diff options
Diffstat (limited to 'comm/third_party/libotr/NEWS')
-rw-r--r-- | comm/third_party/libotr/NEWS | 273 |
1 files changed, 273 insertions, 0 deletions
diff --git a/comm/third_party/libotr/NEWS b/comm/third_party/libotr/NEWS new file mode 100644 index 0000000000..1be74666e3 --- /dev/null +++ b/comm/third_party/libotr/NEWS @@ -0,0 +1,273 @@ +9 Mar 2016: +- Release 4.1.1 +- Fix an integer overflow bug that can cause a heap buffer overflow (and + from there remote code execution) on 64-bit platforms +- Fix possible free() of an uninitialized pointer +- Be stricter about parsing v3 fragments +- Add a testsuite ("make check" to run it), but only on Linux for now, + since it uses Linux-specific features such as epoll +- Fix a memory leak when reading a malformed instance tag file +- Protocol documentation clarifications + +21 Oct 2014: +- Release 4.1.0 +- Modernized autoconf build system +- Use constant-time comparisons where needed +- Use gcrypt secure memory allocation +- Correctly reject attempts to fragment a message into too many pieces +- Fix a missing opdata when sending message fragments +- Don't lose the first user message when REQUIRE_ENCRYPTION is set +- Fix some memory leaks +- Correctly check for children contexts' state when forgetting a context +- API Changes: + - Added API functions otrl_context_find_recent_instance and + otrl_context_find_recent_secure_instance. + +24 Aug 2012: +- Release 4.0.0 +- Support v3 of the OTR protocol +- The main new feature: sensibly handle the case where a user is logged + in multiple times to the same IM account +- API changes: + - instance tags, to support multiple simultaneous logins + - support for asynchronous private key generation + - the ability to provide an "extra" symmetric key to applications + (with forward secrecy) + - applications can supply a formation conversion callback if they do + not natively use XHTML-style UTF8 markup + - error messages formerly provided by libotr are now handled using + callbacks to the application, for better i18n support + - otrl_message_sending now handles message fragmentation internally + +27 May 2008: +- Added support for one-way authentication using an explicit question, + based on the SOUPS 2008 user study. + +1 Aug 2007: +- Released 3.1.0 + +24 Jul 2007: +- Added fragmentation support for large messages +- Added new method for buddy authentication which does not require the + (explicit) use of fingerprints. + +02 Nov 2005: +- Released 3.0.0 + +16 Oct 2005: +- Major overhaul with implementation of version 2 of the protocol. + +24 Jun 2005: +- Remove the "confirm_fingerprint" callback which requires the user to + acknowledge the new fingerprint before it can be used. Replace it + with a "new_fingerprint" callback which merely informs the user that a + new fingerprint has been received. +- Allow the app to set a "trust level" for fingerprints. This is an + arbitrary string, intended to indicate whether (or possibly by what + means) the user has verified that this fingerprint is accurate. +- Clarify that, if the user requests to see the secure session id in + the middle of the conversation, the value displayed should be the one + calculated at the time the private connection was established (the + last Key Exchange Message that caused a rekeying), _not_ the DH secure + id calculated from DH keys in more recent Data Messages. + +03 May 2005: +- Released 2.0.2 + +16 Feb 2005: +- Released 2.0.1 +- Don't send encrypted messages to a buddy who has disconnected his + private connection with us. +- Don't show the user the "the last message was resent" notice if the + message has never actually been sent before. +- Fix a crash bug that happened when messages were retransmitted under + certain circumstances. + +08 Feb 2005: +- Released 2.0.0 +- Keep track of whether a given message is eligible for retransmission + +02 Feb 2005: +- Released 1.99.0, the first preview release of 2.0.0 + +31 Jan 2005: +- Machine-readable records can now be attached to Data Messages inside + the private channel. + +30 Jan 2005: +- New OtrlUserState datatype encapsulates private keys and known + fingerprints, instead of having a single global list. +- Added libotr.m4 for helping to autoconfiscate packages that use + libotr. +- Resend the last message if it caused a re-keying. +- New OtrlPolicy datatype allows you to specify a per-connection OTR + policy: never use OTR, OTR only if manually requested, automatically + start OTR if possible, refuse to *not* use OTR. +- New callbacks: display_otr_message, policy, is_logged_in + +22 Jan 2005: +- Released 1.0.4 +- Log, but otherwise ignore, unrecognized OTR messages. +- Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>. + +18 Jan 2005: +- Released 1.0.3 +- Split gaim-otr and libotr into separate packages. + +13 Jan 2005: +- Generate private keys automatically, if needed. Show a Please Wait + dialog while this is happening. +- We may as well try to use the "tag" method of checking for OTR, even + when we don't already know a fingerprint for the correspondent. +- Add version checking to the otrl_init() call. + +12 Jan 2005: +- Refactored the logic parts of gaim-otr into libotr, so they can be + shared by other libotr-enabled apps. + +21 Dec 2004: +- Released 1.0.2 +- If a Man-in-the-Middle steals both Alice's and Bob's DSA private keys, + he can perform a birthday attack to try to get his session id with + each end to match. Since the session id was only 64 bits long, his + work was only 2^32, which is not enough. We now make the session id + the whole SHA-1 hash, instead of truncating it. +- Made otr_sesskeys output the calculated public key as well, for added + ease of forging messages when you don't know any plaintext. + +14 Dec 2004: +- Released 1.0.1 +- Added a more sensible error message in the event that we receive our + own OTR Key Exchange messages. +- If we're about to send a plaintext message to a correspondent for whom + we've got a fingerprint, append a special (whitespace) OTR tag + sequence. The other side (if in fact running OTR) will recognize it + and start a Key Exchange. + +12 Dec 2004: +- Released 1.0.0 + +11 Dec 2004: +- OTR button now gets sensitized and desensitized along with the other + buttons in the conversation window when you log in and out of + accounts. + +10 Dec 2004: +- Released 0.9.9rc2 +- Heartbeats now only get sent if (1) we have just received a message, + and (2) we haven't sent one to that user in over a minute. + +09 Dec 2004: +- Back out of the sending of heartbeats. They were causing too many + problems. It seems some networks don't let buddies know when you + log out, and then you get a dialog box "unable to send message" each + minute. :-( + +08 Dec 2004: +- Released 0.9.9rc1 +- Removed the 100 private connection limit, by not using a fixed amount + of secure memory. Unfortuantely, this means that *no* memory is + pinned any more, but pinning only ever happened before in the unlikely + event you ran gaim as root. +- Changed the "Private connection with (username) refreshed" dialog at + Paul's request so that it's no longer in "scary" "evil" bold, and + rephrased it so it's less likely to be misread as "refused" instead of + "refreshed". ;-) +- We now send heartbeats (OTR Data Messages with an empty message part) + once a minute, to anyone we're confident is still online. If both + sides are doing this, then keys get rotated regularly, even if one + or both sides aren't actively typing. This aids perfect forward + secrecy. + +04 Dec 2004: +- Fixed a bug wherein multi-person chat windows would get the OTR button + in their button bar if the OTR plugin was enabled when one of them was + active. + +03 Dec 2004: +- Released 0.9.1 + +02 Dec 2004: +- Clicking "OTR: Private" when you're already private will display an + info dialog letting you know the connection was refreshed (assuming it + actually is; if the other side isn't running OTR at all, the dialog + doesn't show, and if the other side had lost its private connection, a + new one will be established, with the "new private connection" dialog + displayed to each side (as before)). +- The toolip for "OTR: Private" is now "Refresh the private connection". +- "make install" now depends on "make all". +- Added man page for OTR toolkit programs +- Log a debug message when we receive and discard a heartbeat + +1 Dec 2004: +- Fixed the Makefiles so that "make clean" also removes the binaries +- Fixed the Makefiles so that they install into DESTDIR +- Added packaging/debian + +30 Nov 2004: +- Released 0.9.0 +- Included the OTR Messaging Toolkit. See the README for details. + +28 Nov 2004: +- Finished the Protocol document +- Changed the name of the plugin binary from "otr-plugin.so" to + "gaim-otr.so". *** NOTE: this means you'll have to (1) remove the + old otr-plugin.so file from your plugins directory, and (2) re-enable + the Off-the-Record Messaging plugin in the Preferences panel. +- Included MAC keys used to create messages in the revealed MAC section + of the Data message, in addition to MAC keys used to verify messages. +- Set all exported symbols to start with otrl_ (for the library) or + otrg_ (for the gaim plugin), in preparation for moving the pieces + into their own directories. +- If we receive a Data message with no actual message in it, don't + display it to the user. This may eventually be useful for doing + "heartbeat" key rotations. +- Separated libotr and gaim-otr into their own directories. + +27 Nov 2004: +- Switched from using gaim_notify_* to a slightly modified version that + doesn't grab the focus + +26 Nov 2004: +- Put all the cipher operations in secure memory. This makes each + private connection take 9472 bytes of secure memory, so we up the + available amount of secure memory to 100 times that. Eventually, + we'd like to make this dynamically grow. + +25 Nov 2004: +- Released 0.8.3 +- Don't put the DSA keys in libgcrypt secure memory, since (a) we read + them off disk anyway, and (b) we want to avoid running out of secure + memory. +- Removed the "Do you want to start a private conversation" dialogs when + one side in encrypted and the other side isn't, and instead just try + to start one if we know for sure the other side supports it. +- Sped up the DH computations by using a 320-bit exponent. + +23 Nov 2004: +- Released 0.8.2 +- There was a crash if you received an OTR Query before setting up a + private key. Fixed. +- The fingerprint in the UI is now selectable, for cut/paste. +- *** Protocol change. We're no longer backward compatible. + - The "revealed MAC keys" moved out of the MAC'd region of the data + packet. It's not wrong where it is, but it's more obviously + correct in the new place. + +22 Nov 2004: +- Released 0.8.1 +- Jabber wasn't working, for two reasons: + - it sticks <tags>...</tags> around the message + - it refers to the same user by multiple names; e.g. "user@jabber.org" + vs. "user@jabber.org/Gaim" + Both are now fixed: we look for the OTR message anywhere in the packet + now, not just at the beginning, and we normalize all usernames. +- Each account now has its own private key / fingerprint + - This is so you don't automatically leak the information that the + accounts are owned by the same person +- There's a better indicator of private / not private status in the + conversation window, which you can click to start the private + communication. + +21 Nov 2004: +- Initial 0.8.0 release |