Tags

v1.1.1

Release eurephia 1.1.1

This is pure maintenance release, fixing several minor issues which has
become a bigger issue in newer Linux distributions with newer compilers.

Important changes:
* Several memory handling bugs has been fixed
* Improved error handling for some SQLite3 query string processing
* Ensure eurephia_init returns with the correct exit code
* Improved the logging if an address is not found in the database
* Sessions not found in the database is no longer an error
* Building eurephia now requires CMake 3.13 or newer
* Building now depends on C99 with GNU extensions

David Sommerseth (18):
      eurephia-auth: Fixed a double-free situation with dev-type is not obvious
      sqlite3: Improve error handling if memory alloc fails for SQL query string
      Fixed issue with missing -ldl on unstable Debian (sid) distro
      Removed some stray left-over variables no longer in use
      eurephia_init: Return with the proper exit code
      eurephia_init/benchmark: We don't need the result from the password hashing
      Correct ugly boundary checks in database init
      plugin: Improved logging of not found addresses in eurephia_learn_address
      plugin: Don't treat not found sessions in eurephinalearn_address() as a failure
      eurephiadm: Don't try to remove session file if it doesn't exist
      build: Update to CMake dependency to 3.13
      plugin: Improve get_env() documentation
      Fix various signedness compiler warnings with XML strings
      utils: Fix unused variable in benchmark function
      Fix incorrect usage of inline and static keywords
      utils: Fix incorrect buffer restriction in prompt handling
      plugin: Fix odd const declarations
      build: Move to -std=gnu99

v1.1.0

Release eurephia v1.1.0

It's a long time since v1.0.1 was released, and a lot of the v1.1 code base
has been tested for a long time, still rock solid.  So instead of squeezing
more features into the v1.1 release, let's push out what we got.

Important changes are:

* Support for TUN mode
* SQLite3 database driver overhauled, improved error handling and reporting
* SQLite3 admin reports will now use the local time zone instead of UTC/GMT
* efw-iptables driver improved with new API for communication from eurephia-auth
* Documentation updates
* Enhanced build checks on newer Linux platforms
* Several bug fixes in eurephiadm and eurephia_init

v1.0.1

eurphia v1.0.1

This release is a pure bugfix release, both solving several potential
and reported issues.

The most sever issue is a stack smashing issue which was discovered and reported
to https://sourceforge.net/tracker/index.php?func=detail&aid=3051513&group_id=236344&atid=1099760

It also added updates to eurephia.spec during the package review for Fedora.

The complete list of changes are:
      Updated errornous URL for eurephia sources in .spec file
      Added extra checks for POSIX semaphore functions
      More updates to eurephia.spec
      Show which cmake version is being used before starting the configuration
      Cosmetic debug logging fix
      Updated with comments from Fedora package reviews
      Corrected a typo in eurephia_init
      Fixed Doxygen complaints
      Fixed an overflow issue with memset() in eurephiadm
      Do check the result of fgets()
      Fixed compiler warning: loop could be used uninitialised
      Fixed a buffer overflow issue in eurephia_init
      Fixed a SEGV issue when adding values to a value chain
      Indicate that CMake 2.6.1 is needed in Doxygen docs.

To get a more comprehensive changelog, please do:

     $ git log v1.0.0..v1.0.1

v1.0.0

eurephia v1.0.0

The first stable release of eurephia is finally ready!

Changes from v0.9.6_beta:
* Updated several help screens for eurephiadm commands
* Updated eurephia.spec file for this release
* Added man pages for
    - eurephia-auth (the OpenVPN plug-in)
    - eurephia-variables  (configuration variables)
    - eurephiadm and all it's commands
    - eurephia_init
    - eurephia_saltdecode

The code base is practically the same as v0.9.6_beta, but has been
under long time testing in production environments.  This testing have
been successful and eurephia has proved itself stable.

v0.9.6_beta

eurephia 0.9.6_beta

Highlights from the changelog since eurephia 0.9.5_beta:
-----------------------------------------------------------------------------
* BUGFIX: Fixed two memory leaks in the firewall implementation
	- The firewall context was not removed upon shutdown
	- The forked firewall thread had an open connection to the database
	  which was never closed.  This connection is not needed, so it is
	  closed immediately in the child thread.

* BUGFIX: usercerts did not show any useful information on successful
	--set-fwprofile actions

* BUGFIX: users --list did not show unique certificate information on
	users with multiple certificates.

* BUGFIX: eurephiadm session key was truncated to 65 bytes and should
	be 128 bytes.

* ENHANCEMENT: Due to the updated OpenVPN eurephia patch, the certificate
	digests are now received in lower case in the eurephia plug-in.
	Certificate digests will now be processed as lower case strings
	consequently in both the plug-in and eurephiadm when interacting
	with the database.  This fixes potential compatibility problems
	between OpenVPN releases earlier than 2.1_rc21 and newer versions.

* ENHANCEMENT: Do not log source filename and line number if DEBUG is not
  enabled during compilation.

* To enhance the security, the certificate depth is now consequently processed
  as an integer

* Added RPM spec file to easily build eurephia on RPM based distros

* mlock() memory regions containing sensitive information.
-----------------------------------------------------------------------------

v0.9.5_beta

eurephia v0.9.5_beta

Highlights from the changelog since eurephia 0.9.4_beta:
-----------------------------------------------------------------------------
* BUGFIX: eurephiadm usercerts did not accept --accessprofile|-a argument
	when egistering a new usercert link.

* BUGFIX: eurephiadm fwprofiles --list showed minimum usage of 1 even though
	nobody was using a firewall access profile and the correct usage
	count should be 0.

* BUGFIX: eurephiadm users --add did not accept -D as short argument for
	--digest.

* BUGFIX: eurephia_init did not add all available privilege levels when
	creating the administrator account.

* BUGFIX: Added missing help screen for eurephiadm usercerts --list mode.

* BUGFIX: eurephiadm attempts listing will now use the 'registered' date if
	'last_attempt' is empty.

* BUGFIX: Corrected failing delete mode in eurephiadm blacklist command.

* BUGFIX: Corrected wrong argument description for eurephiadm attempts and
	blacklist commands.

* BUGFIX: Removed invalid information from adminaccess help screen.

* BUGFIX: SQLite3 driver did not remove configure parameters from memory
	when deleting them from DB.

* BUGFIX: The eurephia low-level part of the sqlite3 driver leaked memory
	in error situations.

* BUGFIX: Fixed console input in eurephia_init which had too small input
	buffers in some of the "wizard" questions.

* BUGFIX: Avoid crash in xmlFindNode() function when input node is NULL.

* FEATURE: Added --set-fwprofile mode to the eurephiadm usercerts command
	This mode updates the firewall access profile for at user-certs
	link.

* FEATURE: Added --gcov option in ./configure, to enable gcov coverage.

* FEATURE: Improved debugging info on malloc_nullsafe() and free_nullsafe()
	calls.

* FEATURE: Added logging to syslog.

* FEATURE: File logging now provides even more detailed information about
	where the logging happened.

* Added -fno-delete-null-pointer-checks to avoid compiler to do wrong
	assumptions when compiling eurephia.

* Added some more compiler optimisations.

* eurephia_init: Changed the short argument for --hash-threshold-max to -M.

* Simplified the database driver API:
	- Unified eDBadminGetUserCertsList(...) and
	  eDBadminUpdateUserCertLink(...) to eDBadminUserCertsLink(...).

	- Unified eDBadminConfigSet() and eDBadminConfigDelete()
	  to eDBadminConfiguration() and changed the API to use XML.

	- Unified eDBadminGetAdminAccess() and eDBadminEditAdminAccess()
	  to eDBadminAccessLevel().

	- Unified eDBadminGetCertificateInfo(), eDBadminAddCertificate()
	  and eDBadminDeleteCertificate() into eDBadminCertificate().

	- Unified eDBadminAddUser(), eDBadminUpdateUser(),
	  eDBadminDeleteUser(), eDBadminGetUserList() and
	  eDBadminGetUserInfo() functions to eDBadminUserAccount().

	- All of these unified APIs do now make use of XML.

* Improved result handling from XML functions, a suitable result or error
	message is now transported in most cases to the front-end application.

* Moved all malloc() calls over to malloc_nullsafe() which uses calloc().
	This also removes the need of calling memset() after malloc().

* Improved SQLite3 query method making it safe when parallel queries are
	being executed.

* Improved data extraction of data coming from the OpenVPN plug-in API,
	to avoid buffer and integer overflows.

* Fixed compilation warning on 32bit architecture.

* SOURCE: Cleaned up CMake files, made it possible to build openvpn plug-in
	without libxml2.

* SOURCE: Cleaned up the code, removed dead code, reorganised the SQLite3
	driver.

* DOCS: Added a doxygen configuration.  Commented as much as possible of the
	source code.
-----------------------------------------------------------------------------

v0.9.4_beta

eurephia v0.9.4_beta release

v0.9.3_beta

Beta - v0.9.3

v0.9.2_beta

Beta - v0.9.2

v0.9.1_beta

First public beta

v0.9_beta

alpha_0.8.1

alpha_0.8

Last alpha release, next will be beta

alpha_0.7

Tested all untested features ... worthy a alpha_0.7 tag

alpha_0.6

alpha_0.5

alpha_0.4

alpha_0.3

alpha_0.2