1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
|
2016-03-07
* tests/regression/client/Makefile.am:
* tests/unit/Makefile.am: Add LIBGCRYPT_CFLAGS to the test suite
* Makefile.am:
* configure.ac: Only build the test suite on Linux, since it
currently uses Linux-specific features such as epoll
2016-03-06
* Makefile.am: Add bootstrap to the tarball
2016-03-04
* README:
* configure.ac:
* src/version.h: Bump version number to 4.1.1
2016-03-03
* src/proto.c (otrl_proto_accept_data):
* src/proto.c (otrl_proto_fragment_accumulate):
* src/proto.c (otrl_proto_fragment_create): Prevent integer
overflow on 64-bit architectures when receiving 4GB messages.
In several places in proto.c, the sizes of portions of incoming
messages were stored in variables of type int or unsigned int
instead of size_t. If a message arrives with very large
sizes (for example unsigned int datalen = UINT_MAX), then
constructions like malloc(datalen+1) will turn into malloc(0),
which on some architectures returns a non-NULL pointer, but
UINT_MAX bytes will get written to that pointer. Ensure all
calls to malloc or realloc cannot integer overflow like this.
Thanks to Markus Vervier of X41 D-Sec GmbH
<markus.vervier@x41-dsec.de> for the report.
* Protocol-v3.html: Clarify that instance tags and fragment
numbers in the OTR fragment format are allowed to have leading
0s. Also fix that how to handle v2 versus v3 messages for the
Reveal Signature and Signature messages was missing. Thanks to
Ola Bini <obini@thoughtworks.com> for the report.
2015-12-25
* src/instag.c (otrl_instag_read_FILEp): Fix memory leak in
otrl_instag_read_FILEp if the tag file is malformed. Thanks to
Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for the
report.
2015-08-18
* src/message.c (otrl_message_receiving):
* src/proto.c (otrl_proto_create_data): Set to NULL the sendsmp
pointer when handling SMP to avoid a potential free() of an
uninitialized pointer. Also ensure the message pointer is set
to NULL in otrl_proto_create_data for extra precaution and to
prevent future code paths from having the same error. Thanks to
Nicolas Guigo <nicolas.guigo@nccgroup.trust> and Ben Hawkes
<hawkes@inertiawar.com> for the report.
2015-02-08
* Protocol-v3.html: Typo fixes, thanks to Hannes Mehnert
<hannes@mehnert.org> and Nadim Kobeissi <nadim@nadim.computer>
for the reports.
* src/message.c: Be stricter about parsing v3 fragments. Thanks
to Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for
the report.
2014-12-18
* Protocol-v3.html: Remove "sender_instance, receiver_instance,"
from description of v2 fragmentation and clarify that you can't
fragment a fragment. Thanks to Hannes Mehnert
<hannes@mehnert.org> for the report.
* Protocol-v3.html: Remove a stray "DRAFT" from the <title> tag.
* Protocol-v2.html:
* Protocol-v3.html: Clarify the DSA computation in the protocol
specs. Thanks to Adam Langley <agl@imperialviolet.org> and
Hannes Mehnert <hannes@mehnert.org> for the report.
2014-11-29
* README:
* Makefile.am:
* configure.ac:
* tests/*: Brand new testsuite, thanks to
David Goulet <dgoulet@ev0ke.net> and
Julien Voisin <julien.voisin@dustri.org>.
"make check" to run it.
2014-11-11
* b64.c (otrl_base64_otr_encode): In case some future code path
tries to call otrl_base64_otr_encode with a buffer more than
3/4 the size of all addressable memory, return NULL rather than
causing an integer overflow and a heap overrun. Thanks to
David Remahl <david@remahl.se> for the report.
* proto.c (otrl_proto_create_data): Tiny refactor to call
otrl_base64_otr_encode instead of duplicating the code here.
2014-10-18
* README:
* configure.ac:
* src/version.h: Bump version number to 4.1.0
2014-10-18
* Protocol-v3.html: Correctly count the number of actions an OTR
client must handle. Thanks to Fred Yontz <fred@ridersite.org>
for the report.
2014-10-13
* src/context.h: Add API functions
otrl_context_find_recent_instance and
otrl_context_find_recent_secure_instance.
2014-10-13
* src/context.c (otrl_context_forget): Correct check for
children contexts' state being OTRL_MSGSTATE_PLAINTEXT. Thanks
to k007k <k007k@wp.pl> for the report.
2014-10-13
* src/message.c (otrl_message_receiving): Fix memory leak in
fragment reassembly. Thanks to Matthew D. Green
<matthewdgreen@gmail.com> for the report and David Goulet
<dgoulet@ev0ke.net> for the patch.
2014-10-13
* src/message.c (otrl_message_sending): Fix possible memory
leak.
2014-07-13
* src/auth.c (otrl_auth_handle_commit): Add a clarifying
comment.
2014-06-12
* src/message.h: Typo fix.
2014-06-03
* Makefile.am:
* configure.ac: Modernize autoconf build system. Thanks to
David Goulet <dgoulet@ev0ke.net> for the patch.
2014-05-22
* README:
* src/context.c: Typo fixes.
2014-05-04
* INSTALL:
* bootstrap: Add bootstrap script to set up the build system.
Thanks to David Goulet <dgoulet@ev0ke.net> for the patch.
2014-05-04
* src/dh.c:
* src/sm.c:
* toolkit/sesskeys.c: Use gcrypt secure memory allocation.
Thanks to Julien Voisin <julien.voisin@dustri.org> for the
patch.
2014-04-21
* src/mem.c (otrl_mem_differ): Simplify otrl_mem_differ. Thanks
to Julien Voisin <julien.voisin@dustri.org> for the patch.
2014-02-20
* src/proto.c (otrl_proto_instance): Fix a memory leak when
receiving an invalid instance tag. Thanks to Julien Voisin
<julien.voisin@dustri.org> for the patch.
2014-02-15
* src/proto.c:
* src/auth.c:
* src/mem.c:
* src/mem.h: Use a constant-time memory comparison for safety.
Thanks to jvoisin <julien.voisin@dustri.org> for the suggestion.
2013-10-13
* src/proto.c: Return 0 instead of crashing from
otrl_proto_query_bestversion if passed an illegal input.
Thanks to Conrad Hoffmann <ch@bitfehler.net> for the report and
the patch.
2013-08-21
* src/proto.c: Fix warning from clang in proto.c. Before, trying
to fragment a message into more than 65535 pieces would cause
incorrect fragments to be output. Now, it just returns an error
(as that is disallowed by the spec). Thanks to Teemu Huovila
<thuovila@cs.helsinki.fi> for reporting the issue.
2013-08-08
* Protocol-v3.html: Random exponents in SMP should be 1536 bits.
The spec (but not the code) incorrectly said "128 bits" before.
2013-07-28
* packaging/fedora/libotr.spec: Fedora spec file for 4.x from
Paul Wouters <paul@cypherpunks.ca>
2013-07-17
* toolkit/sesskeys.c: Workaround for a crash bug in libgcrypt
affecting otr_sesskeys. Passing a private key value of 0 to
otr_sesskeys would cause libgcrypt to crash in gcry_mpi_powm.
We reported this libgcrypt bug and it was then fixed in
http://lists.gnupg.org/pipermail/gcrypt-devel/2013-July/002251.html
but the workaround is simply to use
gcry_mpi_new(DH1536_MOD_LEN_BITS) instead of gcry_mpi_new(0).
Note that this only affected the otr_sesskeys toolkit program,
and not libotr itself.
Thanks to the Mayhem Team at CMU (Alexandre Rebert, Thanassis
Avgerinos, Sang Kil Cha, David Brumley, Manuel Egele) for the
report.
2013-01-19
* src/message.c: pass opdata when sending message fragment
The inject_message callback was missing the opdata when sending
message fragments. Thanks to David Goulet <dgoulet@ev0ke.net>
for the report.
2012-12-18
* src/message.c: Copy lastmessage to the newly created context.
This fixes a case where the first user message gets lost when
OTRL_POLICY_REQUIRE_ENCRYPTION policy is set because after
establishing the encryption lastmessage remains with the master
context and will not be resent. Thanks to Andreas Schlick
<schlick@lavabit.com> for the report.
2012-09-09
* configure.ac: Make linker hardening [DEP, ALSR] work on
Windows builds. Thanks to Daniel Atallah <datallah@pidgin.im>
for noticing that it wasn't working before.
2012-09-04
* README: Release 4.0.0
2012-08-28
* UPGRADING:
* src/proto.h:
* src/proto.c: Don't have otrl_init call exit(1) if the
application's requested version number differs from libotr's.
Rather, return a non-zero error code, and have the application
clean up gracefully. The OTRL_INIT macro now checks the error
code and does an exit(1) as the default behaviour, but the
application can do what it likes.
2012-08-27
* src/auth.h:
* src/auth.c:
* src/message.c: Record the time the last COMMIT was sent from a
master context. This will be used to clear the committed key
from the master context once we don't expect any more instances
of our buddy to respond with a DHKEY message.
* UPGRADING:
* src/userstate.h:
* src/userstate.c:
* src/message.h:
* src/message.c: Add a timer_control callback to
OtrlMessageAppOps in order to actually clear out the above stale
committed keys.
2012-08-26
* src/context.c:
* src/context_priv.c:
* src/context_priv.h: libotr was exporting exactly two functions
without the otrl_ prefix: context_priv_new and
context_priv_force_finished. Change the names of these
functions to start with otrl_. Thanks to David Goulet
<dgoulet@ev0ke.net> for noticing it.
* Protocol-v3.html: Document the v3 whitespace tag, and better
document the extra symmetric key. Thanks to Kjell Braden
<kb@pentabarf.de> for noticing the omission.
2012-08-25
* src/sm.c:
* src/context.c:
* src/auth.c:
* src/message.c: If OTRL_DEBUGGING is non-zero, then a message
containing a special debug string ("?OTR!") will cause debug
info to be printed to stderr. (This #define should *not* be set
in release code.)
* src/auth.c:
* src/auth.h:
* src/message.c: Correct the logic for handling incoming COMMIT
messages when we've recently sent our own COMMIT message.
* src/message.c: Don't update the recent_sent_child field to
point to the master context just becuase we sent a version 3
COMMIT message (which has no destination instance).
2012-08-24
* README:
* configure.ac: Prepare for release 4.0.0
2012-08-24
* src/message.c: Consider copying the master auth context to the
child, even if the child is already in ENCRYPTED, because we
might be trying to refresh a private conversation.
2012-08-22
* configure.ac: Use gcc and ld hardening flags, where possible.
* configure.ac:
* src/auth.c:
* src/dh.c:
* src/mem.c:
* src/privkey.c:
* src/proto.c:
* src/sm.c:
* toolkit/sesskey.c: Build cleanly with -Wall -Wextra
-Wformat-security -Wno-unused-parameter
2012-08-17
* src/message.c: Don't call memchr(foo,'\0',-1) even if it has
no ill effects. Thanks to George Kadianakis
<desnacked@riseup.net> for the report.
2012-07-20
* src/message.c, src/instag.c, toolkit/parse.c, src/sm.c,
src/proto.c, src/privkey.c, src/auth.c, src/context.[ch]:
Fix some memory leaks, some NULL pointer handling, and
compilation warnings. Thanks to Paul Wouters
<pwouters@redhat.com> for the report.
* src/message.c: Better handling of OTRv3 fragments.
2012-07-19
* src/b64.[ch], src/proto.c, toolkit/parse.c: Clean up the
previous b64 patch and apply it to all places where
otrl_base64_decode() is called.
2012-07-17
* src/b64.c: Use ceil instead of floor to compute the size
of the data buffer. This prevents a one-byte heap buffer
overflow. Thanks to Justin Ferguson <jnferguson@gmail.com>
for the report.
2012-06-21
* src/context.c: A couple bug fixes.
* Release 4.0.0-beta2
2012-06-07
* Release 4.0.0-beta1
2012-05-08:
* src/instag.c:
* src/message.c: Returning proper gcry types to avoid
compile warnings.
2012-05-03:
* src/instag.c: Fixed otrl_instag_new().
2012-04-30:
* AUTHORS:
* README:
* toolkit/otr_parse.c:
* toolkit/otr_remac.c:
* toolkit/parse.c:
* toolkit/parse.h:
* src/auth.c:
* src/auth.h:
* src/context.c:
* src/context.h:
* src/message.c:
* src/message.h:
* src/privkey.c:
* src/privkey.h:
* src/proto.c:
* src/proto.h:
* src/serial.h:
* src/tests.c:
* src/userstate.c:
* src/userstate.h: More changes for instance tags (Rob Smits).
2009-06-11:
* src/auth.c:
* src/auth.h:
* src/context.c:
* src/context.h:
* src/context_priv.h:
* src/message.c:
* src/message.h:
* src/privkey.c:
* src/privkey.h:
* src/proto.c:
* src/proto.h:
* src/serial.h:
* src/tests.c:
* src/userstate.c:
* src/userstate.h: Core instance tag functionality (Lisa Du).
2009-09-30:
* Protocol-v2.html: Edits from Göran Weinholt
<goran@weinholt.se>
2009-04-28:
* src/auth.c: pubkey_type should be shifted by 8, not 16. It
doesn't matter right now, because it's always 0, but still.
(Thanks to Can Tang.)
2008-08-15:
* src/Makefile.am:
* src/context.c:
* src/context.h:
* src/context_priv.c:
* src/context_priv.h:
* src/message.c:
* src/message.h:
* src/proto.c:
* src/proto.h: Willy Lew's updates of the libotr API
2008-08-06:
* src/proto.c: gcc 4.2 with -O2 assumes that integer overflow
never occurs when optimizing away tests, including those for
integer overflow. The code was made more specific.
2008-07-09:
* src/privkey.h:
* src/privkey.c: Add otrl_privkey_generate_cancel to handle the
case that the background key generation thread is cancelled or
fails.
2008-07-06:
* configure.ac: Update libtool version to match 4.0.0.
* src/privkey-t.h:
* src/privkey.c:
* src/privkey.h:
* src/userstate.c:
* src/userstate.h: Support for generating privkeys in a
background thread.
2008-07-02:
* version.h: Change version number to 4.0.0 (but still far from
release).
* tlv.h:
* proto.h:
* proto.c:
* message.h:
* message.c:
* dh.h:
* dh.c: Support for applications requesting an extra session key
that can be used for things like file transfers.
* message.h:
* message.c: Applications now use the handle_smp_event callback
to handle SMP events, rather than having to hardcode part of the
SMP state machine themselves.
2008-06-15:
* README: Release version 3.2.0.
2008-06-13:
* UPGRADING: Clarify what was new in 3.1.0, what was changed
in 3.2.0.
2008-05-27:
* UPGRADING: Update documentation.
* README:
* toolkit/*.[ch]:
* src/*.[ch]: Update copyright dates to 2004-2008.
* src/tlv.h: Add new OTRL_TLV_SMP1Q TLV type to indicate an
instance of the first SMP message, with an explicit question.
* src/sm.h:
* src/sm.c: More carefully track the progress of the SMP using a
new smp_prog_state field. Also keep track of whether Bob
received an explicit question from Alice using a new
received_question field.
* src/message.c: Handle explicit questions for the SMP.
* src/message.c: Behave better if an SMP message fails
verification.
* README:
* configure.ac:
* src/version.h: Update version number to 3.2.0.
2007-07-26
* src/sm.c:
* src/message.c: ISO C cleanups (no mixing declarations with
code)
* src/sm.c: Fixed a 64-bit pointer error
2007-07-25
* src/message.c: Behave sanely if we receive a totally malformed
SMP message.
2007-07-24
* src/proto.h:
* src/proto.c:
* src/message.c: Implemented fragmentation of large messages
* src/message.h: New callback for fragmentation
* src/privkey.h:
* src/privkey.c (otrl_privkey_fingerprint_raw): New function to
return a raw hash of an account's public key
* src/proto.c: Keep track of the API version number passed to
otrl_init()
* src/context.h:
* src/context.c:
* src/tlv.h:
* src/sm.h:
* src/sm.c: Implemented the Socialist Millionaires' Protocol for
authenticating buddies without using user-visible fingerprints
* src/b64.h:
* src/b64.c (decode, otrl_base64_decode): Corrected char vs.
unsigned char
* README:
* configure.ac:
* src/version.h: Change version number to 3.1.0
* Most files: Update copyright information
2007-07-23
* src/message.h:
* src/message.c: Added account_name and account_name_free callbacks
to OtrlMessageAppOps to let the application choose how to
display the account name in OTR Error Messages. Based on a
patch from Evan Schoenberg <evan.s@dreskin.net>.
2006-07-24
* src/privkey.h:
* src/privkey.c: Add routines to read and write privkey and
fingerprint data to FILE*s, instead of to filenames.
2006-05-09
* Protocol-v2.html: Fix a typo, and correct the documentation
regarding when MAC keys are revealed.
2006-04-13
* src/context.h: Change "struct fingerprint" to "struct
s_fingerprint" to appease some C++ compilers.
2006-02-09
* src/auth.c (otrl_auth_handle_v1_key_exchange): Fix
uninitialized variable received_pub.
2005-12-30
* src/message.c: Fix a typo, thanks to Anton Blanchard
<anton@samba.org>.
2005-11-20
* src/proto.h: Fix typo in policy #defines.
2005-11-02
* README:
* src/version.h: Release version 3.0.0
2005-10-30
* Protocol-v2.html: Clarified the uniqueness conditions for the
counter.
* src/auth.c (otrl_auth_handle_v1_key_exchange): Clear the auth
structure when we receive an unexpected v1 Key Exchange Message.
2005-10-27
* src/auth.h:
* src/auth.c:
* src/message.c: Ensure version 2 AKEs are always done with
fresh D-H parameters.
* src/proto.h:
* src/proto.c:
* src/message.c: Add a "flags" field to the version 2 Data
Message, which can indicate that the Data Message should be
ignored if unreadable (as opposed to displaying an error).
* toolkit/parse.h:
* toolkit/parse.c:
* toolkit/otr_parse.c:
* toolkit/otr_remac.c: Deal with the new kind of Data Message.
* src/message.c: Use the gone_secure callback instead of the
still_secure callback if the other side changes its fingerprint.
2005-10-19
* src/context.h:
* src/context.c: Added protocol_version as an explicit field in
the ConnContext.
* src/message.h:
* src/message.c: protocol_version no longer needs to be
explicitly passed to the gone_secure() and still_secure()
callbacks.
* packaging/fedora/libotr.spec: Patches from Paul
* src/proto.c (rotate_dh_keys): Avoid potential double
gcry_cipher_close().
* src/tests.c: Regression test for double gcry_cipher_close().
2005-10-16
* Major overhaul with implementation of version 2 AKE.
2005-08-08
* toolkit/otr_parse.c (parse): Ignore MACs that are too short,
rather than going into an infinite loop.
2005-08-04
* Protocol: Added section describing fragments.
* src/proto.h:
* src/proto.c (otrl_proto_fragment_accumulate):
* src/context.h:
* src/context.c (new_context, otrl_context_force_setup): Keep
track of fragments in the ConnContext structure.
* src/message.c (otrl_message_receiving): Handle fragments in
received messages.
* src/mem.c: Don't do arithmetic on void pointers.
2005-07-29
* src/message.h:
* src/message.c: Move ops to be the first param of
new_fingerprint, as it is with all the other callbacks.
* src/context.h:
* src/context.c (otrl_context_set_preshared_secret):
* src/dh.h:
* src/dh.c (otrl_dh_session, otrl_dh_cmpctr):
* src/message.h:
* src/message.c (otrl_message_sending, send_or_error, process_kem)
(otrl_message_receiving, otrl_message_disconnect):
* src/privkey.h:
* src/privkey.c (otrl_privkey_hash_to_human):
* src/proto.h:
* src/proto.c (otrl_proto_create_data):
* src/tlv.h:
* src/tlv.c (otrl_tlv_new, otrl_tlv_parse, otrl_tlv_seriallen)
(otrl_tlv_serialize): Add missing "const"s. (Closes #1243963)
2005-06-24
* README:
* configure.ac:
* packaging/fedora/libotr.spec:
* src/version.h: Change version to 3.0.0 (but don't yet release)
* Protocol: Clarify that, if the user requests to see the secure
session id in the middle of the conversation, the value
displayed should be the one calculated at the time the private
connection was established (the last Key Exchange Message that
caused a rekeying), _not_ the DH secure id calculated from DH
keys in more recent Data Messages.
* libotr.m4: Have the version check require an exact match on
the major version, since, for example, source that expects
libotr 2.0.0 won't work with libotr 3.0.0.
* libotr.m4: Add #include <stdlib.h> to the version test so that
it compiles cleanly with -Wall -Werror.
* src/proto.c:
* src/dh.h:
* src/dh.c:
* src/context.h:
* src/context.c: Save the secure session id so that it can be
displayed to the user upon request, instead of only when the
private session is initially set up.
* src/privkey.c:
* src/context.h:
* src/context.c: Allow the app to set a "trust level" for
fingerprints. This is an arbitrary string, intended to indicate
whether (or possibly by what means) the user has verified that
this fingerprint is accurate.
* src/context.h:
* src/context.c: Allow the app to set an arbitrary binary
"preshared secret" for the ConnContext. This is currently
unused, but in the future it would allow for users to exchange a
secret _before_ they generate their fingerprints. [But the
protocol would have to be extended to support this.]
* src/message.h:
* src/message.c: Remove the "confirm_fingerprint" callback
which requires the user to acknowledge the new fingerprint
before it can be used. Replace it with a "new_fingerprint"
callback which merely informs the user that a new fingerprint
has been received.
2005-05-13
* libotr.m4: Fixed a bug which made configure fail to find the
libotr header files if they weren't in the standard place.
2005-05-09
* src/privkey.c (otrl_privkey_read_fingerprints): Allow fields,
particularly accountnames, to contain spaces. Closes #1198379.
2005-05-03
* README:
* configure.ac:
* packaging/fedora/libotr.spec:
* src/version.h: Change version to 2.0.2
* packaging/debian: Remove this directory, as Thibaut VARENE
<varenet@debian.org> is now responsible for the debian packages.
2005-02-23
* src/privkey.c (otrl_privkey_hash_to_human): Avoid writing a
NUL one byte past the end of the buffer
2005-02-16
* README:
* configure.ac:
* packaging/debian/changelog:
* packaging/fedora/libotr.spec:
* src/version.h: Change version to 2.0.1
2005-02-15
* src/message.c (otrl_message_sending, otrl_message_receiving)
(otrl_message_disconnect):
* src/proto.c (otrl_proto_accept_key_exchange)
(otrl_proto_create_data, otrl_proto_accept_data): Don't send
encrypted messages to a buddy who has disconnected his private
connection with us.
* src/message.c (otrl_message_sending): Don't show the user the
"the last message was resent" notice if the message has never
actually been sent before.
2005-02-09
* src/proto.c (otrl_proto_create_data): Copy the msg before
using since, since it may be an alias for context->lastmessage,
which we're going to gcry_free().
2005-02-08
* README:
* configure.ac:
* packaging/debian/changelog:
* packaging/fedora/libotr.spec:
* src/version.h: Change version to 2.0.0
2005-02-07
* src/context.h:
* src/context.c (new_context, otrl_context_force_setup):
* src/message.c (otrl_message_sending, otrl_message_receiving):
* src/proto.c (otrl_proto_accept_key_exchange): Keep track of
whether the last message is eligible for retransmission.
2005-02-02
* README:
* configure.ac:
* packaging/debian/changelog:
* packaging/fedora/libotr.spec:
* src/version.h: Change version to 1.99.0
* packaging/debian/libotr1.dirs:
* packaging/debian/libotr1.install:
* packaging/debian/rules: Build and install with the correct mandir
* packaging/debian/rules: Install a shlibs file
* packaging/debian/control: Add Replaces: to the packages so
that dpkg -i will install them.
* toolkit/Makefile.am: Create the mandir if it's not yet there
* packaging/debian/libotr1-dev.dirs:
* packaging/debian/libotr1-dev.install:
* packaging/fedora/libotr.spec: Package the libotr.m4 file
* Protocol: Added sections on policies and TLVs
2005-02-01
* Makefile.am:
* src/Makefile.am:
* toolkit/Makefile.am: Use automake-1.8
2005-01-31
* tlv.h:
* tlv.c:
* src/Makefile.am: add new files tlv.c and tlv.h
* src/message.c (otrl_message_sending): Allow you to specify a
TLV chain to attach to a message.
* src/message.c (otrl_message_receiving): Also return any TLV
chain attached to the message, if present.
* src/README: Document new TLV parameters to message functions.
* src/message.c (otrl_message_receiving): No longer handle
messages starting with "?OTR:" specially; that functionality now
goes into TLVs.
* src/message.c (otrl_message_disconnect): Send the notice of
disconnect as a OTRL_TLV_DISCONNECTED TLV.
2005-01-30
* README: update documentation for 2.0.0 API
* src/message.c (otrl_message_receiving): Only send heartbeats
in response to "real" messages.
* src/message.c (otrl_message_receiving): If we receive a DATA
message whose *plaintext* starts with "?OTR:", display it with
display_otr_message if possible.
* src/message.c (otrl_message_receiving): Display OTR_ERROR
messages without the leading '?' using display_otr_message.
* src/message.h (otrl_message_disconnect):
* src/message.c (otrl_message_disconnect): new function
* src/message.c (otrl_message_receiving): Display the "received
unencrypted" warning message if we receive an unencrypted
message with policy ALWAYS, even when not CONNECTED.
2005-01-29
* src/proto.c (otrl_proto_accept_key_exchange):
* src/message.c (otrl_message_sending, process_kem): Make the
retransmission of an unencrypted message in ALWAYS work.
2005-01-28
* src/message.h: New callback for checking whether a given user
is online.
* src/message.c (otrl_message_sending): Notify the user if he
attempts to send an unencrypted message with policy ALWAYS.
* src/message.h: New callback for fetching OTR policy
* src/message.c (otrl_message_sending): Create a ConnContext if
we don't have one already. Use it to fetch the OTR policy.
Just return if the policy is NEVER. Only append the whitespace
tag if the policy is OPPORTUNISTIC or ALWAYS. Don't send
unencrypted messages in ALWAYS, but store them for
retransmission later.
* src/message.c (otrl_message_receiving): Fetch the OTR policy.
Just return if the policy is NEVER. Only send a Key Exchange
Message in response to an unexpected Data or Error Message in
OPPORTUNISTIC and ALWAYS. Only recognize the whitespace tag in
OPPORTUNISTIC and ALWAYS.
* src/message.h:
* src/message.c: add accountname/protocol/username parameters to
notify callback
* src/message.h:
* src/message.c: add display_otr_message callback for displaying
OTR control messages
2005-01-27
* src/privkey.h: #include <gcrypt.h> since we use things from
libgcrypt in the .h file
* src/proto.h:
* src/proto.c: Make otrl_init take unsigned ints as arguments.
* src/context.h:
* src/context.c:
* src/message.c:
* src/proto.c: Keep track of the last message sent, and
potentially resend it if sending it the first time triggered a
rekey (because the other side had lost its OTR state, for
example).
2005-01-26
* packaging/debian/control: Changed debian package names to
libotr1 and libotr1-dev.
* libotr.m4: Added copyright notice, more comments
* src/userstate.c:
* src/userstate.h: New files
* src/Makefile.am: Added -Wall to default CFLAGS
* toolkit/Makefile.am: Added -Wall to default CFLAGS
* src/context.c (otrl_context_find, otrl_context_forget_all):
* src/context.h (otrl_context_find, otrl_context_forget_all):
* src/message.c (otrl_message_sending, process_kem)
(process_confresp, otrl_message_receiving):
* src/message.h (otrl_message_sending, otrl_message_receiving)
(OtrlMessageAppOps.confirm_fingerprint):
* src/privkey.c (otrl_privkey_fingerprint, otrl_privkey_read)
(otrl_privkey_generate, otrl_privkey_read_fingerprints)
(otrl_privkey_write_fingerprints, otrl_privkey_find)
(otrl_privkey_forget_all):
* src/privkey.h (otrl_privkey_fingerprint, otrl_privkey_read)
(otrl_privkey_generate, otrl_privkey_read_fingerprints)
(otrl_privkey_write_fingerprints, otrl_privkey_find)
(otrl_privkey_forget_all):
* src/proto.c (otrl_proto_create_key_exchange)
(otrl_proto_accept_key_exchange):
* src/proto.h (otrl_proto_create_key_exchange)
(otrl_proto_accept_key_exchange): Added OtrlUserState parameter
to many calls, eliminating global state.
* src/privkey.c (otrl_privkey_fingerprint): the buffer is now
passed in, and not static
2005-01-25
* src/version.h: bumped version number to 2.0.0 because API
changed incompatibly
* configure.ac: bumped version number to 2.0.0 because API
changed incompatibly
* src/message.h: added accountname parameter to
confirm_fingerprint callback
* src/message.c: passed accountname to confirm_fingerprint
callback
* libotr.m4: new file
* Makefile.am: install (and uninstall) new libotr.m4 file
* tools/Makefile.am: clean up manpage symlinks and add an
uninstall rule
2005-01-23
* src/proto.h: moved numeric version defines into version.h
* src/version.h: moved numeric version defines into version.h
* src/message.c (otrl_message_receiving): Update the context
list if we create a new context
2005-01-22
Released 1.0.4.
Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>.
* src/message.c: log, but otherwise ignore, unrecognized OTR
messages
|
