#
d0b2dbfa |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
#
d83db3fb |
|
04-Nov-2018 |
Conrad Meyer <cem@FreeBSD.org> |
Drop ed(1) "crypto" You should not be using DES. You should not have been using DES for the past 30 years. The ed DES-CBC scheme lacked several desirable properties of a sealed document system, even ignoring DES itself. In particular, it did not provide the "integrity" cryptographic property (detection of tampering), and it treated ASCII passwords as 64-bit keys (instead of using a KDF like scrypt or PBKDF2). Some general approaches ed(1) users might consider to replace the removed DES mode: 1. Full disk encryption with something like AES-XTS. This is easy to conceptualize, design, and implement, and it provides confidentiality for data at rest. Like CBC, it lacks tampering protection. Examples include GELI, LUKS, FileVault2. 2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS, others). 3. Native encryption at the filesystem layer. Ext4/F2FS, ZFS, APFS, and NTFS all have some flavor of this. 4. Storing your files unencrypted. It's not like DES was doing you much good. If you have DES-CBC scrambled files produced by ed(1) prior to this change, you may decrypt them with: openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext> Reviewed by: allanjude, bapt, emaste Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D17829
|
#
b4b4b530 |
|
28-Jan-2017 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Revert crap accidentally committed
|
#
814aaaa7 |
|
28-Jan-2017 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Revert r312923 a better approach will be taken later
|
#
ac2875fa |
|
09-Feb-2016 |
Glen Barber <gjb@FreeBSD.org> |
Explicitly add unmarked bin/ binaries to the runtime package. Note: tcsh(1) has a MK_TCSH=no test, so this should be a separate package, which requires pre-install/post-install scripts, to be added later. Sponsored by: The FreeBSD Foundation
|
#
12cd1730 |
|
25-Nov-2014 |
Baptiste Daroussin <bapt@FreeBSD.org> |
Convert bin/ to LIBADD, reduce overlinking allow to build all components as static
|
#
04efeffe |
|
05-Jun-2014 |
Warner Losh <imp@FreeBSD.org> |
When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and remove the now-redundant checks for RELEASE_CRUNCH. This originally was defined for building smaller sysinstall images, but was later also used by picobsd builds for a similar purpose. Now that we've moved away from sysinstall, picobsd is the only remaining consumer of this interface. Adding these two options reduces the RELEASE_CRUNCH special cases in the tree by half.
|
#
c6063d0d |
|
05-May-2014 |
Warner Losh <imp@FreeBSD.org> |
Use src.opts.mk in preference to bsd.own.mk except where we need stuff from the latter.
|
#
aa39c447 |
|
19-May-2012 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Add build option MK_ED_CRYPTO to control whether ed(1) is to have the ability to encrypt/decrypt files. Embedded systems can typically have OpenSSL, but not for ed(1) to use it. Obtained from: Juniper Networks, Inc.
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
55fa734d |
|
04-Mar-2010 |
Ulrich Spörlein <uqs@FreeBSD.org> |
ed(1): make WARNS=6 clean Although argc and argv are never read after the longjmp is complete, gcc is not clever enough to see that and needlessly warns about it. So add volatile to silence the compiler. Approved by: ed (the co-mentor, not ed(1))
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
ea7f7bde |
|
08-Dec-2007 |
Marius Strobl <marius@FreeBSD.org> |
Move WARNS as ed(1) also is only WARNS = 2 clean in the !DES case. This fixes its compilation if MK_OPENSSL == no and also obsoletes release/Makefile rev. 1.192. The latter isn't reverted though as support for the fixit floppy and the rest of the boot floppies is scheduled to be deorbited anyway. Discussed with: kensmith
|
#
0c0146f0 |
|
02-Jul-2007 |
Ken Smith <kensmith@FreeBSD.org> |
Don't include encryption features of ed(1) when building for the "rescue media" bundled with releases. Suggested by: ru Approved by: re (hrs)
|
#
e1fe3dba |
|
17-Mar-2006 |
Ruslan Ermilov <ru@FreeBSD.org> |
Reimplementation of world/kernel build options. For details, see: http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html The src.conf(5) manpage is to follow in a few days. Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
#
a2161735 |
|
21-Dec-2004 |
Ruslan Ermilov <ru@FreeBSD.org> |
NOCRYPT -> NO_CRYPT
|
#
d37df47d |
|
06-Aug-2004 |
Colin Percival <cperciva@FreeBSD.org> |
Join the 21st century: Cryptography is no longer an optional component of releases. The -DNOCRYPT build option still exists for anyone who really wants to build non-cryptographic binaries, but the "crypto" release distribution is now part of "base", and anyone installing from a release will get cryptographic binaries. Approved by: re (scottl), markm Discussed on: freebsd-current, in late April 2004
|
#
ebb9f0ef |
|
24-Jul-2003 |
Mark Murray <markm@FreeBSD.org> |
Don't check for the existance of src/crypto/ for building items that may contain crypto. The days of ITAR paranoia are over, and the simple macro tests that remain are sufficient.
|
#
8fe29a4f |
|
19-Jul-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
This code isn't WARNS=6 clean in the standard (crypto) case due to bugs in OpenSSL headers. I was testing in the wrong environmement: standalone build without crypto/ sources.
|
#
ff572a5e |
|
20-Jul-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
Make this code WARNS=6 clean again (after GCC 3.1.1 import). Submitted by: Marius Strobl <marius@alchemy.franken.de>
|
#
ce17762f |
|
29-Jun-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
Unbreak NOCRYPT buildworld. Reviewed by: markm
|
#
eac4bdcc |
|
13-Jun-2003 |
Mark Murray <markm@FreeBSD.org> |
Get this area compiling with the highest WARNS= that it works with. Obsolete WFORMAT= junk also removed where possible. OK'ed by: obrien Tested on: sparc64, alpha, i386
|
#
8027fe39 |
|
08-Jun-2003 |
Mark Murray <markm@FreeBSD.org> |
Fix for the NO_OPENSSL case. Reported by: Marius Strobl <marius@alchemy.franken.de>
|
#
eb338d36 |
|
02-Jun-2003 |
Mark Murray <markm@FreeBSD.org> |
Modernise. Use libcrypto for DES instead of libcipher.
|
#
7691f66a |
|
19-May-2003 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Retire the useless NOSECURE knob. Approved by: re (scottl)
|
#
aa70e98b |
|
06-Dec-2001 |
Ruslan Ermilov <ru@FreeBSD.org> |
-lcipher is an installable library.
|
#
a7482907 |
|
03-Dec-2001 |
David E. O'Brien <obrien@FreeBSD.org> |
Default to WARNS=2. Binary builds that cannot handle this must explicitly set WARNS=0. Reviewed by: mike
|
#
a4616748 |
|
06-Aug-2001 |
Mike Barcroft <mike@FreeBSD.org> |
o Correctly define rcsid. o Add consts where appropriate. o Rename some variables that were shadowing global declarations. o Remove register storage-classes. o Make errmsg a const, so we can just set error messages instead of using sprintf/strcpy. o Set WARNS=2 Reviewed by: bde, des
|
#
e1a456f0 |
|
29-Feb-2000 |
Mark Murray <markm@FreeBSD.org> |
Change DISTRIBUTION name to match reality.
|
#
2a456239 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
8199f5c4 |
|
06-Mar-1998 |
Bruce Evans <bde@FreeBSD.org> |
Fixed existence test for secure sources (don't test for secure objects). Fixed some formatting.
|
#
b97fa2ef |
|
22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Revert $FreeBSD$ to $Id$
|
#
1130b656 |
|
14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
afceae0c |
|
22-Oct-1995 |
Andrey A. Chernov <ache@FreeBSD.org> |
Wrong library was picked by ed
|
#
2f67cae6 |
|
03-Oct-1995 |
Mark Murray <markm@FreeBSD.org> |
Correctly build the secure ed(1) only if secure/ exists. Pointed out by: bde
|
#
6eb5c24f |
|
01-Oct-1995 |
Mark Murray <markm@FreeBSD.org> |
Use the same make technique as passwd and xntpd for the secure ed(1). This will allow the secure/bin/ed directory to be cleaned out and the bin/Makefile to be cleaned up.
|
#
ffdd6a72 |
|
18-Dec-1994 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
src/bin/ed will never build DES encumbered ed again. That is the job for secure/bin/ed ...
|
#
e615020e |
|
29-Oct-1994 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Don't check existence of -lcrypt to decide if DES is employed, instead check that "NOCRYPT" isn't defined.
|
#
89730b29 |
|
23-Sep-1994 |
David Greenman <dg@FreeBSD.org> |
Added $Id$
|
#
d165d4ac |
|
22-Mar-1994 |
Andrew Moore <alm@FreeBSD.org> |
use umask 077 for buffer file
|
#
95e6217e |
|
31-Jan-1994 |
Andrew Moore <alm@FreeBSD.org> |
Fixed range address bug: 1,2, == 2,2 not 2,. Overhauled the name space, reworked some modules and removed the obsolescent Addison-Wesley copyright.
|
#
5a5100e3 |
|
09-Aug-1993 |
Andrew Moore <alm@FreeBSD.org> |
added (unsiged) cast to avoid int overflow removed REGEX directive
|
#
b5a50652 |
|
02-Aug-1993 |
J.T. Conklin <jtc@FreeBSD.org> |
Remove -I${.CURDIR}, as we now use system's regex.h
|
#
7a776800 |
|
02-Aug-1993 |
J.T. Conklin <jtc@FreeBSD.org> |
Use system's posix compliant regex library (GNU regex for now).
|
#
7b0d50fd |
|
20-Jul-1993 |
Nate Williams <nate@FreeBSD.org> |
Libcrypt upgrade
|
#
30154ac8 |
|
18-Jun-1993 |
Andrew Moore <alm@FreeBSD.org> |
POSIX ed version 0.6 by Andrew Moore (alm@netcom.com).
|