This can be disabled with the `withKerberos` flag if desired.
Make the relevant assertions lazy,
so that if an overlay is used to set kerberos to null,
a later override can explicitly set `withKerberos` to false.
Don't build with GSSAPI by default;
the patchset is large and a bit hairy,
and it is reasonable to follow upstream who has not merged it
in not enabling it by default.
This potentially addresses CVE-2017-1000494.
Changes since last version bump:
2017/12/11:
Fix buffer over run in minixml.c
Fix uninitialized variable access in upnpreplyparse.c
changelog since the last version bump:
2017/12/12:
Fix a few buffer overrun in SSDP and SOAP parsing
2017/11/02:
PCP : reset epoch after address change
2017/05/26:
merge https://github.com/miniupnp/miniupnp/tree/randomize_url branch
2017/05/24:
get SSDP packet receiving interface index and use it to check if the
packet is from a LAN
2017/03/13:
default to client address for AddPortMapping when <NewInternalClient>
is empty
pass ext_if_name to add_pinhole()
2016/12/23:
Fix UDA-1.2.10 Man header empty or invalid
2016/12/16:
Do not try to open IPv6 sockets once it is disabled
2016/12/01:
Fix "AddPinhole Twice" test
2016/11/11:
fixes build for Solaris/SunOS
2016/07/23:
fixes build error on DragonFly BSD
systemd is a fairly large dependency, and it doesn't appear to
be necessary in all circumstances - e.g. when openvpn is
not run as a systemd service (as is usually the case when it is
run in a Docker container).
This change makes the dependency on systemd optional, controlled
by a new argument `useSystemd`. The default behaviour remains
the same as it was before this change: enabled only on Linux systems.
For me, this change reduces the size of my container image (dominated
by the closure of openvpn) from about 110 MB to 45 MB.
Version 2: rename argument to `useSystemd` (was `systemdSupport`), and
rebase onto master
Keep the `source` attrset distinct to prevent its entries from merging
with the top level attrs.
Since each type of source has a different set of entries for `source`,
this is the easiest way to keep them together.
This will pave the way for a new `url` type of source.
This is a mass-rebuild of many ruby packages,
notably those using `git` type sources.