From owner-freebsd-arch@FreeBSD.ORG Sat Jun 13 22:40:10 2015 Return-Path: Delivered-To: freebsd-arch@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 498009FC for ; Sat, 13 Jun 2015 22:40:10 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-ie0-x22b.google.com (mail-ie0-x22b.google.com [IPv6:2607:f8b0:4001:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 163231D6 for ; Sat, 13 Jun 2015 22:40:10 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by iesa3 with SMTP id a3so42709847ies.2 for ; Sat, 13 Jun 2015 15:40:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=V6DyUJn5zbZqXa2s1e5j1eSzdtPo2xiJBvICocG3f0w=; b=HG/igZVoQfuqJqtYdlfuecAsCFCOCiLR4qWhf7EBHBlSH//lY9xAOfCZ8WgBwiFH0s vM3wgPL77qz1jsdQ/NCaw2RFEEnK3VKOvrQOSXbsPU8jdbuCy5Fg+K5WxVF3ASqZIxK+ +HCFd95dcPbaikTbO8mw+HxHr82vG4KCVbKQsW2mI1/BzUm1Db1Js2iPzWF4OkJ9BHAG 6k8dxM0WN3GuXjFI+QJBW85vSacu6MxAb4ln5moxF/2J2aHZCFG+gSaxjBcoW0IWL4oY NCE32VywSt0dMwBmrgY/O5iteB0YPn5eZeEkdjZrJrc9kpBzR98+fpalCEZ/iQEpFo/0 FrjA== MIME-Version: 1.0 X-Received: by 10.43.163.129 with SMTP id mo1mr22577409icc.61.1434235209386; Sat, 13 Jun 2015 15:40:09 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.36.38.133 with HTTP; Sat, 13 Jun 2015 15:40:09 -0700 (PDT) Date: Sat, 13 Jun 2015 15:40:09 -0700 X-Google-Sender-Auth: u9vyveOmCY8s5VUB15Ugh6PB8a8 Message-ID: Subject: [rfc] add MK_TELNET_SSL as a build option From: Adrian Chadd To: "freebsd-arch@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jun 2015 22:40:10 -0000 Hi, The wifi builds have a need for building telnet/telnetd without ssl/kerberos in order to meet size constraints and to allow them to be crunch'ed. I'd like to add the following patch to -HEAD, minus the comments in libtelnet that are currently a reminder to me of what needs to be turned into function pointers so things link correctly. I'd appreciate feedback here as it does involve addin ga new MK, and I really dislike it. :( adrian@lucy-11i386:~/work/freebsd/head-embedded-2/src % cat /tmp/diff Index: contrib/telnet/libtelnet/misc-proto.h =================================================================== --- contrib/telnet/libtelnet/misc-proto.h (revision 284291) +++ contrib/telnet/libtelnet/misc-proto.h (working copy) @@ -71,6 +71,11 @@ /* * These functions are imported from the application */ +/* + * XXX TODO: turn into a function set that's passed in + * from telnet/telnetd main(). That way it can be + * built via crunchgen. + */ int net_write(unsigned char *, int); void net_encrypt(void); int telnet_spin(void); Index: lib/libtelnet/Makefile =================================================================== --- lib/libtelnet/Makefile (revision 284291) +++ lib/libtelnet/Makefile (working copy) @@ -15,7 +15,7 @@ WARNS?= 2 -.if ${MK_OPENSSL} != "no" +.if ${MK_OPENSSL} != "no" && ${MK_TELNET_SSL} != "no" SRCS+= encrypt.c auth.c enc_des.c sra.c pk.c CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DSRA .endif Index: libexec/telnetd/Makefile =================================================================== --- libexec/telnetd/Makefile (revision 284291) +++ libexec/telnetd/Makefile (working copy) @@ -31,7 +31,7 @@ LIBADD= telnet util ncursesw -.if ${MK_OPENSSL} != "no" +.if ${MK_OPENSSL} != "no" && ${MK_TELNET_SSL} != "no" SRCS+= authenc.c CFLAGS+= -DAUTHENTICATION -DENCRYPTION LIBADD+= mp crypto pam adrian@lucy-11i386:~/work/freebsd/head-embedded-2/src % more /tmp/diff Index: contrib/telnet/libtelnet/misc-proto.h =================================================================== --- contrib/telnet/libtelnet/misc-proto.h (revision 284291) +++ contrib/telnet/libtelnet/misc-proto.h (working copy) @@ -71,6 +71,11 @@ /* * These functions are imported from the application */ +/* + * XXX TODO: turn into a function set that's passed in + * from telnet/telnetd main(). That way it can be + * built via crunchgen. + */ int net_write(unsigned char *, int); void net_encrypt(void); int telnet_spin(void); Index: lib/libtelnet/Makefile =================================================================== --- lib/libtelnet/Makefile (revision 284291) +++ lib/libtelnet/Makefile (working copy) @@ -15,7 +15,7 @@ WARNS?= 2 -.if ${MK_OPENSSL} != "no" +.if ${MK_OPENSSL} != "no" && ${MK_TELNET_SSL} != "no" SRCS+= encrypt.c auth.c enc_des.c sra.c pk.c CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DSRA .endif Index: libexec/telnetd/Makefile =================================================================== --- libexec/telnetd/Makefile (revision 284291) +++ libexec/telnetd/Makefile (working copy) @@ -31,7 +31,7 @@ LIBADD= telnet util ncursesw -.if ${MK_OPENSSL} != "no" +.if ${MK_OPENSSL} != "no" && ${MK_TELNET_SSL} != "no" SRCS+= authenc.c CFLAGS+= -DAUTHENTICATION -DENCRYPTION LIBADD+= mp crypto pam Index: share/mk/src.opts.mk =================================================================== --- share/mk/src.opts.mk (revision 284291) +++ share/mk/src.opts.mk (working copy) @@ -161,6 +161,7 @@ TCP_WRAPPERS \ TCSH \ TELNET \ + TELNET_SSL \ TESTS \ TEXTPROC \ TFTP \ @@ -290,6 +291,7 @@ .if ${MK_CRYPT} == "no" MK_OPENSSL:= no +MK_TELNET_SSL:= no MK_OPENSSH:= no MK_KERBEROS:= no .endif @@ -312,6 +314,7 @@ .endif .if ${MK_OPENSSL} == "no" +MK_TELNET_SSL:= no MK_OPENSSH:= no MK_KERBEROS:= no .endif Index: tools/bsdbox/Makefile =================================================================== --- tools/bsdbox/Makefile (revision 284291) +++ tools/bsdbox/Makefile (working copy) @@ -100,7 +100,7 @@ .include "Makefile.kld" # telnet/telnetd are too broken to include as a crunchgen'ed binary, # thanks to some of the horrible layering violations going on. -# .include "Makefile.telnetd" +.include "Makefile.telnetd" .include "Makefile.fs" CRUNCH_LIBS+= -lcrypto -lssl -lz Index: tools/bsdbox/Makefile.telnetd =================================================================== --- tools/bsdbox/Makefile.telnetd (revision 284291) +++ tools/bsdbox/Makefile.telnetd (working copy) @@ -1,4 +1,4 @@ -# Build telnetd +# Build telnet/telnetd # Question - why is telnetds objects ending up in the srcdir? -adrian # This won't work yet - because telnetd relies on libtelnet.a which includes @@ -8,7 +8,8 @@ # $FreeBSD$ +CRUNCH_BUILDOPTS_telnetd= MK_KERBEROS_SUPPORT=no CRUNCH_PROGS_libexec+= telnetd CRUNCH_PROGS_usr.bin+= telnet -CRUNCH_LIBS+= -lkrb5 -lhx509 -lasn1 -lcom_err -lroken -ltelnetd -# CRUNCH_BUILDOPTS_telnetd= MK_KERBEROS_SUPPORT=no +#CRUNCH_LIBS+= -lkrb5 -lhx509 -lasn1 -lcom_err -lroken +CRUNCH_LIBS+= ../../lib/libtelnet/libtelnet.a Index: usr.bin/telnet/Makefile =================================================================== --- usr.bin/telnet/Makefile (revision 284291) +++ usr.bin/telnet/Makefile (working copy) @@ -30,7 +30,7 @@ CFLAGS+= -DHAS_CGETENT .endif -.if ${MK_OPENSSL} != "no" +.if ${MK_OPENSSL} != "no" && ${MK_TELNET_SSL} != "no" SRCS+= authenc.c CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DIPSEC LIBADD+= mp crypto ipsec pam adrian@lucy-11i386:~/work/freebsd/head-embedded-2/src %