Permalink
Switch branches/tags
Nothing to show
Commits on Aug 14, 2018
  1. svscanboot resets PATH, but doesn't include ${PREFIX}/bin or

    schmonz committed Aug 14, 2018
    ${PREFIX}/sbin (reported by jmcneill@). Fix and bump PKGREVISION.
Commits on Aug 9, 2018
  1. We don't install multiple architectures, so don't build them. Bump

    schmonz committed Aug 9, 2018
    PKGREVISION defensively, since it's hard to be sure the binary package
    hasn't changed.
Commits on Aug 8, 2018
  1. According to <https://cr.yp.to/highspeed/coolnacl-20120725.pdf>, "NaCl

    schmonz committed Aug 8, 2018
    is in the public domain". Set LICENSE accordingly.
Commits on Aug 6, 2018
  1. Update to latest filter3 patch (missed some static string methods, so

    schmonz committed Aug 6, 2018
    pymsgauth-confirm didn't work). Bump PKGREVISION.
Commits on Aug 5, 2018
  1. Add and enable qpasswd.

    schmonz committed Aug 5, 2018
  2. Add qpasswd, a set of password-checking tools for many

    schmonz committed Aug 5, 2018
    authentication schemes.
    
    The qpasswd tools are meant for use with checkpassword-compatible
    authentication programs like qmail-popup and qmail-smtpd. Currently, the
    following auth mechanisms are supported: plain, login, apop, cram-md5,
    cram-sha1, cram-ripemd, and digest-md5. The tools:
    
    - multicheckpw (runs multiple checkpassword programs)
    
    - checkqpasswd (for virtual users)
    
    - checkpasswd (for system users in /etc/passwd)
Commits on Aug 4, 2018
  1. Update to 5.48. From the changelog:

    schmonz committed Aug 4, 2018
    * Security bugfixes
      - Fixed requesting client certificate when specified
        as a global option.
    * New features
      - Certificate subject checks modified to accept certificates
        if at least one of the specified checks matches.
Commits on Aug 1, 2018
  1. Depend on pkgtools/pkg_alternatives and a new enough mail/qmail to rely

    schmonz committed Aug 1, 2018
    on finding "nbcheckpassword" (which, at present, might be either
    checkpassword-pam or DJB's original).
    
    Depend (unconditionally) on mail/qmail-rejectutils, instead of having it
    as an option on mail/qmail.
    
    Bump version.
  2. Depend on new enough sysutils/checkpassword{,-pam} such that qmail-run

    schmonz committed Aug 1, 2018
    can (by itself depending on pkgtools/pkg_alternatives) expect to find
    "nbcheckpassword".
    
    Remove 'qmail-rejectutils' option, which will become an unconditional
    dependency in qmail-run.
    
    Bump PKGREVISION.
Commits on Jul 31, 2018
  1. Update to 20180729. From the changelog:

    schmonz committed Jul 31, 2018
    Algorithm
    
    Rewrite of the core int32/avx2 implementation for (1) higher speed and
    (2) reduced memory consumption. Stack allocation is now at most a few
    kilobytes, even for gigantic arrays.
    
    Internally, the sorting algorithm is now mostly bitonic to simplify
    indexing, although odd-even speedups are still applied when
    convenient. Lanes are complemented to take the down-up decision out of
    the inner loops.
    
    As in previous djbsort versions, data is sorted first in vector lanes
    and then transposed for final merges, reducing the overall number of
    vector permutations. Unlike previous versions, transposition is done
    in-place. The transposition in this version is bit-reversal on the outer
    6 bits (bottom 3 bits and the top 3 bits), but leaves intermediate bits
    alone. Non-power-of-2 array sizes are handled by an extra, more
    traditional, merge step.
    
    Sizes 2, 3, 4, 5, 6, 7, 8, 16, 32 are now special-cased. Non-power-of-2
    sizes below 256 are padded to the next power of 2.
    
    Portable implementations: The out-of-place int32/portable1 and
    int32/portable2 implementations are now gone; the in-place
    int32/portable3 and int32/portable4 implementations remain.
    
    C API
    
    float32_sort is now supported. The arithmetic in the reduction from
    float32 to int32 is int32 31-bit right shift, uint32 1-bit right shift,
    xor; this is slightly more efficient than the reduction from float32 to
    uint32 from 2001 Herf.
    
    Compiling
    
    Tests now have more variation (without much slowdown): the uint32 test
    cases now deviate from int32 in more than the sign; float32 uses
    floating-point numbers that aren't integers; int32 does more loops for
    small cases, and some larger cases.
    
    Internals
    
    API for 2-input sorting is now MINMAX macro operating on two
    inputs in place.
    
    Better inline assembly from Jason Donenfeld for 2-input sorting: more
    flexibility in compiler's register allocation.
    
    The package version number is now automatically copied to version.c as
    the implementation version number for implementations that don't provide
    version.c.
    
    Verification
    
    minmax now supports more peephole optimizations for complemented bitonic
    sorting and for padding: xor(s,xor(s,t)) ⇒ t; xor(-1,s) ⇒ invert(s);
    Reverse(Reverse(s)) ⇒ s; signedmin(invert(s),invert(t)) ⇒
    invert(signedmax(s,t)); signedmax(invert(s),invert(t)) ⇒
    invert(signedmin(s,t)); invert(s)[high:low] ⇒ invert(s[high:low]);
    s[bits-1:0] ⇒ s; s[high:low][high2:low2] ⇒ s[high2+low:low2+low];
    Concat(...)[high:low] ⇒ ...[high-pos:low-pos] when possible;
    Reverse(s)[high:low] ⇒ Reverse(s[...]) when possible; eliminate
    signedmin/signedmax when one input is the minimum or maximum constant.
    
    verifymany now includes the implementation version number on
    verified lines.
  2. Compiler options are also baked into paths, so switch to dynamic PLIST.

    schmonz committed Jul 31, 2018
    Install with pax, not cp. On deinstall, remove whatever's left in
    share/djbsort.
  3. From DJB: "For correctness, ./test has to be run on the installation

    schmonz committed Jul 31, 2018
    machine, not on the machine preparing a binary package." (Also: "The
    issues are explained in Section 8 of
    https://pqcrypto.eu.org/deliverables/d2.4.pdf.")
    
    For this to work, we install the source tree (with built objects) to
    ${PREFIX}/share/djbsort. Then we run tests, install to ${PREFIX}/include
    and ${PREFIX}/lib, and check the installed files against pseudo-PLIST.
    
    This means pkg_add(1) will fail if no C compiler is present, which is
    unusual behavior for pkg_add but perhaps not entirely unreasonable for a
    C library.
    
    Bump PKGREVISION.
Commits on Jul 30, 2018
Commits on Jul 29, 2018
  1. Add 'inet6' option to control dependency on ucspi-tcp{6,}, even

    schmonz committed Jul 29, 2018
    though net/djbdns itself still doesn't support the 'inet6' option.
    Bump version.
  2. We depend on publicfile, so we don't need to duplicate its dependencies

    schmonz committed Jul 29, 2018
    on daemontools and ucspi-tcp{6,}. Bump version.