summaryrefslogtreecommitdiffstats
path: root/secure
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed style of DPADD and LDADD assignments as per style.Makefile(5).ru2004-02-051-2/+2
|
* - Removed libmd from the Kerberos library set.ru2004-02-021-7/+4
| | | | | | | | - Removed libopie and libmd; libopie used to serve auth-skey.c which is compiled now only to ease maintenance, as well as a few other auth-*.c sources. Reviewed by: des
* Added two utility targets "secure" and "insecure", analogous toru2004-01-181-1/+23
| | | | | | | | "kerberize" and "dekerberize" in kerberos5/Makefile. These can be used to recompile bits with optional crypto support with and without crypto, respectively. Reviewed by: markm
* Once upon a time we had both "crypto" and "krb5" distributions,ru2004-01-171-0/+1
| | | | | | | | | | | | | | | | | | | | and rebuilt some bits with crypto but without Kerberos support (most notably SSH) during "make release", to put them into the "crypto" distribution. Now that we don't ship the separate "krb5" distribution anymore (it's now part of the "crypto" distribuion), don't waste time recompiling SSH bits without crypto and without Kerberos support in an attempt to put them in the "base" distribution -- it just doesn't work as SSH always uses crypto code. We avoid this by not rebuilding KPROGS from kerberos5/Makefile in release/Makefile and adding "libpam" to SPROGS in secure/Makefile to ensure it's still rebuilt without crypto support for the "base" distribution. (Disabling crypto (NOCRYPT) also disables building of Kerberos-related PAM modules, and it's OK to depend on this.) This should be a no-op change saving some "make release" time.
* - Properly build both crypto and non-crypto versions of theru2004-01-171-1/+1
| | | | | | | package management tools. - Drop redundant dependency of pkg_create(1) and pkg_delete(1) on crypto libraries now that they do not link with libfetch.
* Removed well outdated comment.ru2004-01-171-4/+0
|
* Cosmetics: rearrange the dependency list to match that of ssh and sshd.ru2004-01-081-2/+5
| | | | Reviewed by: des
* Fixed static linkage.ru2004-01-082-4/+10
| | | | Reviewed by: des
* Use += instead of = with DPADD / LDADD.des2004-01-081-2/+2
|
* Enable GSSAPI support. [1]des2004-01-083-8/+10
| | | | | | Also remove some duplicates from ssh's SRCS. Submitted by: [1] Björn Grönvall <bg@sics.se>
* Previous commit erroneously listed some sources with .o suffixes.des2004-01-071-1/+1
|
* Update Makefiles for OpenSSH 3.7.1p2.des2004-01-0711-37/+37
|
* Explicitly add libz and libcrypto to LDADD for any ssh utilities missinggordon2003-08-196-12/+12
| | | | | | | | | | | | it. While not strictly required, it unbreaks the cross-build world that is resulting from moving the libraries around. I have a more permanent solution to this problem in the works, but I asked des for permission to commit this to get the ball rolling. This also makes the ssh build more along the lines of what the openssh-portable and OpenBSD openssh Makefile glue does. Reviewed by: des
* Stage 3 of dynamic root support. Make all the libraries needed to rungordon2003-08-171-0/+1
| | | | | | binaries in /bin and /sbin installed in /lib. Only the versioned files reside in /lib, the .so symlink continues to live /usr/lib so the toolchain doesn't need to be modified.
* Very big makeover in the way telnet, telnetd and libtelnet are built.markm2003-07-168-113/+7
| | | | | | | | | | | | | | | | | | | | | | | Previously, there were two copies of telnet; a non-crypto version that lived in the usual places, and a crypto version that lived in crypto/telnet/. The latter was built in a broken manner somewhat akin to other "contribified" sources. This meant that there were 4 telnets competing with each other at build time - KerberosIV, Kerberos5, plain-old-secure and base. KerberosIV is no longer in the running, but the other three took it in turns to jump all over each other during a "make buildworld". As the crypto issue has been clarified, and crypto _calls_ are not a problem, crypto/telnet has been repo-copied to contrib/telnet, and with this commit, all telnets are now "contribified". The contrib path was chosen to not destroy history in the repository, and differs from other contrib/ entries in that it may be worked on as "normal" BSD code. There is no dangerous crypto in these sources, only a very weak system less strong than enigma(1). Kerberos5 telnet and Secure telnet are now selected by using the usual macros in /etc/make.conf, and the build process is unsurprising and less treacherous.
* Fixed "make checkdpadd".ru2003-07-022-4/+4
| | | | OK'ed by: markm
* Fix for the NO_OPENSSL case.markm2003-06-081-2/+2
| | | | Reported by: Marius Strobl <marius@alchemy.franken.de>
* Drop this MAINTAINER bit. I'll reclaim an "Advisory Maintainership"markm2003-06-041-2/+0
| | | | for this area later.
* I'm now happy that this is no longer needed. Libcrypto hasmarkm2003-06-0411-1621/+0
| | | | all its functionality, and all its consumers have been converted.
* Disconnect libcipher from the build. It only does DES, and we alreadymarkm2003-06-021-1/+1
| | | | | have libcrypto to do that. Both consumers of this lib have been converted to use libcrypto. (bin/ed and secure/usr.bin/bdes).
* Strip the private blowfish code down to only that which ismarkm2003-06-023-263/+4
| | | | | required to make crypt(3) blowfish "$2a$..." hashes. Lint and warnsify.
* Modernise. Use libcrypto instead of libcipher for DES.markm2003-06-023-382/+427
|
* Ugg, wrong version.obrien2003-06-011-1/+1
| | | | CSTD=gnu89, c89 wont do.
* This isn't C99 clean.obrien2003-06-011-0/+2
|
* Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extramarkm2003-05-056-6/+6
| | | | | cleanups were necessary in release/Makefile, and the tinderbox code was syntax checked, not run checked.
* We no longer have a separate kerberos distribution. Its now justmarkm2003-04-302-2/+0
| | | | part of the regular security dist.
* The including makefile's directory is tried first for .include "...".ru2003-04-304-5/+5
|
* Most things depend on !defined(NO_OPENSSL); make it look so.ru2003-04-303-10/+13
|
* NOSECURE is implied by NOCRYPT, meaning if the latter is definedru2003-04-303-3/+3
| | | | we won't be here.
* Remove Kerberos IV shims.des2003-04-233-3/+3
|
* Update for 3.6.1p1; also remove Kerberos IV shims.des2003-04-234-22/+6
|
* Silence `make -s' (echo -> ${ECHO}).bde2003-04-131-1/+1
|
* libtelnet depends on OpenSSL.ru2003-04-011-1/+1
| | | | PR: 50507
* The .Nm utilitycharnier2003-03-241-4/+6
|
* Back out rev 1.60, taking the pointy hat away from nectar as 'rm -f'obrien2003-03-111-2/+2
| | | | | doesn't need to be prefixed with '-'. Keep the pointy hat for myself for not reading the code closely.
* Don't error out the build if removing a "stale" symlink fails.obrien2003-03-101-2/+2
| | | | Pointy hat for breaking my installworld: nectar
* Fix mixed up arguments passed to a locally defined err(int, char *)mtm2003-03-071-4/+4
| | | | | | | | function. Approved by: markm (mentor) Submitted by: till toenges <tt@mail.isis.de> PR: bin/48963
* Handle includes the normal way.ru2003-02-273-88/+68
| | | | | Reviewed by: markm Approved by: nectar
* Regenerate man pages after import of OpenSSL 0.9.7a.nectar2003-02-19262-537/+627
|
* LIBDIR/INCLUDEDIR do not include DESTDIR.nectar2003-02-181-2/+2
| | | | Reported by: Andrzej Tobola <san@iem.pw.edu.pl>
* Follow-up to previous commit: we had a des.h symlink, too. Removenectar2003-02-181-0/+1
| | | | that.
* Previously, libcrypto contained symbols that were identical to EAYnectar2003-02-181-0/+7
| | | | | | | | | libdes, and functionally close enough so that we created symlinks (libdes -> libcrypto) to help older applications. With the import of OpenSSL 0.9.7, this is no longer true and we no longer install these symlinks. However, systems that are upgraded may have these symlinks, which could cause non-obvious breakage at build-time. Therefore, blow any old symlinks away in the `afterinstall' target.
* Correct path for finding asm-generating files.nectar2003-02-141-6/+6
|
* Install the OpenSSL man pages in /usr/share/openssl/mannectar2003-02-10268-649/+1587
| | | | and remove the WANT_OPENSSL_MANPAGES knob.
* Do not define OPENSSL_NO_KRB5 here in CFLAGS. It is handled innectar2003-02-091-1/+1
| | | | | | opensslconf.h. Reminded by: reports from des, obrien
* Re-add WANT_OPENSSL_MANPAGES knob.nectar2003-01-311-0/+2
| | | | Noticed by: ru
* Background:nectar2003-01-291-1/+1
| | | | | | | | | | | | | | | | | | | | | When libdes was replaced with OpenSSL's libcrypto, there were a few interfaces that the former implemented but the latter did not. Because some software in the base system still depended upon these interfaces, we simply included them in our libcrypto (rnd_keys.c). Now, finally get around to removing the dependencies on these interfaces. There were basically two cases: des_new_random_key -- This is just a wrapper for des_random_key, and these calls were replaced. des_init_random_number_generator et. al. -- A few functions were used by the application to seed libdes's PRNG. These are not necessary when using libcrypto, as OpenSSL internally seeds the PRNG from /dev/random. These calls were simply removed. Again, some of the Kerberos 4 files have been taken off the vendor branch. I do not expect there to be future imports of KTH Kerberos 4.
* Re-add WANT_OPENSSL_MANPAGES knob.nectar2003-01-291-0/+2
|
* Hopefully fix world for folks not compiling IDEA (the default).peter2003-01-291-2/+2
| | | | | NO_IDEA is now spelled OPENSSL_NO_IDEA. Update the bmake glue accordingly or the IDEA references are not stripped from <openssl/evp.h>
* Force OPENSSL_NO_KRB5. OpenSSL's current implementation of RFC 2712nectar2003-01-296-0/+12
| | | | | | | can only be built with MIT Kerberos. If we didn't define this here, then SSL-using applications would have to define OPENSSL_NO_KRB5 themselves in order to build.
OpenPOWER on IntegriCloud