1 1999-09-18 Miquel van Smoorenburg (miquels@cistron.nl)
3 * Change a couple of Makefile.ins to plain Makefiles
4 * Added missing.c and missing.h
5 * Detect <utmp.h> and define replacements in sysutmp.h if missing
6 * New mechanism in main/Makefile to detect static modules
7 * Fix warnings in lib/filters.c
9 1999-08-23 Miquel van Smoorenburg (miquels@cistron.nl)
11 * src/main/auth.c: Login-Time check: set Session-Timeout to
12 at least 60 seconds (some terminal servers ignore smaller values)
13 * src/lib/valuepair.c: fix gettime()
14 * src/main/proxy.c: call proxy_cleanup in both send and recv funcs
16 1999-08-21 Miquel van Smoorenburg (miquels@cistron.nl)
18 * configure.in: check for GNU Make
19 * doc/*: change Cistron Radius to FreeRadius
20 * src/modules/Makefile.in: fix rm -f lib/* (bailed out on lib/CVS)
21 * debian/*: some changes (might want to rip out completely)
22 * doc/ChangeLog: new format, more like other projects.
24 radiusd-cistron (1.6-alpha3) experimental; urgency=low
26 * Changed directory structure. Each module is now in it's own directory.
28 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 12 Aug 1999 19:12:47 +0200
30 radiusd-cistron (1.6-alpha2) experimental; urgency=low
32 * 1.6-alpha2 "Total Eclipse" release ;)
33 * Moved a lot of code around
34 * Added module code from Alan DeKok
35 * Moved more code around, made some stuff into huntgroups
36 * You can now register a function that is called when a
37 certain valuepair is compared with another
38 * Operator support not completely merged (still todo)
39 * Only tested with a few requests, but hey, it compiles ...
40 * Might rename result constants in modules.h to AUTH_, AUTZ_, ACCT_
41 * Rewrote builddbm.c - last remnant of Livingston code is now gone
42 * Bugs from alpha1 not fixed yet either
44 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 11 Aug 1999 00:55:17 +0200
46 radiusd-cistron (1.6-alpha1) experimental; urgency=low
48 * Fix off_t cast in lseek() in radzap.c
50 * Fix some proxy memory leaks - Jonathan Ruano <kobalt@james.encomix.es>
51 * checkrad.pl update by Antonio Dias, rewritten Cyclades PathRAS subroutine
52 and a new Patton 2800 NAS SNMP routine. Also some doc updates.
53 * Fix huntgroup-compare to use operators
54 * Added /etc/shells checking, turned off by default./RADIUSD/ANY/SHELL
55 does the same as /SENDMAIL/ANY/SHELL for smrsh.
56 * Added dictionary.acc - Stephane Marzloff
57 * Changed the whole configuration over to autoconf
58 * We now use IP numbers in network order internally
59 * Added VersaNet support to checkrad.pl by Versanet Communications,
60 mailed to me by "Yi-Feng Liann" <yifeng@versanetcomm.com>
61 * Added Versanet dictionary
62 * Moved valuepair stuff to valuepair.c
63 * Rewrote config files and user files parsers to be more generic and
64 use the same internal functions so that the quoting rules are
66 * Moved all radius stuff to lib/, made more generic
67 * proxy uses functions from libradius
68 * long password support (generic functions in libradius)
69 * FIXME: dict.c has problems parsing dictionary.usr, dictionary.tunnel !
71 -- Miquel van Smoorenburg <miquels@cistron.nl> Sun, 25 Jul 1999 15:36:39 +0200
73 radiusd-cistron (1.5.4.3-beta18) experimental; urgency=low
75 * Fix the always stripping of realms
76 * Add port number to radius.log
77 * Add phone number to radius.log when logging failed logins
78 * Add -i option (bind to IP address)
79 * Change return value for 'other' in checkrad.pl to '1'
80 * Add password-file caching patch from Jeff Carneal <jeff@apex.net>
81 * Fix broken auth_type_fixup - Bryan Mawhinney <bryanm@is.co.za>
83 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 14 May 1999 16:08:56 +0200
85 radiusd-cistron (1.5.4.3-beta17) experimental; urgency=low
87 * Added NULL realm based on an idea by
88 Bastiaan Bakker <Bastiaan.Bakker@lifeline.nl>
89 * Changes for proxying:
90 - detect duplicate requests, resend it with the same ID and vector
91 to the remote radius server
92 - Change proxy-state A/V pair to a 4-byte string without embedded
93 zeros in it, so as not to confuse broken radius servers.
94 * Add casting to (off_t) to lseek offset arg in radzap
95 * Add checking of pw->expire for FreeBSD
96 * Add radutmp location caching: Bryan Mawhinney <bryanm@is.co.za>
97 * Now handles multiple attributes in one Vendor-Specific attribute
99 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 27 Apr 1999 14:51:08 +0200
101 radiusd-cistron (1.5.4.3-beta16) experimental; urgency=low
103 * Added SPECIALIX_JETSTREAM_HACK to work around a bug in
104 Specialix Jetstream 8500 24 port firmware.
105 * Added Alan DeKok's cistron-beta15-operator.patch as found on
106 ftp://ftp.striker.ottawa.on.ca/pub/radius/
107 * Added Login-Time check value, see doc/README
108 * Rewrote checkrad.pl:
109 - subroutines to read naspasswd and check Net::Telnet
110 - add possibility to use SNMP_Session perl module instead of snmpget
112 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 26 Mar 1999 15:31:57 +0100
114 radiusd-cistron (1.5.4.3-beta15) experimental; urgency=low
116 * Added a DEFAULT realm to /etc/raddb/realms (no idea if this is useful..)
117 * Added LOCAL proxyserver (means none) to /etc/raddb/realms
118 * Added "nostrip" option to /etc/raddb/realms
119 * Changed "-p" option to "-S"; "-p <port>" now allows you to specify
120 the port(s) radiusd listens on.
121 * Fix auth.c:rad_check_password(). auth_item must be present.
122 * Fixed radwho - secured popen(). This could be a BIG SECURITY HOLE
123 when you run radwho as your finger daemon - esp. if it runs as root!!!
125 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 21 Jan 1999 17:58:06 +0100
127 radiusd-cistron (1.5.4.3-beta14) experimental; urgency=low
129 * Fix buffer size in proxy.c from 0104 to 1024 :)
130 * On lines with a Password = "bla" line without Auth-Type, add
131 Auth-Type = Local implicitly while parsing the users file
132 * Fix CHAP for both local authentication and proxying (I hope..)
133 * Now Exec-Program-Wait tries to parse output of the program as
134 A/V pairs. Those are added to the reply. Mostly based on the
135 patch from "The light in the dark" <sijaiko@netplus.bg>
137 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 19 Dec 1998 17:45:15 +0100
139 radiusd-cistron (1.5.4.3-beta12) experimental; urgency=low
141 * Don't store radutmp/radwtmp info for admin logins, or
142 for leased lines going up/down
143 * Integrated latest version of checkrad from www.mdi.ca
144 * Instead of storing only the first part of acct-session-id in radutmp,
145 store the last part since that is more specific.
147 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 28 Nov 1998 17:07:31 +0100
149 radiusd-cistron (1.5.4.3-beta11) experimental; urgency=low
151 * Fix crash in proxy_cleanup()
152 * Some more SIGCHLD fixes.
153 * Fix $(PAM) in Make.inc for files.c
155 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 17 Nov 1998 12:09:46 +0100
157 radiusd-cistron (1.5.4.3-beta10) experimental; urgency=low
159 * Fixed some compilation warnings that showed up on certain platforms
160 * Removed rogue USR debugging message
161 * Hopefully fixed passwd problem with Ascend and proxy
162 * Fixed problems with bogus trailing attributes when receiving
163 vendor-specific attributes.
165 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 10 Nov 1998 00:04:33 +0100
167 radiusd-cistron (1.5.4.3-beta9) experimental; urgency=low
169 * The USR Vendor-Specific stuff should actually work now
170 * USR dictionary included
172 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 7 Nov 1998 16:30:55 +0100
174 radiusd-cistron (1.5.4.3-beta8) experimental; urgency=low
176 * Fix for Solaris 2.5.1 and signal() in SIGCHLD handler.
177 * Fix "suppress trailing zero" code in attrprint.c
178 * Fixed vendor-specific attributes which I broke in beta7
179 * Fixed radwtmp code which I broke in beta6
181 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 6 Nov 1998 19:29:47 +0100
183 radiusd-cistron (1.5.4.3-beta7) experimental; urgency=low
185 * Make sure that send_buffer and recv_buffer are properly aligned
186 by declaring them as an array of ints. Needed for Solaris/Sparc.
188 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 3 Nov 1998 16:22:00 +0100
190 radiusd-cistron (1.5.4.3-beta6) experimental; urgency=low
192 * Hack in support for accounting "alive" packets.
193 * Support for USR vendor specific attributes.
194 * Moved ASCEND_PORT_HACK so that it doesn't change the port number
195 internally for Authentication packets.
196 * Removed some "no username" complaints as this can happen with
197 initial Start record (usually an "Alive" packet update comes later)
198 * Add $(PAM) to auth.o rule in Make.inc
199 * Added Redhat stuff from Mauricio Andrade <mandrade@mma.com.br>
201 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 3 Nov 1998 15:55:40 +0100
203 radiusd-cistron (1.5.4.3-beta5) experimental; urgency=low
205 * Add $(LIBS) to radzap link stage
206 * In attrprint.c, suppress the printing of the trailing zero Ascend
207 gear likes to send (noted by Kris Hunt <suid@chilli.net.au>)
208 * In checkrad.pl:livingston_snmp() make snmpget output matching regexps
209 more general to work with more versions of snmpget
210 * Fix for usrhyper from "James R. Pooton" <james@digisys.net>
212 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 17 Oct 1998 17:42:48 +0200
214 radiusd-cistron (1.5.4.3-beta4) experimental; urgency=low
216 * Add Pam-Auth attribute (Chris Dent)
217 * Fixes in files.c by Alan DeKok for pair_move2() and empty reply pairs.
218 * Fix in radiusd.c rad_spawn_child() by Alan DeKok to check for duplicate
219 packets in a much better way (compare both ID and vector).
220 * Put some functoins in their own file: auth.c, exec.c
221 * First cut at proxy support in proxy.c
222 * Use new VALUE_PAIR->length everywhere, at least for strvalues.
223 * Added vendor-specific attributes, format as in Livingston Radius 2.1
225 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 8 Oct 1998 21:20:49 +0200
227 radiusd-cistron (1.5.4.3-beta3) experimental; urgency=low
229 * Include new checkrad.pl from Shilo Costa. See also
230 http://www.mdi.ca/sysadmin/cistron/
231 Net::Telnet based code by Alexis C. Villalon.
232 * Fix documentation bug checklogin -> checkrad
233 * Now a failed Exec-Program-Wait will really deny access
234 * Added patches from Don Greer <dgreer@austintx.com>, see
235 http://www.austintx.com/~dgreer/cistron-ascend/
236 * Fix sp_expire check for shadow passwd (thanks to Alan Madill)
237 * Patches from Blaz Zupan <blaz@amis.net> for FreeBSD
238 * Folded all four reply-functions into one
239 * Hopefully now Prefix = "P", Group = "group" works properly
241 * Fix dbm support (Blaz)
242 * Fix signal handler so that children do not kill accounting process.
243 * Now reloads config files on-the-fly after SIGHUP
244 * Added "-A" flag to write a "detail.auth" file.
245 * Make messages in radius.log more consistent
246 * Fix Denial-Of-Service problem - crashing radius with illegal packets
248 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 4 Jul 1998 15:06:55 +0200
250 radiusd-cistron (1.5.4.2) experimental; urgency=low
252 * Turn off SIGCHLD handler and use waitpid() in rad_check_ts()
253 On some OSes the wait() for the checkrad script failed.
254 * Fix Auth-Type = Crypted-Local
255 * Store porttype in radutmp (backwards compatible)
256 * Fix shadow passwords.
257 * Check expiration date for shadow passwords.
258 * Add %s (Connect-Info) to string en/de coder
260 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 5 Jan 1998 14:22:28 +0100
262 radiusd-cistron (1.5.4.1) experimental; urgency=low
265 * Fixed acct.c to calculate the right accounting response digest
266 * In acct.c, check the accounting request digest.
269 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 22 Nov 1997 16:43:18 +0100
271 radiusd-cistron (1.5.4) experimental; urgency=low
273 * Now compiles with glibc too
274 * Try to detect if TS only sends logout records and don't complain
275 * Started implementing double login checks through external programs
276 (see checkrad.pl script).
277 * Delete most A/V pairs from reply if Callback-Id is seen
278 (I'm not sure if this is actually OK, but we'll see...)
279 * Fix rc.radiusd script and radwatch to use pid files instead of killall
280 * Set timeout of 5 seconds on rad_getpwnam cache.
281 * Heiko Schlittermann <heiko@lotte.sax.de> provided diffs for:
282 - Added check for return code of the Exec-Program-Wait call and use
283 this as additional criterium if access is permitted or denied.
284 - Install cron.daily script too
285 - Removed race condition concerning handling for SIGCHLD
286 - Added feature: external program called via Exec-Program-Wait may
287 return up to 127 characters via its STDOUT. These characters
288 are to form an user message if the request is rejected.
289 * Add $INCLUDE directive for "dictionary" file.
290 * Seperated "clients" file into "clients" and "naslist" files.
291 * Allow spaces in usernames, using " " or `\ '
292 * Fixed wild pointer in radzap()
293 * Default for radwo-as-finger is to not show the fullname (privacy)
294 * Implement reliable double-login detection!
295 * Fix lockf (oops - I used it completely in the wrong way!)
296 * Fix rad_check_muli to use read() correctly
297 * Make stdout linebuffered if debug_flag (-x) is set.
298 * Fix Group/Group-Name check for huntgroups file. Found thanks to
299 Christian Oyarzun <oyarzun@marley.wilmington.net>.
300 * Removed CISTRON_COMPAT code. If you really need it, you can turn it
301 on by adding a Port-Message with % escape sequences in the users file.
303 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 21 Oct 1997 16:01:47 +0200
305 radiusd-cistron (1.5.3.pre4-4) experimental; urgency=low
307 * Fixed Prefix/Suffix stuff in hints file.
308 * Extra consistency check for ComOS reboot records. Sometimes Ascends send
309 bogus records that look a lot like them..
310 Noted by Jens Glaser <jens@regio.net>
311 * Add -p flag to getopt() call
312 * Fix sample users file (User-Message -> Port-Message)
313 * If Password = is set (and not "UNIX"), Auth-Type is always Local
314 * Do not strip everything after a space from the username.
316 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 19 Jul 1997 14:34:10 +0200
318 radiusd-cistron (1.5.3.pre4-3) experimental; urgency=low
320 * Add Timestamp record to radius accounting records
321 * Also strip NT domain from logfiles if NT_DOMAIN_HACK is defined
322 * Add -p flag to log stripped names into the "details" file.
324 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 4 Jul 1997 10:29:26 +0200
326 radiusd-cistron (1.5.3.pre4-2) experimental; urgency=low
328 * Added some manual pages.
329 * Fixed Prefix/Suffix support
330 * Commented out example config files
331 * Added debian package files.
333 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 27 Jun 1997 20:49:31 +0200
335 radiusd-cistron (1.5.3.pre4-1) experimental; urgency=low
337 * Upgraded dictionary to radius-2.01
338 * Added support for Crypt-Password
339 * Cleaned up code in radiusd.c
340 * Added Exec-Program-Wait
341 * Added Prefix/Suffix support
342 * Changed "hints" syntax to resemble "users" more closely
343 Added extra attribute "Hint" that can be set in the "hints" file
344 * Added $INCLUDE directive for users/hints/huntgroups file
345 * DBM "users" file doesn't work at the moment!!
347 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 20 Jun 1997 15:26:29 +0200
349 radiusd-cistron (1.5.3) cistron; urgency=low
351 * Exec-Program actually works now.
352 * Somehow no longer core dumps :)
354 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 5 May 1997 10:32:17 +0200
356 radiusd-cistron (1.5.2) cistron; urgency=high
358 * Fix radiusd.c to actually _check_ for a password when Auth-Type = System.
359 It just let anyone in :( (it did work with Password = "UNIX" though).
360 * Fix sample users file (Callback-No -> Callback-Number)
361 * Start of Exec-Program support (not finished).
362 * Better Simultaneous-Use checking
364 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 19 Feb 1997 12:26:56 +0100
366 radiusd-cistron (1.5.1) cistron; urgency=low
368 * Fixed radzap to allow both "Sport" and plain "port".
369 * acct.c now checks portmaster reboot records (already did that, but it
370 seems that a PM3 sends buggy records).
372 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 10 Feb 1997 16:33:38 +0100
374 radiusd-cistron (1.5) cistron; urgency=low
376 * ANSIfied code, changed comment style
377 * Renamed users.c to files.c. Now pre-reads all config files.
378 * DBM support works now
379 * Added new logging routines
380 * Changed utmp format, added better checks
381 * Moved utmp to /var/log
382 * Now supports both wtmp file and RADIUS style logging
383 * Added Simultaneous-Use support.
385 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 7 Feb 1997 17:56:11 +0100
387 radiusd-cistron (1.4) cistron; urgency=low
389 * Started using ChangeLog
390 * Ported to Solaris, FreeBSD in addition to Linux.
392 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 02 Oct 1996 12:27:39 +0200