Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Log message:
security: Remove SHA1 hashes for distfiles

Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Log message:
Update security/ipv6-toolkit to version 1.4.1

Changes since previous version:

	SI6 Networks' IPv6 Toolkit v1.4.1

	   * frag6: Fixed bug that prevented Ethernet header from being filled
	     A bug in the code caused Ethernet frames to go on te wire without any of
	     their header fields completed.

	   * All: Use of library to avoid code replication
	     An "libipv6" library was created, such that common functions do \ 
not need
	     to be replicated for each tool. ni6, ns6, rs6, and tcp6 now employ such
	     library.

pkgsrc changes:

	* address6 and its man page are no longer installed

	* extend the Makefile changes to include the correct linkage for rs6 and tcp6
	  i.e. include the libipv6 object mentioned above

Log message:
Remove patch that's no longer needed

Log message:
update security/ipv6-toolkit to version 1.4nb1

code was added to fix the compiler uninitialised warning (thanks!),
but the distfile name didn't change since it was packaged originally,
so do the DIST_SUBDIR dance, and bump package version to nb1

Log message:
Update ipv6-toolkit to version 1.4 from 1.3.4

Pkgsrc changes:
+ quieten warnings from gcc 4.5.3 about uninitialised variables

Distribution changes:
SI6 Networks' IPv6 Toolkit v1.4 release

   * frag6: Fixed the flooding option
     Fixed the fragment size used when employing the flooding option. It was
     prevously sending fragment sizes that where not a multiple of eight, and
     hence these fragments were dropped.

   * scan6: Added support for 64-bit encoding of IPv4 addresses
     Option "--tgt-ipv4" was augmented to support both encodings (32 bit
     and 64 bit) of embedded IPv4 addresses.

   * tcp6: Fixed response to Neighbor Solicitations
     tcp6 was not responding to incomming Neighbor Solicitations. Hence, when
     packets were sent from spoofed addresses, tcp6 would never receive the
     response packets, because the NSs sent by the local router or target node
     would never be responded.

   * tcp6: Added support for TCP Window-based attacks
     tcp6 can now close the window after sending an app-layer command, and
     also "modulate" the TCP window to circumvent trivial mitigations \ 
for these
     attacks ("--window-mode" and "--win-modulate" options).

   * tcp6: Support for multiple connection-establishment types
     tcp6 can now cause e.g. TCP simultaneous opens (see the "--open-mode"
     option).

   * tcp6: Support for multiple connection-termination types
     tcp6 can now perform multiple connection-termination types (see the
     "--close-mode" option).

   * tcp6: Support for sending application layer requests
     tcp6 can now send application-layer requests with the "--data" option.

   * Many improvements to the manual pages.
     Fixed the troff encoding of many manual pages. Added ipv6toolkit(7), that
     describes a general description of the toolkit.

   * All: Fixed bug in link-layer destination address selection
     Tools now try to find a local router or perform Neighbor Discovery only
     when necessary (i.e., underlying link-layer is *not* loopback or tunnel,
     destination address is *not* link-local, and a link-layer destination
     address has *not* been specified).

   * All: Fixed bug in option handling
     Incorrect data type was used for the return value of getopt_long(), thus
     leading to problems in some architectures.

   * All: Fixed a number of issues with pcap_next_ex()
     The timeout parameter of pcap_next_ex() is now based on the platform (the
     previous constant value had different semantics in different platforms).
     Additionally, handle the case where pcap_next_ex() returns no packets.

   * All: General improvements and clean-up
     The development process now includes building the toolkit with the clang
     compiler (in addition to gcc), which has lead to the identification of a
     number of issues.

   * All: Improved support for building the toolkit.
     The toolkit now contains one makefile for pmake, and another for GNU make.
     Added support for the DESTDIR variable. Appropriate paths are selected
     based on the value of a number of variables. Configuration file is
     dynamically generated, with the right path to the oui.txt file.

Log message:
Allow this package to be cross-built too - take the compiler from
the environment if it's there.

Log message:
Update security/ipv6-toolkit from version 1.3.3 to 1.3.4

Changes from previous version:
   * IPv6-host tracking support in the scan6 tool.
   * A new tool, address6, to analyze IPv6 addresses
   * Minor bug fixes
   * PDF manual pages have been removed
   * additional manual pages

pkgsrc changes:
   * patch to avoid "uninitialised variable" warning from compiler

Log message:
Update security/ipv6-toolkit to version 1.3.3

	This minor update incorporates the "--tgt-known-iids" option, which
	can be used to track systems across networks, even if they employ the
	so-called "Privacy Address" (and yes, that includes Microsoft Windows
	systems).