# $Id$ The following is the official list of changes between revisions: 1.2 (release) Tue Aug 30 01:06:08 EST 1994 Added README.FIRST, changed COAST.info, fixed FAQ. (thanks Spaf) Added revised designdoc.ps from CCCS conference. (thanks Spaf) 1.2 (pre-release) Fri Aug 26 01:04:23 MST 1994 fixed prompting error when answering "Y" or "N" during interactive updates. (thanks Terry Kennedy) fixed prompting error when answering "help" during interactive updates. (thanks Terry Kennedy) more documentation changes. (thanks Spaf) included twdb_newinode.pl script for people using fsirand. (thanks Spaf) purged old email addresses from release. (thanks Spaf) updated Ported file. (thanks Asokan) purged LITTLE_ENDIAN define from haval. (thanks Greg Black, Eugene Zaustinsky) figured out problems with flex. (thanks Greg Black and Vernon Paxson) added tw.conf for Irix. (thanks Keith Rickert) added twdb_check.pl utility. (thanks Tom Orban, Terry Kennedy, Spaf) 1.2 Mon Jul 25 11:03:29 EST 1994 fixed manual page install that removes files. (thanks Eugene Zaustinsky) fixed flex problems. (Finally!) fixed numerous small problems in code exposed by CodeCenter and alint. (thanks Spaf) fixed the definition of the SHA algorithm to conform to the updated NIST FIPS 180. (thanks Spaf, indirectly thanks to Steve Bellovin and Bruce Schneier) added kludge shell script to fix flex/lex script based on version in use. (thanks Spaf) more corrections to documentation. (from Spaf) 1.2beta5 Tue Jul 19 19:42:18 EST 1994 fixed symbolic link handling for machines w/o symbolic links. (thanks Keith Rickert) fixed configuration file reading routines. (thanks Keith Rickert) merged Spaf's documentation changes. added acknowledgements to testers to WHATSNEW and README. added references to SANS and AppDev papers. added support for BSDI. (thanks Eugene Zaustinsky) added support for Linux. (thanks Cal Page) another attempt to merge flex and lex files. 1.2beta4 Sat Jul 16 23:50:12 EST 1994 fixed SEEK_SET funkiness. (thanks Spaf) updated README, FAQ files. (thanks Spaf) added PGP signature to distribution. (thanks Spaf) 1.2beta3 Sat Jul 16 14:44:22 MST 1994 fixed list and database update routines to make Purify happy. fixed Haval signature printing on little-endian machines. (thanks Asokan) added better includes for . (thanks Spaf) replaced #elif directives with #ifdefs in Haval files. (thanks Spaf) fixed remaining word size problems. (thanks Asokan) fixed HP configuration file. 1.2beta2 Sun Jul 10 20:46:03 MST 1994 added code for new GNU flex/bison to ./contrib. What a nightmare. we need to figure out how to merge this stuff. (thanks Cal Page) merged code to support non-32bit longs in signature and Tripwire code. Among other things, this allows Tripwire to run the Alpha. (thanks Asokan) added support for Haval signature routine. (thanks Spaf) fixed filename escaping error in filename_escape_expand(). (thanks Kevin Wang) fixed "too many files open" error caused by @@includes. (thanks Thomas Kroeger and Spaf) added support for Motorola versions of Unix. (thanks Kevin Johnson) added support for SCO Open Desktop. (thanks Mark Kohler) added Makefile support for SCO. (thanks Alain Williams) changed manual pages to make less BSD-ish. (thanks Alain Williams) changed README to describe Haval. fixed list routine so clobbered entries retain their flag and priority values. changed all signature routines to use stdio routines for I/O. I've observed test suite runs speeding up by over 2x! (thanks Casper H.S. Dik) 1.2beta1 Sun Mar 27 17:25:04 MST 1994 integrated new list routines. (thanks Paul Hilchey) added support for HP Context Dependent Files. (thanks Cory Cohen) added ./contrib/README.cdf file. added files in ./contrib to fully support newer versions of flex/bison. (thanks Calvin Page) fixed references to twconvert and new databases. updated twconvert. 1.1.1beta2 Thu Feb 24 19:00:00 EST 1994 updated database number. fixed list routines to handle dbase entries better. (thanks Tom Orban) fixed symbolic link handling. (thanks Paul Szabo) fixed top-level Makefile. (thanks Calvin Page) fixed more Linux-isms. (thanks Calvin Page) fixed escaped filenames in added/deleted/changed file reporting. added warning about using specified dbasefile files in database initilization mode. (thanks Calvin Page) fixed error database file checking with "-d -" flag. (thanks Jason Downs) 1.1.1beta1 Tue Feb 22 21:46:02 MST 1994 rewrote list_set() and fixed list_unset(). (thanks Alain Brossard) added signature checking for symbolic link contents. (thanks Paul Szabo) fixed configfile_read() to reuse open file descriptors, so configuration files are not parsed more than once. added test for table of contents in dbase files. fixed internal filename handling routines. (thanks Paul Szabo) fixed test.sh so Apollos can run it. (thanks Paul Szabo) fixed temporary filename generation (I'm finding stdio's L_tmpnam increasingly suspicious). changed the way input file descriptors and named pipes are handled. (thanks Tom Orban) fixed hex printing routines in MD5, MD4, and MD2. (thanks Dan Bernstein and Spaf) fixed an "database file missing" error message in main.c. (thanks Rich Cohen) added note to config.h file about using "-c" ignore-masks for some backup programs. (thanks Spaf) fixed tw.config manual page. (thanks Spaf) added better support for Linux. (thanks Calvin Page) added better Solaris support in Makefile. added better support for Apollo Domain/OS. (thanks Paul Szabo) added better support for BSD/386. added notes for HPUX problems. (thanks Eric Boehm) fixed static allocation in lexer. 1.1 Wed Dec 15 01:06:07 EST 1993 changed b64 representation yet again. (thanks Spaf) changed dbaseversion number up to 3. (thanks Spaf) reading in old database sooner for more timely error messages. fixed missing L_tmpnam. updated manual pages. fixed siggen to better handle stdin. 1.1.beta5 Sun Dec 12 22:32:38 EST 1993 converging on Tripwire v1.1 release. (thanks Spaf) 1.1.beta4 Fri Dec 10 16:55:00 EST 1993 changed DB_VERSION_NUM to 2. added program twconvert to help convert to Tripwire format. added better handling for old dbase formats. removed opportunity for temporary database file spoofing. (thanks Matt Bishop) fixed inconsistent storage of dbase table of contents when updating the database. (thanks Eric Berggren) added better fatal error messages. fixed documentation and manual pages. (thanks Spaf) added -dfd option to specify open file descriptor for database files. (thanks Spaf) 1.1.beta3 Thu Dec 2 11:58:13 EST 1993 fixed interactive update oddities. (thanks Sam Gassel) fixed database not found error. (thanks Sam Gassel) added interactive test suite. added @@include to preprocessor test suite. made interactive update messages more human readable. 1.1.beta2 Fri Nov 26 06:16:52 EST 1993 fixed usage message. (thanks Drew Gonczi) fixed @@ifhost warning messages. (thanks Chris Kern, Jason Downs) fixed non-inheritance of new tw.config ignore-masks when doing updates. (thanks Berggren) fixed notice of SHA code optimization in WHATSNEW. (thanks Rik Farrow) added more thorough SunOS tw.conf.sun file. (thanks Rik Farrow) (old file moved to tw.conf.sun.old) fixed output of @@contents. allows @@{varname} expressions in parser. (thanks Spaf and Jim Napier) added reporting of symbolic link file types in integrity check report. "-rwxrwxrwx" now is correctly shown as "lrwxrwxrwx" (thanks Jim Napier) expanded preprocessor test suite. expanded update test suite. fixed "-d -" error case. (thanks Bruce Jolliffe and Drew Gonczi) got the Encore Multimax users running at last. (thanks Georges Tomazi) corrected preprocessor filename tracking, and error/warning messages. (thanks Eric Berggren) 1.1beta Sun Nov 14 00:32:17 EST 1993 made quietmode (-q) really quiet. (thanks Spaf) added exit status to indicate filesystem changes (see manual page). added support for ">" template for growing files. (thanks John Rouillard) fixed -update to add files in a more intelligent manner. fixed problem of `Hint: can't find database...' error message. changed "-update" logic. is now correct. all entries are now added if not in configuration file. all entries now are added with reasonable ignore mask. moved macro expansion into lexer. now, it really works. (thanks Spaf) this works too: @@foo/@@dir @@ignore added warning to catch partially-qualified @@ifhost directives. (thanks Baron Fujimoto) fixed root-anchoring problem that caused files to be scanned twice. (thanks John Rouillard) fixed handling of files with embedded spaces. (thanks Alain Brossard) added warning about possible overflows when building byteorder.h. (thanks Alain Brossard) fixed typo in tw.config(5) manual page. (thanks Eric Bergren) fixed handling of undefined macros. (thanks Patrick Sullivan) fixed misreporting of unchanged entries. fixed ./man install rule. (thanks Nora Hermida) changed the way filename are stored in lists to handle special characters in databases. got rid of misleading variable and function names in source. fixed boundary condition in list.c (removing head or tail of the list wasn't reflected in the hash table structure.) fixed Makefile dependencies for siggen. fixed entry number problem chaged order of file operations to allow -E to run w/o dbasefile. 1.0.5 Thu Sep 30 05:08:33 EDT 1993 fixed crc32 -- it didn't rewind the file descriptor. (thanks Eugene Zaustinsky) changed base64 alphabet. (thanks Eugene Zaustinsky) fixed filename escaping bug. fixed routines in list library that improperly handled case where items are clobbered. this caused files to appear on both the added and deleted lists in Tripwire. backed out '/dir/dir/@@variable' change. it breaks 'file @@ignore'! (thanks Bert Lindgren) updated README. 1.0.4 Wed Aug 18 23:02:14 EDT 1993 added support for '-cfd fd' option to allow open file descriptor to be specified for configuration file. (thanks Spaf) added SHS/SHA Secure Hash Algorithm to Tripwire distribution. changed CRC32 code to POSIX 1003.2 compliant signature (thanks Dan Bernstein) updated FAQ. (thanks Pat Macdonald, Eric Demerling). changed log-file template to ignore changes in inode ctime. (thanks John Rouillard) added support for Solaris 2.2/SunOS 5.2. (thanks Bob Cunningham) fixed another POSIX realloc() misuse, this time in -interactive code. (thanks E. Clinton Arbaugh) fixed lexical analyzer to allow '/dir/dir/@@variable' to expand correctly. (thanks Neil Todd) fixed grammar to make sure you can have @@variables in the middle of strings. (thanks John Rouillard) fixed MD4, MD5, MD2 code. finally got it right with a lot of cajoling and hand-holding. (thanks Eugene Zaustinsky) fixed Snefru code, backing out speedups to match Ralph Merkle's code more closely. added a rigorous signature test suite that is run before checking test database. changed name of sigfetch to siggen. added corresponding manual page and defunctified sigfetch manual page. (thanks Spaf) fixed siggen to use SIGNAME constants in config.h. siggen now gives a list of signature number to signature name mappings in usage message. changed ./src/Makefile CFLAGS option (thanks Spaf) changed test suite so it won't run from bottom-level makefile. changed test to ascertain whether '-cfd fd' was given a legit fd. changed test tw.config file to cover new files and uncover the files that we know will change (config.h, et al) (limited release for testing purposes) 1.0.3: Tue Apr 27 18:40:54 EST 1993 added 'tripwire -interactive' to allow users to be asked whether each added, deleted, or changed file should be updated. added help function in '-interactive' mode and '-help' that describes each inode field. (thanks John Rouillard) implemented a more consistent 'tripwire -update' routine that takes care of added, deleted, and updated entries. fixed incorrect 'tripwire -update' when used with symbolic links. (thanks E. Clinton Arbaugh) implemented printhex functionality in all signature routines. updated README and manual pages to refelct new modes. fixed MIPS/RISC-OS settings in Makefile. (thanks John Rouillard) fixed aux/Makefile clean and top-level Makefile. (thanks John Rouillard) fixed MD4 code -- I was thoroughly confused by the odd conventions used in this routine. (thanks Eugene Zaustinsky) chose more opportune time to print backup warning banner in '-update' mode. added AT&T 3B2 family of machines to ./configs directory and generalized routines for machines that don't have gettimeofday(). (thanks Joe Sirrianni) increased size of too-small char array in preen.c. (thanks Bob Hutchinson) changed filelist variable names to much more descriptive names. added machine-generated banner to ./aux/byteorder.c. fixed description of database file in ./includes/config.h. fixed 'sigfetch' utility to return correct error codes. added RCS tags to some straggler files. 1.0.2: Thu Dec 10 05:45:48 EST 1992 fixed @@ifhost xxx problem which dumped core. (thanks Rich Asmuth) fixed realloc() problem. (thanks Beth Elias and Joe Ramus) fixed -update problem which caused Tripwire to forget all about special files. (thanks Joe Ramus) fixed Changelog. I forgot about the Makefile fix. (thanks Tom Orban) more useful error message when Tripwire can't find configuration file. fixed 'tripwire -update' so it adds files explicitly specified on command line, but not in database. (thanks Drew Gonczi) Note that this needs some work -- we'll need to have an -add and -delete option to make this functionally clean and preserve database/tw.config semantics. first official patch :-) 1.0.1: Mon Nov 23 15:58:50 EST 1992 fixed placement of backup database file in database update mode. fixed install target in ./src and ./man Makefiles. (thanks Hugo Cartaxeiro) changed Ported entries for Pyramids. (thanks Peter Riili) fixed Acknowledgements section in README. (thanks Michael Barnett) fixed temporary filename generation problem. (thanks Gene Spafford) fixed DIST variable in ./tests Makefile. fixed typo in config.pre.y that prevented compilation with bison. first official release 1.0: Tue Nov 3 02:35:17 EST 1992 reorganized distribution into heirarchy. changed pathnames (./Tests -> ./tests, ./Databases -> ./databases). tripwire now creates ./databases directory if it doesn't already exist when -initialize. finished TODO list. ended beta testing period 0.92 beta 6: Tue Oct 20 14:55:03 EST 1992 attempting to fix macro recursion problem. (thanks Shabbir Safdar) fixed 'make test' variable assignment problem. (thanks Tom Gutnick) fixed lstat()/SVR3 problem. (thanks Simon Leinen) 0.92 beta 5: Sun Oct 18 19:33:19 EST 1992 integrated substantial source code cleanup patch. (thanks Ken McDonell) added types.c to glean struct stat info. added -i #|all flags, to specify which signatures to skip. this feature was added to make running Tripwire on an hourly basis reasonable. i.e., on hourly runs, check only CRC's. On daily runs, check md5. On weekly runs, check all signatures. (thanks John Rouillard) fixed usage message, and -D and -U error handling. added "-initialise" for people who don't speak American. :-) (thanks Michael Barnett) got signature object file dependencies right, finally. 0.92 beta 4: Fri Oct 16 18:32:36 EST 1992 the day of patch-infamy. a one-line fix to stop tripwire from saying all filenames are not absolutely qualified. *sigh* 0.92 beta 3: Fri Oct 16 18:02:59 EST 1992 fixed Makefile rule. (thanks Rich Salz) fixed duplicate yacc token. (thanks Rich Salz) fixed qualified filename bug. (thanks Ken McDonnel) removed htonl(), ntohl() routines in utils.c. added -D, -U flags to do command-line defines and undefines. (thanks John Rouillard) added more checks for null lists in list.c. @@ifdef and @@ifhost support logical expressions: @@ifdef (x || y && (z1 && (z2))) is now legal in tw.config grammar. @@ifhost (x || y && (z1 && (z2))) is now legal in tw.config grammar. added line continuation with '\' in tw.config grammar. added @@echo for testing. maybe we'll keep it? default ignore flags and templates now ignore signatures 3-9. added [()|&] as characters that need to be escaped in database. fixed filename_escape_expand(). 0.92 beta 2: Fri Oct 16 12:18:28 EST 1992 finally fixed up '=' pruning. (thanks David Wiseman) added Porting database. added transient file handling in config.parse.c. fixed comment handling in config.parse.c. merged gazillions of platform dependencies. let's hope everything still works. reorganized Makefile so it's easier to spot your own platform, I hope. make Tripwire compiles bearable for systems w/o BSD filesystems. various semantic and lint cleanups. reorganized phase 3 presenation. more verbose, hopefully clearer. (thanks Christopher Samuel) added user-contributed tripwire.config files. purged >14 character filenames: database.build.c -> dbase.build.c tripwire.config -> tw.config tripwire.database_@ -> tw.db_@ ^^-- room for 9-character hostname added COPS interface in ./contrib. (thanks Shabbir Safdar) added "-f dbasefile" option to specify alternate dbase file. (allows "-f -" to read from stdin.) added "-c configfile" option to specify alternate config file (allows "-c -" to read from stdin.) added code to escape filenames starting with '#'. added tw.config preprocessor directives: @@ifhost @@define x VAR @@undef x @@ifdef x @@endif @@include ...and variable substition (@@x --(turns into)--> VAR) added "-E" or "-preprocess" to print out processed tw.config file. (ala "cc -E" or "cpp".) added incremental database. (-update entry) md5 fix for Cray. (thanks John Cristy) AIX fix for stat structure. (thanks Shabbir Safdar) config_interpolate() now caches vectors, instead recomputing every time. tripwire now makes backup of files when doing "-update". played with profiler. halved the number of calls strlen(). (I wonder if we can do the same with strcpy().) made backup file 14-character length friendly for SVR3 people. so, now tripwire is completely 14-character filename friendly, right? implemented tw.config parsing routines in lex and yacc added @@dbaseversion directive to specify what format the tw_db files use. this is to prevent reading in unknown database files. completed filename_escape_expand() to handle all sorts of escape sequences (escaped octals, cooked-style escaped characters, and all of tripwire's special characters [e.g., '\@']). added warning of null characters in filename. created consistent escaping and de-escaping of characters to and from database. sped up character escaping routines by using all table-lookups. moved database format strings into the header file. list generation sped up (1500 files in 20 seconds on Sequent). added tw.config.5 manual page, which describes the tw.config syntax and preprocessor directives. added @@else directive to tw.config parser. changed signature routines to return number in base-64. this has the unfortunate effect of making all the signatures look like pathnames, but it does make signature storage 6 bytes instead of 8 bytes. added support for 10 signatures. fixed tripwire -update. now skips directory entries when regenerating database. added CRC16 and CRC32 to signature routine repository. added "sigs.h" to make signature routines more general. added MD2 and MD4. changed 'make test' so no files are clobbered. fixed '-d dbasefile' bug. 0.9beta8: Thu Sep 17 19:06:18 EST 1992 eliminated use of 'sort' and 'diff', using list routines instead (fixed tripwire confusion in parsing '=' additions from diff which generated zillions of bogus changed file entries.) this speeds up Phase 3 considerably, since we don't sort! sped up linked-list/hash routines (HASHSZ increased by 100x) removed diff.sorted.c (thanks to the five people who tested this: David Wiseman, John Sutton, Lance Bailey, John Rouillard, David Smith). 0.9beta7: Thu Sep 10 20:45:02 EST 1992 fixed list initialization routine. fixed Makefile, README, manual page. fixed memory leak problems (spotted by Purify). fixed default ignore-masking handling bug. (didn't convert to internal form first) fixed ignore-mask parsing. (David Smith) added banner to Tripwire databases on creation. taught tripwire to say what version it is. sped up most commonly called routines (config_interpolate() and slash_count()). Thanks Rich Salz! 0.9beta6: Wed Sep 09 21:04:35 EST 1992 First version of Tripwire to see the light of day.