Up to [cvs.NetBSD.org] / pkgsrc / net / 3proxy
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
3proxy: Update to 0.9.4 pkgsrc changes: --------------- * Update the license to 3proxy-0.9-license. * Remove outdated comments about the old licenses. upstream changes: ----------------- 3proxy-0.9.4 Latest ! Fix: invalid handling of '-' character in ACL hostname ! Fix: minor bugfixes and improvements + parentretry command added (defaults to 2) to retry connections to parent proxies - icqpr related code (OSCAR proxy) removed, due to drop of OSCAR support by messengers 3proxy-0.9.3 Bugfixes: Fixed: systemd description file (proxy may fail to start after reboot or via systemctl) Fixed: group/account creation in installation scripts Fixed: countall/nocounall do not work in some configurations Fixed: counters do not work if counter file is not specified Fixed: counters without rotation (type N) are incorrectly shown in web admin interface Fixed: %n may be incomplete or missed in long log records Fixed: connect back functionality does not work Improvements: + Docker builds 3proxy-0.9.2 Bugfixes: Fixed: bandwidth limiters (once again) Fixed: data filtering plugins (PCREPlugin, SSLPlugin). SSLPlugin use on Linux requires to disable splice (-s0) FIxed: standalone proxies do not react on HUP (Ctrl+C) in Linux/Unix Fixed: few minor bugs Improvements: + deb for arm platforms (experimental) + Openssl 1.1 support for SSLPlugin 3proxy-0.9.1 Bugfixes: Fixed: socket may be closed before all data received/sent Fixed: bandlimin non-working Fixed: countall/nocountall Fixed: few race conditions Improvements: deb/rpm build, systemd support (experimental) 3proxy-0.9.0 o Socket options, interface binding o Connection limiting / connection rate limiting o RADIUS support (beta) o Zero copy (splice) support for Linux o Possibility to limit user to single IP (via authentication cache) bugfixes, improvements 3proxy-0.8.13 Bugfixes: !! Fixed out-of-bound write and few minor bugs on configuration saving in admin ! fixed: $ is not correctly handled in the beginning of quoted line on configuration parsing 3proxy-0.8.12 Bugfixes: ! Fixed hostname support in SOCKSv5 UDP portmapping ! -fno-strict-aliasing added to gcc options (compiling without this option can lead to unpredictable issues under Debian with gcc 6 and potentially others) ! Fixed LDAP plugin compilation issues (LDAP plugin is still listed as unsupported though) and some minor fixes and improvements.
net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch
net: Remove SHA1 hashes for distfiles
pkglint compliance
Cosmetic and PATH fixing - Use SUBST_VARS instead of SUBST_SED (thanks to leot@) - Fix hardcoded PATH in manpages
Update to 0.8.11 Remove patches/patch-aa: code no longer used Fix Makefile.unix: from FreeBSD ports Add documentation to package Add rcd script Changes: -------- 19.10.2017 Releasing as 0.8.11 Minor bugfixes / improvements: ! Fixed: deadlock on insufficient resources ! Fixed: race condition in ssl_plugin ! Fixed: minor memory leak on configuration reload ! Fixed: recursion detection was not working ! Fixed: %n for IPv6 in logging terminates log record ! Fixed: reverse PTR validation (required for dnsauth) ! Fixed: error on external 0.0.0.0 for NOIPV6 (light version) + Better support for IPv6 in ftppr 25.06.2017 Releasing as 0.8.10 !Fix: parent proxy can be used in some cases where it shouldn't !Fix: bandlimiters may not work for older connections on configuration reload 01.02.2017 Releasing as 0.8.9 !Fix: tcppm may fail if used with parent proxy 16.12.2016 Releasing as 0.8.8 !! Fix resolver for non-compressed reply parsing (on mixed-case sensitive resolvers) ! Fix plugins export on OpenWatcom compiler (light version) ! Fix SOCKSv5 parent over IPv6 network 04.09.2016 Releasing as 0.8.7 ! Fix 'daemon' command for Linux ! Fix 'extip' redirections 00009 errors ! Fix counters for older Win platforms ! Resolve logging race conditions ! attempt to fix pam_auth race conditions ! FTP proxy workaround for broken gethostname() on some libc limplementations ! authcache IP matching corrected ! fix SOCKSv5 BIND/UDP ASSOC ! use setreuid/setregid instead of setuid / setgid - OpenWatcom makefiles for Windows - -u2 support for proxy - support %i in logformat - force/noforce configuration commands to disconnect / do not disconnect clients if nolonger match ACL after configuration change - support longer external passwords Lite version of Windows binaries is switched to OpenWatcom. It will hopefully remove int64-related msvcrt.dll issues on old Windows versions. 07.03.2016 Releasing as 0.8.6 ! Fix: random 00012 errors in some configurations 02.03.2016 Releasing as 0.8.5 !Fix: mutex was used prior to initialization on 'log' command processing 28.02.2016 Releasing as 0.8.4 + Build PamPlugin on *nix - stacksize and -S options, stacksize defaults changed for FreeBSD - extip redirection type added ! SSL plugin fix to correct handling of certificates path ! fixed random errors on IPv6 connect 26.01.2016 Releasing as 0.8.3 ! fixed: use SASIZE() instead of sizeof() in connect() for FreeBSD compatibility 3proxy-0.8.3-lite.zip - Windows binaries, Lite version compatible with old Windows versions 3proxy-0.8.3.zip / 3proxy-0.8.3-x64.zip - 32/64 Windows binraries, compatible with Windows Vista / 2008 server and above 23.01.2016 Releasing as 0.8.2 !! Fix transparent flag not reset after keep-alive connection, can lead to DoS by authenticated user. ! Do not use SO_REUSEADDR by default (leads to random 00013 errors under some glibc versions) ! Use SASIZE() instead of sizeof() in bind() for FreeBSD compatibility 23.01.2016 Releasing as 0.7.1.4 !! Fix transparent flag not reset after keep-alive connection, can lead to DoS from authenticated user. 21.01.2016 Releasing as 0.8.1 !!Fix: destination IP may be not checked against ACL 19.01.2016 Releasing as 0.8.0 + IPv6 support - back connect support - name resolution over TCP, parent proxy support for dnspr ! multiple race conditions fixed ! reduced memory usage ! Generate Forwarded: header instead of X-Forwarded-For: ! Default name resolution is non-blocking in *nix Read HowTo for new functionality description Update from 0.7 is recommended if you use 3proxy under high load 12.01.2016 Releasing as 0.8-pre + IPv6 support - Connect back (reverse connect) proxy - DNS requests redirection via parent proxy over TCP (including UDP->TCP mapping) - SSLPlugin for TLS/SSL traffic decryption - multiple race conditions fixed on configuration reload 15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication15.09.2015 Releasing as 0.7.1.3 ! traffic displayed incorrectly ! archiver doesn't add suffix if logname contains macro ! fix potential race condition on configuration reload ! fix FTP over HTTP authentication
Fixed pkglint warnings.
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Update to latest release, 0.7.1.2. Fix build on OpenBSD and Bitrig, as identified by sevan@'s early build report. Update patches. Changes: 02.07.2014 Releasing 0.7.1.1 ! Linux compilation issues corrected 28.06.2014 Releasing 0.7.1 + Windows icons added + Warnings added for most common misconfigurations + ftppr NLSD command supported ! Ignore NTLM handshake if NTLM is not enabled ! memcpy replaced with memmove for overlapped region ! better EINTR handling on *nix ! FTP proxy debugging output removed, binding for data connection corrected ! memory leak fixed in ldapauth plugin 08.04.2014 Releasing as 0.7 Significant changes since 0.6.1: !! auth iponly by default ! maxconn is 500 by default ! Improved HTTP/1.1 compatibility ! Functionality bugfixes + Few new plugins 11.07.2012 ! fixed: counters over 4GB in webadmin 26.06.2012 ! OpenSSL thread support functions added to SSL plugin 10.05.2012 ! SSL plugin works. Commands to enable/disable SSL spoofing will be added later. 25.04.2012 ! pcre_rewrite slash sequence logic corrected 16.04.2012 + Added: SSLPlugin for SSL decryption with certificates spoofing 12.04.2012 + Added: new filter callback function type (pre data filter) for things like SSL/TLS, gzip, etc. WARNING: all plugins with filter functions need to be reviewed for compatibility 06.02.2012 + Added: transparent redirection plugin for linux. Automatically detects redirection address if traffic is redirected via iptables 15.08.2011 ! Fixed: 100% CPU because of usleep with large value on NetBSD 11.06.2011 + Support for extusername/extpassword added to smtpp 04.06.2011 ! Fixed: web admin access ! Fixed: wrong error code in logfile in some rare cases ! Migrated to VC 9.0 compiler 14.04.2011 ! Authentication: do not request username/password in mixed authentication if all modules deny access. 12.04.2011 ! Minor code cleanup 17.12.2010 - Debugging output to stdout removed 09.12.2010 ! Code cleanup for sockets mapping and chunked encoding, ! Content-Length up to 4GB 25.11.2010 + System locale handling added for mixed case username in WindowAuthentication 13.11.2010 + Plugin utf8tocp1251 added to automatically detect UTF-8 (used by Chrome and Opera in username/password. usage plugin "utf8tocp1251" utf8tocp1251 auth utf8tocp1251 strong or auth utf8tocp1251 cache windows 11.11.2010 ! encoding paramter added to WWW-Authenticate and Proxy-Authenticate headers in .3ps files according to http://tools.ietf.org/id/draft-reschke-basicauth-enc-01.txt 12.08.2010 ! Removed getservbyport() from webadmin to avoid potential race condition 09.08.2010 ! Default .3ps files corrected 26.06.2010 ! Fixed: keep-alive connections detection for HTTP/1.1 10.12.2009 ! Fixed: external address may be incorrectly set if few requests are received in single connection. 02.12.2009 ! zero sockaddr before bind for some FreeBSD versions compatibity 26.10.2009 ! Some changes for MD4/MD5 libraries 64-bit compatibility 01.10.2009 ! Fixed: Content-Length is sent twice to server if there are content-handling plugins. 17.09.2009 ! Makefile.Linux: add3proxyuser.sh moved to INSTALL_CFG_OBJS (thanks to Martin Wanicki) + Functionality added to intercept all socket-related calls for plugins 03.09.2009 ! Fixed: client connection was not closed on removed Content-Length (may cause connection hang for timeout at the end of large file transfer if filtering plugins are used). 24.08.2009 + Added transparent redirection to ICQ and MSN proxy + Added (untested) Last.fm ripper plugin - initial version, code needs to be cleaned to work under *nix. Thanks to Denis Stanishevskiy. 14.08.2009 + WinCE (Windows Mobile) support added 27.07.2009 ! Fixed: use authnserver for name match check if configured 22.07.2009 + authnserver command added (nserver to use only with auth dnsname) 13.07.2009 + man pages for smtpp and icqpr added ! traffic correction plugin logics fixed 10.07.2009 + 3proxy configuration parser: support added for empty strings (""). 09.07.2009 + dnsname authentication added (auth dnsname) - puts validated reverse DNS record (PTR) instead of username + PCREPlugin: Added: \r, \n support from pcre_rewrite rewrite string. Use \0 for empty string + PCREPlugin: Added: * may be used instead of regex (no regex is created and checked in this case) 24.06.2009 ! random redirections are really fixed (incomplete fix on 08.04.2009) ! icqpr "Need recync" problem fixed ! disable NTLM by default (because of Windows Vista) until NTLMv2 implemented ! set auth iponly to be default 08.04.2009 ! Fixed: distribution between parent proxies was not even because of non-linear probability 18.03.2009 ! Marking as 0.7-devel 06.03.2009 ! Fixed: filters were applied in reverse order 25.02.2009 ! Fixed: beginning of HTTP data may be not passed to filter 22.02.2009 ! handle Content-Length as unsigned long to allow files > 2GB. 10.02.2009 ! Ldapauth plugin corrected according to changes on 02.02.2009 02.02.2009 + countout / nocountout commands added ! Added workaround for Mac OS X / iPhone OS poll() (mis)behaviour. 30.01.2009 ! Flush buffer in case of POLLxxx - probably required for Mac OS X / iPhone OS 24.01.2009 ! Changed WindowsAuthentication to convert username to lowercase 10.12.2008 ! Fixed: login may hang in ftppr in case of large server banner 30.10.2008 ! WindowsAuthentication plugin may sometimes fail with 100122 error on startup because of uninitialized variable. 30.09.2008 ! -lXXX moved to $LIBS in Makefiles for linkers compatibility + 3proxy for Dummies v.1.2 by Kurmaeff Halit added (in Russian) 26.08.2008 ! Fixed: end of chunked-encoded page may be incorrectly detected 24.07.2008 ! Fixed: buffering problem on multiple chunks 21.07.2008 ! Previous fix was incomplete 13.07.2008 Thanks to Hostile Fork: ! Fixed directory listing building for some rare FTP servers (e.g. HP) ! Fixed (probably) chunked encoding should now work. REQUIRES TESTING. please report, if you have problems with chunked. 11.05.2008 + minor plugin interface additions 03.05.2008 + pcre_options implemented 24.04.2008 ! Fixed: bandlimsout may not work if both bandlimsin and bandlimsout are configured. 01.04.2008 ! Fixed: chunked was actually converted to non-chunked 25.03.2008 + HTTP chunked support (hopefully) added, not tested yet 13.02.2008 ! Do not shutdown listening socket ! FTPPR was broken on 10.02 fix ! ':' may be encoded in ftp:// URI's in proxy
Calling usleep for 1000000 microseconds or more is not allowed, so add a myusleep() wrapper to DTRT. This should fix the 100% CPU utilisation. PKGREVISION -> 1.
Add net/3proxy version 0.5.3k. This is a multi-protocol proxy that can be configured to chain to other proxies.