Commit Graph

38 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
dbj b41feff50f fixes for installing into a case insensitive $DESTDIR
when files may have hard links to a a name that only differs by case
  - change install to unconditionally remove its temporary file
    when installing hard links with -r.  This avoids problems when
    built with posix rename(2) semantics and reinstalling an existing
    hard link.
  - rework hard link targets in bsd.man.mk and bsd.links.mk
    to use makefile constructs instead of shell constructs
  - always reinstall hard links that may have case conflicts, even
    when MKUPDATE=yes, this ensures that they get added to METALOG
  - remove man pages which were hard linked to themselves in libform
  - remove improper hard link command for existing man page in libkrb5
  - fix libl's makefile to include bsd.lib.mk at end
  - remove shell quoting in link target for test's [.1 man page
2006-09-11 22:24:09 +00:00
mrg 6a3e7ce9e1 apply -fno-strict-aliasing to changepw.c 2006-05-12 18:00:06 +00:00
mrg aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
lukem 1e281ed227 Only #define HAVE_IPV6 if ${USE_INET6} != "no". 2005-01-10 03:11:17 +00:00
lukem 0632d7cdd0 Need to prefix relative directories with `${.CURDIR}/' so that
objdir builds in the src tree (i.e, without MAKEOBJDIR{,PREFIX}) work.
Fixes problem noted by Hisashi T Fujinaka.
2004-08-05 01:24:02 +00:00
lukem cd54219242 Convert from the src/lib -specific DEPLIBS to using LIBDPLIBS from <bsd.lib.mk> 2004-08-04 08:04:25 +00:00
lukem 124613b27e Implement DEPLIBS (in Makefile.inc for now), which adds all the listed
libraries to LDADD & DPADD for the current library, using -L OBJDIR-of-DEPLIB
so that the current library can link with the DEPLIB library built but
not installed.

Set DEPLIBS appropriately, rather than explictly adding LDADD/DPADD
for various libraries.

Reorder library build order so that libraries that depend upon any
other library are built at the end.


Whilst this change could be done in a more generic manner (and I
intend to work on that), it does remove the need to implement
top-level build targets such as "do-lib-des" (etc).
2004-07-30 07:02:53 +00:00
lukem e1d3cfe331 LDADD libcrypto libasn1 libcom_err libroken 2004-07-30 06:13:00 +00:00
jonathan 98b92eb4a5 Commit manpage for krb5_set_password(3), based on Heimdal-20040606,
with small revisions by myself, reviewed/approved by Love.
2004-07-14 07:02:07 +00:00
lukem 001c68bd94 Rename a large chunk of the make(1) variables which refer to a
program/tool from "FOO" to "TOOL_FOO".  The new variables are:
	TOOL_ASN1_COMPILE  TOOL_CAP_MKDB  TOOL_CAT  TOOL_CKSUM  TOOL_COMPILE_ET
	TOOL_CONFIG  TOOL_CRUNCHGEN  TOOL_CTAGS  TOOL_DB  TOOL_EQN  TOOL_FGEN
	TOOL_GENCAT  TOOL_GROFF  TOOL_HEXDUMP  TOOL_INDXBIB  TOOL_INSTALLBOOT
	TOOL_INSTALL_INFO  TOOL_M4  TOOL_MAKEFS  TOOL_MAKEINFO  TOOL_MAKEWHATIS
	TOOL_MDSETIMAGE  TOOL_MENUC  TOOL_MKCSMAPPER  TOOL_MKESDB
	TOOL_MKLOCALE  TOOL_MKMAGIC  TOOL_MKTEMP  TOOL_MSGC  TOOL_MTREE
	TOOL_PAX  TOOL_PIC  TOOL_PREPMKBOOTIMAGE  TOOL_PWD_MKDB  TOOL_REFER
	TOOL_ROFF_ASCII  TOOL_ROFF_DVI  TOOL_ROFF_HTML  TOOL_ROFF_PS
	TOOL_ROFF_RAW  TOOL_RPCGEN  TOOL_SOELIM  TOOL_SUNLABEL  TOOL_TBL
	TOOL_UUDECODE  TOOL_VGRIND  TOOL_ZIC

For each, provide default in <bsd.sys.mk> of the form:
	TOOL_FOO?=	foo
and for the ${USETOOLS}=="yes" case in <bsd.own.mk>, provide override:
	TOOL_FOO=	${TOOLDIR}/bin/${_TOOL_PREFIX}foo

Document all of these in bsd.README.

This cleans up a chunk of potential (and actual) namespace collision
within our build infrastructure, as well as improves consistency in
the share/mk documentation and provision of appropriate defaults for
each of these variables.
2003-07-10 10:33:58 +00:00
lha 4a1a2b48c6 install more man pages 2003-05-26 01:11:55 +00:00
joda 610c58a71a fix typo in previous 2002-09-12 15:29:02 +00:00
joda cd26173a60 krb5-types.h is no more; install more man pages 2002-09-12 14:50:31 +00:00
itojun d857057120 heimdal builds shouldn't dig into openssl source by -Ifoo. 2002-08-29 01:31:27 +00:00
lukem 91d06a031b More use of ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path 2002-08-19 13:35:05 +00:00
lukem ebb6fc9eb8 Use ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path (etc).
(Reduces make output by ~ 20%)
2002-08-19 09:41:27 +00:00
lukem 2c1cfc8e8c - in <bsd.files.mk>, don't clear FILES after using it, as that prevents
make -V FILES
  from being useful (and given that every other variable can be
  extracted using make -V, the behaviour was unusually inconsistent
  given that the original reason for clearing it doesn't seem to be
  relevant anymore)
- use <bsd.prog.mk> instead of directly including <bsd.files.mk>
  (and possibly <bsd.man.mk> or <bsd.own.mk>)
- remove obsolete NOPROG
2002-04-24 08:18:45 +00:00
tv 001067bbd1 Readability cleanups; MKfoo=no -> NOfoo. 2001-12-12 00:51:00 +00:00
joda 24e81c59a8 add a bunch of MLINK's 2001-11-09 15:44:31 +00:00
gmcgarry 9a9f44d50b Install krb5.3 2001-11-08 19:47:59 +00:00
tv dd7ca02987 Make handling of USETOOLS uniform: Don't need to check whether it is
defined, as <bsd.own.mk> always sets it; also, compare only against "yes"
(not "no") for a yes/no check, as there are two negative states ("no" and
"never").
2001-10-31 16:15:00 +00:00
perry aabb474eb4 test for whether USETOOLS is defined before asking its value 2001-10-06 21:49:32 +00:00
tv 72583e218c .ifndef USE_NEW_TOOLCHAIN => .if ${USETOOLS} == "no"
Allows a new toolchain, but USETOOLS=no, configuration to build properly.
Reported by <martin@duskware.de>.
2001-10-04 16:11:24 +00:00
tv 12661f6606 Prep Heimdal host tools for new toolchain. 2001-09-21 22:58:59 +00:00
assar 2a2aa85a8d update infrastructure for krb4 1.1 and heimdal 0.4e 2001-09-17 12:34:40 +00:00
assar 4b1c7f1857 update generated heimdal include files for 0.3f
update Makefile infrastructure for 0.3f
bump shared library versions
fix some merge problems
2001-06-20 02:01:18 +00:00
itojun a5b2b2d549 do not try -Iopenssl/crypto/md4, heimdal code wants libc md4.h, not
openssl md4.h.  (we shouldn't use -Iopenssl btw, use <openssl/foo.h>)
2001-04-12 05:59:25 +00:00
assar 03d6b1489a update make infrastructure and shlib versions numbers for heimdal 0.3e 2001-02-11 18:02:04 +00:00
sommerfeld a0bc06eb92 parallelize (mostly ${MAKE} print-objdir -> ${PRINTOBJDIR}) 2000-12-30 17:21:44 +00:00
joda fc34792ee1 install kerberos.8 manpage, and krb5.conf sample file 2000-09-10 19:36:43 +00:00
jhawk a022cf9d37 Use
${MAKE}
instead of
  make
2000-08-30 23:51:46 +00:00
thorpej ad533632da Eliminate a no-longer-needed .PATH. 2000-08-09 02:16:20 +00:00
thorpej 6285648cc8 Don't include our own rnd_keys.c -- NetBSD's libcrypto already has it. 2000-08-09 02:12:48 +00:00
assar 187f6e559a update build infrastructure for heimdal 0.3a, including new shlib versions 2000-08-03 03:53:35 +00:00
thorpej 1d5362fe7e Detect if MIT Kerberos V headers are present on the system (by looking
in ${DESTDIR}/usr/include/krb5/osconf.h) and if so, tell the operator
to remove the contents of that directory in an error message and abort.
2000-06-19 23:50:52 +00:00
thorpej e041ca2c2e Fixup Heimdal library builds. 2000-06-16 22:46:43 +00:00
thorpej faf5f5eb7a Import Heimdal library build glue from cryptosrc-intl. 2000-06-16 19:27:31 +00:00