-
Notifications
You must be signed in to change notification settings - Fork 4
/
ChangeLog
207 lines (189 loc) · 8.81 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
17.02.2015 (v0.8.5):
- Fixed: security issues with SSL. We now use TLS rather than SSLv3,
and autonegotiate the strongest version of TLS we can get,
since all versions of pre-TLS SSL are widely deprecated
at this point (POODLE attack finally killed SSLv3).
- Removed: internal support for HTTP/HTTPS proxies:
there are better options readily available as external tools,
and removing the internal code makes it much easier to
reason about our own security and general correctness.
- Added: support for per-realm CA certificates
- Added: support for loading complete certificate-chains in afclient
03.10.2007 (v0.8.4):
- Added (by Joshua Judson Rosen): certificate-based authentication
21.11.2006 (v0.8.3):
- Fixed: bug in udp_listen function when AF_INET6 is not defined
13.09.2006 (v0.8.2):
- Fixed: bug in resource deallocation for remote admin clients
06.04.2006 (v0.8.1):
- Fixed: enableproxy option in server's config file
- Added: clients idle time
- Added: 'maxidle' option
- Modified: task scheduling subsystem has been completely rewritten
- Fixed: segmentation fault in http tunnels after multiple simultaneous POST
connections from the same source
- Fixed: unexpected connection close when http proxy was too slow
- Fixed: SIGSEGV in http proxy mode under cygwin
- Added: enabled the SO_KEEPALIVE option for all the sockets used by the apf
- Added: 60 seconds timeout for SSL_connect
04.02.2006 (v0.8):
- Fixed: infinite loop after buffering message
- Fixed: corrupt packets after closing connections in the stopped state
- Fixed: bug in mapping user numbers between afclient and afserver
- Fixed: premature close of the service connection
- Fixed: invalid buffering when the connection is closing
- Added: Multiple tunnels in one afclient<->afserver connection
16.11.2005 (v0.7.5):
- Fixed: manageport option in the afclient config file
- Fixed: severe bug in string_cp
- Fixed: wrong connection type used by afclient when afserver used --nossl
or --nozlib option
- Fixed: broken keep-alive option
03.11.2005 (v0.7.4):
- Fixed: sockets in CLOSE_WAIT state left by afclient
- Added: --localname and --localport options
- Added: --localdesname option
- Added: kicking user in 'opening' state
- Fixed: info about kicked user
- Fixed: TERM signal handling
- Fixed: id lost after reconnection
- Fixed: printing wrong client name in 'SSL_accept failed (timeout)' message
- Fixed: ignored 'certificate' and 'key' options from config file
- Added: config files for afclient
- Modified: some options in afserver config file
05.08.2005 (v0.7.2):
- Added: http proxy basic authorization
- Fixed: logging initialization after some value checking
- Fixed: auto-reconnect failure when --nossl option is set
- Added: auto-reconnect when afserver is not reachable on start
- Added: auto-reconnect after normal afserver quit
- Added: per user statistics: idle time, amount of downloaded/uploaded bytes
and current download/upload rate
- Added: support for https proxies
- Added: possibility to bind sockets on different interfaces
- Fixed: receiving incomplete headers from afclient
- Fixed: close user connections by afclient
03.07.2005 (v0.7.1):
- Added: afserver certificate storing and checking
- Modified: generating keys and certificate
- Fixed: creating apf directory
- Fixed: some bugs in proxy tunnel initialization
07.06.2005 (v0.7):
- Added: http proxy tunnels between afserver and afclient
- Fixed: sigint interception with threads enabled (in http proxy mode)
- Fixed: FATAL ERROR in afclient in some situations after close of afserver
when http proxy mode is enabled
- Added: afclients can connect directly to afserver with enabled proxy mode
- Fixed: timeout routine in http proxy tunnels
- Added: 'rshow' command in ra mode displays 'tunneltype'
- Fixed: printing IP of clients when http proxy mode is enabled
- Added: 'tunneltype' per client in ra mode after 'cshow' command
- Fixed: closing connection when http proxy mode is enabled
- Fixed: threads initialization
- Fixed: afserver closing after sigint
- Fixed: afclient threads initialization
- Added: 'version' option to display program version number
- Modified: establishing afclient<->afserver connection
- Added: 'keep-alive' option
- Fixed: using 'proxyport' without 'proxyname'
- Added: auto-reconnect feature to afclient
- Added: 'ar-tries' and 'ar-delay' options
- Modified: http proxy logging
- Fixed: closing connection with afclient after receiving id
- Fixed: thread closing due to wrong initialization sequence
- Fixed: small bug in initialization process
- Heavily Modified: logging routines
- Added: audit option
- Modified: default dateformat is now ISO 8601
- Modified: printing usage
- Fixed: bug in threads' initialization in afclient
- Added: 'timeout' and 'dateformat' options in ra mode
- Modified: empty dateformat disables printing '[] '
- Added: 'audit' and 'dnslookups' options in ra mode
- Fixed: afserver freeze bug
- Added: 'kuser' and 'kclient' options in ra mode
- Fixed: bug in starting afclient in ra mode
- Added: audit log printed also after kicking the client
11.03.2005 (v0.6):
- Fixed: default password incompatibilities from config file
- Added: "client's id" option
- Lightly Modified: verbose mode
- Added: temporary listen ports
- Fixed: bug in printing "client's id"
- Added: 'dateformat' option to set format of the date in the logs
- Modified: command line option and config file behaviour
- Added: logging to a socket
- Fixed: parsing config file
- Fixed: major bug in packet buffering
- Added: several clients-users in one realm
- Modified: default hostname used by afserver
- Modified: server listening behaviour (for clients)
- Fixed: bug in checking options values
- Modified: verbose mode
- Modified: client initial connection to server
- Added: connection time / uptime statistics
- Added: first version of remote administration (statistics only)
- Fixed: major bug in remove_client routine
- Added: 'raclients' option
- Added: use of automake/autoconf
- Added: creating ~/.apf directory
- Modified: the way of creating/managing keys/certificates
- Added: 'dnslookups' option
- Modified: usage functions
- Fixed: no handling of missing 'listen' option after 'newrealm' in config file
- Added: 'quit' command in remote administration mode
- Modified: logging error messages during initialization
- Modified: 'newrealm' changed to 'realm' in config file
- Added: realm names
- Modified: connection time / uptime
- Added: client names / unique numbers
- Added: user unique numbers
- Fixed: segmentation fault after 'quit' command
19.11.2004 (udp_patch):
- Lightly Modified: verbose in client's udp reverse mode
- Fixed: major bug in udp protocol forwarding
11.10.2004 (v0.5.5):
- Added: rsa key generation by afclient
- Modified: afclient is now generating keys by default
- Fixed: major bug in packet buffering
- Added: 'timeout', 'clients' and 'usrpcli' options
- Fixed: parsing 'users' option
- Modified: module management routines
- Added: module support for service's packet filtering
- Fixed: few minor bugs in closing connection routines
- Added: possibility to use several clients per realm
- Modified: there is no need for 'users', 'timeout', 'clients',
'proto', 'usrpcli' and 'climode' options in config
file when default values are acceptable
26.05.2004 (v0.5.4):
- Fixed: default password incompatibilities
- Modified: server listening behaviour
- Added: module support for client's packet filtering
- Modified: client behaviour after unsuccessful connection
- Fixed: printing ipv6 addresses
- Added: IP protocol family strict choice: 'ipv4' and 'ipv6'
- Added: flow control / packet buffering
- Fixed: signal handling
- Fixed: client freeze in udp reverse mode with zlib enabled
09.01.2004 (v0.5.3):
- Added: client password identification (weak)
- Added: sigint interception and server closing
- Modified: communication between server and client
- Added: 'nossl' and 'nozlib' modes
- Added: zlib support
- Lightly Modified: verbose mode
- Modified/Added: help screen and long options support
06.12.2003 (v0.5.2):
- Added: types of realm
- Added: logging to a file
- Fixed: major bug in communication between server and client
- Fixed: deformed packets in udp protocol forwarding
04.12.2003 (v0.5.1):
- Fixed: some data transfer problems
- Added: udp protocol tunneling/forwarding
- Fixed: bug in parsing the config file
- Improved: making connection between server and client
- Lightly modified: verbose mode (added double v mode)
23.11.2003 (v0.5):
- This is the first release
- There are no known major bugs