Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

Drop ed(1) "crypto"

You should not be using DES. You should not have been using DES for the
past 30 years.

The ed DES-CBC scheme lacked several desirable properties of a sealed
document system, even ignoring DES itself. In particular, it did not
provide the "integrity" cryptographic property (detection of tampering), and
it treated ASCII passwords as 64-bit keys (instead of using a KDF like
scrypt or PBKDF2).

Some general approaches ed(1) users might consider to replace the removed
DES mode:

1. Full disk encryption with something like AES-XTS. This is easy to
conceptualize, design, and implement, and it provides confidentiality for
data at rest. Like CBC, it lacks tampering protection. Examples include
GELI, LUKS, FileVault2.

2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS,
others).

3. Native encryption at the filesystem layer. Ext4/F2FS, ZFS, APFS, and
NTFS all have some flavor of this.

4. Storing your files unencrypted. It's not like DES was doing you much
good.

If you have DES-CBC scrambled files produced by ed(1) prior to this change,
you may decrypt them with:

openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext>

Reviewed by: allanjude, bapt, emaste
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D17829

Revert crap accidentally committed

Revert r312923 a better approach will be taken later

Explicitly add unmarked bin/ binaries to the runtime package.
Note: tcsh(1) has a MK_TCSH=no test, so this should be a separate
package, which requires pre-install/post-install scripts, to be
added later.

Sponsored by: The FreeBSD Foundation

Convert bin/ to LIBADD, reduce overlinking allow to build all components as
static

When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS and
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.

Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.

Add build option MK_ED_CRYPTO to control whether ed(1) is to have the
ability to encrypt/decrypt files. Embedded systems can typically have
OpenSSL, but not for ed(1) to use it.

Obtained from: Juniper Networks, Inc.

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

ed(1): make WARNS=6 clean

Although argc and argv are never read after the longjmp is complete,
gcc is not clever enough to see that and needlessly warns about it.
So add volatile to silence the compiler.

Approved by: ed (the co-mentor, not ed(1))

- Import the HEAD csup code which is the basis for the cvsmode work.

Move WARNS as ed(1) also is only WARNS = 2 clean in the !DES case.
This fixes its compilation if MK_OPENSSL == no and also obsoletes
release/Makefile rev. 1.192. The latter isn't reverted though as
support for the fixit floppy and the rest of the boot floppies is
scheduled to be deorbited anyway.

Discussed with: kensmith

Don't include encryption features of ed(1) when building for the
"rescue media" bundled with releases.

Suggested by: ru
Approved by: re (hrs)

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)

NOCRYPT -> NO_CRYPT

Join the 21st century: Cryptography is no longer an optional component
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004

Don't check for the existance of src/crypto/ for building items that
may contain crypto. The days of ITAR paranoia are over, and the simple
macro tests that remain are sufficient.

This code isn't WARNS=6 clean in the standard (crypto) case
due to bugs in OpenSSL headers. I was testing in the wrong
environmement: standalone build without crypto/ sources.

Make this code WARNS=6 clean again (after GCC 3.1.1 import).

Submitted by: Marius Strobl <marius@alchemy.franken.de>

Unbreak NOCRYPT buildworld.

Reviewed by: markm

Get this area compiling with the highest WARNS= that it works with.
Obsolete WFORMAT= junk also removed where possible.

OK'ed by: obrien
Tested on: sparc64, alpha, i386

Fix for the NO_OPENSSL case.

Reported by: Marius Strobl <marius@alchemy.franken.de>

Modernise. Use libcrypto for DES instead of libcipher.

Retire the useless NOSECURE knob.

Approved by: re (scottl)

-lcipher is an installable library.

Default to WARNS=2. Binary builds that cannot handle this must explicitly
set WARNS=0.

Reviewed by: mike

o Correctly define rcsid.
o Add consts where appropriate.
o Rename some variables that were shadowing global declarations.
o Remove register storage-classes.
o Make errmsg a const, so we can just set error messages instead
of using sprintf/strcpy.
o Set WARNS=2

Reviewed by: bde, des

Change DISTRIBUTION name to match reality.

$Id$ -> $FreeBSD$

Fixed existence test for secure sources (don't test for secure objects).

Fixed some formatting.

Revert $FreeBSD$ to $Id$

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Wrong library was picked by ed

Correctly build the secure ed(1) only if secure/ exists.
Pointed out by: bde

Use the same make technique as passwd and xntpd for the secure ed(1). This
will allow the secure/bin/ed directory to be cleaned out and the bin/Makefile
to be cleaned up.

src/bin/ed will never build DES encumbered ed again. That is the job
for secure/bin/ed ...

Don't check existence of -lcrypt to decide if DES is employed,
instead check that "NOCRYPT" isn't defined.

Added $Id$

use umask 077 for buffer file

Fixed range address bug: 1,2, == 2,2 not 2,.
Overhauled the name space, reworked some modules and removed the
obsolescent Addison-Wesley copyright.

added (unsiged) cast to avoid int overflow
removed REGEX directive

Remove -I${.CURDIR}, as we now use system's regex.h

Use system's posix compliant regex library (GNU regex for now).

Libcrypt upgrade

POSIX ed version 0.6 by Andrew Moore (alm@netcom.com).