head	1.5;
access;
symbols
	netbsd-11-0-RC5:1.3.2.1
	netbsd-11-0-RC4:1.3.2.1
	netbsd-11-0-RC3:1.3.2.1
	netbsd-11-0-RC2:1.3.2.1
	netbsd-11-0-RC1:1.3.2.1
	perseant-exfatfs-base-20250801:1.3
	netbsd-11:1.3.0.2
	netbsd-11-base:1.3;
locks; strict;
comment	@# @;


1.5
date	2025.12.28.09.39.35;	author nia;	state Exp;
branches;
next	1.4;
commitid	EeiWDDxbhQD7Q9oG;

1.4
date	2025.10.11.15.45.10;	author christos;	state Exp;
branches;
next	1.3;
commitid	5RgqA9p3dWoJoaeG;

1.3
date	2025.04.15.22.40.20;	author christos;	state Exp;
branches
	1.3.2.1;
next	1.2;
commitid	Dq9Arq9ZZzi1scRF;

1.2
date	2025.04.10.10.00.12;	author martin;	state Exp;
branches;
next	1.1;
commitid	GcIrEGL309hfpuQF;

1.1
date	2025.04.09.15.49.34;	author christos;	state Exp;
branches;
next	;
commitid	jmHgYcP8BwnNmoQF;

1.3.2.1
date	2026.02.02.18.08.04;	author martin;	state Exp;
branches;
next	;
commitid	uoph5GzxvxGnwPsG;


desc
@@


1.5
log
@openssh: Fix building without libcrypto.

There are a couple of places in the build goo where this looks like it
was attempted before, but it had bitrotted.

Upstream supports this, but it seems to have only been tested on OpenBSD
(note there are several locations where it's assumed that malloc/free are
available via libcrypto headers). The change to dist/auth.h brings us
closer to the code in OpenBSD, though.

Enable building without libcrypto on sun2, where there is no support for
shared libraries and currently sshd isn't exactly usable due to
executable size limits and slowness.

libfido2 still brings in libcrypto (do we really need support for USB keys
on all platforms?) for the client applications, but this reduces the
binary size of sshd on sun2 to a quarter of what it was before.
@
text
@#	$NetBSD: Makefile,v 1.4 2025/10/11 15:45:10 christos Exp $

NOMAN=	yes
.include <bsd.own.mk>

PROG=	sshd-auth

BINDIR=	/usr/libexec

SRCS+= \
auth-bsdauth.c \
auth-options.c \
auth-passwd.c \
auth-rhosts.c \
auth.c \
auth2-chall.c \
auth2-hostbased.c \
auth2-kbdint.c \
auth2-methods.c \
auth2-none.c \
auth2-passwd.c \
auth2-pubkey.c \
auth2-pubkeyfile.c \
auth2.c \
authfd.c \
compat.c \
dns.c \
fatal.c \
groupaccess.c \
hostfile.c \
misc-agent.c \
monitor_wrap.c \
pfilter.c \
readpass.c \
servconf.c \
serverloop.c \
session.c \
sftp-common.c \
sftp-realpath.c \
sftp-server.c \
sshd-auth.c \
sshlogin.c \
sshpty.c \
uidswap.c \
utf8.c \

COPTS.auth-options.c+=	-Wno-pointer-sign
COPTS.ldapauth.c+=	-Wno-format-nonliteral	# XXX: should fix

.if (${USE_PAM} != "no")
SRCS+=	auth-pam.c
LDADD+=	-lpam ${PAM_STATIC_LDADD}
DPADD+=	${LIBPAM} ${PAM_STATIC_DPADD}

.if ${USE_YP} != "no"
LDADD+= -lrpcsvc
DPADD+= ${LIBRPCSVC}
.endif

.else	# USE_PAM == no

.if (${USE_SKEY} != "no")
LDADD+=	-lskey
DPADD+=	${LIBSKEY}
.endif

.endif	# USE_PAM == no

.if (${USE_KERBEROS} != "no")
SRCS+=	auth-krb5.c gss-genr.c auth2-gss.c gss-serv.c gss-serv-krb5.c
LDADD+=	-lgssapi -lheimntlm
DPADD+=	${LIBGSSAPI} ${LIBHEIMNTLM}

LDADD+=	-lkafs
DPADD+= ${LIBKAFS}

SRCS+=	auth2-krb5.c
LDADD+= ${LIBKRB5_LDADD}
DPADD+= ${LIBKRB5_DPADD}
.endif

.if (${USE_LDAP} != "no")
SRCS+=	ldapauth.c
LDADD+=	${LIBLDAP_LDADD}
DPADD+=	${LIBLDAP_DPADD}
.endif

LDADD+=	-lcrypt -lutil
DPADD+=	${LIBCRYPT} ${LIBUTIL}

LDADD+=	-lwrap
DPADD+=	${LIBWRAP}

.ifdef CRUNCHEDPROG
CPPFLAGS+=-DSMALL
.else
LDADD+=	-lblocklist
DPADD+=	${LIBBLOCKLIST}
.endif

.include "../Makefile.inc"

.ifdef WITH_OPENSSL
SRCS+= kexgexs.c
.endif

COPTS.sshlogin.c+=	${CC_WNO_STRINGOP_TRUNCATION}
COPTS.ldapauth.c+=	${CC_WNO_STRINGOP_TRUNCATION} ${CC_WNO_STRINGOP_OVERFLOW}
COPTS.monitor.c+= -Wno-error=deprecated-declarations
COPTS.kexgexs.c+= -Wno-error=deprecated-declarations

.include <bsd.prog.mk>
@


1.4
log
@Merge changes between OpenSSH-10.0 and 10.2
@
text
@d1 1
a1 1
#	$NetBSD: Makefile,v 1.3 2025/04/15 22:40:20 christos Exp $
a30 1
kexgexs.c \
d101 6
@


1.3
log
@add noreturn attribute
@
text
@d1 1
a1 1
#	$NetBSD: Makefile,v 1.2 2025/04/10 10:00:12 martin Exp $
d32 1
@


1.3.2.1
log
@Pull up the following, requested by maya in ticket #173:

	crypto/external/bsd/openssh/dist/misc-agent.c   up to 1.2
	crypto/external/bsd/openssh/dist/PROTOCOL.certkeys delete
	crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 delete
	crypto/external/bsd/openssh/dist/ssh-dss.c      delete
	crypto/external/bsd/openssh/dist/ssh-sandbox.h  delete
	crypto/external/bsd/openssh/dist/ssh-xmss.c     delete
	crypto/external/bsd/openssh/dist/sshkey-xmss.c  delete
	crypto/external/bsd/openssh/dist/sshkey-xmss.h  delete
	crypto/external/bsd/openssh/dist/xmss_commons.c delete
	crypto/external/bsd/openssh/dist/xmss_commons.h delete
	crypto/external/bsd/openssh/dist/xmss_fast.c    delete
	crypto/external/bsd/openssh/dist/xmss_fast.h    delete
	crypto/external/bsd/openssh/dist/xmss_hash.c    delete
	crypto/external/bsd/openssh/dist/xmss_hash.h    delete
	crypto/external/bsd/openssh/dist/xmss_hash_address.c delete
	crypto/external/bsd/openssh/dist/xmss_hash_address.h delete
	crypto/external/bsd/openssh/dist/xmss_wots.c    delete
	crypto/external/bsd/openssh/dist/xmss_wots.h    delete
	crypto/external/bsd/openssh/Makefile.inc        up to 1.20
	crypto/external/bsd/openssh/bin/Makefile.inc    up to 1.9
	crypto/external/bsd/openssh/bin/ssh-agent/Makefile up to 1.8
	crypto/external/bsd/openssh/bin/ssh-keygen/Makefile up to 1.12
	crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.7
	crypto/external/bsd/openssh/dist/PROTOCOL       up to 1.25
	crypto/external/bsd/openssh/dist/PROTOCOL.agent up to 1.19
	crypto/external/bsd/openssh/dist/auth-krb5.c    up to 1.19
	crypto/external/bsd/openssh/dist/auth-options.c up to 1.30
	crypto/external/bsd/openssh/dist/auth-passwd.c  up to 1.14
	crypto/external/bsd/openssh/dist/auth.c         up to 1.39
	crypto/external/bsd/openssh/dist/auth.h         up to 1.25
	crypto/external/bsd/openssh/dist/auth2-chall.c  up to 1.20
	crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.25
	crypto/external/bsd/openssh/dist/auth2-krb5.c   up to 1.12
	crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.37
	crypto/external/bsd/openssh/dist/auth2-pubkeyfile.c up to 1.4
	crypto/external/bsd/openssh/dist/authfd.c       up to 1.28
	crypto/external/bsd/openssh/dist/authfd.h       up to 1.18
	crypto/external/bsd/openssh/dist/authfile.c     up to 1.30
	crypto/external/bsd/openssh/dist/channels.c     up to 1.47
	crypto/external/bsd/openssh/dist/channels.h     up to 1.30
	crypto/external/bsd/openssh/dist/cipher.c       up to 1.26
	crypto/external/bsd/openssh/dist/clientloop.c   up to 1.44
	crypto/external/bsd/openssh/dist/digest-libc.c  up to 1.11
	crypto/external/bsd/openssh/dist/dispatch.c     up to 1.12
	crypto/external/bsd/openssh/dist/dns.c          up to 1.24
	crypto/external/bsd/openssh/dist/dns.h          up to 1.14
	crypto/external/bsd/openssh/dist/gss-genr.c     up to 1.15
	crypto/external/bsd/openssh/dist/gss-serv.c     up to 1.17
	crypto/external/bsd/openssh/dist/hash.c         up to 1.9
	crypto/external/bsd/openssh/dist/hmac.c         up to 1.9
	crypto/external/bsd/openssh/dist/hostfile.c     up to 1.24
	crypto/external/bsd/openssh/dist/includes.h     up to 1.11
	crypto/external/bsd/openssh/dist/kex-names.c    up to 1.4
	crypto/external/bsd/openssh/dist/kex.c          up to 1.39
	crypto/external/bsd/openssh/dist/kex.h          up to 1.28
	crypto/external/bsd/openssh/dist/kexdh.c        up to 1.11
	crypto/external/bsd/openssh/dist/kexecdh.c      up to 1.9
	crypto/external/bsd/openssh/dist/kexgexc.c      up to 1.18
	crypto/external/bsd/openssh/dist/kexgexs.c      up to 1.25
	crypto/external/bsd/openssh/dist/krl.c          up to 1.26
	crypto/external/bsd/openssh/dist/log.c          up to 1.33
	crypto/external/bsd/openssh/dist/mac.c          up to 1.17
	crypto/external/bsd/openssh/dist/misc.c         up to 1.40
	crypto/external/bsd/openssh/dist/misc.h         up to 1.32
	crypto/external/bsd/openssh/dist/moduli.c       up to 1.18
	crypto/external/bsd/openssh/dist/monitor.c      up to 1.50
	crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.37
	crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.26
	crypto/external/bsd/openssh/dist/mux.c          up to 1.39
	crypto/external/bsd/openssh/dist/packet.c       up to 1.56
	crypto/external/bsd/openssh/dist/packet.h       up to 1.29
	crypto/external/bsd/openssh/dist/pathnames.h    up to 1.18
	crypto/external/bsd/openssh/dist/pkcs11.h       up to 1.7
	crypto/external/bsd/openssh/dist/progressmeter.c up to 1.17
	crypto/external/bsd/openssh/dist/readconf.c     up to 1.50
	crypto/external/bsd/openssh/dist/readconf.h     up to 1.37
	crypto/external/bsd/openssh/dist/readpass.c     up to 1.20
	crypto/external/bsd/openssh/dist/scp.1          up to 1.33
	crypto/external/bsd/openssh/dist/scp.c          up to 1.44
	crypto/external/bsd/openssh/dist/servconf.c     up to 1.51
	crypto/external/bsd/openssh/dist/serverloop.c   up to 1.39
	crypto/external/bsd/openssh/dist/session.c      up to 1.44
	crypto/external/bsd/openssh/dist/sftp-client.c  up to 1.38
	crypto/external/bsd/openssh/dist/sftp-client.h  up to 1.19
	crypto/external/bsd/openssh/dist/sftp-server.c  up to 1.32
	crypto/external/bsd/openssh/dist/sftp.c         up to 1.43
	crypto/external/bsd/openssh/dist/sk-usbhid.c    up to 1.11
	crypto/external/bsd/openssh/dist/srclimit.c     up to 1.7
	crypto/external/bsd/openssh/dist/ssh-add.1      up to 1.21
	crypto/external/bsd/openssh/dist/ssh-add.c      up to 1.33
	crypto/external/bsd/openssh/dist/ssh-agent.1    up to 1.21
	crypto/external/bsd/openssh/dist/ssh-agent.c    up to 1.43
	crypto/external/bsd/openssh/dist/ssh-ecdsa.c    up to 1.17
	crypto/external/bsd/openssh/dist/ssh-ed25519.c  up to 1.11
	crypto/external/bsd/openssh/dist/ssh-keygen.1   up to 1.41
	crypto/external/bsd/openssh/dist/ssh-keygen.c   up to 1.50
	crypto/external/bsd/openssh/dist/ssh-keyscan.1  up to 1.20
	crypto/external/bsd/openssh/dist/ssh-keyscan.c  up to 1.37
	crypto/external/bsd/openssh/dist/ssh-keysign.c  up to 1.28
	crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.21
	crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.24
	crypto/external/bsd/openssh/dist/ssh-pkcs11.c   up to 1.30
	crypto/external/bsd/openssh/dist/ssh-pkcs11.h   up to 1.10
	crypto/external/bsd/openssh/dist/ssh-rsa.c      up to 1.21
	crypto/external/bsd/openssh/dist/ssh-sk-helper.c up to 1.8
	crypto/external/bsd/openssh/dist/ssh.c          up to 1.48
	crypto/external/bsd/openssh/dist/ssh_config     up to 1.17
	crypto/external/bsd/openssh/dist/ssh_config.5   up to 1.45
	crypto/external/bsd/openssh/dist/sshbuf-misc.c  up to 1.15
	crypto/external/bsd/openssh/dist/sshbuf.h       up to 1.22
	crypto/external/bsd/openssh/dist/sshconnect.c   up to 1.41
	crypto/external/bsd/openssh/dist/sshconnect2.c  up to 1.52
	crypto/external/bsd/openssh/dist/sshd-auth.c    up to 1.4
	crypto/external/bsd/openssh/dist/sshd-session.c up to 1.11
	crypto/external/bsd/openssh/dist/sshd.8         up to 1.34
	crypto/external/bsd/openssh/dist/sshd.c         up to 1.56
	crypto/external/bsd/openssh/dist/sshd_config.5  up to 1.48
	crypto/external/bsd/openssh/dist/sshkey.c       up to 1.36
	crypto/external/bsd/openssh/dist/sshkey.h       up to 1.25
	crypto/external/bsd/openssh/dist/sshsig.c       up to 1.16
	crypto/external/bsd/openssh/dist/umac.c         up to 1.23
	crypto/external/bsd/openssh/dist/version.h      up to 1.52
	crypto/external/bsd/openssh/dist/xmalloc.c      up to 1.14
	crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.4
	crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.4
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.21
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.23
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.23
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.23
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.23
	crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.23
	crypto/external/bsd/openssh/lib/Makefile        up to 1.47
	crypto/external/bsd/openssh/lib/shlib_version   up to 1.41
	crypto/external/bsd/openssh/lib/ssh.expsym      up to 1.4
	crypto/external/bsd/openssh/libexec/Makefile    up to 1.4
	crypto/external/bsd/openssh/libexec/ssh-sk-helper/Makefile up to 1.5
	crypto/external/bsd/openssh/libexec/sshd-auth/Makefile up to 1.5
	crypto/external/bsd/openssh/libexec/sshd-session/Makefile up to 1.4
	lib/libpam/modules/pam_ssh/pam_ssh.c		1.31,1.32
	distrib/sets/lists/base/shl.mi			(apply patch)
	distrib/sets/lists/debug/shl.mi			(apply patch)
	doc/3RDPARTY					(apply patch)

Import OpenSSH 10.2
@
text
@d1 1
a1 1
#	$NetBSD: Makefile,v 1.5 2025/12/28 09:39:35 nia Exp $
d31 1
a31 1
misc-agent.c \
a100 6
.include "../Makefile.inc"

.ifdef WITH_OPENSSL
SRCS+= kexgexs.c
.endif

@


1.2
log
@avoid clang warning: function 'usage' could be declared with attribute 'noreturn'
@
text
@d1 1
a1 1
#	$NetBSD: Makefile,v 1.1 2025/04/09 15:49:34 christos Exp $
a104 1
COPTS.sshd-auth.c+=${${ACTIVE_CC} == "clang":? -Wno-error=missing-noreturn:}
@


1.1
log
@merge changes between OpenSSH 9.9 and 10.0
@
text
@d1 1
a1 1
#	$NetBSD: Makefile,v 1.1 2024/07/09 00:05:44 christos Exp $
d105 1
@