o Disabled code for shutting down idle sockd processes, appears to need
more testing.
o Upgrade to Automake 1.9.6.
o Use __libc_enable_secure if it exists and issetugid() doesn't.
Should allow the SOCKS_CONF environment variable to be used on Linux.
o Check if large files need special support; logfiles can grow large.
o Drop trying to optimize away unnecessary PAM calls, creates
obscure problems on some PAM-Linux implementations.
o Fixed bug introduced as part of additions to better preserve TCP
semantics across connections.
o New module available: session. This gives control over how
many sessions different clients can create.
o In order to share some code, there were some api changes
made to the bandwidth module, requiring users to upgrade.
Users of the bandwidth module can contact sales for a free upgrade.
o Fix bug preventing immediate-error on wrong password to take effect
for servers configured to use PAM.
o Update usage of 'head'.
o Support server-chaining. Currently only the tcp connect command
is supported. It might be possible to add support for udp and
tcp bind if requested.
o Fix PAM-related bug introduced in version 1.1.16.
changes:
-Enabled code for shutting down idle sockd processes.
-Return immediate error if username/password is wrong
-better preserve TCP semantics across connections
-bugfixes
o Limit the maximum number of available descriptors if necessary,
avoiding a possible overflow of fd_sets.
o Added absolute timestamp to logformat, in preparation for new
module.
o Fixed problem involving non-blocking connects in socks clients
on Linux.
o Prototype related tests during configure are rewritten.
Might require prototypes for some platforms to be readded.
o Compilation fixes for AIX 5.1-ML03 with IBM Visual Age C/C++ V5.
Based on patch from Kieron Curtis2 <KCURTIS2@uk.ibm.com>.
o A 'an macro' version of the sockd.8 manual page.
Submitted by Tony Leneis <tony@cvrreg.com>.
o Upgrade to autoconf 2.59, libtool 1.5.10 and automake 1.9.3.
o Patch to code for shutting down idle sockd processes, from
William Adams <wlarip@earthlink.net>. NOT ENABLED.
o Add test for setegid(), use replacement if not found.
Replacement code based on patch by <rainer.doerntge@dlh.de>.
o Do not warn at runtime about SO_{SND,RCV}LOWAT socket options if not
supported by OS. Based on patch from William Adams <wlarip@earthlink.net>.
o enable setegid() call after moving it to correct place;
William Adams <wlarip@earthlink.net>.
o Support for socksification of getipnodebyname(), contributed by
Lennart Dahlström <lennart@appgate.com>.
o Support for socksification of getaddrinfo(), contributed by
Motoyuki Kasahara <m-kasahr@sra.co.jp>.
o Fix some problems with descriptor passing on platforms without
cmsghdr.
o AIX 5.1 ML-03 compilation fixes for IBM Visual Age C/C++ compiler
version 5 by Kieron Curtis2 <KCURTIS2@uk.ibm.com>.
o Remove usage of SO_BSDCOMPAT, obsolete and causes warnings with
version 2.6 Linux kernels. Noted by Adrian Bridgett <adrian@smop.co.uk>.
Compared to the previous release, this version brings amongst other
changes the following:
Server changes:
o Fix bug that prevented rfc931 auth (ident) from working, patch from
"Meno Abels" <Meno.Abels@7d.net>.
o Workaround for 'bswap_32' header bug on linux.
Changes since 1.1.9:
Logging fixes (deprecating -l option to sockd)
Two commercial modules available, redirect and bandwidth (not included in pkg)
Some more from the 'Changes' file:
o Move daemon() call to later so more errors can be reported, suggested
by Borsenkow Andrej <Andrej.Borsenkow@mow.siemens.ru>.
o fix problem when linking with libsocks;
NISHIMURA Daisuke <nishi@graco.c.u-tokyo.ac.jp>.
o fix some problems when socksifying, making certain programs
hang forever (e.g. certain versions/installations of "ssh -X").
Thanks to NISHIMURA Daisuke <nishi@graco.c.u-tokyo.ac.jp> for
diagnosis, help and testing.
o Don't mark the rule as good either if sockscf.state.unfixedpamdata,
fixes bug reported by Jerry Murdock" <jmurdock@itraktech.com>.
o fix a bug preventing the list given in a 'user:' keyword from
being checked correctly. Reported by Oleg Bulavsky <bulch@ftc.ru>.
o "-h" prints out configfile used, based on suggestion from
dh_tsc_10@ugcs.net.
o fix bugs that reset some defaults at the wrong time, reported by
dh_tsc_10@ugcs.net.
o prototype script for generation of graphs with usage information included
(bin/sockd-graphgen). Contact us if you run a socks server with significant
usage, and you are willing to help with testing.
o Some minor optimisations in server i/o code, at the cost of some
timer accuracy concerning bandwidth limiting/client expiration.
o prefix "socks" to some global variables to avoid collisions during
socksify. Reported by Don Reid <donr@cvs.agilent.com>.
o capi/socks.h needs Rxxx prototypes to work with a c++
compiler. Noted by Alex Morozov <alex@idisys.iae.nsk.su>.
o If Rgetsockname() is called on a socket that a previous uncompleted
Rconnect() has been done on, try to sleep until Rconnect() has
finished instead of returning ENOBUFS. Hoped to help compatibility
with some applications.
o Modified httpproxy code a little, based on patch from
dh_tsc_10@ugcs.net.
o Code for selecting which of multiple external ipaddresses to use
on a global basis based on routing.
Code contributed by Tom Chan <tchan@austin.rr.com>.
o Rename "pamservicename" to "pam.servicename".
o Fix memory overrun problem in Rgethostbyname*(). Found and
diagnosed by dme@dme.org, thanks.
o new method added: "pam". Code contributed by
Patrick Bihan-Faou, MindStep Corporation, patrick@mindstep.com.
o let client-rules have their own global methodline, "clientmethod",
default value set to "none".
The global "method" is only used for socks-rules now.
o delay checking of password/etc til we have received the socks
request (rather than during negotiation, as was the case).
Required for supporting passwordbased authentication via non-socks
methods, e.g. pam.
o socklen_t definition updated for NetBSD 1.5U.
Problem report and patch submitted by Janne Snabb <snabb@ssh.com>.
o Output from 'config.guess' is not sufficient to determine use
of elf on NetBSD.
Problem report and patch submitted by Janne Snabb <snabb@ssh.com>
