ucspi-ssl: update to 0.12.10. Changes:
0.12.8: - Added new x509 certs and key material; all ECC now. - Fixed wrong evaluation of peer cert in ssl_verify (none-critical). 0.12.9: - Included IP info in sslserver's TLS error messages for a quick lookup. - Fixed sslhandle's wrong if nesting. - sslserver return FATAL (and not ERROR) in case TLS is requested but missing. - Enhanced compatibility with OpenSSL 3.x.y. 0.12.10: - Added argument '-y cdb' to sslserver in order to allow a rule checking for IP addresses prior of the DNS/IDENT lookup (to cope with DDos attacks).
This commit is contained in:
parent
276d9205af
commit
9b62392159
|
@ -1,9 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.62 2023/10/24 22:10:36 wiz Exp $
|
||||
# $NetBSD: Makefile,v 1.63 2023/12/09 19:10:12 schmonz Exp $
|
||||
#
|
||||
|
||||
DISTNAME= ucspi-ssl-0.12.7
|
||||
DISTNAME= ucspi-ssl-0.12.10
|
||||
PKGNAME= ${DISTNAME:S/-0./-0.999./}
|
||||
PKGREVISION= 3
|
||||
CATEGORIES= net
|
||||
MASTER_SITES= https://www.fehcom.de/ipnet/ucspi-ssl/
|
||||
EXTRACT_SUFX= .tgz
|
||||
|
@ -32,13 +31,13 @@ PKG_SYSCONFSUBDIR= ${PKGBASE}
|
|||
|
||||
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
|
||||
MAKE_DIRS+= ${PKG_SYSCONFDIR}
|
||||
CONF_FILES+= ${EGDIR}/dh1024.pem ${PKG_SYSCONFDIR}/dh1024.pem
|
||||
CONF_FILES+= ${EGDIR}/dh2048.pem ${PKG_SYSCONFDIR}/dh2048.pem
|
||||
|
||||
DJB_CONFIG_DIR= ${WRKSRC}
|
||||
DJB_CONFIG_CMDS= \
|
||||
${ECHO} > conf-ssl; \
|
||||
${ECHO} ${SSLDIR}/certs > conf-cadir; \
|
||||
${ECHO} ${PKG_SYSCONFDIR}/dh1024.pem > conf-dhfile; \
|
||||
${ECHO} ${PKG_SYSCONFDIR}/dh2048.pem > conf-dhfile; \
|
||||
${ECHO} ${DEFAULT_MEDIUM_CIPHERS} > conf-ciphers; \
|
||||
${ECHO} it-base > src/it=d;
|
||||
|
||||
|
@ -70,11 +69,11 @@ do-install: do-install-sslperl
|
|||
${INSTALL_MAN} ${WRKSRC}/man/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man2
|
||||
.endfor
|
||||
|
||||
.for i in dh1024.pem
|
||||
.for i in dh2048.pem
|
||||
${INSTALL_DATA} ${WRKSRC}/etc/${i} ${DESTDIR}${EGDIR}
|
||||
.endfor
|
||||
|
||||
.for i in CERTS CHAIN-SSL CHANGES TLSVERSION_CIPHERSUITES TLS_1_3 TODO UCSPI-SSL
|
||||
.for i in CHAIN-SSL CHANGES TLSVERSION_CIPHERSUITES TLS_1_3 TODO UCSPI-SSL
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/${i} \
|
||||
${DESTDIR}${PREFIX}/share/doc/${PKGBASE}
|
||||
.endfor
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.6 2019/08/03 10:44:07 schmonz Exp $
|
||||
@comment $NetBSD: PLIST,v 1.7 2023/12/09 19:10:12 schmonz Exp $
|
||||
bin/https@
|
||||
bin/sslcat
|
||||
bin/sslclient
|
||||
|
@ -12,11 +12,10 @@ man/man1/sslconnect.1
|
|||
man/man1/sslhandle.1
|
||||
man/man1/sslserver.1
|
||||
man/man2/ucspi-tls.2
|
||||
share/doc/ucspi-ssl/CERTS
|
||||
share/doc/ucspi-ssl/CHAIN-SSL
|
||||
share/doc/ucspi-ssl/CHANGES
|
||||
share/doc/ucspi-ssl/TLSVERSION_CIPHERSUITES
|
||||
share/doc/ucspi-ssl/TLS_1_3
|
||||
share/doc/ucspi-ssl/TODO
|
||||
share/doc/ucspi-ssl/UCSPI-SSL
|
||||
share/examples/ucspi-ssl/dh1024.pem
|
||||
share/examples/ucspi-ssl/dh2048.pem
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.31 2023/05/29 11:52:59 schmonz Exp $
|
||||
$NetBSD: distinfo,v 1.32 2023/12/09 19:10:12 schmonz Exp $
|
||||
|
||||
BLAKE2s (ucspi-ssl-0.12.7.tgz) = 769e207fd5d57a1cfbc4966ea8e7021d542d222218d931727754b334327b559c
|
||||
SHA512 (ucspi-ssl-0.12.7.tgz) = a2a8ba4ebe05f7e88e4416df0d77b79c98d6968e89ec72e84834825a4978c3432afc5dcc109bcde61216bae48d1d84ba42814dba9f1d582b6d3d7d24c2dee905
|
||||
Size (ucspi-ssl-0.12.7.tgz) = 81920 bytes
|
||||
BLAKE2s (ucspi-ssl-0.12.10.tgz) = f7a1722367a8009e8d37bdba78b54637331a691c01bed6ae10418abc162012fc
|
||||
SHA512 (ucspi-ssl-0.12.10.tgz) = 3d71b6aa636528abcf5b1cedb47b95c89f974cb1e8275d70922cb09eafbe41bf630afa77f904252b4d4a1c1858fdbe6c75c5fe209128e20a94ed53081b516a84
|
||||
Size (ucspi-ssl-0.12.10.tgz) = 81920 bytes
|
||||
SHA1 (patch-src_print-dl.sh) = 456ae878c5116bbdfab1e9b4c049f6e4e80bc2b1
|
||||
SHA1 (patch-src_print-ld.sh) = f05f316eb6b95a3a9cb5726c9e7bb2d27dfc1b7b
|
||||
SHA1 (patch-src_ucspissl.h) = 4f9724be72a9fa9310bd5969f84767ff1b88260c
|
||||
|
|
Loading…
Reference in New Issue