Remove telnetd

The telnetd codebase is unmaintained and has a number of quality
issues. Telnet has been largely supplanted by ssh. If needed, a port is
available (net/freebsd-telnetd), but a more maintained implementation
should be prefered.

While the telnet client suffers from the same issues, it is deemed
to be of lower risk and is required to connect to legacy devices, so
it remains.

Reviewed by:	emaste, imp
Differential Revision:	https://reviews.freebsd.org/D36620
This commit is contained in:
Brooks Davis 2022-09-28 19:53:10 +01:00
parent f1e039d057
commit 0eea46fb1f
8 changed files with 5 additions and 116 deletions

View File

@ -52,6 +52,11 @@
# xargs -n1 | sort | uniq -d;
# done
# 20220928: telnetd(8) removed
OLD_FILES+=etc/pam.d/telnetd
OLD_FILES+=usr/libexec/telnetd
OLD_FILES+=usr/share/man/man8/telnetd.8.gz
# 20220914: domain(9) updated
OLD_FILES+=usr/share/man/man9/domain_init.9.gz
OLD_FILES+=usr/share/man/man9/pfctlinput.9.gz

View File

@ -34,10 +34,4 @@ afterinstallconfig:
${INSTALL_LINK} ${TAG_ARGS} ${DESTDIR}${CONFDIR}/ftpd ${DESTDIR}${CONFDIR}/ftp
.endif
.if ${MK_TELNET} != "no"
CONFGROUPS+= TELNET
TELNET+= telnetd
TELNETPACKAGE= telnet
.endif
.include <bsd.prog.mk>

View File

@ -1,26 +0,0 @@
#
# $FreeBSD$
#
# PAM configuration for the "telnetd" service
#
# auth
auth sufficient pam_opie.so no_warn no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first_pass
# account
account required pam_nologin.so
#account required pam_krb5.so
account required pam_login_access.so
account required pam_unix.so
# session
#session optional pam_ssh.so want_agent
session required pam_lastlog.so no_fail
# password
#password sufficient pam_krb5.so no_warn try_first_pass
password required pam_unix.so no_warn try_first_pass

View File

@ -27,7 +27,6 @@ SUBDIR= ${_atf} \
${_rtld-elf} \
save-entropy \
${_smrsh} \
${_telnetd} \
${_tests} \
${_tftp-proxy} \
ulog-helper \
@ -104,10 +103,6 @@ SUBDIR+= talkd
SUBDIR+= tcpd
.endif
.if ${MK_TELNET} != "no"
_telnetd= telnetd
.endif
.if ${MK_TFTP} != "no"
SUBDIR+= tftpd
.endif

View File

@ -1,45 +0,0 @@
# $FreeBSD$
# Do not define -DKLUDGELINEMODE, as it does not interact well with many
# telnet implementations.
.include <src.opts.mk>
PACKAGE= telnet
TELNETDIR= ${SRCTOP}/contrib/telnet
.PATH: ${TELNETDIR}/telnetd
PROG= telnetd
MAN= telnetd.8
SRCS= global.c slc.c state.c sys_term.c telnetd.c \
termstat.c utility.c
WARNS?= 2
WFORMAT?= 0
CFLAGS+= -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON \
-DENV_HACK -DSTREAMSPTY
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif
CFLAGS+= -I${TELNETDIR}
CFLAGS+= -I${TELNETDIR}/telnet
LIBADD= telnet util tinfow
.if ${MK_OPENSSL} != "no"
SRCS+= authenc.c
CFLAGS+= -DAUTHENTICATION -DENCRYPTION
LIBADD+= mp crypto pam
.endif
.if ${MK_KERBEROS_SUPPORT} != "no"
CFLAGS+= -DKRB5 -DFORWARD -Dnet_write=telnet_net_write
LIBADD+= krb5 roken
.endif
.include <bsd.prog.mk>

View File

@ -1,25 +0,0 @@
# $FreeBSD$
# Autogenerated - do NOT edit!
DIRDEPS = \
include \
include/arpa \
include/xlocale \
lib/${CSU_DIR} \
lib/libc \
lib/libcom_err \
lib/libcompiler_rt \
lib/libcrypt \
lib/libmp \
lib/libpam/libpam \
lib/libtelnet \
lib/libthr \
lib/libutil \
lib/ncurses/ncursesw \
.include <dirdeps.mk>
.if ${DEP_RELDIR} == ${_DEP_RELDIR}
# local dependencies - needed for -jN in clean tree
.endif

View File

@ -1,6 +0,0 @@
# $FreeBSD$
# This file is not autogenerated - take care!
DIRDEPS_OPTIONS= KERBEROS_SUPPORT OPENSSL
.include <dirdeps-options.mk>

View File

@ -8242,11 +8242,8 @@ OLD_FILES+=usr/share/nls/uk_UA.UTF-8/tcsh.cat
.endif
.if ${MK_TELNET} == no
OLD_FILES+=etc/pam.d/telnetd
OLD_FILES+=usr/bin/telnet
OLD_FILES+=usr/libexec/telnetd
OLD_FILES+=usr/share/man/man1/telnet.1.gz
OLD_FILES+=usr/share/man/man8/telnetd.8.gz
.endif
.if ${MK_TESTS} == yes