
	Brief history of changes made to this software:

Feb 21 - Nov 5, 1994  - Fixes to V1.2
-------------------------------------

	Added DISCLAIMER -- READ it.

	Added much better header parsing code to smapd (by Wietse Venema)

	Added http proxy

	Added X-windows gateway, and x-gw option in tn-gw and rlogin-gw

	Took out the "loghost" option in syslog.c

	Modified smapd to do more sensible things with its queue. It
	will now keep a limited number of children going at a time,
	and will not completely bury the system on startup after a
	delay.

	Fixed netperm-table reading code to handle all blank lines.

	Fixed timeout code in ftp-gw to be more forgiving of systems
	that decrement the passed timeout value.

	Revamping of Makefiles to include a master Makefile.config.
	Please see comments in Makefile.config.

	Added ip-options detection based on 4.4bsd sources for rlogind.

	Moved the "struct direct" configuration option for smapd into
	firewall.h -- see the comments near where it says DIRECT_STRUCT

	Added improved(I hope!) options negotiation that works better
	with TN3270 and other telnet clients.

	Added checksum printing code to snkkey.c

	Moved the smapd compile directive to scan for bad addresses
	to firewall.h -- see the comments near where it says
	SMAPD_SCANBADADDR

	Clarifications: system log entries now are tagged with
	relevance strings for sorting and searching. If the system
	log entry contains the word:
	"securityalert" -- it's probably something you want to know about
	"fwtkcfgerr" -- a firewall toolkit component thinks it is misconfiged
	"fwtksyserr" -- something in how the fwtk uses the O/S failed in
		a mission-critical way
	Using facilities and levels would be easier but this guarantees
	that other system alerts won't clash with toolkit notices.

	Changed Makefiles to rely on top-level FLAGS and AUXLIBS
	parameters. This makes it easier to add global system
	libraries such as -lresolv or -lsocket, etc.

	Updated README

	Fixed ordering bug in search for permitted destinations
	in cmd_passthrough() of ftp-gw

	Fixed byte count not getting updated by tn-gw when in
	raw mode

	Fix to reset curbytes and currecip in smap upon start
	of new message body (DATA command)

	Added FWTK_VERSION string to firewall.h and included a
	reference to it in lib/config.c, which is linked into
	just about all components of the toolkit. Do a:
	strings file | grep -i toolkit
	to extract it

	Fixed minor pointer problem with "localhost" mapping in ftp-gw

	Added deny connect logging to tn/rlogin/ftpgw

	Added ftp-gw summarizer

	Fixed minor problem in auth/db.c where it failed to check for
		an already closed db in authload

	Added authdump and authload to "make install" target for auth

	Fixed loop drop-out in tn-gw where it failed to let you change
	your s/key password [Remy.Giraud@meteo.fr]

	Modified ftp-gw to exit and log an error if given improper
	configuration options.

	Made authsrv log at LFAC instead of LOG_USER

	S/key challenge now uses spaces instead of quotes, for termkey
	users. (nmh@thumper.bellcore.com)

	Revampment of reporting scripts in tools/admin/reporting


Oct 29, 1993 - Feb 17, 1994 - Fixes to V1.1
-------------------------------------------

	Added a general purpose routine for setting out of band
	signalling (HP/UX and SunOs do it differently). See
	firewall.h

	*updated* user's guide, admin guide, and overview slightly.

	Support rand() interface for systems too crippled to use
	random()

	Changed mapu() to better named mapuid() and added ability
	to set group values as well.

	Included AIX authentication module to talk to auth server.
	(Morten.Hermanrud@ibmuio.uio.no)

	Added support for Enigma Logics Silver Card. (AUTHPROTO_ENIGMA)

	Updated version numbers in rlogin-gw, smap, tn-gw, ftp-gw.

	Changed smapd to fopen() files with "r+" -- System V
	file locking requires [at least on SCO] seekability
	on the file. smap does not share this problem if
	using the provided version on mkstemp().

	Removed unnecessary berklisms (fchmod and ftruncate) from
	smap in an attempt to make it more agreeable to sysV machines.

	Fixed minor oversight in options processing in oktotalkto()
	in tn-gw

	Fixed array offset bug in stash_option in tn-gw

	Fixed "password" length compares in source and docs

	Added update to securid client side to work with latest ACE software

	Fixed ftpd to not permit users without password entries to attempt
	to login

	Added hook into ftp-gw to check for command argument to treat
	as a username. This, combined with an ftpd that supports it permits
	ftpd to exec the ftp-gw if it finds an '@' in the user name.
	Added changes to the user() command in the ftpd in tools/server/ftpd

	Added "user@" through proxy to explicitly mean "localhost"

	Added logic to strip first null byte if first byte is null going
	through telnet proxy. This appears to be a bug in some versions
	of telnet, but the exact nature of it remains unknown. The null
	byte was confusing to some telnet servers, so this appears to be
	an effective, inexpensive, though somewhat ad hoc patch.

	Fixed login-sh to set $SHELL environment variable

	Removed truncation bug in tn-gw that chopped long destination
	names at 20 chars

	Fixed an exit(1) in login-sh that should have been return(1)

	Added welcome banner to rlogin-gw


Oct 22-29, 1993 - Fixes to V1.0
-------------------------------
	Fixed synchronization problem with how FTP proxy talks to
	the authentication server.

	Changed all proxies that use authentication (rlogin-gw, tn-gw,
	ftp-gw) to exit if they have an incorrectly configured option. 
	This was deemed proper, since if someone wants to configure
	authentication, and doesn't get the syntax correct, the proxy
	should fail to work at all, rather than working without using
	authentication.

	Changed rlogin-gw to reset local user identity to whomever the
	user authenticated as, if using authentication server.

	Fixed local/global declaration of confp in crypto/cliio.c

	Re-arranged parameter order for password command in authsrv to
	match order of other commands. Somewhat beefed up diagnostic
	messages.

	Major revamping of how tn-gw lies to the client. No more timers
	and all that stuff. I don't know why I didn't think of doing it
	this way before. Works lots better.

	Made the FTP proxy a little more flexible in its handling of
	responses to challenges. It turns out that challenges with
	whitespace in them make some FTP clients unhappy, which
	raised all manner of quoting issues.

	Made FTP proxy handle "USER" command more sensibly with
	authentication, to replace the somewhat awkward "quote auth user"
	approach.

	Updated docs. Added words on rlogin proxy to user's guide.
	Adjusted man pages.

	Removed logentry and logfile options from smap and netacl.
	Everything should use one logging mechanism: syslog.

	Fixed return() that should have been continue; in login-sh,
	which caused it to exit on comments.

	Fixed handling of "baddir" in smapd.

	Changed auth server issuance of bogus challenge to be optional.
	This means that the auth server protocol now must recognize
	that the responses to an "authenticate username" may now be:
	password
	challenge challengestring
	<other text>
	Where the other text is some form of error message. This change
	was reflected in tn-gw, rlogin-gw, ftp-gw, ftpd, and login-sh
	as well as the documentation.

	Added comment to auth protocol, to permit proxies to give
	better logging information to the server. Now all proxies
	send:
	"authorize username 'comment'"
	which is logged. This entailed changes to authsrv and all
	clients. Change is backwards compatible with existing code.

	Added out of band signal support to rlogin-gw so that window
	size changes now propagate correctly. Note that some systems
	without fcntl F_SETOWN will now have to adapt code.

	Added hooks to drop tn-gw into a "raw" mode when talking to
	non-telnet ports through the proxy. This works OK with many
	versions of telnet but some do not function properly because
	they are broken in the first place (Sun's PC-NFS telnet
	client doesn't map cr/lf right)

	smapd's notion of where the sendmail executable resides is
	now configurable.

	Fixed offset bug in -dest !hosts in tn/ftp/rlogin-gw and documented
	the '!' hosts feature (which was present but broken and undocumented
	in V1.0)

	Added more sample config files to config, including some samples from
	TIS' bastion host.

	Changed smap/smapd to no longer operate on publicly readable
	files.

	Added a sleep timeout to authentication failures (see "badsleep"
	in the man page for authsrv. Instead of locking a user account
	permanently, by configuring badsleep, you can disable account
	locking, or set it to a 5 minute (or whatever) lockout.

	Added "SCANBADADDR" option to smapd. If this is configured in
	the smapd makefile, it will perform a draconian translation
	of all '|' characters found in the message envelope (not header)
	to '#' characters.

	Fixed a bug in how "unknown" was processed.

	Fixed conn.c to check rbuf != null, which caused a core dump. :(
