The NetBSD Project

CVS log for pkgsrc/net/radsecproxy/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / net / radsecproxy

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.12: download - view: text, markup, annotated - select for diffs
Fri May 26 15:06:05 2023 UTC (18 months, 1 week ago) by he
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2, pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4, pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, HEAD
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +4 -4 lines
Update radsecproxy to version 1.10.0.

Pkgsrc changes:
 * Only checksums.

Upstream changes:
2023-05-26 1.10.0
        New features:
        - Native dynamic discovery for NAPTR and SRV records (#2, #83)
        - Optionally log accounting requests when respoinding directly (#72)
        - SNI support for outgoing connections (#90)
        - Optionally specify server name for certificate name check (#106)
        - Manual MTU setting for DTLS on non-linux platforms

        Misc:
        - Don't require server type to be set by dyndisc scripts
        - Improve locating openssl lib using pkg-config

        Bug Fixes:
        - Fix radius message length handling

2023-05-02 1.9.3
        Bug Fixes:
        - Fix shutdown TLS connection on malformed radius message (#122)
        - Fix handling of lost requests in DTLS
        - Fix flush requests when dyndisc fails

Revision 1.11: download - view: text, markup, annotated - select for diffs
Mon Jan 23 16:14:17 2023 UTC (22 months, 1 week ago) by he
Branches: MAIN
CVS tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -4 lines
Update radsecproxy to version 1.9.2.

Pkgsrc changes:
 * Only checksums.

Upstream changes:
2023-01-23 1.9.2
        Bug Fixes:
        - Fix potential segfault in tcp log message
        - Fix DTLS over IPv6
        - Fix SSL shutdown/EOF for openssl 3.x (#108)

Revision 1.10: download - view: text, markup, annotated - select for diffs
Mon Nov 15 18:10:08 2021 UTC (3 years ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -2 lines
radsecproxy: use BLAKE2s

Revision 1.9: download - view: text, markup, annotated - select for diffs
Tue Oct 26 09:54:35 2021 UTC (3 years, 1 month ago) by he
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +4 -4 lines
Update radsecproxy to version 1.9.1.

Pkgsrc changes:
 * None.

Upstream changes:
2021-10-25 1.9.1
        Misc:
        - OpenSSL 3.0 compatibility (#70)

        Bug Fixes:
        - Fix refused startup with openssl <1.1 (#82)
        - Fix compiler issue for Fedora 33 on s390x (#84)
        - Fix small memory leak in config parser
        - Fix lazy certificate check when connecting to TLS servers
        - Fix connect is aborted if first host in list has invalid certificate
        - Fix setstacksize for glibc 2.34 (#91)
        - Fix system defaults/settings for TLS version not honored (#92)

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Oct 7 14:42:38 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +1 -2 lines
net: Remove SHA1 hashes for distfiles

Revision 1.7: download - view: text, markup, annotated - select for diffs
Fri May 28 06:20:33 2021 UTC (3 years, 6 months ago) by he
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +5 -5 lines
Update radsecproxy to version 1.9.0.

Upstream changes:

2021-05-28 1.9.0
        New features:
        - Accept multiple source* configs for IPv4/v6
        - Specify source per server
        - User configurable cipher-list and ciphersuites
        - User configurable TLS versions
        - Config option for DH-file
        - Add rID and otherName options to certifcateAttributeCheck
        - Allow multiple matchCertificateAttribute
        - Option to start dynamic server in blocking mode

        Misc:
        - Move radsecproxy manpage to section 8
        - Log CUI and operator-name if present
        - Log CN for incomming TLS connections

        Bug Fixes:
        - Fix overlapping log lines
        - Fix memory leak in logging
        - Fix dynidsc example scripts input validation (CVE-2021-32642)

2020-08-06 1.8.2
        Bug fixes:
        - Fix wrong config-unhexing if %25 (%) occurs
        - Fix compatibility with GCC 10 (#63)
        - Fix spelling in manpage
        - Fix modifyVendorAttribute not applied (#62)
        - Fix unncessary status-server when in minimal mode (#61)

Revision 1.6: download - view: text, markup, annotated - select for diffs
Mon Apr 20 00:43:28 2020 UTC (4 years, 7 months ago) by joerg
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -1 lines
Fix ctype use. Bump revision.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Tue Oct 1 16:38:08 2019 UTC (5 years, 2 months ago) by he
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +5 -5 lines
Update radsecproxy to version 1.8.1.

Pkgsrc changes:
 * None.

Upstream changes:
2019-10-01 1.8.1
  Bug fixes:
   - Handle Tunnel-Password attribute correctly
   - Fix BSD platform issues
   - Fix spelling in log messages and manpages
   - Fix compile issues for unit tests
   - Don't hardcode location of config files

Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Sep 11 11:51:22 2019 UTC (5 years, 2 months ago) by he
Branches: MAIN
CVS tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +5 -5 lines
Update radsecproxy to version 1.8.0.

Pkgsrc changes:
 * The hosting of radsecproxy has changed to github.com.
 * Add dependency on nettle.
 * Update LICENSE, now only modified-bsd.
 * Use gmake to build to avoid a couple of warnings.
 * Relinquish exclusive maintainership.

Upstream changes:

20190704 1.8.0
        New features:
        - Rewrite: supplement attribute (add attribute if not present) (#19)
        - Rewrite: modify vendor attribute
        - Rewrite whitelist mode
        - Autodetect status-server capability of servers
        - Minimalistic status-server
        - Explicit SubjectAltName:DNS and :IP match on certificates

        Misc:
        - No longer require docbook2x tools, but include plain manpages
        - Fail on startup if overlapping clients with different tls blocks

        Compile fixes:
        - Fix compile issues on bsd

        Bug fixes:
        - Handle %00 in config correctly (#31)
        - Fix server selection when udp were unreachable for long periods

2018-09-03 1.7.2
        Misc:
        - Always copy proxy-state attributes in own responses
        - Authenticate own access-reject responses
        - Retry outstanding requests after connection reset

        Compile fixes:
        - Fix compile issues on some platforms (#14)
        - Fix compile issue when dtls disabled (#16)
        - Fix compile issue on Cygwin (#18)
	- Fix radsecproxy.conf manpage not installed when docbook2x
	  not available

        Bug fixes:
        - Fix request might be dropped if udp client uses multiple source ports
        - Fix tls output might drop requests under high load
        - Check for IP literals in Certificate SubjectAltName:DNS records
        - Fix tls connection might hang during SSL_connect and SSL_accept

2018-07-05 1.7.1
        License and copyright changes:
        - Copyright SWITCH
        - 3-clause BSD license only, no GPL.

        Enhancements:
        - Support the use of OpenSSL version 1.1 and 1.0 series
          (RADSECPROXY-66, RADSECPROXY-74).
        - Reload TLS certificate CRLs on SIGHUP (RADSECPROXY-78).
        - Make use of SO_KEEPALIVE for tcp sockets (RADSECPROXY-12).
        - Optionally include the thread-id in log messages
        - Allow hashing MAC addresses in the log (same as for F-Ticks)
        - Log certificate subject if rejected
        - Log own responses (RADSECPROXY-61)
        - Allow f-ticks prefix to be configured
        - radsecproxy-hash: allow MAC addresses to be passed on command line

        Misc:
        - libnettle is now an unconditional dependency.
        - FTicks support is now on by default and not optional.
        - Experimental code for dynamic discovery has been removed.
        - Replace several server status bits with a single state enum.
          (RADSECPROXY-71)
        - Use poll instead of select to allow > 1000 concurrent connections.
	- Implement locking for all SSL objects (openssl states it
	  is not thread-safe)
        - Rework DTLS code.

        Bug fixes:
        - Detect the presence of docbook2x-man correctly.
        - Make clang less unhappy.
        - Don't use a smaller pthread stack size than what's allowed.
        - Avoid a deadlock situation with dynamic servers (RADSECPROXY-73).
        - Don't forget about good dynamically discovered (TLS) connections
          (RADSECPROXY-69).
	- Fix refcounting in error cases when loading configuration
	  (RADSECPROXY-42)
        - Fix potential crash when rewriting malformed vendor attributes.
        - Properly cleanup expired requests from server output-queue.
        - Fix crash when dynamic discovered server doesn't resolve.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Thu Aug 3 11:30:45 2017 UTC (7 years, 4 months ago) by he
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +5 -5 lines
Update radsecproxy to version 1.6.9.

Pkgsrc changes:
 * The hosting of radsecproxy has changed to nordu.net.

Upstream changes:

2017-08-02 1.6.9
        Misc:
        - Use a listen(2) backlog of 128 (RADSECPROXY-72).

        Bug fixes:
        - Don't follow NULL the pointer at debug level 5 (RADSECPROXY-68).
        - Completely reload CAs and CRLs with cacheExpiry (RADSECPROXY-50).
        - Tie Access-Request log lines to response log lines (RADSECPROXY-60).
        - Fix a couple of memory leaks and NULL ptr derefs in error cases.
        - Take lock on realm refcount before updating it (RADSECPROXY-77).

2016-09-21 1.6.8
        Bug fixes:
        - Stop waiting on writable when reading a TCP socket.
        - Stomp less on the memory of other threads (RADSECPROXY-64).

2016-03-14 1.6.7
        Enhancements (security):
        - Negotiate TLS1.1, TLS1.2 and DTLS1.2 when possible, client and
        server side. Fixes RADSECPROXY-62.

        Enhancements:
        - Build HTML documentation properly.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Wed Nov 4 00:35:33 2015 UTC (9 years, 1 month ago) by agc
Branches: MAIN
CVS tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -1 lines
Add SHA512 digests for distfiles for net category

Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Tue Jan 20 08:17:09 2015 UTC (9 years, 10 months ago) by he
Branches: MAIN
CVS tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Add radsecproxy version 1.6.6 to pkgsrc.

radsecproxy is a generic RADIUS proxy that supports both UDP and TLS
(RadSec) RADIUS transports.  There is also experimental support for
TCP and DTLS.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>