summaryrefslogtreecommitdiffstats
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade to version 2.3BETA12.obrien2000-01-044-7/+9
| | | | Submitted by: taguchi@tohoku.iij.ad.jp
* Remove dependencies to header files in ${PREFIX} to avoid problemsdirk2000-01-022-2/+0
| | | | if openssl is in the base system already.
* Use LIB_DEPENDS instead of RUN_DEPENDS. It's more appropriate here.dirk2000-01-021-1/+2
|
* Upgrade to 2.1.8.8pre5vanilla2000-01-022-3/+3
|
* CVS is starting to really piss me off. This was supposed to be partmarkm1999-12-311-3/+2
| | | | | | | | of the same commit that: Upgrade Heimdal to 0.2j No response from: MAINTAINER
* Update to Heimdal 0.2i.markm1999-12-312-6/+13
| | | | No response from: MAINTAINER
* Check wheather OpenSSL is installed in the base system already anddirk1999-12-302-0/+8
| | | | | | | skip openssl port if so. (I. e. check the existence of /usr/bin/openssl, /usr/lib/libcrypto.so and /usr/lib/libssl.so. If they exist set FORBIDDEN.)
* Use OpenSSL instaed of librc4 so this port's package can be exported.steve1999-12-298-88/+174
| | | | | | | Also incorporate Garrett Wollman's kerberos fixes. PR: 15732 Submitted by: maintainer
* Update the BROKEN message (for -current) to also list _KERNEL as a reason.peter1999-12-291-1/+1
|
* General comment cleanups.hoek1999-12-282-2/+2
|
* Upgrade to the pam_ssh module, version 1.1..green1999-12-281-12/+173
| | | | | | | | | | (From the author:) Primarily, I have added built-in functions for manipulating the environment, so putenv() is no longer used. XDM and its variants should now work without modification. Note that the new code uses the macros in <sys/queue.h>. Submitted by: Andrew J. Korty <ajk@iu.edu>
* Update to version 0.99.2. NOTE: I added a BUILD and RUN_DEPENDS onsteve1999-12-276-50/+106
| | | | | | | | the nmap port otherwise the build fell over despite the configure script saying that it would continue without it. PR: 15714 (4 of 4) Submitted by: maintainer
* Update to version 0.99.2.steve1999-12-276-8/+8
| | | | | PR: 15714 (3 of 4) Submitted by: maintainer
* Update to version 0.99.2.steve1999-12-274-8/+8
| | | | | PR: 15714 (2 of 4) Submitted by: maintainer
* Update to version 0.99.2steve1999-12-278-44/+50
| | | | | PR: 15714 (1 of 4) Submitted by: maintainer
* Adding pgpgpg version 0.13.steve1999-12-276-0/+38
| | | | | | | A wrapper for GnuPG to simulate PGP 2.6.x. PR: 15526 Submitted by: Matt Behrens <matt@zigg.com>
* Adding sslwrap version 2.0.5.steve1999-12-277-0/+72
| | | | | | | Another SSL wrapper application, which uses SSLEay/OpenSSL. PR: 14771 Submitted by: Zahemszky Gabor <zgabor@CoDe.HU>
* Adding cyrus-sasl version 1.5.13.steve1999-12-2715-0/+375
| | | | | | | An RFC 2222 SASL (Simple Authentication and Security Layer). PR: 14619 Submitted by: Scot W. Hetzel <hetzels@westbend.net>
* Fix build for USA_RESIDENT=yes. Also get this to compile again onsteve1999-12-273-2/+58
| | | | | | | -current. PR: 14888 Inspired by: maintainer and the stunnel port
* librc4 version 1.1steve1999-12-251-0/+1
| | | | | | | RC4 library for use with the Cyrus SASL library (export controlled). PR: 14618 Submitted by: Scot W. Hetzel <hetzels@westbend.net>
* Add a MASTER_SITE.steve1999-12-251-1/+2
| | | | PR: 15677
* Add a continuation character at the end of the first MASTER_SITES line.steve1999-12-251-1/+1
| | | | | PR: 15687 Submitted by: Dann Lunsford <dann@greycat.com>
* logcheck version 1.1.1steve1999-12-258-0/+132
| | | | | | | An auditing tools for system logs on Un*x boxes. PR: 15360 Submitted by: Dan Langille <dan@freebsddiary.org>
* Add the international crypto repository as a master sitensayer1999-12-251-0/+1
| | | | PR: 15072
* GNU_CONFIGURE makes it so we dont' need --prefix=${PREFIX}mharo1999-12-241-1/+1
|
* remove --prefix=${PREFIX} when GNU_CONFIGURE=yes and other minor cleanupsmharo1999-12-244-16/+4
| | | | | PR: 14759 Submitted by: Jeremy Lea <reg@shale.csir.co.za>
* fix corrupted patchmharo1999-12-241-0/+3
| | | | Submitted by: FUJISHIMA Satsuki <k5@cheerful.com>
* Make this compile again after the libnet updates.steve1999-12-241-21/+20
| | | | PR: 15645
* Update to today's OpenSSH.green1999-12-233-95/+109
| | | | | | | | | The version is now 1.2.1, from 1.2. You can mv your old distfiles/OpenSSH-1.2 dir to distfiles/OpenSSH-1.2.1, if you want to not waste time/space. Some minor nits have been fixed, and a couple bugs. One sizeof(len) should have just been len, and, in markus's words, "fix get_remote_port() and friends for sshd -i".
* Remove myself from MAINTAINERache1999-12-231-1/+1
|
* Update to v1.0.1. (with correct gpg.1)kuriyama1999-12-236-34/+56
|
* update to 1.6.1mharo1999-12-221-1/+3
|
* Update to 1.6.1mharo1999-12-223-19/+8
|
* * Update portsentry to 1.0jedgar1999-12-222-6/+6
| | | | | | | | * Remove current MAINTAINER as email has been unreachable for weeks * Add dan@freebsddiary.com as MAINTAINER at his request PR: 15490 Submitted by: Dan Langille <dan@freebsddiary.com>
* Upgrade to 1.5.dirk1999-12-222-3/+3
|
* Install sudoers in correct place.asami1999-12-171-6/+6
| | | | Submitted by: jhb via cpiazza
* Fix whitespace problem.asami1999-12-141-46/+38
| | | | Submitted by: jedgar@fxp.org
* Fix buffer overflow problem properly.asami1999-12-131-38/+46
| | | | | Submitted by: kris Obtained from: bugtraq list (I believe)
* For some reason etc/sudoers.sample isn't installed by the distfiles'sobrien1999-12-101-0/+3
| | | | Makefile any more. So install it manually.
* Unbreak for 3.4-R by changing the MASTER_SITE path in case mharocpiazza1999-12-101-1/+1
| | | | doesn't get to PR 15403 in time.
* update to 1.6.mharo1999-12-102-7/+4
| | | | | had to remove manpage path corrections patch (patch-ac) because I don't have time till after Friday to work on this port more.
* Back out my change from Oct.26, this was a misconfigured hack and shouldfoxfair1999-12-091-5/+0
| | | | | | never be taken. Pointed out by : maintainer.
* Activate chrootuid.truckman1999-12-091-0/+1
|
* The chrootuid command combines chroot(8) and su(1) into one program,truckman1999-12-096-0/+59
| | | | | | | | so that there is no need to have commands such as /usr/bin/su in the restricted environment. Access to the file system is restricted to the newroot subtree and privileges are restricted to those of the newuser account (which must be a known account in the unrestricted environment).
* Change broken link to homepage to official oneache1999-12-084-2/+4
|
* I've cleaned up ${CVS_DATE} usage a bit (keep spaces correctly), andgreen1999-12-085-61/+63
| | | | | | | | | | updated to today's snapshot of OpenSSH. Various updates from the latest ${CVS_DATE}, and requisite patch changes, are the "big new thing". Nothing major has changed; the biggest ones would be using atomicio() in a lot of places and a fix for a SIGHUP not updating sshd(8)'s configuration until the next connection.
* Update to 2.3 beta #9.obrien1999-12-072-3/+3
| | | | This speeds up OS scans.
* The software's www page has been moved.sada1999-12-071-1/+1
|
* In the meantime (while things are being worked and decided on on thegreen1999-12-065-22/+328
| | | | | | | | | | | | | | | OpenBSD OpenSSH front), add ConnectionsPerPeriod to prevent DoS via running the system out of resources. In reality, this wouldn't be a full DoS, but would make a system slower, but this is a better thing to do than let the system get loaded down. So here we are, rate-limiting. The default settings are now: Five connections are allowed to authenticate (and not be rejected) in a period of ten seconds. One minute is given for login grace time. More work in this area is being done by alfred@FreeBSD.org and markus@OpenBSD.org, at the very least. This is, essentially, a stopgap solution; however, it is a properly implemented and documented one, and has an easily modifiable framework.
* Under advisories, put RESTRICTED back. It more accurately reflectsgreen1999-12-061-0/+2
| | | | | | | | reality, though. One file, cipher.c, calls cryptographic routines from external libraries. This really cannot encumber OpenSSH in any case, but I put RESTRICTED back since it would give people a false hope of being able to install the OpenSSH package but not the requisite, RESTRICTED (so nonexistant) openssl package.
OpenPOWER on IntegriCloud