package: zorp severity: important
Two new stable upstream versions available fix serious bugs including segfaults, deadlocks, memory leaks, fd leaks, race conditions, etc.:
3.0 branch: version 3.0.3 (stable) released on 2005.01.06 2.1 branch: version 2.1.8 (stable) released on 2004.09.14
Changelogs:
zorp 3.0.3
Wed, 22 Dec 2004 10:13:37 +0100Changes since 3.0.2
Core:
* Fixed Solaris packaging problem, configuration files such as
zorpctl.conf are not overwritten by default.
* Fixed FailoverChainer to work correctly when the preferred
source address was specified by the router. (e.g.
forge_addr/forge_port was set)
* Fixed possible segmentation fault when the keys used for
authenticating the ZAS SSL channels were not readable. * Added the possibility to specify certificate verification
depth to ZAS connections.
* Fixed possible deadlock in UDP proxying.
* Fixed non-transparent UDP proxying problem triggered by for
example ICMP port unreachable.
* Fixed NATPolicy cacheable attribute setting, it was always set
to TRUE regardless what the administrator specified.
* Added authorization failure reporting to satyr, previously a
successfully authenticated but unauthorized connections were
first accepted (Satyr reported authentication success), and
then rejected by closing the proxied connection. This confused
some users.
* Updated man pages.
zorpctl:
* Improved error reporting, the errors during the performed
action are accumulated and reported when zorpctl exits to make
the output more readable.
* Increased default per-thread file limit to 64 as VBuster might
use a lot of file descriptors for temporary files.
* Renamed APPEND_ARGS zorpctl option to ZORP_APPEND_ARGS (old
name also works), also added ZORPCTL_APPEND_ARGS to make it
possible to specify options for zorpctl globally.
* Fixed CHECK_PERMS processing to check proper permissions for
the /etc/zorp directory.
* Added AUTH_RESTART_DELAY option which specifies the number of
seconds to wait before Zorp is restarted.
* Improved Zorp restart code, in addition of Zorp exiting due to
signals it is also restarted when it exits with a non-zero
return code.VBuster:
* Made some improvements in vbuster upgrade script logging. * Added logrotation to /var/log/vbuster.log
* Fixed a possible scanning error when the object is
swapped to disk.
* Added FTPOVERHTTPPROXY option to vbuster.options.
* Added configurable error handling to the proxy to make it
possible to cleanly handle bad and/or password protected
archive files.
* Clarified and unified virus scanning result messages.
Lp:
* Cleaned up log messages. Nntp:
* Cleaned up log messages. Pssl:
* Added support for PSSL_VERIFY_OPTIONAL_TRUSTED which only
accepts trusted certificates, but does not require the peer to
specify one. The old PSSL_VERIFY_OPTIONAL is was renamed to
PSSL_VERIFY_OPTIONAL_UNTRUSTED while keeping the old name for
compatibility.
* Added permit_invalid_certificates attribute which turns of
UNTRUSTED certificate validation completely, e.g. it accepts
any certificate even if it is expired.
* Fixed problem with the communication to sites which optionally
asked for certificates. Smtp:
* Removed trailing spaces from MAIL commands containing ESMTP
extensions, as some MTAs complained about them.
* Fixed the default values for max_request_length &
max_response_length to match documentation. (512 instead of
the previous 256 as required by the RFC)
* Added support for the unconnected_response_code attribute
which specifies what response to return when the proxy is
unable to connect to the server. The value defaults to 554 as
this was the previous behaviour of the proxy, however it is
known to cause some problems with various MTAs so it might be
changed to 421 in the future.
* Clarified a couple of log messages.
* Fixed SmtpInvalidRecipientMatcher to avoid possible fd leak.
* Added 550 as a permitted response to the DATA command. Http:
* Changed CONNECT handling to use the original client request if
parent proxy is used. This changes makes it possible to allow
the upstream proxy to do authentication.
* Added a couple of missing log messages in various error
scenarios.
* Added workaround for some buggy browsers which send a CRLF
after their POST request and become confused when the proxy
closes the connection without fetching these extra bytes.zorp 3.0.2
Thu, 28 Oct 2004 09:56:26 +0100Changes since 3.0.1
Core:
* Fixed performance problems in non-transparent HTTP proxying,
DNS lookups are unserialized as the memory leak preventing
this was fixed in libc (from 2.2.5-11.5zorpos1).
* Fixed a bug in FailoverChainer which prevented it from working
when timeout was not specified.
* Fixed a compatibility problem with 2.1: startUp and shutDown
functions were renamed to their lower case equivalent in
earlier 3.0.x releases and compatibility was not ensured, this
was fixed.
* Fixed a possible problem which may cause incoming lines to
be interpreted as two separate lines during data transfer.
* Zorp refuses to start if the autobind IP address is not
available.
* Added a Z_ERROR verdict to the proxy decision logic which
makes it possible to soft-fail a transaction when the stacked
proxy detects some non-protocol specific failure (for example
virus scanning is unable to load its database).
* Added connection Type of Service support, the value of the TOS byte is propagated from the client to the server side
connections.
* Added some more details to some log messages, and tuned the
verbosity level in some cases.
Ftp:
* Fixed a dead-lock in EPSV command introduced in 3.0.1 Http:
* Introduced a new option to keep the client connection
persistent even if the server requests the connection to
close. Nntp:
* Fixed a bug which caused rejecting command lines with trailing
whitespaces. Smtp:
* Fixed a bug in recipients tracking, email addresses not
accepted by the server are not reported as successful
recipients in the SMTP accounting message.
* Added support for Z_ERROR verdict returned by stacked proxies,
it returns a temporary- instead of a persistent failure to
the client when the proxy reports some non-protocol specific
failure.
* SmtpInvalidRecipientMatcher automatically detects the
method to verify the validity of an email address. It always
tries VRFY first (unless force_delivery_attempt is TRUE),
and falls back to mail sending automatically if the target
does not support VRFY.Pssl:
* Implement online key generation to fake the identity of the
other side.
Telnet:
* Added support for the EOR option to TelnetProxy &
TelnetProxyStrict
VBuster:
* Encrypted archives are not rejected.
* Fixed a bug which could result in dropping the first part of the file.
zorp 3.0.1
Thu, 16 Sep 2004 19:03:49 +0200Changes since 3.0.0
Core:
* Fixed a timeout in core transfer code which triggered timeouts
in the SMTP proxy when delivering mails.
* Added a more detailed error message if no matching zone can be
found for an IP address.
* Fixed UDP packet handling when packet size is more than 1500
bytes.
* Fixed a race condition in ZAS authentication (might cause
SIGSEGV).
* Added a more detailed error message if the specified Zorp
instance could not be found in the policy file.Ftp:
* More detailed messages about data connections.
Http:
* Fixed a HTTP/0.9 interoperability problem when using virus
stacking in HTTP.
* New attributes (request_mime_type and response_miem_type)
which contain the MIME type of the entity to be
transferrred.
* Moved the "postfilter" header logging to a later stage in
processing to make it absolutely sure that it matches the
actually sent headers.
Mime:
* Fixed two possible cases which resulted in a lot of "Error
decoding data" messages to be printed.
Pop3:
* Fixed an erroneous extra error message sent to the client, when the stacked proxy rejected the mail content, and
some data had already been sent.
Smtp:
* Fixed an erroneous 500 response in response to an EOF sent by
the client.
* Fail nicely if an error occurs in SmtpInvalidRecipientMatcher.
(ie. cannot connect to server)
Telnet:
* Added a possibility to specify telnet command negotiation
options.
VBuster:
* New script to automatically get updated versions of virus
database.
* Start virus scanning only after the full object was
downloaded and not while being downloaded, because the number
of parallel virus scanning is limited.
* Reject everything if virus database could not be loaded,
unless vdb_error_soft_fail has been set.
* Fixed content-length hinting for oversized files, this caused
possible content corruption when used in the HTTP proxy.zorp 3.0.0
Fri, 16 Jul 2004 15:10:42 +0200Changes since 3.0beta3
Core: * Fixed setting the default stack-limit (might cause SIGSEGV with pre-2.4 kernels).
* Fixed ugly warning messages when a proxy initiated two connections to the same server host.
* Fixed authentication problems after the authentication server
was restarted.
* Fixed a possible segmentation fault caused by a race condition in the
authentication code.
* Fixed a possible segmentation fault, usually triggerred by a loaded
FTP proxy.
* Fixed thread average calculation in SZIG.
Pop3:
* Fixed a possible mail retrieval problem.
* Fixed handling messages containing NUL messages, these messages
were previously rejected.
Smtp:
* Fixed handling messages containing NUL characters in mail messages, these messages were previously rejected.
* Added a new SmtpValidRecipientMatcher class, which allows
filtering the accepted recipients in the SMTP proxy based on
the responses of a third SMTP server.
Ftp: * Fixed a possible "Internal error" condition which caused data
connection establishment to fail.
Http:
* Fixed a possible "Proxy-Connection" header duplication.
* Added Content-Length hinting, to avoid changing the
transfer mode to "chunked" mode when possible when content
checking is performed.
* Does not touch the headers returned to a HEAD request, even if
we would change to chunked mode, some clients are confused when
a HEAD response does not contain a Content-Length field.
* Added the possibility to allow both the "Connection" and
"Proxy-Connection" header to be present, controllable by the
permit_both_connection_headers attribute (defaults to FALSE)
VBuster:
* Added an automatic cron job to automatically retrieve updates.
* Introduced some global variables to change the default location
of the virus database (substitutes the now defunct
/etc/vbuster.cfg file).
zorp 2.1.8
Tue, 14 Sep 2004 09:31:46 +0200 Core:
* Fixed possible segmentation fault when used with Python 2.3
(affects only zorp-os-3.0/2.1). Http:
* Suppress data body when the response to a HEAD request contains
a Content-Length header.zorp 2.1.7
Fri, 30 Apr 2004 14:01:30 +0200Bugfixes:
Core:
* Fix possible memory leak in UDP packet handling.
* Listener & Receive default to mark_tproxy set to FALSE. Ftp:
* Fixed possible segmentation fault during DATA connection
establishment, caused by a race condition. Http:
* Fixed HTTP/0.9 request fallback problem.Other changes:
Core:
* Include version version number in startup messages.
* Included crypto accelerator support when compiled against
libssl 0.9.7 (zorp-os-3.0/2.1). Ftp:
* Check the EPRT command more strictly.zorp 2.1.6
Tue, 2 Mar 2004 21:05:12 +0100Bugfixes:
Core:
* increased PROCESS_LIMIT_MIN to 2048
* fixed race condition in max_services enforcement
* the iptables -m tproxy condition doesn't match normal Listener sockets unless the mark_tproxy argument is present
* fixed race condition in proxy startup
Ftp:
* fixed fd leak when downloading small files or list
* check ALLO command more strictly
* accept @ char in username when proxy is in non-transparent
mode.
* only allow the USER command before the server connection is established
* fixed possible race condition (might cause SIGSEGV) during
DATA connection establishment
Other changes:
Core:
* tutorial updatedzorp 2.1.5
Fri, 16 Jan 2004 21:44:15 +0100
Other changes:
Core:
* improved general thread startup performance as SZIG locking
was rationalized. SZIG is the query interface that zorpctl2
uses to get number of running threads information from Zorp.
zorp 2.1.3
Tue, 2 Dec 2003 20:47:21 +0100
Bugfixes:
Core:
* fixed problems in inband authentication Http:
* fixed a rare case when only half of the CRLF pair could be
written in chunk footersSome minor new features:
Core:
* Implement authorization with groups
* Implement AuthPolicy classzorp 2.1.2
Thu, 13 Nov 2003 11:56:47 +0100Bugfixes:
Core
* fixed zorpctl to add 64 to the calculated number of file
descriptors
* fixed a problem in the fastpath of TransparentRouter
* fixed follow_parent argument handling in CSZoneReceiver
* fixed a small memory leak in SZIG
* increased the timeout value when communicating with ZAS
* fixed possible fdleaks when communicating with Satyr/ZAS fails
for some reason
* fixed possible SEGSEGV in UDP proxying
* fixed possible deadlock which caused problems with FTP Http
* fixed possible segmentation fault when Content-Length
contained an invalid number
* ignore and strip HTTP chunk extensions
* introduced permit_http09_responses to allow/reject HTTP/0.9
completely
* fixed HTTP/0.9 fallback if the response contains binary characters
* fixed a problem in permit_proxy_requests, HTTP/1.0 was
always accepted even if the request contained a proxy request Ftp
* fixed possible deadlock/SIGSEGV which occurs when a non-ABOR
command occurs after urgent data is read
* fixed possible fd-leak caused by a missing free in the core
* fixed temporary memory leaks as the data proxies were not
freed as long as the control channel was active. This might cause
problems when many files were downloaded in the same session.Some minor new features:
Http
* new stacking mode called HTTP_STK_MIME which stacks a complete
MIME envelope with headerszorp 2.1.1
Tue, 23 Sep 2003 12:08:32 +0200Bugfixes:
Core:
* More information logged when connection is authenticated.
* Fix in UDP handling
* gethostbyname_r in glibc 2.2.5 leaks memory. Disabled the use
of gethostbyname_r as long as the libc is fixed.Some minor new features:
Core:
* Introduced dispatcher threads which starts proxies in a
separate thread, to avoid service starvation and to make
connection queueing more fair (first come first served).
* Make some speedup in zorp startup.zorp 2.1.0
This is the first release of the new 2.1 branch. User visible
changes in this release (some of them might have been backported to
the 2.0 release):Core:
* Better TPROXY detection code, it is no longer required to
compile the Netfilter TProxy code as module.
* When an SNAT is present for a Service forge_addr defaults to TRUE
* Proxies can talk to each other to improve integration between
stacked proxies.
* Zone based Listener and Receiver classes received a new
argument named follow_parent which makes it easier to control
policy at multiple administrative levels.
* Performance improvements: - DAC cache, - Zone name cache, - improved Zone data structure, - instead of using the main loop to establish a connection, blocking connect() is used:
* Support for running the multiple instances by the same Zorp
instance
* The pidfile is stored in /var/run/zorp instead in /var/run
Http:
* the ability to use stacked proxies to filter the data part of
HTTP requests and responses
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
