of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
in the signal handlers which may pose a risk when executable by untrusted
users.
Submitted by: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
MFC After: 3 days
incarnated, it just matches other deficiencies related to crunchgen
and friends... and we already have similar code in ppp/Makefile.
RELEASE_CRUNCH should be axed, but for now let's be consistent.
Submitted by: Patrick Powell <papowell@astart.com>
Enable MS-CHAP support.
release/Makefile:
Build a separate NOCRYPT version of pppd, to keep This Great
Nation's top-secret cryptographic tools out of the filthy hands
of those evil furriners.
MD4Update(), but our version in libmd expects a byte count.
This code is not currently compiled or linked into pppd, so I'm
reasonably sure I didn't break anything. :-) I added the necessary
statements to the Makefile, but left them commented out because we
are in feature freeze. When the code is enabled, we must be careful
to build it only if the DES library is available.
dial-on-demand, packet filtering, idle timeouts, etc). The IPX support
is pretty much there but more work needs to be done in sys-bsd.c for
the interface ioctls (Linux has a very different way of configuring IPX
interfaces).
Along the way some things have temporarily been lost due to very messy
conflicts. I will recover them shortly when I can think clearer.
The main one is the local:remote address override in pap-secrets and
chap-secrets. Some other home-grown features (dns1,dns2) have been
implemented differently. Microsoft's chap client auth hacks have been
implemented. There are bound to be more rough edges... The changes for
connect-max-retries doesn't fit well with the dial-on-demand code.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
