Date: Sun, 15 Jul 2012 11:39:35 +0000 (UTC) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r238481 - in stable/9: . bin/rcp etc include lib/libcrypt lib/libutil libexec/rshd release/picobsd/tinyware/passwd share/examples/etc sys/mips/rmi usr.bin/login usr.bin/passwd usr.bin/r... Message-ID: <201207151139.q6FBda4c045344@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Sun Jul 15 11:39:35 2012 New Revision: 238481 URL: http://svn.freebsd.org/changeset/base/238481 Log: MFH r236751: document sha256 / sha512 support MFH r236892: remove mention of auth.conf from programs that don't use it MFH r236963: remove dead code relating to auth.conf MFH r236965 r236966 r236967 r237005 r237006 r237011: retire auth.conf Approved by: re Deleted: stable/9/etc/auth.conf stable/9/lib/libutil/auth.3 stable/9/lib/libutil/auth.conf.5 Modified: stable/9/ObsoleteFiles.inc (contents, props changed) stable/9/bin/rcp/rcp.1 stable/9/etc/Makefile stable/9/include/paths.h stable/9/lib/libcrypt/Makefile stable/9/lib/libcrypt/crypt.3 stable/9/lib/libcrypt/crypt.c stable/9/lib/libutil/Makefile stable/9/lib/libutil/auth.c stable/9/lib/libutil/login.conf.5 stable/9/lib/libutil/property.3 stable/9/libexec/rshd/rshd.8 stable/9/release/picobsd/tinyware/passwd/passwd.c stable/9/share/examples/etc/README.examples stable/9/sys/mips/rmi/rootfs_list.txt stable/9/usr.bin/login/login.1 stable/9/usr.bin/passwd/passwd.1 stable/9/usr.bin/rlogin/rlogin.1 stable/9/usr.bin/rsh/rsh.1 Directory Properties: stable/9/ (props changed) stable/9/bin/rcp/ (props changed) stable/9/etc/ (props changed) stable/9/include/ (props changed) stable/9/lib/libcrypt/ (props changed) stable/9/lib/libutil/ (props changed) stable/9/libexec/rshd/ (props changed) stable/9/release/picobsd/tinyware/passwd/ (props changed) stable/9/share/examples/etc/ (props changed) stable/9/sys/ (props changed) stable/9/usr.bin/login/ (props changed) stable/9/usr.bin/passwd/ (props changed) stable/9/usr.bin/rlogin/ (props changed) stable/9/usr.bin/rsh/ (props changed) Modified: stable/9/ObsoleteFiles.inc ============================================================================== --- stable/9/ObsoleteFiles.inc Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/ObsoleteFiles.inc Sun Jul 15 11:39:35 2012 (r238481) @@ -38,6 +38,11 @@ # xargs -n1 | sort | uniq -d; # done +# 20120713: auth.conf removed +OLD_FILES+=etc/auth.conf +OLD_FILES+=usr/share/examples/etc/auth.conf +OLD_FILES+=usr/share/man/man3/auth.3.gz +OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120415: new clang import which bumps version from 3.0 to 3.1 OLD_FILES+=usr/include/clang/3.0/altivec.h OLD_FILES+=usr/include/clang/3.0/avxintrin.h Modified: stable/9/bin/rcp/rcp.1 ============================================================================== --- stable/9/bin/rcp/rcp.1 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/bin/rcp/rcp.1 Sun Jul 15 11:39:35 2012 (r238481) @@ -116,17 +116,11 @@ The .Nm utility handles third party copies, where neither source nor target files are on the current machine. -.Sh FILES -.Bl -tag -width ".Pa /etc/auth.conf" -compact -.It Pa /etc/auth.conf -configure authentication services -.El .Sh SEE ALSO .Xr cp 1 , .Xr ftp 1 , .Xr rlogin 1 , .Xr rsh 1 , -.Xr auth.conf 5 , .Xr hosts.equiv 5 .Sh HISTORY The Modified: stable/9/etc/Makefile ============================================================================== --- stable/9/etc/Makefile Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/etc/Makefile Sun Jul 15 11:39:35 2012 (r238481) @@ -7,18 +7,47 @@ SUBDIR= sendmail .endif -BIN1= auth.conf \ - crontab devd.conf devfs.conf \ - ddb.conf dhclient.conf disktab fbtab \ - ftpusers gettytab group \ - hosts hosts.allow hosts.equiv \ - inetd.conf libalias.conf login.access login.conf mac.conf motd \ - netconfig network.subr networks newsyslog.conf nsswitch.conf \ - phones profile protocols \ - rc rc.bsdextended rc.firewall rc.initdiskless \ - rc.sendmail rc.shutdown \ - rc.subr remote rpc services shells \ - sysctl.conf syslog.conf termcap.small +BIN1= crontab \ + devd.conf \ + devfs.conf \ + ddb.conf \ + dhclient.conf \ + disktab \ + fbtab \ + ftpusers \ + gettytab \ + group \ + hosts \ + hosts.allow \ + hosts.equiv \ + inetd.conf \ + libalias.conf \ + login.access \ + login.conf \ + mac.conf \ + motd \ + netconfig \ + network.subr \ + networks \ + newsyslog.conf \ + nsswitch.conf \ + phones \ + profile \ + protocols \ + rc \ + rc.bsdextended \ + rc.firewall \ + rc.initdiskless \ + rc.sendmail \ + rc.shutdown \ + rc.subr \ + remote \ + rpc \ + services \ + shells \ + sysctl.conf \ + syslog.conf \ + termcap.small .if exists(${.CURDIR}/etc.${MACHINE}/ttys) BIN1+= etc.${MACHINE}/ttys Modified: stable/9/include/paths.h ============================================================================== --- stable/9/include/paths.h Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/include/paths.h Sun Jul 15 11:39:35 2012 (r238481) @@ -42,7 +42,6 @@ /* Locate system binaries. */ #define _PATH_SYSPATH "/sbin:/usr/sbin" -#define _PATH_AUTHCONF "/etc/auth.conf" #define _PATH_BSHELL "/bin/sh" #define _PATH_CAPABILITY "/etc/capability" #define _PATH_CAPABILITY_DB "/etc/capability.db" Modified: stable/9/lib/libcrypt/Makefile ============================================================================== --- stable/9/lib/libcrypt/Makefile Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libcrypt/Makefile Sun Jul 15 11:39:35 2012 (r238481) @@ -26,11 +26,7 @@ SRCS+= crypt-des.c crypt-blowfish.c blo CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH .endif -# And the auth_getval() code and support. -.PATH: ${.CURDIR}/../libutil -SRCS+= auth.c property.c -.for sym in auth_getval property_find properties_read properties_free \ - MD4Init MD4Final MD4Update MD4Pad \ +.for sym in MD4Init MD4Final MD4Update MD4Pad \ MD5Init MD5Final MD5Update MD5Pad \ SHA256_Init SHA256_Final SHA256_Update \ SHA512_Init SHA512_Final SHA512_Update Modified: stable/9/lib/libcrypt/crypt.3 ============================================================================== --- stable/9/lib/libcrypt/crypt.3 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libcrypt/crypt.3 Sun Jul 15 11:39:35 2012 (r238481) @@ -242,12 +242,6 @@ The .Fn crypt_set_format function sets the default encoding format according to the supplied .Fa string . -.Pp -The global default format can be set using the -.Pa /etc/auth.conf -file using the -.Va crypt_default -property. .Sh RETURN VALUES The .Fn crypt @@ -264,9 +258,7 @@ Otherwise, a value of 0 is returned. .Sh SEE ALSO .Xr login 1 , .Xr passwd 1 , -.Xr auth_getval 3 , .Xr getpass 3 , -.Xr auth.conf 5 , .Xr passwd 5 .Sh HISTORY A rotor-based Modified: stable/9/lib/libcrypt/crypt.c ============================================================================== --- stable/9/lib/libcrypt/crypt.c Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libcrypt/crypt.c Sun Jul 15 11:39:35 2012 (r238481) @@ -79,23 +79,23 @@ static const struct { } }; +#ifdef HAS_DES +#define CRYPT_DEFAULT "des" +#else +#define CRYPT_DEFAULT "md5" +#endif + static int crypt_type = -1; static void crypt_setdefault(void) { - char *def; size_t i; if (crypt_type != -1) return; - def = auth_getval("crypt_default"); - if (def == NULL) { - crypt_type = 0; - return; - } for (i = 0; i < sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) { - if (strcmp(def, crypt_types[i].name) == 0) { + if (strcmp(CRYPT_DEFAULT, crypt_types[i].name) == 0) { crypt_type = (int)i; return; } Modified: stable/9/lib/libutil/Makefile ============================================================================== --- stable/9/lib/libutil/Makefile Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libutil/Makefile Sun Jul 15 11:39:35 2012 (r238481) @@ -8,7 +8,7 @@ SHLIBDIR?= /lib LIB= util SHLIB_MAJOR= 9 -SRCS= _secure_path.c auth.c expand_number.c flopen.c fparseln.c gr_util.c \ +SRCS= _secure_path.c expand_number.c flopen.c fparseln.c gr_util.c \ hexdump.c humanize_number.c kinfo_getfile.c kinfo_getfile.c \ kinfo_getallproc.c kinfo_getproc.c kinfo_getvmmap.c kld.c \ login_auth.c login_cap.c \ @@ -27,16 +27,15 @@ CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../li MAN+= kld.3 login_auth.3 login_tty.3 pty.3 \ login_cap.3 login_class.3 login_times.3 login_ok.3 \ - _secure_path.3 uucplock.3 property.3 auth.3 realhostname.3 \ + _secure_path.3 uucplock.3 property.3 realhostname.3 \ realhostname_sa.3 trimdomain.3 fparseln.3 humanize_number.3 \ pidfile.3 flopen.3 expand_number.3 hexdump.3 \ kinfo_getfile.3 kinfo_getallproc.3 kinfo_getproc.3 \ kinfo_getvmmap.3 quotafile.3 -MAN+= login.conf.5 auth.conf.5 +MAN+= login.conf.5 MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3 MLINKS+= property.3 properties_read.3 property.3 properties_free.3 MLINKS+= property.3 property_find.3 -MLINKS+= auth.3 auth_getval.3 MLINKS+= pty.3 openpty.3 pty.3 forkpty.3 MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \ login_cap.3 login_getclass.3 login_cap.3 login_getuserclass.3 \ Modified: stable/9/lib/libutil/auth.c ============================================================================== --- stable/9/lib/libutil/auth.c Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libutil/auth.c Sun Jul 15 11:39:35 2012 (r238481) @@ -31,40 +31,14 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); -#include <sys/types.h> -#include <fcntl.h> -#include <libutil.h> -#include <paths.h> -#include <syslog.h> -#include <unistd.h> - -static properties P; - -static int -initauthconf(const char *path) -{ - int fd; +#include <stdlib.h> - if (!P) { - if ((fd = open(path, O_RDONLY)) < 0) { - syslog(LOG_ERR, "initauthconf: unable to open file: %s", path); - return 1; - } - P = properties_read(fd); - close(fd); - if (!P) { - syslog(LOG_ERR, "initauthconf: unable to parse file: %s", path); - return 1; - } - } - return 0; -} +#include <libutil.h> char * auth_getval(const char *name) { - if (!P && initauthconf(_PATH_AUTHCONF)) - return NULL; - else - return property_find(P, name); + + (void)name; + return (NULL); } Modified: stable/9/lib/libutil/login.conf.5 ============================================================================== --- stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:39:35 2012 (r238481) @@ -269,7 +269,9 @@ multiplied by 5 seconds. allowed before the login fails. .It "passwd_format string md5 The encryption format that new or changed passwords will use. -Valid values include "des", "md5" and "blf". +Valid values include "des", "md5", "blf", "sha256" and "sha512"; see +.Xr crypt 3 +for details. NIS clients using a .No non- Ns Fx NIS server should probably use "des". Modified: stable/9/lib/libutil/property.3 ============================================================================== --- stable/9/lib/libutil/property.3 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/lib/libutil/property.3 Sun Jul 15 11:39:35 2012 (r238481) @@ -91,8 +91,6 @@ are desired, the entire value should be characters. Any line beginning with a # or ; character is assumed to be a comment and will be ignored. -.Sh SEE ALSO -.Xr auth_getval 3 .Sh AUTHORS .An Jordan Hubbard .Sh BUGS Modified: stable/9/libexec/rshd/rshd.8 ============================================================================== --- stable/9/libexec/rshd/rshd.8 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/libexec/rshd/rshd.8 Sun Jul 15 11:39:35 2012 (r238481) @@ -237,7 +237,6 @@ and is not preceded by a flag byte. .Xr gethostbyaddr 3 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr login.conf 5 , Modified: stable/9/release/picobsd/tinyware/passwd/passwd.c ============================================================================== --- stable/9/release/picobsd/tinyware/passwd/passwd.c Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/release/picobsd/tinyware/passwd/passwd.c Sun Jul 15 11:39:35 2012 (r238481) @@ -64,10 +64,6 @@ int yp_errno = YP_TRUE; extern int yp_passwd( char * ); #endif -#ifdef KERBEROS -#include "krb.h" -#endif - #include "extern.h" static void usage(void); @@ -81,26 +77,12 @@ main(argc, argv) { int ch; char *uname; -#ifdef KERBEROS - char *iflag = 0, *rflag = 0, *uflag = 0; - char *k; -#endif #ifdef YP -#ifdef KERBEROS - char realm[REALM_SZ]; -#define OPTIONS "d:h:lysfoi:r:u:" -#else #define OPTIONS "d:h:lysfo" -#endif -#else -#ifdef KERBEROS - char realm[REALM_SZ]; -#define OPTIONS "li:r:u:" #else #define OPTIONS "l" #endif -#endif #ifdef YP int res = 0; @@ -113,17 +95,6 @@ main(argc, argv) case 'l': /* change local password file */ use_local_passwd = 1; break; -#ifdef KERBEROS - case 'i': - iflag = optarg; - break; - case 'r': - rflag = optarg; - break; - case 'u': - uflag = optarg; - break; -#endif /* KERBEROS */ #ifdef YP case 'y': /* Change NIS password */ __use_yp = 1; @@ -182,46 +153,29 @@ main(argc, argv) /* * If NIS is turned on in the password database, use it, else punt. */ -#ifdef KERBEROS - if (__use_yp || (iflag == NULL && rflag == NULL && uflag == NULL)) { -#endif - res = use_yp(uname, 0, 0); - if (res == USER_YP_ONLY) { - if (!use_local_passwd) { - exit(yp_passwd(uname)); - } else { + res = use_yp(uname, 0, 0); + if (res == USER_YP_ONLY) { + if (!use_local_passwd) { + exit(yp_passwd(uname)); + } else { /* * Reject -l flag if NIS is turned on and the user * doesn't exist in the local password database. */ - errx(1, "unknown local user: %s", uname); - } - } else if (res == USER_LOCAL_ONLY) { - /* - * Reject -y flag if user only exists locally. - */ - if (__use_yp) - errx(1, "unknown NIS user: %s", uname); - } else if (res == USER_YP_AND_LOCAL) { - if (!use_local_passwd && (yp_in_pw_file || __use_yp)) - exit(yp_passwd(uname)); + errx(1, "unknown local user: %s", uname); } -#ifdef KERBEROS + } else if (res == USER_LOCAL_ONLY) { + /* + * Reject -y flag if user only exists locally. + */ + if (__use_yp) + errx(1, "unknown NIS user: %s", uname); + } else if (res == USER_YP_AND_LOCAL) { + if (!use_local_passwd && (yp_in_pw_file || __use_yp)) + exit(yp_passwd(uname)); } #endif -#endif - if (!use_local_passwd) { -#ifdef KERBEROS - k = auth_getval("auth_list"); - if (k && strstr(k, "kerberos")) - if(krb_get_lrealm(realm, 0) == KSUCCESS) { - setuid(getuid()); - fprintf(stderr, "realm %s\n", realm); - exit(krb_passwd(argv[0], iflag, rflag, uflag)); - } -#endif - } exit(local_passwd(uname)); } @@ -230,21 +184,10 @@ usage() { #ifdef YP -#ifdef KERBEROS - fprintf(stderr, "%s\n%s\n", - "usage: passwd [-l] [-i instance] [-r realm] [-u fullname]", - " passwd [-l] [-y] [-o] [-d domain [-h host]] [user]"); -#else (void)fprintf(stderr, "usage: passwd [-l] [-y] [-o] [-d domain [-h host]] [user]\n"); -#endif #else -#ifdef KERBEROS - fprintf(stderr, - "usage: passwd [-l] [-i instance] [-r realm] [-u fullname] [user]\n"); -#else - (void)fprintf(stderr, "usage: passwd user\n"); -#endif + (void)fprintf(stderr, "usage: passwd [-l] user\n"); #endif exit(1); } Modified: stable/9/share/examples/etc/README.examples ============================================================================== --- stable/9/share/examples/etc/README.examples Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/share/examples/etc/README.examples Sun Jul 15 11:39:35 2012 (r238481) @@ -9,7 +9,6 @@ This directory contains the following fi amd.map - filesystem automounter lookup resolution map (see amd(8)) apmd.conf - configuration file for apmd(8) -auth.conf - authentication capability database (see auth.conf(5)) bsd-style-copyright - copyright style for bsd system crontab - system scheduled command table (see crontab(5)) csh.cshrc - sample .cshrc (see csh(1)) Modified: stable/9/sys/mips/rmi/rootfs_list.txt ============================================================================== --- stable/9/sys/mips/rmi/rootfs_list.txt Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/sys/mips/rmi/rootfs_list.txt Sun Jul 15 11:39:35 2012 (r238481) @@ -1,3 +1,5 @@ +# $FreeBSD$ +# # This is the list of files that # should be in your rootfs (copy it from # the build world nfsmount dir. When the rge0 @@ -321,7 +323,6 @@ ./etc/ssh/moduli ./etc/ssl ./etc/ssl/openssl.cnf -./etc/auth.conf ./etc/crontab ./etc/devd.conf ./etc/devfs.conf Modified: stable/9/usr.bin/login/login.1 ============================================================================== --- stable/9/usr.bin/login/login.1 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/usr.bin/login/login.1 Sun Jul 15 11:39:35 2012 (r238481) @@ -137,8 +137,6 @@ message-of-the-day system mailboxes .It Pa \&.hushlogin makes login quieter -.It Pa /etc/auth.conf -configure authentication services .It Pa /etc/pam.d/login .Xr pam 8 configuration file Modified: stable/9/usr.bin/passwd/passwd.1 ============================================================================== --- stable/9/usr.bin/passwd/passwd.1 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/usr.bin/passwd/passwd.1 Sun Jul 15 11:39:35 2012 (r238481) @@ -221,8 +221,6 @@ a Version 7 format password file temporary copy of the password file .It Pa /etc/login.conf login class capabilities database -.It Pa /etc/auth.conf -configure authentication services .El .Sh SEE ALSO .Xr chpass 1 , Modified: stable/9/usr.bin/rlogin/rlogin.1 ============================================================================== --- stable/9/usr.bin/rlogin/rlogin.1 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/usr.bin/rlogin/rlogin.1 Sun Jul 15 11:39:35 2012 (r238481) @@ -128,7 +128,6 @@ Determines the user's terminal type. .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts .It Pa /etc/hosts.equiv -.It Pa /etc/auth.conf .It Ev $HOME Ns Pa /.rhosts .El .Sh SEE ALSO @@ -138,7 +137,6 @@ Determines the user's terminal type. .Xr setsockopt 2 , .Xr ruserok 3 , .Xr tty 4 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 , Modified: stable/9/usr.bin/rsh/rsh.1 ============================================================================== --- stable/9/usr.bin/rsh/rsh.1 Sun Jul 15 11:28:03 2012 (r238480) +++ stable/9/usr.bin/rsh/rsh.1 Sun Jul 15 11:39:35 2012 (r238481) @@ -125,14 +125,12 @@ to .Sh FILES .Bl -tag -width /etc/hosts -compact .It Pa /etc/hosts -.It Pa /etc/auth.conf .El .Sh SEE ALSO .Xr rlogin 1 , .Xr setsockopt 2 , .Xr rcmd 3 , .Xr ruserok 3 , -.Xr auth.conf 5 , .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr rlogind 8 ,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207151139.q6FBda4c045344>