this Makefile still used `CONFIG_GCC_USE_VERSION_*` to select various
compilation options, for GCC versions that are antiquated
convert to parsing the major from the `CONFIG_GCC_VERSION` which will
always exist and can also be used with range logic
intent seemed to be:
* `-flto` for "not =10" (or newer, probably)
* no additional options for "=10" (and newer, probably)
GCC 11 or 12 would likely revert to the default (not =10) option,
because 10 was the newest at the time, and 11 and 12 are "not 10"
unsure of what actually works, perhaps `-flto` works in all versions by
now (possibly early gcc 10 bug workaround?)
GCC 11 will have been using `-flto` anyway by the current logic and I
guess it must be working or there would have been changes
Signed-off-by: Tony Butler <spudz76@gmail.com>
Remove no longer needed downstream patches.
Changes since 0.32:
add byte_start, byte_starts
add a man page for byte_equal_notimingattack
buffer_seek is no longer limited to the current buffer contents
add automated way to run unit test: make check
add parse.h
add bytestream abstraction for parsing data from a buffer or a file
add compiler.h to abstract gcc attributes
add fmt_strm_malloc
add cross references to open_* and mmap_* man pages
add fmt_strm_alloca and fmt_strm_malloc man pages
add buffer_init_allocbuf, buffer_init_read, buffer_init_write,
buffer_init_read_allocbuf, buffer_init_write_allocbuf
fix buffer overread for len=0 in scan_longn (Martin Castillo)
add iob_write2 with sendfile callback so caller can use OpenSSL's
SSL_sendfile
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
this Makefile still used `CONFIG_GCC_USE_VERSION_*` to select various
compilation options, for GCC versions that are antiquated
convert to parsing the major from the `CONFIG_GCC_VERSION` which will
always exist and can also be used with range logic
intent seemed to be:
* `-std=gnu++20` for "=10" (and newer, probably)
* `-std=gnu++14` for "=5"
* `-std=gnu++17` for "not =10 and not =5"
GCC 11 or 12 would likely revert to the default (6 through 9) option
with those, because 10 was the newest at the time, and 11 and 12 are
"not =10 and not =5"
probably the GCC 5 support could be removed, not sure about 9 and 10
Signed-off-by: Tony Butler <spudz76@gmail.com>
Version 2.2.2
Released 2022-08-08
Fix router to restore the 2.1 strict_slashes == False behaviour
whereby leaf-requests match branch rules and vice versa.
pallets/werkzeug#2489
Fix router to identify invalid rules rather than hang parsing them,
and to correctly parse / within converter arguments.
pallets/werkzeug#2489
Update subpackage imports in werkzeug.routing to use the import as
syntax for explicitly re-exporting public attributes.
pallets/werkzeug#2493
Parsing of some invalid header characters is more robust.
pallets/werkzeug#2494
When starting the development server, a warning not to use it in a
production deployment is always shown. pallets/werkzeug#2480
LocalProxy.__wrapped__ is always set to the wrapped object when the
proxy is unbound, fixing an issue in doctest that would cause it to
fail. pallets/werkzeug#2485
Address one ResourceWarning related to the socket used by run_simple.
pallets/werkzeug#2421
Version 2.2.1
Released 2022-07-27
Fix router so that /path/ will match a rule /path if strict slashes
mode is disabled for the rule. pallets/werkzeug#2467
Fix router so that partial part matches are not allowed i.e. /2df
does not match /<int>. pallets/werkzeug#2470
Fix router static part weighting, so that simpler routes are matched
before more complex ones. pallets/werkzeug#2471
Restore ValidationError to be importable from werkzeug.routing.
pallets/werkzeug#2465
Version 2.2.0
Released 2022-07-23
Deprecated get_script_name, get_query_string, peek_path_info,
pop_path_info, and extract_path_info. pallets/werkzeug#2461
Remove previously deprecated code. pallets/werkzeug#2461
Add MarkupSafe as a dependency and use it to escape values when
rendering HTML. pallets/werkzeug#2419
Added the werkzeug.debug.preserve_context mechanism for restoring
context-local data for a request when running code in the debug
console. pallets/werkzeug#2439
Fix compatibility with Python 3.11 by ensuring that end_lineno and
end_col_offset are present on AST nodes. pallets/werkzeug#2425
Add a new faster matching router based on a state machine.
pallets/werkzeug#2433
Fix branch leaf path masking branch paths when strict-slashes is
disabled. pallets/werkzeug#1074
Names within options headers are always converted to lowercase. This
matches RFC 6266 that the case is not relevant. pallets/werkzeug#2442
AnyConverter validates the value passed for it when building URLs.
pallets/werkzeug#2388
The debugger shows enhanced error locations in tracebacks in Python
3.11. pallets/werkzeug#2407
Added Sans-IO is_resource_modified and parse_cookie functions based
on WSGI versions. pallets/werkzeug#2408
Added Sans-IO get_content_length function. pallets/werkzeug#2415
Don’t assume a mimetype for test responses. pallets/werkzeug#2450
Type checking FileStorage accepts os.PathLike. pallets/werkzeug#2418
Version 2.1.2
Released 2022-04-28
The development server does not set Transfer-Encoding: chunked for
1xx, 204, 304, and HEAD responses. pallets/werkzeug#2375
Response HTML for exceptions and redirects starts with <!doctype
html> and <html lang=en>. pallets/werkzeug#2390
Fix ability to set some cache_control attributes to False.
pallets/werkzeug#2379
Disable keep-alive connections in the development server, which are
not supported sufficiently by Python’s http.server.
pallets/werkzeug#2397
Version 2.1.1
Released 2022-04-01
ResponseCacheControl.s_maxage converts its value to an int, like
max_age. pallets/werkzeug#2364
Version 2.1.0
Released 2022-03-28
Drop support for Python 3.6. pallets/werkzeug#2277
Using gevent or eventlet requires greenlet>=1.0 or PyPy>=7.3.7.
werkzeug.locals and contextvars will not work correctly with older
versions. pallets/werkzeug#2278
Remove previously deprecated code. pallets/werkzeug#2276
Remove the non-standard shutdown function from the WSGI environ
when running the development server. See the docs for alternatives.
Request and response mixins have all been merged into the Request
and Response classes.
The user agent parser and the useragents module is removed. The
user_agent module provides an interface that can be subclassed to
add a parser, such as ua-parser. By default it only stores the
whole string.
The test client returns TestResponse instances and can no longer be
treated as a tuple. All data is available as properties on the
response.
Remove locals.get_ident and related thread-local code from locals,
it no longer makes sense when moving to a contextvars-based
implementation.
Remove the python -m werkzeug.serving CLI.
The has_key method on some mapping datastructures; use key in data
instead.
Request.disable_data_descriptor is removed, pass shallow=True
instead.
Remove the no_etag parameter from Response.freeze().
Remove the HTTPException.wrap class method.
Remove the cookie_date function. Use http_date instead.
Remove the pbkdf2_hex, pbkdf2_bin, and safe_str_cmp functions. Use
equivalents in hashlib and hmac modules instead.
Remove the Href class.
Remove the HTMLBuilder class.
Remove the invalidate_cached_property function. Use del obj.attr
instead.
Remove bind_arguments and validate_arguments. Use Signature.bind()
and inspect.signature() instead.
Remove detect_utf_encoding, it’s built-in to json.loads.
Remove format_string, use string.Template instead.
Remove escape and unescape. Use MarkupSafe instead.
The multiple parameter of parse_options_header is deprecated.
pallets/werkzeug#2357
Rely on PEP 538 and PEP 540 to handle decoding file names with the
correct filesystem encoding. The filesystem module is removed.
pallets/werkzeug#1760
Default values passed to Headers are validated the same way values
added later are. pallets/werkzeug#1608
Setting CacheControl int properties, such as max_age, will convert
the value to an int. pallets/werkzeug#2230
Always use socket.fromfd when restarting the dev server.
pallets/werkzeug#2287
When passing a dict of URL values to Map.build, list values do not
filter out None or collapse to a single value. Passing a MultiDict
does collapse single items. This undoes a previous change that made
it difficult to pass a list, or None values in a list, to custom URL
converters. pallets/werkzeug#2249
run_simple shows instructions for dealing with “address already in
use” errors, including extra instructions for macOS.
pallets/werkzeug#2321
Extend list of characters considered always safe in URLs based on RFC
3986. pallets/werkzeug#2319
Optimize the stat reloader to avoid watching unnecessary files in
more cases. The watchdog reloader is still recommended for
performance and accuracy. pallets/werkzeug#2141
The development server uses Transfer-Encoding: chunked for streaming
responses when it is configured for HTTP/1.1. pallets/werkzeug#2090,
pallets/werkzeug#1327, pallets/werkzeug#2091
The development server uses HTTP/1.1, which enables keep-alive
connections and chunked streaming responses, when threaded or
processes is enabled. pallets/werkzeug#2323
cached_property works for classes with __slots__ if a corresponding
_cache_{name} slot is added. pallets/werkzeug#2332
Refactor the debugger traceback formatter to use Python’s built-in
traceback module as much as possible. pallets/werkzeug#1753
The TestResponse.text property is a shortcut for
r.get_data(as_text=True), for convenient testing against text instead
of bytes. pallets/werkzeug#2337
safe_join ensures that the path remains relative if the trusted
directory is the empty string. pallets/werkzeug#2349
Percent-encoded newlines (%0a), which are decoded by WSGI servers,
are considered when routing instead of terminating the match early.
pallets/werkzeug#2350
The test client doesn’t set duplicate headers for CONTENT_LENGTH and
CONTENT_TYPE. pallets/werkzeug#2348
append_slash_redirect handles PATH_INFO with internal slashes.
pallets/werkzeug#1972, pallets/werkzeug#2338
The default status code for append_slash_redirect is 308 instead of
301. This preserves the request body, and matches a previous change
to strict_slashes in routing. pallets/werkzeug#2351
Fix ValueError: I/O operation on closed file. with the test client
when following more than one redirect. pallets/werkzeug#2353
Response.autocorrect_location_header is disabled by default. The
Location header URL will remain relative, and exclude the scheme and
domain, by default. pallets/werkzeug#2352
Request.get_json() will raise a 400 BadRequest error if the
Content-Type header is not application/json. This makes a very common
source of confusion more visible. pallets/werkzeug#2339
Version 2.0.3
Released 2022-02-07
ProxyFix supports IPv6 addresses. pallets/werkzeug#2262
Type annotation for Response.make_conditional,
HTTPException.get_response, and Map.bind_to_environ accepts Request
in addition to WSGIEnvironment for the first parameter.
pallets/werkzeug#2290
Fix type annotation for Request.user_agent_class.
pallets/werkzeug#2273
Accessing LocalProxy.__class__ and __doc__ on an unbound proxy
returns the fallback value instead of a method object.
pallets/werkzeug#2188
Redirects with the test client set RAW_URI and REQUEST_URI correctly.
pallets/werkzeug#2151
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
PycURL changeLog:
-----------------------------------------------------------------
PycURL 7.45.2 - 2022-12-16
-----------------------------------------------------------------
This release fixes several minor issues and adds support for several libcurl options.
-----------------------------------------------------------------
PycURL 7.45.1 - 2022-03-13
-----------------------------------------------------------------
This release fixes build when libcurl < 7.64.1 is used.
-----------------------------------------------------------------
PycURL 7.45.0 - 2022-03-09
-----------------------------------------------------------------
This release adds support for SecureTransport SSL backend (MacOS), adds ability to unset a number of multi options, adds ability to duplicate easy handles and permits pycurl classes to be subclassed.
-----------------------------------------------------------------
PycURL 7.44.1 - 2021-08-15
-----------------------------------------------------------------
This release repairs incorrect Python thread initialization logic which caused operations to hang.
-----------------------------------------------------------------
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
Compile tested: x86_64
Remove libressl specific patches. With commit
("tools/libressl: update to 3.7.0") they are no longer needed,
rather they cause python3 to be compiled without working ssl-support.
Fixes: #20107
Suggested-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Version 2.1.1
Released 2022-03-14
Avoid ambiguous regex matches in striptags. pallets/markupsafe#293
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Version 2.1.2
Released 2022-03-24
Handle date overflow in timed unsign on 32-bit systems.
pallets/itsdangerous#299
Version 2.1.1
Released 2022-03-09
Handle date overflow in timed unsign. pallets/itsdangerous#296
Version 2.1.0
Released 2022-02-17
Drop support for Python 3.6. pallets/itsdangerous#272
Remove previously deprecated code. pallets/itsdangerous#273
JWS functionality: Use a dedicated library such as Authlib instead.
import itsdangerous.json: Import json from the standard library instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Version 8.1.3
Released 2022-04-28
Use verbose form of typing.Callable for @command and @group.
pallets/click#2255
Show error when attempting to create an option with multiple=True,
is_flag=True. Use count instead. pallets/click#2246
Version 8.1.2
Released 2022-03-31
Fix error message for readable path check that was mixed up with the
executable check. pallets/click#2236
Restore parameter order for Path, placing the executable parameter at
the end. It is recommended to use keyword arguments instead of
positional arguments. pallets/click#2235
Version 8.1.1
Released 2022-03-30
Fix an issue with decorator typing that caused type checking to
report that a command was not callable. pallets/click#2227
Version 8.1.0
Released 2022-03-28
Drop support for Python 3.6. pallets/click#2129
Remove previously deprecated code. pallets/click#2130
Group.resultcallback is renamed to result_callback.
autocompletion parameter to Command is renamed to shell_complete.
get_terminal_size is removed, use shutil.get_terminal_size instead.
get_os_args is removed, use sys.argv[1:] instead.
Rely on PEP 538 and PEP 540 to handle selecting UTF-8 encoding
instead of ASCII. Click’s locale encoding detection is removed.
pallets/click#2198
Single options boolean flags with show_default=True only show the
default if it is True. pallets/click#1971
The command and group decorators can be applied with or without
parentheses. pallets/click#1359
The Path type can check whether the target is executable.
pallets/click#1961
Command.show_default overrides Context.show_default, instead of the
other way around. pallets/click#1963
Parameter decorators and @group handles cls=None the same as not
passing cls. @option handles help=None the same as not passing help.
pallets/click#1959
A flag option with required=True requires that the flag is passed
instead of choosing the implicit default value. pallets/click#1978
Indentation in help text passed to Option and Command is cleaned the
same as using the @option and @command decorators does. A command’s
epilog and short_help are also processed. pallets/click#1985
Store unprocessed Command.help, epilog and short_help strings.
Processing is only done when formatting help text for output.
pallets/click#2149
Allow empty str input for prompt() when confirmation_prompt=True and
default="". pallets/click#2157
Windows glob pattern expansion doesn’t fail if a value is an invalid
pattern. pallets/click#2195
It’s possible to pass a list of params to @command. Any params
defined with decorators are appended to the passed params.
pallets/click#2131
@command decorator is annotated as returning the correct type if a
cls argument is used. pallets/click#2211
A Group with invoke_without_command=True and chain=False will invoke
its result callback with the group function’s return value.
pallets/click#2124
to_info_dict will not fail if a ParamType doesn’t define a name.
pallets/click#2168
Shell completion prioritizes option values with option prefixes over
new options. pallets/click#2040
Options that get an environment variable value using
autoenvvar_prefix treat an empty value as None, consistent with a
direct envvar. pallets/click#2146
Version 8.0.4
Released 2022-02-18
open_file recognizes Path("-") as a standard stream, the same as the
string "-". pallets/click#2106
The option and argument decorators preserve the type annotation of
the decorated function. pallets/click#2155
A callable default value can customize its help text by overriding
__str__ instead of always showing (dynamic). pallets/click#2099
Fix a typo in the Bash completion script that affected file and
directory completion. If this script was generated by a previous
version, it should be regenerated. pallets/click#2163
Fix typing for echo and secho file argument. pallets/click#2174,
pallets/click#2185
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This backports a change from postfix 3.8, I do not know exactly why it
detects Linux 6 here, but this is needed to fix compilation with glibc
2.36.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Both mirrors provided in the Makefile only serve gzipped tarballs.
Fixes: dcd7fcfa5b4e ("dosfstools: update to v4.0")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Quoting the changelog:
Changes in version 0.4.7.12 - 2022-12-06
This version contains a major change that is a new key for moria1. Also, new
metrics are exported on the MetricsPort for the congestion control
subsystem.
o Directory authority changes (moria1):
- Rotate the relay identity key and v3 identity key for moria1. They
have been online for more than a decade and refreshing keys
periodically is good practice. Advertise new ports too, to avoid
confusion. Closes ticket 40722.
o Minor feature (Congestion control metrics):
- Add additional metricsport relay metrics for congestion control.
Closes ticket 40724.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 06, 2022.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/12/06.
o Minor bugfixes (cpuworker, relay):
- Fix an off by one overload calculation on the number of CPUs being
used by our thread pool. Fixes bug 40719; bugfix on 0.3.5.1-alpha.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Quoting the changelog:
Changes in version 0.4.7.11 - 2022-11-10
This version contains several major fixes aimed at helping defend against
network denial of service. It is also extending drastically the MetricsPort
for relays to help us gather more internal data to investigate performance
and attacks.
We strongly recommend to upgrade to this version especially for Exit relays
in order to help the network defend against this ongoing DDoS.
o Directory authority changes (dizum, Faravahar):
- Change dizum IP address. Closes ticket 40687.
- Remove Faravahar until its operator, Sina, set it back up online
outside of Team Cymru network. Closes ticket 40688.
o Major bugfixes (geoip data):
- IPFire informed us on August 12th that databases generated after
(including) August 10th did not have proper ARIN network
allocations. We are updating the database to use the one generated
on August 9th, 2022. Fixes bug 40658; bugfix on 0.4.5.13.
o Major bugfixes (onion service):
- Set a much higher circuit build timeout for opened client rendezvous
circuit. Before this, tor would time them out very quickly leading to
unnecessary retries meaning more load on the network. Fixes bug 40694;
bugfix on 0.3.5.1-alpha.
o Major bugfixes (OSX):
- Fix coarse-time computation on Apple platforms (like Mac M1) where
the Mach absolute time ticks do not correspond directly to
nanoseconds. Previously, we computed our shift value wrong, which
led us to give incorrect timing results. Fixes bug 40684; bugfix
on 0.3.3.1-alpha.
o Major bugfixes (relay):
- Improve security of our DNS cache by randomly clipping the TTL
value. TROVE-2021-009. Fixes bug 40674; bugfix on 0.3.5.1-alpha.
o Minor feature (Mac and iOS build):
- Change how combine_libs works on Darwin like platforms to make
sure we don't include any `__.SYMDEF` and `__.SYMDEF SORTED`
symbols on the archive before we repack and run ${RANLIB} on the
archive. This fixes a build issue with recent Xcode versions on
Mac Silicon and iOS. Closes ticket 40683.
o Minor feature (metrics):
- Add various congestion control counters to the MetricsPort. Closes
ticket 40708.
o Minor feature (performance):
- Bump the maximum amount of CPU that can be used from 16 to 128. Note
that NumCPUs torrc option overrides this hardcoded maximum. Fixes bug
40703; bugfix on 0.3.5.1-alpha.
o Minor feature (relay):
- Make an hardcoded value for the maximum of per CPU tasks into a
consensus parameter.
- Two new consensus parameters are added to control the wait time in
queue of the onionskins. One of them is the torrc
MaxOnionQueueDelay options which supersedes the consensus
parameter. Closes ticket 40704.
o Minor feature (relay, DoS):
- Apply circuit creation anti-DoS defenses if the outbound circuit
max cell queue size is reached too many times. This introduces two
new consensus parameters to control the queue size limit and
number of times allowed to go over that limit. Closes ticket 40680.
o Minor feature (relay, metrics):
- Add DoS defenses counter to MetricsPort.
- Add congestion control RTT reset counter to MetricsPort.
- Add counters to the MetricsPort how many connections, per type,
are currently opened and how many were created.
- Add relay flags from the consensus to the MetricsPort.
- Add total number of opened circuits to MetricsPort.
- Add total number of streams seen by an Exit to the MetricsPort.
- Add traffic stats as in number of read/written bytes in total.
- Related to ticket 40194.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 10, 2022.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/11/10.
o Minor bugfixes (authorities, sandbox):
- Allow to write file my-consensus-<flavor-name> to disk when
sandbox is activated. Fixes bug 40663; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (dirauth):
- Directory authorities stop voting a consensus "Measured" weight
for relays with the Authority flag. Now these relays will be
considered unmeasured, which should reserve their bandwidth for
their dir auth role and minimize distractions from other roles. In
place of the "Measured" weight, they now include a
"MeasuredButAuthority" weight (not used by anything) so the
bandwidth authority's opinion on this relay can be recorded for
posterity. Lastly, remove the AuthDirDontVoteOnDirAuthBandwidth
torrc option which never worked right. Fixes bugs 40698 and 40700;
bugfix on 0.4.7.2-alpha.
o Minor bugfixes (onion service client):
- A collapsing onion service circuit should be seen as an
"unreachable" error so it can be retried. Fixes bug 40692; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (onion service):
- Make the service retry a rendezvous if the circuit is being
repurposed for measurements. Fixes bug 40696; bugfix
on 0.3.5.1-alpha.
o Minor bugfixes (relay overload statistics):
- Count total create cells vs dropped create cells properly, when
assessing if our fraction of dropped cells is too high. We only
count non-client circuits in the denominator, but we would include
client circuits in the numerator, leading to surprising log lines
claiming that we had dropped more than 100% of incoming create
cells. Fixes bug 40673; bugfix on 0.4.7.1-alpha.
o Code simplification and refactoring (bridges):
- Remove unused code related to ExtPort connection ID. Fixes bug
40648; bugfix on 0.3.5.1-alpha.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
This commit updates boost to version 1.81.0
A new library is available:
- URL [1]: A library for parsing, modifying, and printing URLs using
only C++11, from Vinnie Falco and Alan de Freitas. Features include
fast compilation, strong invariants, and strict compliance using a
memory-friendly approach.
More info about Boost 1.81.0 can be found at the usual place [2].
[1]: https://www.boost.org/doc/libs/1_81_0/libs/url/doc/html/index.html
[2]: https://www.boost.org/users/history/version_1_81_0.html
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
