Version 8.2[0] added support for two new key types: "ecdsa-sk" and
"ed25519-sk". These two type enable the usage of hardware tokens that
implement the FIDO (or FIDO2) standard, as an authentication method for
SSH.
Since we're already on version 8.4 all we need to do is to explicitly enable
the support for hardware keys when compiling OpenSSH and add all the
missing dependencies OpenSSH requires.
OpenSSH depends on libfido2[1], to communicate with the FIDO devices
over USB. In turn, libfido2 depends on libcbor, a C implementation of
the CBOR protocol[2] and OpenSSL.
[0]: https://lwn.net/Articles/812537/
[1]: https://github.com/Yubico/libfido2
[2]: tools.ietf.org/html/rfc7049
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
libfido2 provides library functionality and command-line
tools to communicate with a FIDO device over USB, and to
verify attestation and assertion signatures.
libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2) protocols.
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
Libcbor is a C library for parsing and generating CBOR[0],
the general-purpose schema-less binary data format.
[0]: https://tools.ietf.org/html/rfc7049
Signed-off-by: Linos Giannopoulos <linosgian00@gmail.com>
Add fadvise64_64 and fchmod syscalls needed on PowerPC platforms to
seccomp rules of transmission-daemon.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
No package version bump as no change to built package. URL now points
to current useful webpage, and description is based on current release.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
This became a requirement in libwww-perl 6.17.
Note that there are two other missing "soft" dependencies, Authen::Ntlm
as used by LWP::Authen::Ntlm, and Data::Dump as used by
LWP::Debug::TraceHTTP, that are not required for basic functionality.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
Add Exim MTA variants:
* exim
plain variant without any TLS library which hence comes
without TLS, DANE and DKIM.
* exim-openssl
linked against libopenssl
* exim-gnutls
linked against libgnutls
* exim-ldap
linked against libopenssl, libopenldap and libsasl2
Provide packages for lookup modules
* cdb
* dbmdb
* dnsdb
* json (depends on jansson)
* mysql (depends on libmariadb)
* passwd
* pgsql (depends on libpq)
* redis (depends on libhiredis)
* sqlite (depends on libsqlite3)
Note:
As gnutls requires libunbound which depends on libopenssl to provide
libgnutls-dane, disable DANE by default when building with gnutls.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add spamc and spamc-ssl SpamAssassin client packages.
Also package SpamAssassin Perl backend, but that still lacks many
features due to Perl packages missing in OpenWrt.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Disable native code for now as it fails due to the package's
build-system not considering STAGING_DIR.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The first release candidate with plenty of changes needs wider testing,
so package it.
Since Linux 4.8 new more efficient GPIO manipulation API is available
and sysfs class gpio is deprecated. Enable OpenOCD support for both for
now to avoid breaking existing user configs.
Due to low user demand and packaging difficulties require USB libraries
unconditionally from now on. Their sizes are not significant compared to
the OpenOCD package itself.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Rosen Penev
Linos Giannopoulos
Daniel Golle
Stan Grishin
Karl Palsson
Matteo Cicuttin
Jianhui Zhao
Alexandru Ardelean
Kuan-Yi Li
Matt Merhar
Luiz Angelo Daros de Luca
Hannu Nyman
Dobroslaw Kijowski
Etienne Champetier
Aaron Goodman
Maxim Storchak
Paul Fertser
Igor Bezzubchenko
Michael Heimpold