| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Add a new "disable-ld" option that disables ld. This is required on Darwin
where it is not currently built, but is also required for some SunOS setups
where an external GCC is used and we do not want a libgcc dependency on it.
There are now two ld-related PLIST variables, "gld" for the general handling
of whether GNU ld is built or not, and "ld" for the symlinks we create.
In addition Darwin also needs --disable-libctf to avoid a build issue, and an
additional PLIST variable to handle GNU as which is also not built on Darwin.
While here clean up a bunch of variable handling and NetBSD 5/6 workarounds,
and simplify the setup of SYMLINK_FILES.
Fixes build on Darwin, and SunOS when using an external GCC. Ok fcambus@
|
|
|
|
Comment out some old workarounds for configure script/compiler issues,
and trust the upstream configure script again until proven wrong.
Remove hacks.mk, the grep does not match anything any longer.
Noteworthy changes in version 1.9.1 (2021-01-29) [C23/A3/R1]
------------------------------------------------
* Bug fixes:
- Fix exploitable bug in hash functions introduced with 1.9.0.
[#5275]
- Return an error if a negative MPI is used with sexp scan
functions. [#4964]
- Check for operational FIPS in the random and KDF functions.
[#5243]
- Fix compile error on ARMv7 with NEON disabled. [#5251]
- Fix self-test in KDF module. [#5254]
- Improve assembler checks for better LTO support. [#5255]
- Fix assember problem on macOS running on M1. [#5157]
- Support older macOS without posix_spawn. [#5159]
- Fix 32-bit cross build on x86. [#5257]
- Fix non-NEON ARM assembly implementation for SHA512. [#5263]
- Fix build problems with the cipher_bulk_ops_t typedef. [#5264]
- Fix Ed25519 private key handling for preceding ZEROs. [#5267]
- Fix overflow in modular inverse implementation. [#5269]
- Fix register access for AVX/AVX2 implementations of Blake2.
[#5271].
* Performance:
- Add optimized cipher and hash functions for s390x/zSeries.
- Use hardware bit counting functionx when available.
* Internal changes:
- The macOS getentropy syscall is used when available. [#5268]
- Update DSA functions to match FIPS 186-3. [30ed9593f6]
- New self-tests for CMACs and KDFs. [385a89e35b,7a0da24925]
- Add bulk cipher functions for OFB and GCM modes.
[f12b6788f2,f4e63e92dc]
Release-info: https://dev.gnupg.org/T5259
|
|
|
|
Update DEPENDS
Upstream changes:
1.0048 2020-11-29 16:20:00 PST
[IMPROVEMENTS]
- Updated documentation for cotent_length and content_type #625
- Allow hyphens in file extensions for custom MIME types #614
- Updated some python test script to work with Python 3 #639
[BUG FIXES]
- Fix HTTP::Message::PSGI to work with delayed writer without content #653
- Plackup reloader allows restarting the server when the path contains .git or .svn, just not at the beginning of the path #632
- Added MIME types for .webp, .ttf and .xlsx files (rrwo)
- Fix Plack::Request content to not error when Content-Type is empty #655
|
|
|
|
Upstream changes:
0.25 2020-11-28T02:35:28Z
- handle empty Content-Type as if octet-stream blob #14
|
|
|
|
|
|
Oxipng is a multithreaded lossless PNG compression optimizer. It can be used
via a command-line interface or as a library in other Rust programs.
It began as a complete rewrite of the OptiPNG project with the core goal of
implementing multithreading, which would be very difficult to do within the
existing C codebase of OptiPNG.
|
|
|
|
Changes between 3.0.11.1 and 3.0.12:
----------------------------------
Access:
* Add new RIST access module compliant with simple profile (VSF_TR-06-1)
Access Output:
* Add new RIST access output module compliant with simple profile (VSF_TR-06-1)
Demux:
* Fixed adaptive's handling of resolution settings
Audio output:
* Fix audio distortion on macOS during start of playback
Video Output:
* Direct3D11: Fix some potential crashes when using video filters
macOS:
* Add native support for Apple Silicon / ARM-64
* Visual UI adaptations for macOS Big Sur
* Fix displaying EQ bands in the UI depending on which frequency
presets are set for the EQ in advanced preferences
* Fix UI issues in bookmarks window
Misc:
* Several fixes in the web interface, including privacy and security
improvements
* Update YouTube and Vocaroo scripts
|
|
|
|
|
|
|
|
|
|
A command-line benchmarking tool.
Features:
-Statistical analysis across multiple runs.
-Support for arbitrary shell commands.
-Constant feedback about the benchmark progress and current estimates.
-Warmup runs can be executed before the actual benchmark.
-Cache-clearing commands can be set up before each timing run.
-Statistical outlier detection to detect interference from other programs and
caching effects.
-Export results to various formats: CSV, JSON, Markdown, AsciiDoc.
-Parameterized benchmarks (e.g. vary the number of threads).
|
|
|
|
|
|
|
|
|
|
Patch from __skn on IRC. Thanks! Bump PKGREVISION.
|
|
|
|
|
|
-[fix] don't output unparsed config
-[fix] path enumeration reported by @noproto
-man page tidy
-list error should show "your"
|
|
|
|
It may make more sense to use a Makefile.common in ispell, but for now
this fixes things.
|
|
|
|
|
|
sdorfehs is a tiling window manager descended from ratpoison, which itself is
modeled after GNU Screen.
sdorfehs divides the screen into one or more frames, each only displaying
one window at a time but can cycle through all available windows (those
which are not being shown in another frame).
Like Screen, sdorfehs primarily uses prefixed/modal key bindings for most
actions.
sdorfehs's command mode is entered with a configurable keystroke
(Ctrl+a by default) which then allows a number of bindings accessible with just
a single keystroke or any other combination.
Special thanks to David H. Gutteridge for the patch and explanations.
|
|
|
|
|
|
|
|
The BuildBot is a system to automate the compile/test cycle required by
most software projects to validate code changes. By automatically
rebuilding and testing the tree each time something has changed, build
problems are pinpointed quickly, before other developers are
inconvenienced by the failure. The guilty developer can be identified
and harassed without human intervention. By running the builds on a
variety of platforms, developers who do not have the facilities to test
their changes everywhere before checkin will at least know shortly
afterwards whether they have broken the build or not. Warning counts,
lint checks, image size, compile time, and other build parameters can
be tracked over time, are more visible, and are therefore easier to
improve.
This package contains the Badges Plugin.
|
|
Klein is a micro-framework for developing production-ready web
services with Python. It is 'micro' in that it has an incredibly
small API similar to Bottle and Flask. It is not 'micro' in that
it depends on things outside the standard library. This is primarily
because it is built on widely used and well tested components like
Werkzeug and Twisted.
|
|
|
|
Data-processing and flow-control engine for event-driven programs.
|
|
|
|
|
|
pkgsrc changes:
---------------
* The PID file does not need to be written in a dedicated subdirectory
and it can be written in ${VARBASE}/run directly instead.
* The configuration parameters which need to be tuned in mosquitto.conf
can be uncommented and set in according with pkgsrc variables.
upstream changes:
-----------------
2.0.5 - 2021-01-11
==================
Broker:
- Fix `auth_method` not being provided to the extended auth plugin event.
Closes #1975.
- Fix large packets not being completely published to slow clients.
Closes #1977.
- Fix bridge connection not relinquishing POLLOUT after messages are sent.
Closes #1979.
- Fix apparmor incorrectly denying access to
/var/lib/mosquitto/mosquitto.db.new. Closes #1978.
- Fix potential intermittent initial bridge connections when using poll().
- Fix `bind_interface` option. Closes #1999.
- Fix invalid behaviour in dynsec plugin if a group or client is deleted
before a role that was attached to the group or client is deleted.
Closes #1998.
- Improve logging in dynsec addGroupRole command. Closes #2005.
- Improve logging in dynsec addGroupClient command. Closes #2008.
Client library:
- Improve documentation around the `_v5()` and non-v5 functions, e.g.
`mosquitto_publish()` and `mosquitto_publish_v5().
Build:
- `install` Makefile target should depend on `all`, not `mosquitto`, to ensure
that man pages are always built. Closes #1989.
- Fixes for lots of minor build warnings highlighted by Visual Studio.
Apps:
- Disallow control characters in mosquitto_passwd usernames.
- Fix incorrect description in mosquitto_ctrl man page. Closes #1995.
- Fix `mosquitto_ctrl dynsec getGroup` not showing roles. Closes #1997.
2.0.4 - 2020-12-22
==================
Broker:
- Fix $SYS/broker/publish/messages/+ counters not being updated for QoS 1, 2
messages. Closes #1968.
- mosquitto_connect_bind_async() and mosquitto_connect_bind_v5() should not
reset the bind address option if called with bind_address == NULL.
- Fix dynamic security configuration possibly not being reloaded on Windows
only. Closes #1962.
- Add more log messages for dynsec load/save error conditions.
- Fix websockets connections blocking non-websockets connections on Windows.
Closes #1934.
Build:
- Fix man pages not being built when using CMake. Closes #1969.
2.0.3 - 2020-12-17
==================
Security:
- Running mosquitto_passwd with the following arguments only
`mosquitto_passwd -b password_file username password` would cause the
username to be used as the password.
Broker:
- Fix excessive CPU use on non-Linux systems when the open file limit is set
high. Closes #1947.
- Fix LWT not being sent on client takeover when the existing session wasn't
being continued. Closes #1946.
- Fix bridges possibly not completing connections when WITH_ADNS is in use.
Closes #1960.
- Fix QoS 0 messages not being delivered if max_queued_messages was set to 0.
Closes #1956.
- Fix local bridges being disconnected on SIGHUP. Closes #1942.
- Fix slow initial bridge connections for WITH_ADNS=no.
- Fix persistence_location not appending a '/'.
Clients:
- Fix mosquitto_sub being unable to terminate with Ctrl-C if a successful
connection is not made. Closes #1957.
Apps:
- Fix `mosquitto_passwd -b` using username as password (not if `-c` is also
used). Closes #1949.
Build:
- Fix `install` target when using WITH_CJSON=no. Closes #1938.
- Fix `generic` docker build. Closes #1945.
2.0.2 - 2020-12-10
==================
Broker:
- Fix build regression for WITH_WEBSOCKETS=yes on non-Linux systems.
2.0.1 - 2020-12-10
==================
Broker:
- Fix websockets connections on Windows blocking subsequent connections.
Closes #1934.
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
- Fix websockets listeners not causing the main loop not to wake up.
Closes #1936.
Client library:
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
Apps:
- Fix `mosquitto_passwd -U`
Build:
- Fix cjson include paths.
- Fix build using WITH_TLS=no when the openssl headers aren't available.
- Distribute cmake/ and snap/ directories in tar.
2.0.0 - 2020-12-03
==================
Breaking changes:
- When the Mosquitto broker is run without configuring any listeners it will
now bind to the loopback interfaces 127.0.0.1 and/or ::1. This means that
only connections from the local host will be possible.
Running the broker as `mosquitto` or `mosquitto -p 1883` will bind to the
loopback interface.
Running the broker with a configuration file with no listeners configured
will bind to the loopback interface with port 1883.
Running the broker with a listener defined will bind by default to `0.0.0.0`
/ `::` and so will be accessible from any interface. It is still possible to
bind to a specific address/interface.
If the broker is run as `mosquitto -c mosquitto.conf -p 1884`, and a
listener is defined in the configuration file, then the port defined on the
command line will be IGNORED, and no listener configured for it.
- All listeners now default to `allow_anonymous false` unless explicitly set
to true in the configuration file. This means that when configuring a
listener the user must either configure an authentication and access control
method, or set `allow_anonymous true`. When the broker is run without a
configured listener, and so binds to the loopback interface, anonymous
connections are allowed.
- If Mosquitto is run on as root on a unix like system, it will attempt to
drop privileges as soon as the configuration file has been read. This is in
contrast to the previous behaviour where elevated privileges were only
dropped after listeners had been started (and hence TLS certificates loaded)
and logging had been started. The change means that clients will never be
able to connect to the broker when it is running as root, unless the user
explicitly sets it to run as root, which is not advised. It also means that
all locations that the broker needs to access must be available to the
unprivileged user. In particular those people using TLS certificates from
Lets Encrypt will need to do something to allow Mosquitto to access
those certificates. An example deploy renewal hook script to help with this
is at `misc/letsencrypt/mosquitto-copy.sh`.
The user that Mosquitto will change to are the one provided in the
configuration, `mosquitto`, or `nobody`, in order of availability.
- The `pid_file` option will now always attempt to write a pid file,
regardless of whether the `-d` argument is used when running the broker.
- The `tls_version` option now defines the *minimum* TLS protocol version to
be used, rather than the exact version. Closes #1258.
- The `max_queued_messages` option has been increased from 100 to 1000 by
default, and now also applies to QoS 0 messages, when a client is connected.
- The mosquitto_sub, mosquitto_pub, and mosquitto_rr clients will now load
OS provided CA certificates by default if `-L mqtts://...` is used, or if
the port is set to 8883 and no other CA certificates are loaded.
- Minimum support libwebsockets version is now 2.4.0
- The license has changed from "EPL-1.0 OR EDL-1.0" to "EPL-2.0 OR EDL-1.0".
Broker features:
- New plugin interface which is more flexible, easier to develop for and
easier to extend.
- New dynamic security plugin, which allows clients, groups, and roles to be
defined and updated as the broker is running.
- Performance improvements, particularly for higher numbers of clients.
- When running as root, if dropping privileges to the "mosquitto" user fails,
then try "nobody" instead. This reduces the burden on users installing
Mosquitto themselves.
- Add support for Unix domain socket listeners.
- Add `bridge_outgoing_retain` option, to allow outgoing messages from a
bridge to have the retain bit completely disabled, which is useful when
bridging to e.g. Amazon or Google.
- Add support for MQTT v5 bridges to handle the "retain-available" property
being false.
- Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting
to a v3.x only broker.
- DLT logging is now configurable at runtime with `log_dest dlt`.
Closes #1735.
- Add `mosquitto_broker_publish()` and `mosquitto_broker_publish_copy()`
functions, which can be used by plugins to publish messages.
- Add `mosquitto_client_protocol_version()` function which can be used by
plugins to determine which version of MQTT a client has connected with.
- Add `mosquitto_kick_client_by_clientid()` and `mosquitto_kick_client_by_username()`
functions, which can be used by plugins to disconnect clients.
- Add support for handling $CONTROL/ topics in plugins.
- Add support for PBKDF2-SHA512 password hashing.
- Enabling certificate based TLS encryption is now through certfile and
keyfile, not capath or cafile.
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
- Add "deny" acl type. Closes #1611.
- The broker now sends the receive-maximum property for MQTT v5 CONNACKs.
- Add the `bridge_max_packet_size` option. Closes #265.
- Add the `bridge_bind_address` option. Closes #1311.
- TLS certificates for the server are now reloaded on SIGHUP.
- Default for max_queued_messages has been changed to 1000.
- Add `ciphers_tls1.3` option, to allow setting TLS v1.3 ciphersuites.
Closes #1825.
- Bridges now obey MQTT v5 server-keepalive.
- Add bridge support for the MQTT v5 maximum-qos property.
- Log client port on new connections. Closes #1911.
Broker fixes:
- Send DISCONNECT with `malformed-packet` reason code on invalid PUBLISH,
SUBSCRIBE, and UNSUBSCRIBE packets.
- Document that X509_free() must be called after using
mosquitto_client_certificate(). Closes #1842.
- Fix listener not being reassociated with client when reloading a persistence
file and `per_listener_settings true` is set and the client did not set a
username. Closes #1891.
- Fix bridge sock not being removed from sock hash on error. Closes #1897.
- mosquitto_password now forbids the : character. Closes #1833.
- Fix `log_timestamp_format` not applying to `log_dest topic`. Closes #1862.
- Fix crash on Windows if loading a plugin fails. Closes #1866.
- Fix file logging on Windows. Closes #1880.
- Report an error if the config file is set to a directory. Closes #1814.
- Fix bridges incorrectly setting Wills to manage remote notifications when
`notifications_local_only` was set true. Closes #1902.
Client library features:
- Client no longer generates random client ids for v3.1.1 clients, these are
now expected to be generated on the broker. This matches the behaviour for
v5 clients. Closes #291.
- Add support for connecting to brokers through Unix domain sockets.
- Add `mosquitto_property_identifier()`, for retrieving the identifier integer
for a property.
- Add `mosquitto_property_identifier_to_string()` for converting a property
identifier integer to the corresponding property name string.
- Add `mosquitto_property_next()` to retrieve the next property in a list, for
iterating over property lists.
- mosquitto_pub now handles the MQTT v5 retain-available property by never
setting the retain bit.
- Added MOSQ_OPT_TCP_NODELAY, to allow disabling Nagle's algorithm on client
sockets. Closes #1526.
- Add `mosquitto_ssl_get()` to allow clients to access their SSL structure and
perform additional verification.
- Add MOSQ_OPT_BIND_ADDRESS to allow setting of a bind address independently
of the `mosquitto_connect*()` call.
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and
trust OS provided CA certificates for use with TLS connections.
Client library fixes:
- Fix send quota being incorrecly reset on reconnect. Closes #1822.
- Don't use logging until log mutex is initialised. Closes #1819.
- Fix missing mach/mach_time.h header on OS X. Closes #1831.
- Fix connect properties not being sent when the client automatically
reconnects. Closes #1846.
Client features:
- Add timeout return code (27) for `mosquitto_sub -W <secs>` and
`mosquitto_rr -W <secs>`. Closes #275.
- Add support for connecting to brokers through Unix domain sockets with the
`--unix` argument.
- Use cJSON library for producing JSON output, where available. Closes #1222.
- Add support for outputting MQTT v5 property information to mosquitto_sub/rr
JSON output. Closes #1416.
- Add `--pretty` option to mosquitto_sub/rr for formatted/unformatted JSON
output.
- Add support for v5 property printing to mosquitto_sub/rr in non-JSON mode.
Closes #1416.
- Add `--nodelay` to all clients to allow them to use the MOSQ_OPT_TCP_NODELAY
option.
- Add `-x` to all clients to all the session-expiry-interval property to be
easily set for MQTT v5 clients.
- Add `--random-filter` to mosquitto_sub, to allow only a certain proportion
of received messages to be printed.
- mosquitto_sub %j and %J timestamps are now in a ISO 8601 compatible format.
- mosquitto_sub now supports extra format specifiers for field width and
precision for some parameters.
- Add `--version` for all clients.
- All clients now load OS provided CA certificates if used with `-L
mqtts://...`, or if port is set to 8883 and no other CA certificates are
used. Closes #1824.
- Add the `--tls-use-os-certs` option to all clients.
Client fixes:
- mosquitto_sub will now exit if all subscriptions were denied.
- mosquitto_pub now sends 0 length files without an error when using `-f`.
- Fix description of `-e` and `-t` arguments in mosquitto_rr. Closes #1881.
- mosquitto_sub will now quit with an error if the %U option is used on
Windows, rather than just quitting. Closes #1908.
|
|
|
|
|
|
|
|
|
|
golang doesn't support RELRO on NetBSD
Allows the package to build when PKGSRC_USE_RELRO=yes is set
|
|
|
|
-improve documentation
|
|
|
|
|
