Subject: CVS commit: pkgsrc/net/socat
From: Leonardo Taccari
Date: 2017-02-05 21:40:32
Message id:

Log Message:
Update net/socat to socat-

pkgsrc changes:
 - Take MAINTAINERship

 - SIGSEGV and other signals could lead to a 100% CPU loop
 - Failing name resolution could lead to SIGSEGV
   Thanks to Max for reporting this issue.
 - Include <stddef.h> for ptrdiff_t
   Thanks to Jeroen Roovers for reporting this issue.
 - Building with --disable-sycls failed due to missing sslcls.h defines
   Socat hung when configured with --disable-sycls.
 - Some minor corrections with includes etc.
 - Option so-reuseport did not work. Thanks to Some Raghavendra Prabhu
   for sending a patch.
 - Programs invoked with EXEC, nofork, and -u or -U had stdin and stdout
   incorrectly assigned
   Thanks to David Reiss for reporting this problem.
 - Socat exited with status 0 even when a program invoked with SYSTEM or
   EXEC failed.
   Issue reported by Felix Winkelmann.
 - AddressSanitizer reported a few buffer overflows (false positives).
   Nevertheless fixed Socat source.
   Issue reported by Hanno Böck.
 - Socat did not use option ipv6-join-group.
   Thanks to Linux Lüssing for sending a patch.
 - UDP-LISTEN did not honor the max-children option.
   Thanks to Leander Berwers for reporting this issue.
 - Options so-rcvtimeo and so-sndtimeo do not work with poll()/select()
   and therefore were useless.
   Thanks to Steve Borenstein for reporting this issue.
 - Option dhparam was documented as dhparams. Added the alias name
   dhparams to fix this.
   Thanks to Alexander Neumann for sending a patch.
 - Options shut-down and shut-close did not work.
   Thanks to Stefan Schimanski for providing a patch.
 - There was a bug in printing readline log message caused by a misleading
   Thanks to Paul Wouters for reporting.
 - The internal vsnprintf_r function looped or crashed on size parameter
   with hexadecimal output.
 - Ignore exit code of child process when it was killed by master due to
 - Corrected byte order on read of IPV6_TCLASS value from ancillary
 - Fixed type of the bool element in options. This had bug caused failures
   e.g. of ignoreeof on big-endian systems when bool was not based on int.
 - On systems with predefined bool type whose size differs from int some
   IPv6 and TCP options (per setsockopt()) failed.
 - Length of integral data in ancillary messages varies (TOS: 1 byte,
   TTL: 4 bytes), the old implementation failed for TTL on big-endian
 - Fixed an issue in options processing: TUN and DNS flags had failed on
   big-endian systems and the NO- forms had probable never worked.

 - Type conflict between int and sig_atomic_t between declaration and
   definition of diag_immediate_type and diag_immediate_exit broke
   compilation on FreeBSD 10.1 with clang. Thanks to Emanuel Haupt for
   reporting this bug.
 - Socat failed to compile on platforms with OpenSSL without
   DTLSv1_client_method or DTLSv1_server_method.
   Thanks to Simon Matter for sending a patch.
 - NuttX OS headers do not provide struct ip, thus socat did not compile.
   Made struct ip subject to configure.
   Thanks to SP for reporting this issue.
 - Socat failed to compile with OpenSSL version 1.0.2d where
   SSLv3_server_method and SSLv3_client_method are no longer defined.
   Thanks to Mischa ter Smitten for reporting this issue and providing
   a patch.
 - configure checked for OpenSSL EC_KEY assuming it is a define but it
   is a type, thus OpenSSL ECDHE ciphers failed even on Linux.
   Thanks to Andrey Arapov for reporting this bug.
 - Changes to make socat compile with OpenSSL 1.1.
   Thanks to Sebastian Andrzej Siewior e.a. from the Debian team for
   providing the base patch.
   Debian Bug#828550
 - Make Socat compatible with BoringSSL.
   Thanks to Matt Braithwaite for providing a patch.
 - OpenSSL: Use RAND_status to determine PRNG state
   Thanks to Adam Langley for providing a patch
 - AIX-7 uses an extended O_ACCMODE that does not fit socat's internal
   requirements. Thanks to Garrick Trowsdale for providing a patch
 - LibreSSL support: check for OPENSSL_NO_COMP
   Thanks to Bernard Spil for providing a patch

 - and hung with new bash with read -n
 - stderr; option -v (verbose); FDOUT_ERROR description
 - improved - it now also takes hostnames
 - A few corrections in
 - DTLS1 test hangs on some distributions. Test is now only performed
   with OpenSSL 1.0.2 or higher.
 - More corrections to that reveal a mistake with IPV6_TCLASS

 - Corrected source of socat man page to correctly show man references
   like socket(2); removed obseolete entries from See Also
 - Docu and some comments mentioned addresses SSL-LISTEN and SSL-CONNECT
   that do not exist (OPENSSL-LISTEN, SSL-L; and OPENNSSL-CONNECT, SSL
   are correct).
   Thanks to Zhigang Wang for reporting this issue.
 - Fixed a couple of English spelling and grammar mistakes.
   Thanks to Jakub Wild for sending the patches.
 - NOEXPAND() was not resolved 2 times.
 - More minor docu corrections

 - Added contributors to copyright notices. Suggested by Matt Braithwaite.