- add OpenBSD WPA support written by kettenis@ (also tested by matthieu@
and Gregor Best)
- enable smartcard support via PCSC-Lite
- garbage collect OS compatibility patches which are no longer needed
(one found by me, one by kettenis@)
ok phessler@
X Certificate and Key management is an interface for managing asymetric
keys like RSA or DSA. It is intended as a small CA for creation and
signing certificates. It uses the OpenSSL library for the cryptographic
operations.
ok aja@
access violations and public keyring database corruption when importing
manipulated public keys. http://seclists.org/bugtraq/2012/Dec/151
Tweaked from a submission from David Hill.
Tested on sparc64 & hppa, and went into an amd64 bulk build.
Node that builtins/certdata.c patch goes to the attic since it's
autogenerated at build time from builtins/certdata.txt (which we patch
too for CACert roots) since bug #683266.
There might be a chemspill for a TURKTRUST CA distrust soon (bug
#825022, sg-only) but let's get this in now.
ok/feedback jasper@
The YubiKey Personalization Tool is a Qt based cross-platform utility
designed to facilitate re-configuration of YubiKeys on Windows, Linux
and MAC platforms. The tool provides a sane simple step-by-step
approach to make configuration of YubiKeys easy to follow and
understand, while still being powerful enough to exploit all
functionality of both the YubiKey 1 and YubiKey 2 generations of
keys. The tool provides the same functionality and user interface on
Windows, Linux and MAC platforms.
The Cross-Platform YubiKey Personalization Tool provides the following
main functions:
* Programming the YubiKey in "Yubico OTP" mode
* Programming the YubiKey in "OATH-HOTP" mode
* Programming the YubiKey in "Static Password" mode
* Programming the YubiKey in "Challenge-Response" mode
* Checking type and firmware version of the YubiKey
spiped (pronounced "ess-pipe-dee") is a utility for creating
symmetrically encrypted and authenticated pipes between socket
addresses, so that one may connect to one address (e.g., a UNIX socket
on localhost) and transparently have a connection established to another
address (e.g., a UNIX socket on a different system). This is similar to
'ssh -L' functionality, but does not use SSH and requires a pre-shared
symmetric key.
spipe (pronounced "ess-pipe") is a utility which acts as an spiped
protocol client (i.e., connects to an spiped daemon), taking input from
the standard input and writing data read back to the standard output.
openssh-5.3p1.src.rpm.
ssh-ldap-helper is a small helper for sshd's AuthorizedKeysCommand
config keyword, allowing to fetch the AuthorizedKeys from an LDAP
directory with a given schema.
Note that you'll need an sshd with ssh/auth2-pubkey.c r1.33 for it
to work fine.
ok ajacoutot@ sthen@
- use ${SUBST_CMD} instead of old-style perl -pi -e commands
- update nss-config from debian's nss-config.in, since apparently it
comes from there.. needed to fix detection by mozillas, otherwise the
current script returns 3.14 for --version while configure scripts
expect 3.14.0... grab version via awk on nss.h at runtime.
Tested on amd64/i386/powerpc and in an amd64 bulk build. Needed by
firefox 18.
ok sthen@ ajacoutot@ jasper@
and the line with the unregister.sh script down to the bottom of
the plist. Silences all the blurb about ".../*.haddock doesn't exist
or isn't a file."
(it wants Data.Serialize.IEEE754).
Bump the other ports where necessary (because their haskell package
signatures changed).
Suggestion about bumps, and ok kili@
ports, for the ports that are built both on ruby 1.8 and ruby 1.9,
switch the category Makefiles to explicitly list the ruby18 FLAVOR
instead of the ruby19 FLAVOR.
Also, for home_run, fastri, and fastercsv, explicitly build only the
ruby 1.8 version of the port. These libraries can run on ruby 1.9, but
it doesn't make sense to build a ruby 1.9 version by default.
