Upgrade to release 5.0:
- In non-quiet loop and count mode, a line is printed for every
lost packet
- The returned size in bytes now always excludes the IP header, so
if before it reported '84 bytes' e.g. when using 'fping -l', now
it reports '64 bytes'. This is to make the reported size
consistent with ping(8) from iputils and also with fping when
pinging a IPv6 host (which never included the IPv6 header size).
- The number of sent pings is only counted when the pings are
received or have timed out, ensuring that the loss ratio will be
always correct. This makes it possible, for example, to use loop
mode (-l) with interval statistics (-Q) and a timeout larger
than period, without having the issue that initially some pings
would be reported as missing
- Improved precision of measurements from 10us to 1us
- The reported size of received packets is now always correct on
Linux even for packets > 4096 bytes
- Travis CI automated testing now also macos testing and additional
ubuntu distributions
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 1.6.12:
Security:
- In some circumstances, Mosquitto could leak memory when handling
PUBLISH messages. This is limited to incoming QoS 2 messages,
and is related to the combination of the broker having
persistence enabled, a clean session=false client, which was
connected prior to the broker restarting, then has reconnected
and has now sent messages at a sufficiently high rate that the
incoming queue at the broker has filled up and hence messages
are being dropped. This is more likely to have an effect where
max_queued_messages is a small value. This has now been fixed.
Broker:
- Build warning fixes when building with WITH_BRIDGE=no and
WITH_TLS=no.
Clients:
- All clients exit with an error exit code on CONNACK failure.
- Don't busy loop with `mosquitto_pub -l` on a slow connection.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 1.8.1:
- Bug fix: authenticated users can trigger an application crash
(with a NULL pointer dereference) if echo-message is not enabled
and there is no network.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Ettercap is a comprehensive suite for man in the
middle attacks. It features sniffing of live
connections, content filtering on the fly and
many other interesting tricks. It supports active
and passive dissection of many protocols and includes
many features for network and host analysis.
To test ettercap :
$ ettercap -T -i eth0 # Text mode
or
$ ettercap -C -i eth0 # console based mode
Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fails to build on an aarch64 system with ipv6 disabled. This backported
patch fixes it.
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Moving beyond kernel 5.6, this kmod is not needed and core has moved the
reference kernel to 5.8 for reference machines
wireguard-tools should RDEPEND but not DEPEND
Remove it from meta-networking packagegroup as well
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Default Makefile of bearssl doesn't have a make target which hadn't
enough attraction when creating the recipe.
Add missing functionality.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add recipe for BearSSL - an an implementation of the SSL/TLS protocol with
the approach of:
* Be correct and secure.
* Be small
* Be highly portable
* Be feature-rich and extensible
See https://bearssl.org for more details.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 1.6.11:
Broker:
- Fix usage message only mentioning v3.1.1.
- Fix broker refusing to start if only websockets listeners were
defined.
- Change systemd unit files to create /var/log/mosquitto before
starting.
- Don't quit with an error if opening the log file isn't possible.
- Fix bridge topic remapping when using "" as the topic.
- Fix messages being queued for disconnected bridges when clean
start was set to true.
- Fix `autosave_interval` not being triggered by messages being
delivered.
- Fix websockets clients sometimes not being disconnected promptly.
- Fix "slow" file based logging by switching to line based
buffering.
- Log protocol error message where appropriate from a bad
UNSUBSCRIBE, rather than the generic "socket error".
- Don't try to start DLT logging if DLT unavailable, to avoid a
long delay when shutting down the broker.
- Fix potential memory leaks.
- Fix clients not receiving messages after a previous client with
the same client ID and positive will delay interval quit.
- Fix overly broad HAVE_PTHREAD_CANCEL compile guard.
Client library:
- Improved documentation around connect callback return codes.
- Fix `mosquitto_publish*()` no longer returning
`MOSQ_ERR_NO_CONN` when not connected.
- `mosquitto_loop_start()` now sets a thread name on Linux,
FreeBSD, NetBSD, and OpenBSD.
- Fix `mosquitto_loop_stop()` not stopping on Windows.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Strip host path infomation out of binaries by not suppressing
default CFLAGS.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Backport patches from https://github.com/intel/openlldp/pull/55
to fix build with -fno-common
Append SRCPV to PV since we are not at exact release point
Signed-off-by: Khem Raj <raj.khem@gmail.com>
clang11 and gcc10 have switched to using -fno-common by default this
hoowever still needs to use -fcommon until fixed
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It fails to compile rdist occasionally when system load of build server
is high:
| In file included from common.c:57:
| ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory
| 49 | #include "y.tab.h"
| | ^~~~~~~~~
| compilation terminated.
Make $(COMMONOBJS) which include common.o to depends on related header files
and y.tab.h to fix the parallel build failure.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is a security release in order to address the following defects:
CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD
DC LDAP Server with ASQ, VLV and paged_results.
CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume
excessive CPU
CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with
paged_results and VLV.
CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd.
Also backport 3 patches to fix build error with musl.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ifenslave binary and its man page were removed (see @2b0da97853367e34).
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
