Commit Graph

107 Commits

Author SHA1 Message Date
Ruslan Ermilov
2735cfee64 Switch over to using pam_login_access(8) module in sshd(8).
(Fixes static compilation.  Reduces diffs to OpenSSH.)

Reviewed by:	bde
2002-03-26 12:52:28 +00:00
Dag-Erling Smørgrav
da4dc1eeb5 Use PAM instead of S/Key (or OPIE) for SSH2.
Sponsored by:	DARPA, NAI Labs
2002-03-21 12:18:27 +00:00
Dag-Erling Smørgrav
3876d839e5 Don't forget auth-skey.c. 2002-03-18 16:17:57 +00:00
Ruslan Ermilov
0509dca0c3 Add pam_ssh support to the static PAM library, libpam.a:
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
  dynamic linkage with -lssh.

Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:54:17 +00:00
Bruce Evans
049015c264 Fixed world breakage in rev.1.13. -lpam must never be used directly since
it doesn't work for static linkage.
2001-08-29 07:07:48 +00:00
Brian Feldman
e7edf5a116 Enable Kerberos 5 support in sshd again. 2001-06-12 03:43:47 +00:00
Brian Feldman
d70e08c642 Update to OpenSSH 2.9. Somehow this missed getting committed yesterday. 2001-05-04 23:55:18 +00:00
Brian Feldman
9513e1a83d Don't build with Kerberos 5 support for now. I'll fix this soon,
but I don't want to break Kerberos 5 users' worlds too much in the
meantime.
2001-05-04 05:07:43 +00:00
Ruslan Ermilov
b8cba406f2 secure/ build fixes:
- TELNETOBJDIR is gone.  `buildworld' already installs libtelnet.a
  in ${WORLDTMP}/usr/lib, and we have LIBRARY_PATH pointing there.

- SSHDIR (formerly SSHSRC) is now shared between all SSH modules.
  New LIBSSH is introduced for libssh.a (an internal static lib).
  Previously, build without prior `obj' was broken; SSH modules
  always looked for libssh.a in ${.OBJDIR}.  Also, the dependancies
  on the libssh.a were missing.

- libtelnet/ did not install the crypto version of telnet.h into
  /usr/include/arpa.

- Removed BINOWN, BINMODE, BINDIR and SRCS with default values.

Reviewed by:	markm

- MAN[1-9] -> MAN.
2001-03-26 14:53:33 +00:00
Jacques Vidrine
18ae4e64cf Define HAVE_PAM_GETENVLIST for build. Now environmental variables set
by PAM modules will be exported (correctly).
2001-02-08 21:16:34 +00:00
Brian Feldman
94193b581b Update for OpenSSH 2.3.0. 2000-12-05 03:01:33 +00:00
Gregory Neil Shapiro
85e427cc94 Fix up the build for the STARTTLS version of sendmail (again). This method
mimics that of tcpdump in that for normal builds, sendmail will only be
built once.  For 'make release', it is built once for the bin dist and
once for the crypto dist.  This method also removes the need for two separate
Makefiles (which could become out of sync).

Suggested by: bde
Assisted by: kris
2000-10-24 16:04:56 +00:00
Gregory Neil Shapiro
e11cbdb767 Do not override BINDIR settings from subdirectory Makefiles.
Submitted by:	bde
2000-10-13 16:57:03 +00:00
Gregory Neil Shapiro
1e503e9884 ../Makefile.inc was clobbering BINDIR so sendmail was being installed in
/usr/sbin/ instead of /usr/libexec/sendmail/

Submitted by:	bde
2000-10-13 16:51:05 +00:00
Gregory Neil Shapiro
c1f12b17ff Activate the 'secure' (TLS) version of sendmail if !NO_SENDMAIL && !NO_OPENSSL 2000-10-13 03:21:37 +00:00
Gregory Neil Shapiro
fa54144cce Given that sendmail's STARTTLS support requires OpenSSL and the bootstrap
issues that brings, build the non-TLS version of sendmail in
src/usr.sbin/sendmail and the TLS version in src/secure/usr.sbin/sendmail.
This allows the TLS version to be part of the secure distribution when
building a release.
2000-10-13 03:20:43 +00:00
Gregory Neil Shapiro
cec19acfbc Remove STARTTLS support as it breaks builds without crypto installed.
Waiting to hear back regarding the best way to do this.
2000-10-12 17:04:32 +00:00
Peter Wemm
0a69c17a48 With apoligies to Greg Shapiro, fix the world. The previous commit
lost -lutil and -lwrap by replacing $LDADD and $DPADD rather than
appending to them with +=.
2000-10-11 12:19:42 +00:00
Gregory Neil Shapiro
c6cc60252d Style fixes 2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
79c8873163 NOCRYPT imples NO_OPENSSL.
Still need to solve the distribution problem.

Submitted by:	kris
2000-10-11 03:35:32 +00:00
Gregory Neil Shapiro
0c2b976cf8 Build sendmail with STARTTLS support unless NO_OPENSSL is set. 2000-10-10 18:15:41 +00:00
Gregory Neil Shapiro
cf1fec423a Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
Gregory Neil Shapiro
da69ece541 Allow users to add libraries for sendmail (e.g. Cyrus SASL)
Obtained from:	Sergei Vyshenski <svysh@pn.sinp.msu.ru>
2000-09-13 04:16:16 +00:00
Kris Kennaway
2f538dadf7 Update for OpenSSH 2.2.0 2000-09-10 09:43:29 +00:00
Kris Kennaway
939c32909c Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
was using this feature.
2000-09-02 07:32:05 +00:00
Gregory Neil Shapiro
d0b3252609 Turn on support for IPv6 2000-08-14 02:36:29 +00:00
Gregory Neil Shapiro
478c940682 Get rid of the /etc/aliases -> /etc/mail/aliases hack. /etc/mail/aliases
now exists in the distribution.
2000-08-13 08:36:40 +00:00
Gregory Neil Shapiro
88c75941e6 The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
Kris Kennaway
b682213c87 Don't build sshd if NO_OPENSSL defined.
Submitted by:	stephen@math.missouri.edu
2000-07-30 22:25:54 +00:00
Kris Kennaway
957dc12dec Link explicitly against -lmd. I'm not sure what was pulling this in
on -current, but it doesnt do it on -stable.
2000-06-11 05:30:52 +00:00
Kris Kennaway
4fc9354419 Update for OpenSSH 2.1 2000-05-15 05:26:50 +00:00
Kris Kennaway
1ef4beca5f Update for latest OpenSSH 2000-03-26 07:54:12 +00:00
Mark Murray
283073b4e6 Make LOGIN_CAP work properly.
Submitted by:	ache
2000-03-09 14:54:00 +00:00
John Hay
aa77fdaa47 MFI: Make ssh and sshd link in the krb5 part of make release.
Reviewed by:	markm
2000-03-03 20:34:05 +00:00
Mark Murray
e1eaf14cd7 New distribution names. 2000-02-28 19:25:34 +00:00
Peter Wemm
8df7a1fa29 Don't pull in libRSAglue for the rsaref case. Since this is linked
dynamically by default, we use the dlopen() calls to load librsaref.so
on US code trees.
2000-02-25 08:21:35 +00:00
Mark Murray
c23e256eef Add the OpenSSH userland-building Makefiles. 2000-02-24 17:00:55 +00:00
Peter Wemm
049239a46c Since /etc/sendmail.cf got moved to /etc/mail/sendmail.cf, a 'make world'
would leave you with a broken sendmail and local mail loss.
This evil hack moves sendmail.cf from the old location to the new one (if
required) at install time.
1999-12-29 18:56:55 +00:00
Peter Wemm
8ea9610d48 Install sendmail in it's new location. 1999-12-29 18:40:56 +00:00
Mark Murray
1c7d04a82f RIP xntpd. 1999-12-22 19:15:02 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Mark Murray
2331d1600b Enable tcp_wrapper support by default. 1999-03-28 10:55:03 +00:00
Peter Wemm
9e5e26b31a MaxHeaderLines is now MaxHeadersLength (in bytes) 1999-02-07 09:48:52 +00:00
Peter Wemm
5e418b65f6 Support 'O MaxHeaderLines=' to override the default header count and line
length limits.  The configuration keyword is: confMAX_HEADER_LINES
1999-01-24 07:54:30 +00:00
Peter Wemm
3539ed8b65 Update for 8.9.2 (new file, control.c)
Also, turn on support for the MaxMimeHeaderLength option in sendmail.cf.
1999-01-12 12:47:54 +00:00
David E. O'Brien
2887f586f0 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:14 +00:00
Peter Wemm
22751f562c Connect up sendmail-8.9.1 1998-08-04 15:24:04 +00:00
Peter Wemm
82c2534fd0 Fold sendmail-8.8.2 changes into files that have been touched.
(^!&@$#&^! delete !!@^@^ trailing !@^&#$!& whitespace!!!)
1996-10-24 05:07:25 +00:00
Paul Traina
4b2e1057cf typo shmrsh -> smrsh 1996-04-22 20:30:09 +00:00
Paul Traina
0abdd9956c Enable proper installation of sendmail restricted shell smrsh(8).
This program is a wrapper for the prog mailer in sendmail.  It does shell
meta character masking and restricts the list of executables to those found
in /usr/libexec/sm.bin.

The default sendmail.cf file does not use this tool, however you can enable
it by either changing /bin/sh to /usr/libexec/smrsh or adding the line
FEATURE(smrsh) into your sendmail .mc file and rebuilding your .cf file.

For more info, RTFMP.
1996-04-21 19:48:07 +00:00
Peter Wemm
1cdee109d0 *GULP* cvs remove the uncomfortably large list of files that are no longer
part of sendmail 8.7.2...
1995-12-02 20:58:10 +00:00
Peter Wemm
03d7755c08 Re-disable the cf/cf SUBDIR - we were not building it before anyway.
The Makefile down there does not handle the obj dir well..
1995-12-02 18:36:12 +00:00
Peter Wemm
1f160589bb Import Sendmail-8.7.2 as discussed on -current.
The conflict merge will happen shortly after.
1995-12-02 17:30:23 +00:00
Peter Wemm
7791ac4067 Import Sendmail v8.6.12, onto the CSRG(!) branch.
A seperate commit to fix the conflicts wil follow.
1995-08-17 04:39:13 +00:00
Rodney W. Grimes
5ebc7e6281 Remove trailing whitespace. 1995-05-30 06:12:45 +00:00
Garrett Wollman
c16b583c3c Mark Murray's authdes.c for xntpd 1995-03-23 19:09:24 +00:00
Rodney W. Grimes
dea673e932 BSD 4.4 Lite usr.sbin Sources 1994-05-26 05:23:31 +00:00