Next | Query returned 157 messages, browsing 41 to 50 | Previous

History of commit frequency

CVS Commit History:


   2014-01-05 23:03:43 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01alpha21 and fix some pkglint warnings.

This release adds some workarounds for compiling with MinGW. New
functions xcomerr(), xcomerrno(), fxcomerr(), and fxcomerrno() in
libschily. A bug in libschily/format.c that caused %.*s to be
printed incorrectly has been fixed. libschily/fprformat.c gives
better printf() performance on Solaris. Some bugs in the mkisofs
man page have been fixed. Mkisofs now opens "NUL" on Win-DOS instead
of "/dev/null".
   2014-01-02 18:51:14 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a20:

All:

-	New Schily Makefiles rules for armv7l-linux

-	autoconf/xconfig.h.in now treats MinGW32 the same as when compiling
	with cl.exe

Libschily:

-	libschily::format.c (printf) now supports length modifiers
	like h hh l ll t z for the %n format.

-	libschily::format.c has been restructured for parsing the
	field width parameters in a way that would allow to later
	introduce support for %n$

-	Try to take care about the fact that MinGW32 does not support
	a standard compliant mkdir() function with two parameters.
	This applies top libschily/mkdirat.c and libschily/mkdirs.c

-	Corrected a typo in libschily/mkfifoat.c that called mkdir()
	instead of mkfifo()

-	libschily/getdtablesize.c needs the same treatment for MinGW32 as for
	cl.exe

Libparanoia (Ported/enhanced by Jörg Schilling, originated by Monty \ 
xiphmont@mit.edu):

-	libparanoia now implements the first stage in C2 error pointer
	support: it now is able to deal with input data that contains
	C2 pointers and it implements new callbacks to report C2
	statistics back to the caller.

-	libparanoia now supports to control the size of the read ahead buffer.
	This allows libparanoia to be adopted to the current constraints.
   2013-11-26 16:26:06 by Matthias Scheler | Files touched by this commit (1)
Log message:
Small (and probably irrelevant) clean-up of last commit.
   2013-11-26 15:57:33 by Matthias Scheler | Files touched by this commit (1)
Log message:
Fix build under NetBSD 6.0* and 6.1*.
   2013-11-25 13:06:07 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a19:

All:

-	New autoconf tests for:

	-	NFSv4 ACL support

	-	issetugid()

	-	lpathconf()

	-	utimens()
	-	futimens()
	-	lutimens()

-	The rules in the Schily Makefilesystem have been restructured in order
	to allow to avoid problems on platforms like FreeBSD and Mac OS X:

	FreeBSD and Mac OS X banned the not-free-enough (because GPLd)
	software to /usr/local, forcing us to add -I/usr/local/include
	and -L/usr/local/lib. Unfortunately, /usr/local/include frequently
	carries a _very_ outdated and thus wrong copy of "cdda_paranoia.h"
	which is more than 10 years old and definitely incompatible with
	dynamic linking on Mac OS X. This defective copy was first in the
	search path and prevented compilation.

	We now have a new macro: DEFOSINCDIRS= that grants to add include
	directories to the end of the search PATH to allow us to find the
	correct "cdda_paranoia.h" first.

	Please test and report in case of problems.

-	gmake and SunPro make include COMPILE.c with wrong content in their
	built-in rules. We now clear this macro un RULES/rules.top. It is
	still possible to provice a modified version from command line
	or from the environment.

-	include/schily/stdio.h was reordered, as it prevented compilation
	of the "bsh" on Linux. This was a problem recently introduced,
	when we added #ifndef NO_SCHILY_STDIO_H

-	Fixed autoconf typo HAVE_MKNODKAT -> HAVE_MKNODAT

-	include/schily/intcvt.h is now self contained.

-	include/schily/windows.h now includes the same type workaround
	for MINGW32 as fir the Microsoft C compiler, as there are the same
	autoconf detection problems.

-	Addded missing include/schily/err_type.h

-	New file include/schily/shedit.h

Libschily:

-	New files for libschily:

	at-base.c	generic implementation for *at() functions.
	fchownat.c	fchownat()
	fdopendir.c	fdopendir()
	fstatat.c	fstatat()
	futimens.c	futimens()
	futimesat.c	futimesat() Solaris specific old for utimensat()
	lutimens.c	lutimens()
	linkat.c	linkat()
	mkdirat.c	mkdirat()
	mkfifo.c	mkfifo()
	mkfifoat.c	mkfifoat()
	mknodat.c	mknodat()
	readlinkat.c	readlinkat()
	renameat.c	renameat()
	symlinkat.c	symlinkat()
	unlinkat.c	unlinkat()
	utimens.c	utimens()
	utimensat.c	utimensat()
	at-base.c	The base code for all single fd *at() functions.
	at-base2.c	The base code for all double fd *at() functions.

	contain emulations for system interfaces introduced in summer 2001 by Sun
	and with POSIX.1-2008.

-	New functions in libschily:

	absfpath()
	resolvefpath()

	allow to better control the behavior using flags.

-	The linker map file for libschily now adds some forgotten functions.

-	libschily/strstr.c and libschily/wcsstr.c now include a
	CDDL License hint

Libfind:

-	Libfind now allows to check for -type P (Solaris event port).
	A missing "case 'P':" was added to the parser.

Cdrecord:

-	Trying to avoid to confuse users
	on Solaris and Linux where a fine grained privilege implementation
	exists. Before, fine grained privileges have been given up after
	initializing the program and this may result in a root user that
	is treated as a normal user that cannot write into directories
	without global write permission. The named programs now no longer
	give up privileges in case they have been called with the needed
	privileges already and thus the programs cannot be used for
	privilege escalations anymore.

Cdda2wav (Maintained/enhanced by Jörg Schilling, originated by Heiko Eißfeldt \ 
heiko@hexco.de):

-	Trying to avoid to confuse users
	on Solaris and Linux where a fine grained privilege implementation
	exists. Before, fine grained privileges have been given up after
	initializing the program and this may result in a root user that
	is treated as a normal user that cannot write into directories
	without global write permission. The named programs now no longer
	give up privileges in case they have been called with the needed
	privileges already and thus the programs cannot be used for
	privilege escalations anymore.

-	Cddda2wav now flushes stderr before asking for a specific cddb
	entry index. It seems that on Linux stderr may not be unbuffered
	as expected.

-	Cdda2wav moved the option parsing code into a separate function
	gargs().

Readcd:

-	Trying to avoid to confuse users
	on Solaris and Linux where a fine grained privilege implementation
	exists. Before, fine grained privileges have been given up after
	initializing the program and this may result in a root user that
	is treated as a normal user that cannot write into directories
	without global write permission. The named programs now no longer
	give up privileges in case they have been called with the needed
	privileges already and thus the programs cannot be used for
	privilege escalations anymore.
   2013-10-19 15:29:34 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a18:

This release fixes a copy+paste bug in the Linux support code for
fine-grained privileges. Libfind no longer leaks filedescriptors
with -empty. New OS version ID rules have been added for various
newer WIN-DOS versions.
   2013-08-15 11:12:40 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a17:

All:

-	The Schily Makefilesystem no longer uses CC= for internal tasks.
	People who now set $CC to a different value will fail in a similar
	way as they would fail with other build systems.

-	Added automatic support for ARMv5 and ARMv6. This makes compilation
	on the RaspberryPI also possible with the non-automake aware gmake.

-	Allow "static" compilation (a compilation that does not use the
	dynamic defines from the Schily Makefilesystem) on Linux ARMv6 (which
	is used by RaspberryPI).

-	Allow a "static" compilation (a compilation without using dynamic -I
	Paths) on Linux on ARMv5 and ARMv6 by adding static #includes for
	Linux ARM in:

		include/schily//align.h
		include/schily//archdefs.h
		include/schily//avoffset.h
		include/schily//xconfig.h

	This is needed if you like to install the schily include files
	to /usr/include/schily and allow users to "manually" compile
	programs that use e.g libparanoia.

	To allow this, the autoconf results need to be installed as:

	<schily/armv5l-linux-gcc/*.h>
	and
	<schily/armv6l-linux-gcc/*.h>

-	Many sources have been modified to deal __CYGWIN32__ like __CYGWIN__
	This is neded as newer Cygwin versions that run in 64 Bit mode
	do no longer define __CYGWIN32__ but __CYGWIN__

Libmdigest:

-	Sources have been modified to deal __CYGWIN32__ like __CYGWIN__
	This is neded as newer Cygwin versions that run in 64 Bit mode
	do no longer define __CYGWIN32__ but __CYGWIN__

Libscg:

-	Sources have been modified to deal __CYGWIN32__ like __CYGWIN__
	This is neded as newer Cygwin versions that run in 64 Bit mode
	do no longer define __CYGWIN32__ but __CYGWIN__

Cdrecord:

-	Sources have been modified to deal __CYGWIN32__ like __CYGWIN__
	This is neded as newer Cygwin versions that run in 64 Bit mode
	do no longer define __CYGWIN32__ but __CYGWIN__

Cdda2wav (Maintained/enhanced by Jörg Schilling, originated by Heiko Eißfeldt \ 
heiko@hexco.de):

-	Sources have been modified to deal __CYGWIN32__ like __CYGWIN__
	This is neded as newer Cygwin versions that run in 64 Bit mode
	do no longer define __CYGWIN32__ but __CYGWIN__
   2013-07-11 09:03:58 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a16:

All:

-	The SCCS keyword expansion for "Mocsw" has been limited to
	prevent expansion of date '+%Y%m%d%H%M%S'

-	Mocsw now sets link mode to -Bdirect for recent OpenCSW rules

-	pkgdefs/OCSW/*/checkpkg_override modified to match current OpenCSW
	rules.

-	Make sure that all schily include files except the primary wrappers
	include schily/*.h instead of including the system include files directly.

-	Allow a "static" compilation (a compilation without using dynamic -I
	Paths) on Linux x86 by adding static #includes for Linux x86 in:

		include/schily//align.h
		include/schily//archdefs.h
		include/schily//avoffset.h
		include/schily//xconfig.h

	This is needed if you like to install the schily include files
	to /usr/include/schily and allow users to "manually" compile
	programs that use e.g libparanoia.

	To allow this, the autoconf results need to be installed as:

	<schily/i686-linux-gcc/*.h>
	and
	<schily/x86_64-linux-gcc/*.h>

Libparanoia (Ported/enhanced by Jörg Schilling, originated by Monty \ 
xiphmont@mit.edu):

-	memset() call in i_silence_match() now uses the correct size
	instead of sizeof (avec).
	Thanks to a hint from Andrew Dudman <ajdudman@sbcglobal.net>

-	Use dynamic arrays instead of alloca()/malloc() if available.
   2013-06-03 10:13:13 by Thomas Klausner | Files touched by this commit (2)
Log message:
Update to 3.01a15:

All:

-	Due to an incorrect message from last release, here is corrected
	information on when a Linux installation is potentially dangerous:

	New autoconf tests for sys/capability.h and cap_*() functions
	from Linux -lcap

	WARNING: If you do not see this:

		checking for sys/capability.h... yes

		...

		checking for cap_get_proc in -lcap... yes
		checking for cap_get_proc... yes
		checking for cap_set_proc... yes
		checking for cap_set_flag... yes
		checking for cap_clear_flag... yes

	your Linux installation is insecure in case you ever use the
	command "setcap" to set up file capabilities for executable commands.

	Note that cdrtools (as any other command) need to be capabylity aware
	in order to avoid security leaks with enhanced privileges. In most
	cases, privileges are only needed for a very limited set of operations.
	If cdrtools (cdrecord, cdda2wav, readcd) are installed suid-root, the
	functions to control privileges are in the basic set of supported
	functions and thus there is no problem for any program to control it's
	privileges - if they have been obtained via suid root, you are on a
	secure system.

	If you are however on an incomplete installation, that supports to
	raise privileges via fcaps but that does not include developer support
	for caps, the programs get the privileges without being able to know
	about the additional privileges and thus keep them because they cannot
	control them.

	WARNING: If you are on a Linux system that includes support for
	fcaps (this is seems to be true for all newer systems with
	Linux >= 2.6.24) and there is no development support for capabilities
	in the base system, you are on an inherently insecure system that allows
	to compile and set up programs with enhanced privileges that cannot
	control them.

	In such a case, try to educate the security manager for the related
	Linux distribution. Note that you may turn your private installation
	into a secure installation by installing development support for libcap.

-	WARNING: the include structure of include/schily/*.h and several sources
	has been restructured to cause less warnings with older OS platforms.
	If you see any new problem on your personal platform, please report.

-	New includefiles:

	schily/poll.h		Support poll()
	schily/stdarg.h		An alias to schily/varargs.h (but using the std name)
	schily/sunos4_proto.h	Missing prototypes for SunOS-4.x to make gcc quiet
	schily/timeb.h		Needed for users of ftime()

-	Many minor bug-fixes for the files include/schily/*.h

-	include/schily/archconf.h now defines __SUNOS5 for easier coding

-	include/schily/priv.h now defines platform independent fine grained privileges

-	Updated README.compile:

	Some typo patches from Jan Engelhardt <jengelh@inai.de>

	Documented the "LINKMODE=" macro to explain how to create dynamically
	linked bynaries.

Libschily:

-	Added #include <schily/libport.h> to libschily/fnmatch.c

Libedc (Optimized by Jörg Schilling, originated by Heiko Eißfeldt heiko@hexco.de):

-	Added #include <schily/libport.h>

Libdeflt:

-	Added #include <schily/libport.h>

Libfind:

-	dirname -> dir_name to avoid a gcc warning

Libhfs_iso:

-	Rename variable "utime" to "uxtime" to avoid a compiler warning

Libscg:

-	Repositioned #ifdefs to avoid unused variable definitions in
	libscg/scsi-sun.c

-	libscg/scsi-linux-ata.c now aborts early if errno == EPERM. This now
	makes it behave like libscg/scsi-linux-sg.c

-	A new scg flag SCGF_PERM_PRINT tells libscg to print a more verbose error
	in case that a SCSI comand was aborted with errno == EPERM.

Cdrecord:

-	Allow to compile without Linux libcap using "smake COPTX=-DNO_LINUX_CAPS \ 
LIB_CAP="

-	Cdrecord now checks whether there are sufficient fine grained privileges.

-	Cdrecord now uses the new flag SCGF_PERM_PRINT to get better warnings if the
	permissions granted by the OS are not sufficient.

Cdda2wav (Maintained/enhanced by Jörg Schilling, originated by Heiko Eißfeldt \ 
heiko@hexco.de):

-	Include file reordering to avoid warnings on older platforms

-	Allow to compile without Linux libcap using "smake COPTX=-DNO_LINUX_CAPS \ 
LIB_CAP="

-	Repositioned #ifdefs to avoid unused variable definitions in
	cdda2wav/sndconfig.c

-	Cdda2wav now checks whether there are sufficient fine grained privileges.

-	Work around a bug in sys/param.h FreeBSD-9.1, that #define's __FreeBSD_kernel__
	instead of #define __FreeBSD_kernel__ 9 that would be needed for Debian
	k-FreeBSD compatibility.
	The bug affects cdda2wav/mycdrom.h

Readcd:

-	Allow to compile without Linux libcap using "smake COPTX=-DNO_LINUX_CAPS \ 
LIB_CAP="

-	Readcd now checks whether there are sufficient fine grained privileges.

Mkisofs (Maintained/enhanced by Jörg Schilling since 1997, originated by Eric \ 
Youngdale):

-	Make mkisofs compile without -DUDF and without -DDVD_VIDEO
	Thanks to a hint from rmd4work@mail.ru
   2013-04-24 11:40:38 by Thomas Klausner | Files touched by this commit (3)
Log message:
Update to 3.01a14:

All:

-	Fixed a typo in include/schily/stat.h related to nanosecond
	handling for NetBSD and OpenBSD

-	New autoconf tests for sys/capability.h and cap_*() functions
	from Linux -lcap

	WARNING: If you do not see this:

		checking for cap_get_proc in -lcap... yes
		checking for cap_get_proc... yes
		checking for cap_set_proc... yes
		checking for cap_set_flag... yes
		checking for cap_clear_flag... yes

	your Linux installation is insecure in case you ever use the
	command "setcap" to set up file capabilities for executable commands.

	Note that cdrtools (as any other command) need to be capabylity aware
	in order to avoid security leaks with enhanced privileges. In most
	cases, privileges are only needed for a very limited set of operations.
	If cdrtools (cdrecord, cdda2wav, readcd) are installed suid-root, the
	functions to control privileges are in the basic set of supported
	functions and thus there is no problem for any program to control it's
	privileges - if they have been obtained via suid root, you are on a
	secure system.

	If you are however on an incomplete installation, that supports to
	raise privileges via fcaps but that does not include developer support
	for caps, the programs get the privileges without being able to know
	about the additional privileges and thus keep them because they cannot
	control them.

	WARNING: If you are on a Linux system that includes support for
	fcaps (this is seems to be true for all newer systems with
	Linux >= 2.6.24) and there is no development support for capabilities
	in the base system, you are on an inherently insecure system that allows
	to compile and set up programs with enhanced privileges that cannot
	control them.

	In such a case, try to educate the security manager for the related
	Linux distribution. Note that you may turn your private installation
	into a secure installation by installing development support for libcap.

-	The autofconf tests for broken Linux kernel headers now avoid to
	warn for /usr/src/linux/include if this directory is missing.

-	include/schily/priv.h now includes sys/capabilitiy.h if available.

Libscg:

-	Trying to support suid-root-less installation of librscg users on Linux.
	librscg now understands that a non-root program may be able to
	create sockets for a privileged port.

Cdrecord:

-	Trying to support suid-root-less installation of cdrecord on Linux.
	NOTE: You need "file caps" support built into your Linux installation.

	Call:

		setcap \ 
cap_sys_resource,cap_dac_override,cap_sys_admin,cap_sys_nice,cap_net_bind_service,cap_ipc_lock,cap_sys_rawio+ep \ 
/opt/schily/bin/cdrecord
	To set up the capabilities on Linux.

Cdda2wav (Maintained/enhanced by Jörg Schilling, originated by Heiko Eißfeldt \ 
heiko@hexco.de):

-	Trying to support suid-root-less installation of cdda2wav on Linux.
	NOTE: You need "file caps" support built into your Linux installation.

	Call:

		setcap \ 
cap_dac_override,cap_sys_admin,cap_sys_nice,cap_net_bind_service,cap_sys_rawio+ep \ 
/opt/schily/bin/cdda2wav
	To set up the capabilities on Linux.

Readcd:

-	Trying to support suid-root-less installation of readcd on Linux.
	NOTE: You need "file caps" support built into your Linux installation.

	Call:

		setcap cap_dac_override,cap_sys_admin,cap_net_bind_service,cap_sys_rawio+ep \ 
/opt/schily/bin/readcd
	To set up the capabilities on Linux.

Scgcheck:

-	Link now against $(LIB_CAP) also as librscg needs it on Linux

Scgskeleton:

-	Link now against $(LIB_CAP) also as librscg needs it on Linux

Btcflash:

-	Link now against $(LIB_CAP) also as librscg needs it on Linux

Mkisofs (Maintained/enhanced by Jörg Schilling since 1997, originated by Eric \ 
Youngdale):

-	-new-dir-mode now just superseeds the effect of -dir-mode on
	directories that have been "invented" by mkisofs.
	This is a more intuitive behavior.

-	Link now against $(LIB_CAP) also as librscg needs it on Linux

Next | Query returned 157 messages, browsing 41 to 50 | Previous