Age | Commit message (Collapse) | Author | Files | Lines |
|
This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.
Bumps PKGREVISION.
|
|
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
|
|
|
This release brings:
- [server] Add MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum
number of seconds for client-specified timeouts in SPA packets. This
fixes issue #226 which was spotted by Jeremiah Rothschild.
- [server] Bug fix in CMD_EXEC mode to make sure to call exit() upon any
error from execvpe(). Without this fix, additional fwknopd processes
would be started upon a user specifying a command without the necessary
permissions. This bug was reported by Stephen Isard.
- [build] Jeremie Courreges-Anglas and Ingo Feinerer contributed a patch
to fix endian detection on OpenBSD systems based on information
contained here: https://www.opengroup.org/austin/docs/austin_514.txt
- [client/server] (Michael Stair) Added client and server infrastructure
written in Erlang. See the erlang/ directory.
|
|
|
|
pkglint -Wall -F --only aligned --only indent -r
No manual corrections.
|
|
fwknop stands for the "FireWall KNock OPerator", and implements an authorization
scheme called Single Packet Authorization (SPA). This method of authorization is
based around a default-drop packet filter (fwknop supports iptables and
firewalld on Linux, ipfw on FreeBSD and Mac OS X, and PF on OpenBSD) and
libpcap. SPA is essentially next generation port knocking.
|