Log message:
Do not truncate pass-phrases without a newline character

This also fixes a crash when the pass-phrase entered is empty.

Originally submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without a newline character

Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.

Tested on NetBSD/amd64.

Log message:
Do not ask for a passphrase when empty

Originally submitted on tech-pkg@ as:
[PATCH 06/11] Do not ask for a passphrase when empty

Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.

Tested on NetBSD/amd64.

Log message:
Sort PLIST files.

Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:

  pkglint -Cnone,PLIST -Wnone,plist-sort -r -F

Log message:
Do not crash when listing keys without a keyring

Bumps PKGREVISION.

Log message:
Bump PKGREVISION for security/openssl ABI bump.

Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Log message:
Pass correct location of OpenSSL.

Log message:
Update netpgp to version 20140220

Changes from previous version:

+ portability fixes from xtraeme for his Linux distribution:
	+ add search for ar(1) into autoconf (I fixed this differently
	  so as not to rely on an automake check)
	+ define __printflike if it's not already defined
	+ fix missing asprintf (I fixed this differently)

Log message:
Update security/netpgp from version 20140210 to 20140211

Changes:

	Avoid a warning on Gentoo Linux about fwrite(3) -- their glibc
	declares fwrite(3) with the warn_unused_result attribute, from Razvan
	Cojocaru

	Manual page improvements from Anthony J. Bentley

Log message:
Update netpgp package from 20101107 to 20140210

Main change is that the netpgpverify binary is no longer part of this
package - instead, pkgsrc/security/netpgpverify and
pkgsrc/security/libnetpgpverify should be used.

Other changes since previous version include:

> ----------------------------
> revision 1.96
> date: 2012-02-21 22:58:54 -0800;  author: agc;  state: Exp;  lines: +5 -15;
> Add the --trusted-keys argument to netpgpkeys(1) to print out PGP ids in a
> machine-readable manner.
> ----------------------------
> revision 1.95
> date: 2012-02-21 22:29:40 -0800;  author: agc;  state: Exp;  lines: +1 -3;
> re-order the fields that we print out in the pgp_sprint_pubkey() function
> to be more usual.
>
> print out the name from within pgp_sprint_pubkey() rather than tagging it
> onto the end of the output from the function.
> ----------------------------
> revision 1.94
> date: 2011-08-02 00:16:56 -0700;  author: agc;  state: Exp;  lines: +19 -8;
> branches:  1.94.2;
> plug some memory leaks in error paths
> ----------------------------
> revision 1.93
> date: 2011-08-01 22:36:45 -0700;  author: agc;  state: Exp;  lines: +19 -13;
> when matching pubkeys, also return the first (pgp) uid for the key in the
> resultant key listing
>
> when using json to format keys returned from libnetpgp, also prepare for
> machine-readable format ("mr") as well as human \ 
("human"), even though
> it's not yet used.
> ----------------------------
> revision 1.92
> date: 2011-06-27 20:35:28 -0700;  author: agc;  state: Exp;  lines: +45 -24;
> get some things off the TODO list
>
> when initialising, recognise keys in a different order.
>
> 1. read the public keyring
>
> 2. if a userid has been specified, use it
>
> 3.  if not, check the configuration file (~/.gnupg/gpg.conf) for a
> default user id
>
> 4, only read the secret keyring if we need to (decrypting or signing)
>
> 5.  if signing, and we still don't have a userid, use the first key in
> the secret keyring
>
> 6.  if encrypting, and we still have no userid, use the first in the
> public keyring
>
> ssh keys remain the same as previously.
> ----------------------------
> revision 1.91
> date: 2011-06-27 00:05:31 -0700;  author: agc;  state: Exp;  lines: +7 -5;
> only attempt to load the secret key if we need to (for signing or for
> decrypting).
> ----------------------------
> revision 1.90
> date: 2011-06-24 17:37:44 -0700;  author: agc;  state: Exp;  lines: +11 -7;
> change mj library to take an additional argument for a string type,
> denoting its length. this allows binary strings to be encoded using
> libmj.
>
> escape magic characters in json strings in a more efficient manner.
> the previous method was not scalable.
>
> update callers to suit
>
> bump libmj major version number
>
> add examples to the libmj(3) man page
> ----------------------------
> revision 1.89
> date: 2011-01-02 21:34:53 -0800;  author: agc;  state: Exp;  lines: +2 -2;
> avoid a double free - from Anthony Bentley.
> ----------------------------
> revision 1.88
> date: 2011-01-01 15:00:24 -0800;  author: agc;  state: Exp;  lines: +17 -15;
> clean up lint (on amd64)
> ----------------------------
> revision 1.87
> date: 2010-12-01 14:14:52 -0800;  author: agc;  state: Exp;  lines: +5 -2;
> avoid nameclash - call the generated user id variable "generated \ 
userid"
> avoid nameclash - call the generated user id variable "generated \ 
userid"
>
> also keep the time of structure initialisation as an internal variable.
> ----------------------------
> revision 1.86
> date: 2010-12-01 14:01:41 -0800;  author: agc;  state: Exp;  lines: +4 -2;
> When generating a key, set the new key's userid (last 16 bytes of
> fingerprint) as an internal netpgp variable.
>
> This can then be queried using netpgp_getvar(netpgp, "userid") to \ 
find the
> new key's id.
> ----------------------------
> revision 1.85
> date: 2010-11-28 20:20:12 -0800;  author: agc;  state: Exp;  lines: +73 -18;
> Fix PR 44075 from Peter Pentchev, but do this by adding a
> --numtries=<attempts> option to netpgp(1) to provide the maximum
> number of attempts to retrieve the correct passphrase when signing or
> decrypting, and use it in libnetpgp(3).  The default number of
> attempts is 3, and a value of "unlimited" will loop until the correct
> passphrase has been entered.
> ----------------------------
> revision 1.84
> date: 2010-11-15 00:27:40 -0800;  author: agc;  state: Exp;  lines: +13 -4;
> Use a regular expression to match the various ASCII-armoured headers we
> may encounter - fixes PR 44074 from Peter Pentchev in a different way.
> ----------------------------
> revision 1.83
> date: 2010-11-15 00:03:39 -0800;  author: agc;  state: Exp;  lines: +48 -3;
> Changes to help with netpgp key generation and interoperability:
>
> + use plain SHA1 for session key s2k negotiation
> + don't warn on some conditions when inflating (reading a compressed file)
>   since the conditions don't hold for partial block lengths
> + prompt for a passphrase when generating a new key - used in the upcoming
>   secret-sharing functionality for netpgp
> ----------------------------