Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
- Use SWIG 1.3.39 to generate bindings code, fixes Prewikka compatibility
problem because of SWIG version mismatch between libprelude/libpreludedb
modules.
- Fix an assertion warning upon sensor start in case the address
for the local machine could not be found.
- Consistency rework of EasyBindings IDMEFCriteria API.
- Add refcount support for prelude_client_t and
prelude_client_profile_t, and update EasyBindings destructor to use
them.
- Fix a bug where EasyBindings would be built although they were not
enabled.
- Fix path issue in case libprelude was configured with specific path
outside of $prefix (fix#319).
- EasyBindings inclusion! EasyBindings provide simple C++, Python,
Perl, Ruby, and Lua bindings for using libprelude. They are still
considered experimental, thus you need to use (--enable-easy-bindings)
to activate them. Thanks to Sebastien Tricaud <toady@inl.fr> and
Pierre Chifflier <p.chifflier@inl.fr> for their contribution to this
project!
- Use automake/autoconf for building/installing Python extension.
- Fix 0.9.18 regression (alert created with empty CreateTime).
- Implement reference counting for the idmef-criteria and
prelude-connection API.
- Automatic casting when setting IDMEF Value to a field that is of
different type. Until now, if an user tried to set a path of a
specific type with an idmef_value_t object containing another type,
idmef_path_set() would return an error.
- Various bug fixes.
- Add support for newer GnuTLS 2.2.0 session priority functions. When
the option is available, the user might specify TLS settings through
the "tls-options" configuration entry.
- Workaround a GnuTLS issue where the client wouldn't be able
to negotiate a supported compression protocol with the server (#299).
- Implement variable substitution in Prelude configuration files.
- Allow IDMEF criteria with multiples values for a single path,
as can be seen in the following example:
alert.classification.text = (A || B || C || D)
- Implement negation of idmef-criteria, allowing to write criteria like:
! (alert.classification.text = A || alert.classification.text = B)
- Fix an IDMEF-Criteria matching problem, where the match function would
not attempt to match a OR after multiple consecutive AND that failed.
Thanks Alexander Afonyashin <firm(at)iname.com> for pointing out the
problem.
- Never use non-pointer field, always use the "required" keyword. Fix
API consistency issue, that could lead to unexpected behavior.
- Fix multiples problem with prelude_read_multiline /
prelude_read_multiline2,
(fix a problem with prelude-manager idmef-criteria that wouldn't read
external ruleset).
- Error out if GnuTLS initialization fail.
- Implement RFC 4122 UUIDv1 identifier generation, more resistant to
duplicate than our previous implementation in case of clock skew, or
multiple client with the same analyzerid sending alert in parallel.
- You can now provide NULL value to idmef_path_set() in order to
destroy existing value within an IDMEF message.
- Unify memory handling of value retrieval through idmef_path_t. This
allow the user to retrieve and keep any values, even through the
associated IDMEF message is freed.
- Build system cleanup, enable RELRO when possible.
- Implement PRELUDE_CLIENT_FLAGS_AUTOCONFIG, which is set by default,
but that applications might unset in order for their client not to
read the default profile/global configuration.
- Fix possible assertion when destroying un-started prelude-client.
- Improvement to the prelude-io API, the user might now hook its own
handling function.
- Fix dumping of (not) NULL criteria operator to string. Remove
gratuitous space insertion when dumping criteria.
- Headers fixes for C++ build.
- Fix printing and cloning of empty IDMEF string.
- In IDMEF to string convertion code, print <invalid enum value> in
place of NULL on invalid enumeration value.
- Various bug fixes.
- Fix bindings for IDMEF 'get_next' functions.
- Make sure we use no additional GnuLib compiler flags when building
bindings, this fix bindings compilation failure on some architecture
(Solaris).
- Implement prelude-admin list [-l] command, which provide the ability to list
existing profile name, permission, registration permission, analyzerID, and
Issuer analyzerid.
- Implement multiple analyzer deletion in prelude-admin.
- Correct printing of IDMEF time field using non local GMT offset.
- Patch to avoid struct typespec redefinition, due to variable mispelling.
This fixes a compilation problem on OpenBSD 3.8.
- Various bug fixes.
- Fix build error on system that use native awk implementation in place of GNU awk
(Pierre Chifflier <chifflier at inl.fr>), fix#256.
- Avoid a prelude-string fatal assertion, by denying copy/cloning of an empty
prelude-string.
- Correction to the 'prelude-admin send' help message.
- Convert prelude-string to use prelude_return_if_fail() in place of prelude_log().
- Implement TCP keepalive settings on platform that support it,
check client.conf for details.
- When reading prelude-adduser password from a file, remove
newline at the end of the string (fix#221).
- When we fail to read an IDMEF message, provide more information
about the place where the error happened.
- Fix an issue with idmef_path_get() on empty path (pointing to the
root message).
- Various bug fixes and minor API improvements.
- Improve error reporting with the central option interface.
- Fix a bug when comparing IDMEF object with optional fields.
- Fix a problem with the logger, where large log entry wouldn't be
logged.
- Fix a crash with Python bindings upon signal reception (Fix#200).
- New --with-system-ltdl configure switch. The default is now to use the
system wide ltdl library if it is available, unless specified otherwise
(Fix#199).
- Prevent NULL pointer dereference if no permission is specified after the
permission type (Fix#197).
- Upon IDMEFCriteria parsing error, recover from broken parser stater (Fix#195).
- Detailed error reporting on IDMEFCriteria parsing error.
- Fix string and possible criteria leak on IDMEFCriteria syntax error.
- Prefer anonymous authentication rather than SRP. We do this because there
are compatibility issue with SRP between different GnuTLS version
(Should fix#187).
- When dumping AdditionalData of type byte-string to string, encode the data using base64.
- Hook class comparison function. Accept NULL, equal, not equal operator.
- Introduce better error checking in the idmef-class API, which is now
considered public and might be used by external application. Rename
error code to reflect the API.
- Change to the way IDMEF listed element are handled. Specifying negative
number as the position of the element from the low level API now allow
to position the element at the specified (reversed) index. Using the
high level API a negative index permit to address a list of element
backward (replace an element).
- Build fixes for SWIG > 1.3.27.
- Modify idmef_value_match() so that it always unroll listed value
(do it for both val1 and val2. Remove assertion, and let
idmef_value_type_compare() return an error code in case there is an issue.
- Handle path using IDMEF_LIST_APPEND or IDMEF_LIST_PREPEND as
path using an undefined list index on idmef_path_get() call.
- Make criteria parser accept (*) list index.
- Implement comparison function for all IDMEF object.
- Fix checking for swig/perl/python when full path to the
application is specified.
- Fix OpenBSD getaddrinfo() AI_ADDRCONFIG issue (apply to
some other system as well).
- Fix workaround for system with broken libtool,
that prevented the use of plugin (#168).
- Improve idmef-path error reporting.
- Rework configure script so that it use --with[out] in
place of --(en|dis)able where we deal with external dependencies.
- Rework configure script so that --with[out] work as expected (enabling and
disabling the feature, explicit error if "with" feature is explicitly
specified but the feature it is unavailable, etc).
- Rework SNMPService class for IDMEF draft 16 compliance.
- Make sure we set alert CreateTime if the caller did not do it for us.
- Fix handling of \r\n terminated line.
- Ignore character that are part of the option value when comparing
option specified using --option=value. Fix handling of parent option.
Changes:
- Fix an issue with system using both IP v4 and v6 interfaces which
doesn't allow binding both 0.0.0.0 and :: .
- Add autoconf detection for libgcrypt: this fix a build issue for
distribution shipping with broken libgnutls-config script.
- Generate Perl and Python bindings for the prelude-timer API.
- Fix for upcoming plugin that doesn't provide an activation option.
- Various bug fixes.
Changes:
* libprelude-0.9.6.1:
- Flex generated file build fix for FreeBSD / NetBSD.
* libprelude-0.9.6:
- Implement workaround for buggy libtool that will fail
looking up symbol with preopening enabled in case the
libtool archive is missing. Lot of distribution package
seem to suffer from this.
- idmef-path API improvement, allow user to specify negative
index to address the list in reverse. Developer are now
supposed to use IDMEF_LIST_APPEND (in place of index -1) and
IDMEF_LIST_PREPEND (in place of 0) on listed object operation.
- idmef-path API improvement: support for (<<) and (>>) listed
object index, meaning to prepend the object / to append it,
as well as (*) meaning to retrieve all object from a list. This
deprecate the usage of (-1) previously used for appending.
- Fix deconnection problem in client reading mode.
- Improve option parsing: option value can now be provided using
--option=value. This format is now a requirement for option that
use an optional argument. Provide arguments information in the
option help.
- Fix deadlock on asynchronous prelude-client destruction.
- Definitely fix the problem where prelude-adduser will, on some system,
listen to Ipv6 IP address as the default: we now bind every address
returned by getaddrinfo().
- Fix crash in case of successive call to prelude_init(), prelude_deinit(),
then prelude_init() again.
- Introduce --passwd and --passwd-file option for prelude-adduser
register and registration-server mode, allowing to specify one shot
password on the command line, from a file, or from stdin.
- Verbose error handling for prelude-adduser.
- Fix perl bindings, make them more robust by adding type checking, and fix
memory leak.
- Fix parsing of string based broken down time criterion.
- Handle configuration file containing \r.
- Fix prelude_read_multiline2() return value (fix Prelude-Manager
idmef-criteria-filter plugin).
- Fix a bug in per thread error handling code which resulted in NULL
error to be returned in case an application thread exited.
- Various bug fixes.
- More TLS cleanup.
- Application can now report error without using specific prelude_client
error reporting function.
- More work and improved verbose error reporting.
- Fix compilation problem with prelude_error_is_verbose() (#130).
Compilation problem on NetBSD 1.6 and OpenBSD has been fixed so patch-ad
is deleted.
- Some useful API addition.
- Much improved, verbose error reporting.
- Cleaned up TLS handling, various bugfix.
- In case an error occur when verifying the peer certificate,
notify the peer about the failure.
The Prelude Library is the glue that binds all aspects of Prelude
together. It is a library which enables Prelude components to
communicate with the Prelude Manager. It also makes it easy for third
party software to be made 'Prelude Aware' (able to communicate with
Prelude components). It provide common, useful features used by every
sensor.
sensors, managers, and a display console. LibPrelude
is the glue that binds all aspects of Prelude together.
LibPrelude is a library which enables Prelude
components to communicate in a standard IDMEF method.
This is one of several new packages in the Prelude family.
