summaryrefslogtreecommitdiffstats
path: root/usr.sbin/keyserv
Commit message (Collapse)AuthorAgeFilesLines
* The variable `ROOTKEY' has internal linkage in keyserv.c, don't declare it asstefanf2005-02-101-3/+0
| | | | extern here.
* Join the 21st century: Cryptography is no longer an optional componentcperciva2004-08-061-1/+0
| | | | | | | | | | of releases. The -DNOCRYPT build option still exists for anyone who really wants to build non-cryptographic binaries, but the "crypto" release distribution is now part of "base", and anyone installing from a release will get cryptographic binaries. Approved by: re (scottl), markm Discussed on: freebsd-current, in late April 2004
* Remove spurious semicolons. Outside of functions they are actually errors butstefanf2004-05-161-1/+1
| | | | | | | | GCC doesn't warn about them without -pedantic. Approved by: das (mentor) PR: 56649 Reviewed by: md5
* Put chkey(1), newkey(8), and keyserv(8) into the crypto distribution.ru2004-01-181-0/+1
|
* Use arc4random() instead of random() when generating the master key.kris2003-02-181-2/+3
| | | | MFC after: 1 week
* Use sranddev()/srandomdev() for FreeBSDache2003-02-111-2/+10
|
* Initiate deorbit burn for the i386-only a.out related support. Moves arepeter2002-09-172-32/+0
| | | | | | | | | | | | | | | under way to move the remnants of the a.out toolchain to ports. As the comment in src/Makefile said, this stuff is deprecated and one should not expect this to remain beyond 4.0-REL. It has already lasted WAY beyond that. Notable exceptions: gcc - I have not touched the a.out generation stuff there. ldd/ldconfig - still have some code to interface with a.out rtld. old as/ld/etc - I have not removed these yet, pending their move to ports. some includes - necessary for ldd/ldconfig for now. Tested on: i386 (extensively), alpha
* mdoc(7) police: Removed redundant .Ns calls.ru2002-08-131-2/+2
|
* Port to TI/RPC and/or IPV6.alfred2002-07-151-3/+3
| | | | Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
* The .Nm utilitycharnier2002-07-141-6/+8
|
* Use libcrypto.so.2 instead of .1, since we have it now. It should enablejmallett2002-07-091-3/+3
| | | | | | | | DES for keyserv again. Submitted by: mbr Kill a stray __P while I'm here.
* Spell void * as void * rather than caddr_t. This is complicated by thedes2002-04-281-24/+24
| | | | | | fact that caddr_t is often misspelled as char *. Sponsored by: DARPA, NAI Labs
* Readded the svc_create() and the registering of the local transport,alfred2002-02-061-1/+35
| | | | | | | | | | | | | | | now it is fixed. This should get us a working keyserv again, since it depends on local transport for key exchange. Since we do not have any KEYFILE name hardcoded anymore, set the umask that way that the keyserver socket can be created with with the appropriate permissions. Re-add the accidently removed signal(SIGPIPE, SIG_IGN); to the code which makes sense to avoid SIGPIPE when a disconnect on rpc socket occurs. Submitted by: mbr
* Fixed bitrot in DPADD in previous commit.bde2001-07-301-1/+1
|
* Enable the new libmp in the build, and disable libgmp and itsdd2001-07-291-1/+1
| | | | henchmen.
* Perform a major cleanup of the usr.sbin Makefiles.obrien2001-07-201-2/+1
| | | | | These are not perfectly in agreement with each other style-wise, but they are orders of orders of magnitude more consistent style-wise than before.
* Remove whitespace at EOL.dd2001-07-151-5/+5
|
* Nuke unused variables.dd2001-06-242-6/+0
|
* - Backout botched attempt to introduce MANSECT feature.ru2001-03-261-0/+2
| | | | - MAN[1-9] -> MAN.
* Hopefully fix some of the bugs in passing credentials over UNIX ↵alfred2001-03-224-80/+5
| | | | | | | | | | | | domain sockets. Make struct cmessage visible from socket.h (about 4 places were defining it for themselves which wasn't good) Make __rpc_get_local_uid() useable and give it prototype that's visible. Fix some issues with printing out usernames from rpcbind and keyserv.
* Set the default manual section for usr.sbin/ to 8.ru2001-03-201-2/+0
|
* Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) andalfred2001-03-191-36/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
* mdoc(7) police: split punctuation characters + misc fixes.ru2001-02-011-1/+1
|
* mdoc(7) police: use the new features of the Nm macro.ru2000-11-201-3/+3
|
* Use libcrypto instead of libdes.markm2000-02-241-6/+6
|
* $Id$ -> $FreeBSD$peter1999-08-286-6/+6
|
* Add $Id$, to make it simpler for members of the translation teams tonik1999-07-121-0/+1
| | | | | | | | | | | | | | | | | track. The Id line is normally at the bottom of the main comment block in the man page, separated from the rest of the manpage by an empty comment, like so; .\" $Id$ .\" If the immediately preceding comment is a @(#) format ID marker than the the $Id$ will line up underneath it with no intervening blank lines. Otherwise, an additional blank line is inserted. Approved by: bde
* Remove irrelevant section.jkoshy1998-10-131-2/+0
| | | | | PR: 8286 Submitted-by: yohta@bres.tsukuba.ac.jp
* Apply patch from Stefan Esser to close PR #7941: add code to handlewpaul1998-09-162-2/+17
| | | | | dynamic loading of libdes on ELF systems. The patch looks correct to me.
* Fixed the usual dependency bugs. This Makefile accidentally usuallybde1998-05-091-3/+3
| | | | worked for `make -j9', but failed for `make -j4'.
* Fixed DPADD.bde1997-12-161-2/+3
|
* Use err(3). Put includes in alphabetical order.charnier1997-09-235-132/+113
| | | | | Rewrote man page in mdoc format. Document -v and -p flags.
* Correct the section number in the cross-reference for the publickeyjdp1997-06-171-1/+1
| | | | file.
* Work around a bug (deficiency?) in the libdes Secure RPC compat interface.wpaul1997-06-171-24/+58
| | | | | | | | | | | | | | | | | | | | | | | | The way Secure RPC is set up, the ecb_crypt() routine is expected to be able to encrypt a buffer of any size up to 8192 bytes. However, the des_ecb_encrypt() routine in libdes only encrypts 8 bytes (64 bits) at a time. The rpc_enc.c module should compensate for this by calling des_ecb_encrypt() repeatedly until it has encrypted the entire supplied buffer, but it does not do this. As a workaround, keyserv now handles this itself: if we're using DES encryption, and the caller requested ECB mode, keyserv will do the right thing. Also changed all references to 'rc4' into 'arcfour' just in case some litigious bastard from RSA is watching. Note that I discovered and fixed this problem while trying to get a part of NIS+ working: rpc.nisd signs directory objects with a 16-byte MD5 digest that is encrypted with ecb_crypt(). Previously, only the first 8 bytes of the digest were being properly encrypted, which caused the Sun nis_cachemgr to reject the signatures as invalid. I failed to notice this before since Secure RPC usually never has to encrypt more than 8 bytes of data during normal operations.
* This commit was generated by cvs2svn to compensate for changes in r26234,wpaul1997-05-287-0/+1833
which included commits to RCS files with non-trunk default branches.
OpenPOWER on IntegriCloud