bindings for the ldns library.
The package description:
DNS::LDNS is a perl OO-wrapper for the ldns library. For a detailed
description on how this library works, you are advised to read the ldns
documentation. For a functional description of the wrapper classes,
please read the perldoc for DNS::LDNS and subclasses.
For the complete change log of the ldns container, see ../../net/ldns.
Changes relevant to drill:
* README now shows preferred way to configure for examples and drill.
* Bind to source address for resolvers. drill binds to source with -I.
Thanks Bryan Duff.
* bugfix #497: Properly test for EOF when reading key files with drill.
* bugfix #521: drill trace continue on empty non-terminals with NSEC3
* New RR types HIP, NINFO, RKEY, CDS, EUI48, EUI64, URI, CAA and TA.
Pkgsrc changes:
* adapt PLIST (1 new file installed)
* fix name of patch file
Upstream changes:
1.6.17 2014-01-10
* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
zone to be an NSEC3 (or its RRSIG) covering an empty non terminal.
* Add --disable-dane option to configure and check availability of the
for dane needed X509_check_ca function in openssl.
* bugfix #490: Get rid of type-punned pointer warnings.
Thanks Adam Tkac.
* Make sure executables are linked against libcrypto with the
LIBSSL_LDFLAGS. Thanks Leo Baltus.
* Miscellaneous prototype fixes. Thanks Dag-Erling Smørgrav.
* README now shows preferred way to configure for examples and drill.
* Bind to source address for resolvers. drill binds to source with -I.
Thanks Bryan Duff.
* -T option for ldns-dane that has specific exit status for PKIX
validated connections without (secure) TLSA records.
* Fix b{32,64}_{ntop,pton} detection and handling.
* New RR type TKEY, but without operational practice.
* New RR types HIP, NINFO, RKEY, CDS, EUI48, EUI64, URI, CAA and TA.
* New output format flag (and accompanying functions) to print certain
RR's as unknown type
* -u and -U parameter for ldns-read-zone to mark/unmark a RR type
for printing as unknown type
* bugfix #504: GPOS RR has three rdata fields. Thanks Jelte Jansen.
* bugfix #497: Properly test for EOF when reading key files with drill.
* New functions: ldns_pkt_ixfr_request_new and
ldns_pkt_ixfr_request_new_frm_str.
* Use SNI with ldns-dane
* bugfix #507: ldnsx Fix use of non-existent variables and not
properly referring to instance variable. Patch from shussain.
* bugfix #508: ldnsx Adding NSEC3PARAM to known/allowable RR type
dictionary. Patch from shussain.
* bugfix #517: ldns_resolver_new_frm_fp error when invoked using a NULL
file pointer.
* Fix memory leak in contrib/python: ldns_pkt.new_query.
* Fix buffer overflow in fget_token and bget_token.
* ldns-verify-zone NSEC3 checking from quadratic to linear performance.
Thanks NIC MX (nicmexico.mx)
* ldns-dane setup new ssl session for each new connect to prevent hangs
* bugfix #521: drill trace continue on empty non-terminals with NSEC3
* bugfix #525: Fix documentation of ldns_resolver_set_retry
* Remove unused LDNS_RDF_TYPE_TSIG and associated functions.
* Fix ldns_nsec_covers_name for zones with an apex only. Thanks Miek.
* Configure option to build perl bindings: --with-p5-dns-ldns
(DNS::LDNS is a contribution from Erik Ostlyngen)
* bugfix #527: Move -lssl before -lcrypto when linking
* Optimize TSIG digest function name comparison (Thanks Marc Buijsman)
* Compare names case insensitive with ldns_pkt_rr_list_by_name and
ldns_pkt_rr_list_by_name_and_type (thanks Johannes Naab)
* A separate --enable for each draft RR type: --enable-rrtype-ninfo,
--enable-rrtype-rkey, --enable-rrtype-cds, --enable-rrtype-uri and
--enable-rrtype-ta
* bugfix #530: Don't sign and verify duplicate RRs (Thanks Jelte Jansen)
* bugfix #505: Manpage and usage output fixes (Thanks Tomas Hozza)
* Adjust ldns_sha1() so that the input data is not modified (Thanks
Marc Buijsman)
* Messages to stderr are now off by default and can be reenabled with
the --enable-stderr-msgs configure option.
Features
* drop Ruby 1.9 support.
* activity
* blushup activity setting UI
* extract
* scrollable with many data sources
* hierachized data source
* list
* obsolate list tab, list data source is provided instead.
* openimg
* support multi image attachment tweet
* profile
* scrollable with may belong list tab
* uitranslate
* new language, Kansai accent
API
* Add `defined_time' Plugin DSL method to retrieve plugin loaded time
* obsolate MessageConverter, add functional to rewrite Message for Entity
===========
2014/10/31 : 1.5.8
- BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped
- BUG/BUILD: revert accidental change in the makefile from latest SSL fix
2014/10/30 : 1.5.7
- BUG/MEDIUM: regex: fix pcre_study error handling
- BUG/MINOR: log: fix request flags when keep-alive is enabled
- MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
- MINOR: ssl: add statement to force some ssl options in global.
- BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
- BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
- BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
2014/10/18 : 1.5.6
- BUG/MEDIUM: systemd: set KillMode to 'mixed'
- MINOR: systemd: Check configuration before start
- BUG/MEDIUM: config: avoid skipping disabled proxies
- BUG/MINOR: config: do not accept more track-sc than configured
- BUG/MEDIUM: backend: fix URI hash when a query string is present
2014/10/08 : 1.5.5
- DOC: Address issue where documentation is excluded due to a gitignore rule.
- MEDIUM: Improve signal handling in systemd wrapper.
- BUG/MINOR: config: don't propagate process binding for dynamic use_backend
- MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
- DOC: clearly state that the "show sess" output format is not fixed
- MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
- DOC: indicate in the doc that track-sc* can wait if data are missing
- MEDIUM: http: enable header manipulation for 101 responses
- BUG/MEDIUM: config: propagate frontend to backend process binding again.
- MEDIUM: config: properly propagate process binding between proxies
- MEDIUM: config: make the frontends automatically bind to the listeners' processes
- MEDIUM: config: compute the exact bind-process before listener's maxaccept
- MEDIUM: config: only warn if stats are attached to multi-process bind directives
- MEDIUM: config: report it when tcp-request rules are misplaced
- MINOR: config: detect the case where a tcp-request content rule has no inspect-delay
- MEDIUM: systemd-wrapper: support multiple executable versions and names
- BUG/MEDIUM: remove debugging code from systemd-wrapper
- BUG/MEDIUM: http: adjust close mode when switching to backend
- BUG/MINOR: config: don't propagate process binding on fatal errors.
- BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
- BUG/MINOR: tcp-check: report the correct failed step in the status
- DOC: indicate that weight zero is reported as DRAIN
The biggest changes since the 4.2 release include:
- Reintroduction of a tabbed torrent list widget, though a bit different
then the old tab widget from the 4.1 days.
- Improved support for magnet links
- Support for removable storage
- A whole bunch of bugfixes and smaller improvements over ktorrent
Also add patches to build with latest boost.
The biggest changes since the 4.2 release include:
- Reintroduction of a tabbed torrent list widget, though a bit different
then the old tab widget from the 4.1 days.
- Improved support for magnet links
- Support for removable storage
- A whole bunch of bugfixes and smaller improvements over ktorrent
20141101:
* fix passing file descriptors through sockets on NetBSD, so that
scamper can actually work with privsep on NetBSD.
* use arc4random on all platforms where available. silences build on
OpenBSD.
* increase size of flags array for warts_dealias_data_t so that all
of the prefixscan flags can fit. pointed out by OpenBSD gcc.
* silence build on NetBSD by casting parameter to isspace from char
to int.
* silence a couple spurious clang scan-build warnings with assert
statements.
20141031:
In this Halloween release of scamper:
* work to make scamper compile and work on windows again. use
O_BINARY so that output warts files are not corrupted, set the timer
granularity to 1ms, and handle polling/reading files outside of
select(). Thanks to Philip Ramsey of Renesys for reporting these
bugs and supplying the O_BINARY and timer fixes. as part of trying
to track down the output corruption I added malloc_zero everywhere,
in vain, but kept it in scamper out of an abundance of caution.
* detangle scamper_fd_t from scamper_writebuf_t.
* in ping,
- set a timeout after sending a PTB
- print reply_ipid in json output for ipv6 echo replies, bump
json version.
* update scamper -O options in the usage statement, and in the
manual page
20140530:
* FreeBSD 10 onwards no longer byte swaps some fields in the quotation of
a received ICMP error message. chase this in scamper.
* Minor modifications to make scamper compile on Windows 7 using
Visual Studio Express 2013 for Windows Desktop.
* print ping flags in sc_wartsdump and scamper's json output.
email alias tied to this mailing list, please let me know.
20140404:
* allow scamper to be built in debug mode on FreeBSD after version 10.
* in scamper-ping, support a probe frequency smaller than once every
second. minimum is now once a millisecond.
* handle fragmented responses in linux and sunos correctly.
this is important for IPv6 IP-ID based alias resolution techniques
(e.g. speedtrap, ally, radargun) on those platforms.
* numerous bugfixes and improvements to sc_ally pair-wise alias
resolution utility, the most important being that it will reliably
complete now.
14.4.1
======
Bugfixes for 14.4
- SyntaxError on Python 2.6 in zmq.ssh
- Handle possible bug in garbage collection after fork
14.4.0
======
New features:
- Experimental support for libzmq-4.1.0 rc (new constants, plus :func:`zmq.has`).
- Update bundled libzmq to 4.0.5
- Update bundled libsodium to 1.0.0
- Fixes for SSH dialogs when using :mod:`zmq.ssh` to create tunnels
- More build/link/load fixes on OS X and Solaris
- Get Frame metadata via dict access (libzmq 4)
- Contexts and Sockets are context managers (term/close on ``__exit__``)
- Add :class:`zmq.utils.win32.allow_interrupt` context manager for catching SIGINT on Windows
Bugs fixed:
- Bundled libzmq should not trigger recompilation after install on PyPy
14.3.1
======
.. note::
pyzmq-14.3.1 is the last version to include bdists for Python 3.3
Minor bugfixes to pyzmq 14.3:
- Fixes to building bundled libzmq on OS X < 10.9
- Fixes to import-failure warnings on Python 3.4
- Fixes to tests
- Pull upstream fixes to zmq.ssh for ssh multiplexing
0MQ version 4.0.5 stable, released on 2014/10/14
================================================
* Fixed#1191; CURVE mechanism does not verify short term nonces.
* Fixed#1190; stream_engine is vulnerable to downgrade attacks.
* Fixed#1088; assertion failure for WSAENOTSOCK on Windows.
* Fixed#1015; race condition while connecting inproc sockets.
* Fixed#994; bump so library number to 4.0.0
* Fixed#939, assertion failed: !more (fq.cpp:99) after many ZAP requests.
* Fixed#872; lost first part of message over inproc://.
* Fixed#797, keep-alive on Windows.
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2014-20
SigComp UDVM buffer overflow. (Bug 10662)
CVE-2014-8710
* wnpa-sec-2014-21
AMQP crash. (Bug 10582) CVE-2014-8711
* wnpa-sec-2014-22
NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712
CVE-2014-8713
* wnpa-sec-2014-23
TN5250 infinite loops. (Bug 10596) CVE-2014-8714
The following bugs have been fixed:
* 6LoWPAN Mesh headers not treated as encapsulating address.
(Bug 10462)
* UCP dissector bug of operation 31 - PID 0639 not
recognized. (Bug 10463)
* iSCSI dissector rejects PDUs with "expected data transfer
length" > 16M. (Bug 10469)
* GTPv2: trigging_tree under Trace information has wrong
length. (Bug 10470)
* Attempt to render an SMS-DELIVER-REPORT instead of an
SMS-DELIVER. (Bug 10547)
* IPv6 Mobility Option IPv6 Address/Prefix marks too many
bytes for the address/prefix field. (Bug 10576)
* IPv6 Mobility Option Binding Authorization Data for FMIPv6
Authenticator field is read beyond the option data.
(Bug 10577)
* IPv6 Mobility Option Mobile Node Link Layer Identifier
Link-layer Identifier field is read beyond the option data.
(Bug 10578)
* Malformed PTPoE announce packet. (Bug 10611)
* IPv6 Permanent Home Keygen Token mobility option includes
too many bytes for the token field. (Bug 10619)
* IPv6 Redirect Mobility Option K and N bits are parsed
incorrectly. (Bug 10622)
* IPv6 Care Of Test mobility option includes too many bytes
for the Keygen Token field. (Bug 10624)
* IPv6 MESG-ID mobility option is parsed incorrectly.
(Bug 10625)
* IPv6 AUTH mobility option parses Mobility SPI and
Authentication Data incorrectly. (Bug 10626)
* IPv6 DNS-UPDATE-TYPE mobility option includes too many
bytes for the MD identity field. (Bug 10629)
* IPv6 Local Mobility Anchor Address mobility option's code
and reserved fields are parsed as 2 bytes instead of 1.
(Bug 10630)
* TShark crashes when running with PDML on a specific packet.
(Bug 10651)
* IPv6 Mobility Option Context Request reads an extra
request. (Bug 10676)
- Updated Protocol Support
6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH,
Mobile IPv6, PTPoE, TN5250, and UCP
- New and Updated Capture File Support
Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS)
* TAILQ macros are now pulled in via config.h only so dhcpcd compiles
on systems where sys/queue.h does not exist at all
* Remove DHCP state correctly when the interface departs
* End the IPv4LL state when DHCP is stopped
* Ensure that any DHCP leased offered still exists when assigning an
IPv4LL address
This tool allows you to search, index and record/stream:
* BBC iPlayer TV
* BBC iPlayer TV subtitles
* BBC iPlayer Radio
* BBC Live TV
* BBC Live Radio
* BBC Podcasts
==========================
Bugfixes:
---------
- Some specific incoming IXFRs were causing server to crash
- Rare sychronization error during reload caused read-after-free
- Response synthetization module did not work properly with
DNSSEC-enabled zones
- When Knot sent AXFR when IXFR was requested, message ID and
opcode were wrong
- Knot failed to send large messages to remote control
(present since 1.5.1)
Knot DNS 1.5.2 (2014-09-08)
==========================
Bugfixes:
---------
- Some RR parsing corner cases were not handled properly
- AXFR-style IXFR was refused and had to be retransfered
- Hash character (#) was not properly escaped when storing text zone file
Knot DNS 1.5.1 (2014-08-19)
===========================
Features:
---------
- Basic support for logging using systemd journal
- DDNS: Ability to process updates in bulk
Improvements:
-------------
- Unified logging messages structure
- DNSSEC: More strict controls for signing keys
Bugfixes:
---------
- DNSSEC: DNAMEs in RDATA were not lowercased before signing
- EDNS: OPT RR were not put into responsing for some errors
- TSIG: DDNS responses were not signed with TSIG
- DDNS: Prerequisite checks failed for some inputs
- knsupdate: Zone origin was not used for deletions
Knot DNS 1.5.0 (2014-07-08)
===========================
Features:
---------
- DDNS forwarding reimplemented
Improvements:
-------------
- Transfer sizes logged in bytes if needed
- Logging outgoing NOTIFY messages
- Logging unauthorized incoming NOTIFYs
Bugfixes:
---------
- Zone flush planning after bootstrap
- Incorrect incoming AXFR message sizes
- DDNS signing changes were freed too soon, posibility of stale data
- knotc remote control key handling
Knot DNS 1.5.0-rc2 (2014-06-18)
===============================
Features:
---------
- edns-client-subnet support in kdig
- Optional asynchronous startup (config "asynchronous-start")
Improvements:
-------------
- Preempt task queue for faster reload
- Lazy zone file write after zone transfer (governed by
"zonefile-sync")
Bugfixes:
---------
- Close zone transfer after SERVFAIL response
- Incremental to full zone transfer fallback, wrong log message
- Zone events corner cases, reload replanning
Knot DNS 1.5.0-rc1 (2014-06-03)
===============================
Features:
---------
- Pluggable query processing modules
- Synthetic IPv4/IPv6 reverse/forward records (optional module)
- dnstap support in both utilities & server (optional module)
- NOTIFY message support and new TSIG section in kdig
- Zone transfer master failover
Improvements:
-------------
- Query processing and core functionality overhaul
- Performance and reduced memory footprint
- Faster zone events scheduling
- RFC compliant queries/responses in some corner cases
- Log messages
- New documentation (Sphinx)
======
- **Worker**: 3.1.15 broke ``-Ofair`` behavior.
This regression could result in all tasks executing
in a single child process if ``-Ofair`` was enabled.
- **Canvas**: ``celery.signature`` now properly forwards app argument
in all cases.
- **Task**: ``.retry()`` did not raise the exception correctly
when called without a current exception.
- **Worker**: The ``enable_events`` remote control command
disabled worker-related events by mistake.
- **Django**: Adds support for Django 1.7 class names in INSTALLED_APPS
when using ``app.autodiscover_tasks()``.
- **Sphinx**: ``celery.contrib.sphinx`` now uses ``getfullargspec``
on Python 3.
3.1.15
======
- **Django**: Now makes sure ``django.setup()`` is called
before importing any task modules (Django 1.7 compatibility)
- **Results**: ``result.get()`` was misbehaving by calling
``backend.get_task_meta`` in a finally call leading to
AMQP result backend queues not being properly cleaned up.
3.1.14
======
- **Requirements**
- **Init scripts**: The generic worker init scripts ``status`` command
now gets an accurate pidfile list.
- **Init scripts**: The generic beat script now implements the ``status``
command.
- **Commands**: Multi now writes informational output to stdout instead of
stderr.
- **Worker**: Now ignores not implemented error for ``pool.restart``
- **Task**: Retry no longer raises retry exception when executed in eager mode
- **AMQP Result backend**: Now ensured ``on_interval`` is called at least
every second for blocking calls to properly propagate parent errors.
- **Django**: Compatibility with Django 1.7 on Windows.
- **Programs**: `--umask` argument can be now specified in both octal (if
starting
======
- Django: Fixed bug in the Django 1.7 compatibility improvements related
to autocommit handling.
- Django: The Django transport models would not be created on syncdb
after app label rename.
3.0.22
======
- kombu.async: Min. delay between waiting for timer was always increased to
one second.
- Fixed bug in itermessages where message is received after the with
statement exits the block.
- Connection.autoretry: Now works with functions missing wrapped attributes
(``__module__``, ``__name__``, ``__doc__``).
- Django: Now sets custom app label for ``kombu.transport.django`` to work
with recent changes in Django 1.7.
- SimpleQueue removed messages from the wrong end of buffer.
- Tests: Now using ``unittest.mock`` if available.
=====
- Now keeps buffer when socket times out.
- Adds ``Connection.Transport`` attribute that can be used to specify
a different transport implementation.
* Log the address IPv4LL defends
* PREINIT, UNKNOWN and CARRIER are not either up nor down states
* ARP code re-written to allow for many ARP states
* IPv4LL address is now pseudo random based on HW address instead
of really random as per RFC 3927 Section 2.1
* If not doing DHCP or DHCP6, disable the DNS requirement in the RA
to fork.
* Treat IPv4LL as fallback and start DHCP discovery even if the prior
lease was IPv4LL when rebooting.
* When we transition from REQUEST to DISCOVER in a reboot,
start IPv4LL at the same time as discover to ensure we have an
address quicker.
* Improve handling of the IPv6LL address at startup
* Support old Linux kernels where IFLA_AF_SPEC may not exist
* When stopping interfaces, skip past pseudo interfaces instead
of finding the master as only the masters are sorted correctly
Added another mirror site, http://cflags.cc/roy/dhcpcd
Upstream changes:
2.06 2014-07-01T10:01:44Z
commit 8259d5eb28919bc766c8b500151d5be7e944b7f2
Author: Petr P.sa. <ppisar@redhat.com>
Date: Fri Jun 27 13:37:20 2014 +0200
Wait infinitely if max_wait is negative
The t/12_pass_wait_port_options.t will fail if the server process does not
start listening in max_wait limit. This can happen if the host is
loaded or just if the scheduler decides to postpone the process.
This patch adds possibility to wait infitely by passing a negative
max_wait value to the Test::TCP object and it changes the
t/12_pass_wait_port_options.t test to use this feature.
https://github.com/tokuhirom/Test-TCP/issues/28
Signed-off-by: Petr P.sa. <ppisar@redhat.com>
2.05 2014-06-24T00:49:45Z
- Release again with latest minil.
2.04 2014-06-23T23:42:28Z
- Release.
2.03_02 2014-06-23T23:37:07Z
- Release to CPAN.
2.03_01 2014-06-23T23:34:38Z
- Switch to ExtUtils::MakeMaker.
2.03 2014-06-23T10:18:53Z
- Re-packaging with Minilla v2.0.0-TRIAL
2.02 2013-10-30T03:22:39Z
- Fixed fork(2) error handling.
(tokuhirom)
2.01 2013-09-22T04:13:53Z
[Changes from MITHALDU (Christian Walde)]
- test waitport argument by running full code-chain, not with partial mocking
- The partial mocks cause stuck forks on win32 at times, causing the test to
hang. With the full code chain present the test runs reliably
Bring over changes from source of truth in othersrc/usr.bin/tnftp
Changes since previous version:
-This is tnftp version 20141031.
+This is tnftp version 20141104.
+
+Changes in tnftp from 20141031 to 20141104:
+
+ Portability fixes.
With thanks to lukem for the nudge
**** 0.81 Oct 29, 2014
Fix rt.cpan.org #99571
AXFR BADSIG failures
Fix rt.cpan.org #99531
Resolver doc error - when is a 'bug' a 'bug'? [TSIG verification]
Fix rt.cpan.org #99528
TSIG::create fails with some filenames
Fix rt.cpan.org #99527
Random errors... [declaration with statement modifier]
Fix rt.cpan.org #99429
Infinite recursion in Net::DNS::Resolver::Recurse::send when
following certain delegations with empty-non terminals.
Fix rt.cpan.org #99320
Net::DNS::ZoneFile bug in "$ORIGIN ."
* Release as "tnftp 20141031".
* Merge NetBSD usr.bin/ftp from 20130220 to 20141026:
- Don't pay attention to special characters if they don't
come from the command line (from jmcneill).
Fixes CVE-2014-8517.
- pr/34796: Hauke Fath: ftp does not timeout on http fetches.
Sun May 5 13:51:47 UTC 2013 lukem
* Release as "tnftp 20130505"
* Implement --enable-ssl (and --with-openssl) to enable
https:// fetch support.
* Merge NetBSD ftp from 20090520 to 20130220. Changes:
- https:// support.
NetBSD problem report 47276 from NONAKA Kimihiro.
- Allow -R to restart non-existent ftp:// URIs.
- Don't assume AF_INET support is available.
FreeBSD problem report 162661.
- Parse HTTP 'Date' entries in the `C' locale rather than the
user's.
NetBSD problem report 42917 from KAMADA Ken'ichi.
- Improve error handling when parsing of URI scheme.
- Silence connection warnings to multi-homed hosts in
non-verbose mode.
- Fix compile warnings.
- In ftpvis(), prevent incomplete escape sequences at end of
dst, and ensure NUL-termination of dst.
Fix from Uwe Stuehler and Stefan Sperling, via Marc Balmer.
- When using the response to SYST to decide whether to
default to 'binary' be a lot less specific.
* Replace glob with newer copy from NetBSD that does not suffer
from DoS exhaustion attacks.
Fix in NetBSD from Maksymilian Arciemowicz. See CVE-2011-0418
Tue Jan 12 06:58:15 UTC 2010 lukem
* Release as "tnftp 20100108"
* Rename onoff() argument "bool" to "val".
Tue Jan 5 09:12:01 UTC 2010 lukem
* If ARG_MAX isn't defined, use the result from sysconf(_SC_ARG_MAX).
Fixes build when using newer glibc.
* Add libnetbsd.la to the LIBADD for libedit.
Fix provided by Adam Sampson.
Mon Jan 4 06:28:07 UTC 2010 lukem
* Distribute various files not shipped by default automake rules,
to use 'make dist' instead of 'cvs export'.
Wed Dec 30 00:12:47 UTC 2009 lukem
* Release as "tnftp 20091122"
Sun Nov 15 10:14:44 UTC 2009 lukem
* Merge NetBSD ftp from 20090520 to 20090915. Change:
- Rename internal getline() to get_line() to avoid
conflict with libc with former.
- Avoid a NULL dereference in an error message.
Sat Nov 14 09:21:19 UTC 2009 lukem
* Convert to automake & libtool.
Sat Jun 6 07:17:38 UTC 2009 lukem
* Release as "tnftp 20090606"
Fri May 22 01:11:15 UTC 2009 lukem
* configure fixes:
- Add the time.h headers to accheck_includes, for the strptime check.
- Remove the check for el_init in libedit; we're always replacing
the library and the presence of strvis() in some versions
confuses other checks.
Wed May 20 13:47:43 UTC 2009 lukem
* Release as "tnftp 20090520"
* Merge NetBSD ftp from 20070722 to 20090520. Changes:
- Only attempt to el_parse() a command unknown by the default
parser if editing is enabled.
Fixes pr 38589.
- Turn off the alarmtimer before resetting the SIGALRM handler
back to SIG_DFL.
Fixes pr 35630.
- Add epsv6 and epsv to disable extended passive mode for ipv6 or
both ipv4 and ipv6 respectively. This hack is due to our
friends a Juniper Networks who break epsv in ipv6.
Should be fixed in ScreenOS 6.2.X.
- Improve parsing of chunked transfer chunks per RFC2616:
- more stringent chunk-size parsing
- ignore optional trailing ';chunk-ext' stuff, instead of barfing
- detect EOF before final \r\n.
- Use the service name to getaddrinfo() (along with the host
name), so that features such as DNS Service Discovery have a
better chance of working.
Display the service name in various status & error messages.
- Don't getservbyname() the :port component of a URL; RFC 3986
says it's just an unsigned number, not a service name.
- Fix numerous WARNS=4 issues (-Wcast-qual -Wsign-compare).
- Fix -Wshadow issues
- Update copyrights
- Remove clause 3 and 4 from TNF licenses
- Rename HAVE_STRUCT_SOCKADDR_SA_LEN to
HAVE_STRUCT_SOCKADDR_IN_SIN_LEN to accurately reflect the
structure member being used.
- Use AF_INET instead of AF_UNSPEC as the default family if
!defined(INET6).
* configure improvements:
- Style tweaks.
- Use AC_LANG_PROGRAM() instead of AC_LANG_SOURCE()
- Add a check for strptime() requiring separators between
conversions, and use our replacement one if it does.
Sat Dec 20 15:28:24 UTC 2008 lukem
* configure improvements:
- Move IPv6 check from tnftp.h to configure.ac (as per tnftpd).
- Rework option descriptions.
- Highlight when tests are for a specific option.
- Move configuration results to the end of the file.
- Display $prefix in configure results.
Fri Aug 15 03:03:36 UTC 2008 lukem
* Add a "Configuration results" display at the end of configure.
Cosmetic tweaks.
Fri Feb 29 09:45:56 UTC 2008 lukem
* Support @EXEEXT@ for Cygwin (etc).
* Release as "tnftp 20141031".
* Merge NetBSD usr.bin/ftp from 20130220 to 20141026:
- Don't pay attention to special characters if they don't
come from the command line (from jmcneill).
Fixes CVE-2014-8517.
- pr/34796: Hauke Fath: ftp does not timeout on http fetches.
Sun May 5 13:51:47 UTC 2013 lukem
* Release as "tnftp 20130505"
* Implement --enable-ssl (and --with-openssl) to enable
https:// fetch support.
* Merge NetBSD ftp from 20090520 to 20130220. Changes:
- https:// support.
NetBSD problem report 47276 from NONAKA Kimihiro.
- Allow -R to restart non-existent ftp:// URIs.
- Don't assume AF_INET support is available.
FreeBSD problem report 162661.
- Parse HTTP 'Date' entries in the `C' locale rather than the
user's.
NetBSD problem report 42917 from KAMADA Ken'ichi.
- Improve error handling when parsing of URI scheme.
- Silence connection warnings to multi-homed hosts in
non-verbose mode.
- Fix compile warnings.
- In ftpvis(), prevent incomplete escape sequences at end of
dst, and ensure NUL-termination of dst.
Fix from Uwe Stuehler and Stefan Sperling, via Marc Balmer.
- When using the response to SYST to decide whether to
default to 'binary' be a lot less specific.
* Replace glob with newer copy from NetBSD that does not suffer
from DoS exhaustion attacks.
Fix in NetBSD from Maksymilian Arciemowicz. See CVE-2011-0418
Tue Jan 12 06:58:15 UTC 2010 lukem
* Release as "tnftp 20100108"
* Rename onoff() argument "bool" to "val".
Tue Jan 5 09:12:01 UTC 2010 lukem
* If ARG_MAX isn't defined, use the result from sysconf(_SC_ARG_MAX).
Fixes build when using newer glibc.
* Add libnetbsd.la to the LIBADD for libedit.
Fix provided by Adam Sampson.
Mon Jan 4 06:28:07 UTC 2010 lukem
* Distribute various files not shipped by default automake rules,
to use 'make dist' instead of 'cvs export'.
Wed Dec 30 00:12:47 UTC 2009 lukem
* Release as "tnftp 20091122"
Sun Nov 15 10:14:44 UTC 2009 lukem
* Merge NetBSD ftp from 20090520 to 20090915. Change:
- Rename internal getline() to get_line() to avoid
conflict with libc with former.
- Avoid a NULL dereference in an error message.
Sat Nov 14 09:21:19 UTC 2009 lukem
* Convert to automake & libtool.
Sat Jun 6 07:17:38 UTC 2009 lukem
* Release as "tnftp 20090606"
Fri May 22 01:11:15 UTC 2009 lukem
* configure fixes:
- Add the time.h headers to accheck_includes, for the strptime check.
- Remove the check for el_init in libedit; we're always replacing
the library and the presence of strvis() in some versions
confuses other checks.
Wed May 20 13:47:43 UTC 2009 lukem
* Release as "tnftp 20090520"
* Merge NetBSD ftp from 20070722 to 20090520. Changes:
- Only attempt to el_parse() a command unknown by the default
parser if editing is enabled.
Fixes pr 38589.
- Turn off the alarmtimer before resetting the SIGALRM handler
back to SIG_DFL.
Fixes pr 35630.
- Add epsv6 and epsv to disable extended passive mode for ipv6 or
both ipv4 and ipv6 respectively. This hack is due to our
friends a Juniper Networks who break epsv in ipv6.
Should be fixed in ScreenOS 6.2.X.
- Improve parsing of chunked transfer chunks per RFC2616:
- more stringent chunk-size parsing
- ignore optional trailing ';chunk-ext' stuff, instead of barfing
- detect EOF before final \r\n.
- Use the service name to getaddrinfo() (along with the host
name), so that features such as DNS Service Discovery have a
better chance of working.
Display the service name in various status & error messages.
- Don't getservbyname() the :port component of a URL; RFC 3986
says it's just an unsigned number, not a service name.
- Fix numerous WARNS=4 issues (-Wcast-qual -Wsign-compare).
- Fix -Wshadow issues
- Update copyrights
- Remove clause 3 and 4 from TNF licenses
- Rename HAVE_STRUCT_SOCKADDR_SA_LEN to
HAVE_STRUCT_SOCKADDR_IN_SIN_LEN to accurately reflect the
structure member being used.
- Use AF_INET instead of AF_UNSPEC as the default family if
!defined(INET6).
* configure improvements:
- Style tweaks.
- Use AC_LANG_PROGRAM() instead of AC_LANG_SOURCE()
- Add a check for strptime() requiring separators between
conversions, and use our replacement one if it does.
Sat Dec 20 15:28:24 UTC 2008 lukem
* configure improvements:
- Move IPv6 check from tnftp.h to configure.ac (as per tnftpd).
- Rework option descriptions.
- Highlight when tests are for a specific option.
- Move configuration results to the end of the file.
- Display $prefix in configure results.
Fri Aug 15 03:03:36 UTC 2008 lukem
* Add a "Configuration results" display at the end of configure.
Cosmetic tweaks.
Fri Feb 29 09:45:56 UTC 2008 lukem
* Support @EXEEXT@ for Cygwin (etc).
* Release as "tnftp 20141031".
* Merge NetBSD usr.bin/ftp from 20130220 to 20141026:
- Don't pay attention to special characters if they don't
come from the command line (from jmcneill).
Fixes CVE-2014-8517.
- pr/34796: Hauke Fath: ftp does not timeout on http fetches.
Sun May 5 13:51:47 UTC 2013 lukem
* Release as "tnftp 20130505"
* Implement --enable-ssl (and --with-openssl) to enable
https:// fetch support.
* Merge NetBSD ftp from 20090520 to 20130220. Changes:
- https:// support.
NetBSD problem report 47276 from NONAKA Kimihiro.
- Allow -R to restart non-existent ftp:// URIs.
- Don't assume AF_INET support is available.
FreeBSD problem report 162661.
- Parse HTTP 'Date' entries in the `C' locale rather than the
user's.
NetBSD problem report 42917 from KAMADA Ken'ichi.
- Improve error handling when parsing of URI scheme.
- Silence connection warnings to multi-homed hosts in
non-verbose mode.
- Fix compile warnings.
- In ftpvis(), prevent incomplete escape sequences at end of
dst, and ensure NUL-termination of dst.
Fix from Uwe Stuehler and Stefan Sperling, via Marc Balmer.
- When using the response to SYST to decide whether to
default to 'binary' be a lot less specific.
* Replace glob with newer copy from NetBSD that does not suffer
from DoS exhaustion attacks.
Fix in NetBSD from Maksymilian Arciemowicz. See CVE-2011-0418
Tue Jan 12 06:58:15 UTC 2010 lukem
* Release as "tnftp 20100108"
* Rename onoff() argument "bool" to "val".
Tue Jan 5 09:12:01 UTC 2010 lukem
* If ARG_MAX isn't defined, use the result from sysconf(_SC_ARG_MAX).
Fixes build when using newer glibc.
* Add libnetbsd.la to the LIBADD for libedit.
Fix provided by Adam Sampson.
Mon Jan 4 06:28:07 UTC 2010 lukem
* Distribute various files not shipped by default automake rules,
to use 'make dist' instead of 'cvs export'.
Wed Dec 30 00:12:47 UTC 2009 lukem
* Release as "tnftp 20091122"
Sun Nov 15 10:14:44 UTC 2009 lukem
* Merge NetBSD ftp from 20090520 to 20090915. Change:
- Rename internal getline() to get_line() to avoid
conflict with libc with former.
- Avoid a NULL dereference in an error message.
Sat Nov 14 09:21:19 UTC 2009 lukem
* Convert to automake & libtool.
Sat Jun 6 07:17:38 UTC 2009 lukem
* Release as "tnftp 20090606"
Fri May 22 01:11:15 UTC 2009 lukem
* configure fixes:
- Add the time.h headers to accheck_includes, for the strptime check.
- Remove the check for el_init in libedit; we're always replacing
the library and the presence of strvis() in some versions
confuses other checks.
Wed May 20 13:47:43 UTC 2009 lukem
* Release as "tnftp 20090520"
* Merge NetBSD ftp from 20070722 to 20090520. Changes:
- Only attempt to el_parse() a command unknown by the default
parser if editing is enabled.
Fixes pr 38589.
- Turn off the alarmtimer before resetting the SIGALRM handler
back to SIG_DFL.
Fixes pr 35630.
- Add epsv6 and epsv to disable extended passive mode for ipv6 or
both ipv4 and ipv6 respectively. This hack is due to our
friends a Juniper Networks who break epsv in ipv6.
Should be fixed in ScreenOS 6.2.X.
- Improve parsing of chunked transfer chunks per RFC2616:
- more stringent chunk-size parsing
- ignore optional trailing ';chunk-ext' stuff, instead of barfing
- detect EOF before final \r\n.
- Use the service name to getaddrinfo() (along with the host
name), so that features such as DNS Service Discovery have a
better chance of working.
Display the service name in various status & error messages.
- Don't getservbyname() the :port component of a URL; RFC 3986
says it's just an unsigned number, not a service name.
- Fix numerous WARNS=4 issues (-Wcast-qual -Wsign-compare).
- Fix -Wshadow issues
- Update copyrights
- Remove clause 3 and 4 from TNF licenses
- Rename HAVE_STRUCT_SOCKADDR_SA_LEN to
HAVE_STRUCT_SOCKADDR_IN_SIN_LEN to accurately reflect the
structure member being used.
- Use AF_INET instead of AF_UNSPEC as the default family if
!defined(INET6).
* configure improvements:
- Style tweaks.
- Use AC_LANG_PROGRAM() instead of AC_LANG_SOURCE()
- Add a check for strptime() requiring separators between
conversions, and use our replacement one if it does.
Sat Dec 20 15:28:24 UTC 2008 lukem
* configure improvements:
- Move IPv6 check from tnftp.h to configure.ac (as per tnftpd).
- Rework option descriptions.
- Highlight when tests are for a specific option.
- Move configuration results to the end of the file.
- Display $prefix in configure results.
Fri Aug 15 03:03:36 UTC 2008 lukem
* Add a "Configuration results" display at the end of configure.
Cosmetic tweaks.
Fri Feb 29 09:45:56 UTC 2008 lukem
* Support @EXEEXT@ for Cygwin (etc).
2.15 - 09/06/2013
-----------------
- Now compiles on HP-UX (Grant Byers)
- Added support for IPv6 (Leo Baltus, Eric Stanley)
2.14 - 12/21/2012
-----------------
- Added configure option to allow bash command substitutions, disabled by default [bug #400] (Eric Stanley)
- Patched to shutdown SSL connection completely (Jari Takkala)
- Added SRC support on AIX (Thierry Bertaud)
- Updated RPM SPEC file to support creating RPMs on AIX (Eric Stanley)
- Updated logging to support compiling on AIX (Eric Stanley)
2.13 - 11/11/2011
-----------------
- Applied Kaspersky Labs supplied patch for extending allowed_hosts (Konstantin Malov)
- Fixed bug in allowed_hosts parsing (Eric Stanley)
- Updated to support compiling on Solaris 10 (thanks to Kevin Pendleton)
* Discard NAT-PMP packets coming from the WAN
* small modifications to compile with exotic C libraries
* add comments in miniupnpd.conf regarding security
* DeletePortMapping now checks for client IP in Securemode
* Various fixes :
e->ipv6.flags |= IP6T_F_PROTO; (netfilter)
fix natpmp.c byte order conversion
add small delay before SSDP response to prevent flooding
changes:
** No longer create local symbolic links by default.
Closes CVE-2014-4877.
** Use libpsl for verifying cookie domains. (not in pkgsrc yet)
** Default progress bar output changed.
** Introduce --show-progress to force display the progress bar.
** Introduce --no-config. The wgetrc files will not be read.
** Introduce --start-pos to allow starting downloads from a
specified position.
** Fix a problem with ISA Server Proxy and keep-alive connections.
