summaryrefslogtreecommitdiffstats
path: root/comm/third_party/libotr/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--comm/third_party/libotr/ChangeLog1026
1 files changed, 1026 insertions, 0 deletions
diff --git a/comm/third_party/libotr/ChangeLog b/comm/third_party/libotr/ChangeLog
new file mode 100644
index 0000000000..35752b00bc
--- /dev/null
+++ b/comm/third_party/libotr/ChangeLog
@@ -0,0 +1,1026 @@
+2016-03-07
+
+ * tests/regression/client/Makefile.am:
+ * tests/unit/Makefile.am: Add LIBGCRYPT_CFLAGS to the test suite
+
+ * Makefile.am:
+ * configure.ac: Only build the test suite on Linux, since it
+ currently uses Linux-specific features such as epoll
+
+2016-03-06
+
+ * Makefile.am: Add bootstrap to the tarball
+
+2016-03-04
+
+ * README:
+ * configure.ac:
+ * src/version.h: Bump version number to 4.1.1
+
+2016-03-03
+
+ * src/proto.c (otrl_proto_accept_data):
+ * src/proto.c (otrl_proto_fragment_accumulate):
+ * src/proto.c (otrl_proto_fragment_create): Prevent integer
+ overflow on 64-bit architectures when receiving 4GB messages.
+ In several places in proto.c, the sizes of portions of incoming
+ messages were stored in variables of type int or unsigned int
+ instead of size_t. If a message arrives with very large
+ sizes (for example unsigned int datalen = UINT_MAX), then
+ constructions like malloc(datalen+1) will turn into malloc(0),
+ which on some architectures returns a non-NULL pointer, but
+ UINT_MAX bytes will get written to that pointer. Ensure all
+ calls to malloc or realloc cannot integer overflow like this.
+ Thanks to Markus Vervier of X41 D-Sec GmbH
+ <markus.vervier@x41-dsec.de> for the report.
+
+ * Protocol-v3.html: Clarify that instance tags and fragment
+ numbers in the OTR fragment format are allowed to have leading
+ 0s. Also fix that how to handle v2 versus v3 messages for the
+ Reveal Signature and Signature messages was missing. Thanks to
+ Ola Bini <obini@thoughtworks.com> for the report.
+
+2015-12-25
+
+ * src/instag.c (otrl_instag_read_FILEp): Fix memory leak in
+ otrl_instag_read_FILEp if the tag file is malformed. Thanks to
+ Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for the
+ report.
+
+2015-08-18
+
+ * src/message.c (otrl_message_receiving):
+ * src/proto.c (otrl_proto_create_data): Set to NULL the sendsmp
+ pointer when handling SMP to avoid a potential free() of an
+ uninitialized pointer. Also ensure the message pointer is set
+ to NULL in otrl_proto_create_data for extra precaution and to
+ prevent future code paths from having the same error. Thanks to
+ Nicolas Guigo <nicolas.guigo@nccgroup.trust> and Ben Hawkes
+ <hawkes@inertiawar.com> for the report.
+
+2015-02-08
+
+ * Protocol-v3.html: Typo fixes, thanks to Hannes Mehnert
+ <hannes@mehnert.org> and Nadim Kobeissi <nadim@nadim.computer>
+ for the reports.
+
+ * src/message.c: Be stricter about parsing v3 fragments. Thanks
+ to Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for
+ the report.
+
+2014-12-18
+
+ * Protocol-v3.html: Remove "sender_instance, receiver_instance,"
+ from description of v2 fragmentation and clarify that you can't
+ fragment a fragment. Thanks to Hannes Mehnert
+ <hannes@mehnert.org> for the report.
+
+ * Protocol-v3.html: Remove a stray "DRAFT" from the <title> tag.
+
+ * Protocol-v2.html:
+ * Protocol-v3.html: Clarify the DSA computation in the protocol
+ specs. Thanks to Adam Langley <agl@imperialviolet.org> and
+ Hannes Mehnert <hannes@mehnert.org> for the report.
+
+2014-11-29
+
+ * README:
+ * Makefile.am:
+ * configure.ac:
+ * tests/*: Brand new testsuite, thanks to
+ David Goulet <dgoulet@ev0ke.net> and
+ Julien Voisin <julien.voisin@dustri.org>.
+ "make check" to run it.
+
+2014-11-11
+
+ * b64.c (otrl_base64_otr_encode): In case some future code path
+ tries to call otrl_base64_otr_encode with a buffer more than
+ 3/4 the size of all addressable memory, return NULL rather than
+ causing an integer overflow and a heap overrun. Thanks to
+ David Remahl <david@remahl.se> for the report.
+ * proto.c (otrl_proto_create_data): Tiny refactor to call
+ otrl_base64_otr_encode instead of duplicating the code here.
+
+2014-10-18
+
+ * README:
+ * configure.ac:
+ * src/version.h: Bump version number to 4.1.0
+
+2014-10-18
+
+ * Protocol-v3.html: Correctly count the number of actions an OTR
+ client must handle. Thanks to Fred Yontz <fred@ridersite.org>
+ for the report.
+
+2014-10-13
+
+ * src/context.h: Add API functions
+ otrl_context_find_recent_instance and
+ otrl_context_find_recent_secure_instance.
+
+2014-10-13
+
+ * src/context.c (otrl_context_forget): Correct check for
+ children contexts' state being OTRL_MSGSTATE_PLAINTEXT. Thanks
+ to k007k <k007k@wp.pl> for the report.
+
+2014-10-13
+
+ * src/message.c (otrl_message_receiving): Fix memory leak in
+ fragment reassembly. Thanks to Matthew D. Green
+ <matthewdgreen@gmail.com> for the report and David Goulet
+ <dgoulet@ev0ke.net> for the patch.
+
+2014-10-13
+
+ * src/message.c (otrl_message_sending): Fix possible memory
+ leak.
+
+2014-07-13
+
+ * src/auth.c (otrl_auth_handle_commit): Add a clarifying
+ comment.
+
+2014-06-12
+
+ * src/message.h: Typo fix.
+
+2014-06-03
+
+ * Makefile.am:
+ * configure.ac: Modernize autoconf build system. Thanks to
+ David Goulet <dgoulet@ev0ke.net> for the patch.
+
+2014-05-22
+
+ * README:
+ * src/context.c: Typo fixes.
+
+2014-05-04
+
+ * INSTALL:
+ * bootstrap: Add bootstrap script to set up the build system.
+ Thanks to David Goulet <dgoulet@ev0ke.net> for the patch.
+
+2014-05-04
+
+ * src/dh.c:
+ * src/sm.c:
+ * toolkit/sesskeys.c: Use gcrypt secure memory allocation.
+ Thanks to Julien Voisin <julien.voisin@dustri.org> for the
+ patch.
+
+2014-04-21
+
+ * src/mem.c (otrl_mem_differ): Simplify otrl_mem_differ. Thanks
+ to Julien Voisin <julien.voisin@dustri.org> for the patch.
+
+2014-02-20
+
+ * src/proto.c (otrl_proto_instance): Fix a memory leak when
+ receiving an invalid instance tag. Thanks to Julien Voisin
+ <julien.voisin@dustri.org> for the patch.
+
+2014-02-15
+
+ * src/proto.c:
+ * src/auth.c:
+ * src/mem.c:
+ * src/mem.h: Use a constant-time memory comparison for safety.
+ Thanks to jvoisin <julien.voisin@dustri.org> for the suggestion.
+
+2013-10-13
+
+ * src/proto.c: Return 0 instead of crashing from
+ otrl_proto_query_bestversion if passed an illegal input.
+ Thanks to Conrad Hoffmann <ch@bitfehler.net> for the report and
+ the patch.
+
+2013-08-21
+
+ * src/proto.c: Fix warning from clang in proto.c. Before, trying
+ to fragment a message into more than 65535 pieces would cause
+ incorrect fragments to be output. Now, it just returns an error
+ (as that is disallowed by the spec). Thanks to Teemu Huovila
+ <thuovila@cs.helsinki.fi> for reporting the issue.
+
+2013-08-08
+
+ * Protocol-v3.html: Random exponents in SMP should be 1536 bits.
+ The spec (but not the code) incorrectly said "128 bits" before.
+
+2013-07-28
+
+ * packaging/fedora/libotr.spec: Fedora spec file for 4.x from
+ Paul Wouters <paul@cypherpunks.ca>
+
+2013-07-17
+
+ * toolkit/sesskeys.c: Workaround for a crash bug in libgcrypt
+ affecting otr_sesskeys. Passing a private key value of 0 to
+ otr_sesskeys would cause libgcrypt to crash in gcry_mpi_powm.
+ We reported this libgcrypt bug and it was then fixed in
+ http://lists.gnupg.org/pipermail/gcrypt-devel/2013-July/002251.html
+ but the workaround is simply to use
+ gcry_mpi_new(DH1536_MOD_LEN_BITS) instead of gcry_mpi_new(0).
+ Note that this only affected the otr_sesskeys toolkit program,
+ and not libotr itself.
+ Thanks to the Mayhem Team at CMU (Alexandre Rebert, Thanassis
+ Avgerinos, Sang Kil Cha, David Brumley, Manuel Egele) for the
+ report.
+
+2013-01-19
+
+ * src/message.c: pass opdata when sending message fragment
+ The inject_message callback was missing the opdata when sending
+ message fragments. Thanks to David Goulet <dgoulet@ev0ke.net>
+ for the report.
+
+2012-12-18
+
+ * src/message.c: Copy lastmessage to the newly created context.
+ This fixes a case where the first user message gets lost when
+ OTRL_POLICY_REQUIRE_ENCRYPTION policy is set because after
+ establishing the encryption lastmessage remains with the master
+ context and will not be resent. Thanks to Andreas Schlick
+ <schlick@lavabit.com> for the report.
+
+2012-09-09
+
+ * configure.ac: Make linker hardening [DEP, ALSR] work on
+ Windows builds. Thanks to Daniel Atallah <datallah@pidgin.im>
+ for noticing that it wasn't working before.
+
+2012-09-04
+
+ * README: Release 4.0.0
+
+2012-08-28
+
+ * UPGRADING:
+ * src/proto.h:
+ * src/proto.c: Don't have otrl_init call exit(1) if the
+ application's requested version number differs from libotr's.
+ Rather, return a non-zero error code, and have the application
+ clean up gracefully. The OTRL_INIT macro now checks the error
+ code and does an exit(1) as the default behaviour, but the
+ application can do what it likes.
+
+2012-08-27
+
+ * src/auth.h:
+ * src/auth.c:
+ * src/message.c: Record the time the last COMMIT was sent from a
+ master context. This will be used to clear the committed key
+ from the master context once we don't expect any more instances
+ of our buddy to respond with a DHKEY message.
+
+ * UPGRADING:
+ * src/userstate.h:
+ * src/userstate.c:
+ * src/message.h:
+ * src/message.c: Add a timer_control callback to
+ OtrlMessageAppOps in order to actually clear out the above stale
+ committed keys.
+
+2012-08-26
+
+ * src/context.c:
+ * src/context_priv.c:
+ * src/context_priv.h: libotr was exporting exactly two functions
+ without the otrl_ prefix: context_priv_new and
+ context_priv_force_finished. Change the names of these
+ functions to start with otrl_. Thanks to David Goulet
+ <dgoulet@ev0ke.net> for noticing it.
+
+ * Protocol-v3.html: Document the v3 whitespace tag, and better
+ document the extra symmetric key. Thanks to Kjell Braden
+ <kb@pentabarf.de> for noticing the omission.
+
+2012-08-25
+
+ * src/sm.c:
+ * src/context.c:
+ * src/auth.c:
+ * src/message.c: If OTRL_DEBUGGING is non-zero, then a message
+ containing a special debug string ("?OTR!") will cause debug
+ info to be printed to stderr. (This #define should *not* be set
+ in release code.)
+
+ * src/auth.c:
+ * src/auth.h:
+ * src/message.c: Correct the logic for handling incoming COMMIT
+ messages when we've recently sent our own COMMIT message.
+
+ * src/message.c: Don't update the recent_sent_child field to
+ point to the master context just becuase we sent a version 3
+ COMMIT message (which has no destination instance).
+
+2012-08-24
+
+ * README:
+ * configure.ac: Prepare for release 4.0.0
+
+2012-08-24
+
+ * src/message.c: Consider copying the master auth context to the
+ child, even if the child is already in ENCRYPTED, because we
+ might be trying to refresh a private conversation.
+
+2012-08-22
+
+ * configure.ac: Use gcc and ld hardening flags, where possible.
+ * configure.ac:
+ * src/auth.c:
+ * src/dh.c:
+ * src/mem.c:
+ * src/privkey.c:
+ * src/proto.c:
+ * src/sm.c:
+ * toolkit/sesskey.c: Build cleanly with -Wall -Wextra
+ -Wformat-security -Wno-unused-parameter
+
+2012-08-17
+
+ * src/message.c: Don't call memchr(foo,'\0',-1) even if it has
+ no ill effects. Thanks to George Kadianakis
+ <desnacked@riseup.net> for the report.
+
+2012-07-20
+
+ * src/message.c, src/instag.c, toolkit/parse.c, src/sm.c,
+ src/proto.c, src/privkey.c, src/auth.c, src/context.[ch]:
+ Fix some memory leaks, some NULL pointer handling, and
+ compilation warnings. Thanks to Paul Wouters
+ <pwouters@redhat.com> for the report.
+
+ * src/message.c: Better handling of OTRv3 fragments.
+
+2012-07-19
+
+ * src/b64.[ch], src/proto.c, toolkit/parse.c: Clean up the
+ previous b64 patch and apply it to all places where
+ otrl_base64_decode() is called.
+
+2012-07-17
+
+ * src/b64.c: Use ceil instead of floor to compute the size
+ of the data buffer. This prevents a one-byte heap buffer
+ overflow. Thanks to Justin Ferguson <jnferguson@gmail.com>
+ for the report.
+
+2012-06-21
+
+ * src/context.c: A couple bug fixes.
+ * Release 4.0.0-beta2
+
+2012-06-07
+
+ * Release 4.0.0-beta1
+
+2012-05-08:
+
+ * src/instag.c:
+ * src/message.c: Returning proper gcry types to avoid
+ compile warnings.
+
+2012-05-03:
+
+ * src/instag.c: Fixed otrl_instag_new().
+
+2012-04-30:
+
+ * AUTHORS:
+ * README:
+ * toolkit/otr_parse.c:
+ * toolkit/otr_remac.c:
+ * toolkit/parse.c:
+ * toolkit/parse.h:
+ * src/auth.c:
+ * src/auth.h:
+ * src/context.c:
+ * src/context.h:
+ * src/message.c:
+ * src/message.h:
+ * src/privkey.c:
+ * src/privkey.h:
+ * src/proto.c:
+ * src/proto.h:
+ * src/serial.h:
+ * src/tests.c:
+ * src/userstate.c:
+ * src/userstate.h: More changes for instance tags (Rob Smits).
+
+2009-06-11:
+
+ * src/auth.c:
+ * src/auth.h:
+ * src/context.c:
+ * src/context.h:
+ * src/context_priv.h:
+ * src/message.c:
+ * src/message.h:
+ * src/privkey.c:
+ * src/privkey.h:
+ * src/proto.c:
+ * src/proto.h:
+ * src/serial.h:
+ * src/tests.c:
+ * src/userstate.c:
+ * src/userstate.h: Core instance tag functionality (Lisa Du).
+
+2009-09-30:
+
+ * Protocol-v2.html: Edits from Göran Weinholt
+ <goran@weinholt.se>
+
+2009-04-28:
+
+ * src/auth.c: pubkey_type should be shifted by 8, not 16. It
+ doesn't matter right now, because it's always 0, but still.
+ (Thanks to Can Tang.)
+
+2008-08-15:
+
+ * src/Makefile.am:
+ * src/context.c:
+ * src/context.h:
+ * src/context_priv.c:
+ * src/context_priv.h:
+ * src/message.c:
+ * src/message.h:
+ * src/proto.c:
+ * src/proto.h: Willy Lew's updates of the libotr API
+
+2008-08-06:
+
+ * src/proto.c: gcc 4.2 with -O2 assumes that integer overflow
+ never occurs when optimizing away tests, including those for
+ integer overflow. The code was made more specific.
+
+2008-07-09:
+
+ * src/privkey.h:
+ * src/privkey.c: Add otrl_privkey_generate_cancel to handle the
+ case that the background key generation thread is cancelled or
+ fails.
+
+2008-07-06:
+
+ * configure.ac: Update libtool version to match 4.0.0.
+
+ * src/privkey-t.h:
+ * src/privkey.c:
+ * src/privkey.h:
+ * src/userstate.c:
+ * src/userstate.h: Support for generating privkeys in a
+ background thread.
+
+2008-07-02:
+
+ * version.h: Change version number to 4.0.0 (but still far from
+ release).
+
+ * tlv.h:
+ * proto.h:
+ * proto.c:
+ * message.h:
+ * message.c:
+ * dh.h:
+ * dh.c: Support for applications requesting an extra session key
+ that can be used for things like file transfers.
+
+ * message.h:
+ * message.c: Applications now use the handle_smp_event callback
+ to handle SMP events, rather than having to hardcode part of the
+ SMP state machine themselves.
+
+2008-06-15:
+
+ * README: Release version 3.2.0.
+
+2008-06-13:
+
+ * UPGRADING: Clarify what was new in 3.1.0, what was changed
+ in 3.2.0.
+
+2008-05-27:
+
+ * UPGRADING: Update documentation.
+
+ * README:
+ * toolkit/*.[ch]:
+ * src/*.[ch]: Update copyright dates to 2004-2008.
+
+ * src/tlv.h: Add new OTRL_TLV_SMP1Q TLV type to indicate an
+ instance of the first SMP message, with an explicit question.
+
+ * src/sm.h:
+ * src/sm.c: More carefully track the progress of the SMP using a
+ new smp_prog_state field. Also keep track of whether Bob
+ received an explicit question from Alice using a new
+ received_question field.
+
+ * src/message.c: Handle explicit questions for the SMP.
+
+ * src/message.c: Behave better if an SMP message fails
+ verification.
+
+ * README:
+ * configure.ac:
+ * src/version.h: Update version number to 3.2.0.
+
+2007-07-26
+
+ * src/sm.c:
+ * src/message.c: ISO C cleanups (no mixing declarations with
+ code)
+
+ * src/sm.c: Fixed a 64-bit pointer error
+
+2007-07-25
+
+ * src/message.c: Behave sanely if we receive a totally malformed
+ SMP message.
+
+2007-07-24
+
+ * src/proto.h:
+ * src/proto.c:
+ * src/message.c: Implemented fragmentation of large messages
+
+ * src/message.h: New callback for fragmentation
+
+ * src/privkey.h:
+ * src/privkey.c (otrl_privkey_fingerprint_raw): New function to
+ return a raw hash of an account's public key
+
+ * src/proto.c: Keep track of the API version number passed to
+ otrl_init()
+
+ * src/context.h:
+ * src/context.c:
+ * src/tlv.h:
+ * src/sm.h:
+ * src/sm.c: Implemented the Socialist Millionaires' Protocol for
+ authenticating buddies without using user-visible fingerprints
+
+ * src/b64.h:
+ * src/b64.c (decode, otrl_base64_decode): Corrected char vs.
+ unsigned char
+
+ * README:
+ * configure.ac:
+ * src/version.h: Change version number to 3.1.0
+
+ * Most files: Update copyright information
+
+2007-07-23
+
+ * src/message.h:
+ * src/message.c: Added account_name and account_name_free callbacks
+ to OtrlMessageAppOps to let the application choose how to
+ display the account name in OTR Error Messages. Based on a
+ patch from Evan Schoenberg <evan.s@dreskin.net>.
+
+2006-07-24
+
+ * src/privkey.h:
+ * src/privkey.c: Add routines to read and write privkey and
+ fingerprint data to FILE*s, instead of to filenames.
+
+2006-05-09
+
+ * Protocol-v2.html: Fix a typo, and correct the documentation
+ regarding when MAC keys are revealed.
+
+2006-04-13
+
+ * src/context.h: Change "struct fingerprint" to "struct
+ s_fingerprint" to appease some C++ compilers.
+
+2006-02-09
+
+ * src/auth.c (otrl_auth_handle_v1_key_exchange): Fix
+ uninitialized variable received_pub.
+
+2005-12-30
+
+ * src/message.c: Fix a typo, thanks to Anton Blanchard
+ <anton@samba.org>.
+
+2005-11-20
+
+ * src/proto.h: Fix typo in policy #defines.
+
+2005-11-02
+
+ * README:
+ * src/version.h: Release version 3.0.0
+
+2005-10-30
+
+ * Protocol-v2.html: Clarified the uniqueness conditions for the
+ counter.
+
+ * src/auth.c (otrl_auth_handle_v1_key_exchange): Clear the auth
+ structure when we receive an unexpected v1 Key Exchange Message.
+
+2005-10-27
+
+ * src/auth.h:
+ * src/auth.c:
+ * src/message.c: Ensure version 2 AKEs are always done with
+ fresh D-H parameters.
+
+ * src/proto.h:
+ * src/proto.c:
+ * src/message.c: Add a "flags" field to the version 2 Data
+ Message, which can indicate that the Data Message should be
+ ignored if unreadable (as opposed to displaying an error).
+
+ * toolkit/parse.h:
+ * toolkit/parse.c:
+ * toolkit/otr_parse.c:
+ * toolkit/otr_remac.c: Deal with the new kind of Data Message.
+
+ * src/message.c: Use the gone_secure callback instead of the
+ still_secure callback if the other side changes its fingerprint.
+
+2005-10-19
+
+ * src/context.h:
+ * src/context.c: Added protocol_version as an explicit field in
+ the ConnContext.
+
+ * src/message.h:
+ * src/message.c: protocol_version no longer needs to be
+ explicitly passed to the gone_secure() and still_secure()
+ callbacks.
+
+ * packaging/fedora/libotr.spec: Patches from Paul
+
+ * src/proto.c (rotate_dh_keys): Avoid potential double
+ gcry_cipher_close().
+
+ * src/tests.c: Regression test for double gcry_cipher_close().
+
+2005-10-16
+
+ * Major overhaul with implementation of version 2 AKE.
+
+2005-08-08
+
+ * toolkit/otr_parse.c (parse): Ignore MACs that are too short,
+ rather than going into an infinite loop.
+
+2005-08-04
+
+ * Protocol: Added section describing fragments.
+
+ * src/proto.h:
+ * src/proto.c (otrl_proto_fragment_accumulate):
+ * src/context.h:
+ * src/context.c (new_context, otrl_context_force_setup): Keep
+ track of fragments in the ConnContext structure.
+
+ * src/message.c (otrl_message_receiving): Handle fragments in
+ received messages.
+
+ * src/mem.c: Don't do arithmetic on void pointers.
+
+2005-07-29
+
+ * src/message.h:
+ * src/message.c: Move ops to be the first param of
+ new_fingerprint, as it is with all the other callbacks.
+
+ * src/context.h:
+ * src/context.c (otrl_context_set_preshared_secret):
+ * src/dh.h:
+ * src/dh.c (otrl_dh_session, otrl_dh_cmpctr):
+ * src/message.h:
+ * src/message.c (otrl_message_sending, send_or_error, process_kem)
+ (otrl_message_receiving, otrl_message_disconnect):
+ * src/privkey.h:
+ * src/privkey.c (otrl_privkey_hash_to_human):
+ * src/proto.h:
+ * src/proto.c (otrl_proto_create_data):
+ * src/tlv.h:
+ * src/tlv.c (otrl_tlv_new, otrl_tlv_parse, otrl_tlv_seriallen)
+ (otrl_tlv_serialize): Add missing "const"s. (Closes #1243963)
+
+2005-06-24
+
+ * README:
+ * configure.ac:
+ * packaging/fedora/libotr.spec:
+ * src/version.h: Change version to 3.0.0 (but don't yet release)
+
+ * Protocol: Clarify that, if the user requests to see the secure
+ session id in the middle of the conversation, the value
+ displayed should be the one calculated at the time the private
+ connection was established (the last Key Exchange Message that
+ caused a rekeying), _not_ the DH secure id calculated from DH
+ keys in more recent Data Messages.
+
+ * libotr.m4: Have the version check require an exact match on
+ the major version, since, for example, source that expects
+ libotr 2.0.0 won't work with libotr 3.0.0.
+
+ * libotr.m4: Add #include <stdlib.h> to the version test so that
+ it compiles cleanly with -Wall -Werror.
+
+ * src/proto.c:
+ * src/dh.h:
+ * src/dh.c:
+ * src/context.h:
+ * src/context.c: Save the secure session id so that it can be
+ displayed to the user upon request, instead of only when the
+ private session is initially set up.
+
+ * src/privkey.c:
+ * src/context.h:
+ * src/context.c: Allow the app to set a "trust level" for
+ fingerprints. This is an arbitrary string, intended to indicate
+ whether (or possibly by what means) the user has verified that
+ this fingerprint is accurate.
+
+ * src/context.h:
+ * src/context.c: Allow the app to set an arbitrary binary
+ "preshared secret" for the ConnContext. This is currently
+ unused, but in the future it would allow for users to exchange a
+ secret _before_ they generate their fingerprints. [But the
+ protocol would have to be extended to support this.]
+
+ * src/message.h:
+ * src/message.c: Remove the "confirm_fingerprint" callback
+ which requires the user to acknowledge the new fingerprint
+ before it can be used. Replace it with a "new_fingerprint"
+ callback which merely informs the user that a new fingerprint
+ has been received.
+
+2005-05-13
+
+ * libotr.m4: Fixed a bug which made configure fail to find the
+ libotr header files if they weren't in the standard place.
+
+2005-05-09
+
+ * src/privkey.c (otrl_privkey_read_fingerprints): Allow fields,
+ particularly accountnames, to contain spaces. Closes #1198379.
+
+2005-05-03
+
+ * README:
+ * configure.ac:
+ * packaging/fedora/libotr.spec:
+ * src/version.h: Change version to 2.0.2
+
+ * packaging/debian: Remove this directory, as Thibaut VARENE
+ <varenet@debian.org> is now responsible for the debian packages.
+
+2005-02-23
+
+ * src/privkey.c (otrl_privkey_hash_to_human): Avoid writing a
+ NUL one byte past the end of the buffer
+
+2005-02-16
+
+ * README:
+ * configure.ac:
+ * packaging/debian/changelog:
+ * packaging/fedora/libotr.spec:
+ * src/version.h: Change version to 2.0.1
+
+2005-02-15
+
+ * src/message.c (otrl_message_sending, otrl_message_receiving)
+ (otrl_message_disconnect):
+ * src/proto.c (otrl_proto_accept_key_exchange)
+ (otrl_proto_create_data, otrl_proto_accept_data): Don't send
+ encrypted messages to a buddy who has disconnected his private
+ connection with us.
+
+ * src/message.c (otrl_message_sending): Don't show the user the
+ "the last message was resent" notice if the message has never
+ actually been sent before.
+
+2005-02-09
+
+ * src/proto.c (otrl_proto_create_data): Copy the msg before
+ using since, since it may be an alias for context->lastmessage,
+ which we're going to gcry_free().
+
+2005-02-08
+
+ * README:
+ * configure.ac:
+ * packaging/debian/changelog:
+ * packaging/fedora/libotr.spec:
+ * src/version.h: Change version to 2.0.0
+
+2005-02-07
+
+ * src/context.h:
+ * src/context.c (new_context, otrl_context_force_setup):
+ * src/message.c (otrl_message_sending, otrl_message_receiving):
+ * src/proto.c (otrl_proto_accept_key_exchange): Keep track of
+ whether the last message is eligible for retransmission.
+
+2005-02-02
+
+ * README:
+ * configure.ac:
+ * packaging/debian/changelog:
+ * packaging/fedora/libotr.spec:
+ * src/version.h: Change version to 1.99.0
+
+ * packaging/debian/libotr1.dirs:
+ * packaging/debian/libotr1.install:
+ * packaging/debian/rules: Build and install with the correct mandir
+
+ * packaging/debian/rules: Install a shlibs file
+
+ * packaging/debian/control: Add Replaces: to the packages so
+ that dpkg -i will install them.
+
+ * toolkit/Makefile.am: Create the mandir if it's not yet there
+
+ * packaging/debian/libotr1-dev.dirs:
+ * packaging/debian/libotr1-dev.install:
+ * packaging/fedora/libotr.spec: Package the libotr.m4 file
+
+ * Protocol: Added sections on policies and TLVs
+
+2005-02-01
+
+ * Makefile.am:
+ * src/Makefile.am:
+ * toolkit/Makefile.am: Use automake-1.8
+
+2005-01-31
+
+ * tlv.h:
+ * tlv.c:
+ * src/Makefile.am: add new files tlv.c and tlv.h
+
+ * src/message.c (otrl_message_sending): Allow you to specify a
+ TLV chain to attach to a message.
+
+ * src/message.c (otrl_message_receiving): Also return any TLV
+ chain attached to the message, if present.
+
+ * src/README: Document new TLV parameters to message functions.
+
+ * src/message.c (otrl_message_receiving): No longer handle
+ messages starting with "?OTR:" specially; that functionality now
+ goes into TLVs.
+
+ * src/message.c (otrl_message_disconnect): Send the notice of
+ disconnect as a OTRL_TLV_DISCONNECTED TLV.
+
+2005-01-30
+
+ * README: update documentation for 2.0.0 API
+
+ * src/message.c (otrl_message_receiving): Only send heartbeats
+ in response to "real" messages.
+
+ * src/message.c (otrl_message_receiving): If we receive a DATA
+ message whose *plaintext* starts with "?OTR:", display it with
+ display_otr_message if possible.
+
+ * src/message.c (otrl_message_receiving): Display OTR_ERROR
+ messages without the leading '?' using display_otr_message.
+
+ * src/message.h (otrl_message_disconnect):
+ * src/message.c (otrl_message_disconnect): new function
+
+ * src/message.c (otrl_message_receiving): Display the "received
+ unencrypted" warning message if we receive an unencrypted
+ message with policy ALWAYS, even when not CONNECTED.
+
+2005-01-29
+
+ * src/proto.c (otrl_proto_accept_key_exchange):
+ * src/message.c (otrl_message_sending, process_kem): Make the
+ retransmission of an unencrypted message in ALWAYS work.
+
+2005-01-28
+
+ * src/message.h: New callback for checking whether a given user
+ is online.
+
+ * src/message.c (otrl_message_sending): Notify the user if he
+ attempts to send an unencrypted message with policy ALWAYS.
+
+ * src/message.h: New callback for fetching OTR policy
+ * src/message.c (otrl_message_sending): Create a ConnContext if
+ we don't have one already. Use it to fetch the OTR policy.
+ Just return if the policy is NEVER. Only append the whitespace
+ tag if the policy is OPPORTUNISTIC or ALWAYS. Don't send
+ unencrypted messages in ALWAYS, but store them for
+ retransmission later.
+ * src/message.c (otrl_message_receiving): Fetch the OTR policy.
+ Just return if the policy is NEVER. Only send a Key Exchange
+ Message in response to an unexpected Data or Error Message in
+ OPPORTUNISTIC and ALWAYS. Only recognize the whitespace tag in
+ OPPORTUNISTIC and ALWAYS.
+
+ * src/message.h:
+ * src/message.c: add accountname/protocol/username parameters to
+ notify callback
+
+ * src/message.h:
+ * src/message.c: add display_otr_message callback for displaying
+ OTR control messages
+
+2005-01-27
+
+ * src/privkey.h: #include <gcrypt.h> since we use things from
+ libgcrypt in the .h file
+
+ * src/proto.h:
+ * src/proto.c: Make otrl_init take unsigned ints as arguments.
+
+ * src/context.h:
+ * src/context.c:
+ * src/message.c:
+ * src/proto.c: Keep track of the last message sent, and
+ potentially resend it if sending it the first time triggered a
+ rekey (because the other side had lost its OTR state, for
+ example).
+
+2005-01-26
+
+ * packaging/debian/control: Changed debian package names to
+ libotr1 and libotr1-dev.
+
+ * libotr.m4: Added copyright notice, more comments
+
+ * src/userstate.c:
+ * src/userstate.h: New files
+
+ * src/Makefile.am: Added -Wall to default CFLAGS
+ * toolkit/Makefile.am: Added -Wall to default CFLAGS
+
+ * src/context.c (otrl_context_find, otrl_context_forget_all):
+ * src/context.h (otrl_context_find, otrl_context_forget_all):
+ * src/message.c (otrl_message_sending, process_kem)
+ (process_confresp, otrl_message_receiving):
+ * src/message.h (otrl_message_sending, otrl_message_receiving)
+ (OtrlMessageAppOps.confirm_fingerprint):
+ * src/privkey.c (otrl_privkey_fingerprint, otrl_privkey_read)
+ (otrl_privkey_generate, otrl_privkey_read_fingerprints)
+ (otrl_privkey_write_fingerprints, otrl_privkey_find)
+ (otrl_privkey_forget_all):
+ * src/privkey.h (otrl_privkey_fingerprint, otrl_privkey_read)
+ (otrl_privkey_generate, otrl_privkey_read_fingerprints)
+ (otrl_privkey_write_fingerprints, otrl_privkey_find)
+ (otrl_privkey_forget_all):
+ * src/proto.c (otrl_proto_create_key_exchange)
+ (otrl_proto_accept_key_exchange):
+ * src/proto.h (otrl_proto_create_key_exchange)
+ (otrl_proto_accept_key_exchange): Added OtrlUserState parameter
+ to many calls, eliminating global state.
+
+ * src/privkey.c (otrl_privkey_fingerprint): the buffer is now
+ passed in, and not static
+
+2005-01-25
+
+ * src/version.h: bumped version number to 2.0.0 because API
+ changed incompatibly
+ * configure.ac: bumped version number to 2.0.0 because API
+ changed incompatibly
+
+ * src/message.h: added accountname parameter to
+ confirm_fingerprint callback
+ * src/message.c: passed accountname to confirm_fingerprint
+ callback
+
+ * libotr.m4: new file
+ * Makefile.am: install (and uninstall) new libotr.m4 file
+
+ * tools/Makefile.am: clean up manpage symlinks and add an
+ uninstall rule
+
+2005-01-23
+
+ * src/proto.h: moved numeric version defines into version.h
+ * src/version.h: moved numeric version defines into version.h
+
+ * src/message.c (otrl_message_receiving): Update the context
+ list if we create a new context
+
+2005-01-22
+
+ Released 1.0.4.
+
+ Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>.
+
+ * src/message.c: log, but otherwise ignore, unrecognized OTR
+ messages