New in 2.10:
* AES-CCM-16 was incorrectly named AES-CCM-12.
* AES-CCM checksum validation always failed when the final block was partial.
New in 2.9:
* Send busy responses on new but not yet enabled connections.
* Make sure we wake up threads waiting for binding to complete.
* Clean up mrpc2_SendReliably, it sometimes exited too early and ignored the
overall timebomb timer.
* Precompute retransmission intervals.
New in 2.8:
* Simplified retransmission interval calculation.
* Do not wait for the full RPC2 timeout when receiving a busy response.
* Unify rpc2 & sftp retransmission counters.
* Fixed client-to-server sftp transfer failures.
* PBKDF check would trigger unnecessary warnings depending on clock
granularity.
From Jukka Salmi via PR pkg/44637.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
* Build improvements, use pkgconfig.
* Don't add rpc2's 100ms delayed ack delay in SFTP roundtrip estimate.
* Reduce the number of packets SFTP drops when we receive duplicates.
* Retransmit more worried packets (which 'should' have been acked).
* Only retransmit on timeouts, have the active side of the connection be
mostly timeout driven to avoid duplicate transfers.
* Fail when configure cannot find a usable LEX or YACC binary.
* Fix RetryInterval calculation, we were waiting twice as long as specified.
* Make sure RPC2/Coda defined error values do not collide with system errnos.
Also, shlib major version changed.
patch-aa was merged upstream.
New in 2.5:
* Avoid rp2gen segfault on 64-bit systems. (Vasil Dimov)
* Forgotten includes broke the FreeBSD build. (Sean Caron)
* Fix RPM build dependencies. (Adam Goode/Jerry Amundson)
* Add dependency on pkg-config 0.18 or higher (Davor Ocelic)
* Use non-blocking /dev/urandom device to initialize random number generator.
* We were not correctly handling returned data values in our Lua bindings.
* Fix compiler warnings in stub-generated code.
* Correctly handle negative seek offset in SFTP so that it disables seeking by
the rpc2 layers.
* Fix data alignment for incoming RPC2 connections on 64-bit.
* Set default binding policy to only allow secure rpc2 connections.
New in 2.4:
* Instead of queueing incoming INIT1 requests when nobody is ready to accept
the new connection, respond with a busy to make the peer wait and try again.
This is useful when RPC2 is already initialized, but the server is starting
up and when a lot of new clients arrive simultaneously, for instance after a
network outage. By the time we're ready to accept the connection the client
may have already given up and it is pointless to try and send the INIT2
response.
New in 2.3:
* Endian fixes in the encryption code (Adam Goode)
* Fix failing SFTP transfer when a duplicate packet arrives.
* Account for server processing delay in roundtrip time estimate.
* Rewrote bandwidth/latency estimator to improve stability.
* Added 'configure --with-lua' to link in an embedded Lua interpreter.
* Support for Lua scripts to customize bandwidth and roundtrip time estimation.
Assumes the script can be found as /etc/rpc2.lua or the value of the
RPC2_LUA_SCRIPT environment variable. We check once every 5 seconds if
that file has been updated (or removed) and automatically reload it.
The script is disabled whenever a parse or runtime error is encountered.
* Example scripts installed in ${prefix}/share/rpc2,
rpc2-rtt-adaptive.lua - current RPC2 estimator, implemented in Lua.
rpc2-rtt-fixed.lua - simple estimator using fixed network parameters.
rpc2-rtt-vj.lua - simple latency only estimator.
rpc2-fail.lua - Introduce packet loss and/or delay
New in 2.2:
* Avoid valgrind warnings in the pbkdf test function.
* Fix codasrv regression, it failed to unpack the CML.
New in 2.1 (unreleased):
* Fix RPC2 binding on amd64.
* Fix layout of struct SFTP_Parms for 64-bit.
* Fix MultiRPC packing and unpacking on 64-bit.
* Convert a couple other longs to int32_t in sftp.
* Remove the autom4te.cache when bootstraping. (Phil Nelson)
* Cygwin does not have IPV6 yet. (Phil Nelson)
New in 2.0:
* Removed unused multicast code.
* Filter requests based on the subsystem we authenticated with.
* New security framework that provides strong encryption.
* Various standard encryption/authentication modes,
PKCS#5 v2.0 key derivation (RFC 2898)
AES-XCBC-MAC-96 authentication (RFC 3566)
AES-CBC encryption (RFC 3602)
AES-CCM combined encryption/authentication (RFC 4309)
AES-XCBC-PRF-128 pseudo random function (RFC 4434)
* Allow user to set minimum key length with RPC2SEC_KEYSIZE envvar.
* Allow user to avoid reverting back to the old compatible handshake/xor
binding by setting the RPC2SEC_ONLY envvar.
* Log packets larger than the IPv6 minimum MTU.
* Automake cleanups, compile with -Wall, various other cleanups.
* Attempt to fix conflicts with the Debian rpc2-4 package.
* Replace incorrect %{_buildroot} with %{_builddir} in the RPM spec file.
* rpc2 doesn't build on netbsd/sparc64 2.0ish (Greg Troxel)
New in 1.28:
* Do not truncate random numbers to 15 bits.
* Check clientident length (Ivan Popov).
* Fix gcc4 warnings.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
Changes:
* Fixes for LWP-2.0
* Reduced size of the medium packets to 1500.
* Explicitly clear the EchoTimestamp when we receive an out-of-order
SFTP data packet to avoid sending a stale timestamp value.
* Make sure we retransmit at least one packet once we hit EOF so that we
can continue to make progress.
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
changes (partial):
- Updated for current autoconf/gcc build environment.
- Some cleanups for the code generated by the rp2gen stub generator.
- Hopefully improved 'timeout' behaviour on asynchronous links (ADSL).
Fixes memory corruptions that typically hit during reintegration, andperformance
problems when writing data to the servers.
- Now internally supports >2GB files, however we're not really using
this new capability in Coda yet.
- Re-added a lost lseek that was causing truncated backup files.
Small files that got piggybacked on the outgoing RPC2 packets were
only sent to one server in a replicated group. The operation on the
other servers fails and the client disconnected. The next time the
servers are accessed this inconsistency was detected and
automatically resolved. But doing it right in the first place is
somewhat more efficient and reliable.
The RPC2 random number generator was not initialized correctly. Not
sure how much effect this had on connection handling and other
places that liked random numbers to be unique.
Removed MultiRPC pool allocator, now we can have more than 8 concurrent RPC
operations. And because the per-user limit got removed in Coda-6.0.2, this is
more likely to happen.
A packet with random data could easily trigger an assertion in the MultiRPC
decoding. Now we simply drop it and avoid the possible DoS.
IPv6 support, it is just waiting for the right flag from userspace. As a
result the 1.19 API is binary compatible for older clients and servers.
Removed sftp listener and timeout threads. We always run what was previously
called 'masqueraded'. This works fine as long as our peer uses rpc2-1.9
or later.
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
* Fixed crash when an expired connection receives a NAK.
* Increased lower bound on retransmission time to 300ms.
* Removed Linux specific optimization in processing time calculation which
made RPC2 clients assume a server can respond faster than it actually does.
* Fixed the very infrequent SFTP_SendResponse crash again, hopefully for real
this time.
* A non-masqueraded rpc2 client wouldn't send out it's SFTP packets through
the rpc2 socket when talkin to a masqueraded rpc2-server. This broke
backfetches through a firewall.
* Added delayed acks, when an RPC2 operation on the server is taking more than
200ms, an unsolicited RPC2_BUSY is sent back to the client to avoid
unnecessary retransmissions of the request.
* Stricter prototyping for callback functions.
* Fixed the very infrequent SFTP_SendResponse crash.
* Keeping track of current fd offset in sftp to allow non-multirpc transfers
from/to a non-seekable fd (eg. stdout).
BUILDLINK_PREFIX.<pkgname>. This allows buildlink to find X11BASE packages
regardless of whether they were installed before or after xpkgwedge was
installed. Idea by Alistair Crooks <agc@pkgsrc.org>.
FOO_REQD=1.0 being converted to foo>=1.0, one can now directly specify
the dependency pattern as FOO_DEPENDS=foo>=1.0. This allows things like
JPEG_DEPENDS=jpeg-6b, or fancier expressions like for postgresql-lib.
Change existing FOO_REQD definitions in Makefiles to FOO_DEPENDS.
CXXFLAGS, and LDFLAGS by the buildlink.mk files so remove the extra
definitions to add them from the package Makefiles. As advised by the
bsd.buildlink.mk file, also ensure that the buildlink.mk files are
included prior to defining any package-specific CFLAGS/LDFLAGS to ensure
that the buildlink directories are at the head of the compiler search
paths.