./www/p5-Session-Storage-Secure, Encrypted, expiring, compressed, serialized session data with integrity

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.000, Package name: p5-Session-Storage-Secure-1.000, Maintainer: pkgsrc-users

This module implements a secure way to encode session data. It is primarily
intended for storing session data in browser cookies, but could be used with
other backend storage where security of stored session data is important.

Features include:

() Data serialization and compression using Sereal
() Data encryption using AES with a unique derived key per encoded session
() Enforced expiration timestamp (optional)
() Integrity protected with a message authentication code (MAC)


Required to run:
[lang/perl5] [security/p5-Crypt-Rijndael] [security/p5-Crypt-CBC] [devel/p5-namespace-clean] [devel/p5-Moo] [devel/p5-MooX-Types-MooseLike] [converters/p5-Sereal-Decoder] [converters/p5-Sereal-Encoder] [security/p5-Crypt-URandom] [math/p5-Math-Random-ISAAC-XS] [textproc/p5-String-Compare-ConstantTime]

Required to build:
[devel/p5-Test-Deep] [devel/p5-Test-Fatal] [math/p5-Number-Tolerant] [pkgtools/cwrappers]

Master sites: (Expand)

Filesize: 25.753 KB

Version history: (Expand)


CVS history: (Expand)


   2022-03-11 13:36:08 by Wen Heping | Files touched by this commit (2)
Log message:
Update to 1.000

Upstream changes:
1.000     2021-03-23 07:51:36-04:00 America/New_York

    [!!! Compatibility Notice !!!]

    - This version introduces protocol version 2.  By default, newly generated
      output will be encoded using version 2.  Old data created with old
      versions of this module will still be readable, whether using the same
      secret or the old_secrets array.

    - Protocol version 2 key features include: salt length increased to 256
      bits and binary encoded; no longer uses a deprecated Crypt::CBC key
      derivation function; protocol version appended to the generated output.

    [FIXED]

    - Protocol version 1 suppresses 'opensslv1' key-derivation function
      deprecation warnings from Crypt::CBC.

    [PREREQS]

    - Requires Crypt::CBC 3.01

0.903     2021-03-22 22:40:21-04:00 America/New_York (TRIAL RELEASE)

0.901     2021-03-22 11:37:09-04:00 America/New_York (TRIAL RELEASE)
   2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)
Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
   2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)
Log message:
www: Remove SHA1 hashes for distfiles
   2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575)
Log message:
*: recursive bump for perl 5.34
   2020-08-31 20:13:29 by Thomas Klausner | Files touched by this commit (3631)
Log message:
*: bump PKGREVISION for perl-5.32.
   2019-11-04 23:10:16 by Roland Illig | Files touched by this commit (243)
Log message:
www: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

Manually excluded phraseanet since pkglint got the indentation wrong.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557)
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-06-30 22:17:50 by Nia Alarie | Files touched by this commit (1816)
Log message:
Update packages using a search.cpan.org HOMEPAGE to metacpan.org.

The former now redirects to the latter.

This covers the most simple cases where http://search.cpan.org/dist/name
can be changed to https://metacpan.org/release/name.

Reviewed by hand to hopefully make sure no unwanted changes sneak in.