-
Notifications
You must be signed in to change notification settings - Fork 12
/
NEWS
263 lines (200 loc) · 8.78 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
Changes in version 2.5.1
* Fixed ident lookups on FreeBSD 13+.
Changes in version 2.5.0
* Added '--reply-all' option.
* Imported documentation from website.
Changes in version 2.4.0
* Linux: removed optional dependency on libcap-ng.
* Deprecated '\e' escape sequence in configuration files.
* Fixed incorrect username in log message when spoofing fails.
* Implemented XDG Base Directory specification
* ~/.config/oidentd.conf takes precedence over ~/.oidentd.conf
* Rewrote all manual pages, now licensed under GFDL v1.3+.
* Prevent overflow when too many replies are specified in the
system-wide configuration file.
* Rewrote INSTALL and README files.
* Improved PRNG interface.
* Changed project description.
* Deprecated support for MASQFILE and IPCONNTRACK on Linux.
* Users of recent kernels are unaffected by this change.
* Minor bugfixes, cleanups, and improvements.
* Deprecated support for Darwin.
* Deprecated support for FreeBSD 1-3.
* Deprecated support for FreeBSD 4.
* Deprecated support for NetBSD 1-4.
* Deprecated support for OpenBSD 2.0-2.3.
* Deprecated support for OpenBSD 2.4-2.8.
* Deprecated support for OpenBSD 2.9.
* Deprecated support for Solaris 2.4.
* Deprecated support for Solaris 2.5.
* Deprecated support for Solaris 2.6-2.7.
* Deprecated support for Solaris 2.8.
Changes in version 2.3.2
* Option `--forward` now implies `--masquerade`.
* Added a warning when the connection limit is exceeded.
* Added systemd services and a socket file.
* Added compile-time configuration to `--version` output.
* Linux: fixed incorrect buffer lengths when compiled with `--disable-ipv6`.
* Deprecated libudb (user database library) support.
* Linux: fixed incorrect byte order in libnetfilter_conntrack queries.
* Linux: fixed a null dereference with libnetfilter_conntrack on kernels
without a connection tracking file.
* Build as a position-independent executable and with stack protection.
* Fixed an invalid comment style in the default oidentd_masq.conf file.
Changes in version 2.3.1
* Fixed build with libnetfilter_conntrack on Linux.
Changes in version 2.3.0
* Added a forwarding capability.
* Added Linux IPv6 masquerading support.
* Added build information to `--version` output.
* Always use libnetfilter_conntrack when available.
* Fixed signed/unsigned bit shifting on Linux.
* Minor bugfixes.
Changes in version 2.2.3
* Fixed an out-of-buffer read/write issue.
* Fixed several compiler warnings.
* Fixed incorrect order of lport and fport in manual pages.
* Fixed lookup of connections to IPv6-mapped IPv4 addresses.
* Allow to, fport, from and lport to be specified in any order.
* Warn when privileges cannot be dropped automatically.
Changes in version 2.2.2
* Implicitly drop privileges only when running as root.
* Try to run as oidentd:oidentd before falling back to nobody etc.
* Search for configuration files in sysconfdir instead of `/etc`.
* Deprecated option --forward-last in favor of --masquerade-first.
Changes in version 2.2.1
* Fixed LIBNFCT_SUPPORT being defined incorrectly on some systems.
Changes in version 2.2.0
* Security: privileges were not being dropped without the `--user`
and `--group` options.
* Security: fixed a null pointer dereference with libudb support and
IP masquerading enabled.
* Added a system-wide default configuration file.
* Added a HACKING file with instructions for modifying oidentd.
* Added a kernel support table (KERNEL_SUPPORT.md).
* Added support for modern FreeBSD kernels.
* Added support for modern OpenBSD kernels.
* Added support for NetBSD 5+ (no IP masquerading support yet).
* Added support for DragonFly BSD.
* Added support for listening on multiple addresses.
* Added flag `--forward-last`.
* Bind to IPv6 by default.
* Warn when `--debug` is used in a build without debugging support.
* Warn when IP masquerading support is requested but unavailable.
* Improved logging to make sure important errors are shown.
* Bind socket before forking so that any errors are shown.
* Follow RFC 1413 recommendations regarding white space in replies.
* Modernized build system and replaced deprecated macros.
* Updated all documentation and manual pages.
* Fixed function inlined using a method incompatible with C99.
* Fixed `--limit` option also enabling `--other`.
* Fixed `--forward` option with a different destination port.
* Fixed exit code when `--help` or `--version` was used.
* Fixed configuration option `--disable-masq` having no effect.
* Fixed various minor issues leading to compiler warnings.
* Linux: handle local NAT properly instead of trying to forward.
* Linux: fixed NAT when a different destination port was used.
* Linux: fixed an issue with IPv4-mapped IPv6 addresses.
* Linux: add masquerading support using `/proc/net/nf_conntrack`.
* Linux: add masquerading support using `libnetfilter_conntrack`.
* Linux: open connection tracking file only when necessary.
* Removed Solaris 5.1+ support (build is broken due to kernel changes).
Changes in version 2.1.0
* Fixed memory corruption on FreeBSD.
* Changed maintainer to Janik Rabe <oidentd@janikrabe.com>.
* Migrated project from CVS to git.
Changes in version 2.0.9
* Internal changes.
Changes in version 2.0.8
* So, I guess some things have changed in the past 3 years.
* Fixed bugs.
Changes in version 2.0.7
* Bug fixes.
* Build fixes.
Changes in version 2.0.6
* Bug fixes.
* Build fixes for Darwin and FreeBSD.
* Support for inetd/xinetd/daemontools.
Changes in version 2.0.5
* Bugfixes for connection forwarding on BSD.
* DNAT support on linux.
* Configuration Parser/scanner cleanups.
* IPv6 fixes.
* FreeBSD 5 support.
* Compile fixes.
* Made connection forwarding work on recent versions of OpenBSD and on FreeBSD
when NAT is disabled.
Changes in version 2.0.4
* Support for lookups using the netlink socket diagnostics interface on Linux.
* Support for Solaris 9.
* Support for NetBSD.
* Support for Darwin.
* Bugfixes for NAT on *BSD.
Changes in version 2.0.3
* Fixed a bug in the configure script that caused a compile error on OpenBSD
3.0.
Changes in version 2.0.2
* Added support for OpenBSD (>= 3.0) Packet Filter.
* Allow multiple strings to be specified after a "reply" statement from which
one string will be selected at random.
* A --limit command-line argument used to limit the number of connections that
can be open at any one time.
* Fixed a bug that caused oidentd to chew up lots of CPU time on some
operating systems.
* Note that oidentd only suports ipf NAT in FreeBSD (i.e. ipfw is not
supported).
- See the TODO file for slightly more info.
Changes in version 2.0.1
* NAT support on OpenBSD 2.9 and greater has been enabled again.
* Allow comments and whitespace in /etc/oidentd_masq.conf.
* Fix a crash that occurred when oidentd reloaded its configuration file.
Changes in version 2.0.0
* A new command-line flag, --config, can be used to specify the config file.
* Support for OpenBSD 2.9
* IP masquerading/NAT support for FreeBSD.
* The bug that caused IP masquerading to fail was fixed.
* More bug fixes.
Changes in version 1.9.9.1
* Lots of bugfixes.
* Support for Solaris 5.4 - 5.8
Changes in version 1.9.9
* Complete rewrite.
* Addition of system-wide and per-user configuration files.
* IPv6 support.
Changes in version 1.7.1
* Fixed a bug that prevented oidentd from running in standalone mode.
Changes in version 1.7.0
* IP masquerading support for OpenBSD.
* Support for FreeBSD 4.*
* Support for libudb.
Changes in version 1.6.4
* Add -F and -O flags. See the manual page for a description.
* Add the capability to set an identd reply for a specific user in
/etc/identd.spoof. For example, the line "user:reply" will cause oidentd
to return "reply" for every successful query for a connection of the user
"user"
Changes in version 1.6.3
* Fix a few small bugs.
* Add -q (quiet) flag, which suppresses normal system logging.
Changes in version 1.6.2
* New flag: -x (see the man page or ChangeLog)
* Service names as well as port numbers are accepted where a port is supplied.
/etc/oidentd.users
* If our attempt to forward a connection to a host times out, fall back to
masquerading lookup results
Changes in version 1.6.1
* -r works correctly in standalone mode.
* You can now specify masks for networks in /etc/oidentd.users (See man page)
(It used to only accept quad-dot IP notation)
* You can now specify a hostname in /etc/oidentd.users
Changes in version 1.6.0
* The man page gets installed now
* Rewrote "INSTALL"
* Fixed (hopefully) the forwarding stuff.
Changes in version 1.5.1
* Code and documentation cleanups.
* Regenerate autoconf scripts using version 2.13.
Changes in version 1.5
* Various small fixes and improvements.
* Added support for OpenBSD, FreeBSD.
* autoconf'd the package.