Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, gl-inet b1300, gl-inet mt300n-v2, Snapshot, 21.02.0, 19.07.8
Description:
This version adds new functionality, and fixes some issues
* Add - Error message in fas-aes-https if shared key is mismatched [bluewave.net]
* Fix - and refactor error 511 page generation[bluewave.net]
* Fix - and refactor dnsmasq configuration [bluewave.net]
* Fix - Typographic error preventing RFC8910 disable [bluewave.net]
* Add - gateway address and gatewayfqdn to ndsctl json output [bluewave.net]
* Add - RFC8910 housekeeping on startup and shutdown [bluewave.net]
* Add - correctly apply dhcp option 114 for generic Linux [bluewave.net]
* Add - reading of configured ndsctlsocket in ndsctl utility[bluewave.net]
* Add - use send_error 200 for MHD watchdog [bluewave.net]
* Add - generation of page_511 html by library script [bluewave.net]
* Add - extend debuglevel support to library scripts [bluewave.net]
* Refactor - fas-aes-https to simplify and make customisation of http easier [bluewave.net]
* Add - library script for error 511 page, allowing customisation [bluewave.net]
* Add - make authmon report connection error details [bluewave.net]
* Fix- remove unwanted debug message in ndsctl [bluewave.net]
* Add - RFC8910 support by default [bluewave.net]
* Add - display status page when accessing /login when authenticated [bluewave.net]
* Add - MHD response to RFC8910 requests [bluewave.net]
* Add - Dnsmasq RFC8910 configuration [bluewave.net]
* Add - send error 511 in response to unsupported http method [bluewave.net]
* Add - Check for ca-bundle on OpenWrt, if not installed, add syslog messages and terminate [bluewave.net]
* Add - Make ndsctl use the configured value for socket path if set and deprecate -s option [bluewave.net]
* Add - Warning message when Walled Garden port 80 is allowed [bluewave.net]
* Fix - remove un-needed pthread_kill in termination_handler() [bluewave.net] [T-X]
* Fix - debug messages from authmon.sh [bluewave.net]
* Fix - Allow disabling gateway fqdn, facilitating access to router port 80 [bluewave.net]
* Fix - Segfault in ndsctl when -s option is used incorrectly [bluewave.net] [T-X]
* Fix - Typo making calculation of ul/dl rates incorrect [bluewave.net]
* Fix - Allow port 80 to be configured in the Walled Garden [bluewave.net]
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, gl-inet b1300, gl-inet mt300n-v2, Snapshot, 21.02.0-rc3, 19.07.7
Description:
This version adds new functionality, and fixes some issues
* Add - firewall passthrough mode for authenticated users [bluewave.net]
* Add - use configured debuglevel in authmon [bluewave.net]
* Add - automated log rotation and client_zone to binauth_log [bluewave.net]
* Add - increased timeout interval for file downloads [bluewave.net]
* Add - local interface to MeshZone and remove unneeded call to ip utility [bluewave.net]
* Add - log_mountpoint and max_log_entries options [bluewave.net]
* Add - config variables ext_interface and ext_gateway [bluewave.net]
* Add - Start initial download of remotes only if online [bluewave.net]
* Add - Router online/offline watchdog [bluewave.net]
* Fix - Segfault when gatewayfqdn is disabled [bluewave.net]
* Fix - missing clientmac when not using themespec [bluewave.net]
* Fix - some compiler warnings [bluewave.net]
* Fix - use configured value for webroot for remote image symlink to images folder [bluewave.net]
* Fix - remove refrences to login.sh in documentation and comments [bluewave.net]
* Fix - Prevent potential read overrun within the MHD page buffer [bluewave.net]
* Remove - legacy get_ext_iface() function [bluewave.net]
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, gl-inet b1300, gl-inet mt300n-v2, Snapshot, 21.02.0-rc3, 19.07.7
Description:
This version adds new functionality, improves performance, adds documentation and fixes an issue
* Add - new config options to ndsctl status [bluewave.net]
* Add - Readthedocs / man documentation for configuration options [bluewave.net]
* Add - Faster convergence of average rates to configured rate quotas [bluewave.net]
* Add - BinAuth parse authenticated client database for client data [bluewave.net]
* Add - Use heap allocation for http page buffer allowing large page sizes [bluewave.net]
* Fix - fail to serve downloaded images on custom themespec [bluewave.net]
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, gl-inet b1300, gl-inet mt300n-v2, Snapshot, 21.02.0-rc3, 19.07.7
Description:
This version fixes a compiler error, some compiler warnings and mutes a debug message
* Fix - Compiler error, missing mode in call to open() [bluewave.net]
* Fix - Compiler warning, ignored return value from call to lockf() [bluewave.net]
* Fix - Compiler warning, ignored return value from call to system() [bluewave.net]
* Fix - Compiler warning, ignored return value from call to fgets() [bluewave.net]
* Fix - Remove debug message from call to get_client_interface library [bluewave.net]
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new functionality, some changes and fixes.
New Themed Splash pages are introduced, enabling rapid customisation. Theme placeholders can be populated from information provided in the config file. Remote files and image sources can be defined in the config file and these will be automatically downloaded as required.
Deprecated legacy code from previous versions has been removed.
Tested on OpenWrt, OpenSuse and Debian.
Signed-off-by: rob <rob@blue-wave.net>
This release fixes an issue where some firewall rules containing
the keyword "block" would cause openNDS to fail in startup.
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new functionality and some major changes
* Rationalisation of support for multiple Linux distributions [bluewavenet]
* Refactor login.sh script introducing base64 encoding and hashed token (hid) support [bluewavenet]
* Refactor fas-hid script introducing base64 encoding and simplifying customisation of the script [bluewavenet]
* Refactor binauth_log.sh and log BinAuth custom data as url encoded [bluewavenet]
* Refactor fas-aes, simplifying customisation of the script [bluewavenet]
* Refactor fas-aes-https, simplifying customisation of the script [bluewavenet]
* Change - Use hid instead of tok when fas_secure_enabled >= 1 [bluewavenet]
* Add - base64 encoding to fas_secure_enabled level 1 [bluewavenet]
* Add - gatewyname, clientif, session_start, session_end and last_active to ndsctl json [bluewavenet]
* Add - support for RFC6585 Status Code 511 - Network Authentication Required [bluewavenet]
* Add - Client Status Page UI with Logout [bluewavenet]
* Add - GatewayFQDN option [bluewavenet]
* Add - client interface to status page query string [bluewavenet]
* Add - support using base 64 encoded custom string for BinAuth and replace tok with hid [bluewavenet]
* Add - base 64 decode option to ndsctl [bluewavenet]
* Add - b64 encoding of querystring for level 1 [bluewavenet]
* Add - Improved performance/user-experience on congested/slow systems using php FAS scripts [bluewavenet]
* Add - support for ndsctl auth by hid in client_list [bluewavenet]
* Add - Ensure faskey is set to default value (always enabled) [bluewavenet]
* Add - Display error page on login failure in login.sh [bluewavenet]
* Add - splash.html, add deprecation notice [bluewavenet]
* Add - authmon, improved lock checking and introduce smaller loopinterval [bluewavenet]
* Add - client_params, wait for ndsctl if it is busy [bluewavenet]
* Add - fas-aes-https, allow progressive output to improve user experience on slow links [bluewavenet]
* Fix - Block access to /opennds_preauth/ if PreAuth not enabled [bluewavenet]
* Fix - On startup, call iptables_fw_destroy before doing any other setup [bluewavenet]
* Fix - missing final redirect to originurl in fas-hid [bluewavenet]
* Fix - ensure gatewayname is always urlencoded [bluewavenet]
* Fix - client session end not set by binauth [bluewavenet]
* Fix - Session timeout, if client setting is 0, default to global value [bluewavenet]
* Fix - missing trailing separator on query and fix some compiler errors [bluewavenet]
* Fix - ensure authmon daemon is killed if left running from previous crash [bluewavenet]
* Fix - add missing query separator for custom FAS parameters [bluewavenet]
* Fix - ndsctl auth, do not set quotas if client is already authenticated [bluewavenet]
* Fix - client_params, show "Unlimited" when "null" is received from ndsctl json [bluewavenet]
* Update configuration files [bluewavenet]
* update documentation [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
This version introduces major new enhancements and the disabling or removal of deprecated functionality.
* Add - built in autonomous Walled Garden operation [bluewavenet]
* Add - Support for Custom Parameters [bluewavenet]
* Add - Quota and rate reporting to ndsctl json. Format output and fix json syntax errors [bluewavenet]
* Add - global quotas to output of ndsctl status [bluewavenet]
* Add - Report Rate Check Window in ndsctl status and show client quotas [bluewavenet]
* Add - gatewaymac to the encrypted query string [bluewavenet]
* Add - support for login mode in PreAuth [bluewavenet]
* Fix - get_iface_ip in case of interface is vif or multihomed [bluewavenet]
* Fix - Add missing client identifier argument in ndsctl help text [bluewavenet]
* Fix - fix missing delimiter in fas-hid [bluewavenet]
* Fix - get_client_interface for case of iw utility not available [bluewavenet]
* Fix - php notice for pedantic php servers in post-request [bluewavenet]
* Remove - support for deprecated RedirectURL [bluewavenet]
* Deprecate - ndsctl clients option [bluewavenet]
* Deprecate - legacy splash.html and disable it [bluewavenet]
Signed-off-by: Rob White <rob@blue-wave.net>
* This version - for Openwrt after 19.07 - for compatibility with new MHD API
* Set - minimum version of MHD to 0.9.71 for new MHD API [bluewavenet]
* Set - use_outdated_mhd to 0 (disabled) as default [bluewavenet]
* Add - Multifield PreAuth login script with css update [bluewavenet]
* Add - Documentation and config option descriptions for configuring Walled Garden IP Sets
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This release provides a fix for a Path Traversal Attack vulnerability present in libmicrohttpd's built in unescape functionality.
Signed-off-by: Rob White <rob@blue-wave.net>
Maintainer: Rob White <rob@blue-wave.net>
Compiled and tested on snapshot SDK for mipsel_24kc, mips_24kc and arm_cortex-a7_neon-vfpv4
This is the first release from the OpenNDS project.
The decision has been made by the developers of the NoDogSplash project, to create a new project, beginning at v5.0.0
The two resulting projects are:
* **OpenNDS**, the new project, optimised for development of custom captive portal solutions using the built in Forwarding authentication Services API and associated libraries.
* **NoDogSplash**, the original project, optimised for hardware with very restricted resources (eg legacy 8/32 devices) and supporting only simple templated splash pages.
At v5.0.0 of both projects share a common code base.
However, the two packages will inevitably and rapidly diverge, as OpenNDS is actively developing, whereas NoDogSplash is feature complete for its optimised target use.
Signed-off-by: Rob White <rob@blue-wave.net>
Rob White