Commit graph

15 commits

Author SHA1 Message Date
wiz
9f0eb292c5 crudesaml: add SHA512 checksum to distinfo 2019-05-02 08:55:26 +00:00
wiz
c20ad4a6db crudesaml: use https 2019-05-02 08:55:15 +00:00
manu
f9a6cc4a8e Updated security/crudesaml to 1.9
Change since 1.8: Fix crash on PAM intialization failure
2017-08-13 15:05:33 +00:00
manu
ee305a3815 Update crudesaml to 1.8
Changelog since previous version in pkgsrc

crusdesaml-1.8          2017-05-26
Fix crash introduced server side in 1.6 for saml_log()

crusdesaml-1.7          2017-05-22
Only iterate on XML_ELEMENT_NODE nodes

crusdesaml-1.6          2017-05-20
Typos in man pages (Florian Best)
Don't log the password length if it is too small (Florian Best)
Stop if wxmlXPathRegisterNs failed (Florian Best)
autoconf: Remove duplicate $(DESTDIR) (Florian Best)
PAM: Require only one provider (Florian Best)
PAM: No SONAME versioning (Philipp Hahn)
autoconf: Only strictness foreign (Philipp Hahn)
PAM: fix static PAM module build (Philipp Hahn)
Hide internal symbols (Philipp Hahn)
Fix varadic function SIGSEGV (Philipp Hahn)
Fix crash when using saml_log()/saml_error() in SASL client plugin

crusdesaml-1.5          2012-11-13
mod_shib2 compatibility, debug messages (Jan Tomasek)
2017-05-25 03:17:41 +00:00
agc
5293710fb4 Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 01:17:40 +00:00
wiz
7c3f61c60f Remove PKGREVISION setting from Makefile.common. This should never be here.
Noted by Matthias Ferdinand on pkgsrc-users.
2015-08-07 11:16:16 +00:00
manu
6b72428f50 Bug fix from upstream so that SAML assertion are correctly readen. 2014-07-22 09:47:37 +00:00
obache
e8ac75578a exactly specify base directory of using packages for configure. 2014-01-09 05:07:05 +00:00
manu
e12e7d7167 Update crudesaml to 1.4: fix build problems 2012-11-08 08:48:13 +00:00
manu
c3950594bb Update crudesaml to 1.2. The only change is to allow compression of the
SAML assertion in SAML plugin
2011-11-19 17:22:37 +00:00
manu
129ac552e7 Update to 1.1, which allows to select what timeframe should be validated:
assertion and/or session
2010-06-05 20:36:30 +00:00
wiz
579796a3e5 Recursive PKGREVISION bump for jpeg update to 8. 2010-01-17 12:02:03 +00:00
wiz
1af8055190 Remove superfluous line. 2009-09-22 13:10:28 +00:00
taca
4292dec049 Add a trailing slash to MASTER_SITES. 2009-09-14 06:14:14 +00:00
manu
0b9daa7c95 SASL is a method for adding authentication support to connection-based
protocols.  To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection
of subsequent protocol interactions.  If its use is negotiated, a security
layer is inserted between the protocol and the connection.

PAM provides a way to develop programs that are independent of
authentication scheme.  These programs need "authentication modules" to be
attached to them at run-time in order to work.  Which authentication module
is to be attached is dependent upon the local system setup and is at the
discretion of the local system administrator.

This package contains a SASL plugin and a PAM module that perform a crude
check on a SAML authentication assertion. The assertion signature and date
are verified, and access is granted on behalf ot the user taked for a
onfigurable attribute.

The only protection against replay attacks is the assertion validity dates
checks, this authentication is therefore secure only if the SAML
authentication assertion remains secret. The assertion has the same role
as a web cookie used for authentication.
2009-09-13 19:57:13 +00:00