This version introduces major new functionality, some changes and fixes.
New Themed Splash pages are introduced, enabling rapid customisation. Theme placeholders can be populated from information provided in the config file. Remote files and image sources can be defined in the config file and these will be automatically downloaded as required.
Deprecated legacy code from previous versions has been removed.
Tested on OpenWrt, OpenSuse and Debian.
Signed-off-by: rob <rob@blue-wave.net>
This release fixes an issue where some firewall rules containing
the keyword "block" would cause openNDS to fail in startup.
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new functionality and some major changes
* Rationalisation of support for multiple Linux distributions [bluewavenet]
* Refactor login.sh script introducing base64 encoding and hashed token (hid) support [bluewavenet]
* Refactor fas-hid script introducing base64 encoding and simplifying customisation of the script [bluewavenet]
* Refactor binauth_log.sh and log BinAuth custom data as url encoded [bluewavenet]
* Refactor fas-aes, simplifying customisation of the script [bluewavenet]
* Refactor fas-aes-https, simplifying customisation of the script [bluewavenet]
* Change - Use hid instead of tok when fas_secure_enabled >= 1 [bluewavenet]
* Add - base64 encoding to fas_secure_enabled level 1 [bluewavenet]
* Add - gatewyname, clientif, session_start, session_end and last_active to ndsctl json [bluewavenet]
* Add - support for RFC6585 Status Code 511 - Network Authentication Required [bluewavenet]
* Add - Client Status Page UI with Logout [bluewavenet]
* Add - GatewayFQDN option [bluewavenet]
* Add - client interface to status page query string [bluewavenet]
* Add - support using base 64 encoded custom string for BinAuth and replace tok with hid [bluewavenet]
* Add - base 64 decode option to ndsctl [bluewavenet]
* Add - b64 encoding of querystring for level 1 [bluewavenet]
* Add - Improved performance/user-experience on congested/slow systems using php FAS scripts [bluewavenet]
* Add - support for ndsctl auth by hid in client_list [bluewavenet]
* Add - Ensure faskey is set to default value (always enabled) [bluewavenet]
* Add - Display error page on login failure in login.sh [bluewavenet]
* Add - splash.html, add deprecation notice [bluewavenet]
* Add - authmon, improved lock checking and introduce smaller loopinterval [bluewavenet]
* Add - client_params, wait for ndsctl if it is busy [bluewavenet]
* Add - fas-aes-https, allow progressive output to improve user experience on slow links [bluewavenet]
* Fix - Block access to /opennds_preauth/ if PreAuth not enabled [bluewavenet]
* Fix - On startup, call iptables_fw_destroy before doing any other setup [bluewavenet]
* Fix - missing final redirect to originurl in fas-hid [bluewavenet]
* Fix - ensure gatewayname is always urlencoded [bluewavenet]
* Fix - client session end not set by binauth [bluewavenet]
* Fix - Session timeout, if client setting is 0, default to global value [bluewavenet]
* Fix - missing trailing separator on query and fix some compiler errors [bluewavenet]
* Fix - ensure authmon daemon is killed if left running from previous crash [bluewavenet]
* Fix - add missing query separator for custom FAS parameters [bluewavenet]
* Fix - ndsctl auth, do not set quotas if client is already authenticated [bluewavenet]
* Fix - client_params, show "Unlimited" when "null" is received from ndsctl json [bluewavenet]
* Update configuration files [bluewavenet]
* update documentation [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new enhancements and the disabling or removal of deprecated functionality.
* Add - built in autonomous Walled Garden operation [bluewavenet]
* Add - Support for Custom Parameters [bluewavenet]
* Add - Quota and rate reporting to ndsctl json. Format output and fix json syntax errors [bluewavenet]
* Add - global quotas to output of ndsctl status [bluewavenet]
* Add - Report Rate Check Window in ndsctl status and show client quotas [bluewavenet]
* Add - gatewaymac to the encrypted query string [bluewavenet]
* Add - support for login mode in PreAuth [bluewavenet]
* Fix - get_iface_ip in case of interface is vif or multihomed [bluewavenet]
* Fix - Add missing client identifier argument in ndsctl help text [bluewavenet]
* Fix - fix missing delimiter in fas-hid [bluewavenet]
* Fix - get_client_interface for case of iw utility not available [bluewavenet]
* Fix - php notice for pedantic php servers in post-request [bluewavenet]
* Remove - support for deprecated RedirectURL [bluewavenet]
* Deprecate - ndsctl clients option [bluewavenet]
* Deprecate - legacy splash.html and disable it [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
* This version - for Openwrt after 19.07 - for compatibility with new MHD API
* Set - minimum version of MHD to 0.9.71 for new MHD API [bluewavenet]
* Set - use_outdated_mhd to 0 (disabled) as default [bluewavenet]
* Add - Multifield PreAuth login script with css update [bluewavenet]
* Add - Documentation and config option descriptions for configuring Walled Garden IP Sets
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This release provides a fix for a Path Traversal Attack vulnerability present in libmicrohttpd's built in unescape functionality.
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This is the first release from the OpenNDS project.
The decision has been made by the developers of the NoDogSplash project, to create a new project, beginning at v5.0.0
The two resulting projects are:
* **OpenNDS**, the new project, optimised for development of custom captive portal solutions using the built in Forwarding authentication Services API and associated libraries.
* **NoDogSplash**, the original project, optimised for hardware with very restricted resources (eg legacy 8/32 devices) and supporting only simple templated splash pages.
At v5.0.0 of both projects share a common code base.
However, the two packages will inevitably and rapidly diverge, as OpenNDS is actively developing, whereas NoDogSplash is feature complete for its optimised target use.
Signed-off-by: Rob White <rob@blue-wave.net>
rob