Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
version 1.0.3
- clarify documentation of oauth_curl
- fix possible memleak in oauth_curl (only relevant if an error occurs)
- fix TOCTOU in oauth_curl_post_file: the file may change between stat() and fopen()
version 1.0.2
- fix typos in documentation
- add xfree, xstrdup patch from Kedar Sovani
- prepare repository migration to github
- built-in sha1 support big&little endian
- (no changes to the actual library API or ABI)
version 1.0.1
- do not url-escape RSA-key for signature
version 1.0.0
- fix body-hash example code
- mark all oauth_http functions as deprecated
- freeze interface definitions for good
- enter maintenance/bug-fix only cycle
version 0.9.7
- fixed tiny memory leak when oauth_curl_get() fails
- fixed double-encoding of plaintext signature
version 0.9.6
- fixed typo, do not print a separator before first parameter
when serializing url for auth-header.
version 0.9.5
- added "built-in" hmac-sha1 hashing (no RSA).
- added some CURL options available via enviroment variables
- fixed issue with decoding already encoded characters
in the base-URL (not parameters).
reported by L. Alberto Gimenez
Changes since previous version:
version 0.9.4
- fixed possible memory corrution in oauth_curl_get
thanks to Bruce Rosen for reporting this issue
version 0.9.3
- yet more build-system fixes:
- allow to override HASH_LIBS and CURL_LIBS using envoronment variables
- include them in .pc and tests/Makefile.am
version 0.9.2
- fixed typo in build-system (LDFLAGS, -Wl,--as-needed detection)
version 0.9.1
- fixed typo in API:
oauth_time_indepenent_equals[_n] is now deprecated in favor of
oauth_time_independent_equals[_n]
- added check for 'Wl,--as-needed' linker flag.
version 0.9.0
- fixed typo in pkg-config file.
With thanks to Brad Harder for the nudge.
This is an updated version of the liboauth package in pkgsrc-wip by
Kamel Derouiche, modified by myself not to have nss, doxygen, perl and
graphviz pre-requisites.
OAuth (Open Authorization) is an open standard that allows users to
share their private resources (e.g. photos, videos, contact lists)
stored on one site with another site without having to hand out their
username and password.
OAuth allows users to hand out tokens instead of usernames and
passwords to their data hosted by a given service provider. Each
token grants access to a specific site (e.g. a video editing site)
for specific resources (e.g. just videos from a specific album) and
for a defined duration (e.g. the next 2 hours).
Thus OAuth allows a user to grant a third party site access to their
information stored with another service provider, without sharing
their access permissions or the full extent of their data.
OAuth is a service that is complementary to but distinct from OpenID.
liboauth is a collection of C functions implementing the OAuth
Core 1.0 standard API. liboauth provides basic functions to
escape and encode parameters according to OAuth specs and
offers high-level functions to sign requests or verify
signatures.
Necessary these days for twitter applications; useful for flickr and many
others...
