root/trunk/wifidog/ChangeLog

Revision 1429, 39.6 KB (checked in by gbastien, 12 years ago)
  • Fix #625, does not display failure notice when quiet is set to true
  • Fix #587, change index and rindex to strchr and strrchr
  • Fix #548, trim leading spaces of the config file's options
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1# $Id$
22009-11-03
3    * Fix #625, does not display failure notice when quiet is set to true
4    * Fix #587, change index and rindex to strchr and strrchr
5    * Fix #548, trim leading spaces of the config file's options
6
72009-09-28 Benoit Grégoire  <benoitg@coeus.ca>
8        * Fix #471, patch by  wichert
9
102009-09-25 Geneviève Bastien <gbastien@versatic.net>
11        * Release 20090925
12        * Update contrib Makefiles
13
142009-09-17 Geneviève Bastien <gbastien@versatic.net>
15        * Documented #537
16        * Fixed #472, patch by Jean-Philippe Menil
17        * Fixed #515, using the gateway interface instead of the gateway id in the iptables chain
18
192009-07-02 Benoit Grégoire  <bock@step.polymtl.ca>
20        * Re-fix #505, #525 and fix #584, sorry about that.
21
222009-06-26 Benoit Grégoire  <bock@step.polymtl.ca>
23        * Fix #518
24
252009-02-27 Benoit Grégoire  <bock@step.polymtl.ca>
26        * Fix #488 and #493 (arp_get() in firewall.c couldn't parse lowercase mac's from /proc/net/arp) with patch from jch@pps.jussieu.fr.  Otherwise wifidog wouldn't work with recent openwrt and Ubuntu.
27        * Fix #525
28       
292008-09-30 Wichert Akkerman <wichert@wiggy.net>
30        * Add exitcode to iptables failure errors.
31        * Include the gw_id in auth server updates so the client does not have
32          to keep track of it in a session.
33        * Include the gateway id in the firewall table names. Fixes ticket #466
34        * URL encode the token before transmitting (it was already decoded).
35          Fixes ticket #473
36        * Clean up compiler warnings.
37        * Security: strncpy may not NUL-terminate strings, so enforce this
38          ourselves. Fixes ticket #464
39        * Make it possible to protect the status page. Fixes ticket #463.
40
412008-07-20 Alexandre Carmel-Veilleux <acv@miniguru.ca>
42        * src/util.c: Fixed #include bug that caused segfaults on newer Linux
43
442008-04-21 Alexandre Carmel-Veilleux <acv@miniguru.ca>
45        * Integrated patch #452 from Wichert Akkerman <wichert@wiggy.net>: Add const to function arguments in libhttpd to enforce more type checking and prevent certain class of problems.
46        * Compatiblity fix: Libhttpd assumes that type u_int is defined. Added an #ifndef/#include <sys/types.h> pair to httpd.h to make sure that assertion is true.
47        * Integrated patch #453 from Wichert Akkerman <wichert@wiggy.net>: Add configurable html to wifidog error messages. This has been a long-requested feature.
48
492008-04-13 Benoit Grégoire  <bock@step.polymtl.ca>
50        * contrib/build-openwrt-kamikazeipk/wifidog/Makefile:  Add iptables userspace dependencies
51        * Release 1.1.5
52       
532008-03-24 Benoit Grégoire  <bock@step.polymtl.ca>
54        * Integrate with OpenWRT kamikaze build system
55
562007-11-01 Benoit Grégoire  <bock@step.polymtl.ca>
57        * Apply portability patches by David Young <dyoung@pobox.com>.  These have been reviewed, but not tested.
58
592007-10-18 Benoit Grégoire  <bock@step.polymtl.ca>
60        * fw_iptables.c: From Philippe April:  reverted change made in 1241 so we properly remove the entry from mangle.WiFiDog_Incoming when kicking out users, it was affecting statistics
61        * Update doxygen.cfg.in for latest version and to fix path ambiguity during make dist.
62        * Release 1.1.4
63
642007-07-06 Benoit Grégoire  <bock@step.polymtl.ca>
65        * Makefile.am:  Slight change in make ipk tagrget.  It seems that sometimes builddir isn't defined.  srcdir works just as well in this case.
66       
672007-06-27 Benoit Grégoire  <bock@step.polymtl.ca>
68        * util.c:  Fix while loop initialisation bug
69        * conf.h:  Forgot to change the value of NUM_EXT_INTERFACE_DETECT_RETRY to actually make it wait forever.
70        * Remove hardcoded authserver paths.  Can now be defined in the config file (auth server section).
71        * Centralise browser redirect code to simplify code
72        * Add manual logout URL, based in part on work by David Bird
73        * Release 1.1.3 final
74       
752007-06-24 Benoit Grégoire  <bock@step.polymtl.ca>
76        * Close #321:  Make the Gateway retry forever if it cannot find it's interface.  You never know when someone may finally replug the network cable or something...
77        * Close #332:  Apply patch from Laurent Marchal. biguphpc<AT>gmail<DOT>com
78        * fw_iptables.c:  Fix error in iptables_fw_access().  Rules were created as ACCEPT instead of DROP
79        * firewall.c:  Fix bug in fw_sync_with_authserver().  The traffic for the validation period of a user who validated his account while connected wouldn't get counted.
80        * doc/wifidog_firewall_map.dia:  At long last, full documentation of the firewall.  We would have avoided a lot of stupid mistakes if we produced that sooner.
81        * Release 1.1.3_rc1
82
832007-05-24 Benoit Grégoire  <bock@step.polymtl.ca>
84        * wdctl_thread.c:  Fix #324, again.  Credit goes to Medea, I misunderstood his instructons.
85        * From David Bird <david@coova.com> libhttpd/: Fix #266 - don't process query string parameters and keep them in that request.path.
86
872007-05-18 Benoit Grégoire  <bock@step.polymtl.ca>
88        * wdctl_thread.c:  Fix #324
89       
902007-04-26 Benoit Grégoire  <bock@step.polymtl.ca>
91        * wifidog.conf:  Improve comments and add examples of blocking access to the upstream LAN.
92
932007-04-26 Benoit Grégoire  <bock@step.polymtl.ca>
94        * conf.h:  The DEFAULT_CHECKINTERVAL was 5 instead of 60 (as stated in the config file) which caused huge needless load on the auth servers, and needless ping traffic towards the clients if it wasn't manually set.
95
962007-04-09 Benoit Grégoire  <bock@step.polymtl.ca>
97        * Makefile.am:  Slight path fix when using building make ipk.  Tell me if you have trouble with this
98
992007-01-06 Benoit Grégoire  <bock@step.polymtl.ca>
100        * contrib/ Add contrib dir to collect the scripts and other code distributed with, but not really part of wifidog.
101        * Include the scripts used to build a ipkg on Openwrt RC6 and 0.9
102        * Modify the build system to finally be able to build wifidog directly from the wifidog directory using the same files
103                used to make the official .ipk, without having to copy ANYTHNG to the openwrt SDK.
104                At last, there is now a new target:  make ipk make ipk OPENWRTSDK=path_to_openwrt_sdk
105        * ipk/ Removed the obsolete OpenWRT RC4 scripts
106        * README.openwrt:  Update
107        * scripts/openwrt/ remove obsolete dir.
108        * contrib/dump_fw.sh:  Convenience script for firewall debugging.
109               
1102007-01-06 Benoit Grégoire  <bock@step.polymtl.ca>
111        * Documentation update in the code
112        * Released 1.1.3_beta6
113
1142006-10-26 Benoit Grégoire  <bock@step.polymtl.ca>
115        * src/conf.h: Fix #238 by using $sysconfdir to compute the default config-file location.
116       
1172006-10-08 Alexandre Carmel-Veilleux <acv@miniguru.ca>
118        * Changed my email in a few files.
119        * Broken down some printf's on multiple lines.
120        * Added comments.
121
1222006-09-14 Benoit Grégoire  <bock@step.polymtl.ca>
123        * src/util.c, src/conf.h: Fix autodectection of the External interface if not specified in the config file.  If the interface (typically pppoe) wasn't yet fully up when wifidog starts, wifidog would stop every connection from going trough.  It will now retry every second for up to two minutes, and then exit with a fatal error if it can't successfully detect it.
124
1252006-02-23 Philippe April <philippe@ilesansfil.org>
126        * src/fw_iptables.c:
127        * Changed order in the filter.FORWARD chain
128        * Added TCPMSS rule
129        * Fixed deleting the rules on shutdown
130        * Fixed wdctl reset problem
131        * Released 1.1.3_beta4
132
1332006-02-06 Benoit Grégoire  <bock@step.polymtl.ca>
134        * src/fw_iptables.c: Fix deleting the rules on shutdown.
135
1362006-01-31 Benoit Grégoire  <bock@step.polymtl.ca>
137        * Release 1.1.3_beta2
138       
1392006-01-31 Benoit Grégoire  <bock@step.polymtl.ca>
140        * src/fw_iptables.c:  Add the global ruleset to the nat table to fix #65.
141        Add the table parameter to iptables_load_ruleset() and iptables_compile
142        * libhttpd/protocol.c:  Fix pointer type mismatch
143    * src/conf.c,h:  Remove deprecated option AuthServMaxTries (which was already ignored anyway.       
144       
1452006-01-23 Benoit Grégoire  <bock@step.polymtl.ca>
146        * src/conf.h:  Fix the value of DEFAULT_AUTHSERVPATH and completely wrong code comment.  Not the default indicated in the config file and the define are in sync.
147
1482006-01-17 Mina Naguib <mina@ilesansfil.org>
149        * Ingisgnificant cleanup  of CVS artifacts after svn migration
150
1512005-11-24 Philippe April <philippe@ilesansfil.org>
152        * Bad idea
153
1542005-11-01 Max Horvath <max.horvath@maxspot.de>
155        * Added .project to .cvsignore
156
1572005-11-01 Philippe April <philippe@ilesansfil.org>
158        * Added OPTIONS section in wifidog-init (example: enable syslog)
159
1602005-10-09 Philippe April <philippe@ilesansfil.org>
161        * Changed html pages, added info to wdctl status
162
1632005-10-07 Philippe April <philippe@ilesansfil.org>
164        * Released 1.1.3_beta1
165
1662005-10-03 Philippe April <philippe@ilesansfil.org>
167        * libhttpd: Fixed two bugs parsing the GET query string making wifidog segfault
168
1692005-09-24 Mina Naguib <mina@ilesansfil.org>
170        * New wdctl command "restart" which will get wifidog to restart itself
171        while preserving the existing clientlist.  Perfect for 0-downtime
172        upgrading!
173        * safe.c: New safe_fork that croaks if the fork fails, also takes care of
174        closing some global file descriptors for the child
175        * debug.c: Now also logs the PID as part of every entry
176        * gateway.c: Handler for SIGCHLD now waitpid()s with WNOHANG flag to prevent deadlock
177        when the handler is called and another wait() or waitpid() is used
178        * util.c: execute() now uses waitpid() instead of wait() to reap only the child
179        it fork/executed
180        * Extra debugging entries throughout code
181
1822005-09-24 Mina Naguib <mina@ilesansfil.org>
183        * conf.c: Pre-emptive bugfix - harsh lockdown of parsing trusted MAC
184        addresses from config file
185
1862005-09-24 Philippe April <philippe@ilesansfil.org>
187        * (finally) Added {Saul Albert,Jo Walsh,Schuyler}'s patch (thank you!) to send
188        the GW interface's mac address as the node_id if no node_id is specified. It allows
189        the use of generic configuration files without the need to hardcode the
190        node_id in.
191        * Added TrustedMACList configuration variable which allows specifying
192        MAC addresses which are allowed to go through without authentication.
193        * Updated OpenWrt instructions.
194
1952005-09-08 Philippe April <philippe@ilesansfil.org>
196        * Added compile instructions and installation for OpenWrt Whiterussian-rc2
197        * Released 1.1.2
198
1992005-05-30 Mina Naguib <mina@ilesansfil.org>
200        * New wdctl command "restart" which will get wifidog to restart itself while preserving the existing clientlist.  Perfect for 0-downtime upgrading!
201        * safe.c: New safe_fork that croaks if the fork fails, also takes care of closing some global file descriptors for the child
202        * debug.c: Now also logs the PID as part of every entry
203        * gateway.c: Handler for SIGCHLD now waitpid()s with WNOHANG flag to prevent deadlock when the handler is called and another wait() or waitpid() is used
204        * util.c: execute() now uses waitpid() instead of wait() to reap only the child it fork/executed
205        * Extra debugging entries throughout code
206       
2072005-05-24 Mina Naguib <mina@ilesansfil.org>
208        * wdctl.c: Minor bugfix pointed out by David Vincelli: When an invalid
209        command is given to wdctl, the error message showed "Invalid command:
210        wdctl" instead of the actual command supplied
211
2122005-05-23 Philippe April <philippe@ilesansfil.org>
213        * Released 1.1.2_pre1
214
2152005-05-23 Mina Naguib <mina@ilesansfil.org>
216        * fw_uptables.c: When appending call to chain WiFiDog_Outgoing from
217        nat.prerouting, add it via -A (at end) instead of -I 1 (at beginning) to
218        allow for existing nat forwarding.
219
2202005-05-16 Mina Naguib <mina@ilesansfil.org>
221        * centralserver.c: read()s from central server in auth_server_request() are
222        now timed-out (via select).  This is hopefully a bugfix to the
223        thread-freezing problem.
224
2252005-05-06 Mina Naguib <mina@ilesansfil.org>
226        * Bugfix non-RFC compliant HTTP requests using \n instead of \r\n as line
227        terminations as per email from ludocornut@users.sourceforge.net
228
2292005-04-28 Philippe April <philippe@ilesansfil.org>
230        * Released 1.1.2_beta2
231
2322005-04-28 Mina Naguib <mina@ilesansfil.org>
233        * wifidog.conf: Make the default ruleset for validating users = allow all
234        (except sending SMTP)
235
2362005-04-20 Philippe April <philippe@ilesansfil.org>
237        * fw_iptables.c: Insert ourselves at the end of filter.FORWARD instead of
238        at the beginning since important FW instructions are located there on the
239        WRT54Gs when used with some DSL providers and we never execute them
240        otherwise.
241        * Released 1.1.2_beta1
242
2432005-04-03 Philippe April <philippe@ilesansfil.org>
244        * Fixed issue with FAQ
245        * ipkg/rules: If autogen.sh doesn't exist, it's ok. 'configure' will.
246
2472005-04-01 Philippe April <philippe@ilesansfil.org>
248        * Duplicated auth server list in NAT table to fix the issue
249        of using an auth server on port 80, since port 80 was being systematically
250        redirected to 2060 otherwise.
251        * Released 1.1.1
252
2532005-03-29 Mina Naguib <mina@ilesansfil.org>
254        * Added FAQ document copied from wiki
255
2562005-03-22 Philippe April <philippe@ilesansfil.org>
257        * Released 1.1.0
258
2592005-03-20 Mina Naguib <mina@ilesansfil.org>
260        * More verbose debugging output
261
2622005-03-12 Mina Naguib <mina@ilesansfil.org>
263        * More debugging output
264        * Document ugly hack involving tid_fw_thread
265        * SIGPIPE now ignored (as it's comment said) instead of being sent to the
266        handler for SIGCHLD
267        * Bugfix firewall destruction not happening from termination handler - had
268        to move explicit thread kills after, not before, firewall destruction
269
2702005-03-11 Mina Naguib <mina@ilesansfil.org>
271        * If external interface was unspecified in the conf file, try to determine
272        it from the default route
273        * If external interface is known, specify it in the trigger rule in
274        nat.PREROUTING to prevent the rule from matching traffic inbound to the
275        router itself.  This should fix the issue raised by Philippe and Pascal on
276        the mailing list
277        * Bugfix: UNDO ABOVE 2 ITEMS. Aparently you cannot use the "-o" iptables
278        option in nat.PREROUTING which makes knowing external_interface useless
279        * Added new chain in nat.PREROUTING that explicitly allows all traffic to
280        the router's internal IP from the internal interface, effectively
281        addressing the same above problem
282
2832005-03-07 Mina Naguib <mina@ilesansfil.org>
284        * auth.c: Got rid of legacy _http_output and _http_redirect - replaced them
285        with libhttpd functions and http_wifidog_header/http_wifidog_footer
286        * auth.c: When re-directing to auth server now respects SSL setting instead
287        of always http+port 80
288        * auth.c: Better debugging output of what it's doing when it acts on auth
289        server response
290        * A little bit more care with buffers and their sizes
291        * Minor whitespace tweaking and a couple of internal doc typo fixes
292
2932005-03-06 Mina Naguib <mina@ilesansfil.org>
294        * Check return values of pthread_create
295        * Internal documentation touch-ups
296        * auth.c: Bugfix invalid http header sent by _http_output
297        * Bugfix traffic counter read from iptables as long int instead of long
298        long int
299        * Minor insignificant code touch-ups:
300                * Replace pthread_mutex_lock/unlock calls with appropriate
301                LOCK_FOO/UNLOCK_FOO macros for consistency
302                * Lock first before using some variables, not after
303                * Indentation adjustments
304
3052005-03-04 Mina Naguib <mina@ilesansfil.org>
306        * Bugfix huge uptime pointed out to be by Philippe - was caused when the
307        date is set (with ntpclient for example) after wifidog starts
308        * Beautified "Uh oh!" apology screens and redirection screen
309
3102005-03-02 Alexandre Carmel-Veilleux <acv@acv.ca>
311        * Ifdef'd out the bits that are Linux specific if __linux__ is not
312          defined.
313
3142005-03-01 Mina Naguib <mina@ilesansfil.org>
315        * Minor visual tweaks to the web interface
316
3172005-03-01 Philippe April <philippe@ilesansfil.org>
318        * Tagged v1_1_0_beta3
319
3202005-02-28 Mina Naguib <mina@ilesansfil.org>
321        * Do not update the last_updated field on incoming traffic - update it on
322        outgoing traffic only.  This should be a much more reliable indication of
323        client no longer being there
324        * WifiDog status is now viewable with a web browser at
325        http://ip:port/wifidog/status
326        * Added new web hook for http://ip:port/wifidog
327        * Beautified web interface at http://ip:port/wifidog/*
328
3292005-02-24 Mina Naguib <mina@ilesansfil.org>
330        * auth_server_request now returns AUTH_ERROR on error instead of AUTH_VALIDATION_FAILED
331        * centralserver.c: Fix typo (was =+, made it +=) that made the response
332        from the auth server corrupted in memory if the entire response would not
333        fit in 1 packet and retrieved with 1 read() call
334        * Better logging of details and calling of mark_* (auth+online/offline)
335
3362005-02-22 Philippe April <philippe@ilesansfil.org>
337        * Tagged v1_1_0_beta2
338
3392005-02-20 Mina Naguib <mina@ilesansfil.org>
340        * New safe.c with safe_malloc, safe_strdup, safe_asprintf and
341        safe_vasprintf with propper logging and exit when error. Replaced all
342        instances of original with safe versions in all files
343        * Fix memory leak in iptables_fw_counters_update
344        * Partial merge from CaptiveDNS branch: Consolidated much of the networking
345        calls to the auth servers into a magical function called connect_auth_server()
346        that's responsible for dns lookup, connecting, marking servers bad, marking
347        online/auth_online, and refreshing the firewall rules.
348        * Partial merge from CaptiveDNS branch: Added new functions mark_auth_online(),
349        mark_auth_offline() and is_auth_online() - similar in nature to is_online()
350        etc. except tailored to decide on auth servers status - currently being called by
351        connect_auth_server()
352        * Partial merge from CaptiveDNS branch: Different apology in 404 handler
353        depending on whether internet is down or just auth server is down
354        * Partial merge from CaptiveDNS branch: wdctl status now shows status of
355        is_online and is_auth_online
356        * Fixed several inconsistencies regarding the parity and size of
357        incoming/outgoing counters.  Standardized on "unsigned long long int" in
358        declarations and *printf/*scanf formats
359
3602005-02-16 Philippe April <philippe@ilesansfil.org>
361        * ipkg/rules - When we clean, forgot to delete ipkg-build-stamp
362
3632005-02-15 Mina Naguib <mina@ilesansfil.org>
364        * Now also reports wifidog_uptime when it pings the server, as well as
365        shows it in wdctl status
366
3672005-02-13 Mina Naguib <mina@ilesansfil.org>
368        * Completely re-did the iptables rules.  Most of the rules are now in the
369        filter table instead of the nat table.  Also DROPs are now replaced with
370        REJECTs to help tell the user connection refused instead of endless pauses
371        * Bugfix: Traffic from client to router was counted twice in the "outgoing"
372        bytecount since it increased both counters in mangle.* and filter.* - Got
373        rid of TABLE_WIFIDOG_WIFI_TO_GW completely since it's unneeded
374
3752005-02-12 Mina Naguib <mina@ilesansfil.org>
376        * Stricter format rules for all *scan* functions hunting for IPs and MAC addresses
377        * fw_iptables.c: Make sure scanned IP address is a valid IP address
378        * firewall.c: Fix memory leak in arp_get
379        * libhttpd/protocol.c: Abort connection if read non-ascii from client. This
380        is often a telltale sign of a program such as skype using port 80 for
381        non-http requests - this therefore ends the thread as early as possible
382        instead of having it lay around for a while trying to get a valid http
383        request and taking up resources
384        * ping_thread.c: When pinging auth server now also sends sys_uptime, sys_memfree
385        and sys_load
386        * -v commandline option now shows wifidog version
387
3882005-02-11 Philippe April <philippe@ilesansfil.org>
389        * Tagged v1_1_0_beta1
390
3912005-02-11 Philippe April <philippe@ilesansfil.org>
392        * Fixed a bug in counting the traffic between client and gateway
393        * Alpha8
394
3952005-02-04 Mina Naguib <mina@ilesansfil.org>
396        * Partially bugfix apology when offline
397        * ipkg/rules: More tweaking to make it build nicely with recent openwrt
398        buildroots
399
4002005-02-03 Mina Naguib <mina@ilesansfil.org>
401        * Keep track of last times we successfully & unsuccessfully spoke to the
402        auth server/used DNS. Then, if we know we're not online, show a little
403        apology to the user instead of re-directing them to the auth server.
404        * ipkg/rules: Added some extra version detection to auto-detect versions
405        of kernel, iptables and ipkg-utils instead of having them hardcoded.  This
406        makes creating ipkg's work with different OpenWRT releases
407        * fw_iptables.c: Fixed memory leak caused by not freeing return from
408        iptables_compile in iptables_load_ruleset
409        * http.c: Deleted unused call to client_list_find
410        * http.c: /about URL now shows wifidog version
411        * Cosmetic typo fixes
412
4132005-02-03 Philippe April <isf_lists@philippeapril.com>
414        * Ping the users everytime we check their counters, that way we keep them
415        alive
416        * Optional ExternalInterface
417        * Optional GatewayAddress (we discover it. finally.)
418        * We check for the traffic from the clients to the firewall, to catch the
419        traffic the icmp ping is generating
420        * Fixed bug where we were doing the opposite of what desired when checking if authentication server was alive
421        * Bumped to alpha7
422
4232005-01-23 Philippe April <isf_lists@philippeapril.com>
424        * wdctl status will return the auth servers in the linked list
425        * We'll now forward to the auth server to display the used-to-be-ugly
426        messages like "go ahead and validate your account you have 15 minutes"
427        * Bumped to alpha6
428
4292005-01-06 Philippe April <philippe@philippeapril.com>
430        * fw_iptables.c: Changed REJECT to DROP for the end of the table Unknown,
431          REJECT doesn't seem to be available in the NAT table.
432        * fw_iptables.c: Indented things
433        * fw_iptables.c Fix: Created the authservers table at the beginning and destroy
434          at exit time only to avoid recreating it everytime
435        * Bumped to alpha5
436
4372005-01-05 Philippe April <philippe@philippeapril.com>
438        * Typo, fixed some spaces (mostly esthetic)
439        * Bumped to alpha4
440
4412004-12-19 Alexandre Carmel-Veilleux <acv@acv.ca>
442        * src/fw_iptables.c: Tweak of auth_server firewall rule setting
443          code. (and promptly undone, fixing the cause is better then
444          fixing the symptom)
445        * src/conf.c: NULL-fill auth_server struct so that
446          auth_server->last_ip always equals NULL when first filled.
447
4482004-12-16 Benoit Grégoire  <bock@step.polymtl.ca>
449        * src/fw_iptables.c: Display iptables command that is run in debug mode.
450       
4512004-12-07 Benoit Grégoire  <bock@step.polymtl.ca>
452        * src/firewall.c: Fix reversed incoming and outgoing connections in statistics code
453        * bump version to alpha3
454
4552004-11-29 Alexandre Carmel-Veilleux <acv@acv.ca>
456        * wifidog.conf: Fixed firewall rule bug.
457        * src/fw_iptables.c: Unknown user default block rule not "REJECT"
458          instead of "DROP"
459
4602004-11-23 Alexandre Carmel-Veilleux <acv@acv.ca>
461        * src/conf.c: Fixed a NULL pointer dereference in get_ruleset().
462
4632004-11-22 Alexandre Carmel-Veilleux <acv@acv.ca>
464        * libhttpd/api.c: Fix leak in HttpdEndRequest().
465        * src/ping_thread.c: Fix auth_server IP change code with latest
466          from previous branch.
467        * src/conf.h: Same as above.
468        * src/fw_iptables.c: Same as above.
469        * src/conf.[ch]: Firewall rule set parsing code.
470        * wifidog.conf: Default firewall rule set defined.
471        * src/fw_iptables.[ch]: Firewall rule set enacting code.
472        * configure.in: bumped version to 1.1.0-alpha2
473
4742004-11-18 Benoit Grégoire  <bock@step.polymtl.ca>
475        * src/ping_thread.c: Merge phil's bug fixes from stable branch
476        * ipkg/rules:  Merge phil's bug fixes from stable branch
477        * configure.in:  Set version to 1.1.0alpha
478       
4792004-11-18 Alexandre Carmel-Veilleux <acv@acv.ca>
480        * src/fw_iptables.[ch]: Merged in Phil's patch.
481        * src/*: Added ping_thread hooks to reset authserver table in the
482          firewall if it notices the auth_servers changing IPs.
483
4842004-11-17 Alexandre Carmel-Veilleux <acv@acv.ca>
485        * libhttpd/*: libhttpd has been taken behind the shed and shot in
486          the back of the head. The replacement separates the request struct
487          from the server struct. It's thread safe if none of OUR threads
488          write to server.
489        * src/*: All the changes to handle the new libhttpd and also to
490          move over to a worker thread system. http_callback_auth() no
491          longer spawns a thread either.
492        * *: this update preceded by a cvs tag PRE_NEW_LIBHTTPD.
493        * *: You want to check the mailing list archive also.
494
4952004-11-10 Alexandre Carmel-Veilleux <acv@acv.ca>
496        * libhttpd/protocol.c: select() based timeout.
497
4982004-10-31 Alexandre Carmel-Veilleux <acv@acv.ca>
499        * configure.in: bumped version number to "1.0.2-pre1" since we
500          already have ile sans fil hot spots advertising "1.0.1".
501
5022004-10-30 Alexandre Carmel-Veilleux <acv@acv.ca>
503        * src/ping_thread.c: asynch read(). fixed bug in byte counting.
504
5052004-10-29 Philippe April <philippe@philippeapril.com>
506        * ipkg/rules: added conffiles so it does not overwrite config files
507
5082004-10-29 Alexandre Carmel-Veilleux <acv@acv.ca>
509        * src/ping_thread.c: Much new debugging information
510        * multiple files: Logging for all mutexes
511
5122004-10-28 Philippe April <philippe@philippeapril.com>
513        * ipkg/rules: building ipkg-tools before packaging
514
5152004-10-28 Alexandre Carmel-Veilleux <acv@acv.ca>
516        * multiple files: Implemented a FirewallRule config command, it
517          doesn't actually do anything yet.
518        * libhttpd: #if 0'd out lots of request parsing code.
519        * libhttpd: changed URL parsing.
520
5212004-10-27 Philippe April <philippe@philippeapril.com>
522        * ipkg/rules: removed --build=mipsel from ./configure
523
5242004-10-26 Philippe April <philippe@philippeapril.com>
525        * ipkg/rules: sed -i is not standard, did a workaround.
526        * ipkg/rules: openwrt's buildroot has changed, modified ipkg
527        accordingly, please read README.openwrt
528
5292004-10-22 Alexandre Carmel-Veilleux <acv@acv.ca>
530        * src/various: Added wd_gethostbyname, a thread-safe (serialized)
531          version of gethostbyname.
532
5332004-10-15 Alexandre Carmel-Veilleux <acv@acv.ca>
534        * src/auth.c: Fixed hard coded port.
535
5362004-10-09 Alexandre Carmel-Veilleux <acv@acv.ca>
537        * src/gateway.c: More logging on termination_handler.
538
5392004-10-08 Alexandre Carmel-Veilleux <acv@acv.ca>
540        * src/wdctl_thread.c: Fix wdctl_status to return all connected
541        users.
542
5432004-10-07 Alexandre Carmel-Veilleux <acv@acv.ca>
544        * src/conf.c: Fixed mark_auth_server_bad() for the case where there
545        is only one auth server.
546        * src/ping_thread.c: Added extra debugging.
547        * src/ping_thread.c: Fixed file descriptor leak.
548        * src/centralserver.c: Fixed many file descriptor leaks.
549        * src/centralserver.c: Failure of read() no longer fatal.
550        * src/centralserver.c: In case of failure, return from
551        auth_server_request() is no longer an undefined authresponse.
552        * src/util.c: Fixed typo in logging.
553        * src/wdctl_thread.c: Added logging when socket path is too long.
554        * src/debug.c: Debug now logs the time of an event.
555
5562004-08-30 Alexandre Carmel-Veilleux <acv@acv.ca>
557        * wifidog.conf: Corrected an example
558        * README.openwrt: Typo fixed, editorial changes
559        * ChangeLog: Benoit's last update entry was set in the future ;-).
560        * All over src/: Compiled with -Wall and fixed all nagging.
561
5622004-08-30 Benoit Grégoire  <bock@step.polymtl.ca>
563        * Makefile.am: Add rpm target
564        * wifidog.spec.in:  Rework spec file.  Now works and include the init script
565        * ipkg/rules:  Deal with the incomplete init.d system of the OpenWrt.   Install scripts/init.d/wifidog as /usr/bin/wifidog-init, and call wifidog-init start from S65wifidog.
566        * scripts/openwrt/S65wifidog: Add file
567        * scripts/init.d/wifidog:  Fix performance and protability problem.  Make it chkconfig compliant.  Test that chkconfig --add wifidog works (at least on mandrake)
568        * src/wdctl.c:  Change some message, make sure wdctl return 0 unless there is an error.
569       
5702004-08-30 Benoit Grégoire  <bock@step.polymtl.ca>
571        * README.openwrt:  Documentation update
572        * Makefile.am:  Make a ipkg target to ease WRT54G installation
573        * ipkg/rules:  Add wdctl and the init.d script.
574        * Add BUILDROOT variable to the build system so we can use it when needed
575        * src/ping_thread.c:  Have the server ping immediately on boot.  Note that this will only help if the second server responds.  The logic of the ping itself should be changed so it iterates in the list until it finds one that responds or exausts the list
576        * wifidog.conf:  Add more doc, and (most) of ISF's default config in comments.
577        * Bump version in anticipation for release
578
5792004-08-29 Guillaume Beaudoin <isf@soli.ca>
580        * wifidog.spec.in: Changed prefix to match scripts/init.d/wifidog.
581        * debian/rules: Configuration and init.d file added.
582        * debian/control: Description and Depends field changed.
583        * Makefile.am: Added scripts directory and ipkg/rules file.
584
5852004-08-29 Pascal Leclerc <pascal@plec.ca>
586        * scripts/init.d/wifidog: Startup/shutdown script for Wifidog deamon
587
5882004-08-29 Guillaume Beaudoin <isf@soli.ca>
589        * wifidog.spec.in: Must be in decending chronological order.
590
5912004-08-29 Guillaume Beaudoin <isf@soli.ca>
592        * wifidog.spec.in: Remove some leftover from libOFX.
593        * Makefile.am: Include debian/* files.
594        * We should now be able to package .deb and .rpm from dist.
595
5962004-08-27 Benoit Grégoire  <bock@step.polymtl.ca>
597        * README.openwrt,src/conf.c,h:  Documentation update
598        * src/gateway.c, src/ping_thread.c, src/wdctl.c, src/wdctl_thread.c:  Fix linking problems related to errno.h and extern int errno
599       
6002004-08-26 Pascal Leclerc <pascal@plec.ca>
601        * Makefile.am: Remove phpauth from EXTRA_DIST
602
6032004-08-25 Alexandre Carmel-Veilleux <acv@acv.ca>
604        * src/auth.c: Path as changed in 1.26 was preceded by a /, the path already contains a / so it would yield http://host//path/
605
6062004-08-25 Benoit Grégoire  <bock@step.polymtl.ca>
607        * src/auth.c:  Remove hardcoded path.
608       
6092004-08-23 Benoit Grégoire  <bock@step.polymtl.ca>
610        * src/ping_thread.c:  Send the gateway id to the central server during ping, so the server know which gateway checked in, and then knows for sure that it is up (well, once the server implements it...).
611       
6122004-08-23 Benoit Grégoire  <bock@step.polymtl.ca>
613        * src/centralserver.c:  Fix path for auth by appending /auth/ to auth_server->authserv_path.  Wifidog works again.
614       
6152004-08-20 Alexandre Carmel-Veilleux <acv@acv.ca>
616        * Debug output of all HTTP transactions and their responses.
617        * Changed ipkg to use wifidog.conf from the base tree
618        * Send url to central server for link back out
619
6202004-08-19 Alexandre Carmel-Veilleux <acv@acv.ca>
621        * Sort of fixed the hanging thread (with an explicit thread kill)
622        * Fixed ping code
623
6242004-08-13 Alexandre Carmel-Veilleux <acv@acv.ca>
625        * All Auth Server configuration now handled by the "AuthServer"
626        directive.
627        * The "AuthServer" directive is now multi line.
628
6292004-08-11 Alexandre Carmel-Veilleux <acv@acv.ca>
630        * Added code to do heartbeat.
631        * Changed AuthServer yet again.
632
6332004-08-09 Alexandre Carmel-Veilleux <acv@acv.ca>
634        * WiFiDog now can read multiple auth servers in its config file.
635        * Added functions to handle the auth servers list.
636        * WiFiDog can failover between servers for its internal requests.
637        * Firewall sets rules for all auth servers.
638
6392004-08-06 Alexandre Carmel-Veilleux <acv@acv.ca>
640        * AuthservPath no longer mandatory in config file.
641
6422004-08-04 Philippe April <wifidog@philippeapril.com>
643    * Renamed iptables.[ch] to fw_iptables.[ch]
644
6452004-08-03 Alexandre Carmel-Veilleux <acv@acv.ca>
646        * Fixed broken sockaddr_un usage in wdctl.c and wdctl_thread.c
647
6482004-08-01 Benoit Grégoire  <bock@step.polymtl.ca>
649        * Delete everything in phpauth, it will now live in it's own module (wifidog-auth)
650
6512004-08-01 Alexandre Carmel-Veilleux <acv@acv.ca>
652        * Added wdctl facility
653
6542004-07-21 Philippe April <wifidog@philippeapril.com>
655    * Cleaned up the ipkg makefile
656    * Added makefile to build on Debian
657
6582004-07-19 Alexandre Carmel-Veilleux <acv@acv.ca>
659        * Build script for OpenWRT ipkg
660
6612004-07-06 Alexandre Carmel-Veilleux <acv@acv.ca>
662        * Added cache control to default error message returned.
663
6642004-07-05 Philippe April <papril777@yahoo.com>
665    * Fixed an endless loop in client_list_delete
666
6672004-06-10 Alexandre Carmel-Veilleux <acv@acv.ca>
668        * Added debugging to libhttpd so that httpdGetConnection() traces
669          its execution into ./httpdGetConnection.log. This should be removed
670          once it's no longer needed or put within #ifdef DEBUG's.
671
6722004-06-01 Philippe April <papril777@yahoo.com>
673    * Sending User-Agent header to central server
674
6752004-05-28 Philippe April <papril777@yahoo.com>
676    * Fixed bugs implemented after major changes
677
6782004-05-27 Benoit Grégoire  <bock@step.polymtl.ca>
679        * Massive Doxygen update in all files.  IMPORTANT: The new convention is:  @brief in the .h, long description and parameters in the .c
680        * Cleaned up some more issues in my notes taken at the formal review
681        * client_list.c,h:  Make client_list_free_node() private, define and document client_list_mutex here
682        * config.c:  Start the hunt for evil globals:  Get rid of the config global
683        * doc/doxygen.cfg.in:  Enable generation of internal doc, a few other tweaks
684        * Documentation now generates a TODO list and DEPRECATED list, please look at them
685
6862004-05-27  Alexandre Carmel-Veilleux <acv@acv.ca>
687        * Cleaned up all the issues brought forward in the code review
688          on 2004-05-26 at Benoit's. There are to many changes to list
689          individually.
690
6912004-05-15  Philippe April <papril777@yahoo.com>
692    * Commented out cookie handling in libhttpd because it segfaults if
693    you pass a particular formatting/buggy one
694
6952004-05-14  Philippe April <papril777@yahoo.com>
696    * Fixed crash when receiving SIGPIPE signal with write() would fail
697
6982004-05-13  Philippe April <papril777@yahoo.com>
699    * Advertise to the central server when we logged out a user
700
7012004-05-12  Philippe April <papril777@yahoo.com>
702    * Sending a "stage" when doing authentication for the server
703    to be able to know if it's a login, or just a counters update.
704
7052004-05-11  Philippe April <papril777@yahoo.com>
706    * Now tracking the hotspot id and ip in database
707
7082004-05-07  Philippe April <wifidog@philippeapril.com>
709    * Now we store both incoming and outgoing counters on server
710    and expire if no activity at all on both
711    * Changed the structure of nodes a little
712
7132004-05-07  Philippe April <wifidog@philippeapril.com>
714    * New parameter ExternalInterface
715    * Made possible to count inbound traffic by inserting new rules
716
7172004-05-07  Philippe April <wifidog@philippeapril.com>
718    * Cleaned up common.h from files
719
7202004-05-07  Philippe April <wifidog@philippeapril.com>
721    * Made iptables' tables DEFINEs instead of being hardcoded
722
7232004-05-07  Philippe April <wifidog@philippeapril.com>
724    * Fixed typo
725
7262004-05-06  Philippe April <papril777@yahoo.com>
727    * Cleanups and standardized things
728
7292004-05-06  Philippe April <papril777@yahoo.com>
730    * Cleanups in fw_counter function
731
7322004-05-05  Philippe April <papril777@yahoo.com>
733    * Calling iptables directly instead of using shell scripts
734    for fw_init, fw_destroy and fw_allow/fw_deny
735    * Removed shell script for fw.counters
736    * Fixed memory leaks
737    * Moved most of the iptables-specific (all but the counters)
738    to iptables.c to modularize a bit more
739    * Hack to allow deciding if we want FW calls' messages quiet or not
740
7412004-04-23  Philippe April <papril777@yahoo.com>
742    * Fixed a debug line
743
7442004-04-22  Philippe April <papril777@yahoo.com>
745    * Major changes, cleaned up code
746    * Changed the way firewall tags traffic
747
7482004-04-21  Philippe April <papril777@yahoo.com>
749    * Changed fw.destroy so it cleans up more in a while loop
750
7512004-04-20  Alexandre Carmel-Veilleux <acv@acv.ca>
752        * fixed expiration time
753
7542004-04-20  Philippe April <papril777@yahoo.com>
755    * A lot of changes regarding debugging facilities and added logging
756    to syslog
757    * Removed possibility to specify port on command line
758
7592004-04-19  Philippe April <papril777@yahoo.com>
760        * Changed some debugging severity
761
7622004-04-19  Benoit Grégoire  <bock@step.polymtl.ca>
763        * Properly integrate libhttpd into the source tree ;)  Note that this will create a proper system wide shared library for libghttpd.  Still to be done:  1- Store Mina's patch somewhere,  in case we want to upgrade libhttpd.  2-Add configure option not to build httpd, and use an already installed one.
764
7652004-04-18  Alexandre Carmel-Veilleux <acv@acv.ca>
766        * Fixed pthread_cond_timedwait. The mutex needed to be locked as
767        per the POSIX spec, yet Linux or Mac OS X don't care...
768        * Fixed the double SIGTERM handler on Linux...
769
7702004-04-17  Alexandre Carmel-Veilleux <acv@acv.ca>
771        * Added work around for uClibc bug in auth.c
772
7732004-04-17  Philippe April <papril777@yahoo.com>
774        * Fixed firewall scripts to make them standard and some firewall functions
775
7762004-04-17  Alexandre Carmel-Veilleux <acv@acv.ca>
777        * Updated documentation in firewall.c
778
7792004-04-17  Philippe April <papril777@yahoo.com>
780        * Fixed path returning to gateway in phpauth/login/index.php
781
7822004-04-16  Alexandre Carmel-Veilleux <acv@acv.ca>
783        * Merged in libhttpd into the source tree
784
7852004-04-16  Philippe April <papril777@yahoo.com>
786        * Fixed CRLF/formatting in phpauth/login/index.php
787        * Added some documentation for firewall.c, commandline.c
788        * Removed an unnecessary line dist_sysconf_DATA from Makefile.am
789
7902004-04-15  Alexandre Carmel-Veilleux <acv@acv.ca>
791        * Changed the locking mechanism, now all access to t_node * structs
792        are properly protected.
793
7942004-04-15  Alexandre Carmel-Veilleux <acv@acv.ca>
795        * Connection now closed if counter hasn't change for one full
796        period.
797
7982004-04-14  Philippe April <papril777@yahoo.com>
799        * Fixed shell script hardcoded interface
800
8012004-04-14  Alexandre Carmel-Veilleux <acv@acv.ca>
802        * Existing IPs are logged off when they're authenticated again.
803
8042004-04-14  Alexandre Carmel-Veilleux <acv@acv.ca>
805        * Fixed clean up so it happens at the right time.
806
8072004-04-14  Alexandre Carmel-Veilleux <acv@acv.ca>
808        * Major retooling of insert_userclass(), fixed seg fault.
809        * The program now works as advertised.
810
8112004-04-14  Alexandre Carmel-Veilleux <acv@acv.ca>
812        * Switched to threads. Alpha quality build, at best
813
8142004-04-12  Alexandre Carmel-Veilleux <acv@acv.ca>
815        * Changed child return value handling, again. Now it's actually
816        using the real value instead of the flag.
817        * The http.c authentication code now closes the http connection
818        from the user.
819
8202004-04-11  Alexandre Carmel-Veilleux <acv@acv.ca>
821        * Added extra debugging information.
822        * Fixed return value handling in debugging calls.
823
8242004-04-11  Alexandre Carmel-Veilleux <acv@acv.ca>
825        * Removed duplicates signal handling hooks
826        * Additional comments in SIGCHLD handler
827
8282004-04-11  Alexandre Carmel-Veilleux <acv@acv.ca>
829        * Node find if's expressions changed
830
8312004-04-11  Alexandre Carmel-Veilleux <acv@acv.ca>
832        * SIGCHLD Handler initializaed outside of deamon mode now.
833
8342004-04-11  Alexandre Carmel-Veilleux <acv@acv.ca>
835        * Very large modification. The entire architecture has been reworked
836        so that authentications to the central server are performed in a
837        fork()'d child process and the exit code from that child is then
838        used to set the User Class of the connection.
839        * The UserClasses (global definitions) and Rights (per connection)
840        have been integrated.
841
8422004-03-16  Mina Naguib <minaguib@users.sourceforge.net>
843        * Changed HTTP server tasks to be handled by libhttpd - merged
844        incorporate_libhttpd branch
845
8462004-03-13  Philippe April <papril777@yahoo.com>
847        * Modified the way firewall scripts are called so we can configure
848        them in the config file (a bit more modular than it was)
849        * Added simple linked list to keep track of clients and to
850        keep a counter of the utilization and send it to the auth server
851        * Fixed CRLF/formatting in phpauth/auth/index.php
852        * Hacked phpauth/auth/index.php to handle very basic utilization tracking
853
8542004-03-12  Philippe April <papril777@yahoo.com>
855        * Changed all perror()s into debug()s and added errno.h to common.h
856
8572004-03-10  Philippe April <papril777@yahoo.com>
858        * Small fix to firewall.c so we don't define variables after
859        the function has started (so it builds on gcc-2.95)
860
8612004-03-09  Philippe April <papril777@yahoo.com>
862        * Major changes, not forking anymore for new connections, now using
863        select() instead. It will allow us to efficiently use a linked list to track
864        users and other things. It introduces some bugs and design issues but will
865        be better in the end.
866
8672004-03-09  Philippe April <papril777@yahoo.com>
868        * Small fix in the default.php login page
869        * exit() where the program was supposed to exit but wasn't when the
870        firewall could not be setup
871
8722004-03-09  Alexandre Carmel-Veilleux <acv@acv.ca>
873        * Tiny change to increase cross-platform compatibility. It can now build on OS X and it comes close to building on my old BSD box.
874
8752004-03-08  Benoit Grégoire  <bock@step.polymtl.ca>
876        * Initial CVS import.  Integrate a standrad GNU build system and Doxygen to the build process.  Add Doxygen and CVS headers, .cvsignores, etc.  Note that the imported code is Philippe April (papril777 at yahoo.com)'s work.  Tell me if I forgot anything.  Please note that the paths in the src/fw* scripts are still hardcoded.  Don't forget to update the ChangeLog file every commit and add doxygen comments to your code.  Happy hacking.
877
Note: See TracBrowser for help on using the browser.