Age | Commit message (Collapse) | Author | Files | Lines |
|
libssl without linking also libcrypto, which fails on 2.0 since libssl
doesn't have recorded the libcrypto dependency; fix by disabling
the checkLibrary() call when QC_WITH_OPENSSL_LIB is supplied
PR: 28576
|
|
build shared libraries. on Darwin with xlc, this fails because of the
way xlc invokes Darwin's in-base libtool to create shared libraries,
meaning that the -all_load argument cannot be used to import all
symbols.
work around this the same way as UnixWare does it, by listing the
archive library contents and linking the object files into the shared
library individually. also remove some other assumed gcc'isms to make
this build on Darwin with xlc.
XXX maybe this pkg should be libtool'ized?
|
|
|
|
Darwin.
|
|
|
|
The wrapper will correctly set the CPP environment variable to a
stat((2)able path to a C preprocessor, then rely on the PATH to
find and invoke the real rpcgen.
Remove NO_EXPORT_CPP in package Makefiles where it was used just to
avoid problems with rpcgen. The build system now just does the right
thing automatically without needing package-specific knowledge.
This fixes PR pkg/27272.
|
|
nor declaration for "struct option".
fixes build on Darwin.
|
|
of "des_cblock". This fixes PR pkg/28703.
|
|
|
|
script, since it has insecure temp file handling.
|
|
one Makeifle.in lacks newline in the last line.
|
|
teach fressh how to use either DES API. Bump PKGREVISION since on
NetBSD>=2.0, fressh gains a library dependency on -ldes.
|
|
|
|
|
|
The idea is to prevent needing to patch source files for packages that
use OpenSSL for DES support by ensuring that including <openssl/des.h>
will always present the old DES API.
(1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and
<openssl/des.h> already does the right thing.
(2) If des_old.h doesn't exist, then one of two things is happening:
(a) If <openssl/des.h> is old and (only) supports the old DES API,
then <openssl/des.h> does the right thing.
(b) If it's NetBSD's Special(TM) one that stripped out the old DES
support into a separate library and header (-ldes, <des.h>),
then we create a new header <openssl/des.h> that includes the
system one and <des.h>.
Also modify existing packages that set USE_OLD_DES_API to simply include
<openssl/des.h> instead of either <des.h> or <openssl/des_old.h> (This
step is mostly just removing unnecessary patches).
This should fix building packages that use OpenSSL's old DES API support
on non-NetBSD systems where the built-in OpenSSL is at least 0.9.7.
|
|
|
|
PR pkg/28480.
|
|
private keys are likely to be installed. Patch directly from PR
pkg/28477 by Jason Thorpe.
|
|
some time.
|
|
|
|
While here, fix libtool calls in Makefile to use --mode.
|
|
|
|
Change log:
5.28 Wed Nov 10 15:33:20 MST 2004
- provided more flexible formatting of SHA state files
-- entries may now contain embedded whitespace
for improved readability
- minor code cleanups
|
|
Change log:
*** 2004/09/13 Version 1.4
Fixed Makefile problems on some versions of perl 5.8.0
*** 2004/11/17 Version 1.5
ActivePerl version adds hexhash() for compatibility
Contributed by Gisle Aas
|
|
Change log:
2004-11-08 Gisle Aas <gisle@ActiveState.com>
Release 1.10
Added Digest::file module which provide convenience functions
that calculate digests of files.
2004-11-05 Gisle Aas <gisle@ActiveState.com>
Release 1.09
Fix trivial documentation typo.
|
|
and no package is using it ATM).
4.1.1:
- Fixed shared library version info.
4.1.0:
- Added SHA-384 and SHA-512 algorithms.
- Added HMAC-SHA-384 and HMAC-SHA-512 algorithms.
- Added generic SSE2 optimization for the above algorithms.
- Added more digest algorithms for PKCS#1 EMSA.
- Optimized swap32 and swap64 routines on Linux.
- Fixed missing definition in mpopt.h for s390x.
- Fixed nostackexec configuration bug.
- Fixed problem in Date::toString.
- Fixed deadlock problem which occured in certain cases where security
or crypto SPI constructor called getInstance for another security or
crypto SPI.
- Fixed a bug in the generic CBC encryption code; when called with
nblocks == 1, the feedback was set incorrectly.
- Fixed a bug in mpbsubmod; sometimes it takes multiple additions of
the modulus to get a positive number.
- Fixed PowerPC 64-bit configuration problem on Linux.
4.0.0:
- Added a C++ API interface, modeled after Java's security & crypto API.
- Added the new GNU noexecstack feature.
- Added more x86_64 and s390x assembler routines.
- Modified i2osp, so that it only requires as many octets as there are
significant bytes in the multi-precision integers.
- Fixed a bug in the creation of rsa keypairs; code was not correctly
migrated to new calling sequence. The code now implements the method
described in IEEE P.1363.
- Fixed another bug in mpextgcd_w which sometimes returned incorrect
results.
- Fixed a bug in mprshiftlsz, which didn't work correctly when size = 1.
- Fixed a configuration problem on Tru64 Unix.
3.1.0:
- Added wiping of private key components of keypairs before freeing.
- Fixed bug in mpextgcd_w which sometimes returned incorrect result.
- Fixed error in PowerPC 64-bit assembler symbol definitions.
|
|
|
|
|
|
* improved cleanup routines to make sure that no memory is leaking.
* applied patch to pf.c from OPENBSD_3_6 branch:
fix a bug that leads to a crash when binat rules of the form
'binat from ... to ... -> (if)' are used, where the interface is dynamic.
* added (unsigned char) casts to ctype functions.
* added experimental patch for ALTQ support.
* applied patch to pfctl_parser.c from OPENBSD_3_6 branch:
do not assume entries in pf_timeouts[] are ordererd like PFTM_* in pfvar.h
* applied patch to pf.c from OPENBSD_3_6 branch:
The flag to re-filter pf-generated packets was set wrong by synproxy
for ACKs. It should filter the ACK replayed to the server, instead of
of the one to the client.
* applied patch to pf.c from OPENBSD_3_6 branch:
For RST generated due to state mismatch during handshake, don't set
th_flags TH_ACK and leave th_ack 0, just like the RST generated by
the stack in this case. Fixes the Raptor workaround.
* applied patch to pf_lkm.c from NetBSD HEAD:
pfil4_wrapper, pfil6_wrapper:
ensure that mbufs are writable beforehand as pf assumes it.
* applied patch to pf.c from OPENBSD_3_6 branch:
reset anchor pointer to NULL when stepping back into the main ruleset,
fixes pflog attributing states wrongly to anchors and pfctl -vvsn/sr
showing wrong state counters for anchor rules.
|
|
|
|
OpenSSL, with patches to use <openssl/des_old.h>.
|
|
pkgsrc and in NetBSD-1.6.x) and OpenSSL 0.9.7 (in NetBSD-2.0), by
creating a new yes/no variable USE_OLD_DES_API that flags whether the
package wants to use the old DES API. If USE_OLD_DES_API is "yes",
then:
* For OpenSSL 0.9.6, symlink ${BUILDLINK_DIR}/include/openssl/des_old.h
to ${SSLBASE}/include/openssl/des.h.
* For NetBSD 2.0's "special" installation of OpenSSL 0.9.7, symlink
${BUILDLINK_DIR}/include/openssl/des_old.h to /usr/include/des.h,
and transform "-lcrypto" into "-ldes -lcrypto". This makes it
behave like stock OpenSSL 0.9.7 where the old DES functions are
part of libcrypto.
Software that wants to use the old DES API should be taught to do it
in a way that works with a stock installation of OpenSSL 0.9.7 -- by
including <openssl/des_old.h> and linking against "-lcrypto". Software
that wants to use the new DES API should simply depend on openssl>=0.9.7.
This change has no impact on existing packages as the new code is
active only when USE_OLD_DES_API == "yes".
|
|
|
|
This is mainly a maintenance release to support new options in dirmngr
(to be released soon):
* [gpgsm] New option --prefer-system-dirmngr.
* Minor cleanups and debugging aids.
|
|
|
|
BUILDLINK_TRANSFORM.
|
|
Suggested by Roland Illig, ok'd by various.
|
|
|
|
|
|
|
|
Version 0.10
* Fixed bugs
* Moved project over to sourceforge.net
* Change of project ownership
|
|
from time_t to long, but prototype wasn't updated to match.)
|
|
|
|
It can't be fixed easily because the pflkm package uses different versioning
(dates instead of 3.5, 3.6, etc). So just disable it for now until I've
found a better way to handle this.
Approved by wiz.
|
|
|
|
- move store directory to under PKG_SYSCONFDIR.
- add missing fix to top level configure.
|
|
Changes:
o Added a configure check for systems with a 2-argument version of
timespecsub (like BSD/OS).
o Added stub struct defintions to sudo.h to quiet compiler warnings
on some systems.
o In sudoers Defaults lines, tuples like "lecture" may now be used
without a value, restoring their old boolean-like nature.
o Invalid values for a tuple are now handled correctly.
|
|
- Changes are unknown.
- License restriction is removed now.
- Try to keep configuration to ${PREFIX}/etc/AiCA.
|
|
|
|
|