| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- Replace SED with SUBST.*
- Improve DESCR
- ok'ed snj@/wiz@
From the Changelog:
Verison 2.0.4:
--------------
More signatures.
Improved documentation, mentions of p0f_db, etc.
[BUG] Fixed a minor problem with installation on systems w/o /usr/man/.
[BUG] Fixed a DLT_NULL problem, added a new loopback signature.
Multiple timestamp options, timestamps now read from pcap dumps.
Sync with new Windows port code.
[BUG] Fixed one-line reporting for masquerade detection.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
explicitly add only those plugins for SASL support for servers that
won't let us exclude any found SASL plugins. Also, don't bother
building the static library since the static library is useless until
the build mechanism is fixed by the Cyrus maintainers.
Bump the PKGREVISION.
|
|
- Add Python support
- Include an extra library on Linux to fix builds on some distros.
Last two issues submitted by Roland Illig in PR# 26620
|
|
|
|
Hydan steganographically conceals a message into an application. It
exploits redundancy in the i386 instruction set by defining sets of
functionally equivalent instructions. It then encodes information in
machine code by using the appropriate instructions from each set.
Features:
- Application filesize remains unchanged
- Message is blowfish encrypted with a user-supplied
passphrase before being embedded
- Encoding rate: 1/110
Primary uses for Hydan:
- Covert Communication: embedding data into binaries creates a
covert channel that can be used to exchange secret messages.
- Signing: a program's cryptographic signature can be embedded
into itself. The recipient of the binary can then verify
that it has not been tampered with (virus or trojan), and is
really from who it claims to be from. This check can be
built into the OS for user transparency.
- Watermarking: a watermark can be embedded to uniquely
identify binaries for copyright purposes, or as part of a DRM
scheme. Note: this usage is not recommended as Hydan
implements fragile watermarks.
|
|
|
|
|
|
same as Linux-PAM, but it's close enough for the purposes of compiling
programs.
|
|
|
|
|
|
Changes in 2.2.10:
A buffer overrun has been located in the code used to support
the 'mangling method = hash' smb.conf option. Affected Samba
2.2 installations can avoid this possible security bug by using
the hash2 mangling method. Server installations requiring
the hash mangling method are encouraged to upgrade to Samba v2.2.10
or v3.0.5.
Changes in 2.2.9:
This is a maintenance release of Samba 2.2.8a to address the
problem with user password changes after applying the Microsoft
hotfix described in KB828741 to Windows NT 4.0/200x/XP clients.
Also updated dependant packages pam-smbpass and winbind.
|
|
|
|
|
|
then we avoid hitting the disk if we don't need to.
|
|
|
|
is "/usr", what we really want to check is if the pam_appl.h header found
is within the ${LOCALBASE} hierarchy, which implies that it's a
pkgsrc-controlled file, and hence not built-in.
|
|
|
|
amavisd-new is an interface between message transfer agent (MTA) and
one or more content checkers, e.g. virus scanners, SpamAssassin, etc.
It is a performance-enhanced and feature-enriched version of amavisd
(which in turn is a daemonized version of AMaViS or amavis-perl).
amavisd-new is normally positioned at or near a central mailer, not
necessarily where user's mailboxes and final delivery takes place. If
you are looking for fully per-user configurable and/or low-message-rate
solution to be placed at the final stage of mail delivery (e.g. called
from procmail), there may be other solutions more appropriate for your
needs.
Package created and maintained by Julian Dunn in pkgsrc-wip.
|
|
can be used to create shared libraries _and_ be linked into a statically
linked program. Instead of trying to hack libtool to do this, just
accept the fact and do what you want another way!
Remove the ugly hack in sasldb/Makefile.am that regenerated the static
archive from the non-PIC object files. While this was fine for linking
into programs, it breaks things when you link this into the sasldb
plugin. Leaving it the other way, where the static archive from the
PIC object files, is also unacceptable because there are potential
problems on some platforms when linking an archive of of PIC objects
into an executable. The solution: let the static archive contain PIC
objects and be used to link into the sasldb plugin, but for the programs
in the utils directory, explicitly add the non-PIC object files listed
in $(SASL_DB_BACKEND_STATIC) to the files used to generate the programs.
This is easy because SASL_DB_BACKEND_STATIC is already generated
properly by config/sasldb.m4, so make use if it.
This should fix problems with using Cyrus SASL on non-i386 platforms
noted in PR pkg/26492 by Matt Dainty. Bump the PKGREVISION.
|
|
that /usr/include/security/pam_appl.h means that PAM is builtin.
(This is so a dependency can be registered correctly.)
|
|
|
|
|
|
|
|
This follows the example of the mail/dovecot package, as suggested by
<schmonz>.
|
|
|
|
|
|
|
|
plugin.
|
|
include:
* Fixes to saslauthd to allow better integration with realms (-r flag to
saslauthd, %R token in LDAP module)
* A nontrivial number of small bugfixes.
|
|
include:
* Support for forwarding of GSSAPI credentials
* A nontrivial number of small bugfixes.
|
|
tested. The server (sshd) still needs more patches especially because of
non-zero Administrator uid/gid issues.
|
|
|
|
here. So it's not possible to mount cfs from "mountall" -- it will have to
be mounted by hand later in startup, e.g. rc.local.
|
|
|
|
|
|
|
|
below the variable settings and above any make targets.
|
|
openssl/buildlink3.mk to be included unconditionally to provide the des.h
header and des* routines.
|
|
hashcash-0.32 - 09-Apr-2004 - Adam Back <adam@cypherspace.org>
* documentation fixes
* change multiple regexp behavior; previous algorithm only allowed
higher overrides; need to support both higher and lower
overrides. This also required introducing -o option to join
regexps which are set intersections where otherwise risk of
uninteded override occuring and mail being rejected as spent or
insufficent bits. Now revert to lexical order most specific
regexp first.
* wrote test script test.sh
* fix a few minor bugs uncovered by above test script
* -c now means check date
* allow -n etc with -X
* introduced -b relative to default way of specifying bits
* -b is no optional, if want token fully checked, but can give -b
default; or new relative to default -b +0.
hashcash-0.31 - 01-Apr-2004 - Adam Back <adam@cypherspace.org>
* final 0.x version (v0 format) release before 1.x version (v1
format) (bug fixes / maintenance only afterwards on 0.x version)
* remove -O3 from Makefile, use -O instead as fails on HPUX or
sun.
* fix some out of date usage stuff in hashcash man page.
* disable timing loop unless timing needed
* fix multiple reciept bug in -cX/-cx reported by Junior Ang
<junior@chrysant.com>. If you receive a mail multiple times
because you are on the receipt list multiple times, there will
be multiple hashcash headers for you. In this case it is
necessary to examine the first matching, non-spent stamp. The
bug was previous versions stopped on the first matching stamp
and then failed because it was spent. Need to keep going and
check later also matching stamps until find one which is not
spent.
* rationalize command line args further. No implied -m , more
things that are awkward to implement but not that useful are
disallowed.
* change purge operation to use read-write operations in the same
sdb file rather than creating a temporary file. This makes
locking easier and is also aesthetically nicer.
* add flock(2) database file write locking, and change creation
logic to use open(2) to avoid creation db race-condition also.
* make resource string case insensitive by default to match email
semantics; add -C option to force case sensitivity if desired
(email addresses are converted to and stored in lower case, so
you have to both mint and verify with case sensitivity turned on
to make use of case sensitivity)
* support minting multiple resources with multiple command line
args. Also if no resources given on command line, read
resources from stdin.
* support supplying multiple email addresses, for people who want
to accept as multiple addresses.
* support multiple resources on purging also.
* support multiple tokens with check mode as cmd line args, if
none given as args, read tokens from stdin; if -X/-x read from
cmd line args, then from stdin as email (matching stamp headers
skipping stamp headers)
* rename default simple database to hashcash.sdb (.sdb extension),
to distinguish from planned support for better database.
* fix bug in PPUTS didn't match PPRINTF
* fixup -l, -w, -n so they support multiple tokens also
* made use of -b optional (get the default on mint & check)
* added "-b default" to specify default number of bits with -s
(otherwise no way to measure the default speed without
specifying the number of bits -- and when this can change over
time it would be inconvenient for scripting to have to
separately obtain this)
* added support for wildcard email addresses with '*' wildcard
marker. '*' before '@' does not match '@', '*' after '@' does
not match '.'. And both email addresses must contain @ sign and
same number of '.' separated sub domains as wildcard address.
Wildcard matching is the new default. Use -S to get plain
string match. Can turn back on with -W.
* increased size of random string to reduce chance of collisions
between users. Now negligible chance of collision with typical
token sizes.
* added support for regexps. Can work from POSIX library or BSD
regexp library. Use -E to get regexps. Input is always in
POSIX syntax (specials are not quoted to have special action;
are quoted to have plain meaning). If using BSD library still
give input in POSIX syntax, it's converted to BSD internally.
* implement highest matching semantics. Ensures that eg -c -b10
*@bar.invalid -b15 adam@bar.invalid will not accept a 10 bit
token for adam@bar.invalid. (This is done by sorting resources
highest bits required first and accepting only the first highest
matching resource.)
* change arg parsing so -b, -e, -g, -z, -E, -W, -S, apply to the
following resources and tokens, and can be changed for later
resources/tokens with tokens and args interspersed. Means you
have to give these args before the resource/token or you will
get defaults.
|
|
Makefile.common.
|
|
|
|
for each package can be determined by invoking:
make show-var VARNAME=PKG_OPTIONS_VAR
The old options are still supported unless the variable named in
PKG_OPTIONS_VAR is set within make(1) (usually via /etc/mk.conf).
|
|
Improve update_dat script with patch from Jason White in followup
to PR 26408.
. get updates from faster and more reliable http server
. dat file format has changed -- version info is now in a different file
. abort update if no write permissions in target dir
|
