Overview
Request 51127 accepted
- FIXME: could add upnp support if we had a miniupnp package from
http://miniupnp.free.fr
- update to 1.2.2
o Fix PAM bug introduced in v1.2.0 that would leak resources when
using PAM. Also relax the code handling PAM concerning
unknown msg_styles.
o Set PAM_RUSER so that rhosts-based PAM authentication can work.
o Wrapper for calling getsockopt(2) with SO_ERROR added.
- update to 1.2.1
o GSSAPI support is no longer disabled on heimdal versions older than
0.8.0, which have no wrap/unwrap support for aes256-cts-hmac-sha1-96.
The following krb5.conf configuration might be needed to ensure that
AES-256 is not used:
default_etypes = arcfour-hmac-md5 des3-cbc-sha1 des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-md5
o Code for shutting down idle sockd processes put back and can be
enabled again, if desired. It is not recommended for busy servers
however as performance may be slightly degraded.
o Fix bug related to clients using MSG_PEEK and GSSAPI on Linux.
o Don't print warning if accept(2) fails when started with the -N option.
When started with the -N option, it is expected that accept(2) will
fail in 1/k of the cases. Instead just log a debug message about it.
o The fflush() wrapper function did not handle a NULL argument.
o Fix libsocks upnpcleanup() linking problem when compiled without
libminiupnpc.
o Assert failure related to message passing on some 64-bit architectures
fixed.
o The capi/socks.h file was not correctly installed.
o Compilation fixes for OpenSuse 11.1. (forwarded request 51122 from oertel)
Request History
mge1512 created request
- FIXME: could add upnp support if we had a miniupnp package from
http://miniupnp.free.fr
- update to 1.2.2
o Fix PAM bug introduced in v1.2.0 that would leak resources when
using PAM. Also relax the code handling PAM concerning
unknown msg_styles.
o Set PAM_RUSER so that rhosts-based PAM authentication can work.
o Wrapper for calling getsockopt(2) with SO_ERROR added.
- update to 1.2.1
o GSSAPI support is no longer disabled on heimdal versions older than
0.8.0, which have no wrap/unwrap support for aes256-cts-hmac-sha1-96.
The following krb5.conf configuration might be needed to ensure that
AES-256 is not used:
default_etypes = arcfour-hmac-md5 des3-cbc-sha1 des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-md5
o Code for shutting down idle sockd processes put back and can be
enabled again, if desired. It is not recommended for busy servers
however as performance may be slightly degraded.
o Fix bug related to clients using MSG_PEEK and GSSAPI on Linux.
o Don't print warning if accept(2) fails when started with the -N option.
When started with the -N option, it is expected that accept(2) will
fail in 1/k of the cases. Instead just log a debug message about it.
o The fflush() wrapper function did not handle a NULL argument.
o Fix libsocks upnpcleanup() linking problem when compiled without
libminiupnpc.
o Assert failure related to message passing on some 64-bit architectures
fixed.
o The capi/socks.h file was not correctly installed.
o Compilation fixes for OpenSuse 11.1. (forwarded request 51122 from oertel)
oertel accepted request
Accepted submit request 51127 from user mge1512
