peter
117ae0dab3
Merge into a single US-exportable libcrypt, which only provides
...
one-way hash functions for authentication purposes. There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before. If this is
not called, it tries to heuristically figure out the hash format, and
if all else fails, it uses the optional auth.conf entry to chose the
overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
having the source it in some countries, so preserve the "secure/*"
division. You can still build a des-free libcrypt library if you want
to badly enough. This should not be a problem in the US or exporting
from the US as freebsd.org had notified BXA some time ago. That makes
this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5. This
is to try and minimize POLA across buildworld where folk may suddenly
be activating des-crypt()-hash support. Since the des hash may not
always be present, it seemed sensible to make the stronger md5 algorithm
the default.
All things being equal, no functionality is lost.
Reviewed-by: jkh
(flame-proof suit on)
2000-12-28 10:32:02 +00:00
green
41efee08a3
Update for OpenSSH 2.3.0.
2000-12-05 03:01:33 +00:00
ru
c1f9fd4116
Fixed a typo from the last commit.
...
Submitted by: Mike Heffner <mheffner@vt.edu>
2000-11-15 07:45:23 +00:00
kris
1bb5251fa5
Correct some fallout from the semi-automated way I updated the makefile.
...
Submitted by: roberto
2000-11-14 22:12:02 +00:00
green
dd707cf4f4
Disable /usr/bin/ssh being setuid root by default. Let the variable
...
ENABLE_SUID_SSH being defined reenable it for those that want it.
This follows discussion favoring the change from September. It
is not usually necessary to be setuid root, possibly less safe,
and less convenient (cannot use $HOSTALIASES, for example).
Submitted by: jedgar
2000-11-14 04:42:25 +00:00
kris
1925c689bb
Update for OpenSSL 0.9.6
2000-11-13 02:21:38 +00:00
gshapiro
a98dcfa204
Fix up the build for the STARTTLS version of sendmail (again). This method
...
mimics that of tcpdump in that for normal builds, sendmail will only be
built once. For 'make release', it is built once for the bin dist and
once for the crypto dist. This method also removes the need for two separate
Makefiles (which could become out of sync).
Suggested by: bde
Assisted by: kris
2000-10-24 16:04:56 +00:00
gshapiro
a76b72fb58
Do not override BINDIR settings from subdirectory Makefiles.
...
Submitted by: bde
2000-10-13 16:57:03 +00:00
gshapiro
dd28ff57d0
../Makefile.inc was clobbering BINDIR so sendmail was being installed in
...
/usr/sbin/ instead of /usr/libexec/sendmail/
Submitted by: bde
2000-10-13 16:51:05 +00:00
gshapiro
6b50bced2c
Activate the 'secure' (TLS) version of sendmail if !NO_SENDMAIL && !NO_OPENSSL
2000-10-13 03:21:37 +00:00
gshapiro
c87c01266a
Given that sendmail's STARTTLS support requires OpenSSL and the bootstrap
...
issues that brings, build the non-TLS version of sendmail in
src/usr.sbin/sendmail and the TLS version in src/secure/usr.sbin/sendmail.
This allows the TLS version to be part of the secure distribution when
building a release.
2000-10-13 03:20:43 +00:00
gshapiro
9feaadf365
Remove STARTTLS support as it breaks builds without crypto installed.
...
Waiting to hear back regarding the best way to do this.
2000-10-12 17:04:32 +00:00
peter
fcb6e94f11
With apoligies to Greg Shapiro, fix the world. The previous commit
...
lost -lutil and -lwrap by replacing $LDADD and $DPADD rather than
appending to them with +=.
2000-10-11 12:19:42 +00:00
gshapiro
e0b2de2c8f
Style fixes
2000-10-11 05:04:21 +00:00
gshapiro
e5336b1b20
NOCRYPT imples NO_OPENSSL.
...
Still need to solve the distribution problem.
Submitted by: kris
2000-10-11 03:35:32 +00:00
gshapiro
a8f95eb1e9
Build sendmail with STARTTLS support unless NO_OPENSSL is set.
2000-10-10 18:15:41 +00:00
kris
e785331769
Overhaul of the build-time include file generation. Don't break in evp.h
...
if bootstrapping from a system on which the openssl headers are not
already present.
2000-09-17 06:45:27 +00:00
gshapiro
1f7ac54fbd
Give users a way to alter the sendmail (and related utilities) build
...
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
kris
8d2aad5ae9
Only build sftp-server conditionally
2000-09-16 22:43:00 +00:00
ache
ec0b442175
Add sftp-server
2000-09-15 01:04:32 +00:00
gshapiro
07746c099a
Allow users to add libraries for sendmail (e.g. Cyrus SASL)
...
Obtained from: Sergei Vyshenski <svysh@pn.sinp.msu.ru>
2000-09-13 04:16:16 +00:00
kris
f9e92409b4
Update for OpenSSH 2.2.0
2000-09-10 09:43:29 +00:00
kris
e4a753d311
Nuke RSAREF support from orbit.
...
It's the only way to be sure.
2000-09-10 00:09:37 +00:00
kris
28c07215c2
``Anyone is now free to rub two primes together for their own gratification''
...
-- Unknown
Now that the RSA algorithm is released into the public domain, build
librsaintl by default unless NO_RSAINTL is set in make.conf.
The native OpenSSL implementation of RSA is much faster, doesn't have
an artificial keysize limitation, has 30% fewer calories and tastes great!
2000-09-06 23:46:50 +00:00
kris
868b20c6a8
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
...
was using this feature.
2000-09-02 07:32:05 +00:00
green
37ca913ab7
Make the temporary file _evp.h instead of evp.h to not conflict with
...
the real evp.h.
Reported by: markm
2000-08-24 19:06:55 +00:00
ache
c0ebc50c76
Add missing quotes around xauth path
2000-08-23 19:14:48 +00:00
green
3226a5dc26
Generate a new evp.h at build-time instead of install-time to properly
...
support NFS(ro) installworlds.
2000-08-23 11:41:01 +00:00
kris
aba57a02e8
Respect X11BASE to derive the location of xauth(1)
...
PR: 17818
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-08-23 09:39:20 +00:00
green
67c40ef892
Add working and easy crypt(3)-switching. Yes, we need a whole new API
...
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
2000-08-22 02:15:54 +00:00
gshapiro
34bd54827a
Turn on support for IPv6
2000-08-14 02:36:29 +00:00
gshapiro
eec2af9031
Get rid of the /etc/aliases -> /etc/mail/aliases hack. /etc/mail/aliases
...
now exists in the distribution.
2000-08-13 08:36:40 +00:00
gshapiro
002ef51d6e
The rest of the changes needed to support the new version of sendmail (8.11.0).
...
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
green
11f08cadc6
Unbreak the OpenSSL headers for those of us who don't/can't use IDEA by
...
getting rid of the check for NO_IDEA (in evp.h) completely if it's
installed without MAKE_IDEA=YES.
2000-08-04 04:25:59 +00:00
kris
509680f8f3
Install the openssl(1) manpage with an MLINK from ssl(8) to at least put
...
something in the location where OpenSSH likes to point.
2000-08-03 05:29:04 +00:00
kris
b6b7791276
Don't build sshd if NO_OPENSSL defined.
...
Submitted by: stephen@math.missouri.edu
2000-07-30 22:25:54 +00:00
kris
9cf81bab1e
Don't build crypto-enabled telnetd if NO_OPENSSL is defined, since it
...
attempts to link against libcrypto.
2000-07-25 01:11:17 +00:00
markm
1840dc9bdf
WITH_IDEA --> MAKE_IDEA fix.
2000-07-16 12:20:28 +00:00
peter
e2062d0bd5
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
2000-07-16 05:48:49 +00:00
peter
b9b09beff7
Be consistant about WITH_ vs MAKE_ flags. We have a precedent of using
...
MAKE_foo for things like MAKE_KERBEROS etc. Use that. I managed to
confuse myself last time and made make.conf different to the code. ;-(
Reported by: Jun Kuriyama <kuriyama@FreeBSD.org>
2000-07-14 09:18:21 +00:00
peter
07b679d7be
Argh. Cut/paste transcription error. Fix syntax of previous commit.
2000-07-03 06:26:30 +00:00
peter
5e51a5bb2d
USA_RESIDENT is forced to YES or NO at the start of Makefile.inc1
...
Use that to be the final arbiter of whether or not to build the
librsaintl.so plugin for openssl/openssh. Add a magic WANT_RSAINTL flag
to force building even if USA_RESIDENT=YES.
2000-07-03 06:24:23 +00:00
markm
2fe0472e39
MFI. This is a documentation-only, diffreducing patch, that if
...
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
kris
4b9e219ff8
Link explicitly against -lmd. I'm not sure what was pulling this in
...
on -current, but it doesnt do it on -stable.
2000-06-11 05:30:52 +00:00
kris
de18291bd3
Add a new file to SRCS
2000-06-03 10:04:31 +00:00
obrien
b448bd5eed
/dev/urandom is the default random device, so no use in stateing it here.
...
Also simplify the conditionals a little.
2000-05-15 23:29:03 +00:00
obrien
56b2127f5c
This version is slightly better than rev 1.10. There are still missing
...
dependencies for openssl/*.h. I cannot reproduce any critical race
conditions with this revision.
2000-05-15 17:28:06 +00:00
obrien
20bcb4fdbc
Use unadorned `mkdir -p', removing the "test ... ||".
...
There are sometimes problems with "&&" and "||" in the `make -j' case, as
it appears multiple processes may process parts of the execution line.
2000-05-15 16:52:57 +00:00
kris
45c7889547
Update for OpenSSH 2.1
2000-05-15 05:26:50 +00:00
kris
922c39a5a6
Use the C locale for running date(1).
...
Submitted by: ache
2000-04-20 07:26:46 +00:00
kris
ec2fce6561
Update for OpenSSL 0.9.5a and clean up a bit.
2000-04-13 07:37:35 +00:00
kris
4e4529727e
Update for OpenSSL 0.9.5a and clean up a bit.
...
Take responsibility for this makefile again :-)
2000-04-13 07:37:26 +00:00
obrien
bbbb5181e6
* Fix dependancies so that ``make depend'' is not required.
...
* Some style fixes
Approved by: kris
2000-04-11 09:27:24 +00:00
obrien
e872f9007a
* Fix dependancies so that ``make depend'' is not required.
...
* Some style fixes
Approved by: kris
2000-04-11 08:28:47 +00:00
kris
4d1e096b22
Add libcrypto to LDADD. This fixes problems seen with e.g. apache-modssl
...
Submitted by: Jim Bloom <bloom@acm.org>
2000-04-04 07:31:01 +00:00
kris
2325c37f86
Missed a fix for the new openssh; this fixes make world.
2000-03-26 21:17:11 +00:00
kris
f2ad2382fd
Update for latest OpenSSH
2000-03-26 07:54:12 +00:00
kris
0d170b1596
Add a new function stub to libcrypto() which resolves to a symbol in
...
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.
This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'
This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
markm
eeb8008dd3
Make LOGIN_CAP work properly.
...
Submitted by: ache
2000-03-09 14:54:00 +00:00
kris
0d1f47825b
Buildworld fixes for NO_OPENSSH and NO_OPENSSL
...
Approved by: jkh
2000-03-09 06:29:05 +00:00
kris
c56608d1a8
Build a shared library too - ports expect it.
...
Reviewed by: peter
Approved by: jkh
2000-03-07 20:55:55 +00:00
peter
edd585d0c1
Merge from internat.freebsd.org; cleanup stray rsaref glue code reference
2000-03-05 14:20:57 +00:00
jhay
9e73fea413
MFI: Make ssh and sshd link in the krb5 part of make release.
...
Reviewed by: markm
2000-03-03 20:34:05 +00:00
kris
1064439c50
Resurrect the old libdes manpages (after a repo copy) until we have better
...
ones.
2000-03-02 06:06:35 +00:00
peter
c01fb7a6e5
Merge from internat.freebsd.org: add libcrypto to librsaUSA's symbol search
...
path so that ERR_load_strings() is found in certain circumstances
involving dlopen(). eg: main program dlopened foo.so which is linked
against libcrypto. If libcrypto then dlopens librsaUSA.so, then it's
search path doens't find libcrypto (!). One "fix" is to force
modules (eg main opening foo.so) to use the RTLD_GLOBAL flag, the other
is to explicitly declare dependencies (as done here).
2000-03-02 05:22:46 +00:00
markm
13286e4af4
MFI: stupid typo of mine.
2000-02-29 09:56:11 +00:00
kris
fb49122cc2
Add NODESCRYPTLINKS knob to prevent spamming of libcrypt -> libscrypt
...
symlinks. The name is against my better judgement, but I defer to ancient
tradition here because I'm a nice guy.
Reviewed by: -current
2000-02-29 05:47:52 +00:00
markm
b401a071dd
New distribution names.
2000-02-28 19:25:34 +00:00
markm
3750b037a1
New distribution name.
2000-02-28 19:24:33 +00:00
peter
58c2a78aa2
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
peter
3e7de8aad5
Merge from internat.freebsd.org; deal with -DRSAref the same way as
...
libcrypto - not that it means much on the US code tree.
2000-02-25 14:15:31 +00:00
peter
2649bf3728
Merge from internat.freebsd.org; make RSAREF=YES work correctly, although
...
this is not very useful as the US repo is missing bits.
2000-02-25 14:08:35 +00:00
peter
9f02798cbf
Create a stub libRSAglue for bsd.port.mk's sake
2000-02-25 09:47:17 +00:00
peter
47e3d89f30
Don't pull in libRSAglue for the rsaref case. Since this is linked
...
dynamically by default, we use the dlopen() calls to load librsaref.so
on US code trees.
2000-02-25 08:21:35 +00:00
peter
fe21c9e7b5
Fold libRSAglue into libcrypto so we don't have to special-case
...
all the builds. There is still no actual RSA implementation code
in libcrypto or src/* on US code trees.
2000-02-25 08:18:43 +00:00
peter
153f059ef0
Sync with internat; delete a trailing space
2000-02-25 05:35:37 +00:00
markm
60d4791e24
Remove port components not needed in 4.n+
...
Submitted by: Half the freaking planet....
2000-02-24 22:39:24 +00:00
markm
7ba9efa321
libdes is OBE
2000-02-24 19:08:24 +00:00
markm
ef025b40ab
Build everything properly. This means:
...
o Don't b uild libdes.
o Crypto is now housed in libcrypto (with a compatability symlink to
libdes)
o RSA may depend on RSAREF at your locale.
o OpenSSH is now a part of the base system.
2000-02-24 18:59:34 +00:00
markm
e2eb488588
Add the OpenSSH userland-building Makefiles.
2000-02-24 17:00:55 +00:00
markm
fd6da7cf96
Freefall/Internat diff reducer.
2000-02-24 10:37:29 +00:00
markm
6f148d13ec
Freefall/Internat diff reducer.
2000-02-24 10:21:56 +00:00
markm
3b9684411f
Freefall/Internat diff reducer.
2000-02-24 10:06:57 +00:00
markm
95d086535d
Diff reducer. Comes from Internat.
2000-02-24 09:52:37 +00:00
markm
785e71a1db
Remove useless whitespace.
...
Part of big commit OK'ed by: JKH
2000-02-24 09:48:58 +00:00
kris
85bfffb077
Back out the previous commit - it broke world and was not approved.
...
I don't know what I was thinking committing without approval - sorry.
2000-02-14 08:09:52 +00:00
kris
f7d8edf2df
Link dynamically, not statically.
2000-02-13 00:53:12 +00:00
kris
e47db973e2
Add NO_OPENSSL knob to turn off building of openssl
...
Requested by: wollman
2000-01-30 04:12:49 +00:00
kris
4a0df206ce
Add NO_OPENSSL knob to turn off building of openssl
...
Requested by: wollman
2000-01-30 04:11:37 +00:00
shin
ce15efb7c0
another tcp apps IPv6 updates.(should be make world safe)
...
ftp, telnet, ftpd, faithd
also telnet related sync with crypto, secure, kerberosIV
Obtained from: KAME project
2000-01-27 09:28:38 +00:00
kris
6dea110be6
Don't search for libraries in ${LOCALBASE}. This should fix the problems
...
people were seeing with conflicts with the openssl port.
2000-01-20 07:29:01 +00:00
kris
720968f83d
Activate librsaglue
2000-01-20 07:27:49 +00:00
kris
c14f52207d
Move the rsaref gunk to libRSAglue where ports expect it.
2000-01-20 07:27:38 +00:00
kris
3698c50454
Build infrastructure for libRSAglue, required for compatability with
...
ports even though it doesn't seem to do anything which requires it
to be separate from libcrypto.
2000-01-20 07:24:40 +00:00
kris
fb35998cf9
The wrong version of the file was committed previously which explains the
...
problems seen here.
2000-01-16 21:00:06 +00:00
kris
c4ff3eee89
Turn back on openssl building.
2000-01-16 05:25:26 +00:00
kris
dc0cb3b9c0
Turn back on libcrypto and libssl building.
2000-01-16 05:24:47 +00:00
kris
e34db3169c
*** empty log message ***
2000-01-16 05:19:27 +00:00
kris
980132129f
Add MAINTAINER tag so people don't feel the need to randomly frob with this.
2000-01-16 02:20:03 +00:00
green
3404ef4464
We cannot have libcrypto, and therefore OpenSSL at all, without RSA.
...
If you need examples of breakage, I'm ready to provide more than a
few.
2000-01-15 18:02:10 +00:00
kris
e64b093666
Connect OpenSSL to the build.
2000-01-14 08:01:51 +00:00
kris
fdd71b0f8f
Build infrastructure for OpenSSL
2000-01-14 05:49:29 +00:00
kris
07fe4126ec
Really really remove SHA-1 support.
2000-01-09 21:22:48 +00:00
markm
21fa5046a3
Routines needed by new kerberos.
2000-01-09 10:09:40 +00:00
jkh
5c1350ecfe
Remove the SHA stuff properly.
2000-01-08 03:01:13 +00:00
peter
37d997842b
Since /etc/sendmail.cf got moved to /etc/mail/sendmail.cf, a 'make world'
...
would leave you with a broken sendmail and local mail loss.
This evil hack moves sendmail.cf from the old location to the new one (if
required) at install time.
1999-12-29 18:56:55 +00:00
peter
fa91ef53d7
Install sendmail in it's new location.
1999-12-29 18:40:56 +00:00
markm
3a481b8c57
RIP xntpd.
1999-12-22 19:15:02 +00:00
peter
d82c29ef6e
I missed the LDADD/DPADD for -lmd in the secure cases. :-(
...
Pointed out by: marcel
1999-12-19 16:50:33 +00:00
peter
bf11704e75
Revert -lmd changes now that libcrypt doesn't expose this binutils/ld
...
bug any more.
1999-12-18 16:42:33 +00:00
marcel
539b0dd3ef
Add libmd to DPADD and LDADD.
1999-12-17 11:45:28 +00:00
markm
ca616e7d07
Dont build telenet if we are going for kerberised telnet; this just
...
jumps all over kerberised telnet otherwise.
1999-10-12 19:48:05 +00:00
markm
e22fcdae42
Make telnet with SRA work.
...
Submitted by: Nick Sayer
1999-10-07 19:47:09 +00:00
markm
227027e997
Colour me stupid. This is a better way of using the macros.
1999-09-21 22:13:07 +00:00
markm
6274ea174b
Do this the same way as Internat to reduce diffs.
1999-09-21 17:57:09 +00:00
dt
ef28ba9c14
Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
...
Revert the major number back to 2.
libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
1999-09-21 17:52:05 +00:00
peter
ba51272c69
Restore SONAME setting, otherwise libdescrypt.so.3 doesn't end up with
...
a special SONAME of libcrypt.so.3 and the runtime symlink doesn't work.
1999-09-21 14:47:36 +00:00
markm
351e996436
Make this completely dependant on the exportable libcrypt, to avoid
...
duplication of effort. Also a large cleanup of the code, inspired
by Brandon Gillespie.
1999-09-20 12:40:06 +00:00
markm
9f3127941e
libdes is bmaked and built from src/crypto/... now.
1999-09-19 18:49:58 +00:00
markm
69cafd82fe
This commit was generated by cvs2svn to compensate for changes in r50894,
...
which included commits to RCS files with non-trunk default branches.
1999-09-04 12:45:43 +00:00
markm
e095a266c2
Vendor import EAY's LIBSSL to fix comments, etc.
1999-09-04 12:45:43 +00:00
markm
1a22a0acb5
Drat. Import this into the right place. Pass me the pointy hat.
1999-09-01 19:59:25 +00:00
markm
3083434d3d
This commit was generated by cvs2svn to compensate for changes in r50760,
...
which included commits to RCS files with non-trunk default branches.
1999-09-01 19:59:25 +00:00
peter
c81dbb3c98
$Header$ -> $FreeBSD$
1999-08-28 05:11:36 +00:00
peter
efabb9ccb1
$Id$ -> $FreeBSD$
1999-08-28 01:35:59 +00:00
markm
a5725ec4c6
Claim ownership
1999-08-17 13:39:28 +00:00
mpp
88125b8f60
Various man page cleanup:
...
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.
1999-08-15 10:01:15 +00:00
kris
ea91b6aa9b
Typo in comment.
1999-04-25 13:14:36 +00:00
markm
76ab29871c
Enable tcp_wrapper support by default.
1999-03-28 10:55:03 +00:00
peter
82ea36d410
MaxHeaderLines is now MaxHeadersLength (in bytes)
1999-02-07 09:48:52 +00:00
peter
29bfcbeb8a
Support 'O MaxHeaderLines=' to override the default header count and line
...
length limits. The configuration keyword is: confMAX_HEADER_LINES
1999-01-24 07:54:30 +00:00
markm
b8535c2b1b
Fix symlinking. Without the -f "force" option, the wrong version
...
can be found.
Submitted by: Bruce
1999-01-24 07:51:33 +00:00
markm
41b93516e8
The new crypt code breaks "make world". Back it out.
1999-01-23 08:26:11 +00:00
brandon
b4d96f03d3
Removed from the secure/lib/libcrypt area, because of the rewrite to how
...
the Makefile handles des support by just including the single .c file.
Reviewed by: Mark Murray
1999-01-21 13:51:49 +00:00
peter
893c597778
Update for 8.9.2 (new file, control.c)
...
Also, turn on support for the MaxMimeHeaderLength option in sendmail.cf.
1999-01-12 12:47:54 +00:00
obrien
0337d32241
Remove useless `BINOWN=root' now that it is the default.
1998-09-19 22:42:14 +00:00
jb
fb46650fbf
BINFORMAT -> OBJFORMAT ready for E-day. Untested 'cause I'm outside
...
the US and not allowed to see this. I kept my eyes closed. 8-)
1998-08-31 00:35:10 +00:00
peter
08eeb8ebf0
Connect up sendmail-8.9.1
1998-08-04 15:24:04 +00:00
markm
ad57db7eef
Staticise a variable.
...
PR: 4722
Submitted by: Karl Denninger
1997-10-08 07:02:48 +00:00
jkh
418d0a6a92
Changes to support full make parallelism (-j<n>) in the world
...
target.
Reviewed by: <many different folks>
Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
1997-10-05 09:40:24 +00:00
peter
088ca8113e
Teach libdescrypt about elf builds.
1997-09-05 12:21:22 +00:00
peter
4968036f61
Revert $FreeBSD$ to $Id$
1997-02-22 14:40:44 +00:00
jkh
808a36ef65
Make the long-awaited change from $Id$ to $FreeBSD$
...
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wosch
71f5160702
Sort cross references.
1997-01-13 00:25:51 +00:00
markm
524bda369e
Secure telnet is now in eBones.
1996-11-07 14:42:57 +00:00
markm
fc40bcb55d
Remove references to TELNET*.
1996-11-07 14:41:20 +00:00
peter
c927066f54
Fold sendmail-8.8.2 changes into files that have been touched.
...
(^!&@$#&^! delete !!@^@^ trailing !@^&#$!& whitespace!!!)
1996-10-24 05:07:25 +00:00
peter
31060e30d7
cmp -s || install -c --> install -C
1996-08-30 04:07:04 +00:00
peter
7e745e3e6f
Same as non-secure telnetd, add support for ``-P altlogin'' to specify
...
an alternate /usr/bin/login type program to be run.
1996-08-13 07:53:54 +00:00
markm
1070b2b72f
Next version from the author - from SSLeay.0.6.3
1996-08-10 17:19:16 +00:00
markm
cdfd2e2ba7
This commit was generated by cvs2svn to compensate for changes in r17497,
...
which included commits to RCS files with non-trunk default branches.
1996-08-10 17:19:16 +00:00
markm
ef4c4e0df7
Some breakeages sneaked in. This fixes them.
...
(this relates to a name change in a library that was not properly backed
up by the author)
Reported by: too mant :-(
1996-07-30 21:09:48 +00:00
markm
ff1df96f3b
Merge, remove rubbish and bump the MAJOR.MINOR to 3.0
1996-07-29 18:01:42 +00:00
markm
9b57620710
Rats. Just when a piece of code is nice and stable, the author has to
...
release an upgrade.
1996-07-29 17:54:40 +00:00
markm
342f431b66
This commit was generated by cvs2svn to compensate for changes in r17330,
...
which included commits to RCS files with non-trunk default branches.
1996-07-29 17:54:40 +00:00
markm
fe9c66faf4
Mrege conflicts etc.
1996-07-28 08:23:19 +00:00
markm
5313ba6bbe
Latest libdes from Eric Young. Mainly code beautification.
1996-07-28 08:18:06 +00:00
markm
ac895ecc7b
This commit was generated by cvs2svn to compensate for changes in r17315,
...
which included commits to RCS files with non-trunk default branches.
1996-07-28 08:18:06 +00:00
jkh
5903193fb7
Add necessary item to CLEANFILES
1996-07-27 22:16:19 +00:00
jkh
8eb37231d4
Bring in my changes for removing the pestilent obj links (unless you
...
really want them) from /usr/src. This is the final version of the
patches, incorporating the feedback I've received from -current.
1996-06-24 04:26:21 +00:00
nate
87afb7f371
Bring in a change that got lost when we spammed over the CVS repository
...
to fix the mega-commits spamming.
pst 96/05/29 20:09:25
Modified: secure/usr.bin/telnet Makefile main.c
Log:
Remove obsolete SOCKSv4 support
Submitted by: pst
Obtained from: A mirrored CVS repository that will disappear next SUP
1996-06-05 22:48:04 +00:00
ache
573902ba60
Localize time
1996-05-07 19:05:10 +00:00
markm
c489d65b82
Add extra targets a' la' eBones/Makefile for release/Makefile.
...
(bootstrap etc)
1996-05-04 08:32:07 +00:00
markm
d2848b10f6
Add randomness from /dev/random if it is available.
1996-05-04 07:25:54 +00:00
pst
d73d5ee489
Add support for socks
1996-04-23 05:18:43 +00:00
pst
ce274bb1f0
typo shmrsh -> smrsh
1996-04-22 20:30:09 +00:00
pst
6ba3b3888d
Enable proper installation of sendmail restricted shell smrsh(8).
...
This program is a wrapper for the prog mailer in sendmail. It does shell
meta character masking and restricts the list of executables to those found
in /usr/libexec/sm.bin.
The default sendmail.cf file does not use this tool, however you can enable
it by either changing /bin/sh to /usr/libexec/smrsh or adding the line
FEATURE(smrsh) into your sendmail .mc file and rebuilding your .cf file.
For more info, RTFMP.
1996-04-21 19:48:07 +00:00
markm
71735d6644
Split libcrypt and libcipher man pages.
1996-04-13 08:18:24 +00:00
markm
4d98cdc072
Split the libcrypt and libcipher man pages.
1996-04-13 08:03:24 +00:00
mpp
217959f2b8
Install crypt.3 so that libcipher will install if /usr/share/man
...
has been blown away. Previously it depended on an existing
crypt.3 to be present for the man page links to install properly.
1996-04-09 17:20:33 +00:00
markm
73546c6080
Comment out the NOPROFILE=yes to make this orthogonal with the rest of our
...
libs.
1996-03-17 15:43:32 +00:00
markm
135587ee97
Big clean-up job. Remove ancient and never-to-be used stuff.
...
The look much more like BSD Makefiles now.
1996-03-11 16:17:58 +00:00
markm
164d339617
Fix typo #ifdef -> .if defined().
...
Tidy uo this file a bit.
1996-03-11 06:22:50 +00:00
markm
93e818aea7
Fix typo - -des -> -ldes
1996-03-10 21:15:00 +00:00
ache
fd4a236df2
Sense MAKE_EBONES, DESTDIR
...
SRCS, DPADD cleanup
1996-03-09 13:39:00 +00:00
ache
14fe133184
Sense MAKE_EBONES, DESTDIR
...
SRCS cleanup
DPADD cleanup
1996-03-09 13:36:34 +00:00
ache
beb2bbfb7a
Sense MAKE_EBONES, DESTDIR
...
SRCS cleanup
DPADD cleanup
1996-03-09 13:26:21 +00:00
jkh
10255f12e4
Add back missing crypt.3 man page.
1996-02-21 08:15:08 +00:00
mpp
0796408d4a
Another round of man page cleanups.
...
Down to only about 100 items left to cleanup! :-)
1996-02-12 04:57:03 +00:00
markm
a329e20c69
Add the new libdes to the build
1996-02-11 08:46:59 +00:00
markm
463582428c
Rats. Forgot to `cvs add' this.
1996-02-10 23:49:27 +00:00
markm
1f82e254e3
iImport a FreeBSD Makefile, BSD-ise the header and correct a typo. As the
...
interface has changed a bit (there are more rentry points), the
shared library has been bumped to libdes.so.2.1.
1996-02-10 15:54:48 +00:00
markm
ac42567227
This is the long-awaited new DES library. Over the next couple of days
...
will be properly built into the system.
1996-02-10 15:32:26 +00:00
markm
654d720840
This commit was generated by cvs2svn to compensate for changes in r14009,
...
which included commits to RCS files with non-trunk default branches.
1996-02-10 15:32:26 +00:00
mpp
6e83fbce86
Correct some manual page cross reference errors. E.g. su is a section
...
one man page, not section eight. This is the first round of such changes
and only fixes man pages in manual section one.
1996-02-02 00:26:12 +00:00
peter
c3f352d4ad
This commit was generated by cvs2svn to compensate for changes in r13122,
...
which included commits to RCS files with non-trunk default branches.
1995-12-30 19:02:48 +00:00
peter
ab124e78b0
recording cvs-1.6 file death
1995-12-30 19:02:48 +00:00
ache
2c2755e311
Pick correct library dir whenever obj exists or not
1995-12-21 17:57:16 +00:00
markm
923a80ce6b
Dual personality crypt(3). This crypt will choose its encryption algorithm
...
(DES or MD5) based on the type of salt used. Salt beginning with "$1$"
indicates MD5.
1995-12-16 09:14:12 +00:00
peter
1686d8abf9
*GULP* cvs remove the uncomfortably large list of files that are no longer
...
part of sendmail 8.7.2...
1995-12-02 20:58:10 +00:00
peter
c860a459a3
Re-disable the cf/cf SUBDIR - we were not building it before anyway.
...
The Makefile down there does not handle the obj dir well..
1995-12-02 18:36:12 +00:00
peter
cd51f07d81
Import Sendmail-8.7.2 as discussed on -current.
...
The conflict merge will happen shortly after.
1995-12-02 17:30:23 +00:00
ache
b3c2c5a150
Remove LD_NOSTD_PATH unsetenv, it isn't exist anymore
1995-10-24 06:52:36 +00:00
ache
ad266c215d
Fix original patch error with ! before strncmp
...
Zap only needed LD_* variables
1995-10-20 22:17:35 +00:00
ache
c0765b5449
Don't allow LD_* env. variables to be tricked
...
Submitted by: Sam Hartman <hartmans@mit.edu>
1995-10-20 17:16:58 +00:00
gibbs
651cbee0db
Remove MAKE_EBONES conditionals. They were originally placed here because
...
of missing functionality in our libkrb which is no longer a problem.
1995-10-11 00:04:09 +00:00
ache
c0bde4017e
Remove duplicated targets which now build from main tree
...
if available and allowed
1995-09-29 20:23:09 +00:00
gibbs
8d7d06f373
Add TELNETOBJDIR and CRYPTOBJDIR for use in LDADD entries. This makes
...
secure reference the libraries that were just build instead of in /usr/lib.
1995-09-16 03:04:10 +00:00
gibbs
958c14faa7
Enable kerberosIV authentication/encryption conditionalized on MAKE_EBONES.
1995-09-14 21:29:21 +00:00
gibbs
684e425bda
Enable kerberosIV authentication/encryption conditionalized on MAKE_EBONES.
...
Fix up some of the des calls to be compatible with eBones.
1995-09-14 21:29:08 +00:00
dg
1ae004d611
sys_term.c: killed sleep(1) as this should no longer be a problem with
...
the move of startslave().
telnetd.c: fix bug introduced with the move of startslave()...the number
of arguments was wrong and "level" and "user_name" had to be made globals.
1995-09-11 21:02:02 +00:00
pst
14ad5aa657
Move erase cleanup outside linemode conditional
1995-09-06 02:03:36 +00:00
pst
8693020356
Avoid race condition with telnet options processing (login: prompt lost).
...
Submitted by: John Capo & Peter Wemm
1995-09-05 19:31:06 +00:00
pst
b68227ec08
Set erase character for login: prompt.
...
Submitted by: Peter Wemm & John Capo
1995-09-05 19:30:05 +00:00
pst
059d76f5fe
Do NOT compile with -DKLUDGELINEMODE...hoses many telnet clients
1995-08-28 17:55:08 +00:00
peter
47235a8c6f
Import Sendmail v8.6.12, onto the CSRG(!) branch.
...
A seperate commit to fix the conflicts wil follow.
1995-08-17 04:39:13 +00:00
ache
f87a14f2ec
Comment out LDADD+=-ldescrypt, it is not yet active due to
...
missng defines for krb4encpwd and rsaencpwd and missing rsa library too.
1995-08-05 19:10:25 +00:00
ache
25dcf9aae3
Change default banner to FreeBSD, properly ifdefed by __FreeBSD__
...
Reviewed by:
Submitted by:
Obtained from:
1995-08-04 00:12:08 +00:00
markm
96fd43c32a
After pst and ache fixed secure telnet, it was still not in the main
...
makefiles. This puts it in.
PLEASE NOTE - YOU WILL NEED TO BUILD AND INSTALL THE libtelnet IN secure/
Reviewed by:
Submitted by:
Obtained from:
1995-07-29 12:49:25 +00:00
ache
5bd836c190
Final cleanup pass through Makefiles, now this stuff
...
autodetect kerberos/eBones and work even with eBones,
but with reduced functionality (don't pick up des/krb stuff
in this case)
1995-07-24 22:55:59 +00:00
ache
2abb3f187a
Add -ldescrypt, or wrong crypt version can be picked from libc
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 22:01:01 +00:00
ache
02f285eeb1
Add LDADD+= -ldescrypt
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:57:58 +00:00
ache
7e1e5231a4
Move -ldes under kerb stuff, my fault
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:49:06 +00:00
ache
8d6cb97e95
Since this stuff not works with eBones, ifdef kerberos stuff
...
with MAKE_KERBEROS to allow other things to live
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 21:47:30 +00:00
ache
96d8cee523
Since this stuff not works with eBones, ifdef kerberos stuff
...
with MAKE_KERBEROS to allow other things to live
Submitted by:
Obtained from:
1995-07-24 21:38:32 +00:00
ache
cb87a42d33
Add comment about new_rnd_key.c module needed from original
...
libdes (and not present in eBones libdes)
1995-07-24 21:12:57 +00:00
ache
dcde8b5f80
Add comment about new_rbd_key.c module needed from
...
original libdes
1995-07-24 21:10:47 +00:00
ache
0551b03e78
Fix dependances, typing errors, etc.
...
Note: this thing need original libdes not Eric Young libdes from eBones
Submitted by:
Obtained from:
1995-07-24 20:40:03 +00:00
ache
d5bb9e78cb
Point to proper DESTDIR now
...
Reviewed by:
Submitted by:
Obtained from:
1995-07-24 20:31:07 +00:00
ache
2bad985464
Fix many bogus things, typing error, dependance errors, etc.,
...
now it compiles.
Note: this stuff requires original libdes, not libdes from
Eric Yang which we have in eBones.
1995-07-24 20:29:12 +00:00
pst
5b689f15e4
When hostname len > 8, name replaced with dot notation when -u flag
...
not specified (default case).
Use _PATH_* for utmp/wtmp.
Support for >32 PTYs.
>Submitted by: Heikki Suonsivu <hsu@cs.hut.fi>
Plug already known security hole. (Brought over from 1.1.5):
Fixed security problem with telnetd, which allowed
telnet -l -hcert.org localhost
to change the user's host in utmp.
Thanks to Matthew Green <mrgreen@@mame.mu.oz.au> for showing me this one.
>Reviewed by: karl, guido
>Submitted by: mrgreen@mame.mu.oz.au
Obtained from: FreeBSD insecure telnetd
1995-07-20 12:35:01 +00:00
pst
d1a257b33a
The final negotiation of DO_BINARY in the LINEMODE portion of the telnetd code
...
causes some clients that do not support linemode to mis-interpret the return
key (i.e. double returns).
The fix is to only do the state check for binary options if linemode will
be used.
Closes PR#505.
Submitted by: Charles Henrich
Obtained from: FreeBSD insecure telnetd
1995-07-20 12:32:40 +00:00
pst
d6b93135e2
Update telnet to the 95.05.31 release.
...
Obtained from: Dave Borman <dab@cray.com>
1995-07-20 11:40:06 +00:00
rgrimes
f3a2b348da
Remove trailing whitespace.
1995-05-30 06:12:45 +00:00
jkh
8e4a47a63b
Argh! Another instance of DES rather than des that I forgot. Truly,
...
this keyword is in too many places! :(
1995-05-11 22:07:49 +00:00
jkh
34164c8be6
Rename secure to DES.
1995-05-09 05:22:41 +00:00
wollman
294d85f56c
This commit was generated by cvs2svn to compensate for changes in r7283,
...
which included commits to RCS files with non-trunk default branches.
1995-03-23 19:09:24 +00:00
wollman
a42f520712
Mark Murray's authdes.c for xntpd
1995-03-23 19:09:24 +00:00
dima
937577d030
Security fixes.
...
CERT Advisory CA-95:03.telnet.encryption
Obtained from: CERT
1995-02-17 03:57:00 +00:00
jkh
5fd14a3119
Change name of secrdist to secure.
1995-01-14 11:32:41 +00:00
phk
898bee8131
Fix secrdist sharedlib bug.
1994-11-24 22:34:18 +00:00
phk
4483a2072f
des DISTRIBUTION became secrdist.
1994-11-22 08:03:26 +00:00
phk
790dc6108e
fix libdescrypt reference.
1994-11-21 02:58:43 +00:00
phk
277a5cfc85
Make the "distribute" target build the "des" distribution. Make des'ed
...
init and ed, by pointing to real sources.
1994-11-14 20:45:35 +00:00
pst
0ffafd8bfe
!Just! fixing makefile, no code changes Geoff
1994-09-30 06:04:40 +00:00
csgr
20327548ff
More elegant fix for short settings.
...
(Our existing fixes already plugged the security holes involved.)
Submitted by: Geoff Rehmet after consultation with David Burren
1994-09-19 19:26:39 +00:00
ache
1265c85a97
Add libcipher.a: libcrypt exports only crypt() but not des_setkey()
...
which is in libcipher.a
1994-09-12 17:27:55 +00:00
rgrimes
83c1bfeaeb
Change all references to LIBTERM and -ltermlib to LIBTERMCAP and -ltermcap
1994-09-11 21:53:28 +00:00
csgr
73e15728f8
fix bogus .include
...
Submitted by: Geoff.
1994-09-09 09:43:18 +00:00
csgr
4ad4a88210
add libcipher to Makefile
...
Submitted by: Geoff.
1994-09-08 19:06:58 +00:00
csgr
9baa6a9d3f
- Remove crypt() - it's in libcrypt
...
- remove ^L's - CTM will probably choke on them
- add PRECIOUSLIB to Makefile
- name changes libcrypt -> libcipher
Submitted by: Geoff.
1994-09-07 21:48:54 +00:00
csgr
53362bf89c
This commit was generated by cvs2svn to compensate for changes in r2546,
...
which included commits to RCS files with non-trunk default branches.
1994-09-07 21:18:08 +00:00
csgr
f5ee65e487
Bring in the 1.1.x international libcrypt, which
...
will in due course become libcipher.
Based on David Burren's FreeSEC
Submitted by: Geoff.
1994-09-07 21:18:08 +00:00
pst
5787daa8ba
Back out static hacks & build of usr.bin until Geoff informs the
...
world of his master plan.
Submitted by: pst
1994-09-07 07:47:08 +00:00
pst
6239100975
Remove static in front of declarations for des_setkey and des_cipher
...
so that linking against -lcrypt (-ldescrypt) will give us the good
versions instead of the stubs in libc. (These changes need to be
made to the non-US version of libdescrypt too!)
Allow building and support for bdes program.
A bit more work still needs to be done on secure telnet.
Submitted by: pst
1994-09-07 07:16:52 +00:00
csgr
c900d4c13e
This commit was generated by cvs2svn to compensate for changes in r2316,
...
which included commits to RCS files with non-trunk default branches.
1994-08-27 15:48:54 +00:00
csgr
23c56ec341
The telnet version with encryption in in.
...
Reviewed by: geoff.
1994-08-27 15:48:54 +00:00
wollman
ad7993daba
Hopefully fix bogus permissions.
1994-08-26 23:31:11 +00:00
wollman
e682e5ecfb
Install libdescrypt.so immutable.
1994-08-26 19:03:23 +00:00
csgr
ec3eb0ab36
Fix afterinstall rule for generating links to the real libcrypt
...
Submitted by: Geoff
1994-08-20 18:16:57 +00:00