Commit Graph

43 Commits

Author SHA1 Message Date
Conrad Meyer
d83db3fb6a Drop ed(1) "crypto"
You should not be using DES.  You should not have been using DES for the
past 30 years.

The ed DES-CBC scheme lacked several desirable properties of a sealed
document system, even ignoring DES itself.  In particular, it did not
provide the "integrity" cryptographic property (detection of tampering), and
it treated ASCII passwords as 64-bit keys (instead of using a KDF like
scrypt or PBKDF2).

Some general approaches ed(1) users might consider to replace the removed
DES mode:

1. Full disk encryption with something like AES-XTS.  This is easy to
conceptualize, design, and implement, and it provides confidentiality for
data at rest.  Like CBC, it lacks tampering protection.  Examples include
GELI, LUKS, FileVault2.

2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS,
others).

3. Native encryption at the filesystem layer.  Ext4/F2FS, ZFS, APFS, and
NTFS all have some flavor of this.

4. Storing your files unencrypted.  It's not like DES was doing you much
good.

If you have DES-CBC scrambled files produced by ed(1) prior to this change,
you may decrypt them with:

  openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext>

Reviewed by:	allanjude, bapt, emaste
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D17829
2018-11-04 17:56:16 +00:00
Baptiste Daroussin
b4b4b5304b Revert crap accidentally committed 2017-01-28 16:31:23 +00:00
Baptiste Daroussin
814aaaa7da Revert r312923 a better approach will be taken later 2017-01-28 16:30:14 +00:00
Glen Barber
ac2875fa16 Explicitly add unmarked bin/ binaries to the runtime package.
Note: tcsh(1) has a MK_TCSH=no test, so this should be a separate
package, which requires pre-install/post-install scripts, to be
added later.

Sponsored by:	The FreeBSD Foundation
2016-02-09 16:58:50 +00:00
Baptiste Daroussin
12cd1730ee Convert bin/ to LIBADD, reduce overlinking allow to build all components as
static
2014-11-25 11:15:40 +00:00
Warner Losh
04efeffe99 When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.
2014-06-06 04:09:07 +00:00
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.
2014-05-06 04:22:01 +00:00
Marcel Moolenaar
aa39c44746 Add build option MK_ED_CRYPTO to control whether ed(1) is to have the
ability to encrypt/decrypt files. Embedded systems can typically have
OpenSSL, but not for ed(1) to use it.

Obtained from:	Juniper Networks, Inc.
2012-05-19 17:55:49 +00:00
Ulrich Spörlein
55fa734d20 ed(1): make WARNS=6 clean
Although argc and argv are never read after the longjmp is complete,
gcc is not clever enough to see that and needlessly warns about it.
So add volatile to silence the compiler.

Approved by:	ed (the co-mentor, not ed(1))
2010-03-04 16:08:01 +00:00
Marius Strobl
ea7f7bdef3 Move WARNS as ed(1) also is only WARNS = 2 clean in the !DES case.
This fixes its compilation if MK_OPENSSL == no and also obsoletes
release/Makefile rev. 1.192. The latter isn't reverted though as
support for the fixit floppy and the rest of the boot floppies is
scheduled to be deorbited anyway.

Discussed with:	kensmith
2007-12-09 00:14:27 +00:00
Ken Smith
0c0146f019 Don't include encryption features of ed(1) when building for the
"rescue media" bundled with releases.

Suggested by:	ru
Approved by:	re (hrs)
2007-07-02 14:00:25 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Ruslan Ermilov
a216173556 NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
Colin Percival
d37df47d31 Join the 21st century: Cryptography is no longer an optional component
of releases.  The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by:	re (scottl), markm
Discussed on:	freebsd-current, in late April 2004
2004-08-06 07:27:08 +00:00
Mark Murray
ebb9f0efa8 Don't check for the existance of src/crypto/ for building items that
may contain crypto. The days of ITAR paranoia are over, and the simple
macro tests that remain are sufficient.
2003-07-24 18:30:25 +00:00
Ruslan Ermilov
8fe29a4f17 This code isn't WARNS=6 clean in the standard (crypto) case
due to bugs in OpenSSL headers.  I was testing in the wrong
environmement: standalone build without crypto/ sources.
2003-07-20 12:26:24 +00:00
Ruslan Ermilov
ff572a5e73 Make this code WARNS=6 clean again (after GCC 3.1.1 import).
Submitted by:	Marius Strobl <marius@alchemy.franken.de>
2003-07-20 10:24:09 +00:00
Ruslan Ermilov
ce17762f4a Unbreak NOCRYPT buildworld.
Reviewed by:	markm
2003-06-29 10:03:35 +00:00
Mark Murray
eac4bdcca4 Get this area compiling with the highest WARNS= that it works with.
Obsolete WFORMAT= junk also removed where possible.

OK'ed by:	obrien
Tested on:	sparc64, alpha, i386
2003-06-13 07:04:02 +00:00
Mark Murray
8027fe397a Fix for the NO_OPENSSL case.
Reported by:	Marius Strobl <marius@alchemy.franken.de>
2003-06-08 08:24:07 +00:00
Mark Murray
eb338d3666 Modernise. Use libcrypto for DES instead of libcipher. 2003-06-02 19:06:28 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Ruslan Ermilov
aa70e98b87 -lcipher is an installable library. 2001-12-06 10:50:23 +00:00
David E. O'Brien
a748290789 Default to WARNS=2. Binary builds that cannot handle this must explicitly
set WARNS=0.

Reviewed by:	mike
2001-12-04 01:57:47 +00:00
Mike Barcroft
a4616748ab o Correctly define rcsid.
o Add consts where appropriate.
o Rename some variables that were shadowing global declarations.
o Remove register storage-classes.
o Make errmsg a const, so we can just set error messages instead
  of using sprintf/strcpy.
o Set WARNS=2

Reviewed by:	bde, des
2001-08-06 22:01:31 +00:00
Mark Murray
e1a456f0e4 Change DISTRIBUTION name to match reality. 2000-02-29 11:39:24 +00:00
Peter Wemm
2a4562393f $Id$ -> $FreeBSD$ 1999-08-27 23:15:48 +00:00
Bruce Evans
8199f5c431 Fixed existence test for secure sources (don't test for secure objects).
Fixed some formatting.
1998-03-06 16:05:18 +00:00
Peter Wemm
b97fa2ef50 Revert $FreeBSD$ to $Id$ 1997-02-22 14:13:04 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Andrey A. Chernov
afceae0c47 Wrong library was picked by ed 1995-10-22 20:14:13 +00:00
Mark Murray
2f67cae6ef Correctly build the secure ed(1) only if secure/ exists.
Pointed out by:	bde
1995-10-03 15:44:50 +00:00
Mark Murray
6eb5c24ff8 Use the same make technique as passwd and xntpd for the secure ed(1). This
will allow the secure/bin/ed directory to be cleaned out and the bin/Makefile
to be cleaned up.
1995-10-01 14:17:29 +00:00
Jordan K. Hubbard
ffdd6a7267 src/bin/ed will never build DES encumbered ed again. That is the job
for secure/bin/ed ...
1994-12-18 15:15:10 +00:00
Poul-Henning Kamp
e615020eae Don't check existence of -lcrypt to decide if DES is employed,
instead check that "NOCRYPT" isn't defined.
1994-10-29 10:13:34 +00:00
David Greenman
89730b290a Added $Id$ 1994-09-24 02:59:15 +00:00
Andrew Moore
d165d4acee use umask 077 for buffer file 1994-03-23 04:36:59 +00:00
Andrew Moore
95e6217e73 Fixed range address bug: 1,2, == 2,2 not 2,.
Overhauled the name space,  reworked some modules and removed the
obsolescent Addison-Wesley copyright.
1994-02-01 00:36:28 +00:00
Andrew Moore
5a5100e3af added (unsiged) cast to avoid int overflow
removed REGEX directive
1993-08-09 21:34:11 +00:00
J.T. Conklin
b5a50652cc Remove -I${.CURDIR}, as we now use system's regex.h 1993-08-02 16:43:54 +00:00
J.T. Conklin
7a77680068 Use system's posix compliant regex library (GNU regex for now). 1993-08-02 16:40:59 +00:00
Nate Williams
7b0d50fdfe Libcrypt upgrade 1993-07-20 22:57:03 +00:00
Andrew Moore
30154ac8a8 POSIX ed version 0.6 by Andrew Moore (alm@netcom.com). 1993-06-18 13:00:14 +00:00