#
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
228662 |
|
17-Dec-2011 |
dim |
In usr.sbin/keyserv, fix some implicit enum conversions, and use the correct printf length modifiers for uid_t.
MFC after: 1 week
|
#
103436 |
|
16-Sep-2002 |
peter |
Initiate deorbit burn for the i386-only a.out related support. Moves are under way to move the remnants of the a.out toolchain to ports. As the comment in src/Makefile said, this stuff is deprecated and one should not expect this to remain beyond 4.0-REL. It has already lasted WAY beyond that.
Notable exceptions: gcc - I have not touched the a.out generation stuff there. ldd/ldconfig - still have some code to interface with a.out rtld. old as/ld/etc - I have not removed these yet, pending their move to ports. some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
|
#
99693 |
|
09-Jul-2002 |
jmallett |
Use libcrypto.so.2 instead of .1, since we have it now. It should enable DES for keyserv again.
Submitted by: mbr
Kill a stray __P while I'm here.
|
#
78737 |
|
24-Jun-2001 |
dd |
Nuke unused variables.
|
#
57451 |
|
24-Feb-2000 |
markm |
Use libcrypto instead of libdes.
|
#
50479 |
|
27-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
#
39319 |
|
15-Sep-1998 |
wpaul |
Apply patch from Stefan Esser to close PR #7941: add code to handle dynamic loading of libdes on ELF systems. The patch looks correct to me.
|
#
29735 |
|
23-Sep-1997 |
charnier |
Use err(3). Put includes in alphabetical order. Rewrote man page in mdoc format. Document -v and -p flags.
|
#
26703 |
|
17-Jun-1997 |
wpaul |
Work around a bug (deficiency?) in the libdes Secure RPC compat interface. The way Secure RPC is set up, the ecb_crypt() routine is expected to be able to encrypt a buffer of any size up to 8192 bytes. However, the des_ecb_encrypt() routine in libdes only encrypts 8 bytes (64 bits) at a time. The rpc_enc.c module should compensate for this by calling des_ecb_encrypt() repeatedly until it has encrypted the entire supplied buffer, but it does not do this.
As a workaround, keyserv now handles this itself: if we're using DES encryption, and the caller requested ECB mode, keyserv will do the right thing.
Also changed all references to 'rc4' into 'arcfour' just in case some litigious bastard from RSA is watching.
Note that I discovered and fixed this problem while trying to get a part of NIS+ working: rpc.nisd signs directory objects with a 16-byte MD5 digest that is encrypted with ecb_crypt(). Previously, only the first 8 bytes of the digest were being properly encrypted, which caused the Sun nis_cachemgr to reject the signatures as invalid. I failed to notice this before since Secure RPC usually never has to encrypt more than 8 bytes of data during normal operations.
|
#
26235 |
|
28-May-1997 |
wpaul |
This commit was generated by cvs2svn to compensate for changes in r26234, which included commits to RCS files with non-trunk default branches.
|
#
26234 |
|
28-May-1997 |
wpaul |
Import of the keyserv daemon needed for Secure RPC.
This version supports both the keyserv v1 and v2 protocols. It uses the new AF_LOCAL transport so that only local processes can use it for storing/retrieving keys, and it uses the SCM_CREDS kernel hack for authentication. With these two modifications, we don't need the keyenvoy program normally used with RPC 4.0.
Note that if libdes.so.3.x is present on the system when keyserv is started, Secure RPC will run with normal DES encryption. If not, everything falls back to RC4 with a 40 bit key.
|