Based on pr 6684 by Martin J. Laubach with heavy refining/fixing by myself.
XXX This package needs still some tweaking to work with rsaref.
XXX Maybe some US citizen developer can take over?
XXX At least its usefull to non-US ppl.
Changes since 1.5.6:
- Various bug fixes (not security related).
- All compile-time options are now set via options to the configure script.
- visudo is now installed in /usr/local/sbin where it belongs.
[of course this is ${PREFIX}/sbin in our package for a long time - TF]
- two problems with tgetpass() have been fixed. In one case the user was
not always given a chance to enter a password. In the other a newline
was not always printed after the password was entered on Linux.
- Added support for Digital UNIX SIA (Security Integration Architecture).
- %groups now work as RunAs specifiers like the man page says.
- Sudo now sets the USER environment variable to the target user
(root unless -u is specified).
- Sudo will print "command not found" unless configure was run with
--disable-path-info. Also, tell user when we ignore '.' in their path and
it would have been used but for --with-ignore-dot. This means that sudo can
be used to gather information about the existence of executable in
directories not accessible by a normal user. If this bothers you, run
configure with --disable-path-info.
[in our package --disable-path-info is default - TF]
- A longstanding bug wrt "sudo -l" has been fixed that could cause "sudo -l"
to complain about non-existent syntax errors.
- When configured with --with-tty-tickets the filename is now "user:tty"
(was "user.tty") since a username could have a '.' in it.
match directory name and to differentiate from previous version)
- remove md5 symlink to ssleay (conflicts with /usr/bin/md5)
- move all include files to $PREFIX/include/ssleay (too much conflict
potential in $PREFIX/include, not the least of which is md5.h)
- link rsaref glue goop right into libcrypto, only as required
- turn asm off on alpha temporarily while trying to find source of math
errors on LP64
- set NOT_FOR_ARCHS=alpha *64 to prevent compiling on LP64 platforms
This is a package of binaries, as compiled by Michael Graff
(explorer@flame.org), and I have not even tried to run these binaries,
let alone seen the source, and so cannot vouch for them.
Binaries are provided for Alpha, i386 and arm32 architectures.
- make this work on all arches (use C where no equivalent asm is
available). Since the arch specifics are determined by `uname', set
ONLY_FOR_ARCHS to the full list of current architectures.
- don't use various methods of editing (patch, sed) where pulling values
from the environment and using CONFIGURE_ENV/MAKE_ENV will suffice.
- use %D to get the value of $PREFIX in the PLIST; the PLIST doesn't need
to be sed edited to get this as part of an @exec!
- use pmake's += construct to add rsaref-specific stuff, instead of adding
"extra" patches.
Now works on arm32, but probably not on alpha and sparc64 (tests fail on
alpha; likely type-sizing problems, and still looking at that).
Don't remove it on de-install. Put the example config file (ssleay.cnf.eg)
in lib right beside the real config.
Yes, this file really should be in etc, but the programs have several
different routines that look for the config files, at least one of which
has the use of lib hard-coded. This would be pretty messy to fix.
Don't immediately timeout sessions as idle just because an actual
idle check had not been done yet (so last_idle_time was zero, and
the difference to current time is way over your idle time limit).
Also added the first US mirror of ssh into MASTER_SITES.
- New, optional Makefile variable HOMEPAGE, specifies a URL for
the home page of the software if it has one.
- The value of HOMEPAGE is used to add a link from the
README.html files.
- pkglint updated to know about it. The "correct" location for
HOMEPAGE in the Makefile is after MAINTAINER, in that same
section.
