changes:
- Since May 2010, all patents regarding the TrueType bytecode
interpreter have expired worldwide. Consequently, we now define
TT_CONFIG_OPTION_BYTECODE_INTERPRETER by default (and undefine
TT_CONFIG_OPTION_UNPATENTED_HINTING).
- A new function `FT_Library_SetLcdFilterWeights' is available to
adjust the filter weights set by `FT_Library_SetLcdFilter'.
-increased robustness, bugfixes
pkgsrc note: the "truetype" option was removed, the bytecode interpreter
is now always enabled
Feature improvements
* Add radmin command "stats detail <file>" to see what
is going on inside of a detail file reader.
* Added documentation for CoA. See raddb/sites-available/coa
* Add sub-option support for Option 82. See dictionary.dhcp
* Add "server" field to default SQL NAS table, and documented it.
Bug fixes
* Reset "received ping" counter for Status-Server checks. In some
corner cases it was not getting reset.
* Handle large VMPS attributes.
* Count accounting responses from a home server in SNMP / statistics
code.
* Set EAP-Session-Resumed = Yes, not "No" when session is resumed.
* radmin packet counter statistics are now unsigned, for numbers
2^31..2^32. After that they roll over to zero.
* Be more careful about expanding data in PAP and MS-CHAP modules.
This prevents login failures when passwords contain '{'.
* Clean up zombie children if there were many "exec" modules being
run for one packet, all with "wait = no".
* re-open log file after HUP.
* Fix "no response to proxied packet" complaint for Coa / Disconnect
packets. It shouldn't ignore replies to packets it sent.
* Calculate IPv6 netmasks correctly.
* Fix SQL module to re-open sockets if they unexpectedly close.
* Track scope for IPv6 addresses. This lets us use link-local
addresses properly.
* Updated Makefiles to no longer use the shell for recursing into
subdirs. "make -j 2" should now work.
* Updated raddb/sql/mysql/ippool.conf to use "= NULL".
* Updated Makefiles so that "make reconfig" no longer uses the shell
for recursing into subdirs, and re-builds all "configure" files.
* Used above method to regenerate all configure scripts.
* Updated SQL module to allow "server" field of "nas" table
to be blank: "". This means the same as it being NULL.
* Fixed regex realm example. Create Realm attribute with value
of realm from User-Name, not from regex.
* If processing a DHCP Discover returns "fail / reject", ignore
the packet rather than sending a NAK.
* Allow '%' to be escaped in sqlcounter module.
* Fix typo internal hash table.
* For PEAP and TTLS, the tunneled reply is added to the reply,
rather than integrated via the operators. This allows multiple
VSAs to be added, where they would previously be discarded.
* Make request number unsigned. This changes nothing other than
the debug output when the server receives more than 2^31 packets.
* Don't block when reading child output in 'exec wait'. This means
that blocked children get killed, instead of blocking the server.
* Enabled building without any proxy functionality
* radclient now prefers IPv4, to match the default server config.
* Print useful error when a realm regex is invalid
* relaxed rules for preprocess module "with_cisco_vsa_hack". The
attributes can now be integer, ipaddr, etc. (i.e. non-string)
* Allow rlm_ldap to build if ldap_set_rebind_proc() has only
2 arguments.
* Update configure script for rlm_python to avoid dynamic linking
problems on some platforms.
* Do suid to "user" when running in debug mode as root
* Make "allow_core_dumps" work in more situations.
* In detail file reader, treat bad records as EOF.
This allows it to continue working when the disk is full.
* Fix Oracle default accounting queries to work when there are no
gigawords attributes. Other databases already had the fix.
* Fix rlm_sql to show when it opens and closes sockets. It already
says when it cannot connect, so it should say when it can connect.
* "chmod -x" for a few C source files.
* Pull update spec files, etc. from RedHat into the redhat/ directory.
* Allow spaces when parsing integer values. This helps people who
put "too much" into an SQL value field.
snmpd:
- Change default AgentX target from 0.0.0.0:705 to localhost:705
- Fix CVE-2008-4309 (GETBULK issue reported by Oscar Mira-Sanchez)
- Fix handling of multiple matching VACM entries
(Use the "best" match, rather than the first one).
Note that this could potentially affect the behaviour of
existing access control configurations.
- Latch large-disk statistics at 2Tb (rather than wrapping)
Linux:
- Fix build on modern distributions (using rpm-4.6)
Windows:
- Fix various builds (recent MSVC, MinGW, IPv6, winExtDLL)
Import textual Racket version as lang/racket-textual.
Racket (formerly PLT Scheme) is a specific dialect of the Lisp
language based on the Scheme branch of the Lisp family.
Changes in 2.1.3
================
* FIX: afpd: fix a serious error in networking IO code
* FIX: afpd: Solaris 10 compatibilty fix: don't use SO_SNDTIMEO, use
non-blocking IO and select instead for writing/sending data.
* UPD: Support for BerkeleyDB 5.0.
Changes in 2.1.2
================
* FIX: afpd: fix for possible crash in case more then one server is
configured in afpd.conf.
* FIX: afpd: ExtendedAttributes in FreeBSD
* FIX: afpd: sharing home folders corrupted the per volume umask.
* UPD: afpd: umask for home folders is no longer taken from startup umask.
* UPD: afpd: dont and permissions with parent folder when creating new
directories on "upriv" volumes.
* UPD: afpd: use 'afpserver@fqdn' instead of 'afpserver/fqdn@realm'.
Prevents a crash in older GNU GSSAPI libs on eg. CentOS 5.x.
Changes in 2.1.1
================
* UPD: fallback to a temporary in memory tdb CNID database if the volume
database can't be opened now works with the default backend "dbd" too.
* FIX: afpd: afp_ldap.conf was missing from tarball. This only effected
[Open]Solaris.
* FIX: afpd: Check if options->server is set in set_signature, preventing
SIGSEGV.
* FIX: afpd: server signature wasn't initialized in some cases
* FIX: DESTDIR support: DESTDIR was expanded twice
* FIX: Fix for compilation error if header files of an older Netatalk
version are installed.
Changes in 2.1-release
======================
* NEW: afpd: new volume option "volsizelimit" for limitting reported volume
size. Useful for limitting TM backup size.
* UPD: dbd: -c option for rebuilding volumes which prevents the creation
of .AppleDouble stuff, only removes orphaned files.
Changes in 2.1-beta2
====================
* NEW: afpd: static generated AFP signature stored in afp_signature.conf,
cf man 5 afp_signature.conf
* NEW: afpd: clustering support: new per volume option "cnidserver".
* UPD: afpd: set volume defaults options "upriv" and "usedots" in the
volume config file AppleVolumes.default. This will only affect
new installations, but not upgrades.
* FIX: afpd: prevent security attack guessing valid server accounts. afpd
now returns error -5023 for unknown users, as does AppleFileServer.
Changes in 2.1-beta1
====================
* NEW: afpd: AFP 3.2 support
* NEW: afpd: Extended Attributes support using native attributes or
using files inside .AppleDouble directories.
* NEW: afpd: ACL support with ZFS
* NEW: cnid_metad: options -l and -f to configure logging
* NEW: IPv6 support
* NEW: AppleDouble compatible UNIX files utility suite `ad ...`.
With 2.1 only `ad ls`.
* NEW: CNID database maintanance utility dbd
* NEW: support BerkeleyDB upgrade. Starting with the next release
after 2.1 in case of BerkeleyDB library updates, Netatalk
will be able to upgrade the CNID databases.
* NEW: afpd: store and read CNIDs to/from AppleDouble files by default.
This is used as a cache and as a backup in case the database
is deleted or corrupted. It can be disabled with a new volume
option "nocnidcache".
* NEW: afpd: sending SIGINT to a child afpd process enables debug logging
to /tmp/afpd.PID.XXXXXX.
* NEW: configure args to download and install a "private" Webmin instance
including only basic Webmin modules plus our netatalk.wbm.
* NEW: fallback to a temporary in memory tdb CNID database if the volume
database can't be opened.
* NEW: support for Unicode characters in the range above U+010000 using
internal surrogate pairs
* NEW: apple_dump: utility to dump AppleSingle and AppleDouble files
* NEW: afpldaptest: utility to check afp_ldap.conf.
* UPD: atalkd and papd are now disabled by default. AppleTalk is legacy.
* UPD: slp advertisement is now disabled by default. server option -slp
SRVLOC is legacy.
* UPD: cdb/dbd CNID backend requires BerkeleyDB >= 4.6
* UPD: afpd: default CNID backend is "dbd"
* UPD: afpd: try to install PAM config that pulls in system|common auth
* UPD: afpd: symlink handling: never followed server side, client resolves
them, so it's safe to use them now.
* UPD: afpd: Comment out all extension->type/creator mappings in
AppleVolumes.system. They're unmaintained, possibly wrong and
do not fit for OS X.
* FIX: rewritten logger
* FIX: afpd: UNIX permissions handling
* FIX: cnid_dbd: always use BerkeleyDB transactions
* FIX: initscripts installation now correctly uses autoconf paths,
ie they're installed to --sysconfdir.
* FIX: UTF-8 volume name length
* FIX: atalkd: workaround for broken Linux 2.6 AT kernel module:
Linux 2.6 sends broadcast queries to the first available socket
which is in our case the last configured one. atalkd now tries to
find the right one.
Note: now a misconfigured or plugged router can broadcast a wrong route !
* REM: afpd: removed CNID backends "db3", "hash" and "mtab"
* REM: cnid_maint: use dbd
* REM: cleanappledouble.pl: use dbd
* REM: nu: use `macusers` instead
generated by some neutron image plate detector) -- PIL is lacking
some infrastructure here so it gets treated like "black is zero"
but this is fine for me because I don't want to interpret it
photometrically anyway
S3cmd lets you copy files from/to Amazon S3 (Simple Storage Service) using a
simple to use command line client. Supports rsync-like backup, GPG encryption,
and more. Also supports management of Amazon's CloudFront content delivery
network.
* added dnssec support.
* new setting cmd:stifle-rl-history to limit command history size.
* fixed exit code of mget/mput.
* fixed compilation on some systems.
* fixed crash of `cls -s' on MacOS X x64.
* torrent: don't try to connect back to peers which connected to us.
* rancid: remove sequences from IPv6 prefix-lists
* clogin: adjust default ssh password prompt for ExtremeOS 12.3.3.6
* rancid: Accept '>' prompt, rather than just '#'
* avologin: fix ssh command substitution
* fnrancid: filter application signature, System Time & conf_file_ver=
from GetSystem/GetConf
* mrvrancid: filter other oscillating info from show version
* xrrancid: disable timestamps
* hlogin: implement -autoenable for newer hp procurve releases
* cat5rancid: snmp community may have multiple spaces b/t community name
and permissions
* cat5rancid: filter local user password
* f5rancid: filter Failover time stamps
* hlogin: Add support for ssh identity file & passphrase for newer boxes
* rancid: split IOS-XR into its own device type: cisco-xr
* clogin: set term width for catos like for ios.
* rancid: parse admin show diag for XR better with a separate function
* hlogin: hpuifilter got omitted from the ssh spawn; replace it.
* nxrancid: match unknown command errors appropriately & GC some junk
carried-over from IOS-rancid.
* rancid: check for device busy when opening flash fails, which seems to
occur on 6500s when some other command is run.
* *login: support :port method syntax for ssh and adjust to allow spaces
in sshcmd
* jrancid: fix return values of formatting functions
* clogin: set terminal width so that o/p is consistent
* rancid: filter some crud resulting from the change in handling non-empty
comment lines. fail if the configuration buffer fills. filter
dhcp_[^[:space:].].txt from flash directories, so it does not create
constant changes resulting from the ip dhcp database saves. filter ldap host
password on PIX. when compressing consecutive comment lines, only consider
empty lines.
* arancid: handle password filter for HP 1:10Gb Ethernet Blade Switch
5.0.4-Base, running AOS
* *login: add cloginrc timeout directive
* nrancid: fix control number match
* rancid: remove ASA coredump* filter - Cisco Bug CSCsz85597, fixed in
8.2(1.2), 8.3(0.0), 100.3(0.3)M
* f5rancid: adjust fan rpm and config sync time filters for new f5 code
* rancid: ACE/SANOS report invalid input differently. skip leading blank lines
in config.remove ASA keys such as tacacs and radius. match non-space for
usernames in "Written by" line.
* *rancid: quote meta characters
* rancid: Fail on error msg "% Configuration buffer full" seen on 6500. Dont
filter 'show vlan' on Catalyst 3550/4500s
* import Arista script
* jerancid: fix for 'show environment all' for filtering with auto-sync
on BRASes
* francid,flogin: edgeiron can not disable the pager and does not offer
some commands found on the bigirons
* rancid: filter coredumpinfo/coredump.cfg found on ASA - rancid-discuss@
* f5rancid: fileter HA peer status
* WTI scripts from Geert Jan de Groot with a few tweaks
* jerancid: include standby slots in showversion o/p
* lg: add code for LG_SINGLE config knob
* clogin: run_commands() needs do_saveconfig
* f10rancid: change fan status parsing to handle c300
* nxrancid: collect license info; fix 'show env temp' & 'show
env power' parsing; drop unused code.
* change zero-config check to avoid broken awks
PERL_SET_CONTEXT after forking or Perl gets confused.
In particular, setting signal-handling dispositions using
$SIG{FOO} = sub { ... } breaks.
* Clarify wording of mimedefang-filter man page.
* Remove obsolete code that used to attempt to generate working
directory names. Deactivate the no-longer-needed "-M" mimedefang
option.
* Add new "-y" option to mimedefang-multiplexor. This limits
the number of concurrent "recipok" commands on a per-domain basis.
* Remove Anomy::HTMLCleaner support.
* use MIME::Parser::Filer's ignore_filename() call instead of
subclassing to override evil_filename(). Same effect, less code.
* refactor resend_message_one_recipient() to use
resend_message_specifying_mode() instead of reimplementing it.
* header_timezone() now generates a strictly RFC2822-compliant timezone
string without needing POSIX::strftime()
* Ensure that decode_mimewords() is called in scalar context.
