Fixes in 0.5.3k
! Fixed: HTTP headers were not counted in in/out statistics

Fixes in 0.5.3j
!! Fixed: double free() if OPEN is issued twice in ftppr, reported by
  xiaojunli.air. 0.6 branch is not affected. Impact is believed to be DoS.
  (CVE-2007-5622)

Fixes in 0.5.3i
! Fixed: traffic counting and bandwidth limitation

Fixes in 0.5.3h
!! Serious buffer overflow fixed on transparent requests handling
! Fixed traffic limiting for limits >4GB

Fixes in 0.5.3g
! Previous fixes were not backported completely from 0.6
! Fixed ident string should not be freed for openlog() to prevent garabase in
  syslog().

Fixes in 0.5.3f
! Fixed SOCKSv4 for parent proxy

Fixes in 0.5.3e
! Fixed POST request problem with NTLM authentication

Fixes in 0.5.3d
! Fixed endless loop on 'udppm -s'

Fixes in 0.5.3c
! Fixed aborted download on some requests

Fixes in 0.5.3b
! Fixed double 3xx reply on USER command in ftppr.

Fixes in 0.5.3a
! 64-bit pointer arythnmetics problem fix applied to ntlm.c
  (requested by Mike Frysinger)

14.10.2006
Fixes backported from 0.6 as 0.5.3:
!! Fixed: NTLM authentication doesn't work for NT-encoded passwords and may
  cause account blocking (reported by boris16 at tut.by)
! Fixed: offer NTLM authentication before basic
! Fixed: buffered input may double some data on empty reads
+ FTP diagnostics improved for FTP login problems
! SOCKS BIND/UDPASSOC problems fixed (based on Artem Rebrov's patch)
! Fixed: endless loop on configuration parsing if ACL weekdays are given as
  a comma delimited list (reported Andrey S. Alexeenko).

10.03.2006
Changes backported to 0.5.2

10.03.2006
! Fixed: CONNECT with http parent 
+ bandlimout / nobandlimout implemented
! Copyrights and banners fixed

08.03.2006
! Minor poll() code cleanup

06.03.2006
! Socks 4a name resolution fixed
! Name resolution function was not cleared after configuration reload

03.03.06
! Print comments in traffic report

26.02.06
! Check POLLERR / POLLHUP for revents

21.02.06
+ "monitor" command added to reload 3proxy if monitored file changes

13.02.06
! Some files are renamed for autotools compatibility

07.02.06
! Fixed: insufficient timeout on buffers flushing, leads to loss
  of data if connection to client is worse than connection to server.

06.02.06
+ -b (bufsize) parameter added to every service
! flushing improved to prevent data loss at the end of output 

03.02.06
! Documentation corrected

10.01.06
+ Documentation updated
! Buffered UDP data loss on exit is fixed for sockmap

30.12.05
! Minor interface fixes

27.12.05
+ English FAQ added

20.12.05
! Fixed: crash on counters in webadmin if "NONE" counter rotation type
  is used.

09.12.05
! Use bind port from BIND request for SOCKSv5 server

30.11.05
! Do not buffer UDP packets

30.11.05
! Do not drop connection on unknown command

29.11.05
! Do not drop connection on POP3 CAPA.

28.11.05
! Fixed: recv() may be called with small buffer on UDPPM

23.11.05
! Fixed: programming bug in $ file inclusing
! Fixed: webadmin conter type uses stack for return value

17.11.05
+ Makefile.Solaris added, thanks to 'pqr'.
! Cleaned pointer conversion warnings

15.11.05
! define PTHREAD_STACK_MIN if not defined to compile under Solaris
! S_NONE renamed to S_NOSERVICE to compile under Solaris

14.11.05
! Linger period is set to STRING_L (60 sec default)

10.10.05
! Add some grace period to shutdown services before exit

03.10.05
! Linger added to FTP socket to avoid data loss on socket close

29.09.05
+ Added H (hour) and C (minute) routation support to countin

22.08.05
! Fixed: UDP resolver (nserver) fails to resolve name if reply contains
  no additional records (for example dnscache from djbdns).

06.08.05
!!Workaround added for Windows XP SP2 / Windows 2003 SP1 problem with
  2 selects on single datagram socket. udppm -s and dnspr hang on random
  time while sending packets to client, sometimes causing client timeouts.


05.08.05
! Fixed problem with UDP mappings
! Workaround for strange Windows XP bug with sendto() delay for 2 secs
  if no select() was performed on socket

30.07.05
! Error handling on SOCKSv5 parent improved

28.07.05
+ Support for parent SOCKS4b/SOCKS5b (broken implementation with shortened
  server reply) added. I never saw such server by they say there are.
  socks4b, socks5b options for parent proxy.

22.07.05
+ Name resolution for parent CONNECT, SOCKSv5 and SOCKSv4a proxy server
  added, should work with "fakeresolve" option (connect+, socks4+
  socks5+ options for parent proxy).

13.07.05
! Fixed: reading behind allocated memory in myrand() entropy
  gathering function (leads to occasional craches) intrdoduced
  on June, 20.

12.07.05
! Use client port only for portmappers
! Code reviewed for possible double close()

10.07.05
! Improved quote handling in config files. No any string can be quoted
  (for example Thi"s is a test" is same as "This is a test", fixed a
  problem with using quotes with $ macro.

01.07.05
+ Added RSA copyright text to 'mycrypt' to allow binary redistribution
  for this tool only.

22.06.05
+ try to use same (unprivileged) port as client for outgoing connections
  for portmappers
! admin -s now only shows counters related to user
! Fixed: impossible to set traffic limit to even number of GB

20.06.05
! -a option corrected again (had inverted action)
+ -a1 option added to report random information about client IP
+ -s option added to 'admin' to allow safe-only commands (user mode)

26.05.2005
! -a option corrected

25.05.2005
+ 'Y' (annually) option added to counters, logfile rotations, etc
+ -a (anonymous) option added to proxy server

21.05.2005
! socks: only allow UDP mapping from same IP with control connection
! socks: always log network parameters for control connection
! check timeout to be below 2000000

20.05.2005
! invalid sendto() argument fixed (may affect UDP mapping and sometimes
  TCP under very rare configurations)
! set sasize before sendto
! socks checks requested address to be non-zero
! socks checks requested port to be non-zero
! socks: do not change UDP client parameters before UDP packet received

19.05.2005
+ 'include' command added to 3proxy (include one config file from another
   config file)
! handle EAGAIN on send()/recv()

18.05.2005
! More detailed problem code in mapping code

17.05.2005
! Fixed typo with dnspr logging

16.05.2005
+ dnspr can now resolve records different from hostname (request is proxied to
  first DNS server in the list, reply is not cached).

14.05.2005
! Fixed: mishandled socket error in dnspr code

13.05.2005
! Few minor fixes in HTTP proxy code (timeout in initial handshake lefts
  some garbage in request buffer).
! Fixed short timeout in FTP proxy code
! Mapping code is changed to leave unsent data on buffer

06.05.2005
! Prevent race conditions with 100% CPU usage in socksmap (introduced 30.04)

03.05.2005
! Fixed: double free() in authentication (probably introduced on 04.04)
! Changed to POLLIN/POLLOUT/POLLPRI for more compatibility

30.04.2005
! Fixed: double free() in FTP over HTTP (probably introduced on 04.04)
! Fixed: in very rare situation may loose some data at the and of connection

27.04.2005
! stack size increased (reported problems under some OSs)
! Fixed: -l option for service executable leads to NULL-pointer reference
!!! Moved from select() to poll() on *nix. Please upgrade your Makefiles.

25.04.2005
! set thread stack size explicitly to prevent problems with some Linux 2.6
  kernels.

22.04.2005
! Never fallback to gethostbyname() if nameservers are configured to prevent
  locking on *nix platforms
!!Fixed: name resolution is called while mutex is locked in HTTP proxy
  leading to long lasting blocking.

21.04.2005
! Fixed: dnspr returns A record of invalid class (fails with some resolvers)
!! Socket I/O  is now non-blocking

19.04.2005
! bandlimits changed to avoid floating point operations

11.04.2005
+ Log if new connections delayed because of too many accepted connections

04.04.2005
! Fixed few minor rare memory leaks

03.04.2005
! Fixed: HTTP proxy should ignore Content-Length for 304 response

14.03.2005
! MD5 password hashin within mycrypt utility fixed
! dnspr logging now shows DNS server IP instead of resolved IP, resolver IP
  is shown in additional info

11.02.2005
! Configuration reload removed from signal handler

31.01.2005
! Limit for maximum log string size increased to ~4K
! large FD_SETSIZE and FD_SETSIZE check is not required under Windows

28.01.2005
! Fixed: -s options for udppm

17.01.2005
! Fixed: invalid IP may appear in logs and bandlimits on redirection

13.01.2005
+ fakeresolve option added

21.12.2004
! Fixed: traffic limits are set improperly for traffic over 1Gb

11.12.2004
! 0.6 development started

11.12.2004
Commited as 0.5b
11/12/2004 3[APA3A]tiny proxy 0.5b
New features marked with !.

 Features:
  1. General
	+ HTTP/1.1 Proxy with keep-alive client and server support,
          transparent proxy support.
	+ FTP over HTTP support.
	+ DNS caching with built-in resolver
	+ HTTPS (CONNECT) proxy
	+ SOCKSv4/4.5 Proxy
	+ SOCKSv5 Proxy
	! UDP and bind support for SOCKSv5 (fully compatible with
	  SocksCAP/FreeCAP for UDP)
	+ Transparent SOCKS->HTTP redirection
	! Transparent SOCKS->FTP redirection
	! Transparent SOCKS->POP3 redirection
	+ POP3 Proxy
	! FTP proxy
	! DNS proxy
	+ TCP port mapper
	+ UDP port mapper
	+ Threaded application (no child process).
	! Web administration and statistics
  2. Proxy chaining
	+ Parent proxy support for any type of incoming connection
	+ Username/password authentication for parent proxy(s).
	+ HTTPS/SOCKS4/SOCKS5 and redirection parent support
	+ Random parent selection
	+ Chain building (multihop proxing)
  3. Logging
	+ turnable log format compatible with any log parser
	+ stdout logging
	+ file logging
	+ syslog logging (Unix)
	+ ODBC logging (Windows and Unix)
	+ log file rotation (hourly, daily, weekly, monthly)
	+ automatic log file comperssion with external archiver (for files)
	+ automatic removal of older log files
	! Character filtering for log files
	! different log files for different servces are supported
  4. Access control
	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
	combined) bandwith limitation
	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
	combined) traffic limitation per day, week or month
	+ User authorization by NetBIOS messanger name
	+ Access control by username, source IP, destination IP, destination
	port and destination action (POST, PUT, GET, etc), weekday and daytime.
	+ Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
	+ Connection redirection
	+ Access control by requested action (CONNECT/BIND, 
	  HTTP GET/POST/PUT/HEAD/OTHER).
	! NTLM authentication for HTTP proxy access
	! All access controle entries now support weekday and daytime
	limitations.
  5. Configuration
	+ support for configuration files
	+ support for includes in configuration files
	+ interface binding
	+ running as daemon process
	+ utility for automated networks list building
     Unix
	+ support for chroot
	+ support for setgid
	+ support for setuid
	! support for signals
     Windows NT/2K/XP/2K3
	+ support --install as service
	+ support --remove as service
	+ support for service START, STOP, PAUSE and CONTINUE commands (on
	PAUSE no new connection accepted, but active connections still in
	progress, on CONTINUE configuration is reloaded)
     Windows 95/98/ME
	! support --install as service
	! support --remove as service
  6. Compilation
	+ MSVC (msvcrt.dll)
	+ Intel Windows Compiler (msvcrt.dll)
	+ Windows/gcc (msvcrt.dll)
	+ Cygwin/gcc (cygwin.dll)
	+ Unix/gcc
	+ Unix/ccc

 Known bugs:

	report to 3proxy@security.nnov.ru

 Planned for future (0.6) release:
   - External modules API
   - Addon URL, antiviral, HTTP cache filters modules, authentication
     modules for different protocols (RADIUS, PAM, integrated system, etc).

$Id: Changelog,v 1.154 2006/03/08 18:44:00 vlad Exp $

11.12.2004
+ man page for 3proxy.cfg added

09.12.2004
! restarting SQL on reloading configuration

08.12.2004
! Typo fixed in sockmap preventing portmappers from functioning

06.12.2004
+ Network input is now buffered, decreasing CPU usage
- Debugging printf() removed from ftppr

30.11.2004
!! Fixed: memory content may be leaked on FTP error in HTTP proxy
! Few race conditions with double socket closing fixed in FTP proxy
+ Content-Length is checked to do not allow traffic overdraft via HTTP proxy
+ Connection now can be aborted due to traffic limit (code 90)

24.11.2004
! 333 error removed - no longer required

23.11.2004
! Deadlock in checkACL() (introduced 18.11) fixed

20.11.2004
! All mutex operation are now atomic to prvent deadlocks
! Race conditions with bamdlimits on reload fixed

18.11.2004
! Mutex logic overwritten, should clear reload races completely
! Fixed socket leak on some failed FTP operations
! FD_SETSIZE increased, check for FD_SETSIZE added

04.11.2004
! Fixed: Maxconn limitation doesn't work, may lead to resource exhaustion
  attacks
! Fixed: reference to unallocated memory if fails to create new thread
  (may lead to crash together with previous bug).

03.11.2004
! Fixed: Wrong type for "ace.users" in datatypes.c
! Partially fixed: race conditions on reload in alwaysauth()

02.11.2004
! race condition in sql_init on reload fixed
! minor code cleanup
! typo with SQL deadlock introduced on last fix fixed
! checked few memory allocation calls missed with debug library (myalloc)

30.10.2004
! Fixed: minor memory leak on SQL error

28.10.2004
+ HTTP parent redirection for FTP requests

23.10.2004
! Fixed: access to free()'d memory in ODBC functions after few 
  configuration reloads
! Configuration reload is more (but not yet completely) thread safe 
  now.

17.10.2004
! Fixed: Content-Type: missed in web interface

16.10.2004
! Fixed: log may show invalid IP/port for parent proxy connection

12.10.2004
- Debug printing to stdout in webadmin removed

11.10.2004
! Race conditions fixed, could cause 3proxy to crash on configuration reload

28.09.2004
! Limitation for maximum string length in config file removed (for included files)

26.09.2004
! Typo corrected preventing compilation under *nix

18.09.2004
! URL decoding corrected (affect HTTP over FTP clients)
+ "writable" command added to allow config modification via Web interface
+ Config file can be edited via web interface

14.09.2004
! Crash on HTTP redirections introduced on 08.09 fixed.

11.09.2004
+ Weekday based access control is now possible
+ Time based access control added
! Speed improved in ACL checks

08.09.2004
+ * can be used as external username with a meaning of username should be
  requested from user.
+ %n1-n2T is now available in logformat to log only few field of service
  specific text
+ -t (silent start) option added

20.08.2004
! Yesterday fix was broken, corrected.

19.08.2004
! Fixed: target address is logged instead of proxy address in a case
  of redirection

09.08.2004
! Fixed: under *nix if service fails to bind() port for few hours it falls
  into endless loop with logging and high CPU usage.

03.08.2004
! Fixed: select() changes tv value on some Linux kernels (100% CPU usage)

02.08.2004
! Fixed: wrong initialization for counter descriptor (causes some stdout
  noise).
! Fixed: no HTTP proxy diagnostic message if host name doesn't resolve
! Fixed: NULL pointer crash if no format specified

30.07.2004
! Few bugs with counters and bandlimits introduced yesterday fixed

29.07.2004
! Fixed few memory leaks on restart
! Some code cleanup for configuration information storing
+ Statistics extended
+ Added "Zombie" threads support (service thread waiting for child shutdown
  to exit).
+ Every service can now have different log format and character filtering
+ It's now possible to set logformat for service from command line

28.07.2004
! Fixed: ACLs are not cleared on reload
! Fixed: bind() warnings on reload under *nix
!! Fixed potential race conditions DoS on some Unix systems with thread
   exit on aborted connection (accept(): Software caused connection abort)

24.07.2004
+ Web interface shows information about all currently running services and
  clients (plain format just for debugging, will be rewrtitten later)

23.07.2004
! Fixed: wrong external ip/port in logs sometimes on internal redirection
+ HowTo and FAQ (Russian) added to documentation, documentation corrected

22.07.2004
+ Added logging options for request duration and average send/recieve
  speed per request

20.07.2004
! Changed default password for anonymous FTP
! Improved diagnostic messages for FTP over HTTP errors

19.07.2004
! Changed FTP behaviour for some RFC ignorant sites

17.07.2004
+ services and clients are now registered for future extensions
! counters show wrong result problem introduced yesterday fixed
! fixed descriptor leak on configuration reload
! fixed theoretical problem with client number limitations
! few theoretical mutex leaks fixed

16.07.2004
+ 3proxy can now read configuration from stdin under *nix,
  3proxy.cfg can be executable 
+ 'config' command added to allow 3proxy reload configuration in chroot'ed
  environment or if configured from stdin.
+ 'end' command added
+ Man pages in HTML added

14.07.2004
! Minor casting issues, Unix compilation issues fixed
+ counters sample added

13.07.2004
+ Configuration improved and repacked

08.07.2004
! Problem introduced yesteday (after rotation logs do not print to
  logfile) fixed.

07.07.2004
! Fixed FTP behaviour on RFC ignoring FTP sites (ftp.drweb.ru).
! Config file example updated with FTP proxy service configuration
+ Logging changed to allow personal log files for every service (without
  rotation) and to work on older FreeBSD systems.

05.07.2004
! Fixed call to free'ed memory (could cause crash on reloading 3proxy
  configuration in 0.5b-devel after 28.06.2004)

30.06.2004
! Fixed redirection crash if parent username/password is not specified
! Fixed documentation buf (%h instead of %n for hostname in logformat)

28.06.2004
! Minor changes in error messages generation

25.06.2004
! distributive repacked, some Russian documentation by Kirill Lopuchov
  added

24.06.2004
! realm sometimes is not shown in proxy-authentication

23.06.2004
! fixed maxconn parameter was not set to default value on proxy reload.
! fixed typo in pop3p causing it to fail

22.06.2004
! ftppr.c typo corrected, preventing compilation under unix.

19.06.2004
+ FTP proxy (compatible with both USER and OPEN mode). Redirection to
  FTP proxy from SOCKS

18.06.2004
+ Local redirection to POP3 proxy is now awailable.
! Fixed race conditions with double socket closing in POP3 proxy

17.06.2004
!! Threading problem causing minor memory leak and preventing 3proxy
   from functioning under few OS versions (including Linux) after
   some number of requests fixed.

16.06.2004
! Authentication problem introduced on 05.06 fixed

15.06.2004
! FTP over HTTP proxy supports spaces, quotes and 0x255 in filenames.
!! Potential security risk fixed: FTP password may appear in log if
   URL ftp://user:password@server is used.

09.06.2004
! NTLM is enabled by default. Use proxy -n to disable NTLM for proxy service
  (for example, if crypt passwords are used).

05.06.2004
!! Potential security leak fixed: POP3 proxy password can appear in log if
   proxy username is configured as proxyuser:proxypassword:pop3user@pop3server
   in POP3 client program
! Child invocation code rewritten to avoid code dupclication.

27.05.2004
! Reloading is now fast (new thread starts before old one dies)
! Milliseconds are printed as .3 (not .4) in logs

22.05.2004
+ Reload command added to Web interface and SIGUSR1 handling
! Problem fixed: no mode is given to open() with O_CREAT for counter files,
  counter file can be created as read only under Windows or with invalid mask
  under Unix.
! Do not fail if bind() fails
! Setsockopt for integer options corrected
! REUSEADDR added to avoid "Address already in use" problem if restarted
  under Unix

18.05.2004
+ Installation/removal as a service under Windows 95/98/ME now supported.

17.05.2004
! Fixed: 3proxy hangs on socket error during config reading

14.05.2004
! For HTTP proxy NTLM authentication both ntlm and basic are now advertized
  to client for compatibility
! Optimization parameters are changed and stack protection is turned on for
  MSVC (Windows default) compilation.
! Fixed: exiting thread shows last client IP in log
  

27.04.2004
! Fixed: Microsoft domain authentication to web server may fail via
  transparent HTTP proxy with some IE versions.
! HTTP HEAD now recognized

23.04.2004
! Fixed compilation issues under Unix

22.04.2004
+ Configuration now can be dynamically reloaded with
  net pause 3proxy / net continue 3proxy or by sending SIGPAUSE twice
  without breaking connections
! 3proxy is now distributed compiled with Microsoft Visual C++, thanx
  to MS for releasing "Microsoft Visual C++ Toolkit 2003" for free.
! Few bugs introduced in latest versions (username/password for parent proxy,
  dnspr and single packet UDP are fixed)

13.04.2004
+ NTLM authentication for proxy server (yes, it works under *nix). It will
  not work with crypt password, only CL or NT. Use proxy -n to allow NTLM.
! potential DoS (NULL pointer) condition fixed in configuration with crypted
  passwords

08.04.2004
+ %n (hostname) added to logformat

05.04.04
! compilation problem under Unix fixed

01.04.04
! problem with portmappers fixed (introduced on last modification)

20.03.04
+ FTP messages are shown now
! FTP problem with links with absolute paths fixed
! No more authentication requested for user if ACL denies access to resource
  in HTTP proxy.
! ACLs are now stored in predefined container. It's required for future
  improvement (Cisco-like ACL configuration and configuration reload without
  restarting proxy). As a backside, number of ACLs is now limited to 256.
! Function for configuration reading implemented for future improvements.

12.03.2004
! error text generation changed for pthread_create (use return code
  instead of errno). Memory leak on failed pthread_create fixed.

02.03.2004
! Transparent proxy fixed to work with ports different from 80.
! Workarond for Internet Explorer invalid Host: header bug

28.02.2004
+ -+ options added to logformat for character filtering
! ' character now filtered only if logged via ODBC
! few bugs fixed in ODBC logging reliability code. Now 3proxy should better
  handle broken database connections.

26.02.2004
! user32 added to library list for MSVC

24.02.2004
! Ask installation confirmation before installation

23.02.2004
! ttl now is real for DNS proxy proxy reply

21.02.2004
+ dnspr - DNS caching proxy added to 3proxy module. Listens on UDP/53
  and answers hostname requests. Requires nserver/nscache to be configured.
! 3proxy wanrs user if installed as Windows service
! 3proxy child threads are now started faster

22.01.2004
! mutex deadlock fixed if gethostbyname() is used under Unix

19.01.2004
! compilation issue fixed for MSVC (definition inside code)

15.01.2004
! bug fixed in configuration reading getip() called befor WSAStartup
  (thanks to Kerd)
! bug fixed with parent CONNECT proxy (thanks to Kerd)

11.01.2003
+ Few man pages added

06.01.2003
+ now it's possible to use "" inside quotation for double quote sign (for
  example "say ""hello world"""

04.01.2004
+ maxconn configuration option added

19.12.2003
+ New "safe" memory allocation library implemented. It may slow down
  performance but is thread safe and never cause memory fragmentation.
! Memory leak in redirection SOCKS->HTTP fixed

11.12.2003
! Memory leak in UDPPM fixed

29.11.2003
+ Copyrights added to banners
!! Few signed/unsigned mismatches fixed (including potentially dangerous)

27.11.2003
! 'redirect' now can be used with hostname instead of ip address

21.11.2003
! POP3 proxy bug fixed

04.11.2003
! '@' situation in username for POP3 proxy corrected 
  (pop3name@pop3realm@pop3server)

03.11.2003
! One more bug with 'archiver' causing 3proxy to crash on log archieving
  fixed

29.10.2003
! Some threading safety is added for logging (inet_ntoa and ODBC
  re-initialisation)

28.10.2003
! Bug causing daily log filename to work as weekly fixed
! 'daemon' example moved to beginning of configuration file

16.10.2003
+ pidfile configuration option added
+ processing for SIGCONT (pause/resume) and SIGTERM (termination) added
  under Unix

01.10.2003
! Weekly log filename now is generated by the date of last Sunday.
! Do not strip executable for Unix (must be stripped during installation).

21.09.2003
! Bug fixed in "log" command processing (wrong buffer was used
  for filename generation)

16.09.2003
! socksmapping algorythm changed to handle incomlete send() (for *BSD).

15.09.2003
! mutex added to gethostbyname() to avoid thread unsafety. It slows
  down proxy if no nserver configured (it MUST be for *nix!) but prevents
  crashing on active usage.
! signal() handling is added for SIGPIPE. It seems to be some race conditions
  on FreeBSD between send() and gethostbyname() somewhere causing SIGPIPE on
  gethostbyname().

13.09.2003
! NULL reference corrected if rotate is given without archiver

11.09.2003
! Few additional checks added for open()/fopen() to do not crash on invalid
  files in config
! Buffer moved from stack to heap in socks.c to eliminate crash on FreeBSD

10.09.2003
! Bug in SOCKSv5 UDP mapping corrected. Now it works fine (checked with
  Unreal Tournament) with both SocksCAP and FreeCAP.

06.08.2003
! Algorithm for SOCKS5 bind/udp assoc port selection is now intellegent
  enough to allow server applications to use same port number on socks
  server if available and not denied by access list
! SOCKS5 bind/udp assoc now matches incoming connections/packet
  with IP address from request in accordance to RFC 1928 to improve
  security

04.08.2003
!!! Bug fixed sometimes causing 3proxy to crash if parent proxy is used
!!! UDP associate finaly completed and is fully functional
    (tested with SocksCAP on Unreal Tournament). 
!!! TCP bind code re-checked, and is probably working (doesn't work
    on SocksCAP because of SocksCAP bug
!!! Socket leak on nbname auth fixed

21.07.03
+ Web administration module created
+ Dynamic enable/disable for counters now available via web interface

19/07/2003 3[APA3A]tiny proxy 0.4
New features marked with !.

 Features:
  1. General
	+ HTTP/1.1 Proxy with keep-alive client and server support,
          transparent proxy support.
	! FTP over HTTP support.
	! DNS caching
	+ HTTPS (CONNECT) proxy
	+ SOCKSv4 Proxy
	+ SOCKSv5 Proxy (TCP only)
	+ Transparent SOCKS->HTTP redirection
	+ POP3 Proxy
	+ TCP port mapper
	+ UDP port mapper
	+ Threaded application (no child process).
  2. Proxy chaining
	+ Parent proxy support for any type of incoming connection
	+ Username/password authentication for parent proxy(s).
	+ HTTPS/SOCKS4/SOCKS5 and redirection parent support
	+ Random parent selecttion
	+ Chain building (multihop proxing)
  3. Logging
	+ turnable log format
	+ stdout logging
	+ file logging
	+ syslog logging (Unix)
	+ ODBC logging (Windows and Unix)
	+ log file rotation (hourly, daily, weekly, monthly)
	+ automatic log file comperssion with external archiver (for files)
	+ automatic removal of older log files
  4. Access control
	! ACL-driven (user/source/destination/protocol or combined) bandwith
	limitation
	! ACL-driven (user/source/destination/protocol or combined) traffic
	limitation per day, week or month
	+ User authorization by NetBIOS messanger name
	+ Access control by username, source IP, destination IP, destination
	port and destination action (POST, PUT, GET, etc).
	+ Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
	+ Connection redirection
	+ Access control by requested action (CONNECT/BIND, 
	  HTTP GET/POST/PUT/HEAD/OTHER).
  5. Configuration
	+ support for configuration files
	+ support for includes in configuration files
	+ interface binding
	+ running as daemon process
	+ utility for automated networks list building
     Unix
	+ support for chroot
	+ support for setgid
	+ support for setuid
     NT
	+ support --install as service
	+ support --remove as service
	+ support for service START, STOP, PAUSE and CONTINUE commands (on
	PAUSE no new connection accepted, but active connections still in
	progress)
  6. Compilation
	+ MSVC (msvcrt.dll)
	+ Intel Windows Compiler (msvcrt.dll)
	+ Windows/gcc (msvcrt.dll)
	+ Cygwin/gcc (cygwin.dll)
	+ Unix/gcc
	+ Unix/ccc

 Known bugs:

	- udppm doesn't work if compiled with cygwin. 

	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
	  recv/send is used instead... Not a big deal anyway.


 Planned for future release:
   - Web interface for configuration
   - Signal handling on Unix (for stop/pause/resume/configuration change)
   - External filter API
   - Addon URL, antiviral, HTTP cache filters

17.07.03
+ ODBC changed to re-establish broken connection

11.06.03
! #ifndef NOSQL changed to NOODBC

22.05.03
+ strong auth now supported for POP3 proxy. Now, username can be in format
  proxy_username:proxy_password:POP3_username@pop3server

30.04.03
! redirect function now do not change code of traffic limit error

24.04.2003
! -M changed to -D for *nix makefiles

18.04.2003
! HTTPS behaviour breaked by latest patches restored

15.04.2003
! fixed handling of special characters and non-existing files in
  FTP over HTTP proxy.

12.04.2003
! fixed behaviour of HTTP proxy on RFC-incompatible web servers (banners
  exchanges, price.ru, etc) - they terminate string with \n instead of
  \r\n.

10.04.2003
+ nsrecord and dialer commands added
! Name resolution now occures right before authorization to prevent
  unauthenticated users from performing NS lookups and demand dial.

05.04.2003
+ N (Never) option value added for counters refreshing

29.03.2003
+ !!! FTP support for HTTP proxy added. 

25.03.2003
! Socks 4 bug fixed (was visible in Netscape)
+ Socks 4.5 support added (not tested)
! !! UDP portmapper code fixed

24.03.2003
! Timeout, close on closed socket and FD bugs fixed in UDPPM

21.03.2003
+ Proxy-Authorization now works for CONNECT (HTTPS proxy).

07.03.2003
! counter command extended to allow traffic reports

02.03.2003
! Bandwidth/Traffic limiting problems fixed
! gethostbyname() argument limited to 256 characters. It may be significant
  for Windows

27.02.2003
+ !!! Traffic limitting feature added (counter/countin/nocountin)

26.02.2003
! nobandlim processing changed
! bandlim/nobamdlim commands renamed to bandlimin/nobandlimin

22.02.2003
+ !!! Bandwidth limiting features added (bandlim and nobandlim commands)

18.02.2003
+ Mutext support added for inter-thread data access. Should improve stability.
- debugging printf() removed from proxy, typo fixed in auth.c

10.02.2003
! Changed to use WSASocket()/WSAAccept() instead of socket()/accept() under
  Windows

30.01.2003 
! Version of gcc changed (3.2).
+ nscache option added to 3proxy configuration for DNS cache. For a while
  caching is primitive (with no expiration).

27.01.2003
- \n removed from perror() calls

27/01/2003 3[APA3A]tiny proxy 0.3b.
New features are marked with !.

 Features:
  1. General
	+ HTTP/1.1 Proxy with keep-alive client and server support,
          transparent proxy support.
	! HTTPS (CONNECT) proxy
	+ SOCKSv4 Proxy
	+ SOCKSv5 Proxy (TCP only)
	! Transparent SOCKS->HTTP redirection
	+ POP3 Proxy
	+ TCP port mapper
	+ UDP port mapper
	+ Threaded application (no child process).
  2. Proxy chaining
	! Parent proxy support for any type of incoming connection
	! Username/password authentication for parent proxy(s).
	! HTTPS/SOCKS4/SOCKS5 and redirection parent support
	! Random parent select
	! Chain building (multihop proxing)
  3. Logging
	! turnable log format
	+ stdout logging
	+ file logging
	+ syslog logging (Unix)
	! ODBC logging (Windows)
	+ log file rotation (hourly, daily, weekly, monthly)
	+ automatic log file comperssion with external archiver (for files)
	+ automatic removal of older log files
  4. Access control
	+ User authorization by NetBIOS messanger name
	+ Access control by username, source IP, destination IP and destination
	port
	+ Access control by username/password for SOCKSv5 and HTTP
	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
	+ Connection redirection
	! Access control by requested action (CONNECT/BIND, 
	  HTTP GET/POST/PUT/HEAD/OTHER).
  5. Configuration
	+ support for configuration files
	+ support for includes in configuration files
	+ interface binding
	+ running as daemon process
	! utility for networks list building
     Unix
	+ support for chroot
	+ support for setgid
	+ support for setuid
     NT
	+ support --install as service
	+ support --remove as service
	+ support for service START, STOP, PAUSE and CONTINUE commands (on
	PAUSE no new connection accepted, but active connections still in
	progress)
  6. Compilation
	+ MSVC (msvcrt.dll)
	! Intel Windows Compiler (msvcrt.dll)
	+ Windows/gcc (msvcrt.dll)
	+ Cygwin/gcc (cygwin.dll)
	+ Unix/gcc
	! Unix/ccc

 Known bugs:

	- udppm doesn't work if compiled with cygwin. 

	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
	  recv/send is used instead... Not a big deal anyway.


 Planned for future release:
   - FTP proxy support
   - Web interface for configuration
   - Signal handling on Unix (for stop/pause/resume/configuration change)
   - External filter API
   - Addon trafficshape, URL, antiviral, HTTP cache filters


27.01.2003
!!!!!!!!!!!!!!!!!!!
! Tagging as 0.3b !
!!!!!!!!!!!!!!!!!!!

24.01.2003
- Fixed to use INVALID_SOCKET instead of -1 (for Windows compatibility)
- Fixed problem with threading support under gcc. Now ODBC logging seems
  to work always.
! strncasecmp removed. Changed to use strnicmp for Windows.

21.01.2003
! 0.3 development frozen to only bugfixes
- bug fixed causing 3proxy to crash with NULL pointer reference on
  transparent web redirection
- SQL support removed from default (gcc) compilation

20.01.2003
+ ODBC logging (yeah!). For a while it works stable only if compiled with
  MSVC or Intel compiler.

17.01.2003
- bug introduced yesterday into CONNECT code cleaned

16.01.2003
+ timeouts command added

13.01.2003
- daemonizing code changed to work correctly on buggy libc (FreeBSD)
  (pthread_* doesn't work after daemon())
- logging code changed to work correctly on buggy libc (FreeBSD 4.4)
  (freopen "a" mode doesn't work as expected on stdout)

12.01.2003
! License is changed to prohibit modification and commercial use

11.01.2003
! All makefiles are made uniform
+ Makefiles for Compaq C complier (Makefile.ccc) and Intel C Compiler for
  Windows (Makefile.intl) added
+ Makefile.msvc added for Microsoft Visual C Compiler
! proxy.dsp removed

10.01.2003
+ Now checked to compile with Compaq C Compiler under linux on alpha platform
+ logformat configuration command added for custom log entry format
! Unix version changed to use gettimeofday instead of ftime to avoid -lcompat
  issue.

09.01.2003
! Randomizer changed for proxy chaining
! Code cleaned: Makefile, signed/unsigned conversions, etc.
! Typo fixed preventing from compilation under *nix

08.01.2003
+ dateformat command added
! Log format changed!!!
+ Control for different operations (CONNECT,BIND,HTTP_*, etc) added to ACL,
  see 3proxy.cfg.sample

25.12.2002
+ Proxy chaining now is fully operational!!!!!
+ SOCKSv4 and SOCKSv5 client code added for chaining
+ HTTP connect authentication added for chaining
+ Parent authentication for HTTP proxy added
- Problem with "Connection: close" resolved (if HTTP server time outs or closes
  connection).

24.12.2002
+ Proxy chaining works!!! (for a while only HTTP CONNECT proxies
  are supported and no parent authentication). Logging is updated to
  include number of redirections (parent proxies) in square brackets.
  See config.sample for example of "parent" command.

23.12.2002
! Transparent proxy operations improved, logging corrected
+ Added base code for proxy chaining
! Redirection code rewritten

23.12.2002
+ UDP ASSOCIATE added (but not tested) to SOCKS.
! Additional logging added to socks proxy
+ Local HTTP proxy redirection added (for SOCKS).

01.12.2002
! closesock() problem _finally_ patched...

30.11.2002
! Makefile.unix corrected
! Do not process $ in included files for 3proxy.cfg
! Common error codes are unified

29.11.2002
+ nserver example added to 3proxy.cfg.sample

28.11.2002
- fixed closesock() instead of close() call on 3proxy.cfg included files
  for native Windows.

27.11.2002
! Minor changes in docummentation
+ dighosts utility added

22.11.2002
- Few problems corrected in logfiles rotation

20.11.2002
- SOCKSv5 bind() reply corrected.

19.11.2002
+ internal resolver added to avoid usage of thread unsafe gethostbyname().
  nserver configuration option added to config file.
! HTTP proxy behaviour slightly changed to be more compatible.

06/11/2002 3[APA3A]tiny proxy 0.2b Initial release.

 Features:
  1. General
	+ HTTP/1.1 Proxy with keep-alive client and server support,
          transparent proxy support.
	+ SOCKSv4 Proxy
	+ SOCKSv5 Proxy (TCP only)
	+ POP3 Proxy
	+ TCP port mapper
	+ UDP port mapper
	+ Threaded application (no child process).
  2. Logging
	+ stdout logging
	+ file logging
	+ syslog logging (Unix)
	+ log file rotation (hourly, daily, weekly, monthly)
	+ automatic log file comperssion with external archiver (for files)
	+ automatic removal of older log files
  3. Access control
	+ User authorization by NetBIOS messanger name
	+ Access control by username, source IP, destination IP and destination
	port
	+ Access control by username/password for SOCKSv5 and HTTP
	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
  4. Configuration
	+ support for configuration files
	+ support for includes in configuration files
	+ interface binding
	+ running as daemon process
     Unix
	+ support for chroot
	+ support for setgid
	+ support for setuid
     NT
	+ support --install as service
	+ support --remove as service
	+ support for service START, STOP, PAUSE and CONTINUE commands (on
	PAUSE no new connection accepted, but active connections still in
	progress)
  5. Compilation
	+ Microsoft VC++ (msvcrt.dll)
	+ Windows/gcc (msvcrt.dll)
	+ Cygwin/gcc (cygwin.dll)
	+ Unix/gcc

 Known bugs:

	- udppm doesn't work if compiled with cygwin. 

	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
	  recv/send is used instead... Not a big deal anyway.

	- socks5 doesn't work with UDP

	  Not implemented yet

 Planned for future release:
   - UDP implementation in SOCKSv5
   - Signal handling on Unix (for pause/resume)
   - External filter API
   - Addon trafficshape, URL, antiviral, HTTP cache filters

06.11.2002
!!MARK IT 0.2beta
! Using UPX to compress 3proxy.exe


02.11.2002
+ HTTP proxy now supports kepp-alive connections to HTTP server or proxy.
  It dramatically decreases number of outgoing connections and amount of DNS
  traffic.

01.11.2002
+ Now proxy can catch Web server style requests. It means proxy
  may be used as a transparent proxy. Yes. It means you can redirect
  SOCKS requests with target 80 to HTTP proxy.
! Port check in ACL fixed
! Now proxy catches redirection by changed destination IP or port. If
  you redirect request to web server make sure it supports proxy style
  requests (IIS and Apache do).
+ HTTP proxy supports keep-alive. Now number of threads required
  significantly reduced.
+ HTTP CONNECT fully supported (both direct and redirected to another proxy).
  Now you can use our proxy for HTTPs. Or for spam :) Don't forget to set ACL
  for outgoing ports, cause now ports are not limited.

26.10.2002
+ mycrypt utility added for making crypted passwords in NT and crypt/MD5
! ACL check for strong auth corrected
+ HTTP proxy support for authentication (basic). Now you can use strong
  username/password authentication with proxy module.
+ Error messages added for HTTP proxy

25.10.2002
+ NT passwords are now supported in 3proxy.cfg
! Public License Agreement changed to be more clear

24.10.2002
! Fixed handle leak because of missed CloseHandle for threads in Windows

23.10.2002
! Fixed POP3 proxy bug
! Strong auth changed to allow rules with * for username
+ MD5 crypt format passwords is now supported... Do we ever need DES?
  I will not implement blowfish - it's huge and rarely used.
+ More comments added to 3proxy.cfg.sample

21.10.2002
! Fixed strongauth problem - ACL was not checked for authenticated
  SOCKSv5 users

16.10.2002
+ Added support for SOCKSv5 cleartext password authentication
+ "strong" authentication is now OK (use it only for SOCKS)
+ added "users" config file command to specify username and password. Only
  cleartext for a while.

20.09.2002
! Minor improvements in socket operations

17.09.2002
! HTTP proxy changed to do not strip hostname from URI if target port is not
  80. It allows to redirect requests to another proxy as well as redirect to
  different Web server via ACL. It will work for most servers (IIS, Apache)
  if target redirected to non-standard port of Web server, but may fail in
  some rare cases. Redirection to proxy should always work OK except if proxy
  is on TCP/80.
+ Added "redirect" ACL command. You can redirect request to another destination
  if ACL entry matches (that is by target or source IP, target port, username).
! Fixed documentation bug in 3proxy.cfg.sample ("authtype" instead of "auth")
! Fixed bug causing server to exit in native Win32 mode if "service"
  configuration option is not configured
! Outgoing SOCKS connections are handled in common way now.

07.09.2002
+ added binding to external interface for outgoing connections
! Fixed bug causing username check in ACL always fail
+ Added ACL check for UDP map
+ Added "Single packet" services to UDP portmap (-s switch). Allows unlimited
  number of clients to be handled by portmapper for single-packet services
  (like DNS).

06.09.2002 3[APA3A]tiny proxy 0.1b initial release

 Features:
  1. General
	+ HTTP/1.0 Proxy
	+ SOCKSv4 Proxy
	+ SOCKSv5 Proxy (TCP only)
	+ POP3 Proxy
	+ TCP port mapper
	+ UDP port mapper
	+ Threaded application (no child process).
  2. Logging
	+ stdout logging
	+ file logging
	+ syslog logging (Unix)
	+ log file rotation (hourly, daily, weekly, monthly)
	+ automatic log file comperssion with external archiver (for files)
	+ automatic removal of older log files
  3. Access control
	+ User authorization by NetBIOS messanger name
	+ Access control by username, source IP, destination IP and destination
	port
  4. Configuration
	+ support for configuration files
	+ support for includes in configuration files
	+ interface binding
	+ running as daemon process
     Unix
	+ support for chroot
	+ support for setgid
	+ support for setuid
     NT
	+ support --install as service
	+ support --remove as service
	+ support for service START, STOP, PAUSE and CONTINUE commands (on
	PAUSE no new connection accepted, but active connections still in
	progress)
  5. Compilation
	+ Microsoft VC++ (msvcrt.dll)
	+ Windows/gcc (msvcrt.dll)
	+ Cygwin/gcc (cygwin.dll)
	+ Unix/gcc

 Known bugs:

	- udppm doesn't work if compiled with cygwin. 

	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
	  recv/send is used instead... Not a big deal anyway.

	- udppm works without authentication

	  Will be patched later.

	- socks5 doesn't work with UDP

	  Not implemented yet

 Planned for future release:
   - Improvements to UDP portmapping
   - UDP implementation in SOCKSv5
   - Ident authorization
   - SOCKSv5 password authentication
   - Signal handling on Unix (for pause/resume)
   - External filter API
   - Addon trafficshape, URL, antiviral, HTTP cache filters
   - HTTP/1.1 support


$Id: Changelog,v 1.154 2006/03/08 18:44:00 vlad Exp $