Navigation:
Browse pkgsrc
(this page)| 2011-04-22 15:45:23 by OBATA Akio | Files touched by this commit (2234) |
Log message: recursive bump from gettext-lib shlib bump. |
| 2010-03-11 13:24:58 by Greg Troxel | Files touched by this commit (2) |
Log message:
Update to 0.29.3.
* Change ne_sock_close() to no longer wait for SSL closure alert:
o fixes possible hang with IIS servers when closing SSL connection
o this reverts the behaviour with OpenSSL to match 0.28.x,
and changes the behaviour with GnuTLS to match that with
OpenSSL
* Fix memory leak with GnuTLS
* API clarification in ne_sock_close():
o SSL closure handling now documented
o return value semantics fixed to describe the implementation
|
| 2010-03-11 01:05:19 by Greg Troxel | Files touched by this commit (2) |
Log message:
Update to 0.29.2.
Changes in release neon 0.29.2, 30 December 2009 (PGP signature)
* Fix spurious 'certificate verify failed' errors with OpenSSL (Tom C)
* Fix unnecessary re-authentication with SSPI (Danil Shopyrin)
o Note that this change was previously listed in the 0.29.1 changes, \
however the patch had not been merged.
Changes in release neon 0.29.1, 15 December 2009 (PGP signature)
* Fixes for (Unix) NTLM implementation:
o fix handling of session timeout (Kai Sommerfeld)
o fix possible crash (basic@mozdev.org)
* Build fixes for Win32:
o fix use of socklen_t with recent SDKs (Stefan Kung)
o fix USE_GETADDRINFO on Win2K (Kai Sommerfeld)
* Fix build with versions of GnuTLS older than 2.8.0.
|
2010-01-17 13:02:58 by Thomas Klausner | Files touched by this commit (724) |  |
Log message: Recursive PKGREVISION bump for jpeg update to 8. |
| 2009-09-14 18:48:44 by Matthias Scheler | Files touched by this commit (5) | |
Log message:
Update "neon" package to version 0.29. Changes since version 0.28.5:
* Interface changes:
o none, API and ABI backwards-compatible with 0.28.x and 0.27.x
* New interfaces and features:
o added NTLM auth support for Unix builds (Kai Sommerfeld,
Daniel Stenberg)
o ne_auth.h: added NE_AUTH_GSSAPI and NE_AUTH_NTLM auth protocol codes
o added ne_acl3744.h, updated WebDAV ACL support (Henrik Holst)
o added built-in SOCKS v4/v4a/v5 support: ne_socket.h:ne_sock_proxy(),
and ne_session.h:ne_session_socks_proxy()
o added support for system-default proxies: ne_session_system_proxy(),
implemented using libproxy where available
o ne_session.h: added NE_SESSFLAG_EXPECT100 session flag,
SSL verification failure bits extended by NE_SSL_BADCHAIN and
NE_SSL_REVOKED, better handling of failures within the cert chain
(thanks to Ludwig Nussel)
o ne_socket.h: ne_sock_writev() (Julien Reichel), ne_sock_set_error(),
ne_iaddr_raw(), ne_iaddr_parse()
o ne_string.h: ne_buffer_qappend(), ne_strnqdup()
* Deprecated interfaces:
o ne_acl.h is obsoleted by ne_acl3744.h (but is still present)
o obsolete feature "NE_FEATURE_SOCKS" now never marked present
* Other changes:
o fix handling of "stale" flag in RFC2069-style Digest auth challenge
o ne_free() implemented as a function on Win32 (thanks to Helge Hess)
o symbol versioning used for new symbols, where supported
o ensure SSL connections are closed cleanly with OpenSSL
o fix build with OpenSSL 1.0 beta
o updated Polish (pl) translation (Arfrever Frehtes Taifersar Arahesis)
* SECURITY (CVE-2009-2473): Fix "billion laughs" attack against expat;
could allow a Denial of Service attack by a malicious server.
* SECURITY (CVE-2009-2474): Fix handling of an embedded NUL byte in a
certificate subject name; could allow an undetected MITM attack against
an SSL server if a trusted CA issues such a cert.
Tested by Daniel Horecki with SVN client.
|
| 2009-07-24 20:09:27 by Matthias Drochner | Files touched by this commit (1) |
Log message: comment out "perl" dependency, it is only needed for selftests |
| 2009-07-24 20:06:05 by Matthias Drochner | Files touched by this commit (3) | |
Log message: -on NetBSD, set the sa_len sockaddr field, makes at least the "reverse lookup" selftest succeed -fix a memory allocation in case a sockaddr is larger than "struct addrinfo" -- likely with IPv6 ride on update |
| 2009-07-24 17:18:24 by Tobias Nygren | Files touched by this commit (3) | |
Log message: patch-aa: add a local copy of SSL_SESSION_cmp which is missing in openssl 1.0.0 betas. based on hack found at: http://trac.macports.org/ticket/19124 This fixes subversion-base build on NetBSD-current. While here update to neon-0.28.5. Changes in release neon 0.28.5, 3 July 2009 (PGP signature) * Enable support for X.509v1 CA certificates in GnuTLS. * Fix handling of EINTR in connect() calls. * Fix use of builds with SOCK_CLOEXEC support on older Linux kernels. Changes in release neon 0.28.4, 3 March 2009 (PGP signature) * Fix ne_forget_auth (Kai Sommerfeld) * GnuTLS support fixes: o fix handling of PKCS#12 client certs with multiple certs or keys o fix crash with OpenPGP certificate o use pkg-config data in configure, in preference to libgnutls-config * Add PKCS#11 support for OpenSSL builds (where pakchois is available) * Fix small memory leak in PKCS#11 code. * Fix build on Haiku (scott mc) |
| 2009-06-15 00:00:42 by Joerg Sonnenberger | Files touched by this commit (316) |
Log message: Convert @exec/@unexec to @pkgdir or drop it. |
| 2009-04-06 14:54:06 by Mark Davies | Files touched by this commit (4) |
Log message: Update neon to 0.28.3 Remove comment about checking subversion for neon > 0.27 as 0.28.3 is in fact the prefered version for the current subversion. Several years of bug fixes. |
New packages: