4874 commits

Author	SHA1	Message	Date
wiz	22414ab751	Improve previous patch to still build on NetBSD 4.0 branch. ... Addresses PR 38744.	2008-05-25 21:50:45 +00:00
joerg	a8a3c01339	Explicitly add pax dependency in those Makefiles that use it (or have ... patches to add it). Drop pax from the default USE_TOOLS list. Make bsdtar the default for those places that wanted gtar to extract long links etc, as bsdtar can be built of the tree.	2008-05-25 21:42:20 +00:00
obache	e1120407b7	Require libgcrypt>=1.2.2. Noticed by Steve Bellovin in pkgsrc-users@. ... And also require opencdk>=0.6.5.	2008-05-24 04:59:59 +00:00
tnn	dff5175c58	Remove textproc/p5-String-Random which was a duplicate of ... security/p5-String-Random. Merge changes from the textproc one into the security one.	2008-05-22 19:04:37 +00:00
tnn	1a4e5d5cb6	Update to gnutls-2.2.5. ... * Version 2.2.5 (released 2008-05-19) Fix flaw in fix for GNUTLS-SA-2008-1-3. * Version 2.2.4 (released 2008-05-19) Fix three security vulnerabilities. [GNUTLS-SA-2008-1] [GNUTLS-SA-2008-1-1] libgnutls: Fix crash when sending invalid server name. [GNUTLS-SA-2008-1-2] libgnutls: Fix crash when sending repeated client hellos. [GNUTLS-SA-2008-1-3] libgnutls: Fix crash in cipher padding decoding for invalid record lengths. * Version 2.2.3 (released 2008-05-06) Increase default handshake packet size limit to 48kb. Fix compilation error related to __FUNCTION__ on some systems. Documented the --priority option to gnutls-cli and gnutls-serv. Fix fopen file descriptor leak in PSK server code. Build Guile code with -fgnu89-inline only when supported. Make Camellia encryption work.	2008-05-22 13:18:52 +00:00
obache	3a3654baf5	Update gsasl to 0.2.26. ... Based on patch provided by Eric Schnoebelen in PR 38692. While here, marked as DESTDIR support. Also fix CONFIGURE option for GSSAPI implement (I don't know from when). * Version 0.2.26 (released 2008-05-05) ** Translations files not stored directly in git to avoid merge conflicts. This allows us to avoid use of --no-location which makes the translation teams happier. ** Build fixes for the documentation. ** Update gnulib files. * Version 0.2.25 (released 2008-03-10) ** gsasl: Fix buffering issue to avoid mixing stdout/stderr outputs. This would manifest itself when redirecting output to a pipe, such as when used with Gnus. Reported by Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>, see <http://thread.gmane.org/gmane.comp.gnu.gsasl.general/123>. ** Fix non-portable use of brace expansion in makefiles. * Version 0.2.24 (released 2008-01-15) ** Link self-tests with gnulib, to fix link failures under MinGW. * Version 0.2.23 (released 2008-01-15) ** Improve CRAM-MD5 self-test to detect if challenges are the same. ** Improve gsasl --help and --version to conform with GNU standards. ** Use gettext 0.17. ** Update gnulib files. * Version 0.2.22 (released 2007-10-08) ** Development git tree moved to savannah. See <https://savannah.gnu.org/projects/gsasl/>. ** Fix warnings when building the tool 'gsasl'. ** Update gnulib files.	2008-05-21 15:22:56 +00:00
obache	1f8accbf4c	Fix MAINTAINER address typo since initial import. ... tech-pkg at jp.NetBSD.org => tech-pkg-ja at jp.NetBSD.org	2008-05-17 08:22:56 +00:00
drochner	0cb815d245	update to 1.7.3 ... changes: -direct-tcpip support -bug fixes pkgsrc change: disable use of Python setuptools (gives unpredictable results)	2008-05-15 18:27:43 +00:00
wiz	a7abc37f1c	Fix build on NetBSD-current with openssl-current, by adding a "const".	2008-05-15 11:06:05 +00:00
jwise	00cd99382b	libhcrypto.la only seems to get installed if we're building on 3.x or older, ... so make it only end up in the PLIST if that is the case.	2008-05-14 18:01:26 +00:00
taca	6c7222dc28	Update security/seudo pacakge to 1.6.p16. ... Major changes since Sudo 1.6.9p15: o There was missing whitespace before the ldap libraries in the Makefile for some configurations. o LDAPS_PORT may not be defined on older Solaris LDAP SDKs. o If the LDAP server could not be contacted and the user was not present in sudoers, a syntax error in sudoers was incorrectly reported.	2008-05-14 14:00:15 +00:00
agc	650bfc74c8	Add and enable stegtunnel	2008-05-09 21:40:34 +00:00
agc	6596cdb087	Initial import of stegtunnel-0.4 into the packages collection. ... Stegtunnel provides a covert channel in the IPID and sequence number fields of any desired TCP connection. It requires the server and client to have a previously shared secret in common to detect and decrypt the data.	2008-05-09 21:39:17 +00:00
joerg	a235d3b925	Supports DESTDIR.	2008-05-08 18:59:38 +00:00
joerg	b9d9951b4c	Supports DESTDIR	2008-05-08 18:32:19 +00:00
tonnerre	2f84995386	Fix build of OpenSSL on NetBSD/amd64 (4.0 and current tested)	2008-05-08 14:04:25 +00:00
jwise	6995e3bc58	Add missing library (libhcrypto) to PLIST, allowing sudo to build against ... this heimdal on 3.x. Bump PKGREVISION.	2008-05-05 02:26:03 +00:00
jlam	c98cfb0b82	Note addition of security/ruby-ezcrypto.	2008-05-01 21:10:19 +00:00
jlam	a353970006	Initial import of ruby18-ezcrypto-0.7 as security/ruby-ezcrypto. ... EzCrypto is an easy-to-use wrapper around the poorly documented OpenSSL Ruby library. Features include: * Defaults to AES 128 CBC * Will use OpenSSL library for transparent hardware crypto support * Single-class object-oriented access to most commonly used features * Ruby-like syntax	2008-05-01 21:09:47 +00:00
jmmv	0d3662ee66	Drop maintainership ... Stop lying and drop maintainership of these packages. I have not maintained them for a very long time already, so leave room for fresh blood to take over them.	2008-04-30 13:38:14 +00:00
shannonjr	753cd7d5a3	Re: pkg/38549 (Support for DragonFly to security/pcsc-lite) ... Synopsis: Support for DragonFly to security/pcsc-lite Incorporated fix submitted by Hasso Tepper.	2008-04-30 13:34:28 +00:00
shannonjr	6c169bd86d	Re: pkg/38550 (Support for DragonFly to security/ccid) ... Synopsis: Support for DragonFly to security/ccid Incorporated fix submitted by Hasso Tepper.	2008-04-30 13:32:21 +00:00
shannonjr	bc762658a7	Add patch to conditionally include <stdint.h> based on the symbol ... HAVE_STDINT_H generated by configure. This is required for compilation on Solaris 9.	2008-04-30 11:39:24 +00:00
wiz	d01506e74b	Update to 1.4: ... Version 1.4 (released 2008-04-21) - Update gnulib files. - Replace uses of alloca with malloc.	2008-04-29 11:45:55 +00:00
wiz	1cb31b9db7	Update to 1.4.1: ... Noteworthy changes in version 1.4.1 (2008-04-25) ------------------------------------------------ * Fixed a bug introduced by 1.3.1 which led to the comsumption of far too much entropy for the intial seeding. * Improved AES performance for CFB and CBC modes. * Removed build problems for the Padlock support.	2008-04-29 11:03:50 +00:00
bouyer	a02c5da190	Add py-smbpasswd	2008-04-28 22:05:05 +00:00
bouyer	31cf4566e4	py-smbpasswd version 1.0.1 ... This module can generate both LANMAN and NT password hashes, suitable for use with Samba.	2008-04-28 22:03:53 +00:00
shannonjr	8e0349434d	Update to 2.0.9. Changes: ... * Enhanced gpg-connect-agent with a small scripting language. * New option --list-config for gpgconf. * Fixed a crash in gpgconf. * The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the pinentry. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Creating DSA2 keys is now possible. * New option --extra-digest-algo for gpgsm to allow verification of broken signatures. * Allow encryption with legacy Elgamal sign+encrypt keys with option --rfc2440.	2008-04-28 14:54:27 +00:00
shannonjr	8f8197707f	Re: pkg/38508 (gnupg2 won't build) ... Builds without 'enable-maintainer-mode' being set	2008-04-28 14:21:27 +00:00
shannonjr	c786e8b6b2	Update to 0.9.14. Changes: ... - Let the user choose the type of sorting (default to time descending, available: time asc/desc, count asc/desc). - Implement Prewikka Asynchronous DNS resolution in alert view as well as message summary (require twisted.names and twisted.internet), see the additional dns_max_delay settings parameters in prewikka.conf. - In the alert summary view, handle portlist and ip_version service fields, and show alert messageid. - Fix exception when rendering ToolAlert. - Fix double classification escaping (could result in non working link for alert with classification containing escaped character). - Improvement to heartbeat retrieval (heartbeat view speedup). - Correct typo (fix #275), thanks Scott Olihovki <skippylou@gmail.com> for pointing this out. - Polish translation, by Konrad Kosmowski <konrad@kosmosik.net>. - Update to pt_BR translation, by Edelberto Franco Silva <edeunix@edeunix.com> - Various bug fixes and cleanup.	2008-04-28 10:59:42 +00:00
shannonjr	29d33b2356	Update to 0.9.12.2. Changes: ... - [rulesets]: Remove successful/failure keyword from classification (use IDMEF completion). Analyzer class sanitization. - [nagios] Handle Nagios V2 log entry (fix #283). - [spamassassin] Fix incorrect AdditionalData assignement. - New Suhosin ruleset, by Sebastien Tricaud <toady@inl.fr> - Fix invalid logfile inconsistency alert that could be triggered in a rare case, after a renaming detection. Alert improvement. - On logfile inconsistency alert, do not re-analyze the whole file. - Remove the 1024 bytes per PCRE reference limit. - Minor bug fixes, build system cleanup.	2008-04-28 10:54:08 +00:00
shannonjr	d53d7b9ff0	New patch required for 0.9.17	2008-04-28 10:52:40 +00:00
shannonjr	7634cc570d	Update to 0.9.17. Changes: ... - Implement RFC 4122 UUIDv1 identifier generation, more resistant to duplicate than our previous implementation in case of clock skew, or multiple client with the same analyzerid sending alert in parallel. - You can now provide NULL value to idmef_path_set() in order to destroy existing value within an IDMEF message. - Unify memory handling of value retrieval through idmef_path_t. This allow the user to retrieve and keep any values, even through the associated IDMEF message is freed. - Build system cleanup, enable RELRO when possible. - Implement PRELUDE_CLIENT_FLAGS_AUTOCONFIG, which is set by default, but that applications might unset in order for their client not to read the default profile/global configuration. - Fix possible assertion when destroying un-started prelude-client. - Improvement to the prelude-io API, the user might now hook its own handling function. - Fix dumping of (not) NULL criteria operator to string. Remove gratuitous space insertion when dumping criteria. - Headers fixes for C++ build. - Fix printing and cloning of empty IDMEF string. - In IDMEF to string convertion code, print <invalid enum value> in place of NULL on invalid enumeration value. - Various bug fixes.	2008-04-28 10:51:49 +00:00
frueauf	8255221254	Set MAINTAINER to pkgsrc-users@NetBSD.org to indicate anyone can work on fixes for those packages.	2008-04-27 18:14:03 +00:00
tnn	351ceffa01	Update to OpenSSH 5.0p1. ... Changes since 4.7: - fix two security issues - chroot support for sshd(8) - sftp server internalized in sshd(8) - assorted bug fixes	2008-04-27 00:34:27 +00:00
tnn	97822f1b10	Fix DEPENDS for Python 2.5.	2008-04-25 22:30:47 +00:00
tnn	29075003c4	Don't hardcode PYPKGPREFIX in bl3.mk	2008-04-25 22:16:20 +00:00
joerg	a77e7015fe	Update PYTHON_VERSIONS_COMPATIBLE ... - assume that Python 2.4 and 2.5 are compatible and allow checking for fallout. - remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+ default. Modify the others to deal with the removals.	2008-04-25 20:39:06 +00:00
jlam	9080934d3b	Fix detection of openssl configuration directory on NetBSD so it's ... /etc/openssl only if USE_BUILTIN.openssl is "yes".	2008-04-25 20:06:15 +00:00
smb	a24a1950a1	Fix function prototype mismatch	2008-04-25 15:16:31 +00:00
tnn	a18f03ef3a	revbumps due to libevent update.	2008-04-22 18:06:09 +00:00
adam	18b56f1131	Changes 2.1.18: ... This version includes compilers for Cisco PIX and IOS access lists which were released under GPL.	2008-04-21 15:43:15 +00:00
jnemeth	ad43885514	sort	2008-04-20 02:48:38 +00:00
drochner	be979fabcc	update to 2.22.1 ... This switches to the gnome-2.22 release branch.	2008-04-15 18:53:42 +00:00
wiz	8015905674	Update to 1.0: ... Ignore temporary build files make make install install stuff. Bump NEWS.Debian. Proposed solution for #462897: unconditionally sync keys between normal gnupg home and caff gnupg home on startup, to cope with changed keys.	2008-04-13 22:26:34 +00:00
schmonz	077f92a68f	Update to 0.90. From the changelog: ... - Added support for chaining modules within the version client library. To use this, specify the module string as a list of modules separated with commas. For example: cvm-command:/path/to/module,cvm-local:/path/to/socket This enhancement deprecates the cvm-chain module. - Introduced an "out of scope" fact, to be used on credential rejection results when the supplied credentials are outside of the scope of authority of the module. The cvm-vmailmgr and cvm-qmail modules report this fact as appropriate, and cvm-chain copies it as appropriate from the modules it invokes. - A random anti-spoofing tag is added to all version 2 client requests. Its length is set by $CVM_RANDOM_BYTES and defaults to 8. - Fixed a bug that caused the domain output to be set incorrectly when doing qmail lookups with a domain not in the control files with $CVM_QMAIL_ASSUME_LOCAL set.	2008-04-13 06:51:19 +00:00
jlam	841dfa0e7a	Convert to use PLIST_VARS instead of manually passing "@comment " ... through PLIST_SUBST to the plist module.	2008-04-12 22:42:57 +00:00
wiz	5eb83dd9bc	Remove non-standard qt4/lib/pkgconfig directory. Bump PKGREVISION.	2008-04-12 10:35:17 +00:00
jlam	ba8d4b3c72	Remove unnecessary PLIST_SUBST definition -- the PLIST is dynamic through ... the use of AUTHLIB_PLIST, so we don't need to comment stuff out.	2008-04-10 20:56:33 +00:00
drochner	2a4296c275	update to 2.22.1 ... This switches to the gnome-2.22 release branch.	2008-04-10 16:53:44 +00:00
wiz	a865b2e1c4	Fix path in DEPENDS line.	2008-04-10 07:56:09 +00:00
taca	87c3f03083	Fix build problem with hpn-patch option enabled.	2008-04-08 06:36:47 +00:00
joerg	ced3928058	Fix installation.	2008-04-07 18:06:07 +00:00
joerg	37963f36a5	Fix DESTDIR.	2008-04-07 18:04:21 +00:00
joerg	a820e04656	Add missing directories.	2008-04-07 16:45:35 +00:00
markd	c3348303f2	also set KRB5_CONFIG in the case where using builtin but ... /usr/bin/krb5-config exists. Fixes build of imap-uw package with the kerberos option on NetBSD-current and possibly other platforms.	2008-04-04 21:10:45 +00:00
jlam	6973294f00	Add and enable new ruby-* packages.	2008-04-04 15:33:05 +00:00
jlam	6488c3a1fb	Initial import of ruby18-net-ssh-1.1.2 as security/ruby-net-ssh. ... Net::SSH is to SSH as Net::Telnet is to Telnet and Net::HTTP is to HTTP. Perform non-interactive SSH processing, purely from Ruby!	2008-04-04 15:20:34 +00:00
jlam	5fa529a3b5	Initial import of ruby18-net-sftp-1.1.1 as security/ruby-net-sftp. ... Net::SFTP is a pure-Ruby implementation of the SFTP client protocol.	2008-04-04 15:20:28 +00:00
tonnerre	2442cc7499	Fix two vulnerabilities in OpenSSH: ... - X11 forwarding information disclosure (CVE-2008-1483) - ForceCommand bypass vulnerability	2008-04-03 07:59:08 +00:00
jlam	38a70df401	Don't hardcode "0 0" for the root user and group -- use ${REAL_ROOT_USER} ... and ${REAL_ROOT_GROUP} instead. The pkginstall framework checks for the name of the user and group, not the uid and gid, when comparing permissions. This fixes the following spurious warning from appearing: The following files are used by sudo-1.6.9p15 and have the wrong ownership and/or permissions: /usr/pkg/etc/sudoers (m=0440, o=0, g=0)	2008-04-02 15:06:07 +00:00
taca	e07592e07d	Update sudo package to 1.6.9p15. ... 653) Fixed installation of sudo_noexec.so on AIX. 654) Updated libtool to version 1.5.26. 655) Fixed printing of default SELinux role and type in -V mode. 656) The HOME environment variable is once again preserved by default, as per the documentation.	2008-03-29 14:16:58 +00:00
adrianp	ffbce7705e	Update to gnupg-1.4.9 ... Addresses a recent security issue that only impacts 1.4.8 and 2.0.8 * Improved AES encryption performance by more than 20% (on ia32). Decryption is also a bit faster. * Fixed possible memory corruption bug in 1.4.8 while importing OpenPGP keys.	2008-03-26 21:20:34 +00:00
tron	ae5dce2428	Add a new option "via-padlock" which enables support for the ... VIA PadLock Security Engine: - The new option is turned on by default. - The new option is only available on i386 systems except Mac OS X (which doesn't work on VIA CPU). - The new option isn't available on system which uses GCC 3.x because it causes build failures. This fixes PR pkg/38197. Approved by Dieter Baron.	2008-03-26 20:09:43 +00:00
tron	6af1f268fd	Readd checksum for "libgcrypt-1.2.4-idea.diff.bz2" which was accidentally ... removed in revision 1.22.	2008-03-25 21:39:45 +00:00
wiz	b117f6c81a	Remove openssh+gssapi. ... It has security problems for a long time now. Removal was announced on pkgsrc-users on March 13.	2008-03-25 13:44:00 +00:00
seb	bf27fa9cf5	Add a hack for GCC 3.* failing to compile asm() call in ... cipher/rijndael.c:do_padlock(): seen with GCC 3.3.3 on NetBSD.	2008-03-16 20:14:38 +00:00
wiz	1b8ea98f12	Sort.	2008-03-16 00:14:01 +00:00
tnn	fd23ed0d29	Fix build with MIPSPro. PR pkg/38210.	2008-03-11 22:19:54 +00:00
tnn	882d3eb4fe	Put back a couple of IRIX conditionals the way they used to behave, ... e.g. match IRIX 5.x but not 6.x. Some of these may indeed apply to 6.x too, but let's be conservative. PR pkg/38224.	2008-03-11 18:47:40 +00:00
taca	1b21c85160	Update sudo package to 1.6.9p14. ... pkgsrc changes: - Explict to depends security/heimdal package when kerberos option is specified. PR pkg/37999 should be fixed. Change: 646) Sudo will now set the nproc resource limit to unlimited on Linux systems to work around Linux's setuid() resource limit semantics. On PAM systems the resource limits will be reset by pam_limits.so before the command is executed. 647) SELinux support that can be used to implement role based access control (RBAC). A role and (optional) type may be specified in sudoers or on the command line. These are then used in the security context that the command is run as. 648) Fixed a Kerberos 5 compilation problem with MIT Kerberos. Sudo 1.6.9p13 released. 649) Fixed an invalid assumption in the PAM conversation function introduced in version 1.6.9p9. The conversation function may be called for non-password reading purposes as well. 650) Fixed freeing an uninitialized pointer in -l mode, introduced in version 1.6.9p13. 651) Check /etc/sudoers after LDAP even if the user was found in LDAP. This allows Defaults options in /etc/sudoers to take effect. 652) Add missing checks for enforcing mode in SELinux RBAC mode. Sudo 1.6.9p14 released.	2008-03-11 15:52:51 +00:00
wiz	ab973e6cbc	Update to 1.4.0: ... Noteworthy changes in version 1.4.0 (2007-12-10) ------------------------------------------------ * New configure option --disable-padlock-support which is mostly useful in case of build problems. Noteworthy changes in version 1.3.2 (2007-12-03) ------------------------------------------------ * The visibility attribute is now used if supported by the toolchain. * The ACE engine of VIA processors is now used for AES-128. * The ASN.1 DER template for SHA-224 has been fixed. Noteworthy changes in version 1.3.1 (2007-10-26) ------------------------------------------------ * The entire library is now under the LGPL. The helper programs and the manual are under the GPL. Kudos to Peter Gutmann for giving permissions to relicense the rndw32 and rndunix modules. * The Camellia cipher is now under the LGPL and included by default. * Fixed a bug in the detection of symbol prefixes which inhibited the build of optimzied assembler code on certain systems. * Updated the entropy gatherer for W32. Noteworthy changes in version 1.3.0 (2007-05-04) ------------------------------------------------ * Changed the way the RNG gets initialized. This allows to keep it uninitialized as long as no random numbers are used. To override this, the new macro gcry_fast_random_poll may be used. It is in general a good idea to spread this macro into the application code to make sure that these polls happen often enough. * Made the RNG immune against fork without exec. * Reading and writing the random seed file is now protected by a fcntl style file lock on systems that provide this function. * Support for SHA-224 and HMAC using SHA-384 and SHA-512. * Support for the SEED cipher. * Support for the Camellia cipher. Note that Camellia is disabled by default, and that enabling it changes the license of libgcrypt from LGPL to GPL. * Support for OFB encryption mode. * gcry_mpi_rshift does not anymore truncate the shift count. * Reserved algorithm ranges for use by applications. * Support for DSA2. * The new function gcry_md_debug should be used instead of the gcry_md_start_debug and gcry_md_stop_debug macros. * New configure option --enable-random-daemon to support a system wide random daemon. The daemon code is experimental and not yet very well working. It will eventually allow to keep a global random pool for the sake of short living processes. * Non executable stack support is now used by default on systems supporting it. * Support for Microsoft Windows. * Assembler support for the AMD64 architecture. * New configure option --enable-mpi-path for optimized builds. * Experimental support for ECDSA; should only be used for testing. * New control code GCRYCTL_PRINT_CONFIG to print the build configuration. * Minor changes to some function declarations. Buffer arguments are now typed as void pointer. This should not affect any compilation. Fixed two bugs in return values and clarified documentation. * Interface changes relative to the 1.2.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_fast_random_poll NEW gcry_md_debug NEW gcry_sexp_nth_string NEW GCRY_MD_SHA224 NEW GCRY_PK_USAGE_CERT NEW GCRY_PK_USAGE_AUTH NEW GCRY_PK_USAGE_UNKN NEW GCRY_PK_ECDSA NEW GCRY_CIPHER_SEED NEW GCRY_CIPHER_CAMELLIA128 NEW GCRY_CIPHER_CAMELLIA192 NEW GCRY_CIPHER_CAMELLIA256 NEW GCRYCTL_FAKED_RANDOM_P NEW GCRYCTL_PRINT_CONFIG NEW GCRYCTL_SET_RNDEGD_SOCKET NEW. gcry_mpi_scan CHANGED: Argument BUFFER is now void*. gcry_pk_algo_name CHANGED: Returns "?" instead of NULL. gcry_cipher_algo_name CHANGED: Returns "?" instead of "". gcry_pk_spec_t CHANGED: Element ALIASES is now const ptr. gcry_md_write_t CHANGED: Argument BUF is now a const void*. gcry_md_ctl CHANGED: Argument BUFFER is now void*. gcry_cipher_encrypt CHANGED: Arguments IN and OUT are now void*. gcry_cipher_decrypt CHANGED: Arguments IN and OUT are now void*. gcry_sexp_sprint CHANGED: Argument BUFFER is now void*. gcry_create_nonce CHANGED: Argument BUFFER is now void*. gcry_randomize CHANGED: Argument BUFFER is now void*. gcry_cipher_register CHANGED: Argument ALGORITHM_ID is now int*.	2008-03-07 16:16:22 +00:00
wiz	8e810a2bc9	Recursive PKGREVISION bump for gnutls-2.2.2 update with shlib major bump.	2008-03-06 14:53:47 +00:00
wiz	0cf6fb1a13	Update to 2.2.2: ... * Version 2.2.2 (released 2008-02-21) ** Cipher priority string handling now handle strings that starts with NULL. Thanks to Laurence Withers <l@lwithers.me.uk>. ** Corrected memory leaks in session resuming and DHE ciphersuites. Reported by Daniel Stenberg. ** Increased the default certificate verification chain limits and allowed for checks without limitation. ** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name() and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary strings and return the proper size. ** API and ABI modifications: No changes since last version. * Version 2.2.1 (released 2008-01-17) ** Prevent linking libextra against previously installed libgnutls. Tiny patch from "Alon Bar-Lev" <alon.barlev@gmail.com>, see <http://bugs.gentoo.org/show_bug.cgi?id=202269>. ** Fixes the post_client_hello_function(). The extensions are now parsed in a callback friendly way. ** Fix for certificate selection in servers with certificate callbacks. ** API and ABI modifications: No changes since last version. * Version 2.2.0 (released 2007-12-14) Major changes compared to the v2.0 branch: * SRP support aligned with newly published RFC 5054. * OpenPGP support aligned with newly published RFC 5081. * Support for DSA2 keys. * Support for Camellia cipher. * Support for Opaque PRF Input extension. * PKCS#8 parser now handle DSA keys. * Change from GPLv2 to GPLv3 for command-line tools, libgnutls-extra, etc. Notice that liblzo2 2.02 is licensed under GPLv2 only. Earlier versions, such as 2.01 which is included with GnuTLS, is available under GPLv2 or later. If this incompatibility causes problems, we recommend you to disable LZO using --without-lzo. LZO compression is not a standard TLS compression algorithm, so the impact should be minimal. * Functions for disabling record protocol padding. Works around bugs on Nokia/Ericsson phones. * New functions gnutls_priority_set() for setting cipher priorities easily. Priorities like "COMPAT" also enables other work arounds, such as disabling padding. * Other minor improvements and bug fixes. Minor changes compared to the latest v2.1.8 release candidate: * Update internal copy of libtasn1 to version 1.2. * Certtool --verify-chain now handle inputs larger than 64kb. This fixes the self-test "rsa-md5-collision" under MinGW+Wine with recent versions of libgcrypt. The problem was that Wine with the libgcrypt RNG generates huge amounts of debugging output. * Translation updates. Added Dutch translation. Updated Polish and Swedish translation. Backwards incompatible API/ABI changes in GnuTLS 2.2 ==================================================== To adapt to changes in the TLS extension specifications for OpenPGP and SRP, the GnuTLS API had to be modified. This means breaking the API and ABI backwards compatibility. That is something we try to avoid unless it is necessary. We decided to also remove the already deprecated stub functions for X.509 to XML conversion and TLS authorization (see below) when we had the opportunity. Generally, most applications does not need to be modified. Just re-compile them against the latest GnuTLS release, and it should work fine. Applications that use the OpenPGP or SRP features needs to be modified. Below is a list of the modified APIs and discussion of what the minimal things you need to modify in your application to make it work with GnuTLS 2.2. Note that GnuTLS 2.2 also introduces new APIs -- such as gnutls_set_priority() that is superior to gnutls_set_default_priority() -- that you may want to start using. However, using those new APIs is not required to use GnuTLS 2.2 since the old functions continue are still supported. This text only discuss what you minimally have to modify. XML related changes ------------------- The function `gnutls_x509_crt_to_xml' has been removed. It has been deprecated and only returned an error code since GnuTLS version 1.2.11. Nobody has complained, so users doesn't seem to miss the functionality. We don't know of any other library to convert X.509 certificates into XML format, but we decided (long ago) that GnuTLS isn't the right place for this kind of functionality. If you want help to find some other library to use here, please explain and discuss your use case on help-gnutls <at> gnu.org. TLS Authorization related changes --------------------------------- Everything related to TLS authorizations have been removed, they were only stub functions that returned an error code: GNUTLS_SUPPLEMENTAL_AUTHZ_DATA gnutls_authz_data_format_type_t gnutls_authz_recv_callback_func gnutls_authz_send_callback_func gnutls_authz_enable gnutls_authz_send_x509_attr_cert gnutls_authz_send_saml_assertion gnutls_authz_send_x509_attr_cert_url gnutls_authz_send_saml_assertion_url SRP related changes ------------------- The callback gnutls_srp_client_credentials_function has a new prototype, and its semantic has changed. You need to rewrite the callback, see the updated function documentation and SRP example code (doc/examples/ex-client-srp.c and doc/examples/ex-serv-srp.c) for more information. The alert codes GNUTLS_A_MISSING_SRP_USERNAME and GNUTLS_A_UNKNOWN_SRP_USERNAME are no longer used by the SRP specification, instead the GNUTLS_A_UNKNOWN_PSK_IDENTITY alert is used. There are #define's to map the old names to the new. You may run into problems if you have a switch-case with cases for both SRP alerts, since they are now mapped to the same value. The solution is to drop the SRP alerts from such switch cases, as they are now deprecated in favor of GNUTLS_A_UNKNOWN_PSK_IDENTITY. OpenPGP related changes ----------------------- The function `gnutls_certificate_set_openpgp_keyserver' have been removed. There is no replacement functionality inside GnuTLS. If you need keyserver functionality, consider using the GnuPG tools. All functions, types, and error codes related to OpenPGP trustdb format have been removed. The trustdb format is a non-standard GnuPG-specific format, and we recommend you to use key rings instead. The following have been removed: gnutls_certificate_set_openpgp_trustdb gnutls_openpgp_trustdb_init gnutls_openpgp_trustdb_deinit gnutls_openpgp_trustdb_import gnutls_openpgp_key_verify_trustdb gnutls_openpgp_trustdb_t GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED The following functions has an added parameter of the (new) type `gnutls_openpgp_crt_fmt_t'. The type specify the format of the data (binary or base64). The functions are: gnutls_certificate_set_openpgp_key_file gnutls_certificate_set_openpgp_key_mem gnutls_certificate_set_openpgp_keyring_mem gnutls_certificate_set_openpgp_keyring_file To improve terminology and align with the X.509 interface, some functions have been renamed. Compatibility mappings exists. The old and new names of the affected functions and types are: Old name New name gnutls_openpgp_key_t gnutls_openpgp_crt_t gnutls_openpgp_key_fmt_t gnutls_openpgp_crt_fmt_t gnutls_openpgp_key_status_t gnutls_openpgp_crt_status_t GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT gnutls_openpgp_key_init gnutls_openpgp_crt_init gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit gnutls_openpgp_key_import gnutls_openpgp_crt_import gnutls_openpgp_key_export gnutls_openpgp_crt_export gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname gnutls_openpgp_send_key gnutls_openpgp_send_cert * Version 2.0.0 (released 2007-09-04) The following changes have been made since GnuTLS 1.6: * Support for external RSA/DSA signing for TLS client authentication. This allows you to secure the private key better, for example by using privilege-separation techniques between the private key and the network client/server. * Support for signing X.509 certificates using RSA with SHA-256/384/512. * Experimental support for TLS 1.2 (disabled by default). The TLS 1.2 specification is not finalized yet, but we implement a draft version for testing. * Support for X.509 Proxy Certificates (RFC 3820) * Support for Supplemental handshakes messages (RFC 4680). * Support for TLS authorization extension (draft-housley-tls-authz-extns-07). * Support for the X.509 'otherName' Subject Altnerative Names (for XMPP). * Guile bindings for GnuTLS have been added, thanks to Ludovic Courtes. * Improve logic of gnutls_set_default_priority() which can now be more recommended. * New APIs to enumerate supported algorithms in the library. * New APIs to access X.509 Certificate extension sequentially. * New APIs to print X.509 Certificates and CRLs in human readable formats. * New APIs to extract X.509 Distinguished Names from certificates. * New APIs to handle pathLenConstraint in X.509 Basic Constraints. * Certtool can export more than one certificate to PKCS#12. * Several message translation improvements. * Instructions and improvements to easily set up a HTTPS test server. * Included copies updated to Libtasn1 1.1 and OpenCDK 0.6.4. * Build improvements for Windows, Mac OS X, uClinux, etc. * GnuTLS is now developed in GIT. * Improved manual * Many bugfixes and minor improvements.	2008-03-06 14:52:12 +00:00
jlam	84361e6a3d	As of revision 1.2 of termcap.buildlink3.mk, "-ltermcap" is automatically ... transformed into the correct set of libraries, so we no longer need to override the configure script's check for which library has tgetent().	2008-03-04 22:37:46 +00:00
shannonjr	33cef9b4f5	Correct pathname pkgsrc/local to pkgsrc/security.	2008-03-04 15:52:15 +00:00
wiz	8dff0af114	Update to 1.3: ... Version 1.3 (released 2008-02-01) - Handle 'INTEGER { ... } (a..b)' regression. Revert parts of earlier fix. asn1Parser can now again parse src/pkix.asn1. The ASN1.c file was generated using Bison 2.3. - Move examples from src/ to new directory examples/. - Duplicate copy of divergated pkix.asn removed. - Merge unnecessary lib/defines.h into lib/int.h. - Configure no longer tries to use gcc -pipe. - Update gnulib files. - Fix mem leak in self-test. Version 1.2 (released 2007-12-10) - Update gnulib files. Version 1.1 (released 2007-08-31) - Fix bug that made asn1_check_version believe that 1.0 is older than 0.3.10. Version 1.0 (released 2007-08-31) - The self-tests, command line tools and build infrastructure have been re-licensed from GPLv2 to GPLv3. - Doc fixes. - Update gnulib files. Version 0.3.10 (released 2007-05-25) - Update gnulib files.	2008-03-04 15:06:42 +00:00
shannonjr	5d67f27acf	Added entries for pcsc-lite, ccid, p5-pcsc, pcsc-tools and CoolKey.	2008-03-04 11:37:32 +00:00
shannonjr	4168c23b12	Provides driver support for the CoolKey and Common Access Card (CAC) ... smart card used in a Public Key Infrastructure (PKI). The libpkcs11 module allows use of Smart Cards in applications that use mozilla Network Security Services (NSS).	2008-03-04 11:33:02 +00:00
shannonjr	5a21c9eec3	Provides several tools that are useful when working ... with smart cards: csc_scan regularly scans every PC/SC reader connected to the host and reports when a card is inserted or removed. ATR_analysis is a Perl script used to parse the smart card ATR. The smartcard_list.txt contains ATR of some cards. It is used by ATR_analysis to find a card model corresponding to the ATR. The perl script scriptortis used to send commands to a smart card using a batch file or stdin.	2008-03-04 11:32:15 +00:00
shannonjr	0305335642	This package contains a Perl wrapper to the PC/SC smartcard library ... (pcsc-lite) from MUSCLE together with some small examples.	2008-03-04 11:31:04 +00:00
shannonjr	30a5bfae3e	This package provides a generic USB CCID (Chip/Smart Card Interface ... Devices) driver and ICCD (Integrated Circuit(s) Card Devices). See the USB CCID and ICCD specifications from the USB working group.	2008-03-04 11:30:08 +00:00
shannonjr	d6204794ef	The purpose of PC/SC Lite is to provide a Windows(R) SCard interface in a ... very small form factor for communicating to smartcards and readers. The PC/SC Lite library is used to connect to the PC/SC daemon from a client application and provide access to the desired reader.	2008-03-04 11:29:08 +00:00
rillig	ebcb0ce01e	Resign from maintaining a lot of packages, so everyone is free to update ... them at will.	2008-03-04 11:02:23 +00:00
tonio	1fc4d6fc09	Update ocaml-ssl to 0.4.2 ... Update provided by Jaap Boender in PR 38145 Release notes not available. Added a .include bsd.prefs.mk so that MACHINE_ARCH is correctly defined.	2008-03-03 18:14:19 +00:00
shannonjr	9640842eb0	Update to 0.9.11. Changes: ... - In case a lot of message were being processed, the heartbeat timer could be delayed for a long period of time. - The old scheduler algorithm could be unfair when certain message priority were not available for processing. We now appropriatly handle repartition to others priority messages. - Message of the same priority could be processed in the wrong order when on-disk buffers were used. - No integrity check were performed on orphan on-disk buffer in case of an operating system crash. By using the prelude-failover API, we can now detect possibly corrupted disk buffer, or resume at the time we stopped recovering them. - New sched-priority and sched-buffer-size configuration options. - Fix a bug where several relaying plugin instance would only forward their message to a single Manager.	2008-03-03 15:15:32 +00:00
shannonjr	39e994d32f	Update to 0.9.16.2. Changes: ... - Fix bindings for IDMEF 'get_next' functions. - Make sure we use no additional GnuLib compiler flags when building bindings, this fix bindings compilation failure on some architecture (Solaris).	2008-03-03 15:13:02 +00:00
bjs	324979ec68	Add libssh2 to category Makefile.	2008-03-02 16:14:34 +00:00
bjs	8740bfa07f	Import libssh2-0.18, a library implementing the SSH2 protocol (available ... under the revised BSD license).	2008-03-02 14:11:54 +00:00
jlam	ca5929bc04	The "missing-from-system" headers that Heimdal installs are now placed ... into ${PREFIX}/include/krb5/roken instead of ${PREFIX}/include/krb5. This is good because it reduces the likelihood of a conflict with any other similarly named headers if you simply add -I${PREFIX}/include/krb5 to the compiler command line. Patch from PR pkg/38119 by charlie.	2008-03-02 06:41:32 +00:00
jlam	9d8755394f	Rename termlib.* to termcap.* to better document exactly what packages ... are trying to use (the termcap t*() API).	2008-02-29 22:41:13 +00:00
jlam	81dece3fea	Update security/heimdal to version 1.1. Changes from version 0.7.2 include: ... * Read-only PKCS11 provider built-in to hx509. * Better compatibilty with Windows 2008 Server pre-releases and Vista. * Add RFC3526 modp group14 as default. * Handle [kdc] database = { } entries without realm = stanzas. * Add gss_pseudo_random() for mechglue and krb5. * Make session key for the krbtgt be selected by the best encryption type of the client. * Better interoperability with other PK-INIT implementations. * Alias support for inital ticket requests. * Make ASN.1 library less paranoid to with regard to NUL in string to make it inter-operate with MIT Kerberos again. * PK-INIT support. * HDB extensions support, used by PK-INIT. * New ASN.1 compiler. * GSS-API mechglue from FreeBSD. * Updated SPNEGO to support RFC4178. * Support for Cryptosystem Negotiation Extension (RFC 4537). * A new X.509 library (hx509) and related crypto functions. * A new ntlm library (heimntlm) and related crypto functions. * KDC will return the "response too big" error to force TCP retries for large (default 1400 bytes) UDP replies. This is common for PK-INIT requests. * Libkafs defaults to use 2b tokens. * krb5_kuserok() also checks ~/.k5login.d directory for acl files. * Fix memory leaks. * Bugs fixes	2008-02-28 14:11:55 +00:00
rillig	b32b7657bb	Replaced the deprecated INSTALLATION_DIRS_FROM_PLIST with AUTO_MKDIRS, ... to shut up the pkglint warnings.	2008-02-28 11:58:47 +00:00
jlam	0c8cfdf12d	Update security/heimdal to version 1.1. Changes from version 0.7.2 include: ... * Read-only PKCS11 provider built-in to hx509. * Better compatibilty with Windows 2008 Server pre-releases and Vista. * Add RFC3526 modp group14 as default. * Handle [kdc] database = { } entries without realm = stanzas. * Add gss_pseudo_random() for mechglue and krb5. * Make session key for the krbtgt be selected by the best encryption type of the client. * Better interoperability with other PK-INIT implementations. * Alias support for inital ticket requests. * Make ASN.1 library less paranoid to with regard to NUL in string to make it inter-operate with MIT Kerberos again. * PK-INIT support. * HDB extensions support, used by PK-INIT. * New ASN.1 compiler. * GSS-API mechglue from FreeBSD. * Updated SPNEGO to support RFC4178. * Support for Cryptosystem Negotiation Extension (RFC 4537). * A new X.509 library (hx509) and related crypto functions. * A new ntlm library (heimntlm) and related crypto functions. * KDC will return the "response too big" error to force TCP retries for large (default 1400 bytes) UDP replies. This is common for PK-INIT requests. * Libkafs defaults to use 2b tokens. * krb5_kuserok() also checks ~/.k5login.d directory for acl files. * Fix memory leaks. * Bugs fixes	2008-02-28 08:14:41 +00:00
adam	7cf5a9029c	Changes 2.1.17: ... This is a bug-fix release. It improves stablility of the policy importer on 64-bit platforms, supports import of iptables policies that use TCPMSS target, fixes problems with built-in RCS on windows when user does not have administrator's rights and comes with nearly 100% Brazilian Portugese translation	2008-02-21 17:34:08 +00:00
tnn	20a85821ab	Link shared libraries with -rpath on IRIX to prevent check-shlibs errors.	2008-02-20 01:10:20 +00:00
reed	e9c0ed7055	Update to 2.5.3. This update is from maintainer in PR #38062. ... From the amavisd-new-2.5.3 release notes: BUG FIXES - fix parsing a SMTP status response from MTA when releasing from a quarantine, when a MTA response did not include an enhanced status code (RFC 3463) (such as with old versions of Postfix); a parsing failure resulted in attribute "setreply=450 4.5.0 Unexpected:..." in an AM.PDP protocol response, even though a release was successful; reported by Ron Miller, John M. Kupski, investigated by Tony Caduto and Jeremy Fowler; - change parsing of addresses in From, To, and Cc header fields, avoiding complex Perl regular expressions which could crash a process on certain degenerate cases of these header fields; thanks for detailed problem reports to Carsten Lührs and Attila Nagy; - completely rewritten parsing of Received header field to work around a Perl regular expression problem which could crash a process on certain degenerate cases of mail header fields; problem reported by Thomas Gelf; - harden to some extent regular expressions in parse_message_id to cope better with degenerate cases of header fields carrying message-id; - sanitize 8-bit characters in In-Reply-To and References header fields before using them in Pen Pals SQL lookups to avoid UTF-8 errors like: penpals_check FAILED: sql exec: err=7, 22021, DBD::Pg::st execute failed: ERROR: invalid byte sequence for encoding "UTF8": 0xd864 - when turning an infection report into a spam report, avoid adding newly discovered virus names (i.e. fraud names) to a cached list if these names are already listed; previously the list would just grow on each passage through a cache, leading to unsightly long lists of spam tests in a report; based on a patch by Henrik Krohns; - fix diagnostics when an invalid command line argument is given; OTHER - reduce log clutter when certain Perl modules are loaded late, i.e. after chrooting and daemonizing, but still before a fork; now only issue one log entry by a parent process: "extra modules loaded after daemonizing: "; - slightly relax mail address syntax in subroutine split_address; - fetch additional information (tags) from SpamAssassin: TESTS, ASN, ASNCIDR, DKIMDOMAIN and DKIMIDENTITY, making them available through a macro 'supplementary_info' (if a version of SpamAssassin in use provides them); - updated DKIM section in amavisd-new-docs.html, removing the historical DomainKeys milter from examples; - declared a dummy subroutine dkim_key() and new dummy configuration variables @dkim_signature_options_bysender_maps, %signed_header_fields, $reputation_factor, @signer_reputation_maps and $sql_partition_tag, members of policy banks, in preparation for 2.6.0 - declared now for improved downgrade compatibility of 2.6.0 configuration files, if need arises.	2008-02-19 16:20:15 +00:00
reed	f7336fad52	Sort some PLIST entries.	2008-02-19 16:18:18 +00:00
jlam	d3a42c55a4	Make this more cut-and-paste-friendly.	2008-02-18 20:37:22 +00:00
jlam	79d070da7a	Actually add that prestart function as a start_precmd. Ride previous ... PKGREVISION bump.	2008-02-18 20:35:48 +00:00
jlam	42b88b10b3	+ Add full DESTDIR support. ... + Create any required directories with the right ownership and permissions as a "prestart" action in the authdaemond rc.d script. Bump the PKGREVISION to 1.	2008-02-18 20:26:33 +00:00
jlam	c788841be5	Add changes from NetBSD src that add casts to fix warnings on platforms ... where size_t is unsigned long.	2008-02-18 18:22:18 +00:00
jlam	eb65092610	Update security/openpam to openpam-20071221 (Hydrangea). Changes from ... version 20050616 (Figwort) include: - ENHANCE: API function arguments are now const where appropriate, to match corresponding changes in the Solaris PAM and Linux-PAM APIs. - ENHANCE: corrected a number of C namespace violations. - ENHANCE: the module cache has been removed, allowing long-lived applications to pick up module changes. This also allows multiple threads to use PAM simultaneously (as long as they use separate PAM contexts), since the module cache was the only part of OpenPAM that was not thread-safe.	2008-02-18 16:48:12 +00:00
apb	5396c32a11	Allow SFS_USER and SFS_GROUP to be overridden, instead of hardcoded ... to sfs:sfs. Bump PKGREVISION.	2008-02-16 22:06:12 +00:00
apb	babe7e230f	Deal with fourth arg to mount(2) in NetBSD. It appeared between ... 4.99.23 and 4.99.24.	2008-02-16 22:03:49 +00:00
adrianp	a79f7bfe0b	-msf	2008-02-12 23:13:58 +00:00
adrianp	56d3d50bc1	Remove msf v2.x for a number of reasons: ... * v3.x is now out * Any patches to update files for where interpreters are get overwritten the next time you update the msf files from metasploit.org. This renders the PLIST useless.	2008-02-12 23:13:36 +00:00
heinz	e97bfc3815	The package supports installation to DESTDIR.	2008-02-07 20:52:58 +00:00
heinz	2861a20fb0	Updated to version 2.24. ... Pkgsrc changes: - The package supports installation to DESTDIR. Changes since version 2.19: =========================== Revision history for Perl extension Crypt::CBC. 2.24 Fri Sep 28 11:21:07 EDT 2007 - Fixed failure to run under taint checks with Crypt::Rijndael or Crypt::OpenSSL::AES (and maybe other Crypt modules). See http://rt.cpan.org/Public/Bug/Display.html?id=29646. 2.23 Fri Apr 13 14:50:21 EDT 2007 - Added checks for other implementations of CBC which add no standard padding at all when cipher text is an even multiple of the block size. 2.22 Sun Oct 29 16:50:32 EST 2006 - Fixed bug in which plaintext encrypted with the -literal_key option could not be decrypted using a new object created with the same -literal_key. - Added documentation confirming that -literal_key must be accompanied by a -header of 'none' and a manually specificied IV. 2.21 Mon Oct 16 19:26:26 EDT 2006 - Fixed bug in which new() failed to work when first option is -literal_key. 2.20 Sat Aug 12 22:30:53 EDT 2006 - Added ability to pass a preinitialized Crypt::* block cipher object instead of the class name. - Fixed a bug when processing -literal_key.	2008-02-07 20:46:04 +00:00
heinz	a609610359	The package supports installation to DESTDIR. ... A C compiler is necessary.	2008-02-07 20:27:23 +00:00
tnn	bdcd11f1c3	Needs GNU nroff to format catpages with -mandoc.	2008-02-07 13:24:36 +00:00
tnn	e18489a712	Fix build on HPUX: ... in HP's alternate universe, MAP_ANON is called MAP_ANONYMOUS.	2008-02-06 00:36:06 +00:00
obache	af85d259cd	Update p5-IO-Socket-SSL to 1.13. ... v1.13 - removed CLONE_SKIP which was added in 1.03 because this breaks windows forking. Handled threads/windows forking better by making sure that CTX from Net::SSLeay gets not freed multiple times from different threads after cloning/forking - removed setting LocalPort to 0 in tests, instead leave it undef if a random port should be allocated. This should fix build problems with 5.6.1. Thanks to <andrew[DOT]benham[AT]thus[DOT]net>	2008-02-05 11:36:04 +00:00
reed	dd348daae9	Increase the BUILDLINK_API_DEPENDS.gnutls to at least gnutls>=1.2.6 ... which is still very old. This fixes problem where building something depending on gnutls when old gnutls is already installed using liblzo won't buildlink because lzo is not installed. This forces a newer gnutls to be installed that uses lzo instead.	2008-01-31 01:04:26 +00:00
obache	f3bc31c6d2	Need to allow leading underscore of OPENPAM_VERSION for old(?) version.	2008-01-29 00:52:58 +00:00
adam	e3d0110329	Changes 2.1.16: ... Unfortunate bug introduced in 2.1.15 that broke generated firewall script for iptables in case option "use iptables-restore" was on is fixed in this release. Additional checks were added to the generated script for iptables to improve error detection and make sure the GUI properly detects when it terminates with error. Support for load balancing with PF was also added.	2008-01-28 20:34:54 +00:00
bjs	a7c1b4774c	Remove leading underscore from OPENPAM_VERSION for BUILTIN_VERSION.openpam, ... as openpam "Hydrangea" now defines OPENPAM_VERSION. This caused the version inquiry to fail.	2008-01-28 01:15:26 +00:00
rillig	654940226e	pkglint says: ... ERROR: security/dsniff/Makefile.common:4: PKGREVISION must not be set outside the package Makefile.	2008-01-28 00:45:26 +00:00
heinz	d3b842b4ee	Updated to version 1.05. ... Pkgsrc changes: - Added missing HOMEPAGE. - The package supports installation to DESTDIR. - A C compiler is necessary. Changes since version 0.05: =========================== 1.05 - Fri Nov 9 05:39:09 2007 * This version fixes the signed integer problems that Solaris had. * Now this module require perl 5.6. * You don't need to upgrade if your system isn't Solaris. 1.04 - Mon Oct 15 14:27:00 2007 * Quashed warnings about overflows by casting numbers to unsigned ints. * This compiles warning-free and passes all tests on Solaris 10 with gcc 3.4.6, so it might take care of RT # 27632 1.04_02 - Wed Sep 19 19:24:06 2007 * remove test files that shouldn't be there 1.04_01 - Wed Sep 12 15:34:24 2007 * This developer release explores the Solaris bug noted in RT # 27632. Some Solaris installations may be encrypting or decrpyting incorrectly. 1.04 - Fri Feb 23 11:20:44 2007 * Todd Ross adjusted rijndael.h to use __sun to identify Solaris boxes. GCC uses __sun__ or __sun, but Solaris cc only uses __sun : http://blogs.sun.com/morganh/date/20060928 * If you've already compiled this module, you don't need to upgrade 1.03 - Thu Feb 22 15:42:04 2007 * Updated distro to include missing Pod tests * No code changes 1.02 - Thu Jan 25 14:48:51 2007 * Updated docs to show cipher modes. No need to upgrade if you already have this. 1.01 - Wed Jan 10 19:14:14 2007 * Bump to a release version. This is the same as 0.06_10. * This release should fix the problems with INT types on all platforms, including 64 bit platforms. 0.06_10 - Wed Jan 10 00:35:10 2007 * Let's try the int type for MinGW:wq 0.06_09 - Fri Dec 15 08:12:02 2006 * Updated header file to handle Solaris special case * I think this might be the release candidate for 0.07! :) 0.06_08 - Wed Nov 29 19:51:33 2006 * Adjusting WIN32 targets for typedefs. Some things look like both Unix and Windows, so I don't want compilers to choke if it tries to redefine types. 0.06_07 - Mon Nov 27 10:37:18 2006 * more header file fiddling to get everyone to define the right abstract types. This time check for _SYS_TYPES_H 0.06_06 - Fri Nov 17 14:56:19 2006 * Fooled with header file some more, and tested it myself on Cygwin. Instead of checking for WIN32, just check for __CYGWIN__ 0.06_05 - Fri Nov 17 11:13:25 2006 * The last two revisions seem to not define UINTxx and ends up with a parse error. Let's try this, as I go off to dig out my Windows box. 0.06_04 - Wed Nov 15 14:43:37 2006 * Try UINT patch from David Golden to get this to work on MinGW 0.06_03 - Wed Nov 15 11:07:08 2006 * Re-jiggered logic to define UINT32 and UINT8. First I'll try sys/types.h, then check if they are already defined elsewhere, and lastly hardcode the typedefs based on platform. The previous release (0.06_02) had some problems on Windows from conflicting typedefs (similar to the cygwin problems with libjpeg and X), so I guard my typedefs by checking for previous definitions. Let's hope those previous definitions are right :) 0.06_02 - Sun Nov 12 16:23:07 2006 * Let's try some hardcoded types for UINT(32|8) for Windows. 0.06_01 - Sun Nov 12 10:38:56 2006 * Adjust version number to match distro number (RT #4227) * Use <sys/types.h> instead of hard-coding (RT #22755, 9514, 18812, 1444, 503). * This module is now maintained by brian d foy (bdfoy@cpan.org)	2008-01-25 02:26:31 +00:00
tnn	e7a9a2bf1a	Update dependency, it builds with openssl-0.9.8	2008-01-24 11:14:26 +00:00
tnn	9d74e63476	Append {,nb*} to a dependency.	2008-01-24 11:10:53 +00:00
obache	9dff4b5d40	Also used by security/cy2-ldapdb/Makefile.	2008-01-23 08:53:06 +00:00
taca	4ed365d3bc	Distribution file was changed after sudo 1.6.9p12 was released. :-( ... config.h.in configure configure.in ldap.c Add DIST_SUBDIR to handle this situation. Bump PKG_REVISION.	2008-01-22 12:45:24 +00:00
obache	ffcb11f500	Fixed pattern to strip nb*.	2008-01-22 10:56:16 +00:00
taca	cd62454d80	Update sudo package to 1.6.9p12. ... Changes from 1.6.9p11: 641) Added a configure check for the ber_set_option() function. 642) Fixed a compilation problem with the HP-UX K&R C compiler. 643) Revamped the Kerberos 5 ticket verification code. 644) Added support for the checkpeer ldap.conf variable for netscape-based LDAP SDKs. 645) Fixed a problem where an incomplete password could be echoed to the screen if there was a read timeout.	2008-01-21 16:38:57 +00:00
tnn	ad6ceadd25	Per the process outlined in revbump(1), perform a recursive revbump ... on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@	2008-01-18 05:06:18 +00:00
tnn	5b7fef9e0c	Update to openssl-0.9.8g. Provided by Jukka Salmi in pkgsrc-wip. ... pkgsrc notes: o Tested on NetBSD/i386 (Jukka Salmi), Mac OSX 10.5 (Adrian Portelli), Linux (Jeremy C. Reed), Tru64 5.1b (tnn), HP-UX 11i (tnn). Because the Makefile system has been rewamped, other platforms may require fixes. Please test if you can. o OpenSSL can now be built with installation to DESTDIR. Overview of important changes since 0.9.7i: o Add gcc 4.2 support. o DTLS improvements. o RFC4507bis support. o TLS Extensions support. o RFC3779 support. o New cipher Camellia o Updated ECC cipher suite support. o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). o Zlib compression usage fixes. o Major work on the BIGNUM library for higher efficiency and to make operations more streamlined and less contradictory. This is the result of a major audit of the BIGNUM library. o Addition of BIGNUM functions for fields GF(2^m) and NIST curves, to support the Elliptic Crypto functions. o Major work on Elliptic Crypto; ECDH and ECDSA added, including the use through EVP, X509 and ENGINE. o New ASN.1 mini-compiler that's usable through the OpenSSL configuration file. o Added support for ASN.1 indefinite length constructed encoding. o New PKCS#12 'medium level' API to manipulate PKCS#12 files. o Complete rework of shared library construction and linking programs with shared or static libraries, through a separate Makefile.shared. o Rework of the passing of parameters from one Makefile to another. o Changed ENGINE framework to load dynamic engine modules automatically from specifically given directories. o New structure and ASN.1 functions for CertificatePair. o Changed the key-generation and primality testing "progress" mechanism to take a structure that contains the ticker function and an argument. o New engine module: GMP (performs private key exponentiation). o New engine module: VIA PadLOck ACE extension in VIA C3 Nehemiah processors. o Added support for IPv6 addresses in certificate extensions. See RFC 1884, section 2.2. o Added support for certificate policy mappings, policy constraints and name constraints. o Added support for multi-valued AVAs in the OpenSSL configuration file. o Added support for multiple certificates with the same subject in the 'openssl ca' index file. o Make it possible to create self-signed certificates using 'openssl ca -selfsign'. o Make it possible to generate a serial number file with 'openssl ca -create_serial'. o New binary search functions with extended functionality. o New BUF functions. o New STORE structure and library to provide an interface to all sorts of data repositories. Supports storage of public and private keys, certificates, CRLs, numbers and arbitrary blobs. This library is unfortunately unfinished and unused withing OpenSSL. o New control functions for the error stack. o Changed the PKCS#7 library to support one-pass S/MIME processing. o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). o New X509_VERIFY_PARAM structure to support parametrisation of X.509 path validation. o Change the default digest in 'openssl' commands from MD5 to SHA-1. o Added support for DTLS. o New BIGNUM blinding. o Added support for the RSA-PSS encryption scheme o Added support for the RSA X.931 padding. o Added support for files larger than 2GB. o Added alternate pkg-config files.	2008-01-17 06:42:47 +00:00
rillig	580cfc0748	Needs libz. ... From PR 37760.	2008-01-15 13:36:37 +00:00
adrianp	69310b4399	-audit-packages	2008-01-13 20:20:33 +00:00
adrianp	a8d77ab08a	Retire audit-packages in favour of pkg_install>=20070714. ... All functionality in this package is now in pkg_install>=20070714. As discussed on pkgsrc-users@ and OK'ed by agc@.	2008-01-13 20:20:06 +00:00
wiz	e11174603f	Update to 1.4.8: ... Noteworthy changes in version 1.4.8 (2007-12-20) ------------------------------------------------ ******************************************* * A decade of GnuPG: g10-0.0.0.tar.gz was * * released exactly 10 years ago. * ******************************************* * Changed the license to GPLv3. * Improved detection of keyrings specified multiple times. * Changes to better cope with broken keyservers. * Minor bug fixes. * The new OpenPGP standard is now complete, and has been published as RFC-4880. The GnuPG --openpgp mode (note this is not the default) has been updated to match the new standard. The --rfc2440 option can be used to return to the older RFC-2440 behavior. The main differences between the two are "--enable-dsa2 --no-rfc2440-text --escape-from-lines --require-cross-certification". * By default (i.e. --gnupg mode), --require-cross-certification is now on. --rfc2440-text and --force-v3-sigs are now off. * Allow encryption using legacy Elgamal sign+encrypt keys if option --rfc2440 is used. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 signatures will continue to work.	2008-01-13 16:23:55 +00:00
drochner	0d926fe456	update to 2.20.3 ... changes: minor fixes	2008-01-11 14:02:42 +00:00
drochner	f752f295cb	update to 2.20.3 ... changes: translation updates	2008-01-11 13:56:56 +00:00
heinz	9ab1ed4dab	Updated to version 1.32. ... Pkgsrc changes: - Requires p5-Test-Exception and p5-Test-Warn for building and p5-MIME-Base64 for running. The modules p5-Array-Compare, p5-Sub-Uplevel and p5-Tree-DAG_Node are only used through p5-Test-Warn. Opened bug id 32172 at rt.cpan.org for this. - Needs a C compiler. - Specified prefix for OpenSSL in order to avoid adding any search paths to inc/Module/Install/PRIVATE/Net/SSLeay.pm. - No more interactive questions (PERL_MM_USE_DEFAULT). Changes since version 1.30: =========================== - Mike McCauley and Florian Ragwitz maintain this module now 1.31_01 02.07.2007 - Only bind X509_STORE_set_trust #if OPENSSL_VERSION_NUMBER >= 0x0090800fL - Removed %Filenum_Objects from Net::SSLeay::Handle so unused handles will be freed. - Use ppport.h. - improved openssl path guessing, forcing openssl path now requires the -path flag (caution: incompatible flag change) Path guessing works on windows too. mikem, with patches from Stas Bekman - Added /usr/sfw/bin/openssl to path guessing for Open Solaris, suggested by Igor Boehme. - Fixed a problem with X509_get_subjectAltNames not working when the subjectAltNAmes are the first extension. Reported by Achim Grolms 1.31_02 14.07.2007 - Fix linking problems on Windows. Tested with VC++ 6.0, Shining Light 0.9.7L on Windows Server 2003 with ActivePerl 5.8.8.820. Also tested with OpenSSL 0.9.8e compiled from source. - Unable to get working systems when compiling with MS Visual Studio Express 2005. Contributions requested. This may be relevant: http://www.itwriting.com/blog/?postid=261&replyto=2542 - Fixed a number of minor compile warnings on Windows - Updated README.Win32 to define building procedures on Windows - Fixed incorrect test failure reports in 08_external. - Add parens to function calls in Makefile.PL to prevent warnings with some perls. - Tested on Sparc Solaris 8, Sparc Solaris 10, OpenSuSE 10.2 x64, OpenSuSE 10.0 x86, FreeBSD 6.0 x86, Ubuntu 6.10, Fedora Core 6 x86 - Changed type of SSL_set_info_callback args to stop compiler warnings on Windows - Removed auto_include from Makefile.PL - Removed build_requires('Test::NoWarnings') from Makefile.PL - Testing with Strawberry Perl on Windows XP SP2, added doc to README.Win32 - Testing with Perl CamelPack 5.8.7 on Windows XP SP2,added doc to README.Win32 1.32 03.08.2007 - Don't let the tests die when something unexpected happens. Just BAIL_OUT. - Some Win32 improvements.	2008-01-09 00:47:00 +00:00
adrianp	ed22d64afa	Fix builds on Darwin	2008-01-08 17:02:11 +00:00
heinz	239a1650c5	Updated to version 5.45. ... Pkgsrc changes: - Added explicit licence identification. Changes since version 5.44: =========================== 5.45 Tue Jun 26 02:36:00 MST 2007 - extended portability to earlier Perls -- works on Perl 5.003 and later -- thanks to Jim Doble for testing on legacy platforms - updated META.yml to conform to current META spec (1.3) - minor documentation fixes	2008-01-08 15:11:25 +00:00
heinz	c4641b5471	Updated to version 0.25. ... Pkgsrc changes: - A C compiler is necessary. - Added explicit license identification. - Removed patch-ab (fixed upstream). Changes since version 0.24: =========================== 0.25 Sun May 20 2007 12:56:11 - Add a LICENSE file. - Fix a bug (reported by many) in rsa.t - we were incorrectly counting the number of tests in situations where use_sha512_hash was not available.	2008-01-08 15:01:55 +00:00
heinz	aa79a95655	Updated to version 0.04. ... Pkgsrc changes: - The package supports installation to DESTDIR. - A C compiler is necessary. - Added explicit license identification. Changes since version 0.03: =========================== 0.04 Sun May 20 13:41:04 2007 - Add a LICENSE file. - Better use of types.	2008-01-08 14:48:35 +00:00
heinz	12b563509f	Updated to version 0.04. ... Pkgsrc changes: - The package supports installation to DESTDIR. - A C compiler is necessary. - Added explicit license identification. Changes since version 0.03: =========================== 0.04 Sun May 20 2007 13:08:23 - Add a LICENSE file. - Add -DOPENSSL_NO_KRB5 to DEFINE to keep redhat happy.	2008-01-08 14:36:51 +00:00
joerg	6cf0f6c49c	Fix builtin.mk logic for thread feature if no native OpenSSL exists. ... Fixes PR pkg/37699 from Aleksey Cheusov.	2008-01-07 15:51:08 +00:00
taca	5fe02749ec	Update sudo package to 1.6.9p11. ... 637) Fixed a compilation problem on SCO related to how they store the high resolution timestamps in struct stat. 638) Avoid checking the passwd file group multiple times in the LDAP query when the user's passwd group is also listed in the supplemental group vector. 639) The URI specifier can now be used in ldap.conf even when the LDAP SDK doesn't support ldap_initialize(). 640) New %p prompt escape that expands to the user whose password is being prompted, as specified by the rootpw, targetpw and runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.	2008-01-06 16:08:24 +00:00
rillig	d5a1ab0577	Fixed a few pkglint warnings.	2008-01-05 20:41:25 +00:00
obache	50a4f19df7	Change MASTER_SITES to locatoin for old archive, ... noticed by Zafer Aydogan in private mail.	2008-01-05 05:25:21 +00:00
obache	e1b59f625b	Change MASTER_SITES to new location, noticed by Zafer Aydogan in private mail. ... Also change HOMEPAGE.	2008-01-05 05:23:23 +00:00
obache	1181cc43a1	Old url is not available now, noticed by Zafer Aydogan in private mail. ... Switch HOMEPAGE and MASTER_SITES to new location.	2008-01-05 05:09:09 +00:00
obache	5dc3470702	*.tbz does not exist now, noticed by Zafer Aydogan in private mail. ... Switch to *.tgz, no differ from *.tbz.	2008-01-05 05:06:52 +00:00
obache	6763497ac0	Change HOMEPAGE and MASTER_SITES to new location.	2008-01-05 05:00:37 +00:00
heinz	23c9f186f1	The package needs a C compiler.	2008-01-04 22:20:31 +00:00
rillig	7f791603aa	Removed the special-case handling of PKG_SYSCONFDIR for NetBSD. Now the ... configuration files are installed in the usual pkgsrc place, not in /etc. PKGREVISION++ Ok'ed by jlam@.	2008-01-04 22:08:09 +00:00
adrianp	4eb48dab26	Update to 2.1.4 ... 27 Nov 2007 - 2.1.4 ------------------- * Updated included Core Ruleset to version 1.5 and noted in the docs that XML support is required to use the rules without modification. * Fixed an evasion FP, mistaking a multipart non-boundary for a boundary. * Fixed multiple warnings on Solaris and/or 64bit builds. * Do not process subrequests in phase 2-4, but do hand off the request data. * Fixed a blocking FP in the multipart parser, which affected Safari. 11 Sep 2007 - 2.1.3 ------------------- * Updated multipart parsing code adding variables to allow checking for various parsing issues (request body abnormalities). * Allow mod_rpaf and mod_extract_forwarded2 to work before ModSecurity. * Quiet some compiler warnings. * Do not block internal ErrorDocument requests after blocking request. * Added ability to compile without an external API (use -DNO_MODSEC_API). 27 Jul 2007 - 2.1.2 ------------------- * Cleaned up and clarified some documentation. * Update included core rules to latest version (1.4.3). * Enhanced ability to alert/audit failed requests. * Do not trigger "pause" action for internal requests. * Fixed issue with requests that use internal requests. These had the potential to be intercepted incorrectly when other Apache httpd modules that used internal requests were used with mod_security. * Added Solaris and Cygwin to the list of platforms not supporting the hidden visibility attribute. * Fixed decoding full-width unicode in t:urlDecodeUni. * Lessen some overhead of debugging messages and calculations. * Do not try to intercept a request after a failed rule. This fixes the issue associated with an "Internal Error: Asked to intercept request but was_intercepted is zero" error message. * Added SecAuditLog2 directive to allow redundent concurrent audit log index files. This will allow sending audit data to two consoles, etc. * Small performance improvement in memory management for rule execution.	2008-01-04 10:05:51 +00:00
rillig	8159318d33	Install the binaries readable for the owner, so that a package can be ... created in unprivileged pkgsrc mode. PKGREVISION++	2008-01-03 23:17:47 +00:00
adrianp	f1462904ad	Look out for the case where audit-packages is already installed with the ... base OS on NetBSD.	2008-01-02 09:00:34 +00:00
heinz	b55970381a	Replaced outdated mirrors by working mirrors.	2007-12-30 13:42:29 +00:00
obache	583c31e60c	* Honor PKGMANDIR and PKG_SYSCONFBASE. ... * Install config files by CONF_FILES instead of install directly. * Correct path of tools and config in sample config files and a manual page. * Add DESTDIR support. Bump PKGREVISION.	2007-12-30 09:15:36 +00:00
tron	5105fb8b30	Recognize the MIT Kerberos bundled with Mac OS X Leopard.	2007-12-28 15:27:24 +00:00
obache	ecdc58e2bd	This package uses BSD Makefile. ... Honor PKGMANDIR and DESTDIR ready.	2007-12-28 12:27:20 +00:00
obache	fbffa9a69b	Require pre-created sbin directory.	2007-12-28 11:51:42 +00:00
obache	b33dc97d95	DESTDIR ready.	2007-12-28 11:47:24 +00:00
obache	5bcacb16f6	Fixes invalid lvalue in assignment.	2007-12-28 11:45:42 +00:00
obache	9ad21a5b6e	Also need for NetBSD.	2007-12-28 05:13:23 +00:00
obache	35eed689d9	Switch to SUBST framework.	2007-12-28 05:01:47 +00:00
obache	b1fe4da4d5	Honor PKGMANDIR.	2007-12-28 04:22:43 +00:00
gdt	efee29e6e8	Remove deprecated "fee-based commercial use" license for idea, mdc2, ... rc5, and replace with {idea,mdc2,rc5}-nonlicense. Because pkgsrc does not yet handle multiple licenses, set LICENSE to openssl-patented-algorithms-nonlicense.	2007-12-27 23:41:42 +00:00
adrianp	5723ca178b	Add a PCRE bl3 depends to fix builds (found by DragonFly bulk builds) ... PKGREVISION++	2007-12-27 16:39:07 +00:00
joerg	2e20c7d21d	Explicitly depend on Perl. Bump revision.	2007-12-27 16:31:23 +00:00
obache	3be1e9beac	Change MASTER_SITES to archive directory, 1.4.11 only exsits in it.	2007-12-27 15:46:00 +00:00
obache	83dfac88b1	Try to create target directories before install manuals.	2007-12-27 15:06:02 +00:00
obache	b992f36697	Try to fix build problem on NetBSD, use the same strategies as DragonFly.	2007-12-27 14:13:58 +00:00
markd	48ae334282	Now that package is installed into qt4 subdirectory, pkg-config can't ... find the qca2.pc file so copy to where it can. OKed jdolecek. Bump PKGREVISION.	2007-12-25 20:09:47 +00:00
jdolecek	07910e4767	restore security/qca-tls to state on pkgsrc-2007Q3-base tag (just before ... the removal), rather then revision 1.1 of all files, used for original revival test compiled on Mac OS X 10.5	2007-12-23 21:05:51 +00:00
jdolecek	124723b3de	install qca2 files into qt4 subdirectory, so that qca 1.x and qca2 could ... be installed at the same time bump PKGREVISION	2007-12-22 19:36:27 +00:00
joerg	17adb7cfd1	I18N (PR 37581) and DESTDIR support.	2007-12-21 20:35:36 +00:00
taca	dca1f5683b	Update sudo pacakge to 1.6.9p10. ... Major changes since Sudo 1.6.9p9: o Moved LDAP options into a table for simplified parsing/setting. o Fixed a problem with how some LDAP options were being applied. o Added support for connecting directly to LDAP servers via SSL/TLS for servers that don't support the start_tls extension.	2007-12-21 03:12:34 +00:00
jdolecek	96641aef3f	install qca2 files into qt4 subdirectory, so that qca 1.x and qca2 could ... be installed at the same time; also speedup build by disabling building tests and other miscellaneous cleanup bump PKGREVISION	2007-12-21 00:19:43 +00:00
jdolecek	550c7f21f9	put back qca-tls, add qca2 and qca2-ossl	2007-12-20 21:21:16 +00:00
jdolecek	e210ff0a0a	move back to version 1.0 for security/qca and re-add security/qca-tls ... (for qca 1.x), so that kdenetwork3 works again XXX these should be renamed to qca1* after current freeze	2007-12-20 20:37:21 +00:00
jdolecek	4188ec7c1a	files moved to security/qca2-ossl	2007-12-20 20:21:03 +00:00
jdolecek	bfb290e37b	reimport security/qca-ossl as security/qca2-ossl (it's qca 2.x only)	2007-12-20 20:20:17 +00:00
jdolecek	99087ddfcd	re-import security/qca version 2.0.0 as security/qca2 in preparation for ... having both qca 1.x and qca 2.x in tree	2007-12-20 20:17:47 +00:00
jdolecek	65df391662	add qca-ossl	2007-12-19 13:05:42 +00:00
jdolecek	ddb6d04cf4	Add qca-ossl 2.0.0-beta3 - OpenSSL plugin for security/qca	2007-12-19 13:05:05 +00:00
jdolecek	9e0b36c71a	remove qca-tls - it's replaced by qca-ossl in QCA 2.x	2007-12-19 13:02:11 +00:00
jdolecek	058acc3df0	Update qca to version 2.0.0 (needed for update of chat/psi). Change list ... is not available, but the project now depends on QT 4.2 and was incorporated into KDE4 too	2007-12-19 13:01:36 +00:00
drochner	a667d0e7df	pull in pam.buildlink3.mk for proper handling of the various PAM ... versions, fixes PR pkg/37545 by Ondrej Tuma, and makes special handling of Darwin unnecessary (tested by Matthias Scheler)	2007-12-17 16:45:11 +00:00
bjs	6e1399f17e	Update to version 1.7.1. ... Changes: Update to version 1.7.1. Changes: v1.7.1 (Amy) 10jun07 -------------------- * windows SSH agent support can use the 'ctypes' module now if 'win32all' is not available [patch from alexander belchenko] * SFTPClient.listdir_attr() now preserves the 'longname' field [patch from wesley augur] * SFTPClient.get_channel() API added * SSHClient constuctor takes an optional 'timeout' parameter [patch from james bardin] v1.7 (zubat) 18feb07 -------------------- * added x11 channel support (patch from david guerizec) * added reverse port forwarding support * (bug 75370) raise an exception when contacting a broken SFTP server * (bug 80295) SSHClient shouldn't expand the user directory twice when reading RSA/DSS keys * (bug 82383) typo in DSS key in SSHClient * (bug 83523) python 2.5 warning when encoding a file's modification time * if connecting to an SSH agent fails, silently fallback instead of raising an exception v1.6.4 (yanma) 19nov06 ---------------------- * fix setup.py on osx (oops!) * (bug 69330) check for the existence of RSA/DSA keys before trying to open them in SFTPClient * (bug 69222) catch EAGAIN in socket code to workaround a bug in recent Linux 2.6 kernels * (bug 70398) improve dict emulation in HostKeys objects * try harder to make sure all worker threads are joined on Transport.close() v1.6.3 (xatu) 14oct06 --------------------- * fixed bug where HostKeys.__setitem__ wouldn't always do the right thing * fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from mike barber] * try harder not to raise EOFError from within SFTPClient * fixed bug where a thread waiting in accept() could block forever if the transport dies [patch from mike looijmans] v1.6.2 (weedle) 16aug06 ----------------------- * added support for "old" group-exchange server mode, for compatibility with the windows putty client * fixed some more interactions with SFTP file readv() and prefetch() * when saving the known_hosts file, preserve the original order [patch from warren young] * fix a couple of broken lines when exporting classes (bug 55946) v1.6.1 (vulpix) 10jul06 ----------------------- * more unit tests fixed for windows/cygwin (thanks to alexander belchenko) * a couple of fixes related to exceptions leaking out of SFTPClient * added ability to set items in HostKeys via __setitem__ * HostKeys now retains order and has a save() method * added PKey.write_private_key and PKey.from_private_key v1.6 (umbreon) 10may06 ---------------------- * pageant support on Windows thanks to john arbash meinel and todd whiteman * fixed unit tests to work under windows and cygwin (thanks to alexander belchenko for debugging) * various bugfixes/tweaks to SFTP file prefetch * added SSHClient for a higher-level API * SFTP readv() now yields results as it gets them * several APIs changed to throw an exception instead of "False" on failure	2007-12-14 13:35:04 +00:00
rhaen	c9222026c9	- added DESTDIR support ... - added USE_TOOLS - it should build now on NetBSD, Dragonfly - new maintainer - PKGREVISION bump	2007-12-13 12:02:09 +00:00
wiz	b524dc18ff	Reset maintainer on his request.	2007-12-12 20:42:28 +00:00
adam	ad2a3bc804	Changes 2.1.15: ... * Bug fix release	2007-12-12 17:59:20 +00:00
taca	a208a673da	sudo-1.6.9p9.tar.gz was updated now. So, introduce DIST_SUBDIR and ... bump PKGREVISION. A little bug fix seems to applied. -rw-r--r-- 1 taca taca 578259 Dec 3 19:38 sudo-1.6.9p9.tar.gz-prev -rw-r--r-- 1 taca taca 578262 Dec 5 00:27 sudo-1.6.9p9.tar.gz diff -dupNr sudo-1.6.9p9-20071203/parse.c sudo-1.6.9p9/parse.c --- sudo-1.6.9p9-20071203/parse.c 2007-11-28 08:29:59.000000000 +0900 +++ sudo-1.6.9p9/parse.c 2007-12-05 00:26:40.000000000 +0900 @@ -90,7 +90,7 @@ #endif /* HAVE_EXTENDED_GLOB */ #ifndef lint -__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.14 2007/10/24 16:43:27 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.15 2007/12/04 15:26:40 millert Exp $"; #endif /* lint */ /* @@ -202,7 +202,7 @@ sudoers_lookup(pwflag) return(VALIDATE_OK | (no_passwd == TRUE ? FLAG_NOPASS : 0) | (no_execve == TRUE ? FLAG_NOEXEC : 0) | - (setenv_ok == TRUE ? FLAG_SETENV : 0)); + (setenv_ok >= TRUE ? FLAG_SETENV : 0)); } else if ((runas_matches == TRUE && cmnd_matches == FALSE) || (runas_matches == FALSE && cmnd_matches == TRUE)) { /* @@ -212,7 +212,7 @@ sudoers_lookup(pwflag) return(VALIDATE_NOT_OK | (no_passwd == TRUE ? FLAG_NOPASS : 0) | (no_execve == TRUE ? FLAG_NOEXEC : 0) | - (setenv_ok == TRUE ? FLAG_SETENV : 0)); + (setenv_ok >= TRUE ? FLAG_SETENV : 0)); } } top--; diff -dupNr sudo-1.6.9p9-20071203/sudo.c sudo-1.6.9p9/sudo.c --- sudo-1.6.9p9-20071203/sudo.c 2007-12-03 02:13:52.000000000 +0900 +++ sudo-1.6.9p9/sudo.c 2007-12-04 01:12:03.000000000 +0900 @@ -730,8 +730,10 @@ parse_args(argc, argv) while (NewArgc > 0) { if (NewArgv[0][0] == '-') { - if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') + if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') { warnx("please use single character options"); + usage(1); + } switch (NewArgv[0][1]) { case 'p':	2007-12-05 10:07:14 +00:00
taca	498d04a83c	Update sudo package to 1.6.9p9. ... Major changes since Sudo 1.6.9p8: o The ALL command in sudoers now implies SETENV permissions. o The command search is now performed using the target user's auxiliary group vector, not just the target's primary group. o When determining if the PAM prompt is the default "Password: ", compare the localized version if possible. o New passprompt_override option in sudoers to cause sudo's prompt to be used in all cases. Also set when the -p flag is used.	2007-12-05 04:14:42 +00:00
wiz	0e3f271eab	Remove Ex-MASTER_SITEs. From Zafer Aydogan.	2007-12-02 12:22:45 +00:00
wiz	a40a8b4e34	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 12:20:12 +00:00
wiz	198adbc012	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 11:37:24 +00:00
wiz	f109fb13b1	Remove Ex-MASTER_SITEs. From Zafer Aydogan.	2007-12-02 11:35:41 +00:00
wiz	48aee8ab57	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 11:31:49 +00:00
rillig	f338d15c24	Some more packages need lex and yacc. Patch by Aleksey Cheusov on ... pkgsrc-users.	2007-12-02 08:32:23 +00:00
rillig	82f6e28d42	Updated crypto++ to 5.5.2. ... Changes since 5.2.1: 5.2.2 - added SHA-224 - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL 5.2.3 - fixed issues with FIPS algorithm test vectors - put RSASSA-ISO into DLL 5.3 - ported to MSVC 2005 with support for x86-64 - added defense against AES timing attacks, and more AES test vectors - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR" 5.4 - added Salsa20 - updated Whirlpool to version 3.0 - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly) - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20, Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2) - optimized Camellia and added defense against timing attacks - updated benchmarks code to show cycles per byte and to time key/IV setup - started using OpenMP for increased multi-core speed - enabled GCC optimization flags by default in GNUmakefile - added blinding and computational error checking for RW signing - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce the risk of reusing random numbers and IVs after virtual machine state rollback - changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to AutoSeededX917RNG<AES> - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak" - removed HAVAL, MD5-MAC, XMAC 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64) - fixed Salsa20 initialization crash on non-SSE2 machines - fixed Whirlpool crash on Pentium 2 machines - fixed possible branch prediction analysis (BPA) vulnerability in MontgomeryReduce(), which may affect security of RSA, RW, LUC - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library - fixed crash in SSE2_Add on P4 machines when compiled with MSVC 6.0 SP5 with Processor Pack - added support for newly released compilers: MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0, and Borland C++Builder 2007	2007-12-01 04:17:50 +00:00
wiz	a34ac258dd	Bump PKGREVISION because openexr now depends on ilmbase.	2007-11-30 21:55:01 +00:00
rillig	ff6d0eddfa	Discard the -mcpu=i686 option for the C++ compiler, since g++4 doesn't ... accept it.	2007-11-30 20:02:39 +00:00
wiz	7461b89fc8	Update to 0.4.13: ... Changes unknown.	2007-11-30 17:22:20 +00:00
drochner	1d77bfd6a8	update to 2.20.2 ... changes: -build fixes (not relevant to pkgsrc) * Don't print out a warning message in applications using libgnome-keyring when non-pageable memory cannot be allocated.	2007-11-29 20:14:26 +00:00
wiz	fb40b4d3d9	Update to 0.6.6: ... Noteworthy changes in version 0.6.6 (2007-11-15) ------------------------------------------------ * Slightly adjust the stream code. The check for fflush is omitted because the return value might be undefined. This fixes a problem reported from the NetBSD team. * Don't use __inline__ in src/cipher.c (breaks on Sun CC).	2007-11-29 16:35:12 +00:00
wiz	05c42389be	Update to 0.57: ... 0.57 2007-09-17 20:45:20 UTC - Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois). - $@ construction used in Net::SSL::connect was messed up, which could lead to sub-optimal error reporting. (Bug #29372 reported by Jan Dubois). - Ensure no proxification is used in t/01-connect.t (which might be the reason for all the spurious smoke failures). Bug #29373 reported by, you guessed it, Jan Dubois). - Silence a dubious fopen() warning in SSLeay.xs. - s/Netware/NetWare/ in Net/SSL.pm platform check - Improvements to Makefile.PL for dealing with platforms where openssl is installed with ./include and ./lib as sibling directories rather than child directories. This should allow the code to configure and build "out of the box" on Solaris (and probably other proprietary platforms). - Don't carp in LICENSE key addition code in Makefile.PL 0.56_01 2007-08-09 21:59:47 UTC - Various improvements to the Win32 configure code in Makefile.PL, based on CPAN tickets #28431 and #28432, by Guenter Knauf, notably to allow static linking and OpenSSL living in a relative directory. - Net::SSL: alarm() is not implemented on Netware platform, so don't try to set one there. (Guenter Knauf). - Should build on Solaris correctly (bug fix in include dir specification). Based on fix suggested in CPAN bug #28680. 0.56 2007-07-10 19:08:20 UTC - Purely a documentation issue raised by CPAN bug #27935. Users of previous versions do not need to upgrade.	2007-11-29 14:16:37 +00:00
jlam	b250f2c691	Document where this file is included.	2007-11-27 16:27:30 +00:00
adam	028262906e	Changes 184: ... * fix for BUG 312: pam_ldap does not try to reconnect when LDAP server closed the connection	2007-11-27 08:27:06 +00:00
wiz	4f0bb18778	Update to 2.0.4: ... * Version 2.0.4 (released 2007-11-16) ** Corrected bug in decompression of expanded compression data. ** API and ABI modifications: No changes since last version.	2007-11-25 23:45:15 +00:00
adrianp	a30ed56204	- 11/20/2007 1.3.9 (anne) ... - Update to Spanish -- David Gil - Bug 1750697 base_header() is undefined fixed -- Juergen and Kevin Johnson - Bug 1680965 sans lookup fails -- Jordan Wiens - Updated Chinese language file -- Randy - Added Sean Muller as the Project Manager -- Kevin Johnson - Fixed error in contrib/base-rss.php -- Dan - Added INSTALL and INSTALL.rtf files to docs directory -- Sean Muller - Bug 1801192 XSS bug in BASE fixed -- Kevin Johnson and Sean Muller - Bug 1760615 Sort order ignored -- Kevin Johnson and Jordan Weins	2007-11-25 18:09:53 +00:00
tron	1065fcff24	Fix warning reported by "pkglint".	2007-11-18 23:38:12 +00:00
tron	7cbebdfaeb	Add buildlink3 support file.	2007-11-18 23:37:59 +00:00
wiz	0b09193af9	Reset maintainer for itojun's packages.	2007-11-17 13:40:15 +00:00
rillig	105dd4b97c	Some packages need lex and yacc. Patch by Aleksey Cheusov via ... pkgsrc-users.	2007-11-17 12:04:11 +00:00
rillig	0d736f5a52	By default, chmod follows symlinks, which is not intended here. Patch by ... Lloyd Parkes in PR 37391.	2007-11-16 00:16:29 +00:00
rillig	438bd8aea8	Added a patch that fixes the build on Solaris 10.	2007-11-13 12:04:24 +00:00
heinz	949b357145	Removed ftp7.usa.openbsd.org from MASTER_SITES, doesn't resolve anymore ... in DNS. Mentioned by Zafer Aydogan in PR pkg/37331.	2007-11-12 20:52:14 +00:00
taca	8b69268cf1	- Fix build problem on DragonFly BSD. ... - Reduce patch size. Build problem on DragonFly BSD was noted by YONETANI Tomokazu via private mail.	2007-11-12 11:12:16 +00:00
wiz	a2ced84564	Remove ftp.aet.tu-cottbus.de from MASTER_SITES, doesn't resolve. ... From Zafer Aydogan in PR 37332.	2007-11-12 00:07:48 +00:00
wiz	1a9fb1c283	Remove ftp.ch.pgpi.com from MASTER_SITES, doesn't resolve. ... From Zafer Aydogan in PR 37331.	2007-11-12 00:06:52 +00:00
wiz	499dbfee47	Remove ftp7.usa.openbsd.org from MASTER_SITES, doesn't resolve. ... From Zafer Aydogan in PR 37331.	2007-11-12 00:06:06 +00:00
wiz	32ea59e233	Remove ftp.lothar.com from MASTER_SITES, doesn't resolve. ... From Zafer Aydogan in PR 37328.	2007-11-12 00:04:06 +00:00
wiz	c57b8d02b6	Remove ws.obit.nl from MASTER_SITES, doesn't resolve. ... From Zafer Aydogan in PR 37329.	2007-11-12 00:03:18 +00:00
wiz	37b88d319f	Update to 2.0.3: ... * Version 2.0.3 (released 2007-11-10) ** This version backports several fixes from the 2.1.x branch. ** Fixed PKCS #3 parameter export. ** Added gnutls_record_disable_padding() to allow servers talking to buggy clients that complain if the TLS 1.0 record protocol padding is used. ** Introduced gnutls_session_enable_compatibility_mode() to allow enabling all supported compatibility options (like disabling padding). ** Corrected bug which did not allow a server to run without supporting certificates. ** API and ABI modifications: gnutls_session_enable_compatibility_mode: ADDED gnutls_record_disable_padding: ADDED Add LICENSE, commented out; it contains both LGPL-2.1 and GPL2 code.	2007-11-11 19:28:27 +00:00
martti	9afb20a137	Added commented-out LICENSE=something.	2007-11-11 11:35:48 +00:00
bjs	4e3bb28481	Bump revision, as the resulting binary should differ because it finds ... gpg2.	2007-11-08 21:22:40 +00:00
bjs	179d6dfdcd	Tell gpgme where the gnupg2 binary is should the user build with ... the 'gpgsm' option.	2007-11-08 21:19:22 +00:00
bjs	b9c0db4ce7	Remove space between '=' and "idea" in "PKG_OPTIONS.libgcrypt+= idea". ... This was causing a build failure for gpgme if the package was built with the "idea" option.	2007-11-08 21:06:33 +00:00
wiz	32be62aaa3	Update to 0.6.5: ... Noteworthy changes in version 0.6.5 (2007-10-27) ------------------------------------------------ * Cleanups for the key export and import functionality. * Clarified the semantic of cdk_pk_check_sigs. * Now the by usage keydb function correctly finds the self signature. patch-aa provided by drochner@; sent upstream, will be in next release.	2007-11-08 19:43:37 +00:00
shannonjr	ee670685e1	1) Added configuration arg so that PKG_SYSCONFDIR is honored ... 2) Added missing PLIST entry	2007-11-08 09:56:03 +00:00
shannonjr	9d741e1557	1) Fix incorect patch ... 2) Fix incorrect socket permission	2007-11-07 19:38:12 +00:00
shannonjr	55bd53c608	Added missing entry	2007-11-07 15:26:20 +00:00
shannonjr	33068eba75	Update to 2.0.7. This is maintenance release with a few minor enhancements. ... Changes: * Fixed encryption problem if duplicate certificates are in the keybox. * Add new options min-passphrase-nonalpha, check-passphrase-pattern, enforce-passphrase-constraints and max-passphrase-days to gpg-agent. * Add command --check-components to gpgconf. Gpgconf now uses the installed versions of the programs and does not anymore search via PATH for them.	2007-11-07 15:24:26 +00:00
shannonjr	5d0e9e75a1	Update to 1.0.1. Changes: ... * The option --ocsp-signer may now take a filename to allow several certificates to be valid signers for the default responder. * New option --ocsp-max-period and improved the OCSP time checks. * New option --force-default-signer for dirmngr-client.	2007-11-07 12:43:21 +00:00
shannonjr	d8efb0bb19	Upgrade to 1.0.3. This is a maintenance upgrade. Noteworthy changes in ... version 1.0.3: * New functions assuan_process_done and assuan_inquire_ext to support external event loops. * Changed the license of the library code back to LGPLv2.1 to support a bunch of GPLv2(only) software which does not allow the use of LGPLv3. * Assorted bug fixed and code cleanups.	2007-11-07 11:13:15 +00:00
drochner	4b5e9f8971	update to 2.20.1 ... This switches to the new gnome-2.20 branch.	2007-11-05 19:49:04 +00:00
tron	2c10fdef3b	Fix detection of PAM support under Mac OS X to get "pam_gnome_keyring.la" ... built. Bump package revision because package was previously incomplete and the package list incorrect.	2007-11-04 14:36:05 +00:00
taca	2628c96443	Update sudo package to 1.6.9p8. ... Major changes since Sudo 1.6.9p7: o Fixed a bug where a sudoers entry with no runas user specified was treated differently from a line with the default runas user explicitly specified.	2007-11-04 12:07:24 +00:00
rillig	5282781bd9	Fixed building the package with sunpro.	2007-11-03 23:45:56 +00:00
rillig	dc7f429739	Added MAKE_JOBS_SAFE as suggested in PR 37261.	2007-11-03 22:40:27 +00:00
drochner	e3011dc2e9	update to 2.20.0 ... This switches to the new gnome-2.20 branch.	2007-11-03 17:35:40 +00:00
wiz	adb0276c75	Update to 1.12: ... v1.12 - treat timeouts of 0 for accept_SSL and connect_SSL like no timeout, like IO::Socket does.	2007-11-01 08:31:40 +00:00
drochner	7bbeb9cae3	update to 2.20.1 ... This switches to the new gnome-2.20 branch. (While this is not part of the "platform" subset formally, it is used by platform -- this looks like an inconsistency in gnome packaging.)	2007-10-31 20:20:30 +00:00
jlam	de737429da	Comment out LICENSE=gnu-gpl-v3 for now as part of transition to switching ... pkgsrc to using license.mk. This will eventually be turned back on.	2007-10-31 14:22:55 +00:00
rillig	ece592ed4a	Renamed the deprecated LICENCE to LICENSE, which has the exactly same ... meaning.	2007-10-31 12:29:33 +00:00
martti	9fc7653761	Based on some feedback, comment out the newly added LICENSE=xxx for now. ... I'll re-activate this later when the global license stuff is activated.	2007-10-30 19:31:38 +00:00
martti	f326f1a223	Added LICENSE=modified-bsd	2007-10-30 13:59:38 +00:00
martti	c95b7ca9f8	Added LICENSE=gnu-gpl-v2	2007-10-30 13:57:17 +00:00
shannonjr	4d45d601c7	Update to 0.9.13. Changes: ... - Only perform additional database request when using Sensor localtime: this bring a performance improvement of about 36% on aggregated query, when using either frontend localtime (the default), or UTC time. - JQuery support: Port most of the javascript code to make use of JQuery. Add show/hide effect to CSS popup. More filtering functionality in the SensorListing view. - Cleanup the Authentication class, so that uper Prewikka layer can act depending whether the backend support user creation / deletion. Anonymous authentication is nowa plugin. - Better integration of CGI authentication allowing user listing and deletion. - Report template exception directly to the user. - Fix exception if an alert analyzer name is empty. - Fix problem when adding new Prewikka users (#262). - Fix exception when user has no permission set. - When changing password, we didn't try to match an empty 'current password' (which is a minor issue since the user is already authenticated). Thanks to Helmut Azbest <helmut.azbest@gmail.com> for the fix. - Fix a typo making mod_python use the parent method (patch from Helmut Azbest <helmut.azbest@gmail.com>). - In the configuration file, recognize section even if there are whitespace at the beginning of the line. - Localization fixes, by Sebastien Tricaud <toady@gscore.org>, and Bjoern Weiland.	2007-10-29 21:59:00 +00:00
shannonjr	e3cb2576aa	Update to 0.9.10. Changes: ... - Make threshold act like a real threshold: pass every Nth events in the defined amount of seconds. - Allow mixing Limit and Threshold. - Do not share the tresholding hash accross thresholding plugin instance: previously, the shared hash would result in strange thresholding plugin behavior if you had several instance of thresholding loaded. - Various bug fixes concerning plugin instance un-subscribtion (unsubscribtion of certain plugin was not triggered).	2007-10-29 21:57:17 +00:00
shannonjr	4ee9e5abe2	Update to 0.9.16. Changes: ... - Implement prelude-admin list [-l] command, which provide the ability to list existing profile name, permission, registration permission, analyzerID, and Issuer analyzerid. - Implement multiple analyzer deletion in prelude-admin. - Correct printing of IDMEF time field using non local GMT offset. - Patch to avoid struct typespec redefinition, due to variable mispelling. This fixes a compilation problem on OpenBSD 3.8. - Various bug fixes.	2007-10-29 21:55:30 +00:00
shannonjr	ba17d64c40	PLIST correction	2007-10-29 21:53:24 +00:00
agc	7c64224428	Add and enable snow.	2007-10-29 09:58:43 +00:00