security/testssl.sh: Update to 3.0.9

MAN?PREFIX: eleminate its usage  and move man to share/man

security/testssl.sh: Update to 3.0.8

Changes:
  Fix grep 3.8 warnings on fgrep and unneeded escapes of hyphen, slash, space
(Geert)
  Fix alignment for cipher output (David)
  News binaries (Darwin from Barry), carry now the appendix -bad and fixes a
security problem.
  Backport from higher OpenSSL version to support xmpp-server
  Fix CT (David)
  Fix decryption of TLS 1.3 response (David)
  Upgrade Dockerfile to Alpine to 3.15
  Fix pretty JSON formatting when warning is issued (David)
  Update of certificate stores
  Major update of client simulation (9 new simulations , >4 removed in default
run)
  Fix CRIME output on servers only supporting TLS 1.3 (Tomasz)
  Fix censys link
  Fix ome handshake problems w $OPENSSL ciphers, extend
determine_optimal_sockets_params() to more
  ciphers, fix PROTOS_OFFERED (David)
  Relax STARTTLS FTP requirement so that it doesn't require TLS after AUTH
  Fix run_server_preference() with no default protocol (David)
  Fix getting CRL / NO_SESSION_ID under some circumstances (David)
  Improve/fix OpenSSL 3.0 compatibility (David)
  Fix formatting to documentation
  Add FFDHE groups to supported_groups (David)
  Include RSA-PSS in ClientHello (David)

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

security/testssl.sh: Update to 3.0.7

Changes:
  Fix "ID resumption test failed" bug under Darwin
  Fix "locale error message when en_US.UTF-8 isn't available" bug
  Fix "Darwin / LibreSSL startup problem" which leads to a question upfront
  Make upfront handshake tests more compatible by adding </dev/null (David)
  Take 'HTTP Age' HTTP header into account when determine HTTP time (Wahnes)
  Fix JSON header (structured JSON output) name (David)
  Robustness: Update reset_hostdepended_vars() for mass tests (David)
  Simplify determination of git stuff (Matthias)
  Fix "newline to spaces" in JSON and CSV findings (David)
  Fix "Bad file descriptor with --connect-timeout option"
  SSLv2 fixes, OpenSSL fixes 3.X (David)
  Improve cipher_pref_check() for detecting prioritization of ChaCha ciphers
  Simplify + speed up pre-check
  Addressing lame DNS responses on WSL
  Fix big serial # issue in certs
  Fix invalid JSON when certificate issuer containing non-ASCII chars

security/testssl.sh: Update to 3.0.6

security/testssl.sh: Update to 3.0.5

One more small cleanup, forgotten yesterday.
Reported by:	lwhsu

Remove # $FreeBSD$ from Makefiles.

security/testssl.sh: Update to 3.0.4

security/testssl.sh: Update to 3.0.3

* Update certificate stores
* manpage fix (Karl)
* minor speedups for some vulnerability tests
* bash 5.1 fix
* Secure Client-Initiated Renegotiation false positive fix
* BREACH is now medium
* invalid JSON fix and other JSON improvements (David)
* Adding native Android 7 handshake instead of Chrome which has TLS 1.3
(Christoph)
* Header flag X-XSS-Protection is now labled as INFO
* No cyan colors in HHHTP header flags anymore, colons added
* Dockerfile improvments

security/testssl.sh: Turn REINPLACEs into patches

While here, improve some text strings and general formatting.

Adopt these ports

Reset MAINTAINER

security/testssl.sh: Update to 3.0.2

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0.2

security/testssl.sh: Update to 3.0.1

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0.1

security/testssl.sh: Update to 3.0

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0

security/testssl.sh: Update to 3.0rc6

- Hook up tests

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0rc6

security/testssl.sh: Update to 3.0rc5

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0rc5

security/testssl.sh: Update to 3.0rc4

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0rc4
MFH:		2019Q1 (bug fixes)

security/testssl.sh: Update to 3.0rc3

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0rc3
MFH:		2018Q4 (bugfixes)

security/testssl.sh: Update to 3.0rc2

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/3.0rc2
MFH:		2018Q4 (bugfixes)

security/testssl.sh: Update to 3.0rc1

security/testssl.sh: Update to 2.9.5-5

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5-5

security/testssl.sh: Update to 2.9.5-4

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5-4

security/testssl.sh: Update to 2.9.5-3

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5-3

security/testssl.sh: Fix certificate expiration check

Upstream commit af6ca18933ffc5bb02d2ced46342b8d7a6275acd dropped the
TZ offset from the certificate enddate but the FreeBSD date format was
not updated accordingly.  Remove the unnecessary %z from the format
string.

- While here add NO_ARCH

PR:		226676
Submitted by:	Piotr Kubaj <pkubaj@anongoth.pl>

security/testssl.sh: Update to 2.9.5-2

PR:		226422
Submitted by:	Piotr Kubaj <pkubaj@anongoth.pl>

security/testssl.sh: Use security/openssl-unsafe

This greatly simplifies the port and we can stop building our own
unsafe openssl version.

PR:		223457
Submitted by:	brnrd

security/testssl.sh: Update to 2.9.5-1

Changes:	https://github.com/drwetter/testssl.sh/compare/v2.9.5...v2.9.5-1

security/testssl.sh: Update to 2.9.5

Changes:	https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5

Only use enable-ec_nistp_64_gcc_128 on amd64 since it requires a
64-bit little-endian architecture and fix the build on !amd64

ecp_nistp224.c:43:9: error: unknown type name '__uint128_t'
typedef __uint128_t uint128_t;	/* nonstandard; implemented by gcc on 64-bit
	^

PR:		220403
Reported by:	dewayne@heuristicsystems.com.au
Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D11436
MFH:		2017Q3

New port: security/testssl.sh

testssl.sh is a command line tool which checks a server's service on
any port for the support of TLS/SSL ciphers, protocols as well as some
cryptographic flaws.  Key features:

- Clear output: you can tell easily whether anything is good or bad
- Flexibility: You can test any SSL/TLS enabled and STARTTLS service,
  not only webservers at port 443
- Toolbox: Several command line options help you to run YOUR test and
  configure YOUR output
- Reliability: features are tested thoroughly
- Verbosity: If a particular check cannot be performed because of a
  missing capability on your client side, you'll get a warning
- Privacy: It's only you who sees the result, not a third party

WWW: https://github.com/drwetter/testssl.sh

Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D11406