pkgbase: Create a FreeBSD-telnet package

both telnet and telnetd aren't that useful nowadays but some
might want them.
Create a FreeBSD-telnet package so users have a choice to have
them or not.

Di

pkgbase: Create a FreeBSD-telnet package

both telnet and telnetd aren't that useful nowadays but some
might want them.
Create a FreeBSD-telnet package so users have a choice to have
them or not.

Differential Revision: https://reviews.freebsd.org/D31791
Reviewed by: emaste

(cherry picked from commit c7fd29f0f29ae3eb9d86cc019f6c1bab35634548)

show more ...

These values already set by src.libnames.mk.

MFC after: 2 weeks
Sponsored by: Dell EMC Isilon

libexec: normalize paths using SRCTOP-relative paths or :H when possible

This simplifies make logic/output

MFC after: 1 month
Sponsored by: Dell EMC Isilon

Convert to LIBADD
Reduce overlinking

Add baud rate support to telnet(1)

This implements part of RFC-2217

It's based off a patch originally written by Sujal Patel at Isilon, and
contributions from other Isilon employees.

PR: 173728
Ph

Add baud rate support to telnet(1)

This implements part of RFC-2217

It's based off a patch originally written by Sujal Patel at Isilon, and
contributions from other Isilon employees.

PR: 173728
Phabric: D995
Reviewed by: markj, markm
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

show more ...

Revert r267233 for now. PIE support needs to be reworked.

1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generati

Revert r267233 for now. PIE support needs to be reworked.

1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by: kib

show more ...

Replace all uses of libncurses and libtermcap with their wide character
variants. This allows usable file system images (i.e. those with both a
shell and an editor) to be created with only one copy

Replace all uses of libncurses and libtermcap with their wide character
variants. This allows usable file system images (i.e. those with both a
shell and an editor) to be created with only one copy of the curses library.

Exp-run: antoine
PR: 189842
Discussed with: bapt
Sponsored by: DARPA, AFRL

show more ...

In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.

This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be ena

In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.

This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by: Shawn Webb <[email protected]>
Discussed between: des@ and Shawn Webb [2]

show more ...

When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was

When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.

show more ...

Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.

Convert telnetd(8) to use posix_openpt(2).

Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even
though it turned out to be a different problem within the TTY code, I
spotted a small is

Convert telnetd(8) to use posix_openpt(2).

Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even
though it turned out to be a different problem within the TTY code, I
spotted a small issue with telnetd(8). Instead of allocating PTY's using
openpty(3) or posix_openpt(2), it used its own PTY allocation routine.
This means that telnetd(8) still uses /dev/ptyXX-style devices.

I've also increased the size of line[]. Even though 16 should be enough,
we already use 13 bytes ("/dev/pts/999", including '\0'). 32 bytes gives
us a little more freedom.

Also enable -DSTREAMSPTY. Otherwise telnetd(8) strips the PTY's pathname
to the latest slash instead of just removing "/dev/" (e.g. /dev/pts/0 ->
0, instead of pts/0).

Reviewed by: rink

show more ...

Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.

inetd and telnetd are not included in the standard release
crunched floppies, but they can be included as options in
src/release/picobsd (omitted by default though.) Therefore
preserve the RELEASE_C

inetd and telnetd are not included in the standard release
crunched floppies, but they can be included as options in
src/release/picobsd (omitted by default though.) Therefore
preserve the RELEASE_CRUNCH knob in their Makefiles, but
tell its real purpose in a comment.

show more ...

Stop enforcing dependencies between MK_* options at Makefile level.
All the dependencies are satisfied now in <bsd.own.mk>.

telnetd(8) doesn't really go to the crunched floppies,
so its Makefile needn't test for RELEASE_CRUNCH.

Suggested by: ru

Respect MK_INET6_SUPPORT.
Apply style.Makefile(5).

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Bro

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)

show more ...

Remove kludges intended to support src trees with partial obj trees.

Discussed with: ru

NOCRYPT -> NO_CRYPT

Join the 21st century: Cryptography is no longer an optional component
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "

Join the 21st century: Cryptography is no longer an optional component
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004

show more ...

Make sure that a "make release" (more accurately the bit that makes
the crunched binary) get a non-cryptographic telnet. This is overkill
in that it covers stuff that is not normally used in a crunch

Make sure that a "make release" (more accurately the bit that makes
the crunched binary) get a non-cryptographic telnet. This is overkill
in that it covers stuff that is not normally used in a crunched binary.

show more ...

Ensure that for the cryptographic instances of *telnet*, the "crypto"
distribution is used. This only affects release-building.

Test correct macro for "without crypto" option(s).

Very big makeover in the way telnet, telnetd and libtelnet are built.

Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that live

Very big makeover in the way telnet, telnetd and libtelnet are built.

Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.

show more ...

Set WFORMAT=0, overlooked in previous commits to libexec/.

Reported by: jhay