Commit Graph

32 Commits

Author SHA1 Message Date
Simon J. Gerraty
ee7b0571c2 Merge head from 7/28 2014-08-19 06:50:54 +00:00
Warner Losh
04efeffe99 When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.
2014-06-06 04:09:07 +00:00
Simon J. Gerraty
cc3f4b9965 Merge from head 2014-05-08 23:54:15 +00:00
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.
2014-05-06 04:22:01 +00:00
Simon J. Gerraty
a421503148 include/arpa installs telnet.h 2012-11-08 21:32:19 +00:00
Stanislav Sedov
3ef51c5fb9 - Do not use deprecated krb5 error message reporting functions in libtelnet. 2012-04-06 00:03:45 +00:00
Stanislav Sedov
ae77177087 - Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
  o kgetcred(1) allows one to manually get a ticket for a particular service.
  o kf(1) securily forwards ticket to another host through an authenticated
    and encrypted stream.
  o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
    and other user kerberos operations. klist and kswitch are just symlinks
    to kcc(1) now.
  o kswitch(1) allows you to easily switch between kerberos credentials if
    you're running KCM.
  o hxtool(1) is a certificate management tool to use with PKINIT.
  o string2key(1) maps a password into key.
  o kdigest(8) is a userland tool to access the KDC's digest interface.
  o kimpersonate(8) creates a "fake" ticket for a service.

  We also now install manpages for some lirbaries that were not installed
  before, libheimntlm and libhx509.

- The new HEIMDAL version no longer supports Kerberos 4.  All users are
  recommended to switch to Kerberos 5.

- Weak ciphers are now disabled by default.  To enable DES support (used
  by telnet(8)), use "allow_weak_crypto" option in krb5.conf.

- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
  disabled due to the function they use (krb5_get_err_text(3)) being
  deprecated.  I plan to work on this next.

- Heimdal's KDC now require sqlite to operate.  We use the bundled version
  and install it as libheimsqlite.  If some other FreeBSD components will
  require it in the future we can rename it to libbsdsqlite and use for these
  components as well.

- This is not a latest Heimdal version, the new one was released while I was
  working on the update.  I will update it to 1.5.2 soon, as it fixes some
  important bugs and security issues.
2012-03-22 08:48:42 +00:00
Ed Schouten
b3aaa0cc21 Rename all symbols in libmp(3) to mp_*, just like Solaris.
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.

libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.

Reviewed by:	deischen, rdivacky
2009-02-26 21:43:15 +00:00
Yaroslav Tykhiy
594a130b8a Stop enforcing dependencies between MK_* options at Makefile level.
All the dependencies are satisfied now in <bsd.own.mk>.
2006-07-31 13:29:36 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Ruslan Ermilov
a216173556 NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Colin Percival
d37df47d31 Join the 21st century: Cryptography is no longer an optional component
of releases.  The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by:	re (scottl), markm
Discussed on:	freebsd-current, in late April 2004
2004-08-06 07:27:08 +00:00
Alexander Kabaev
2d18d113c7 Downgrade WARNS level for GCC 3.4.2. 2004-07-28 05:49:15 +00:00
Mark Murray
482d5f1f6a Make sure that a "make release" (more accurately the bit that makes
the crunched binary) get a non-cryptographic telnet. This is overkill
in that it covers stuff that is not normally used in a crunched binary.
2003-07-24 17:19:15 +00:00
Mark Murray
3665b7c29b Ensure that for the cryptographic instances of *telnet*, the "crypto"
distribution is used. This only affects release-building.
2003-07-24 07:19:55 +00:00
Mark Murray
acce0bcdb3 Test correct macro for "without crypto" option(s). 2003-07-20 23:29:46 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Ruslan Ermilov
46f8fdc34e Removed now unused INTERNALSTATICLIB.
INTERNALLIB now implies NOPIC and NOPROFILE.
Removed gratuitous NOMAN.
2002-05-13 11:09:07 +00:00
Mark Murray
b3c1c587b6 Diff-reduce WRT src/secure/*telnet*/Makefile.
Also, add an "unifdef:" target, so that the telnet sources can
be remade from the crypto sources in src/crypto/telnet.
2001-11-30 21:34:51 +00:00
Mark Murray
5adb5c82e3 No functional changes, but:
o unifdef AUTHENTICATE. We have never compiled this code, and its
  doubtful it will even work in this case.

o Style changes (some ansification, some comment updating)

o Diff reduction and code style merging with crypto telnet.
2001-08-20 12:04:53 +00:00
Ruslan Ermilov
4ecbb30346 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Bruce Evans
a9d7016af5 Fixed removing of obsolete shared libraries:
- the directory was wrong if ${SHLIBDIR} != ${LIBDIR}.  It's still wrong
  if the installation of the obsolete library was done before /aout was
  appended to LIBDIR.
- the version would have become wrong when the default in ../Makefile.inc
  is changed from 2.0.
- the comment mostly described moving of libraries to /usr/lib/compat, but
  we don't do that.
1998-10-11 16:33:02 +00:00
Mark Murray
0be70b48dd While I am no longer making a shared library, it is a good plan to nuke
the old ones to prevent ld picking it up spuriously.
1998-08-30 13:07:16 +00:00
Mark Murray
2c6110f682 Stop making a shared library for libtelnet. This should have happened
a long time ago.
1998-08-29 20:23:14 +00:00
Peter Wemm
7e546392b5 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Rodney W. Grimes
6c06b4e2aa Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
Geoff Rehmet
54df3c12f9 The big crypt removal - make libtelnet exportable.
Securedist can be sorted out later - getting these bits exportable
is top priority.
The libtelnet with encryption has been moved to src/secure/lib.
It will either become part of libsecure, or or be made available
under another name, once the securedist strategy has been completely
worked out.
Submitted by:	Geoff Rehmet
1994-08-12 22:41:29 +00:00
Garrett Wollman
bed8f8b45c Allow libtelnet to compile, by removing references to Kerberos and DES in
the Makefile.  We still need to determine the appropriate source organization
for this.
1994-08-05 02:02:36 +00:00
Rodney W. Grimes
58f0484fa2 BSD 4.4 Lite Lib Sources 1994-05-27 05:00:24 +00:00