Commit Graph

75 Commits

Author SHA1 Message Date
Doug Rabson
8f55a568f6 Add an implementation of the RPCSEC_GSS authentication protocol for RPC. This
is based on an old implementation from the University of Michigan with lots of
changes and fixes by me and the addition of a Solaris-compatible API.

Sponsored by:	Isilon Systems
Reviewed by:	alfred
2008-08-06 14:02:05 +00:00
Doug Rabson
ebe306f11c Add the hx509 error table. 2008-05-15 08:53:31 +00:00
Doug Rabson
1f95816c41 Add manpage links to krb5_principal.3. 2008-05-11 10:32:37 +00:00
Doug Rabson
ed62b7f321 Don't try to make links to manpages that no longer exist. Fixes installworld
Submitted by: phk
2008-05-11 08:27:17 +00:00
Doug Rabson
33f1219925 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
Ken Smith
c0bb7d9461 While checking over the libraries for 7.0-REL Kris found the following
libraries had not had their versions bumped relative to 6.3-REL but
had indeed been changed.  We need to bump their version so they can be
properly added to the compat6x port:

	libasn1.so.8 libgssapi.so.8 libhdb.so.8 libkadm5clnt.so.8
	libkadm5srv.so.8 libkafs5.so.8 libkrb5.so.8 libobjc.so.2

MFC After:	1 day
2007-11-20 04:20:32 +00:00
Hajimu UMEMOTO
794063c03f Bump library majro version for gethostbyaddr(3). 2006-05-21 15:15:21 +00:00
Ruslan Ermilov
d1e9def254 NO_MAN is not needed here. 2006-03-16 15:18:17 +00:00
Doug Rabson
c0b9f4fe65 Add a new extensible GSS-API layer which can support GSS-API plugins,
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.

Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
2005-12-29 14:40:22 +00:00
Ken Smith
a84020c2b9 Bump the shared library version number of all libraries that have not
been bumped since RELENG_5.

Reviewed by:	ru
Approved by:	re (not needed for commit check but in principle...)
2005-07-22 17:19:05 +00:00
Jacques Vidrine
7ca39a7ff1 Update Heimdal 0.6.1 -> 0.6.3. 2005-02-24 22:24:24 +00:00
Jacques Vidrine
f5d642e66f Hookup `arcfour.c' to the build (missed during upgrade to heimdal 0.6.1). 2004-04-04 03:31:05 +00:00
Ruslan Ermilov
86751859b5 style.Makefile(5).
OK'ed by:	nectar
2004-02-05 18:51:52 +00:00
Ruslan Ermilov
51088c9b7b Take signal.c out of sources.
Reviewed by:	nectar
2004-02-03 09:32:11 +00:00
Ruslan Ermilov
95756ea357 Put generated headers into SRCS so that we pick them up even if
"make depend" was not run.
2004-02-03 09:21:37 +00:00
Ruslan Ermilov
11bf3600e8 Overhaul of kerberos5/ makefiles. Most significant changes are:
- Dropped support for standalone builds, this was only partially
  supported anyway, and required so much magic in makefiles that
  made life dangerous (e.g., by using the custom yacc rules).

- Got rid of .OBJDIR in makefiles -- makes building of individual
  files possible again.

- Made the .x.c transformations -j safe.

- Reprogrammed LDADD to fix static build of some utilities that
  was broken.

- Fixed LDFLAGS and DPADD in the WITH_OPENLDAP case -- positively
  affects the contents of .depend files.

- Removed redundant .h's from SRCS, only kept those that are
  generated.

- libkrb5/ INCS were bogusly installed again with libgssapi/.

- Made build-tools real tools with their own makefiles in
  separate directories.  This allows us to properly track
  their dependencies, etc.

- Faster build, 21% less of makefile code!

Approved by:	nectar
Reviewed by:	markm
Silence on:	arch
2004-01-31 08:15:57 +00:00
Ruslan Ermilov
92b3ea67b9 Fixed "make clean". 2004-01-15 10:02:34 +00:00
Jacques Vidrine
cbe10a2a89 The header files hdb_asn1.h, hdb_err.h, and kadm5_err.h are generated,
and must be installed from ${.OBJDIR}.

Pointy hat:	nectar
2003-10-10 13:12:35 +00:00
Jacques Vidrine
1bd6253ee0 Install Kerberos- and GSSAPI-related man pages. 2003-10-09 19:51:13 +00:00
Jacques Vidrine
23b1827ab3 Install additional headers for Kerberos (libkafs, libkadm5*, and
libhdb).
2003-10-09 19:50:00 +00:00
Jacques Vidrine
f0a7f80d65 Update build infrastructure for Heimdal 0.6. 2003-10-09 19:48:47 +00:00
Mark Murray
3296cb154d Try a lot harder to get dependancies right. This involves some ugly
looking ${.OBJDIR} work that has the up-side of actually working
in upgrade and make -jN cases.

This needs to be revisited further, and it is conceivable that
the ${.OBJDIR} stuff can be simplified, but the sheer number of
edge cases and other causes make this Hard(tm). For now, this works.
2003-07-27 16:49:10 +00:00
Mark Murray
f5eb4a6a5e Try a lot harder to get dependancies right. This involves some ugly
looking ${.OBJDIR} work that has the up-side of actually working
in upgrade and make -jN cases.

This needs to be revisited further, and it is conceivable that
the ${.OBJDIR} stuff can be simplified, but the sheer number of
edge cases and other causes make this Hard(tm). For now, this works.
2003-07-27 13:17:31 +00:00
Mark Murray
069b88eb3a Big fixup of the makefiles. Sort out the dependancies so that "make"
without "make depend" works, "make -j N" works, and lists of source
files are made vertical to reduce future diffs.
2003-07-18 13:21:58 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Michael Reifenberger
bdf5603500 Add (optional, default off) support to kerberos5 for supporting openldap.
Tests with openldap20 where successful whereas openldap21 didn't like
the way hdb-ldap accessed openldap (doesn't like non-bind access).
To activate the support put a USE_OPENLDAP=yes in your make.conf.
The OPENLDAPBASE is also optional and points to /usr/local as default.

Approved by:	markm
MFC after:	2 weeks
2003-06-18 09:11:34 +00:00
Warner Losh
30aaff1192 Migrate to a new way of dealing with building from old revisions of
FreeBSD.  This method attempts to centralize all the necessary hacks
or work arounds in one of two places in the tree (src/Makefile.inc1
and src/tools/build).  We build a small compatibility library
(libbuild.a) as well as selectively installing necessary include
files.  We then include this directory when building host binaries.

This removes all the past release compatibilty hacks from various
places in the tree.  We still build on tip of stable and current.  I
will work with those that want to support more, although I anticipate
it will just work.

Many thanks to ru@, obrien@ and jhb@ for providing valuable input at
various stage of implementation, as well as for working together to
positively effect a change for the better.
2003-04-05 20:30:30 +00:00
Mark Murray
53056489db Post KerberosIV de-orbit: Clean up Kerberos5. We dont need KerberosIV
compatiblity mode anymore. Rename the k5foo utils to kfoo (after
repo-copy).
2003-03-09 21:56:55 +00:00
Jacques Vidrine
81d1ffee08 Unbreak Kerberos 5 authentication in telnet.
(Credential forwarding is still broken.)

PR:	bin/45397
2003-03-06 13:41:53 +00:00
Ruslan Ermilov
40c6b893d8 Take __FreeBSD_version into account when BOOTSTRAPPING. 2002-11-13 13:49:29 +00:00
Peter Wemm
224af215a6 Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
Jacques Vidrine
797fe7ebb1 Update build infrastructure after import of Heimdal Kerberos 2002/08/29. 2002-08-30 21:33:20 +00:00
Ruslan Ermilov
9645701d92 Bootstrapping aid for pre-getprogname(3) systems.
Spotted by:	Gareth Hopkins <gareth@za.uu.net>
Approved by:	nectar
MFC after:	3 days
2002-08-13 16:52:52 +00:00
Ruslan Ermilov
9de859c013 Make this -j safe. 2002-05-14 15:27:13 +00:00
Ruslan Ermilov
1e27d2dc60 MAN[1-9] -> MAN. 2002-05-13 12:11:54 +00:00
Ruslan Ermilov
46f8fdc34e Removed now unused INTERNALSTATICLIB.
INTERNALLIB now implies NOPIC and NOPROFILE.
Removed gratuitous NOMAN.
2002-05-13 11:09:07 +00:00
Ruslan Ermilov
c7b111cba8 Added new bsd.incs.mk which handles installing of header files
via INCS.  Implemented INCSLINKS (equivalent to SYMLINKS) to
handle symlinking include files.  Allow for multiple groups of
include files to be installed, with the powerful INCSGROUPS knob.
Documentation to follow.

Added standard `includes' and `incsinstall' targets, use them
in Makefile.inc1.  Headers from the following makefiles were
not installed before (during `includes' in Makefile.inc1):

	kerberos5/lib/libtelnet/Makefile
	lib/libbz2/Makefile
	lib/libdevinfo/Makefile
	lib/libform/Makefile
	lib/libisc/Makefile
	lib/libmenu/Makefile
	lib/libmilter/Makefile
	lib/libpanel/Makefile

Replaced all `beforeinstall' targets for installing includes
with the INCS stuff.

Renamed INCDIR to INCSDIR, for consistency with FILES and SCRIPTS,
and for compatibility with NetBSD.  Similarly for INCOWN, INCGRP,
and INCMODE.

Consistently use INCLUDEDIR instead of /usr/include.

gnu/lib/libstdc++/Makefile and gnu/lib/libsupc++/Makefile changes
were only lightly tested due to the missing contrib/libstdc++-v3.
I fully tested the pre-WIP_GCC31 version of this patch with the
contrib/libstdc++.295 stuff.

These changes have been tested on i386 with the -DNO_WERROR "make
world" and "make release".
2002-05-12 16:01:00 +00:00
Ruslan Ermilov
a39bc9aac5 Don't emulate INTERNALLIB. 2002-05-08 13:56:08 +00:00
Ruslan Ermilov
6bde859f40 Milestone #1 in cross-arch make releases.
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.

Eliminate the need in the second installworld.  For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.

Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1.  Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).

Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).

In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.

Moved the creation of the "crypto" dist from release.5 to
release.2.

In release.3 and doMFSKERN, build kernels in the "world"
environment.  KERNELS now means "additional" kernels, GENERIC is
always built.

Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.

Inline createBOOTMFS target.

Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules.  GC doMODULES as such.

Assorted fixes:

Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".

Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.

gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.

release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists.  Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories.  This will be fixed
soon.

Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage.  Most of the userland makefiles did not test it for "YES"
anyway.

XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists?  (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)

Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.

Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
2002-04-26 17:55:27 +00:00
Ruslan Ermilov
fdab7c18dc Replaced hacks in previous revision with the "standard" way of
building internal libraries.  This also unbreaks this makefile
after recent share/mk changes.
2002-04-25 10:23:10 +00:00
Jacques Vidrine
60b9808291 Bump major library version of all Heimdal Kerberos libraries
after import from KTH repository circa 2002/02/17.
2002-02-19 16:02:28 +00:00
Jacques Vidrine
eacee0ff7e Update build after import of Heimdal Kerberos 2002/02/17. 2002-02-19 15:53:33 +00:00
Ruslan Ermilov
19f56da943 Fixed -DMAKE_KERBEROS5 world breakage in kerberos5/lib/libroken
(make-roken is a build tool).  This bug was hiding itself after
a just fixed bug in cross-linker (binutuils/ld/Makefile,v 1.20).

The bug was fatal for cross builds; for example, an alpha binary
(make-roken) was attempted to be run on i386.

Added make-roken to the list of build-tools in libasn1.  It only
worked because another build tool needs make-roken implicitly:

(build-tools: asn1_compile: print_version.o: roken.h: make-roken).

Spotted by:	nectar
2002-02-11 16:47:05 +00:00
Assar Westerlund
515d0f1f97 add krb4 libraries 2001-12-17 01:33:20 +00:00
John Hay
2e761cd11a Add the necessary paths to the kerberos libraries and includes.
This fix "make release".

Reviewed by:	markm
2001-12-03 17:45:25 +00:00
Mark Murray
d282330c31 Style clean-up, and diff-reduce WRT src/secure/*telnet*/Makefile
Lost in this commit - KerberosIV compatability. This will be
re-added later.
2001-11-30 21:14:44 +00:00
Assar Westerlund
0a2bc5cab2 use cp instead of mv to get the right name of the yacc-generated
files, mv fails badly with parallel makes

Submitted by:	Vincent Poy <vince@oahu.WURLDLINK.NET>
2001-11-06 04:30:15 +00:00
Assar Westerlund
ceb6fd100e make libtelnet (and telnet, telnetd) use libkrb when required 2001-11-01 03:16:03 +00:00
Assar Westerlund
ae7f04bdca also install roken-common.h 2001-10-05 04:56:37 +00:00
Mark Murray
7c5a3600ab Diff reduce all the crypto telnet Makefiles. 2001-08-20 12:32:45 +00:00