cfce485524
- update to 3.19.1: * SECURITY NOTE: Thanks to Han Lee with Apple Information Security for finding and reporting several memory errors * off-by-one heap overflow has been fixed in authentication (bsc#1247519, CVE-2025-54349, ESNET-SECADV-2025-0003) * assert in authentication has been removed (bsc#1247520, CVE-2025-54350, ESNET-SECADV-2025-0002) * a buffer overflow in the --skip-rx-copy option for zerocopy has been fixed (bsc#1247522, CVE-2025-54351, ESNET-SECADV-2025-0001)
Aeneas Jaißle2025-08-05 11:19:16 +00:00
a830a4b23d
Accepting request 1297534 from home:aschnell:branches:network:utilities
Aeneas Jaißle2025-08-05 11:19:16 +00:00
a0a4191d9d
Accepting request 1279942 from network:utilities
Ana Guerrero2025-05-26 16:37:28 +00:00
fd8de6ea85
Accepting request 1279942 from network:utilities
Ana Guerrero2025-05-26 16:37:28 +00:00
c861f867aa
- update to 3.19 * iperf3 now supports the use of Multi-Path TCP (MPTCPv1) on Linux with the use of the -m or --mptcp flag. (PR #1661) * iperf3 now supports a --cntl-ka option to enable TCP keepalives on the control connection. (#812, #835, PR #1423) * iperf3 now supports the MSG_TRUNC receive option, specified by the --skip-rx-copy. This theoretically improves the rated throughput of tests at high bitrates by not delivering network payload data to userspace. (#1678, PR #1717) * A bug that caused the bitrate setting to be ignored when bursts are set, has been fixed. (#1773, #1820, PR #1821, PR #1848) * The congestion control protocol setting, if used, is now properly reset between tests. (PR #1812) * iperf3 now exits with a non-error 0 exit code if exiting via a SIGTERM, SIGHUP, or SIGINT. (#1009, PR# 1829) * The current behavior of iperf3 with respect to the -n and -k options is now documented as correct. (#1768, #1775, #596, PR #1800) - switched to official sources from https://downloads.es.net/pub/iperf/ following the note on https://software.es.net/iperf/obtaining.html#source-distributions GitHub releases are not guaranteed to always be released with proper checksums, signage and downloads. - removed patches: iperf-gcc15.patch (included upstream)
Aeneas Jaißle2025-05-25 20:54:22 +00:00
22f07f73d3
Accepting request 1279087 from home:aeneas_jaissle:branches:network:utilities
Aeneas Jaißle2025-05-25 20:54:22 +00:00
654b599740
Accepting request 1275150 from home:pgajdos
Aeneas Jaißle2025-05-07 11:27:52 +00:00
2c572e125f
Accepting request 1240619 from network:utilities
Ana Guerrero2025-01-27 20:33:49 +00:00
66988afcea
Accepting request 1240619 from network:utilities
Ana Guerrero2025-01-27 20:33:49 +00:00
97c5381fc0
- update to 3.18 (bsc#1234705, CVE-2024-53580): * SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. (CVE-2024-53580) This has now been fixed. (PR#1810) * UDP packets per second now reports the correct number of packets, by reporting NET_SOFTERROR if there's a EAGAIN/EINTR errno if no data was sent (#1367/PR#1379). * Several segmentation faults related to threading were fixed. One where pthread_cancel was called on an improperly initialized thread (#1801), another where threads were being recycled (#1760/PR#1761), and another where threads were improperly handling signals (#1750/PR#1752). * A segmentation fault from calling freeaddrinfo with NULL was fixed (PR#1755). * Some JSON options were fixed, including checking the size for json_read (PR#1709), but the size limit was removed for received server output (PR#1779). * A rcv-timeout error has been fixed. The Nread timeout was hardcoded and timed out before the --rcv-timeout option * There is no longer a limit on the omit time period * Fixed an output crash under 32-bit big-endian systems * An issue was fixed where CPU utilization was unexpectedly high during limited baud rate tests. The --pacing-timer option was removed, but it is still available in the library * Add SCTP information to --json output and fixed compile error when SCTP is not supported (#1731). * --fq-rate was changed from a uint to a uint64 to allow pacing above 32G. Not yet tested on big-endian systems
Dirk Mueller2025-01-27 17:58:32 +00:00
4831f84093
- update to 3.18 (bsc#1234705, CVE-2024-53580): * SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. (CVE-2024-53580) This has now been fixed. (PR#1810) * UDP packets per second now reports the correct number of packets, by reporting NET_SOFTERROR if there's a EAGAIN/EINTR errno if no data was sent (#1367/PR#1379). * Several segmentation faults related to threading were fixed. One where pthread_cancel was called on an improperly initialized thread (#1801), another where threads were being recycled (#1760/PR#1761), and another where threads were improperly handling signals (#1750/PR#1752). * A segmentation fault from calling freeaddrinfo with NULL was fixed (PR#1755). * Some JSON options were fixed, including checking the size for json_read (PR#1709), but the size limit was removed for received server output (PR#1779). * A rcv-timeout error has been fixed. The Nread timeout was hardcoded and timed out before the --rcv-timeout option * There is no longer a limit on the omit time period * Fixed an output crash under 32-bit big-endian systems * An issue was fixed where CPU utilization was unexpectedly high during limited baud rate tests. The --pacing-timer option was removed, but it is still available in the library * Add SCTP information to --json output and fixed compile error when SCTP is not supported (#1731). * --fq-rate was changed from a uint to a uint64 to allow pacing above 32G. Not yet tested on big-endian systems
Dirk Mueller2025-01-27 17:58:32 +00:00
7152ff0e91
Accepting request 1224601 from network:utilities
Ana Guerrero2024-11-17 15:42:14 +00:00
e15700c114
Accepting request 1224601 from network:utilities
Ana Guerrero2024-11-17 15:42:14 +00:00
dbc78dfc89
Build with OpenSSL for key based authentication support
Aeneas Jaißle2024-11-16 23:32:06 +00:00
778994c1f4
Accepting request 1224467 from home:crameleon:branches:network:utilities
Aeneas Jaißle2024-11-16 23:32:06 +00:00
bf04c260c5
Accepting request 1174204 from network:utilities
Ana Guerrero2024-05-15 19:28:55 +00:00
6a62b6a6a2
Accepting request 1174204 from network:utilities
Ana Guerrero2024-05-15 19:28:55 +00:00
5df87d344b
- update to 3.17.1 (bsc#1224262, CVE-2024-26306): * BREAKING CHANGE: iperf3's authentication features, when used with OpenSSL prior to 3.2.0, contain a vulnerability to a side-channel timing attack. To address this flaw, a change has been made to the padding applied to encrypted strings. This change is not backwards compatible with older versions of iperf3 (before 3.17). To restore the older (vulnerable) behavior, and hence backwards-compatibility, use the --use-pkcs1-padding flag. The iperf3 team thanks Hubert Kario from RedHat for reporting this issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695) * iperf3 no longer changes its current working directory in --daemon mode. This results in more predictable behavior with relative paths, in particular finding key and credential files for authentication. (PR#1672) * A new --json-stream option has been added to enable a streaming output format, consisting of a series of JSON objects (for the start of the test, each measurement interval, and the end of the test) separated by newlines (#444, #923, #1098). * UDP tests now work correctly between different endian hosts * The --fq-rate parameter now works for --reverse tests * The statistics reporting interval is now available in the --json start test object (#1663). * A negative time test duration is now properly flagged as an error (IS#1662 / PR#1666).
Dirk Mueller2024-05-15 10:56:09 +00:00
7acd497da7
- update to 3.17.1 (bsc#1224262, CVE-2024-26306): * BREAKING CHANGE: iperf3's authentication features, when used with OpenSSL prior to 3.2.0, contain a vulnerability to a side-channel timing attack. To address this flaw, a change has been made to the padding applied to encrypted strings. This change is not backwards compatible with older versions of iperf3 (before 3.17). To restore the older (vulnerable) behavior, and hence backwards-compatibility, use the --use-pkcs1-padding flag. The iperf3 team thanks Hubert Kario from RedHat for reporting this issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695) * iperf3 no longer changes its current working directory in --daemon mode. This results in more predictable behavior with relative paths, in particular finding key and credential files for authentication. (PR#1672) * A new --json-stream option has been added to enable a streaming output format, consisting of a series of JSON objects (for the start of the test, each measurement interval, and the end of the test) separated by newlines (#444, #923, #1098). * UDP tests now work correctly between different endian hosts * The --fq-rate parameter now works for --reverse tests * The statistics reporting interval is now available in the --json start test object (#1663). * A negative time test duration is now properly flagged as an error (IS#1662 / PR#1666).
Dirk Mueller2024-05-15 10:56:09 +00:00
0ce9ae99b3
Accepting request 1135291 from network:utilities
Ana Guerrero2023-12-28 22:01:48 +00:00
fda1c4a5f4
Accepting request 1135291 from network:utilities
Ana Guerrero2023-12-28 22:01:48 +00:00
c5c638637d
- update to 3.16: * Multiple test streams started with -P/--parallel will now be serviced by different threads. This allows iperf3 to take advantage of multiple CPU cores on modern processors, and will generally result in significant throughput increases * OpenSSL 3 is now detected at build time. If OpenSSL 3 is found, various older, deprecated, APIs will not be used. iperf3 will continue to work with OpenSSL 1.1.1. OpenSSL is used as a part of the iperf3 authentication functionality * The authorized users file used by the authentication functionality is now checked for accessibility much earlier during the program startup, as opposed to being checked near the start of a test (Issue #1583, PR #1585). * BREAKING CHANGE: iperf3 now requires pthreads and C atomic variables to compile and run.
Dirk Mueller2023-12-27 11:27:06 +00:00
273e593b78
- update to 3.16: * Multiple test streams started with -P/--parallel will now be serviced by different threads. This allows iperf3 to take advantage of multiple CPU cores on modern processors, and will generally result in significant throughput increases * OpenSSL 3 is now detected at build time. If OpenSSL 3 is found, various older, deprecated, APIs will not be used. iperf3 will continue to work with OpenSSL 1.1.1. OpenSSL is used as a part of the iperf3 authentication functionality * The authorized users file used by the authentication functionality is now checked for accessibility much earlier during the program startup, as opposed to being checked near the start of a test (Issue #1583, PR #1585). * BREAKING CHANGE: iperf3 now requires pthreads and C atomic variables to compile and run.
Dirk Mueller2023-12-27 11:27:06 +00:00
453fd503c2
Accepting request 1113658 from network:utilities
Ana Guerrero2023-09-26 20:00:55 +00:00
a85cb2e25e
Accepting request 1113658 from network:utilities
Ana Guerrero2023-09-26 20:00:55 +00:00
347b4e16c4
Accepting request 1113223 from network:utilities
Ana Guerrero2023-09-25 18:02:38 +00:00
a7dd69efa6
Accepting request 1113223 from network:utilities
Ana Guerrero2023-09-25 18:02:38 +00:00
9e17dabfc7
- update to 3.15: * Several bugs that could allow the iperf3 server to hang waiting for input on the control connection has been fixed (ESnet Software Security Advisory ESNET-SECADV-2023-0002) * A bug that caused garbled output with UDP tests on 32-bit hosts has been fixed (PR #1554, PR #1556). This bug was introduced in iperf-3.14. * A bug in counting UDP messages has been fixed JSON output on CentOS 6 * This maintenance release adds a -1 flag to make the iperf3 execute a single test and exit, needed for an upcoming bwctl there is only one stream. version developed at NLANR/DAST. iperf3 is a new implementation from scratch, with the goal of a smaller, simpler code base, and a library version of the functionality that can be used in other programs. iperf3 also a number of features found in other tools such as nuttcp and netperf, but were missing from the original iperf. These include, for example, a zero-copy mode and
Dirk Mueller2023-09-23 11:08:07 +00:00
d098cb643f
- update to 3.15: * Several bugs that could allow the iperf3 server to hang waiting for input on the control connection has been fixed (ESnet Software Security Advisory ESNET-SECADV-2023-0002) * A bug that caused garbled output with UDP tests on 32-bit hosts has been fixed (PR #1554, PR #1556). This bug was introduced in iperf-3.14. * A bug in counting UDP messages has been fixed JSON output on CentOS 6 * This maintenance release adds a -1 flag to make the iperf3 execute a single test and exit, needed for an upcoming bwctl there is only one stream. version developed at NLANR/DAST. iperf3 is a new implementation from scratch, with the goal of a smaller, simpler code base, and a library version of the functionality that can be used in other programs. iperf3 also a number of features found in other tools such as nuttcp and netperf, but were missing from the original iperf. These include, for example, a zero-copy mode and
Dirk Mueller2023-09-23 11:08:07 +00:00
ab3cb6d686
Accepting request 1099784 from network:utilities
Ana Guerrero2023-07-24 16:25:31 +00:00
9357101468
Accepting request 1099784 from network:utilities
Ana Guerrero2023-07-24 16:25:31 +00:00
367945e2c9
Accepting request 1099783 from home:dirkmueller:Factory
Dirk Mueller2023-07-20 19:11:03 +00:00
e0cc46993c
Accepting request 1099783 from home:dirkmueller:Factory
Dirk Mueller2023-07-20 19:11:03 +00:00
Ana Guerrero
Aeneas Jaißle
Dominique Leuenberger
Dirk Mueller
Marcus Meissner
Lars Vogdt
OBS User mrdocs