| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
it. While not strictly required, it unbreaks the cross-build world that
is resulting from moving the libraries around.
I have a more permanent solution to this problem in the works, but I
asked des for permission to commit this to get the ball rolling. This
also makes the ssh build more along the lines of what the openssh-portable
and OpenBSD openssh Makefile glue does.
Reviewed by: des
|
| |
|
|
|
|
| |
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".
As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).
Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
|
| |
|
|
| |
OK'ed by: markm
|
| |
|
|
| |
Reported by: Marius Strobl <marius@alchemy.franken.de>
|
| |
|
|
| |
for this area later.
|
| |
|
|
| |
all its functionality, and all its consumers have been converted.
|
| |
|
|
|
| |
have libcrypto to do that. Both consumers of this lib have been
converted to use libcrypto. (bin/ed and secure/usr.bin/bdes).
|
| |
|
|
|
| |
required to make crypt(3) blowfish "$2a$..." hashes. Lint and
warnsify.
|
| | |
|
| |
|
|
| |
CSTD=gnu89, c89 wont do.
|
| | |
|
| |
|
|
|
| |
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
|
| |
|
|
| |
part of the regular security dist.
|
| | |
|
| | |
|
| |
|
|
| |
we won't be here.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
PR: 50507
|
| | |
|
| |
|
|
|
| |
doesn't need to be prefixed with '-'. Keep the pointy hat for myself
for not reading the code closely.
|
| |
|
|
| |
Pointy hat for breaking my installworld: nectar
|
| |
|
|
|
|
|
|
| |
function.
Approved by: markm (mentor)
Submitted by: till toenges <tt@mail.isis.de>
PR: bin/48963
|
| |
|
|
|
| |
Reviewed by: markm
Approved by: nectar
|
| | |
|
| |
|
|
| |
Reported by: Andrzej Tobola <san@iem.pw.edu.pl>
|
| |
|
|
| |
that.
|
| |
|
|
|
|
|
|
|
| |
libdes, and functionally close enough so that we created symlinks
(libdes -> libcrypto) to help older applications. With the import of
OpenSSL 0.9.7, this is no longer true and we no longer install these
symlinks. However, systems that are upgraded may have these symlinks,
which could cause non-obvious breakage at build-time. Therefore, blow
any old symlinks away in the `afterinstall' target.
|
| | |
|
| |
|
|
| |
and remove the WANT_OPENSSL_MANPAGES knob.
|
| |
|
|
|
|
| |
opensslconf.h.
Reminded by: reports from des, obrien
|
| |
|
|
| |
Noticed by: ru
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When libdes was replaced with OpenSSL's libcrypto, there were a few
interfaces that the former implemented but the latter did not. Because
some software in the base system still depended upon these interfaces,
we simply included them in our libcrypto (rnd_keys.c).
Now, finally get around to removing the dependencies on these
interfaces. There were basically two cases:
des_new_random_key -- This is just a wrapper for des_random_key, and
these calls were replaced.
des_init_random_number_generator et. al. -- A few functions were used
by the application to seed libdes's PRNG. These are not necessary
when using libcrypto, as OpenSSL internally seeds the PRNG from
/dev/random. These calls were simply removed.
Again, some of the Kerberos 4 files have been taken off the vendor
branch. I do not expect there to be future imports of KTH Kerberos 4.
|
| | |
|
| |
|
|
|
| |
NO_IDEA is now spelled OPENSSL_NO_IDEA. Update the bmake glue accordingly
or the IDEA references are not stripped from <openssl/evp.h>
|
| |
|
|
|
|
|
| |
can only be built with MIT Kerberos.
If we didn't define this here, then SSL-using applications would have
to define OPENSSL_NO_KRB5 themselves in order to build.
|
| |
|
|
| |
will follow.
|
| | |
|
| |
|
|
|
|
|
| |
Use pthreads for PAM if the platform supports it and the user asked for it
(by setting OPENSSH_USE_POSIX_THREADS)
Sponsored by: DARPA, NAI Labs
|
| |
|
|
| |
devote to it.
|
| |
|
|
| |
Pointy hat to: obrien
|
| | |
|
| | |
|
| |
|
|
| |
Its Just Too Noisy.
|
| |
|
|
| |
complicated and will be sent for a review.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
arithmetic.
Reviewed by: make test
The fact that bdes(1) didn't work was
Reported by: Fred Clift <fclift@verio.net>
|
| | |
|
