d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
54,720 Commits 6 Branches 133 Tags 2.6 GiB
428b4b5562
Commit Graph

258 Commits

Author SHA1 Message Date
Brian Feldman
94193b581b Update for OpenSSH 2.3.0. 2000-12-05 03:01:33 +00:00
Ruslan Ermilov
2b7f803bd3 Fixed a typo from the last commit. 
Submitted by:	Mike Heffner <mheffner@vt.edu>
 2000-11-15 07:45:23 +00:00
Kris Kennaway
326df993d7 Correct some fallout from the semi-automated way I updated the makefile. 
Submitted by:	roberto
 2000-11-14 22:12:02 +00:00
Brian Feldman
087815f8bc Disable /usr/bin/ssh being setuid root by default. Let the variable 
ENABLE_SUID_SSH being defined reenable it for those that want it.

This follows discussion favoring the change from September.  It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).

Submitted by:	jedgar
 2000-11-14 04:42:25 +00:00
Kris Kennaway
95200624a6 Update for OpenSSL 0.9.6 2000-11-13 02:21:38 +00:00
Gregory Neil Shapiro
85e427cc94 Fix up the build for the STARTTLS version of sendmail (again). This method 
mimics that of tcpdump in that for normal builds, sendmail will only be
built once.  For 'make release', it is built once for the bin dist and
once for the crypto dist.  This method also removes the need for two separate
Makefiles (which could become out of sync).

Suggested by: bde
Assisted by: kris
 2000-10-24 16:04:56 +00:00
Gregory Neil Shapiro
e11cbdb767 Do not override BINDIR settings from subdirectory Makefiles. 
Submitted by:	bde
 2000-10-13 16:57:03 +00:00
Gregory Neil Shapiro
1e503e9884 ../Makefile.inc was clobbering BINDIR so sendmail was being installed in 
/usr/sbin/ instead of /usr/libexec/sendmail/

Submitted by:	bde
 2000-10-13 16:51:05 +00:00
Gregory Neil Shapiro
c1f12b17ff Activate the 'secure' (TLS) version of sendmail if !NO_SENDMAIL && !NO_OPENSSL 2000-10-13 03:21:37 +00:00
Gregory Neil Shapiro
fa54144cce Given that sendmail's STARTTLS support requires OpenSSL and the bootstrap 
issues that brings, build the non-TLS version of sendmail in
src/usr.sbin/sendmail and the TLS version in src/secure/usr.sbin/sendmail.
This allows the TLS version to be part of the secure distribution when
building a release.
 2000-10-13 03:20:43 +00:00
Gregory Neil Shapiro
cec19acfbc Remove STARTTLS support as it breaks builds without crypto installed. 
Waiting to hear back regarding the best way to do this.
 2000-10-12 17:04:32 +00:00
Peter Wemm
0a69c17a48 With apoligies to Greg Shapiro, fix the world. The previous commit 
lost -lutil and -lwrap by replacing $LDADD and $DPADD rather than
appending to them with +=.
 2000-10-11 12:19:42 +00:00
Gregory Neil Shapiro
c6cc60252d Style fixes 2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
79c8873163 NOCRYPT imples NO_OPENSSL. 
Still need to solve the distribution problem.

Submitted by:	kris
 2000-10-11 03:35:32 +00:00
Gregory Neil Shapiro
0c2b976cf8 Build sendmail with STARTTLS support unless NO_OPENSSL is set. 2000-10-10 18:15:41 +00:00
Kris Kennaway
b5a1cc3a5c Overhaul of the build-time include file generation. Don't break in evp.h 
if bootstrapping from a system on which the openssl headers are not
already present.
 2000-09-17 06:45:27 +00:00
Gregory Neil Shapiro
cf1fec423a Give users a way to alter the sendmail (and related utilities) build 
environment so they can enable functionality such as SASL, LDAP, Hesiod.
 2000-09-17 00:41:33 +00:00
Kris Kennaway
65c9b74cc6 Only build sftp-server conditionally 2000-09-16 22:43:00 +00:00
Andrey A. Chernov
89cdeb294d Add sftp-server 2000-09-15 01:04:32 +00:00
Gregory Neil Shapiro
da69ece541 Allow users to add libraries for sendmail (e.g. Cyrus SASL) 
Obtained from:	Sergei Vyshenski <svysh@pn.sinp.msu.ru>
 2000-09-13 04:16:16 +00:00
Kris Kennaway
2f538dadf7 Update for OpenSSH 2.2.0 2000-09-10 09:43:29 +00:00
Kris Kennaway
690a362571 Nuke RSAREF support from orbit. 
It's the only way to be sure.
 2000-09-10 00:09:37 +00:00
Kris Kennaway
e1f99b045c ``Anyone is now free to rub two primes together for their own gratification'' 
-- Unknown

Now that the RSA algorithm is released into the public domain, build
librsaintl by default unless NO_RSAINTL is set in make.conf.

The native OpenSSL implementation of RSA is much faster, doesn't have
an artificial keysize limitation, has 30% fewer calories and tastes great!
 2000-09-06 23:46:50 +00:00
Kris Kennaway
939c32909c Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody 
was using this feature.
 2000-09-02 07:32:05 +00:00
Brian Feldman
dd62c1ebeb Make the temporary file _evp.h instead of evp.h to not conflict with 
the real evp.h.

Reported by:	markm
 2000-08-24 19:06:55 +00:00
Andrey A. Chernov
0305cfcec6 Add missing quotes around xauth path 2000-08-23 19:14:48 +00:00
Brian Feldman
4eb207a1ae Generate a new evp.h at build-time instead of install-time to properly 
support NFS(ro) installworlds.
 2000-08-23 11:41:01 +00:00
Kris Kennaway
4d858ef441 Respect X11BASE to derive the location of xauth(1) 
PR:		17818
Submitted by:	Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
 2000-08-23 09:39:20 +00:00
Brian Feldman
04c9749ff0 Add working and easy crypt(3)-switching. Yes, we need a whole new API 
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
 2000-08-22 02:15:54 +00:00
Gregory Neil Shapiro
d0b3252609 Turn on support for IPv6 2000-08-14 02:36:29 +00:00
Gregory Neil Shapiro
478c940682 Get rid of the /etc/aliases -> /etc/mail/aliases hack. /etc/mail/aliases 
now exists in the distribution.
 2000-08-13 08:36:40 +00:00
Gregory Neil Shapiro
88c75941e6 The rest of the changes needed to support the new version of sendmail (8.11.0). 
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
 2000-08-12 22:39:25 +00:00
Brian Feldman
314844b39a Unbreak the OpenSSL headers for those of us who don't/can't use IDEA by 
getting rid of the check for NO_IDEA (in evp.h) completely if it's
installed without MAKE_IDEA=YES.
 2000-08-04 04:25:59 +00:00
Kris Kennaway
283cfe50ae Install the openssl(1) manpage with an MLINK from ssl(8) to at least put 
something in the location where OpenSSH likes to point.
 2000-08-03 05:29:04 +00:00
Kris Kennaway
b682213c87 Don't build sshd if NO_OPENSSL defined. 
Submitted by:	stephen@math.missouri.edu
 2000-07-30 22:25:54 +00:00
Kris Kennaway
abe829c0e3 Don't build crypto-enabled telnetd if NO_OPENSSL is defined, since it 
attempts to link against libcrypto.
 2000-07-25 01:11:17 +00:00
Mark Murray
1200a0a6e4 WITH_IDEA --> MAKE_IDEA fix. 2000-07-16 12:20:28 +00:00
Peter Wemm
ecece7e319 Add missing $FreeBSD$ to files that are NOT still on vendor a branch. 2000-07-16 05:48:49 +00:00
Peter Wemm
97e8e70bd1 Be consistant about WITH_ vs MAKE_ flags. We have a precedent of using 
MAKE_foo for things like MAKE_KERBEROS etc.  Use that.  I managed to
confuse myself last time and made make.conf different to the code. ;-(

Reported by:  Jun Kuriyama <kuriyama@FreeBSD.org>
 2000-07-14 09:18:21 +00:00
Peter Wemm
8e7cbb3c91 Argh. Cut/paste transcription error. Fix syntax of previous commit. 2000-07-03 06:26:30 +00:00
Peter Wemm
86c9b3ab20 USA_RESIDENT is forced to YES or NO at the start of Makefile.inc1 
Use that to be the final arbiter of whether or not to build the
librsaintl.so plugin for openssl/openssh.  Add a magic WANT_RSAINTL flag
to force building even if USA_RESIDENT=YES.
 2000-07-03 06:24:23 +00:00
Mark Murray
ce09ad5098 MFI. This is a documentation-only, diffreducing patch, that if 
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
 2000-06-24 06:50:58 +00:00
Kris Kennaway
957dc12dec Link explicitly against -lmd. I'm not sure what was pulling this in 
on -current, but it doesnt do it on -stable.
 2000-06-11 05:30:52 +00:00
Kris Kennaway
d52b295063 Add a new file to SRCS 2000-06-03 10:04:31 +00:00
David E. O'Brien
14a8a54168 /dev/urandom is the default random device, so no use in stateing it here. 
Also simplify the conditionals a little.
 2000-05-15 23:29:03 +00:00
David E. O'Brien
f254f0ac49 This version is slightly better than rev 1.10. There are still missing 
dependencies for openssl/*.h.  I cannot reproduce any critical race
conditions with this revision.
 2000-05-15 17:28:06 +00:00
David E. O'Brien
f80c5c4a34 Use unadorned `mkdir -p', removing the "test ... ||". 
There are sometimes problems with "&&" and "||" in the `make -j' case, as
it appears multiple processes may process parts of the execution line.
 2000-05-15 16:52:57 +00:00
Kris Kennaway
4fc9354419 Update for OpenSSH 2.1 2000-05-15 05:26:50 +00:00
Kris Kennaway
0ae5a27cf8 Use the C locale for running date(1). 
Submitted by:	ache
 2000-04-20 07:26:46 +00:00
Kris Kennaway
9ccbd450e8 Update for OpenSSL 0.9.5a and clean up a bit. 2000-04-13 07:37:35 +00:00