svn commit: r238481 - in stable/9: . bin/rcp etc include
lib/libcrypt lib/libutil libexec/rshd
release/picobsd/tinyware/passwd share/examples/etc
sys/mips/rmi usr.bin/login usr.bin/passwd usr.bin/r...
Dag-Erling Smorgrav
des at FreeBSD.org
Sun Jul 15 11:39:36 UTC 2012
Author: des
Date: Sun Jul 15 11:39:35 2012
New Revision: 238481
URL: http://svn.freebsd.org/changeset/base/238481
Log:
MFH r236751: document sha256 / sha512 support
MFH r236892: remove mention of auth.conf from programs that don't use it
MFH r236963: remove dead code relating to auth.conf
MFH r236965 r236966 r236967 r237005 r237006 r237011: retire auth.conf
Approved by: re
Deleted:
stable/9/etc/auth.conf
stable/9/lib/libutil/auth.3
stable/9/lib/libutil/auth.conf.5
Modified:
stable/9/ObsoleteFiles.inc (contents, props changed)
stable/9/bin/rcp/rcp.1
stable/9/etc/Makefile
stable/9/include/paths.h
stable/9/lib/libcrypt/Makefile
stable/9/lib/libcrypt/crypt.3
stable/9/lib/libcrypt/crypt.c
stable/9/lib/libutil/Makefile
stable/9/lib/libutil/auth.c
stable/9/lib/libutil/login.conf.5
stable/9/lib/libutil/property.3
stable/9/libexec/rshd/rshd.8
stable/9/release/picobsd/tinyware/passwd/passwd.c
stable/9/share/examples/etc/README.examples
stable/9/sys/mips/rmi/rootfs_list.txt
stable/9/usr.bin/login/login.1
stable/9/usr.bin/passwd/passwd.1
stable/9/usr.bin/rlogin/rlogin.1
stable/9/usr.bin/rsh/rsh.1
Directory Properties:
stable/9/ (props changed)
stable/9/bin/rcp/ (props changed)
stable/9/etc/ (props changed)
stable/9/include/ (props changed)
stable/9/lib/libcrypt/ (props changed)
stable/9/lib/libutil/ (props changed)
stable/9/libexec/rshd/ (props changed)
stable/9/release/picobsd/tinyware/passwd/ (props changed)
stable/9/share/examples/etc/ (props changed)
stable/9/sys/ (props changed)
stable/9/usr.bin/login/ (props changed)
stable/9/usr.bin/passwd/ (props changed)
stable/9/usr.bin/rlogin/ (props changed)
stable/9/usr.bin/rsh/ (props changed)
Modified: stable/9/ObsoleteFiles.inc
==============================================================================
--- stable/9/ObsoleteFiles.inc Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/ObsoleteFiles.inc Sun Jul 15 11:39:35 2012 (r238481)
@@ -38,6 +38,11 @@
# xargs -n1 | sort | uniq -d;
# done
+# 20120713: auth.conf removed
+OLD_FILES+=etc/auth.conf
+OLD_FILES+=usr/share/examples/etc/auth.conf
+OLD_FILES+=usr/share/man/man3/auth.3.gz
+OLD_FILES+=usr/share/man/man5/auth.conf.5.gz
# 20120415: new clang import which bumps version from 3.0 to 3.1
OLD_FILES+=usr/include/clang/3.0/altivec.h
OLD_FILES+=usr/include/clang/3.0/avxintrin.h
Modified: stable/9/bin/rcp/rcp.1
==============================================================================
--- stable/9/bin/rcp/rcp.1 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/bin/rcp/rcp.1 Sun Jul 15 11:39:35 2012 (r238481)
@@ -116,17 +116,11 @@ The
.Nm
utility handles third party copies, where neither source nor target files
are on the current machine.
-.Sh FILES
-.Bl -tag -width ".Pa /etc/auth.conf" -compact
-.It Pa /etc/auth.conf
-configure authentication services
-.El
.Sh SEE ALSO
.Xr cp 1 ,
.Xr ftp 1 ,
.Xr rlogin 1 ,
.Xr rsh 1 ,
-.Xr auth.conf 5 ,
.Xr hosts.equiv 5
.Sh HISTORY
The
Modified: stable/9/etc/Makefile
==============================================================================
--- stable/9/etc/Makefile Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/etc/Makefile Sun Jul 15 11:39:35 2012 (r238481)
@@ -7,18 +7,47 @@
SUBDIR= sendmail
.endif
-BIN1= auth.conf \
- crontab devd.conf devfs.conf \
- ddb.conf dhclient.conf disktab fbtab \
- ftpusers gettytab group \
- hosts hosts.allow hosts.equiv \
- inetd.conf libalias.conf login.access login.conf mac.conf motd \
- netconfig network.subr networks newsyslog.conf nsswitch.conf \
- phones profile protocols \
- rc rc.bsdextended rc.firewall rc.initdiskless \
- rc.sendmail rc.shutdown \
- rc.subr remote rpc services shells \
- sysctl.conf syslog.conf termcap.small
+BIN1= crontab \
+ devd.conf \
+ devfs.conf \
+ ddb.conf \
+ dhclient.conf \
+ disktab \
+ fbtab \
+ ftpusers \
+ gettytab \
+ group \
+ hosts \
+ hosts.allow \
+ hosts.equiv \
+ inetd.conf \
+ libalias.conf \
+ login.access \
+ login.conf \
+ mac.conf \
+ motd \
+ netconfig \
+ network.subr \
+ networks \
+ newsyslog.conf \
+ nsswitch.conf \
+ phones \
+ profile \
+ protocols \
+ rc \
+ rc.bsdextended \
+ rc.firewall \
+ rc.initdiskless \
+ rc.sendmail \
+ rc.shutdown \
+ rc.subr \
+ remote \
+ rpc \
+ services \
+ shells \
+ sysctl.conf \
+ syslog.conf \
+ termcap.small
.if exists(${.CURDIR}/etc.${MACHINE}/ttys)
BIN1+= etc.${MACHINE}/ttys
Modified: stable/9/include/paths.h
==============================================================================
--- stable/9/include/paths.h Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/include/paths.h Sun Jul 15 11:39:35 2012 (r238481)
@@ -42,7 +42,6 @@
/* Locate system binaries. */
#define _PATH_SYSPATH "/sbin:/usr/sbin"
-#define _PATH_AUTHCONF "/etc/auth.conf"
#define _PATH_BSHELL "/bin/sh"
#define _PATH_CAPABILITY "/etc/capability"
#define _PATH_CAPABILITY_DB "/etc/capability.db"
Modified: stable/9/lib/libcrypt/Makefile
==============================================================================
--- stable/9/lib/libcrypt/Makefile Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libcrypt/Makefile Sun Jul 15 11:39:35 2012 (r238481)
@@ -26,11 +26,7 @@ SRCS+= crypt-des.c crypt-blowfish.c blo
CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BLOWFISH
.endif
-# And the auth_getval() code and support.
-.PATH: ${.CURDIR}/../libutil
-SRCS+= auth.c property.c
-.for sym in auth_getval property_find properties_read properties_free \
- MD4Init MD4Final MD4Update MD4Pad \
+.for sym in MD4Init MD4Final MD4Update MD4Pad \
MD5Init MD5Final MD5Update MD5Pad \
SHA256_Init SHA256_Final SHA256_Update \
SHA512_Init SHA512_Final SHA512_Update
Modified: stable/9/lib/libcrypt/crypt.3
==============================================================================
--- stable/9/lib/libcrypt/crypt.3 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libcrypt/crypt.3 Sun Jul 15 11:39:35 2012 (r238481)
@@ -242,12 +242,6 @@ The
.Fn crypt_set_format
function sets the default encoding format according to the supplied
.Fa string .
-.Pp
-The global default format can be set using the
-.Pa /etc/auth.conf
-file using the
-.Va crypt_default
-property.
.Sh RETURN VALUES
The
.Fn crypt
@@ -264,9 +258,7 @@ Otherwise, a value of 0 is returned.
.Sh SEE ALSO
.Xr login 1 ,
.Xr passwd 1 ,
-.Xr auth_getval 3 ,
.Xr getpass 3 ,
-.Xr auth.conf 5 ,
.Xr passwd 5
.Sh HISTORY
A rotor-based
Modified: stable/9/lib/libcrypt/crypt.c
==============================================================================
--- stable/9/lib/libcrypt/crypt.c Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libcrypt/crypt.c Sun Jul 15 11:39:35 2012 (r238481)
@@ -79,23 +79,23 @@ static const struct {
}
};
+#ifdef HAS_DES
+#define CRYPT_DEFAULT "des"
+#else
+#define CRYPT_DEFAULT "md5"
+#endif
+
static int crypt_type = -1;
static void
crypt_setdefault(void)
{
- char *def;
size_t i;
if (crypt_type != -1)
return;
- def = auth_getval("crypt_default");
- if (def == NULL) {
- crypt_type = 0;
- return;
- }
for (i = 0; i < sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) {
- if (strcmp(def, crypt_types[i].name) == 0) {
+ if (strcmp(CRYPT_DEFAULT, crypt_types[i].name) == 0) {
crypt_type = (int)i;
return;
}
Modified: stable/9/lib/libutil/Makefile
==============================================================================
--- stable/9/lib/libutil/Makefile Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libutil/Makefile Sun Jul 15 11:39:35 2012 (r238481)
@@ -8,7 +8,7 @@ SHLIBDIR?= /lib
LIB= util
SHLIB_MAJOR= 9
-SRCS= _secure_path.c auth.c expand_number.c flopen.c fparseln.c gr_util.c \
+SRCS= _secure_path.c expand_number.c flopen.c fparseln.c gr_util.c \
hexdump.c humanize_number.c kinfo_getfile.c kinfo_getfile.c \
kinfo_getallproc.c kinfo_getproc.c kinfo_getvmmap.c kld.c \
login_auth.c login_cap.c \
@@ -27,16 +27,15 @@ CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../li
MAN+= kld.3 login_auth.3 login_tty.3 pty.3 \
login_cap.3 login_class.3 login_times.3 login_ok.3 \
- _secure_path.3 uucplock.3 property.3 auth.3 realhostname.3 \
+ _secure_path.3 uucplock.3 property.3 realhostname.3 \
realhostname_sa.3 trimdomain.3 fparseln.3 humanize_number.3 \
pidfile.3 flopen.3 expand_number.3 hexdump.3 \
kinfo_getfile.3 kinfo_getallproc.3 kinfo_getproc.3 \
kinfo_getvmmap.3 quotafile.3
-MAN+= login.conf.5 auth.conf.5
+MAN+= login.conf.5
MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3
MLINKS+= property.3 properties_read.3 property.3 properties_free.3
MLINKS+= property.3 property_find.3
-MLINKS+= auth.3 auth_getval.3
MLINKS+= pty.3 openpty.3 pty.3 forkpty.3
MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \
login_cap.3 login_getclass.3 login_cap.3 login_getuserclass.3 \
Modified: stable/9/lib/libutil/auth.c
==============================================================================
--- stable/9/lib/libutil/auth.c Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libutil/auth.c Sun Jul 15 11:39:35 2012 (r238481)
@@ -31,40 +31,14 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
-#include <sys/types.h>
-#include <fcntl.h>
-#include <libutil.h>
-#include <paths.h>
-#include <syslog.h>
-#include <unistd.h>
-
-static properties P;
-
-static int
-initauthconf(const char *path)
-{
- int fd;
+#include <stdlib.h>
- if (!P) {
- if ((fd = open(path, O_RDONLY)) < 0) {
- syslog(LOG_ERR, "initauthconf: unable to open file: %s", path);
- return 1;
- }
- P = properties_read(fd);
- close(fd);
- if (!P) {
- syslog(LOG_ERR, "initauthconf: unable to parse file: %s", path);
- return 1;
- }
- }
- return 0;
-}
+#include <libutil.h>
char *
auth_getval(const char *name)
{
- if (!P && initauthconf(_PATH_AUTHCONF))
- return NULL;
- else
- return property_find(P, name);
+
+ (void)name;
+ return (NULL);
}
Modified: stable/9/lib/libutil/login.conf.5
==============================================================================
--- stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libutil/login.conf.5 Sun Jul 15 11:39:35 2012 (r238481)
@@ -269,7 +269,9 @@ multiplied by 5 seconds.
allowed before the login fails.
.It "passwd_format string md5 The encryption format that new or
changed passwords will use.
-Valid values include "des", "md5" and "blf".
+Valid values include "des", "md5", "blf", "sha256" and "sha512"; see
+.Xr crypt 3
+for details.
NIS clients using a
.No non- Ns Fx
NIS server should probably use "des".
Modified: stable/9/lib/libutil/property.3
==============================================================================
--- stable/9/lib/libutil/property.3 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/lib/libutil/property.3 Sun Jul 15 11:39:35 2012 (r238481)
@@ -91,8 +91,6 @@ are desired, the entire value should be
characters.
Any line beginning with a # or ; character is assumed to
be a comment and will be ignored.
-.Sh SEE ALSO
-.Xr auth_getval 3
.Sh AUTHORS
.An Jordan Hubbard
.Sh BUGS
Modified: stable/9/libexec/rshd/rshd.8
==============================================================================
--- stable/9/libexec/rshd/rshd.8 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/libexec/rshd/rshd.8 Sun Jul 15 11:39:35 2012 (r238481)
@@ -237,7 +237,6 @@ and is not preceded by a flag byte.
.Xr gethostbyaddr 3 ,
.Xr rcmd 3 ,
.Xr ruserok 3 ,
-.Xr auth.conf 5 ,
.Xr hosts 5 ,
.Xr hosts.equiv 5 ,
.Xr login.conf 5 ,
Modified: stable/9/release/picobsd/tinyware/passwd/passwd.c
==============================================================================
--- stable/9/release/picobsd/tinyware/passwd/passwd.c Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/release/picobsd/tinyware/passwd/passwd.c Sun Jul 15 11:39:35 2012 (r238481)
@@ -64,10 +64,6 @@ int yp_errno = YP_TRUE;
extern int yp_passwd( char * );
#endif
-#ifdef KERBEROS
-#include "krb.h"
-#endif
-
#include "extern.h"
static void usage(void);
@@ -81,26 +77,12 @@ main(argc, argv)
{
int ch;
char *uname;
-#ifdef KERBEROS
- char *iflag = 0, *rflag = 0, *uflag = 0;
- char *k;
-#endif
#ifdef YP
-#ifdef KERBEROS
- char realm[REALM_SZ];
-#define OPTIONS "d:h:lysfoi:r:u:"
-#else
#define OPTIONS "d:h:lysfo"
-#endif
-#else
-#ifdef KERBEROS
- char realm[REALM_SZ];
-#define OPTIONS "li:r:u:"
#else
#define OPTIONS "l"
#endif
-#endif
#ifdef YP
int res = 0;
@@ -113,17 +95,6 @@ main(argc, argv)
case 'l': /* change local password file */
use_local_passwd = 1;
break;
-#ifdef KERBEROS
- case 'i':
- iflag = optarg;
- break;
- case 'r':
- rflag = optarg;
- break;
- case 'u':
- uflag = optarg;
- break;
-#endif /* KERBEROS */
#ifdef YP
case 'y': /* Change NIS password */
__use_yp = 1;
@@ -182,46 +153,29 @@ main(argc, argv)
/*
* If NIS is turned on in the password database, use it, else punt.
*/
-#ifdef KERBEROS
- if (__use_yp || (iflag == NULL && rflag == NULL && uflag == NULL)) {
-#endif
- res = use_yp(uname, 0, 0);
- if (res == USER_YP_ONLY) {
- if (!use_local_passwd) {
- exit(yp_passwd(uname));
- } else {
+ res = use_yp(uname, 0, 0);
+ if (res == USER_YP_ONLY) {
+ if (!use_local_passwd) {
+ exit(yp_passwd(uname));
+ } else {
/*
* Reject -l flag if NIS is turned on and the user
* doesn't exist in the local password database.
*/
- errx(1, "unknown local user: %s", uname);
- }
- } else if (res == USER_LOCAL_ONLY) {
- /*
- * Reject -y flag if user only exists locally.
- */
- if (__use_yp)
- errx(1, "unknown NIS user: %s", uname);
- } else if (res == USER_YP_AND_LOCAL) {
- if (!use_local_passwd && (yp_in_pw_file || __use_yp))
- exit(yp_passwd(uname));
+ errx(1, "unknown local user: %s", uname);
}
-#ifdef KERBEROS
+ } else if (res == USER_LOCAL_ONLY) {
+ /*
+ * Reject -y flag if user only exists locally.
+ */
+ if (__use_yp)
+ errx(1, "unknown NIS user: %s", uname);
+ } else if (res == USER_YP_AND_LOCAL) {
+ if (!use_local_passwd && (yp_in_pw_file || __use_yp))
+ exit(yp_passwd(uname));
}
#endif
-#endif
- if (!use_local_passwd) {
-#ifdef KERBEROS
- k = auth_getval("auth_list");
- if (k && strstr(k, "kerberos"))
- if(krb_get_lrealm(realm, 0) == KSUCCESS) {
- setuid(getuid());
- fprintf(stderr, "realm %s\n", realm);
- exit(krb_passwd(argv[0], iflag, rflag, uflag));
- }
-#endif
- }
exit(local_passwd(uname));
}
@@ -230,21 +184,10 @@ usage()
{
#ifdef YP
-#ifdef KERBEROS
- fprintf(stderr, "%s\n%s\n",
- "usage: passwd [-l] [-i instance] [-r realm] [-u fullname]",
- " passwd [-l] [-y] [-o] [-d domain [-h host]] [user]");
-#else
(void)fprintf(stderr,
"usage: passwd [-l] [-y] [-o] [-d domain [-h host]] [user]\n");
-#endif
#else
-#ifdef KERBEROS
- fprintf(stderr,
- "usage: passwd [-l] [-i instance] [-r realm] [-u fullname] [user]\n");
-#else
- (void)fprintf(stderr, "usage: passwd user\n");
-#endif
+ (void)fprintf(stderr, "usage: passwd [-l] user\n");
#endif
exit(1);
}
Modified: stable/9/share/examples/etc/README.examples
==============================================================================
--- stable/9/share/examples/etc/README.examples Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/share/examples/etc/README.examples Sun Jul 15 11:39:35 2012 (r238481)
@@ -9,7 +9,6 @@ This directory contains the following fi
amd.map - filesystem automounter lookup resolution map (see amd(8))
apmd.conf - configuration file for apmd(8)
-auth.conf - authentication capability database (see auth.conf(5))
bsd-style-copyright - copyright style for bsd system
crontab - system scheduled command table (see crontab(5))
csh.cshrc - sample .cshrc (see csh(1))
Modified: stable/9/sys/mips/rmi/rootfs_list.txt
==============================================================================
--- stable/9/sys/mips/rmi/rootfs_list.txt Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/sys/mips/rmi/rootfs_list.txt Sun Jul 15 11:39:35 2012 (r238481)
@@ -1,3 +1,5 @@
+# $FreeBSD$
+#
# This is the list of files that
# should be in your rootfs (copy it from
# the build world nfsmount dir. When the rge0
@@ -321,7 +323,6 @@
./etc/ssh/moduli
./etc/ssl
./etc/ssl/openssl.cnf
-./etc/auth.conf
./etc/crontab
./etc/devd.conf
./etc/devfs.conf
Modified: stable/9/usr.bin/login/login.1
==============================================================================
--- stable/9/usr.bin/login/login.1 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/usr.bin/login/login.1 Sun Jul 15 11:39:35 2012 (r238481)
@@ -137,8 +137,6 @@ message-of-the-day
system mailboxes
.It Pa \&.hushlogin
makes login quieter
-.It Pa /etc/auth.conf
-configure authentication services
.It Pa /etc/pam.d/login
.Xr pam 8
configuration file
Modified: stable/9/usr.bin/passwd/passwd.1
==============================================================================
--- stable/9/usr.bin/passwd/passwd.1 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/usr.bin/passwd/passwd.1 Sun Jul 15 11:39:35 2012 (r238481)
@@ -221,8 +221,6 @@ a Version 7 format password file
temporary copy of the password file
.It Pa /etc/login.conf
login class capabilities database
-.It Pa /etc/auth.conf
-configure authentication services
.El
.Sh SEE ALSO
.Xr chpass 1 ,
Modified: stable/9/usr.bin/rlogin/rlogin.1
==============================================================================
--- stable/9/usr.bin/rlogin/rlogin.1 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/usr.bin/rlogin/rlogin.1 Sun Jul 15 11:39:35 2012 (r238481)
@@ -128,7 +128,6 @@ Determines the user's terminal type.
.Bl -tag -width /etc/hosts -compact
.It Pa /etc/hosts
.It Pa /etc/hosts.equiv
-.It Pa /etc/auth.conf
.It Ev $HOME Ns Pa /.rhosts
.El
.Sh SEE ALSO
@@ -138,7 +137,6 @@ Determines the user's terminal type.
.Xr setsockopt 2 ,
.Xr ruserok 3 ,
.Xr tty 4 ,
-.Xr auth.conf 5 ,
.Xr hosts 5 ,
.Xr hosts.equiv 5 ,
.Xr rlogind 8 ,
Modified: stable/9/usr.bin/rsh/rsh.1
==============================================================================
--- stable/9/usr.bin/rsh/rsh.1 Sun Jul 15 11:28:03 2012 (r238480)
+++ stable/9/usr.bin/rsh/rsh.1 Sun Jul 15 11:39:35 2012 (r238481)
@@ -125,14 +125,12 @@ to
.Sh FILES
.Bl -tag -width /etc/hosts -compact
.It Pa /etc/hosts
-.It Pa /etc/auth.conf
.El
.Sh SEE ALSO
.Xr rlogin 1 ,
.Xr setsockopt 2 ,
.Xr rcmd 3 ,
.Xr ruserok 3 ,
-.Xr auth.conf 5 ,
.Xr hosts 5 ,
.Xr hosts.equiv 5 ,
.Xr rlogind 8 ,
More information about the svn-src-stable-9
mailing list