head 1.6; access; symbols pkgsrc-2023Q4:1.6.0.18 pkgsrc-2023Q4-base:1.6 pkgsrc-2023Q3:1.6.0.16 pkgsrc-2023Q3-base:1.6 pkgsrc-2023Q2:1.6.0.14 pkgsrc-2023Q2-base:1.6 pkgsrc-2023Q1:1.6.0.12 pkgsrc-2023Q1-base:1.6 pkgsrc-2022Q4:1.6.0.10 pkgsrc-2022Q4-base:1.6 pkgsrc-2022Q3:1.6.0.8 pkgsrc-2022Q3-base:1.6 pkgsrc-2022Q2:1.6.0.6 pkgsrc-2022Q2-base:1.6 pkgsrc-2022Q1:1.6.0.4 pkgsrc-2022Q1-base:1.6 pkgsrc-2021Q4:1.6.0.2 pkgsrc-2021Q4-base:1.6 pkgsrc-2021Q3:1.4.0.10 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.8 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.6 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.4 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.2 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.3.0.4 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.3.0.2 pkgsrc-2020Q1-base:1.3 pkgsrc-2019Q4:1.2.0.38 pkgsrc-2019Q4-base:1.2 pkgsrc-2019Q3:1.2.0.34 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.32 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.30 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.28 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.2.0.26 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.24 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.22 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.20 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.18 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.14 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.12 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.10 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.8 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.6 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.2.0.4 pkgsrc-2016Q1-base:1.2 pkgsrc-2015Q4:1.2.0.2 pkgsrc-2015Q4-base:1.2 pkgsrc-2015Q3:1.1.0.6 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.4 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.2 pkgsrc-2015Q1-base:1.1; locks; strict; comment @# @; 1.6 date 2021.10.26.11.18.03; author nia; state Exp; branches; next 1.5; commitid PNswNV9GDLZeojeD; 1.5 date 2021.10.07.14.54.47; author nia; state Exp; branches; next 1.4; commitid nfjKlj1wTplMcTbD; 1.4 date 2020.09.07.07.58.11; author schmonz; state Exp; branches; next 1.3; commitid vguUIiwGswEoB5nC; 1.3 date 2019.12.30.22.17.29; author rhialto; state Exp; branches; next 1.2; commitid AY0uAn6kdssmsMQB; 1.2 date 2015.11.04.01.18.11; author agc; state Exp; branches; next 1.1; commitid agUNgZr58GM2fIHy; 1.1 date 2015.03.01.09.59.45; author wiz; state Exp; branches; next ; commitid nftgjRKkdPBR6Tby; desc @@ 1.6 log @security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 @ text @$NetBSD: distinfo,v 1.5 2021/10/07 14:54:47 nia Exp $ BLAKE2s (sslsplit-0.5.5.tar.bz2) = 55a3b02ec676ea789d2235a12dcbd396b7d9b04edccb3fc66b54e8b31525f0c5 SHA512 (sslsplit-0.5.5.tar.bz2) = 1d4968382659e975cd59692f3de80d79831a7842c9b909bb3cefedb5e2928254394e0f593c3409e3d5b1d0b192d8f8123ae10b08cecfd65584d790437d9f3d2a Size (sslsplit-0.5.5.tar.bz2) = 532788 bytes SHA1 (patch-GNUmakefile) = 0d6f386ffbaacaaa5bcfdb514e7c1272d696bbfc SHA1 (patch-main.c) = 5a0515e7bbda4ffc8592be06d53d0d7b92384563 @ 1.5 log @security: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2020/09/07 07:58:11 schmonz Exp $ d3 1 a3 1 RMD160 (sslsplit-0.5.5.tar.bz2) = 9835bd8286383453a916aa906516b3ee60b85e2b @ 1.4 log @Fix build on macOS, from Kurt Schreiner on pkgsrc-users@@. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2019/12/30 22:17:29 rhialto Exp $ a2 1 SHA1 (sslsplit-0.5.5.tar.bz2) = 1e861265cfb0e9738a325155a58c52380261d640 @ 1.3 log @security/sslsplit: update to 0.5.5. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2015/11/04 01:18:11 agc Exp $ d8 1 a8 1 SHA1 (patch-main.c) = b0483283a99cf2aaca5248dcd2a66a64e7d0cd39 @ 1.2 log @Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1 2015/03/01 09:59:45 wiz Exp $ d3 6 a8 4 SHA1 (sslsplit-0.4.10.tar.bz2) = 6027a3fdb356cdd2dbd3ac566296ca779db0d076 RMD160 (sslsplit-0.4.10.tar.bz2) = 1c41142c6d27046126ccc3b3dbbb0c4110d6147a SHA512 (sslsplit-0.4.10.tar.bz2) = c169c55dfb203525863c4c337ef3459b3ec15ee8c7f5b544e5545a4d48efc79f798715b37234982e955589b55d9325ce29f30c9dd04a26e75de01aed6c20258b Size (sslsplit-0.4.10.tar.bz2) = 266830 bytes @ 1.1 log @Import sslsplit-0.4.10 as security/sslsplit. SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing. SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. Depending on the version of OpenSSL, SSLsplit supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2, and optionally SSL 2.0 as well. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. For HTTP and HTTPS connections, SSLsplit removes response headers for HPKP in order to prevent public key pinning, for HSTS to allow the user to accept untrusted certificates, and Alternate Protocols to prevent switching to QUIC/SPDY. @ text @d1 1 a1 1 $NetBSD$ d5 1 @