xref: /dflybsd-src/contrib/tcp_wrappers/CHANGES (revision 86d7f5d305c6adaa56ff4582ece9859d73106103)
1*86d7f5d3SJohn MarinoRequest: after building the programs, please run the `tcpdchk' wrapper
2*86d7f5d3SJohn Marinoconfiguration checker. See the `tcpdchk.8' manual page (`nroff -man'
3*86d7f5d3SJohn Marinoformat) for instructions. `tcpdchk' automatically identifies the most
4*86d7f5d3SJohn Marinocommon configuration problems, and will save you and me a lot of time.
5*86d7f5d3SJohn Marino
6*86d7f5d3SJohn MarinoChanges per release 7.6 (Mar 1997)
7*86d7f5d3SJohn Marino==================================
8*86d7f5d3SJohn Marino
9*86d7f5d3SJohn Marino- Improved the anti source-routing protection. The code in version
10*86d7f5d3SJohn Marino7.5 was not as strong as it could be, because I tried to be compatible
11*86d7f5d3SJohn Marinowith Linux. That was a mistake. Sorry for the inconvenience.
12*86d7f5d3SJohn Marino
13*86d7f5d3SJohn Marino- The program no longer terminates case of a source-routed connection,
14*86d7f5d3SJohn Marinomaking the IP-spoofing code more usable for long-running daemons.
15*86d7f5d3SJohn Marino
16*86d7f5d3SJohn Marino- When syslogging DNS hostname problems, always stop after a limited
17*86d7f5d3SJohn Marinonumber of characters.
18*86d7f5d3SJohn Marino
19*86d7f5d3SJohn MarinoChanges per release 7.5 (Feb 1997)
20*86d7f5d3SJohn Marino==================================
21*86d7f5d3SJohn Marino
22*86d7f5d3SJohn Marino- Optionally refuse source-routed TCP connections requests altogether.
23*86d7f5d3SJohn MarinoCredits to Niels Provos of Universitaet Hamburg.  File: fix_options.c.
24*86d7f5d3SJohn Marino
25*86d7f5d3SJohn Marino- Support for IRIX 6 (Lael Tucker).
26*86d7f5d3SJohn Marino
27*86d7f5d3SJohn Marino- Support for Amdahl UTS 2.1.5 (Richard E. Richmond).
28*86d7f5d3SJohn Marino
29*86d7f5d3SJohn Marino- Support for SINIX 5.42 (Klaus Nielsen).
30*86d7f5d3SJohn Marino
31*86d7f5d3SJohn Marino- SCO 5 now has vsyslog() (Bill Golden).
32*86d7f5d3SJohn Marino
33*86d7f5d3SJohn Marino- Hints and tips for dealing with IRIX inetd (Niko Makila, Aaron
34*86d7f5d3SJohn MarinoM Lee).
35*86d7f5d3SJohn Marino
36*86d7f5d3SJohn Marino- Support for BSD/OS (Paul Borman).
37*86d7f5d3SJohn Marino
38*86d7f5d3SJohn Marino- Support for Tandem (Emad Qawas).
39*86d7f5d3SJohn Marino
40*86d7f5d3SJohn Marino- Support for ISC (Frederick B. Cohen).
41*86d7f5d3SJohn Marino
42*86d7f5d3SJohn Marino- Workaround for UNICOS - it would choke on a setjmp() expression
43*86d7f5d3SJohn Marino(Bruce Kelly). File: hosts_access.c, tcpdchk.c.
44*86d7f5d3SJohn Marino
45*86d7f5d3SJohn Marino- Increased the level of buffer overflow paranoia when printing
46*86d7f5d3SJohn Marinounwanted IP options.  File: fix_options.c.
47*86d7f5d3SJohn Marino
48*86d7f5d3SJohn MarinoChanges per release 7.4 (Mar 1996)
49*86d7f5d3SJohn Marino==================================
50*86d7f5d3SJohn Marino
51*86d7f5d3SJohn Marino- IRIX 5.3 (and possibly, earlier releases, too) library routines call
52*86d7f5d3SJohn Marinothe non-reentrant strtok() routine. The result is that hosts may slip
53*86d7f5d3SJohn Marinothrough allow/deny filters. Workaround is to not rely on the vendor's
54*86d7f5d3SJohn Marinostrtok() routine (#ifdef LIBC_CALLS_STRTOK). Credits to Th. Eifert
55*86d7f5d3SJohn Marino(Aachen University) for spotting this one. This fix supersedes the
56*86d7f5d3SJohn Marinoearlier workaround for a similar problem in FreeBSD 2.0.
57*86d7f5d3SJohn Marino
58*86d7f5d3SJohn MarinoChanges per release 7.3 (Feb 1996)
59*86d7f5d3SJohn Marino==================================
60*86d7f5d3SJohn Marino
61*86d7f5d3SJohn Marino- More tests added to tcpdchk and tcpdmatch: make sure that the
62*86d7f5d3SJohn MarinoREAL_DAEMON_DIR actually is a directory and not a regular file;
63*86d7f5d3SJohn Marinodetect if tcpd recursively calls itself.
64*86d7f5d3SJohn Marino
65*86d7f5d3SJohn Marino- Edwin Kremer found an amusing fencepost error in the xgets()
66*86d7f5d3SJohn Marinoroutine: lines longer than BUFLEN characters would be garbled.
67*86d7f5d3SJohn Marino
68*86d7f5d3SJohn Marino- The access control routines now refuse to execute "dangerous" actions
69*86d7f5d3SJohn Marinosuch as `twist' when they are called from within a resident process.
70*86d7f5d3SJohn MarinoThis prevents you from shooting yourself into the foot with critical
71*86d7f5d3SJohn Marinosystems programs such as, e.g., portmap or rpcbind.
72*86d7f5d3SJohn Marino
73*86d7f5d3SJohn Marino- Support for Unicos 8.x (Bruce Kelly). The program now closes the
74*86d7f5d3SJohn Marinosyslog client socket before running the real daemon: Cray UNICOS
75*86d7f5d3SJohn Marinorefuses to checkpoint processes with open network ports.
76*86d7f5d3SJohn Marino
77*86d7f5d3SJohn Marino- Support for MachTen UNIX (Albert M.C Tam).
78*86d7f5d3SJohn Marino
79*86d7f5d3SJohn Marino- Support for Interactive UNIX R3.2 V4.0 (Bobby D. Wright).
80*86d7f5d3SJohn Marino
81*86d7f5d3SJohn Marino- Support for SCO 3.2v5.0.0 OpenServer 5 (bob@odt.handy.com)
82*86d7f5d3SJohn Marino
83*86d7f5d3SJohn Marino- Support for Unixware 1.x and Unixware 2.x.  The old Unixware Makefile
84*86d7f5d3SJohn Marinorule was broken. Sorry about that.
85*86d7f5d3SJohn Marino
86*86d7f5d3SJohn Marino- Some FreeBSD 2.0 libc routines call strtok() and severely mess up the
87*86d7f5d3SJohn Marinoallow/deny rule processing. This is very bad. Workaround:  call our own
88*86d7f5d3SJohn Marinostrtok() clone (#ifdef USE_STRSEP).
89*86d7f5d3SJohn Marino
90*86d7f5d3SJohn Marino- The programs now log a warning when they detect that a non-existent
91*86d7f5d3SJohn Marinobanner directory is specified.
92*86d7f5d3SJohn Marino
93*86d7f5d3SJohn Marino- The hosts_access.3 manual page used obsolete names for the RQ_*
94*86d7f5d3SJohn Marinoconstants.
95*86d7f5d3SJohn Marino
96*86d7f5d3SJohn MarinoChanges per release 7.2 (Jan 1995)
97*86d7f5d3SJohn Marino==================================
98*86d7f5d3SJohn Marino
99*86d7f5d3SJohn Marino- Added a note to the README and manpages on using the IDENT service to
100*86d7f5d3SJohn Marinodetect sequence number spoofing and other host impersonation attacks.
101*86d7f5d3SJohn Marino
102*86d7f5d3SJohn Marino- Portability: ConvexOS puts RPC version numbers before the daemon path
103*86d7f5d3SJohn Marinoname (Jukka Ukkonen).
104*86d7f5d3SJohn Marino
105*86d7f5d3SJohn Marino- Portability: the AIX compiler disliked the strchr() declaration
106*86d7f5d3SJohn Marinoin socket.c.  I should have removed it when I included <string.h>.
107*86d7f5d3SJohn Marino
108*86d7f5d3SJohn Marino- Backwards compatibility: some people relied on the old leading dot or
109*86d7f5d3SJohn Marinotrailing dot magic in daemon process names.
110*86d7f5d3SJohn Marino
111*86d7f5d3SJohn Marino- Backwards compatibility: hostname lookup remains enabled when
112*86d7f5d3SJohn Marino-DPARANOID is turned off. In order to disable hostname lookups you
113*86d7f5d3SJohn Marinomust turn off -DALWAYS_HOSTNAME.
114*86d7f5d3SJohn Marino
115*86d7f5d3SJohn Marino- Eliminated false complaints from the tcpdmatch/tcpdchk configuration
116*86d7f5d3SJohn Marinochecking programs about process names not in inetd.conf or about KNOWN
117*86d7f5d3SJohn Marinousername patterns.
118*86d7f5d3SJohn Marino
119*86d7f5d3SJohn MarinoChanges per release 7.1 (Jan 1995)
120*86d7f5d3SJohn Marino==================================
121*86d7f5d3SJohn Marino
122*86d7f5d3SJohn Marino- Portability: HP-UX permits you to break inetd.conf entries with
123*86d7f5d3SJohn Marinobackslash-newline.
124*86d7f5d3SJohn Marino
125*86d7f5d3SJohn Marino- Portability: EP/IX has no putenv() and some inetd.conf entries are
126*86d7f5d3SJohn Marinospread out over two lines.
127*86d7f5d3SJohn Marino
128*86d7f5d3SJohn Marino- Portability: SCO with NIS support has no *netgrent() routines.
129*86d7f5d3SJohn Marino
130*86d7f5d3SJohn MarinoChanges per release 7.0 (Jan 1995)
131*86d7f5d3SJohn Marino==================================
132*86d7f5d3SJohn Marino
133*86d7f5d3SJohn Marino- Added a last-minute workaround for a Solaris 2.4 gethostbyname()
134*86d7f5d3SJohn Marinofoulup with multi-homed hosts in DNS through NIS mode.
135*86d7f5d3SJohn Marino
136*86d7f5d3SJohn Marino- Added a last-minute defense against TLI weirdness: address lookups
137*86d7f5d3SJohn Marinoapparently succeed but the result netbuf is empty (ticlts transport).
138*86d7f5d3SJohn Marino
139*86d7f5d3SJohn Marino- Dropped several new solutions that were in need of a problem. Beta
140*86d7f5d3SJohn Marinotesters may recognize what new features were kicked out during the last
141*86d7f5d3SJohn Marinoweeks before release 7.0 came out. Such is life.
142*86d7f5d3SJohn Marino
143*86d7f5d3SJohn Marino- Got rid of out the environment replacement routines, at least for
144*86d7f5d3SJohn Marinomost architectures. One should not have to replace working system
145*86d7f5d3SJohn Marinosoftware when all that is needed is a 4.4BSD setenv() emulator.
146*86d7f5d3SJohn Marino
147*86d7f5d3SJohn Marino- By popular request I have added an option to send banner messages to
148*86d7f5d3SJohn Marinoclients. There is a Banners.Makefile that gives some aid for sites that
149*86d7f5d3SJohn Marinoare going to use this feature. John C. Wingenbach did some pioneering
150*86d7f5d3SJohn Marinowork here. I used to think that banners are frivolous. Now that I had
151*86d7f5d3SJohn Marinoa personal need for them I know that banners can be useful.
152*86d7f5d3SJohn Marino
153*86d7f5d3SJohn Marino- At last: an extensible functional interface to the pattern matching
154*86d7f5d3SJohn Marinoengine. request_init() and request_set() accept a variable-length
155*86d7f5d3SJohn Marinoname-value argument list.  The result can be passed to hosts_access().
156*86d7f5d3SJohn Marino
157*86d7f5d3SJohn Marino- When PARANOID mode is disabled (compile time), the wrapper does no
158*86d7f5d3SJohn Marinohostname lookup or hostname double checks unless required by %letter
159*86d7f5d3SJohn Marinoexpansions, or by access control rules that match host names.  This is
160*86d7f5d3SJohn Marinouseful for sites that don't care about internet hostnames anyway.
161*86d7f5d3SJohn MarinoInspired by the authors of the firewalls and internet security book.
162*86d7f5d3SJohn Marino
163*86d7f5d3SJohn Marino- When PARANOID mode is disabled (compile time), hosts with a name/name
164*86d7f5d3SJohn Marinoor name/address conflict can be matched with the PARANOID host wildcard
165*86d7f5d3SJohn Marinopattern, so that you can take some intelligent action instead of just
166*86d7f5d3SJohn Marinodropping clients. Like showing a banner that explains the problem.
167*86d7f5d3SJohn Marino
168*86d7f5d3SJohn Marino- New percent escapes: %A expands to the server address; %H expands to
169*86d7f5d3SJohn Marinothe corresponding hostname (or address if no name is available); %n and
170*86d7f5d3SJohn Marino%N expand to the client and server hostname (or "unknown"); %s expands
171*86d7f5d3SJohn Marinoto everything we know about the server endpoint (the opposite of the %c
172*86d7f5d3SJohn Marinosequence for client information).
173*86d7f5d3SJohn Marino
174*86d7f5d3SJohn Marino- Symmetry: server and client host information is now treated on equal
175*86d7f5d3SJohn Marinofooting, so that we can reuse a lot of code.
176*86d7f5d3SJohn Marino
177*86d7f5d3SJohn Marino- Lazy evaluation of host names, host addresses, usernames, and so on,
178*86d7f5d3SJohn Marinoto avoid doing unnecessary work.
179*86d7f5d3SJohn Marino
180*86d7f5d3SJohn Marino- Dropping #ifdefs for some archaic systems made the code simpler.
181*86d7f5d3SJohn Marino
182*86d7f5d3SJohn Marino- Dropping the FAIL pattern made the pattern matcher much simpler.  Run
183*86d7f5d3SJohn Marinothe "tcpdchk" program to scan your access control files for any uses of
184*86d7f5d3SJohn Marinothis obscure language feature.
185*86d7f5d3SJohn Marino
186*86d7f5d3SJohn Marino- Moving host-specific pattern matching from string_match() to the
187*86d7f5d3SJohn Marinohost_match() routine made the code more accurate.  Run the "tcpdchk"
188*86d7f5d3SJohn Marinoprogram to scan your access control files for any dependencies on
189*86d7f5d3SJohn Marinoundocumented or obscure language features that are gone.
190*86d7f5d3SJohn Marino
191*86d7f5d3SJohn Marino- daemon@host patterns trigger on clients that connect to a specific
192*86d7f5d3SJohn Marinointernet address.  This can be useful for service providers that offer
193*86d7f5d3SJohn Marinomultiple ftp or www archives on different internet addresses, all
194*86d7f5d3SJohn Marinobelonging to one and the same host (www.foo.com, ftp.bar.com, you get
195*86d7f5d3SJohn Marinothe idea).  Inspired by a discussion with Rop Gonggrijp, Cor Bosman,
196*86d7f5d3SJohn Marinoand Casper Dik, and earlier discussions with Adrian van Bloois.
197*86d7f5d3SJohn Marino
198*86d7f5d3SJohn Marino- The new "tcpdchk" program critcizes all your access control rules and
199*86d7f5d3SJohn Marinoinetd.conf entries. Great for spotting obscure bugs in my own hosts.xxx
200*86d7f5d3SJohn Marinofiles. This program also detects hosts with name/address conflicts and
201*86d7f5d3SJohn Marinowith other DNS-related problems. See the "tcpdchk.8" manual page.
202*86d7f5d3SJohn Marino
203*86d7f5d3SJohn Marino- The "tcpdmatch" program replaces the poor old "try" command. The new
204*86d7f5d3SJohn Marinoprogram looks in your inetd.conf file and therefore produces much more
205*86d7f5d3SJohn Marinoaccurate predictions. In addition, it detects hosts with name/address
206*86d7f5d3SJohn Marinoconflicts and with other DNS-related problems. See the "tcpdmatch.8"
207*86d7f5d3SJohn Marinomanual page.  The inetd.conf lookup was suggested by Everett F Batey.
208*86d7f5d3SJohn Marino
209*86d7f5d3SJohn Marino- In the access control tables, the `=' between option name and value
210*86d7f5d3SJohn Marinois no longer required.
211*86d7f5d3SJohn Marino
212*86d7f5d3SJohn Marino- Added 60-second timeout to the safe_finger command, to cover another
213*86d7f5d3SJohn Marinopotential problem. Suggested by Peter Wemm.
214*86d7f5d3SJohn Marino
215*86d7f5d3SJohn Marino- Andrew Maffei provided code that works with WIN-TCP on NCR System V.4
216*86d7f5d3SJohn MarinoUNIX. It reportedly works with versions 02.02.01 and 02.03.00. The code
217*86d7f5d3SJohn Marinopops off all streams modules above the device driver, pushes the timod
218*86d7f5d3SJohn Marinomodule to get at the peer address, and then restores the streams stack
219*86d7f5d3SJohn Marinoto the initial state.
220*86d7f5d3SJohn Marino
221*86d7f5d3SJohn MarinoChanges per release 6.3 (Mar 1994)
222*86d7f5d3SJohn Marino==================================
223*86d7f5d3SJohn Marino
224*86d7f5d3SJohn Marino- Keepalives option, to get rid of stuck daemons when people turn off
225*86d7f5d3SJohn Marinotheir PC while still connected. Files: options.c, hosts_options.5.
226*86d7f5d3SJohn Marino
227*86d7f5d3SJohn Marino- Nice option, to calm down network daemons that take away too much CPU
228*86d7f5d3SJohn Marinotime. Files: options.c, hosts_options.5.
229*86d7f5d3SJohn Marino
230*86d7f5d3SJohn Marino- Ultrix perversion: the environ global pointer may be null. The
231*86d7f5d3SJohn Marinoenvironment replacement routines now check for this. File: environ.c.
232*86d7f5d3SJohn Marino
233*86d7f5d3SJohn Marino- Fixed a few places that still assumed the socket is on standard
234*86d7f5d3SJohn Marinoinput. Fixed some error messages that did not provide access control
235*86d7f5d3SJohn Marinofile name and line number.  File: options.c.
236*86d7f5d3SJohn Marino
237*86d7f5d3SJohn Marino- Just when I was going to release 6.2 I received code for Dynix/PTX.
238*86d7f5d3SJohn MarinoThat code is specific to PTX 2.x, so I'll keep around my generic
239*86d7f5d3SJohn MarinoPTX code just in case. The difference is in the handling of UDP
240*86d7f5d3SJohn Marinoservices.  Files:  tli_sequent.[hc].
241*86d7f5d3SJohn Marino
242*86d7f5d3SJohn MarinoChanges per release 6.2 (Feb 1994)
243*86d7f5d3SJohn Marino==================================
244*86d7f5d3SJohn Marino
245*86d7f5d3SJohn Marino- Resurrected my year-old code to reduce DNS load by appending a dot to
246*86d7f5d3SJohn Marinothe gethostbyname() argument. This feature is still experimental and it
247*86d7f5d3SJohn Marinomay go away if it causes more problems than it solves. File: socket.c.
248*86d7f5d3SJohn Marino
249*86d7f5d3SJohn Marino- Auxiliary code for the Pyramid, BSD universe. Karl Vogel figured out
250*86d7f5d3SJohn Marinowhat was missing: yp_get_default_domain() and vfprintf(). Files:
251*86d7f5d3SJohn Marinoworkarounds.c, vfprintf.c.
252*86d7f5d3SJohn Marino
253*86d7f5d3SJohn Marino- Improved support for Dynix/PTX. The wrapper should now be able to
254*86d7f5d3SJohn Marinodeal with all TLI over IP services. File: ptx.c.
255*86d7f5d3SJohn Marino
256*86d7f5d3SJohn Marino- The try command now uses the hostname that gethostbyaddr() would
257*86d7f5d3SJohn Marinoreturn, instead of the hostname returned by gethostbyname(). This can
258*86d7f5d3SJohn Marinobe significant on systems with NIS that have short host names in the
259*86d7f5d3SJohn Marinohosts map. For example, gethostbyname("wzv.win.tue.nl") returns
260*86d7f5d3SJohn Marino"wzv.win.tue.nl"; gethostbyaddr(131.155.210.17) returns "wzv", and
261*86d7f5d3SJohn Marinothat is what we should test with. File: try.c.
262*86d7f5d3SJohn Marino
263*86d7f5d3SJohn MarinoChanges per release 6.1 (Dec 1993)
264*86d7f5d3SJohn Marino==================================
265*86d7f5d3SJohn Marino
266*86d7f5d3SJohn Marino- Re-implemented all environment access routines. Most systems have
267*86d7f5d3SJohn Marinoputenv() but no setenv(), some systems have setenv() but no putenv(),
268*86d7f5d3SJohn Marinoand there are even systems that have neither setenv() nor putenv(). The
269*86d7f5d3SJohn Marinobenefit of all this is that more systems can now be treated in the same
270*86d7f5d3SJohn Marinoway. File:  environ.c.
271*86d7f5d3SJohn Marino
272*86d7f5d3SJohn Marino- Workaround for a weird problem with DG/UX when the wrapper is run as
273*86d7f5d3SJohn Marinonobody (i.e. fingerd). For some reason the ioctl(fd, I_FIND, "sockmod")
274*86d7f5d3SJohn Marinocall fails even with socket-based applications. The "fix" is to always
275*86d7f5d3SJohn Marinoassume sockets when the ioctl(fd, I_FIND, "timod") call fails. File:
276*86d7f5d3SJohn Marinofromhost.c. Thanks to Paul de Vries (vries@dutentb.et.tudelft.nl) for
277*86d7f5d3SJohn Marinohelping me to figure out this one.
278*86d7f5d3SJohn Marino
279*86d7f5d3SJohn Marino- Implemented a workaround for Dynix/PTX and other systems with TLI
280*86d7f5d3SJohn Marinothat lack some essential support routines. Thanks to Bugs Brouillard
281*86d7f5d3SJohn Marino(brouill@hsuseq.humboldt.edu) for the hospitality to try things out.
282*86d7f5d3SJohn MarinoThe trick is to temporarily switch to the socket API to identify the
283*86d7f5d3SJohn Marinoclient, and to switch back to TLI when done.  It still does not work
284*86d7f5d3SJohn Marinoright for basic network services such as telnet. File: fromhost.c.
285*86d7f5d3SJohn Marino
286*86d7f5d3SJohn Marino- Easy-to-build procedures for SCO UNIX, ConvexOS with UltraNet, EP/IX,
287*86d7f5d3SJohn MarinoDynix 3.2, Dynix/PTX. File: Makefile.
288*86d7f5d3SJohn Marino
289*86d7f5d3SJohn Marino- Variable rfc931 timeout. Files: rfc931.c, options.c, log_tcp.h, try.c.
290*86d7f5d3SJohn Marino
291*86d7f5d3SJohn Marino- Further simplification of the rfc931 code. File: rfc931.c.
292*86d7f5d3SJohn Marino
293*86d7f5d3SJohn Marino- The fromhost() interface stinks: I cannot change that, but at least
294*86d7f5d3SJohn Marinothe from_sock() and from_tli() functions now accept a file descriptor
295*86d7f5d3SJohn Marinoargument.
296*86d7f5d3SJohn Marino
297*86d7f5d3SJohn Marino- Fixed a buglet: fromhost() would pass a garbage file descriptor to
298*86d7f5d3SJohn Marinothe isastream() call.
299*86d7f5d3SJohn Marino
300*86d7f5d3SJohn Marino- On some systems the finger client program lives in /usr/bsd. File:
301*86d7f5d3SJohn Marinosafe_finger.c.
302*86d7f5d3SJohn Marino
303*86d7f5d3SJohn MarinoChanges per release 6.0 (Sept 1993)
304*86d7f5d3SJohn Marino===================================
305*86d7f5d3SJohn Marino
306*86d7f5d3SJohn Marino- Easy build procedures for common platforms (sun, ultrix, aix, hpux
307*86d7f5d3SJohn Marinoand others).
308*86d7f5d3SJohn Marino
309*86d7f5d3SJohn Marino- TLI support, System V.4 style (Solaris, DG/UX).
310*86d7f5d3SJohn Marino
311*86d7f5d3SJohn Marino- Username lookup integrated with the access control language.
312*86d7f5d3SJohn MarinoSelective username lookups are now the default (was: no username
313*86d7f5d3SJohn Marinolookups).
314*86d7f5d3SJohn Marino
315*86d7f5d3SJohn Marino- A safer finger command for booby traps. This one solves a host of
316*86d7f5d3SJohn Marinopossible problems with automatic reverse fingers. Thanks, Borja Marcos
317*86d7f5d3SJohn Marino(borjam@we.lc.ehu.es) for some inspiring discussions.
318*86d7f5d3SJohn Marino
319*86d7f5d3SJohn Marino- KNOWN pattern that matches hosts whose name and address are known.
320*86d7f5d3SJohn Marino
321*86d7f5d3SJohn Marino- Cleanup of diagnostics. Errors in access-control files are now shown
322*86d7f5d3SJohn Marinowith file name and line number.
323*86d7f5d3SJohn Marino
324*86d7f5d3SJohn Marino- With AIX 3.2, hostnames longer than 32 would be truncated.  This
325*86d7f5d3SJohn Marinocaused hostname verification failures, so that service would be refused
326*86d7f5d3SJohn Marinowhen paranoid mode was enabled.  Found by:  Adrian van Bloois
327*86d7f5d3SJohn Marino(A.vanBloois@info.nic.surfnet.nl).
328*86d7f5d3SJohn Marino
329*86d7f5d3SJohn Marino- With some IRIX versions, remote username lookups failed because the
330*86d7f5d3SJohn Marinofgets() library function does not handle partial read()s from sockets.
331*86d7f5d3SJohn MarinoFound by:  Daniel O'Callaghan (danny@austin.unimelb.edu.au).
332*86d7f5d3SJohn Marino
333*86d7f5d3SJohn Marino- Added a DISCLAIMER document to help you satisfy legal departments.
334*86d7f5d3SJohn Marino
335*86d7f5d3SJohn MarinoThe extension language module has undergone major revisions and
336*86d7f5d3SJohn Marinoextensions.  Thanks, John P. Rouillard (rouilj@ra.cs.umb.edu) for
337*86d7f5d3SJohn Marinodiscussions, experiments, and for being a good guinea pig. The
338*86d7f5d3SJohn Marinoextensions are documented in hosts_options.5, and are enabled by
339*86d7f5d3SJohn Marinoediting the Makefile STYLE macro definition.
340*86d7f5d3SJohn Marino
341*86d7f5d3SJohn Marino- (Extension language) The ":" separator may now occur within options
342*86d7f5d3SJohn Marinoas long as it is protected with a backslash. A warning is issued when
343*86d7f5d3SJohn Marinoa rule ends on ":".
344*86d7f5d3SJohn Marino
345*86d7f5d3SJohn Marino- (Extension language) Better verification mode. When the `try' command
346*86d7f5d3SJohn Marinois run, each option function now explains what it would do.
347*86d7f5d3SJohn Marino
348*86d7f5d3SJohn Marino- (Extension language) New "allow" and "deny" keywords so you can now
349*86d7f5d3SJohn Marinohave all rules within a single file. See "nroff -man hosts_options.5"
350*86d7f5d3SJohn Marinofor examples.
351*86d7f5d3SJohn Marino
352*86d7f5d3SJohn Marino- (Extension language) "linger" keyword to set the socket linger time
353*86d7f5d3SJohn Marino(SO_LINGER). From:  Marc Boucher <marc@cam.org>.
354*86d7f5d3SJohn Marino
355*86d7f5d3SJohn Marino- (Extension language) "severity" keyword to turn the logging noise up
356*86d7f5d3SJohn Marinoor down. Many sites wanted a means to shut up the program; other sites
357*86d7f5d3SJohn Marinowanted to emphasize specific events.  Adapted from code contributed
358*86d7f5d3SJohn Marinoby Dave Mitchell <D.Mitchell@dcs.shef.ac.uk>.
359*86d7f5d3SJohn Marino
360*86d7f5d3SJohn MarinoChanges per release 5.1 (Mar 1993)
361*86d7f5d3SJohn Marino==================================
362*86d7f5d3SJohn Marino
363*86d7f5d3SJohn Marino- The additional protection against source-routing attacks from hosts
364*86d7f5d3SJohn Marinothat pretend to have someone elses network address has become optional
365*86d7f5d3SJohn Marinobecause it causes kernel panics with SunOS <= 4.1.3.
366*86d7f5d3SJohn Marino
367*86d7f5d3SJohn MarinoChanges per release 5.0 (Mar 1993)
368*86d7f5d3SJohn Marino==================================
369*86d7f5d3SJohn Marino
370*86d7f5d3SJohn Marino- Additional protection against source-routing attacks from hosts that
371*86d7f5d3SJohn Marinopretend to have someone elses network address. For example, the address
372*86d7f5d3SJohn Marinoof a trusted host within your own network.
373*86d7f5d3SJohn Marino
374*86d7f5d3SJohn Marino- The access control language has been extended with a simple but
375*86d7f5d3SJohn Marinopowerful operator that greatly simplifies the design of rule sets (ALL:
376*86d7f5d3SJohn Marino.foo.edu EXCEPT dialup.foo.edu). Blank lines are permitted, and long
377*86d7f5d3SJohn Marinolines can be continued with backslash-newline.
378*86d7f5d3SJohn Marino
379*86d7f5d3SJohn Marino- All configurable stuff, including path names, has been moved into the
380*86d7f5d3SJohn MarinoMakefile so that you no longer have to hack source code to just
381*86d7f5d3SJohn Marinoconfigure the programs.
382*86d7f5d3SJohn Marino
383*86d7f5d3SJohn Marino- Ported to Solaris 2. TLI-based applications not yet supported.
384*86d7f5d3SJohn MarinoSeveral workarounds for System V bugs.
385*86d7f5d3SJohn Marino
386*86d7f5d3SJohn Marino- A small loophole in the netgroup lookup code was closed, and the
387*86d7f5d3SJohn Marinoremote username lookup code was made more portable.
388*86d7f5d3SJohn Marino
389*86d7f5d3SJohn Marino- Still more documentation. The README file now provides tutorial
390*86d7f5d3SJohn Marinosections with introductions to client, server, inetd and syslogd.
391*86d7f5d3SJohn Marino
392*86d7f5d3SJohn MarinoChanges per release 4.3 (Aug 1992)
393*86d7f5d3SJohn Marino==================================
394*86d7f5d3SJohn Marino
395*86d7f5d3SJohn Marino- Some sites reported that connections would be rejected because
396*86d7f5d3SJohn Marinolocalhost != localhost.domain. The host name checking code now
397*86d7f5d3SJohn Marinospecial-cases localhost (problem reported by several sites).
398*86d7f5d3SJohn Marino
399*86d7f5d3SJohn Marino- The programs now report an error if an existing access control file
400*86d7f5d3SJohn Marinocannot be opened (e.g. due to lack of privileges).  Until now, the
401*86d7f5d3SJohn Marinoprograms would just pretend that the access control file does not exist
402*86d7f5d3SJohn Marino(reported by Darren Reed, avalon@coombs.anu.edu.au).
403*86d7f5d3SJohn Marino
404*86d7f5d3SJohn Marino- The timeout period for remote userid lookups was upped to 30 seconds,
405*86d7f5d3SJohn Marinoin order to cope with slow hosts or networks.  If this is too long for
406*86d7f5d3SJohn Marinoyou, adjust the TIMEOUT definition in file rfc931.c (problem reported
407*86d7f5d3SJohn Marinoby several sites).
408*86d7f5d3SJohn Marino
409*86d7f5d3SJohn Marino- On hosts with more than one IP network interface, remote userid
410*86d7f5d3SJohn Marinolookups could use the IP address of the "wrong" local interface.  The
411*86d7f5d3SJohn Marinoproblem and its solution were discussed on the rfc931-users mailing
412*86d7f5d3SJohn Marinolist.  Scott Schwartz (schwartz@cs.psu.edu) folded the fix into the
413*86d7f5d3SJohn Marinorfc931.c module.
414*86d7f5d3SJohn Marino
415*86d7f5d3SJohn Marino- The result of % expansion (in shell commands) is now checked for
416*86d7f5d3SJohn Marinostuff that may confuse the shell; it is replaced by underscores
417*86d7f5d3SJohn Marino(problem reported by Icarus Sparry, I.Sparry@gdr.bath.ac.uk).
418*86d7f5d3SJohn Marino
419*86d7f5d3SJohn Marino- A portability problem was fixed that caused compile-time problems
420*86d7f5d3SJohn Marinoon a CRAY (problem reported by Michael Barnett, mikeb@rmit.edu.au).
421*86d7f5d3SJohn Marino
422*86d7f5d3SJohn MarinoChanges per release 4.0 (Jun 1992)
423*86d7f5d3SJohn Marino==================================
424*86d7f5d3SJohn Marino
425*86d7f5d3SJohn Marino1 - network daemons no longer have to live within a common directory
426*86d7f5d3SJohn Marino2 - the access control code now uses both the host address and name
427*86d7f5d3SJohn Marino3 - an access control pattern that supports netmasks
428*86d7f5d3SJohn Marino4 - additional protection against forged host names
429*86d7f5d3SJohn Marino5 - a pattern that matches hosts whose name or address lookup fails
430*86d7f5d3SJohn Marino6 - an operator that prevents hosts or services from being matched
431*86d7f5d3SJohn Marino7 - optional remote username lookup with the RFC 931 protocol
432*86d7f5d3SJohn Marino8 - an optional umask to prevent the creation of world-writable files
433*86d7f5d3SJohn Marino9 - hooks for access control language extensions
434*86d7f5d3SJohn Marino10 - last but not least, thoroughly revised documentation.
435*86d7f5d3SJohn Marino
436*86d7f5d3SJohn MarinoChanges per release 3.0 (Oct 1991)
437*86d7f5d3SJohn Marino==================================
438*86d7f5d3SJohn Marino
439*86d7f5d3SJohn MarinoEnhancements over the previous release are: support for datagram (UDP
440*86d7f5d3SJohn Marinoand RPC) services, and execution of shell commands when a (remote host,
441*86d7f5d3SJohn Marinorequested service) pair matches a pattern in the access control tables.
442*86d7f5d3SJohn Marino
443*86d7f5d3SJohn MarinoChanges per release 2.0 (May 1991)
444*86d7f5d3SJohn Marino==================================
445*86d7f5d3SJohn Marino
446*86d7f5d3SJohn MarinoEnhancements over the previous release are: protection against rlogin
447*86d7f5d3SJohn Marinoand rsh attacks through compromised domain name servers, optional
448*86d7f5d3SJohn Marinonetgroup support for systems with NIS (formerly YP), and an extension
449*86d7f5d3SJohn Marinoof the wild card patterns supported by the access control files.
450*86d7f5d3SJohn Marino
451*86d7f5d3SJohn MarinoRelease 1.0 (Jan 1991)
452