Commit Graph

29 Commits

Author SHA1 Message Date
he d1eb8042a4 Recursively bump the major version number of the shared libraries
which use libcrypto (and those which use those libraries again),
as libcrypto's major number was recently bumped.  The pam modules
share a major with libpam, so they are all bumped as well.
2008-05-11 19:17:06 +00:00
mlelstv b0f88a0388 Import Heimdal-1.1 2008-03-22 08:36:48 +00:00
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
dsl da38409c42 Add kadm5_err.h to DPSRSC (as is done in libkadm5srv) otherwise we
fail to create many of the .d files because kadm5_err.h isn't created
early enough.
I dunno why this ever worked, but mu hacked make is clearly building
stuff in a different order.
2006-11-11 14:00:56 +00:00
mrg aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
christos d3e8815a4a Add proper DT_NEEDED dependencies. From Jukka Salmi 2006-03-17 21:43:16 +00:00
lukem 1e281ed227 Only #define HAVE_IPV6 if ${USE_INET6} != "no". 2005-01-10 03:11:17 +00:00
thorpej d2ab983617 * Bump the shlib major of libkrb5 because the shlib major of libcrypto
changed, and libkrb5 depends on libcrypto.
* Bump the shlib major of libgssapi, libhdb, libkadm5clnt, libkadm5srv,
  and libkafs, because they depend on librb5.

Dependent library list provided by, and change approved by, lha@netbsd.
Per discussion on tech-userlevel.
2003-10-09 04:40:26 +00:00
lukem 001c68bd94 Rename a large chunk of the make(1) variables which refer to a
program/tool from "FOO" to "TOOL_FOO".  The new variables are:
	TOOL_ASN1_COMPILE  TOOL_CAP_MKDB  TOOL_CAT  TOOL_CKSUM  TOOL_COMPILE_ET
	TOOL_CONFIG  TOOL_CRUNCHGEN  TOOL_CTAGS  TOOL_DB  TOOL_EQN  TOOL_FGEN
	TOOL_GENCAT  TOOL_GROFF  TOOL_HEXDUMP  TOOL_INDXBIB  TOOL_INSTALLBOOT
	TOOL_INSTALL_INFO  TOOL_M4  TOOL_MAKEFS  TOOL_MAKEINFO  TOOL_MAKEWHATIS
	TOOL_MDSETIMAGE  TOOL_MENUC  TOOL_MKCSMAPPER  TOOL_MKESDB
	TOOL_MKLOCALE  TOOL_MKMAGIC  TOOL_MKTEMP  TOOL_MSGC  TOOL_MTREE
	TOOL_PAX  TOOL_PIC  TOOL_PREPMKBOOTIMAGE  TOOL_PWD_MKDB  TOOL_REFER
	TOOL_ROFF_ASCII  TOOL_ROFF_DVI  TOOL_ROFF_HTML  TOOL_ROFF_PS
	TOOL_ROFF_RAW  TOOL_RPCGEN  TOOL_SOELIM  TOOL_SUNLABEL  TOOL_TBL
	TOOL_UUDECODE  TOOL_VGRIND  TOOL_ZIC

For each, provide default in <bsd.sys.mk> of the form:
	TOOL_FOO?=	foo
and for the ${USETOOLS}=="yes" case in <bsd.own.mk>, provide override:
	TOOL_FOO=	${TOOLDIR}/bin/${_TOOL_PREFIX}foo

Document all of these in bsd.README.

This cleans up a chunk of potential (and actual) namespace collision
within our build infrastructure, as well as improves consistency in
the share/mk documentation and provision of appropriate defaults for
each of these variables.
2003-07-10 10:33:58 +00:00
itojun d857057120 heimdal builds shouldn't dig into openssl source by -Ifoo. 2002-08-29 01:31:27 +00:00
lukem 91d06a031b More use of ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path 2002-08-19 13:35:05 +00:00
lukem ebb6fc9eb8 Use ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path (etc).
(Reduces make output by ~ 20%)
2002-08-19 09:41:27 +00:00
tv 001067bbd1 Readability cleanups; MKfoo=no -> NOfoo. 2001-12-12 00:51:00 +00:00
tv dd7ca02987 Make handling of USETOOLS uniform: Don't need to check whether it is
defined, as <bsd.own.mk> always sets it; also, compare only against "yes"
(not "no") for a yes/no check, as there are two negative states ("no" and
"never").
2001-10-31 16:15:00 +00:00
perry aabb474eb4 test for whether USETOOLS is defined before asking its value 2001-10-06 21:49:32 +00:00
tv 72583e218c .ifndef USE_NEW_TOOLCHAIN => .if ${USETOOLS} == "no"
Allows a new toolchain, but USETOOLS=no, configuration to build properly.
Reported by <martin@duskware.de>.
2001-10-04 16:11:24 +00:00
tv 12661f6606 Prep Heimdal host tools for new toolchain. 2001-09-21 22:58:59 +00:00
assar 2a2aa85a8d update infrastructure for krb4 1.1 and heimdal 0.4e 2001-09-17 12:34:40 +00:00
simonb 2db48f4c88 Add "Remember to update distrib/sets..." lines (and NetBSD RCS IDs in
some cases).
2001-09-10 11:18:41 +00:00
itojun 35a07da1df use openssl 0.9.6a. shlib major # is bumped for libcrypto, libssl and
all kerberos libraries.
2001-04-12 07:48:03 +00:00
assar 03d6b1489a update make infrastructure and shlib versions numbers for heimdal 0.3e 2001-02-11 18:02:04 +00:00
joda 3334e10334 bump minor number (added some functions) 2001-02-07 14:10:04 +00:00
joda 1112a2d7ef this library is hard to use w/o client_glue.c 2001-02-07 10:36:38 +00:00
sommerfeld a0bc06eb92 parallelize (mostly ${MAKE} print-objdir -> ${PRINTOBJDIR}) 2000-12-30 17:21:44 +00:00
jhawk a022cf9d37 Use
${MAKE}
instead of
  make
2000-08-30 23:51:46 +00:00
assar 187f6e559a update build infrastructure for heimdal 0.3a, including new shlib versions 2000-08-03 03:53:35 +00:00
thorpej 8f6ee79db8 Detect if MIT Kerberos V headers are present on the system (by looking
in ${DESTDIR}/usr/include/kadm5/kadm_err.h) and if so, tell the operator
to remove the contents of that directory in an error message and abort.
2000-06-21 05:43:50 +00:00
thorpej e041ca2c2e Fixup Heimdal library builds. 2000-06-16 22:46:43 +00:00
thorpej faf5f5eb7a Import Heimdal library build glue from cryptosrc-intl. 2000-06-16 19:27:31 +00:00