src/secure/lib/libcrypt/Makefile, branch main FreeBSD source tree Merge into a single US-exportable libcrypt, which only provides 2000-12-28T10:32:02+00:00 Peter Wemm peter@FreeBSD.org 2000-12-28T10:32:02+00:00 9886bcdf9326929b650dc843802a25400f597365 one-way hash functions for authentication purposes. There is no more "set the libcrypt->libXXXcrypt" nightmare. - Undo the libmd.so hack, use -D to hide the md5c.c internals. - Remove the symlink hacks in release/Makefile - the algorthm is set by set_crypt_format() as before. If this is not called, it tries to heuristically figure out the hash format, and if all else fails, it uses the optional auth.conf entry to chose the overall default hash. - Since source has non-hidden crypto in it there may be some issues with having the source it in some countries, so preserve the "secure/*" division. You can still build a des-free libcrypt library if you want to badly enough. This should not be a problem in the US or exporting from the US as freebsd.org had notified BXA some time ago. That makes this stuff re-exportable by anyone. - For consistancy, the default in absence of any other clues is md5. This is to try and minimize POLA across buildworld where folk may suddenly be activating des-crypt()-hash support. Since the des hash may not always be present, it seemed sensible to make the stronger md5 algorithm the default. All things being equal, no functionality is lost. Reviewed-by: jkh (flame-proof suit on) 
one-way hash functions for authentication purposes.  There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before.  If this is
  not called, it tries to heuristically figure out the hash format, and
  if all else fails, it uses the optional auth.conf entry to chose the
  overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
  having the source it in some countries, so preserve the "secure/*"
  division.  You can still build a des-free libcrypt library if you want
  to badly enough.  This should not be a problem in the US or exporting
  from the US as freebsd.org had notified BXA some time ago.  That makes
  this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5.  This
  is to try and minimize POLA across buildworld where folk may suddenly
  be activating des-crypt()-hash support.  Since the des hash may not
  always be present, it seemed sensible to make the stronger md5 algorithm
  the default.
All things being equal, no functionality is lost.

Reviewed-by: jkh

(flame-proof suit on)
Add working and easy crypt(3)-switching. Yes, we need a whole new API 2000-08-22T02:15:54+00:00 Brian Feldman green@FreeBSD.org 2000-08-22T02:15:54+00:00 04c9749ff0148ec8f73b150cec8bc2c094a5d31a for crypt(3) by now. In any case: Add crypt_set_format(3) + documentation to -lcrypt. Add login_setcryptfmt(3) + documentation to -lutil. Support for switching crypt formats in passwd(8). Support for switching crypt formats in pw(8). The simple synopsis is: edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :) Reviewed by: peter 
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
Add NODESCRYPTLINKS knob to prevent spamming of libcrypt -> libscrypt 2000-02-29T05:47:52+00:00 Kris Kennaway kris@FreeBSD.org 2000-02-29T05:47:52+00:00 06f13592e1159eddacf4ed78d8ea929f551c172a symlinks. The name is against my better judgement, but I defer to ancient tradition here because I'm a nice guy. Reviewed by: -current 
symlinks. The name is against my better judgement, but I defer to ancient
tradition here because I'm a nice guy.

Reviewed by:	-current
Really really remove SHA-1 support. 2000-01-09T21:22:48+00:00 Kris Kennaway kris@FreeBSD.org 2000-01-09T21:22:48+00:00 63f691b33ca56acc1450025d984a06c16c21a94f 






Remove the SHA stuff properly.
2000-01-08T03:01:13+00:00

Jordan K. Hubbard
jkh@FreeBSD.org

2000-01-08T03:01:13+00:00

e63a2405763dc40dbb83dedb7c6907dc23d46cb3












I missed the LDADD/DPADD for -lmd in the secure cases. :-(
1999-12-19T16:50:33+00:00

Peter Wemm
peter@FreeBSD.org

1999-12-19T16:50:33+00:00

1a9527eaaad28d19a91707c53bb0b38003b42e59

Pointed out by: marcel





Pointed out by: marcel







Colour me stupid. This is a better way of using the macros.
1999-09-21T22:13:07+00:00

Mark Murray
markm@FreeBSD.org

1999-09-21T22:13:07+00:00

e267a66620d8787cb1e738dbee193cfddc66bd3b












Do this the same way as Internat to reduce diffs.
1999-09-21T17:57:09+00:00

Mark Murray
markm@FreeBSD.org

1999-09-21T17:57:09+00:00

af37a7967bdd54c55030d6bac5ca44c6472c2b39












Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
1999-09-21T17:52:05+00:00

Dmitrij Tejblum
dt@FreeBSD.org

1999-09-21T17:52:05+00:00

462da152d2d0f22be3ff98e01309596dbcca4606

Revert the major number back to 2.

libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.





Revert the major number back to 2.

libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.







Restore SONAME setting, otherwise libdescrypt.so.3 doesn't end up with
1999-09-21T14:47:36+00:00

Peter Wemm
peter@FreeBSD.org

1999-09-21T14:47:36+00:00

6fd36d7d1184fe799f73904fd1f2586d038c0117

a special SONAME of libcrypt.so.3 and the runtime symlink doesn't work.





a special SONAME of libcrypt.so.3 and the runtime symlink doesn't work.