Navigation:
Browse pkgsrc
(this page)| 2005-12-05 21:51:20 by Roland Illig | Files touched by this commit (1432) |
Log message:
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
2005-11-14 19:17:49 by Thomas Klausner | Files touched by this commit (2) |  |
Log message:
Update to 1.2.9:
* Version 1.2.9 (2005-11-07)
- Documentation was updated and improved.
- RSA-MD2 is now supported for verifying digital signatures.
- Due to cryptographic advances, verifying untrusted X.509
certificates signed with RSA-MD2 or RSA-MD5 will now fail with a
GNUTLS_CERT_INSECURE_ALGORITHM verification output. For
applications that must remain interoperable, you can use the
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 or GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5
flags when verifying certificates. Naturally, this is not
recommended default behaviour for applications. To enable the
broken algorithms, call gnutls_certificate_set_verify_flags with the
proper flag, to change the verification mode used by
gnutls_certificate_verify_peers2.
- Make it possible to send empty data through gnutls_record_send,
to align with the send(2) API.
- Some changes in the certificate receiving part of handshake to prevent
some possible errors with non-blocking servers.
- Added numeric version symbols to permit simple CPP-based feature
tests, suggested by Daniel Stenberg <daniel@haxx.se>.
- The (experimental) low-level crypto alternative to libgcrypt used
earlier (Nettle) has been replaced with crypto code from gnulib.
This leads to easier re-use of these components in other projects,
leading to more review and simpler maintenance. The new configure
parameter --with-builtin-crypto replace the old --with-nettle, and
must be used if you wish to enable this functionality. See README
under "Experimental" for more information. Internally, GnuTLS has
been updated to use the new "Generic Crypto" API in gl/gc.h. The
API is similar to the old crypto/gc.h, because the gnulib code were
based on GnuTLS's gc.h.
- Fix compiler warning in the "anonself" self test.
- API and ABI modifications:
gnutls_x509_crt_list_verify: Added 'const' to prototype in <gnutls/x509.h>.
This doesn't reflect a change in behaviour,
so we don't break backwards compatibility.
GNUTLS_MAC_MD2: New gnutls_mac_algorithm_t value.
GNUTLS_DIG_MD2: New gnutls_digest_algorithm_t value.
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: New gnutls_certificate_verify_flags values.
Use when calling
gnutls_x509_crt_list_verify,
gnutls_x509_crt_verify, or
gnutls_certificate_set_verify_flags.
GNUTLS_CERT_INSECURE_ALGORITHM: New gnutls_certificate_status_t value,
used when broken signature algorithms
is used (currently RSA-MD2/MD5).
LIBGNUTLS_VERSION_MAJOR,
LIBGNUTLS_VERSION_MINOR,
LIBGNUTLS_VERSION_PATCH,
LIBGNUTLS_VERSION_NUMBER: New CPP symbols, indicating the GnuTLS
version number, can be used for feature existence
tests.
|
| 2005-10-20 02:43:32 by Thomas Klausner | Files touched by this commit (5) |
Log message: Update to 1.2.8: * Version 1.2.8 (2005-10-07) - Libgcrypt 1.2.2 is required to fix a bug for forking GnuTLS servers. - Don't install the auxilliary libexamples library used by the examples in doc/examples/ on "make install", report and tiny patch from Thomas Klausner - If you pass a X.509 CA or PGP trust database to the command line tool, it will now abort the connection if the server certificate validation fails. Use the parameter --insecure to continue even after certificate validation failures. Inspired from discussion with Alexander Kotelnikov - The test for socklen_t has been moved to gnulib. - Link failures for duplicate or missing "program_name" symbol has \ been fixed, patch from Martin Lambers - The command line tool and the examples no longer uses mmap or bzero, to make them more portable, patch from Martin Lambers - Made the PKCS #12 API handle null passwords. Based on patch by Anton Altaparmakov - The GTK-DOC manual should build with current released tools. (But a copy of the output is included, so the tools are not required.) - API and ABI modifications: No changes since last version. |
| 2005-09-30 15:11:34 by Thomas Klausner | Files touched by this commit (6) |
Log message: Update to 1.2.7: * Version 1.2.7 (2005-09-09) - The GNUTLS and GNUTLS-EXTRA libraries are now built with versioned symbols. - Certtool now complains when reading out-of-range X.509 serial numbers, suggested by Fran - Certtool now uses the readline library (when available) when reading X.509 serial numbers. - Fixed build problems in getpass on uClibc and Mingw32 platforms. - Fixed compile warning regarding socklen_t on Mingw32, reported by Martin Lambers - Fixed examples in doc/examples/, suggested by Fran - Gnulib is now used for the core library, enabling future code cleanups. - The gnutls-cli tool now use gnutls_certificate_verify_peers2, suggested by Daniel Stenberg - Doc fixes for gnutls_transport_set_push and gnutls_transport_set_pull. - Minilibtasn1 is now 0.2.17 (removed optional use of C99 macros). - Disable zlib support if zlib.h is not present. - A number of internal cleanups. - API and ABI modifications: No changes since last version. pkgsrc change: do not install libexamples (looks like a bug) |
| 2005-09-05 09:34:06 by Adam Ciarcinski | Files touched by this commit (2) |
Log message: buildlink3.mk matches Makefile now |
| 2005-08-30 16:29:00 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: Changes 1.2.6: - MiniLZO updated to version 2.01 and moved to separate directory. - Collision between system LZO header files and MiniLZO header file fixed. - Will now test for liblzo functionality in liblzo2 too. - Minilibtasn1 is now 0.2.14 (no code changes). - Some code changes to avoid GTK-DOC warnings. - API and ABI modifications: No changes since last version. |
| 2005-07-14 22:16:23 by Thomas Klausner | Files touched by this commit (1) |
Log message: Update comment about lzo. |
| 2005-07-14 21:19:43 by Thomas Klausner | Files touched by this commit (3) | |
Log message: Update to 1.2.5: * Version 1.2.5 (2005-07-03) - More builddir != srcdir fixes, reported by Mike Castle - Fixed off-by-one bug in the size parameter of gnutls_x509_crt_get*_dn, reported by Adam Langley - Corrected some stuff in minilzo detection. Pointed out by Sergey Lipnevich. - MiniLZO updated to version 2.00. - gnutls_x509_crt_list_import now accept a DER formatted CRL. - API and ABI modifications: No changes since last version. |
| 2005-05-31 19:48:30 by Thomas Klausner | Files touched by this commit (2) | |
Log message: Update to 1.2.4: * Version 1.2.4 (2005-05-28) - Corrected some bugs that could affect 64 bit systems. - Some corrections in the header files to include the prototype of memmem properly (affected 64 bit systems). Report and patch by Yoann Vandoorselaere <yoann@prelude-ids.org>. - Introduced the --fix-key option to certtool, which can be used to regenerate the (optional) parameters in a private key. It should be used together with --key-info. - Corrected a bug in certificate chain verification that could lead to marking a trusted chain as non trusted, if the last certificate in the chain was a self signed one. - Gnulib portability files were updated. - License were updated to reflect new FSF address. |
| 2005-05-02 21:48:37 by Lubomir Sedlacik | Files touched by this commit (1) | |
Log message: Bump BUILDLINK_RECOMMENDED after latest security update. (hi wiz!) |
New packages: