Kris Kennaway
47585c927f
Add back a missing file from the no-asm case
...
Submitted by: gallatin
2001-02-20 01:50:25 +00:00
Kris Kennaway
b9d37a4027
Remove a remnant of my attempt to get alpha asm code working. OpenSSL
...
does include code for the alpha, but as far as I can tell, it is
non-functional (e.g. it's not even compiled by the native openssl build on
the alpha).
Noticed by: gallatin
2001-02-19 23:31:53 +00:00
Kris Kennaway
0937df81ca
Introduce support for using OpenSSL ASM optimizations. This is done
...
through the use of a new build directive, MACHINE_CPU, which contains a
list of the CPU generations/features for which optimizations are desired.
This feature will be extended to cover the ports tree in the future.
Currently OpenSSL provides optimizations for i386, i586 and i686-class
CPUs. Currently it has not been tested on an i386 or i486.
Teach make(1) to provide sensible defaults for MACHINE_CPU if it is not
defined (namely, the lowest common denominator CPU we support for each
architecture). Currently this is i386 for the i386 architecture and ev4
for the alpha. sys.mk also sets the variable as a last resort for
consistency with MACHINE_ARCH and bootstrapping from very old versions of
make.
Benchmarks show a significant speed increase even in the i386 case, with
additional improvements for i586 and i686 systems. For maximum performance
define MACHINE_CPU=i686 i586 i386 in /etc/make.conf.
Based on a patch submitted by: Mike Silbersack <silby@silby.com>
Reviewed by: current
2001-02-19 03:59:05 +00:00
Jacques Vidrine
18ae4e64cf
Define HAVE_PAM_GETENVLIST for build. Now environmental variables set
...
by PAM modules will be exported (correctly).
2001-02-08 21:16:34 +00:00
Bruce Evans
0be3a10c91
Fixed missing include of <unistd.h> and wrong prototype for setkey().
2001-02-06 01:17:59 +00:00
Ben Smithurst
48cd1cfb63
Add .Lb libcipher
...
PR: 24434
Submitted by: Bill Cheswick <ches@bell-labs.com>
2001-01-24 14:27:30 +00:00
Ruslan Ermilov
e9f98cd047
man(7) -> mdoc(7).
2001-01-16 15:28:12 +00:00
Peter Wemm
9886bcdf93
Merge into a single US-exportable libcrypt, which only provides
...
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
2000-12-28 10:32:02 +00:00
Brian Feldman
94193b581b
Update for OpenSSH 2.3.0.
2000-12-05 03:01:33 +00:00
Ruslan Ermilov
2b7f803bd3
Fixed a typo from the last commit.
...
Submitted by: Mike Heffner <mheffner@vt.edu>
2000-11-15 07:45:23 +00:00
Kris Kennaway
326df993d7
Correct some fallout from the semi-automated way I updated the makefile.
...
Submitted by: roberto
2000-11-14 22:12:02 +00:00
Brian Feldman
087815f8bc
Disable /usr/bin/ssh being setuid root by default. Let the variable
...
ENABLE_SUID_SSH being defined reenable it for those that want it.
This follows discussion favoring the change from September. It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).
Submitted by: jedgar
2000-11-14 04:42:25 +00:00
Kris Kennaway
95200624a6
Update for OpenSSL 0.9.6
2000-11-13 02:21:38 +00:00
Gregory Neil Shapiro
85e427cc94
Fix up the build for the STARTTLS version of sendmail (again). This method
...
mimics that of tcpdump in that for normal builds, sendmail will only be
built once. For 'make release', it is built once for the bin dist and
once for the crypto dist. This method also removes the need for two separate
Makefiles (which could become out of sync).
Suggested by: bde
Assisted by: kris
2000-10-24 16:04:56 +00:00
Gregory Neil Shapiro
e11cbdb767
Do not override BINDIR settings from subdirectory Makefiles.
...
Submitted by: bde
2000-10-13 16:57:03 +00:00
Gregory Neil Shapiro
1e503e9884
../Makefile.inc was clobbering BINDIR so sendmail was being installed in
...
/usr/sbin/ instead of /usr/libexec/sendmail/
Submitted by: bde
2000-10-13 16:51:05 +00:00
Gregory Neil Shapiro
c1f12b17ff
Activate the 'secure' (TLS) version of sendmail if !NO_SENDMAIL && !NO_OPENSSL
2000-10-13 03:21:37 +00:00
Gregory Neil Shapiro
fa54144cce
Given that sendmail's STARTTLS support requires OpenSSL and the bootstrap
...
issues that brings, build the non-TLS version of sendmail in
src/usr.sbin/sendmail and the TLS version in src/secure/usr.sbin/sendmail.
This allows the TLS version to be part of the secure distribution when
building a release.
2000-10-13 03:20:43 +00:00
Gregory Neil Shapiro
cec19acfbc
Remove STARTTLS support as it breaks builds without crypto installed.
...
Waiting to hear back regarding the best way to do this.
2000-10-12 17:04:32 +00:00
Peter Wemm
0a69c17a48
With apoligies to Greg Shapiro, fix the world. The previous commit
...
lost -lutil and -lwrap by replacing $LDADD and $DPADD rather than
appending to them with +=.
2000-10-11 12:19:42 +00:00
Gregory Neil Shapiro
c6cc60252d
Style fixes
2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
79c8873163
NOCRYPT imples NO_OPENSSL.
...
Still need to solve the distribution problem.
Submitted by: kris
2000-10-11 03:35:32 +00:00
Gregory Neil Shapiro
0c2b976cf8
Build sendmail with STARTTLS support unless NO_OPENSSL is set.
2000-10-10 18:15:41 +00:00
Kris Kennaway
b5a1cc3a5c
Overhaul of the build-time include file generation. Don't break in evp.h
...
if bootstrapping from a system on which the openssl headers are not
already present.
2000-09-17 06:45:27 +00:00
Gregory Neil Shapiro
cf1fec423a
Give users a way to alter the sendmail (and related utilities) build
...
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
Kris Kennaway
65c9b74cc6
Only build sftp-server conditionally
2000-09-16 22:43:00 +00:00
Andrey A. Chernov
89cdeb294d
Add sftp-server
2000-09-15 01:04:32 +00:00
Gregory Neil Shapiro
da69ece541
Allow users to add libraries for sendmail (e.g. Cyrus SASL)
...
Obtained from: Sergei Vyshenski <svysh@pn.sinp.msu.ru>
2000-09-13 04:16:16 +00:00
Kris Kennaway
2f538dadf7
Update for OpenSSH 2.2.0
2000-09-10 09:43:29 +00:00
Kris Kennaway
690a362571
Nuke RSAREF support from orbit.
...
It's the only way to be sure.
2000-09-10 00:09:37 +00:00
Kris Kennaway
e1f99b045c
``Anyone is now free to rub two primes together for their own gratification''
...
-- Unknown
Now that the RSA algorithm is released into the public domain, build
librsaintl by default unless NO_RSAINTL is set in make.conf.
The native OpenSSL implementation of RSA is much faster, doesn't have
an artificial keysize limitation, has 30% fewer calories and tastes great!
2000-09-06 23:46:50 +00:00
Kris Kennaway
939c32909c
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
...
was using this feature.
2000-09-02 07:32:05 +00:00
Brian Feldman
dd62c1ebeb
Make the temporary file _evp.h instead of evp.h to not conflict with
...
the real evp.h.
Reported by: markm
2000-08-24 19:06:55 +00:00
Andrey A. Chernov
0305cfcec6
Add missing quotes around xauth path
2000-08-23 19:14:48 +00:00
Brian Feldman
4eb207a1ae
Generate a new evp.h at build-time instead of install-time to properly
...
support NFS(ro) installworlds.
2000-08-23 11:41:01 +00:00
Kris Kennaway
4d858ef441
Respect X11BASE to derive the location of xauth(1)
...
PR: 17818
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-08-23 09:39:20 +00:00
Brian Feldman
04c9749ff0
Add working and easy crypt(3)-switching. Yes, we need a whole new API
...
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
2000-08-22 02:15:54 +00:00
Gregory Neil Shapiro
d0b3252609
Turn on support for IPv6
2000-08-14 02:36:29 +00:00
Gregory Neil Shapiro
478c940682
Get rid of the /etc/aliases -> /etc/mail/aliases hack. /etc/mail/aliases
...
now exists in the distribution.
2000-08-13 08:36:40 +00:00
Gregory Neil Shapiro
88c75941e6
The rest of the changes needed to support the new version of sendmail (8.11.0).
...
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
Brian Feldman
314844b39a
Unbreak the OpenSSL headers for those of us who don't/can't use IDEA by
...
getting rid of the check for NO_IDEA (in evp.h) completely if it's
installed without MAKE_IDEA=YES.
2000-08-04 04:25:59 +00:00
Kris Kennaway
283cfe50ae
Install the openssl(1) manpage with an MLINK from ssl(8) to at least put
...
something in the location where OpenSSH likes to point.
2000-08-03 05:29:04 +00:00
Kris Kennaway
b682213c87
Don't build sshd if NO_OPENSSL defined.
...
Submitted by: stephen@math.missouri.edu
2000-07-30 22:25:54 +00:00
Kris Kennaway
abe829c0e3
Don't build crypto-enabled telnetd if NO_OPENSSL is defined, since it
...
attempts to link against libcrypto.
2000-07-25 01:11:17 +00:00
Mark Murray
1200a0a6e4
WITH_IDEA --> MAKE_IDEA fix.
2000-07-16 12:20:28 +00:00
Peter Wemm
ecece7e319
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
2000-07-16 05:48:49 +00:00
Peter Wemm
97e8e70bd1
Be consistant about WITH_ vs MAKE_ flags. We have a precedent of using
...
MAKE_foo for things like MAKE_KERBEROS etc. Use that. I managed to
confuse myself last time and made make.conf different to the code. ;-(
Reported by: Jun Kuriyama <kuriyama@FreeBSD.org>
2000-07-14 09:18:21 +00:00
Peter Wemm
8e7cbb3c91
Argh. Cut/paste transcription error. Fix syntax of previous commit.
2000-07-03 06:26:30 +00:00
Peter Wemm
86c9b3ab20
USA_RESIDENT is forced to YES or NO at the start of Makefile.inc1
...
Use that to be the final arbiter of whether or not to build the
librsaintl.so plugin for openssl/openssh. Add a magic WANT_RSAINTL flag
to force building even if USA_RESIDENT=YES.
2000-07-03 06:24:23 +00:00
Mark Murray
ce09ad5098
MFI. This is a documentation-only, diffreducing patch, that if
...
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
Kris Kennaway
957dc12dec
Link explicitly against -lmd. I'm not sure what was pulling this in
...
on -current, but it doesnt do it on -stable.
2000-06-11 05:30:52 +00:00
Kris Kennaway
d52b295063
Add a new file to SRCS
2000-06-03 10:04:31 +00:00
David E. O'Brien
14a8a54168
/dev/urandom is the default random device, so no use in stateing it here.
...
Also simplify the conditionals a little.
2000-05-15 23:29:03 +00:00
David E. O'Brien
f254f0ac49
This version is slightly better than rev 1.10. There are still missing
...
dependencies for openssl/*.h. I cannot reproduce any critical race
conditions with this revision.
2000-05-15 17:28:06 +00:00
David E. O'Brien
f80c5c4a34
Use unadorned `mkdir -p', removing the "test ... ||".
...
There are sometimes problems with "&&" and "||" in the `make -j' case, as
it appears multiple processes may process parts of the execution line.
2000-05-15 16:52:57 +00:00
Kris Kennaway
4fc9354419
Update for OpenSSH 2.1
2000-05-15 05:26:50 +00:00
Kris Kennaway
0ae5a27cf8
Use the C locale for running date(1).
...
Submitted by: ache
2000-04-20 07:26:46 +00:00
Kris Kennaway
9ccbd450e8
Update for OpenSSL 0.9.5a and clean up a bit.
2000-04-13 07:37:35 +00:00
Kris Kennaway
a7aaf459e7
Update for OpenSSL 0.9.5a and clean up a bit.
...
Take responsibility for this makefile again :-)
2000-04-13 07:37:26 +00:00
David E. O'Brien
63bfdbdb0a
* Fix dependancies so that ``make depend'' is not required.
...
* Some style fixes
Approved by: kris
2000-04-11 09:27:24 +00:00
David E. O'Brien
2461ce422b
* Fix dependancies so that ``make depend'' is not required.
...
* Some style fixes
Approved by: kris
2000-04-11 08:28:47 +00:00
Kris Kennaway
aad873b098
Add libcrypto to LDADD. This fixes problems seen with e.g. apache-modssl
...
Submitted by: Jim Bloom <bloom@acm.org>
2000-04-04 07:31:01 +00:00
Kris Kennaway
fcd9d76716
Missed a fix for the new openssh; this fixes make world.
2000-03-26 21:17:11 +00:00
Kris Kennaway
1ef4beca5f
Update for latest OpenSSH
2000-03-26 07:54:12 +00:00
Kris Kennaway
9fd4066575
Add a new function stub to libcrypto() which resolves to a symbol in
...
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.
This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'
This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
Mark Murray
283073b4e6
Make LOGIN_CAP work properly.
...
Submitted by: ache
2000-03-09 14:54:00 +00:00
Kris Kennaway
bb49f794f5
Buildworld fixes for NO_OPENSSH and NO_OPENSSL
...
Approved by: jkh
2000-03-09 06:29:05 +00:00
Kris Kennaway
d7d9ad4214
Build a shared library too - ports expect it.
...
Reviewed by: peter
Approved by: jkh
2000-03-07 20:55:55 +00:00
Peter Wemm
5a0a2ee966
Merge from internat.freebsd.org; cleanup stray rsaref glue code reference
2000-03-05 14:20:57 +00:00
John Hay
aa77fdaa47
MFI: Make ssh and sshd link in the krb5 part of make release.
...
Reviewed by: markm
2000-03-03 20:34:05 +00:00
Kris Kennaway
a5ee11a77a
Resurrect the old libdes manpages (after a repo copy) until we have better
...
ones.
2000-03-02 06:06:35 +00:00
Peter Wemm
3187486c8a
Merge from internat.freebsd.org: add libcrypto to librsaUSA's symbol search
...
path so that ERR_load_strings() is found in certain circumstances
involving dlopen(). eg: main program dlopened foo.so which is linked
against libcrypto. If libcrypto then dlopens librsaUSA.so, then it's
search path doens't find libcrypto (!). One "fix" is to force
modules (eg main opening foo.so) to use the RTLD_GLOBAL flag, the other
is to explicitly declare dependencies (as done here).
2000-03-02 05:22:46 +00:00
Mark Murray
87afaaf75a
MFI: stupid typo of mine.
2000-02-29 09:56:11 +00:00
Kris Kennaway
06f13592e1
Add NODESCRYPTLINKS knob to prevent spamming of libcrypt -> libscrypt
...
symlinks. The name is against my better judgement, but I defer to ancient
tradition here because I'm a nice guy.
Reviewed by: -current
2000-02-29 05:47:52 +00:00
Mark Murray
e1eaf14cd7
New distribution names.
2000-02-28 19:25:34 +00:00
Mark Murray
c62e13f4cf
New distribution name.
2000-02-28 19:24:33 +00:00
Peter Wemm
9fa5f5fd96
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
Peter Wemm
42a75d55f1
Merge from internat.freebsd.org; deal with -DRSAref the same way as
...
libcrypto - not that it means much on the US code tree.
2000-02-25 14:15:31 +00:00
Peter Wemm
cfd62b902e
Merge from internat.freebsd.org; make RSAREF=YES work correctly, although
...
this is not very useful as the US repo is missing bits.
2000-02-25 14:08:35 +00:00
Peter Wemm
6681286022
Create a stub libRSAglue for bsd.port.mk's sake
2000-02-25 09:47:17 +00:00
Peter Wemm
8df7a1fa29
Don't pull in libRSAglue for the rsaref case. Since this is linked
...
dynamically by default, we use the dlopen() calls to load librsaref.so
on US code trees.
2000-02-25 08:21:35 +00:00
Peter Wemm
07a0979e84
Fold libRSAglue into libcrypto so we don't have to special-case
...
all the builds. There is still no actual RSA implementation code
in libcrypto or src/* on US code trees.
2000-02-25 08:18:43 +00:00
Peter Wemm
08c0f1c7dd
Sync with internat; delete a trailing space
2000-02-25 05:35:37 +00:00
Mark Murray
51a4536595
Remove port components not needed in 4.n+
...
Submitted by: Half the freaking planet....
2000-02-24 22:39:24 +00:00
Mark Murray
b87f0bc988
libdes is OBE
2000-02-24 19:08:24 +00:00
Mark Murray
c9f2d5f483
Build everything properly. This means:
...
o Don't b uild libdes.
o Crypto is now housed in libcrypto (with a compatability symlink to
libdes)
o RSA may depend on RSAREF at your locale.
o OpenSSH is now a part of the base system.
2000-02-24 18:59:34 +00:00
Mark Murray
c23e256eef
Add the OpenSSH userland-building Makefiles.
2000-02-24 17:00:55 +00:00
Mark Murray
228c5a5af7
Freefall/Internat diff reducer.
2000-02-24 10:37:29 +00:00
Mark Murray
22dcf83566
Freefall/Internat diff reducer.
2000-02-24 10:21:56 +00:00
Mark Murray
1b87af6b57
Freefall/Internat diff reducer.
2000-02-24 10:06:57 +00:00
Mark Murray
97dacfda2b
Diff reducer. Comes from Internat.
2000-02-24 09:52:37 +00:00
Mark Murray
4486a1f099
Remove useless whitespace.
...
Part of big commit OK'ed by: JKH
2000-02-24 09:48:58 +00:00
Kris Kennaway
0c7304fede
Back out the previous commit - it broke world and was not approved.
...
I don't know what I was thinking committing without approval - sorry.
2000-02-14 08:09:52 +00:00
Kris Kennaway
b0ba1374bc
Link dynamically, not statically.
2000-02-13 00:53:12 +00:00
Kris Kennaway
8c52579a78
Add NO_OPENSSL knob to turn off building of openssl
...
Requested by: wollman
2000-01-30 04:12:49 +00:00
Kris Kennaway
c6680962bf
Add NO_OPENSSL knob to turn off building of openssl
...
Requested by: wollman
2000-01-30 04:11:37 +00:00
Yoshinobu Inoue
4dd8b5ab79
another tcp apps IPv6 updates.(should be make world safe)
...
ftp, telnet, ftpd, faithd
also telnet related sync with crypto, secure, kerberosIV
Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Kris Kennaway
a5c3c93893
Don't search for libraries in ${LOCALBASE}. This should fix the problems
...
people were seeing with conflicts with the openssl port.
2000-01-20 07:29:01 +00:00
Kris Kennaway
04c111ac5f
Activate librsaglue
2000-01-20 07:27:49 +00:00
Kris Kennaway
486bbb25ef
Move the rsaref gunk to libRSAglue where ports expect it.
2000-01-20 07:27:38 +00:00
Kris Kennaway
5afe765e66
Build infrastructure for libRSAglue, required for compatability with
...
ports even though it doesn't seem to do anything which requires it
to be separate from libcrypto.
2000-01-20 07:24:40 +00:00
Kris Kennaway
e36de8f1b1
The wrong version of the file was committed previously which explains the
...
problems seen here.
2000-01-16 21:00:06 +00:00
Kris Kennaway
f9992f30fc
Turn back on openssl building.
2000-01-16 05:25:26 +00:00
Kris Kennaway
3e3bfbad52
Turn back on libcrypto and libssl building.
2000-01-16 05:24:47 +00:00
Kris Kennaway
ac242a29d9
*** empty log message ***
2000-01-16 05:19:27 +00:00
Kris Kennaway
2f00e5fdc4
Add MAINTAINER tag so people don't feel the need to randomly frob with this.
2000-01-16 02:20:03 +00:00
Brian Feldman
d82f495687
We cannot have libcrypto, and therefore OpenSSL at all, without RSA.
...
If you need examples of breakage, I'm ready to provide more than a
few.
2000-01-15 18:02:10 +00:00
Kris Kennaway
45b8027e25
Connect OpenSSL to the build.
2000-01-14 08:01:51 +00:00
Kris Kennaway
41e8e5da52
Build infrastructure for OpenSSL
2000-01-14 05:49:29 +00:00
Kris Kennaway
63f691b33c
Really really remove SHA-1 support.
2000-01-09 21:22:48 +00:00
Mark Murray
8ab773c3cf
Routines needed by new kerberos.
2000-01-09 10:09:40 +00:00
Jordan K. Hubbard
e63a240576
Remove the SHA stuff properly.
2000-01-08 03:01:13 +00:00
Peter Wemm
049239a46c
Since /etc/sendmail.cf got moved to /etc/mail/sendmail.cf, a 'make world'
...
would leave you with a broken sendmail and local mail loss.
This evil hack moves sendmail.cf from the old location to the new one (if
required) at install time.
1999-12-29 18:56:55 +00:00
Peter Wemm
8ea9610d48
Install sendmail in it's new location.
1999-12-29 18:40:56 +00:00
Mark Murray
1c7d04a82f
RIP xntpd.
1999-12-22 19:15:02 +00:00
Peter Wemm
1a9527eaaa
I missed the LDADD/DPADD for -lmd in the secure cases. :-(
...
Pointed out by: marcel
1999-12-19 16:50:33 +00:00
Peter Wemm
ed9823add9
Revert -lmd changes now that libcrypt doesn't expose this binutils/ld
...
bug any more.
1999-12-18 16:42:33 +00:00
Marcel Moolenaar
6b5f58c5c3
Add libmd to DPADD and LDADD.
1999-12-17 11:45:28 +00:00
Mark Murray
1a19815c14
Dont build telenet if we are going for kerberised telnet; this just
...
jumps all over kerberised telnet otherwise.
1999-10-12 19:48:05 +00:00
Mark Murray
d14fc57cb7
Make telnet with SRA work.
...
Submitted by: Nick Sayer
1999-10-07 19:47:09 +00:00
Mark Murray
e267a66620
Colour me stupid. This is a better way of using the macros.
1999-09-21 22:13:07 +00:00
Mark Murray
af37a7967b
Do this the same way as Internat to reduce diffs.
1999-09-21 17:57:09 +00:00
Dmitrij Tejblum
462da152d2
Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
...
Revert the major number back to 2.
libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
1999-09-21 17:52:05 +00:00
Peter Wemm
6fd36d7d11
Restore SONAME setting, otherwise libdescrypt.so.3 doesn't end up with
...
a special SONAME of libcrypt.so.3 and the runtime symlink doesn't work.
1999-09-21 14:47:36 +00:00
Mark Murray
e1e54354b5
Make this completely dependant on the exportable libcrypt, to avoid
...
duplication of effort. Also a large cleanup of the code, inspired
by Brandon Gillespie.
1999-09-20 12:40:06 +00:00
Mark Murray
5cd82127f8
libdes is bmaked and built from src/crypto/... now.
1999-09-19 18:49:58 +00:00
Mark Murray
056bcb03a1
This commit was generated by cvs2svn to compensate for changes in r50894,
...
which included commits to RCS files with non-trunk default branches.
1999-09-04 12:45:43 +00:00
Mark Murray
caf39ecc96
Vendor import EAY's LIBSSL to fix comments, etc.
1999-09-04 12:45:43 +00:00
Mark Murray
0a21b04f59
Drat. Import this into the right place. Pass me the pointy hat.
1999-09-01 19:59:25 +00:00
Mark Murray
778981c288
This commit was generated by cvs2svn to compensate for changes in r50760,
...
which included commits to RCS files with non-trunk default branches.
1999-09-01 19:59:25 +00:00
Peter Wemm
a1a4f1a0d8
$Header$ -> $FreeBSD$
1999-08-28 05:11:36 +00:00
Peter Wemm
97d92980a9
$Id$ -> $FreeBSD$
1999-08-28 01:35:59 +00:00
Mark Murray
e3f08ba406
Claim ownership
1999-08-17 13:39:28 +00:00
Mike Pritchard
36b3fda178
Various man page cleanup:
...
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.
1999-08-15 10:01:15 +00:00
Kris Kennaway
3e977c59cf
Typo in comment.
1999-04-25 13:14:36 +00:00
Mark Murray
2331d1600b
Enable tcp_wrapper support by default.
1999-03-28 10:55:03 +00:00
Peter Wemm
9e5e26b31a
MaxHeaderLines is now MaxHeadersLength (in bytes)
1999-02-07 09:48:52 +00:00
Peter Wemm
5e418b65f6
Support 'O MaxHeaderLines=' to override the default header count and line
...
length limits. The configuration keyword is: confMAX_HEADER_LINES
1999-01-24 07:54:30 +00:00
Mark Murray
1b340441b7
Fix symlinking. Without the -f "force" option, the wrong version
...
can be found.
Submitted by: Bruce
1999-01-24 07:51:33 +00:00
Mark Murray
945c0b6dde
The new crypt code breaks "make world". Back it out.
1999-01-23 08:26:11 +00:00
Brandon Gillespie
5287069da8
Removed from the secure/lib/libcrypt area, because of the rewrite to how
...
the Makefile handles des support by just including the single .c file.
Reviewed by: Mark Murray
1999-01-21 13:51:49 +00:00
Peter Wemm
3539ed8b65
Update for 8.9.2 (new file, control.c)
...
Also, turn on support for the MaxMimeHeaderLength option in sendmail.cf.
1999-01-12 12:47:54 +00:00
David E. O'Brien
2887f586f0
Remove useless `BINOWN=root' now that it is the default.
1998-09-19 22:42:14 +00:00
John Birrell
7dcd8b7c45
BINFORMAT -> OBJFORMAT ready for E-day. Untested 'cause I'm outside
...
the US and not allowed to see this. I kept my eyes closed. 8-)
1998-08-31 00:35:10 +00:00
Peter Wemm
22751f562c
Connect up sendmail-8.9.1
1998-08-04 15:24:04 +00:00
Mark Murray
4586e1abc5
Staticise a variable.
...
PR: 4722
Submitted by: Karl Denninger
1997-10-08 07:02:48 +00:00
Jordan K. Hubbard
97fe7f477f
Changes to support full make parallelism (-j<n>) in the world
...
target.
Reviewed by: <many different folks>
Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
1997-10-05 09:40:24 +00:00
Peter Wemm
a99f0e8211
Teach libdescrypt about elf builds.
1997-09-05 12:21:22 +00:00
Peter Wemm
c0ec1f37ef
Revert $FreeBSD$ to $Id$
1997-02-22 14:40:44 +00:00
Jordan K. Hubbard
1130b656e5
Make the long-awaited change from $Id$ to $FreeBSD$
...
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Wolfram Schneider
af20215665
Sort cross references.
1997-01-13 00:25:51 +00:00
Mark Murray
4ee026279c
Secure telnet is now in eBones.
1996-11-07 14:42:57 +00:00
Mark Murray
846c5a6cb7
Remove references to TELNET*.
1996-11-07 14:41:20 +00:00
Peter Wemm
82c2534fd0
Fold sendmail-8.8.2 changes into files that have been touched.
...
(^!&@$#&^! delete !!@^@^ trailing !@^&#$!& whitespace!!!)
1996-10-24 05:07:25 +00:00
Peter Wemm
e7d24931fe
cmp -s || install -c --> install -C
1996-08-30 04:07:04 +00:00
Peter Wemm
fb128913a9
Same as non-secure telnetd, add support for ``-P altlogin'' to specify
...
an alternate /usr/bin/login type program to be run.
1996-08-13 07:53:54 +00:00
Mark Murray
43e844cb02
Next version from the author - from SSLeay.0.6.3
1996-08-10 17:19:16 +00:00
Mark Murray
67d29e2c6c
This commit was generated by cvs2svn to compensate for changes in r17497,
...
which included commits to RCS files with non-trunk default branches.
1996-08-10 17:19:16 +00:00
Mark Murray
f3d1114f33
Some breakeages sneaked in. This fixes them.
...
(this relates to a name change in a library that was not properly backed
up by the author)
Reported by: too mant :-(
1996-07-30 21:09:48 +00:00
Mark Murray
43f15e7154
Merge, remove rubbish and bump the MAJOR.MINOR to 3.0
1996-07-29 18:01:42 +00:00
Mark Murray
f2c335efd5
Rats. Just when a piece of code is nice and stable, the author has to
...
release an upgrade.
1996-07-29 17:54:40 +00:00
Mark Murray
1700adf407
This commit was generated by cvs2svn to compensate for changes in r17330,
...
which included commits to RCS files with non-trunk default branches.
1996-07-29 17:54:40 +00:00
Mark Murray
6c4a37eb3a
Mrege conflicts etc.
1996-07-28 08:23:19 +00:00
Mark Murray
de59bba0c5
Latest libdes from Eric Young. Mainly code beautification.
1996-07-28 08:18:06 +00:00
Mark Murray
9f2bc96e40
This commit was generated by cvs2svn to compensate for changes in r17315,
...
which included commits to RCS files with non-trunk default branches.
1996-07-28 08:18:06 +00:00
Jordan K. Hubbard
187eb1e177
Add necessary item to CLEANFILES
1996-07-27 22:16:19 +00:00
Jordan K. Hubbard
cd9a2f5c28
Bring in my changes for removing the pestilent obj links (unless you
...
really want them) from /usr/src. This is the final version of the
patches, incorporating the feedback I've received from -current.
1996-06-24 04:26:21 +00:00
Nate Williams
c4a4597e90
Bring in a change that got lost when we spammed over the CVS repository
...
to fix the mega-commits spamming.
pst 96/05/29 20:09:25
Modified: secure/usr.bin/telnet Makefile main.c
Log:
Remove obsolete SOCKSv4 support
Submitted by: pst
Obtained from: A mirrored CVS repository that will disappear next SUP
1996-06-05 22:48:04 +00:00
Andrey A. Chernov
45fa48fe14
Localize time
1996-05-07 19:05:10 +00:00
Mark Murray
87bd8ab856
Add extra targets a' la' eBones/Makefile for release/Makefile.
...
(bootstrap etc)
1996-05-04 08:32:07 +00:00
Mark Murray
42f2698195
Add randomness from /dev/random if it is available.
1996-05-04 07:25:54 +00:00
Paul Traina
33bb8564be
Add support for socks
1996-04-23 05:18:43 +00:00
Paul Traina
4b2e1057cf
typo shmrsh -> smrsh
1996-04-22 20:30:09 +00:00
Paul Traina
0abdd9956c
Enable proper installation of sendmail restricted shell smrsh(8).
...
This program is a wrapper for the prog mailer in sendmail. It does shell
meta character masking and restricts the list of executables to those found
in /usr/libexec/sm.bin.
The default sendmail.cf file does not use this tool, however you can enable
it by either changing /bin/sh to /usr/libexec/smrsh or adding the line
FEATURE(smrsh) into your sendmail .mc file and rebuilding your .cf file.
For more info, RTFMP.
1996-04-21 19:48:07 +00:00
Mark Murray
c5cdf2c7f4
Split libcrypt and libcipher man pages.
1996-04-13 08:18:24 +00:00
Mark Murray
bb230f68ca
Split the libcrypt and libcipher man pages.
1996-04-13 08:03:24 +00:00
Mike Pritchard
cad56be80a
Install crypt.3 so that libcipher will install if /usr/share/man
...
has been blown away. Previously it depended on an existing
crypt.3 to be present for the man page links to install properly.
1996-04-09 17:20:33 +00:00
Mark Murray
18992ffaea
Comment out the NOPROFILE=yes to make this orthogonal with the rest of our
...
libs.
1996-03-17 15:43:32 +00:00
Mark Murray
6dd8a38202
Big clean-up job. Remove ancient and never-to-be used stuff.
...
The look much more like BSD Makefiles now.
1996-03-11 16:17:58 +00:00
Mark Murray
7c9dcdde00
Fix typo #ifdef -> .if defined().
...
Tidy uo this file a bit.
1996-03-11 06:22:50 +00:00
Mark Murray
d825f2fad0
Fix typo - -des -> -ldes
1996-03-10 21:15:00 +00:00
Andrey A. Chernov
0a2c4bde08
Sense MAKE_EBONES, DESTDIR
...
SRCS, DPADD cleanup
1996-03-09 13:39:00 +00:00
Andrey A. Chernov
a0e2ca089a
Sense MAKE_EBONES, DESTDIR
...
SRCS cleanup
DPADD cleanup
1996-03-09 13:36:34 +00:00
Andrey A. Chernov
f6d9ce2bae
Sense MAKE_EBONES, DESTDIR
...
SRCS cleanup
DPADD cleanup
1996-03-09 13:26:21 +00:00
Jordan K. Hubbard
1c934dae3e
Add back missing crypt.3 man page.
1996-02-21 08:15:08 +00:00
Mike Pritchard
bcff8e2ae4
Another round of man page cleanups.
...
Down to only about 100 items left to cleanup! :-)
1996-02-12 04:57:03 +00:00
Mark Murray
14a23345e6
Add the new libdes to the build
1996-02-11 08:46:59 +00:00
Mark Murray
fffad2951a
Rats. Forgot to `cvs add' this.
1996-02-10 23:49:27 +00:00
Mark Murray
537c20ded7
iImport a FreeBSD Makefile, BSD-ise the header and correct a typo. As the
...
interface has changed a bit (there are more rentry points), the
shared library has been bumped to libdes.so.2.1.
1996-02-10 15:54:48 +00:00
Mark Murray
3a8043c232
This is the long-awaited new DES library. Over the next couple of days
...
will be properly built into the system.
1996-02-10 15:32:26 +00:00
Mark Murray
568f3a3d5a
This commit was generated by cvs2svn to compensate for changes in r14009,
...
which included commits to RCS files with non-trunk default branches.
1996-02-10 15:32:26 +00:00
Mike Pritchard
7c87ef470d
Correct some manual page cross reference errors. E.g. su is a section
...
one man page, not section eight. This is the first round of such changes
and only fixes man pages in manual section one.
1996-02-02 00:26:12 +00:00
Peter Wemm
6065a0be11
This commit was generated by cvs2svn to compensate for changes in r13122,
...
which included commits to RCS files with non-trunk default branches.
1995-12-30 19:02:48 +00:00
Peter Wemm
a5b996a7ec
recording cvs-1.6 file death
1995-12-30 19:02:48 +00:00
Andrey A. Chernov
ab6b1a8ad5
Pick correct library dir whenever obj exists or not
1995-12-21 17:57:16 +00:00
Mark Murray
96e718fe29
Dual personality crypt(3). This crypt will choose its encryption algorithm
...
(DES or MD5) based on the type of salt used. Salt beginning with "$1$"
indicates MD5.
1995-12-16 09:14:12 +00:00
Peter Wemm
1cdee109d0
*GULP* cvs remove the uncomfortably large list of files that are no longer
...
part of sendmail 8.7.2...
1995-12-02 20:58:10 +00:00
Peter Wemm
03d7755c08
Re-disable the cf/cf SUBDIR - we were not building it before anyway.
...
The Makefile down there does not handle the obj dir well..
1995-12-02 18:36:12 +00:00
Peter Wemm
1f160589bb
Import Sendmail-8.7.2 as discussed on -current.
...
The conflict merge will happen shortly after.
1995-12-02 17:30:23 +00:00
Andrey A. Chernov
a18c0b455a
Remove LD_NOSTD_PATH unsetenv, it isn't exist anymore
1995-10-24 06:52:36 +00:00
Andrey A. Chernov
d549e5cc7f
Fix original patch error with ! before strncmp
...
Zap only needed LD_* variables
1995-10-20 22:17:35 +00:00
Andrey A. Chernov
b6369ff12e
Don't allow LD_* env. variables to be tricked
...
Submitted by: Sam Hartman <hartmans@mit.edu>
1995-10-20 17:16:58 +00:00
Justin T. Gibbs
9d01cc32c6
Remove MAKE_EBONES conditionals. They were originally placed here because
...
of missing functionality in our libkrb which is no longer a problem.
1995-10-11 00:04:09 +00:00
Andrey A. Chernov
d6cf037780
Remove duplicated targets which now build from main tree
...
if available and allowed
1995-09-29 20:23:09 +00:00
Justin T. Gibbs
b7f41e3f67
Add TELNETOBJDIR and CRYPTOBJDIR for use in LDADD entries. This makes
...
secure reference the libraries that were just build instead of in /usr/lib.
1995-09-16 03:04:10 +00:00
Justin T. Gibbs
790136a438
Enable kerberosIV authentication/encryption conditionalized on MAKE_EBONES.
1995-09-14 21:29:21 +00:00
Justin T. Gibbs
9d6965ac06
Enable kerberosIV authentication/encryption conditionalized on MAKE_EBONES.
...
Fix up some of the des calls to be compatible with eBones.
1995-09-14 21:29:08 +00:00
David Greenman
b834e407de
sys_term.c: killed sleep(1) as this should no longer be a problem with
...
the move of startslave().
telnetd.c: fix bug introduced with the move of startslave()...the number
of arguments was wrong and "level" and "user_name" had to be made globals.
1995-09-11 21:02:02 +00:00
Paul Traina
b74fc1026f
Move erase cleanup outside linemode conditional
1995-09-06 02:03:36 +00:00
Paul Traina
a06a8a9829
Avoid race condition with telnet options processing (login: prompt lost).
...
Submitted by: John Capo & Peter Wemm
1995-09-05 19:31:06 +00:00
Paul Traina
d0d1fb6198
Set erase character for login: prompt.
...
Submitted by: Peter Wemm & John Capo
1995-09-05 19:30:05 +00:00
Paul Traina
a4a142bd15
Do NOT compile with -DKLUDGELINEMODE...hoses many telnet clients
1995-08-28 17:55:08 +00:00
Peter Wemm
7791ac4067
Import Sendmail v8.6.12, onto the CSRG(!) branch.
...
A seperate commit to fix the conflicts wil follow.
1995-08-17 04:39:13 +00:00
Andrey A. Chernov
0a06628ab2
Comment out LDADD+=-ldescrypt, it is not yet active due to
...
missng defines for krb4encpwd and rsaencpwd and missing rsa library too.
1995-08-05 19:10:25 +00:00
Andrey A. Chernov
ba60b431ca
Change default banner to FreeBSD, properly ifdefed by __FreeBSD__
...
Reviewed by:
Submitted by:
Obtained from:
1995-08-04 00:12:08 +00:00
Mark Murray
d5fc4d2a65
After pst and ache fixed secure telnet, it was still not in the main
...
makefiles. This puts it in.
PLEASE NOTE - YOU WILL NEED TO BUILD AND INSTALL THE libtelnet IN secure/
Reviewed by:
Submitted by:
Obtained from:
1995-07-29 12:49:25 +00:00
Andrey A. Chernov
9ed77b336f
Final cleanup pass through Makefiles, now this stuff
...
autodetect kerberos/eBones and work even with eBones,
but with reduced functionality (don't pick up des/krb stuff
in this case)
1995-07-24 22:55:59 +00:00
Andrey A. Chernov
dbd07ffcc0
Add -ldescrypt, or wrong crypt version can be picked from libc
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 22:01:01 +00:00
Andrey A. Chernov
6b370f4c7e
Add LDADD+= -ldescrypt
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:57:58 +00:00
Andrey A. Chernov
b6c080f6bc
Move -ldes under kerb stuff, my fault
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:49:06 +00:00
Andrey A. Chernov
e74d115547
Since this stuff not works with eBones, ifdef kerberos stuff
...
with MAKE_KERBEROS to allow other things to live
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:47:30 +00:00
Andrey A. Chernov
3b901a0b79
Since this stuff not works with eBones, ifdef kerberos stuff
...
with MAKE_KERBEROS to allow other things to live
Submitted by:
Obtained from:
1995-07-24 21:38:32 +00:00
Andrey A. Chernov
4109d6bfef
Add comment about new_rnd_key.c module needed from original
...
libdes (and not present in eBones libdes)
1995-07-24 21:12:57 +00:00
Andrey A. Chernov
7170827e21
Add comment about new_rbd_key.c module needed from
...
original libdes
1995-07-24 21:10:47 +00:00
Andrey A. Chernov
f8e556c37d
Fix dependances, typing errors, etc.
...
Note: this thing need original libdes not Eric Young libdes from eBones
Submitted by:
Obtained from:
1995-07-24 20:40:03 +00:00
Andrey A. Chernov
2c178baa51
Point to proper DESTDIR now
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 20:31:07 +00:00
Andrey A. Chernov
bfdd0041fc
Fix many bogus things, typing error, dependance errors, etc.,
...
now it compiles.
Note: this stuff requires original libdes, not libdes from
Eric Yang which we have in eBones.
1995-07-24 20:29:12 +00:00
Paul Traina
4a0834a5a2
When hostname len > 8, name replaced with dot notation when -u flag
...
not specified (default case).
Use _PATH_* for utmp/wtmp.
Support for >32 PTYs.
>Submitted by: Heikki Suonsivu <hsu@cs.hut.fi>
Plug already known security hole. (Brought over from 1.1.5):
Fixed security problem with telnetd, which allowed
telnet -l -hcert.org localhost
to change the user's host in utmp.
Thanks to Matthew Green <mrgreen@@mame.mu.oz.au> for showing me this one.
>Reviewed by: karl, guido
>Submitted by: mrgreen@mame.mu.oz.au
Obtained from: FreeBSD insecure telnetd
1995-07-20 12:35:01 +00:00
Paul Traina
4fd39f708a
The final negotiation of DO_BINARY in the LINEMODE portion of the telnetd code
...
causes some clients that do not support linemode to mis-interpret the return
key (i.e. double returns).
The fix is to only do the state check for binary options if linemode will
be used.
Closes PR#505.
Submitted by: Charles Henrich
Obtained from: FreeBSD insecure telnetd
1995-07-20 12:32:40 +00:00
Paul Traina
9809ff32f6
Update telnet to the 95.05.31 release.
...
Obtained from: Dave Borman <dab@cray.com>
1995-07-20 11:40:06 +00:00
Rodney W. Grimes
5ebc7e6281
Remove trailing whitespace.
1995-05-30 06:12:45 +00:00
Jordan K. Hubbard
1b780c0e7f
Argh! Another instance of DES rather than des that I forgot. Truly,
...
this keyword is in too many places! :(
1995-05-11 22:07:49 +00:00
Jordan K. Hubbard
b5260d2051
Rename secure to DES.
1995-05-09 05:22:41 +00:00
Garrett Wollman
c16b583c3c
Mark Murray's authdes.c for xntpd
1995-03-23 19:09:24 +00:00
Dima Ruban
399e5b4411
Security fixes.
...
CERT Advisory CA-95:03.telnet.encryption
Obtained from: CERT
1995-02-17 03:57:00 +00:00
Jordan K. Hubbard
002feff1d6
Change name of secrdist to secure.
1995-01-14 11:32:41 +00:00
Poul-Henning Kamp
2ef260d35c
Fix secrdist sharedlib bug.
1994-11-24 22:34:18 +00:00
Poul-Henning Kamp
c3cd331e8e
des DISTRIBUTION became secrdist.
1994-11-22 08:03:26 +00:00
Poul-Henning Kamp
7b0a9474f1
fix libdescrypt reference.
1994-11-21 02:58:43 +00:00
Poul-Henning Kamp
f079582484
Make the "distribute" target build the "des" distribution. Make des'ed
...
init and ed, by pointing to real sources.
1994-11-14 20:45:35 +00:00
Paul Traina
448380bfbf
!Just! fixing makefile, no code changes Geoff
1994-09-30 06:04:40 +00:00
Geoff Rehmet
49de41577e
More elegant fix for short settings.
...
(Our existing fixes already plugged the security holes involved.)
Submitted by: Geoff Rehmet after consultation with David Burren
1994-09-19 19:26:39 +00:00
Andrey A. Chernov
95fb75febe
Add libcipher.a: libcrypt exports only crypt() but not des_setkey()
...
which is in libcipher.a
1994-09-12 17:27:55 +00:00
Rodney W. Grimes
6897a8a75d
Change all references to LIBTERM and -ltermlib to LIBTERMCAP and -ltermcap
1994-09-11 21:53:28 +00:00
Geoff Rehmet
77b06a9b6c
fix bogus .include
...
Submitted by: Geoff.
1994-09-09 09:43:18 +00:00
Geoff Rehmet
daf0f855ad
add libcipher to Makefile
...
Submitted by: Geoff.
1994-09-08 19:06:58 +00:00
Geoff Rehmet
37ea1bf4c9
- Remove crypt() - it's in libcrypt
...
- remove ^L's - CTM will probably choke on them
- add PRECIOUSLIB to Makefile
- name changes libcrypt -> libcipher
Submitted by: Geoff.
1994-09-07 21:48:54 +00:00
Geoff Rehmet
8b2981f937
Bring in the 1.1.x international libcrypt, which
...
will in due course become libcipher.
Based on David Burren's FreeSEC
Submitted by: Geoff.
1994-09-07 21:18:08 +00:00
Paul Traina
bf8f9d53f6
Back out static hacks & build of usr.bin until Geoff informs the
...
world of his master plan.
Submitted by: pst
1994-09-07 07:47:08 +00:00
Paul Traina
21b4fe120d
Remove static in front of declarations for des_setkey and des_cipher
...
so that linking against -lcrypt (-ldescrypt) will give us the good
versions instead of the stubs in libc. (These changes need to be
made to the non-US version of libdescrypt too!)
Allow building and support for bdes program.
A bit more work still needs to be done on secure telnet.
Submitted by: pst
1994-09-07 07:16:52 +00:00