Up to [cvs.NetBSD.org] / pkgsrc / net / quagga
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
net: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts...): net/radsecproxy/distinfo The following distfiles could not be fetched (fetched conditionally?): ./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz ./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch ./net/djbdns/distinfo djbdns-1.05-test28.diff.xz ./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch ./net/djbdns/distinfo djbdns-1.05-multiip.diff ./net/djbdns/distinfo djbdns-cachestats.patch
net: Remove SHA1 hashes for distfiles
net/quagga: miscellaneous cleanups (no real changes) This commit addresses a lot of minor pkglint things, with no resulting real changes, I think.e
net/quagga: comment patches, use preferred link status interface on NetBSD
Fix lib/thread.c implementation for list handling and thread_cancellation: Documented upstream in: https://bugzilla.quagga.net/show_bug.cgi?id=1011 The included patches will remedy thread.c shortcomings and add proper safeguards to detect future thread handling errors. fixes in the patches: - add a name to a thread for error messages - add a list pointer to the thread to track list membership - add fast check on prev/next pointer invariants - add check to detect inserting of a thread already in a list - add check to detect deletion of a thread not in a list - ignore cancellation requests for the currently running thread (fixes crash) - fix setting of prey/next pointers on adjecant elements when a head/tail element is deleted
quagga: Update to 1.2.4 This update (from 1.2.2) contains bug fixes, including fixes for security issues described at: https://www.quagga.net/security/Quagga-2018-0543.txt https://www.quagga.net/security/Quagga-2018-1114.txt https://www.quagga.net/security/Quagga-2018-1550.txt https://www.quagga.net/security/Quagga-2018-1975.txt
quagga: correct mistake in configure check. this made the configure test always fail and broke the build on netbsd. Fixes PR pkg/53050. PKGREVISION++
quagga: HAVE_BSD_STRUCT_IP_MREQ_HACK does not work on SunOS
quagga: Update to 1.2.2 Upstream changes: Quagga 1.2.2 Upstream did not publsh NEWS -- basically bug fixes Quagga 1.2.1 bug fixes and minor improvements Quagga 1.2.0 This is a feature release, for testing or more adventurous users. More conservative users may wish to stay with an older release. This release contains: Next-Hop Resolution Protocol support from Timo Teräs BGP Large Community support, thanks to Job Snijders and Keyur Patel BGP session establishment reworked, for speed and reliability BGP route-advertisement timer interval default lowered, to 3s for eBGP and 1s for iBGP. BGP Connect retries made more aggressive, with lower retry timer and a slower-ramping backoff. Quagga 1.1.1 bug and security fixes There is a known regression with IPv6 BGP sessions, see Bugzilla #870. Quagga 1.1.0 This is a release with a number of new features, and many bug fixes. Notably: Greatly improved nexthop resolution for recursive routes. (Cumulus) Event driven nexthop resolution for BGP (Cumulus) Route tags support (Piotr Chytła, Packet Consulting) Transport of TE related metrics over OSPF, IS-IS (Olivier Dugeon, Orange) IPv6 Multipath for zebra and BGP (Ayan Banerjee, Cumulus) This release also changed the default of 'link-detect' state, controlling whether zebra will respond to link-state events and consider an interface to be down when link is down. To retain current the behavior save your config before updating, otherwise remove the 'link-detect' flag from your config prior to updating. There is also a new global 'default link-detect (on|off)' flag to configure the global default. Quagga 1.0.20161017 zebra IPv6 RA and BGP MRT dump security fixes
Conditionalize two routing message flags that no longer exist in NetBSD/current.
Update to 1.0.20160315 This is an update to address security issues, but contains more changes. Packaging changes include: remove lib/privs.c patch (integrated upstream) opaque LSA no longer an option (always on) pimd enabled by default upstream and hence in the package Upstream changes from http://savannah.nongnu.org/news/?group=quagga Quagga 1.0.20160315 Released Quagga 1.0.20160309 has been released, and is available at http://download.savannah.gnu.org/releases/quagga/ This is a bug fix release. It addresses a crash in protocols with a redistribute statement. Quagga 1.0.20160309 Released Quagga 1.0.20160309 has been released, and is available at http://download.savannah.gnu.org/releases/quagga/ This release addresses Security Vulnerability VU #270232. Users using VPNv4 to untrusted peers and zebra that have untrusted clients talking to it are advised to upgrade to this release. For further details see the CERT Vulnerability note: https://www.kb.cert.org/vuls/id/270232 Major user-visible changes: [quagga] - Namespace VRF Support has been added. [lib] - Add 'show commandtree' [bgpd] - vpnv4 and vpnv6 handling has been included. [bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling. [bgpd] - Addition of 'show ip bgp dampening' command tree. [bgpd] - If route-map does not exist default to DENY for redistribute statements [bgpd] - Lower default 'timers connect' in BGP to 10 seconds. [bgpd] - Enable "bgp log-neighbor-changes" by default [bgpd] - Add support for timer commands with peer-group syntax [bgpd] - Extend Dump to allow Extended Time Format [babeld] - Removed from the distribution. [isisd] - Allow the adjustment of lsp-mtu [isisd] - Allow the import of routes from other protocols [ospfd] - Add per interface 'ip ospf area' command [ospfd] - Lower the default OSPF spf timers to '0 50 5000' [ripngd] - Add ECMP support [pimd] - Add multicast static routes. [pimd] - Add ability to set DR priority for an interface [pimd] - Add ability to modify hello and hold timers per interface [vtysh] - Add 'show thread cpu ..' and 'show work-queues' [vtysh] - Add 'show run <protocol>' command [vtysh] - Fix history handling
Fix the Solaris SMF method script. Bump PKGREVISION.
Add SHA512 digests for distfiles for net category Problems found with existing digests: Package haproxy distfile haproxy-1.5.14.tar.gz 159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded] da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated] Problems found locating distfiles: Package bsddip: missing distfile bsddip-1.02.tar.Z Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2 Package djbdns: missing distfile djbdns-cachestats.patch Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch Package gated: missing distfile gated-3-5-11.tar.gz Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz Package poink: missing distfile poink-1.6.tar.gz Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch Package waste: missing distfile waste-source.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Update to 0.99.24.1. Remove patches that were applied upstream. isisd is enabled, but pimd isn't yet (only because those are upstream defaults). Upstream changes since 0.99.23: User-visible changes: - [pimd] New daemon: pimd provides IPv4 PIM-SSM multicast routing. - [bgpd] New feature: "next-hop-self all" to override nexthop on iBGP route reflector setups. - [bgpd] route-maps have a new action "set ipv6 next-hop peer-address" - [bgpd] route-maps have a new action "set as-path prepend last-as" - [bgpd] Update validity checking (particularly MP-BGP / IPv6 routes) was touched up significantly. Please report possible bugs. - [ripd] New feature: RIP for IPv4 now supports equal-cost multipath (ECMP) - [zebra] Multicast RIB support has been extended. It still is IPv4 only. - [zebra] "no link-detect" is now printed in configurations since it won't be the default anymore soon. To retain current behaviour, re-save your configuration after updating to 0.99.24. Distributor-visible changes: - --enable-pimd is added to enable pimd. It is considered experimental, though unless the distribution target is embedded systems with little flash, there is no reason to not include it in packages. - --disable-ipv6 no longer exists as an option. It's 2015, your C library really needs to have IPv6 support by now. - --disable-netlink no longer exists as an option. It didn't work anyway. - --disable-solaris no longer exists as an option. It only controlled some init scripts. - --enable-isisd is now the default. - mrlg.cgi is no longer included (it was severely outdated). It can be found independently at http://mrlg.op-sec.us/ - build on Linux with the musl C library should now work
Note upstream status of patches.
Backport an Illumos patch to fix the minimum privilege model, fixes quagga on SunOS. Add SMF manifest and method. Bump PKGREVISION.
Update to 0.99.23.1. Remove a patch which has been incorporated upstream, and one which has been superceded. Add a patch to use the system's RT_ROUNDUP macro if defined, which fixes IPv6 routing on NetBSD 6 (where rtsock alignment has changed). Upstream NEWS: * Changes in Quagga 0.99.23 Known issues: - [bgpd] setting an extcommunity in a route map on a route that already has an extcommunity attribute will cause bgpd to crash. This issue will be fixed in a followup minor release. User-visible changes: - [lib] Performance enhancements on hashes and timers. - [bgpd] New feature: iBGP TTL security. - [bgpd] New feature: relaxed bestpath criteria for multipath and improved display of multipath routes in "show ip bgp". Scripts parsing this output may need to be updated. - [bgpd] Multiprotocol peerings over IPv6 now try to find a more appropriate IPv4 nexthop by looking at the interface. - [ospf6d] A large amount of changes has been merged for ospf6d. Careful evaluation prior to deployment is recommended. - [zebra] Recursive route support has been overhauled. Scripts parsing "show ip route" output may need adaptation. - [zebra] IPv6 address management has been improved regarding tentative addresses. This is visible in that a freshly configured address will not immediately be marked as usable. - [*] a lot of bugs have been fixed, please refer to the git log
Fix build failure with readline-6.3
Fix build on SunOS.
Update to 0.99.22.3. Update HOMEPAGE, MASTER_SITES. Set USE_GNU_READLINE to catch up to 2012Q3 devel/readline builtin detection. 0.99.22.3 basically contains a security bugfix for OSPF-API. 0.99.22.2 was not released. 0.99.22.1 contains a few non-security bugfixes. Changes in 0.99.22 since 0.99.21: - [bgpd] The semantics of default-originate route-map have changed. The route-map is now used to advertise the default route conditionally. The old behaviour which allowed to set attributes on the originated default route is no longer supported. - [bgpd] There is now a replace-as option to neighbor ... local-as ... no-prepend. For details, refer to the user documentation. - [zebra] An FPM interface has been added. This provides an alternate interface to routing information and is geared at OpenFlow & co. - [snmp] AgentX is now supported; the old smux backend is considered deprecated. ospf6d has also had OSPFV3-MIB added. - [*] several issues with configuration save/load/apply have been fixed, in particular on ospf "max-metric router-lsa administrative" and "distribute-list", bgpd "no neighbor activate", isisd "metric-style", - [*] a lot of bugs have been fixed, please refer to the git log
Extend ip_mreq hack to SunOS platforms
net/quagga: Expand ip_mreq hack conftest to DragonFly DragonFly can't support the Multicast API so in order for quagga to build the conftest for ip_mreq needs to return positive for all versions of DragonFly. The configure script was patched, but this probably could have been accomplished by overriding the configure cache from the Maefile. DragonFly successfully buids with this conftest change.
Update to 0.99.21 * Changes in Quagga 0.99.21 - [bgpd] BGP multipath support has been merged - [bgpd] SAFI (Multicast topology) support has been extended to propagate the topology to zebra. - [bgpd] AS path limit functionality has been removed - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing protocol has been merged. - [isisd] a major overhaul has been picked up. Please note that isisd is STILL NOT SUITABLE FOR PRODUCTION USE. - [*] a lot of bugs have been fixed, please refer to the git log
Pullup ticket #3704 - requested by gdt net/quagga: security update Revisions pulled up: - net/quagga/Makefile 1.39 - net/quagga/distinfo 1.13 --- Module Name: pkgsrc Committed By: gdt Date: Sun Mar 18 01:14:07 UTC 2012 Modified Files: pkgsrc/net/quagga: Makefile distinfo Log Message: Update to 0.99.20.1, a security bugfix release. Multiple security bugfixes, including one for a BGP DOS.
Update to 0.99.20.1, a security bugfix release. Multiple security bugfixes, including one for a BGP DOS.
Update to 0.99.20. 0.99.20: The primary focus of this release is a fix of SEGV regression in ospfd, which was introduced in 0.99.19. It also features a series of minor improvements, including better RFC compliance in bgpd, better support of FreeBSD and some enhancements to isisd. 0.99.19: This release provides security fixes, which address assorted vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327). 0.99.18: This release fixes 2 denial of services in bgpd, which can be remotely triggered by malformed AS-Pathlimit or Extended-Community attributes. These issues have been assigned CVE-2010-1674 and CVE-2010-1675. Support for AS-Pathlimit has been removed with this release. The release includes a number of bug-fixes and enhancements, primarily for ospfd, ospf6d and bgpd.
Replace with contents of quagga-devel, thus upgrading to 0.99.17.
pullup ticket #2376 - requested by tonnerre quagga: fixes denial of service revisions pulled up: - pkgsrc/net/quagga/Makefile 1.31 - pkgsrc/net/quagga/distinfo 1.10 - pkgsrc/net/quagga/patches/patch-ab 1.3 - pkgsrc/net/quagga/patches/patch-ac 1.3 Module Name: pkgsrc Committed By: tonnerre Date: Tue May 13 22:30:47 UTC 2008 Modified Files: pkgsrc/net/quagga: Makefile distinfo Added Files: pkgsrc/net/quagga/patches: patch-ab patch-ac Log Message: Add patch for CVE-2007-1995 for stable quagga (NLRI attributes denial of service).
Add patch for CVE-2007-1995 for stable quagga (NLRI attributes denial of service).
Pullup ticket 1692 - requested by gdt security update for quagga Revisions pulled up: - pkgsrc/net/quagga/Makefile 1.29 - pkgsrc/net/quagga/PLIST 1.8 - pkgsrc/net/quagga/distinfo 1.9 Module Name: pkgsrc Committed By: gdt Date: Mon Jun 5 19:28:25 UTC 2006 Modified Files: pkgsrc/net/quagga: Makefile PLIST distinfo Log Message: Update to 0.98.6. Security: ripd: - RIPD unauthenticated route table broadcast: CVE-2006-2223, OSVDB ID 25224, Secunia SA19910 - RIPD unauthenticated route injection: CVE-2006-2224, OSVDB ID 25225, Secunia SA19910 [ripd] 0.98 specific command changes, allow no-auth to be set [ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates [doc] Add text on 0.98 specific RIP authentication changes [docs] Update ripd docs on version and authentication, see bugs #261,#262 Thanks to Konstantin V. Gavrilenko for report and testing. bgpd: - bgpd Telnet Interface DoS: OSVDB ID 25245: http://www.osvdb.org/displayvuln.php?osvdb_id=25245 [quagga-dev 4051]: http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html [bgpd] Fix infinite loop in community_str2com [No NEWS entries for 0.98.2 to 0.98.6; many bugfixes]
Update to 0.98.6. Security: ripd: - RIPD unauthenticated route table broadcast: CVE-2006-2223, OSVDB ID 25224, Secunia SA19910 - RIPD unauthenticated route injection: CVE-2006-2224, OSVDB ID 25225, Secunia SA19910 [ripd] 0.98 specific command changes, allow no-auth to be set [ripd] bugs #261, #262: Fix RIPv1 info-leak and unauthenticated route updates [doc] Add text on 0.98 specific RIP authentication changes [docs] Update ripd docs on version and authentication, see bugs #261,#262 Thanks to Konstantin V. Gavrilenko for report and testing. bgpd: - bgpd Telnet Interface DoS: OSVDB ID 25245: http://www.osvdb.org/displayvuln.php?osvdb_id=25245 [quagga-dev 4051]: http://lists.quagga.net/pipermail/quagga-dev/2006-March/004052.html [bgpd] Fix infinite loop in community_str2com [No NEWS entries for 0.98.2 to 0.98.6; many bugfixes]
Fix errno.
Add RMD160 checksum.
Update to 0.98.2. This is from riz AT boogers.sf.ca.us via PR #29518 with some slight modifications. Also some review by Greg Troxel (who is a quagga developer). This is based on the pkgsrc-wip version. This has many changes. But ChangeLog is incomplete. This uses USE_LIBTOOL. Uses rcd scripts provide from quagga distribution (are pkgsrc/NetBSD style). Adds USE_ZEBRA_OSPF_OPAQUELSA build definition for --enable-opaque-lsa. All patches removed.
Add RMD160 digests.
Fix a security problem wrt telnet control characters. Bump PKGREVISION. Patch from RedHat Source RPM via itojun (same for zebra commit a minute ago). While here, fix PLIST.
upgrade to 0.96.3 (compilation confirmed, installation not tested) http://lists.quagga.net/pipermail/quagga-users/2003-October/000543.html - missing rip_enable_apply() which was causing lots of problems in ripd - revert of the generic PtP patch. This patch just caused way way too many problems in its quest to try support FreeSWANs odd handling of IPSec interfaces, particularly in ospfd.
upgrade to 0.96.2. changes from webpage: Quagga 0.96.2 has been released, which fixes a small but very annoying ospfd bug. Also includes Mr. Ohara's command.c newline fix. Quagga 0.96.1 has been released, which fixes a small but significant problem with the privileges code.
quagga-0.96, fork of zebra
Initial revision