secure cryptographic hash functions designed by Niels
Ferguson, Stefan Lucks, Bruce Schneier, Doug Whiting, Mihir
Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker.
This package uses bindings to the optimized C implementation of
Skein. We provide a high-level interface (see module "Crypto.Skein")
to some of the Skein use cases. We also provide a low-level interface
(see module "Crypto.Skein.Internal") should you need to use Skein
in a different way.
Currently we have support for Skein as cryptographic hash function
as Skein as a message authentication code (Skein-MAC). For examples
of how to use this package, see "Crypto.Skein" module documentation.
ok sthen@
that follow either a uniform or normal distribution. The generated
numbers are suitable for use in statistical applications.
The uniform PRNG uses Marsaglia's MWC256 (also known as MWC8222)
multiply-with-carry generator, which has a period of 2^8222 and
fares well in tests of randomness. It is also extremely fast,
between 2 and 3 times faster than the Mersenne Twister.
Compared to the mersenne-random package, this package has a more
convenient API, is faster, and supports more statistical distributions.
ok sthen@
- adjust COMMENT to point out that this includes a password generator
(pwqgen; defaults to reasonably memorable passwords with a decent keyspace).
- manpages are fine with mandoc, so remove USE_GROFF
- adjust whitespace
libfwbuilder got merged into fwbuilder.
Besides still not fully supporting all new features of recent OpenBSD pf,
it generally works well.
feedback and OK sthen@
parameter to daemonize, move the parameter from daemon to daemon_flags,
so that the user cannot inadvertently prevent it from daemonizing by
adjusting the flags.
Discussed with ajacoutot and schwarze, this method was suggested
by schwarze@ as a simpler alternative to my diff. ok aja@
The libSRTP library is an open-source implementation of the Secure
Real-time Transport Protocol (SRTP) originally authored by Cisco
Systems, Inc.
ok benoit@
Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.
from brad
tested by aja@ and me@
ok aja@
SSL 2.0 is disabled by default.
A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack
demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.
SHA-224 is supported.
additional blacklist CA's. Malaysia-based DigiCert Sdn. Bhd
Ok sthen@
Start using MODRUBY_REGRESS with ruby, rspec2, and testrb entries.
Switch away from manual do_regress targets where possible. Add
some patches to make regress tests run for some ports.
couple of fallouts. Note that these ports are only the ones that used to
have a direct dependency on devel/libusb so there may be some other
hidden ports that may break because of the switch. If that's the case,
no need to start ranting all over but instead tell me which one(s)
break. Thanks.
Note: sysutils/nut hasn't been fixed yet but will be today.
in typical clamav tradition, release notes say "ClamAV 0.97.3 is a
minor bugfix release and is recommended for all users", secunia says:
A vulnerability has been reported in ClamAV, which can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.
The vulnerability is caused due to errors related to the handling of
recursion levels within the "cli_bcapi_extract_new()"
(libclamav/bytecode_api.c) and "cli_bytecode_runhook()"
(libclamav/bytecode.c) functions, which can be exploited to e.g. cause
a crash via specially crafted files.
