ok giovanni@.
ikeman is a tool designed to simplify management of X.509 public key
infrastructure used to create IPsec flows by isakmpd(8) or iked(8).
It displays all PKI data in a hierarchical view and can also create
new certificate authorities, sign new certificate requests and revoke
or un-revoke currently loaded certificates.
All this in a user-friendly ncurses GUI, which also warns user about
errors like already expired, revoked or not yet valid certificates.
SSLScan queries SSL services, such as HTTPS, in order to determine the
ciphers that are supported. SSLScan is designed to be easy, lean and
fast. The output includes prefered ciphers of the SSL service, the
certificate and is in Text and XML formats.
Heavily based on the FreeBSD port.
inputs from sthen@
ok jasper@
- tweaks patch-src_Makefile from sthen@ and jolan@
- remove jolan@ as maintainer per his request
- take maintainership
OK sthen@ jolan@
"get it in" jasper@
PLIST and delete everything under the @sample'd directory instead of the
directory itself to prevent a warning from pkg_delete(1) trying to
remove a non existing directory and to help preventing left-over files
and directories.
- set CONFIGURE_STYLE to gnu, remove ALL_TARGET
- set USE_LIBTOOL/SHARED_LIBS=
- PFRAG.shared is added
- remove unneeded patch
- adjust license name. ( PD -> Public Domain )
- regen PLIST
from sthen@
- remove NO_REGRESS (there is no test, but it doesn't
error out when you try to run it)
-tidy up whitespaces (USE_GROFF)
ok jasper@ sthen@
by accident (if ghc is installed but hs-mtl isn't).
Rule of thumb: if some hs-* port works with both mtl-1 and
mtl-2, let it depend on devel/hs-mtl. If it strictly requires
mtl-1, then don't let it depend on devel/hs-mtl (that part is
obvious). If it doesn't specify the mtl version i the .cabal
file and breaks with devel/hs-mtl installed, patch the .cabal
file.
I'll rebuild and check all the haskell junk on my machine and
will see what can be done to hs-* ports that don't build with
mtl-2 (devel/hs-mtl). If they can be fixed to work with mtl-2,
mtl-1 (in lang/ghc) will be removed.
What a mess!
Nettle is a cryptographic library that is designed to fit easily in more
or less any context: In crypto toolkits for object-oriented languages
(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in
kernel space. In most contexts, you need more than the basic
cryptographic algorithms, you also need some way to keep track of
available algorithms, their properties and variants. You often have some
algorithm selection process, often dictated by a protocol you want to
implement.
<...>
ok jasper@ landry@
This Module helps LWP, Net::SMTP and Net::LDAP to be either SSL
aware at all or to offer way for proper certificate checking.
ok benoit@
tweaks Gleydson Soares
PERSEUS library is an open source technology whose aim is to secure any
kind of communication streams against illegitimate or abusive
eavesdropping except for Nation State Security offices, provided that a
suitable, huge computing power is used (from tens of hours with a
supercomputer).
ok jasper@
The clamav-unofficial-sigs script provides a simple way to
download, test, and update third-party signature databases
for ClamAV provided by Sanesecurity, SecuriteInfo, INetMsg,
OITC, MalwarePatrol, and ScamNailer.
The OATH Toolkit makes it easy to build one-time password authentication
systems. This package contains a shared library and a command line tool
for generating and validating OTPs.
Supported technologies include the event-based HOTP algorithm (RFC 4226)
and the time-based TOTP algorithm (draft-mraihi-totp-timebased-07).
OATH stands for Open AuTHentication, which is the organization that
specify the algorithms.
libdpam is a stipped down version of OpenPAM and serves as a
"wrapper" for bsd_auth(3), therefore using external modules
are not supported.
This port is not hooked up to the build yet.
Metasploit provides useful information and tools for penetration
testers, security researchers, and IDS signature developers. This
project was created to provide information on exploit techniques and to
create a functional knowledgebase for exploit developers and security
professionals. The tools and information on this site are provided for
legal security research and testing purposes only.
Subpackages:
mysql - mysql database backend.
postgresql - postgresql database backend.
help from nicm@, benoit@ and jeremy@
ok jasper@ and jeremy@ (of some earlier version)
Native TLS protocol implementation, focusing on purity and more
type-checking.
Currently implement the SSL3.0, TLS1.0 and TLS1.1 protocol. Not yet
properly secure and missing some features. Do not yet use as replacement
to more mature implementation.
Only RSA supported as Key exchange for now.
ok kili@
Certificates and Key reader/writer. At the moment only X509 certificate
and unencrypted private key are supported, but will include PGP
certificate and pkcs8 private keys.
ok kili@
Collection of crypto hashes, with a practical incremental and one-pass,
pure APIs, with performance close to the fastest implementations
available in others languages.
feedback and ok kili@
Generic interface for cryptographic operations, platform independent
quality RNG, property tests and known-answer tests (KATs) for common
algorithms, and a basic benchmark infrastructure. Maintainers of hash
and cipher implementations are encouraged to add instances for the
classes defined in Crypto.Classes. [..]
ok kili@
Previously, we were using ruby->=1.8,<=1.9, instead of
ruby->=1.8,<1.9. While this wouldn't cause an issue, since
our ruby-1.9.2 package isn't included in ruby->=1.8,<=1.9,
it's still wrong and should be fixed. This also fixes the
following minor issues:
Switch from using FLAVOR to MODRUBY_FLAVOR for *_DEPENDS.
Currently we don't have a ruby port that uses FLAVORs that
would differ from MODRUBY_FLAVOR, but it's possible we will
in the future.
Switch from BASE_PKGPATH to BUILD_PKGPATH in a few cases in
REGRESS_DEPENDS. This probably is not strictly necessary, but
BUILD_PKGPATH is used in more cases, so it is good for
consistency.
Switch to new style *_DEPENDS, with the version specification
at the end. The remaining cases where this is not done is
because a specific version is used.
Some FULLPKGNAME added to REGRESS_DEPENDS, to make sure that if
the old version is installed when you run a regress test, it
will install the new version first.
Some conversion of spaces to tabs for consistency.
OK landry@
threading implementation
- Backport a patch from upstream that allows using all the available
hash algorithms with scdaemon
- Fix license marker
- Fix wrong REGRESS_DEPENDS
- Swith to new-style LIB_DEPENDS/WANTLIB
- Adjust spacing
OK sthen@, pea@ (MAINTAINER)
PKG_ARCH = * removed from many ports as it is added automatically
for pure ruby gem ports. Switch ports that previously used
GEM_SKIPDEPENDS to adding dependencies or modifying the underlying
gem metadata with patches.
OK landry@
into MODRUBY_WANTLIB and using CONFIGURE_STYLE = ruby gem ext. Use the
lang/ruby module for all dependent ports, setting
MODRUBY_{BUILD,RUN}DEP=No if necessary.
ok landry, phessler, sthen
KeePassX is an application for people with extremly high demands on
secure personal data management. It has a light interface, is cross
platform and published under the terms of the GNU General Public
License.
KeePassX saves many different information e.g. user names, passwords,
URLs, attachments and comments in one single database. For a better
management user-defined titles and icons can be specified for each
single entry. Furthermore the entries are sorted in groups, which are
customizable as well. The integrated search function allows to search
in a single group or the complete database.
KeePassX offers a little utility for secure password generation. The
password generator is very customizable, fast and easy to use.
Especially someone who generates passwords frequently will appreciate
this feature.
The complete database is always encrypted either with AES (alias
Rijndael) or Twofish encryption algorithm using a 256 bit key.
Therefore the saved information can be considered as quite safe.
KeePassX uses a database format that is compatible with KeePass
Password Safe. This makes the use of that application even more
favourable.
ok landry@
GNU SASL is an implementation of the Simple Authentication and Security
Layer framework and a few common SASL mechanisms. SASL is used by
network servers (e.g., IMAP, SMTP) to request authentication from
clients, and in clients to authenticate against servers.
OK sthen@
All ruby .gem files are now hosted on rubygems.org in the same
directory. If the ruby gem CONFIGURE_STYLE is used, make the
default MASTER_SITES that directory.
There are still a few uses of MASTER_SITE_RUBYFORGE in the tree, for
some ports that aren't gems, or where the .gem file isn't hosted on
rubygems.org, or where the hashes don't match. Most of these will be
dealt with in the near future.
OK landry@
In the upgrade from ruby 1.8.6 to 1.8.7, the PLISTs changed
due to differences in how RDoc processes files.
This also has a number of changes to the regress tests to
work with the changes to devel/ruby-rake. It moves most of
the regress tests to use MODRUBY_REGRESS.
OK jcs@, landry@, jasper@, sthen@
This is the new generation of gksu, a simple utility to run programs as
root, even in X-based environments.
This version uses the new libgksu-polkit library, which uses PolicyKit
for authorization purposes and a D-Bus service to actually perform the
work.
ok jasper@
Jailkit is a set of utilities to limit user accounts to specific
files using chroot() and or specific commands. Setting up a chroot
shell, a shell limited to some specific command, or a daemon inside
a chroot jail is a lot easier and can be automated using these utilities.
After merging in what ajacoutot@ already had, and some final feedback from
him, OK ajacoutot@