| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
+ move the patch digest/checksum values from files/patch-sum to distinfo
|
|
|
|
openbsd sbin/isakmpd/x509.c 1.46 -> 1.47
|
|
(isakmpd-20010403.tar.gz is placed into ftp.netbsd.org LOCAL_PORTS directory).
major changes from source-changes@openbsd mailing list:
use the hash algorithm found in original certificate for the signature
after it has been patched. from angelos@
For the GETSPI PFKEY message, use the sequence number from the ACQUIRE
message.
Make DES a feature, so isakmpd can compile on Linux (most of the fixed
by newsham@lava.net)
x509 verified to work on NetBSD now
|
|
|
|
|
|
|
|
|
|
too many changes to mention, so pls look at http://www.openbsd.org/plus.html
|
|
|
|
|
|
|
|
BROKEN variable. Unfortunately, no ChangeLog is available.
Patch system dependent make goo to use 'SSLBASE', mirroring it's use in
bsd.pkg.mk, rather than obsolete 'PATENTEDOPENSSLSRC'. Also, replace hard-
coded "/usr/pkg", replacing it with ${LOCALBASE}. Finally, set 'LOCALBASE'
and 'SSLBASE' conditionally within the package, for convenience.
|
|
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).
Specifically,
- - All packages which set USE_SSL just lose their RESTRICTED
variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
no longer available. On this, we're no worse off than before.
[We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
a user to utilize strong encryption (working definition: ability
to encode a message that requires a secret key plus big number
arithmetic to decode).
|
|
|
|
|
|
appropriate.
|
|
more fine-grained NO_{BIN,SRC}_ON_{FTP,CDROM} definitions.
MIRROR_DISTFILES and NO_CDROM are now dead.
|
|
|
|
cope with PATENTEDOPENSSLSRC environment (mk.conf needs to be set)
|
|
assume that a full (i.e. "with RSA") OpenSSL installation already
exists on the system (and thus a dependency on ../security/openssl
is not needed).
|
|
|
|
if you are tired of using racoon, you may want to try it.
(may not work as expected due to PF_KEY differences)
---
This is isakmpd, a BSD-licensed ISAKMP/Oakley (a.k.a. IKE)
implementation. It's written by Niklas Hallqvist and Niels Provos,
funded by Ericsson Radio Systems AB. Currently it is work in
progress, although it can be used for real setups. There are
releases, but this distribution is not a release and is not named with
ordinary version numbers. When you got the source, hopefully the
archive was named with a date which reflects when it was created.
These archives are also known as snapshots and will be created at
irregular intervals and put up on ftp.gsnig.net and ftp.appli.se in
/pub/isakmpd. From Nov 14, 1998 isakmpd is also available in the
OpenBSD main source tree under src/sbin/isakmpd, though slightly
modified because I don't want to carry support files for other OSes in
that distribution. Look at http://www.openbsd.org/ for details on how
to get OpenBSD source.
|
