summaryrefslogtreecommitdiff
path: root/security/spiped
AgeCommit message (Collapse)AuthorFilesLines
2015-03-04use c99 to fix build on illumoswiedi1-1/+2
2015-02-22Update spiped to 1.5.0wiedi2-6/+6
Changelog: spiped-1.5.0 * Attempt to set the TCP_NODELAY socket option on connections, in order to avoid punishing latencies from TCP nagling.
2014-10-21Update spiped to 1.4.2wiedi2-6/+6
Changelog: spiped-1.4.2 * Fix crash on platforms which support AESNI (i386, amd64) but do not automatically provide 16-byte alignment to large memory allocations (glibc, possibly others).
2014-09-08Update spiped to 1.4.1wiedi2-7/+6
spiped-1.4.1 * Fix build on OS X, and improve strict POSIX compliance. * Improved zeroing of sensitive cryptographic data. spiped-1.4.0 * Add automatic detection of compiler support (at compile-time) and CPU support (at run-time) for x86 "AES New Instructions"; and when available, use these to improve cryptographic performance. * Add support for -g option, which makes {spiped, spipe} require perfect forward secrecy by dropping connections if the peer endpoint is detected to be running using the -f option.
2014-08-18change smf manifest to use startd/duration child, this prevents useless ↵wiedi3-5/+10
creation of pid files
2014-07-24Make sure RPATH to libcrypto is added, fixes check-shlibs-elf.jperkin1-2/+6
2014-06-17fix SMF Manifest installation by not overwriting INSTALLATION_DIRSwiedi1-2/+2
2014-06-12needs openssl as suggested by bulk buildwiedi1-1/+2
2014-05-14Use PKG_SYSCONFDIR.jperkin2-4/+5
2014-05-14Add SMF manifestwiedi4-2/+92
2014-04-21added man pages deserve a PKGREVISION bumbwiedi1-1/+2
2014-04-21Fix build on SunOS and include man pageswiedi2-3/+13
2014-04-18Import spiped-1.3.1 as security/spiped.wiz4-0/+49
spiped (pronounced "ess-pipe-dee") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key. Note that spiped: 1. Requires a strong key file: The file specified via the -k option should have at least 256 bits of entropy. ('dd if=/dev/urandom bs=32 count=1' is your friend.) 2. Does not provide any protection against information leakage via packet timing: Running telnet over spiped will protect a password from being directly read from the network, but will not obscure the typing rhythm. 3. Can significantly increase bandwidth usage for interactive sessions: It sends data in packets of 1024 bytes, and pads smaller messages up to this length, so a 1 byte write could be expanded to 1024 bytes if it cannot be coalesced with adjacent bytes. 4. Uses a symmetric key -- so anyone who can connect to an spiped "server" is also able to impersonate it.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-18 00:57:18 +0000