of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".
As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).
Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
o unifdef AUTHENTICATE. We have never compiled this code, and its
doubtful it will even work in this case.
o Style changes (some ansification, some comment updating)
o Diff reduction and code style merging with crypto telnet.
- the directory was wrong if ${SHLIBDIR} != ${LIBDIR}. It's still wrong
if the installation of the obsolete library was done before /aout was
appended to LIBDIR.
- the version would have become wrong when the default in ../Makefile.inc
is changed from 2.0.
- the comment mostly described moving of libraries to /usr/lib/compat, but
we don't do that.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
Securedist can be sorted out later - getting these bits exportable
is top priority.
The libtelnet with encryption has been moved to src/secure/lib.
It will either become part of libsecure, or or be made available
under another name, once the securedist strategy has been completely
worked out.
Submitted by: Geoff Rehmet