Accept Guard v1.6

Changes

• Extend number of ports possible to use per interface.

Accept Guard v1.5

Changes

• Add support for handling IPv4 addresses mapped on IPv6
• Pass through SOCK_STREAM in recv(), recvfrom() and recvmsg()

Fixes

• Restore IP_PKTINFO option on socket after interface inspection
• Fix uninitialized variable

Accept Guard v1.4

Changes

• Allow access if getsockaname() or getifaddrs() fails
• Use SO_DOMAIN socket option to query for AF_INET and AF_INET6
  domain sockets. These are the only ones we are concerned with, let
  everything else pass through

Accept Guard v1.3

Fixes

• Fixes for wrapping Net-SNMP and other services that use AF_UNIX IPC

Accept Guard v1.2

Changes

• Add support for wrapping recvmsg() and recv() syscalls, in
  addition to the existing recvfrom() wrapper
• Slightly improved test framework, with .log files and overview
• Only check ACL if accept() doesn't return error

Fixes

• Fix markdown links in changelog diffs
• Fix uninitialized variable in test server

Accept Guard v1.1

Changes

• Add support for UDP services by wrapping recvfrom()
• Add support for IPv6
• Scope ACL environment variable with ACCEPT_GUARD_ prefix to avoid
  clashing with other uses of ACL on the system. Incompatible change!
• Simplify build system slightly
• Add basic test suite to verify accept guard, based on unshare
• Replace unsafe strncpy() with safer version that NUL terminates.
  In a world of systemd named interfaces we are always at IFNAMSIZ

Fixes

• Check return value from getenv(), may be NULL

Accept Guard v1.0

Initial release.

This is a repack of the original release that never got a proper tag or release tarball.