Add a src.conf(5) option to allow users to compile in the "NONE cipher",
which, only after authentication, disables crypto, and only for sessions without a terminal. Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com) PR: bin/163095 MFC after: 10 days
This commit is contained in:
parent
4f22608e54
commit
e6a64a84ea
@ -38,6 +38,10 @@ DPADD+= ${LIBGSSAPI} ${LIBKRB5} ${LIBHX509} ${LIBASN1} ${LIBCOM_ERR} ${LIBMD} ${
|
||||
LDADD+= -lgssapi -lkrb5 -lhx509 -lasn1 -lcom_err -lmd -lroken
|
||||
.endif
|
||||
|
||||
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
|
||||
CFLAGS+= -DNONE_CIPHER_ENABLED
|
||||
.endif
|
||||
|
||||
NO_LINT=
|
||||
|
||||
DPADD+= ${LIBCRYPTO} ${LIBCRYPT}
|
||||
|
@ -25,6 +25,10 @@ DPADD+= ${LIBGSSAPI}
|
||||
LDADD+= -lgssapi
|
||||
.endif
|
||||
|
||||
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
|
||||
CFLAGS+= -DNONE_CIPHER_ENABLED
|
||||
.endif
|
||||
|
||||
DPADD+= ${LIBCRYPT} ${LIBCRYPTO}
|
||||
LDADD+= -lcrypt -lcrypto
|
||||
|
||||
|
@ -40,6 +40,10 @@ DPADD+= ${LIBGSSAPI_KRB5} ${LIBGSSAPI} ${LIBKRB5} ${LIBASN1}
|
||||
LDADD+= -lgssapi_krb5 -lgssapi -lkrb5 -lasn1
|
||||
.endif
|
||||
|
||||
.if ${MK_OPENSSH_NONE_CIPHER} != "no"
|
||||
CFLAGS+= -DNONE_CIPHER_ENABLED
|
||||
.endif
|
||||
|
||||
DPADD+= ${LIBCRYPTO} ${LIBCRYPT}
|
||||
LDADD+= -lcrypto -lcrypt
|
||||
|
||||
|
@ -360,6 +360,7 @@ __DEFAULT_NO_OPTIONS = \
|
||||
NMTREE \
|
||||
NAND \
|
||||
OFED \
|
||||
OPENSSH_NONE_CIPHER \
|
||||
SHARED_TOOLCHAIN
|
||||
|
||||
#
|
||||
|
9
tools/build/options/WITH_OPENSSH_NONE_CIPHER
Normal file
9
tools/build/options/WITH_OPENSSH_NONE_CIPHER
Normal file
@ -0,0 +1,9 @@
|
||||
.\" $FreeBSD$
|
||||
Set to include the "None" cipher support in OpenSSH and its libraries.
|
||||
Additional adjustments may need to be done to system configuration
|
||||
files, such as
|
||||
.Xr sshd_config 5 ,
|
||||
to enable this cipher.
|
||||
Please see
|
||||
.Pa /usr/src/crypto/openssh/README.hpn
|
||||
for full details.
|
Loading…
Reference in New Issue
Block a user