source: trunk/docs/Changelog@ 252

Last change on this file since 252 was 252, checked in by katerina, 15 years ago

Add code to check for stale file records on close() and fclose(), fix sl_close() to handle open stream (ticket #163).

File size: 86.7 KB
Line 
12.5.10:
2 * sh_suidchk.c: handle $HOME/.gvfs mount gracefully
3 * slib.c: fix race condition caused by closing a stream and the fd
4
52.5.9c:
6 * move stale file record error message closer to problem zone
7 * sh_port2proc.c: fix flawed logic for interpreting /proc/net/udp,tcp
8
92.5.9b:
10 * remove stale file record when creating handle, and raise diagnostic
11 error to find origin of stale record
12 * sh_port2proc.c: check /proc/net/upd6 for IPv6-only UDP sockets
13
142.5.9a:
15 * fixed a race condition in closing of file handles
16
172.5.9 (11-09-2009):
18 * added code to generate directory for pid file, since it
19 would get cleaned if /var/run is a tmpfs mount (problem
20 reported by M. Athanasiou)
21 * fixed a bug that prevented reporting of user/executable path
22 for open UDP ports (issue reported by N. Rath)
23 * added more debugging code
24
252.5.8a (18-08-2009):
26 * fixed a bug in sh_files.c that would prevent samhain from
27 running on MacOS X (reported by David)
28
292.5.8 (06-08-2009):
30 * fixed a bug in the MX resolver routine which causes it to fail
31 sometimes (issue reported by N. Rath).
32 * fixed deadlock with mutex_listall in sh_nmail_test_recipients() if
33 error occurs within sh_nmail_flush (problem reported by N. Rath)
34
352.5.7 (21-07-2009):
36 * sh_userfiles.c: set userUids = NULL at reconfiguration (issue
37 reported by U. Melzer)
38 * if available, use %z to print timezone as hour offset from GMT
39 in email date headers (problem reported by NP, solution suggested
40 by TimB).
41 * eliminate C99-style comments (problem reported by
42 venkat)
43 * fix bad variable name for AC_CACHE_CHECK
44 * fix potential deadlock when external programm is called
45 (problem reported by A. Dunkel)
46
472.5.6 (09-06-2009):
48 * recognize fdesc filesystem on MacOS X for suid check (Problem
49 reported by David)
50
512.5.5 (01-05-2009):
52 * fix some warnings from gcc 4.4 (strict aliasing)
53 * fix minor memory leak in process check
54 * t-test1.c: change function names because of clashes with an
55 AIX system header file
56 * fix warnings with -fstack-check (too large stack frames)
57 * fix for incorrect handling of hostnames in database insertion
58 (reported by byron)
59
602.5.4 (04-03-2009):
61 * fix for incorrect input check in SRP implementation (discovered
62 by Thomas Ptacek)
63 * option KernelCheckPCI to switch off check of PCI expansion ROMs
64
652.5.3 (25-02-2009):
66 * disable dnmalloc on MacOS X, doesn't work properly
67 * stat -> lstat in sh_unix_file_exists (OS X nameforks, report
68 by David)
69 * Fix problem in standalone trustfile, does not work correctly on
70 group-writeable files (reported by David).
71 * Option SetThrottle to throttle throughput for db download
72 * Option SetConnectionTimeout to configure the client connection
73 timeout configurable
74 * Provide getrpcbynumber, getservbyname implementations
75 to avoid dependencies with static linkage
76 * Fix missing sh.host.(system|release|machine) on FreeBSD,
77 reported by D.Lowry
78 * New option SetMailPort to allow setting of SMTP port (patch
79 by lucas sizzo org)
80 * allow POSIX regexes for filters
81 * consolidate filtering code from sh_extern.c, sh_(n)mail.c
82 * rewrite mail subsystem to allow individual filtering
83 for recipients
84 * allow shell expansion for values of config file options
85 * allow list as value for option PortCheckInterface
86 * fix bug in trustfile.c (with slapping on "/../" for symlinks)
87 * lock baseline database upon writing
88
892.5.2b (29-01-2009):
90 * turn warnings into errors in the compile test suite
91 * fix missing define in sh_portcheck.c to eliminate compiler warning
92 (reported by joerg)
93
942.5.2a (26-01-2009):
95 * fix problem building deb package (bit rot; reported by joerg)
96
972.5.2 (22-01-2009):
98 * samhain.c: report module failure with positive offset
99 * sh_database.c: parse numerical fields into ulong
100 * fix regression test script for postgresql
101 * fix regression test script for SELinux/ACL test
102 * fix reporting of user for open ports to prelude
103 * report process pid for open ports
104 * replace _exit() by raise(SIGKILL) b/o pthread problem
105 * new option LooseDirCheck ([false]/true), request by
106 Alexander
107 * improved help output of samhain_stealth (as suggested
108 by Michael Athanasiou)
109 * new option ProcessCheckIsOpenVZ ([false]/true)
110
1112.5.1 (07-12-2008):
112 * workaround for freebsd7 amd64 lossage (compiler toolchain,
113 no mmap to 32bit address space)
114 * samhain-install.sh: check for presence of stealth_template.ps
115 before trying to create it
116 * use -Wno-empty-body if supported to suppress warnings about
117 glibc pthread_cleanup_pop implementation
118 * fix text relocations for i386 in src/sh_tiger1.s
119 * implement server->client SCAN command to initiate file check
120 * implement @if / @else conditionals with more tests in config file
121 * new option SetDropCache to drop checksummed files from cache
122 * report process/user for open ports on FreeBSD (code
123 lifted from FreeBSD sockstat.c)
124 * fix for config reload issue with stealth mode (reported by
125 siim)
126 * add -fstack-protector flags to LDFLAGS
127 * cygwin fix: don't use dnmalloc, doesn't work with pthreads
128 * cygwin fix: make trust check in samhain-install.sh return zero
129 * improved diagnostics for file read errors
130 * fixed script permissions (754 -> 755), reported by Christoph
131 * constness patch by Joe MacDonald
132 * GnuPG key ID patch by Jim Dutton
133 * sh_kern.c: more error checking for reads from kernel
134
1352.5.0 (01-11-2008):
136 * dnmalloc.c: fix inconsistent chunksize on 64bit systems
137 * fix improved error reporting for failed fstat in checksumming
138 * report process/user for open ports (Linux only currently)
139 * fix deadlock on exit in sh_hash_init()
140 * fix --enable-mounts-check for FreeBSD 7.0 (no MNT_NODEV anymore)
141 * log monitoring support
142 * fixed constness in trustfile interface
143 * remove libprelude 0.8 support (obsolete)
144 * sh_forward.c: increase TIME_OUT_DEF to 900 secs
145 * dnmalloc.c: initialize rc in dnmalloc_fork_child(),
146 reported by B. Podlipnik
147
1482.4.6a (09-10-2008):
149 * fix compile problem on Fedora 9 (reported by pierpaolo),
150 'struct ucred' in sh_socket.c requires _GNU_SOURCE
151
1522.4.6 (27-08-2008):
153 * fix compile failure on win2k/cygwin (sh_unix_mlock prototype),
154 reported by jhamilton
155 * fix potential deadlock with dnmalloc upon fork()
156 * fix non-portable use of 'hostname -f' in regression test suite
157 (reported by Borut Podlipnik)
158
1592.4.5a (18-08-2008):
160 * fix compile problem in dnmalloc.c (remove prototypes for
161 memset/memcpy), problem reported by Juergen Daubert
162
1632.4.5 (07-08-2008):
164 * testscripts: 'chmod -R' -> 'chmod -f -R', since Solaris 10
165 bails out on a chmod on a dangling link
166 * fix bug in check_samhain.pl nagios script (J.-S. Eon)
167 * use the UNO static checker
168 * compile as position independent executable (PIE)
169 * handle EINPROGRESS error (Windows/cygwin issue)
170 * make sure every function uses less than one page of stack
171 (proactive security against gap jumping, Gael Delalleau)
172 * use dnmalloc instead of system malloc
173 (proactive security against heap buffer overflows)
174 * fix dnmalloc bugs and portability problems
175 * check for compressBound, since older zlibs don't have it
176
1772.4.4 (30-04-2008):
178 * sh_database.c: fix maximum size of sql query string, maximum
179 size of strings in struct dbins_
180 * sh_hash.c: fix maximum size of message string
181 * fix typo in the base64 decoder
182 * fix 'make cutest' for parallel compiling
183 * fix compile warnings with -Wstrict-prototypes
184 * sh_static.c: override getgrgid, getpwuid for libacl
185 * fix more warnings about variables clobbered by 'longjmp'
186 or 'vfork' (due to library internal handling of mutexes)
187 * fix configure warning about unused datarootdir
188 * configure.ac: warn, but accept nonexistent tmp dir
189 (Problem reported by Brian)
190 * sh_unix.c: undef P_ALL, P_PID, P_PGID before including
191 sys/wait.h (compile problem reported by Reputation)
192 * syslog function tested ok with Syslog Fuzzer v0.1
193 by Jaime Blasco (c) 2008
194 * slib.c: call fflush when writing trace to file
195 * sh_readconf.c: don't set OnlyStderr to false if gpg (problem
196 reported by Irene Reed)
197 * fix unconditional removal of pid file in atexit handler (bug
198 reported by Brian)
199 * fix invalid free() in sh_unix_checksum_size()
200 * sh_processcheck.c: workaround for stupid OpenBSD bug (returns
201 ENODEV instead of EAGAIN, because fgetc does
202 fcntl(0,F_SETFL,O_NONBLOCK) [ENODEV] internally), problem
203 reported by Roman R.
204 * fix buf that cause incomplete reporting of modified symlink if
205 symlink has changed and both old and new paths are >48 bytes
206 * fix bug that prevented mount check from running in one-shot mode
207 * enable mount check for openbsd
208 * fix processcheck default options and test script for openbsd
209 * option --list-file to list content of file (if saved)
210 * sh_tools.c: use strcasecmp in reverse lookup since DNS is case
211 insensitive (bug reported by Phil)
212 * fill content if MODI_TXT, zlib compress, base64 encode and add
213 as link_path in sh_unix.c; add to report in sh_hash.c
214 * testsuite: add test for gpg fingerprint option
215 * sh_extern.c: add 'CloseCommand' for syntactic sugar,
216 add in testsuite
217
2182.4.3a (12-02-2008):
219 * fix compile error caused by open() with O_CREAT and no third argument
220 (reported by J.-S. Eon)
221
2222.4.3 (31-01-2008):
223 * sh_kern.c: don't require asm/segment.h for kernel check module
224 * use global var with pid of initial thread instead of getpid(),
225 since LinuxThreads returns different value in each thread (problem
226 reported by Steffen Mueller)
227 * sh_kern.c: no inode check for pci rom (creates spurious messages)
228 * slib.c: eliminate prototype for vsnprintf (compile problem reported
229 by eddy_cs)
230 * Makefile.in: fix missing dependency on 'encode' for $(OBJECTS)
231 (reported by Matthias Ehrmann)
232
2332.4.2 (17-01-2008):
234 * fix broken option --with-checksum (reported by halosfan),
235 regression test added
236 * change HP-UX default optimization to +O2 since +O3 breaks
237 cutest unit testing framework
238 * put result vector of rng in skey struct
239 * fix more compiler warnings, and a potential (compiler-dependent)
240 NULL dereference in the unix entropy collector
241 * fix some compiler warnings
242 * use -D_FORTIFY_SOURCE=1 -fstack-protector-all instead
243 of -fstack-protector
244 * always add PTHREAD_CFLAGS to LDFLAGS
245 * sh_tiger0.c: checksum functions return length of file hashed,
246 needed to fix GrowingLogfile bug (researched by
247 siim at p6drad dash teel dot net)
248 * sh_static.c: fix more 'label at end of compound statement'
249 (SH_MUTEX_UNLOCK closing brace; reported anonymously)
250 * make sh_hash.c thread-safe
251 * remove plenty of tiny allocations
252 * improve sh_mem_dump
253 * modify port check to run as thread
254 * new option PortCheckSkip to skip ports
255 * fix unsetting of sh_thread_pause_flag (was too early)
256
2572.4.1a (28-11-2007):
258 * fix overwrite of ErrFlags (functionality bug)
259
2602.4.1 (26-11-2007):
261 * security fix: regression in the seeding routine for the PRNG
262 (detected by C. Mueller)
263 * regression test added for PRNG seeding routine
264 * fix problem with PCI ROM check (spurious messages about modified
265 timestamps, reported by S. Clormann)
266
2672.4.0a (08-11-2007):
268 * fix compile failure with --enable-static (reported by S. Clormann)
269 * fix potential deadlock if SIGHUP is received while suspended
270
2712.4.0 (01-11-2007):
272 * eliminate alarm() for I/O timeout (replaced by select)
273 * use getgrgid_r, getpwnam_r, getpwuid_r, gmtime_r, localtime_r,
274 rand_r, strtok_r if available
275 * protect readdir(), getpwent(), gethostname() with mutexes
276 (readdir_r considered harmful)
277 * make checksum/hash, entropy, rng functions reentrant
278 * use thread-specific conversion buffer for globber()
279 * fixed compile problems and problems with test suite
280 * modify login watch to run as thread
281 * modify process check to run as thread
282
2832.3.8 (03-10-2007):
284 * new option PortCheckIgnore = interface:portlist
285
2862.3.7 (13-09-2007):
287 * Makefile.in: fix 'make deb' target, wrong name of config file
288 written to debian/conffiles (reported by marc)
289 * configure.ac: fix incorrect order of with-prelude, enable-static
290 (libprelude test was always without -static)
291
2922.3.6 (06-09-2007):
293 * added yuleadmin.pl script contributed by Riccardo Murri
294 * fix compile error with -f-stack-protector on some systems (reported
295 by marc); we now check for libssp
296 * fix local DoS attack on BSD systems lacking getpeereid() (reported
297 by Rob Holland).
298 * fix yulectl password reading from $HOME/.yulectl_cred, erroneously
299 rejected passwords with exactly 14 chars (reported by Jerry Brown)
300 * introduce 'fflags' flag for suid files to detect new files already
301 found in regular file check (problem reported by J. Crutchfield);
302 also add regression test to ascertain that files in baseline
303 database are not quarantined erroneously
304 * sh_hash.c: replace check for prefix 'K' with check for not prefix'/'
305 to allow for arbitrary module-specific store/lookup in db
306 * replace 'visited', 'reported', 'allignore' with generic 'fflags' field
307 * sh_cat.c: reduce priority of MSG_TCP_RESET to avoid spamming if
308 port checking is used on same host as server (reported by kadafax)
309 * Install.sh: don't use --separate-output with non-checklist
310 widgets (problem discovered by D. Denton)
311 * sh_gpg.c, sh_userfiles.c: use sh_getpwnam et al. wrappers
312
3132.3.5 (20-06-2007):
314 * sh_portcheck.c: try to tear down connections more gracefully
315 (request by S. Petersen)
316 * fix incorrect handling of files with zero size in GrowingLogFiles
317 (problem reported by S. Petersen)
318 * fix incorrect encoding of null checksums in stealth mode
319 * sh_hash.c: fix repeated printing of acl/attributes in database dump
320 * sh_unix.c: fix option useaclcheck ignored if both useaclcheck and
321 useselinuxcheck are supported
322
3232.3.4 (01-05-2007):
324 * sh_processcheck.c: fix missing init of sh_prochk_res array before
325 check (leads to degrading functionality over time and 'fake pid'
326 warnings; reported by D. Ossenbrueggen and
327 soren dot petersen at musiker dot nu)
328 * sh_processcheck.c: fix memory leak
329 * sh_kern.c: for 2.6.21+ don't check proc_root_lookup (not possible
330 anymore? proc_root_inode.lookup != proc_root_lookup)
331 * sh_extern.c: flush streams before forking (problem if [Prelink]
332 used together with prelude logging, reported by M. deJong)
333 * fixed compilation of kern_head (regression cause by cross-compiling
334 fix; problem reported by S. Clormann)
335 * more typos fixed (reported by John Horne)
336
3372.3.3 (27-03-2007):
338 * fixed typos in configure.ac and manual (reported by John Horne)
339 * don't use mysql_options on x86_64, since libmysql is broken
340 * fixed cross-compiling (patch by Joe MacDonald)
341 * refactor sh_kern.c, sh_suidchk.c
342 * fix bug with leading slashes in linked path of symlinks within
343 the root directory
344 * sh_kern.c: check PCI ROM (Linux), refactor code
345 * move file descriptor closing more towards program startup
346 * kernel check: support OpenBSD 4.0 (wishlist)
347 * fix samhain_hide module (in-)compatibility with recent kernels
348 (reported by Jonny Halfmoon)
349
3502.3.2 (29-01-2007):
351 * fix regression in full stealth mode (incorrect comparison of
352 bytes read vs. maximum capacity), reported by B. Fleming
353
3542.3.1a (21-01-2007):
355 * fix incorrect use of sh_gpg_fill_startup if option --with-fp is used
356 (reported by zeroXten)
357
3582.3.1 (21-01-2007):
359 * fix bug that may cause accidental closure of yule TCP socket
360 (problem reported by B. Masuda)
361 * fix sh_kern.c for kernel 2.6.19 (reported by S. Clormann)
362 * don't use sstrip in 'make deb', since dh_shlibdeps uses objdump
363 (reported by B. Masuda)
364 * rm report.pl from rules.deb.in (reported by B. Masuda)
365 * samhainctl(): longer timeout (bad status reporting at startup,
366 reported by Phil and by Dan Track)
367 * sh_portcheck.c: make connect errors more descriptive
368 * sh_portcheck.c: fix ignored setting of PortCheckActive
369 * sh_processcheck.c: add statvfs, and wrap for EINTR
370 * sh_portcheck.c: add wrappers for EINTR
371 * report user and executable for hidden processes
372 * fix update failure if reportonlyonce = false (reported
373 by D. Strine)
374 * fix compile error in sh_portcheck.c (problem on cygwin
375 reported by J. D. Fiori)
376 * check filenames ending in space (also for utf8 spaces)
377 * check and escape csv formatted db listing
378 * cache results of sl_trustfile_euid()
379 * trustfile: use 4096 for MAXFILENAME, switch to strncpy
380 * CL option -v|--version for info on version and compiled-in options
381
3822.3.0a (01-11-2006):
383 * fix compile failure with portcheck + stealth (reported by lucas)
384
3852.3.0 (01-11-2006):
386 * fix concurrency for inserts in oracle db
387 * add acl_(new|old) to database schema
388 * check for selix attributes and/or posix acl
389 * new option UseSelinuxCheck (bool)
390 * new option UseAclCheck (bool)
391 * regression tests for above
392 * add module to check for open ports
393 * add module to check processes (hidden/fake/missing)
394 * use const char* for argument of module configuration callbacks
395
3962.2.6 (31-10-2006):
397 * fix missing support for MacOX X init script (reported
398 by Daniel Kowalewski)
399 * fix error about non-readable file with no checksum required
400 * fix server warning about 'no server name known'
401 * fix 'make deb' makefile target
402 * fix default export severity for server
403
4042.2.5 (05-10-2006):
405 * fix broken Install.sh, reported by Alexander Kraemer
406 * workaround for glob(3) sillyness on MacOS X (reported by David)
407 * fix for broken resorce fork check (reported by David)
408 * fix for broken compilation on cygwin (reported by Elias)
409
4102.2.4 (03-09-2006):
411 * add regression test for the GrowingLogFiles issue to test suite
412 * fixed sh_unix.c: bug in database init if GrowingLogFiles used
413 with signed database (reported by Timothy Stotts)
414 * bug in manual fixed (incorrect documentation of --enable-user,
415 noticed by M. Brown)
416 * rc.subr compatible init script for FreeBSD/NetBSD
417 * improve routine to find rpm after build
418 * add netbsd rc file from Brian Seklecki (taken from pkgsrc-wip)
419 * fix error in manual (location of lock file)
420 * fix bug with SuidExclude (files in directory were still checked)
421
4222.2.3 (31-07-2006):
423 * fix samhainadmin.pl: check for gpg-agent running if use-agent is set
424 (ticket #28 by anonymous)
425 * fix stealth mode (regression in parser), problem reported by
426 Joschi Kuphal
427 * fix minor typo in sh_database.c (compile problem reported by
428 Joschi Kuphal)
429
4302.2.2 (17-07-2006)
431 * minor fixes for regression test scripts
432 * minor updates to the manual (suggested by Brian A. Seklecki)
433 * fix sh_kern.c, kern_head.c: kernel rootkit detection for 2.6.17+
434 (problem reported by Leonhard Maylein)
435 * fix samhain_hide.c for 2.6.17+: use module_param() if MODULE_PARM
436 is not defined
437
4382.2.1c (11-07-2006)
439 * fix sh_extern.c: sh_ext_add_default() cast to (void) was too early
440 (Solaris 8 build failure reported by Jesse)
441 * fix sh_unix.c: wrong prototype for sh_unix_mlock()
442 if HAVE_BROKEN_MLOCK (AIX 5.2 build failure reported by
443 Jonathan Kaufman)
444
4452.2.1b (20-06-2006):
446 * fix compile error on SuSE 10.1 (reported by Leonhard Maylein)
447
4482.2.1a (15-06-2006):
449 * fix compile error on i686/MacOS X (reported by Andreas Neth)
450
4512.2.1 (13-06-2006):
452 * fix gcc 4 warnings and build failure on x86_64 (debian bug #370808)
453 * fix compiling with Oracle (noticed by Colapinto Giovanni)
454 * fix configure.ac for most recent autoconf version
455 (debian bug #369503)
456 * fix a regression that would make impossible local updates w/clients
457 * fix a few missing '\n' in sh_getopt.c
458 * sh_kern.c: fall back on mmap() if read() fails on /dev/kmem
459 * fix Solaris package creation
460 * recognize Solaris doors and event ports
461 * fix the idmef_inode_t patch: provide required info to avoid stat()
462 * fix bug on database update: fill in dev and rdev fields
463 * fix get_file_infos() in sh_prelude.c: avoid premature return
464 * GCC_STACK_PROTECT_CC: AC_TRY_COMPILE -> AC_TRY_LINK
465 * deploy.sh: allow to set a group for hosts upon installation
466 * patch by Yoann: fix an issue when setting the idmef_inode_t object
467 * fix memory leaks in error paths in sh_prelude.c
468 * fix concurrent inserts with postgres in sh_database.c
469 * code cleanup
470 * fix manual version in spec file, first noticed by Imre Gergely
471
4722.2.0 (01-05-2006):
473 * patch by Jim Simmons for samhainadmin.pl.in
474 * fix testsuite portability problems
475 * fix md5 endianess problem detected on HP-UX 11i / PA-RISC 8700
476 * fix potential NULL dereference in sh_utmp_endutent()
477 * patch by Neil Gorsuch for suidchk.c (do not scan lustre, afs, mmfs)
478 * fix sh_ext_popen (OpenBSD needs non-null argv[0] in execve)
479 * fix make_tests.sh portability (echo '"\n"' does not work on OpenBSD)
480 * fix bug in sh_utils_obscurename (check isascii)
481 * scan h_aliases for FQDN if h_name is not
482 * add copyright/license info to test scripts
483 * add copyright/license info to deployment system scripts
484 * support server-to-server relay
485 * new CL option --server-port
486 * minor improvements in manual
487 * patch by Yoann Vandoorselaere for sh_prelude.c
488 * allow --longopt arg as well as --longopt=arg
489 * verify checksum of growing log files (up to previous size)
490 * rewrite of the test suite
491 * added a bit of unit testing
492 * minor optimizations in various places
493 * optimized implementation of tiger checksum algorithm
494 * read in 64k blocks (faster than 4k)
495 * sh_unix.c, sh_hash.c: support file flags on *BSD, update Linux
496 file attribute code
497 * kern_head: fix compilation of kernel check module on OpenBSD
498 * updated samhainrc.linux, samhainrc.freebsd
499 * sh_unix.c: fix setrlimit (RLIMIT_NOFILE, ..)
500 * sh_files.c: fix missing use of flag_err_info
501 * sh_tiger0.c: remove repetitive use of mlock
502 * slib.c: remove fcntl's from sl_read_timeout (caller sets O_NONBLOCK),
503 add function sl_read_timeout_prep
504
5052.1.3 (13-03-2006):
506 * fix compile problem in slib.c (reported by Lawrence Bowie)
507 * fix bug with combination of one-shot update mode and file check
508 schedule (reportedby Dan Track)
509 * improved the windows howto according to suggestions by
510 Jorge Morgado
511 * fix samhain_hide kernel module for new linux kernel versions
512 * fix minor problem with dead client detection (problem reported
513 by Michal Kustosik)
514
5152.1.2 (10-01-2006):
516 * fix startup error with combination of gpg+prelude
517
5182.1.1a (22-12-2005):
519 * fixed a stupid bug in sh_files.c (break if file = dir)
520
5212.1.1 (21-12-2005):
522 * sh_calls.c: protect sh_calls_set_bind_addr against overriding
523 * comINSTALL, updateDB: use locking
524 * samhainadmin.pl: use locking
525 * fix typos in samhainrc.solaris (noticed by Robby Cauwerts)
526 * improve zAVLSearch (remove redundant strcmp)
527 * use AVL tree in sh_files.c instead of linked list (better scaling)
528 * fix bug with suidcheck (no update/check in one-shot mode with
529 schedule instead of check interval; noticed by R. Rati)
530 * fix for problem with '-t update -i' if daemon mode (problem report
531 by Peter van der Does)
532 * fix for bug in sh_util_ask_update (two returns were required ...)
533
5342.1.0 (31-10-2005):
535 * minor fix for cross-compiling with --with-kcheck
536 * sh_forward.c: handle bad fds in the select() fd sets
537 (reported by hmy)
538 * sh_extern.c: fix debugging code
539 * slib.c, sh_calls.c, sh_calls.h: improve handling of O_NOATIME
540 (reported by Gabor Kiss)
541 * makefile.in: fix for solaris package creation
542 * sh_mail.c, sh_readconf.c: mail filtering options
543 * sh_database.c: Oracle reconnect on connection failure
544 (bug report by Alexander A. Sobyanin)
545 * sh_unix.c: don't purge MYSQL_UNIX_PORT environment variable
546 (problem reported by Peter)
547 * sh_calls.c: fix for a HP-UX accept() problem caused by the gcc4 fix
548 * fixes for gcc 4.0.2 compiler warnings
549 * ability to use daemon mode together with update
550 (wishlist Yoan Vandoorselaere)
551 * fixes for debugging
552
5532.0.10a (22-08-2005):
554 * fix for overlapping directory check specification (reported by Bub)
555
5562.0.10 (21-08-2005):
557 * fix for segfault (free() on a constant string) with libprelude
558 (problem reported by Grae Noble)
559 * upgrade FreeBSD kernel check to 5.4, minor fixes
560 * useful script for users of Linux kernel check
561 (contributed by marc heisterkamp)
562 * documentation improvements (suggested by Brian Seklecki and Robby)
563
5642.0.9 (25-08-2005):
565 * samhain_erase.c: add #define for NULL
566 * sh_suidchk.c: fix incorrect use of escaped filename
567 * sh_prelude.[ch], sh_readconf.c: configurable mapping from
568 samhain severity to prelude severity
569 * sh_unix.h: second arg of gettimeofday should be NULL
570 * sh_files.c: fix checking of directory special file (use specified
571 policy, not that of parent dir, problem found by Brian A. Seklecki)
572 * sh_entropy.c: longer timeout for entropy collector
573 * sh_socket.c, sh_forward.c: allow probing of clients for
574 necessity of configuration reload
575 * yulectl: minor fixes, option -v (verbose), new command PROBE
576 * fix 'File not found' messages for files flagged with IgnoreMissing
577 * sh_database.c: strip newline from oracle error messages
578 * sh_files.c: fix rsrc fork issue with MacOS X Tiger
579 (reported by A. Koren)
580 * never compute checksum if not checked (problem report by D.Hughes)
581 * sh_prelude.c: cleanup and bugfix by Yoann
582 * sh_hash.c: for prelude, make sure mode is supplied with user/group
583 and vice versa
584 * sh_prelude.c: provide proper FileAccess objects (bug
585 report by Mihai Ilinca)
586
5872.0.8 (03-07-2005):
588 * configure.ac: use $LIBPRELUDE_PTHREAD_CFLAGS rather than
589 $LIBPRELUDE_CFLAGS (bugfix by Yoann)
590 * samhain.spec.in: remove support for chkconfig (it's too buggy).
591 Strangely, if invoked as install_initd it behaves sanely ...
592 * src/sh_err_log.c: fix key input (this time for real)
593 * fix --with-altlogserver (bug from 2.0.7b)
594 * remove server socket in start/stop script
595
5962.0.7e (not released):
597 * Makefile.in: introduce a total of 6 sec delay for 'make' utilities
598 that use 1 sec resolution, and consider target out-of-date if
599 timestamp(target) = timestamp(dependency) ...
600 * src/sh_err_log.c: fix key input
601 * another fix for yulectl (use pwent->pw_dir)
602 * dsys/comINSTALL, dsys/comUNINSTALL, dsys/comBUILD: fix PATH
603
6042.0.7d (not released):
605 * one more fix for the spec file (stupid rpm finds tags in comments!!!)
606
6072.0.7c (not released):
608 * test/testrun_1b.sh, test/testrun_2b.sh: use $GPG_PATH
609 * dsys/comINSTALL, dsys/funcDB, dsys/funcINSTALL: some bugfixes
610 * samhain-install.sh.in: fix test -z $verbose
611 * sh_hash.c: speedup database reading
612 * Makefile.in: fix the problem that BSD make would make too much
613 * deploy: yulerc.clients -> yulerc.install.db, provide
614 $defdatabase for backward compatibility
615 * deploy: allow for comma in client_install_date
616
6172.0.7b (not released):
618 * hp_ux.psf.in: fix psf file
619 * dsys/comINSTALL: fix $yule_date -> $yule_data
620 * Makefile.in: fix 'make depot'
621 * sh_tools.c, sh_unix.c: fix detection of open file limit
622 * sh_readconf.c: reset read_mode after reading conf file
623 * yulectl.c: better error messages, use homedir from getpwuid(geteuid)
624 * init/samhain.startLSB.in: fix misleading message in lsb init script
625 * sh_forward.c: better display for nonce u in debug mode
626 * sh_tiger*.c: fix checksum for HP-UX 64bit
627 * samhain.c: don't fetch database twice
628 * configure.ac: accept nodename for --with-logserver=...
629 * samhain_setpwd.c: return proper exit status for samhain_setpwd
630 * respond to SIGTERM on initializing
631 * fix problems with samhainadmin.pl
632 * sh_utils.c: fix bug with AddOKChars (found by Karol)
633
6342.0.7a (not released):
635 * remove 'df' from entropy gatherer (NFS may hang)
636 * modify va_copy check (doesn't work with HP-UX PA64 compiler)
637 * fix compile warnings in sh_database.c
638 * samhain-install.sh.in: check for /usr/bin/false in /etc/shells
639 * fix install-boot on HP-UX
640 * aclocal.m4: fix configure CL parsing to recognize VAR=VALUE
641
6422.0.7 (11-06-2005):
643 * yet another fix for the spec file (use internal dependency generator)
644 * sh_error.c, sh_prelude.c: init libprelude after open fds are closed
645 * error message if queue is full
646 * fix two compiler warnings on HP-UX
647 * fix sh_mail.c for Interix (no resolver routines)
648 * fix sh_unix_initgroups2() if no initgroups() function (bug reported
649 by Geries Handal)
650 * remove references to 'struct timezone' (Interix; problem
651 reported by Geries Handal)
652 * init/stop for prelude on SIGHUP
653 * sh_cat.h: fix a stupid bug with messages classes
654 * manual: new section on nagios (with help from kiarna),
655 more on prelude
656 * sh_prelude.c: cleanup and improvements (Yoann Vandorselaere)
657 * default prelude profile name now is 'samhain' (lowercase)
658 * sh_readconf.c: new option PreludeProfile (by Yoann Vandorselaere)
659 * remove obsolete check for linux/module.h, linux/unistd.h
660 * remove dependency on virtual/glibc in gentoo ebuild
661 (problem reported by Willis Sarka)
662
6632.0.6 (01-03-2005):
664 * sh_prelude.c, configure.ac, aclocal.m4: support for
665 libprelude 0.9 (Yoann Vandoorselaere)
666 * sh_html.c: fix bug with entry.html template (reported by
667 Stephane Sanchez)
668 * Install.sh: fix mandir option (reported by Rodney Smith)
669 * Fixed Linux/64bit bug in definition of EUIDSLOT
670 * New targets 'make depot', 'make depot-light' (HP-UX, untested)
671 * Use sstrip for RPMs and DEBs (automatic stripping disabled)
672 * Fix aclocal.m4 for autoconf 2.59 (missing $ac_cr_alnum et al.,
673 problem noticed by Yoann Vandoorselaere)
674 * Modify samhain.spec.in to disable automatic stripping upon install
675 * Fix deploy.sh + '--enable-gpg', and fix 'make rpm' and 'make deb'
676 for '--with-khide' (problems reported by Mark)
677 * Fix compile error in sh_tools.c on HP-UX 10.20
678 (problem reported by Dennis Boylan)
679 * Runtime configuration of server listening port (wishlist)
680 * Runtime configuration of server listening interface (wishlist)
681 * Ignore SIGTTIN (consistency)
682 * Use SIGTTOU to force file check (wishlist)
683
6842.0.5b (01-04-2005):
685 * Fix build problem b/o timestamp on stamp file
686
6872.0.5a (16-03-2005):
688 * Fix problem with 'make rpm' (reported by Dirk Brümmer)
689
6902.0.5 (02-03-2005):
691 * Fix bug with partial reads from clients in server
692 (bug report by Brian)
693 * Support gpg checksum bootstrap with yule
694 * Support mount option check on HP-UX
695 * For MAIL FROM, use 'example.com' as domain part if
696 hostname is numeric (problem reported by Eric Raymond)
697 * The HOWTO-write-modules has been updated.
698 * Convenience functions to insert data in database have been
699 added.
700 * Use int0x03 only on i386 in sh_derr() (portability problem
701 reported by John Mandeville)
702
7032.0.4 (09-02-2005):
704 * Fixed broken 'make deb' (problem report by olfi)
705 * Fixed minor bug in test scripts (detection of gmake vs. make)
706 * Fixed Tru64/OSF compile warnings (reported by B. Terp)
707 * Normalize list parsing to allow comma, space, and tab as separators
708 * Some more descriptive error messages in kern_head.c
709 * Absolute path to utilities in init/samhain.startLinux.in
710 * Fixed is_root variable in deploy.sh
711 * Fixed 'deploy.sh info'
712 * Fixed 'deploy.sh install' client startup
713 * Fixed 'make tbz': don't remove ebuild scripts in 'make dist'
714 (issue reported by W. Sarky)
715
7162.0.3 (14-12-2004):
717 * Fix CPPFLAGS with mysql/postgresql (repoted by P. Smith)
718 * Fix missing sys/time.h include in slib.c (reported by Jonas)
719 * Workaround for file closing problem with Prelude+GPG
720 * Fixed memory leak with Prelude.
721 * Fixed bug in samhain_stealth (PGP signature not correctly
722 retrieved from hidden configuration; report and patch by V. Tuska)
723 * Added Perl script to concatenate file signature database files
724 * Fix compile error with combination of --enable-nocl and
725 --enable-stealth (reported by Zdenek Polach)
726 * Fix bug in dsys/initscript with --enable-nocl
727 * Fix declaration of sh_kern_timer()
728 * Fix missing Mounts+Userfiles options in appendix of manual
729 * Updated the README (bug report by H. Franzke)
730 * Fix some compiler warnings
731
7322.0.2a (09-11-2004):
733 * Fixed OoM condition when client rc file not found (reported by Eilko)
734
7352.0.2 (08-11-2004):
736 * Fixed buffer overflow in sh_hash_compdata() (only in 'update' code)
737 * Fixed uninitialized variable in sh_mail_msg() (problem reported
738 by Michael Milvich)
739 * Fixed potential NULL pointer dereference in sh_hash_compdata()
740
7412.0.1 (01-11-2004):
742 * Fixed compilation bug reported by jue (--with-kcheck broken).
743 * Fixed start option (bug reported by sanek). Behaviour wrt.
744 environment variables depended on the way the daemon was started.
745
7462.0.0 (31-10-2004):
747 * The deployment system has been rewritten from scratch in
748 a cleaner and more modular and extensible way. Deployment
749 of native packages is supported now.
750 * The build system has been revised. Building outside the source
751 directory is supported now.
752 * Support for checksumming of prelinked executables / libraries
753 has been added.
754 * The configure script now checks for the SSP/ProPolice patch in GCC,
755 and enables it if present.
756 * The install-boot option in samhain-install.sh has been fixed
757 (use absolute paths for sbin utilities).
758 * A nagios plugin (scripts/check_samhain.pl) has been added.
759 * The LSB (Linux Standard Base) init script has been fixed (the output
760 was incorrect).
761 * Fetching of built binary packages has been
762 fixed ($(PACKAGE)->@install_name@).
763 * For files in proc, the timeout has been reduced, and no error
764 messages are issued upon timeout.
765 * A function has been added to print out full details for missing
766 files if encountered while in sh_files().
767 * The reporting for SuidCheck has been fixed (incorrect policy
768 noticed by JiM).
769 * On Linux, SuidCheck does not report on files marked as candidates
770 for mandatory locking (group-id bit set, group-execute bit cleared).
771 * Fix for oracle init script (by Matt Warner)
772
7731.8.12b (11-10-2004):
774 * fix bug in MSG_MSTAMP (%ld -> %lu)
775 * fix bugs in sh_suidchk.c (%ld -> %lu), check fopen for NULL,
776 mkdir mode for quarantine directory
777 * fix the fix for modlist_lock search in System.map
778
7791.8.12a (01-10-2004):
780 * fix bug in samhain-install.sh.in (only occurs on Solaris), reported
781 by J. Roland
782
7831.8.12 (27-09-2004):
784 * fix compile bug with --enable-static + --with-database=postgresql
785 * fix search for modlist_lock in System.map
786 * password auth for yule command socket (request by D. Kocic)
787 * more info about pending/sent commands to clients
788
7891.8.11 (30-08-2004):
790 * fix static linking on Linux by use of replacement routines from
791 uClib - however, this means, there is no NIS support anymore
792 * new option AddOKChars=... to modify the set of characters for
793 filenames considered 'obscure'
794 * new option HardlinkOffset=... to specify an offset from the canonical
795 hardlink count for a directory
796 * fix some warning with HP 11.23 native compiler
797 * fix minor OpenBSD portability problems (EIDRM, compiler warning)
798 * samhainrc.5, samhain.8: updated the man pages
799 * sh_unix.c, sh_files.c: ignore 'no user/group' and 'obscure name'
800 for AllIgnore
801 * sh_kern.c: fix 'update' to display modifications
802 * sh_kern.c: fix bug with IDT check (spurious alerts b/o uninitialized
803 fields)
804 * stealth kernel modules: fix for linux 2.6, fix
805 redefine of KERNEL_VERSION
806 * warn about stealth kernel module problem with 2.6 in manual
807 * sh_unix.c: remove some cruft
808 * fix a typo in the manual (noticed by J. Rubin)
809 * configure.ac: re-order output from libprelude-config (required
810 for static linking - problem reported by E. Neber)
811 * kern_head.h, kern_head.c: fixes for Linux 2.6 kernel
812
8131.8.10b (13-07-2004):
814 * fix incorrect usage of 'retry_msleep()' in sh_kern.c (reported
815 by Pat Smith)
816
8171.8.10a (13-07-2004):
818 * depend-gen.c: fix for FreeBSD 'make' which does not understand
819 the dependencies ... (problem reported by David Thiel)
820
8211.8.10 (13-07-2004):
822 * sh_unix.c/sh_unix.h: fix defaults for 'GrowingLogFiles' policy
823 (bug report by VZoubkov)
824 * fix some warnings (unreachable statement) with HP-UX native compiler
825 * kern_check.c: silence warning about 'sendfile' for 4.10
826 (noticed by Ryan Beasley)
827 * modify depend-gen.c to ignore sh_gpg_chksum.h
828 * add a non-plaintext version of GPG_HASH (sh_gpg_chksum.h)
829 * .. and for fingerprint
830 * sh_suidchk.c: fix some compiler warnings on solaris
831 * allow commas to separate multiple entries in a RedefXXX= directive
832 * replace sleep/usleep with nanosleep wrapper function
833 * replace alarm() for read timeout with select() in sl_read_timeout
834 (should fix bug reported by Scott Kelley)
835 * increase lstat/open timeout to 6 sec
836
8371.8.9 (16-06-2004):
838 * made 'no action specified' error message more informative
839 (suggested by Stephen Gill)
840 * fix memory leak in mysql sh_database_query() (bug report by Dejan)
841 * remove some cruft from the code
842 * sh_files.c: check MacOS X resource forks (idea from Osiris)
843 * sh_files.c: no hardlink check for MacOS X
844 * sh_util_ask_update: fix bug with no terminal in non-interactive mode
845 (report and debug data by Kris Dom)
846 * manual refactored
847 * fix redundant messages when updating with suidcheck
848 * allow interactive update for suid files
849 * don't remove the TZ environment variable to guard against
850 misconfigured hosts
851 * also use gethostname if uname returns possibly truncated name
852 * fix improper file descriptor handling in sh_mail.c (bug report
853 by Alex Weiss)
854 * cleanup MBLK cruft
855 * use SH_ALLOC/SH_FREE in sh_prelude.c
856 * update sstrip to Version 2.0
857
8581.8.8 (25-05-2004):
859 * fix compilation problem on AIX 5.2 (nameser_compat.h; report by
860 Tim Evans and Ian McCulloch)
861 * don't check for trusted paths on Cygwin
862 * add Windows HOWTO written by Kris Dom
863 * kern_check.h: extend FreeBSD syscall table for 5.x
864
8651.8.7a (03-05-2004):
866 * sh_mail.c: fix subject length
867 * sh_mail.c: fix the sh.mailNum.alarm_last fix (report by Kris Dom)
868 * sh_utils.c: sh_util_ask_update(): fix ISO C conformance bug
869 (compile problem reported by Kris Dom)
870
8711.8.7 (01-05-2004):
872 * sh_mail.c: fix incorrect count of sh.mailNum.alarm_last, causing
873 empty mails (introduced with segfault fix in 1.8.6, report
874 by Kris Dom)
875 * sh_utils.c: sh_util_ask_update(): check whether stdin is a terminal,
876 try to reopen on controlling terminal if not
877 * sh_utmp.c: fix order of options (problem report by Uri)
878 * sh_files.c: sh_files_chk(): set tmp = NULL at end of loop
879 (may cause segfault on null dereference for missing files)
880 * sh_unix.c: patch by Marc Schütz (order of sh_unix_getinfo_type,
881 sh_unix_getinfo_attr)
882 * don't use dh_installmanpages in 'make deb' (samhain/yule conflict
883 reported by xavier)
884 * on HP-UX, define _XOPEN_SOURCE_EXTENDED in sh_mail.c and sh_tools.c
885 (suggested by Kris)
886 * include nameser_compat.h in sh_mail.c (for MacOS X,
887 suggestion by jna)
888 * sh_utmp.c: fix time for logout events (reported by Erich
889 van der Velde)
890
8911.8.6 (15-04-2004):
892 * add CL option to set threshold for prelude and RDBMS
893 * sh_mail.c: fix bug with MailSubject option (segfault on NULL pointer
894 dereference; reported by Micha Silver)
895 * fix compiling with --disable-encrypt (reported by Pat Smith)
896 * fix minor problem in scheduler (don't return before all schedules
897 are tested, to set last_exec correctly)
898
8991.8.5 (05-04-2004):
900 * fix bugs in sh_utmp.c (unlinking of list head); may fix an OpenBSD
901 problem (endless loop; report and debugging aid by Joe MacDonald)
902 * fix hardlink check (null dereference in error message, segfaults
903 on solaris - noticed by Bob Bloom)
904 * sh_suidcheck: don't truncate quarantined file if nlink > 1
905 * fix Install.sh (no --seperate-output with --radiolist); patch by
906 Greg Kimberly
907
9081.8.4 (17-03-2004):
909 * add Prelude patch by Patrice Bourgin
910 * add license statement to sh_mounts.c, sh_userfiles.c after
911 receiving a clarifying e-mail from Cian Synnott
912 * support UsePersistent = no for Oracle (problem spotted and fix
913 tested by Michael Somers)
914 * fix bug in samhainadmin.pl
915 * sh_gpg.c: describe type of gpg error (if any)
916 * fix persistent connections with postgresql (reported by
917 Erwin Van de Velde)
918 * prelude: local 'meaning' shadows global in sh_prelude_alert
919 (spotted by David Maciejak)
920 * uname: workaround for cases where nodename would be a possibly
921 truncated FQDN (problem reported by Cian Synnott)
922 * re-write parts of sh_kern.c, store kernel info in baseline database
923 -> no need to recompile after kernel upgrade
924 * modify timeouts in sh_unix_getinfo, add timeout warning
925 * change handling of dangling symlinks (store in db)
926 * fix typo with MSG_FI_OBSC2 (double slash)
927 * remove redundant operation in sh_utils_safe_name
928 * fix occasional random start bytes of long messages in
929 sh_error_string (sl_strlcat -> sl_strlcpy)
930 * provide details for missing files (as for added files)
931 * remove duplicate message for no such group/user
932 * add fixes for samhain.oracle.init (supplied by Michael Somers)
933 * fix date insertion for Oracle (fix by Michael Somers)
934 * manual: fix incorrect statement about RPM (noticed by
935 Lars Kellogg-Stedman)
936
9371.8.3 (02-02-2004):
938 * add a HOWTO-client+server-troubleshooting document
939 * fix another bug with SIGUSR2 (suspend mode)
940 * new option SetBindAddress (--bind-address=...) to force
941 interface for outgoing connections on multi-interface box
942 * don't link against libgmp if not required (i.e. standalone)
943 * test for ext2fs/ext2_fs.h or linux/ext2_fs.h
944 * new make targets 'emerge' and 'tbz2' for gentoo
945 * update rules.deb.in based on the Debian package
946 by Javier Fernandez-Sanguino
947 * updated config.guess, config.sub to version 2002-09-05
948 * external command: report failure only once
949 * console: reset failure status after success
950 * README.UPGRADE: explain 1.7.x <-> 1.8.x client/server compatibility
951 * use persistent connection to database by default
952 * option UsePersistent=no to switch off persistent connection
953
9541.8.2 (19-01-2004):
955 * sh_userfiles.c: new option UserfilesCheckUids (requested)
956 * sh_error.c: server: don't log to logfile before dropping root
957 * new script scripts/samhainadmin.pl (administrative tasks for
958 signed config/database files)
959 * add changes code to log_msg for reports on modified files
960 * change default log threshold to 'mark', as 'none' tends
961 to confuse new users
962 * faster response time for SIGUSR2
963 * revised (mostly backward-compatible) message classes
964 * fix missing check of mailTime in server select loop
965 * add support for libprelude (version 0.8.10)
966 * fix format for MSG_E_GRNULL (reported by Stefan Hudson)
967 * fix Bourne shell incompatibility (export) in samhain-install.sh
968 (first reported by David Thiel)
969 * fix typo in spec file (first reported by Christian Vanguers)
970 * remove some cruft (signal handler, memory handling)
971 * return from sigterm handler, rather than exit directly
972 (re-entrancy problem causes more problems than it's worth)
973
9741.8.1 (03-12-2003):
975 * fix gmp detection (problem pointed out by Nix)
976 * fix/improve the error message if test compiling with mysql fails
977 * new CL option --interactive for interactive db update
978 * fix some compiler warnings from IRIX MIPS compiler
979 * kern_head.h, kern_head.c: option to disable IDT check
980 * kern_head.h, kern_head.c: update kernel syscall table (2.4.20,2.6)
981 * sh_utmp.c: count number of logins (request by Erwin Van De Velde)
982 * change username -> userid, remove (long) userid (bug noticed
983 by Erwin Van De Velde)
984 * emit ADDED message for new SUID/SGID files
985 * add trailing slash to excluded directory if there is none
986
9871.8.0a (04-11-2003):
988 * sh_error.c: remove two debug printf's
989
9901.8.0 (31-10-2003):
991 * manual: make ps file fit on both a4 and letter paper
992 * sh_socket.c, sh_socket.h, sh_forward.c: socket interface
993 to send (quit/reload) commands to clients
994 * sh_forward.c, configure.ac: enable build with libwrap
995 (Wietse Venema's TCP Wrappers library)
996 * sh_ignore.c, sh_ignore.h, sh_files.c, sh_hash.c, sh_readconf.c:
997 new option to suppress messages for new and/or deleted files
998 * samhainrc.aix5.2.0: contributed by Christoph Kiefer
999 * samhain.c: fix compile warning on solaris (noticed by Ian Hunt)
1000 * sh_database.c: undef debug code for oracle
1001 * samhain.oracle.init: contributed by Joern Michael Krueger
1002 * configure.ac, sh_utils.ac, Makefile.in, sh_modules.c,
1003 sh_cat.c, sh_cat.h, sh_mounts.c/h, sh_userfiles.c/h:
1004 check-mounts and userfiles modules contributed by eircom.net
1005 * sh_utils.c: fix off-by-one bug in sh_util_compress()
1006 * sh_forward.c, sh_tools.c, configure.ac:
1007 version 2 client/server protocol
1008 * sh_mail.c: add %S to include severity in subject (user request)
1009 * sh_suidchk.c, 1093: fix warning about unused var 'flags' on FreeBSD
1010 * samhain.h, sh_unix.h, sh_unix.c: extern inline -> static inline
1011 for --enable-ptrace
1012 * samhain.c: lower priority for 'uninitialized module' message
1013 * sh_entropy.c: lower priority for message if /dev/random blocks and
1014 /dev/urandom is available
1015 * improved error messages in sh_readconf.c
1016 * print system error message for getpwuid, getgrgid
1017 * fix missing module init after SIGHUP (noticed by Cian Synnott)
1018
10191.7.12 (13-10-2003):
1020 * sh_mail.c: fix buffer overflow in mail handler (introduced in 1.7.10)
1021 thanks to bug reports by Jason Martin and Matthew P. Cox
1022
10231.7.11 (01-09-2003):
1024 * samhain.c, samhain.h, sh_unix.c, sh_forward.c, sh_html.h:
1025 - change SIG_USR1 to switch between dbg on/off
1026 - change SIG_USR2 to switch between suspend on/off
1027 - fix CLT_ILLEGAL to actually work
1028 - introduce new state CLT_SUSPEND
1029 - force reauthentication after suspend
1030 * slib.c: change MAXFD from FOPEN_MAX (16) -> 1024
1031 * sh_suidchk.c: better AIX fs detection (Christoph)
1032 * sh_entropy.c: increase buffer size for unix entropy gatherer
1033 (problem reported by D. Danielson)
1034 * default config files: add lots of comments, list more options
1035 * sh_error.c: set default severities to 'crit'
1036 * sh_readconf.c, sh_cat.c, sh_cat.h: stricter check on config
1037 file syntax, issue warnings (triggered by C. Kiefer)
1038 * Makefile.in: handle depend-gen errors more gracefully
1039 * sh_err_console.c: fix bug in enable_msgq (reported by F. Behrens)
1040 * configure.ac: workaround for mysql_config weird output
1041 (reported by G. Faron)
1042 * sh_unix.c, sh_tiger0.c: check IO limit during read of large files
1043 * depend-gen.c: close streams before attempting to rename (Cygwin)
1044 * Makefile.in: fail gracefully if depend-gen fails
1045 * sh_database.c: sh_database_query(postgresql): fixed missing SL_ENTER
1046
10471.7.10 (27-07-2003):
1048 * FreeBSD init script: define $pidfile (reported by D. Thiel)
1049 * sh_unix.c, sh_unix.h: fix compile error on AIX 4.2
1050 * sh_schedule.c: fix bad array size
1051 * samhain.c: fix pid_t <> int casts
1052 * sh_kern.c: fix repetitive messages
1053 * configure.ac: try to bootstrap if TIGER192 not supported by gpg,
1054 provide a detailed error message
1055 * configure.ac: try harder to locate mysql
1056 * docs/Changelog: retroactively add release dates, if known
1057 * sh_mail.c: fix potential message truncation in mailer
1058 * sh_unix.c, samhain.c, samhain.h: make --enable-ptrace more portable
1059 * sh_readconf.c: fix segfault (dereference of uninitialized pointer)
1060 if --with-gpg and --enable-stealth are used together (reported
1061 by Anthony Caetano)
1062 * sh_unix.c, samhain.c, sh_calls.c: fix problems with descriptive
1063 error messages (larger GLOB_LEN, stat fills aud_err_message)
1064
10651.7.9 (30-06-2003):
1066 * sh_err_log.c: fix segfault on SIGABRT (dereference of freed memory),
1067 problems with SIGABRT noticed by Brian and Alf B Lervåg
1068 * deploy.sh.in: fix some bugs (found by Alf B Lervåg)
1069 * scripts/chroot.sh: fix typo (found by Alf B Lervåg)
1070 * configure.ac (khide): search also for 'd sys_call_table' (noted by
1071 cuek_saja)
1072 * strip whitespace before checking gpg checksum (noted by D. Thiel)
1073 * manual (faq section): explain how to stop console output
1074 * Makefile.in: fix re-naming of yule with --enable-install-name
1075 * HOWTO-client+server.html: fix typo (noted by xavier renaut)
1076 * configure.ac: escape '-' in awk regex (required by GNU awk 3.1.1)
1077
10781.7.8 (28-05-2003):
1079 * sh_unix.c: new mlock implementation with reference count
1080 and page alignment (fix for solaris problem)
1081 * kern_head.c: search also for 'xxxxxxxx d sys_call_table'
1082 * sh_html.c: write status comment (for Beltane 2)
1083 * add CL option --delimited for comma-delimited signature database dump
1084 * sh_mail.c: check exit status of push_list to fix counting bug
1085 (bug reported by Alan Moore)
1086 * configure.ac: add error message to --with-libs
1087 * fix spelling of $DAEMON in init script (noted by C. Grigoriu)
1088 * fix missing initgroups()
1089
10901.7.7 (06-05-2003):
1091 * sh_forward.c: fix bug if compiled with --enable-udp, but disabled
1092 in config file (found by Andy OBrien)
1093 * sh_database.c: sh_database_entry(): size -> c_size (two places)
1094 to fix writing of '\0' to arbitrary places :(
1095 (problem pointed out by Stefan Giesen)
1096 * profiles/*/configopts: fix --with-base -> --enable-base
1097
10981.7.6 (24-04-2003):
1099 * sh_forward.c, entry.html, head.html: fix/additions by Stefan Giesen
1100 * fix samhain_hide for the O(1) scheduler used by RedHat:
1101 configure.ac, acconfig.h: check for next_task in struct task_struct
1102 samhain_hide.c: use find_task_by_pid if no next_task in task_struct
1103 * samhain_erase.c: add MODULE_LICENSE("GPL") to fix warning
1104
11051.7.5 (15-04-2003):
1106 * sh_cat.c, sh_forward.c, sh_hash.c: fix double 'msg' tag
1107 * manual: point out the bmaxdata problem on AIX in faq section
1108 * trustfile.c: don't check symlinks (permissions of directory count)
1109 * sh_schedule.c: fix problem with daylight saving switchover
1110 * sh_samhain.c: close all open fd's >2 before reading the conf file
1111 * sh_unix.c: fix dereferenced NULL pointer when exiting on non-existing
1112 user
1113 * sh_forward.c: fix dereferenced NULL pointer when exiting on udp error
1114 * sh_forward.c: place timestamp code before select() timeout handler
1115 * fix incorrect class of timestamp messages (conflict with manual)
1116 * sh_readconf.c, sh_forward.c: new config option SetStripDomain
1117 * configure.ac: add warning if /lib/modules/`uname -r`/build/include
1118 not found
1119 * samhain_hide.c: adapt for RedHat 2.4 kernel (fetch sys_call_table
1120 address from System.map)
1121 * sh_err_syslog.c: fix for Solaris
1122 * samhain.spec.in: strip REQ_FROM_SERVER from config file install path
1123
11241.7.4 (21-03-2003):
1125 * configure.ac: fix bug in defargs (--with-base > --enable-base)
1126 * aclocal.ac: detect unsupported options
1127 * kern_check: add syscalls, skip unused syscalls
1128 * fix Manual (--enable.../--with... inconsistency)
1129 * add two HOWTOs (signed files, server/client)
1130 * moved manual into new subdirectory docs/
1131 * add admin scripts by S.Bailey/M.Redinger
1132 * option to have a version string in db file
1133
11341.7.3 (23-02-2003):
1135 * samhain-install.sh: use yule user key for signing on install
1136 * fix a bug in sh_err_console.c (attempted write to const char)
1137 * sh_gpg.c: if server, always use ~unprivileged_user/.gnupg
1138 * Makefile.in: make target 'trustfile' depend on config.h
1139 * configure.ac: don't use install_name before it is defined ...
1140 * sh_tiger0.c: fix bug in checksum computation introduced in 1.7.2
1141 * samhain.c: make sure daemon cannot be forced into 'update' mode
1142 * sh_hash.c: remove AIX workaround (AIX has been fixed meanwhile)
1143
11441.7.2 (04-02-2003):
1145 * sh_kern.c: use sys_call_table address from System.map
1146 * fix for reserved SQL keyword 'group'
1147 * add AC_SYS_LARGEFILE to configure.ac
1148 * allow separate client-specific log files for server
1149 * sstrip.c: compile sstrip code only for i386
1150 * sh_unix.c: closeall: don't close trace file
1151 * slib.c: don't trace sl_is_suid (leads to recursion in trace handler)
1152 * samhain-install.sh.in: fix detection of LSB compliant systems
1153 * sh_tools.c: get_client_*_file: lstat -> stat to allow symlinks
1154 * sh_forward.c: sh_forward_do_write: set O_NONBLOCK for fd
1155 (may block otherwise, for no good reason apparently ...)
1156 * samhain.spec.in: replace %configure with ./configure
1157 * sh_unix.c: re-write signal handling (use __malloc_hook et al. to
1158 check whether we are in the middle of a free/malloc/realloc/memalign)
1159 * sh_unix.c: use new safe_logger() function to log from signal handler
1160 * sh_err_log.c: fix xml
1161 *
1162 * fix Makefile.in to exit non-zero on compile failure
1163 * database init: create index on log_host, entry_status
1164 * sh_suidchk.c: fix path building
1165 * sh_tiger0.c: read larger blocks
1166 * sh_hash.c: cast inode to UINT32
1167 * sh_tools.c: check that config/database files size fits in uint
1168 * sh_error.c: export flag_err_debug to avoid unnecessary calls
1169 * sh_unix.c: save the open() call in sh_unix_getinfo_attr()
1170 * profiles/redhat_i386/bootscript: add # description field
1171 * deploy.sh.in: set owner + permissions for files in yule_filedir
1172 * profiles/debianlinux_i386: fix bootscript
1173 * Makefile.in: fix deploy file lists and targets (include init+scripts)
1174 * MLOCK GOOD/BAD -> SL_FALSE/SL_TRUE
1175 * sh_mail.c: GOOD/BAD -> SL_FALSE/SL_TRUE (AIX sys/param.h)
1176 * sh_err_syslog.c: split long messages rather than truncating
1177 * sh_error.c: allocate msg to fix truncation limit
1178 * sh_unix.c: closeall fd's >= 3 in non-daemon mode (inherited
1179 filedescriptors may exceed FOPEN_MAX, causing problems in
1180 sl_open_file)
1181 * sh_err_console.c: avoid stdio
1182 * trustfile: dirz: make swp[] static
1183 * slib.c: speed up sl_strlcat
1184 * clean up some bad heap allocation (PATH_MAX+(1|2) -> PATH_MAX)
1185 * remove some unused code
1186 * slib.c: support long long int in the snprintf replacement
1187 * configure.ac: new configure macro to check whether sa_sigaction works
1188 * Makefile.in: make sstrip, encode dependent on config.h
1189
11901.7.1a (08-01-2003):
1191 * fix a syntax error in samhain-install.sh.in
1192
11931.7.1 (07-01-2003):
1194 * search runlevel scripts in ./init or ./
1195 * handle all distro-specific Linux runlevel script issues
1196 within a single script
1197 * support install-boot on Yellow Dog Linux and Slackware
1198 * samhain-install.sh: fix a bug for unknown Linux
1199 ('"' not closed, DVER not set)
1200 * samhain-install.sh: check for /etc/yellowdog-release
1201 * sh_database.c: fix missing entry for 'userid' in attr_tab[]
1202 * fix debian.rules.in (disable sstrip)
1203 * update make targets: 'srpm', 'srpm-dist', 'rpm'
1204 * check for zlib if mysql is used
1205 * workaround for NetBSD bug with libresolve
1206 * fixed problems with spec files
1207
12081.7.0 (22-12-2002):
1209 * improved spec files (Andre Oliveira da Costa <brblueser@uol.com.br>)
1210 * sh_unix.c: fix a dereferenced static pointer in tf_trust_check
1211 * runlevel scripts: remove pid file after stop
1212 * make the data directory read-only for the daemon
1213 * treat 'localhost' specially in MX resolver
1214 * sh_err_log.c: set sh.flag.log_start == TRUE after writing </trail>
1215 * deploy.sh.in: fix quoting (fix by Simon Bailey)
1216 * slib.c: make sl_get_euid et al. behave well if uids not stored
1217 * trustfile.c: use euid = uid(SH_IDENT) if server
1218 * sh_mail.c: include an MX resolver
1219 * Makefile.in: install-user routine for user installation
1220 * have yule drop root
1221 * sh_tools.c: open_temp use logdir if server
1222 * unified options for runlevel script
1223 * HP-UX, IRIX runlevel scripts
1224 * AIX inittab entry
1225
12261.6.6 (13-12-2002):
1227 * configure.ac: solaris cc -O2 -> -xO2
1228 * sstrip.c: avoid alpha architecture
1229 * profiles/solaris/configopts: no --enable-static
1230 * sh_forward.c: sh_forward_req_file: copy argument to local array
1231
12321.6.5 (04-12-2002):
1233 * sh_utmp.c: set userlist = NULL in sh_utmp_end ()
1234 * sh_unix.c: do not assume that environ is sane
1235 * exit handler: write </trail>
1236 * sh_log_file(NULL): test sh.flag.log_start != S_TRUE
1237 * FreeBSD rc script does not blindly accept content of pid file
1238 * configure.ac: allow 'localhost' for log server
1239 * sh_calls.c: retry_connect: ntohs (port)
1240 * testrun_2[abc].sh: --with-logserver=localhost for client
1241
12421.6.4 (12-11-2002):
1243 * sh_tools.c: fix error when escaping '=<'
1244 * fix the 'make srpm' target
1245 * deploy.sh.in: avoid that client is named 'yule'
1246 * define memset to sl_memset
1247 * fix type cast of uid_t, gid_t
1248
12491.6.3 (31-10-2002):
1250 * fix options for Sun/Solaris native compiler
1251 * sh_unix.c: MSG_FI_LIST (line 2333): cast theFile->size to fix error
1252 * test sstrip on freebsd
1253 * default config file for freebsd
1254 * make target to build .deb packages
1255 * sh_readconf.c: fix bug in error message
1256 * samhain.c, sh_suidchk.c: fix initialization of suidchk
1257 * samhain-install.sh.in: don't remove config file by default
1258 * samhain-install.sh.in: support complete de-installation
1259 * samhain-install.sh.in: add support for Gentoo, FreeBSD, and Solaris
1260 * samhain-install.sh.in: check more paths
1261 * sh_unix.c: fix sys_siglist declaration [NetBSD portability issue]
1262 * sh_calls.c: save error message in retry_lstat()
1263
12641.6.2 (04-10-2002):
1265 * make target to build rpms
1266 * update samhain.spec.in, samhain.startRedHat
1267 * support DESTDIR, as in 'make DESTDIR=/what/ever install'
1268 * explicitely set -fno-omit-frame-pointer b/o gcc bug
1269 * mv configure.in to configure.ac to benefit from autoconf wrapper
1270 * sh_modules.c, sh_modules.h: add mod_reconf() to run at SIGHUP
1271 * slib.c: fix debug messages (no msgs for dlogActive <= 1)
1272 * sh_schedule.c, samhain.c, sh_suidchk.c:
1273 scheduler may accept multiple schedules
1274
12751.6.1 (04-09-2002):
1276 * sh_schedule.c: bugfix (executes only after first day)
1277 * rm obsolete WITH_TRACE stuff
1278 * new dlog() function for debug logging
1279 * some more descriptive error messages
1280
12811.6.0 (27-08-2002):
1282 * omit the -fomit-frame-pointer option (bugs in some gcc versions ?)
1283 * sh_error.c: fix escape mode when logging to database
1284 * sh_forward.c: fix error (twice escape) in recv_syslog_socket
1285 * sh_tools.c: change escape mode for server-received data
1286 * sh_mem.c: change ulong -> size_t in sh_mem_malloc()
1287 * configure.in: fix localstatedir if --prefix=USR
1288 * sh_hash.c: snprintf() -> sl_snprintf()
1289
12901.5.5 (07-08-2002):
1291 * sh_err_log.c: fix incorrect xml syntax for client messages
1292 logged by server
1293 * sh_err_log.c: fix incorrect '</trail>' entries on client EXIT
1294 * sh_files.c: introduce file_class_next
1295 this fixes the problem that a policy for the directory
1296 inode erroneously becomes a policy for the directory itself.
1297
12981.5.4 (17-07-2002):
1299 * sh_hash.c: fix buffer overflow with (micro-)stealth
1300 * sh_database.c: set path[] 1024 -> 12288
1301 * sh_database.c: set query[] 2048 -> 16383
1302 * sh_database.c: set values[] 1024 -> 16383
1303 * sh_forward.c: larger limit for message size (16 kB)
1304 * trustfile.c: set MAXFILENAME 2048 -> 4096
1305 * fixed a bug in the handling of filenames with embedded newlines
1306 * sh_files.c: fix missing sh_util_safe_name() in debug output
1307 * --with-sender can specify a full address
1308 * fix xml log in a backwards compatible way
1309
13101.5.3 (03-07-2002):
1311 * fix combination of stealth and sql logging
1312 * fix some more places where invalid UIDs/GIDs trigger errors
1313
13141.5.2 (01-07-2002):
1315 * include solaris config file from (sean [at] boran d.o.t com)
1316 * test for files/dirz defined twice in the configuration file
1317 * option to disable reverse lookup on outbound connections
1318 * option to use socket peer as client name (with name resolving)
1319 * sh_html.c: fix an HTML bug (twice </head><body>)
1320 * sh_suidchk.c: fix warning on AIX b/o dirname()
1321 * allow logging server -> syslog if yule is NOT configured to
1322 receive syslog messages
1323 * define PRIi64 to "lld" if undefined
1324 * invalid UIDs: use gid/uid as name, error level SeverityNames
1325 * minor fixes for connect_port
1326 * sh_hash.c: flush output of db listing before _exit()
1327 * configure.in: fix incorrect default ${install_name} for server
1328 * configure.in: try harder to find mysql.h / libpq-fe.h
1329 * sh_files.c: sh_files_checkdir:
1330 closedir() early to not exhaust OPEN_MAX
1331
13321.5.1a (30-05-2002):
1333 * fix missing LSB init script
1334
13351.5.1 (27-05-2002):
1336 * fix '-t update' option
1337
13381.5.0a (23-05-2002):
1339 * fix configure.in
1340
13411.5.0 (22-05-2002):
1342 * include solaris nosuid patch from (nathoo [at] co d.o.t ru)
1343 * similar fix for bsd nosuid
1344 * speed up -t update
1345 * convert manual to DocBook, distribute html and ps
1346 * fix some more problems with configure.in, Makefile.in
1347 * fix testsuite, add tests for udp, mysql
1348 * MSG_TCP_MSG: host -> remote_host
1349 * convert to autoconf 2.53
1350 * make c_bits.sh exit with status 0
1351 * sh_database.c #include "mysql.h" --> <mysql.h>, ditto libpq-fe.h
1352 to avoid dependency tracking problems
1353 * samhain.c remove *YULE* #ifdefs
1354 * acconfig.h remove *YULE* #undefs
1355 * samhain.c: procdirSamhain: lstat --> stat (allow symlink)
1356 * configure.in: add checks for correct user input
1357 * Makefile.in: add automatic dependency tracking
1358 * depend-gen: tool to figure out dependencies
1359 * chkconfig comments in redhat start scripts
1360
13611.4.8:
1362 * sh_database.c: fix missing attr_old, attr_new, (from)host columns
1363 * configure.in, Makefile.in: fix an error in the configfile
1364 definition with REQ_FROM_SERVER
1365 * sh_err_console, sh_err_log: avoid recurrent failure messages
1366 * timeout on read from files (/proc)
1367 * fix errrors with setjmp/longjmp/alarm
1368 * fix memory leak in server (~20 byte/file download in sh_tools, 930)
1369 * check gpg signature for files downloaded from server, add a
1370 regression test
1371 * fix chown in solaris bootscript
1372 * provide second scheduler for file check
1373 * provide scheduler for file check
1374 * provide scheduler for SUID check
1375
13761.4.7 (08-04-2002):
1377 * make daemon control LSB-compliant (arguments, exit status)
1378 * set log_ref = 0 for server messages
1379 * boolean option SetDBServerTstamp to disable entering server
1380 timestamps for received client messages into database
1381 * sh_suidcheck: check for "nosuid" mount option if getmntent is used
1382 * fix logrotate script in manual (reported by Scott Worthington)
1383 * don't strip numerical IP addresses
1384 * check item->status_now != CLT_TOOLONG in client_time_check()
1385 * set log_host to client in db client message
1386
13871.4.6a (20-03-2002):
1388 * define prefix in deploy.sh
1389
13901.4.6 (19-03-2002):
1391 * modify samhain_hide.c to hide processes on new Linux kernels
1392 * better error diagnostics in kern_head.c
1393 * fix compile error in all_items ()
1394 * check length of install-name in enable-khide (max is 15)
1395 * define exec_prefix in deploy.sh.in
1396 * make configure a bit more cross-compiler friendly
1397
13981.4.5 (07-03-2002):
1399 * Make sure missing file is reported even if ptr->reported == S_TRUE
1400 because the file has been added.
1401 * propagate 'reported' flag from sh_files_checkdir() into file list
1402 * close checkfd in sh_gpg_check_file_sign()
1403 * sh_derr(): kill(parent, SIGCONT) after ptrace(PT_DETACH,...)
1404 * use sh.srvcons.name in dbg() to get debugging info from daemon
1405 * option to log file timestamps with localtime instead of GMT
1406 * comment out MSG_FI_ADD in sh_dirs_chk () - obsoleted by mandatory
1407 sh_files_filecheck(directory) that triggers MSG_FI_ADD in sh_hash.c
1408 * set ptr->reported = S_FALSE; for reappeared files in sh_files_chk()
1409 to make sure re-disappearing will get reported
1410 * new function sh_hash_set_missing() to remove file record
1411 without (duplicate) 'missing' message
1412 * make sure all items are reported for added files
1413 * fix stealth mode with sh_kern (encode sh_ks.h -> sh_ks_xor.h)
1414 * clarify in the documentation which gpg options to use for signing
1415
14161.4.4 (11-02-2002):
1417 * check that parent process has exited before writing PID file
1418 * promote MGG_W_CHDIR to SH_ERR_ERR
1419 * add error message to sh_unix_testlock
1420 * fix missing _() macro in sh_aud_set_functions
1421
14221.4.3 (05-02-2002):
1423 * don't check attributes for symlinks (may cause device access)
1424 * add USE mysql; USE samhain; to samhain.mysql.init
1425 * point out the MessageHeader/mysql problem in manual
1426 * add -lz to LIBS for mysql
1427 * strip after install, avoid double strip
1428
14291.4.2 (27-01-2002):
1430 * support for EGD
1431 * fix some more problems with install-deploy / deploy.sh
1432 * fix a bug in profiles/suselinux_i386/bootscript (INSTALL_NAME_)
1433 * fixed the 'external logging' test (init rather than none in rc file)
1434
14351.4.1:
1436 * SuSE: include run level 4+5
1437 * install location of hiding kernel modules changed - some insmod
1438 variants do not test for /lib/modules/$(uname -r)/module_name.o
1439 * new make targets 'install-deploy', 'uninstall-deploy'
1440 * fixed make targets 'deploydir', 'deploydirfast'
1441 * bail on unsupported CL option in deploy.sh
1442 * fix various bugs in deploy.sh
1443
14441.4.0 (16-01-2002):
1445 * fixed missing 'dirname' on Mac OS X
1446 * fixed && tested for/with postgres
1447 * 'user=' -> 'userid=' (reserved word in sql)
1448 * fix the endianess + size of file database; this changes db format
1449 for any non-Linux OS
1450 * --enable-old-format for old (V1.3) database format
1451 * getopt, samhain.c, samhain.h: option -f to loop if not daemon
1452 * sh_hash: list numeric + char data to allow file db update on
1453 server side
1454 * sh_database: modify handling of integer (long) data
1455 * sh_database: datetime in database
1456 * sh_database: hash field in database
1457 * sh_database: rewrite database insert string construction
1458 [use INSERT INTO log (fields) VALUES (values);]
1459 * makefile suse 7.x runlevel entries
1460
14611.3.7 (06-01-2002):
1462 * fix incorrect escape in sh_tools_safe_name
1463 * fix sh_error_handle (4. argument) in sh_extern.c
1464
14651.3.6c:
1466 * fix segfault in sh_database (mysql logging) on solaris
1467
14681.3.6b (03-01-2002):
1469 * fix syntax error ('==') in Makefile.in
1470 * fix configure.in (path for /lib/modules/$(uname -r)/build/include)
1471 * fix sh_kern.c (redeclaration of 'j')
1472
14731.3.6 (03-01-2002):
1474 * sh_kern.c: check integrity of int 80h vector
1475 (SucKIT rootkit - Phrack 58)
1476 * make sure childs in sh_kern are wait()'ed for
1477 * provide start/stop/restart/reload/status interface
1478 * fix a potential segfault (dereferenced NULL pointer) in the server
1479 * use sh_util_flagval for sh_unix_setdaemon
1480 * documentation for logging to SQL database
1481 * configure.in: check for -I/lib/modules/$(uname -r)/build/include
1482 * fix trustfile.c to ignore invalid users
1483 * separate 'make install-samhain' and 'make install-yule'
1484 * separate default log/pid/config files for server/client
1485 - less problems running server and client on same host
1486 * rewrite deploy.sh(.in):
1487 - don't use (make|install) if deploying
1488 - use command line options
1489 - better integrate into server environment
1490 - write install db
1491 * always write a pidfile if daemon
1492 * don't use server's config file as fallback for downloading client
1493 * don't overwrite config file when doing 'make install'
1494
14951.3.5 (28-12-2001):
1496 * fix --enable-message-queue for newer glibc versions
1497 * log to SQL database: implemented, but undocumented yet,
1498 needs to be tested further
1499 * xml: escape received syslog messages
1500 * xml: rename 'time' to 'tstamp'
1501 * make targets: make [un]install-[boot-]yule
1502 (for server-only installation)
1503 * fix samhain_hide.c for 2.4 kernel
1504 * fix sh_kern for updated samhain_hide.c
1505 * new option -j to just list the logfile
1506 * sh_getopt.c: recognize -Dt check for -D -t check
1507 * sh_tiger0.c: fix compiler warning (memmove) on Solaris
1508
15091.3.4 (12-12-2001):
1510 * sh_suidchk.c: option to limit files per second
1511 * sh_unix.c: option to limit (kilo)bytes per second
1512 * sh_hash.c: fix potential problem with '\n' in filename
1513 (not backward compatible if there are filenames with '=')
1514
15151.3.3 (03-12-2001):
1516 * sh_readconf.c, samhain.h, samhain.c, sh_suidchk.c:
1517 option SetNiceLevel to set scheduling priority
1518 * sh_hash.c: bugfix for database listing on Solaris
1519 * taus_seed: bugfix for emergency backup rng seed
1520 * sh_util_safe_name: fix for XML
1521 * sh_utmp_set_login_activate: use sh_util_flagval
1522 * sh_utils.c: sh_util_obscurename: rm 'space' from list
1523 * more backtrace macros
1524 * sh_util_flagval: fix bug to recognize 1/0
1525 * fix test scripts testtimesrv.sh, testext.sh (test.sh 6/5)
1526 * rm stray debug fprintf in sh_srp.c
1527
15281.3.2 (27-11-2001):
1529 * sh_hash.c: fix an error introduced in 1.3.1
1530 * set RLIMIT_CORE to RLIM_INFINITY if --enable-debug
1531
15321.3.1 (25-11-2001):
1533 * slib.c: get backtrace with --enable-debug
1534 * sh_unix.c: allow core dumps when --enable-debug
1535 * configure.in: fix default message queue permissions
1536 * sh_suidchk.c: automatically include suid/sgid files in database
1537 * sh_suidchk.c: check all suid/sgid files
1538 * sh_hash.c: don't insert duplicates when reading the database
1539 * sh_utmp, sh_kern, samhain: fix 1sec offset in timer
1540 * sh_unix.c: don't require /dev/random to be non-world-writeable
1541 * server: fix segfault in zAVLTree.c if avltree == NULL (no clients)
1542 * client: fix segfault on Solaris if path_conf == NULL
1543 * testrun_1b.sh: \(^/.*\) -> \(/.*\) for Solaris sed
1544
15451.3.0 (31-10-2001):
1546 * support compiling with GNU gmp library
1547 * set 3 sec timer on client_time_check to avoid excessive (and
1548 unnecessary) calls under heavy load
1549 * replace sl_strlen with a macro
1550 * store client_t structure in AVL tree
1551 * database format incompatible with previous format, up the magic#
1552 * sh_html.c: cache entry template for speedup
1553 * slib.c: reset islong(double) in sl_printf_count
1554 * sh_hash.c: report on rdev change
1555 * sh_hash.c: print size in 64 bit
1556 * sh_hash.c: save in absolute size types
1557 * sh_unix.c: get values as appropriate type (time_t, dev_t, ...)
1558
15591.2.10:
1560 * update MANUAL
1561 * sh_unix.c: tiger_hash -> tiger_generic_hash
1562 * sh_readcon.c: DigestAlgo option
1563 * sh_tiger0.c: add MD5 and SHA1
1564 * sh_unix.c: fix minor problem with win2k/cygwin
1565
15661.2.9 (17-10-2001):
1567 * fix problem with entry template/empty hostname
1568 * fix MASK_USER_ (MTM -> ATM)
1569 * typo fixed in configure.in (${install_name} -> {install_name})
1570 * bugfix group_old -> size_old in XML code
1571 * skip armor header in signed files
1572
15731.2.8 (29-09-2001):
1574 * Mac OS X: in sh_getopt.c, rename table[] to op_table[] to avoid
1575 obscure compiler warning
1576 * Mac OS X: fix test scripts
1577 * Mac OS X: import newest config.guess, config.sub from ftp.gnu.org
1578 * implement deadtime in syslog recv code to protect against flooding
1579 * sh_err_log: sl_close(fd) if lock|forward fails
1580 * compliance with Filesystem Hierarchy Standard -- Version 2.2 final
1581 * add policies User0, User1
1582 * fix compile problem (FreeBSD) in sh_suidchk.c
1583 * macro to check for debugger breakpoints (linux/i386)
1584 * check for solaris (does not work) in sh_derr (--enable-ptrace)
1585 * option to listen on 514/udp for syslog, drop root
1586 irrevocably if compiled thus
1587 * use (check_mask & MODI_ATM) to decide whether to reset utime
1588 * reset the policy masks on sighup
1589 * option to write XML log messages
1590 * cleanup of message catalog
1591 * modified error messages for BADCONN
1592 * error messages for Rijndael
1593 * block recursive error messages within sh_error_handler()
1594 - would hang the machine ... -
1595
15961.2.7:
1597 * sh_files, sh_utils: check top level directory
1598 * sh_kern, sh_cat, kern_head: check syscall code, fork subprocess
1599 for reading from /dev/kmem
1600 * include /boot in default samhainrc
1601 * change source distribution signing/packaging system
1602 * Makefile, README, MANUAL: adhere to file system standard,
1603 document new locations
1604 * fix a bug in samhain_hide.c
1605
16061.2.6:
1607 * reset list of trusted users before config file re-read
1608 * TrustedUser=... can be a list
1609 * fix severity for files missing from IgnoreAll
1610
16111.2.5:
1612 * include example_pager.pl, example_sms.pl scripts
1613 * explain paging/sms setup in docs
1614 * allow manual exclusion of a directory in suidcheck
1615 * automatically track all file changes
1616 * remove missing files from in-memory database
1617 * add $(KERN) to DEPLOYFILES
1618
16191.2.4:
1620 * log IP address for login/logout events, if supported by the OS
1621 * release block in globerr (callback)
1622
1623-------------
1624
16251.2.3:
1626 * fix problem with reading stealth configuration
1627 * fix a few formats in sh_cat.c
1628 * always use strncmp for file system type check in sh_suidchk.c
1629 (trailing 'fs' may be system specific for some types)
1630 * no bare LF in messages (RFC 2822)
1631 * no lines longer than 998 chars (RFC 2822)
1632 * fix error in testrc_1
1633
16341.2.2:
1635 * make tmp file directory a compile time option
1636 * fix minor bugs in tmp file allocator (potential memory leak,
1637 double slash if root directory)
1638 * obsolete testpipe script removed
1639
16401.2.1:
1641 * fix memory alignment in rijndael-api-fst.c: blockEncrypt()
1642 * fix byte order in HMAC code (compatibility fix for Linux/HP-UX)
1643 * removed a debug fprintf()
1644
16451.2.0:
1646 * fix a bug in the HMAC implementation (thanks to Cesar Tascon
1647 for help in tracking down this one)
1648 * module to check the file system for SUID/SGID files
1649
16501.1.16 (never released):
1651 * fix the recursion depth -1 option as described in the manual
1652 * optional database reload on SIGHUP
1653 * fix a race condition when checking that /dev/random is a charakter
1654 device
1655 * redirect stderr to /dev/null for c_random
1656 (AIX may segfault in netstat...)
1657 * check whether /dev/random is a charakter device in c_random.sh
1658 (we know at least one sysadmin who has set up a fake /dev/random ...)
1659 * don't give NULL as 2. and 3. arg to execve if not Linux - some
1660 Unices (notably Solaris) don't like it
1661 * init ptr = NULL in my_malloc (compiler warning)
1662 * make the bitmask for tests configureable (suggestion by A. Dunkel)
1663 * make the bitmask for tests a static variable
1664 * make (database/logfile/lockfile) path configurable
1665 (to run multiple instances of samhain from an NFS share - on the
1666 wishlist of J. Patton)
1667
16681.1.15 (never released):
1669 * fix minor error in testcompile.sh (rm test_log only at start)
1670 * return from subroutines on sig_terminate == 1
1671 (faster exit on SIGTERM)
1672 * fix re-configuration of addresses
1673 * use sh_util_flagval() in sh_mail_setFlag and sh_kern_set_activate
1674 * SysV message queue as compile option
1675 * config file option to set console device
1676 * removed the pre 1.1.9 code bloat
1677 * don't print the LOGKEY to the console
1678
16791.1.14:
1680 * fix an error in the setup consistency check
1681 * make target to uninstall runtime files
1682 * trustfile.c: check return code of readlink(), fix off-by-one error
1683 * sh_files.c: fix placement of terminator after readlink() call
1684 * sh_files.c: fix a missing set_suid()/unset_suid()
1685 - suid should work, but is not recommended -
1686 * more debug statements in c/s code
1687 * avoid re-entry in sh_unix_sigexit
1688 * put a block around free() and malloc() in wrapper functions
1689 * ditto for glob()/globfree(), regcomp()/regfree(), fdopen()/fclose()
1690 - i.e. avoid corrupting the heap from a signal handler -
1691
16921.1.13:
1693 * optimized the size of the configure script somewhat
1694 * modify the compile and hash test scripts
1695 * read '\0's in sh_unix_getline
1696 * exponential schedule for connection attempts
1697 * make stealth working properly with signed files
1698 - config file should be signed now before embedding in picture -
1699 * fix a race in using signed files
1700 * updated err messages for PWNULL, GRNULL
1701 * add missing shell script for test 11
1702 * add mandatory source file/line info with -p debug
1703 * add mandatory source line info with BADCONN
1704 * fix a latex error in the manual
1705
17061.1.12:
1707 * debug output to console if compiled with --enable-debug and
1708 running as daemon
1709 * make reportonlyonce=true the default
1710 * make sure state changes of a file are always reported, even
1711 with reportonlyonce=true
1712 * Linux kernel modules (samhain_hide, samhain_erase)
1713 * fixed incorrect return value of sh_util_flagval
1714 * fixed an error in sh_files.c: happens with -t init and first
1715 file that is checked does not exist
1716 * revised install/uninstall targets in the Makefile
1717 * module to check for clobbered kernel syscalls (tested on Linux 2.2)
1718 * more diagnostic error messages in sh_gpg.c
1719 * more diagnostic error messages in sh_mail.c
1720 * error in mail.c fixed
1721 (address -> address_list[i] for multiple recipients)
1722 * docs updated, better(?) explanation of signed files
1723 * skip over path in gpg checksum output
1724 * check client name against IP address and FQDN
1725 * fix for --disable-* in config file
1726 * fixed a server crash (MSG_TCP_OKMSG without arg)
1727 if the server is run with debug level output threshold
1728 * catch EAGAIN in sh_gpg.c pipe reader
1729 * fix the 'external logging' test to make it work on BSD
1730 * error message if no local path to init DB
1731 * check for i86/Solaris in configure (vsnprintf prototype)
1732 * make SRP the default
1733
17341.1.11:
1735 * make log file verification more convenient
1736 * fix problem with message classes in stealth mode
1737 * linux: do not try to read file attributes for devices
1738 * handle the root directory correctly (avoid "//" in listing)
1739 * fix problems with blockin on FIFOs/char dev
1740 pointed out by I. Rogalsky (rog@iis.fhg.de)
1741 - open in nonblocking mode for read, then set to blocking
1742 - open file only if regular
1743 * fix alignment in memory profiler
1744
17451.1.10:
1746 * minor code cleanup
1747 * fix an error in trustfile.c (handling of empty/incomplete
1748 group entries in /etc/group, bug report by A. Capriotti )
1749
17501.1.9:
1751 * compatibility option for old behaviour (plain hash instead
1752 of HMAC, ECB instead of CBC mode)
1753 * use CBC rather than ECB mode for encryption
1754 * use HMAC-TIGER for message authentication codes
1755 * handle NULL data in sh_tiger_hash
1756 * option to set syslog facility (default is LOG_AUTHPRIV)
1757 * longer timeout (300 sec) on /dev/random if no /dev/urandom
1758 * fix minor output error with stealth option
1759 * option not to log names of config/database files on startup
1760
17611.1.8:
1762 * fix error in syslog routine
1763 * fix missing 'test' in configure.in
1764 * fix error in replace_tab() in sh_html.c
1765 * fix minor memory leak in sh_util_regcmp()
1766
17671.1.7:
1768 * timeout on read_mbytes (from /dev/random; fallback to /dev/urandom)
1769 * fix for FreeBSD: ut_user -> ut_name in sh_utmp.c
1770 * fix for Alpha: consider $ac_cv_sizeof_unsigned_int_ in configure.in
1771 * fix for Alpha: format string in sh_tiger0.sh
1772 * on Linux, now compiles cleanly with
1773 -Wall -W -Wstrict-prototypes -Wcast-align
1774 * fix problem with recursion depth
1775 (pointed out by Vic <hvicha@mail.ru>)
1776 * #include "sh_tools.h" in sh_unix.c and fix the
1777 --with-timeserver option (reported by Vic <hvicha@mail.ru>)
1778 * place read_port(), MSG_TCP_NETRP outside ifdefs
1779 * close fd/zero skey before execve
1780 * verify client name against socket peer
1781 * ... with configureable error priority
1782 * use strcmp() rather than strncmp() in search_register()
1783 * fix race between lstat() and open() for checksum
1784 (reported by dynamo <dynamo@ime.net>,
1785 JJohnson <JJohnson@penguincomputing.com>)
1786 * enable globbing for filenames
1787 * fix Solaris problem: siginfo_t may be NULL
1788 * fix missing SL_EBADGID in tf_trust_check
1789 * test case for external scripts, fix flushing pipe
1790 * fix a typo in sh_ext_type
1791 * do an fdexec w/checksum on Linux if calling external program
1792 * even safer tmp file creation
1793 * allow db update
1794 * fix compile options for --enable-debug
1795 * fixed a spelling error in the output
1796 * test program for full CS support (config/database download)
1797 * tell which file is searched for cs download
1798
17991.1.6:
1800 * fix bug in sh_readconf_line (segfault on erroneous config lines)
1801
18021.1.5:
1803 * sh_unix.c: sh_unix_getinfo_attr: f -> flags
1804 * use gettimeofday as last resort
18051.1.4:
1806 * fix AIX compiler warning in sh_forward (cast arg1 of sh_tiger_hash
1807 to (char *)
1808 * configure: add static link flags for some more os (from tar)
1809 * don't strip twice (some stupid systems abort)
1810 * fix for reading from /dev/random on non-Linux systems (untested)
1811 * sh_mail.c: end all message lines with \r\n
1812 * stealth: ignore \r, \"
1813 * take out tracing from --enable-debug (presently useless anyway)
1814 * fix some remaining cleartext with debug && stealth combined
1815 * fixed a small memory leak in sh_err_log.c
1816
18171.1.3:
1818 * fixed circular logic in taus_seed() (fallback method only)
1819 * fix for missing _SC_OPEN_MAX (runaway close())
1820
18211.1.2:
1822 * implement message classes
1823 * let server recognize client message severity and class
1824 * secondary log server
1825 * keep database in memory (allows to close file
1826 if retrieved from server)
1827 * encrypt client/server communication
1828
18291.1.1:
1830 * Compilation problems with native Solaris compiler fixed
1831 * fill in euid/ruid variable
1832 * manual.pdf --> MANUAL.pdf
1833 * debug sh_util_formatted()
1834 * http refresh 120sec for server stat page
1835 * trace/debug options
1836 * fixed problem with utmp.c options
1837 * fixed problem with sh_mail_setaddress
1838 * option for custom message header
1839 * fixed problem in compdata
1840 * fixed problem in mail verification
1841 * remove eventual trailing '/' in file names
1842 * fixed problem with report string for modified files
1843 * option to report in full detail
1844
18451.1.0:
1846 * Move error messages to catalog
1847 * Make error message format more uniform
1848 * Wrap sytem calls that could be interrupted by signals
1849 * Warn on append to database
1850 * Option for full details on mod. files
1851 * Option to report only once on mod. files
1852 * Generally speaking, major modifications with potential new bugs
1853
18540.9.5:
1855 * sh_hash.c: fixed erroneous checksum for config file
1856 * sh_html.c: fixed erroneous timestamp (last)
1857 * sh_tools.c: fixed connect_port (set port for cached address)
1858 * sh_srp.c: fix for '00' (='\0') in pw
1859 (last two fixes by Andreas Piesk)
1860
18610.9.4:
1862 * samhain.c: fcntl(1, ..) -> fcntl(2, ..)
1863 * sh_hash.c: copy 12 instead of 10 byte for c_attributes
1864 * 'empty directory' WARN -> INFO
1865
18660.9.3:
1867 * FreeBSD fixes:
1868 - c_random.sh: make sure /dev/random provides something
1869 rather than nothing
1870 - check for <netinet/in.h> and include it
1871 - include <sys/types.h> early
1872 - sh_utmp.c: fixed an occurence of ut_user
1873 - sh_utmp.c: #ifdef HAVE_UTTYPE static char terminated_line #endif
1874 - sh_forward.c: EBADMSG -> ENOMSG
1875 * sh_unix.c: check return value of gethostbyname
1876 * sh_entropy.c: fallback on /dev/urandom if /dev/random blocks for
1877 more than 30 sec
1878 * ... and fix the timestamp format ...
1879
18800.9.2:
1881 * ISO 8601 timestamps
1882 * Bugfix in sh_utmp (timestring overwrite)
1883 * don't use siginfo_t on Linux (garbage as of 2.2.14)
1884 * check for Linux capabilities bug when dropping root
1885 * include README for gcc compiler bug (pointed out by A. Piesk)
1886 * explicitely set -fno-strength-reduce with gcc
1887 * fixed ignoring missing files with the IgnoreAll policy
1888
18890.9.1:
1890 * more ext2flags (breaks backward database compatibility on Linux)
1891 * IgnoreAll policy modified - missing/added files reported with
1892 SeverityIgnoreAll (to handle files that may or may not be present)
1893 * Check all files, not only regular ones
1894 (bug in sh_files, originally introduced because checksum of
1895 regular files only is computed)
1896
18970.9:
1898 * use O_NOATIME if supported
1899 * --with-nocl takes argument (PW to re-enable CL parsing)
1900 * no daemon mode if initializing database
1901 * fixed segfault in yule with 'unknown file type' request
1902 * enlarged MAX_GLOBS 24 -> 32 and made the array linear
1903 * server uses last registry entry for any given client now
1904 * deploy.sh script to deploy clients to remote hosts
1905 * enhanced signal handling: SIGUSR1/SIGUSR2/SIGABRT/SIGQUIT/SIGHUP
1906 * allow y/Y/n/N for login monitoring (in addition to 0/1)
1907 * external logging scripts/programs
1908 * trustfile.c: define STICKY on Linux
1909 * reset signal mask when initializing
1910 * EINTR_RETRY wrapper
1911 * slib: sl_read, sl_write EINTR update
1912 * use sstrip when installing
1913 * more compact database format (breaks backward database compatibility)
1914 * larger download packets
1915 * TcpFlags unsigned char
1916 * cast to (char *) head in write_port
1917 * m(un)lock cast to (char *)
1918 * (1 << 31) --> (1UL << 31)
1919 * support e2fs attributes on Linux
1920 * fixes for AIX and Solaris native compilers
1921 * fixed Makefile for non-GNU make (pattern rule --> suffix rule)
1922
19230.8.1:
1924 * fixed 'is_numeric()' return value
1925
19260.8:
1927 * added option for static compilation
1928 * added option for stealth with non-hidden config file
1929 * added option for disabling command line parsing
1930 * all options can be set in the configuration file now
1931 * stealth: xor strings in database file
1932 * fixed bug in mailer code ([] in HELO)
1933 * print timestamp when asking for key
1934 * 'micro' stealth mode (no hidden configuration file)
1935 * simplified slib
1936 * int->long for uids/gids in trustfile
1937 * moved mailkey from data to code
1938 * shell script for entropy (stronger default key)
1939 * general code cleanup
1940 * better error checking in client/server code
1941 * detect out-of-sync messages
1942 * check state across protocol passes in server
1943 * make sure authentication is mutual
1944 * file download to client
1945 * reserve six file descriptors in server
1946 * mlock queue buffer if LOG_KEY
1947 * improved robustness in bignum (don't fail on free())
1948 * per-directory recursion depths
1949 * RFC821 compliance: empty line at end of header, To field, Date field
1950 * RFC821 compliance: make e-mail transfer relieable
1951 * fix detection of hardlink changes
1952 * checksum verification for calling gpg/pgp
1953 * CL option '-S' not required for server-only binary
1954 * eliminate CL options that may leak privileged information
1955 if the program is SUID
1956 * skip leading white space in configuration file
1957 * allow nested conditionals in configuration file
1958 * allow whitespace before and after '=' in configuration file
1959 * don't leak file descriptors to child processes
1960 * make message transfer relieable
1961 * always report error on abnormal termination of connection
1962
19630.7:
1964 * support for alpha machines
1965 * stop TCP logging after exit message
1966 * limit connections in server (DoS attacks)
1967 * move string handling to slib
1968 * move file handling to slib
1969 * timestring without space
1970 * changed report format
1971 * SUID bugfix - use euid when checking logfile ownership
1972 * SUID bugfix - get root for lstat()
1973 * SUID bugfix - get root for opendir()
1974 * store number of hardlinks
1975 * send no message if polling empty queue
1976 * include tiger 64-bit implementation (portability)
1977 * codes for error conditions
1978 * mail check: handle multiple, overlapping audit trails
1979 * security fix: no append to database if SUID
1980 * fix sh_entropy.c (BUFSIZ -> BUF_ENT)
1981 * read command line before config file
1982 * PGP signing of config/database files
1983 * checksum of config file reported
1984 * checking for attributes only
1985
19860.6:
1987 * more syslogish priority specification
1988 * fixed segfault in sh_mem_check, apparently this was also
1989 the reason for the segfault in atexit()
1990 * allow for compilation with SRP authentication
1991 * fixed tiger checksum computation
1992 * fixed broken logfile verification for second and further audit trails
1993 * test program added
1994 * documentation improved
1995 * sh_forward_make_client: bug fixed in[8]->in[i]
1996 * sh_error.h: fixed missing #include <errno.h>
1997 * configure.in: fixed missing strerror() test
1998 * sh_utmp.c: check logins/logouts
1999 * check for missing files
2000 * only reset access time if necessary
2001 * O_EXCL in open()
2002 * limit environment to TZ in execve (sh_entropy.c, not used on Linux)
2003 * use trustfile() to determine whether logfile dir is trustworthy
2004 * strip head instead of tail for numerical address
2005 * store messages in fifo during log server outage
2006 * re-init session key after server outage
2007
20080.5 (21-12-1999):
2009 * added option for mail relay server
2010 * own popen() implementation in sh_entropy() (portability)
2011 * fixed error in sh_util_basename() (returned NULL for base == "/")
2012 * fixed segfault in strlcpy/strlcat (check for src == NULL)
2013 * FILENAME_MAX -> PATH_MAX (HP-UX 10.20)
2014 * use TIGER for 32-byte compilers (portability)
2015 * fixed hash function (do not include stdlib.h)
2016 * flush buffer before write in mailer code (IBM AIX 4.1)
2017 * make mailer code non-forking
2018 * cast argument of is...() to int (portability)
2019 * return() after _exit() for braindead compilers (portability)
2020 * optionally use inet_addr (portability)
2021 * check for broken mlock() (HP-UX 10.20)
2022 * minor code cleanups
2023 * fixed incorrect size of munlock()'ed memory in sh_error_string()
2024 * fixed a buffer overflow in the error printing routine
2025 * fixed a buffer overflow in sh_util_safe_name ()
2026 * implement SRP session key exchange
2027 * implement client/server facility
2028 * implement @host/@end construct in configuration file
2029 * preferably use uname(), and do gethostbyname() for FQDN
2030 * make vernam cipher base numeric
2031 * make OnlyStderr private in sh_error
2032 * test -e "/dev/random" --> test -r "/dev/random" (portability)
2033 * check for libsocket (portability)
2034 * add #defines for IPPORT_SMTP, IPPORT_TIMESERVER (portability)
2035 * eliminate superfluous /proc test
2036 * some unreachable code removed
2037 * cast to (byte*) replaced by cast to (word64*) in sh_tiger_hash()
2038 * check for setresuid() if no seteuid() (HP-UX 10.20)
2039
20400.4 (09-11-1999):
2041 * make sure output from /dev/random has no NULL's
2042 * one-time pad encryption for emailed keys
2043 (better than nothing ...)
2044
20450.3 (04-11-1999):
2046 * logfile readable for group
2047 * verify signatures for any file
2048 * signature block in tarball
2049 * use select() in time server routine
2050 * better protection for session keys (mlock)
2051
20520.2:
2053 * fixed incorrect man page
2054 * fixed incorrect example rc file
2055 * recursive error logging should work now
2056
20570.1:
2058 * initial release -- on Samhain 1999, of course
2059
2060development start:
2061 * probably 29-06-1999
2062
Note: See TracBrowser for help on using the repository browser.