1 radiusd-cistron (1.6-alpha3) experimental; urgency=low
3 * Changed directory structure. Each module is now in it's own directory.
5 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 12 Aug 1999 19:12:47 +0200
7 radiusd-cistron (1.6-alpha2) experimental; urgency=low
9 * 1.6-alpha2 "Total Eclipse" release ;)
10 * Moved a lot of code around
11 * Added module code from Alan DeKok
12 * Moved more code around, made some stuff into huntgroups
13 * You can now register a function that is called when a
14 certain valuepair is compared with another
15 * Operator support not completely merged (still todo)
16 * Only tested with a few requests, but hey, it compiles ...
17 * Might rename result constants in modules.h to AUTH_, AUTZ_, ACCT_
18 * Rewrote builddbm.c - last remnant of Livingston code is now gone
19 * Bugs from alpha1 not fixed yet either
21 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 11 Aug 1999 00:55:17 +0200
23 radiusd-cistron (1.6-alpha1) experimental; urgency=low
25 * Fix off_t cast in lseek() in radzap.c
27 * Fix some proxy memory leaks - Jonathan Ruano <kobalt@james.encomix.es>
28 * checkrad.pl update by Antonio Dias, rewritten Cyclades PathRAS subroutine
29 and a new Patton 2800 NAS SNMP routine. Also some doc updates.
30 * Fix huntgroup-compare to use operators
31 * Added /etc/shells checking, turned off by default./RADIUSD/ANY/SHELL
32 does the same as /SENDMAIL/ANY/SHELL for smrsh.
33 * Added dictionary.acc - Stephane Marzloff
34 * Changed the whole configuration over to autoconf
35 * We now use IP numbers in network order internally
36 * Added VersaNet support to checkrad.pl by Versanet Communications,
37 mailed to me by "Yi-Feng Liann" <yifeng@versanetcomm.com>
38 * Added Versanet dictionary
39 * Moved valuepair stuff to valuepair.c
40 * Rewrote config files and user files parsers to be more generic and
41 use the same internal functions so that the quoting rules are
43 * Moved all radius stuff to lib/, made more generic
44 * proxy uses functions from libradius
45 * long password support (generic functions in libradius)
46 * FIXME: dict.c has problems parsing dictionary.usr, dictionary.tunnel !
48 -- Miquel van Smoorenburg <miquels@cistron.nl> Sun, 25 Jul 1999 15:36:39 +0200
50 radiusd-cistron (1.5.4.3-beta18) experimental; urgency=low
52 * Fix the always stripping of realms
53 * Add port number to radius.log
54 * Add phone number to radius.log when logging failed logins
55 * Add -i option (bind to IP address)
56 * Change return value for 'other' in checkrad.pl to '1'
57 * Add password-file caching patch from Jeff Carneal <jeff@apex.net>
58 * Fix broken auth_type_fixup - Bryan Mawhinney <bryanm@is.co.za>
60 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 14 May 1999 16:08:56 +0200
62 radiusd-cistron (1.5.4.3-beta17) experimental; urgency=low
64 * Added NULL realm based on an idea by
65 Bastiaan Bakker <Bastiaan.Bakker@lifeline.nl>
66 * Changes for proxying:
67 - detect duplicate requests, resend it with the same ID and vector
68 to the remote radius server
69 - Change proxy-state A/V pair to a 4-byte string without embedded
70 zeros in it, so as not to confuse broken radius servers.
71 * Add casting to (off_t) to lseek offset arg in radzap
72 * Add checking of pw->expire for FreeBSD
73 * Add radutmp location caching: Bryan Mawhinney <bryanm@is.co.za>
74 * Now handles multiple attributes in one Vendor-Specific attribute
76 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 27 Apr 1999 14:51:08 +0200
78 radiusd-cistron (1.5.4.3-beta16) experimental; urgency=low
80 * Added SPECIALIX_JETSTREAM_HACK to work around a bug in
81 Specialix Jetstream 8500 24 port firmware.
82 * Added Alan DeKok's cistron-beta15-operator.patch as found on
83 ftp://ftp.striker.ottawa.on.ca/pub/radius/
84 * Added Login-Time check value, see doc/README
85 * Rewrote checkrad.pl:
86 - subroutines to read naspasswd and check Net::Telnet
87 - add possibility to use SNMP_Session perl module instead of snmpget
89 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 26 Mar 1999 15:31:57 +0100
91 radiusd-cistron (1.5.4.3-beta15) experimental; urgency=low
93 * Added a DEFAULT realm to /etc/raddb/realms (no idea if this is useful..)
94 * Added LOCAL proxyserver (means none) to /etc/raddb/realms
95 * Added "nostrip" option to /etc/raddb/realms
96 * Changed "-p" option to "-S"; "-p <port>" now allows you to specify
97 the port(s) radiusd listens on.
98 * Fix auth.c:rad_check_password(). auth_item must be present.
99 * Fixed radwho - secured popen(). This could be a BIG SECURITY HOLE
100 when you run radwho as your finger daemon - esp. if it runs as root!!!
102 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 21 Jan 1999 17:58:06 +0100
104 radiusd-cistron (1.5.4.3-beta14) experimental; urgency=low
106 * Fix buffer size in proxy.c from 0104 to 1024 :)
107 * On lines with a Password = "bla" line without Auth-Type, add
108 Auth-Type = Local implicitly while parsing the users file
109 * Fix CHAP for both local authentication and proxying (I hope..)
110 * Now Exec-Program-Wait tries to parse output of the program as
111 A/V pairs. Those are added to the reply. Mostly based on the
112 patch from "The light in the dark" <sijaiko@netplus.bg>
114 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 19 Dec 1998 17:45:15 +0100
116 radiusd-cistron (1.5.4.3-beta12) experimental; urgency=low
118 * Don't store radutmp/radwtmp info for admin logins, or
119 for leased lines going up/down
120 * Integrated latest version of checkrad from www.mdi.ca
121 * Instead of storing only the first part of acct-session-id in radutmp,
122 store the last part since that is more specific.
124 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 28 Nov 1998 17:07:31 +0100
126 radiusd-cistron (1.5.4.3-beta11) experimental; urgency=low
128 * Fix crash in proxy_cleanup()
129 * Some more SIGCHLD fixes.
130 * Fix $(PAM) in Make.inc for files.c
132 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 17 Nov 1998 12:09:46 +0100
134 radiusd-cistron (1.5.4.3-beta10) experimental; urgency=low
136 * Fixed some compilation warnings that showed up on certain platforms
137 * Removed rogue USR debugging message
138 * Hopefully fixed passwd problem with Ascend and proxy
139 * Fixed problems with bogus trailing attributes when receiving
140 vendor-specific attributes.
142 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 10 Nov 1998 00:04:33 +0100
144 radiusd-cistron (1.5.4.3-beta9) experimental; urgency=low
146 * The USR Vendor-Specific stuff should actually work now
147 * USR dictionary included
149 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 7 Nov 1998 16:30:55 +0100
151 radiusd-cistron (1.5.4.3-beta8) experimental; urgency=low
153 * Fix for Solaris 2.5.1 and signal() in SIGCHLD handler.
154 * Fix "suppress trailing zero" code in attrprint.c
155 * Fixed vendor-specific attributes which I broke in beta7
156 * Fixed radwtmp code which I broke in beta6
158 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 6 Nov 1998 19:29:47 +0100
160 radiusd-cistron (1.5.4.3-beta7) experimental; urgency=low
162 * Make sure that send_buffer and recv_buffer are properly aligned
163 by declaring them as an array of ints. Needed for Solaris/Sparc.
165 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 3 Nov 1998 16:22:00 +0100
167 radiusd-cistron (1.5.4.3-beta6) experimental; urgency=low
169 * Hack in support for accounting "alive" packets.
170 * Support for USR vendor specific attributes.
171 * Moved ASCEND_PORT_HACK so that it doesn't change the port number
172 internally for Authentication packets.
173 * Removed some "no username" complaints as this can happen with
174 initial Start record (usually an "Alive" packet update comes later)
175 * Add $(PAM) to auth.o rule in Make.inc
176 * Added Redhat stuff from Mauricio Andrade <mandrade@mma.com.br>
178 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 3 Nov 1998 15:55:40 +0100
180 radiusd-cistron (1.5.4.3-beta5) experimental; urgency=low
182 * Add $(LIBS) to radzap link stage
183 * In attrprint.c, suppress the printing of the trailing zero Ascend
184 gear likes to send (noted by Kris Hunt <suid@chilli.net.au>)
185 * In checkrad.pl:livingston_snmp() make snmpget output matching regexps
186 more general to work with more versions of snmpget
187 * Fix for usrhyper from "James R. Pooton" <james@digisys.net>
189 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 17 Oct 1998 17:42:48 +0200
191 radiusd-cistron (1.5.4.3-beta4) experimental; urgency=low
193 * Add Pam-Auth attribute (Chris Dent)
194 * Fixes in files.c by Alan DeKok for pair_move2() and empty reply pairs.
195 * Fix in radiusd.c rad_spawn_child() by Alan DeKok to check for duplicate
196 packets in a much better way (compare both ID and vector).
197 * Put some functoins in their own file: auth.c, exec.c
198 * First cut at proxy support in proxy.c
199 * Use new VALUE_PAIR->length everywhere, at least for strvalues.
200 * Added vendor-specific attributes, format as in Livingston Radius 2.1
202 -- Miquel van Smoorenburg <miquels@cistron.nl> Thu, 8 Oct 1998 21:20:49 +0200
204 radiusd-cistron (1.5.4.3-beta3) experimental; urgency=low
206 * Include new checkrad.pl from Shilo Costa. See also
207 http://www.mdi.ca/sysadmin/cistron/
208 Net::Telnet based code by Alexis C. Villalon.
209 * Fix documentation bug checklogin -> checkrad
210 * Now a failed Exec-Program-Wait will really deny access
211 * Added patches from Don Greer <dgreer@austintx.com>, see
212 http://www.austintx.com/~dgreer/cistron-ascend/
213 * Fix sp_expire check for shadow passwd (thanks to Alan Madill)
214 * Patches from Blaz Zupan <blaz@amis.net> for FreeBSD
215 * Folded all four reply-functions into one
216 * Hopefully now Prefix = "P", Group = "group" works properly
218 * Fix dbm support (Blaz)
219 * Fix signal handler so that children do not kill accounting process.
220 * Now reloads config files on-the-fly after SIGHUP
221 * Added "-A" flag to write a "detail.auth" file.
222 * Make messages in radius.log more consistent
223 * Fix Denial-Of-Service problem - crashing radius with illegal packets
225 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 4 Jul 1998 15:06:55 +0200
227 radiusd-cistron (1.5.4.2) experimental; urgency=low
229 * Turn off SIGCHLD handler and use waitpid() in rad_check_ts()
230 On some OSes the wait() for the checkrad script failed.
231 * Fix Auth-Type = Crypted-Local
232 * Store porttype in radutmp (backwards compatible)
233 * Fix shadow passwords.
234 * Check expiration date for shadow passwords.
235 * Add %s (Connect-Info) to string en/de coder
237 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 5 Jan 1998 14:22:28 +0100
239 radiusd-cistron (1.5.4.1) experimental; urgency=low
242 * Fixed acct.c to calculate the right accounting response digest
243 * In acct.c, check the accounting request digest.
246 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 22 Nov 1997 16:43:18 +0100
248 radiusd-cistron (1.5.4) experimental; urgency=low
250 * Now compiles with glibc too
251 * Try to detect if TS only sends logout records and don't complain
252 * Started implementing double login checks through external programs
253 (see checkrad.pl script).
254 * Delete most A/V pairs from reply if Callback-Id is seen
255 (I'm not sure if this is actually OK, but we'll see...)
256 * Fix rc.radiusd script and radwatch to use pid files instead of killall
257 * Set timeout of 5 seconds on rad_getpwnam cache.
258 * Heiko Schlittermann <heiko@lotte.sax.de> provided diffs for:
259 - Added check for return code of the Exec-Program-Wait call and use
260 this as additional criterium if access is permitted or denied.
261 - Install cron.daily script too
262 - Removed race condition concerning handling for SIGCHLD
263 - Added feature: external program called via Exec-Program-Wait may
264 return up to 127 characters via its STDOUT. These characters
265 are to form an user message if the request is rejected.
266 * Add $INCLUDE directive for "dictionary" file.
267 * Seperated "clients" file into "clients" and "naslist" files.
268 * Allow spaces in usernames, using " " or `\ '
269 * Fixed wild pointer in radzap()
270 * Default for radwo-as-finger is to not show the fullname (privacy)
271 * Implement reliable double-login detection!
272 * Fix lockf (oops - I used it completely in the wrong way!)
273 * Fix rad_check_muli to use read() correctly
274 * Make stdout linebuffered if debug_flag (-x) is set.
275 * Fix Group/Group-Name check for huntgroups file. Found thanks to
276 Christian Oyarzun <oyarzun@marley.wilmington.net>.
277 * Removed CISTRON_COMPAT code. If you really need it, you can turn it
278 on by adding a Port-Message with % escape sequences in the users file.
280 -- Miquel van Smoorenburg <miquels@cistron.nl> Tue, 21 Oct 1997 16:01:47 +0200
282 radiusd-cistron (1.5.3.pre4-4) experimental; urgency=low
284 * Fixed Prefix/Suffix stuff in hints file.
285 * Extra consistency check for ComOS reboot records. Sometimes Ascends send
286 bogus records that look a lot like them..
287 Noted by Jens Glaser <jens@regio.net>
288 * Add -p flag to getopt() call
289 * Fix sample users file (User-Message -> Port-Message)
290 * If Password = is set (and not "UNIX"), Auth-Type is always Local
291 * Do not strip everything after a space from the username.
293 -- Miquel van Smoorenburg <miquels@cistron.nl> Sat, 19 Jul 1997 14:34:10 +0200
295 radiusd-cistron (1.5.3.pre4-3) experimental; urgency=low
297 * Add Timestamp record to radius accounting records
298 * Also strip NT domain from logfiles if NT_DOMAIN_HACK is defined
299 * Add -p flag to log stripped names into the "details" file.
301 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 4 Jul 1997 10:29:26 +0200
303 radiusd-cistron (1.5.3.pre4-2) experimental; urgency=low
305 * Added some manual pages.
306 * Fixed Prefix/Suffix support
307 * Commented out example config files
308 * Added debian package files.
310 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 27 Jun 1997 20:49:31 +0200
312 radiusd-cistron (1.5.3.pre4-1) experimental; urgency=low
314 * Upgraded dictionary to radius-2.01
315 * Added support for Crypt-Password
316 * Cleaned up code in radiusd.c
317 * Added Exec-Program-Wait
318 * Added Prefix/Suffix support
319 * Changed "hints" syntax to resemble "users" more closely
320 Added extra attribute "Hint" that can be set in the "hints" file
321 * Added $INCLUDE directive for users/hints/huntgroups file
322 * DBM "users" file doesn't work at the moment!!
324 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 20 Jun 1997 15:26:29 +0200
326 radiusd-cistron (1.5.3) cistron; urgency=low
328 * Exec-Program actually works now.
329 * Somehow no longer core dumps :)
331 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 5 May 1997 10:32:17 +0200
333 radiusd-cistron (1.5.2) cistron; urgency=high
335 * Fix radiusd.c to actually _check_ for a password when Auth-Type = System.
336 It just let anyone in :( (it did work with Password = "UNIX" though).
337 * Fix sample users file (Callback-No -> Callback-Number)
338 * Start of Exec-Program support (not finished).
339 * Better Simultaneous-Use checking
341 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 19 Feb 1997 12:26:56 +0100
343 radiusd-cistron (1.5.1) cistron; urgency=low
345 * Fixed radzap to allow both "Sport" and plain "port".
346 * acct.c now checks portmaster reboot records (already did that, but it
347 seems that a PM3 sends buggy records).
349 -- Miquel van Smoorenburg <miquels@cistron.nl> Mon, 10 Feb 1997 16:33:38 +0100
351 radiusd-cistron (1.5) cistron; urgency=low
353 * ANSIfied code, changed comment style
354 * Renamed users.c to files.c. Now pre-reads all config files.
355 * DBM support works now
356 * Added new logging routines
357 * Changed utmp format, added better checks
358 * Moved utmp to /var/log
359 * Now supports both wtmp file and RADIUS style logging
360 * Added Simultaneous-Use support.
362 -- Miquel van Smoorenburg <miquels@cistron.nl> Fri, 7 Feb 1997 17:56:11 +0100
364 radiusd-cistron (1.4) cistron; urgency=low
366 * Started using ChangeLog
367 * Ported to Solaris, FreeBSD in addition to Linux.
369 -- Miquel van Smoorenburg <miquels@cistron.nl> Wed, 02 Oct 1996 12:27:39 +0200