Commit Graph

51 Commits

Author SHA1 Message Date
christos
65710e59db adjust to the new openssl 2005-11-26 02:32:32 +00:00
christos
192c2eccf6 Add -lcrypt where -lcrypto is specified. 2005-03-09 03:11:22 +00:00
he
8e8728c45c Introduce PAM_STATIC_LDADD and PAM_STATIC_DPADD. When compiling
with MKPIC=no, possibly because the target does not support shared
libraries, these include libraries required to resolve all symbols
which end up referenced from PAM-using applications.  The libraries
presently required are -lcrypt, -lrpcsvc and -lutil.

Add use of these variables which are currently set up to use PAM,
so that they compile when MKPIC=no.

Also, in the telnetd case, reorder the order of the libraries, so
that libtelnet.a comes before -ltermcap and -lutil, again to fix
link error when MKPIC=no.

Discussed with thorpej and christos.
2005-03-04 20:41:08 +00:00
he
b404dc79be Move -lcrypto to the end of the library list, so that this links
without undefined entry points for non-shlib platforms such as sun2.
2005-02-26 11:31:48 +00:00
manu
be15b99c92 Define SADB_X_EALG_AESCBC=SADB_X_EALG_AES, as we define SADB_X_EALG_AES
in <net/pfkeyv2.h> while ipsec-tools uses SADB_X_EALG_AESCBC in the code.
2005-02-24 13:45:08 +00:00
manu
3eda198fd5 Install racoon administrative socket in /var/run instead of /var/racoon 2005-02-23 14:44:41 +00:00
manu
32f1c835de Don't make racoonctl.8 here, it's already done in src/usr.sbin/racoonctl 2005-02-20 10:44:15 +00:00
manu
f232e7a4c6 Add missing racoonctl(8), build with libradius 2005-02-20 01:17:41 +00:00
thorpej
33f19ef5cf Additional cleanup pass. 2005-02-19 17:05:02 +00:00
thorpej
354f2a1004 Switch to ipsec-tools for libipsec, setkey, and racoon. From
Emmanuel Dreyfus, with some small changes by me.
2005-02-19 16:55:02 +00:00
lukem
7157011597 Only compile in IPv6 support if ${USE_INET6} != "no"
MKINET6 is for providing IPv6 infrastructure.
USE_INET6 is for compiling IPv6 support into the programs (needs MKINET6).
2005-01-10 02:58:58 +00:00
junyoung
d4277bb7d5 Add -fno-strict-aliasing to CFLAGS to avoid gcc warning
"dereferencing type-punned pointer will break strict-aliasing rules"
which occurs when compiling crypto_openssl.c with -O[23s].
This should be gone once a new release of kame with a fix applied
is imported.
2004-08-05 17:13:54 +00:00
itojun
166adfa9e5 sync w/ 20040617. 2004-06-17 03:42:55 +00:00
lukem
b817247988 Use MKPRIVATELIB=yes instead of providing an empty libinstall:: target and
setting NOLINT, NOPIC, NOPROFILE (etc)
2004-05-23 02:24:50 +00:00
itojun
26cf1d701e do not compile in print-isakmp.c, as src/dist/tcpdump contains ancient version
which could be vulnerable to attacks.
2004-04-12 04:01:27 +00:00
itojun
b4a3a9e6c1 properly validate phase 1 signature.
http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html
2004-04-12 03:34:05 +00:00
he
1a3822fca0 Wait for libpfkey to build before descending into racoon, as the
latter depends on the existence of the result of the former.
Fixes parallel build problem.
2004-04-09 22:23:14 +00:00
itojun
a69a0241a1 bump date 2004-01-16 02:28:42 +00:00
itojun
bde9df6596 bump version string 2004-01-14 09:21:41 +00:00
lukem
6672bff7fc rework how cfparse.y is generated 2003-10-19 06:09:17 +00:00
itojun
d9c46578d1 update racoon to 2003/8/26 version. mostly minor bugfixes. 2003-08-26 03:31:50 +00:00
itojun
c7d6ddcd4d racoon sha2.c is not compatible with openssl 0.9.7, drop support 2003-07-24 14:22:01 +00:00
itojun
18a884bc94 oops, forgot to bump version string 2003-07-22 08:46:03 +00:00
itojun
03eefe2ecf sync w/ latest racoon 2003-07-12 09:02:24 +00:00
itojun
e1425434e7 no need for __ss_len define any longer 2003-07-04 05:21:26 +00:00
itojun
9f803f2b20 evp.h better fit under cert support 2003-07-04 05:20:45 +00:00
itojun
8172c901e4 support idea/rc5 if they are available. add missing #define.
VS: ----------------------------------------------------------------------
2003-07-04 05:17:25 +00:00
fvdl
03adc171d1 Don't explicitly add -Wall -Werror -g to CFLAGS, the .mk infrastructure
already takes care of this, and this makes NOGCCERROR builds fail.
2002-11-24 21:54:38 +00:00
itojun
a426f44395 sync w/ kame source from 2002/11/20.
- plug some memory leaks
- correct phase 2 proposal reqid handling
- check for fd_set overrun
2002-11-20 03:35:57 +00:00
lukem
c52b93f508 minor makefile delint 2002-09-18 13:31:52 +00:00
lukem
17d72c8a6b use NETBSDSRCDIR as appropriate 2002-09-18 03:54:26 +00:00
lukem
ed401558f2 Implement MKDYNAMICROOT, which currently defaults to "no", but will
be changed in the future to "yes".

If MKDYNAMICROOT == "no", there is no change from existing behaviour
of a static /bin and /sbin (and a few programs in elsewhere).

If MKDYNAMICROOT == "yes", the following changes occur:
    in <bsd.own.mk>:
	SHLIBDIR?=     /lib
	SHLINKDIR?=	/lib
    in various Makefiles, the following entry is DISABLED.
	LDSTATIC?=-static
This results in all programs (except those "standalone" programs built
in sys/arch/*/stand) are linked dynamically, the shared linker is moved
from /usr/libexec to /lib (with a compat symlink), and the shared
libraries used by /bin and /sbin programs are moved from /usr/lib to
/lib (with compat symlinks).
2002-08-27 14:46:11 +00:00
itojun
c68a2428ba correct handling of "unique" policy. bump version to 20020507
(corresponds to filename in ftp://ftp.kame.net/pub/kame).
2002-05-13 02:10:34 +00:00
itojun
cd1e16de59 upgrade to KAME racoon as of 2002/4/26.
file descriptor leak fix.
null encryption algorithm key length fix (should use 0).
couple of null-pointer reference fixes.
set port # to 500 in ID payload (possible interop issue - spec is unclear).
correctly match address pair on informational exchange
2002-04-26 02:25:13 +00:00
thorpej
9c33b55e7c Split the notion of building Hesiod, Kerberos, S/key, and YP
infrastructure and using that infrastructure in programs.

	* MKHESIOD, MKKERBEROS, MKSKEY, and MKYP control building
	  of the infratsructure (libraries, support programs, etc.)

	* USE_HESIOD, USE_KERBEROS, USE_SKEY, and USE_YP control
	  building of support for using the corresponding API
	  in various libraries/programs that can use it.

As discussed on tech-toolchain.
2002-03-22 18:10:19 +00:00
tv
8e6f7afb5b MKfoo=no -> NOfoo 2001-12-12 01:48:43 +00:00
tv
29fb1f6827 Unravel the include spaghetti here:
- make a copy of cfparse.y called "y.tab.y" because "cfparse.h" is not
  actually the yacc generated header file (duh?)
- include the tcpdump directory with -I *after* racoon's source, else
  tcpdump's headers will be picked up unexpectedly
- include . *before* racoon's source so as to make the generated files
  first on the list
2001-10-19 23:59:56 +00:00
veego
0a9ac47f7c CLEANFILES has to come before the include of <bsd.prog.mk>. 2001-10-05 23:42:11 +00:00
itojun
ee42f09d5b upgrade to KAME 2001/8/31. 2001-08-31 10:36:08 +00:00
itojun
4acce1d060 include version number into binary to help diagnosis 2001-08-02 15:27:21 +00:00
itojun
366bd307b0 sync with 2001/8/2 KAME racoon/libipsec. 2001-08-02 12:15:00 +00:00
enami
ab05795faa Fix tcpdump path. 2001-06-27 05:17:32 +00:00
itojun
94cdb4e17c copy config hint docs to /usr/share. 2001-04-01 23:47:45 +00:00
thorpej
4576721e6c Add some glue to let us easily use Boehm-GC to track down
memory leaks.  Requires some (not yet committed) changes to
the racoon sources.
2001-03-30 06:38:25 +00:00
itojun
96863758b7 remove WARNS=0. from enami 2001-02-22 03:11:24 +00:00
itojun
a5316a5fa5 sync with 2/22 code. -B and -Z,
bundle proposal interpretation, and some other fixes.
XXX WARNS?=0 in racoon/Makefile is necessary to compile yacc-generated files
(static function, generated by yacc, is never used).
2001-02-22 02:33:06 +00:00
itojun
06b30834dd ${PRINTOBJDIR} 2001-01-03 15:57:00 +00:00
itojun
9857da78ba s/make/${MAKE}/ 2001-01-03 08:43:05 +00:00
itojun
4a49026fe0 move .PATH after bsd.prog.mk 2000-12-29 05:22:07 +00:00
itojun
3207cfe8dd install sample configuration files into /usr/share/examples/racoon.
make variable "SBIN_RACOON" will build static racoon binary, and installs
it into /sbin (nonstandard)
2000-12-29 03:16:39 +00:00