Navigation:
Browse pkgsrc
(this page) 2023-12-09 20:10:12 by Amitai Schleier | Files touched by this commit (3) |  |
Log message: ucspi-ssl: update to 0.12.10. Changes: 0.12.8: - Added new x509 certs and key material; all ECC now. - Fixed wrong evaluation of peer cert in ssl_verify (none-critical). 0.12.9: - Included IP info in sslserver's TLS error messages for a quick lookup. - Fixed sslhandle's wrong if nesting. - sslserver return FATAL (and not ERROR) in case TLS is requested but missing. - Enhanced compatibility with OpenSSL 3.x.y. 0.12.10: - Added argument '-y cdb' to sslserver in order to allow a rule checking for IP addresses prior of the DNS/IDENT lookup (to cope with DDos attacks). |
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
| 2023-07-06 11:43:03 by Thomas Klausner | Files touched by this commit (2483) |
Log message: *: recursive bump for perl 5.38 |
| 2023-06-07 17:11:53 by Amitai Schleier | Files touched by this commit (2) |
Log message:
ucspi-ssl: remove non-meaningful 'inet6' option. Bump PKGREVISION.
The dependency was to ensure the runtime presence of tcprules(1),
described at HOMEPAGE thus:
Optional but indispensible: ucspi-tcp6 to build the cdb to control
incoming connections for sslserver using tcprules coming with the
ucspi-tcp6 package. Older versions of ucspi-tcp can be used as well,
but don't provide neither IPv4 CIDR nor IPv6 capabilities. The
generated cdb however, is binary compatible among all versions.
Depending on either of net/ucspi-tcp{,6} here was complicating the
dependency graph in exchange for... still getting in the way of other
packages installing what they need (e.g. mail/bincimap). Trust the
sysadmin to notice if they don't already have tcprules and decide what
to install in that case.
|
| 2023-05-29 13:52:59 by Amitai Schleier | Files touched by this commit (2) |
Log message: Update to 0.12.7. From the changelog: - sslserver MAXCONIP feature is working now from the cdb read by the children. - MAXCONIP works even the general limit is 0. - Fixed wrong '-m' option for sslserver. - Added ip and port information in case sslserver/sslclient can't bind to local addresses. - Tweaked rts to include external load libraries. |
| 2023-04-04 20:47:29 by Amitai Schleier | Files touched by this commit (2) |
Log message: Update to 0.12.6. From the changelog: - ssl_io uses now two specific return codes under condition 'BOMB' avoiding unnecessary error messages in case of TLS client termination. - ssl_io.c closes TLS connection gracefully upon SSL_ERROR_SSL recognition and \ not continue looping. - Included tests on tai_now in ssl_timeout.c and removed obsolete pollmax variables. |
| 2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952) |
Log message: *: recursive bump for perl 5.36 |
| 2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958) |
Log message: net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch |
| 2021-10-22 00:29:57 by Amitai Schleier | Files touched by this commit (2) |
Log message: Update to 0.12.3. From the changelog: - sslhandle to bind to IPv4 sockets, if told so. - Compatibility tests with OpenSSL 3.0. Still preliminary. |
| 2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) |
Log message: net: Remove SHA1 hashes for distfiles |
New packages: