Upstream changes:
4.030 Tue Jul 20 15:32:23 PDT 2010
Resolve named hosts in Lite.pm using gethostbyname, followed by
gethostbyname6 to determine whether to set ipV6 flag
Thanks to Dusty Mabe <Dusty.Mabe@tekelec.com> for spotting this bug
4.029 Thu Jul 8 18:17:38 PDT 2010
In NetAddr::IP::Lite,
added support for the sub "new" to resolve host6 names
if the OPTIONAL perl Socket6 module is available
Thanks to "Mabe, Dusty" <Dusty.Mabe@tekelec.com> for spotting
this and suggesting a fix.
4.028 Wed May 12 14:18:20 PDT 2010
In /Lite/Util/Util.xs v1.32,
changed netswap() to postincrement
*a++ = to *a and added increment after save to mollify some
picky compilers that return possible undefined behavior.
changed type of _128x10 to 'void'
Thanks to David Bolt <dbolt@davjam.org> for the above two patches
Collection.
The Perl 5 module Net::Trac is simple client library for a remote
Trac instance. Because Trac doesn't provide a web services API,
this module currently "fakes" an RPC interface around Trac's webforms
and the feeds it exports. Because of this, it's somewhat more brittle
than a true RPC client would be.
Packages Collection.
The Perl 5 module Net::Google::Code is a simple client library for
projects hosted in Google Code. It uses Google's official API and
web scrapping techniques.
Features:
* unbound-control get_option domain-insecure shows config file items.
* Autotrust anchor file can be initialized with a ZSK key as well
(if the domain's DNSKEY set is signed with that ZSK).
* Conforms to draft-ietf-dnsop-default-local-zones-13. Added default
reverse lookup blocks for IPv4 test nets 100.51.198.in-addr.arpa,
113.0.203.in-addr.arpa and Orchid prefix 0.1.1.0.0.2.ip6.arpa.
* Contribution from Migiel de Vos (Surfnet): nagios patch for unbound-host,
in contrib/ (in the source tarball). Makes unbound-host suitable for
monitoring dnssec(-chain) status.
* GOST disabled-by-default, the algorithm number is allocated but the RFC
is still has to pass AUTH48 at the IETF.
Bug Fixes:
* Fix validation failure for qtype ANY caused by a RRSIG parse failure.
The validator error message was 'no signatures from ...'.
* Squelch log message: sendto failed permission denied for 255.255.255.255,
it is visible in VERB_DETAIL (verbosity 2).
* Fix fetch from blacklisted dnssec lame servers as last resort.
The server's IP address is then given in validator errors as well.
* Fix local-zone type redirect that did not use the query name for the
answer rrset.
* Compile fix using Sun Studio 12 compiler on Solaris 5.9, use CPPFLAGS
during configure process.
* Fix if libev is installed on the base system (not libevent),
detect it from the event.h header file and link with -lev.
* Fix configlexer.lex gets config.h, and configyyrename.h added by make,
no more double include.
* More strict scrubber (Thanks to George Barwood for the idea):
NS set must be pertinent to the query.
* [bugzilla: 307 ] In 0x20 backoff fix fallback so the number of outstanding
queries does not become -1 and block the request. Fixed handling of
recursion-lame in combination with 0x20 fallback. Fix so RRsets are
compared canonicalized and sorted if the immediate comparison fails,
this makes the 0x20 option work around round-robin sites.
* Fix retry sequence if prime hints are recursion-lame.
* Fix so harden-referral-path does not result in failures due to max-depth.
You can increase the max-depth by adding numbers (' 0') after the
target-fetch-policy, this increases the depth to which is checked.
* Fix detection of GOST support in ldns (reported by Chris Smith).
* Fix for dnssec lameness detection to use the key cache.
* infra cache entries that are expired are wiped clean.
Previously it was possible to not expire host data (if accessed often).
* Fix dnssec-missing detection that was turned off by server selection.
* [bugzilla: 308 ] Fix spelling error in variable name in parser and lexer.
* Fix various compiler warnings from the clang llvm compiler.
* Fix comments in iter_utils:dp_is_useless.
* EDNS timeout code will not fire if EDNS status already known.
* EDNS failure not stored if EDNS status known to work.
* Parent-child disagreement approach altered. Older fixes are removed in
place of a more exhaustive search for misconfigured data available via
the parent of a delegation. This is designed to be throttled by cache
entries, with TTL from the parent if possible. Additionally the
loop-counter is used. It also tests for NS RRset differences between
parent and child. The fetch of misconfigured data should be more
reliable and thorough. It should work reliably even with no or only
partial data in cache. Data received from the child (as always) is
deemed more authoritative than information received from the delegation
parent. The search for misconfigured data is not performed normally.
* Fix AD flag handling, it could in some cases mistakenly copy the AD flag
from upstream servers.
* Ignore Z flag in incoming messages too.
* alloc_special_obtain out of memory is not a fatal error any more,
enabling unbound to continue longer in out of memory conditions.
* Parentside names are dispreferred but not said to be dnssec-lame.
* Fix parentside and querytargets modulestate, for dump_requestlist.
* unbound-control-setup makes keys -rw-r--- so not all users permitted.
* libtoolize 2.2.6b, autoconf 2.65 applied to configure.
* Fix compile warning if compiled without threads.
* iana portlist updated.
* included ldns tarball updated.
* Fix bug where a long loop could be entered, now cycle detection has
a loop-counter and maximum search amount.
* torrent: don't try to re-download invalid piece from the same peer.
* added a short lftp.conf(5) man page.
* fixed a problem with zeroed errno.
* fixed status of mget from file: schema.
* fixed a compilation problem on AIX.
Version 4.0.8 - 2010-05-24
* fixed get/mget -c when xfer:clobber is off.
* fixed file verification in pget.
* fixed ftp encoding for servers with LANG but without UTF8 feature.
Version 4.0.7 - 2010-04-29
* make xfer:clobber off by default.
* limit number of attempts to upload a file (net:max-retries).
* handle 426 ftp reply to STOR specially.
* retry FEAT after login even after non-standard 5xx reply.
Version 4.0.6 - 2010-03-25
* use O_EXCL flag when xfer:clobber is off.
* better validation of server-provided file name (CVE-2010-2251).
* new setting xfer:auto-rename (off by default).
* new setting ftp:ssl-copy-sid (for some broken servers).
* fixed CCC ftp command to shutdown SSL connection properly.
* fixed `pget -c' on complete files.
Version 4.0.5 - 2009-12-21
* added support for lighttpd listings.
* fixed sftp rename.
* fixed a core dump on `kill all' with pget.
* fixed interrupting of a torrent with unresponsive tracker.
* Czech translation updated
aria2 1.10.0
============
This release adds an option to limit the number of connections to the
same host in each download. aria2 now chooses server which is least
used in aria2c instance. This release also adds Chromium cookie
support and HTTP only conditional download support which is download
file only when the local file is older than remote file. aria2 now
can handle %2F in FTP URI properly. HTTP/1.1 chunked decoder was
fixed. For Linux, aria2 uses fallocate by default if it is usable.
aria2 1.9.5
============
This release fixes the bug that causes corrupted file. It also fixes
assertion error in DefaultPeerStorage class. Now aria2 doesn't reset
referer to "" on redirect. log and log-level option can be used
in aria2.changeGlobalOption XML-RPC method. This means you can
dynamically start or stop logging and change log file and log level.
aria2 1.9.4
============
This release fixes the bug that connection reuse on FTP does not work
if FTP server changes root directory based on account. It also fixes
the bug that reading Metalink document from pipe (-M- option) does not
work when aria2 is built with expat or old libxml2(2.7.6 or
earlier). Now aria2 does not emit error if given Metalink document is
empty(no file element). The response of aria2.tellStopped XML-RPC
method now has more information: totalLength, completedLength,
uploadLength, bitfield and so on.
aria2 1.9.3
============
This release fixes the bug that aria2 cuts filename after ';' if
filename in Content-Disposition header includes ';'. It also fixes
the bug that name attribute of file element in Metalink file is not
properly sanitized.
aria2 1.9.2
============
This release adds kqueue, port_associate/port_getn and poll() support
for socket event notification to eliminate 1024 file descriptor
limitation of select() call. The bug that aria2.unpause and
aria2.unpauseAll XML-RPC method fail when -s1 is given in command-line
argument was fixed.
aria2 1.9.1
============
This release adds the ability to save unfinished downloads as text
file. aria2 can read the file with -i option on restart. This
release also adds the ability to download file from scratch when aria2
sees resume is not supported by remote server. This feature is
disabled by default. See --always-resume option for
details. --no-proxy option accepts IPv4 network address with CIDR
block. aria2 now doesn't send "Accept-Encoding: deflate, gzip" by
default. --http-accept-gzip option was added to toggle this behavior.
aria2 now treats lines starting "#" in -i list as comments. Several
XML-RPC methods were added: aria2.pause, aria2.unpause,
aria2.shutdown, and their families. The new exist status code '8' was
added. The bug that makes aria2 hang when system time changes while
aria2 is running was fixed on MinGW32, Mac OS X and the system which
has clock_gettime(). Several other bugs also have been fixed.
aria2 1.9.0
============
This release adds Metalink4 support and BitTorrent Local Peer
Discovery. aria2.changeUri XML-RPC method was added. It enables you
to add/remove URIs to existing downloads dynamically. The user and
password for proxy server now can be specified in command-line
separately. We refactored the code based on profiler results, so
aria2 now runs more efficiently than ever. Russian and Simplified
Chinese translation were updated.
aria2 1.8.3
============
This release fixes the bug that --file-allocation=falloc doesn't work
with single file download. It also fixes the bug that the return value
of aria2 is unreliable if error occurs before download begins. When
custom request headers specified by --header option now override
built-in headers if they have same name.
aria2 1.8.2
============
s release fixes the bug that causes segmentation fault with
--max-file-not-found option involved. Now aria2 can handle redirected
URI which is not properly percent encoded. In MinGW32 build, console
readout is now always cut by 80 characters. 'bittorrent' key is added
to the response of tellStatus XML-RPC method. The associated value of
the key is a struct and contains data retrieved from .torrent file,
such as name, announce-list, comment, etc.
aria2 1.8.1
============
This release fixes the bug that causes segmentation fault if unknown
options exist in aria2.conf file and user cannot include empty line in
aria2.conf.
Following new command line options are added: --http-no-cache,
--bt-metadata-only and --human-readable option. --dir option now
treats "" as ".". --all-proxy, --http-proxy, --https-proxy and
--ftp-proxy option accept empty string "". When "" is given, it
erases previously defined proxy.
aria2.getSessionInfo XML-RPC method was added. aria2.tellWaiting and
aria2.tellStopped XML-RPC method accept a negative integer as
offset. For example, in aria2.tellWaiting, 'offset' == -1 points last
download in the waiting queue and 'offset' == -2 points the download
before the last download, and so on. 'dir' and 'files' key were added
to the response struct of aria2.tellStatus XML-RPC method. The value
associated with 'files' key is the list of files. Its element is the
same struct used in aria2.getFiles XML-RPC method. 'uris' key was
added to the response struct of aria2.getFiles XML-RPC method. The
value associated with 'uris' key is the list of URIs. Its element is
the same struct used in aria2.getUris XML-RPC method. aria2 now
returns gzip compressed XML-RPC response if XML-RPC client accepts
gzip content encoding.
aria2 1.8.0
============
This release fixes the bug that configure script fails to detect
GnuTLS library if --without-sqlite3 is given. The new XML-RPC methods
are added: aria2.getOption, aria2.getGetGlobalOption,
aria2.changePosition, aria2.tellStopped and system.multicall.
--bt-save-metadata option is added. This option saves metadata as
.torrent file. This option has effect only when BitTorrent Magnet URI
is used.
aria2-1.7.2
============
This release fixes the bug that aria2 listens wrong port in
BitTorrent/FTP downloads when --interface option is used. If
--metalink-file='-' is given, aria2 now reads Metalink file from
stdin. Magnet URI is printed in the output of -S option. DHT is
now enabled by default. DHT doesn't start while aria2 only handles
HTTP/FTP downloads. On the first torrent download begins, aria2
initiates DHT functionality. After that, DHT runs until aria2 exits
aria2 1.7.1
============
This release fixes the bug that --bt-prioritize-piece=tail is not
working.
aria2 1.7.0
============
This release adds BitTorrent Magnet URI support. 3 options were
added: the ability to bind to particular interface, disabling IPv6 and
prioritizing piece in BitTorrent downloads. In configure script, if
--with-PACKAGE and --enable-FEATURE are given but PACKAGE is missing
in the system or FEATURE cannot be enabled in the current
configuration, the script now prints error message and exits.
--http-auth-scheme option was removed since it is useless. Updated
Russian, Ukrainian, German and French translations.
aria2 1.6.3
============
This release fixes reported bugs and updates Polish, Catalan, French,
Italian, Russian and Japanese translations.
aria2 1.6.2
============
This release fixes segmentation fault error if URI to download
contains printf format string and logging is enabled. The build
scripts are updated to automake 1.11 and autoconf 2.64. Updated
Ukrainian translation.
aria2 1.6.1
============
This release fixes memory leak in HTTP/FTP download. It also fixes the
bug that the option values changed by XML-RPC changeOption and
changeGlobalOption methods are cleared. Now User-agent and Peer ID
include version number. Updated Simplified Chinese translations.
aria2 1.6.0
============
This release changes the default behavior of XML-RPC server. Now it
listens only on local loopback interface by default for security
reasons. If you want to connect to aria2c from remote hosts, use
--xml-rpc-listen-all option. The XML-RPC client sample script written
in Ruby are now included in the archive under doc/xmlrpc directory.
These scripts are licensed under MIT License. The help category tags
are now start "#" to distinguish them from keyword search. Several
help category tags were added: #xml-rpc, #cookie, #hook and #file.
--retry-wait option was removed because it doesn't work properly under
the architecture. Updated Bulgarian, Russian, Slovak and Japanese
translations.
aria2 1.5.2
============
This release fixes the bug that when the first attempt to establishing
connection fails, aria2 don't try to connect another address and a
download immediately fails. -S output was enhanced: exact file size
is now printed. For -S with torrent file, meta data such as comment,
comment.utf-8, created by and creation date are now printed. Ukrainian
and Russian translations were updated.
aria2 1.5.1
============
This release fixes linker error in unit test code on 32bit
systems. The unit test failure on mingw32 was also fixed. The file I/O
error handlings were written.
aria2 1.5.0
============
This release adds WEB-Seeding support for multi-file torrent.
--bt-stop-timeout option was added. This function stops BitTorrent
download if the download speed is 0 in consecutive given seconds.
aria2 now tries all resolved addresses to connect to remote servers in
HTTP(S)/FTP until it gets connected. For XML-RPC, two new methods
were added: aria2.tellWaiting and aria2.getVersion. The error code is
available in the response of aria2.tellStatus methods for
stopped/completed downloads. --use-head is now disabled by default
since using HEAD request causes problems in some web sites. The
behavior of -D option has been changed: If -D is specified, the
current working directory is set to / and stdin, stdout and stderr are
redirected to /dev/null. This release fixes the bug that zombie
processes are created when commands specified in --on-download-*
options are executed and the bug that http-user, http-passwd, ftp-user
and ftp-passwd are ignored when they are given via XML-RPC. Updated
Russian, Italian, Danish, Bulgarian, Japanese and Ukrainian
translations.
aria2 1.4.1
============
This release fixes the compile error without the development package
of c-ares library installed. The compile error under MinGW was fixed.
aria2.tellStatus XML-RPC method now returns "uploadLength" and
"numSeeders". Ukrainian translation was updated.
aria2 1.4.0
============
This release adds XML-RPC interface and the ability to run command
when download started/stopped and the ability to save cookies. The
current XML-RPC API allows users to add http(s)/ftp/torrent/Metalink
download and change options dynamically. The APIs such as reporting
download progress, file paths, URIs and peer information are also
available. For complete API specification, see XML-RPC INTERFACE
section in man page and
http://apps.sourceforge.net/trac/aria2/wiki/XmlrpcInterface. The
console readout was slightly updated and now includes the number of
seeders the client has connected to. Slovak translation was
added. Ukrainian and Brazilian Portuguese translation were updated.
aria2 1.3.3
============
This release fixes the bug that --check-integrity option doesn't work
properly if a file including last piece is missing and increases
internal receive buffer for FTP in order to receive big banner.
Ukrainian, Russian and Simplified Chinese translations were updated.
aria2 1.3.2
============
This release fixes the bug that prevents certain BitTorrent downloads
from finishing and possible segmentation fault when gzip decoding is
involved and infinite loop bug if last "0" chunk-size marker is not
received in chunked encoding transfer. aria2 now supports
WEB-Seeding(HTTP-Seeding) for single file torrent. Ukrainian
translation was updated.
aria2 1.3.1
============
This release fixes the bug that aria2 wrongly determines that
specified share ratio is reached because of miscalculation of upload
bytes and the bug that upload limit exceeds the value specified in
--seed-ratio option depending on the timing of the execution of
SeedCheckCommand.
aria2 1.3.0
============
This release adds the ability to specify the output filenames in
BitTorrent downloads and the option to limit overall download speed
and dry run mode which just checks the availability of the remote
file. -i list option can now take new options: select-file and
index-out. The default behavior of sending HTTP Authorization header
is reverted back to version 1.1.2 style. The bug in
AdaptiveURISelector was fixed. You can now seed read-only files in
BitTorrent. --file-allocation option can take new parameter
'falloc'. If it is given and you are using newer file systems such as
ext4, btrfs or xfs, large(few GiB) files are allocated almost
instantly. The performance optimization has been done and aria2 runs
more efficiently.
Indonesian, Russian, Italian, Ukrainian, Simplified Chinese, Japanese,
Spanish and Norwegian Nynorsk translations were updated.
shlib bumped to 2.
Version 1.6.0 (Dec 9, 2008)
* December 9 2008 (Gisle Vanem)
Fixes for Win32 targets using the Watt-32 tcp/ip stack.
* Dec 4 2008 (Daniel Stenberg)
Gregor Jasny provided the patch that introduces ares_set_socket_callback(),
and I edited it to also get duped by ares_dup().
* Dec 3 2008 (Daniel Stenberg)
API changes:
I made sure the public ares_config struct looks like before and yet it
supports the ROTATE option thanks to c-ares now storing the "optmask"
internally. Thus we should be ABI compatible with the past release(s)
now. My efforts mentioned below should not break backwards ABI compliance.
Here's how I suggest we proceed with the API:
ares_init() will be primary "channel creator" function.
ares_init_options() will continue to work exactly like now and before. For
starters, it will be the (only) way to set the existing options.
ares_save_options() will continue to work like today, but will ONLY save
options that you can set today (including ARES_OPT_ROTATE actually) but new
options that we add may not be saved with this.
Instead we introduce:
ares_dup() that instead can make a new channel and clone the config used
from an existing channel. It will then clone all config options, including
future new things we add.
ares_set_*() style functions that set (new) config options. As a start we
simply add these for new functionality, but over time we can also introduce
them for existing "struct ares_options" so that we can eventually deprecate
the two ares_*_options() functions.
ares_get_*() style functions for extracting info from a channel handle that
should be used instead of ares_save_options().
* Nov 26 2008 (Yang Tse)
- Brad Spencer provided changes to allow buildconf to work on OS X.
- Gerald Combs fixed a bug in ares_parse_ptr_reply() which would cause a
buffer to shrink instead of expand if a reply contained 8 or more records.
* Nov 25 2008 (Yang Tse)
- In preparation for the upcomming IPv6 nameservers patch, the internal
ares_addr union is now changed into an internal struct which also holds
the address family.
* Nov 19 2008 (Daniel Stenberg)
- Brad Spencer brought the new function ares_gethostbyname_file() which simply
resolves a host name from the given file, using the regular hosts syntax.
* Nov 1 2008 (Daniel Stenberg)
- Carlo Contavalli added support for the glibc "rotate" option, as documented
in man resolv.conf:
causes round robin selection of nameservers from among those listed. This
has the effect of spreading the query load among all listed servers, rather
than having all clients try the first listed server first every time.
You can enable it with ARES_OPT_ROTATE
* Oct 21 2008 (Yang Tse)
Charles Hardin added handling of EINPROGRESS for UDP connects.
* Oct 18 2008 (Daniel Stenberg)
Charles Hardin made adig support a regular numerical dotted IP address for the
-s option as well.
* Oct 7 2008 (Yang Tse)
- Added --enable-optimize configure option to enable and disable compiler
optimizations to allow decoupled setting from --enable-debug.
* Oct 2 2008 (Yang Tse)
- Added --enable-warnings configure option to enable and disable strict
compiler warnings to allow decoupled setting from --enable-debug.
* Sep 17 2008 (Yang Tse)
- Code reorganization to allow internal/private use of "nameser.h" to any
system that lacks arpa/nameser.h or arpa/nameser_compat.h header files.
* Sep 16 2008 (Yang Tse)
- Code reorganization to allow internal/private use of ares_writev to any
system that lacks the writev function.
* Sep 15 2008 (Yang Tse)
- Code reorganization to allow internal/private use of ares_strcasecmp to any
system that lacks the strcasecmp function.
- Improve configure detection of some string functions.
* Sep 11 2008 (Yang Tse)
- Code reorganization to allow internal/private use of ares_strdup to any
system that lacks the strdup function.
Version 1.5.3 (Aug 29, 2008)
* Aug 25 2008 (Yang Tse)
- Improvement by Brad House:
This patch addresses an issue in which a response could be sent back to the
source port of a client from a different address than the request was made to.
This is one form of a DNS cache poisoning attack.
The patch simply uses recvfrom() rather than recv() and validates that the
address returned from recvfrom() matches the address of the server we have
connected to. Only necessary on UDP sockets as they are connection-less, TCP
is unaffected.
- Fix by George Neill:
Fixed compilation of acountry sample application failure on some systems.
* Aug 4 2008 (Daniel Stenberg)
- Fix by Tofu Linden:
The symptom:
* Users (usually, but not always) on 2-Wire routers and the Comcast service
and a wired connection to their router would find that the second and
subsequent DNS lookups from fresh processes using c-ares to resolve the same
address would cause the process to never see a reply (it keeps polling for
around 1m15s before giving up).
The repro:
* On such a machine (and yeah, it took us a lot of QA to find the systems
that reproduce such a specific problem!), do 'ahost www.secondlife.com',
then do it again. The first process's lookup will work, subsequent lookups
will time-out and fail.
The cause:
* init_id_key() was calling randomize_key() *before* it initialized
key->state, meaning that the randomness generated by randomize_key() is
immediately overwritten with deterministic values. (/dev/urandom was also
being read incorrectly in the c-ares version we were using, but this was
fixed in a later version.)
* This makes the stream of generated query-IDs from any new c-ares process
be an identical and predictable sequence of IDs.
* This makes the 2-Wire's default built-in DNS server detect these queries
as probable-duplicates and (erroneously) not respond at all.
* Aug 4 2008 (Yang Tse)
- Autoconf 2.62 has changed the behaviour of the AC_AIX macro which we use.
Prior versions of autoconf defined _ALL_SOURCE if _AIX was defined. 2.62
version of AC_AIX defines _ALL_SOURCE and other four preprocessor symbols
no matter if the system is AIX or not. To keep the traditional behaviour,
and an uniform one across autoconf versions AC_AIX is replaced with our
own internal macro CARES_CHECK_AIX_ALL_SOURCE.
* Aug 1 2008 (Yang Tse)
- Configure process now checks if the preprocessor _REENTRANT symbol is already
defined. If it isn't currently defined a set of checks are performed to test
if its definition is required to make visible to the compiler a set of *_r
functions. Finally, if _REENTRANT is already defined or needed it takes care
of making adjustments necessary to ensure that it is defined equally for the
configure process tests and generated config file.
* Jul 20 2008 (Yang Tse)
- When recvfrom prototype uses a void pointer for arguments 2, 5 or 6 this will
now cause the definition, as appropriate, of RECVFROM_TYPE_ARG2_IS_VOID,
RECVFROM_TYPE_ARG5_IS_VOID or RECVFROM_TYPE_ARG6_IS_VOID.
* Jul 17 2008 (Yang Tse)
- RECVFROM_TYPE_ARG2, RECVFROM_TYPE_ARG5 and RECVFROM_TYPE_ARG6 are now defined
to the data type pointed by its respective argument and not the pointer type.
* Jul 16 2008 (Yang Tse)
- Improved configure detection of number of arguments for getservbyport_r.
Detection is now based on compilation checks instead of linker ones.
- Configure process now checks availability of recvfrom() socket function and
finds out its return type and the types of its arguments. Added definitions
for non-configure systems config files, and introduced macro sreadfrom which
will be used on udp sockets as a recvfrom() wrapper in the future.
* Jul 15 2008 (Yang Tse)
- Introduce definition of _REENTRANT symbol in setup.h to improve library
usability. Previously the configure process only used the AC_SYS_LARGEFILE
macro for debug builds, now it is also used for non-debug ones enabling the
use of configure options --enable-largefile and --disable-largefile which
might be needed for library compatibility. Remove checking the size of
curl_off_t, it is no longer needed.
* Jul 3 2008 (Daniel Stenberg)
- Phil Blundell: If you ask ares_gethostbyname() to do an AF_INET6 lookup and
the target host has only A records, it automatically falls back to an
AF_INET lookup and gives you the A results. However, if the target host has
a CNAME record, this behaviour is defeated since the original query does
return some data even though ares_parse_aaa_reply() doesn't consider it
relevant. Here's a small patch to make it behave the same with and without
the CNAME.
* Jul 2 2008 (Yang Tse)
- Fallback to gettimeofday when monotonic clock is unavailable at run-time.
* Jun 30 2008 (Daniel Stenberg)
- As was pointed out to me by Andreas Schuldei, the MAXHOSTNAMELEN define is
not posix or anything and thus c-ares failed to build on hurd (and possibly
elsewhere). The define was also somewhat artificially used in the windows
port. Now, I instead rewrote the use of gethostbyname to enlarge the host
name buffer in case of need and totally avoid the use of the MAXHOSTNAMELEN
define. I thus also removed the defien from the namser.h file where it was
once added for the windows build.
I also fixed init_by_defaults() function to not leak memory in case if
error.
* Jun 9 2008 (Yang Tse)
- Make libcares.pc generated file for pkg-config include information relative
to the libraries needed for the static linking of c-ares.
* May 30 2008 (Yang Tse)
- Brad House fixed a missing header file inclusion in adig sample program.
Version 1.5.2 (May 29, 2008)
* May 13 2008 (Daniel Stenberg)
- Introducing millisecond resolution support for the timeout option. See
ares_init_options()'s ARES_OPT_TIMEOUTMS.
* May 9 2008 (Yang Tse)
- Use monotonic time source if available, for private function ares__tvnow()
* May 7 2008 (Daniel Stenberg)
- Sebastian made c-ares able to return all PTR-records when doing reverse
lookups. It is not common practice to have multiple PTR-Records for a single
IP, but its perfectly legal and some sites have those.
- Doug Goldstein provided a configure patch: updates autoconf 2.13 usage to
autoconf 2.57 usage (which is the version you have specified as the minimum
version). It's a minor change but it does clean up some warnings with newer
autoconf (specifically 2.62).
* May 5 2008 (Yang Tse)
- Improved parsing of resolver configuration files.
* April 4 2008 (Daniel Stenberg)
- Eino Tuominen improved the code when a file is used to seed the randomizer.
- Alexey Simak made adig support NAPTR records
- Alexey Simak fixed the VC dsp file by adding the missing source file
ares_expand_string.c
* December 11 2007 (Gisle Vanem)
- Added another sample application; acountry.c which converts an
IPv4-address(es) and/or host-name(s) to country-name and country-code.
This uses the service of the DNSBL at countries.nerd.dk.
* December 3 2007 (Daniel Stenberg)
- Brad Spencer fixed the configure script to assume that there's no
/dev/urandom when built cross-compiled as then the script cannot check for
it.
- Erik Kline cleaned up ares_gethostbyaddr.c:next_lookup() somewhat
Version 1.5.1 (Nov 21, 2007)
* November 21 2007 (Daniel Stenberg)
- Robin Cornelius pointed out that ares_llist.h was missing in the release
archive for 1.5.0
Version 1.5.0 (Nov 21, 2007)
* October 2 2007 (Daniel Stenberg)
- ares_strerror() segfaulted if the input error number was out of the currently
supported range.
- Yang Tse: Avoid a segfault when generating a DNS "Transaction ID" in
internal function init_id_key() under low memory conditions.
* September 28 2007 (Daniel Stenberg)
- Bumped version to 1.5.0 for next release and soname bumped to 2 due to ABI
and API changes in the progress callback (and possibly more coming up from
Steinar)
* September 28 2007 (Steinar H. Gunderson)
- Don't skip a server if it's the only one. (Bugfix from the Google tree.)
- Made the query callbacks receive the number of timeouts that happened during
the execution of a query, and updated documentation accordingly. (Patch from
the Google tree.)
- Support a few more socket options: ARES_OPT_SOCK_SNDBUF and
ARES_OPT_SOCK_RCVBUF
- Always register for TCP events even if there are no outstanding queries, as
the other side could always close the connection, which is a valid event
which should be responded to.
* September 22 2007 (Daniel Stenberg)
- Steinar H. Gunderson fixed: Correctly clear sockets from the fd_set on in
several functions (write_tcp_data, read_tcp_data, read_udp_packets) so that
if it fails and the socket is closed the following code doesn't try to use
the file descriptor.
- Steinar H. Gunderson modified c-ares to now also do to DNS retries even when
TCP is used since there are several edge cases where it still makes sense.
- Brad House provided a fix for ares_save_options():
Apparently I overlooked something with the ares_save_options() where it
would try to do a malloc(0) when no options of that type needed to be saved.
On most platforms, this was fine because malloc(0) doesn't actually return
NULL, but on AIX it does, so ares_save_options would return ARES_ENOMEM.
* July 14 2007 (Daniel Stenberg)
- Vlad Dinulescu fixed two outstanding valgrind reports:
1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
int variable) with qid, which is declared as an int variable. Moreover,
DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
sets only the first two bytes of qid. I think that qid should be declared as
"unsigned short" in this function.
2. The same problem occurs in ares_process.c, process_answer() . query->qid
(an unsigned short integer variable) is compared with id, which is an
integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
only the first two bytes of id. I think that the id variable should be
declared as "unsigned short" in this function.
Even after declaring these variables as "unsigned short", the valgrind
errors are still there. Which brings us to the third problem.
3. The third problem is that Valgrind assumes that query->qid is not
initialised correctly. And it does that because query->qid is set from
DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
qbuf has uninitialised bytes because of channel->next_id . And next_id is
set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
in this function (instead of short r) makes all Valgrind warnings go away.
I have studied ares__rc4() too, and this is the offending line:
buffer_ptr[counter] ^= state[xorIndex]; (ares_query.c:62)
This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
and by applying ^= on it, it remains unitialised.
0.6.27
some build fixes
0.6.26
This is mostly a bugfix release but also fixes a low risk security issue and
adds a couple of minor new features.
* Fix CVE-2010-2244 (Ludwig Nussel)
* Support for Gtk+ 3 and Gtk+ Introspection
* Native systemd socket activation support
* Add systemd service files
* Add various resource control options, for traffic rate limiting as well as
cache size and D-Bus client object limits.
* i18n updates
* Minor other updates
This is a ground-up rewrite of Perspective Broker, which itself is Twisted's
native RPC/RMI protocol (Remote Procedure Call / Remote Method Invocation).
If you have control of both ends of the wire, and are thus not constrained to
use some other protocol like HTTP/XMLRPC/CORBA/etc, you might consider using
Foolscap.
Fundamentally, Foolscap allows you to make a python object in one process
available to code in other processes, which means you can invoke its methods
remotely. This includes a data serialization layer to convey the object
graphs for the arguments and the eventual response, and an object reference
system to keep track of which objects you are connecting to. It uses a
capability-based security model, such that once you create a non-public
object, it is only accessible to clients to whom you've given the
(unguessable) FURL. You can of course publish world-visible objects that
have well-known FURLs.
* Partially rewritten ntop processing engine to address reliability and
performance
* Several bugs and stability issues fixed
* Added better support for IPFIX and NetFlow v9, as well as ntop PEN
(Private Enterprise Number)
* Added support for Cisco ASA firewalls
* Added ntop engine scriptability via the python programming language
* Added RRDalarm plugin for generating alerts based on thresholds
* Improved google maps integration
* Enhanced sFlow support
Some of the highlights are:
o [NSE] Added more scripts, bringing the total to 131!
o Performed a major OS detection integration run.
o Performed a large version detection integration run.
o [Zenmap] Added the ability to print Nmap output to a printer.
o [Nmap, Ncat, Nping] The default unit for time specifications is now
seconds, not milliseconds, and times may have a decimal point.
o Ports are now considered open during a SYN scan if a SYN packet
(without the ACK flag) is received in response.
o [Ncat] In listen mode, the --exec and --sh-exec options now accept a
single connection and then exit, just like in normal listen mode.
o UDP payloads are now stored in an external data file, nmap-payloads,
instead of being hard-coded in the executable.
o Added a new library, libnetutil, which contains about 2,700 lines of
networking related code which is now shared between Nmap and Nping
o Improved service detection match lines.
o Improved our brute force password guessing list by mixing in some
data sent in by Solar Designer of John the Ripper fame.
o [Zenmap] IP addresses are now sorted by octet rather than their
string representation.
o [Ncat] When receiving a connection/datagram in listen mode, Ncat now
prints the connecting source port along with the IP address.
o Added EPROTO to the list of known error codes in service scan.
o Updated IANA IP address space assignment list for random IP (-iR)
generation.
o Zenmap's "slow comprehensive scan profile" has been modified to use
the best 7-probe host discovery combination we were able to find in
extensive empirical testing
o Zenmap now lets you save scan results in normal Nmap text output
format or (as before) as XML.
o [NSE] Raw packet sending at the IP layer is now supported, in
addition to the existing Ethernet sending functionality.
o Nmap now honors routing table entries that override interface
addresses and netmasks.
o [Ncat] The HTTP proxy server now accepts client connections over
SSL, and added support for HTTP digest authentication of proxies, as
both client and server.
o Improved the MIT Kerberos version detection signatures.
Plus many bugfixes and improvements.
For full changelog, see http://nmap.org/changelog.html
Feature improvements
* Add radmin command "stats detail <file>" to see what
is going on inside of a detail file reader.
* Added documentation for CoA. See raddb/sites-available/coa
* Add sub-option support for Option 82. See dictionary.dhcp
* Add "server" field to default SQL NAS table, and documented it.
Bug fixes
* Reset "received ping" counter for Status-Server checks. In some
corner cases it was not getting reset.
* Handle large VMPS attributes.
* Count accounting responses from a home server in SNMP / statistics
code.
* Set EAP-Session-Resumed = Yes, not "No" when session is resumed.
* radmin packet counter statistics are now unsigned, for numbers
2^31..2^32. After that they roll over to zero.
* Be more careful about expanding data in PAP and MS-CHAP modules.
This prevents login failures when passwords contain '{'.
* Clean up zombie children if there were many "exec" modules being
run for one packet, all with "wait = no".
* re-open log file after HUP.
* Fix "no response to proxied packet" complaint for Coa / Disconnect
packets. It shouldn't ignore replies to packets it sent.
* Calculate IPv6 netmasks correctly.
* Fix SQL module to re-open sockets if they unexpectedly close.
* Track scope for IPv6 addresses. This lets us use link-local
addresses properly.
* Updated Makefiles to no longer use the shell for recursing into
subdirs. "make -j 2" should now work.
* Updated raddb/sql/mysql/ippool.conf to use "= NULL".
* Updated Makefiles so that "make reconfig" no longer uses the shell
for recursing into subdirs, and re-builds all "configure" files.
* Used above method to regenerate all configure scripts.
* Updated SQL module to allow "server" field of "nas" table
to be blank: "". This means the same as it being NULL.
* Fixed regex realm example. Create Realm attribute with value
of realm from User-Name, not from regex.
* If processing a DHCP Discover returns "fail / reject", ignore
the packet rather than sending a NAK.
* Allow '%' to be escaped in sqlcounter module.
* Fix typo internal hash table.
* For PEAP and TTLS, the tunneled reply is added to the reply,
rather than integrated via the operators. This allows multiple
VSAs to be added, where they would previously be discarded.
* Make request number unsigned. This changes nothing other than
the debug output when the server receives more than 2^31 packets.
* Don't block when reading child output in 'exec wait'. This means
that blocked children get killed, instead of blocking the server.
* Enabled building without any proxy functionality
* radclient now prefers IPv4, to match the default server config.
* Print useful error when a realm regex is invalid
* relaxed rules for preprocess module "with_cisco_vsa_hack". The
attributes can now be integer, ipaddr, etc. (i.e. non-string)
* Allow rlm_ldap to build if ldap_set_rebind_proc() has only
2 arguments.
* Update configure script for rlm_python to avoid dynamic linking
problems on some platforms.
* Do suid to "user" when running in debug mode as root
* Make "allow_core_dumps" work in more situations.
* In detail file reader, treat bad records as EOF.
This allows it to continue working when the disk is full.
* Fix Oracle default accounting queries to work when there are no
gigawords attributes. Other databases already had the fix.
* Fix rlm_sql to show when it opens and closes sockets. It already
says when it cannot connect, so it should say when it can connect.
* "chmod -x" for a few C source files.
* Pull update spec files, etc. from RedHat into the redhat/ directory.
* Allow spaces when parsing integer values. This helps people who
put "too much" into an SQL value field.
snmpd:
- Change default AgentX target from 0.0.0.0:705 to localhost:705
- Fix CVE-2008-4309 (GETBULK issue reported by Oscar Mira-Sanchez)
- Fix handling of multiple matching VACM entries
(Use the "best" match, rather than the first one).
Note that this could potentially affect the behaviour of
existing access control configurations.
- Latch large-disk statistics at 2Tb (rather than wrapping)
Linux:
- Fix build on modern distributions (using rpm-4.6)
Windows:
- Fix various builds (recent MSVC, MinGW, IPv6, winExtDLL)
Changes in 2.1.3
================
* FIX: afpd: fix a serious error in networking IO code
* FIX: afpd: Solaris 10 compatibilty fix: don't use SO_SNDTIMEO, use
non-blocking IO and select instead for writing/sending data.
* UPD: Support for BerkeleyDB 5.0.
Changes in 2.1.2
================
* FIX: afpd: fix for possible crash in case more then one server is
configured in afpd.conf.
* FIX: afpd: ExtendedAttributes in FreeBSD
* FIX: afpd: sharing home folders corrupted the per volume umask.
* UPD: afpd: umask for home folders is no longer taken from startup umask.
* UPD: afpd: dont and permissions with parent folder when creating new
directories on "upriv" volumes.
* UPD: afpd: use 'afpserver@fqdn' instead of 'afpserver/fqdn@realm'.
Prevents a crash in older GNU GSSAPI libs on eg. CentOS 5.x.
Changes in 2.1.1
================
* UPD: fallback to a temporary in memory tdb CNID database if the volume
database can't be opened now works with the default backend "dbd" too.
* FIX: afpd: afp_ldap.conf was missing from tarball. This only effected
[Open]Solaris.
* FIX: afpd: Check if options->server is set in set_signature, preventing
SIGSEGV.
* FIX: afpd: server signature wasn't initialized in some cases
* FIX: DESTDIR support: DESTDIR was expanded twice
* FIX: Fix for compilation error if header files of an older Netatalk
version are installed.
Changes in 2.1-release
======================
* NEW: afpd: new volume option "volsizelimit" for limitting reported volume
size. Useful for limitting TM backup size.
* UPD: dbd: -c option for rebuilding volumes which prevents the creation
of .AppleDouble stuff, only removes orphaned files.
Changes in 2.1-beta2
====================
* NEW: afpd: static generated AFP signature stored in afp_signature.conf,
cf man 5 afp_signature.conf
* NEW: afpd: clustering support: new per volume option "cnidserver".
* UPD: afpd: set volume defaults options "upriv" and "usedots" in the
volume config file AppleVolumes.default. This will only affect
new installations, but not upgrades.
* FIX: afpd: prevent security attack guessing valid server accounts. afpd
now returns error -5023 for unknown users, as does AppleFileServer.
Changes in 2.1-beta1
====================
* NEW: afpd: AFP 3.2 support
* NEW: afpd: Extended Attributes support using native attributes or
using files inside .AppleDouble directories.
* NEW: afpd: ACL support with ZFS
* NEW: cnid_metad: options -l and -f to configure logging
* NEW: IPv6 support
* NEW: AppleDouble compatible UNIX files utility suite `ad ...`.
With 2.1 only `ad ls`.
* NEW: CNID database maintanance utility dbd
* NEW: support BerkeleyDB upgrade. Starting with the next release
after 2.1 in case of BerkeleyDB library updates, Netatalk
will be able to upgrade the CNID databases.
* NEW: afpd: store and read CNIDs to/from AppleDouble files by default.
This is used as a cache and as a backup in case the database
is deleted or corrupted. It can be disabled with a new volume
option "nocnidcache".
* NEW: afpd: sending SIGINT to a child afpd process enables debug logging
to /tmp/afpd.PID.XXXXXX.
* NEW: configure args to download and install a "private" Webmin instance
including only basic Webmin modules plus our netatalk.wbm.
* NEW: fallback to a temporary in memory tdb CNID database if the volume
database can't be opened.
* NEW: support for Unicode characters in the range above U+010000 using
internal surrogate pairs
* NEW: apple_dump: utility to dump AppleSingle and AppleDouble files
* NEW: afpldaptest: utility to check afp_ldap.conf.
* UPD: atalkd and papd are now disabled by default. AppleTalk is legacy.
* UPD: slp advertisement is now disabled by default. server option -slp
SRVLOC is legacy.
* UPD: cdb/dbd CNID backend requires BerkeleyDB >= 4.6
* UPD: afpd: default CNID backend is "dbd"
* UPD: afpd: try to install PAM config that pulls in system|common auth
* UPD: afpd: symlink handling: never followed server side, client resolves
them, so it's safe to use them now.
* UPD: afpd: Comment out all extension->type/creator mappings in
AppleVolumes.system. They're unmaintained, possibly wrong and
do not fit for OS X.
* FIX: rewritten logger
* FIX: afpd: UNIX permissions handling
* FIX: cnid_dbd: always use BerkeleyDB transactions
* FIX: initscripts installation now correctly uses autoconf paths,
ie they're installed to --sysconfdir.
* FIX: UTF-8 volume name length
* FIX: atalkd: workaround for broken Linux 2.6 AT kernel module:
Linux 2.6 sends broadcast queries to the first available socket
which is in our case the last configured one. atalkd now tries to
find the right one.
Note: now a misconfigured or plugged router can broadcast a wrong route !
* REM: afpd: removed CNID backends "db3", "hash" and "mtab"
* REM: cnid_maint: use dbd
* REM: cleanappledouble.pl: use dbd
* REM: nu: use `macusers` instead
S3cmd lets you copy files from/to Amazon S3 (Simple Storage Service) using a
simple to use command line client. Supports rsync-like backup, GPG encryption,
and more. Also supports management of Amazon's CloudFront content delivery
network.
* added dnssec support.
* new setting cmd:stifle-rl-history to limit command history size.
* fixed exit code of mget/mput.
* fixed compilation on some systems.
* fixed crash of `cls -s' on MacOS X x64.
* torrent: don't try to connect back to peers which connected to us.
* rancid: remove sequences from IPv6 prefix-lists
* clogin: adjust default ssh password prompt for ExtremeOS 12.3.3.6
* rancid: Accept '>' prompt, rather than just '#'
* avologin: fix ssh command substitution
* fnrancid: filter application signature, System Time & conf_file_ver=
from GetSystem/GetConf
* mrvrancid: filter other oscillating info from show version
* xrrancid: disable timestamps
* hlogin: implement -autoenable for newer hp procurve releases
* cat5rancid: snmp community may have multiple spaces b/t community name
and permissions
* cat5rancid: filter local user password
* f5rancid: filter Failover time stamps
* hlogin: Add support for ssh identity file & passphrase for newer boxes
* rancid: split IOS-XR into its own device type: cisco-xr
* clogin: set term width for catos like for ios.
* rancid: parse admin show diag for XR better with a separate function
* hlogin: hpuifilter got omitted from the ssh spawn; replace it.
* nxrancid: match unknown command errors appropriately & GC some junk
carried-over from IOS-rancid.
* rancid: check for device busy when opening flash fails, which seems to
occur on 6500s when some other command is run.
* *login: support :port method syntax for ssh and adjust to allow spaces
in sshcmd
* jrancid: fix return values of formatting functions
* clogin: set terminal width so that o/p is consistent
* rancid: filter some crud resulting from the change in handling non-empty
comment lines. fail if the configuration buffer fills. filter
dhcp_[^[:space:].].txt from flash directories, so it does not create
constant changes resulting from the ip dhcp database saves. filter ldap host
password on PIX. when compressing consecutive comment lines, only consider
empty lines.
* arancid: handle password filter for HP 1:10Gb Ethernet Blade Switch
5.0.4-Base, running AOS
* *login: add cloginrc timeout directive
* nrancid: fix control number match
* rancid: remove ASA coredump* filter - Cisco Bug CSCsz85597, fixed in
8.2(1.2), 8.3(0.0), 100.3(0.3)M
* f5rancid: adjust fan rpm and config sync time filters for new f5 code
* rancid: ACE/SANOS report invalid input differently. skip leading blank lines
in config.remove ASA keys such as tacacs and radius. match non-space for
usernames in "Written by" line.
* *rancid: quote meta characters
* rancid: Fail on error msg "% Configuration buffer full" seen on 6500. Dont
filter 'show vlan' on Catalyst 3550/4500s
* import Arista script
* jerancid: fix for 'show environment all' for filtering with auto-sync
on BRASes
* francid,flogin: edgeiron can not disable the pager and does not offer
some commands found on the bigirons
* rancid: filter coredumpinfo/coredump.cfg found on ASA - rancid-discuss@
* f5rancid: fileter HA peer status
* WTI scripts from Geert Jan de Groot with a few tweaks
* jerancid: include standby slots in showversion o/p
* lg: add code for LG_SINGLE config knob
* clogin: run_commands() needs do_saveconfig
* f10rancid: change fan status parsing to handle c300
* nxrancid: collect license info; fix 'show env temp' & 'show
env power' parsing; drop unused code.
* change zero-config check to avoid broken awks
Upstream changes:
0.99 July 13 2010
- Add customizable check_for_spawn and min_child_ttl settings in PreFork (Graham Barr)
- Add other_child_died_hook (Daniel Kahn Gillmor)
- Make Multiplex do $mux->add($sock) for UDP sockets (Kristoffer Møllerhøj)
- Change Net::Server::Daemonize to use kill 0 rather than the unportable `ps`
- Fix calling conventions of MultiType
- Avoid select in SSLEAY that was allowing for infinite spin loop
- Fix tie_stdout mode to not warn about unopen handles.
- Added Net::Server::HTTP base class for basic HTTP daemon handling.
- Change examples/httpd to use Net::Server::HTTP
0.98 May 05 2010
- Add SSLeay proto - finally a workable SSL solution.
- Add minimal Net::Server::TiedHandle to allow for STDIN and STDOUT to work with SSLEAY
- Net::Server::TiedHandle also support tied_stdin_callback and tied_stdout_callback
Feb 08 2008
- Allow for port => 0 which lets the OS auto assign a port on some OSes (Blackie Hlasek)
- Add idle_loop_hook to PreForkSimple and PreFork (David Zuhn)
- Add consistent formatting capabilities to the log method (whethere Syslog is used or not) (David Zuhn)
- Warn when default listen value is used - try to make it a sensible default (Mark Martinec)
- Allow for non-zero exit value - particularly when called from fatal (David Schweikert)
--- 9.7.1-P2 released ---
2931. [security] Temporarily and partially disable change 2864
because it would cause inifinite attempts of RRSIG
queries. This is an urgent care fix; we'll
revisit the issue and complete the fix later.
[RT #21710]
--- 9.7.1-P1 released ---
2926. [rollback] Temporarially rollback change 2748. [RT #21594]
2925. [bug] Named failed to accept uncachable negative responses
from insecure zones. [RT# 21555]
Based on PR#43610 by Wen Heping.
While here, convert tclsh related matters to use pkgsrc frameworks.
--- 4.0.11 2010/07/09
CCL fixes: bug 2895 and bug 3539.
GR1-display: add comma in display - was removed by mistake in
version 4.0.0.
Windows installer: bundle MSVCP90.dll - used by icuuc42.dll.
SRU: Merge cookies on HTTP redirects (Giannis Kosmas <kosmas@lib.uoc.gr>).
--- 4.0.10 2010/06/18
ZOOM C: Add ZOOM_resultset_release. ZOOM_resultset_release releases a
result set from a connection. The result set will be on its own
thereafter; no operations on it will perform retrievals from a target.
Only cached copies are returned.
ZOOM C:fix case for HTTP servers responding with Connection:close.
Ensure that if there is a current task it is resumed (like fetching
more records in a result set) . Bug #3484.
PQF parser: use odr_atoi for Odr_int (not atoi)
Minor PQF encoding and decoding changes; reformat. PQF decoding: attribute
values that contain any non-digits are treated as string attributes
(previously decoding only checked for leading character ([0-9]). PQF
encoding: attribute string values are not surrounded by double-quotes.
* fix "P_DETACH" and Pod::Usage issues with perl 5.12
* relax cfgmaker option parsing when figuring whether to test for highspeed
counters or not.
* fix sorting of numbered interface names index maker
* belarusian translation for mrtg 2.16
Changes 2.16.3:
* three new config options to compliment the existing
RRDRowCount option to explicitly set the size of all RRAs
* allow to rename target in the clonedirectory option
* add import to the require File::Copy
* support multiple options in ifdesc and ifref setting for cfgmaker
* teach cfgmaker about nortel switches
* make sure rates over 4G work too
* allow group and user option to be set to roo
Changes from dhcpcd-5.2.4 include:
* Always daemonise in master mode as some interface up/downs can trigger timeout
* Improved NTP handling on Debian based systems
* dhcpcd -n will now re-read the configuration file
This switches to the gnome-2.30 release branch.
pkgsrc note: added "telepathy" option for integration with the
telepathy/farsight framework (defaults to "off" for now)
--- 9.7.1 released ---
--- 9.7.1rc1 released ---
2909. [bug] named-checkconf -p could die if "update-policy local;"
was specified in named.conf. [RT #21416]
2908. [bug] It was possible for re-signing to stop after removing
a DNSKEY. [RT #21384]
2907. [bug] The export version of libdns had undefined references.
[RT #21444]
2906. [bug] Address RFC 5011 implementation issues. [RT #20903]
2905. [port] aix: set use_atomic=yes with native compiler.
[RT #21402]
2904. [bug] When using DLV, sub-zones of the zones in the DLV,
could be incorrectly marked as insecure instead of
secure leading to negative proofs failing. This was
a unintended outcome from change 2890. [RT# 21392]
2903. [bug] managed-keys-directory missing from namedconf.c.
[RT #21370]
--- 9.7.1b1 released ---
2902. [func] Add regression test for change 2897. [RT #21040]
2901. [port] Use AC_C_FLEXIBLE_ARRAY_MEMBER. [RT #21316]
2900. [bug] The placeholder negative caching element was not
properly constructed triggering a INSIST in
dns_ncache_towire(). [RT #21346]
2899. [port] win32: Support linking against OpenSSL 1.0.0.
2898. [bug] nslookup leaked memory when -domain=value was
specified. [RT #21301]
2897. [bug] NSEC3 chains could be left behind when transitioning
to insecure. [RT #21040]
2896. [bug] "rndc sign" failed to properly update the zone
when adding a DNSKEY for publication only. [RT #21045]
2895. [func] genrandom: add support for the generation of multiple
files. [RT #20917]
2894. [contrib] DLZ LDAP support now use '$' not '%'. [RT #21294]
2893. [bug] Improve managed keys support. New named.conf option
managed-keys-directory. [RT #20924]
2892. [bug] Handle REVOKED keys better. [RT #20961]
2891. [maint] Update empty-zones list to match
draft-ietf-dnsop-default-local-zones-13. [RT# 21099]
2890. [bug] Handle the introduction of new trusted-keys and
DS, DLV RRsets better. [RT #21097]
2889. [bug] Elements of the grammar where not properly reported.
[RT #21046]
2888. [bug] Only the first EDNS option was displayed. [RT #21273]
2887. [bug] Report the keytag times in UTC in the .key file,
local time is presented as a comment within the
comment. [RT #21223]
2886. [bug] ctime() is not thread safe. [RT #21223]
2885. [bug] Improve -fno-strict-aliasing support probing in
configure. [RT #21080]
2884. [bug] Insufficient valadation in dns_name_getlabelsequence().
[RT #21283]
2883. [bug] 'dig +short' failed to handle really large datasets.
[RT #21113]
2882. [bug] Remove memory context from list of active contexts
before clearing 'magic'. [RT #21274]
2881. [bug] Reduce the amount of time the rbtdb write lock
is held when closing a version. [RT #21198]
2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke
consistent. [RT #21078]
2879. [contrib] DLZ bdbhpt driver fails to close correct cursor.
[RT #21106]
2878. [func] Incrementally write the master file after performing
a AXFR. [RT #21010]
2877. [bug] The validator failed to skip obviously mismatching
RRSIGs. [RT #21138]
2876. [bug] Named could return SERVFAIL for negative responses
from unsigned zones. [RT #21131]
2875. [bug] dns_time64_fromtext() could accept non digits.
[RT #21033]
2874. [bug] Cache lack of EDNS support only after the server
successfully responds to the query using plain DNS.
[RT #20930]
2873. [bug] Canceling a dynamic update via the dns/client module
could trigger an assertion failure. [RT #21133]
2872. [bug] Modify dns/client.c:dns_client_createx() to only
require one of IPv4 or IPv6 rather than both.
[RT #21122]
2871. [bug] Type mismatch in mem_api.c between the definition and
the header file, causing build failure with
--enable-exportlib. [RT #21138]
2870. [maint] Add AAAA address for L.ROOT-SERVERS.NET.
2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call.
[RT #20877]
2868. [cleanup] Run "make clean" at the end of configure to ensure
any changes made by configure are integrated.
Use --with-make-clean=no to disable. [RT #20994]
2867. [bug] Don't set GSS_C_SEQUENCE_FLAG as Windows DNS servers
don't like it. [RT #20986]
2866. [bug] Windows does not like the TSIG name being compressed.
[RT #20986]
2865. [bug] memset to zero event.data. [RT #20986]
2864. [bug] Direct SIG/RRSIG queries were not handled correctly.
[RT #21050]
2863. [port] linux: disable IPv6 PMTUD and use network minimum MTU.
[RT #21056]
2862. [bug] nsupdate didn't default to the parent zone when
updating DS records. [RT #20896]
2861. [doc] dnssec-settime man pages didn't correctly document the
inactivation time. [RT #21039]
2860. [bug] named-checkconf's usage was out of date. [RT #21039]
2859. [bug] When cancelling validation it was possible to leak
memory. [RT #20800]
2858. [bug] RTT estimates were not being adjusted on ICMP errors.
[RT #20772]
2857. [bug] named-checkconf did not fail on a bad trusted key.
[RT #20705]
2856. [bug] The size of a memory allocation was not always properly
recorded. [RT #20927]
2853. [bug] add_sigs() could run out of scratch space. [RT #21015]
2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619]
2851. [doc] nslookup.1, removed <informalexample> from the docbook
source as it produced bad nroff. [RT #21007]
2850. [bug] If isc_heap_insert() failed due to memory shortage
the heap would have corrupted entries. [RT #20951]
Several bugs in encoding and refreshing in Konsole have been fixed
A couple of crashes in Okular's PDF viewer have been fixed
Alarms have received some fixes in KDE PIM
The changelog lists more, if not all improvements since KDE SC 4.4.4.
Changelog:
* Fix transfer statusbar regression introduced in the release candidate
* Do not include IPv6 zone index in the argument to the EPRT command
* Correct tab order in filter edit and search dialogs
* *nix: Revert cursor changes
* Added "does not contain" filter condition to name and path filter types
* Pressing Alt+Left or Alt+Up (Cmd+Left, Cmd+Up on OS X) in file lists enters parent directory
* Pressing Alt+Down (Cmd+Down on OS X) in file lists transfers selected items
* Pressing Alt+Right (Cmd+Right on OS X) in file lists activates selected item(s)
* Add operating system information to about dialog
* MSW: Auto-update check now transmits whether the operating system is 32bit or 64bit
* Small performance improvements, mostly benefiting *nix users
* OS X: Remember hidden state of toolbar, make quickconnect bar look more Mac-ish
* Add option to display momentary transfer speed instead of average speed
* Fix problem with rekeying of SFTP connections if not permanently trusting the server's hostkey
* Certificate details dialog no longer changes size if selecting a different certificate in the chain
* Some dialogs did not display icons using the correct size
* Show "Not connected" instead of "Empty directory" in remote filelist statusbar if not connected
* MSW: Replace some additional characters not allowed in filenames on MSW
* MSW: Selecting files while holding Ctrl+Shift no longer shows incorrect values in the filelist status bars
