| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
Submitted by: fenner's distfile survey
|
| | |
|
| |
|
|
| |
ChallengeResponseAuthentication yes
|
| |
|
|
|
| |
PR: 39970
Submitted by: andrew@scoop.co.nz
|
| | |
|
| |
|
|
|
|
| |
version bumps
Noticed by: bento
|
| |
|
|
|
|
| |
ports).
Approved by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This now matches the PermitRootLogin configuration of OpenSSH in
the base system. Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.
Users are encouraged to create single-purpose users with ssh keys
and very narrowly defined sudo privileges instead of using root
for automated tasks.
- PKGNAMESUFFIX for GSSAPI set.
- Merged some patches from current to improve PAM.
- Fix BATCH=yes for bento.
|
| |
|
|
|
|
|
|
|
|
|
| |
This now matches the PermitRootLogin configuration of OpenSSH in
the base system. Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.
Users are encouraged to create single-purpose users with ssh keys
and very narrowly defined sudo privileges instead of using root
for automated tasks.
|
| |
|
|
|
| |
PR: 40190
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 40142
Submitted by: maintainer
|
| |
|
|
| |
Approved by: knu (mentor)
|
| | |
|
| |
|
|
|
| |
PR: 39936
Submitted by: Matthew West <mwest@uct.ac.za>
|
| |
|
|
| |
Submitted by: petef
|
| | |
|
| |
|
|
| |
problem found by drs@rucus.ru.ac.za.
|
| |
|
|
|
| |
PR: 40032, 40033
Submittted by: maintainer
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
ChallengeResponseAuthentication no
UseLogin no
patch for configure, to detect MAP_ANON submitted by:
Christophe Labouisse,Michael Handler,Gert Doering,Phil Oleson,Dave Baker
fix missing includes for "canohost.h"
|
| |
|
|
|
|
|
|
|
|
|
| |
ChallengeResponseAuthentication no
UseLogin no
SSH_PRIVSEP_USER=sshd, distributioin patch set it to nobodyh. (Jan Srzednicki)
#undef USE_PIPES, problems with ppp over ssh. (Kugimoto Takeshi)
fix missing includes for "canohost.h"
|
| |
|
|
|
| |
PR: ports/39932
Submitted by: maintainer
|
| |
|
|
|
|
|
|
|
| |
inspection, the distfiles have not changed at all:
/tmp 15:09 gyros marcus %512# diff -ruN pam_ldap-148.orig pam_ldap-148
/tmp 15:09 gyros marcus %513#
Reported by: Kai Gallasch <kai@adminhell.org>
|
| |
|
|
|
| |
PR: 38690
Submitted by: Sergey Lyubka <devnull@asitatech.ie>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
author fixed bug in patch but didn't increment version.
- Fix problem when openldap v1 is selected.
- Bump PORTREVISION
PR: ports/39800
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Update to openssh-3.4p1
|
| |
|
|
|
| |
PR: ports/39880
Submitted by: Frerich Raabe <frerich.raabe@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Options for both:
USE_OPENSSL_BASE=yes
uses an older opensssl in the base system.
Options for portable:
OPENSSH_OVERWRITE_BASE=yes
includes USE_OPENSSL_BASE=yes
installls in the paths of the base system
|
| | |
|
| |
|
|
| |
environment variables in the 'setenv' field of login.conf are set now.
|
| |
|
|
|
| |
Patch from current, noted by drs@rucus.ru.ac.za:
environment variables in the 'setenv' field of login.conf are set now.
|
| | |
|
| |
|
|
|
|
|
|
| |
ENOENT. Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31
in MIT KRB5 tree (fix etype info; wrong termination condition used in
get_etype_info).
Obtained from: Sam Hartman <hartmans@mit.edu>
|
| |
|
|
| |
Add ${PREFIX}/etc/rc.d/sshd.sh.sample
|
| | |
|
| |
|
|
|
|
|
| |
Lcrzoex contains over 300 functionnalities using network library lcrzo
PR: 36948
Submitted by: Joseph King <king@v2project.com>
|
| |
|
|
|
|
|
| |
Lcrzo is a network library (used by Lcrzoex, network testing toolbox)
PR: 36947
Submitted by: Joseph King <king@v2project.com>
|
| |
|
|
|
| |
PR: 36734
Submitted by: Alex Kapranoff <kappa@agava.com>
|
| |
|
|
|
| |
- Update to version 0.7
- Update WWW
|
| | |
|
| |
|
|
|
|
|
|
| |
. Portable linkage with pthread library by using ${PTHREAD_LIB} rather
than hardwiring -pthread.
Submitted by: Sean Chittenden <sean@chittenden.org> (1)
dougb (2)
|
| |
|
|
| |
Submitted by: brad@brad-x.com
|
| |
|
|
| |
Submitted by: anders@fix.no
|
| | |
|
| | |
|
| |
|
|
| |
create user and home if it not exists.
|
| |
|
|
|
|
|
|
| |
Fix build with SKEY=yes, pr# 36119
Cleanup pw_expire handling.
Add missing includes
Changes defaults to: PermitRootLogin=no, UsePrivilegeSeparation=no
Use $PREFIX/etc/ssh for config, updating manpages too.
|
| |
|
|
|
| |
PR: 39771
Submitted by: maintainer
|
| |
|
|
|
| |
PR: ports/39750
Submitted by: Matthias Andree <matthias.andree@web.de>
|
| | |
|
| |
|
|
|
| |
PR: 39746
Submitted by: Cyrille Lefevre <cyrille.lefevre@laposte.net> (maintainer)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
PR: ports/39729, ports/39727, ports/39726, ports/39724
PR: ports/39722, ports/39721, ports/39720, ports/39719, ports/39718
Submitted by: Scott Flatman <sf@dsinw.com>
|
| |
|
|
|
| |
PR: 39168
Submitted by: king@v2project.com
|
| |
|
|
|
| |
New manpages: ssh-keysign.8 sftp-server.8 sshd.8
New program ssh-keysign
|
| |
|
|
|
|
|
| |
- New program ssh-keysign
- New manpages for ssh_config and sshd_config
- Merge Pathes to new files
- Fix GCC problem with unsupported __func__ in older Releases
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
there's no -devel branch yet.
|
| |
|
|
|
| |
Give maintainership to udo.schweigert@siemens.com, who already maintains
the -devel ports.
|
| | |
|
| |
|
|
|
| |
PR: ports/39475
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 39491
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
Perl module that provides interoperable MD5-based crypt() function
PR: 39467
Submitted by: Erwin Lansing <erwin@lansing.dk>
|
| |
|
|
|
|
|
| |
update Sendmail.README for sendmail 8.10-8.12
PR: 38646
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
Crypt::PGPSimple provides a simple object-oriented interface to PGP
PR: 38622
Submitted by: rachek <rachek@si.freebsd.org>
|
| |
|
|
|
|
|
| |
PR: 32471
Submitted by: Martijn Lina <martijn@ietsvaags.xs4all.nl>, TAKEMURA Masahiro <mastake@msel.t.u-tokyo.ac.jp>
Tested by: TERAMOTO Masahiro <teramoto@comm.eng.osaka-u.ac.jp>, "Julian C. Dunn" <jdunn@aquezada.com>
Approved by: maintainer timeout (1 month since I mailed him)
|
| |
|
|
|
|
| |
and the X11 libraries are not required.
Approved by: maintainer
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 39261
Submitted by: Udo Schweigert <udo.schweigert@siemens.com> (maintainer)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rigorous testing performed on the part of the KDE/FreeBSD Project
over the last three weeks. Thanks to everyone who helped test!
General changes:
[1] Follow KDE2 style by moving KDE core specific macros and
the like to x11/kde3/Makefile.kde.
[2] Fix a variety of comments or miscellaneous data to reflect
that this is KDE3 and not KDE2.
[3] Account for more empty directories in the PLISTs.
deskutils/kdepim3:
[4] More #include <malloc.h> -> #include <stdlib.h>.
audio/arts:
[5] Upgrade to 1.0.1.
[6] Point at MASTER_SITE_KDE not my own mirror.
audio/kdemultimedia3:
[7] Account for the removal of the <machine/soundcard.h> symlink.
Simply point all such includes at <sys/soundcard.h>.
editors/koffice-kde3:
[8] Get rid of #include <values.h> preemptively.
devel/kdesdk3:
[9] Remove cervisia from build if building on -CURRENT due to
C++-unsafe sys/wait.h. The header is believed to have been
fixed in newer -CURRENT (>= Jun 5) but we have not tested that.
devel/kdevelop:
[10] Upgrade to 2.1.1 and use KDE 3 version.
[11] Remove a number of suggested dependencies that no longer fit.
[12] Account for where the docs for Qt went since they got moved
to fit in hier(7) better.
graphics/kdegraphics3:
[13] Turn off kuickshow by default because it depends on imlib,
which in turn depends on gtk/glib. This will be revisited
when we split up the KDE ports a bit.
games/kdegames3:
[14] Fix compile error on -CURRENT where kpat/freecell-solver/md5.h
tried to define uint32_t after sys/types.h already had.
sysutils/kdeadmin3:
No particular changes.
misc/kdeaddons3:
No particular changes.
misc/kdeedu3:
[15] Re-add the huge number of missing @dirrm's.
misc/kdeutils3:
No particular changes.
misc/kde3-i18n-* and */kde3-i18n:
For the most part, no particular changes. A huge number of I18N
message updates went into this release, though.
french/kde3-i18n:
[16] Fix build Makefile error due to tarball builder's env.
net/kdenetwork3:
No particular changes.
x11-clocks/kdetoys3:
No particular changes.
x11/kdebase3:
[17] Account for mkfontdir "soft" build-time dependency. If
mkfontdir is available, use it to build fonts.dir where
kdebase installs fonts. Otherwise, don't bother.
[18] Patch ElectricEyes.desktop to use the name of the program
that FreeBSD uses when you install the port for it.
[19] Patches for KDM merged into KDE 3.0.1.
[20] Properly fix kdm/backend/xdmcp.c string format error.
x11/kdelibs3:
[21] Support the KDE3 version check to make sure no one
tries to install KDE2 then KDE3. The 'kde-version-check'
target is centralized in x11/kde3/Makefile.kde.
[22] Remove patch for kdeprint/configure.in.in.
[23] Add patch to fix critical icon loader bug.
x11/kde3:
[24] Add Makefile.kde for centralizing KDE core-specific macros
that don't belong in bsd.kde.mk.
x11-toolkits/qt30:
[25] Mark broken on any XFree86 version < 4 due to packing list
related problems if we tried to support XFree86 3.
[26] Error out if the user has Qt2 installed already.
x11-wm/kdeartwork3:
[27] Add USE_MESA to explicitly support the 3D screensavers.
[28] Re-add a large number of missing @dirrm's.
Credits:
[1] [4] [5] [6] [7]
[9] [10] [14] [16]
[21] [22] [24] [26]: will
[2] [3] [8] [15] [17]
[19] [25] [27] [28]: alane
[11] [12]
Submitted by: Lauri Watts <lauri@kde.org>
[13] Found by: mi
Removed by: will
[18] [23]
Submitted by: Andy Fawcett <andy@athame.co.uk>
Tested by: [in addition to the above, in no particular order]
knu
Mattias Douhan <matt@athame.co.uk>
Bradley T. Hughes <bhughes@trolltech.com>
Erik H. Bakke <ebakke@trolltech.com>
David Johnson <david@usermode.org>
JJ Behrens <jj@nttmcl.com>
Michael W. Collette <metrol@metrol.net>
Adriaan de Groot <adridg@sci.kun.nl>
Mark Rowlands <mark.rowlands@minmail.net>
Mark Stosberg <mark@summersault.com>
Dave Cantrell <phaedrus@alltel.net>
Mark Miller <joup@bigfoot.com>
Wesley Morgan <morganw@chemikals.org>
Arjan van Leeuwen <avl@operamail.com>
|
| | |
|
| |
|
|
|
| |
PR: 39218
Submitted by: Udo Schweigert <udo.schweigert@siemens.com> (MAINTAINER)
|
| |
|
|
|
| |
PR: 38934
Submitted by: Christopher K Davis (ckd-freebsd@ckdhr.com)
|
| | |
|
| |
|
|
|
| |
PR: 39120
Submitted by: MAINTAINER: Joe Greco <jgreco@ns.sol.net>
|
| |
|
|
|
|
|
|
|
| |
- whitespace nit
- remove a directory from pkg-plist which is not actually created
- make prefix safe
PR: ports/39111
Submitted by: Erwin Lansing <erwin@lansing.dk>
|
| | |
|
| |
|
|
|
|
|
|
| |
- give maintainership to submitter
- add WWW: tag
PR: 39076
Submitted by: Erwin Lansing <erwin@lansing.dk>
|
| |
|
|
| |
Submitted by: ijliao
|
| |
|
|
| |
(currently the distfile is in the "old" subdir)
|
| |
|
|
|
|
| |
it appears to be configured to do so.
Submitted by: Oliver Crow <ocrow@simplexity.net>
|
| | |
|
| |
|
|
|
| |
PR: 39000
Submitted by: KATO Tsuguru <tkato@prontomail.com>
|
| |
|
|
| |
Submitted by: joseph@randomnetworks.com
|
| |
|
|
| |
bump PORTREVISION.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Submitted by: bento
|
| |
|
|
|
| |
PR: 38892
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Build defaults witouth SUID
|
| | |
|
| |
|
|
| |
-current.
|
| | |
|
| | |
|
| |
|
|
|
| |
- Fix USE_OPENSSL_PORT and USE_OPENSSL_BASE
- drop obsolete/broken USE_OPENSSL
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq
Update to OpenSSH-portable-3.2.3p1
- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.
If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080
Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC
|
| |
|
|
|
|
|
|
|
| |
does not contain the configure trojan that the previous tarball
did.
PR: ports/38716
Submitted by: Dominic Marks <dominic_marks@btinternet.com> (maintainer),
Yonatan Bokovza <Yonatan@xpert.com>
|
| |
|
|
| |
PR: ports/38716
|
| | |
|
| |
|
|
|
| |
PR: 38692
Submitted by: maintainer
|
| |
|
|
|
|
|
| |
http://www.ssh.com/products/ssh/advisories/authentication.cfm
PR: 38592
Submitted by: maintainer
|
| |
|
|
| |
Reminded by: cy
|
| |
|
|
| |
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
|
| |
/etc/make.conf.
Submitted by: <skrueger@europe.com>
|
| | |
|
| |
|
|
|
| |
proper nmapfe port. I do as one that created and maintained this port
for 4 years.
|
| | |
|
| |
|
|
|
|
|
| |
traffic.
PR: 38300
Submitted by: Dominic Marks <dominic_marks@btinternet.com>
|
| |
|
|
|
|
| |
- new master site & www page
Prodded by: Steffen Leich (the author)
|
| |
|
|
| |
Poked by: fozzy@kievweb.net.ua
|
| |
|
|
|
|
| |
package
Submitted by: Martin Matuska <matuska@wu-wien.ac.at>
|
| |
|
|
|
|
|
| |
A distinfo file may contain multiple hashes for the same distfile.
A checksum mismatch was logged by bento last Saturday.
PR: 37901
|
| | |
|
| |
|
|
|
| |
PR: 38526
Submitted by: Oliver Braun <obraun@informatik.unibw-muenchen.de>
|
| | |
|
| |
|
|
| |
Submitted by: maintainer
|
| |
|
|
| |
Requested by: Tobias Henoeckl <hoeni@Space.Net>
|
| |
|
|
|
|
|
|
|
|
|
| |
installed, not both.
2. change MASTER_SITES / add MASTER_SITE_SUBDIR
3. amavisd depends on Net::SMTP, not Net::Telnet
4. bump PORTREVISION
PR: 38469
Submitted by: Yen-Ming Lee <leeym@utopia.leeym.com>
Approved by: maintainer
|
| |
|
|
|
| |
PR: 38434
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38235
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38369
Submitted by: maintainer
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 38415
Submitted by: Anton Voronin <anton@chelcom.ru>
|
| | |
|
| |
|
|
|
| |
PR: 38305
Submitted by: maintainer
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 38363
Submitted by: maintainer
|
| |
|
|
|
|
|
|
|
| |
Due to APM dependancies, its preventing the port from building on
alpha. Since I can't see what use its features would be on a
platform which doesn't support power mgmnt, it seems simplest to
just yank it.
Approved by: will
|
| |
|
|
|
| |
PR: 38368
Submitted by: MAINTAINER: Udo Schweigert <udo.schweigert@siemens.com>
|
| |
|
|
|
| |
PR: 38311
Submitted by: Dominic Marks <dominic_marks@btinternet.com>
|
| |
|
|
| |
Reported by: fenner's survey
|
| |
|
|
|
|
|
| |
fix startup script
PR: 38297
Submitted by: Martin Matuska <matuska@wu-wien.ac.at>, maintainer
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: ports/37112
Submitted by: maintainer
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Note: The PR includes diffs to cope with WITHOUT_X11 env,
but this was already committed by knu-san.
So I just added CONFIGURE_ARGS line, please verify it.
PR: ports/35385
Submitted by: maintainer
|
| | |
|
| |
|
|
| |
Submitted by: gen02@xtremedev.com
|
| |
|
|
|
| |
PR: 29638
Submitted by: Scott Renfro <scott@renfro.org>
|
| | |
|
| |
|
|
|
|
|
| |
minor Update of the Readme
PR: 37607,37913
Submitted by: hetzels@westbend.net
|
| | |
|
| |
|
|
|
|
|
|
| |
* fix to use vscan:vscan to scan virus
* add a dependency of p5-Net-Telnet
PR: 38084
Submitted by: maintainer
|
| |
|
|
|
| |
PR: 38100
Submitted by: Alan Batie
|
| |
|
|
| |
Pointy hat to: cy
|
| | |
|
| |
|
|
| |
is not relevant at this time.
|
| |
|
|
| |
Approved by: knu (mentor)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
See:
http://www.openssl.org/source/exp/CHANGES
Port improvements:
proccessor type is now detected
Add option: OPENSSL_WITH_386
This set as default for package generation on bento
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The daemonized version of amavis-perl
PR: 37993
Submitted by: Gea-Suan Lin <gslin@infomath.math.nctu.edu.tw>
|
| | |
|
| |
|
|
|
|
| |
Add another WWW to the pkg-descr.
Woken up by: Andrey Pevnev
|
| |
|
|
| |
Submitted by: Jack Lloyd <lloyd@acm.jhu.edu>
|
| |
|
|
| |
Approved by: knu (mentor)
|
| |
|
|
| |
Approved by: knu (mentor)
|
| |
|
|
| |
Submitted by: ijliao
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Maintainer requested maintainership drop.
PR: 37916
Submitted by: MAINTAINER
|
| |
|
|
|
| |
PR: 37907
Submitted by: Dominic Marks
|
| |
|
|
|
|
|
| |
+# LICENSE: http://www.bluesine.com/license.html
PR: 37901
Submitted by: Oliver Braun <obraun@informatik.unibw-muenchen.de>
|
| | |
|
| |
|
|
| |
To keep consistent with USE_SSL in bsd.port.mk
|
| |
|
|
| |
zlib.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
use that instead of the old autoconf. Add a pre-configure target
to run autoconf, because bsd.port.mk only supports the old autoconf.
Left to its own devices, the program now installs files with strange
names such as /usr/local/man/man1/i386-portbld-freebsd4.4-mcrypt.1
and /usr/local/bin/i386-portbld-freebsd4.4-mcrypt. To avoid this,
the whole installation now happens in a do-install target in the
port's Makefile, which also does the former post-install tasks.
Install supplementary documentation, unless NOPORTDOCS is defined.
Use EXAMPLESDIR.
The mdecrypt utility was removed. It has been replaced by a -d
option to mcrypt.
Drop USE_LIBTOOL and add back GNU_CONFIGURE.
PORTVERSION remains nil, since this did not build.
Add a warning about my laziness.
|
| |
|
|
|
| |
Reported by: Mario Pranjic and Valentin Zahariev
PR: 37790 and 37856
|
| | |
|
| | |
|
| |
|
|
|
| |
Submitted by: Cyrille Lefevre <cyrille.lefevre@laposte.net>
PR: 37850
|
| | |
|
| |
|
|
| |
A file and string hashing utility
|
| | |
|
| |
|
|
| |
Error reported by: so many people
|
| |
|
|
| |
Submitted by: Sergii Laskavyi <ls@gambit.com.ru>
|
| |
|
|
| |
Pointy hat to: dinoex
|
| |
|
|
|
|
| |
maintainer at his request.
Noticed by: bento
|
| |
|
|
| |
Approved by: trevor (maintainer)
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: 37700
Submitted by: MAINTAINER: Kimura Fuyuki <fuyuki@mj.0038.net>
|
| |
|
|
|
|
|
|
|
| |
- some configure scripts check the version of the lib
so we need to update SHLIBVER
- bump PORTREVISION
openssh:
- build ports with local openssl, if it exists
|
| |
|
|
| |
* Update update_dat to support their slightly changed format
|
| |
|
|
|
|
|
| |
<URL:http://online.securityfocus.com/archive/1/269356> and
<URL:http://www.freeweb.hu/mantra/04_2002/KRB4.htm>.
Obtained from: Heimdal repository
|
| |
|
|
|
| |
- fetch and use openssh-3.1-adv.token.patch to build.
- bump PORTREVISION
|
| |
|
|
|
|
|
| |
up on their website again, reimplementation of the Makefile patch that
fetched the the tarball from their site for users outside of the US
(originally in Makefile rev 1.29). USA_RESIDENT=YES still supports
manual fetching from web.mit.edu.
|
| | |
|
| | |
|
| |
|
|
| |
PR: ports/37621
|
| |
|
|
| |
See http://www.gnupg.org/whatsnew.html#rn20020429 for changelog.
|
| |
|
|
| |
Pointy hat to: ijliao
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
4199 Emergency Dat Release due to Exploit-BackCSS False Positive
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
original versions of these ports, so some PORTREVISIONs were bumped. See
http://freebsd.kde.org/ and mailing lists linked to from there for info
on the packages generated to test these ports.
bsd.kde.mk has already been updated a few days ago to work with these.
Some patches applied to fix a few bugs were:
deskutils/kdepim3:
[1] Remove kpilot from build because it wasn't ready at release.
editors/koffice-kde3:
[2] Fix compile time bugs for FreeBSD.
misc/kdeedu3:
[3] Fix compile problem with kvoctrain.
x11/kdebase3:
[4] Fix KDM CPU usage and login bug.
Some caveats:
* All PLISTs are broken for deinstall due to script bug that I
didn't notice until very recently. This will be fixed when I
commit an update tomorrow. These ports should still install
perfectly fine though. They should also deinstall without
giving errors, but will leave directories behind.
* You can't install this with any other version of QT or KDE
already installed. I am not sure the checks are 100% working,
but fixes for these will be forthcoming. This is mainly due
to a policy decision made by kde@ to make QT/KDE ports install
the way the rest of the world expects it to while also still
conforming to FreeBSD's hier(7). For reference on this decision,
please consult the KDE/FreeBSD mailing list archives. This
decision fixes 2-year-old bug reports relating to how we handled
this for KDE2 vs KDE1.
Submitted by: [1] Adrian de Groot <adridg@cs.kun.nl>,
[2] David Faure <faure@kde.org>,
Andy Fawcett <andy@athame.co.uk>
Lauri Watts <lauri@kde.org>
[3] Lauri Watts <lauri@kde.org>
[4] Alan Eldridge <alane@geeksrus.net>
Oswald Buddenhagen <ossi@kde.org>
Reviewed by: kde
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- more manpages
- shift FORBIDDEN
Excerpt of Changes between 0.9.6b and 0.9.6c [21 dec 2001]
*) Fix BN_rand_range bug pointed out by Dominikus Scherkl
*) Only add signing time to PKCS7 structures if it is not already present.
*) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce", OBJ_ld_ce
should be OBJ_id_ce. Also some ip-pda OIDs in crypto/objects/objects.txt
were incorrect (cf. RFC 3039).
*) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
returns early because it has nothing to do.
*) Fix mutex callback return values in crypto/engine/hw_ncipher.c.
*) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
messages are stored in a single piece (fixed-length part and
variable-length part combined) and fix various bugs found on the way.
*) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
instead. BIO_gethostbyname() does not know what timeouts are
appropriate, so entries would stay in cache even when they have
become invalid.
*) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
faced with a pathologically small ClientHello fragment that does
not contain client_version: Instead of aborting with an error,
simply choose the highest available protocol version (i.e.,
TLS 1.0 unless it is disabled).
*) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within
one of the SSL handshake functions.
*) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
(sent using the client's version number) if client_version is
smaller than the protocol version in use. Also change
ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
the client will at least see that alert.
*) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
correctly.
*) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
client receives HelloRequest while in a handshake.
*) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
should end in 'break', not 'goto end' which circuments various
cleanups done in state SSL_ST_OK. But session related stuff
must be disabled for SSL_ST_OK in the case that we just sent a
HelloRequest. Also avoid some overhead by not calling
ssl_init_wbio_buffer() before just sending a HelloRequest.
*) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
reveal whether illegal block cipher padding was found or a MAC
verification error occured. (Neither SSLerr() codes nor alerts
are directly visible to potential attackers, but the information
may leak via logfiles.) ssl/s2_pkt.c failed to verify that the
purported number of padding bytes is in the legal range.
*) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
'wristwatch attack' using huge encoding parameters (cf.
James H. Manger's CRYPTO 2001 paper). Note that the
RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
encoding parameters and hence was not vulnerable.
*) BN_sqr() bug fix.
*) Rabin-Miller test analyses assume uniformly distributed witnesses,
so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
followed by modular reduction.
*) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
equivalent based on BN_pseudo_rand() instead of BN_rand().
*) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
This function was broken, as the check for a new client hello message
to handle SGC did not allow these large messages.
*) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
*) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
*) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
with the same message size as in ssl3_get_certificate_request().
Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
messages might inadvertently be reject as too long.
*) Modified SSL library such that the verify_callback that has been set
specificly for an SSL object with SSL_set_verify() is actually being
used. Before the change, a verify_callback set with this function was
ignored and the verify_callback() set in the SSL_CTX at the time of
the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
to allow the necessary settings.
*) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
dh->length and always used
BN_rand_range(priv_key, dh->p).
So switch back to
BN_rand(priv_key, l, ...)
where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
otherwise.
*) In RSA_eay_public_encrypt, RSA_eay_private_decrypt, RSA_eay_private_encrypt
RSA_eay_public_decrypt always reject numbers >= n.
*) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
to synchronize access to 'locking_thread'.
*) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
*before* setting the 'crypto_lock_rand' flag. The previous code had
a race condition if 0 is a valid thread ID.
|
| |
|
|
|
| |
PR: 37294
Submitted by: maintainer
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* HKP (WWW) key submissions disabled by default, enabled via
configuration file
* nicer formatting of long (SHA-1) fingerprints
* pksdctl usage() shows available commands/arguments
* manual page fixes
Bump PORTREVISION.
PR: ports/34970
Submitted by: Jason Harris <jharris@widomaker.com>
|
