a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
- Use SWIG 1.3.39 to generate bindings code, fixes Prewikka compatibility
problem because of SWIG version mismatch between libprelude/libpreludedb
modules.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
- Fix an assertion warning upon sensor start in case the address
for the local machine could not be found.
- Consistency rework of EasyBindings IDMEFCriteria API.
- Add refcount support for prelude_client_t and
prelude_client_profile_t, and update EasyBindings destructor to use
them.
- Fix a bug where EasyBindings would be built although they were not
enabled.
- Fix path issue in case libprelude was configured with specific path
outside of $prefix (fix#319).
- EasyBindings inclusion! EasyBindings provide simple C++, Python,
Perl, Ruby, and Lua bindings for using libprelude. They are still
considered experimental, thus you need to use (--enable-easy-bindings)
to activate them. Thanks to Sebastien Tricaud <toady@inl.fr> and
Pierre Chifflier <p.chifflier@inl.fr> for their contribution to this
project!
- Use automake/autoconf for building/installing Python extension.
- Fix 0.9.18 regression (alert created with empty CreateTime).
- Implement reference counting for the idmef-criteria and
prelude-connection API.
- Automatic casting when setting IDMEF Value to a field that is of
different type. Until now, if an user tried to set a path of a
specific type with an idmef_value_t object containing another type,
idmef_path_set() would return an error.
- Various bug fixes.
- Add support for newer GnuTLS 2.2.0 session priority functions. When
the option is available, the user might specify TLS settings through
the "tls-options" configuration entry.
- Workaround a GnuTLS issue where the client wouldn't be able
to negotiate a supported compression protocol with the server (#299).
- Implement variable substitution in Prelude configuration files.
- Allow IDMEF criteria with multiples values for a single path,
as can be seen in the following example:
alert.classification.text = (A || B || C || D)
- Implement negation of idmef-criteria, allowing to write criteria like:
! (alert.classification.text = A || alert.classification.text = B)
- Fix an IDMEF-Criteria matching problem, where the match function would
not attempt to match a OR after multiple consecutive AND that failed.
Thanks Alexander Afonyashin <firm(at)iname.com> for pointing out the
problem.
- Never use non-pointer field, always use the "required" keyword. Fix
API consistency issue, that could lead to unexpected behavior.
- Fix multiples problem with prelude_read_multiline /
prelude_read_multiline2,
(fix a problem with prelude-manager idmef-criteria that wouldn't read
external ruleset).
- Error out if GnuTLS initialization fail.
- Implement RFC 4122 UUIDv1 identifier generation, more resistant to
duplicate than our previous implementation in case of clock skew, or
multiple client with the same analyzerid sending alert in parallel.
- You can now provide NULL value to idmef_path_set() in order to
destroy existing value within an IDMEF message.
- Unify memory handling of value retrieval through idmef_path_t. This
allow the user to retrieve and keep any values, even through the
associated IDMEF message is freed.
- Build system cleanup, enable RELRO when possible.
- Implement PRELUDE_CLIENT_FLAGS_AUTOCONFIG, which is set by default,
but that applications might unset in order for their client not to
read the default profile/global configuration.
- Fix possible assertion when destroying un-started prelude-client.
- Improvement to the prelude-io API, the user might now hook its own
handling function.
- Fix dumping of (not) NULL criteria operator to string. Remove
gratuitous space insertion when dumping criteria.
- Headers fixes for C++ build.
- Fix printing and cloning of empty IDMEF string.
- In IDMEF to string convertion code, print <invalid enum value> in
place of NULL on invalid enumeration value.
- Various bug fixes.
- Fix bindings for IDMEF 'get_next' functions.
- Make sure we use no additional GnuLib compiler flags when building
bindings, this fix bindings compilation failure on some architecture
(Solaris).
- Implement prelude-admin list [-l] command, which provide the ability to list
existing profile name, permission, registration permission, analyzerID, and
Issuer analyzerid.
- Implement multiple analyzer deletion in prelude-admin.
- Correct printing of IDMEF time field using non local GMT offset.
- Patch to avoid struct typespec redefinition, due to variable mispelling.
This fixes a compilation problem on OpenBSD 3.8.
- Various bug fixes.
- Fix build error on system that use native awk implementation in place of GNU awk
(Pierre Chifflier <chifflier at inl.fr>), fix#256.
- Avoid a prelude-string fatal assertion, by denying copy/cloning of an empty
prelude-string.
- Correction to the 'prelude-admin send' help message.
- Convert prelude-string to use prelude_return_if_fail() in place of prelude_log().
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
- Implement TCP keepalive settings on platform that support it,
check client.conf for details.
- When reading prelude-adduser password from a file, remove
newline at the end of the string (fix#221).
- When we fail to read an IDMEF message, provide more information
about the place where the error happened.
- Fix an issue with idmef_path_get() on empty path (pointing to the
root message).
- Various bug fixes and minor API improvements.
- Improve error reporting with the central option interface.
- Fix a bug when comparing IDMEF object with optional fields.
- Fix a problem with the logger, where large log entry wouldn't be
logged.
- Fix a crash with Python bindings upon signal reception (Fix#200).
- New --with-system-ltdl configure switch. The default is now to use the
system wide ltdl library if it is available, unless specified otherwise
(Fix#199).
- Prevent NULL pointer dereference if no permission is specified after the
permission type (Fix#197).
- Upon IDMEFCriteria parsing error, recover from broken parser stater (Fix#195).
- Detailed error reporting on IDMEFCriteria parsing error.
- Fix string and possible criteria leak on IDMEFCriteria syntax error.
- Prefer anonymous authentication rather than SRP. We do this because there
are compatibility issue with SRP between different GnuTLS version
(Should fix#187).
- When dumping AdditionalData of type byte-string to string, encode the data using base64.
- Hook class comparison function. Accept NULL, equal, not equal operator.
- Introduce better error checking in the idmef-class API, which is now
considered public and might be used by external application. Rename
error code to reflect the API.
- Change to the way IDMEF listed element are handled. Specifying negative
number as the position of the element from the low level API now allow
to position the element at the specified (reversed) index. Using the
high level API a negative index permit to address a list of element
backward (replace an element).
- Build fixes for SWIG > 1.3.27.
- Modify idmef_value_match() so that it always unroll listed value
(do it for both val1 and val2. Remove assertion, and let
idmef_value_type_compare() return an error code in case there is an issue.
- Handle path using IDMEF_LIST_APPEND or IDMEF_LIST_PREPEND as
path using an undefined list index on idmef_path_get() call.
- Make criteria parser accept (*) list index.
- Implement comparison function for all IDMEF object.
