aboutsummaryrefslogtreecommitdiff
path: root/security/pidentd/Makefile
diff options
context:
space:
mode:
authorPeter Wemm <peter@FreeBSD.org>1996-11-05 18:23:42 +0000
committerPeter Wemm <peter@FreeBSD.org>1996-11-05 18:23:42 +0000
commit82e68e552b252a0f50388f1080c465b0f70e5f12 (patch)
tree987a6f5b52e1820639665b4f17a96cf21bd8ebe2 /security/pidentd/Makefile
parent1f1c3ef553ec929e7ba8a2ae77d11460f72a244e (diff)
downloadports-82e68e552b252a0f50388f1080c465b0f70e5f12.tar.gz
ports-82e68e552b252a0f50388f1080c465b0f70e5f12.zip
Add a compile option so that identd will send encrypted cookies out rather
than usernames. This makes it much more difficult for somebody to "frame" one of your users. ie: instead of people getting: connect from peter@spinner.DIALix.COM in their syslogs, they will get this instead: connect from [W+rNvCy5FuPV4xEj8thdXIlfD9qNIbzB]@spinner.DIALix.COM The remote site will have to send it to you to decode it. When you are given one of these cookies, you can know for sure it is not faked, and you don't have to trust the word of the remote sysadmin when arranging your local lame hacker-type user to meet with an unfortunate incident :-). This feature is documented in the man pages. Also, fix an apparent bug in the code that deals with this, but it might be a feature of the version of libdes we have on FreeBSD. Requested by: markm (a fair while ago)
Notes
Notes: svn path=/head/; revision=4305
Diffstat (limited to 'security/pidentd/Makefile')
-rw-r--r--security/pidentd/Makefile13
1 files changed, 12 insertions, 1 deletions
diff --git a/security/pidentd/Makefile b/security/pidentd/Makefile
index 8887dd09ce9d..8bee31f928d2 100644
--- a/security/pidentd/Makefile
+++ b/security/pidentd/Makefile
@@ -3,7 +3,7 @@
# Date created: 19 Oct 1994
# Whom: torstenb
#
-# $Id: Makefile,v 1.15 1996/09/14 23:22:04 torstenb Exp $
+# $Id: Makefile,v 1.16 1996/10/31 00:13:02 ache Exp $
#
DISTNAME= pidentd-2.7.1
@@ -16,6 +16,17 @@ MAINTAINER= torstenb@FreeBSD.ORG
ALL_TARGET= freebsd
MAKE_ENV= REALPREFIX=${PREFIX}
+# Uncomment to activate the use of verifiable "cookies". The idea is to be
+# able to detect fake "logs" intended to get your innocent users in trouble.
+# Naturally, since it uses libdes, you must have the "secure" dist installed.
+#USE_DES= true
+
+.if defined(USE_DES)
+ADD_GDEFS= -DINCLUDE_CRYPT
+ADD_GLIBS= -ldes
+MAKE_ENV+= ADD_GDEFS="${ADD_GDEFS}" ADD_GLIBS="${ADD_GLIBS}"
+.endif
+
.if !defined(NOMANCOMPRESS)
post-install:
gzip -9nf ${PREFIX}/man/man8/identd.8