| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Patch provided by Sergey Svishchev in private mail.
|
|
From Sergey Svishchev in private mail.
|
|
worked. But somehow, today it didn't work anymore.
Fixed everything by removing the patch for the Makefile and doing the
whole build command in the package Makefile.
Fixes PR 35786.
|
|
to depend on devel/libnet11. Because the default option had been to use
libnet and now is libnet11, PKGREVISION++.
There are no more PKG_OPTIONS left.
|
|
Bump PKGREVISION for the PLIST change.
|
|
|
|
|
|
|
|
|
|
Added optional minimum-number-of-bytes parameter to --inactive directive.
Added --route-metric option to set a default route metric for --route
Added --lladdr option to specify the link layer (MAC) address
for the tap interface on non-Windows platforms
Security Vulnerability CVE-2006-1629
Extended tun device configure code to support ethernet bridging on NetBSD
Added --port-share option for allowing OpenVPN and HTTPS
server to share the same port number.
Added --management-client option to connect as a client to management GUI app
rather than be connected to as a server.
Added "bytecount" command to management interface.
Added --connect-timeout option to control the timeout on TCP client
connection attempts (doesn't work on all OSes). This patch also
makes OpenVPN signalable during TCP connection attempts.
Allow ca, cert, key, and dh files to be specified inline via XML-like syntax
without needing to reference an explicit file.
Allow plugin and push directives to have multi-line parameter lists
Added connect-retry-max option
Added a backtrack-hardened system time algorithm.
Added --remote-cert-ku, --remote-cert-eku, and
--remote-cert-tls options for verifying certificate attributes
Added PKCS#11 support
Added --bind option for TCP client connections
Made LZO setting pushable
Plus numerous bug fixes.
|
|
and the changes pulled up to all release branches.
|
|
|
|
* src/dynamic-preprocessors/Makefile.am:
* src/dynamic-preprocessors/dcerpc/smb_andx_decode.c:
* src/dynamic-preprocessors/dcerpc/dcerpc.c:
Add bounds checking to ReassembleSMBWriteX; use Safememcpy for calculated
length buffer copies.
|
|
|
|
|
|
- Explictly specify PAM_INSTMODULEDIR with --with-pammodulesdir.
(Now Samba itself install pam modules.)
- Don't install pam modules in post-install process.
|
|
bump PKGREVISION
|
|
bump PKGREVISION
|
|
bump PKGREVISION
|
|
bump PKGREVISION
|
|
|
|
|
|
|
|
|
|
2.6.1 provides new functionality including the following:
* New pattern matcher with a significantly reduced memory footprint
* Introduction of stream5 for experimental use
* Improvements to stream4, including UDP session tracking and optimizations for the reassembly buffer
* Handling for reassembly of SMB fragmented data in DCE/RPC
* An ssh preprocessor for experimental use
* Updated Snort decoder that can decode GRE encapsulated packets
* Output plugin to allow Snort to configure Aruba access control
Snort 2.6.0:
* Tcp stream properly reassembled after failed sequence check, which may lead to possible detection evasion.
* Added configurable stream flushpoints.
* Improved rpc processing.
* Improved portscan detection.
* Improved http request processing and handling of possible evasion cases.
* Improved performance monitoring.
The Snort 2.6 release also introduces the ability to use dynamic rules and dynamic preprocessors and contains further improvements to the Snort detection engine.
Remove snort-{pgsql,mysql,prelude}. The new snort package uses options.mk
to specify build options.
|
|
* Major enhancements to rlm_pap, that make "encryption_scheme"
a think of the past. See "man rlm_pap" for details.
* Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
work-arounds that enable Windows Vista clients to work.
* Added preliminary code to support Firebird.
Use at your own risk!
* Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
platforms.
* Add a new "reply-name" directive in rlm_sqlcounter to define the
name of the reply attribute.
* Added more dictionaries and attributes
* Print ntlm_auth failure reason in Module-Failure-Message
* radsqlrelay is able to get the DB password from a file instead
of command line.
Bug fixes
* Fix a parse error in the digest module, where malformed
digest requests would result in the user being accepted. Oops...
* VALUEs can only be defined for 'integer', to catch mistakes
with setting VALUEs for type 'string'.
* Better parsing of VALUE names, so that values starting with
a digit work correctly.
* Check return from malloc
* Fix a double free() in rlm_eap_tls.c
* Check return code of malloc() during initialization.
* Fix a corner case where the proxy port isn't set either in
radiusd.conf or in proxy.conf.
|
|
new features:
new datagram modes for udp, rawip, unix domain sockets
socat option -T specifies inactivity timeout
rewrote lexical analysis to allow nested socat calls
addresses tcp, udp, tcp-l, udp-l, and rawip now support IPv4 and IPv6
socat options -4, -6 and environment variables SOCAT_DEFAULT_LISTEN_IP,
SOCAT_PREFERRED_RESOLVE_IP for control of protocol selection
addresses ssl, ssl-l, socks, proxy now support IPv4 and IPv6
option protocol-family (pf), esp. for openssl-listen
range option supports IPv6 - syntax: range=[::1/128]
option ipv6-v6only (ipv6only)
new tcp-wrappers options allow-table, deny-table, tcpwrap-etc
FIPS version of OpenSSL can be integrated - initial patch provided by
David Acker. See README.FIPS
support for resolver options res-debug, aaonly, usevc, primary, igntc,
recurse, defnames, stayopen, dnsrch
options for file attributes on advanced filesystems (ext2, ext3,
reiser): secrm, unrm, compr, ext2-sync, immutable, ext2-append, nodump,
ext2-noatime, journal-data etc.
option cool-write controls severeness of write failure (EPIPE, ECONNRESET)
option o-noatime
socat option -lh for hostname in log output
traffic dumping provides packet headers
configure.in became part of distribution
socats unpack directory now has full version, e.g. socat-1.5.0.0/
corrected docu of option verify
corrections:
fixed tcpwrappers integration - initial fix provided by Rudolf Cejka
exec with pipes,stderr produced error
setuid-early was ignored with many address types
some minor corrections
|
|
|
|
the latest version of Samba.
|
|
Samba distribution since version 3.0.23. "mysql" and "pgsql" passdb backends
are now maintained via http://pdbsql.sourceforge.net/ and will have to be
packaged separately.
|
|
|
|
source), from pkgsrc-wip and packaged by iMil.
Csup is a rewrite of CVSup in C.
CVSup(R) is a software for distributing and updating collections of files
accross a network. It can efficiently and accurately mirror all types of files,
including sources, binaries, hard links, symbolic links, and even device nodes.
In addition to being a great general-purpose mirroring tool, CVSup includes
special features and optimizations specifically tailored to CVS repositories.
It is being used as the preferred way to update sources within the FreeBSD,
NetBSD and OpenBSD projects and more.
|
|
2007/02/11: version 2.8.3 = tag release-2-8-3
5734: Update camlzip to version 1.03 (thx to orbit for reporting)
5735: BT: Fix make_torrents to sort dictionary entries alphabetically
Bittornado did not read MLDonkey-made torrents (amadeo)
5737: MinGW: Work-around missing Unix.fstat
- fixes failed removal of torrent files from torrents/[incoming|downloads]
2007/02/06
5719: Unix2: Fix copying files > 1GB (1073741823 bytes),
bug was introduced by patch 5589 after release of 2.8.2
2007/02/04
5724: http_client: Retry GET request if HEAD request returns http error 400
5723: HTML: print tracker errors in html table at 'vd <num>' (Schlumpf)
5722: HTML: use Printf2.html_mods_cntr () for table row classes (Schlumpf)
5720: Swarmer: block choice algorithm 2 from patch 5141 is new default
- remove swarming_block_selection_algorithm = 1
because it finishes chunks too slowly
- remove swarming_block_selection_algorithm = 3 from TripleM
because it uses too much CPU power.
- remove option swarming_block_selection_algorithm, hard-coded default is now 2
- remove option block_switching, hard-coded default is now true
2007/01/30
5717: Optimize function print_command_result
2007/01/28
5715: Improve porttest (Schlumpf)
- use 'porttest' command to start the network porttest the first time,
after this to see the results
- new command 'force_porttest' to force an new porttest
- improve html porttest output and make it also available in telnet
5716: EDK: Do not send share list to servers with state Connecting
5713: HTML: show messages link in vd clickable (Schlumpf)
2007/01/25
5712: Multiuser: New verbosity "com" to log commands by non-admin users
5711: Multiuser: Block commands preferred, bs, bp, port for non-admin users
5642: Swarmer: swarming_block_selection_algorithm = 3 (TripleM)
- this new algorithm select always the rarest choice, if average availability
is below 5, or one choice_availability is below average availability
- added a hashtable to store blockmaps of uploaders for a given swarmer
- long term memory usage has to be observed
5710: Swarmer: Fix chunk propagation (pango)
2007/01/21
5693: "voo changed" prints changed options only, useful for support (Schlumpf)
5698: EDK: fix display of porttest result images (Schlumpf)
5699: Multiuser: Fix wrong file path (user_commit_dir) in notification mail
5695: Command "set": better error text if option does not exist
5694: Fix small typo in buildinfo
2007/01/17
5673: New core start parameter: -useradd "user pass", needed for Debian package
5678: New options for command force_web_infos: kind/URL (thx to Schlumpf)
2007/01/15
5691: EDK: Recognize compatibleclient 60: IMPmule (imp-project.net)
5689: EDK: Log downloading file name when client disconnects
5684: GUI: Fix build of mlprogress (Alt linux)
5677: Options: New concept of option types, fix non-admin Sancho http preview
2007/01/11
5665: EDK: Support compressed upload, implement file read cache (TripleM)
new options:
- ED2K_upload_compression to enable compressed upload, default true
- ED2K_upload_compression_threshold, default 2000 bytes
Size difference in bytes between one zone (180 kBytes) and its compressed
counterpart, which has to occure, to send compressed parts instead of plain.
- ED2K_upload_compression_level, Zlib compression level, default 9
- ED2K_upload_compression_table_size, default 20
5669: HTML: Add HTML headers to prohibit browser-side caching (Schlumpf)
5671: Configure: Fix question whether to compile lablgtk, same as patch 5401
5675: Updated Mozilla protocol handler to version 1.10
2007/01/08
5666: New option upload_complete_chunks (TripleM)
- default false, if true, each client is allowed to complete only one chunk,
independent, if it is empty or partial. this setting overrides
upload_full_chunks and dynamic_upload_lifetime, but is, as a failsafe,
limited by upload_lifetime (should be set reasonable high)
5664: EDK: Avoid uploading data more than due
to eMules rotating block requests (pango)
5596: EDK: New option upload_full_chunks (thx to TripleM)
- If the new option upload_full_chunks is set to true, each client is
allowed to receive one chunk, this setting overrides upload_lifetime.
Well, not exactly one chunk. eMule has this code in opcode.h:
#define SESSIONMAXTRANS (PARTSIZE+20*1024) //
"Try to send complete chunks" always sends this amount of data
MLdonkey now does the same, if upload_full_chunks is true and client A got
9728000+20*1024 bytes during the current session its upload slot will be
revoked unless pending slots are empty.
5619: EDK: Print network specific infos in command "vc <num>",
remove unneeded fields from client structures
5627: commonHasher: fix wrong arg types from several functions (Schlumpf)
5626: MinGW: fix missing declarations and wrong pointer
initialization in stubs_c.c (Schlumpf)
2007/01/06
5599: EDK: Support for files >4GB (TripleM, pango)
- this patch does not include >4GB support for Kademlia
5660: Swarming: Enable wrongly disabled select block memoization (pango)
5659: GD: Fix wrong months display (skeeve)
2006/12/08
5617: New option share_scan_interval
- how often (in minutes) should MLDonkey scan all shared directories
for new/removed files, default one minute
- on slow machines raise the interval to a higher value to reduce CPU load
- to force a re-scan of shared directories use command "reshare"
2006/12/06
5613: Another longhelp cleanup (anhi)
5615: EDK: Parse more fields from server.met files
2006/12/04
5612: EDK: OP_HELLO tag 0x75, print os_info in logfile
2006/12/03
5602: HTML: Display share status in upstats
5609: New field type Field_KNOWN, EDK: recognize more HELLO/EmuleInfo tags
5610: CommonSources: Cleanups and reformatting the code (pango)
2006/12/02
5608: Multiuser, chgrp: Prevent change of file_group to None
if the user is not file_owner
5607: Multiuser, chown: Change file_group to user_default_group
if the new user is not member of file_group
5606: Introduce display of session transfer values
- new columns for session up-/download
- send session values to GUIs
2006/12/01
5605: HTML: Fix search list display when html_checkbox_search_file_list = true
2006/11/29
5598: Remove use of deprecated sort module, remove unused sort2.ml* (pango)
5589: New option create_file_mode,
rename create_dir_mask to create_dir_mode (pango)
5595: EDK: Fully parse emule_miscoptions1/2
5594: EDK: If update_server_list_client true, add yet unknown server
of lowid clients
|
|
Fixed pkglint warnings.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* make cfgmaker detect broken snmpv1 counters more reliably
* latest Net_SNMP_util.pm with many small fixes
* more cfgmaker smarts and documentation for snmpv3
* be happy even if no threshmail sending is configured
* add install target for traffic-summer
* fix mrtg-traffic-sum default catch expression to be in sync with docs
|
|
Major changes since version 3.0.22:
- CVE-2007-0452 (Potential Denial of Service bug in smbd)
- CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
NSS library on Solaris)
- CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)
- Stability fixes for winbindd
- Portability fixes on FreeBSD and Solaris operating systems.
- Authentication failures in pam_winbind when the AD domain
policy is set to not expire passwords.
- Authorization failures when using smb.conf options such
as "valid users" with the smbpasswd passdb backend.
- Ambiguity with unqualified names in smb.conf parameters
such as "force user" and "valid users".
- Errors in 'net ads join' caused by bad IP address in the list
of domain controllers.
- SMB signing errors in the client and server code.
- Domain join failures when using smbpasswd on a Samba PDC.
- Failure to strip the domain name from groups when 'winbind
use default domain = yes'
- Failure in pam_winbind to correctly parse arguments.
- Bad token creation of local users on member servers not
running winbindd.
- Failure to add users or groups to ACLs using the Windows
object picker.
- Failure in file serving code when 'kernel oplocks = yes'.
- New "createupn" option to "net ads join"
- Rewritten Kerberos keytab generation when 'use kerberos
keytab = yes'
- Improved 'make test'
- New offline mode in winbindd.
- New Kerberos support for pam_winbind.so.
- New handling of unmapped users and groups.
- New non-root share management tools.
- Improved support for local and BUILTIN groups.
- Winbind IDMAP integration with RFC2307 schema objects supported
by Windows 2003 R2.
- Rewritten 'net ads join' to mimic Windows XP without requiring
administrative rights to join a domain.
|
|
|
|
changes: bugfixes (thread termination failure, crashes)
|
|
wireshark maintainers.
|
|
line numbers into generated ".c" files. The GCC 3.3.3 distributed with
NetBSD-i386 3.3.1 can now build this package without problems.
|
|
|
|
|
|
libnet 1.20 -- Fri Feb 2 19:42:51 CST 2007
Bug Fixes
* Fixed incorrect handling of CRLF that straddled two blocks
* Fix bug in response() which was too liberal in what it thought was a response line
* Silence uninitialized value warnings in Net::Cmd during testing on Win32
* Documentations typos and updates
Enhancements
* Added support for ORCPT into Net::SMTP
* Support for servers that expect the USER command in upper or lower case. Try USER
first then try user if that fails
|
|
|
