| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
linked from a particular package, and add a pre-configure target to
the buildlink.mk file to more painlessly use buildlink.mk files. A
${BUILDLINK_TARGETS} variable still exists in case a package _must_
define NO_CONFIGURE.
|
|
|
|
|
|
without needing -traditional. This fixes socklen_t lossage mentioned in
the README.netbsd file. This was tested on i386 NetBSD-1.5 and -current.
|
|
* Use NetBSD's getpass() function instead of the homegrown one, as the
homegrown one doesn't seem to hide the password when it is being entered.
* Add a rc.d style script to start cfsd, and also install the documentation
for the filesystem.
* Rename c* commands to cfs_* to avoid conflicts with coda programs with
a similar name.
|
|
homegrown one doesn't seem to hide the password when it is being entered.
* Add a rc.d style script to start cfsd, and also install the documentation
for the filesystem.
* Rename c* commands to cfs_* to avoid conflicts with coda programs with
a similar name.
|
|
Noted by Kimmo Suominen. Bump to 1.9.
|
|
|
|
|
|
and alpha. Discussed with agc.
|
|
jlam has time to merge them, on request by jlam.
|
|
CFS pushes encryption services into the UN*X file system. It supports
secure storage at the system level through a standard UN*X file system
interface to encrypted files. Users associate a cryptographic key with the
directories they wish to protect. Files in these directories (as well as
their pathname components) are transparently encrypted and decrypted with
the specified key without further user intervention; cleartext is never
stored on a disk or sent to a remote file server. CFS employs a novel
combination of DES stream and codebook cipher modes to provide high
security with good performance on a modern workstation. CFS can use any
available file system for its underlying storage without modification,
including remote file servers such as NFS. System management functions,
such as file backup, work in a normal manner and without knowledge of the
key.
|
|
which is not TRT.
|
|
|
|
|
|
packages collection.
CFS is an encrypting file system for Unix-like OSs. It uses NFS as
its interface, and so is reasonably portable. The FS code dates back
to 1989, and the crypto to 1992, so it is showing signs of age. This
code should be regarded as completely unsupported; a complete rewrite
will follow eventually.
Please don't download this code if you're in a place that's forbidden
(under US or local law) to export cryptographic software from the US
to, or if you're on the State Department's "Denied Persons List." If
you aren't sure, ask a good lawyer.
|
|
big endian. Makes gnupg work with IDEA support on ppc machines.
XXX: Probably similar changes needed for some other big-endian platforms.
|
|
Changes:
Fixed a format string bug which is exploitable if --batch is not used.
Checked all translations for format strings bugs.
Removed the Russian translation due to too many bugs.
Fixed keyserver access and expire time calculation.
|
|
|
|
|
|
used by other packages.
|
|
|
|
|
|
|
|
|
|
RATS, the Rough Auditing Tool for Security
|
|
0.11 2001/05/20
* Defining line_not_blank().
Stefan H. Holek <stefan@epy.co.at>
* Enhancing Public_Key_Encrypted_Session_Key_Packet().
Stefan H. Holek <stefan@epy.co.at>
Brian M. Carlson <karlsson@hal-pc.org>
0.10 2001/05/08
* Fixing key_server_preferences().
* Fixing signature_multi_precision_integer().
0.09 2001/05/05
* Implementing additional_decryption_key() like revocation_key().
Stefan H. Holek <stefan@epy.co.at>
|
|
|
|
Important Changes:
==================
WARNING: SSH protocol v2 is now the default protocol version
use the 'Protocol' option from ssh(1) and sshd(8) if
you want to change this.
SSH protocol v2 implementation adds support for:
HostbasedAuthentication, similar to RhostsRSA in SSH protocol
v1
Rekeying (negotiate new encryption keys for the current SSH
session, try ~R in interactive SSH sessions)
updated DH group exchange:
draft-ietf-secsh-dh-group-exchange-01.txt
client option HostKeyAlgorithms
server options ClientAliveInterval and ClientAliveCountMax
tty mode passing
general:
gid swapping in sshd (fixes access to /home/group/user based
directory structures)
Dan Kaminsky <dankamin@cisco.com> contributed an experimental
SOCKS4 proxy to the ssh client (yes, client not the server).
Use 'ssh -D 1080 server' if you want to try this out.
server option PrintLastLog
improvements for scp > 2GB
improved ListenAddress option.
You can now use ListenAddress host:port
improved interoperability (bug detection for older implementations)
improved documentation
|
|
|
|
|
|
Some pkg related changes by me.
Changes since 1.0.4:
* WARNING: The semantics of --verify have changed to address a
problem with detached signature detection. --verify now ignores
signed material given on stdin unless this is requested by using
a "-" as the name for the file with the signed material. Please
check all your detached signature handling applications and make
sure that they don't pipe the signed material to stdin without
using a filename together with "-" on the the command line.
* WARNING: Corrected hash calculation for input data larger than
512M - it was just wrong, so you might notice bad signature in
some very big files. It may be wise to keep an old copy of
GnuPG around.
* Secret keys are no longer imported unless you use the new option
--allow-secret-key-import. This is a kludge and future versions will
handle it in another way.
* New command "showpref" in the --edit-key menu to show an easier
to understand preference listing.
* There is now the notation of a primary user ID. For example, it
is printed with a signature verification as the first user ID;
revoked user IDs are not printed there anymore. In general the
primary user ID is the one with the latest self-signature.
* New --charset=utf-8 to bypass all internal conversions.
* Large File Support (LFS) is now working.
* New options: --ignore-crc-error, --no-sig-create-check,
--no-sig-cache, --fixed_list_mode, --no-expensive-trust-checks,
--enable-special-filenames and --use-agent. See man page.
* New command --pipemode, which can be used to run gpg as a
co-process. Currently only the verification of detached
signatures are working. See doc/DETAILS.
* Rewritten key selection code so that GnuPG can better cope with
multiple subkeys, expire dates and so. The drawback is that it
is slower.
* A whole lot of bug fixes.
* The verification status of self-signatures are now cached. To
increase the speed of key list operations for existing keys you
can do the following in your GnuPG homedir (~/.gnupg):
$ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \
rm pubring.gpg && gpg --import x
Only v4 keys (i.e not the old RSA keys) benefit from this caching.
* New translations: Estonian, Turkish.
|
|
several new viruses.
|
|
|
|
|
|
conditional patch hack.
|
|
|
|
|
|
are included.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
replace security/py-crypto (which isn't python-2.0-ready, and failed the
last dozen bulk builds for that reason).
Some help provided by Ty Sarna -- thanks!
|
|
Fixes bulk build problem.
|
|
dependency from libperl-5.* to libperl>=${PERL5_REQD}.
|
|
both the original MASTER_SITE and the Austrian ftp.netbsd.org mirror
matched the MD5 recorded for the package.
|
