similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.
Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
help some ports that depend on libradius that recently gained
the dependency on libssl. This is also how the stock OpenSSL
build would link libssl.so on FreeBSD.
Prompted by: kris
OK'ed by: markm, nectar
a variant of the C code but with some scattered asm and things laid out
more optimally for the platform. This means that we need to the asm
directory to the search path for the amd64 case so that make can find
the source.
environment. This stops some ports keeling over on an OpenSSL assert.
(The patch is not exactly the one from the PR, but has been refined
based on advice from freebsd-threads.)
PR: 51205
Submitted by: Jim Westfall <jwestfall@surrealistic.net>
MFC after: 1 month
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".
As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).
Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
libdes, and functionally close enough so that we created symlinks
(libdes -> libcrypto) to help older applications. With the import of
OpenSSL 0.9.7, this is no longer true and we no longer install these
symlinks. However, systems that are upgraded may have these symlinks,
which could cause non-obvious breakage at build-time. Therefore, blow
any old symlinks away in the `afterinstall' target.
When libdes was replaced with OpenSSL's libcrypto, there were a few
interfaces that the former implemented but the latter did not. Because
some software in the base system still depended upon these interfaces,
we simply included them in our libcrypto (rnd_keys.c).
Now, finally get around to removing the dependencies on these
interfaces. There were basically two cases:
des_new_random_key -- This is just a wrapper for des_random_key, and
these calls were replaced.
des_init_random_number_generator et. al. -- A few functions were used
by the application to seed libdes's PRNG. These are not necessary
when using libcrypto, as OpenSSL internally seeds the PRNG from
/dev/random. These calls were simply removed.
Again, some of the Kerberos 4 files have been taken off the vendor
branch. I do not expect there to be future imports of KTH Kerberos 4.
can only be built with MIT Kerberos.
If we didn't define this here, then SSL-using applications would have
to define OPENSSL_NO_KRB5 themselves in order to build.
via INCS. Implemented INCSLINKS (equivalent to SYMLINKS) to
handle symlinking include files. Allow for multiple groups of
include files to be installed, with the powerful INCSGROUPS knob.
Documentation to follow.
Added standard `includes' and `incsinstall' targets, use them
in Makefile.inc1. Headers from the following makefiles were
not installed before (during `includes' in Makefile.inc1):
kerberos5/lib/libtelnet/Makefile
lib/libbz2/Makefile
lib/libdevinfo/Makefile
lib/libform/Makefile
lib/libisc/Makefile
lib/libmenu/Makefile
lib/libmilter/Makefile
lib/libpanel/Makefile
Replaced all `beforeinstall' targets for installing includes
with the INCS stuff.
Renamed INCDIR to INCSDIR, for consistency with FILES and SCRIPTS,
and for compatibility with NetBSD. Similarly for INCOWN, INCGRP,
and INCMODE.
Consistently use INCLUDEDIR instead of /usr/include.
gnu/lib/libstdc++/Makefile and gnu/lib/libsupc++/Makefile changes
were only lightly tested due to the missing contrib/libstdc++-v3.
I fully tested the pre-WIP_GCC31 version of this patch with the
contrib/libstdc++.295 stuff.
These changes have been tested on i386 with the -DNO_WERROR "make
world" and "make release".
depending on perl at build time. Makefile.asm is a helper for after the
next import.
With my cvs@ hat on, the relatively small repo cost of this is acceptable,
especially given that we have other (much bigger) things like
lib*.so.gz.uu checked in under src/lib/compat/*.
Reviewed by: kris (maintainer)
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
complexities associated with having MD (asm and inline) versions, and
having to prevent exposure of these functions in other headers that
happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.
Tested on: alpha, i386
Reviewed by: bde, jake, tmm
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.
Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).
Reviewed by: markm
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.
Reviewed by: des, markm
Approved by: markm
1. To cross-build, one now needs to set TARGET_ARCH, and not the
MACHINE_ARCH. MACHINE_ARCH should never be changed manually!
2. Initialize DESTDIR= explicitly for bootstrap-tools, build-tools,
and cross-tools stages. This fixes broken header and library
dependencies problem. We build them in the host environment,
and obviously want them to depend on host headers and libraries.
The problem with broken header dependencies for bootstrap-tools
and cross-tools was already partially solved (see BOOTSTRAPPING
tests in bsd.prog.mk and bsd.lib.mk), but it was still there for
build-tools if the user ran "make world DESTDIR=/foo". Also,
for all of these stages, the library dependencies were broken
because of how bsd.libnames.mk define DPADD members.
We still provide a glue to install bootstrap- and cross-tools
under the ${WORLDTMP}.
Removed PATH overrides for bootstrap-, build-, and cross-tools
stages. There is just no reason why we would need to override
it, and the hacks to clean up the ${WORLDTMP} in the -DNOCLEAN
case are no longer needed with fixes from this step.
That is, we now never use ${WORLDTMP} headers and libraries,
and we don't use any ${WORLDTMP} installed binaries during
these stages. Again, these stages depend solely on the host
environment, including compiler, headers, and libraries.
3. Moved "miniperl" back from cross-tools (it has nothing to do
with a cross-compiler) to build-tools where it belongs. The
change from step 1 let to do this. Also, to make this work,
build-tools targets of "cc_tools" and "miniperl" were modified
to call "depend". Here follow the detailed explanations.
There are two categories of build tools, for now. In the first
category there are "cc_tools" and "miniperl". They occupy the
whole (sub)directory, and nothing needs to be done in this
subdirectory later during the "all" stage. They are also
constructed using system makefiles. We must build the .depend
early in the build-tools stage because:
1) They use (and depend on) the host environment.
2) If we don't do this in build-tools, the "depend" stage of
buildworld will do this for us; wrong library and header
dependencies will be recorded (DESTDIR=${WORLDTMP}) and,
what's worse, the "all" stage may then clobber the
build-architecture format tools (that we built in the
build-tools stage) with the target-architecture format
ones, breaking cross build.
In the second category there are all other build-tools. They
share their directory with the "main" module that needs them
in the "all" stage, and they don't show up themselves in the
.depend file. The portion of this fix was already committed
in gnu/usr.bin/cc/cc_tools/Makefile,v 1.52.
4. "libperl" is no longer a build tool, and "miniperl" is the
stand-alone application. I had to make this change because
build-tools and "all" stages share the same object directory.
Without this change, if we cross compile, libperl.a is first
built for the build architecture during the build-tools stage
(for the purposes of immediate linkage with "miniperl").
Later on, the "all" stage sees this library as up-to-date,
and doesn't rebuild it. The effect is that the wrong format
static libperl library is installed with installworld.
5. Fixed "includes" to install secure/lib/libtelnet headers if
required.
Reviewed by: bde