Commit Graph

117 Commits

Author SHA1 Message Date
Ruslan Ermilov
e1542a4058 Fixed static linkage.
Reviewed by:	des
2004-01-08 11:40:19 +00:00
Dag-Erling Smørgrav
9f80be8e3d Enable GSSAPI support. [1]
Also remove some duplicates from ssh's SRCS.

Submitted by:	[1] Björn Grönvall <bg@sics.se>
2004-01-08 09:05:24 +00:00
Dag-Erling Smørgrav
a04e3d6c30 Update Makefiles for OpenSSH 3.7.1p2. 2004-01-07 11:17:23 +00:00
Gordon Tetlow
c45db69312 Explicitly add libz and libcrypto to LDADD for any ssh utilities missing
it. While not strictly required, it unbreaks the cross-build world that
is resulting from moving the libraries around.

I have a more permanent solution to this problem in the works, but I
asked des for permission to commit this to get the ball rolling. This
also makes the ssh build more along the lines of what the openssh-portable
and OpenBSD openssh Makefile glue does.

Reviewed by:	des
2003-08-19 07:45:03 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Ruslan Ermilov
55c90a95a4 Fixed "make checkdpadd".
OK'ed by:	markm
2003-07-02 23:38:42 +00:00
Mark Murray
8027fe397a Fix for the NO_OPENSSL case.
Reported by:	Marius Strobl <marius@alchemy.franken.de>
2003-06-08 08:24:07 +00:00
Mark Murray
af91929794 Modernise. Use libcrypto instead of libcipher for DES. 2003-06-02 19:10:59 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
Mark Murray
59199aeb7e We no longer have a separate kerberos distribution. Its now just
part of the regular security dist.
2003-04-30 17:46:24 +00:00
Ruslan Ermilov
f7fa0cbd70 The including makefile's directory is tried first for .include "...". 2003-04-30 07:54:39 +00:00
Ruslan Ermilov
6402d39a2b Most things depend on !defined(NO_OPENSSL); make it look so. 2003-04-30 07:51:51 +00:00
Ruslan Ermilov
bce0c9275c NOSECURE is implied by NOCRYPT, meaning if the latter is defined
we won't be here.
2003-04-30 07:34:14 +00:00
Dag-Erling Smørgrav
581ff5e326 Remove Kerberos IV shims. 2003-04-23 17:26:01 +00:00
Dag-Erling Smørgrav
d8b043c8d4 Update for 3.6.1p1; also remove Kerberos IV shims. 2003-04-23 17:25:47 +00:00
Philippe Charnier
45ebb0c103 The .Nm utility 2003-03-24 16:09:07 +00:00
Mike Makonnen
a5c21394e3 Fix mixed up arguments passed to a locally defined err(int, char *)
function.

Approved by:	markm (mentor)
Submitted by:	till toenges <tt@mail.isis.de>
PR:		bin/48963
2003-03-07 16:00:55 +00:00
Ruslan Ermilov
aa1cd79b7f Handle includes the normal way.
Reviewed by:	markm
Approved by:	nectar
2003-02-27 23:07:26 +00:00
Jacques Vidrine
b7d18f9a8a Regenerate man pages after import of OpenSSL 0.9.7a. 2003-02-19 23:30:52 +00:00
Jacques Vidrine
6042ca2e01 Install the OpenSSL man pages in /usr/share/openssl/man
and remove the WANT_OPENSSL_MANPAGES knob.
2003-02-10 19:57:56 +00:00
Mark Murray
ab643b4d66 Update for OpenSSL 0.9.7. No assembler code at the moment. This
will follow.
2003-01-28 22:58:14 +00:00
Kris Kennaway
c55ae80a58 Remove myself as maintainer of openssl; I no longer have enough time to
devote to it.
2002-11-21 08:48:08 +00:00
Dag-Erling Smørgrav
4d56bc2300 Update for OpenSSH 3.5p1. 2002-10-29 10:18:00 +00:00
Dag-Erling Smørgrav
81d858170e ssh-keysign(8) belongs in /usr/libexec, not in /usr/bin, and needs to be
setuid so ssh(1) doesn't have to be.

Pointy hat to:	des
Submitted by:	Katsuyuki TATEISHI <katsu@iec.hiroshima-u.ac.jp>
2002-07-05 08:39:09 +00:00
Dag-Erling Smørgrav
f0b56c5c7e No guts, no glory. Switch to OpenSSH-portable.
Sponsored by:	DARPA, NAI Labs
2002-06-25 19:10:09 +00:00
Dag-Erling Smørgrav
360c9f6a02 My previous style commits weren't entirely right. Fix some bugs I
introduced, and a few more I hadn't yet fixed.

Submitted by:	bde
2002-06-24 12:32:30 +00:00
Dag-Erling Smørgrav
16c52d154b Previous commit made no sense. 2002-06-24 10:17:26 +00:00
Dag-Erling Smørgrav
dca1f43686 Fix style and unbreal static build. 2002-06-24 10:16:38 +00:00
Dag-Erling Smørgrav
8d024c6627 Install the new man pages. 2002-06-23 21:43:43 +00:00
Dag-Erling Smørgrav
fd9fc3f0c2 Update Makefiles for OpenSSH 3.3. 2002-06-23 16:09:29 +00:00
Mark Murray
01e8018af8 Build using pregenerated manpages; don't use perl to translate .pod's.
The translated .pod's have already been committed.
2002-05-14 19:39:00 +00:00
Ruslan Ermilov
6bde859f40 Milestone #1 in cross-arch make releases.
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.

Eliminate the need in the second installworld.  For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.

Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1.  Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).

Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).

In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.

Moved the creation of the "crypto" dist from release.5 to
release.2.

In release.3 and doMFSKERN, build kernels in the "world"
environment.  KERNELS now means "additional" kernels, GENERIC is
always built.

Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.

Inline createBOOTMFS target.

Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules.  GC doMODULES as such.

Assorted fixes:

Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".

Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.

gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.

release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists.  Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories.  This will be fixed
soon.

Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage.  Most of the userland makefiles did not test it for "YES"
anyway.

XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists?  (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)

Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.

Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
2002-04-26 17:55:27 +00:00
Dag-Erling Smørgrav
8f7701469e Adjust for OpenSSH 3.1.
Sponsored by:	DARPA, NAI Labs
2002-03-18 10:20:33 +00:00
Ruslan Ermilov
e47a40e7f7 Now that cross-tools ld(1) has been fixed to look for dynamic
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.

Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).

Reviewed by:	markm
2002-02-08 13:42:58 +00:00
Ruslan Ermilov
0509dca0c3 Add pam_ssh support to the static PAM library, libpam.a:
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
  dynamic linkage with -lssh.

Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:54:17 +00:00
Mark Murray
f3c99bd05e Clean up makefiles, and turn on WARNS=2. Take into account the telnet
#if cleanup.
2001-11-30 21:10:58 +00:00
Mark Murray
7c5a3600ab Diff reduce all the crypto telnet Makefiles. 2001-08-20 12:32:45 +00:00
Bruce Evans
ea36b96388 Link to libcipher in the usual way. `bdes' depended on a nonexistent
library.  This only worked because of the undocmented feature of make(1)
that targets named foo.a are always up to date.

Fixed some style bugs.
2001-08-03 22:28:25 +00:00
Mark Murray
563df95270 Revamp and diff-reduce the various secure telnets. Make sure that
Kerberos5 has _a_ telnet (which is not currently K5 enabled).
Incorporate BDE's static linking fixes.
2001-08-03 16:03:26 +00:00
Bruce Evans
4c05509cd0 Fixed world breakage when NOSHARED=yes. libmp now depends on libcrypto,
so it must be linked before libcrypto to work right.
2001-07-30 14:36:19 +00:00
Ruslan Ermilov
f091f0029a Added missing DPADD and CLEANFILES. 2001-07-12 09:17:51 +00:00
Bruce Evans
e2413c56ed Fixed world breakage in previous commit. -lpam must never be used
directly (except in the definition of MINUSLPAM in bsd.libnames.mk)
since it doesn't give all the libraries necessary for static linkage.

Fixed missing ${LIBPAM} in DPADD.

Fixed some style bugs in DPADD and LDADD.
2001-05-09 14:30:49 +00:00
Nick Sayer
76235b992b Add PAM support to SRA authentication. Cribbed mostly from ftpd. This
doesn't solve the problem of root being allowed to log in, but that sort
of thing is something PAM should be doing anyway.
2001-05-07 20:38:39 +00:00
Brian Feldman
d350064e0b Follow the OpenSSH 2.9 upgrade with the infrastructure. Two new
programs are now included: sftp(1) and ssh-keyscan(1).
2001-05-04 04:21:25 +00:00
Ruslan Ermilov
4ecbb30346 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
Ruslan Ermilov
b8cba406f2 secure/ build fixes:
- TELNETOBJDIR is gone.  `buildworld' already installs libtelnet.a
  in ${WORLDTMP}/usr/lib, and we have LIBRARY_PATH pointing there.

- SSHDIR (formerly SSHSRC) is now shared between all SSH modules.
  New LIBSSH is introduced for libssh.a (an internal static lib).
  Previously, build without prior `obj' was broken; SSH modules
  always looked for libssh.a in ${.OBJDIR}.  Also, the dependancies
  on the libssh.a were missing.

- libtelnet/ did not install the crypto version of telnet.h into
  /usr/include/arpa.

- Removed BINOWN, BINMODE, BINDIR and SRCS with default values.

Reviewed by:	markm

- MAN[1-9] -> MAN.
2001-03-26 14:53:33 +00:00
Ruslan Ermilov
e9f98cd047 man(7) -> mdoc(7). 2001-01-16 15:28:12 +00:00
Brian Feldman
087815f8bc Disable /usr/bin/ssh being setuid root by default. Let the variable
ENABLE_SUID_SSH being defined reenable it for those that want it.

This follows discussion favoring the change from September.  It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).

Submitted by:	jedgar
2000-11-14 04:42:25 +00:00
Kris Kennaway
95200624a6 Update for OpenSSL 0.9.6 2000-11-13 02:21:38 +00:00
Kris Kennaway
2f538dadf7 Update for OpenSSH 2.2.0 2000-09-10 09:43:29 +00:00