Commit Graph

119 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
ed22e27d8a Introduce a namespace munging hack inspired by NetBSD to avoid polluting
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)

Suggested by:	lukem@netbsd.org
MFC after:	6 weeks
2006-05-13 13:47:45 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Dag-Erling Smørgrav
40e0db94af Revert the commits that made libssh an INTERNALLIB; they caused too much
trouble, especially on amd64.

Requested by:	ru
2005-06-07 09:31:28 +00:00
Dag-Erling Smørgrav
32f80c77d0 Make libssh an INTERNALLIB like it is in {Net,Open}BSD. 2005-06-06 16:13:07 +00:00
Dag-Erling Smørgrav
015bad3598 Update for OpenSSH 4.1p1. 2005-06-05 15:47:07 +00:00
Ruslan Ermilov
47d7e8a96f Fixed style of DPADD and LDADD assignments as per style.Makefile(5). 2004-02-05 22:44:25 +00:00
Dag-Erling Smørgrav
a04e3d6c30 Update Makefiles for OpenSSH 3.7.1p2. 2004-01-07 11:17:23 +00:00
Gordon Tetlow
c45db69312 Explicitly add libz and libcrypto to LDADD for any ssh utilities missing
it. While not strictly required, it unbreaks the cross-build world that
is resulting from moving the libraries around.

I have a more permanent solution to this problem in the works, but I
asked des for permission to commit this to get the ball rolling. This
also makes the ssh build more along the lines of what the openssh-portable
and OpenBSD openssh Makefile glue does.

Reviewed by:	des
2003-08-19 07:45:03 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
Ruslan Ermilov
f7fa0cbd70 The including makefile's directory is tried first for .include "...". 2003-04-30 07:54:39 +00:00
Ruslan Ermilov
6402d39a2b Most things depend on !defined(NO_OPENSSL); make it look so. 2003-04-30 07:51:51 +00:00
Ruslan Ermilov
bce0c9275c NOSECURE is implied by NOCRYPT, meaning if the latter is defined
we won't be here.
2003-04-30 07:34:14 +00:00
Dag-Erling Smørgrav
581ff5e326 Remove Kerberos IV shims. 2003-04-23 17:26:01 +00:00
Dag-Erling Smørgrav
d8b043c8d4 Update for 3.6.1p1; also remove Kerberos IV shims. 2003-04-23 17:25:47 +00:00
Dag-Erling Smørgrav
4d56bc2300 Update for OpenSSH 3.5p1. 2002-10-29 10:18:00 +00:00
Dag-Erling Smørgrav
81d858170e ssh-keysign(8) belongs in /usr/libexec, not in /usr/bin, and needs to be
setuid so ssh(1) doesn't have to be.

Pointy hat to:	des
Submitted by:	Katsuyuki TATEISHI <katsu@iec.hiroshima-u.ac.jp>
2002-07-05 08:39:09 +00:00
Dag-Erling Smørgrav
f0b56c5c7e No guts, no glory. Switch to OpenSSH-portable.
Sponsored by:	DARPA, NAI Labs
2002-06-25 19:10:09 +00:00
Ruslan Ermilov
e47a40e7f7 Now that cross-tools ld(1) has been fixed to look for dynamic
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.

Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).

Reviewed by:	markm
2002-02-08 13:42:58 +00:00
Kris Kennaway
8bf216d4a3 Set WFORMAT=0, overlooked in previous commits to libexec/.
Reported by:	jhay
2002-02-06 11:07:55 +00:00
Ruslan Ermilov
0509dca0c3 Add pam_ssh support to the static PAM library, libpam.a:
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
  dynamic linkage with -lssh.

Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:54:17 +00:00
Mark Murray
f3c99bd05e Clean up makefiles, and turn on WARNS=2. Take into account the telnet
#if cleanup.
2001-11-30 21:10:58 +00:00
Mark Murray
563df95270 Revamp and diff-reduce the various secure telnets. Make sure that
Kerberos5 has _a_ telnet (which is not currently K5 enabled).
Incorporate BDE's static linking fixes.
2001-08-03 16:03:26 +00:00
Bruce Evans
4c05509cd0 Fixed world breakage when NOSHARED=yes. libmp now depends on libcrypto,
so it must be linked before libcrypto to work right.
2001-07-30 14:36:19 +00:00
Bruce Evans
f61dcf5281 Fixed world breakage in previous commit. -lpam must never be used
directly (except in the definition of MINUSLPAM in bsd.libnames.mk)
since it doesn't give all the lbraries necessary for static linkage.

Fixed new and old bugs in DPADD.  ${LIBPAM} was missing, and the
library order was different from that in LDADD so `make checkdpadd'
reported a non-bug.
2001-05-09 14:23:54 +00:00
Nick Sayer
76235b992b Add PAM support to SRA authentication. Cribbed mostly from ftpd. This
doesn't solve the problem of root being allowed to log in, but that sort
of thing is something PAM should be doing anyway.
2001-05-07 20:38:39 +00:00
Brian Feldman
d350064e0b Follow the OpenSSH 2.9 upgrade with the infrastructure. Two new
programs are now included: sftp(1) and ssh-keyscan(1).
2001-05-04 04:21:25 +00:00
Ruslan Ermilov
4ecbb30346 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
Ruslan Ermilov
b8cba406f2 secure/ build fixes:
- TELNETOBJDIR is gone.  `buildworld' already installs libtelnet.a
  in ${WORLDTMP}/usr/lib, and we have LIBRARY_PATH pointing there.

- SSHDIR (formerly SSHSRC) is now shared between all SSH modules.
  New LIBSSH is introduced for libssh.a (an internal static lib).
  Previously, build without prior `obj' was broken; SSH modules
  always looked for libssh.a in ${.OBJDIR}.  Also, the dependancies
  on the libssh.a were missing.

- libtelnet/ did not install the crypto version of telnet.h into
  /usr/include/arpa.

- Removed BINOWN, BINMODE, BINDIR and SRCS with default values.

Reviewed by:	markm

- MAN[1-9] -> MAN.
2001-03-26 14:53:33 +00:00
Kris Kennaway
65c9b74cc6 Only build sftp-server conditionally 2000-09-16 22:43:00 +00:00
Andrey A. Chernov
89cdeb294d Add sftp-server 2000-09-15 01:04:32 +00:00
Kris Kennaway
2f538dadf7 Update for OpenSSH 2.2.0 2000-09-10 09:43:29 +00:00
Kris Kennaway
abe829c0e3 Don't build crypto-enabled telnetd if NO_OPENSSL is defined, since it
attempts to link against libcrypto.
2000-07-25 01:11:17 +00:00
Mark Murray
c9f2d5f483 Build everything properly. This means:
o Don't b uild libdes.

o Crypto is now housed in libcrypto (with a compatability symlink to
  libdes)

o RSA may depend on RSAREF at your locale.

o OpenSSH is now a part of the base system.
2000-02-24 18:59:34 +00:00
Yoshinobu Inoue
4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Peter Wemm
ed9823add9 Revert -lmd changes now that libcrypt doesn't expose this binutils/ld
bug any more.
1999-12-18 16:42:33 +00:00
Marcel Moolenaar
6b5f58c5c3 Add libmd to DPADD and LDADD. 1999-12-17 11:45:28 +00:00
Mark Murray
1a19815c14 Dont build telenet if we are going for kerberised telnet; this just
jumps all over kerberised telnet otherwise.
1999-10-12 19:48:05 +00:00
Mark Murray
d14fc57cb7 Make telnet with SRA work.
Submitted by:	Nick Sayer
1999-10-07 19:47:09 +00:00
Mark Murray
4ee026279c Secure telnet is now in eBones. 1996-11-07 14:42:57 +00:00
Peter Wemm
fb128913a9 Same as non-secure telnetd, add support for ``-P altlogin'' to specify
an alternate /usr/bin/login type program to be run.
1996-08-13 07:53:54 +00:00
Andrey A. Chernov
45fa48fe14 Localize time 1996-05-07 19:05:10 +00:00
Mark Murray
6dd8a38202 Big clean-up job. Remove ancient and never-to-be used stuff.
The look much more like BSD Makefiles now.
1996-03-11 16:17:58 +00:00
Andrey A. Chernov
0a2c4bde08 Sense MAKE_EBONES, DESTDIR
SRCS, DPADD cleanup
1996-03-09 13:39:00 +00:00
Peter Wemm
a5b996a7ec recording cvs-1.6 file death 1995-12-30 19:02:48 +00:00
Andrey A. Chernov
a18c0b455a Remove LD_NOSTD_PATH unsetenv, it isn't exist anymore 1995-10-24 06:52:36 +00:00
Andrey A. Chernov
d549e5cc7f Fix original patch error with ! before strncmp
Zap only needed LD_* variables
1995-10-20 22:17:35 +00:00
Andrey A. Chernov
b6369ff12e Don't allow LD_* env. variables to be tricked
Submitted by: Sam Hartman <hartmans@mit.edu>
1995-10-20 17:16:58 +00:00
Justin T. Gibbs
9d01cc32c6 Remove MAKE_EBONES conditionals. They were originally placed here because
of missing functionality in our libkrb which is no longer a problem.
1995-10-11 00:04:09 +00:00
Justin T. Gibbs
b7f41e3f67 Add TELNETOBJDIR and CRYPTOBJDIR for use in LDADD entries. This makes
secure reference the libraries that were just build instead of in /usr/lib.
1995-09-16 03:04:10 +00:00
Justin T. Gibbs
790136a438 Enable kerberosIV authentication/encryption conditionalized on MAKE_EBONES. 1995-09-14 21:29:21 +00:00
David Greenman
b834e407de sys_term.c: killed sleep(1) as this should no longer be a problem with
the move of startslave().
telnetd.c: fix bug introduced with the move of startslave()...the number
of arguments was wrong and "level" and "user_name" had to be made globals.
1995-09-11 21:02:02 +00:00
Paul Traina
b74fc1026f Move erase cleanup outside linemode conditional 1995-09-06 02:03:36 +00:00
Paul Traina
a06a8a9829 Avoid race condition with telnet options processing (login: prompt lost).
Submitted by:	John Capo & Peter Wemm
1995-09-05 19:31:06 +00:00
Paul Traina
d0d1fb6198 Set erase character for login: prompt.
Submitted by:	Peter Wemm & John Capo
1995-09-05 19:30:05 +00:00
Paul Traina
a4a142bd15 Do NOT compile with -DKLUDGELINEMODE...hoses many telnet clients 1995-08-28 17:55:08 +00:00
Andrey A. Chernov
0a06628ab2 Comment out LDADD+=-ldescrypt, it is not yet active due to
missng defines for krb4encpwd and rsaencpwd and missing rsa library too.
1995-08-05 19:10:25 +00:00
Andrey A. Chernov
ba60b431ca Change default banner to FreeBSD, properly ifdefed by __FreeBSD__
Reviewed by:
Submitted by:
Obtained from:
1995-08-04 00:12:08 +00:00
Mark Murray
d5fc4d2a65 After pst and ache fixed secure telnet, it was still not in the main
makefiles. This puts it in.

PLEASE NOTE - YOU WILL NEED TO BUILD AND INSTALL THE libtelnet IN secure/
Reviewed by:
Submitted by:
Obtained from:
1995-07-29 12:49:25 +00:00
Andrey A. Chernov
9ed77b336f Final cleanup pass through Makefiles, now this stuff
autodetect kerberos/eBones and work even with eBones,
but with reduced functionality (don't pick up des/krb stuff
in this case)
1995-07-24 22:55:59 +00:00
Andrey A. Chernov
dbd07ffcc0 Add -ldescrypt, or wrong crypt version can be picked from libc
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 22:01:01 +00:00
Andrey A. Chernov
e74d115547 Since this stuff not works with eBones, ifdef kerberos stuff
with MAKE_KERBEROS to allow other things to live
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:47:30 +00:00
Andrey A. Chernov
2c178baa51 Point to proper DESTDIR now
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 20:31:07 +00:00
Paul Traina
4a0834a5a2 When hostname len > 8, name replaced with dot notation when -u flag
not specified (default case).
Use _PATH_* for utmp/wtmp.

Support for >32 PTYs.
>Submitted by:   Heikki Suonsivu <hsu@cs.hut.fi>

Plug already known security hole. (Brought over from 1.1.5):
Fixed security problem with telnetd, which allowed
   telnet -l -hcert.org localhost
to change the user's host in utmp.
Thanks to Matthew Green <mrgreen@@mame.mu.oz.au> for showing me this one.

>Reviewed by:    karl, guido
>Submitted by:   mrgreen@mame.mu.oz.au

Obtained from:	FreeBSD insecure telnetd
1995-07-20 12:35:01 +00:00
Paul Traina
4fd39f708a The final negotiation of DO_BINARY in the LINEMODE portion of the telnetd code
causes some clients that do not support linemode to mis-interpret the return
key (i.e. double returns).
The fix is to only do the state check for binary options if linemode will
be used.
Closes PR#505.

Submitted by:   Charles Henrich
Obtained from:	FreeBSD insecure telnetd
1995-07-20 12:32:40 +00:00
Paul Traina
9809ff32f6 Update telnet to the 95.05.31 release.
Obtained from:	Dave Borman <dab@cray.com>
1995-07-20 11:40:06 +00:00
Rodney W. Grimes
5ebc7e6281 Remove trailing whitespace. 1995-05-30 06:12:45 +00:00
Rodney W. Grimes
6897a8a75d Change all references to LIBTERM and -ltermlib to LIBTERMCAP and -ltermcap 1994-09-11 21:53:28 +00:00
Geoff Rehmet
daf079cb54 Move the telnetd with encryption to src/secure
This needs tidying up and having makefiles sorted out later.
Reviewed by:	Geoff Rehmet
1994-08-12 22:53:46 +00:00