| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
in PR pkg/9532.
|
|
Fixes and tidies up HTML files
|
|
|
|
Problem reportd by Brian Stark in private e-mail.
|
|
|
|
|
|
bug fixes and changes from 2.8.2. A few visible ones:
* update documentation to reflect move from sol.slcc.edu to lynx.isc.org
-PG
* add FTP_PASSIVE option to lynx.cfg, allowing installer to defer decision
of whether lynx uses passive ftp connection (adapted from patch by
Bernhard Rosenkraenzer <bero@redhat.de>) -TD
* change configure script defaults for --enable-persistent-cookies and
--enable-alt-bindings to 'yes' -TD
[For persistent cookies, PERSISTENT_COOKIES:TRUE must be set in lynx.cfg.]
This package applies the latest moxienet patch to support `https' URI's,
utilizing openssl-0.9.4. (Closes PR pkg/7288.) Also, garbage collects
PASSIVE_FETCH--it's now a run time option, and installs all doc's and help
files, including sample lynx.cfg, into ${LOCALBASE}/share/lynx. (Active
config is still ${LOCALBASE}/etc/lynx.cfg.)
|
|
compiled for the update "png" package depend on it.
|
|
- The analog home page has moved to www.analog.cx
- New column d in non-time reports.
- The RUNTIME command now turns off the "Program started at" line as well as
the "Running Time" line.
- Non-alphanumeric characters are now allowed in the REPORTORDER as separators.
- Correctly parses more APACHELOGFORMATs.
- Better detection of Windows 2000 in Operating System Report.
- Better warning messages when the erroneous command contained a space.
- Code for NeXTSTEP operating system.
- Better treatment of multibyte character sets.
- Icelandic language files. Corrections to Bosnian, French, Italian, Japanese &
Swedish.
|
|
- Update master site list.
- Apply patches from squid home page.
|
|
|
|
|
|
|
|
install -> ${INSTALL}
|
|
|
|
|
|
"MASTER_SORT = .de" recognizes this site as german mirror.
|
|
in PR pkg/9534.
|
|
2.3STABLE1:
- Changed Copyright text.
- Changed configure so that some IRIX-6.4 hacks apply to all IRIX-6.* versions.
- Cleaned up HTML bugs in error pages.
- Told configure to check for netinet/if_ether.h, which is used in ARP ACL
code, but might not be required.
- Added "Cookie" to known HTTP headers so it can be used in anonymizer
configuration.
- Added optional TCP_REDIRECT log code for logging of 301/302 responses
returned by Squid.
- Added a check for a currently running Squid process. If the pid file exists,
and the pid is running, Squid complains and refuses to start another
instance.
- Changed async I/O scope to PTHREAD_SCOPE_PROCESS for IRIX.
- Fixed a bug with the PURGE method. The purge enable flag was not getting
cleared during reconfigure. Also required PURGE method to be used in
http_access list before enabling.
- Fixed async I/O assertions for file open errors.
- Fixed internal DNS assertion when unpacking truncated messages.
- Fixed anonymize_headers bug that caused all headers to be allowed after a
reconfigure.
- Fixed an access denied bug for accelerator-only installations.
- Fixed internal DNS initialization so that it uses 'dns_nameservers'
settings in squid.conf if set.
- Fixed 'maxconn' ACL bug that caused it to work backwards (Pedro Ribeiro).
- Fixed syslog bug for daemon mode on Linux.
- Fixed 'http_port' parsing bugs.
- Fixed internal DNS byte ordering bugs for PTR queries.
- Fixed internal DNS queue getting stuck during periods of low activity
(Henrik).
- Fixed byte ordering bugs for parsing EPLF FTP listings on 64-bit systems.
- Fixed 'request_body_max_size' bug that caused all POST, PUT requests to be
denied if max size is set to zero.
- Fixed 'redirector_access' bug when using 'myport' ACLs.
- Fixed CARP neighbor selection bugs for down peers.
- Added 'client_persistent_connections' and 'server_persistent_connections'
flags to disable persistent connections for clients and servers.
- Fixed access logging bug that caused many requests to be logged as TCP_MISS.
- Added some bounds checking to delay pools code.
This partially fixes PR pkg/9534 by Takahiro Kambe.
|
|
by DEPENDS (which fixes the wrong syntax for RUN_DEPENDS, and
doesn't use that any more).
|
|
|
|
outputs it to the standard output. It uses the HTTP 1.0
GET query by default, but can also do HEAD and POST.
|
|
|
|
|
|
summary of changes would be:
stabilization, https support by openssl (not enabled for the pkgsrc
at this moment), word fill, repaint, IPv6, user authentication, cgi
emulation with local script (can be security-wise wrong)...
we have > 500 lines of HISTORY file in the kit.
|
|
|
|
Changes:
* Fixed a nasty security hole in htsearch, which would allow users to
view any file on your site that had read permission.
* Fixed a bug that could cause problems with 8-bit characters on some
systems.
* Made some attempts to get htsearch's output to be more HTML 4.0
compliant. It quotes all HTML tag parameters, and uses ";" instead of
"&" as parameter separator in URLs for next pages. Reserved characters
in parameters are now encoded.
* Fixed handling of SGML entities: htdig will still decode them to store
as single characters in the database, but htsearch now encodes some of
them back for compliant results.
* Added two new formats for variables in htsearch templates, $%(var),
which escapes the variable for a URL, and $&(var), which HTML-escapes
the variable as necessary.
* Fixed htdig's handling of robots.txt, such that only the first
applicable User-agent field bearing its name will be used, rather than
only the last.
* Fixed htdig's handling of servers that return 2-digit years.
* Fixed handling of embedded quotes in quoted string lists.
* Fixed handling of relative URLs with trailing ".." or leading "//".
* Fixed handling of the valid_extensions attribute, which sometimes
failed in the previous version.
* Enhanced the handling of local filesystem indexing with the local_urls,
local_user_urls or local_default_doc attributes, which now allow
multiple directory or file names to be tried.
* Added the build_select_lists attribute to allow the config file to
specify <select> form elements in htsearch output as a template
variable, much like $(SORT) and $(METHOD).
* Added support for two additional configuration attributes:
max_keywords, and nph.
* A variety of other bug fixes, and many documentation updates. See the
ChangeLog for details.
|
|
|
|
directory. This fixes a bug where the pkg won't install if PREFIX/libexec/cgi-bin
doesn't exist.
|
|
Takahiro Kambe in PR pkg/9486. Changes since version 2.2 STABLE 5:
- many bug fixes
- WCCP support
- Storage API
- internal DNS servers
|
|
|
|
to client code set.
Currently supported code sets are the center-europian ones (iso-8859-2,
windows-1250, macce, cp852 & bunch of already obsoleted code sets). There
is also limited support for cyrillic (koi8-r, iso-8859-5, cp866).
Documentation is currently in czech language only, sorry.
|
|
converted from FreeBSD, or have been disabled since. Sorted lines
alphabetically, added some missing directories.
|
|
- Fixed several small bugs.
- New command RUNTIME.
- Brazilian Portuguese language files and Swedish domains files.
- Corrections to Dutch.
- New command SEARCHCHARCONVERT.
- Support for Apache's new %q code in APACHELOGFORMAT.
- Fix for search reports causing crashes on Windows.
- New language: Czech. Corrections for Serbian, Slovene and Ukrainian.
|
|
|
|
|
|
Related changes:
- Fix the permissions for the installed files
(this fix is the same one that Frederick Bruckman did for 2.5c).
- Remove the extra newline added to POST requests.
- Only clear the supplementary group list if running as root.
- Stopped overflow of 32 bit integer when purging.
- Allow wrong reply to CWD from broken FTP server.
- Don't get confused by badly nested script or blink tags.
- Disallow the Accept-Encoding header on outgoing requests.
- Make the URL-SPECIFICATION in the config file have lower case
for protocol and host.
- Modified the Meta refresh tag handling.
- Fix FTP directory listings for files with ':' in them.
- and other bug fixes.
- Added Russian and Polish translations of WWWOFFLE messages.
- Updated FAQ.
|
|
for changes between 1.3.9 to 1.3.11, please see commit logs for
pkgsrc/www/apache, or apache changelogs.
|
|
wwwoffle's author, removing world read permissions from the spool directory
was a mistake, which will be rectified in wwwoffle-2.5d.
|
|
|
|
Main change is support for apache-1.3.11.
In more detail:
Changes with mod_ssl 2.5.0 (08-Jan-2000 to 22-Jan-2000)
*) Switched the old "POST for HTTPS" support code from
defined(SSL_EXPERIMENTAL) to !defined(SSL_CONSERVATIVE), because this
code is both already stable (even it's not a conservative approach) and
important. This way POST support is now available per default, but still
can be disabled/removed by very conservative people with an easy
--enable-rule=SSL_CONSERVATIVE.
*) Added SSL_CONSERVATIVE rule to src/Configuration.tmpl which
complements SSL_EXPERIMENTAL. Both rules are per default set
to "no", i.e. disabled. But while SSL_EXPERIMENTAL still enables
experimental code, enables SSL_CONSERVATIVE conservative code. That is,
actually per default some non-conservative things might be enabled which
can be _disabled_ by forcing mod_ssl to use only conservative
approaches.
*) Added entry about "no shared ciphers" to FAQ.
*) Upgraded to the new Apache version: 1.3.11 (BTW, Apache 1.3.10
was never released). This moves the mod_ssl community to the
latest Apache state and this way implicitly provides them over 70
bugfixes and cleanups which 1.3.11 provides over 1.3.9.
Changes with mod_ssl 2.4.10 (24-Nov-1999 to 08-Jan-2000)
*) Mentioned MD5-encrypted password in ssl_reference.wml in addition
to DES-encrypted password.
*) Added a new FAQ entry about the path internally pre-defined by
EAPI_MM_CORE_PATH.
*) Adjust the name-based-vhost complain: Talk say "you should not
use" instead of "you cannot use", because first there are
situations where it can be reasonable to use name-based vhosts with
SSL and second there is no technical restriction on the mod_ssl side,
of course.
*) Changed the license on mod_define.c from the BSD/Apache-style
license to a even less restrictive MIT-style license to allow
everyone to do with this module what they want.
*) Fixed a compile-time warning under very strict compilers by using
a more correct `ssl_verify_t' (enum based) instead of `int' in
ssl_engine_config.c.
*) Various minor documentation updates.
*) Made the EAPI-vs-plain-API complain in mod_so more clear.
*) Adjusted all copyright messages to contain the new year 2000 ;)
*) Fixed INSTALL.W32 document for latest OpenSSL versions.
*) Fixed SSL session id context configuration: the value is now an
MD5 of `server:port' and this way always a string of just 32 bytes,
so OpenSSL's SSL_set_session_id_context() doesn't fail.
*) Removed old CVS informations from etc/patch.tar tarball.
Changes with mod_ssl 2.4.9 (05-Nov-1999 to 24-Nov-1999)
*) Fixed SSLRequire expression evaluation for number strings.
Expressions like `SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128'
didn't work if SSL_CIPHER_USEKEYSIZE was "40" because the evaluation
used strcmp(3) and this fails to compare numbers of different length.
An own comparison function is now used to avoid this problem.
*) Now on Win32 a warning is logged once on startup that mod_ssl is
NOT officially supported under Win32 and people have to use it there on
their own risk (and so shouldn't complain if it doesn't work). Because
only the Unix platform is officially supported and mod_ssl is checked
for security issues only related this platform.
*) For performance reasons it is unreasonable to create the SSL_*
CGI/SSI variables _all the time_, because their creation is
a rather expensive operation which slows down the server
noticeable. Instead it is more reasonable to let them create for
CGI and SSI requests _only_. For consistency reason with other
`SSLOptions' variables (which all have positive names) and to
avoid necessary cleanups changes in the future, I decided to make
the incompatibility change _NOW_ (sorry).
In short: With mod_ssl 2.4.9 per default no SSI/CGI variables
SSL_* are created any longer (only the special "HTTPS" variable is
always created). Instead one has to use `SSLOptions +StdEnvVars'
to switch the creation on.
*) Added an `SSLOptions' variable `StdEnvVars' which now controls
the creation of the numerious SSL_* CGI/SSI variables.
*) Renamed old variable SSL_{CLIENT,SERVER}_{S,I}_DN_SP to more
correct SSL_{CLIENT,SERVER}_{S,I}_DN_ST variable to conform to
RFC2156 and current OpenSSL state (which also prints this OID as
"ST" and no longer "SP").
*) Added support for SSL_{CLIENT,SERVER}_{S,I}_DN_{T,I,G,S,D,UID}
variables (corresponding to X.509 title, initials, givenName, surname,
description and uniqueIdentifier OIDs) to allow the checking of more
X.509 certificate ingredients.
*) Allow mod_rewrite to also lookup the "HTTPS" variable, for instance
via ``RewriteCond %{HTTPS} !=on''.
*) Removed old URL references to rsaref20.tar.Z from INSTALL document.
*) Now an explicit error message is logged also if an SSL session cannot be
stored to the DBM file via dbm_store (and not just if dbm_open failed).
*) Now the pass phrase dialog no longer uses the hard-coded
filedescriptor 10 as the storage for stderr while the pass phrase dialog
is displayed. Instead (at least under Unix) it tries to open /dev/null
and uses this filedescriptor instead. And when this fails (or always
under Win32) it uses the hard-coded filedescriptor 50 (a lot higher than
10 to avoid problems with logfile rotation programs and other things
Apache could have started).
*) Fixed SSL_make_ciphersuite() function: it calculated the required string
length incorrectly and could segfault. BUT THIS FUNCTION IS STILL NOT
USED IN MOD_SSL AT ALL, so don't panic. This function is for debugging
purposes only.
*) Fixed a filedescriptor leak which happened if encrypted private keys
were used. Here the pass phrase dialog forgot to close a temporary
filedescriptor.
*) Added three new OpenSSL log entry annotations: First, "*no start
line*" now triggers "Bad file contents or format - or even just
a forgotten SSLCertificate KeyFile?" and "*bad password read*"
triggers "You entered an incorrect pass phrase!?". Additionally
"*bad mac decode*" now triggers "Browser still remembered details
of a re-created server certificate?" because people often get "bad
data" dialog boxes while (re-)testing with Snake Oil certs.
*) Added hint about possibly blocking /dev/random devices also to
httpd.conf-default to make sure people don't overlook this subtle
platform-dependent problem. Additionally a new FAQ entry was
made about this, too.
*) Added an entry to the FAQ about GIDs and their intermediate
certificate which has to be configured with SSLCertificateChainFile.
*) Fixed some external URLs in the FAQ.
|
|
WWWOFFLE is functional without ht://Dig (search function is not available
of course) and htdig pkg may be added/removed AFTER addition of wwwoffle pkg.
(Another reason is that ht://Dig is not so useful for Asian languages. :)
Add reference to www/htdig pkg.
|
|
Requested by Christoph Badura.
|
|
for each of the continuation lines, rather than using backslashes to
continue a single, long definition. This makes it much easier to spot
pre-requisite packages and other dependencies.
|
|
|
|
|
|
fractured into two more pieces: py-extclass and py-dtml, which are
independantly useful.
Highlights of changes from 2.0.1 to 2.1.4:
- Performance improvements
- Switch to new dtml <dtml-xxx> syntax by default.
- Many ZCatalog improvements
- try/except, try/except/else in DTML (py-dtml package)
- FastCGI support (not on NetBSD yet -- no threads)
- Two security fixes (mostly for sites that allow untrusted
people to write DTML)
- Two object database fixes when working with versions and doing
a pack
- Other minor bugs
See full changes at http://www.zope.org/Products/Zope/2.1.4/CHANGES.txt
|
|
|
|
Not really perfect, as apache-1.3.6 was in pkgsrc for a long time, and is
untested, but should do.
|
