Commit graph

4672 commits

Author SHA1 Message Date
obache
e1120407b7 Require libgcrypt>=1.2.2. Noticed by Steve Bellovin in pkgsrc-users@.
And also require opencdk>=0.6.5.
2008-05-24 04:59:59 +00:00
tnn
dff5175c58 Remove textproc/p5-String-Random which was a duplicate of
security/p5-String-Random. Merge changes from the textproc one into
the security one.
2008-05-22 19:04:37 +00:00
tnn
1a4e5d5cb6 Update to gnutls-2.2.5.
* Version 2.2.5 (released 2008-05-19)
  Fix flaw in fix for GNUTLS-SA-2008-1-3.
* Version 2.2.4 (released 2008-05-19)
  Fix three security vulnerabilities.  [GNUTLS-SA-2008-1]
  [GNUTLS-SA-2008-1-1]
   libgnutls: Fix crash when sending invalid server name.
  [GNUTLS-SA-2008-1-2]
   libgnutls: Fix crash when sending repeated client hellos.
  [GNUTLS-SA-2008-1-3]
   libgnutls: Fix crash in cipher padding decoding for invalid record lengths.
* Version 2.2.3 (released 2008-05-06)
  Increase default handshake packet size limit to 48kb.
  Fix compilation error related to __FUNCTION__ on some systems.
  Documented the --priority option to gnutls-cli and gnutls-serv.
  Fix fopen file descriptor leak in PSK server code.
  Build Guile code with -fgnu89-inline only when supported.
  Make Camellia encryption work.
2008-05-22 13:18:52 +00:00
obache
3a3654baf5 Update gsasl to 0.2.26.
Based on patch provided by Eric Schnoebelen in PR 38692.
While here, marked as DESTDIR support.
Also fix CONFIGURE option for GSSAPI implement (I don't know from when).

* Version 0.2.26 (released 2008-05-05)

** Translations files not stored directly in git to avoid merge conflicts.
This allows us to avoid use of --no-location which makes the
translation teams happier.

** Build fixes for the documentation.

** Update gnulib files.

* Version 0.2.25 (released 2008-03-10)

** gsasl: Fix buffering issue to avoid mixing stdout/stderr outputs.
This would manifest itself when redirecting output to a pipe, such as
when used with Gnus.  Reported by Enrico Scholz
<enrico.scholz@informatik.tu-chemnitz.de>, see
<http://thread.gmane.org/gmane.comp.gnu.gsasl.general/123>.

** Fix non-portable use of brace expansion in makefiles.

* Version 0.2.24 (released 2008-01-15)

** Link self-tests with gnulib, to fix link failures under MinGW.

* Version 0.2.23 (released 2008-01-15)

** Improve CRAM-MD5 self-test to detect if challenges are the same.

** Improve gsasl --help and --version to conform with GNU standards.

** Use gettext 0.17.

** Update gnulib files.

* Version 0.2.22 (released 2007-10-08)

** Development git tree moved to savannah.
See <https://savannah.gnu.org/projects/gsasl/>.

** Fix warnings when building the tool 'gsasl'.

** Update gnulib files.
2008-05-21 15:22:56 +00:00
obache
1f8accbf4c Fix MAINTAINER address typo since initial import.
tech-pkg at jp.NetBSD.org => tech-pkg-ja at jp.NetBSD.org
2008-05-17 08:22:56 +00:00
drochner
0cb815d245 update to 1.7.3
changes:
-direct-tcpip support
-bug fixes

pkgsrc change: disable use of Python setuptools
	(gives unpredictable results)
2008-05-15 18:27:43 +00:00
wiz
a7abc37f1c Fix build on NetBSD-current with openssl-current, by adding a "const". 2008-05-15 11:06:05 +00:00
jwise
00cd99382b libhcrypto.la only seems to get installed if we're building on 3.x or older,
so make it only end up in the PLIST if that is the case.
2008-05-14 18:01:26 +00:00
taca
6c7222dc28 Update security/seudo pacakge to 1.6.p16.
Major changes since Sudo 1.6.9p15:

 o There was missing whitespace before the ldap libraries in the Makefile
   for some configurations.

 o LDAPS_PORT may not be defined on older Solaris LDAP SDKs.

 o If the LDAP server could not be contacted and the user was not present
   in sudoers, a syntax error in sudoers was incorrectly reported.
2008-05-14 14:00:15 +00:00
agc
650bfc74c8 Add and enable stegtunnel 2008-05-09 21:40:34 +00:00
agc
6596cdb087 Initial import of stegtunnel-0.4 into the packages collection.
Stegtunnel provides a covert channel in the IPID and sequence number
	fields of any desired TCP connection.  It requires the server and
	client to have a previously shared secret in common to detect and
	decrypt the data.
2008-05-09 21:39:17 +00:00
joerg
a235d3b925 Supports DESTDIR. 2008-05-08 18:59:38 +00:00
joerg
b9d9951b4c Supports DESTDIR 2008-05-08 18:32:19 +00:00
tonnerre
2f84995386 Fix build of OpenSSL on NetBSD/amd64 (4.0 and current tested) 2008-05-08 14:04:25 +00:00
jwise
6995e3bc58 Add missing library (libhcrypto) to PLIST, allowing sudo to build against
this heimdal on 3.x.

Bump PKGREVISION.
2008-05-05 02:26:03 +00:00
jlam
c98cfb0b82 Note addition of security/ruby-ezcrypto. 2008-05-01 21:10:19 +00:00
jlam
a353970006 Initial import of ruby18-ezcrypto-0.7 as security/ruby-ezcrypto.
EzCrypto is an easy-to-use wrapper around the poorly documented OpenSSL
Ruby library.  Features include:

    * Defaults to AES 128 CBC
    * Will use OpenSSL library for transparent hardware crypto support
    * Single-class object-oriented access to most commonly used features
    * Ruby-like syntax
2008-05-01 21:09:47 +00:00
jmmv
0d3662ee66 Drop maintainership
Stop lying and drop maintainership of these packages.  I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
2008-04-30 13:38:14 +00:00
shannonjr
753cd7d5a3 Re: pkg/38549 (Support for DragonFly to security/pcsc-lite)
Synopsis: Support for DragonFly to security/pcsc-lite
Incorporated fix submitted by Hasso Tepper.
2008-04-30 13:34:28 +00:00
shannonjr
6c169bd86d Re: pkg/38550 (Support for DragonFly to security/ccid)
Synopsis: Support for DragonFly to security/ccid
Incorporated fix submitted by Hasso Tepper.
2008-04-30 13:32:21 +00:00
shannonjr
bc762658a7 Add patch to conditionally include <stdint.h> based on the symbol
HAVE_STDINT_H generated by configure. This is required for
compilation on Solaris 9.
2008-04-30 11:39:24 +00:00
wiz
d01506e74b Update to 1.4:
Version 1.4 (released 2008-04-21)
- Update gnulib files.
- Replace uses of alloca with malloc.
2008-04-29 11:45:55 +00:00
wiz
1cb31b9db7 Update to 1.4.1:
Noteworthy changes in version 1.4.1 (2008-04-25)
------------------------------------------------

 * Fixed a bug introduced by 1.3.1 which led to the comsumption of far
   too much entropy for the intial seeding.

 * Improved AES performance for CFB and CBC modes.

 * Removed build problems for the Padlock support.
2008-04-29 11:03:50 +00:00
bouyer
a02c5da190 Add py-smbpasswd 2008-04-28 22:05:05 +00:00
bouyer
31cf4566e4 py-smbpasswd version 1.0.1
This module can generate both LANMAN and NT password hashes, suitable for
use with Samba.
2008-04-28 22:03:53 +00:00
shannonjr
8e0349434d Update to 2.0.9. Changes:
* Enhanced gpg-connect-agent with a small scripting language.
* New option --list-config for gpgconf.
* Fixed a crash in gpgconf.
* The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the
   pinentry.
 * Fixed the auto creation of the key stub for smartcards.
 * Fixed a rare bug in decryption using the OpenPGP card.
 * Creating DSA2 keys is now possible.
 * New option --extra-digest-algo for gpgsm to allow verification of
   broken signatures.
 * Allow encryption with legacy Elgamal sign+encrypt keys with option
   --rfc2440.
2008-04-28 14:54:27 +00:00
shannonjr
8f8197707f Re: pkg/38508 (gnupg2 won't build)
Builds without 'enable-maintainer-mode' being set
2008-04-28 14:21:27 +00:00
shannonjr
c786e8b6b2 Update to 0.9.14. Changes:
- Let the user choose the type of sorting (default to time descending,
  available: time asc/desc, count asc/desc).
- Implement Prewikka Asynchronous DNS resolution in alert view
  as well as message summary (require twisted.names and twisted.internet),
  see the additional dns_max_delay settings parameters in prewikka.conf.
- In the alert summary view, handle portlist and ip_version service fields,
  and show alert messageid.
- Fix exception when rendering ToolAlert.
- Fix double classification escaping (could result in non working link
  for alert with classification containing escaped character).
- Improvement to heartbeat retrieval (heartbeat view speedup).
- Correct typo (fix #275), thanks Scott Olihovki <skippylou@gmail.com>
  for pointing this out.
- Polish translation, by Konrad Kosmowski <konrad@kosmosik.net>.
- Update to pt_BR translation, by Edelberto Franco Silva <edeunix@edeunix.com>
- Various bug fixes and cleanup.
2008-04-28 10:59:42 +00:00
shannonjr
29d33b2356 Update to 0.9.12.2. Changes:
- [rulesets]: Remove successful/failure keyword from classification
  (use IDMEF completion). Analyzer class sanitization.
- [nagios] Handle Nagios V2 log entry (fix #283).
- [spamassassin] Fix incorrect AdditionalData assignement.
- New Suhosin ruleset, by Sebastien Tricaud <toady@inl.fr>
- Fix invalid logfile inconsistency alert that could be triggered
  in a rare case, after a renaming detection. Alert improvement.
- On logfile inconsistency alert, do not re-analyze the whole file.
- Remove the 1024 bytes per PCRE reference limit.
- Minor bug fixes, build system cleanup.
2008-04-28 10:54:08 +00:00
shannonjr
d53d7b9ff0 New patch required for 0.9.17 2008-04-28 10:52:40 +00:00
shannonjr
7634cc570d Update to 0.9.17. Changes:
- Implement RFC 4122 UUIDv1 identifier generation, more resistant to
  duplicate than our previous implementation in case of clock skew, or
  multiple client with the same analyzerid sending alert in parallel.
- You can now provide NULL value to idmef_path_set() in order to
  destroy existing value within an IDMEF message.
- Unify memory handling of value retrieval through idmef_path_t. This
  allow the user to retrieve and keep any values, even through the
  associated IDMEF message is freed.
- Build system cleanup, enable RELRO when possible.
- Implement PRELUDE_CLIENT_FLAGS_AUTOCONFIG, which is set by default,
  but that applications might unset in order for their client not to
  read the default profile/global configuration.
- Fix possible assertion when destroying un-started prelude-client.
- Improvement to the prelude-io API, the user might now hook its own
  handling function.
- Fix dumping of (not) NULL criteria operator to string. Remove
  gratuitous space insertion when dumping criteria.
- Headers fixes for C++ build.
- Fix printing and cloning of empty IDMEF string.
- In IDMEF to string convertion code, print <invalid enum value> in
  place of NULL on invalid enumeration value.
- Various bug fixes.
2008-04-28 10:51:49 +00:00
frueauf
8255221254 Set MAINTAINER to pkgsrc-users@NetBSD.org to indicate anyone can work on fixes for those packages. 2008-04-27 18:14:03 +00:00
tnn
351ceffa01 Update to OpenSSH 5.0p1.
Changes since 4.7:
- fix two security issues
- chroot support for sshd(8)
- sftp server internalized in sshd(8)
- assorted bug fixes
2008-04-27 00:34:27 +00:00
tnn
97822f1b10 Fix DEPENDS for Python 2.5. 2008-04-25 22:30:47 +00:00
tnn
29075003c4 Don't hardcode PYPKGPREFIX in bl3.mk 2008-04-25 22:16:20 +00:00
joerg
a77e7015fe Update PYTHON_VERSIONS_COMPATIBLE
- assume that Python 2.4 and 2.5 are compatible and allow checking for
fallout.
- remove PYTHON_VERSIONS_COMPATIBLE that are obsoleted by the 2.3+
default. Modify the others to deal with the removals.
2008-04-25 20:39:06 +00:00
jlam
9080934d3b Fix detection of openssl configuration directory on NetBSD so it's
/etc/openssl only if USE_BUILTIN.openssl is "yes".
2008-04-25 20:06:15 +00:00
smb
a24a1950a1 Fix function prototype mismatch 2008-04-25 15:16:31 +00:00
tnn
a18f03ef3a revbumps due to libevent update. 2008-04-22 18:06:09 +00:00
adam
18b56f1131 Changes 2.1.18:
This version includes compilers for Cisco PIX and IOS access lists which
were released under GPL.
2008-04-21 15:43:15 +00:00
jnemeth
ad43885514 sort 2008-04-20 02:48:38 +00:00
drochner
be979fabcc update to 2.22.1
This switches to the gnome-2.22 release branch.
2008-04-15 18:53:42 +00:00
wiz
8015905674 Update to 1.0:
Ignore temporary build files
make make install install stuff.
Bump NEWS.Debian.
Proposed solution for #462897: unconditionally sync keys between
normal gnupg home and caff gnupg home on startup, to cope with
changed keys.
2008-04-13 22:26:34 +00:00
schmonz
077f92a68f Update to 0.90. From the changelog:
- Added support for chaining modules within the version client library.
  To use this, specify the module string as a list of modules separated
  with commas. For example:

	cvm-command:/path/to/module,cvm-local:/path/to/socket

  This enhancement deprecates the cvm-chain module.

- Introduced an "out of scope" fact, to be used on credential rejection
  results when the supplied credentials are outside of the scope of
  authority of the module. The cvm-vmailmgr and cvm-qmail modules
  report this fact as appropriate, and cvm-chain copies it as
  appropriate from the modules it invokes.

- A random anti-spoofing tag is added to all version 2 client requests.
  Its length is set by $CVM_RANDOM_BYTES and defaults to 8.

- Fixed a bug that caused the domain output to be set incorrectly when
  doing qmail lookups with a domain not in the control files with
  $CVM_QMAIL_ASSUME_LOCAL set.
2008-04-13 06:51:19 +00:00
jlam
841dfa0e7a Convert to use PLIST_VARS instead of manually passing "@comment "
through PLIST_SUBST to the plist module.
2008-04-12 22:42:57 +00:00
wiz
5eb83dd9bc Remove non-standard qt4/lib/pkgconfig directory. Bump PKGREVISION. 2008-04-12 10:35:17 +00:00
jlam
ba8d4b3c72 Remove unnecessary PLIST_SUBST definition -- the PLIST is dynamic through
the use of AUTHLIB_PLIST, so we don't need to comment stuff out.
2008-04-10 20:56:33 +00:00
drochner
2a4296c275 update to 2.22.1
This switches to the gnome-2.22 release branch.
2008-04-10 16:53:44 +00:00
wiz
a865b2e1c4 Fix path in DEPENDS line. 2008-04-10 07:56:09 +00:00
taca
87c3f03083 Fix build problem with hpn-patch option enabled. 2008-04-08 06:36:47 +00:00