| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
DTRT.
|
|
|
|
|
|
l2tpd is a user-space L2TP daemon. L2TP is the Layer Two Tunneling
Protocol described in RFC 2661. It allows you to tunnel PPP sessions
over a network or transport protocol (in this case, UDP.)
Part of the l2tp code is implemented in the l2tpd program, and part of
it is implemented as "handlers". A handler is a shared-object library
which is dynamically linked into l2tpd at run-time using the
"load-handler" configuration directive.
Although the handlers included with this package (sync-pppd and cmd)
are licensed under the GPL, as a special exception, you may write your
own handlers which link to code in this package and not release them
under the GPL. There may be other reasons why your handlers must
be released under the GPL (for example, they may link with other GPL'd
code), but in the absence of other reasons, you may keep your handlers
proprietary.
|
|
|
|
Changes:
* Version 1.0.17a:
+ An old standing issue has been fixed : ungracefully aborted transfers
caused the session to exit without removing ftpwho entry and atomic
files. This fix also speeds up ftpwho and peruserlimit.
* Version 1.0.17:
+ The SSL certificate file can now be changed through a new configuration
switch, --with-certfile. It doesn't depend on sysconfdir any more and it
defaults to the original location : /etc/ssl/private/pure-ftpd.pem.
+ Shadowed NIS accounts and MacOS X Panther system accounts are now
processed by the pure-pwconvert tool.
+ The server doesn't reject users any more on Linux when capabilities are
used.
+ The documentation has been improved (man pages, README, FAQ, typos).
+ Optimizations have been made.
+ SO_REUSEPORT is now used on FreeBSD to always bind the ftp-data port.
+ SSL-related error messages are now more explicit.
+ The SITE TIME command has been implemented.
+ The sample PAM configuration file has been rewritten.
+ A logfile parser has been added to the contribs.
+ MacOS X Panther specific instructions have been added.
+ Upload is now atomic. A file is uploaded with a temporary name and it
gets its final name only once the upload has been completed. If a file
already exists with the same name, the content can be preserved until the
new content has been fully transfered (using the new --notruncate run-time
switch).
Web servers will no more serve partially transfered files during uploads.
The new handling of uploads also limits the races in virtual quota
handling.
* Version 1.0.16c:
+ The PAM backend and the CGI mode were accidentally broken in version
1.0.16b. This version fixes both issues.
+ The Norwegian translation has been updated.
* Version 1.0.16b:
+ The server now properly compiles with SSL/TLS on RedHat 9 systems.
+ pure-ftpwho now outputs nice-looking XHTML 1.1 conformant code, an XSS
issue has been fixed and the local host name is now properly displayed in
verbose mode.
+ The path to SSL certificates now follows the --sysconfdir prefix.
+ Minor optimizations have been made.
+ IPv4 and IPv6 addresses will now listen for connections even
without the -4 switch on NetBSD and FreeBSD.
|
|
|
|
Changes:
0.6.b 20030710
+ Plugins now works with GTK+ interface
+ Updated the passive OS fingerprint database (1279 records)
!! Fixed internal refreshing (for huge traffic loads)
!! Fixed wifi-dump support
!! Fixed doppleganger re-arp
!! Fixed a problem with signed char under mac G3
!! Fixed some possible buffer overflows
0.6.a 20030507
+ Buffered Data Connections (only for ncurses)
+ New Sniffing method (Port Stealing)
+ Updated the passive OS fingerprint database (1189 records)
+ enhanced smb dissector
+ enhanced troll plugin against request caching
+ NEW PLUGIN: Confusion,Hunter, SMB suite
+ partial wifi-dump support (experimental)
!! Fixed demonization problem
!! Fixed StateMachine problem
!! a bouch of bug fix
|
|
s/netbsd.org/NetBSD.org/
|
|
|
|
|
|
* Improved portability to Tru64, IRIX, and other LP64 platforms.
(Inbuilt ls works on IRIX now. Thanks to Onno van der Linden
for highlighting the underlying issue!)
* License updates on third party code.
* Update fts(3) code to include fix for possible race condition.
|
|
|
|
|
|
Changes:
o Fix sound support.
o Fixes, translations, remove compact mode,
move support to rdesktop 1.3.
|
|
Changes since 0.7.5:
0.9.0 - fix range of MaxCPE (1-254)
- add support for Win32 with Cygwin
- fix ReAuthTimeout upper limit (30)
- add script to generate HTML help from
the symbol table
- add NSIS packaging script for Win32
- added configure script, re-organized stuff
- source code clean-up
0.8.8 02/07/03 - fix handling of label-hinted suffix to OIDs
evvolve - check for string length overflow while parsing
- added mibs to distribution
- change SNMPv3* labels to SNMP*
- add Docsis20Enable configuration setting
- complete support for SnmpV3NotificationReceiver
Many thanks to Rudy Zijlstra for pointing out a few bugs.
0.8.7 20/6/03 - fix bug with encoding HexStrings with trailing zeros
Ronald Rosenfeld - fix double declaration of symbol T_MAC
- add support for negative integers
evvolve - change -lcrypto to -lcrypt to make default
more "mainstream".
- add support for ASN_GAUGE encodings
- fix VendorSpecific decoding
- print label as comment for enums
Many thanks to Ronald Rosenfeld for sending in three patches.
0.8.6 31/05/03 - add support for SNMPv3Kickstart and
evvolve partial support for SNMPv3 Notification Receiver
- fix compilation warnings
- add support for PHS Rule (untested)
- cleanup indexes in docsis_symtable.h
- add regression test script
0.8.4 10/05/03 - fixed SNMP handling ... hopefully for the last time :)
evvolve - fixed Solaris support
ctrl - added support for VendorSpecific TLVs
0.8.2 30/01/03 - Integrated fixes from Adrian Kwong and Cornel.
evvolve - Updated OID format to accept "-" and "_" in labels
ctrl - We can now encode decoded files directly !
akwong (thanks to help from Adrian Kwong)
- MIB output format changed.
- NET-SNMP 5.x support.
- Dropped support for ucd-snmp.
- Made SNMP decoding smarter - i.e. output OID
suffix only; but switch to full-OID output
if MIBs are not installed.
- Hacked support for encoding MTA configuration files.
- Added support for Vendor Specific info.
- Worked around string formatting issues in NET-SNMP.
- Added indent functionality.
Update provided by Simas Mockevicius (the new maintainer) in private
mail, with some changes by me.
|
|
* Added IPv6 support (pkg/23769 by Adrian Portelli)
|
|
|
|
in either AF_INET or AF_INET6 domains. It is built upon the IO::Socket
interface and inherits all the methods defined by IO::Socket.
|
|
* Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities
other than "public" can be used too.
* Error out on superflous command line args (optind >= argc)
* Encrypt CHAP-Password in radclient so that CHAP can be tested too
* Add "wildcard" option to realms - if you set this option, you can
match on the entire username using shell wildcards in the realms file.
* If the nastype in /etc/raddb/naslist is set to 'none' for a nas,
logins on that nas will have no simultaneous use restrictions imposed
and those logins will not count towards the total amount of logins.
* Removed 'raduse' and manpage.
* Can disable radutmp with "-u none" (likewise radwtmp with "-W none",
though we already had "-w" for that).
* Call checkrad with an extra argument, the framed IP address.
* Fix bug where $INCLUDEing a file without any records would
cause the rest of the original file to be ignored
* Support for 64-bit wide integers (integer8 type). If compiled with
gcc, users file can contain both hex and decimal 64-bit values,
and 64-bit values are printed in decimal. With other compilers
(no "long long" support) only hex 64-bit values are supported.
* Change "_" to "-" in dictionary.redback and change the 64 bits
values to integer8.
* Moved the dictionary files to /usr/local/share/radius. Now
only /etc/raddb/dictionary remains that $INCLUDES all the others.
For new installs only; existing installations won't be changed
* Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in
make_wtmp() unsigned (%u), otherwise the sprintf could in some cases
(negative NAS-Port, very long NAS-name) overrun the buffer by one
byte, overwriting the least significant byte of the return address
on the stack with a \0. Not sure if this is exploitable or not,
but it could be a security problem.
* Make sure ut.login (struct radutmp member) is treated everywhere
as a NON-zero terminated string.
* Make sure unsigned integers are used in all places using lvalues
(32 bits radius values), especially nas_port.
* radrelay: update id of packet when retransmitting.
* Print an error and free the request struct if we receive an unknown
packet type.
* rad_check_multi: if username/NAS/port match, don't count as dup.
|
|
|
|
Patch provided by Adrian Portelli in PR 23764
From the CHANGELOG:
2003-10-28 Hajimu UMEMOTO <ume@mahoroba.org>
* Bump version number to 0.12.
* Socket6.pm: Mention that getipnodeby*() was deprecated in
RFC3493.
2001-09-20 Hajimu UMEMOTO <ume@mahoroba.org>
* getaddrinfo.c (getaddrinfo): Correct AI_PASSIVE parsing bug.
2001-09-18 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm: Bump version number to 0.11.
* getaddrinfo.c (getaddrinfo), gai.h: Add support of AI_NUMERICHOST.
* getnameinfo.c (getnameinfo): Use socklen_t rather than size_t.
* getnameinfo.c (getnameinfo): Fix buffer overflow problem.
2001-09-17 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm, Socket6.xs, config.h.in, configure.in: Add glue
functions for getipnodeby*() and gai_strerror().
* Socket6.xs: inet_pton() should work as it is.
* Socket6.xs: Better documentation of inet_pton() and inet_ntop().
* Socket6.pm: Description was filled.
* Socket6.pm, Socket6.xs: Return an error message string if
getaddrinfo() fails.
2001-03-27 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm: Bump version number to 0.10.
* Socket6.xs: Make compilable under OpenBSD. Though OpenBSD has
KAME, OpenBSD doesn't have netinet6/ipsec.h.
2001-03-21 Hajimu UMEMOTO <ume@mahoroba.org>
* Socket6.pm: Bump version number to 0.09.
* aclocal.m4 (IPv6_CHECK_FUNC): There is getaddrinfo(3) in
libsocket under Solaris8.
|
|
Patch provided by Min Sik Kim in PR 23772
Changes since 2.4.0:
- Not disable deprecations by default.
- Fix a crash when debugging a program not in the path. Fix #115147
|
|
after changes to the ARIN whois response.
Bump PKGREVISION
|
|
* Updated protocols
* Few new protocols
* Bug fixes
|
|
Many bugfixes were solved. Review Changelog to see a full list of changes.
|
|
ORBit2-2.8.0
* bug fixes
+ sequence_concat helper (Frank)
+ corbaloc fixes (Frank)
ORBit2-2.7.6
* bug fixes
+ try_connection deadlock (Michael, Padraig O'Briain)
+ shutdown_orb fd leak (Michael, Morten Welinder)
+ don't export libIDL strangely (Michael, Morten)
* featurelets
+ define file specific foo in idlcompile (James H)
ORBit2-2.7.5
* bug fixes
+ cmdline option parsing (Michael)
+ idl-compiler stderr fixes (Dan Winship)
+ object key hashing fix (Frank Rehberger)
+ ~always enable thread-safety (Michael)
+ parallel build fixes (Michael)
+ _is_a fixes for in-proc + transient poa (Michael)
* featurelets
+ RootPOA/POACurrent set guards (Frank)
+ corbaloc support (Frank)
+ more regression tests (Michael, Frank)
ORBit2-2.7.3
* bug fixes
+ vicious union discriminator issue (Brian Cameron)
+ non_existent / try_connection fix (Michael)
+ 'broken' emission at idle (Michael, George Lebl)
+ DynAnyFactory registration (Michael)
+ no longer explicitely "entering a wold of pain"
+ ORBit_sequence fixes (Frank Rehberger)
+ linc source fix (Padraig O'Briain)
+ gthread linkage fix (Michael)
+ struct/union leakage on exceptions (Frank)
* featurelets
+ improved regression tests (Michael, Frank, Bowie Owens)
+ lots of documentation improvements (Gustavo Carneiro)
+ -ORBInitRef, -ORBNamingIOR (Frank)
ORBit2-2.7.2
* bug fixes
+ fixed docs build (Gustavo Varneiro)
+ thread pool fix (Alex)
+ build fixes (Waschk, oGalaxy, Michael)
* features (Michael)
+ vastly improved thread safety (& Alex)
+ improved regression tests
+ much improved ABI
+ implemented POA thread policies
+ client side re-enterancy guard policies
+ internalized linc as 'linc2/link'
+ in-proc cross-thread invocation
+ poa copying API
ORBit2-2.7.1
* bug fixes
+ tail align fix (Herbert Valerio Riedel)
+ request ID fix (Herbert)
+ thread hint fix (Gustavo Carneiro)
+ build fixes (Richard Kinder)
+ packed type marshal fix (Michael Haubenwallner)
+ purifing mode fixes (Michael)
+ use g_get_tmp_dir (Michael)
* features
+ much improved thread safey (Michael)
+ improved tests (Michael)
+ locate request impl. (Herbert)
+ GIOP cleans (Herbert)
+ configurable init msg limit (Michael)
+ cygwin support (Masahiro Sakai)
+ code cleans (Richard Kinder)
|
|
* much improved threading (Michael)
* much improved docs (Gustavo Carneiro)
* cygwin support (Masahiro Sakai)
* Unix socket length fix (Masahiro)
* OSF/1 True64 support (mmokrejs)
While here, enable OpenSSL support.
|
|
overflow vulnerability in the HTML parser code affecting "ls" command on
malicious HTTP server.
See http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html
Version 2.6.10 - 2003-12-11
* security fixes in html parsing code.
* fxp between ftps session is now possible (unencrypted yet).
* fixed a rare bug with access to freed memory in ftp.
* fixed a bug in mirror, now it does not incorrectly append directory name
when target directory is the root.
* fixed compilation on AIX.
* Polish translation updated.
|
|
Changes:
5.1.0 (2003-11-09)
* GNU TLS support (alternative to OpenSSL),
* Small licence change,
* Portability fixes (MacOS X)
5.0.1 (2002-11-04)
* Small bug fixes,
* Better error messages with invalid options
5.0.0 (2002-10-11)
* Now uses getnameinfo/getaddrinfo. Two consequences:
- you can compile only on a recent Unix
- you have IPv6 support
* With -v, now able to separate kernel (TCP) and application latency
* Now displays the standard deviation for repeated tests. Warning:
this may break some scripts which parse the output of echoping.
4.2.0 (2001-03-16)
* New -a and -A options to control the proxy/cache (disable caching).
Fixes bug/wish #232324
* Support for microsecond wait (uses usleep)
* New option (-p) to set socket priority (Linux only)
* New option (-P) to set IP Type of Service octet
* Bug fixes: #230384 (SSL records are different from text lines)
|
|
Changes:
o More translation files
o bugfixes, etc.
Review Changelog for a complete list of changes.
|
|
|
|
|
|
Changes since 0.40:
*** 0.42 October 26, 2003
Fixed compilation problems on panther (Mac OS 10.3).
Fixed a bug in Net::DNS::Resolver::Recurse which allowed an endless
loop to arise in certain situations. (cpan #3969, patch
by Rob Brown)
Applied Mike Mitchell's patch implementing a presistant UDP socket.
See the Net::DNS::Resolver documentation for details.
*** 0.41 October 3, 2003
Added some documentation about modifying the behavior of Net::DNS::Resolver.
** 0.40_01 September 26, 2003
Fixed some uninitialized value warnings when running under windows.
Fixed a bug in the test suite that caused 00-version.t to fail with
certain versions of ExtUtils::MakeMaker. Thanks to David James, Jos
Boumans and others for reporting it.
Reply handlers in Net::DNS::Nameserver are now passed the peerhost.
(Assen Totin <assen@online.bg>)
Reply handlers in Net::DNS::Nameserver can now tweak the header bits
that the nameserver returns. [Olaf]
The AD header bit is now documented, and twiddleable. [Olaf]
The change log has been trimmed, entries for versions older than 0.21
have been removed.
** NOTICE **
Net::DNS::Resolver::axfr_old() has been removed from the package.
An exception will be thrown if you attempt to use this method. Use
axfr() or axfr_start() instead.
|
|
Notable changes:
* portability fixes for Darwin/Tru64.
* license updates
* version format change
|
|
Various changes, including:
* forbid mget of filenames that aren't in or below the local cwd.
* improve auto-fetch transfers
* improve www/proxy authentication support
* improve http response header parsing
* change UCB-licensed code from 4-clause to 3-clause
|
|
|
|
Changes:
o Don't install linc-cleanup-sockets (Michael)
o Unix socket length fix (Masahiro)
|
|
|
|
* Wget 1.9.1 is a bugfix release with no user-visible changes.
* Changes in Wget 1.9.
** It is now possible to specify that POST method be used for HTTP
requests. For example, `wget --post-data="id=foo&data=bar" URL' will
send a POST request with the specified contents.
** IPv6 support is available, although it's still experimental.
** The `--timeout' option now also affects DNS lookup and establishing
the TCP connection. Previously it only affected reading and writing
data. Those three timeouts can be set separately using
`--dns-timeout', `--connection-timeout', and `--read-timeout',
respectively.
** Download speed shown by the progress bar is based on the data
recently read, rather than the average speed of the entire download.
The ETA projection is still based on the overall average.
** It is now possible to connect to FTP servers through FWTK
firewalls. Set ftp_proxy to an FTP URL, and Wget will automatically
log on to the proxy as "username@host".
** The new option `--retry-connrefused' makes Wget retry downloads
even in the face of refused connections, which are otherwise
considered a fatal error.
** The new option `--dns-cache=off' may be used to prevent Wget from
caching DNS lookups.
** Wget no longer escapes characters in local file names based on
whether they're appropriate in URLs. Escaping can still occur for
nonprintable characters or for '/', but no longer for frequent
characters such as space. You can use the new option
--restrict-file-names to relax or strengthen these rules, which can be
useful if you dislike the default or if you're downloading to
non-native partitions.
** Handling of HTML comments has been dumbed down to conform to what
users expect and other browsers do: instead of being treated as SGML
declaration, a comment is terminated at the first occurrence of "-->".
Use `--strict-comments' to revert to the old behavior.
** Wget now correctly handles relative URIs that begin with "//", such
as "//img.foo.com/foo.jpg".
** Boolean options in `.wgetrc' and on the command line now accept
values "yes" and "no" along with the traditional "on" and "off".
** It is now possible to specify decimal values for timeouts, waiting
periods, and download rate. For instance, `--wait=0.5' now works as
expected, as does `--dns-timeout=0.5' and even `--limit-rate=2.5k'.
|
|
|
|
|
|
* bug fixes
|
|
* lots of bug fixes
|
|
|
|
|
|
Recht.
Libsoup is an HTTP library implementation in C. It was originally part
of a SOAP (Simple Object Access Protocol) implementation called Soup, but
the SOAP and non-SOAP parts have now been split into separate packages.
libsoup uses the Glib main loop and is designed to work well with GTK
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the Gtk+ programming model (a synchronous operation mode is also
supported for those who want it).
Features:
* Completely Asynchronous
* Connection cache
* HTTP chunked transfer support
* HTTP, SOCKS4, and SOCKS5 authenticated proxy support
* SSL Support using OpenSSL or GnuTLS
* Client support for Digest, NTLM, and Basic authentication
* HTTP server
* Server support for Digest and Basic authentication
|
|
|
|
Netcat is a featured networking utility which reads and writes data across
network connections, using the TCP/IP protocol.
It is designed to be a reliable "back-end" tool that can be used directly
or easily driven by other programs and scripts. At the same time, it is a
feature-rich network debugging and exploration tool, since it can create
almost any kind of connection you would need and has several interesting
built-in capabilities.
This package was provided by Adrian Portelli via pkgsrc-wip.
|
