* Install config files by CONF_FILES instead of install directly.
* Correct path of tools and config in sample config files and a manual page.
* Add DESTDIR support.
Bump PKGREVISION.
rc5, and replace with {idea,mdc2,rc5}-nonlicense. Because pkgsrc does
not yet handle multiple licenses, set LICENSE to
openssl-patented-algorithms-nonlicense.
Major changes since Sudo 1.6.9p9:
o Moved LDAP options into a table for simplified parsing/setting.
o Fixed a problem with how some LDAP options were being applied.
o Added support for connecting directly to LDAP servers via SSL/TLS
for servers that don't support the start_tls extension.
Changes:
Update to version 1.7.1. Changes:
v1.7.1 (Amy) 10jun07
--------------------
* windows SSH agent support can use the 'ctypes' module now if 'win32all' is
not available [patch from alexander belchenko]
* SFTPClient.listdir_attr() now preserves the 'longname' field [patch from
wesley augur]
* SFTPClient.get_channel() API added
* SSHClient constuctor takes an optional 'timeout' parameter [patch from
james bardin]
v1.7 (zubat) 18feb07
--------------------
* added x11 channel support (patch from david guerizec)
* added reverse port forwarding support
* (bug 75370) raise an exception when contacting a broken SFTP server
* (bug 80295) SSHClient shouldn't expand the user directory twice when reading
RSA/DSS keys
* (bug 82383) typo in DSS key in SSHClient
* (bug 83523) python 2.5 warning when encoding a file's modification time
* if connecting to an SSH agent fails, silently fallback instead of raising
an exception
v1.6.4 (yanma) 19nov06
----------------------
* fix setup.py on osx (oops!)
* (bug 69330) check for the existence of RSA/DSA keys before trying to open
them in SFTPClient
* (bug 69222) catch EAGAIN in socket code to workaround a bug in recent
Linux 2.6 kernels
* (bug 70398) improve dict emulation in HostKeys objects
* try harder to make sure all worker threads are joined on Transport.close()
v1.6.3 (xatu) 14oct06
---------------------
* fixed bug where HostKeys.__setitem__ wouldn't always do the right thing
* fixed bug in SFTPClient.chdir and SFTPAttributes.__str__ [patch from
mike barber]
* try harder not to raise EOFError from within SFTPClient
* fixed bug where a thread waiting in accept() could block forever if the
transport dies [patch from mike looijmans]
v1.6.2 (weedle) 16aug06
-----------------------
* added support for "old" group-exchange server mode, for compatibility
with the windows putty client
* fixed some more interactions with SFTP file readv() and prefetch()
* when saving the known_hosts file, preserve the original order [patch from
warren young]
* fix a couple of broken lines when exporting classes (bug 55946)
v1.6.1 (vulpix) 10jul06
-----------------------
* more unit tests fixed for windows/cygwin (thanks to alexander belchenko)
* a couple of fixes related to exceptions leaking out of SFTPClient
* added ability to set items in HostKeys via __setitem__
* HostKeys now retains order and has a save() method
* added PKey.write_private_key and PKey.from_private_key
v1.6 (umbreon) 10may06
----------------------
* pageant support on Windows thanks to john arbash meinel and todd whiteman
* fixed unit tests to work under windows and cygwin (thanks to alexander
belchenko for debugging)
* various bugfixes/tweaks to SFTP file prefetch
* added SSHClient for a higher-level API
* SFTP readv() now yields results as it gets them
* several APIs changed to throw an exception instead of "False" on failure
Major changes since Sudo 1.6.9p8:
o The ALL command in sudoers now implies SETENV permissions.
o The command search is now performed using the target user's
auxiliary group vector, not just the target's primary group.
o When determining if the PAM prompt is the default "Password: ",
compare the localized version if possible.
o New passprompt_override option in sudoers to cause sudo's prompt
to be used in all cases. Also set when the -p flag is used.
Changes since 5.2.1:
5.2.2 - added SHA-224
- put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL
5.2.3 - fixed issues with FIPS algorithm test vectors
- put RSASSA-ISO into DLL
5.3 - ported to MSVC 2005 with support for x86-64
- added defense against AES timing attacks, and more AES test vectors
- changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR"
5.4 - added Salsa20
- updated Whirlpool to version 3.0
- ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006
5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly)
- improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20,
Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2)
- optimized Camellia and added defense against timing attacks
- updated benchmarks code to show cycles per byte and to time key/IV setup
- started using OpenMP for increased multi-core speed
- enabled GCC optimization flags by default in GNUmakefile
- added blinding and computational error checking for RW signing
- changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce
the risk of reusing random numbers and IVs after virtual machine state
rollback
- changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to
AutoSeededX917RNG<AES>
- fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV
- moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak"
- removed HAVAL, MD5-MAC, XMAC
5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines
5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama
to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64)
- fixed Salsa20 initialization crash on non-SSE2 machines
- fixed Whirlpool crash on Pentium 2 machines
- fixed possible branch prediction analysis (BPA) vulnerability in
MontgomeryReduce(), which may affect security of RSA, RW, LUC
- fixed link error with MSVC 2003 when using "debug DLL" form of runtime library
- fixed crash in SSE2_Add on P4 machines when compiled with
MSVC 6.0 SP5 with Processor Pack
- added support for newly released compilers: MSVC 2008, GCC 4.2, Sun CC 5.9,
Intel C++ Compiler 10.0, and Borland C++Builder 2007
changes:
-build fixes (not relevant to pkgsrc)
* Don't print out a warning message in applications using
libgnome-keyring when non-pageable memory cannot be allocated.
