07:32 koobs 

[NEW] security/py-pyscard: Smartcard module for Python

The pyscard smartcard library is a framework for building smart card
aware applications in Python. The smartcard module is built on top of
the PCSC API Python wrapper module.

WWW: http://pyscard.sourceforge.net/

PR:		197834
Submitted by:	<mp39590 gmail com>

 

16:39 rene 

Remove expired ports:
2015-06-30 devel/rubygem-mash: Deprecated by upstream. Use devel/rubygem-hashie
instead
2015-06-30 net/rubygem-bunny060: Use net/rubygem-bunny instead
2015-06-30 security/rubygem-hmac: Duplicate of security/rubygem-ruby-hmac
2015-06-30 www/ruby-amazon: Rendered obsolete by upstream since Amazon shut down
access to AWS API v3 (2008-03-31). Use www/ruby-aws instead

 

17:02 swills 

security/vault: create port

Vault is a tool for securely accessing secrets. A secret is anything that you
want to tightly control access to, such as API keys, passwords, certificates,
and more. Vault provides a unified interface to any secret, while providing
tight access control and recording a detailed audit log.

WWW: https://vaultproject.io/

 

18:31 rm 

Remove expired port

Functionality of py-backports.ssl_match_hostname is available in Python standard
library as ssl.match_hostname() since Python 2.7.9 [1].

[1] https://docs.python.org/2.7/library/ssl.html#ssl.match_hostname

 

01:05 delphij 

A Python library for parsing PGP packets

WWW: https://pypi.python.org/pypi/pgpdump/

PR:		200364
Submitted by:	Yuri Victorovich <yuri@rawbw.com>

 

07:26 riggs 

Add py-gpsoauth, a Python client library for Google Play Services OAuth

 

09:38 olgeni 

Sort entries.

 

15:00 bdrewery 

Add openssh-portable-devel which is based on the upstream snapshots for staging
and testing.

Its initial version is 20150602 which is nearly the upcoming 6.9 version.

 

23:01 amdmi3 

Unbreak INDEX

 

21:21 amdmi3 

This module provides a secure, efficient, and simple interface for
creating session tokens, password reset codes, temporary passwords,
random identifiers, and anything else you can think of.

Like this: my $token = Session::Token->new->get; # 128 bits

WWW: http://search.cpan.org/dist/Session-Token/

PR:		200390
Submitted by:	hvo.pm@xs4all.nl

 

18:11 mmoll 

new port: security/rubygem-rack-oauth2

OAuth 2.0 Server & Client Library.

WWW: https://github.com/nov/rack-oauth2

PR:		199922
Differential Revision:	https://reviews.freebsd.org/D2638
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	mat (mentor)

 

21:03 madpilot 

- Rename security/qtkeychain to qtkeychain-qt5, update to 0.5.0 and make it use
Qt5
- Add slave port qtkeychain-qt4
- Make deskutils/owncloudclient link against qtkeychain-qt5
- Update owncloudclient comment and pkg-descr

PR:		198785
Submitted by:	6yearold at gmail.com (security/qtkeychain maintainer)

 

15:40 sunpoet 

- Move security/rubygem-rc4 to security/rubygem-ruby-rc4
- Add LICENSE
- Update WWW

 

16:32 antoine 

Update security/metasploit to 4.11.2

 

19:51 dvl 

Add new port: security/py-crits

CRITs is a web-based tool which combines an analytic engine with a cyber threat
database that not only serves as a repository for attack data and malware, but
also provides analysts with a powerful platform for conducting malware
analyses, correlating malware, and for targeting data. These analyses and
correlations can also be saved and exploited within CRITs. CRITs employs a
simple but very useful hierarchy to structure cyber threat information. This
structure gives analysts the power to 'pivot' on metadata to discover
previously unknown related content.

Approved by: mat (mentor)

 

03:33 vanilla 

Add tmux-cssh 20150518, clusterSSH features using tmux, but not X11.

PR:		200313
Submitted by:	jrm@ftfl.ca

 

13:39 zi 

New port: security/hitch:

hitch is a network proxy that terminates TLS/SSL connections and forwards
the unencrypted traffic to some backend. It's designed to handle 10s of
thousands of connections efficiently on multicore machines.

WWW: https://github.com/varnish/hitch/

 

16:39 adamw 

Add security/keepass, the official KeePass client.

KeePass is a free open source password manager, which helps you to manage your
passwords in a secure way. You can put all your passwords in one database, which
is locked with one master key or a key file. So you only have to remember one
single master password or select the key file to unlock the whole database. The
databases are encrypted using the best and most secure encryption algorithms
currently known (AES and Twofish).

This is the official KeePass application, which was originally only available
for Windows, but has now been re-written with .Net and able to be run on BSD,
Linux and Mac OS X with Mono.

WWW: http://keepass.info/

PR:		200062
Submitted by:	Ben Woods

 

23:31 mmoll 

new port: security/rubygem-omniauth-shibboleth

Ruby gem that implements an OmniAuth strategy for authenticating
through Shibboleth (SAML) for usage in rubygem-onmiauth.

WWW: https://github.com/toyokazu/omniauth-shibboleth

PR:		199753
Differential Revision:	https://reviews.freebsd.org/D2507
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	swills (mentor)

 

12:57 mmoll 

new port: security/rubygem-omniauth-multipassword

Ruby gem that implements an OmniAuth strategy that allows to
authenticate against different password strategies at once.

WWW: https://github.com/jgraichen/omniauth-multipassword

PR:		199755
Differential Revision:	https://reviews.freebsd.org/D2504
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	mat (mentor)

 

21:59 mmoll 

new port: security/rubygem-omniauth-gitlab

Ruby gem that implements the OmniAuth strategy of GitLab
for usage in rubygem-onmiauth.

WWW: https://github.com/linchus/omniauth-gitlab

PR:		199779
Differential Revision:	https://reviews.freebsd.org/D2502
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	mat (mentor)

 

16:27 mmoll 

new port: security/omniauth-bitbucket

Ruby gem to add an OmniAuth strategy for Atlassian Bitbucket.

WWW: https://github.com/sishen/omniauth-bitbucket

PR:		199780
Differential Revision:	https://reviews.freebsd.org/D2467
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	swills (mentor), mat (mentor)

 

15:04 mmoll 

new port: security/rubygem-doorkeeper

Doorkeeper is an OAuth 2 provider for Rails and Grape applications

WWW: https://github.com/doorkeeper-gem/doorkeeper

PR:		199817
Differential Revision:	https://reviews.freebsd.org/D2494
Submitted by:	Torsten Zuehlsdorff <ports@toco-domains.de>
Approved by:	mat (mentor)

 

18:10 rm 

Rename py-certify to py-certifi to conform upstream name.

Approved by:	olivierd (maintainer, by email)

 

20:33 lme 

Add security/passivedns:

A tool to collect DNS records passively to aid Incident handling, Network
Security Monitoring (NSM) and general digital forensics.

PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs
the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate
DNS answers in-memory, limiting the amount of data in the logfile without
losing the essense in the DNS answer.

WWW: https://github.com/gamelinux/passivedns

PR:		198499
Submitted by:	shadowbq@gmail.com

 

21:00 rene 

Remove expired ports:
2015-04-15 databases/php53-sqlite3: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-simplexml: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-sybase_ct: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pdo_mysql: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-ctype: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-wddx: security EOL reached 14 Aug 2014
2015-04-15 security/php53-filter: security EOL reached 14 Aug 2014
2015-04-15 ftp/php53-ftp: security EOL reached 14 Aug 2014
2015-04-15 net/php53-soap: security EOL reached 14 Aug 2014
2015-04-15 converters/php53-recode: security EOL reached 14 Aug 2014
2015-04-15 security/php53-openssl: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-dba: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pdo_pgsql: security EOL reached 14 Aug 2014
2015-04-15 sysutils/php53-fileinfo: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pdo_odbc: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-sqlite: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-readline: security EOL reached 14 Aug 2014
2015-04-15 mail/php53-imap: security EOL reached 14 Aug 2014
2015-04-15 sysutils/php53-posix: security EOL reached 14 Aug 2014
2015-04-15 archivers/php53-phar: security EOL reached 14 Aug 2014
2015-04-15 graphics/php53-gd: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-xsl: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pdo_firebird: security EOL reached 14 Aug 2014
2015-04-15 devel/mingw64-binutils: Obsolete.  Migrate to devel/binutils based
ports
2015-04-15 devel/cross-binutils: Obsolete.  Migrate to devel/binutils based
ports
2015-04-15 databases/php53-pdo_dblib: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-sysvshm: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-json: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-redis: requires php53, security EOL reached 14 Aug
2014
2015-04-15 textproc/php53-pspell: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pgsql: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-xmlreader: security EOL reached 14 Aug 2014
2015-04-15 converters/php53-iconv: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-odbc: security EOL reached 14 Aug 2014
2015-04-15 ftp/php53-curl: security EOL reached 14 Aug 2014
2015-04-15 math/php53-gmp: security EOL reached 14 Aug 2014
2015-04-15 security/php53-mcrypt: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-shmop: security EOL reached 14 Aug 2014
2015-04-15 math/php53-bcmath: security EOL reached 14 Aug 2014
2015-04-15 security/php53-hash: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-sysvsem: security EOL reached 14 Aug 2014
2015-04-15 archivers/php53-zip: security EOL reached 14 Aug 2014
2015-04-15 graphics/php53-exif: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-gettext: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-mysql: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-xmlwriter: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-xml: security EOL reached 14 Aug 2014
2015-04-15 converters/php53-mbstring: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-sysvmsg: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-mysqli: security EOL reached 14 Aug 2014
2015-04-15 misc/php53-calendar: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-tokenizer: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-pdo: security EOL reached 14 Aug 2014
2015-04-15 net/php53-xmlrpc: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-interbase: security EOL reached 14 Aug 2014
2015-04-15 www/php53-session: security EOL reached 14 Aug 2014
2015-04-15 databases/php53-mssql: security EOL reached 14 Aug 2014
2015-04-15 www/php53-tidy: security EOL reached 14 Aug 2014
2015-04-15 archivers/php53-zlib: security EOL reached 14 Aug 2014
2015-04-15 net/php53-ldap: security EOL reached 14 Aug 2014
2015-04-15 net-mgmt/php53-snmp: security EOL reached 14 Aug 2014
2015-04-15 textproc/php53-dom: security EOL reached 14 Aug 2014
2015-04-15 devel/php53-pcntl: security EOL reached 14 Aug 2014
2015-04-15 archivers/php53-bz2: security EOL reached 14 Aug 2014
2015-04-15 net/php53-sockets: security EOL reached 14 Aug 2014
2015-04-15 lang/php53: security EOL reached 14 Aug 2014
2015-04-15 devel/pecl-uuid: requires php53, security EOL reached 14 Aug 2014
2015-04-15 lang/php53-extensions: security EOL reached 14 Aug 2014
2015-04-15 german/pecl-konto_check: requires php53, security EOL reached 14 Aug
2014
2015-04-17 www/moodle26: Deprecated by upstream, use www/moodle2{7,8} instead

 

18:46 tijl 

New port security/libbzrtp:

An implementation of ZRTP by Belledonne Communications (Linphone).
ZRTP (RFC 6189) is a media path key agreement protocol for unicast
secure RTP.

 

22:25 antoine 

New port: security/py-stix
A Python library for parsing, manipulating, and generating STIX content
WWW: https://github.com/STIXProject/python-stix

 

10:58 rm 

Basic and Digest HTTP authentication for Flask routes.

WWW: http://github.com/miguelgrinberg/flask-httpauth/

 

17:18 antoine 

New port: security/py-pyaff4

The Advanced Forensics File format 4 was originally designed and published in
"Extending the advanced forensic format to accommodate multiple data sources,
logical evidence, arbitrary information and forensic workflow" M.I. Cohen,
Simson Garfinkel and Bradley Schatz, digital investigation 6 (2009) S57-S68.
The format is an open source format used for the storage of digital evidence and
data.

WWW: http://www.aff4.org/

 

09:15 johans 

CyaSSL has been renamed WolfSSL upstream
Rename port and update to 3.4.0
http://www.yassl.com/yaSSL/Products-wolfssl.html

 

20:37 antoine 

- Hook py-requests-kerberos to the build
- Fix LICENSE

 

01:49 jmg 

Add port to install various NIST KAT files.  These are used by the
tests in tests/sys/opencrypto to validate parts of the OpenCrypto
subsystem...

Sponsored by:	The FreeBSD Foundation
Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D2064

 

17:59 danfe 

Add port of RHash, console utility and library for computing and verifying
hash sums of files.  It is based on the same code as existing Perl wrapper,
`security/p5-Crypt-RHash' port.

Also, properly sort `security/Makefile' while here.

 

14:54 sunpoet 

- Connect security/rubygem-scrypt

 

17:39 sunpoet 

- Add p5-Authen-SCRAM 0.005

The modules in this distribution implement the Salted Challenge Response
Authentication Mechanism (SCRAM) from RFC 5802.

WWW: http://search.cpan.org/dist/Authen-SCRAM/

 

17:38 sunpoet 

- Add p5-PBKDF2-Tiny 0.005

PBKDF2::Tiny provides an RFC 2898 compliant PBKDF2 implementation using
HMAC-SHA1 or HMAC-SHA2 in under 100 lines of code.

WWW: http://search.cpan.org/dist/PBKDF2-Tiny/

 

17:37 sunpoet 

- Add p5-Authen-SASL-SASLprep 1.01

Authen::SASL::SASLprep implements the SASLprep specification, which describes
how to prepare Unicode strings representing user names and passwords for
comparison. SASLprep is a profile of the stringprep algorithm.

WWW: http://search.cpan.org/dist/Authen-SASL-SASLprep/

 

18:59 adamw 

Add security/p5-Crypt-OpenSSL-EC and security/p5-Crypt-OpenSSL-ECDSA,
interfaces to elliptic curve functions from OpenSSL.

 

14:28 koobs 

[NEW] security/reop: Reasonable Expectation Of Privacy

reop is a simple, semi-modern wannabe PGP clone.

Supported operations include signing -S and verifying -V messages, plus
a variety of options for encrypting messages (-D -E). It does everything
you'd expect a PGP program to do. More accurately, it does everything I
expect you to expect a PGP program to do.

WWW: https://github.com/tedu/reop

 

07:23 koobs 

[NEW] security/libnacl:  Python bindings for NaCl

This library is used to gain direct access to the functions exposed by
Daniel J. Bernstein's nacl library via libsodium or tweetnacl. It has
been constructed to maintain extensive documentation on how to use nacl
as well as being tely portable. The file in libnacl/__init__.py can be
pulled out and placed directly in any project to give a single file
binding to all of nacl.

WWW: https://libnacl.readthedocs.org

 

03:20 erwin 

Add beta version of softhsm2, Software implementation of a
Hardware Security Module (HSM)

PR:		196096
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl>

 

17:01 jgh 

GPuTTY is a frontend to the SSH client, using the Gtk+ toolkit.

WWW: http://www.defora.org/os/project/334/gputty

PR:		197331 (based on)
Submitted by:	Olivier Cochard-Labbe <olivier@cochard.me>

 

20:44 zi 

New port: security/kstart:

k5start is a modified version of kinit that can use keytabs to authenticate,
can run as a daemon and wake up periodically to refresh a ticket, and can run
single commands with their own authentication credentials and refresh those
credentials until the command exits.

It is commonly used to maintain Kerberos tickets for services that need to
authenticate to minimize the amount of Kerberos-related logic that must be
in the service itself.

WWW: http://www.eyrie.org/~eagle/software/kstart/

 

22:22 rene 

Remove expired ports:
2015-01-31 audio/py-eyed3-06: In audio/abcde dependency has been changed to
audio/py-eyed3
2015-01-31 mail/postfix210: Use mail/postfix instead.
2015-01-31 net-im/venom: No more support from the project
2015-02-01 security/openssh-portable66: security/openssh-portable now has all
patches working. This port is obsolete.
2015-01-31 www/p5-WWW-Scraper-ISBN-Driver: Merged to www/p5-WWW-Scraper-ISBN by
upstream
2015-01-31 www/p5-WWW-Scraper-ISBN-Record: Merged to www/p5-WWW-Scraper-ISBN by
upstream

 

18:55 hrs 

Add security/p5-Heimdal-Kadm5, a perl module for Heimdal Kerberos
administrative client library (libkadm5clnt).

 

18:51 hrs 

Add security/p5-Authen-Simple-Kerberos, Kerberos backend for
p5-Authen-Simple.

 

18:48 hrs 

Add security/p5-Authen-Krb5-Simple, simple Kerberos authentication module.

 

10:25 vsevolod 

Add hpenc utility port.

https://github.com/vstakhov/hpenc

 

06:32 vanilla 

Add p5-Crypt-Sodium 0.06, perl bindings for portable NaCL (libsodium).

PR:		197088
Submitted by:	Thomas von Dein <freebsd@daemon.de>

 

11:20 pi 

New port: security/p5-Digest-GOST

Digest::GOST provides an interface to the GOST R 34.11-94
message digest algorithm, also defined in RFC 5831.

WWW: http://search.cpan.org/dist/Digest-GOST/

 

18:35 az 

New port: security/asignify

Asignify tool is heavily inspired by signify used in OpenBSD. However, the main
goal of this project is to define high level API for signing files, validating
signatures and encrypting using public keys cryptography. Asignify is designed
to be portable and self-contained with zero external dependencies. It uses
blake2b as the hash function and ed25519 implementation from tweetnacl.

Key features:

- Zero dependencies (libc and C compiler are likely required though), so it
  could be easily used in embedded systems.
- Modern cryptography primitives (ed25519, blake2 and sha512 namely).
- Ability to encrypt files with the same keys using curve25519 based cryptobox.
- Protecting secret keys by passwords using PBKDF2-BLAKE2 routine.
- Asignify can convert ssh ed25519 private keys to the native format and verify
  signatures using just ssh ed25519 public keys (without intermediate
  conversions).
- Asignify provides high level API for application developers for signing,
  verifying, encrypting and keys generation.
- All keys, signatures and encrypted files contain version information allowing
  to change cryptographical primitives in the future without loosing of
  backward compatibility.

 

16:33 tijl 

- Update devel/qca to version 2.1.0
- Plugins are no longer available separately so remove security/qca-* and
  replace them with options in devel/qca
- Adjust all ports that depended on security/qca-*
- This also fixes the build of the OpenSSL plugin when OpenSSL doesn't
  support SSLv2

Approved by:	kde (rakuco)

 

19:29 pawel 

This module implements the password-based key derivation function,
PBKDF2, specified in RSA PKCS#5 v2.0.

PR:		196048
Submitted by:	Neil Booth <kyuupichan@gmail.com>

 

12:54 tijl 

Add security/libzrtpcppcore, the core ZRTP (RFC 6189) support library from
the GNU ZRTP C++ project.

 

01:13 rene 

Remove expired ports:
2015-01-01 biology/boinc-simap: Project shutting down, see
http://boincsimap.org/boincsimap/forum_thread.php?id=88
2015-01-01 security/openssh-portable-base: Overwrite-base option/port/pkg will
be removed. There is no real need for foot-shooting.
2015-01-01 devel/cedet: Fails to build, use Emacs' builtin cedet package instead
2015-01-01 devel/ecb: does not work with newer Emacs versions, use the elpa
package instead

 

13:49 wen 

Define that a user must be logged in and have the proper permissions to
access a route

WWW:
https://metacpan.org/pod/Dancer2::Plugin::Auth::Extensible::Provider::Usergroup

PR:		196191
Submitted by:	hvo.pm@xs4all.nl

 

22:33 makc 

security/pinentry:
- Resolve mutual conflict for security/pinentry-* ports
- Add new port security/pinentry-tty for pure console version of pinentry
- Convert security/pinentry to meta-alike port that depends on pinentry-tty by
  default and installs commons files (documentation). Mark it architecture
  independent.

 

13:26 antoine 

New port: security/py-pydeep
Python bindings for ssdeep
WWW: https://github.com/kbandla/pydeep

PR:		ports/195640

 

15:55 danfe 

Sort the entries alphabetically.

 

11:02 antoine 

Update security/metasploit to 4.10.2
Add new ports needed by this version:
security/rubygem-metasploit-concern
security/rubygem-metasploit-credential
security/rubygem-metasploit-model
security/rubygem-meterpreter_bins
security/rubygem-recog

 

14:42 feld 

Welcome polarssl 1.3 to the ports tree

PR:		195527
Submitted by:	cpet

 

19:35 zi 

New port: security/clambc:

The ClamAV bytecode compiler allows users to build their own bytecode
signatures for use with ClamAV.

WWW: https://www.clamav.net/

 

13:01 pi 

New port: security/afl

American fuzzy lop is a fuzzer that employs a novel type of compile-time
instrumentation and genetic algorithms to automatically discover clean,
interesting test cases that trigger new internal states in the targeted
binary. This substantially improves the functional coverage for the
fuzzed code.

WWW: http://lcamtuf.coredump.cx/afl/

PR:		195279
Submitted by:	Fabian Keil <fk@fabiankeil.de>

 

21:20 pi 

New port: security/p5-Dancer2-Plugin-Passphrase

Dancer2::Plugin::Passphrase manages the hashing of passwords for
Dancer apps, allowing developers to follow cryptography best practices
without having to become a cryptography expert. It uses the bcrypt
algorithm as the default, while also supporting any hashing function
provided by Digest.

WWW: http://search.cpan.org/dist/Dancer2-Plugin-Passphrase/

PR:		194962
Submitted by:	Henk van Oers <hvo.pm@xs4all.nl>

 

21:09 pi 

New port: security/Dancer2-Plugin-Auth-Extensible

A user authentication and authorisation framework plugin for Dancer2 apps.

Makes it easy to require a user to be logged in to access certain
routes, provides role-based access control, and supports various
authentication methods/sources (config file, database, Unix system
users, etc).

Designed to support multiple authentication realms and to be as
extensible as possible, and to make secure password handling easy (the
base class for auth providers makes handling `RFC2307'-style hashed
passwords really simple, so you have no excuse for storing plain-text
passwords).

WWW: http://search.cpan.org/dist/Dancer2-Plugin-Auth-Extensible/

PR:		194961
Submitted by:	Henk van Oers <hvo.pm@xs4all.nl>

 

05:11 kuriyama 

- Upgrade security/gnupg to 2.1.0 (modern release) and copy previous
  as security/gnupg20 (stable release).
- Set PINENTRY as default option.

 

11:49 kwm 

The FreeBSD GNOME team proudly presents GNOME 3.14 and Cinnamon 2.2.
Gnome 3.14.1 and Cinnamon 2.2.16 are supported on FreeBSD 9.3-RELEASE and up.

This commit removes the old GNOME 2 desktop, bindings and some ports that
can't be compiled. A few ports where updated to more recent versions to
allow them to compile with this update.

Apart from updating ports to newer versions

GDM is more integrated with gnome-shell now, and handles several things for
the GNOME desktop such as screen locking. If you want to use GNOME 3 via
startx, you will have to add your own lock screen/screensaver. For example
xscreensaver
can be used for sessions started without GDM.

Shell Extensions can be installed via https://extensions.gnome.org/ , we have
ported a few that can't be installed via this way.
The old gnome-utils and gnome-games ports where split up into single ports
and where converted to meta-ports.
gnome-terminal requires a UTF-8 locale to run, gdm handles this already, but
if you use startx you need to do this yourself.

Upgrade instructions:

Delete the old and conflicting packages:
# pkg delete clutter gnome-utils gnome-panel gnome-keyring vala-vapigen \
    guile gcalctool gnome-media libgnomekbd
# pkg delete gnome-screensaver gnome-applets bug-buddy evolution-exchange \
    evolution-webcal gnome-system-tools seahorse-plugins gnome-control-center

For package users the following lines will be enough:
# pkg upgrade
# pkg install gnome3

For ports users should do the following:
# portmaster -a
# portmaster x11/gnome3

We are currently aware of two issues. The first issue is a bug in the
file monitoring code in the glib20 port. This bug causes glib programs
to crash when files in a monitored directory are added or removed.
Upstream is aware of the problem, but since the problem is quite complex
there is no solution yet. This problem isn't restricted to BSD.

The second issue is that on certain video cards totem will display a
purple/pink overlay on the video. It not clear yet where the issues
comes from.

Major thanks goes to Gustau Perez for being a driving force behind getting
GNOME 3 up to speed again. Also thanks to Antoine Brodin for running the
exp-runs.

This update was also made possible by:
	Joe Maloney
	Kris Moore
	Beeblebrox
	Ryan Lortie
	Antoine Jacoutot
	and everyone I missed

 

17:33 bdrewery 

Copy security/openssh-portable to security/openssh-portable66 in preparation
for updating the main port to 6.7. Many of the optional patches do not apply
to the 6.7 release.

 

14:42 makc 

security/pinentry:
- Update to 0.9.0
- Remove pinentry-gtk port (GTK+ 1 support is discontinued upstream)
- Ignore Qt 4 frontend on 10 and greater, it fails to build with clang/libc++

 

02:19 jmg 

add the tcpcrypt port...  This provides an implementation of the
tcpcrypt protocol which tries to encrypt your tcp traffic w/o
modification...

www.tcpcrypt.org for more info..

Approved by:	bdrewery

 

17:11 marino 

Add new port security/lastpass-cli

PR:		194594
Submitted by:	Thomas Hurst

lastpass-cli is an open-source command-line interface to the popular
LastPass password management service.

 

19:43 bapt 

Library providing a source-level compatibility layer to aid porting
programs that use OpenSSL to use the NSS instead.

WWW: http://rcritten.fedorapeople.org/nss_compat_ossl.html

 

18:04 swills 

security/sslsplit: add port

 

19:44 cy 

MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.

- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
  (now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
  security/krb5-111 (the old maintenance release still supported by MIT)

 

21:20 marino 

Revive security/wpa_supplicant after 6.5 years => version 2.3

This port was retired at version 0.3.8 because wpa_supplicant is
part of FreeBSD base.  However, the last few releases have had a period
of only a few months, so the base is always going to be behind.  DragonFly
is also affected, so I'm bringing the port back at the latest version.

It features the same patches as FreeBSD including the conversion to use
libutil's pidfile routines.  There are some additional patches for
DragonFly support and to fix some bugs from the 9 Oct 2014 release.

The WPA Supplicant build system has been converted to ports options, and
there are dozens of them.  I've set the defaults to match the
configuration in base and verified that it builds with all options
selected at once.

 

23:08 sunpoet 

- Add py-oauth2client 1.3

oauth2client is a Python module for client-side oauth2 authentication. It works
with Google's oauth2 service by default, and is compatible with any oauth2
service.

WWW: https://pypi.python.org/pypi/oauth2client
WWW: http://google.github.io/oauth2client/

 

20:12 antoine 

New port: security/py-rekall

The Rekall Framework is a completely open collection of tools, implemented in
Python under the GNU General Public License, for the extraction of digital
artifacts from volatile memory (RAM) samples. The extraction techniques are
performed completely independent of the system being investigated but offer
visibility into the runtime state of the system. The framework is intended to
introduce people to the techniques and complexities associated with extracting
digital artifacts from volatile memory samples and provide a platform for
further work into this exciting area of research.

WWW: http://www.rekall-forensic.com/

 

14:04 mva 

service_identity aspires to give you all the tools you need
for verifying whether a certificate is valid for the intended
purposes.

In the simplest case, this means host name verification.
However, service_identity implements RFC 6125 fully and
plans to add other relevant RFCs too.

WWW: https://github.com/pyca/service_identity

PR:		193930
Submitted by:	Axel Rau <axel.rau@chaos1.de>

 

12:28 rene 

Remove expired ports:
2014-08-31 net/libnet10: Superseded by net/libnet
2014-09-30 net/despoof: Depends on expired net/libnet10
2014-09-30 sysutils/gpkgdep: Requires old pkg_info
2014-09-30 security/vida: Depends on expired net/libnet10
2014-09-30 net/nemesis: Depends on expired net/libnet10
2014-09-30 net-mgmt/sing: Depends on expired net/libnet10
2014-09-30 net-mgmt/gps: Depends on expired net/libnet10
2014-09-30 net/ttlscan: Depends on expired net/libnet10
2014-09-30 security/zombiezapper: Depends on expired net/libnet10
2014-09-30 dns/dnshijacker: Depends on expired net/libnet10
2014-09-30 net/xboxproxy: Depends on expired net/libnet10
2014-09-30 net-mgmt/scdp: Depends on expired net/libnet10
2014-09-30 net-mgmt/angst: Depends on expired net/libnet10
2014-09-30 security/py-otr: Abandoned upstream
2014-09-30 net-p2p/cdonkey: depends on deprecated db41 version

 

04:15 vanilla 

Add pam_ocra 1.0, RFC6287 (OCRA) PAM module.

PR:		ports/194024
Submitted by:	Stefan Grundmann

 

10:40 xmj 

Update CentOS base to 6.5, add userland ports

The Fedora 10 infrastructure ports have been in use since June 2009 and, while
having served a great deed, have become unsupported upstream and hence affected
by unfixed security vulnerabilities. In addition to that, many recent Linux
binaries need newer libc / stdlibc++ versions.

This commit adds the linux-c6- userland as drop-in replacement for the -f10
infrastructure, as well as upgrading the linux_base-c6 port to CentOS 6.5.

If you want to switch to linux-c6 ports, please define at /etc/make.conf:

    OVERRIDE_LINUX_BASE_PORT=c6
    OVERRIDE_LINUX_NONBASE_PORTS=c6

Additionally, please add the following line to /etc/sysctl.conf:

    compat.linux.osrelease=2.6.18

Upgrading procedures are shown in /usr/ports/UPDATING.

This work has been inspired by Artyom Mirgorodskiy's post to emulation@ in
November 2013, using and extending mav@'s work. It has been tested extensively
and most reported issues were already fixed. Please report any additional bug
or "features" to the emulation mailing list.

Many thanks to: mav@, rene@, allanjude@, netchild@, antoine@, everyone who's
filed Issues and Pull requests on GitHub,

PR:		186820
Differential Revision:	https://reviews.freebsd.org/D793
Reviewed by:	allanjude, antoine, bapt, rene
Approved by:	portmgr (antoine, bapt)
Approved by:	koobs (mentor)
Sponsored by:	Perceivon Hosting Inc.

 

09:45 rene 

Remove expired ports
Keep some which are optional dependencies of non-expired ports
2014-09-18 sysutils/moreutils-parallel: Use moreutils-parallel in
sysutils/moreutils instead
2014-09-20 science/ruby-netcdf: Depends on deprecated math/ruby-narray
2014-09-20 x11-toolkits/ruby-fox16: RubyForge shutdown May 15 2014
2014-09-20 math/ruby-gnuplot: Depends on deprecated math/ruby-narray
2014-09-20 science/ruby-gphys: Depends on deprecated math/ruby-narray
2014-09-20 math/ruby-fftw3: Depends on deprecated math/ruby-narray
2014-09-20 science/ruby-dcl: Depends on deprecated math/ruby-narray
2014-09-20 math/ruby-numru_misc: Depends on deprecated math/ruby-narray
2014-09-20 math/ruby-narray: RubyForge shutdown May 15 2014
2014-09-20 textproc/ruby-liquid: RubyForge shutdown May 15 2014
2014-09-20 comms/callsign: RubyForge shutdown May 15 2014
2014-09-20 misc/ruby-vpim: RubyForge shutdown May 15 2014
2014-09-20 net/ruby-ldap: RubyForge shutdown May 15 2014
2014-09-20 devel/rubygem-echoe: Depends on deprecated rubyforge
2014-09-20 www/ruby-borges: RubyForge shutdown May 15 2014
2014-09-20 www/ruby-fcgiwrap: RubyForge shutdown May 15 2014
2014-09-20 www/rubygem-scrubyt: RubyForge shutdown May 15 2014
2014-09-20 devel/ruby-multi: RubyForge shutdown May 15 2014
2014-09-20 databases/ruby-dbd_sqlite3: RubyForge shutdown May 15 2014
2014-09-20 math/ruby-gsl: RubyForge shutdown May 15 2014
2014-09-20 security/ruby-gpgme: RubyForge shutdown May 15 2014
2014-09-20 multimedia/vodcatcher: RubyForge shutdown May 15 2014
2014-09-20 japanese/ruby-ming: RubyForge shutdown May 15 2014
2014-09-20 devel/ruby-statgrab: RubyForge shutdown May 15 2014
2014-09-20 security/ruby-crypt: RubyForge shutdown May 15 2014
2014-09-20 sysutils/philesight: Depends on deprecated devel/ruby-locale2
2014-09-20 multimedia/podcatcher: RubyForge shutdown May 15 2014
2014-09-20 audio/ruby-mp3info: RubyForge shutdown May 15 2014
2014-09-20 multimedia/ruby-flvtool2: RubyForge shutdown May 15 2014
2014-09-20 audio/ruby-freedb: RubyForge shutdown May 15 2014
2014-09-20 graphics/ruby-ming: RubyForge shutdown May 15 2014
2014-09-20 devel/ruby-locale2: RubyForge shutdown May 15 2014
2014-09-20 devel/rubygem-rubyforge: RubyForge shutdown May 15 2014
2014-09-20 databases/ruby-dbd_odbc: RubyForge shutdown May 15 2014
2014-09-20 devel/ruby-fastri: RubyForge shutdown May 15 2014
2014-09-20 devel/ri-emacs: RubyForge shutdown May 15 2014
2014-09-20 security/p5-openxpki-client-html-mason: security/p5-openxpki-0.15+
abandoned Mason UI technology in favor of FastCGI

 

13:11 bapt 

Welcome Mate Desktop 1.8

The porting work as been done by gnome@ (kwm) and Eric Turgeon
(ericturgeon@ghostbsd.org)

 

16:41 marino 

Remove three unstaged security/prelude-* ports

 

07:46 cs 

Webshag is a multi-threaded, multi-platform web server audit tool. Written in
Python, it gathers commonly useful functionalities for web server auditing like
website crawling, URL scanning or file fuzzing.

WWW: http://www.scrt.ch/en/attack/downloads/webshag

PR:		ports/187676
Submitted by:	clutton@zoho.com

 

20:44 cs 

Radamsa is a generic test case generator for robustness testing, aka a fuzzer.
It can be used to test how well a program can stand malformed and potentially
malicious inputs. It operates on given sample inputs and thus requires minimal
effort to set up.

WWW: https://www.ee.oulu.fi/research/ouspg/Radamsa

PR:		ports/187576
Submitted by:	Jukka Ukkonen <jau@iki.fi>

 

14:24 ale 

Import PHP 5.6 branch!

 

10:07 bapt 

Remove non staged ports without pending PR from s*

 

19:15 adamw 

Add security/p5-Crypt-Tea_JS.

security/p5-Crypt-T_e_a development stopped at 2.11 and there will be no
further releases for that port. Development has continued by the same
author, under a new name, Crypt::Tea_JS.

I've added conflicts between the two, but p5-Crypt-T_e_a should probably
be considered deprecated.

This module implements TEA, the Tiny Encryption Algorithm, and some Modes of
Use, in Perl and JavaScript.

The $key is a sufficiently longish string; at least 17 random 8-bit bytes for
single encryption.

Crypt::Tea_JS can be used for secret-key encryption in general, or, in
particular, to communicate securely between browser and web-host. In this case,
the simplest arrangement is for the user to enter the key into a JavaScript
variable, and for the host to retrieve that user's key from a database. Or, for
extra security, the first message (or even each message) between browser and
host could contain a random challenge-string, which each end would then turn
into a signature, and use that signature as the encryption-key for the session
(or the reply).

WWW: http://search.cpan.org/dist/Crypt-Tea_JS/

 

15:07 swills 

security/rubygem-bcrypt: add rubygem-bcrypt port

bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
project for hashing passwords. The bcrypt Ruby gem provides a simple wrapper
for safely handling passwords.

WWW: https://github.com/codahale/bcrypt-ruby

 

17:24 adamw 

Add security/fprintd.

Fprintd is a D-Bus daemon that offers libfprint functionality over
the D-Bus interprocess communication bus. By adding this daemon
layer above libfprint, we solve various problems related to multiple
applications simulatenously competing for fingerprint readers.

While it is not very nice to think of a daemon being necessary in
this scenario, fprintd will be launched by D-Bus through the
activation mechanism. This means it is launched only when needed,
and additionally it will shut itself down after a period of inactivity.

(Text copied from link below.)

WWW: http://www.freedesktop.org/wiki/Software/fprint/fprintd/

PR:		192683
Submitted by:	Martin Birgmeier

 

09:49 antoine 

2014-08-24 security/pam_abl: Newer version requires large number of hacks, not
worth the effort
2014-08-23 www/rubygem-feedzirra: Project renamed upstream, see
www/rubygem-feedjira

 

14:43 adamw 

Add devel/liballium and security/obfsclient.

liballium attempts to reduce the amount of boilerplate code required to
implement pluggable transports for Tor in C or C++.

WWW: https://github.com/yawning/liballium

obfsclient is a C++11 Tor-managed pluggable transport client
implementation of the following protocols:

obfs2 - The Twobfuscator
obfs3 - The Threebfuscator
ScrambleSuit - Experimental

WWW: https://github.com/yawning/obfsclient

PR:		187926, 187927
Submitted by:	fk@fabiankeil.de

 

12:50 zi 

New port: security/p5-Crypt-RHash:

Crypt::Rhash module is an object-oriented interface to the LibRHash library,
allowing simultaneous calculation of several hash functions for a file or a
text message.

Resulting hash digest can be obtained in hexadecimal, BASE32, BASE64, raw
binary format or as a magnet link.

WWW: http://search.cpan.org/dist/Crypt-RHash/

PR:		192899
Submitted by:	proler@gmail.com

 

06:30 antoine 

2014-08-20 deskutils/horde3-hermes: EOL in April 2012
2014-08-20 deskutils/horde3-klutz: EOL in April 2012
2014-08-20 deskutils/horde3-kronolith: EOL in April 2012
2014-08-20 deskutils/horde3-mnemo: EOL in April 2012
2014-08-20 devel/horde3-chora: EOL in April 2012
2014-08-20 ftp/horde3-gollem: EOL in April 2012
2014-08-20 games/linux-steam: Unmaintained interactive port
2014-08-20 games/linux-ut2004-demo: Unmaintained restricted ancient demo
2014-08-20 mail/horde3-dimp: EOL in April 2012
2014-08-20 mail/horde3-forwards: EOL in April 2012
2014-08-20 mail/horde3-ingo: EOL in April 2012
2014-08-20 mail/horde3-mimp: EOL in April 2012
2014-08-20 mail/horde3-vacation: EOL in April 2012
2014-08-20 net-mgmt/horde3-nic: EOL in April 2012
2014-08-20 net-mgmt/nocol: Unmaintained interactive port
2014-08-20 net-mgmt/ourmon: Unmaintained interactive port
2014-08-20 net/wowzamediaserverpro: Unmaintained interactive port
2014-08-20 news/p5-NNML: Unmaintained interactive port
2014-08-20 print/dvips: Unmaintained interactive port
2014-08-20 print/xdvi: Unmaintained interactive port
2014-08-20 security/horde3-jeta: EOL in April 2012
2014-08-20 security/hunch: Likely unused interactive port
2014-08-20 www/horde3-ansel: EOL in April 2012
2014-08-20 www/horde3-meta: EOL in April 2012
2014-08-20 www/horde3-passwd: EOL in April 2012
2014-08-20 www/horde3-trean: EOL in April 2012
2014-08-20 www/wwwcount: Ancient interactive port
2014-08-20 x11-clocks/xalarm: Unmaintained interactive port

 

11:18 koobs 

[NEW] security/py-cpe: Common Platform Enumeration (CPE) for Python

Common Platform Enumeration (CPE) is a standardized method of describing
and identifying classes of applications, operating systems, and hardware
devices present among an enterprise's computing assets.

For more information, please visit the official website of CPE, developed
by MITRE and maintained by NIST.

Features:

  * Versions: 1.1, 2.2, 2.3
  * Formats: WFN, URI, FS.
  * Cross-version conversion.
  * Language parsing and evaluation.

WWW: https://github.com/nilp0inter/cpe

 

19:10 marino 

remove 3 ports: security/sguid-(client|sensor|server)

These were combined to a single port at security/sguil which is also
a newer version.

 

18:38 marino 

Add new port security/sguil (version 0.9.0)

This port replaces security/sguil-client, security/sguild-server and
security/sguil-sensor which are at version 0.8.0.  They will be removed
shortly as a result.

PR:		191347
Submitted by:	Muhammad Rahman

Sguil (pronounced sgweel) is built by network security analysts for network
security analysts. Sguil's main component is an intuitive GUI that provides
access to realtime events, session data, and raw packet captures. Sguil
facilitates the practice of Network Security Monitoring and event driven
analysis. The Sguil client is written in tcl/tk and can be run on any operating
system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).

 

21:41 wg 

security/openca-tools-forked: Tools to deal with SCEP and PKCS7 messages

Tools to deal with SCEP and PKCS7 messages.

This is a forked version of openca-tools changed to work with
security/p5-openxpki.

WWW: http://www.openxpki.org

PR:		192473
Submitted by:	Sergei Vyshenski (with changes)