[freeradius.git] / doc / ChangeLog

radiusd-cistron (1.6-alpha3) experimental; urgency=low

  * Changed directory structure. Each module is now in it's own directory.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Thu, 12 Aug 1999 19:12:47 +0200

radiusd-cistron (1.6-alpha2) experimental; urgency=low

  * 1.6-alpha2 "Total Eclipse" release ;)
  * Moved a lot of code around
  * Added module code from Alan DeKok
  * Moved more code around, made some stuff into huntgroups
  * You can now register a function that is called when a
    certain valuepair is compared with another
  * Operator support not completely merged (still todo)
  * Only tested with a few requests, but hey, it compiles ...
  * Might rename result constants in modules.h to AUTH_, AUTZ_, ACCT_
  * Rewrote builddbm.c - last remnant of Livingston code is now gone
  * Bugs from alpha1 not fixed yet either

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 11 Aug 1999 00:55:17 +0200

radiusd-cistron (1.6-alpha1) experimental; urgency=low

  * Fix off_t cast in lseek() in radzap.c
  * Fix getopt() args
  * Fix some proxy memory leaks - Jonathan Ruano <kobalt@james.encomix.es>
  * checkrad.pl update by Antonio Dias, rewritten Cyclades PathRAS subroutine
    and a new Patton 2800 NAS SNMP routine. Also some doc updates.
  * Fix huntgroup-compare to use operators
  * Added /etc/shells checking, turned off by default./RADIUSD/ANY/SHELL
    does the same as /SENDMAIL/ANY/SHELL for smrsh.
  * Added dictionary.acc - Stephane Marzloff
  * Changed the whole configuration over to autoconf
  * We now use IP numbers in network order internally
  * Added VersaNet support to checkrad.pl by Versanet Communications,
    mailed to me by "Yi-Feng Liann" <yifeng@versanetcomm.com>
  * Added Versanet dictionary
  * Moved valuepair stuff to valuepair.c
  * Rewrote config files and user files parsers to be more generic and
    use the same internal functions so that the quoting rules are
    all the same.
  * Moved all radius stuff to lib/, made more generic
  * proxy uses functions from libradius
  * long password support (generic functions in libradius)
  * FIXME: dict.c has problems parsing dictionary.usr, dictionary.tunnel !

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sun, 25 Jul 1999 15:36:39 +0200

radiusd-cistron (1.5.4.3-beta18) experimental; urgency=low

  * Fix the always stripping of realms
  * Add port number to radius.log
  * Add phone number to radius.log when logging failed logins
  * Add -i option (bind to IP address)
  * Change return value for 'other' in checkrad.pl to '1'
  * Add password-file caching patch from Jeff Carneal <jeff@apex.net>
  * Fix broken auth_type_fixup - Bryan Mawhinney <bryanm@is.co.za>

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 14 May 1999 16:08:56 +0200

radiusd-cistron (1.5.4.3-beta17) experimental; urgency=low

  * Added NULL realm based on an idea by
    Bastiaan Bakker <Bastiaan.Bakker@lifeline.nl>
  * Changes for proxying:
    - detect duplicate requests, resend it with the same ID and vector
      to the remote radius server
    - Change proxy-state A/V pair to a 4-byte string without embedded
      zeros in it, so as not to confuse broken radius servers.
  * Add casting to (off_t) to lseek offset arg in radzap
  * Add checking of pw->expire for FreeBSD
  * Add radutmp location caching: Bryan Mawhinney <bryanm@is.co.za>
  * Now handles multiple attributes in one Vendor-Specific attribute

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue, 27 Apr 1999 14:51:08 +0200

radiusd-cistron (1.5.4.3-beta16) experimental; urgency=low

  * Added SPECIALIX_JETSTREAM_HACK to work around a bug in
    Specialix Jetstream 8500 24 port firmware.
  * Added Alan DeKok's cistron-beta15-operator.patch as found on
    ftp://ftp.striker.ottawa.on.ca/pub/radius/
  * Added Login-Time check value, see doc/README
  * Rewrote checkrad.pl:
    - subroutines to read naspasswd and check Net::Telnet
    - add possibility to use SNMP_Session perl module instead of snmpget

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 26 Mar 1999 15:31:57 +0100

radiusd-cistron (1.5.4.3-beta15) experimental; urgency=low

  * Added a DEFAULT realm to /etc/raddb/realms (no idea if this is useful..)
  * Added LOCAL proxyserver (means none) to /etc/raddb/realms
  * Added "nostrip" option to /etc/raddb/realms
  * Changed "-p" option to "-S"; "-p <port>" now allows you to specify
    the port(s) radiusd listens on.
  * Fix auth.c:rad_check_password(). auth_item must be present.
  * Fixed radwho - secured popen(). This could be a BIG SECURITY HOLE
    when you run radwho as your finger daemon - esp. if it runs as root!!!

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Thu, 21 Jan 1999 17:58:06 +0100

radiusd-cistron (1.5.4.3-beta14) experimental; urgency=low

  * Fix buffer size in proxy.c from 0104 to 1024 :)
  * On lines with a Password = "bla" line without Auth-Type, add
    Auth-Type = Local implicitly while parsing the users file
  * Fix CHAP for both local authentication and proxying (I hope..)
  * Now Exec-Program-Wait tries to parse output of the program as
    A/V pairs. Those are added to the reply. Mostly based on the
    patch from "The light in the dark" <sijaiko@netplus.bg>

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat, 19 Dec 1998 17:45:15 +0100

radiusd-cistron (1.5.4.3-beta12) experimental; urgency=low

  * Don't store radutmp/radwtmp info for admin logins, or
    for leased lines going up/down
  * Integrated latest version of checkrad from www.mdi.ca
  * Instead of storing only the first part of acct-session-id in radutmp,
    store the last part since that is more specific.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat, 28 Nov 1998 17:07:31 +0100

radiusd-cistron (1.5.4.3-beta11) experimental; urgency=low

  * Fix crash in proxy_cleanup()
  * Some more SIGCHLD fixes.
  * Fix $(PAM) in Make.inc for files.c

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue, 17 Nov 1998 12:09:46 +0100

radiusd-cistron (1.5.4.3-beta10) experimental; urgency=low

  * Fixed some compilation warnings that showed up on certain platforms
  * Removed rogue USR debugging message
  * Hopefully fixed passwd problem with Ascend and proxy
  * Fixed problems with bogus trailing attributes when receiving
    vendor-specific attributes.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue, 10 Nov 1998 00:04:33 +0100

radiusd-cistron (1.5.4.3-beta9) experimental; urgency=low

  * The USR Vendor-Specific stuff should actually work now
  * USR dictionary included

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat,  7 Nov 1998 16:30:55 +0100

radiusd-cistron (1.5.4.3-beta8) experimental; urgency=low

  * Fix for Solaris 2.5.1 and signal() in SIGCHLD handler.
  * Fix "suppress trailing zero" code in attrprint.c
  * Fixed vendor-specific attributes which I broke in beta7
  * Fixed radwtmp code which I broke in beta6

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri,  6 Nov 1998 19:29:47 +0100

radiusd-cistron (1.5.4.3-beta7) experimental; urgency=low

  * Make sure that send_buffer and recv_buffer are properly aligned
    by declaring them as an array of ints. Needed for Solaris/Sparc.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue,  3 Nov 1998 16:22:00 +0100

radiusd-cistron (1.5.4.3-beta6) experimental; urgency=low

  * Hack in support for accounting "alive" packets.
  * Support for USR vendor specific attributes.
  * Moved ASCEND_PORT_HACK so that it doesn't change the port number
    internally for Authentication packets.
  * Removed some "no username" complaints as this can happen with
    initial Start record (usually an "Alive" packet update comes later)
  * Add $(PAM) to auth.o rule in Make.inc
  * Added Redhat stuff from Mauricio Andrade <mandrade@mma.com.br>

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue,  3 Nov 1998 15:55:40 +0100

radiusd-cistron (1.5.4.3-beta5) experimental; urgency=low

  * Add $(LIBS) to radzap link stage
  * In attrprint.c, suppress the printing of the trailing zero Ascend
    gear likes to send (noted by Kris Hunt <suid@chilli.net.au>)
  * In checkrad.pl:livingston_snmp() make snmpget output matching regexps
    more general to work with more versions of snmpget
  * Fix for usrhyper from "James R. Pooton" <james@digisys.net>

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat, 17 Oct 1998 17:42:48 +0200

radiusd-cistron (1.5.4.3-beta4) experimental; urgency=low

  * Add Pam-Auth attribute (Chris Dent)
  * Fixes in files.c by Alan DeKok for pair_move2() and empty reply pairs.
  * Fix in radiusd.c rad_spawn_child() by Alan DeKok to check for duplicate
    packets in a much better way (compare both ID and vector).
  * Put some functoins in their own file: auth.c, exec.c
  * First cut at proxy support in proxy.c
  * Use new VALUE_PAIR->length everywhere, at least for strvalues.
  * Added vendor-specific attributes, format as in Livingston Radius 2.1

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Thu,  8 Oct 1998 21:20:49 +0200

radiusd-cistron (1.5.4.3-beta3) experimental; urgency=low

  * Include new checkrad.pl from Shilo Costa. See also
    http://www.mdi.ca/sysadmin/cistron/
    Net::Telnet based code by Alexis C. Villalon.
  * Fix documentation bug checklogin -> checkrad
  * Now a failed Exec-Program-Wait will really deny access
  * Added patches from Don Greer <dgreer@austintx.com>, see
    http://www.austintx.com/~dgreer/cistron-ascend/
  * Fix sp_expire check for shadow passwd (thanks to Alan Madill)
  * Patches from Blaz Zupan <blaz@amis.net> for FreeBSD
  * Folded all four reply-functions into one
  * Hopefully now Prefix = "P", Group = "group" works properly
  * Fix uue()
  * Fix dbm support (Blaz)
  * Fix signal handler so that children do not kill accounting process.
  * Now reloads config files on-the-fly after SIGHUP
  * Added "-A" flag to write a "detail.auth" file.
  * Make messages in radius.log more consistent
  * Fix Denial-Of-Service problem - crashing radius with illegal packets

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat,  4 Jul 1998 15:06:55 +0200

radiusd-cistron (1.5.4.2) experimental; urgency=low

  * Turn off SIGCHLD handler and use waitpid() in rad_check_ts()
    On some OSes the wait() for the checkrad script failed.
  * Fix Auth-Type = Crypted-Local
  * Store porttype in radutmp (backwards compatible)
  * Fix shadow passwords.
  * Check expiration date for shadow passwords.
  * Add %s (Connect-Info) to string en/de coder

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Mon,  5 Jan 1998 14:22:28 +0100

radiusd-cistron (1.5.4.1) experimental; urgency=low

  * Fixed radwho.c
  * Fixed acct.c to calculate the right accounting response digest
  * In acct.c, check the accounting request digest.
  * Added PAM suppport

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat, 22 Nov 1997 16:43:18 +0100

radiusd-cistron (1.5.4) experimental; urgency=low

  * Now compiles with glibc too
  * Try to detect if TS only sends logout records and don't complain
  * Started implementing double login checks through external programs
    (see checkrad.pl script).
  * Delete most A/V pairs from reply if Callback-Id is seen
    (I'm not sure if this is actually OK, but we'll see...)
  * Fix rc.radiusd script and radwatch to use pid files instead of killall
  * Set timeout of 5 seconds on rad_getpwnam cache.
  * Heiko Schlittermann <heiko@lotte.sax.de> provided diffs for:
    - Added check for return code of the Exec-Program-Wait call and use
      this as additional criterium if access is permitted or denied.
    - Install cron.daily script too
    - Removed race condition concerning handling for SIGCHLD
    - Added feature: external program called via Exec-Program-Wait may
      return up to 127 characters via its STDOUT.  These characters
      are to form an user message if the request is rejected.
  * Add $INCLUDE directive for "dictionary" file.
  * Seperated "clients" file into "clients" and "naslist" files.
  * Allow spaces in usernames, using " " or `\ '
  * Fixed wild pointer in radzap()
  * Default for radwo-as-finger is to not show the fullname (privacy)
  * Implement reliable double-login detection!
  * Fix lockf (oops - I used it completely in the wrong way!)
  * Fix rad_check_muli to use read() correctly
  * Make stdout linebuffered if debug_flag (-x) is set.
  * Fix Group/Group-Name check for huntgroups file. Found thanks to
    Christian Oyarzun <oyarzun@marley.wilmington.net>.
  * Removed CISTRON_COMPAT code. If you really need it, you can turn it
    on by adding a Port-Message with % escape sequences in the users file.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Tue, 21 Oct 1997 16:01:47 +0200

radiusd-cistron (1.5.3.pre4-4) experimental; urgency=low

  * Fixed Prefix/Suffix stuff in hints file.
  * Extra consistency check for ComOS reboot records. Sometimes Ascends send
    bogus records that look a lot like them..
    Noted by Jens Glaser <jens@regio.net>
  * Add -p flag to getopt() call
  * Fix sample users file (User-Message -> Port-Message)
  * If Password = is set (and not "UNIX"), Auth-Type is always Local
  * Do not strip everything after a space from the username.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Sat, 19 Jul 1997 14:34:10 +0200

radiusd-cistron (1.5.3.pre4-3) experimental; urgency=low

  * Add Timestamp record to radius accounting records
  * Also strip NT domain from logfiles if NT_DOMAIN_HACK is defined
  * Add -p flag to log stripped names into the "details" file.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 4 Jul 1997 10:29:26 +0200

radiusd-cistron (1.5.3.pre4-2) experimental; urgency=low

  * Added some manual pages.
  * Fixed Prefix/Suffix support
  * Commented out example config files
  * Added debian package files.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 27 Jun 1997 20:49:31 +0200

radiusd-cistron (1.5.3.pre4-1) experimental; urgency=low

  * Upgraded dictionary to radius-2.01
  * Added support for Crypt-Password
  * Cleaned up code in radiusd.c
  * Added Exec-Program-Wait
  * Added Prefix/Suffix support
  * Changed "hints" syntax to resemble "users" more closely
    Added extra attribute "Hint" that can be set in the "hints" file
  * Added $INCLUDE directive for users/hints/huntgroups file
  * DBM "users" file doesn't work at the moment!!

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 20 Jun 1997 15:26:29 +0200

radiusd-cistron (1.5.3) cistron; urgency=low

  * Exec-Program actually works now.
  * Somehow no longer core dumps :)

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Mon, 5 May 1997 10:32:17 +0200

radiusd-cistron (1.5.2) cistron; urgency=high

  * Fix radiusd.c to actually _check_ for a password when Auth-Type = System.
    It just let anyone in :( (it did work with Password = "UNIX" though).
  * Fix sample users file (Callback-No -> Callback-Number)
  * Start of Exec-Program support (not finished).
  * Better Simultaneous-Use checking

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 19 Feb 1997 12:26:56 +0100

radiusd-cistron (1.5.1) cistron; urgency=low

  * Fixed radzap to allow both "Sport" and plain "port".
  * acct.c now checks portmaster reboot records (already did that, but it
    seems that a PM3 sends buggy records).

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Mon, 10 Feb 1997 16:33:38 +0100

radiusd-cistron (1.5) cistron; urgency=low

  * ANSIfied code, changed comment style
  * Renamed users.c to files.c. Now pre-reads all config files.
  * DBM support works now
  * Added new logging routines
  * Changed utmp format, added better checks
  * Moved utmp to /var/log
  * Now supports both wtmp file and RADIUS style logging
  * Added Simultaneous-Use support.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Fri, 7 Feb 1997 17:56:11 +0100

radiusd-cistron (1.4) cistron; urgency=low

  * Started using ChangeLog
  * Ported to Solaris, FreeBSD in addition to Linux.

 -- Miquel van Smoorenburg <miquels@cistron.nl>  Wed, 02 Oct 1996 12:27:39 +0200