Age | Commit message (Collapse) | Author | Files | Lines |
|
not require this, and this fixes the build on those systems. Not
objected to by joerg@.
|
|
Add DESTDIR support.
|
|
|
|
|
|
|
|
only suggest pthread option when native pthread exists.
We cannot use pthread.buildlink3.mk to just detect if suituable pthread
implementation exist or not.
Avoid unwanted dependency on pthread package when no native pthread and
pthread option off.
* Move inclusion of seculity/tcp_wappers/buildlink3.mk to rightful place in
options.mk.
Avoid unwanted dependency on tcp_wrappers when libwrap option off.
* Remove deprecated(?) --with-tcp-wrappers from CONFIGURE_ARGS.
* Remove --enable-libwrap from CONFIGURE_ARGS even if require tcp_wrappers.
It affect not only check of existence of tcp_wappers but also blow off
needful addition of -lwrap to LIBS.
Fixes PR 39635
|
|
maildrop?).
Additional entries are optionally and already handled in Makefile and options.mk.
Re: PR 39661
|
|
* In dsniff-nox11/Makefile, add a post-configure target to move
missing/sys/queue.h out of the way if the configure script
found a real sys/queue.h.
* Add patches to #include <string.h> in some files where I noticed warnings.
Bump PKGREVISION for both dsniff and dsniff-nox11.
|
|
|
|
While here, add DESTDIR support.
|
|
finally. While here, fix PLIST and depkglint a bit. Also, fix the horrid
abuse of libtool.
Changes since 0.60.2:
* courier-authlib.spec: Dummy provides: for symlinks, to allow upgrade
with older packages that require <libname>.so.0.
* Makefile.am: Switch to versionless shared libraries.
Install all shared libraries just as <libname>.so. make install manually
removes *.so.0.0 files that were left over from previous versions,
and installs a temporary *.so.0 symlink to *.so, for temporary
binary ABI compatibility with 0.60. The symlinks will be removed in
0.62.
* Cleanup: always compile md5, sha* and hmac stuff, and remove all
conditionally-compiled cruft. Move SASL list to an internal header.
Add client-side support for AUTH EXTERNAL.
* authsasl.c (auth_sasl_ex): auth_sasl_ex() supercedes auth_sasl(),
invokes auth_sasl() for non-EXTERNAL SASL methods, implements EXTERNAL
by going through the motions, then setting up a dummy authentication
request.
* authdaemon.c (auth_generic): Check for the dummy EXTERNAL
authentication request, and handle it by invoking auth_getuserinfo(),
rather than sending it down the pipe. This avoid having to implement
a stub in every authentication module.
* authmysqllib.c: Use mysql_set_character_set() instead of SET NAMES
* authmysqllib.c: Fix domain-less queries.
* Makefile: Drop the unmaintained authvchkpw module.
* authmysqllib.c: Cleanup. Use mysql_real_escape_string instead of
crude filtering.
* Makefile.am: Use _LIBADD properly.
* configure.in: More portability fixes.
|
|
same name, breaking the builds of libraries trying to both link against
libcurl and use strverscmp(). Bump PKGREVISION.
Fixes PR 39640.
|
|
|
|
Add DESTDIR support.
|
|
|
|
This is for PR 39433.
It is not enabled by default.
|
|
of last commit.
|
|
These packages have unfetchable distfiles and unreachable HOMEPAGEs.
Removal proposed on pkgsrc-users with no objections received.
|
|
|
|
Packages Collection.
The Perl 5 module Authen::CAS::Client provides a simple interface
for authenticating users using JA-SIG's CAS protocol. Both CAS v1.0
and v2.0 are supported.
|
|
Changes from OpenSSH 5.0 is huge to write here, please refer its
release note: http://www.openssh.com/txt/release-5.1.
I quote only Security section from the release note.
Security:
* sshd(8): Avoid X11 man-in-the-middle attack on HP/UX (and possibly
other platforms) when X11UseLocalhost=no
When attempting to bind(2) to a port that has previously been bound
with SO_REUSEADDR set, most operating systems check that either the
effective user-id matches the previous bind (common on BSD-derived
systems) or that the bind addresses do not overlap (Linux and
Solaris).
Some operating systems, such as HP/UX, do not perform these checks
and are vulnerable to an X11 man-in-the-middle attack when the
sshd_config(5) option X11UseLocalhost has been set to "no" - an
attacker may establish a more-specific bind, which will be used in
preference to sshd's wildcard listener.
Modern BSD operating systems, Linux, OS X and Solaris implement the
above checks and are not vulnerable to this attack, nor are systems
where the X11UseLocalhost has been left at the default value of
"yes".
Portable OpenSSH 5.1 avoids this problem for all operating systems
by not setting SO_REUSEADDR when X11UseLocalhost is set to no.
This vulnerability was reported by sway2004009 AT hotmail.com.
|
|
Upstream changes:
1.07 - Fri Aug 15 16:53:36 2008
* Fixed the odd character problems in some of the files
* No need to upgrade if you already have this installed
1.06_03 - Sun Jun 22 11:32:46 2008
* Trying the __sgi definition. If this doesn't make things
blow up, this release will get bumped to 1.07.
1.06_02 - Thu Jun 19 11:55:21 2008
* Removed wide chars from the header file. Some compilers
like to complain about things that are wrong. :(
1.06_01 - Wed Jun 18 09:37:34 2008
This is a test of a fix for Irix.
1.06_01 - Wed Jun 4 19:18:57 2008
* This is a test of a fix for Irix.
|
|
|
|
to distfile/homepage lossage.
candidate for removal.
|
|
distfile.
|
|
* Rewrite to use poll instead of select.
* Improve Windows installation instructions in the manual.
* tests: New self test of gsasl_mechanism_name function.
|
|
This is not acceptable for us. Instead, we patch to use libtool.
The included test passes.
Changes since 1.0.3:
* Minor fixes.
* Build library for GNU/Linux as PIC [**but we use libtool**]
* New hook feature to enhance the internal I/O functions.
|
|
|
|
name change).
|
|
v1.15
- change internal behavior when SSL handshake failed (like when verify
callback returned an error) in the hope to fix spurios errors in
t/auto_verify_hostname.t
|
|
- Make this compile on amd64
- Don't silently look for libraries when we don't need them. This should fix
PR 39318
- Add missing depends on apr
Release 5.4
###########
* Fixes to the http modules as some Apache installations are picky
* The MySQL module also works with mysqld-5.0, updated
* Added AS/400 return code checks to pop3 module
* Fixed memory leaks in the http-form module.
* Implemented a proposal by Jean-Baptiste.BEAUFRETON (at) turbomeca.fr to
check for "530 user unknown" message in the ftp module
* Added a performance patch by alejandro.mendiondo (at) baicom.com. This one
needs stability testing!
* Beautification to remove compiler warnings of modern gcc
|
|
- preludedb-admin has a bew 'count' command, printing the result of a
COUNT() on the database.
- preludedb-admin work on smaller set of data, to prevent large
retrieval error (fix #220, refs #305).
- preludedb-admin handling of interrupted transaction was improved.
- Fix MySQL and SQLite MacOSX detection, by
Uwe Schwartz <usx303 at googlemail.com>. (fix #296).
|
|
|
|
ModSecurity ruleset rewrite, by Peter Vrabec <pvrabec@redhat.com> and
Dan Kopecek <dkopecek@redhat.com>. This ruleset handle ModSecurity 2.0
output. (Fix #216).
- New rulesets for FreeBSD su attempts, by Alexander Afonyashin <firm@iname.com>
(Fix #304).
- Add additional format to the default configuration to deal with apache
error_log file format, by Alexander Afonyashin <firm@iname.com> (Fix #307).
- Normalize some classification: introduce Remote Login, and
Credentials Change. Cleanup SSH ruleset, and remove duplicated rules.
|
|
- EasyBindings inclusion! EasyBindings provide simple C++, Python,
Perl, Ruby, and Lua bindings for using libprelude. They are still
considered experimental, thus you need to use (--enable-easy-bindings)
to activate them. Thanks to Sebastien Tricaud <toady@inl.fr> and
Pierre Chifflier <p.chifflier@inl.fr> for their contribution to this
project!
- Use automake/autoconf for building/installing Python extension.
- Fix 0.9.18 regression (alert created with empty CreateTime).
- Implement reference counting for the idmef-criteria and
prelude-connection API.
- Automatic casting when setting IDMEF Value to a field that is of
different type. Until now, if an user tried to set a path of a
specific type with an idmef_value_t object containing another type,
idmef_path_set() would return an error.
- Various bug fixes.
|
|
|
|
Based on PR 39222 by Jens Rehsack.
This module implements a wrapper around OpenSSL. Specifically, it wraps the
methods related to the US Government's Advanced Encryption Standard (the
Rijndael algorithm).
This module is compatible with Crypt::CBC (and likely other modules that
utilize a block cipher to make a stream cipher).
This module is an alternative to the implementation provided by Crypt::Rijndael
which implements AES itself. In contrast, this module is simply a wrapper
around the OpenSSL library.
The Crypt::Rijndael implementation seems to produce inaccurate results on
64-bit x86 machines. By using OpenSSL, this module aims to avoid architecture
specific problems, allowing the OpenSSL maintainers to overcome such issues.
|
|
Noticed by Zafer Aydogan via private mail.
|
|
|
|
- Removed some unused variables.
- Improved Python 2.3 compatibility.
- Fixed various threading bugs.
- Some improvements in the test suite.
|
|
|
|
This is the RIPE NCC DNSSEC Key Management tools, described at
https://www.ripe.net/projects/disi/dnssec_maint_tool/
This class implements an interface to a database of private keys used
during DNSSEC administration.
This package includes some diffs to the self-tests, so that they pass.
|
|
0.22 Mo Mai 29 21:15:17 CEST 2006
- Bugfixs
0.23 Mi Aug 2 15:48:19 UTC 2006
- Re-added support of MIT Kerberos 1.2.x
0.24 Wed, 21 Feb 2007 20:59:39 +0100
- Changed tests as an answer to FAIL 413320
0.25 So 3. Feb 20:18:16 UTC 2008
- Enhancement to use OpenSolaris/Solaris 10 native gss library
0.26 Fr 15. Feb 22:32:10 UTC 2008
- modified Makefile.PL to trigger no FAIL testreports
in case of missing prerequirements.
|
|
Pkgsrc changes:
o Change MAINTAINER to pkgsrc-users@ as per communication with maintainer
Upstream changes:
Authen-SASL 2.11 -- Mon Apr 21 10:23:19 CDT 2008
Enhancements
* implement securesocket() in the ::Perl set of plugins
Bug Fixes
* fix parsing challenges from GnuSASL
* update tests for DIGEST-MD5
* New test from Phil Pennock for testing final server response
|
|
PKGREVISION++
|
|
|
|
Changes since the 0.6 branch:
0.7.1 - 23 July 2008
o Fixes a memory leak when invalid proposal received
o Some fixes in DPD
o do not set default gss id if xauth is used
o fixed hybrid enabled builds
o fixed compilation on FreeBSD8
o cleanup in network port value manipulation
o gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in purge_ipsec_sp
i()
o Generates a log if cert validation has been disabled by configuration
o better handling for pfkey socket read errors
o Fixes in yacc / bison stuff
o new plog() macro (reduced CPU usage when logging is disabled)
o Try to works better with huge SPD/SAD
o Corrected modecfg option syntax
o Many other various fixes...
0.7 - 09 August 2007
o Xauth with pre-shared key PSK
o Xauth with certificates
o SHA2 support
o pkcs7 support
o system accounting (utmp)
o Darwin support
o configuration can be reloaded
o Support for UNIQUE generated policies
o Support for semi anonymous sainfos
o Support for ph1id to remoteid matching
o Plain RSA authentication
o Native LDAP support for Xauth and modecfg
o Group membership checks for Xauth and sainfo selection
o Camellia cipher support
o IKE Fragment force option
o Modecfg SplitNet attribute support
o Modecfg SplitDNS attribute support ( server side )
o Modecfg Default Domain attribute support
o Modecfg DNS/WINS server multiple attribute support
|
|
Addresses PR 39316.
|
|
* Fix SASL operations through TLS.
* Update gnulib files, and include gnulib self-tests.
* Update translations.
|
|
|