[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nufw-devel] NuFW 2.2.19 is available
|
From: |
Eric Leblond |
|
Subject: |
[Nufw-devel] NuFW 2.2.19 is available |
|
Date: |
Thu, 27 Nov 2008 14:29:42 +0100 |
Hello,
This release includes a number of fixes. The main work is about advanced
TLS usage and documentation. The upgrade to this version is recommended
for all users.
An important work has been done on the handbook which features
up-to-date information on all NuFW subsystems:
http://www.nufw.org/docs/handbook22.html
The main changes in NuFW 2.2.19 are the following:
* An important nuauth memleak, which occured when nufw sends
conntrack updating messages to nuauth (nufw -C option)
* A couple of memory leaks in nuauth, which could occur on some
rare configurations.
* All NuFW components (nutcpc, nufw as well as nuauth) now reload
their CRL files (if provided) when receiving a HUP signal.
* CRL files must now be signed by CA, or they will be refused.
* The nufw daemon now has a new "-N" option, to deactivate the
check of nuauth server FQDN against the TLS certificate
information.
* A few error messages were enhanced, so that TLS problems can be
easily diagnosed.
* The NuFW test suite was also completed so that TLS features are
tested at every commit.
The full changelog is as follows:
* nuauth: fix memory leak that appear when
system_suppress_prefixed_domain is set to 1.
* Implement "refresh crl" command in nuauth_command and nuauth.
* nuauth: SIGHUP also reloads the CRL file.
* nutcpc: SIGHUP now triggers reconnection to nuauth.
* nutcpc: Add -R option to specify crl.
* nutcpc: ask client to confirm connection if no CA is present
* nufw: SIGHUP now triggers reconnection to nuauth.
* nufw: Try to start TLS session to nuauth at start and not at
first packet.
* nufw: fix some error case handling in gnutls record
* nufw: Display understandable error message when nuauth can not
be reached.
* nufw: Add -N option to disable fqdn check during TLS
negotiation
* libnuclient: CRL reload at reconnect
* libnuclient: new function nu_client_set_crlfile() can be used to
specify crl file
* nuauth: fix memory leak in connection tracking logging
* nuauth: fix memleak and avoid useless allocation in iface
related code.
* nutcpc: now uses local user name as default for nuauth
connection
* ldap module: update code to ’new’ ldap API
* ldap module: fix double request and memory leak
* pam_nufw: respect nuclient.conf
* pam_nufw: severe bugfixes
Download:
- nufw-2.2.19.tar.bz2:
- Archive: http://www.nufw.org/download/nufw/nufw-2.2.19.tar.bz2
- GPGsig: http://www.nufw.org/download/nufw/nufw-2.2.19.tar.bz2.asc
- md5sum: 132abc7647c1e582240dbd3226731a14
- sha1sum: eb5ae8efe86fb758714cf16cebf82c1ab6ea9ee9
- nufw-2.2.19.tar.gz:
- Archive: http://www.nufw.org/download/nufw/nufw-2.2.19.tar.gz
- GPGsig: http://www.nufw.org/download/nufw/nufw-2.2.19.tar.gz.asc
- md5sum: a4f5a76509fb594d3226b2a718828849
- sha1sum: e5009f85d57b2cb2b8ee8d0633001d76d0e6e118
Happy user filtering to all,
--
Eric Leblond
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
_______________________________________________
Nufw-announces mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/nufw-announces
signature.asc
Description: Ceci est une partie de message numériquement signée
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Nufw-devel] NuFW 2.2.19 is available,
Eric Leblond <=