This release fixes an issue where some firewall rules containing
the keyword "block" would cause openNDS to fail in startup.
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new functionality and some major changes
* Rationalisation of support for multiple Linux distributions [bluewavenet]
* Refactor login.sh script introducing base64 encoding and hashed token (hid) support [bluewavenet]
* Refactor fas-hid script introducing base64 encoding and simplifying customisation of the script [bluewavenet]
* Refactor binauth_log.sh and log BinAuth custom data as url encoded [bluewavenet]
* Refactor fas-aes, simplifying customisation of the script [bluewavenet]
* Refactor fas-aes-https, simplifying customisation of the script [bluewavenet]
* Change - Use hid instead of tok when fas_secure_enabled >= 1 [bluewavenet]
* Add - base64 encoding to fas_secure_enabled level 1 [bluewavenet]
* Add - gatewyname, clientif, session_start, session_end and last_active to ndsctl json [bluewavenet]
* Add - support for RFC6585 Status Code 511 - Network Authentication Required [bluewavenet]
* Add - Client Status Page UI with Logout [bluewavenet]
* Add - GatewayFQDN option [bluewavenet]
* Add - client interface to status page query string [bluewavenet]
* Add - support using base 64 encoded custom string for BinAuth and replace tok with hid [bluewavenet]
* Add - base 64 decode option to ndsctl [bluewavenet]
* Add - b64 encoding of querystring for level 1 [bluewavenet]
* Add - Improved performance/user-experience on congested/slow systems using php FAS scripts [bluewavenet]
* Add - support for ndsctl auth by hid in client_list [bluewavenet]
* Add - Ensure faskey is set to default value (always enabled) [bluewavenet]
* Add - Display error page on login failure in login.sh [bluewavenet]
* Add - splash.html, add deprecation notice [bluewavenet]
* Add - authmon, improved lock checking and introduce smaller loopinterval [bluewavenet]
* Add - client_params, wait for ndsctl if it is busy [bluewavenet]
* Add - fas-aes-https, allow progressive output to improve user experience on slow links [bluewavenet]
* Fix - Block access to /opennds_preauth/ if PreAuth not enabled [bluewavenet]
* Fix - On startup, call iptables_fw_destroy before doing any other setup [bluewavenet]
* Fix - missing final redirect to originurl in fas-hid [bluewavenet]
* Fix - ensure gatewayname is always urlencoded [bluewavenet]
* Fix - client session end not set by binauth [bluewavenet]
* Fix - Session timeout, if client setting is 0, default to global value [bluewavenet]
* Fix - missing trailing separator on query and fix some compiler errors [bluewavenet]
* Fix - ensure authmon daemon is killed if left running from previous crash [bluewavenet]
* Fix - add missing query separator for custom FAS parameters [bluewavenet]
* Fix - ndsctl auth, do not set quotas if client is already authenticated [bluewavenet]
* Fix - client_params, show "Unlimited" when "null" is received from ndsctl json [bluewavenet]
* Update configuration files [bluewavenet]
* update documentation [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new enhancements and the disabling or removal of deprecated functionality.
* Add - built in autonomous Walled Garden operation [bluewavenet]
* Add - Support for Custom Parameters [bluewavenet]
* Add - Quota and rate reporting to ndsctl json. Format output and fix json syntax errors [bluewavenet]
* Add - global quotas to output of ndsctl status [bluewavenet]
* Add - Report Rate Check Window in ndsctl status and show client quotas [bluewavenet]
* Add - gatewaymac to the encrypted query string [bluewavenet]
* Add - support for login mode in PreAuth [bluewavenet]
* Fix - get_iface_ip in case of interface is vif or multihomed [bluewavenet]
* Fix - Add missing client identifier argument in ndsctl help text [bluewavenet]
* Fix - fix missing delimiter in fas-hid [bluewavenet]
* Fix - get_client_interface for case of iw utility not available [bluewavenet]
* Fix - php notice for pedantic php servers in post-request [bluewavenet]
* Remove - support for deprecated RedirectURL [bluewavenet]
* Deprecate - ndsctl clients option [bluewavenet]
* Deprecate - legacy splash.html and disable it [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
* This version - for Openwrt after 19.07 - for compatibility with new MHD API
* Set - minimum version of MHD to 0.9.71 for new MHD API [bluewavenet]
* Set - use_outdated_mhd to 0 (disabled) as default [bluewavenet]
* Add - Multifield PreAuth login script with css update [bluewavenet]
* Add - Documentation and config option descriptions for configuring Walled Garden IP Sets
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This release provides a fix for a Path Traversal Attack vulnerability present in libmicrohttpd's built in unescape functionality.
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This is the first release from the OpenNDS project.
The decision has been made by the developers of the NoDogSplash project, to create a new project, beginning at v5.0.0
The two resulting projects are:
* **OpenNDS**, the new project, optimised for development of custom captive portal solutions using the built in Forwarding authentication Services API and associated libraries.
* **NoDogSplash**, the original project, optimised for hardware with very restricted resources (eg legacy 8/32 devices) and supporting only simple templated splash pages.
At v5.0.0 of both projects share a common code base.
However, the two packages will inevitably and rapidly diverge, as OpenNDS is actively developing, whereas NoDogSplash is feature complete for its optimised target use.
Signed-off-by: Rob White <rob@blue-wave.net>