| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Changes in 2.2.10:
A buffer overrun has been located in the code used to support
the 'mangling method = hash' smb.conf option. Affected Samba
2.2 installations can avoid this possible security bug by using
the hash2 mangling method. Server installations requiring
the hash mangling method are encouraged to upgrade to Samba v2.2.10
or v3.0.5.
Changes in 2.2.9:
This is a maintenance release of Samba 2.2.8a to address the
problem with user password changes after applying the Microsoft
hotfix described in KB828741 to Windows NT 4.0/200x/XP clients.
Also updated dependant packages pam-smbpass and winbind.
|
|
|
|
|
|
then we avoid hitting the disk if we don't need to.
|
|
|
|
is "/usr", what we really want to check is if the pam_appl.h header found
is within the ${LOCALBASE} hierarchy, which implies that it's a
pkgsrc-controlled file, and hence not built-in.
|
|
|
|
amavisd-new is an interface between message transfer agent (MTA) and
one or more content checkers, e.g. virus scanners, SpamAssassin, etc.
It is a performance-enhanced and feature-enriched version of amavisd
(which in turn is a daemonized version of AMaViS or amavis-perl).
amavisd-new is normally positioned at or near a central mailer, not
necessarily where user's mailboxes and final delivery takes place. If
you are looking for fully per-user configurable and/or low-message-rate
solution to be placed at the final stage of mail delivery (e.g. called
from procmail), there may be other solutions more appropriate for your
needs.
Package created and maintained by Julian Dunn in pkgsrc-wip.
|
|
can be used to create shared libraries _and_ be linked into a statically
linked program. Instead of trying to hack libtool to do this, just
accept the fact and do what you want another way!
Remove the ugly hack in sasldb/Makefile.am that regenerated the static
archive from the non-PIC object files. While this was fine for linking
into programs, it breaks things when you link this into the sasldb
plugin. Leaving it the other way, where the static archive from the
PIC object files, is also unacceptable because there are potential
problems on some platforms when linking an archive of of PIC objects
into an executable. The solution: let the static archive contain PIC
objects and be used to link into the sasldb plugin, but for the programs
in the utils directory, explicitly add the non-PIC object files listed
in $(SASL_DB_BACKEND_STATIC) to the files used to generate the programs.
This is easy because SASL_DB_BACKEND_STATIC is already generated
properly by config/sasldb.m4, so make use if it.
This should fix problems with using Cyrus SASL on non-i386 platforms
noted in PR pkg/26492 by Matt Dainty. Bump the PKGREVISION.
|
|
that /usr/include/security/pam_appl.h means that PAM is builtin.
(This is so a dependency can be registered correctly.)
|
|
|
|
|
|
|
|
This follows the example of the mail/dovecot package, as suggested by
<schmonz>.
|
|
|
|
|
|
|
|
plugin.
|
|
include:
* Fixes to saslauthd to allow better integration with realms (-r flag to
saslauthd, %R token in LDAP module)
* A nontrivial number of small bugfixes.
|
|
include:
* Support for forwarding of GSSAPI credentials
* A nontrivial number of small bugfixes.
|
|
tested. The server (sshd) still needs more patches especially because of
non-zero Administrator uid/gid issues.
|
|
|
|
here. So it's not possible to mount cfs from "mountall" -- it will have to
be mounted by hand later in startup, e.g. rc.local.
|
|
|
|
|
|
|
|
below the variable settings and above any make targets.
|
|
openssl/buildlink3.mk to be included unconditionally to provide the des.h
header and des* routines.
|
|
hashcash-0.32 - 09-Apr-2004 - Adam Back <adam@cypherspace.org>
* documentation fixes
* change multiple regexp behavior; previous algorithm only allowed
higher overrides; need to support both higher and lower
overrides. This also required introducing -o option to join
regexps which are set intersections where otherwise risk of
uninteded override occuring and mail being rejected as spent or
insufficent bits. Now revert to lexical order most specific
regexp first.
* wrote test script test.sh
* fix a few minor bugs uncovered by above test script
* -c now means check date
* allow -n etc with -X
* introduced -b relative to default way of specifying bits
* -b is no optional, if want token fully checked, but can give -b
default; or new relative to default -b +0.
hashcash-0.31 - 01-Apr-2004 - Adam Back <adam@cypherspace.org>
* final 0.x version (v0 format) release before 1.x version (v1
format) (bug fixes / maintenance only afterwards on 0.x version)
* remove -O3 from Makefile, use -O instead as fails on HPUX or
sun.
* fix some out of date usage stuff in hashcash man page.
* disable timing loop unless timing needed
* fix multiple reciept bug in -cX/-cx reported by Junior Ang
<junior@chrysant.com>. If you receive a mail multiple times
because you are on the receipt list multiple times, there will
be multiple hashcash headers for you. In this case it is
necessary to examine the first matching, non-spent stamp. The
bug was previous versions stopped on the first matching stamp
and then failed because it was spent. Need to keep going and
check later also matching stamps until find one which is not
spent.
* rationalize command line args further. No implied -m , more
things that are awkward to implement but not that useful are
disallowed.
* change purge operation to use read-write operations in the same
sdb file rather than creating a temporary file. This makes
locking easier and is also aesthetically nicer.
* add flock(2) database file write locking, and change creation
logic to use open(2) to avoid creation db race-condition also.
* make resource string case insensitive by default to match email
semantics; add -C option to force case sensitivity if desired
(email addresses are converted to and stored in lower case, so
you have to both mint and verify with case sensitivity turned on
to make use of case sensitivity)
* support minting multiple resources with multiple command line
args. Also if no resources given on command line, read
resources from stdin.
* support supplying multiple email addresses, for people who want
to accept as multiple addresses.
* support multiple resources on purging also.
* support multiple tokens with check mode as cmd line args, if
none given as args, read tokens from stdin; if -X/-x read from
cmd line args, then from stdin as email (matching stamp headers
skipping stamp headers)
* rename default simple database to hashcash.sdb (.sdb extension),
to distinguish from planned support for better database.
* fix bug in PPUTS didn't match PPRINTF
* fixup -l, -w, -n so they support multiple tokens also
* made use of -b optional (get the default on mint & check)
* added "-b default" to specify default number of bits with -s
(otherwise no way to measure the default speed without
specifying the number of bits -- and when this can change over
time it would be inconvenient for scripting to have to
separately obtain this)
* added support for wildcard email addresses with '*' wildcard
marker. '*' before '@' does not match '@', '*' after '@' does
not match '.'. And both email addresses must contain @ sign and
same number of '.' separated sub domains as wildcard address.
Wildcard matching is the new default. Use -S to get plain
string match. Can turn back on with -W.
* increased size of random string to reduce chance of collisions
between users. Now negligible chance of collision with typical
token sizes.
* added support for regexps. Can work from POSIX library or BSD
regexp library. Use -E to get regexps. Input is always in
POSIX syntax (specials are not quoted to have special action;
are quoted to have plain meaning). If using BSD library still
give input in POSIX syntax, it's converted to BSD internally.
* implement highest matching semantics. Ensures that eg -c -b10
*@bar.invalid -b15 adam@bar.invalid will not accept a 10 bit
token for adam@bar.invalid. (This is done by sorting resources
highest bits required first and accepting only the first highest
matching resource.)
* change arg parsing so -b, -e, -g, -z, -E, -W, -S, apply to the
following resources and tokens, and can be changed for later
resources/tokens with tokens and args interspersed. Means you
have to give these args before the resource/token or you will
get defaults.
|
|
Makefile.common.
|
|
|
|
for each package can be determined by invoking:
make show-var VARNAME=PKG_OPTIONS_VAR
The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).
|
|
Improve update_dat script with patch from Jason White in followup
to PR 26408.
. get updates from faster and more reliable http server
. dat file format has changed -- version info is now in a different file
. abort update if no write permissions in target dir
|
|
While here, fix PLIST handling, so that multiple 'make install's work.
|
|
|
|
* New --ask-cert-level/--no-ask-cert-level option to turn on and
off the prompt for signature level when signing a key. Defaults
to on.
* New --min-cert-level option to disregard key signatures that are
under a specified level. Defaults to 1 (i.e. don't disregard
anything).
* New --max-output option to limit the amount of plaintext output
generated by GnuPG. This option can be used by programs which
call GnuPG to process messages that may result in plaintext
larger than the calling program is prepared to handle. This is
sometimes called a "Decompression Bomb".
* New --list-config command for frontends and other programs that
call GnuPG. See doc/DETAILS for the specifics of this.
* New --gpgconf-list command for internal use by the gpgconf
utility from gnupg 1.9.x.
* Some performance improvements with large keyrings. See
--enable-key-cache=SIZE in the README file for details.
* Some portability fixes for the OpenBSD/i386, HPPA, and AIX
platforms.
* Simplified Chinese translation.
|
|
|
|
* keychain 2.3.4 (24 Jul 2004)
24 Jul 2004; Aron Griffis <agriffis@gentoo.org>;
Fix bug 28599 reported by Bruno Pelaia; ignore defunct processes in
ps output
* keychain 2.3.3 (30 Jun 2004)
30 Jun 2004; Aron Griffis <agriffis@gentoo.org>;
Fix bug reported by Matthew S. Moore in email; escape the backticks
in --help output
Fix bug reported by Herbie Ong in email; set pidf, cshpidf and lockf
variables after parsing command-line to honor --dir setting
Fix bug reported by Stephan Stahl in email; make spaces in filenames
work throughout keychain, even in pure Bourne shell
Fix operation on HP-UX with older OpenSSH by interpreting output of
ssh-add as well as the error status
* keychain 2.3.2 (16 Jun 2004)
16 Jun 2004; Aron Griffis <agriffis@gentoo.org>;
Fix bug 53837 (keychain needs ssh-askpass) by unsetting SSH_ASKPASS
when --nogui is specified
* keychain 2.3.1 (03 Jun 2004)
03 Jun 2004; Aron Griffis <agriffis@gentoo.org>;
Fix bug 52874: problems when the user is running csh
* keychain 2.3.0 (14 May 2004)
14 May 2004; Aron Griffis <agriffis@gentoo.org>;
Rewrite the locking code to avoid procmail
* keychain 2.2.2 (03 May 2004)
03 May 2004; Aron Griffis <agriffis@gentoo.org>;
Call loadagent prior to generating HOSTNAME-csh file so that
variables are set.
* keychain 2.2.1 (27 Apr 2004)
27 Apr 2004; Aron Griffis <agriffis@gentoo.org>;
Find running ssh-agent processes by searching for /[s]sh-agen/
instead of /[s]sh-agent/ for the sake of Solaris, which cuts off ps
-u output at 8 characters. Thanks to Clay England for reporting the
problem and testing the fix.
* keychain 2.2.0 (21 Apr 2004)
21 Apr 2004; Aron Griffis <agriffis@gentoo.org>;
Rewrote most of the code, organized into functions, fixed speed
issues involving ps, fixed compatibility issues for various UNIXes,
hopefully didn't introduce too many bugs. This version has a
--quick option (for me) and a --timeout option (for carpaski).
Also added a Makefile and converted the man-page to pod for easier
editing. See perlpod(1) for information on the format. Note that
the pod is sucked into keychain and colorized when you run make.
|
|
|
|
slightly modified by me.
Crypto++ Library is a free C++ class library of cryptographic schemes.
One purpose of Crypto++ is to act as a repository of public domain
(not copyrighted) source code. Although the library is copyrighted as
a compilation, the individual files in it (except for a few exceptions
listed in the license) are in the public domain.
|
|
|
|
|
|
explicitly rm targets before trying to create symlinks.
fixes install on Solaris.
|
|
|
|
RM=${RM} in MAKE_ENV.
|
|
|
|
|
|
|
