Commit Graph

20 Commits

Author SHA1 Message Date
he d1eb8042a4 Recursively bump the major version number of the shared libraries
which use libcrypto (and those which use those libraries again),
as libcrypto's major number was recently bumped.  The pam modules
share a major with libpam, so they are all bumped as well.
2008-05-11 19:17:06 +00:00
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
christos 6ce0a263c4 no point in using alloca here. 2006-11-09 17:02:52 +00:00
perry fd18408b9a u_intN_t -> uintN_t 2005-12-26 19:40:14 +00:00
christos 23168589be use LIBDPLIBS for libcrypto. 2005-11-26 16:09:30 +00:00
christos 85fdc9d1a1 add more casts. 2005-11-25 23:20:00 +00:00
christos c1cfec6562 Adjust to the new openssl build; bump version. Also if we are compiling
with SSL, link against libcrypto to pick up the proper versions of the
symbols needed.
2005-11-25 21:07:11 +00:00
christos 99ab3bdfc8 Fix compilation both with and without SSL. The buffer argument is different
type, not just the length.
2005-03-31 14:29:32 +00:00
christos 049130f10b change some ints to size_t 2005-03-26 04:38:21 +00:00
he 733ba3e3bd GCC 2.95.3 doesn't like macros to be called with no argument when
the definition has an argument.  Cheesily add a 0 argument to the
srandomdev() invocation (which gets defined as null on NetBSD).
Restores our vax port to a buildable state.
2005-03-16 10:34:25 +00:00
he 738be40c8f Make conversions from unsigned long to int explicit via casts,
rather than imiplicit, which causes lint heart burn ("conversion
from 'unsigned long' to 'int' may lose accuracy).
2005-02-20 23:59:31 +00:00
christos 03b16f4fe5 Put back exit on warning for lint. 2005-02-20 17:06:33 +00:00
christos 595789382e Fix lint on 64 bit machines. 2005-02-20 17:06:16 +00:00
martin bf9e950197 This needs work to pass lint - whic I'm not going to invest.
Make lint not treat warnings as errors.
2005-02-20 16:20:36 +00:00
wiz fb1b5900a0 Remove duplicate .Pp. XXX: References non-existing rad_config(3). 2005-02-20 01:02:07 +00:00
christos ccb28c34b3 Get rid of liblibradius; hi manu. 2005-02-20 00:36:47 +00:00
christos 23d6637ce7 Oops, include dir. 2005-02-20 00:32:18 +00:00
christos 28074938ee Add include files. 2005-02-20 00:31:01 +00:00
christos 476ca6e1f0 Pass lint and WARNS=3 2005-02-20 00:28:20 +00:00
manu 8809553739 Import FreeBSD's libradius as of 2005/02/20, plus minor tweaks to build
o nNetBSD and a Makefile for NetBSD.
2005-02-19 23:56:30 +00:00