Sun Feb 4 14:44:39 PST 2007
0.9996
- Ignore SIGTERM, because an orderly shutdown sends this signal, and we have
nothing to clean up anyway, and sometimes a system will go into limbo during
shutdown, so we want to be around if that happens.
Sun Feb 4 16:46:25 GMT 2007
0.9995
- Conditionalized mlockall() use on _POSIX_MEMLOCK
- Added DragonFly BSD support, despite DragonFly's lack of a true
mlockall()
Wed Oct 11 10:47:25 PDT 2006
0.9994
- Eliminated whrandom usage.
- Added slightly more entropy when /dev/random, /dev/urandom and prngd are all
unavailable
Tue Aug 16 20:48:01 PDT 2005
0.9992
- If entropy is all used up, then get some more, instead of exiting
Sun Mar 27 17:06:00 PST 2005
0.9991
- Eliminated hardcoded "-ansi -pedantic -Wall" to improve gcc
indepence. Tested with tcc on Fedora Core 3.
- Moved openssl/evp.h check before EVP_DigestInit check, again to
improve tcc (non-gcc) compatibility
Fri Mar 25 06:48:48 PST 2005
0.999
- Ported to FreeBSD. Probably will also work on DragonFly (minus
proper mlockall(), which is a NOOP?) and NetBSD. I wonder
about OS/X :) Port was done with QEMU.
- reboot functionality, which is very OS dependent: #ifdef's
now #define a REBOOT_FOUND symbol, rather than #else'ing ad
nauseum. Someday this stuff should be sorted out by autoconf
though.
- /usr/local/bin on $PATH in S22fallback-reboot
- Information in "Porting" file expanded a bit
- Modified fallback-reboot-client to only prompt and turn off echo if
it's on a tty.
Mon Mar 7 10:50:39 PST 2005
0.998
- DEBUG cpp symbol renamed to AUTH_NO_REBOOT
- DEBUG2 cpp symbol renamed to VERBOSE
- AIX uses plock() instead of mlockall() now
- install-bufsock knows how to set the $PATH more broadly, to be more
likely to pick up a python executable
- Note: this release not announced on freshmeat.
- Jacked entropy collection to 10000 instead of only 100
Sun Mar 6 21:16:03 PST 2005
0.997
- added /dev/random and prngd support to the daemon. The daemon
still doesn't support time+pid, and may never :)
- fixed a bug in time+pid seed method in gen-pas
- Split out rc script install and bufsock.py install into their own
shell scripts, to keep the Makefile simpler. Also, these
installations are done still more flexibly now - IE, they know
about more directories that are good candidates for install
- ported to AIX 5.1, partially using IBM's linux source
compatibility, which extends to reboot methods
- ./configure understands --with-prngd-port=12345 now. Defaults to
708, which I believe to be the most common TCP socket for prngd,
and is what used to be hardcoded
- ./configure understands --with-fallback-reboot-port=54321 now.
Defaults to 3002, which is what used to be hardcoded.
Thu Mar 3 12:03:14 PST 2005
0.996
- Improved autoconf portability
- Added a safeguard to require the fallback-reboot password to be at
least 8 characters long
- rc script moved from S11 to S22
- rc script knows to remove /.fallback-reboot-passwd if it is 0
length, and doesn't attempt to run fallback-reboot
- rc script attempts to set a $PATH that is likely to include python
Mon Feb 21 17:19:50 PST 2005
0.995
- Continuing to look for opportunities to gain experience with the
program. {Un,}[Ff]ortunately, our systems are proving too
reliable. :)
- Since SHA-1 has been broken (number of rounds reduced
significantly), I've modified both fallback-reboot.c and
fallback-reboot-client to use RIPEMD-160 instead of SHA-1.
However, the new client can still use SHA-1 if it encounters an old,
SHA-1 based daemon.
- This did not change the dependencies significantly for the daemon,
fallback-reboot.c. However, the dependencies for the client,
fallback-reboot-client, did change quite a bit.
- fallback-reboot-client now attempts to use the python "M2Crypto"
module, which ships with Fedora Core 3, but not Redhat Enterprise
Linux 3 or Solaris 9, and I have my doubts as to whether it will
ship with Redhat Enterprise Linux 4. Alternatively, if python
cannot import the M2Crypto module, it will attempt to use a
bidirectional pipe to the openssl program - this has been tested
on Redhat Enterprise 3 and Solaris 9.
- Added "DEBUG2" preprocessor symbol. Off by default. It makes
fallback-reboot (the daemon) as verbose as it used to be. However,
definining this symbol appears to cause problems if the daemon is
not on a tty. This actually fixes a DOS attack that would cause
the fallback-reboot daemon to exit, rendering the service unusable.
Thu Feb 3 17:36:03 PST 2005
0.99
- Fixed accept() to loop if it gets an error, say due to a signal to
reread /.fallback-reboot-passwd
Thu Feb 3 10:13:49 PST 2005
0.98
- Use $prefix/sbin, not $prefix/bin
- Removed umask change from "make install" rule, since the password
is no longer compiled into the executable
- Added file "Porting"
- Added "make uci-install" target to the Makefile
- Added comment about collecting the passwords somewhere to the
README, so that you have then when you actually need them :)
- "make web" uses gzip -9 now
Thu Feb 3 08:23:00 PST 2005
0.97
- fallback-reboot daemon rereads /.fallback-reboot-passwd if it
receives a SIGUSR1 signal
- "make install" no longer creates /.fallback-reboot-passwd.
Instead, that is up the rc script, S11fallback-reboot
Wed Feb 2 21:38:51 PST 2005
o.96:
- S11fallback-reboot respects --prefix now, and is generated from
S11fallback-reboot.in
- S11fallback-reboot generates /.fallback-reboot-passwd if it does
not yet exist
- fallback-rewboot daemon uses SO_REUSEADDR
- "make install" removes the previous binary to avoid Text File Busy
errors
- "make clean" also removes S11fallback-reboot
Thu Jan 20 15:10:15 PST 2005
0.95:
- password goes in /.fallback-reboot-passwd now, instead of being
compiled into the binary. The password is read in at IPL, prior to
mlockall(); we do -not- wait until it's needed.
- gen-pas is installed next to fallback-reboot, in case you want to
change your password later, to something equally random. In
theory, you should still be able to use a more human-readable
password, but I haven't tested that.
- configure groks --prefix now.
- replaced the search for -lssl with a search for -lcrypto -
apparently some versions of openssl put what we need in a different
library. So far, -lcrypto has worked more often than -lssl,
depending on what symbols are present in which.
- added "make pristine" target, to blow away autoconf side effects.
"make web" uses it.
- $CC is no longer hardcoded to gcc.
- Added a "Prerequisites" file, including info about openssl version
and python version.
- fixed a bug in gen-pas on systems that use prngd instead of
/dev/random or /dev/urandom. Also added stderr descriptions on how
high quality the entropy for the password is in gen-pas.
Sun Jan 16 17:57:52 PST 2005
0.9:
- gen-pas generates a 16 byte (32 character) hexadecimal string now,
instead of something shorter in base 62
- fallback-reboot now can do both cleartext and cryptographic
authentication - one or the other, but not both. That is, the
version you compile will use crypto if it can find openssl, and
cleartext if it cannot.
- added "fallback-reboot-client", a small python script that
communicates with fallback-reboot, so we don't have to use telnet
anymore, and the password isn't echo'd on the screen anymore. :)
- fallback-reboot is partially autoconf'd - mostly just for detecting
openssl. The various means of performing reboots may be autoconf'd
later as well. Reboot methods are still #ifdef'd, and that only
for Linux and Solaris. Sorry 'bout that. :)
- fallback-reboot-client uses my "bufsock.py" module. "make install"
attempts to put it in /usr/lib/python/site-packages, and failing
that, puts it in $HOME/lib. There's likely a better way.
0.7:
Added some additional preprocessor symbols for detecting linux
Added an rc script
0.6:
Added support for Solaris 8.
0.5:
First public release. Linux only.