| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
because otherwise it will remain having a dependency upon libssl. This
breaks the non-crypto build that happens for release.3
While here, order the list of programs and libraries.
Speculating review feedback from: ru
|
|
|
|
|
|
|
| |
the make.conf(5) manpage.
PR: conf/65738
OK'ed by: markm
|
|
|
|
|
|
|
| |
a variant of the C code but with some scattered asm and things laid out
more optimally for the platform. This means that we need to the asm
directory to the search path for the amd64 case so that make can find
the source.
|
|
|
|
|
|
|
| |
call any pthread functions as we use compile it. We keep the
-DOPENSSL_THREADS, which stops OpenSSL doing thread-unsafe stuff.
Requested by: ru
|
|
|
|
|
|
|
|
|
|
| |
environment. This stops some ports keeling over on an OpenSSL assert.
(The patch is not exactly the one from the PR, but has been refined
based on advice from freebsd-threads.)
PR: 51205
Submitted by: Jim Westfall <jwestfall@surrealistic.net>
MFC after: 1 month
|
|
|
|
|
|
|
| |
to the build.
Should have done this ages ago: markm
Reminded above to do this: peter
|
| |
|
| |
|
|
|
|
| |
Use WARNS?= instead of WARNS=.
|
|
|
|
| |
Reviewed by: des, deischen
|
| |
|
|
|
|
|
|
|
|
| |
- Removed libopie and libmd; libopie used to serve auth-skey.c
which is compiled now only to ease maintenance, as well as
a few other auth-*.c sources.
Reviewed by: des
|
|
|
|
|
|
|
|
| |
"kerberize" and "dekerberize" in kerberos5/Makefile. These can
be used to recompile bits with optional crypto support with and
without crypto, respectively.
Reviewed by: markm
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and rebuilt some bits with crypto but without Kerberos support
(most notably SSH) during "make release", to put them into the
"crypto" distribution.
Now that we don't ship the separate "krb5" distribution anymore
(it's now part of the "crypto" distribuion), don't waste time
recompiling SSH bits without crypto and without Kerberos support
in an attempt to put them in the "base" distribution -- it just
doesn't work as SSH always uses crypto code.
We avoid this by not rebuilding KPROGS from kerberos5/Makefile in
release/Makefile and adding "libpam" to SPROGS in secure/Makefile
to ensure it's still rebuilt without crypto support for the "base"
distribution. (Disabling crypto (NOCRYPT) also disables building
of Kerberos-related PAM modules, and it's OK to depend on this.)
This should be a no-op change saving some "make release" time.
|
|
|
|
|
|
|
| |
package management tools.
- Drop redundant dependency of pkg_create(1) and pkg_delete(1)
on crypto libraries now that they do not link with libfetch.
|
| |
|
|
|
|
| |
Reviewed by: des
|
|
|
|
| |
Reviewed by: des
|
| |
|
|
|
|
|
|
| |
Also remove some duplicates from ssh's SRCS.
Submitted by: [1] Björn Grönvall <bg@sics.se>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
it. While not strictly required, it unbreaks the cross-build world that
is resulting from moving the libraries around.
I have a more permanent solution to this problem in the works, but I
asked des for permission to commit this to get the ball rolling. This
also makes the ssh build more along the lines of what the openssh-portable
and OpenBSD openssh Makefile glue does.
Reviewed by: des
|
|
|
|
|
|
| |
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".
As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).
Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
|
|
|
|
| |
OK'ed by: markm
|
|
|
|
| |
Reported by: Marius Strobl <marius@alchemy.franken.de>
|
|
|
|
| |
for this area later.
|
|
|
|
| |
all its functionality, and all its consumers have been converted.
|
|
|
|
|
| |
have libcrypto to do that. Both consumers of this lib have been
converted to use libcrypto. (bin/ed and secure/usr.bin/bdes).
|
|
|
|
|
| |
required to make crypt(3) blowfish "$2a$..." hashes. Lint and
warnsify.
|
| |
|
|
|
|
| |
CSTD=gnu89, c89 wont do.
|
| |
|
|
|
|
|
| |
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
|
|
|
|
| |
part of the regular security dist.
|
| |
|
| |
|
|
|
|
| |
we won't be here.
|
| |
|
| |
|
| |
|
|
|
|
| |
PR: 50507
|
| |
|
|
|
|
|
| |
doesn't need to be prefixed with '-'. Keep the pointy hat for myself
for not reading the code closely.
|
|
|
|
| |
Pointy hat for breaking my installworld: nectar
|
|
|
|
|
|
|
|
| |
function.
Approved by: markm (mentor)
Submitted by: till toenges <tt@mail.isis.de>
PR: bin/48963
|
|
|
|
|
| |
Reviewed by: markm
Approved by: nectar
|
| |
|
|
|
|
| |
Reported by: Andrzej Tobola <san@iem.pw.edu.pl>
|