Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
* Fix SIGHUP signal handling (again).
* Fix deadlock if Miredo fails to start.
|
|
installed in the same directory where miredo looks for them.
|
|
|
|
|
|
* Fix crash in client more (regression from 1.1.6).
* Thread-safety fixes (with regards to sigaction and strerror).
* Incomplete ISATAP support removed.
In the mean time, proper support was added within the Linux kernel.
* Fix server link-local address, compatibility with Vista clients.
* Fix SIGHUP signal handling.
* Fix compiling on MacOS X and/or without libJudy.
* Fix unlikely race condition in Teredo maintenance procedure setup.
* Fix Teredo address randomization (reachability problems).
* Better debug messages.
* Allow GNU General Public License version 3 (and would be later).
* Fix filtering error within miredo-server (regression from 1.1.0).
* Fix fatal padding mistake on old ABI ARM achitecture.
* Remove NAT type determination:
Miredo now runs behind any type of NAT. However, connectivity might
be severely degraded behind the worst devices, such as symmetric NATs.
* Add 12 bits of randomness to Teredo client address:
Teredo addresses are less predictible, which should enhance host
protection against network scanning.
* Remove brittle and battery-unfriendly "autoclient" mode:
Proper default IPv6 source address selection (RFC3484) implementation
would address most of the use cases for this, as well as other issues.
If that is not sufficient, an external connection management system
is anyway needed to start/stop Miredo when appropriate.
* Restore "cone" RelayType:
All relays should use it, as it improves support for some kinds of
(pretty broken but nevertheless deployed) NAT devices.
* Use a hook shell script for client interface configuration.
* Add a bunch of debug messages to debug builds.
* Rewrite clock subsystem to avoid polling when idle (battery savings).
|
|
|
|
Bump PKGREVISION.
And this package is DESTDIR ready.
|
|
|
|
|
|
From Sergey Svishchev in private mail.
|
|
===========================================================================
STABLE RELEASE 1.0.6 : Major bug fixes
# Fix support for Teredo peers behind symmetric NATs (bug from 0.9.8).
This could probably be used to spoof a Teredo clients.
# MacOS X compilation fix.
===========================================================================
STABLE RELEASE 1.0.5 : Major bug fixes
# Fix issues with timer and compiler optimizations (bug from 0.9.4).
# Increase ping test hop limit:
Some IPv6 native nodes could not be reached otherwise.
# Increase HMAC secret size from 64 to 128 bits.
# Fix filtering of packets with link-local source address (bug from 0.4.0).
# Various fixes to the experimental ISATAP daemon.
============================================================================
STABLE RELEASE 1.0.4 : Major bug fix
# Fix packet storm with Teredo client behind symmetric NATs.
============================================================================
STABLE RELEASE 1.0.3 : Minor feature enhancement
# Work-around for compatibility with Microsoft Teredo servers.
# Better detection of symmetric NATs and access network changes.
# Limit spamming of syslog.
============================================================================
STABLE RELEASE 1.0.2 : Minor portability and bug fixes
# Several portability and minor/impossible bug fixes (see ChangeLog).
============================================================================
STABLE RELEASE 1.0.1 : Minor portability fixes
# Install configuration file samples into a dedicated directory.
# Build fixes (libteredo would not link on Mac OS X).
|
|
|
|
(extra ones in PKG_SYSCONFDIR).
ok <rpaulo>
|
|
============================================================================
RELEASE CANDIDATE 0.9.9 : Minor portability fixes
# NetBSD 4 build fixes.
============================================================================
RELEASE CANDIDATE 0.9.8 : Major feature enhancements, major security fixes
# Support interacting with Teredo clients behind symmetric NATs.
# Fix multiple problems with HMAC/ping authentication of non-Teredo nodes.
# Increase timestamp wrap time from 18 hours to 70 years to avoid replay
attacks against authentication tokens.
# Allow Router Advertisement through the ISATAP tunnel (untested).
isatapd remain very experimental, particular client-side.
Someone ought to make a clean kernel implementation instead.
# Use HMAC instead of random nonces in Teredo clients.
=============================================================================
BETA RELEASE 0.9.7 : Major security fixes
# Fix infinite UDP packet forwarding loop in Teredo server (MTFL-SA 0603).
=============================================================================
BETA RELEASE 0.9.6 : Major compatibility fixes
# Lots of portability fixes, mostly for FreeBSD and the likes.
# Removed some dead code.
# Provide teredo-mire by default.
# Print more helpful error message for some common BSD tunneling issues.
=============================================================================
BETA RELEASE 0.9.5 : Major features enhancement, major bug fixes
# Removed too brittle cone NAT support. As a side effect, miredo is much
faster to startup in client mode in most cases.
# Fix server-side handling of Windows Vista client solicitations.
# Removed the IgnoreConeBit configure option. The cone bit is now always
ignored (this was the default ever since the introduction of that option).
=============================================================================
BETA RELEASE 0.9.4 : Major features enhancement
# More refined system clock usage brings about 30% performance boost.
=============================================================================
BETA RELEASE 0.9.3 : Major features enhancement, major bug fixes
# Use dedicated thread for packets transmission and reception. Miredo
should now leverage dual-process, dual-core and SMT systems.
# Receive to-be-decapsulated and to-be-encapsulated packets in blocking
mode; this improves performance by about 10% on Linux.
# Use the POSIX monotonic clock for maintenance procedure and “exclusive”
mode watch if POSIX monotonic clock and clock selection are available.
# Minor optimizations to the most stressed code paths.
# Suppress spurious 4-seconds delay when waiting for “symmetric” probes.
# Minimalistic support for ISATAP client in ISATAPd.
# Ignore invalid Router Advertisements properly.
# Drop incoming multicast traffic as a precautionary measure.
# Truncate PID file properly when updating it.
# Fix deadlocks and spurious exits upon some signals (such as SIGCONT).
# Fix deadlock when Teredo server DNS hostname resolution fails.
# Handle would-be “spurious wakeups” properly.
# Fix IPv4 global unicast access-list.
# Fix SO_REUSEADDR socket option usage.
# Use C99 restrict keyword at sensible places for compiler optimization.
# Portability fixes for DragonFly BSD.
# Work-around for some uClibc POSIX defines insanity.
# Got rid of all C++ code.
# Renamed libteredo-mire to teredo-mire for consistency.
# Leverage newer autoconf macros.
# Fix encoding of non-ASCII characters in manual pages.
# Work-around for platforms that can't rename tunnel network interface.
# Build libmiredo dynamically to reduce global code size.
# Fix inclusion of non-PIC code into shared libraries.
(Unstable version 0.9.3 includes all fixes from stable version 0.8.5)
=============================================================================
BETA RELEASE 0.9.1 : Major features enhancement
# Created and referenced a developper mailing list: <miredo-devel at
remlab.net>. Send a mail with subject “subscribe” to <miredo-devel-request
at remlab.net> to subscribe.
# Added isatap, an ISATAP router based on libtun6 and miredo.
After careful IETF IPR claim check, it seems ISATAP can be freely
implemented anyway.
# Working support for Mac OS X:
- work-around overly long closefrom() replacement,
- work-around tuntap for OS X spurious initialization error.
- add required defines for pthread to work properly.
# Added libteredo-miredo, an undocumented Teredo “test card”.
# Improve miredo-checkconf semantics.
# Multi-threaded libteredo, and finer grained locking.
# Fix initialization in libteredo sometimes causing a crash at startup.
# Fix race condition in libteredo-list unit test.
# Fix _impossible_ overflow of FD_SET().
(Unstable version 0.9.1 includes all fixes from stable version 0.8.4)
|
|
and fix net/if_var.h test as well.
|
|
|
|
Changes include the fix for this security problem:
http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en
and the additon of most pkgsrc patches.
|
|
|
|
|
|
|
|
pthread_barrier_* is currently not implemented. Add USE_LIBTOOL.
Don't depend on EPROTO declaration.
|
|
NetBSD <= 3 and Interix (should work on other systems).
|
|
"Teredo: Tunneling IPv6 over UDP through NATs" Internet proposed
standard (RFC 4380). It can provide either client or relay
functionality. A separate program, miredo-server is also included in
the package; it consists of a Teredo server.
Miredo can be used to provide IPv6 connectivity to users behind NAT
which do not support IPv6, and not even proto-41 forwarding. For this
to work, users need to have a Teredo client running on their system.
That can be Miredo itself on Linux/FreeBSD/OpenBSD/NetBSD.
--
Will (maybe) only work on NetBSD-current of an hour ago.
Thanks to Hubert and Amitai for help with this one.
|