security/shibboleth-sp: Unbreak memcached support

It was apparently fixed upstreams.

PR:	264044

security/shibboleth-sp: Remove incorrect dependency

PR:	279155 (Reported by diizzy@)

security/shibboleth-sp: Fix build with clang19

There was probably a name space clash between std and xmltooling for
the `char_traits' method.

See also:	https://shibboleth.atlassian.net/browse/SSPCPP-998

textproc/xerces-c3: Update to 3.3.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12355023

security/shibboleth-sp: Update to 3.5.0

Release notes:  https://shibboleth.atlassian.net/wiki/x/jYUaew

security/shibboleth-sp: allow configuring the www_group

If you reconfigured your apache httpd to use a non-standard group, set
the rc variable shibboleth_www_group to correspond to that group, and
you will get correct rights for the unix domain socket that mod_shib
uses to communicate with the shibboleth daemon.

security/shibboleth-sp: Fix build with llvm16

Approved by:	portmgr (blanket)
Sponsored by:	The FreeBSD Foundation

devel/xmltooling: update to 3.2.4

An updated version of the XMLTooling library that is part of the
OpenSAML and Shibboleth Service Provider software is now available
which corrects a server-side request forgery (SSRF) vulnerability.

Security:	f7e9a1cc-0931-11ee-94b4-6cc21735f730

Mk/Uses/apache.mk: Refactor after removal of older versions

apache22 and apache25 had been removed a long time ago however the
apache.mk file has never been refactored and is out of sync from the
file Mk/bsd.default-versions.mk. These changes refactors the removals of
the older versions. In addition:

- Move some keywords like USE_APACHE, USE_APACHE_BUILD, USE_APACHE_RUN
  from SANITY_DEPRECATED to SANITY_UNSUPPORTED
- Remove apache versions from ports Makefiles as currently there is only
  one available version in the tree. However the version checks are
  still valid and should work flawlessly whenever a new version is
  added. For example USES=apache:2.2+ are simply replaced with
  USES=apache. As currently there are no other versions available for
  test this could not be checked on it's own ground.
- Update FOO_USE=APACHE=yes to FOO_USES=apache
- Remove trailing whitespaces

Approved by:    portmgr
Differential Revision: https://reviews.freebsd.org/D38113

shibboleth-sp: Update to 3.4.1

A patch release of the Service Provider, V3.4.1, is now available. This
release fixes a couple of small bugs and adds a warning requested by one
of our member organizations in the absence of the redirectLimit setting,
which leads to SPs being abused as open redirectors.

Notably, this release includes an update to the xmltooling library that
hardens the code base against the sorts of attacks reported against the
IdP in the recent advisory. The SP is, as far as can be determined, not
impacted directly by that vulnerability, but this is a precautionary
change.

Release
notes:	https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335693/ReleaseNotes

security/shibboleth-sp: update to 3.4.0

This is a minor update containing a new setting suggested by a
contributor (thus the unplanned minor version change) controlling
retries when TCP connections to shibd are used. The other changes are
minimal in nature.

Update the toolchain as well:

devel/xmltooling
textproc/xerces-c3

and bump PORTREVISION for security/opensaml due to dependencies'
updates.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

*/*: bump all consumers after recent boost upgrade

security: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Aldis Berjoza <aldis@bsdroot.lv>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Kapranoff <kappa@rambler-co.ru>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexander Botero-Lowry <alex@foxybanana.com>
  *  Alexander Kriventsov <avk@vl.ru>
  *  Alexander Leidinger <netchild@FreeBSD.org>

security/shibboleth-sp: Silence bogus apache 1.3 warning

PR:		260482
Submitted by:	Craig Leres

security/shibboleth-sp: update to 3.3.0

security/shibboleth-sp: update to 3.2.3

A regression in the RequestMap feature causing random crashes on some
systems was identified, necessitating this patch update. Most uses of
this feature tend to be on Windows, so that's the primary platform
affected but the bug was generic if the feature were to be used on other
systems.

It isn't easily exploitable by specific requests, so it's a borderline
sort of denial of service risk and the Shibboleth project chose not to
do an advisory, and anybody affected won't need much incentive to get
the patch anyway.

security/shibboleth-sp: Update to 3.2.2

This is a security fix for an issue that has not yet been disclosed. The
vuxml entry will be updated once the CVE is available.

The patch to mitigate the vulnerability was introduced already on
2021-04-23 in the FreeBSD port as 3.2.1_1.

Security:	e4403051-a667-11eb-b9c9-6cc21735f730

security/shibboleth-sp: Reintroduce direct dependencies to silent Q/A.

The dependencies where previously added indirectly through the
dependency chain via opensaml, bust the Q/A disapproved of that.

Add patch to check for missing DataSealer during cookie recovery.

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

Update to version 3.2.1

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
[1]

Update xmltooling to 3.2.0

Bump dependant ports. xmltooling is only used as a dependency for
security/shibboleth-sp.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes

Upgrade Shibboleth and OpenSAML to 3.2.0

Release
notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes#ReleaseNotes-3.2.0(December14,2020)

The Shibboleth Project has released V3.1.0 of the Service Provider software.

Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes

devel/boost-*: update to 1.72.0

Changes:	http://www.boost.org/users/history/version_1_72_0.html
PR:		241449
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D22136

devel/boost-*: update to 1.71.0

Changes:	http://www.boost.org/users/history/version_1_71_0.html
PR:		238827
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D20774

devel/boost-*: update to 1.70.0

Changes:	http://www.boost.org/users/history/version_1_70_0.html
PR:		235956
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D19303

Update Shibboleth and its tool chain to 3.0.4

The security problem was patched alreadyin 3.0.3p1, but all users are
recommended to update to the latest version at next service window.

Security:	CVE-2019-9628
		https://shibboleth.net/community/advisories/secadv_20190311.txt
Release notes:	https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes

Update to version 3.0.3

The update corrects a denial of service vulnerability.

Security:	4f8665d0-0465-11e9-b77a-6cc21735f730

devel/boost-*: update to 1.69.0

Changes:	http://www.boost.org/users/history/version_1_69_0.html
PR:		232525
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D17645

devel/boost-*: update to 1.68.0

- Switch to C++14 for libboost_system to support C++14 consumers

Changes:	http://www.boost.org/users/history/version_1_68_0.html
PR:		229569
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D16165

Update Shibboleth to 3.0.2

Also update the toolchain to latest versions. This includes a security fix for
apache-xml-security-c.

Releaseinfo:    https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes
Security:       5786185a-9a43-11e8-b34b-6cc21735f730
Security:       https://shibboleth.net/community/advisories/secadv_20180803.txt

2010-01-08 x11-toolkits/gtkada-gps: has been broken for 3 months
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months

- WITH_APACHE22 is deprecated

With Hat: apache@

  This port has been broken for 3+ months, thus

- Mark DEPRECATED and schedule for expiration in one month

With hat:       portmgr

Mark BROKEN on i386-6 as well.

Mark as only for i386-6.

Based on:

PR:             ports/115474
Submitted by:   maintainer

Shibboleth is standards-based, open source middleware software which
provides Web Single SignOn (SSO) across or within organizational
boundaries. It allows sites to make informed authorization decisions
for individual access of protected online resources in a
privacy-preserving manner.

This software is a C++ implementation of the Service Provider
component of the Shibboleth can be used in Apache Web servers.  The
service provider manages secured resources. User access to resources
is based on assertions received by the service provider (SP) from
an identity provider.

WWW:    http://shibboleth.internet2.edu/

PR:             ports/114663
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>