pkgsrc

Author	SHA1	Message	Date
jlam	42b88b10b3	+ Add full DESTDIR support. + Create any required directories with the right ownership and permissions as a "prestart" action in the authdaemond rc.d script. Bump the PKGREVISION to 1.	2008-02-18 20:26:33 +00:00
jlam	c788841be5	Add changes from NetBSD src that add casts to fix warnings on platforms where size_t is unsigned long.	2008-02-18 18:22:18 +00:00
jlam	eb65092610	Update security/openpam to openpam-20071221 (Hydrangea). Changes from version 20050616 (Figwort) include: - ENHANCE: API function arguments are now const where appropriate, to match corresponding changes in the Solaris PAM and Linux-PAM APIs. - ENHANCE: corrected a number of C namespace violations. - ENHANCE: the module cache has been removed, allowing long-lived applications to pick up module changes. This also allows multiple threads to use PAM simultaneously (as long as they use separate PAM contexts), since the module cache was the only part of OpenPAM that was not thread-safe.	2008-02-18 16:48:12 +00:00
apb	5396c32a11	Allow SFS_USER and SFS_GROUP to be overridden, instead of hardcoded to sfs:sfs. Bump PKGREVISION.	2008-02-16 22:06:12 +00:00
apb	babe7e230f	Deal with fourth arg to mount(2) in NetBSD. It appeared between 4.99.23 and 4.99.24.	2008-02-16 22:03:49 +00:00
adrianp	a79f7bfe0b	-msf	2008-02-12 23:13:58 +00:00
adrianp	56d3d50bc1	Remove msf v2.x for a number of reasons: * v3.x is now out * Any patches to update files for where interpreters are get overwritten the next time you update the msf files from metasploit.org. This renders the PLIST useless.	2008-02-12 23:13:36 +00:00
heinz	e97bfc3815	The package supports installation to DESTDIR.	2008-02-07 20:52:58 +00:00
heinz	2861a20fb0	Updated to version 2.24. Pkgsrc changes: - The package supports installation to DESTDIR. Changes since version 2.19: =========================== Revision history for Perl extension Crypt::CBC. 2.24 Fri Sep 28 11:21:07 EDT 2007 - Fixed failure to run under taint checks with Crypt::Rijndael or Crypt::OpenSSL::AES (and maybe other Crypt modules). See http://rt.cpan.org/Public/Bug/Display.html?id=29646. 2.23 Fri Apr 13 14:50:21 EDT 2007 - Added checks for other implementations of CBC which add no standard padding at all when cipher text is an even multiple of the block size. 2.22 Sun Oct 29 16:50:32 EST 2006 - Fixed bug in which plaintext encrypted with the -literal_key option could not be decrypted using a new object created with the same -literal_key. - Added documentation confirming that -literal_key must be accompanied by a -header of 'none' and a manually specificied IV. 2.21 Mon Oct 16 19:26:26 EDT 2006 - Fixed bug in which new() failed to work when first option is -literal_key. 2.20 Sat Aug 12 22:30:53 EDT 2006 - Added ability to pass a preinitialized Crypt::* block cipher object instead of the class name. - Fixed a bug when processing -literal_key.	2008-02-07 20:46:04 +00:00
heinz	a609610359	The package supports installation to DESTDIR. A C compiler is necessary.	2008-02-07 20:27:23 +00:00
tnn	bdcd11f1c3	Needs GNU nroff to format catpages with -mandoc.	2008-02-07 13:24:36 +00:00
tnn	e18489a712	Fix build on HPUX: in HP's alternate universe, MAP_ANON is called MAP_ANONYMOUS.	2008-02-06 00:36:06 +00:00
obache	af85d259cd	Update p5-IO-Socket-SSL to 1.13. v1.13 - removed CLONE_SKIP which was added in 1.03 because this breaks windows forking. Handled threads/windows forking better by making sure that CTX from Net::SSLeay gets not freed multiple times from different threads after cloning/forking - removed setting LocalPort to 0 in tests, instead leave it undef if a random port should be allocated. This should fix build problems with 5.6.1. Thanks to <andrew[DOT]benham[AT]thus[DOT]net>	2008-02-05 11:36:04 +00:00
reed	dd348daae9	Increase the BUILDLINK_API_DEPENDS.gnutls to at least gnutls>=1.2.6 which is still very old. This fixes problem where building something depending on gnutls when old gnutls is already installed using liblzo won't buildlink because lzo is not installed. This forces a newer gnutls to be installed that uses lzo instead.	2008-01-31 01:04:26 +00:00
obache	f3bc31c6d2	Need to allow leading underscore of OPENPAM_VERSION for old(?) version.	2008-01-29 00:52:58 +00:00
adam	e3d0110329	Changes 2.1.16: Unfortunate bug introduced in 2.1.15 that broke generated firewall script for iptables in case option "use iptables-restore" was on is fixed in this release. Additional checks were added to the generated script for iptables to improve error detection and make sure the GUI properly detects when it terminates with error. Support for load balancing with PF was also added.	2008-01-28 20:34:54 +00:00
bjs	a7c1b4774c	Remove leading underscore from OPENPAM_VERSION for BUILTIN_VERSION.openpam, as openpam "Hydrangea" now defines OPENPAM_VERSION. This caused the version inquiry to fail.	2008-01-28 01:15:26 +00:00
rillig	654940226e	pkglint says: ERROR: security/dsniff/Makefile.common:4: PKGREVISION must not be set outside the package Makefile.	2008-01-28 00:45:26 +00:00
heinz	d3b842b4ee	Updated to version 1.05. Pkgsrc changes: - Added missing HOMEPAGE. - The package supports installation to DESTDIR. - A C compiler is necessary. Changes since version 0.05: =========================== 1.05 - Fri Nov 9 05:39:09 2007 * This version fixes the signed integer problems that Solaris had. * Now this module require perl 5.6. * You don't need to upgrade if your system isn't Solaris. 1.04 - Mon Oct 15 14:27:00 2007 * Quashed warnings about overflows by casting numbers to unsigned ints. * This compiles warning-free and passes all tests on Solaris 10 with gcc 3.4.6, so it might take care of RT # 27632 1.04_02 - Wed Sep 19 19:24:06 2007 * remove test files that shouldn't be there 1.04_01 - Wed Sep 12 15:34:24 2007 * This developer release explores the Solaris bug noted in RT # 27632. Some Solaris installations may be encrypting or decrpyting incorrectly. 1.04 - Fri Feb 23 11:20:44 2007 * Todd Ross adjusted rijndael.h to use __sun to identify Solaris boxes. GCC uses __sun__ or __sun, but Solaris cc only uses __sun : http://blogs.sun.com/morganh/date/20060928 * If you've already compiled this module, you don't need to upgrade 1.03 - Thu Feb 22 15:42:04 2007 * Updated distro to include missing Pod tests * No code changes 1.02 - Thu Jan 25 14:48:51 2007 * Updated docs to show cipher modes. No need to upgrade if you already have this. 1.01 - Wed Jan 10 19:14:14 2007 * Bump to a release version. This is the same as 0.06_10. * This release should fix the problems with INT types on all platforms, including 64 bit platforms. 0.06_10 - Wed Jan 10 00:35:10 2007 * Let's try the int type for MinGW:wq 0.06_09 - Fri Dec 15 08:12:02 2006 * Updated header file to handle Solaris special case * I think this might be the release candidate for 0.07! :) 0.06_08 - Wed Nov 29 19:51:33 2006 * Adjusting WIN32 targets for typedefs. Some things look like both Unix and Windows, so I don't want compilers to choke if it tries to redefine types. 0.06_07 - Mon Nov 27 10:37:18 2006 * more header file fiddling to get everyone to define the right abstract types. This time check for _SYS_TYPES_H 0.06_06 - Fri Nov 17 14:56:19 2006 * Fooled with header file some more, and tested it myself on Cygwin. Instead of checking for WIN32, just check for __CYGWIN__ 0.06_05 - Fri Nov 17 11:13:25 2006 * The last two revisions seem to not define UINTxx and ends up with a parse error. Let's try this, as I go off to dig out my Windows box. 0.06_04 - Wed Nov 15 14:43:37 2006 * Try UINT patch from David Golden to get this to work on MinGW 0.06_03 - Wed Nov 15 11:07:08 2006 * Re-jiggered logic to define UINT32 and UINT8. First I'll try sys/types.h, then check if they are already defined elsewhere, and lastly hardcode the typedefs based on platform. The previous release (0.06_02) had some problems on Windows from conflicting typedefs (similar to the cygwin problems with libjpeg and X), so I guard my typedefs by checking for previous definitions. Let's hope those previous definitions are right :) 0.06_02 - Sun Nov 12 16:23:07 2006 * Let's try some hardcoded types for UINT(32\|8) for Windows. 0.06_01 - Sun Nov 12 10:38:56 2006 * Adjust version number to match distro number (RT #4227) * Use <sys/types.h> instead of hard-coding (RT #22755, 9514, 18812, 1444, 503). * This module is now maintained by brian d foy (bdfoy@cpan.org)	2008-01-25 02:26:31 +00:00
tnn	e7a9a2bf1a	Update dependency, it builds with openssl-0.9.8	2008-01-24 11:14:26 +00:00
tnn	9d74e63476	Append {,nb*} to a dependency.	2008-01-24 11:10:53 +00:00
obache	9dff4b5d40	Also used by security/cy2-ldapdb/Makefile.	2008-01-23 08:53:06 +00:00
taca	4ed365d3bc	Distribution file was changed after sudo 1.6.9p12 was released. :-( config.h.in configure configure.in ldap.c Add DIST_SUBDIR to handle this situation. Bump PKG_REVISION.	2008-01-22 12:45:24 +00:00
obache	ffcb11f500	Fixed pattern to strip nb*.	2008-01-22 10:56:16 +00:00
taca	cd62454d80	Update sudo package to 1.6.9p12. Changes from 1.6.9p11: 641) Added a configure check for the ber_set_option() function. 642) Fixed a compilation problem with the HP-UX K&R C compiler. 643) Revamped the Kerberos 5 ticket verification code. 644) Added support for the checkpeer ldap.conf variable for netscape-based LDAP SDKs. 645) Fixed a problem where an incomplete password could be echoed to the screen if there was a read timeout.	2008-01-21 16:38:57 +00:00
tnn	ad6ceadd25	Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@	2008-01-18 05:06:18 +00:00
tnn	5b7fef9e0c	Update to openssl-0.9.8g. Provided by Jukka Salmi in pkgsrc-wip. pkgsrc notes: o Tested on NetBSD/i386 (Jukka Salmi), Mac OSX 10.5 (Adrian Portelli), Linux (Jeremy C. Reed), Tru64 5.1b (tnn), HP-UX 11i (tnn). Because the Makefile system has been rewamped, other platforms may require fixes. Please test if you can. o OpenSSL can now be built with installation to DESTDIR. Overview of important changes since 0.9.7i: o Add gcc 4.2 support. o DTLS improvements. o RFC4507bis support. o TLS Extensions support. o RFC3779 support. o New cipher Camellia o Updated ECC cipher suite support. o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). o Zlib compression usage fixes. o Major work on the BIGNUM library for higher efficiency and to make operations more streamlined and less contradictory. This is the result of a major audit of the BIGNUM library. o Addition of BIGNUM functions for fields GF(2^m) and NIST curves, to support the Elliptic Crypto functions. o Major work on Elliptic Crypto; ECDH and ECDSA added, including the use through EVP, X509 and ENGINE. o New ASN.1 mini-compiler that's usable through the OpenSSL configuration file. o Added support for ASN.1 indefinite length constructed encoding. o New PKCS#12 'medium level' API to manipulate PKCS#12 files. o Complete rework of shared library construction and linking programs with shared or static libraries, through a separate Makefile.shared. o Rework of the passing of parameters from one Makefile to another. o Changed ENGINE framework to load dynamic engine modules automatically from specifically given directories. o New structure and ASN.1 functions for CertificatePair. o Changed the key-generation and primality testing "progress" mechanism to take a structure that contains the ticker function and an argument. o New engine module: GMP (performs private key exponentiation). o New engine module: VIA PadLOck ACE extension in VIA C3 Nehemiah processors. o Added support for IPv6 addresses in certificate extensions. See RFC 1884, section 2.2. o Added support for certificate policy mappings, policy constraints and name constraints. o Added support for multi-valued AVAs in the OpenSSL configuration file. o Added support for multiple certificates with the same subject in the 'openssl ca' index file. o Make it possible to create self-signed certificates using 'openssl ca -selfsign'. o Make it possible to generate a serial number file with 'openssl ca -create_serial'. o New binary search functions with extended functionality. o New BUF functions. o New STORE structure and library to provide an interface to all sorts of data repositories. Supports storage of public and private keys, certificates, CRLs, numbers and arbitrary blobs. This library is unfortunately unfinished and unused withing OpenSSL. o New control functions for the error stack. o Changed the PKCS#7 library to support one-pass S/MIME processing. o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). o New X509_VERIFY_PARAM structure to support parametrisation of X.509 path validation. o Change the default digest in 'openssl' commands from MD5 to SHA-1. o Added support for DTLS. o New BIGNUM blinding. o Added support for the RSA-PSS encryption scheme o Added support for the RSA X.931 padding. o Added support for files larger than 2GB. o Added alternate pkg-config files.	2008-01-17 06:42:47 +00:00
rillig	580cfc0748	Needs libz. From PR 37760.	2008-01-15 13:36:37 +00:00
adrianp	69310b4399	-audit-packages	2008-01-13 20:20:33 +00:00
adrianp	a8d77ab08a	Retire audit-packages in favour of pkg_install>=20070714. All functionality in this package is now in pkg_install>=20070714. As discussed on pkgsrc-users@ and OK'ed by agc@.	2008-01-13 20:20:06 +00:00
wiz	e11174603f	Update to 1.4.8: Noteworthy changes in version 1.4.8 (2007-12-20) ------------------------------------------------ ******************************************* * A decade of GnuPG: g10-0.0.0.tar.gz was * * released exactly 10 years ago. * ******************************************* * Changed the license to GPLv3. * Improved detection of keyrings specified multiple times. * Changes to better cope with broken keyservers. * Minor bug fixes. * The new OpenPGP standard is now complete, and has been published as RFC-4880. The GnuPG --openpgp mode (note this is not the default) has been updated to match the new standard. The --rfc2440 option can be used to return to the older RFC-2440 behavior. The main differences between the two are "--enable-dsa2 --no-rfc2440-text --escape-from-lines --require-cross-certification". * By default (i.e. --gnupg mode), --require-cross-certification is now on. --rfc2440-text and --force-v3-sigs are now off. * Allow encryption using legacy Elgamal sign+encrypt keys if option --rfc2440 is used. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 signatures will continue to work.	2008-01-13 16:23:55 +00:00
drochner	0d926fe456	update to 2.20.3 changes: minor fixes	2008-01-11 14:02:42 +00:00
drochner	f752f295cb	update to 2.20.3 changes: translation updates	2008-01-11 13:56:56 +00:00
heinz	9ab1ed4dab	Updated to version 1.32. Pkgsrc changes: - Requires p5-Test-Exception and p5-Test-Warn for building and p5-MIME-Base64 for running. The modules p5-Array-Compare, p5-Sub-Uplevel and p5-Tree-DAG_Node are only used through p5-Test-Warn. Opened bug id 32172 at rt.cpan.org for this. - Needs a C compiler. - Specified prefix for OpenSSL in order to avoid adding any search paths to inc/Module/Install/PRIVATE/Net/SSLeay.pm. - No more interactive questions (PERL_MM_USE_DEFAULT). Changes since version 1.30: =========================== - Mike McCauley and Florian Ragwitz maintain this module now 1.31_01 02.07.2007 - Only bind X509_STORE_set_trust #if OPENSSL_VERSION_NUMBER >= 0x0090800fL - Removed %Filenum_Objects from Net::SSLeay::Handle so unused handles will be freed. - Use ppport.h. - improved openssl path guessing, forcing openssl path now requires the -path flag (caution: incompatible flag change) Path guessing works on windows too. mikem, with patches from Stas Bekman - Added /usr/sfw/bin/openssl to path guessing for Open Solaris, suggested by Igor Boehme. - Fixed a problem with X509_get_subjectAltNames not working when the subjectAltNAmes are the first extension. Reported by Achim Grolms 1.31_02 14.07.2007 - Fix linking problems on Windows. Tested with VC++ 6.0, Shining Light 0.9.7L on Windows Server 2003 with ActivePerl 5.8.8.820. Also tested with OpenSSL 0.9.8e compiled from source. - Unable to get working systems when compiling with MS Visual Studio Express 2005. Contributions requested. This may be relevant: http://www.itwriting.com/blog/?postid=261&replyto=2542 - Fixed a number of minor compile warnings on Windows - Updated README.Win32 to define building procedures on Windows - Fixed incorrect test failure reports in 08_external. - Add parens to function calls in Makefile.PL to prevent warnings with some perls. - Tested on Sparc Solaris 8, Sparc Solaris 10, OpenSuSE 10.2 x64, OpenSuSE 10.0 x86, FreeBSD 6.0 x86, Ubuntu 6.10, Fedora Core 6 x86 - Changed type of SSL_set_info_callback args to stop compiler warnings on Windows - Removed auto_include from Makefile.PL - Removed build_requires('Test::NoWarnings') from Makefile.PL - Testing with Strawberry Perl on Windows XP SP2, added doc to README.Win32 - Testing with Perl CamelPack 5.8.7 on Windows XP SP2,added doc to README.Win32 1.32 03.08.2007 - Don't let the tests die when something unexpected happens. Just BAIL_OUT. - Some Win32 improvements.	2008-01-09 00:47:00 +00:00
adrianp	ed22d64afa	Fix builds on Darwin	2008-01-08 17:02:11 +00:00
heinz	239a1650c5	Updated to version 5.45. Pkgsrc changes: - Added explicit licence identification. Changes since version 5.44: =========================== 5.45 Tue Jun 26 02:36:00 MST 2007 - extended portability to earlier Perls -- works on Perl 5.003 and later -- thanks to Jim Doble for testing on legacy platforms - updated META.yml to conform to current META spec (1.3) - minor documentation fixes	2008-01-08 15:11:25 +00:00
heinz	c4641b5471	Updated to version 0.25. Pkgsrc changes: - A C compiler is necessary. - Added explicit license identification. - Removed patch-ab (fixed upstream). Changes since version 0.24: =========================== 0.25 Sun May 20 2007 12:56:11 - Add a LICENSE file. - Fix a bug (reported by many) in rsa.t - we were incorrectly counting the number of tests in situations where use_sha512_hash was not available.	2008-01-08 15:01:55 +00:00
heinz	aa79a95655	Updated to version 0.04. Pkgsrc changes: - The package supports installation to DESTDIR. - A C compiler is necessary. - Added explicit license identification. Changes since version 0.03: =========================== 0.04 Sun May 20 13:41:04 2007 - Add a LICENSE file. - Better use of types.	2008-01-08 14:48:35 +00:00
heinz	12b563509f	Updated to version 0.04. Pkgsrc changes: - The package supports installation to DESTDIR. - A C compiler is necessary. - Added explicit license identification. Changes since version 0.03: =========================== 0.04 Sun May 20 2007 13:08:23 - Add a LICENSE file. - Add -DOPENSSL_NO_KRB5 to DEFINE to keep redhat happy.	2008-01-08 14:36:51 +00:00
joerg	6cf0f6c49c	Fix builtin.mk logic for thread feature if no native OpenSSL exists. Fixes PR pkg/37699 from Aleksey Cheusov.	2008-01-07 15:51:08 +00:00
taca	5fe02749ec	Update sudo package to 1.6.9p11. 637) Fixed a compilation problem on SCO related to how they store the high resolution timestamps in struct stat. 638) Avoid checking the passwd file group multiple times in the LDAP query when the user's passwd group is also listed in the supplemental group vector. 639) The URI specifier can now be used in ldap.conf even when the LDAP SDK doesn't support ldap_initialize(). 640) New %p prompt escape that expands to the user whose password is being prompted, as specified by the rootpw, targetpw and runaspw sudoers flags. Based on a diff from Patrick Schoenfeld.	2008-01-06 16:08:24 +00:00
rillig	d5a1ab0577	Fixed a few pkglint warnings.	2008-01-05 20:41:25 +00:00
obache	50a4f19df7	Change MASTER_SITES to locatoin for old archive, noticed by Zafer Aydogan in private mail.	2008-01-05 05:25:21 +00:00
obache	e1b59f625b	Change MASTER_SITES to new location, noticed by Zafer Aydogan in private mail. Also change HOMEPAGE.	2008-01-05 05:23:23 +00:00
obache	1181cc43a1	Old url is not available now, noticed by Zafer Aydogan in private mail. Switch HOMEPAGE and MASTER_SITES to new location.	2008-01-05 05:09:09 +00:00
obache	5dc3470702	.tbz does not exist now, noticed by Zafer Aydogan in private mail. Switch to .tgz, no differ from *.tbz.	2008-01-05 05:06:52 +00:00
obache	6763497ac0	Change HOMEPAGE and MASTER_SITES to new location.	2008-01-05 05:00:37 +00:00
heinz	23c9f186f1	The package needs a C compiler.	2008-01-04 22:20:31 +00:00
rillig	7f791603aa	Removed the special-case handling of PKG_SYSCONFDIR for NetBSD. Now the configuration files are installed in the usual pkgsrc place, not in /etc. PKGREVISION++ Ok'ed by jlam@.	2008-01-04 22:08:09 +00:00
adrianp	4eb48dab26	Update to 2.1.4 27 Nov 2007 - 2.1.4 ------------------- * Updated included Core Ruleset to version 1.5 and noted in the docs that XML support is required to use the rules without modification. * Fixed an evasion FP, mistaking a multipart non-boundary for a boundary. * Fixed multiple warnings on Solaris and/or 64bit builds. * Do not process subrequests in phase 2-4, but do hand off the request data. * Fixed a blocking FP in the multipart parser, which affected Safari. 11 Sep 2007 - 2.1.3 ------------------- * Updated multipart parsing code adding variables to allow checking for various parsing issues (request body abnormalities). * Allow mod_rpaf and mod_extract_forwarded2 to work before ModSecurity. * Quiet some compiler warnings. * Do not block internal ErrorDocument requests after blocking request. * Added ability to compile without an external API (use -DNO_MODSEC_API). 27 Jul 2007 - 2.1.2 ------------------- * Cleaned up and clarified some documentation. * Update included core rules to latest version (1.4.3). * Enhanced ability to alert/audit failed requests. * Do not trigger "pause" action for internal requests. * Fixed issue with requests that use internal requests. These had the potential to be intercepted incorrectly when other Apache httpd modules that used internal requests were used with mod_security. * Added Solaris and Cygwin to the list of platforms not supporting the hidden visibility attribute. * Fixed decoding full-width unicode in t:urlDecodeUni. * Lessen some overhead of debugging messages and calculations. * Do not try to intercept a request after a failed rule. This fixes the issue associated with an "Internal Error: Asked to intercept request but was_intercepted is zero" error message. * Added SecAuditLog2 directive to allow redundent concurrent audit log index files. This will allow sending audit data to two consoles, etc. * Small performance improvement in memory management for rule execution.	2008-01-04 10:05:51 +00:00
rillig	8159318d33	Install the binaries readable for the owner, so that a package can be created in unprivileged pkgsrc mode. PKGREVISION++	2008-01-03 23:17:47 +00:00
adrianp	f1462904ad	Look out for the case where audit-packages is already installed with the base OS on NetBSD.	2008-01-02 09:00:34 +00:00
heinz	b55970381a	Replaced outdated mirrors by working mirrors.	2007-12-30 13:42:29 +00:00
obache	583c31e60c	* Honor PKGMANDIR and PKG_SYSCONFBASE. * Install config files by CONF_FILES instead of install directly. * Correct path of tools and config in sample config files and a manual page. * Add DESTDIR support. Bump PKGREVISION.	2007-12-30 09:15:36 +00:00
tron	5105fb8b30	Recognize the MIT Kerberos bundled with Mac OS X Leopard.	2007-12-28 15:27:24 +00:00
obache	ecdc58e2bd	This package uses BSD Makefile. Honor PKGMANDIR and DESTDIR ready.	2007-12-28 12:27:20 +00:00
obache	fbffa9a69b	Require pre-created sbin directory.	2007-12-28 11:51:42 +00:00
obache	b33dc97d95	DESTDIR ready.	2007-12-28 11:47:24 +00:00
obache	5bcacb16f6	Fixes invalid lvalue in assignment.	2007-12-28 11:45:42 +00:00
obache	9ad21a5b6e	Also need for NetBSD.	2007-12-28 05:13:23 +00:00
obache	35eed689d9	Switch to SUBST framework.	2007-12-28 05:01:47 +00:00
obache	b1fe4da4d5	Honor PKGMANDIR.	2007-12-28 04:22:43 +00:00
gdt	efee29e6e8	Remove deprecated "fee-based commercial use" license for idea, mdc2, rc5, and replace with {idea,mdc2,rc5}-nonlicense. Because pkgsrc does not yet handle multiple licenses, set LICENSE to openssl-patented-algorithms-nonlicense.	2007-12-27 23:41:42 +00:00
adrianp	5723ca178b	Add a PCRE bl3 depends to fix builds (found by DragonFly bulk builds) PKGREVISION++	2007-12-27 16:39:07 +00:00
joerg	2e20c7d21d	Explicitly depend on Perl. Bump revision.	2007-12-27 16:31:23 +00:00
obache	3be1e9beac	Change MASTER_SITES to archive directory, 1.4.11 only exsits in it.	2007-12-27 15:46:00 +00:00
obache	83dfac88b1	Try to create target directories before install manuals.	2007-12-27 15:06:02 +00:00
obache	b992f36697	Try to fix build problem on NetBSD, use the same strategies as DragonFly.	2007-12-27 14:13:58 +00:00
markd	48ae334282	Now that package is installed into qt4 subdirectory, pkg-config can't find the qca2.pc file so copy to where it can. OKed jdolecek. Bump PKGREVISION.	2007-12-25 20:09:47 +00:00
jdolecek	07910e4767	restore security/qca-tls to state on pkgsrc-2007Q3-base tag (just before the removal), rather then revision 1.1 of all files, used for original revival test compiled on Mac OS X 10.5	2007-12-23 21:05:51 +00:00
jdolecek	124723b3de	install qca2 files into qt4 subdirectory, so that qca 1.x and qca2 could be installed at the same time bump PKGREVISION	2007-12-22 19:36:27 +00:00
joerg	17adb7cfd1	I18N (PR 37581) and DESTDIR support.	2007-12-21 20:35:36 +00:00
taca	dca1f5683b	Update sudo pacakge to 1.6.9p10. Major changes since Sudo 1.6.9p9: o Moved LDAP options into a table for simplified parsing/setting. o Fixed a problem with how some LDAP options were being applied. o Added support for connecting directly to LDAP servers via SSL/TLS for servers that don't support the start_tls extension.	2007-12-21 03:12:34 +00:00
jdolecek	96641aef3f	install qca2 files into qt4 subdirectory, so that qca 1.x and qca2 could be installed at the same time; also speedup build by disabling building tests and other miscellaneous cleanup bump PKGREVISION	2007-12-21 00:19:43 +00:00
jdolecek	550c7f21f9	put back qca-tls, add qca2 and qca2-ossl	2007-12-20 21:21:16 +00:00
jdolecek	e210ff0a0a	move back to version 1.0 for security/qca and re-add security/qca-tls (for qca 1.x), so that kdenetwork3 works again XXX these should be renamed to qca1* after current freeze	2007-12-20 20:37:21 +00:00
jdolecek	4188ec7c1a	files moved to security/qca2-ossl	2007-12-20 20:21:03 +00:00
jdolecek	bfb290e37b	reimport security/qca-ossl as security/qca2-ossl (it's qca 2.x only)	2007-12-20 20:20:17 +00:00
jdolecek	99087ddfcd	re-import security/qca version 2.0.0 as security/qca2 in preparation for having both qca 1.x and qca 2.x in tree	2007-12-20 20:17:47 +00:00
jdolecek	65df391662	add qca-ossl	2007-12-19 13:05:42 +00:00
jdolecek	ddb6d04cf4	Add qca-ossl 2.0.0-beta3 - OpenSSL plugin for security/qca	2007-12-19 13:05:05 +00:00
jdolecek	9e0b36c71a	remove qca-tls - it's replaced by qca-ossl in QCA 2.x	2007-12-19 13:02:11 +00:00
jdolecek	058acc3df0	Update qca to version 2.0.0 (needed for update of chat/psi). Change list is not available, but the project now depends on QT 4.2 and was incorporated into KDE4 too	2007-12-19 13:01:36 +00:00
drochner	a667d0e7df	pull in pam.buildlink3.mk for proper handling of the various PAM versions, fixes PR pkg/37545 by Ondrej Tuma, and makes special handling of Darwin unnecessary (tested by Matthias Scheler)	2007-12-17 16:45:11 +00:00
bjs	6e1399f17e	Update to version 1.7.1. Changes: Update to version 1.7.1. Changes: v1.7.1 (Amy) 10jun07 -------------------- * windows SSH agent support can use the 'ctypes' module now if 'win32all' is not available [patch from alexander belchenko] * SFTPClient.listdir_attr() now preserves the 'longname' field [patch from wesley augur] * SFTPClient.get_channel() API added * SSHClient constuctor takes an optional 'timeout' parameter [patch from james bardin] v1.7 (zubat) 18feb07 -------------------- * added x11 channel support (patch from david guerizec) * added reverse port forwarding support * (bug 75370) raise an exception when contacting a broken SFTP server * (bug 80295) SSHClient shouldn't expand the user directory twice when reading RSA/DSS keys * (bug 82383) typo in DSS key in SSHClient * (bug 83523) python 2.5 warning when encoding a file's modification time * if connecting to an SSH agent fails, silently fallback instead of raising an exception v1.6.4 (yanma) 19nov06 ---------------------- * fix setup.py on osx (oops!) * (bug 69330) check for the existence of RSA/DSA keys before trying to open them in SFTPClient * (bug 69222) catch EAGAIN in socket code to workaround a bug in recent Linux 2.6 kernels * (bug 70398) improve dict emulation in HostKeys objects * try harder to make sure all worker threads are joined on Transport.close() v1.6.3 (xatu) 14oct06 --------------------- * fixed bug where HostKeys.__setitem__ wouldn't always do the right thing * fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from mike barber] * try harder not to raise EOFError from within SFTPClient * fixed bug where a thread waiting in accept() could block forever if the transport dies [patch from mike looijmans] v1.6.2 (weedle) 16aug06 ----------------------- * added support for "old" group-exchange server mode, for compatibility with the windows putty client * fixed some more interactions with SFTP file readv() and prefetch() * when saving the known_hosts file, preserve the original order [patch from warren young] * fix a couple of broken lines when exporting classes (bug 55946) v1.6.1 (vulpix) 10jul06 ----------------------- * more unit tests fixed for windows/cygwin (thanks to alexander belchenko) * a couple of fixes related to exceptions leaking out of SFTPClient * added ability to set items in HostKeys via __setitem__ * HostKeys now retains order and has a save() method * added PKey.write_private_key and PKey.from_private_key v1.6 (umbreon) 10may06 ---------------------- * pageant support on Windows thanks to john arbash meinel and todd whiteman * fixed unit tests to work under windows and cygwin (thanks to alexander belchenko for debugging) * various bugfixes/tweaks to SFTP file prefetch * added SSHClient for a higher-level API * SFTP readv() now yields results as it gets them * several APIs changed to throw an exception instead of "False" on failure	2007-12-14 13:35:04 +00:00
rhaen	c9222026c9	- added DESTDIR support - added USE_TOOLS - it should build now on NetBSD, Dragonfly - new maintainer - PKGREVISION bump	2007-12-13 12:02:09 +00:00
wiz	b524dc18ff	Reset maintainer on his request.	2007-12-12 20:42:28 +00:00
adam	ad2a3bc804	Changes 2.1.15: * Bug fix release	2007-12-12 17:59:20 +00:00
taca	a208a673da	sudo-1.6.9p9.tar.gz was updated now. So, introduce DIST_SUBDIR and bump PKGREVISION. A little bug fix seems to applied. -rw-r--r-- 1 taca taca 578259 Dec 3 19:38 sudo-1.6.9p9.tar.gz-prev -rw-r--r-- 1 taca taca 578262 Dec 5 00:27 sudo-1.6.9p9.tar.gz diff -dupNr sudo-1.6.9p9-20071203/parse.c sudo-1.6.9p9/parse.c --- sudo-1.6.9p9-20071203/parse.c 2007-11-28 08:29:59.000000000 +0900 +++ sudo-1.6.9p9/parse.c 2007-12-05 00:26:40.000000000 +0900 @@ -90,7 +90,7 @@ #endif /* HAVE_EXTENDED_GLOB / #ifndef lint -__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.14 2007/10/24 16:43:27 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: parse.c,v 1.160.2.15 2007/12/04 15:26:40 millert Exp $"; #endif / lint / / @@ -202,7 +202,7 @@ sudoers_lookup(pwflag) return(VALIDATE_OK \| (no_passwd == TRUE ? FLAG_NOPASS : 0) \| (no_execve == TRUE ? FLAG_NOEXEC : 0) \| - (setenv_ok == TRUE ? FLAG_SETENV : 0)); + (setenv_ok >= TRUE ? FLAG_SETENV : 0)); } else if ((runas_matches == TRUE && cmnd_matches == FALSE) \|\| (runas_matches == FALSE && cmnd_matches == TRUE)) { /* @@ -212,7 +212,7 @@ sudoers_lookup(pwflag) return(VALIDATE_NOT_OK \| (no_passwd == TRUE ? FLAG_NOPASS : 0) \| (no_execve == TRUE ? FLAG_NOEXEC : 0) \| - (setenv_ok == TRUE ? FLAG_SETENV : 0)); + (setenv_ok >= TRUE ? FLAG_SETENV : 0)); } } top--; diff -dupNr sudo-1.6.9p9-20071203/sudo.c sudo-1.6.9p9/sudo.c --- sudo-1.6.9p9-20071203/sudo.c 2007-12-03 02:13:52.000000000 +0900 +++ sudo-1.6.9p9/sudo.c 2007-12-04 01:12:03.000000000 +0900 @@ -730,8 +730,10 @@ parse_args(argc, argv) while (NewArgc > 0) { if (NewArgv[0][0] == '-') { - if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') + if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') { warnx("please use single character options"); + usage(1); + } switch (NewArgv[0][1]) { case 'p':	2007-12-05 10:07:14 +00:00
taca	498d04a83c	Update sudo package to 1.6.9p9. Major changes since Sudo 1.6.9p8: o The ALL command in sudoers now implies SETENV permissions. o The command search is now performed using the target user's auxiliary group vector, not just the target's primary group. o When determining if the PAM prompt is the default "Password: ", compare the localized version if possible. o New passprompt_override option in sudoers to cause sudo's prompt to be used in all cases. Also set when the -p flag is used.	2007-12-05 04:14:42 +00:00
wiz	0e3f271eab	Remove Ex-MASTER_SITEs. From Zafer Aydogan.	2007-12-02 12:22:45 +00:00
wiz	a40a8b4e34	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 12:20:12 +00:00
wiz	198adbc012	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 11:37:24 +00:00
wiz	f109fb13b1	Remove Ex-MASTER_SITEs. From Zafer Aydogan.	2007-12-02 11:35:41 +00:00
wiz	48aee8ab57	Remove Ex-MASTER_SITE. From Zafer Aydogan.	2007-12-02 11:31:49 +00:00
rillig	f338d15c24	Some more packages need lex and yacc. Patch by Aleksey Cheusov on pkgsrc-users.	2007-12-02 08:32:23 +00:00
rillig	82f6e28d42	Updated crypto++ to 5.5.2. Changes since 5.2.1: 5.2.2 - added SHA-224 - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL 5.2.3 - fixed issues with FIPS algorithm test vectors - put RSASSA-ISO into DLL 5.3 - ported to MSVC 2005 with support for x86-64 - added defense against AES timing attacks, and more AES test vectors - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR" 5.4 - added Salsa20 - updated Whirlpool to version 3.0 - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly) - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20, Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2) - optimized Camellia and added defense against timing attacks - updated benchmarks code to show cycles per byte and to time key/IV setup - started using OpenMP for increased multi-core speed - enabled GCC optimization flags by default in GNUmakefile - added blinding and computational error checking for RW signing - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce the risk of reusing random numbers and IVs after virtual machine state rollback - changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to AutoSeededX917RNG<AES> - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak" - removed HAVAL, MD5-MAC, XMAC 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64) - fixed Salsa20 initialization crash on non-SSE2 machines - fixed Whirlpool crash on Pentium 2 machines - fixed possible branch prediction analysis (BPA) vulnerability in MontgomeryReduce(), which may affect security of RSA, RW, LUC - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library - fixed crash in SSE2_Add on P4 machines when compiled with MSVC 6.0 SP5 with Processor Pack - added support for newly released compilers: MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0, and Borland C++Builder 2007	2007-12-01 04:17:50 +00:00
wiz	a34ac258dd	Bump PKGREVISION because openexr now depends on ilmbase.	2007-11-30 21:55:01 +00:00
rillig	ff6d0eddfa	Discard the -mcpu=i686 option for the C++ compiler, since g++4 doesn't accept it.	2007-11-30 20:02:39 +00:00
wiz	7461b89fc8	Update to 0.4.13: Changes unknown.	2007-11-30 17:22:20 +00:00
drochner	1d77bfd6a8	update to 2.20.2 changes: -build fixes (not relevant to pkgsrc) * Don't print out a warning message in applications using libgnome-keyring when non-pageable memory cannot be allocated.	2007-11-29 20:14:26 +00:00
wiz	fb40b4d3d9	Update to 0.6.6: Noteworthy changes in version 0.6.6 (2007-11-15) ------------------------------------------------ * Slightly adjust the stream code. The check for fflush is omitted because the return value might be undefined. This fixes a problem reported from the NetBSD team. * Don't use __inline__ in src/cipher.c (breaks on Sun CC).	2007-11-29 16:35:12 +00:00
wiz	05c42389be	Update to 0.57: 0.57 2007-09-17 20:45:20 UTC - Honour both $ENV{NO_PROXY} and $ENV{no_proxy} in Net::SSL::proxy_connect_helper. (Bug #29371 reported by Jan Dubois). - $@ construction used in Net::SSL::connect was messed up, which could lead to sub-optimal error reporting. (Bug #29372 reported by Jan Dubois). - Ensure no proxification is used in t/01-connect.t (which might be the reason for all the spurious smoke failures). Bug #29373 reported by, you guessed it, Jan Dubois). - Silence a dubious fopen() warning in SSLeay.xs. - s/Netware/NetWare/ in Net/SSL.pm platform check - Improvements to Makefile.PL for dealing with platforms where openssl is installed with ./include and ./lib as sibling directories rather than child directories. This should allow the code to configure and build "out of the box" on Solaris (and probably other proprietary platforms). - Don't carp in LICENSE key addition code in Makefile.PL 0.56_01 2007-08-09 21:59:47 UTC - Various improvements to the Win32 configure code in Makefile.PL, based on CPAN tickets #28431 and #28432, by Guenter Knauf, notably to allow static linking and OpenSSL living in a relative directory. - Net::SSL: alarm() is not implemented on Netware platform, so don't try to set one there. (Guenter Knauf). - Should build on Solaris correctly (bug fix in include dir specification). Based on fix suggested in CPAN bug #28680. 0.56 2007-07-10 19:08:20 UTC - Purely a documentation issue raised by CPAN bug #27935. Users of previous versions do not need to upgrade.	2007-11-29 14:16:37 +00:00
jlam	b250f2c691	Document where this file is included.	2007-11-27 16:27:30 +00:00
adam	028262906e	Changes 184: * fix for BUG 312: pam_ldap does not try to reconnect when LDAP server closed the connection	2007-11-27 08:27:06 +00:00
wiz	4f0bb18778	Update to 2.0.4: * Version 2.0.4 (released 2007-11-16) Corrected bug in decompression of expanded compression data. API and ABI modifications: No changes since last version.	2007-11-25 23:45:15 +00:00
adrianp	a30ed56204	- 11/20/2007 1.3.9 (anne) - Update to Spanish -- David Gil - Bug 1750697 base_header() is undefined fixed -- Juergen and Kevin Johnson - Bug 1680965 sans lookup fails -- Jordan Wiens - Updated Chinese language file -- Randy - Added Sean Muller as the Project Manager -- Kevin Johnson - Fixed error in contrib/base-rss.php -- Dan - Added INSTALL and INSTALL.rtf files to docs directory -- Sean Muller - Bug 1801192 XSS bug in BASE fixed -- Kevin Johnson and Sean Muller - Bug 1760615 Sort order ignored -- Kevin Johnson and Jordan Weins	2007-11-25 18:09:53 +00:00
tron	1065fcff24	Fix warning reported by "pkglint".	2007-11-18 23:38:12 +00:00
tron	7cbebdfaeb	Add buildlink3 support file.	2007-11-18 23:37:59 +00:00
wiz	0b09193af9	Reset maintainer for itojun's packages.	2007-11-17 13:40:15 +00:00
rillig	105dd4b97c	Some packages need lex and yacc. Patch by Aleksey Cheusov via pkgsrc-users.	2007-11-17 12:04:11 +00:00
rillig	0d736f5a52	By default, chmod follows symlinks, which is not intended here. Patch by Lloyd Parkes in PR 37391.	2007-11-16 00:16:29 +00:00
rillig	438bd8aea8	Added a patch that fixes the build on Solaris 10.	2007-11-13 12:04:24 +00:00
heinz	949b357145	Removed ftp7.usa.openbsd.org from MASTER_SITES, doesn't resolve anymore in DNS. Mentioned by Zafer Aydogan in PR pkg/37331.	2007-11-12 20:52:14 +00:00
taca	8b69268cf1	- Fix build problem on DragonFly BSD. - Reduce patch size. Build problem on DragonFly BSD was noted by YONETANI Tomokazu via private mail.	2007-11-12 11:12:16 +00:00
wiz	a2ced84564	Remove ftp.aet.tu-cottbus.de from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37332.	2007-11-12 00:07:48 +00:00
wiz	1a9fb1c283	Remove ftp.ch.pgpi.com from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37331.	2007-11-12 00:06:52 +00:00
wiz	499dbfee47	Remove ftp7.usa.openbsd.org from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37331.	2007-11-12 00:06:06 +00:00
wiz	32ea59e233	Remove ftp.lothar.com from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37328.	2007-11-12 00:04:06 +00:00
wiz	c57b8d02b6	Remove ws.obit.nl from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37329.	2007-11-12 00:03:18 +00:00
wiz	37b88d319f	Update to 2.0.3: * Version 2.0.3 (released 2007-11-10) This version backports several fixes from the 2.1.x branch. Fixed PKCS #3 parameter export. Added gnutls_record_disable_padding() to allow servers talking to buggy clients that complain if the TLS 1.0 record protocol padding is used. Introduced gnutls_session_enable_compatibility_mode() to allow enabling all supported compatibility options (like disabling padding). Corrected bug which did not allow a server to run without supporting certificates. API and ABI modifications: gnutls_session_enable_compatibility_mode: ADDED gnutls_record_disable_padding: ADDED Add LICENSE, commented out; it contains both LGPL-2.1 and GPL2 code.	2007-11-11 19:28:27 +00:00
martti	9afb20a137	Added commented-out LICENSE=something.	2007-11-11 11:35:48 +00:00
bjs	4e3bb28481	Bump revision, as the resulting binary should differ because it finds gpg2.	2007-11-08 21:22:40 +00:00
bjs	179d6dfdcd	Tell gpgme where the gnupg2 binary is should the user build with the 'gpgsm' option.	2007-11-08 21:19:22 +00:00
bjs	b9c0db4ce7	Remove space between '=' and "idea" in "PKG_OPTIONS.libgcrypt+= idea". This was causing a build failure for gpgme if the package was built with the "idea" option.	2007-11-08 21:06:33 +00:00
wiz	32be62aaa3	Update to 0.6.5: Noteworthy changes in version 0.6.5 (2007-10-27) ------------------------------------------------ * Cleanups for the key export and import functionality. * Clarified the semantic of cdk_pk_check_sigs. * Now the by usage keydb function correctly finds the self signature. patch-aa provided by drochner@; sent upstream, will be in next release.	2007-11-08 19:43:37 +00:00
shannonjr	ee670685e1	1) Added configuration arg so that PKG_SYSCONFDIR is honored 2) Added missing PLIST entry	2007-11-08 09:56:03 +00:00
shannonjr	9d741e1557	1) Fix incorect patch 2) Fix incorrect socket permission	2007-11-07 19:38:12 +00:00
shannonjr	55bd53c608	Added missing entry	2007-11-07 15:26:20 +00:00
shannonjr	33068eba75	Update to 2.0.7. This is maintenance release with a few minor enhancements. Changes: * Fixed encryption problem if duplicate certificates are in the keybox. * Add new options min-passphrase-nonalpha, check-passphrase-pattern, enforce-passphrase-constraints and max-passphrase-days to gpg-agent. * Add command --check-components to gpgconf. Gpgconf now uses the installed versions of the programs and does not anymore search via PATH for them.	2007-11-07 15:24:26 +00:00
shannonjr	5d0e9e75a1	Update to 1.0.1. Changes: * The option --ocsp-signer may now take a filename to allow several certificates to be valid signers for the default responder. * New option --ocsp-max-period and improved the OCSP time checks. * New option --force-default-signer for dirmngr-client.	2007-11-07 12:43:21 +00:00
shannonjr	d8efb0bb19	Upgrade to 1.0.3. This is a maintenance upgrade. Noteworthy changes in version 1.0.3: * New functions assuan_process_done and assuan_inquire_ext to support external event loops. * Changed the license of the library code back to LGPLv2.1 to support a bunch of GPLv2(only) software which does not allow the use of LGPLv3. * Assorted bug fixed and code cleanups.	2007-11-07 11:13:15 +00:00
drochner	4b5e9f8971	update to 2.20.1 This switches to the new gnome-2.20 branch.	2007-11-05 19:49:04 +00:00
tron	2c10fdef3b	Fix detection of PAM support under Mac OS X to get "pam_gnome_keyring.la" built. Bump package revision because package was previously incomplete and the package list incorrect.	2007-11-04 14:36:05 +00:00
taca	2628c96443	Update sudo package to 1.6.9p8. Major changes since Sudo 1.6.9p7: o Fixed a bug where a sudoers entry with no runas user specified was treated differently from a line with the default runas user explicitly specified.	2007-11-04 12:07:24 +00:00
rillig	5282781bd9	Fixed building the package with sunpro.	2007-11-03 23:45:56 +00:00
rillig	dc7f429739	Added MAKE_JOBS_SAFE as suggested in PR 37261.	2007-11-03 22:40:27 +00:00
drochner	e3011dc2e9	update to 2.20.0 This switches to the new gnome-2.20 branch.	2007-11-03 17:35:40 +00:00
wiz	adb0276c75	Update to 1.12: v1.12 - treat timeouts of 0 for accept_SSL and connect_SSL like no timeout, like IO::Socket does.	2007-11-01 08:31:40 +00:00
drochner	7bbeb9cae3	update to 2.20.1 This switches to the new gnome-2.20 branch. (While this is not part of the "platform" subset formally, it is used by platform -- this looks like an inconsistency in gnome packaging.)	2007-10-31 20:20:30 +00:00
jlam	de737429da	Comment out LICENSE=gnu-gpl-v3 for now as part of transition to switching pkgsrc to using license.mk. This will eventually be turned back on.	2007-10-31 14:22:55 +00:00
rillig	ece592ed4a	Renamed the deprecated LICENCE to LICENSE, which has the exactly same meaning.	2007-10-31 12:29:33 +00:00
martti	9fc7653761	Based on some feedback, comment out the newly added LICENSE=xxx for now. I'll re-activate this later when the global license stuff is activated.	2007-10-30 19:31:38 +00:00
martti	f326f1a223	Added LICENSE=modified-bsd	2007-10-30 13:59:38 +00:00
martti	c95b7ca9f8	Added LICENSE=gnu-gpl-v2	2007-10-30 13:57:17 +00:00
shannonjr	4d45d601c7	Update to 0.9.13. Changes: - Only perform additional database request when using Sensor localtime: this bring a performance improvement of about 36% on aggregated query, when using either frontend localtime (the default), or UTC time. - JQuery support: Port most of the javascript code to make use of JQuery. Add show/hide effect to CSS popup. More filtering functionality in the SensorListing view. - Cleanup the Authentication class, so that uper Prewikka layer can act depending whether the backend support user creation / deletion. Anonymous authentication is nowa plugin. - Better integration of CGI authentication allowing user listing and deletion. - Report template exception directly to the user. - Fix exception if an alert analyzer name is empty. - Fix problem when adding new Prewikka users (#262). - Fix exception when user has no permission set. - When changing password, we didn't try to match an empty 'current password' (which is a minor issue since the user is already authenticated). Thanks to Helmut Azbest <helmut.azbest@gmail.com> for the fix. - Fix a typo making mod_python use the parent method (patch from Helmut Azbest <helmut.azbest@gmail.com>). - In the configuration file, recognize section even if there are whitespace at the beginning of the line. - Localization fixes, by Sebastien Tricaud <toady@gscore.org>, and Bjoern Weiland.	2007-10-29 21:59:00 +00:00
shannonjr	e3cb2576aa	Update to 0.9.10. Changes: - Make threshold act like a real threshold: pass every Nth events in the defined amount of seconds. - Allow mixing Limit and Threshold. - Do not share the tresholding hash accross thresholding plugin instance: previously, the shared hash would result in strange thresholding plugin behavior if you had several instance of thresholding loaded. - Various bug fixes concerning plugin instance un-subscribtion (unsubscribtion of certain plugin was not triggered).	2007-10-29 21:57:17 +00:00
shannonjr	4ee9e5abe2	Update to 0.9.16. Changes: - Implement prelude-admin list [-l] command, which provide the ability to list existing profile name, permission, registration permission, analyzerID, and Issuer analyzerid. - Implement multiple analyzer deletion in prelude-admin. - Correct printing of IDMEF time field using non local GMT offset. - Patch to avoid struct typespec redefinition, due to variable mispelling. This fixes a compilation problem on OpenBSD 3.8. - Various bug fixes.	2007-10-29 21:55:30 +00:00
shannonjr	ba17d64c40	PLIST correction	2007-10-29 21:53:24 +00:00
agc	7c64224428	Add and enable snow.	2007-10-29 09:58:43 +00:00
agc	febcc845a2	Initial import of snow-20060213 into the Packages Collection. Whitespace steganography The program snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected. What's in a name? snow exploits the steganographic nature of whitespace. Locating trailing whitespace in text is like finding a polar bear in a snowstorm (which, by the way, explains the logo). And it uses the ICE encryption algorithm, so the name is thematically consistent.	2007-10-29 09:57:28 +00:00
taca	9685596eea	Update sudo package to 1.6.9p7. pkgsrc change: added DESTDIR support. Major changes since Sudo 1.6.9p6: o Reverted back to to using TCSAFLUSH instead of TCSADRAIN when turning off echo during password reading. o Fixed a configure bug that was preventing the addition of -lutil for login.conf support on FreeBSD and NetBSD. o Added a configure check for struct in6_addr since some systems define AF_INET6 but have no real IPv6 support.	2007-10-28 02:05:44 +00:00
adam	2a95649fd4	Changes 0.2.21: * Fix typos in manual. * Update gnulib files.	2007-10-25 21:24:53 +00:00
jlam	56ba4d2690	Remove empty PLISTs from pkgsrc since revision 1.33 of plist/plist.mk can handle packages having no PLIST files.	2007-10-25 16:54:26 +00:00
wiz	fdc7ca16d9	Update to 2.0.2: * Version 2.0.2 (released 2007-10-17) TLS authorization support removed. This technique may be patented in the future, and it is not of crucial importance for the Internet community. After deliberation we have concluded that the best thing we can do in this situation is to encourage society not to adopt this technique. We have decided to lead the way with our own actions. certtool: Fixed data corruption when using --outder. Fix configure-time Guile detection. API and ABI modifications: GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: ADDED. To avoid that the gnutls_supplemental_data_format_type_t enum type becomes empty. * Version 2.0.1 (released 2007-09-20) New directory doc/credentials/ with test credentials. This collects the test credentials from the web page and from src/. The script gnutls-http-serv has also been moved to that directory. Update SRP extension type and cipher suite with official IANA values. This breaks backwards compatibility with SRP in older versions of GnuTLS, but this is intentional to speed up the adoption of the official values. The old values we used were incorrect. Guile: Fix `x509-certificate-dn-oid' API and ABI modifications: No changes since last version.	2007-10-23 11:43:56 +00:00
dogcow	cded6f8ed6	Update to Net::SSH::Perl 1.3.0: 1.30 2006.03.17 - Fix for local READ/WRITE tie problem in open2 function (Bas van Sisseren). - Add back 'use IO::Socket' to fix 'Can't locate object method "blocking" via package "IO::Handle"' error (rt.cpan.org #15102). - Allow "The socket is already in use" as well as "Address already in use" to detect port already in use (for AIX, rt.cpan.org #16301). - Use sysread (not <>) to read the version string to avoid mixing read types and allow pre-version data (fix by Denis Bider, rt.cpan.org #14812). - Fix warnings on empty hostfile lines (fix by JOHANL, rt.cpan.org #13750). - Get the user's home directory from getpwuid() if the HOME environment variable isn't set (rt.cpan.org #13434).	2007-10-22 06:53:16 +00:00
adrianp	e35260c69d	Full and proper fix for CVE-2007-5135 PKGREVISION++	2007-10-21 17:52:52 +00:00
adrianp	86a02d0d3e	+keepassx	2007-10-21 13:51:41 +00:00
adrianp	1027ed767f	KeePass is a free/open-source password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk. So you only have to remember one single master password or insert the key-disk to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).	2007-10-21 13:51:01 +00:00
adrianp	68462e2da7	Update to 1.3.8 - Fixed base_conf_contents.php to include colored alerts -- Jonathan W Miner - Fixed base_main.php to remove an extra table and repair two column display -- Jonathan W Miner - Added exit() to the redirect to fix security hole -- Jon Hart - removed fpdf file to save room since we are not using them. -- Kevin Johnson - Fixed bug #1723928 Top Right, Database and User not shown -- Kevin Johnson - Added base_header wrapper, please use it instead of header if you're not sure -- GaRaGeD - Fixed Bug #1675094 snort signature information links broken (really a hack!) -- Kevin Johnson - Fixed Bug #1689885 Maybe need count(DISTINCT ip_src) to sort by IP correctly -- Kevin Johnson - Fixed Bug #1649659 Use of archive DB seems broken in "karen" release -- Kevin Johnson - Cleaned a warning -- Marek Cruz - Spanish install guide -- Daniel Medianero	2007-10-20 23:22:08 +00:00
wiz	8296f8378e	Update to 1.11: v1.11 - fixed errors in accept_SSL which would work when called from start_SSL but not from accept v1.10 - start_SSL, accept_SSL and connect_SSL have argument for Timeout so that the SSL handshake will not block forever. Only used if the socket is blocking. If not set the Timeout value from the underlying IO::Socket is used	2007-10-17 20:50:05 +00:00
tnn	24d5b54409	Fix abusers of LOWER_OPSYS to check OPSYS or MACHINE_PLATFORM instead.	2007-10-16 23:48:58 +00:00
jlam	55592c3715	Update security/courier-authlib to 0.60.1. Changes from version 0.59.3 include: * MYSQL_CHARACTER_SET option. * Allow underscores, colons and plusses, in account names. * Add {MD5RAW} hash method. * Fix runtime problems with hardcoded file descriptors in the daemon code by using OPEN_MAX instead.	2007-10-15 15:37:01 +00:00
obache	47e3e9f2b6	Update putty to 0.60. Patch provided by Jukka Salmi in PR 37056. These features are new in beta 0.60 (released 2007-04-29): * Pressing Ctrl+Break now sends a serial break signal. (The previous behaviour can still be obtained with Ctrl+C.) * Serial ports higher than COM9 now no longer need a leading \\.\. * You can now store a host name in the Default Settings. * Bug fix: serial connections and local proxies should no longer crash all the time. * Bug fix: configuring the default connection type to serial should no longer cause the configuration dialog to be skipped on startup. * Bug fix: "Unable to read from standard input" should now not happen, or if it still does it should produce more detailed diagnostics. * Bug fix: fixed some malformed SSH-2 packet generation. * Other minor bug fixes.	2007-10-13 09:14:16 +00:00
taca	8a81fb76e1	Update sudo package to 1.6.9p6. Major changes since Sudo 1.6.9p5: o Worked around bugs in the session support of some PAM implementations. The full tty path is now passed to PAM as well. o Sudo now only prints the password prompt if the process is in the foreground. o inttypes.h is now included when appropriate if it is present. o Simplified alias allocation in the parser.	2007-10-10 00:08:24 +00:00
martti	bd986edbc7	Remove trailing spaces.	2007-10-09 19:19:08 +00:00
rillig	feb1668cdf	Needs pre-created directories.	2007-10-09 12:49:23 +00:00
agc	69578ff1af	Make this package compile and run with recent C++ from gcc4. Take maintainership. Anglicise some of the text in DESCR.	2007-10-02 19:03:11 +00:00
wiz	2f2166a0fb	Reset maintainer -- shell@ is inactive.	2007-09-30 17:45:23 +00:00
bjs	cde8014a55	PKG_OPTIONS_OPTIONAL_GROUPS/PKG_OPTIONS_NONEMPTY_SETS have their respective options added to PKG_SUPPORTED_OPTIONS automagically. Duplicate options removed.	2007-09-26 05:47:46 +00:00
minskim	23242fb4e9	This package requires libgpg-error>=1.4. Bump PKGREVISION.	2007-09-25 15:19:29 +00:00
hira	6cdb950b99	Fix comment (GConf2 -> GConf).	2007-09-25 10:54:09 +00:00
taca	aa535dccfb	Update pgpdump package to 0.26. Add support of DESTDIR_SUPPORT, too. 0.26 2007/09/06 * Catching upto ID 22. (http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-22.txt)	2007-09-24 03:57:59 +00:00
wiz	2fb38c2870	Fix typo in comment.	2007-09-23 12:05:44 +00:00
wiz	9553c3e461	Update HOMEPAGE.	2007-09-23 12:02:02 +00:00
wiz	3528e06345	Fix paths for GConf, libglade, libart, libsigc++, lablgtk moves. Bump PKGREVISION.	2007-09-21 13:03:25 +00:00
wiz	cf98dc96e5	Adapt for librsvg rename. Bump PKGREVISION.	2007-09-20 21:37:35 +00:00
wiz	e81cfe4627	Adapt eel dependencies; bump PKGREVISION.	2007-09-20 21:21:36 +00:00
jlam	924886bbe1	Note, add and enable security/mozilla-rootcerts.	2007-09-20 20:03:41 +00:00
jlam	909f41a142	Import security/mozilla-rootcerts: This package provides a script which can be used to extract the root CA certificates distributed by the Mozilla Project into the current working directory and to rehash the existing certificates. The directory can be used by most SSL-aware programs that expect a "CA certificate path".	2007-09-20 20:02:53 +00:00
wiz	42825e73a6	Bump PKGREVISION for gnome-vfs rename.	2007-09-19 23:18:43 +00:00
wiz	e64b358b66	Use gnome-vfs instead of gnome-vfs2.	2007-09-19 23:13:12 +00:00
taca	1ee28b58ab	Use DIST_SUBDIR for changed distfiles noted by wiz@ with private mail. Bump PKGREVISION.	2007-09-19 13:42:01 +00:00
taca	05fb160b50	openssh-4.7p1-hpn12v18.diff.gz has updated without change file name. It seems that it corrected SSH_HPN definition to "-hpn12v18".	2007-09-19 09:08:05 +00:00
wiz	52d25fba0c	Update to 1.09: v1.09 - new method stop_SSL as opposite of start_SSL based on a idea of Bron Gondwana <brong[AT]fastmail[DOT]fm> To support this method the SSL_shutdown handling had to be fixed, e.g. in close a proper unidirectional shutdown should be done while in stop_SSL a bidirectional shutdown - try to make it clearer that thread support is buggy	2007-09-18 21:17:18 +00:00
joerg	8ea6894b6c	Fix build issus on DragonFly with GNUlib and don't use d_reclen as the assertion is ensured already by opendir.	2007-09-15 08:30:51 +00:00
joerg	fad8ac6a38	Hack around stupid GNUlib mess to allow building on DragonFly.	2007-09-14 12:03:37 +00:00
joerg	7b69a8d34f	Fix self-references. Sort PLIST. Use @dirrm instead of rm -rf. Bump revision.	2007-09-14 11:59:39 +00:00
taca	e669d33f13	Update sudo pacakge to 1.6.9p5. 617) Fixed a bug in the IP address matching introduced by the IPV6 merge. 618) For "visudo -f file" we now use the permissions of the original file and not the hard-coded sudoers owner/group/mode. This makes it possible to use visudo with a revision control system. 619) Fixed sudoedit when used on a non-existent file. 620) Regenerated configure using autoconf 2.6.1 and libtool 1.5.24. 621) Groups and netgroups are now valid in an LDAP sudoRunas statement.	2007-09-09 12:54:36 +00:00
wiz	65475deb65	Remove superfluous @dirrm. Bump PKGREVISION.	2007-09-08 09:42:01 +00:00
shannonjr	a8dd436ca5	Correct PLIST ommission and bump PKGREVISION	2007-09-08 09:02:37 +00:00
jlam	07dd3147c6	Convert packages that test and use USE_INET6 to use the options framework and to support the "inet6" option instead. Remaining usage of USE_INET6 was solely for the benefit of the scripts that generate the README.html files. Replace: BUILD_DEFS+= USE_INET6 with BUILD_DEFS+= IPV6_READY and teach the README-generation tools to look for that instead. This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code to continue to support USE_INET6 for pkgsrc-wip until it has been nuked from there as well.	2007-09-07 22:12:10 +00:00
jlam	06ab49ce09	Allow packages that use OpenSSL to specify that they need an OpenSSL built with support for threads. This is done by adding the following line to the package Makefile before the inclusion of openssl/buildlink3.mk: USE_FEATURES.openssl= threads The openssl/builtin.mk file is also adjusted to detect whether or not the built-in OpenSSL was built with support for threads and the result is used accordingly to determine whether or not a pkgsrc OpenSSL is needed.	2007-09-07 17:26:23 +00:00
taca	67217a21ce	Update openssh package to 4.7.1 (4.7p1). Changes since OpenSSH 4.6: ============================ Security bugs resolved in this release: * Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec. Other changes, new functionality and fixes in this release: * sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. * The SSH channel window size has been increased, and both ssh(1) sshd(8) now send window updates more aggressively. These improves performance on high-BDP (Bandwidth Delay Product) networks. * ssh(1) and sshd(8) now preserve MAC contexts between packets, which saves 2 hash calls per packet and results in 12-16% speedup for arcfour256/hmac-md5. * A new MAC algorithm has been added, UMAC-64 (RFC4418) as "umac-64@openssh.com". UMAC-64 has been measured to be approximately 20% faster than HMAC-MD5. * A -K flag was added to ssh(1) to set GSSAPIAuthentication=Yes * Failure to establish a ssh(1) TunnelForward is now treated as a fatal error when the ExitOnForwardFailure option is set. * ssh(1) returns a sensible exit status if the control master goes away without passing the full exit status. (bz #1261) * The following bugs have been fixed in this release: - When using a ProxyCommand in ssh(1), set the outgoing hostname with gethostname(2), allowing hostbased authentication to work (bz #616) - Make scp(1) skip FIFOs rather than hanging (bz #856) - Encode non-printing characters in scp(1) filenames. these could cause copies to be aborted with a "protocol error" (bz #891) - Handle SIGINT in sshd(8) privilege separation child process to ensure that wtmp and lastlog records are correctly updated (bz #1196) - Report GSSAPI mechanism in errors, for libraries that support multiple mechanisms (bz #1220) - Improve documentation for ssh-add(1)'s -d option (bz #1224) - Rearrange and tidy GSSAPI code, removing server-only code being linked into the client. (bz #1225) - Delay execution of ssh(1)'s LocalCommand until after all forwadings have been established. (bz #1232) - In scp(1), do not truncate non-regular files (bz #1236) - Improve exit message from ControlMaster clients. (bz #1262) - Prevent sftp-server(8) from reading until it runs out of buffer space, whereupon it would exit with a fatal error. (bz #1286) * Portable OpenSSH bugs fixed: - Fix multiple inclusion of paths.h on AIX 5.1 systems. (bz #1243) - Implement getpeereid for Solaris using getpeerucred. Solaris systems will now refuse ssh-agent(1) and ssh(1) ControlMaster clients from different, non-root users (bz #1287) - Fix compilation warnings by including string.h if found. (bz #1294) - Remove redefinition of _res in getrrsetbyname.c for platforms that already define it. (bz #1299) - Fix spurious "chan_read_failed for istate 3" errors from sshd(8), a side-effect of the "hang on exit" fix introduced in 4.6p1. (bz #1306) - pam_end() was not being called if authentication failed (bz #1322) - Fix SELinux support when SELinux is in permissive mode. Previously sshd(8) was treating SELinux errors as always fatal. (bz #1325) - Ensure that pam_setcred(..., PAM_ESTABLISH_CRED) is called before pam_setcred(..., PAM_REINITIALIZE_CRED), fixing pam_dhkeys. (bz #1339) - Fix privilege separation on QNX - pre-auth only, this platform does not support file descriptior passing needed for post-auth privilege separation. (bz #1343)	2007-09-07 10:41:11 +00:00
jlam	86ec3742a6	Honor PKG_SYSCONFDIR. The default host keys for dropbear are now found in ${PKG_SYSCONFDIR}/dropbear. Bump the PKGREVISION to 2.	2007-09-06 19:15:10 +00:00
joerg	7ae978be7d	Update to OpenPAM Figwort (20050616): - BUGFIX: Correct several small signedness and initialization bugs discovered during review by the NetBSD team. - BUGFIX: Modify gendoc.pl to sort cross-references in dictionary order within each section. - ENHANCE: if a policy specifies a relative module path, prepend the module directory so we never call dlopen(3) with a relative path. - ENHANCE: add a pam.conf(5) manual page.	2007-09-06 18:54:44 +00:00
jlam	b1fb9270c5	Install the manual pages for dropbear. Bump the PKGREVISION to 1.	2007-09-06 16:31:55 +00:00
jlam	f76b802e8d	Put variable declarations at beginning of a block to work with older compilers.	2007-09-06 16:07:51 +00:00
jlam	f51a7b0324	For the "pam" package option, one needs to include pam.buildlink3.mk.	2007-09-06 15:55:06 +00:00
wiz	4c66b5984c	Fix typo in comment.	2007-09-06 01:12:33 +00:00
drochner	57b1c21bd1	update to 2.0.0 While an update to a .0 version is somehow risky, it finishes the unfortunate state that the pkgsrc gnutls didn't work with the pkgsrc opencdk, which I wouldn't like to go into the next stable branch. Release candidates have worked for me, and there is some time left before the Q3 branch, so I'm confident. changes: * Support for external RSA/DSA signing for TLS client authentication -many X.509 enhancements Support for Supplemental handshakes messages (RFC 4680) * Support for TLS authorization extension (draft-housley-tls-authz-extns-07) * Improve logic of gnutls_set_default_priority() * New APIs to enumerate supported algorithms in the library * Certtool can export more than one certificate to PKCS#12 * Several message translation improvements * Improved manual * Many bugfixes and minor improvements	2007-09-05 21:51:21 +00:00
drochner	aaeee9c668	update to 0.50 changes: - Add DROPBEAR_PASSWORD environment variable to specify a dbclient password - Use /dev/urandom by default, since that's what everyone does anyway - Exit with an exit code of 1 if dropbear can't bind to any ports - Improve network performance and add a -W <receive_window> argument for adjusting the tradeoff between network performance and memory consumption - Fix a problem where reply packets could be sent during key exchange, in violation of the SSH spec. This could manifest itself with connections being terminated after 8 hours with new TCP-forward connections being established - Add -K <keepalive_time> argument, ensuring that data is transmitted over the connection at least every N seconds - dropbearkey will no longer generate DSS keys of sizes other than 1024 bits, as required by the DSS specification. (Other sizes are still accepted for use to provide backwards compatibility)	2007-09-05 21:08:06 +00:00
shannonjr	2cf2fe1967	PLIST fix	2007-09-05 20:43:41 +00:00
drochner	fb494c5a7a	-add DESTDIR support, from Blair Sadewitz (I didn't adopt the libtool change for now because it is not clear for be whether that PAM modules is useful for non-NetBSD.) -block SIGCHLD while the forked helper process is running, so that a calling process with a SIGCHLD handler won't steal the exit status which is used to report success of the authentication. This makes the "dropbear" ssh server usable if started with user privileges. bump revision to 1.1	2007-09-05 20:29:05 +00:00
shannonjr	39c7e2c3da	Update to 0.9.9.1. Changes: - Fix for new libprelude (0.9.15) runtime warning. - Add documentation for SQLite3 in the template configuration file (Sébastien Tricaud <toady at gscore.org>).	2007-09-05 19:07:30 +00:00
shannonjr	957cdce372	Update to 0.9.13. Changes: - Source and Target now use a 16 bits index (required for CorrelationAlert with large number of source/target). CorrelationAlert Alertident now use a 32 bits index (required to link large number of Alert together). - Fix compilation on system without ENOTSUP (fix #227): Include modified patch from Alexandre Anriot <aanriot@atlantilde.com>. conversions preventing PostgreSQL to use indexes (fix #225). - [preludedb-admin] Use separate alert / heartbeat command: this is done to have a coherent implementation of the --offset and --count command line options. - [preludedb-admin] Fix --offset with the load command. - [preludedb-admin] Give the delete table a decent size, should speedup the delete command. - [documentation] preludedb-admin manpage (fix #230), by Pierre Chifflier <chifflier@inl.fr>.	2007-09-05 19:04:00 +00:00
shannonjr	d1f737d6a6	Corrected my misunderstanding of CONF_FILES infrastrure. Fixed several configuration file installation problems.	2007-09-05 18:58:19 +00:00
jlam	a61eb2f649	Move variable declarations to start of block to appease older C compilers.	2007-09-05 17:06:55 +00:00
jlam	061852ab91	Apply fixes for substitution errors reported in PR pkg/36898 by Nicolas Joly. Bump PKGREVISION due to fixed script update_dat.sh script.	2007-09-04 19:43:15 +00:00
shannonjr	7e13317ab9	Correct test for existing configuration file	2007-09-03 14:44:25 +00:00
shannonjr	8f6848356f	Added entry for prelude-pflogger	2007-09-03 13:52:13 +00:00
shannonjr	244b840db0	Prelude sensor for OpenBSD's PF (Packet Filter) that reports to Prelude Manager.	2007-09-03 13:50:49 +00:00
shannonjr	999368ef77	Update to 0.9.10.1. Changes: - Make SSH rules IPv6 compliants, allowing to merge old IPv6 only rules with IPv4 rules. Some additional minor bug fixes (fix #232). - Fix incorrect target user assignment, as well as incorrect PCRE reference in assessment.impact.description (Paul Robert Marino <prmarino1@gmail.com>) (fix #232). - CISCO router acl lists can now use names instead of numbers. This made rule id=500 in cisco-router.rules fail to alert on packet denys on newer cisco devices (Paul Robert Marino <prmarino1@gmail.com>). - Fix Apache formating when Apache logname or user is set (Robin Gruyters <r.gruyters@yirdis.nl> and <andre@vandervlies.xs4all.nl>) (fix #229). - Invalid user.user_id(0).name assignement in SSH rule 1913 (Scott Olihovik <skippylou@gmail.com>) (fix #243). - Various bug fixes and minor improvements.	2007-09-03 13:46:04 +00:00
shannonjr	77bff19d86	Update to 0.9.15.1. Changes: - Fix build error on system that use native awk implementation in place of GNU awk (Pierre Chifflier <chifflier at inl.fr>), fix #256. - Avoid a prelude-string fatal assertion, by denying copy/cloning of an empty prelude-string. - Correction to the 'prelude-admin send' help message. - Convert prelude-string to use prelude_return_if_fail() in place of prelude_log().	2007-09-03 13:43:40 +00:00
wiz	1374ac631c	Reset maintainer: SMTP connections to comet.lbl.gov time out.	2007-09-03 06:12:43 +00:00
jlam	48590f4577	Skip the interpreter check on authsystem.passwd as we don't want to depend on the tcl-expect package. The package MESSAGE file already tells the user what to do.	2007-08-30 20:11:08 +00:00
wiz	1fdc30b3e7	Update to 1.08: v1.08 - make sure that Scalar::Util has support for dualvar (Makefile.PL,SSL.pm) because the perl-only version has has no dualvar	2007-08-30 06:12:11 +00:00
wiz	aa077a7717	Update to 2.0.6. Add support for idea option. From Blair Sadewitz on tech-pkg. Noteworthy changes in version 2.0.6 (2007-08-16) ------------------------------------------------ * GPGSM does now grok --default-key. * GPGCONF is now aware of --default-key and --encrypt-to. * GPGSM does again correctly print the serial number as well the the various keyids. This was broken since 2.0.4. * New option --validation-model and support for the chain-model. * Improved Windows support.	2007-08-29 23:19:06 +00:00
wiz	3dec26722c	Add support for idea option. From Blair Sadewitz in private mail, with some cleanup.	2007-08-29 23:11:37 +00:00
obache	4d8118b980	Switch to New LibIdent, version 0.32. libident 0.32 -------------- # A serious portability fix for *BSD and Solaris was submitted by: Nicolas Rachinsky <nicolas@rachinsky.de>. # Build of sample programs ("testers") was fixed. libident 0.31 -------------- # libtool is used instead of ranlib, so that a shared library can be built automatically if the OS supports it. libident 0.30 -------------- # This new release is meant to provide Internet Protocol version independant support: libident can now handles IPv6 addresses and perform queries over IPv6, as well as IPv4. The IP version is selected automatically. # I also have ported the library to the GNU autotools (autoconf & automake), and removed support for non ANSI C platforms. If you use such an old system, do NOT update. It doesn't support IPv6 anyway.	2007-08-25 14:00:20 +00:00
jlam	bbdf14eb50	Convert to use the emulator framework. XXX This package is out of date and should be updated. It doesn't work XXX on current versions of NetBSD due to the silly way it detects the XXX the running OS and tries to figure out the corresponding binary.	2007-08-23 19:36:00 +00:00
jlam	a517442623	* Convert security/fprot-workstation-bin to use the emulator framework. * Remove unncessary dependency on netbsd32_compat16 on NetBSD/amd64. This package installs statically linked binaries, so there is no need for any shared libraries or ld.elf_so to run fprot. * Stop pretending to support non-NetBSD platforms -- the build and install targets bear no relation to the extracted distfiles on Linux or Solaris. Support will be re-added in the fullness of time.	2007-08-21 23:14:45 +00:00
taca	22134b5756	Replace python's path in RCD_SCRIPTS, files/denyhosts. Bump PKGREVISION.	2007-08-20 07:31:38 +00:00
taca	f29d2e45e2	Add a patch for http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323 . Bump PKGREVISION.	2007-08-18 15:10:38 +00:00
taca	b55392c988	Update sudo package to 1.6.9p4. pkgsrc change: Make these options mutual exclusive: kerberos pam skey. (Really, combinations of kerberos and pam, pam and skey are conflicts.) CHANGES: 609) Worked around a bug ins some PAM implementations that caused a crash when no tty was present. 610) Fixed a crash on some platforms in the error logging function. 611) Documentation improvements. Sudo 1.6.9p1 released. 612) Fixed updating of the saved environment when the environ pointer gets changed out from underneath us. Sudo 1.6.9p2 released. 613) Fixed a bug related to supplemental group matching introduced in 1.6.9. Sudo 1.6.9p3 released. 614) Added IPv6 support from YOSHIFUJI Hideaki. 615) Fixed sudo_noexec installation path. 616) Fixed a K&R compilation error. Sudo 1.6.9p4 released.	2007-08-18 15:09:11 +00:00
obache	ed23cefa1e	Fixed miss of upstream when split apart seahorse-agent and seahorse-daemon into different processes. Should fix PR 36256. seahorse-agent is now setuid. Bump PKGREVISION.	2007-08-18 13:19:56 +00:00
obache	45fe7aeabf	Fix build problem on ssh-less environment, reported in PR 36793. Let to depend on ssh package.	2007-08-18 11:10:08 +00:00
obache	cac8bfb964	Update HOMEPAGE.	2007-08-18 07:28:48 +00:00
tnn	38c78edf17	Revbump sweep of all libevent consumers due to update to libevent-1.3d.	2007-08-16 09:27:03 +00:00
rillig	6aecf48699	Added mk/misc/category.mk, which contains the definitions that are only useful for category Makefiles, as opposed to bsd.pkg.subdir.mk, which is also relevant for the top-level directory. Adjusted the category Makefiles.	2007-08-13 08:12:41 +00:00
schmonz	d76d670a37	Make pthreads support optional. Bump PKGREVISION.	2007-08-11 14:41:36 +00:00
jlam	a1df00f396	Update security/courier-authlib to 0.59.3. Changes from version 0.58 include: * authpipe.c (auth_pipe_pre): Fix leak when authpipe module is enabled, but the actual authpipe script/external prog is not installed. * authmysqlrc: Implement SSL-encrypted MySQL connections * authldaplib.c (l_simple_bind_s): Fix anon binds. * authldaplib.c (auth_ldap_enumerate): Fix LDAP account enumeration * userdb/makeuserdb.in: Added the -f option to makeuserdb * authldaplib.c: Try to recover when the LDAP server closes the persistent socket, for inactivity.	2007-08-10 17:57:21 +00:00
gdt	8909270646	# ../licommon/libcommon.a # reported upstream, should be fixed in 2.0.6 MAKE_JOBS_SAFE= no	2007-08-10 15:46:23 +00:00
tnn	6bff41409f	for modular, also needs libSM.	2007-08-09 20:28:10 +00:00
tnn	f5556d4538	Enable modular X.org support, PR pkg/36760.	2007-08-09 20:15:38 +00:00
gdt	05afd457bf	Set INFO_FILES, so that info/dir is handled correctly. May also fix build on Dragonfly where info file is misinstalled in share/info.	2007-08-08 19:57:32 +00:00
taca	0908d547e2	Update fprot-workstation-bin pacakge to 4.6.8. Changes are unknown.	2007-08-07 21:42:55 +00:00
adrianp	f8d42e5581	Add CONFLICTS+=pkg_install>=20070714	2007-08-05 21:03:16 +00:00
jnemeth	30ab614638	this package now installs epa.info	2007-08-05 08:38:26 +00:00
tnn	570236364e	Add a target configuration for Tru64 with gcc.	2007-08-04 14:29:43 +00:00
shannonjr	6392c19eca	Update to Version 2.0.5. Changes: * Switched license to GPLv3. * Fixed bug when using the --p12-charset without --armor. * The command --gen-key may now be used instead of the gpgsm-gencert.sh script. * Changed key generation to reveal less information about the machine. Bug fixes for gpg2's card key generation.	2007-08-04 12:00:02 +00:00
shannonjr	65ba8191db	Update to 1.0.2 as required by gnupg 2.0.5.	2007-08-04 11:57:16 +00:00
shannonjr	b3ebc7f35a	Update to 0.9.9. Changes: - Update configuration template, add documentation for Prelude generic TCP options. - Implement modified patch from Pierre Chifflier <chifflier@inl.fr> to fix the example log path (fix #224). - Move IDMEF message normalization in the scheduler, rather than doing it upon reception. This remove some load from the server and allow Prelude-Manager own IDMEF messages to go through the normalizer path. - Implement heartbeat->analyzer normalization. - Improve IPv4 / IPv6 address normalization. IPv4 mapped IPv6 addresses are now mapped back to IPv4. Additionally, the Normalize plugin now provide two additionals option: ipv6-only: Map any incoming IPv4 address to IPv6. keep-ipv4-mapped-ipv6: do not map IPv4 mapped IPv6 addresses back to IPv4. - Make a difference between exceptional report plugin failure (example: a single message couldn't be processed) and "global" plugin failure (example: database server is down). We use a different failover for 'exceptional' failure, so that we don't try to reinsert a bogus message (fix #247). - Start of a Prelude-Manager manpages (#236). - Various bug fixes.	2007-08-04 09:31:18 +00:00
shannonjr	ef7b3277bd	Update to 0.9.10. Changes: - Ability to use regular expressions in plugins.rules to define monitored sources, this can be very useful when combined to file globing. - [SPEEDUP] When the "*" keyword is used, the data is passed to the upper layer without trying to match anything. - Fix NULL pointer dereference when a rule reference an existing, but empty context (fix #226). - Remove deprecated use of prelude_client_print_setup_error(), directly handled via prelude_perror(). - Make the log parser more robust.	2007-08-04 09:29:29 +00:00
shannonjr	c558e3963d	Update to release 0.9.12.1. Changes: - Implement an Auto-Refresh system (fix #231). (including code from Paul Robert Marino <prmarino1@gmail.com>). - Ability to filter on missing/offline/online/unknown agents. Make more easier to read each agent status in collapsed mode. - Fix filter load/save/delete issue with translation. - New 'My account' tabs, under the Settings section (fix #241). - New messageid and analyzerid parameters, allowing link to a Prewikka alert from an external tool (previously required a database query in order to retrieve the database event id). - Don't redirect to user listing once an user preference are recorded. Fix changing of another user language by an user with PERM_USER_MANAGEMENT. Display target user language rather than current user language. - Improve the timeline control table layout. - Fix translation of string possibly using plural.	2007-08-04 09:27:35 +00:00
he	51482b903a	Add py-denyhosts, the recently imported package.	2007-08-02 17:28:45 +00:00
he	b2b94c0b3b	Import a package for DenyHosts version 2.6, ref. http://denyhosts.sourceforge.net/ DenyHosts is a script intended to be run by system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks). In short, it does this by monitoring your syslog output for failed login attempts and tweaking /etc/hosts.deny accordingly, and it can optionally send and fetch lists of ssh probers from a central server. Thanks to joerg@ for review and corrections.	2007-08-02 17:27:30 +00:00
gdt	e63906d622	Update to 0.0.14. * Major changes in 0.0.14 epa-file can handle remote files over Tramp. Workaround for a face initialization bug of GNU Emacs. ** Follow the face naming convention of GNU Emacs. * Major changes in 0.0.13 epa-file bug fixes. * Fixed a compatibility bug on XEmacs 21.5. *** Do not mark the buffer as modified. * Major changes in 0.0.12 epa-file.el usability improvements. * Ask recipients only the first time. * Respect epa-armor and epa-textmode. * Customizing epa-file-name-regexp now works. *** Backup files for ".gpg" are also encrypted. Major changes in 0.0.11 Include the EasyPG Assistant user's manual Decode user-id's encoded in UTF-8 with "%" or "\" escape If a user attempt to encrypt data to an untrusted recipient, EasyPG prompt the key-id (it requires GnuPG version 2.0.2 or later) epa-file.el turns off auto-saving by default	2007-07-31 12:32:43 +00:00
taca	56cb208f61	Add a patch from https://bugzilla.mindrot.org/show_bug.cgi?id=1306 . Fix nasty "error: channel 0: chan_read_failed for istate 3" message. Bump PKGREVISION.	2007-07-31 02:29:38 +00:00
joerg	5ac5c16149	Readd the DragonFly libtool.m4 patches.	2007-07-30 08:41:20 +00:00
jlam	33f30156fb	* Add new emulator framework in pkgsrc/mk/emulator that handles all binary-only packages that require binary "emulation" on the native operating system. Please see pkgsrc/mk/emulator/README for more details. * Teach the plist framework to automatically use any existing PLIST.${EMUL_PLATFORM} as part of the default PLIST_SRC definition. * Convert all of the binary-only packages in pkgsrc to use the emulator framework. Most of them have been tested to install and deinstall correctly. This involves the following cleanup actions: * Remove use of custom PLIST code and use PLIST.${EMUL_PLATFORM} more consistently. * Simplify packages by using default INSTALL and DEINSTALL scripts instead of custom INSTALL/DEINSTALL code. * Remove "SUSE_COMPAT32" and "PKG_OPTIONS.suse" from pkgsrc. Packages only need to state exactly which emulations they support, and the framework handles any i386-on-x86_64 or sparc-on-sparc64 uses. * Remove "USE_NATIVE_LINUX" from pkgsrc. The framework will automatically detect when the package is installing on Linux. Specific changes to packages include: * Bump the PKGREVISIONs for all of the suse100* and suse91* packages due to changes in the +INSTALL/+DEINSTALL scripts used in all of the packages. * Remove pkgsrc/emulators/suse_linux, which is unused by any packages. * cad/lc -- remove custom code to create the distinfo file for all supported platforms; just use "emul-fetch" and "emul-distinfo" instead. * lang/Cg-compiler -- install the shared libraries under ${EMULDIR} instead of ${PREFIX}/lib so that compiled programs will find the shared libraries. * mail/thunderbird-bin-nightly -- update to latest binary distributions for supported platforms. * multimedia/ns-flash -- update Linux version to 9.0.48 as the older version is no longer available for interactive fetch. * security/uvscan -- set LD_LIBRARY_PATH explicitly so that it's not necessary to install library symlinks into ${EMULDIR}/usr/local/lib. * www/firefox-bin-flash -- update Linux version to 9.0.48 as the older version is no longer available for interactive fetch.	2007-07-29 05:18:36 +00:00
tnn	c6504f63a7	Work around broken pthread_create configure test on HPUX.	2007-07-28 19:29:57 +00:00
seb	fe72e94b96	Clear USE_LANGUAGES, there is no need for it.	2007-07-27 23:24:17 +00:00
seb	121016f080	Add & enable p5-Crypt-RC4	2007-07-27 23:12:08 +00:00
seb	576322c094	Initial import of p5-Crypt-RC4 version 2.02 into The NetBSD Packages Collection. The Perl 5 module Crypt::RC4 provides a simple implementation of the RC4 algorithm, developed by RSA Security, Inc. Disclaimer: Strictly speaking, this module uses the "alleged" RC4 algorithm. The Algorithm known as "RC4" is a trademark of RSA Security Inc., and this document [the module documentation] makes no claims one way or another that this is the correct algorithm, and further, make no claims about the quality of the source code nor any licensing requirements for commercial use.	2007-07-27 23:10:37 +00:00
gdt	d7922fde3a	Fix location of old distfiles in MASTER_SITE (s/old/OLD/).	2007-07-27 17:28:48 +00:00
jlam	ea2890b4d2	Remove a redundant PKGNAME definition (which matches DISTNAME), and add a fetch location for old distfiles so that we don't need to always keep this package at the latest release.	2007-07-26 19:34:12 +00:00
joerg	e6c367979b	Don't include a reimplementation of strdup, ANSI C is old enough.	2007-07-24 14:26:31 +00:00
tls	e45a7ebbb0	Update sudo to 1.6.9. We don't take the new default of PAM and no other authentication; that can be enabled by adding pam to the package options if users desire.	2007-07-23 16:38:36 +00:00
adrianp	f4f2403b78	PATCH_SITES update	2007-07-22 22:26:04 +00:00
tron	885d73992c	Compile OpenSSL with supports for threads. This allows an application to register callbacks which implement locking primitive to make OpenSSL thread-safe. Bump package revision because of this change.	2007-07-18 13:11:15 +00:00
njoly	7e256bff90	update to v5.10 changes: - More protection : Automatic identification and removal of viruses delivering the next generation of best-of-breed anti-virus scanning engines. It offers improved protection against existing, new and potential threats and increases the depth and breadth of the protection we provide. - It's faster than before : We've listened to our customers who asked for a faster Engine and it delivers superior performance to current McAfee Anti-Virus products on all supported platforms. - Support for many more packed-executable formats in which known malware is often re-packaged for obfuscation purposes.	2007-07-16 20:18:58 +00:00
adrianp	00ea48ba7b	Update to 0.47 Mark as not for NetBSD > 1.x The false positives on NetBSD 2.x and 3.x have been reported upstream to try and address PR #31813	2007-07-11 20:16:33 +00:00
joerg	80fbcad274	Avoid embedding $NetBSD\$ and similiar constructs in-tree files. The strings would be picked up for +BUILD_VERSION and create mismatches when using ident on the same files.	2007-07-10 15:27:57 +00:00
cube	8cc11b7ae6	Fix PLIST [hi xtraeme!]. Bump revision.	2007-07-09 17:32:35 +00:00
minskim	72dbbfe305	Fix configure options when the librack option is given. This fixes the second problem in PR 36617.	2007-07-09 04:27:55 +00:00
minskim	39cd92b470	Make this build with db4. This fixes the first problem in PR 36617.	2007-07-09 03:51:33 +00:00
heinz	40071f7ab6	The packages supports installation to DESTDIR. No compiler required.	2007-07-07 13:07:56 +00:00
ghen	3e9bc94618	Install amavisd-agent as well. Bump PKGREVISION.	2007-07-05 08:36:56 +00:00
jlam	4390d56940	Make it easier to build and install packages "unprivileged", where the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.	2007-07-04 20:54:31 +00:00
jlam	a6f8cbe795	pkgsrc basically follows the BSD man page hierarchy. Install the su and visudo manpages in man/man1, and the sudoers manpage in man/man5. Remove the platform-specific PLISTs that only differed in the location of the man pages. Bump the PKGREVISION to 5.	2007-07-04 20:37:50 +00:00
xtraeme	46e2be0d50	Update to 2.5.2: BUG FIXES - in a milter setup log_id was left undefined, which resulted in log lines without id, and a SQL constraint violation "Column 'am_id' cannot be null" when logging to SQL was enabled. The bug was introduced in 2.5.1; problem reported by Martin Svensson; - suppress a quarantining attempt if the message also needs to be archived to the same location (same sql key or same local filename); reported by Wazir Shpoon; - adjust $socketname in amavisd-release to match its default counterpart in amavisd (i.e. /var/amavis/amavisd.sock); reported by Stanley Appel; And more... please review the Changelog file.	2007-07-03 14:21:06 +00:00
joerg	043fc2f0ed	Fix CVS ID.	2007-07-02 08:36:12 +00:00
tls	d4bffa6d45	On some hosts, this package's configure script fails to detech Heimdal (in fact, it's not clear that there is a good way to do so). The resulting configuration works fine except if it encounters a host that has 3DES but no DES service keys in its keytab. Fix this by explicitly passing 0 ("default enctype") to Kerberos.	2007-07-02 06:04:01 +00:00
joerg	a5a7bfecb1	Don't run clear. Pass down OPSYS and don't run uname -s again.	2007-06-30 18:49:38 +00:00
joerg	275fc7e74e	Force inclusion of RDTSC for now. The package makes no attempt to handle it, CPUs without are rare and detection at runtime is non-trivial. If this ever becomes an issue, more involved magic should be requested upstream.	2007-06-30 18:08:34 +00:00
joerg	9d6c5ad043	configure script is perl, run it with perl.	2007-06-30 16:12:03 +00:00
joerg	f622125847	Must be restricted to PHP4 as adodb is not available for PHP5.	2007-06-30 13:47:38 +00:00
jlam	04e13269d6	Use -[ogm] instead of -[OGM] when passing permissions options to the install script. The latter are special install-sh script options that check whether the invoking user is the root user or not, which is completely unnecessary.	2007-06-26 15:05:50 +00:00
tls	1194ad7ee6	Add file omitted from previous commit.	2007-06-25 23:53:28 +00:00
tls	36ca7970b3	Fix privilege-escalation vulnerability with PKG_OPTIONS.sudo=kerberos: cleanse environment of variables that alter behavior of Kerberos library so the user can't override the default keytab location, and do not ignore missing keytab errors. Prevents root compromise via spoofed KDC on systems with Kerberos libraries but no host key in keytab, no keytab, or keytab overidden via environment. Don't insist that the keytab key be DES -- some Kerberos sites are 3DES/AES only. Somewhat less invasive than the fix Todd incorporated into the 1.6.9 branch of sudo (presently beta) but equivalent (though not as clean).	2007-06-25 09:53:42 +00:00
minskim	7afa15017c	Do not declare static functions in headers.	2007-06-23 08:25:30 +00:00
gdt	4c80c2d36b	Remove RESTRICTED comment about US export control. (While lots of things are restricted, pkgsrc's labeling rules aren't intended to address export control issues, and there are vast numbers of packages with apparently similar export control status and no RESTRICTED.)	2007-06-22 14:20:01 +00:00
minskim	ef19331d18	Set "install" as a .PHONY target so that it works on case-insensitive filesystems.	2007-06-21 18:33:19 +00:00
hubertf	3abcb13260	Don't pull in <net/bpf.h> on MacOS, it's already pulled in via libpcap. XXX Still needs PREFER.libpcap=pkgsrc in mk.conf to build, but it's a step forward.	2007-06-17 01:40:51 +00:00
wiz	4b688a25c8	Update to 0.6.4: Noteworthy changes in version 0.6.4 (2007-06-12) ------------------------------------------------ * Make sure the test suite uses non-guessable file names for temporary files. * Fix a problem in the file handling code. Noteworthy changes in version 0.6.3 (2007-06-06) ------------------------------------------------ * Remove unused references in the opencdk config script. This fixes an error because a variable were not referenced. Interface changes relative to 0.6.2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cdk_dek_get_cipher NEW cdk_dek_get_mdc_flag NEW Noteworthy changes in version 0.6.2 (2007-05-25) ------------------------------------------------ * Fix versioning script of the library. * Bug fixes for the remaining memory leaks. * Better way to handle gcrypt initialization. Interface changes relative to 0.6.1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cdk_lit_format_t NEW functions: cdk_pk_to_fingerprint NEW	2007-06-15 22:42:33 +00:00
joerg	797a7d9543	Slightly change script so that ident sees only the NetBSD CVS ID and it can therefore be detected properly as up-to-date.	2007-06-15 19:03:16 +00:00
gdt	ca88407643	Add RESTRICTED based on license.	2007-06-14 18:58:15 +00:00
gdt	26ec902b25	add RESTRICTED, NO_*_ON_CDROM	2007-06-14 18:40:57 +00:00
gdt	cd8cb61ebf	Add RESTRICTED and NO__ON_ because the license does not grant permissiont to redistribute.	2007-06-14 12:56:43 +00:00
joerg	6c719ef8bd	Fix DESTDIR support.	2007-06-14 08:12:29 +00:00
heinz	7dfe3cb983	Added support for installation to DESTDIR.	2007-06-13 09:50:46 +00:00
wiz	9977387517	Update to 1.07: v1.07 - fix t/nonblock.t on systems which have by default a larger socket buffer. Set SO_SNDBUF explicitly with setsockopt to force smaller writes on the socket	2007-06-12 23:02:40 +00:00
joerg	e16b1b92b0	Reorder subdirectories. The agent wants to modify the installed daemon. No idea how this could have ever worked.	2007-06-12 20:09:11 +00:00
tonio	d0e3a7ee00	Update security/caff to 0.4.10 signing-party (0.4.10-1) unstable; urgency=low * caff: + Fix syntax error in example config variables (Closes: #413020). + Fix perl warnings when calling pgp-fixkey with unknown keyid or with empty signature create date. * gpg-key2ps: + Add '-1' option to only display one column of slips, for extra wide keys (Closes: #399474). * keylookup: + Fix perl warnings caused by empty lines from gpg output. * Drop transitional and now obsolete keylookup package. * Remove no longer needed dependency on mailx.	2007-06-10 21:27:10 +00:00
wiz	7dc66844d6	Replace a patch by setting the proper environment variable. Info provided by the author David Landgren.	2007-06-09 13:18:57 +00:00
heinz	991fe65011	Added support for installation to DESTDIR. "root"-permissions still required because of "chown" and "chmod" commands. Enabled tests.	2007-06-08 15:24:58 +00:00
heinz	d0f3242862	The package supports installation to DESTDIR.	2007-06-08 11:26:04 +00:00
wiz	81a1478481	Update to 1.06: v1.06 - instead of setting undef args to '' in configure_SSL drop them. This makes Net::SMTP::SSL working again because it does not give LocalPort of '' to IO::Socket::INET any more	2007-06-08 08:02:15 +00:00
wiz	452034d449	Update to 0.55: 0.55 2007-06-01 17:34:22 UTC - Added a blocking() method to Net::SSL (and bumped version to 2.81). 0.54 2007-04-12 22:05:26 UTC - Rebadged 0.53_05, since no bugs appear to have surfaced. 0.53_05 - Fixed up incorrect LIBS key in WriteMakefile args. Thanks to David Cantrell for giving me access to an OpenBSD box that revealed this problem. - Added the list of modules that depend on Crypt::SSLeay to the README, as per cpants.perl.org. (think: improvements to the test suite). 0.53_04 2007-03-06 09:39:01 UTC - add diag() info to determine possible reasons for failure as per http://www.nntp.perl.org/group/perl.cpan.testers/2007/03/msg428964.html - Tweaks for Strawberry Perl detection. 0.53_03 2007-03-04 18:30:06 UTC - Adjusted the typemap shims to silence the compiler warnings that occur when sizeof(IV) is larger than sizeof(char *). - use XSLoader for faster loading if available, otherwise fall back to DynaLoader. - Makefile.PL heavily reworked, lots of cruft removed. - Ask to see whether the live tests should be run. - renamed net_sst.t to 01-connect.t - added 02-live.t that performs live HTTPS requests. 0.53_02 2007-01-29 10:02:34 UTC - don't proxy hosts in NO_PROXY environment variable (CPAN bug #11078). - don't send user agent string to proxy unless send_useragent_to_proxy is enabled. (CPAN bug #4759). - Net::SSL bumped to 2.80 0.53_01 2007-01-24 22:21:09 UTC - patch for CPAN #12444 applied (Jeff Lavallee). Net::SSL bumped tp 2.79. - example scripts moved into eg/ directory and the documentation updated. - added a TODO to remind me of what needs to be done. 0.53 2006-12-26 17:21:22 UTC - 0.52_02 deemed stable 0.52_02 2006-12-20 19:29:01 UTC - improved VMS support (CPAN bug #19829). - add a test to see if cert file is readable in Net::SSL::configure_certs (CPAN bug #8498) and Net::SSL version to 2.78. - known working platforms list removed from documentation. Too old, and CPAN Testers has the up-to-date information. - minor documentation improvements. 0.52_01 2006-12-17 - add call to SSL_library_init() in new() - maintenance taken over by brian d foy and David Landgren.	2007-06-08 07:57:10 +00:00
wiz	cc7676ec31	+ Bastille.	2007-06-07 16:50:25 +00:00
rillig	5342a22448	Imported Bastille from pkgsrc-wip. Bastille is a system hardening / lockdown program which enhances the security of a Unix host. It configures daemons, system settings and firewalls to be more secure. It can shut off unneeded services like rcp and rlogin, and helps create "chroot jails" that help limit the vulnerability of common Internet services like Web services and DNS. This tool currently hardens Red Hat (Fedora Core, Enterprise and Legacy/Classic), SuSE, Debian, Gentoo, Mandrake Linux, HP-UX, Mac OS X and Turbo Linux. If run in the preferred interactive mode, it can teach you a good deal about security while personalizing your system security state. Bastille can also assess and report on the state of a system, which may serve as an aid to security administrators, auditors and system administrators who wish to investigate the state of their system's hardening without making changes to such. This assessment functionality has only been tested on Red Hat Linux (Fedora, Legacy, Enterprise) and SUSE systems.	2007-06-06 22:37:59 +00:00
wiz	984a567184	Use included opencdk for now, opencdk-0.6.x is not compatible with gnutls-1.6.x (the stable branch). No further PKGREVISION bumps necessary, because opencdk caused recursive PKGREVISION bumps and afterwards gnutls wouldn't build. Addresses PR pkg/36448.	2007-06-06 06:23:58 +00:00
wiz	16b51cb3da	Update to 0.6.1. Package change: Fix opencdk-config and opencdk.pc. Noteworthy changes in version 0.6.1 (2007-05-12) ------------------------------------------------ * The opencdk.def file is included in the distribution archive, fixes build failures on mingw32. * Some bug fixes for the mingw32 build in combination with WINE. * Now the decryption code uses the name in the literal packet for the output file whenever this is possible. * Take care of absolute file names in literal packets.	2007-06-06 06:11:16 +00:00
wiz	9d27f90a6f	opencdk shlib major changed; bump ABI depends and PKGREVISIONs of affected packages.	2007-06-05 05:36:59 +00:00
wiz	ae15e1fe1e	Update to 0.6.0: Noteworthy changes in version 0.6.0 (2007-05-XX) ------------------------------------------------ * Dropped all internal random, cipher, digest libs and only use gcrypt for such tasks. The library should only provide functions dedicated to parsing and packet creation for the protocol. * Adjust code for the new Libgcrypt interface. Now Libgcrypt >1.2.2 is required to build the code. * This new version introduces an API change and thus incompatibilities to prior versions. * Lots of cleanups all over the place. This also includes simplification for various code parts. * Better support for larger files. * Map the libgcrypt error directly and remove the invalid CDK_Gcry_Error type. * Add more regression tests for the various code parts. * We do not support ElGamal signatures any longer. * Merged patches from the other opencdk branch which is currently used by GnuTLS. * Provide user callback for the stream. As a sample implementation, socket callbacks are implemented and use in cdk_stream_sockopen(). * Drop most of the rfc1991 legacy format. This means we do not generate any rfc1991 data, but we still understand it. An exception is the packet header output. * Removed gnulib interface for now because the lib is currently not in use. * Interfaces changes relative to 0.5.x ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ functions: cdk_stream_tmp CHANGED: is now cdk_stream_tmp_new cdk_stream_new_from_mem CHANGED: new argument and return error code cdk_stream_control CHANGED: is no available any longer cdk_stream_new_from_cbs NEW cdk_stream_mmap_part NEW cdk_keydb_new_from_file NEW cdk_keydb_new_from_mem NEW cdk_keydb_new_from_stream NEW cdk_keydb_import CHANGED: second argument removed. cdk_keydb_pk_cache_sigs DELETED cdk_kbnode_write_to_mem_alloc NEW cdk_lib_startup NEW cdk_lib_shutdown NEW cdk_handle_set_keyring NEW cdk_handle_get_verify_result NEW cdk_subpkt_find_next NEW cdk_subpkt_find_nth NEW cdk_set_progress_handler DELETED cdk_userid_get_pref_array DELETED cdk_pk_encrypt CHANGED: last argument is now gcry_mpi_t cdk_pk_decrypt CHANGED: last argument is now gcry_mpi_t cdk_pk_get_mpi CHANGED: new argument nwritten. cdk_sk_get_mpi CHANGED: new argument nwritten. cdk_pk_release NEW cdk_sk_release NEW cdk_pubkey_to_sexp NEW cdk_seckey_to_sexp NEW cdk_armor_encode_buffer NEW cdk_keygen_set_mdc_feature DELETED cdk_keygen_set_algo_info CHANGED: new argument usage. cdk_seskey_new DELETED cdk_seskey_free DELETED cdk_dek_encode_pkcs1 CHANGED: not public any longer. cdk_dek_decode_pkcs1 CHANGED: not public any longer. cdk_stream_tell CHANGED: return type is now off_t cdk_stream_seek CHANGED: argument is now off_t cdk_pk_check_self_sig NEW constants: CDK_No_Data NEW CDK_CTL_TRUSTMODEL DELETED CDK_CTL_FORCE_DIGEST DELETED CDK_COMPRESS_BZIP2 NEW CDK_MD_SHA{256,384,512} NEW CDK_MD_{TIGER, MD2} DELETED CDK_CIPHER_{SAFER_SK128, DES_SK} DELETED CDK_CTL_COMPAT DELETED structures: cdk_md_hd_t CHANGED: is now gcry_md_hd_t cdk_cipher_hd_t CHANGED: is now gcry_cipher_hd_t cdk_sesskey_t CHANGED: is now gcry_mpi_t	2007-06-05 05:35:19 +00:00
wiz	d9680b8931	Update to 1.6.3: * Version 1.6.3 (released 2007-05-26) New API functions to extract DER encoded X.509 Subject/Issuer DN. Suggested by Nate Nielsen <nielsen-list@memberwebs.com>. Backported from the 1.7.x branch, see <http://lists.gnu.org/archive/html/help-gnutls/2007-05/msg00029.html>. Have PKCS8 parser return better error codes. Reported by Nate Nielsen <nielsen-list@memberwebs.com>, see <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001653.html> and <http://lists.gnupg.org/pipermail/gnutls-dev/2007-May/001654.html>. Fix mem leak for sessions with client authentication via certificates. Reported by Andrew W. Nosenko <andrew.w.nosenko@gmail.com>, see <http://lists.gnupg.org/pipermail/gnutls-dev/2007-April/001539.html>. Fix building of 'tlsia' self test. Earlier some gcc are known to build tlsia linking to $prefix/lib/libgnutls-extra.so rather than the libgnutls-extra.so in the build directory, even though command line parameters look OK. Changing order of some parameters fixes it. ** API and ABI modifications: gnutls_x509_crt_get_raw_issuer_dn: ADD. gnutls_x509_crt_get_raw_dn: ADD.	2007-06-01 20:12:44 +00:00
xtraeme	b346e4618c	Update to 2.5.1. This release adds checking of a number of archive members to improve protection from runaway dearchivers. It fixes SQL quarantining of mail with a null sender, and recognizes PostgreSQL error S8006. Parsing of invalid header has been improved. Calling 'finish' on a SA message object was added. A nonstandard SMTP status code 254 is no longer used, and enforcing of option 8BITMIME is avoid even on 8-bit contents. Checking of eval status was improved to recognize additional failure modes. Disabling of MIME decoding and invoking of a file(1) utility has been made possible. An AV entry for ArcaVir was added.	2007-06-01 04:41:07 +00:00
wiz	3aef777bdf	Fix PLIST -- it assumed that the package would be built with the gpgsm option on by default.	2007-06-01 00:12:35 +00:00
schmonz	e0237edc3d	Use the macosx-bind9-bind8compat hack. Gets the build a little further. XXX This should probably happen by default across pkgsrc on Darwin.	2007-05-30 09:10:26 +00:00
rillig	7f125459d8	Removed some code duplication from the buildlink3 files by using the new pkg-build-options.mk procedure.	2007-05-30 08:54:28 +00:00
obache	6709d7acf6	Pass PAM location to configure script. Pointed out in PR 36386 by Ondrej Tuma.	2007-05-25 07:30:49 +00:00
adrianp	fd28c73bb6	Update to 1.3.6 Lots of updates but some highlights in brief: - Added base64 encoding support for ICMP payload additional table in base_qr y_alert.php -- Juergen Leising - Changed input type of the password field to actually be password in setup3 .php -- Nikns - Fixed Time error in searches -- Jeff Kell - Added FQDN to display -- Jonathan W Miner - Fixed issues with graphing -- Kevin J - Updated tons of HTML for complience -- Marek Cruz	2007-05-18 23:27:22 +00:00
adrianp	e54f59994f	Add PKG_APACHE_ACCEPTED=apache13 apache2 as this package is not supported with apache 2.2.x	2007-05-18 10:23:16 +00:00
peter	da2ced0ef3	Remove myself as maintainer, I don't have the time anymore to keep these packages up to date.	2007-05-18 10:03:30 +00:00
adrianp	0f9e231aaf	11 Apr 2007 - 2.1.1 ------------------- * Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. * Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. * Fixed potential memory corruption when expanding macros. * Fixed error when a collection was retrieved from storage in the same second as creation by setting the rate to zero. * Fixed ASCIIZ (NUL) parsing for application/x-www-form-urlencoded forms. * Fixed the faulty REQUEST_FILENAME variable, which used to change the internal Apache structures by mistake. * Updates to quiet some compiler warnings. * Fixed some casting issues for compiling on NetWare (patch from Guenter Knauf)	2007-05-18 09:20:09 +00:00
heinz	120c892176	Updated to version 0.14. Pkgsrc changes: - Added support for installation to DESTDIR. - p5-Digest-SHA is a new requirement. Changes since version 0.12: =========================== 0.14 February 14, 2005 FIX: The introducion of the keytag warning triggered a bug with RSAMD5 keys, causing RSAMD5 keys not to be loaded. 0.13 December 9, 2005 FEAT: rt.cpan.org 14588 Added support for passing (a reference to) an array of keys to the RRSIG verify function. FIX/FEAT: The Net::DNS::SEC::Private function will for RSA based keys verify if the keytag in the filename is actually correct. Since at parsing the value of the DNSKEY RR flags is not known we test against the currently defined flag values 256 and 257. If we cannot find a keytag match a warning is printed and Private key generation fails This inconsistency was spotted by Jakob Shlyter. FEAT: Added support for SHA256 to the DS RR. Assigned the expected digest type2 for SHA256 type hashes. Note that this makes the Net::DNS::SEC depend on Digest::SHA instead of Digest::SHA1. The default digest type is still set to 1. NB. The code makes assumptions about the IANA assignment of the digest type. The assignment may change. Do not use SHA256 in production zones!! FIX: rt.cpan.org #15662 Roy Arends noticed and patched the label counting did not ignore an initial asterisk label. FIX: Wes Hardaker noticed the default TTL values for created signatures to be different from the TTLs from the data that is being signed. FIX: Wes Hardaker reported there was a problem with validating RRsets that had ownernames with capitals. The fix depends on a fix in Net::DNS::RR that is available in version 0.53_03 or later of the Net::DNS distribution. FEAT: Propper dealing with mnemonics for algorithm and digest type added to DS FIX/FEAT: Mnemonics were written as RSA/MD5 and RSA/SHA1. This has been corrected tp RSASHA1 and RSAMD5, as in the IANA registry. 0.12_02 June 6, 2005 (beta 2 release for 0.13) Bug: new_from_hash would not correctly create the RR since internally typebm is used to store the data this has been fixed so that the following works Net::DNS::RR->new(name=>$name, ttl=>$ttl, type=>"NSEC", nxtdname=>$nxtdname, typelist=>join(" ",@types) ); FEAT: Introduced the "use bytes" pragma to force character interpretation of all the scalars. Any utf processing by perl makes the code behave unpredictable. 0.12_01 April 18, 2005. (beta release for version 0.13) FEAT (!!!): Changed the symantics of the Net::DNS::Keyset::verify method. Read the perldoc for details. The requirement that each key in a keyset has to be selfsigned has been loosened. FEAT: Added a "carp" to the new methods of the NXT RR. Warning that that record is depricated. FEAT: Cleaned the tests so that RRSIG and DNSKEY are used except for SIG0 based tests. FEAT: Changed the name of the siginceptation[SIC] to siginception. Thanks Jakob Schlyter for notifying me of this mistyping. An alias for the method remains available. FEAT: Renamed unset_sep() to clear_sep(). NOTE: To avoid confusion the Net::DNS::SIG::Private class has been removed. Use Net::DNS::SEC::Private! DOC: Added references to RFC 4033, RFC 4034 and RFC 4035. Rewrote parts of the perlpod.	2007-05-17 17:30:21 +00:00
heinz	579135ac6c	Updated to version 5.44. Pkgsrc changes: - The package supports installation to DESTDIR - A C compiler is necessary. Changes since version 5.43: =========================== 5.44 Sat Oct 14 00:42:44 MST 2006 - removed SIGNATURE file from distribution -- spurious errors from CPANPLUS can break build - eliminated ppport.h header file -- significantly reduces size of distribution - modified C functions in src/hmac.c to use ANSI prototypes -- thanks to Jarkko Hietaniemi for patch	2007-05-17 17:00:19 +00:00
heinz	ead53f260a	Updated to version 0.24. Pkgsrc changes: - Package supports installation to DESTDIR. - Removed patch-aa (missing includes when using OpenSSL 0.9.8 were fixed). - patch-ab corrects wrong test count. Changes since version 0.22: ===================================== 0.24 Mon Nov 13 2006 08:21:14 - Fix a bug reported by Mark Martinec <Mark.Martinec@ijs.si> where encrypt could segfault if called with insufficient data; it now informatively croaks instead. - Fix a bug reported by Mark Martinec where check_key would segfault instead of croaking when called on a public key. - Fix decrypt and private_encrypt to croak instead of segfault when called on a public key. - Add an is_private method. - Silence a few compiler warnings about ignoring return values from certain BIO_* methods. 0.23 Wed Apr 12 2006 00:06:10 - Provide 32 bytes of seeding in tests, up from 19. - Stop relying on implicit includes, which disappeared in the 0.98 release of OpenSSL. - Apply patch from Jim Radford <radford@blackbean.org> to add support for SHA{224,256,384,512}	2007-05-17 16:40:18 +00:00
heinz	55b61cefff	The package supports installation to DESTDIR.	2007-05-16 15:25:14 +00:00
shannonjr	43de302502	Update to 0.9.14. Changes: - Implement TCP keepalive settings on platform that support it, check client.conf for details. - When reading prelude-adduser password from a file, remove newline at the end of the string (fix #221). - When we fail to read an IDMEF message, provide more information about the place where the error happened. - Fix an issue with idmef_path_get() on empty path (pointing to the root message). - Various bug fixes and minor API improvements.	2007-05-15 22:40:19 +00:00
agc	69b5ceb206	Add a cast to appease gcc4.	2007-05-13 16:13:10 +00:00
wiz	2e8801824f	Remove some GNOME1 packages that are unmaintained upstream and/or in pkgsrc, in preparation for gnome1-libs removal(). There was no feedback for keeping these packages after my HEADS UP mail to pkgsrc-users a week ago. () More to come before that can happen, though.	2007-05-13 14:39:15 +00:00
shannonjr	09e41c80a5	Update to 0.9.8. Changes: - Initial implementation of the 'thresholding' plugin, allowing you to suppress events after a certain limit/threshold. - Filters hooking to a reporting plugin are now OR'ed instead of being AND'ed. AND is already possible by hooking filtering plugin one with another. - Improved error reporting. - Minor bug fixes.	2007-05-12 12:50:22 +00:00
shannonjr	6af9e05de6	Updated embedded libassuan to 1.0.1	2007-05-12 11:19:18 +00:00
shannonjr	2b1acf378a	Update to version 1.0.1. Changes not provided in release announcement.	2007-05-12 11:11:25 +00:00
shannonjr	e8a0747041	Update to Version 2.0.4. Changes are not described in release announcement.	2007-05-12 11:08:31 +00:00
shannonjr	ea1a45c9fb	Update to 0.9.9. Changes: - Pattern can now be used to specify file to be monitored. - Fix an issue in the detection of buggy writev() FAM notification. - Add bonding.rules, by Paul Robert Marino <prmarino1@gmail.com>. - ModSecurity ruleset update: remove unnecessary fields + ModSecurity 2.0 compatibility. - New Cisco IOS common ruleset, by Alexandre Racine. - Avoid duplicating information in node name and node address. - Add rule ID and revision to the generated alert for each matched rule. Fix #206. - Handle "last" keyword even if the rule does not contain any IDMEF assignment. Fix #218. - Various bug fixes.	2007-05-12 10:00:35 +00:00
agc	625c797253	Add and enable sbd	2007-05-10 18:19:17 +00:00
agc	0ac665d99b	Initial import of sbd-0.5 into the Packages Collection. One-time cipher based back door program for executing emergency commands. Secure Back Door(SBD) is an alternative to leaving SSH open all the time. It is based on a secure one-time keypad method, that insures maximum security. Since SBD is very small, it is less likely to have security exploits, as compared to SSH. Therefore, you could leave an important computer up and running with just sbdd running in the background, and if an emergency came about, you could simple execute a command to bring ssh up, then work on the computer as regular. It would be as simple as doing ./sbd domain.com "/etc/init.d/sshd start", and with the proper key file set, the remote computer would have ssh up and running shortly.	2007-05-10 18:18:16 +00:00
xtraeme	5922b4cedd	p5-Net is not needed anymore as ghen@ reported, bump PKGREVISION.	2007-05-10 12:58:27 +00:00
joerg	63a41f68a2	Doesn't create subdirectory, premake.	2007-05-08 15:51:32 +00:00
xtraeme	0b11ed21bf	Update to 2.5.0. Too many changes to list here, please see: http://www.ijs.si/software/amavisd/release-notes.txt	2007-05-05 15:18:41 +00:00
agc	95ca38424c	Add and enable py-SSLCrypto	2007-05-05 00:05:25 +00:00
agc	72f70f2fc6	Initial import of py-SSLCrypto-0.1.1 into the Packages Collection. SSLCrypto is a package for Python that dramatically eases the task of adding encryption to Python programs. It provides a unified API that is almost totally compatible with that of ezPyCrypto, except that it takes advantage of the OpenSSL Crypto Library to deliver massive improvements in speed and security. After using ezPyCrypto myself, I found that while it performed ok with smaller public key sizes, it proved impossibly slow with larger keys. This slowness, resulting from non-optimal code in its backend (the Python Cryptography Toolkit) meant that on a 1.5 GHz Athlon XP, it was taking several minutes to generate 4096-bit keys. Completely unacceptable if you need real security. Performance is absolutely critical for an encryption API. If slowness deters people from using adequate-sized keys, security will be severely compromised, almost to the extent that there's little point in using encryption in the first place.	2007-05-05 00:03:54 +00:00
tron	9bb2b9aba2	Fix typo in "SUBST_MESSAGE.dl".	2007-05-03 14:23:42 +00:00
wiz	b7b52054dd	Update to 1.05: v1.05 - make session cache working even if the IO::Socket::SSL object was not created with IO::Socket::SSL->new but with IO::Socket::SSL->start_SSL on an established socket	2007-05-03 12:30:20 +00:00
adam	cb94155e14	Changes 2.6.5: * Added all of the patches on Sourceforge, plus those included by Red Hat's Fedora Extras	2007-04-30 19:28:34 +00:00
adam	3b6225abc6	Changes 2.5.8: * Stuff from the Fedora Extras crew	2007-04-30 19:26:23 +00:00
adam	72871c2545	Changes 0.9.9: - Added patch for sigbus error on unaligned data, when doing rapid copies. Changes 0.9.8.1: - Another round of bugfixes	2007-04-30 19:06:47 +00:00
tron	8ea759f724	Update home-page URL.	2007-04-30 12:52:10 +00:00
tnn	6218a22d2f	PR 36233: Make libgcrypt build on NetBSD/hp700. From David H. Gutteridge. Also makes it build on HP-UX and Linux/hppa, tested by me.	2007-04-28 17:46:21 +00:00
tron	bea247486f	Also link with the "dl" library when creating the shared libraries. Another attempt to fix PR pkg/36086.	2007-04-26 21:11:05 +00:00
tnn	4726602c49	Bump PKGREVISIONs to chase update of devel/libevent.	2007-04-25 16:39:40 +00:00
tron	2d5bd3c024	Use all necessary means to convince OpenSSL's "special" build system to link with the "dl" library under Mac OS X if necessary. This should finally fix PR pkg/36086.	2007-04-24 14:10:37 +00:00
heinz	abd6054c1c	Added DESTDIR support.	2007-04-22 09:04:54 +00:00
heinz	82874b8437	As suggested by Joerg Sonnenberger, replaced CHECK_INTERPRETER_SKIP with appropriate values for REPLACE_PERL.	2007-04-22 09:00:21 +00:00
wiz	be84695db3	Update to 1.6.2: * Version 1.6.2 (released 2007-04-18) Fix X.509 signing with RSA-PKCS#1 to set a NULL parameters fields. Before, we remove the parameters field, which resulted in a slightly different DER encoding which in turn caused signature verification failures of GnuTLS-generated RSA certificates in some other implementations (e.g., GnuPG 2.x's gpgsm). Depending on which RFCs you read, this may or may not be correct, but our new behaviour appear to be consistent with other widely used implementations. Regenerate the PKIX ASN.1 syntax tree. For some reason, after changing the ASN.1 type of ldap-UID in the last release, the generated C file built from the ASN.1 schema was not refreshed. This can cause problems when reading/writing UID components inside X.500 Distinguished Names. Reported by devel <dev001@pas-world.com>. Updated translations. API and ABI modifications: No changes since last version.	2007-04-20 06:07:15 +00:00
tron	09d04b1e6d	Make sure that the "dlcompat" related options are actually added to "LDFLAGS". This is another attempt to fix PR pkg/36086.	2007-04-18 14:11:33 +00:00
tron	f7c84b5393	Because OpenSSL uses dlfcn(3) only internally and Mac OS X supports shared library dependences we don't need to include "dlopen.buildlink3.mk" here.	2007-04-17 17:12:09 +00:00

... 5 6 7 8 9 ...

4874 commits