to RCS files with non-trunk default branches.
1996-07-28 08:18:06 +00:00
Jordan K. Hubbard
187eb1e177 Add necessary item to CLEANFILES 1996-07-27 22:16:19 +00:00
Jordan K. Hubbard
cd9a2f5c28 Bring in my changes for removing the pestilent obj links (unless you
really want them) from /usr/src.  This is the final version of the
patches, incorporating the feedback I've received from -current.
1996-06-24 04:26:21 +00:00
Nate Williams
c4a4597e90 Bring in a change that got lost when we spammed over the CVS repository
to fix the mega-commits spamming.

pst         96/05/29 20:09:25

  Modified:    secure/usr.bin/telnet  Makefile main.c
  Log:
  Remove obsolete SOCKSv4 support

Submitted by:	pst
Obtained from:  A mirrored CVS repository that will disappear next SUP
1996-06-05 22:48:04 +00:00
Andrey A. Chernov
45fa48fe14 Localize time 1996-05-07 19:05:10 +00:00
Mark Murray
87bd8ab856 Add extra targets a' la' eBones/Makefile for release/Makefile.
(bootstrap etc)
1996-05-04 08:32:07 +00:00
Mark Murray
42f2698195 Add randomness from /dev/random if it is available. 1996-05-04 07:25:54 +00:00
Paul Traina
33bb8564be Add support for socks 1996-04-23 05:18:43 +00:00
Paul Traina
4b2e1057cf typo shmrsh -> smrsh 1996-04-22 20:30:09 +00:00