Navigation:
Browse pkgsrc
(this page) 2023-01-10 18:03:59 by Amitai Schleier | Files touched by this commit (4) |  |
Log message: Update to 20230101. From the changelog: 20230101: - removed duplicit crypto_scalarmult_curve25519.* implementation and used X25519 from bearssl library - randombytes: rollback to /dev/urandom variant only - Makefile: removed bearssl target 20221229: - fixed parallel build 20221227: - LICENCE updated from public-domain to CC0 - updated examples and linked examples.md from README.md - added more error log messages when proxy-protocol is used |
2022-09-11 21:33:05 by Amitai Schleier | Files touched by this commit (9) |  |
Log message: Update to 20220901. From the changelog: - fixed randombytes(), uses getentropy() and /dev/urandom where getentropy() does not exist |
| 2022-08-30 19:55:31 by Amitai Schleier | Files touched by this commit (9) |
Log message: Apply upstream commit 0cb7bb4 to fall back to /dev/urandom on systems where getentropy() is not present. Bump PKGREVISION. |
| 2022-08-25 20:05:37 by Amitai Schleier | Files touched by this commit (2) | |
Log message:
Update to 20220814. From the changelog:
- proxyprotocol cleanup
- v2 removed
- switched to buffer lib.
- man page fixed many typos
- tlswrapper-smtp update, added postgrey support
- randombytes based on getentropy() insted of /dev/urandom
- big cleanup in the code
|
| 2022-01-15 20:04:24 by Amitai Schleier | Files touched by this commit (8) | |
Log message: Update to 20220114. From the changelog: - added "experimental" support for delayed encryption (option -nN) - add tlswrapper-smtp (STARTTLS support for old inetd-style SMTP servers) |
| 2022-01-04 23:10:37 by Amitai Schleier | Files touched by this commit (8) |
Log message: Fix build on BSDs and Solarish. |
| 2022-01-04 22:39:03 by Amitai Schleier | Files touched by this commit (4) |
Log message: Add tlswrapper, an UCSPI/inetd-style TLS encryption wrapper. tlswrapper is an TLS encryption wrapper between remote client and local program prog. Systemd.socket/inetd/tcpserver/... creates the server connection, tlswrapper encrypts/decrypts data stream and reads/writes data from/to the program prog as follows: Internet <--> systemd.socket/inetd/tcpserver/... <--> tlswrapper \ <--> prog By running separate instance of tlswrapper for each TLS connection, a vulnerability in the code (e.g. bug in the TLS library) can't be used to compromise the memory of another connection. To protect against secret-information leaks to the network connection (such Heartbleed) tlswrapper runs two independent processes for every TLS connection. One process holds secret-keys and runs secret-keys operations and second talks to the network. Processes communicate with each other through UNIX pipes. |
New packages: