
This file describes the changes to xinetd. The base version is 2.0.0.

2.0.0: (not released)

2.0.1: (not released)

2.0.2:
   Changes to the Makefile.
   Trivial mods to the usage() function

2.0.3:
   Changes to the Makefile.
   Fixed a bug in the usage() function

2.0.4:
   Distribution versions of the Makefile no longer contain any 
   references to options.opt

2.0.5:
   1) Clarified what an "unlisted RPC service" is in the man page
   2) Fixed a bug in remote_address_check which caused access to be denied
      for all hosts if no_access was set and only_from was not set.
   3) Fixed a bug which caused arbitrary syslog levels if the log_type
      was specified as SYSLOG in the "defaults" entry

2.0.6:
   bug fix in child.c: replaced strx_sprint with strx_print when naming
   interceptor processes


-------------------------------------------------------------------------------

2.1.0: (not released)
   This was mostly a clean-up of 2.0
   List of changes:

   A. The man page has been split into 3 parts:
         xinetd.man         :   man page describing the program
         xinetd.conf.man   :   man page describing the configuration file 
                              This file now includes figures about the
                              overhead of interception.
         xinetd.log.man      :   man page describing the log file
   B. New service attributes
         rpc_number         : to support unlisted RPC services
         nice               : to set the nice value of forked servers
   C. The IDONLY service flag was added
   D. Now uses the timer library unless NO_TIMERS is defined. If NO_TIMERS
      is not defined, the following are also available:
         a) a new option, -cc, to do periodic consistency checks
         b) timeout for reconfiguration
   E.   Configuration file man page now mentions that access control is 
      based on IP-address instead of domain address.
   F.   The interception code now sets the TCP_NODELAY option.
   G. The timeout when contacting a remote identification server is
      configurable both when the service request has been accepted and 
      when the request is rejected. In the former case it defaults to
      infinity while in the latter it defaults to 30 sec.
   H. The log line ids are now constants in an include file.
   I. The fsma library is no longer used.
   J. Most structure fields were renamed; certain functions were renamed too.
      Access to structure fields is now via macros.
   K. A bug in not restoring the number of descriptors to the soft limit
      was fixed.
   L. The -pid option works
   M. New internal services:
         "servers"      : lists active servers
         "services"      : lists active services

2.1.1:
   xinetd produces more meaningful messages if it can't start logging

2.1.2:
   Fixed 2 bugs:
      1) xinetd would request a port number for unlisted RPC services
         One could get around this by simply specifying the port attribute
         for the service; the specified value would be ignored anyway.
      2) xinetd initialization might fail sometimes in function msg_init()
         syslog logging was specified (i.e. the option -syslog was used)
         The cause of this bug was that the 
            xlog_control( xlog, XLOG_GETFD, &fd ) 
         operation will not fail for xlogs connected to syslog and
         the value of 'fd' would be used in the subsequent fcntl(). That
         value is arbitrary since 'fd' is a local variable.
         If 'fd' did not happen to refer to an open descriptor, the program 
         would terminate since the fcntl() would fail (btw, the success
         of the fcntl() call would be harmless if 'fd' happened to
         refer to an open descriptor).

2.1.3:
   Bug fix:
      only_from/no_access addresses would get inverted on little-endian
      machines when such addresses were specified using the numeric notation
      (for example, 128.138.45.3). This bug was in the numeric_addr function
      which did not convert the result of inet_addr to host-byte-order.
      A work around for the bug would be to use the factorized address 
      notation (for example, 128.138.45.{3})

2.1.4:
   Bug fixes:
      1) in dgram_echo(), sin_len was not being set before the invocation of
         recvfrom
      2) in finger_shutdown(), it was possible for Srdline() to return NULL
         (if the remote end would close the socket without sending anything).
         If the RECORD option was set in the log_on_failure flags, this
         would cause the forked xinetd process which did the recording to
         die since it would try to dereference a NULL pointer.


2.1.5:
	Bug fixes:
		1) in exec_server() service descriptor might be closed when
		   execing server. This made it impossible to start servers
			for 'nowait' services.  The bug occurred only Ultrix version
			4.3a or (probably) later (bug discovered and fix provided
			by doug@seas.smu.edu)
		
		2) for systems that supported supplementary group id's, the
			set_credentials() function did not set those group id's
			(they were being inherited from xinetd). Now initgroups(3)
			is called to set the supplementary group id's properly.
			(bug discovered and fix provided by maf+@osu.edu)

2.1.6:
	Bug fixes:
		1) xinetd will crash after reconfiguration if there is a running
			server for a service that was removed from the configuration and
			which logs on exit.
		2) xinetd forked process falls in infinite loop if identd server
			sends a reply that is missing the ending CR-LF.
			(bug discovered and fix provided by Laurent.Wacrenier@gin.obspm.fr).

	We also change the LOGUSER_SUCCESS_TIMEOUT constant in config.h from
	0 seconds (i.e. infinite timeout) to 30 seconds. This avoids infinite
	waits in case the remote host does not send a RST reply when we attempt
	to connect to the IDENTD port, and there is no server listening at
	that port.


2.1.7:
	Bug fix: the HOST flag in the 'log_on_success' attribute was ignored;
				the code was incorrectly checking if the HOST flag was
				set in the log_on_failure attribute
				(bug discovered by frolich@corrine.cpc.cs.ucf.edu)

2.1.4-bsdi.0:  (not released)
2.1.4-linux.0: (not released)
	initial BSDI 1.x port
	testing

2.1.4-bsdi.1:
2.1.4-linux.1:
	initial ports
	clean build version
	BSDI 2.x port
	Linux port
	BSDI 1.x, 2.x, and Linux ports first release

2.1.4-bsdi.2:
2.1.4-linux.2:
2.1.4-freebsd.2:
	fix for getrlimit() problem with BSDI; use getdtablesize() instead
	added SIGCONT to list of ignored signals
	code changes for BSDI 1.x RPC support
	code changes for BSDI 2.x RPC support
	removed -DNO_RPC from BSDI 1.x build
	removed -DNO_RPC and _DNO_TERMIOS from BSDI 2.x and Linux builds
	added RPC option code for BSDI 1.x, BSDI 2.x, and Linux builds
	added -clean option to compile-src
	added cvt.c and gcvt.c to misc lib for FreeBSD support
	ported to FreeBSD 2.x

2.1.4-bsdi.3:
2.1.4-linux.3:
2.1.4-freebsd.3:
	added shared lib support for BSDI 2.x
	changed LOGUSER_SUCCESS_TIMEOUT to 30 sec. to prevent child processes
		hanging on no-answer ident queries
	further BSDI 2.x code cleanup

2.1.7-bsdi.4:
2.1.7-linux.4:
2.1.7-freebsd.4:
2.1.7-netbsd.4:
   NetBSD gets its own version & ID
   added SBC patches for binding to specific interfaces
      (courtesy of Nigel Verdon <verdenn@gb.swissbank.com>
       and Neil Todd <toddn@gb.swissbank.com>)
   removed all OS-specific command line defines
   added all Panos' available patches
   added patch for bug in xinetd.2.1.4-linux.3, host address not logged
      (courtesy Ola Rinta-Koski <ola@anjovis.tky.hut.fi>)
		see also 2.1.7 generic patches
   added warning logging if log files are symlinks (to LOG_WARNING facility)

2.1.8: /* Jan Wedekind <jw@Germany.EU.net>, jan@ping.de */
   merge EUnet internal Solaris version and 2.1.7-* versions to one
     generic Makefile, controlled by 'compile-src' and make options
     like 'CC="$cc"' for the compiler. (added -cc option to compile-src).
   added '-host' option to bind to a specific interface
   libs/src/filelog.c:63: Fixed: create new logfile, if file does not exist
	and also log to sym-linked file for '/dev/tty' (debug mode '-d')
	(This has been broken from 2.1.4 -> 2.1.7)

2.2b: /* Jan Wedekind <jw@Germany.EU.net>, jan@ping.de */
   fixing a bug for BIND_IF (taking value from defaults entry)
   merge -host and BIND_IF compile-time option. So we'll always have 
     support to bind all or a specific service to all or a specific 
     IP-Adress.

2.2: /* Jan Wedekind <jw@Germany.EU.net>, jan@ping.de */
   fixing a bug for SVR4/POSIX like localtime(), char* tzname[] (builtins.c)
   reversing sense of man page conversion (.B is default now)

2.2.1: /* Jan Wedekind <jw@Germany.EU.net>, jan@ping.de */
   service.c fixed: double converting sin.s_addr via htonl back to host order

