9 Mar 2016:
- Release 4.1.1
- Fix an integer overflow bug that can cause a heap buffer overflow (and
from there remote code execution) on 64-bit platforms
- Fix possible free() of an uninitialized pointer
- Be stricter about parsing v3 fragments
- Add a testsuite ("make check" to run it), but only on Linux for now,
since it uses Linux-specific features such as epoll
- Fix a memory leak when reading a malformed instance tag file
- Protocol documentation clarifications
21 Oct 2014:
- Release 4.1.0
- Modernized autoconf build system
- Use constant-time comparisons where needed
- Use gcrypt secure memory allocation
- Correctly reject attempts to fragment a message into too many pieces
- Fix a missing opdata when sending message fragments
- Don't lose the first user message when REQUIRE_ENCRYPTION is set
- Fix some memory leaks
- Correctly check for children contexts' state when forgetting a context
- API Changes:
- Added API functions otrl_context_find_recent_instance and
otrl_context_find_recent_secure_instance.
24 Aug 2012:
- Release 4.0.0
- Support v3 of the OTR protocol
- The main new feature: sensibly handle the case where a user is logged
in multiple times to the same IM account
- API changes:
- instance tags, to support multiple simultaneous logins
- support for asynchronous private key generation
- the ability to provide an "extra" symmetric key to applications
(with forward secrecy)
- applications can supply a formation conversion callback if they do
not natively use XHTML-style UTF8 markup
- error messages formerly provided by libotr are now handled using
callbacks to the application, for better i18n support
- otrl_message_sending now handles message fragmentation internally
27 May 2008:
- Added support for one-way authentication using an explicit question,
based on the SOUPS 2008 user study.
1 Aug 2007:
- Released 3.1.0
24 Jul 2007:
- Added fragmentation support for large messages
- Added new method for buddy authentication which does not require the
(explicit) use of fingerprints.
02 Nov 2005:
- Released 3.0.0
16 Oct 2005:
- Major overhaul with implementation of version 2 of the protocol.
24 Jun 2005:
- Remove the "confirm_fingerprint" callback which requires the user to
acknowledge the new fingerprint before it can be used. Replace it
with a "new_fingerprint" callback which merely informs the user that a
new fingerprint has been received.
- Allow the app to set a "trust level" for fingerprints. This is an
arbitrary string, intended to indicate whether (or possibly by what
means) the user has verified that this fingerprint is accurate.
- Clarify that, if the user requests to see the secure session id in
the middle of the conversation, the value displayed should be the one
calculated at the time the private connection was established (the
last Key Exchange Message that caused a rekeying), _not_ the DH secure
id calculated from DH keys in more recent Data Messages.
03 May 2005:
- Released 2.0.2
16 Feb 2005:
- Released 2.0.1
- Don't send encrypted messages to a buddy who has disconnected his
private connection with us.
- Don't show the user the "the last message was resent" notice if the
message has never actually been sent before.
- Fix a crash bug that happened when messages were retransmitted under
certain circumstances.
08 Feb 2005:
- Released 2.0.0
- Keep track of whether a given message is eligible for retransmission
02 Feb 2005:
- Released 1.99.0, the first preview release of 2.0.0
31 Jan 2005:
- Machine-readable records can now be attached to Data Messages inside
the private channel.
30 Jan 2005:
- New OtrlUserState datatype encapsulates private keys and known
fingerprints, instead of having a single global list.
- Added libotr.m4 for helping to autoconfiscate packages that use
libotr.
- Resend the last message if it caused a re-keying.
- New OtrlPolicy datatype allows you to specify a per-connection OTR
policy: never use OTR, OTR only if manually requested, automatically
start OTR if possible, refuse to *not* use OTR.
- New callbacks: display_otr_message, policy, is_logged_in
22 Jan 2005:
- Released 1.0.4
- Log, but otherwise ignore, unrecognized OTR messages.
- Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>.
18 Jan 2005:
- Released 1.0.3
- Split gaim-otr and libotr into separate packages.
13 Jan 2005:
- Generate private keys automatically, if needed. Show a Please Wait
dialog while this is happening.
- We may as well try to use the "tag" method of checking for OTR, even
when we don't already know a fingerprint for the correspondent.
- Add version checking to the otrl_init() call.
12 Jan 2005:
- Refactored the logic parts of gaim-otr into libotr, so they can be
shared by other libotr-enabled apps.
21 Dec 2004:
- Released 1.0.2
- If a Man-in-the-Middle steals both Alice's and Bob's DSA private keys,
he can perform a birthday attack to try to get his session id with
each end to match. Since the session id was only 64 bits long, his
work was only 2^32, which is not enough. We now make the session id
the whole SHA-1 hash, instead of truncating it.
- Made otr_sesskeys output the calculated public key as well, for added
ease of forging messages when you don't know any plaintext.
14 Dec 2004:
- Released 1.0.1
- Added a more sensible error message in the event that we receive our
own OTR Key Exchange messages.
- If we're about to send a plaintext message to a correspondent for whom
we've got a fingerprint, append a special (whitespace) OTR tag
sequence. The other side (if in fact running OTR) will recognize it
and start a Key Exchange.
12 Dec 2004:
- Released 1.0.0
11 Dec 2004:
- OTR button now gets sensitized and desensitized along with the other
buttons in the conversation window when you log in and out of
accounts.
10 Dec 2004:
- Released 0.9.9rc2
- Heartbeats now only get sent if (1) we have just received a message,
and (2) we haven't sent one to that user in over a minute.
09 Dec 2004:
- Back out of the sending of heartbeats. They were causing too many
problems. It seems some networks don't let buddies know when you
log out, and then you get a dialog box "unable to send message" each
minute. :-(
08 Dec 2004:
- Released 0.9.9rc1
- Removed the 100 private connection limit, by not using a fixed amount
of secure memory. Unfortuantely, this means that *no* memory is
pinned any more, but pinning only ever happened before in the unlikely
event you ran gaim as root.
- Changed the "Private connection with (username) refreshed" dialog at
Paul's request so that it's no longer in "scary" "evil" bold, and
rephrased it so it's less likely to be misread as "refused" instead of
"refreshed". ;-)
- We now send heartbeats (OTR Data Messages with an empty message part)
once a minute, to anyone we're confident is still online. If both
sides are doing this, then keys get rotated regularly, even if one
or both sides aren't actively typing. This aids perfect forward
secrecy.
04 Dec 2004:
- Fixed a bug wherein multi-person chat windows would get the OTR button
in their button bar if the OTR plugin was enabled when one of them was
active.
03 Dec 2004:
- Released 0.9.1
02 Dec 2004:
- Clicking "OTR: Private" when you're already private will display an
info dialog letting you know the connection was refreshed (assuming it
actually is; if the other side isn't running OTR at all, the dialog
doesn't show, and if the other side had lost its private connection, a
new one will be established, with the "new private connection" dialog
displayed to each side (as before)).
- The toolip for "OTR: Private" is now "Refresh the private connection".
- "make install" now depends on "make all".
- Added man page for OTR toolkit programs
- Log a debug message when we receive and discard a heartbeat
1 Dec 2004:
- Fixed the Makefiles so that "make clean" also removes the binaries
- Fixed the Makefiles so that they install into DESTDIR
- Added packaging/debian
30 Nov 2004:
- Released 0.9.0
- Included the OTR Messaging Toolkit. See the README for details.
28 Nov 2004:
- Finished the Protocol document
- Changed the name of the plugin binary from "otr-plugin.so" to
"gaim-otr.so". *** NOTE: this means you'll have to (1) remove the
old otr-plugin.so file from your plugins directory, and (2) re-enable
the Off-the-Record Messaging plugin in the Preferences panel.
- Included MAC keys used to create messages in the revealed MAC section
of the Data message, in addition to MAC keys used to verify messages.
- Set all exported symbols to start with otrl_ (for the library) or
otrg_ (for the gaim plugin), in preparation for moving the pieces
into their own directories.
- If we receive a Data message with no actual message in it, don't
display it to the user. This may eventually be useful for doing
"heartbeat" key rotations.
- Separated libotr and gaim-otr into their own directories.
27 Nov 2004:
- Switched from using gaim_notify_* to a slightly modified version that
doesn't grab the focus
26 Nov 2004:
- Put all the cipher operations in secure memory. This makes each
private connection take 9472 bytes of secure memory, so we up the
available amount of secure memory to 100 times that. Eventually,
we'd like to make this dynamically grow.
25 Nov 2004:
- Released 0.8.3
- Don't put the DSA keys in libgcrypt secure memory, since (a) we read
them off disk anyway, and (b) we want to avoid running out of secure
memory.
- Removed the "Do you want to start a private conversation" dialogs when
one side in encrypted and the other side isn't, and instead just try
to start one if we know for sure the other side supports it.
- Sped up the DH computations by using a 320-bit exponent.
23 Nov 2004:
- Released 0.8.2
- There was a crash if you received an OTR Query before setting up a
private key. Fixed.
- The fingerprint in the UI is now selectable, for cut/paste.
- *** Protocol change. We're no longer backward compatible.
- The "revealed MAC keys" moved out of the MAC'd region of the data
packet. It's not wrong where it is, but it's more obviously
correct in the new place.
22 Nov 2004:
- Released 0.8.1
- Jabber wasn't working, for two reasons:
- it sticks <tags>...</tags> around the message
- it refers to the same user by multiple names; e.g. "user@jabber.org"
vs. "user@jabber.org/Gaim"
Both are now fixed: we look for the OTR message anywhere in the packet
now, not just at the beginning, and we normalize all usernames.
- Each account now has its own private key / fingerprint
- This is so you don't automatically leak the information that the
accounts are owned by the same person
- There's a better indicator of private / not private status in the
conversation window, which you can click to start the private
communication.
21 Nov 2004:
- Initial 0.8.0 release