As diagnosed by kettenis, running the regress/lib/libssl/interop/openssl
test results in a SIGILL or SIGBUS due to an alignment issue. The reason
for this is that the configure magic fails to pick up -m64 which is
needed for the perlasm to generate the correct flavor of assembly.
None of the approaches for setting variables in the main port Makefile
worked. Since we already patch out -O3 from Configure, I added -m64
there. The resulting binary seems to work well. The interop tests on
sparc64 pass with this patch.
Many thanks to kettenis for figuring this out and to sthen who helped
me save a lot of time with FLAVOR=no_man.
ok sthen
from Matthias Pitzl; OK benoit@
Comment:
intrusion detection and prevention engine
Description:
ModSecurity is an embeddable web application firewall. It provides
protection from a range of attacks against web applications and allows
for HTTP traffic monitoring and real-time analysis with no changes to
existing infrastructure.
It is also an open source project that aims to make the web application
firewall technology available to everyone.
to pull in a current version of OpenSSL that it builds with special options
and links statically, so it needs manual bumps when openssl/1.1 is updated
to trigger pkg_add updates.
- Fixed NULL pointer deref in the GENERAL_NAME_cmp function, CVE-2020-1971
- In 1.1.1h, an expired trusted (root) certificate was not anymore rejected
when validating a certificate path.
On OpenBSD, setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, ...) only allows
setting to 1 (which is the default anyway). Setting to 0 results in EINVAL.
This doesn't fix everything, there are still some other problems with binds
to v6 addresses with OpenSSL 1.1 on OpenBSD.
Wfuzz has been created to facilitate the task in web applications
assessments and it is based on a simple concept: it replaces any
reference to the FUZZ keyword by the value of a given payload.
A payload in Wfuzz is a source of data.
This simple concept allows any input to be injected in any field of an
HTTP request, allowing to perform complex web security attacks in
different web application components such as: parameters,
authentication, forms, directories/files, headers, etc.
Identify the different types of hashes used to encrypt data and
especially passwords.
It is able to identify a single hash, parse a file or read multiple
files in a directory and identify the hashes within them. hashID is also
capable of including the corresponding hashcat mode and/or JohnTheRipper
format in its output.
OK benoit@, gonzalo@
