| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Sending a stanza before a stanza during a SASL negotiation can cause a
c2s segfault. Leading to a remote DoS.
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
|
|
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
|
|
|
|
pkg has been changed to 5.x). Reminded by wiz... thanks.
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
CONFIGURE_ARGS.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
* fixed SASL anonymous
* fixed edge cases with new dynamic jid code
* fixed incorrect free order in c2s
* corrected debug logging
* fixed s2s bus error on 64-bit architectures
* fixed c2s collisions due to long jids
* fixed error response to iq result
* fixed roster pushing packets without id
* applied new dynamic jid patch
* fixed double free of nad in c2s and s2s
* major memory enhancement, made jid structure dynamically allocated
* fixed glibc error with custom sql statements
* fixed segfault with keepalives
|
|
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files. Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.
|
|
The jabberd project team is pleased to announce the release of jabberd 2.0s9.
This is a security release. There is a buffer overflow that could be used to
perform a DoS attack and possible code execution. It is *HIGHLY* recommended
that you upgrade!
ChangeLog:
* fixed only one user is loaded correctly for each router acl
* fixed s2s segfault under particular connection timeout conditions
* fixed id is being case sensitive
* fixed Users cannot login after a long period of server inactivity
* fixed handling of stream errors
* fixed version attribute reply in stream
* fixed c2s glibc abort and mysql option flags
* fixed sx io mem leak
* fixed Incorrect SASL error message defined in sx/sasl.c
* fixed 3 buffer overflows in jid.c
* fixed second log-in in with similar resource breaks routing for first login
|
|
|
|
compatibility provided via PKG_OPTIONS_LEGACY_OPTS.
|
|
user settable variable. Set PKG_SUGGESTED_OPTIONS instead. Also,
make use of PKG_OPTIONS_LEGACY_VARS.
Reviewed by wiz.
|
|
updating the Changelog file for changes (why??).
|
|
|
|
And always is defined as share/examples/rc.d
which was the default before.
This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.
This was discussed on tech-pkg in late January and late April.
Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
|
|
|
|
Approved by xtraeme.
|
|
Changes:
* Fix base64 encoding length in authreg_pipe.c Stephen Marquard,
Diagnosed by Jerome Vandenabeele
* Fixes segfault on s2s startup on some platforms when ssl is enabled
(local pemfile defined in s2s.xml), Stephen Marquard
* mod_offline handling of jabber:x:event client requests (JEP-0022) can
lead to a loop repeatedly adding duplicates to the offline queue under
certain race conditions. Correctly detect jabber:x:event notifications
and do not respond to them as requests, Stephen Marquard
* Check for invalid jids in directed presence packets, Stephen Marquard,
Based on bug report by Christopher Zorn
* Fixes minor memory leaks in authreg_ldap, Ilja Booij
* Fixes error in storage filter code using bdb storage causing sm
crash, Stephen Marquard
* Changes incorrectly indexed primary keys to non-unique indexes,
adds other indexes for efficiency, and changes type of xml field to
increase max allowed length, Stephen Marquard
* Include sys/types.h if available in util.h inter alia for FreeeBSD,
Stephen Marquard
* Minor code cleanups for compilation on HP-UX, Christof Meerwald
* Fix configure.in for correct handling of resolv.h, Magnus Henoch
* Include resquery checks from MAIN cvs branch in 2.0, Christof Meerwald
* Allows jabberd to start new components and place itself in the
background, Richard Bullington-McGuire (original ver), Additional
components defined in jabberd.cfg get started as long as they are in
the same directory as the jabberd script (useful for mu-conference
installed through jcr) The script can daemonize itself with the "-b"
switch after starting the various programs it watches over, unless the
debug option is set.
* Paranoia, ensure than srv->name is nul terminated., Jedi/Sector One
And more, please see the Changelog file.
|
|
It includes the correct buildlink3.mk file from either Linux-PAM
(security/PAM) or OpenPAM (security/openpam) and eventually will
support solaris-pam. pam.buildlink3.mk will:
* set PAMBASE to the base directory of the PAM files;
* set PAM_TYPE to the PAM implementation used.
There are two variables that can be used to tweak the selection of
the PAM implementation:
PAM_DEFAULT is a user-settable variable whose value is the default
PAM implementation to use.
PAM_ACCEPTED is a package-settable list of PAM implementations
that may be used by the package.
Modify most packages that include PAM/buildlink3.mk to include
pam.buildlink3.mk instead.
|
|
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
|
|
|
|
http://www.marquard.net/jabber/#recommended,
specifically patch 58 which fixes the remote exploit listed at:
http://www.securityfocus.com/archive/1/382250
Patches included:
28* patch-jedi8-sm-object_c
Remove incorrect semicolumn from os_object_free() in sm/object.c
29* patch-jedi-mysql-storage
Fixes to mysql storage for boundary conditions
30* patch-base64
Fix length-related issues in base64 decoding routines
31* patch-sm-storage_db
Fixes to storage_db.c to avoid roster corruption: "sm/storage_db
inserts items in the filter hash table with keys which are located
on the stack. This creates confusion when the code later tries to
compare with these keys."
32* patch-nad-escape
Fixes bug in _nad_escape() where escaping ]]> can cause a segfault
when handling large messages where nad_realloc is called.
38* patch-jedi-pgsql-storage
Fixes to pgsql storage for boundary conditions and incorrect buffer
length calculation
46* patch-memleaks
Fix minor memory leaks in digest-md5 authentication and nad_free()
47* patch-ns-fix
Fixes omission of namespace declaration where a namespace has
already been used in the XML stanza
48* patch-sm-nad-triplet
Fixes omission of prefix on attributes processed by nad_parse (e.g.
in queue storage)
49* patch-mod_disco_publish
Corrects check for deleting previously published disco items from
"delete" to "remove" (as per JEP-0030).
50* patch-sm-filter
Alters filter handling and adds mysql/pgsql escaping on filter
strings to allow brackets and apostrophes in resource names that
form part of JIDs stored as roster entries
58* patch-c2s-buffers
Fixes buffer overflow that can lead to segfault in c2s mysql and
pgsql auth modules - see report by icbm (www.venustech.com.cn)
|
|
to use common option names were possible, so change these instances of
"pam" to "PAM" to match existing usage.
|
|
|
|
so that we'd not force dependance on specific MySQL version, and instead pick
the currently installed mysql*-client (or install the default if there
is no mysql-client package installed yet)
this makes package buildable with arbitrary MySQL version, such as 3.23.x,
4.0.x or 4.1.x
|
|
Changes:
* Fixed race condition allowing c2s to be killed, Stephen Marquard
* Fixed off-by-one bug in s2s/main.c leading to segfault on startup
in some environmentsp
* Fixed memory leak in sm, Michal Kera
* Fixed problem relating to SSL connections not being closed
correctly, Nathan Christiansen
* Fixed 3 problems in mod_announce: (a) NAD freed before use, (b)
struct tm not initialised correctly on some platforms, and (c)
time not initialised for broadcast motd messages delivered to
online users, Stephen Marquard
* Fixed insertion of extra namespace in element in some types of
messages retrieved from offline queue, which causes a parse
error in the router, Matthew Buckett
* Fixed off-by-one bug in PLAIN SASL authentication code. May also
resolve a number of other bugs relating to c2s authentication,
Robert Theisen
* Fixed return value of jid_new() in pkt.c to avoid sm segfault
from dereferencing NULL pointer, triggered by a message with a
to JID of the form "@some.server@", Stephen Marquard
* Avoided adding nads to the cache that are created through
nad_copy(), Stephen Marquard
* Fixed bug in retrieving hash values, Stephen Marquard
* Improved performance of pool cleanup function, Stephen Marquard
* Corrected handling of EMAIL, TEL and ADR/CTRY elements in vcards
for JEP-0054 compliance, Stephen Marquard
* Optimised sm algorithm for announcing presence to skip presence
announcements and probes for users on the same server who are
not online, Stephen Marquard
* Checked that storage drivers are initialised correctly; if not,
abort, Stephen Marquard
* Fixed file descriptor leak in storage_fs
* Allowed c2s to supply a certificate chain to clients, Iain
MacDonnell
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
by default we'll use PKG_OPTIONS.jabberd2?=mysql4 (which is the default
for jabberd2).
|
|
|
|
|
|
|
|
|
|
Changes:
2004-06-25 jabberd 2.0s3
* Fixed several memory leaks and overruns <karsten.petersen@hrz.tu-chemnitz.de>
* Fixed XMPP session replacement [rob]
* Added support for Win32 platforms <peter@cerebus.co.za> [rob]
* Added support for requiring SSL/TLS before auth <deryni@eden.rutgers.edu>
* Added support for LDAPv3 (including channel encryption) [rob]
* Added workaround to make large presence broadcasts more efficient [rob]
* Generate random dialback key if none provided [rob]
* Rewrote configure script (+ many code tweaks to support this) [rob]
* Remove build requirement for Libidn and OpenSSL [rob]
* Removed bundled Libidn due to licensing issues [rob]
* Bugfixes: 3059, 3174, 3343, 3368, 3480, 3481, 3594
|
|
option --enable-debug (which was disabled).
|
|
Since the various jabber daemons need to write their pid files as the
jabberd user, ensure a jabberd owned /var/run/jabberd is created by rc.d files
|
|
|
|
because with the previous way, /etc/rc.d/mouncritlocal removes all the
files/dirs in /var/run every time the machine is rebooted...
from David Brownlee in private email.
|
|
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
|
|
Jabber is an open XML protocol for real-time exchange of messages and
presence notification between any two points on the Internet. The first
application of Jabber technology is an asynchronous, extensible instant
messaging platform, and an IM network that offers functionality similar
to legacy IM systems such as AIM, ICQ, MSN, and Yahoo.
This is a complete rewrite of the original jabberd.
|
