+Wed Mar 14 20:37:35 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added new SILC_CF_LAG_STRICT command flag that strictly forces
+ that the command may be executed only once in (about) 2 seconds.
+ The old SILC_CF_LAG flag is same but allows command bursts up
+ to five before limiting.
+
+ Added the support for CF_LAG and CF_LAG_STRICT flags to the
+ server code. Various commands now includes the CF_LAG_STRICT
+ flag to disallow any kind of miss-use of the command.
+
+Wed Mar 14 16:10:30 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Changed the format of AdminConnection configuration section
+ in the server. Added username of the admin to the format.
+ Affected files silcd/serverconfig.[ch].
+
+ Added silc_server_config_find_admin into silcd/serverconfig.[ch]
+ to return admin configuration data by host, username and/or
+ nickname.
+
+Wed Mar 14 13:18:16 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Implemented WHOWAS command to the server. Added the functions:
+
+ silc_server_command_whowas_parse,
+ silc_server_command_whowas_send_reply,
+ silc_server_command_whowas_from_client and
+ silc_server_command_whowas_from_server
+
+ * Added <Client ID> argument to the WHOWAS command reply. Updated
+ the protocol specs accordingly.
+
+ * Implemented WHOWAS command and command_reply to the client
+ library.
+
+ Implemented the WHOWAS printing on the user interface.
+
+Tue Mar 13 22:17:34 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added new argument to the WHOWAS command reply, the real name.
+ It is an optional argument. Updated the protocol specs.
+
+ * Added SilcIDCacheDestructor callback that is registered when
+ the SilcIDCache is allocated. The callback is called when
+ an cache entry in the ID Cache expires, or is purged from the
+ cache. Added into lib/silccore/idcache.[ch].
+
+ Added silc_idlist_client_destructor to the silcd/idlist.[ch]
+ to destruct the client entries when the cache entry expires.
+ Other ID Cache's in server and in the client library ignores
+ the destructor.
+
+ * If the ID Cache entry's `expire' field is zero then the entry
+ never expires. Added boolean `expire' argument to the
+ silc_idcache_add function in the lib/silccore/idcache.[ch].
+ If it is TRUE the default expiry value is used.
+
+ * Added silc_server_free_client_data_timeout that is registered
+ when client disconnects. By default for 5 minutes we preserve
+ the client entry for history - for WHOWAS command.
+
+Tue Mar 13 13:26:18 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added support to the server to enforce that commands are not
+ executed more than once in 2 seconds. If server receives
+ commands from client more frequently, timeout is registered
+ to process the commands. Affected file silcd/command.c.
+ Added new function silc_server_command_process_timeout.
+
+ * Changed NICK_NOTIFY handling in client library to check that
+ if the client's nickname was changed, so there is no need to
+ resolve anything from the server.
+
+ * Removed error printing from the WHOIS and IDENTIFY commands.
+ If error occurs then it is ignored silently in the client library.
+ The application, however, may map the received error to
+ human readable error string. The application currently maps
+ the NO_SUCH_NICKNAME error to string.
+
+ * Made the command status message public to the application. Moved
+ them from lib/silcclient/command_reply.c to
+ lib/silcclient/command_reply.h. The application can map the
+ received command status to the string with the
+ silc_client_command_status_message function.
+
+ * Added check to the server to check that client's ID is same
+ as the Source ID in the packet the client sent. They must
+ match.
+
+Tue Mar 13 12:49:21 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added dist-bzip hook to the Makefile.am to make bzip2
+ compressed distributions.
+
+Mon Mar 12 18:43:38 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Server now enforces the maximum length for the nickname and
+ the channel as protocol specification dictates. 128 bytes for
+ nickname and 256 bytes for channel name.
+
+ * Moved the WHOIS printing to the application. The client libary
+ does not print out the WHOIS information anymore, the application
+ must do it. Renamed silc_client_command_reply_whois_print to
+ the silc_client_command_reply_whois_save.
+
+ The client's idle time is also sent to the application now, and
+ the idle is shown on screen.
+
+ * Added silc_client_command_reply_identify_save to save the
+ received IDENTIFY entries.
+
+ * Do not check for channel private keys in message sending and
+ reception if the channel does not have the PRIVKEY mode set.
+ Affected file lib/silclient/client_channel.c.
+
+Sun Mar 11 20:25:06 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Fixed a minor bug if WHOIS and IDENTIFY command parsing that
+ just surfaced after chaning the JOIN procedure.
+
+Sun Mar 11 14:59:05 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added silc_client_get_clients_by_list to get client entries
+ from Client ID list, that is returned for example by JOIN
+ and USERS command replies. The application should use this
+ function for example when JOIN command reply is received to
+ resolve the clients already on the channel (library does not
+ do that anymore as USERS command reply is not used in the JOIN
+ procedure anymore). Affected files lib/silcclient/silcapi.h and
+ lib/silcclient/idlist.c.
+
+ * JOIN command reply and USERS command reply returns now SilcBuffer
+ pointers instead of unsigned char pointers when returning
+ the client list and mode list.
+
+ * Added <Client ID> argument to the JOIN command reply, mainly
+ for the server to identify for which client the command was
+ originally sent. Updated protocol specs accordingly.
+
+ * Added SilcDlist private_key pointer to the SilcChannelEntry
+ in the client to support the channel private keys. Affected
+ file is lib/silcclient/idlist.h.
+
+ * Added SilcChannelPrivateKey argument to the function
+ silc_client_send_channel_message so that application can choose
+ to use specific private ke if it wants to. If it is not provided,
+ the normal channel key is used, unless private keys are set.
+ In this case the first (key that was added first) is used
+ as the encryption key.
+
+ * Implemented the support for channel private key handling.
+ Implemented the following functions:
+
+ silc_client_add_channel_private_key,
+ silc_client_del_channel_private_keys,
+ silc_client_del_channel_private_key,
+ silc_client_list_channel_private_keys and
+ silc_client_free_channel_private_keys
+
+ Affected file lib/silcclient/client_channel.c.
+
+ * Added the support for the private keys in the channel message
+ sending and encryption and in the message reception and
+ decryption. Affected funtions are
+ silc_client_send_channel_message and silc_client_channel_message.
+
+Sat Mar 10 21:36:22 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added SKE's key verify callback to the client library's
+ KE protocol context. Affected files lib/silcclient/protocol.[ch].
+
+ * Removed the statement that server (or router) must send USERS
+ command reply when joining to the channel so that the client
+ knows who are on the channel. Instead, the client list and
+ client's mode list is now sent in the JOIN command reply to the
+ client who joined channel. This is better solution.
+
+ * Added function silc_server_get_users_on_channel and function
+ silc_server_save_users_on_channel to the silcd/server.[ch].
+
+ * Removed function silc_server_command_send_users from the
+ silcd/command.c.
+
+ * Do not show topic on the client library anymore. The topic is
+ sent in the command reply notify to the application and the
+ application must show the topic now.
+
+Sat Mar 10 00:07:37 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added client searching by nickname hash into the IDENTIFY and
+ WHOIS commands in the server as they were clearly missing from
+ them. Affected file is silcd/command.c.
+
+ * Fixed a bug in private message receiving in the client library.
+ The remote ID was freed and it wasn't supposed, now it is
+ duplicated.
+
+Fri Mar 9 12:40:42 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Minor fix to the channel payload; allocate the data area, as it
+ needs to be of specific length.
+
+ * If the key agreement port is zero then the operating
+ system will define the bound port. Affected files are
+ lib/silcclient/silcapi.h and lib/silcclient/client_keyagr.c.
+
+ * Added new function silc_channel_payload_decrypt into the file
+ lib/silccore/silcchannel.[ch].
+
+ * Moved the channel message etc, check from silc_packet_decrypt
+ to applications. The library calls now a generic
+ SilcPacketCheckDecrypt callback which is to return TRUE or FALSE
+ when the packet is either normal or special. This was done to
+ allow more wide range of checking that was not allowed when
+ the code was in library. Now applications can do virtually any
+ checks to the packet and return to the library the decision how
+ the packet should be processed. Affected files are
+ lib/silccore/silcpacket.[ch].
+
+ Added silc_server_packet_decrypt_check to the server and
+ silc_client_packet_decrypt_check to the client library.
+
+ * Added silc_server_packet_send_srcdest into silcd/packet_send.[ch]
+ to send with specified source and destination information.
+
+ * Channel message delivery between routers was broken after the
+ channel key distribution was fixed earlier. The channel key
+ was used be to distributed to other routers as well which is not
+ allowed by the protocol. Now this is fixed and channel keys
+ really are cell specific and the channel message delivery between
+ routers comply with the protocol specification.
+
+ * Fixed various commands in server to check also the global list
+ for the channel entry and not just the local list. The affected
+ file silcd/command.c.
+
+Thu Mar 8 21:39:03 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added assert()s to buffer formatting and unformatting routines
+ to assert (if --enable-debug) when error occurs. Affected
+ file: lib/silcutil/silcbuffmt.c.
+
+ * Changed to auto-reconnect to check whether the remote host is
+ router and register the re-connect timeout if it is. It used
+ to check that whether we are normal server, but router must do
+ auto-reconnect with another router as well. Affected file
+ silcd/server.c.
+
+ * Removed the [<key len>] option from CMODE command as the cipher
+ name decides the key length, nowadays. See the defined ciphers
+ from the protocol specification.
+
+ * Added [<hmac>] option to the CMODE command to define the HMAC
+ for the channel. Added SILC_CMODE_HMAC channel mode.
+
+ * Added [<hmac>] option for the JOIN command so that user can
+ select which HMAC is used to compute the MACs of the channel
+ messages.
+
+ * Added Hmac field to the Channel Message Payload. The integrity
+ of plaintext channel messages are now protected by computing
+ MAC of the message and attaching the MAC to the payload. The
+ MAC is encrypted. Now, it is clear that this causes some
+ overhead to the size of the packet but rationale for this is that
+ now the receiver can verify whether the channel message decrypted
+ correctly and also when private keys are set for the channel the
+ receiver can decrypt the packet with several keys and check from
+ the MAC which key decrypted the message correctly.
+
+ * Added silc_cipher_encrypt and silc_cipher_decrypt into the
+ lib/silccrypt/silccipher.[ch].
+
+ * Added silc_hash_len to return the digest length into the
+ lib/silcrypt/silchash.[ch].
+
+ * Rewrote parts of Silc Channel Payload interface in the
+ lib/silccore/silcchannel.[ch]. The encode function now also
+ encrypts the packet and parse function decrypts it.
+
+Wed Mar 7 20:58:50 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Fixed a minor formatting bug in the SKE's key material processing.
+ It actually might have processed the keys wrong way resulting
+ into wrong keys.
+
+ * Redefined the mandatory HMAC algorithms and added new algorithms.
+ Added hmac-sha1-96 and hmac-md5-96 which are normal hmac-sha1
+ and hmac-md5 truncated to 96 bits. The mandatory is now
+ hmac-sha1-96. Rest are optional (including the one that used
+ to be mandatory). Rationale for this is that the truncated HMAC
+ length is sufficient from security point of view and can actually
+ make the attack against the HMAC harder. Also, the truncated
+ HMAC causes less overhead to the packets. See the RFC2104 for
+ more information.
+
+ * Added new [hmac] configuration section. The SKE used to use
+ the hash names (md5 and sha1) in the SKE proposal as HMCAS which
+ is of course wrong. The official names that must be proposed in
+ the SKE are the ones defined in the protocol specification
+ (hmac-sha1-96 for example). The user can configure any hmac
+ using any hash function configured in the [hash] section. At
+ least, the mandatory must be configured.
+
+ Rewrote the HMAC interface in lib/silccrypt/silchmac.[ch].
+
+ * Added HMAC list to the SKE proposal list. It has now both
+ hash algorithm list and HMAC list. This makes the protocol
+ incompatible with previous versions. The SKE now seems to work
+ the way it is supposed to work, for the first time actually.
+
+ * Defined plain Hash algorithms to the protocol specification.
+ Added sha1 and md5.
+
+Tue Mar 6 15:36:11 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Implemented support for key agreement packets into the server.
+ Added functions silc_server_key_agreement and
+ silc_server_send_key_agreement. Other than these functions,
+ server has nothing to do with this packet.
+
+ * Added support for private message key packets into the server.
+ Added functions silc_server_private_message_key and
+ silc_server_send_private_message_key.
+
+ * Updated TODO.
+
+ * Changed the silc_[client|server]_protocol_ke_set_keys to be
+ called in the protocol's final callback instead in the END
+ protocol state. This makes a little more sense and in the same
+ time in client we can use the same protocol routines for normal
+ key exchange and to key agreement packet handling as well.
+
+ * Added to both client's and server's KE protocol context the
+ SilcSKEKeyMaterial pointer to save the key material. We will
+ bring the key material to the protocol's final callback by doing
+ this. The final callback must free the key material.
+
+ * Added SKE's packet_send callback into client's KE protocol
+ context so that the caller can choose what packet sending function
+ is used. This way we can use different packet sending when
+ doing normal SKE when doing key agreement packet handling (in
+ the key agreement packet handling we do not want to encrypt
+ the packets).
+
+ * Implemented the responder side of the key agreement routines
+ in the client. The client can now bind to specified port and
+ accept incoming key negotiation. The key material is passed
+ to the application after the protocol is over.
+
+ * Implemented the processing of incoming Key Agreement packet
+ in the client. Added function silc_client_key_agreement to
+ process the packet.
+
+ * Implemented the intiator side of the key agreement routines
+ in the client. The client can now initiate key agreement with
+ another remote client. The key material is passed to the
+ application after the protocol is over.
+
+ * Created client_keyagr.c to include all the key agreement
+ routines.
+
+ * Added macro SILC_TASK_CALLBACK_GLOBAL which is equal to the
+ SILC_TASK_CALLBACK except that it is not static.
+
+ * Created client_notify.c and moved the Notify packet handling
+ from the client.[ch] into that file.
+
+ * Created client_prvmsg.c and moved all private message and
+ private message key routines from the client.[ch] into that file.
+
+ * Create client_channel.c and moved all channel message and
+ channel private key routines from the client.[ch] into that file.
+
+ * Changed silc_client_get_client_by_id_resolve to resolve with
+ WHOIS command instead of IDENTIFY command, in the file
+ lib/silclient/idlist.c.
+
+Mon Mar 5 18:39:49 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Implemented the SKE's responder side to the Client library.
+
+ * When FAILURE is received to the protocol do not trust it
+ blindly. Register a timeout to wait whether the remote closes
+ the connection as it should do it, only after that process the
+ actual failure. This was changed to both client and server.
+
+ * Added client_internal.h to include some of the structures
+ there instead of client.h in lib/silcclient/.
+
+ * Added function silc_task_unregister_by_callback to unregister
+ timeouts by the callback function.
+
+Sat Mar 3 19:15:43 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Some "Incomplete WHOIS info" errors has been appearing on the
+ log files. Took away the entry->userinfo check from WHOIS
+ reply sending. The entry->userinfo is now " " if client did not
+ provide one. I thought this was fixed earlier but something
+ is wrong still. Let's see if the error still appears.
+
+Wed Feb 28 20:56:29 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Fixed a minor bug in the login when the channel key is
+ re-generated in the server. It used to generate the key in
+ wrong order and thus caused problems in the channel traffic.
+
+ * Fixed a minor bug in channel key distsribution after
+ KICK command. The key was not sent to the router even though
+ it should've been.
+
+Tue Feb 27 20:24:25 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added silc_ske_process_key_material_data as generic routine
+ to process any key material as the SILC protocol dictates. The
+ function is used by the actual SKE library but can be used by
+ applications as well. This relates to the private message keys
+ and the channel private keys since they must be processed the
+ same way the normal SILC session keys. The protocol dictates
+ this. Affected files: lib/silcske/silcske.[ch].
+
+ Added also silc_ske_free_key_material to free the
+ SilcSKEKeyMaterial structure.
+
+ * Defined silc_cipher_set_key function to set the key for
+ cipher without using the object's method function. The affected
+ files: lib/silccrypt/silccipher.[ch].
+
+ * Implemented silc silc_client_add_private_message_key,
+ silc_client_add_private_message_key_ske,
+ silc_client_del_private_message_key,
+ silc_client_list_private_message_keys and
+ silc_client_free_private_message_keys functions in the
+ client library.
+
+ Added functions silc_client_send_private_message_key to send
+ the Private Message Key payload and silc_client_private_message_key
+ to handle incoming Private Message Key payload.
+
+ * Added Cipher field to the Private Message Key payload to set
+ the cipher to be used. If ignored, the default cipher defined
+ in the SILC protocol (aes-256-cbc) is used.
+
+Tue Feb 27 13:30:52 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Removed lib/silcclient/ops.h file.
+
+ Redefined parts of the SILC Client Library API. Created new
+ file silcapi.h that deprecates the ops.h file and defines the
+ published Client Library API. Defined also private message key
+ API and channel private key API into the file.
+
+ This is the file that the application must include from the
+ SILC Client Library. Other files need not be included by
+ the application anymore.
+
+ * Added new key_agreement client operation callback and also
+ defined the Key Agreement library API for the application.
+
+Tue Feb 27 11:28:31 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Added new packet type: SILC_PACKET_KEY_AGREEMENT. This packet
+ is used by clients to request key negotiation between another
+ client in the SILC network. If the negotiation is started it
+ is performed using the SKE protocol. The result of the
+ negotiation, the secret key material, can be used for example
+ as private message key.
+
+ Implemented the Key Agreement payload into the files
+ lib/silccore/silauth.[ch].
+
+Mon Feb 26 12:13:58 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Redefined ciphers for the SILC protocol. Added some new ciphers
+ and defined the key lengths for the algorithms. Changed the
+ code accordingly. The default key length is now 256 bits.
+
+ * Fixed SKE key distribution function silc_ske_process_key_material
+ when the key length is more than 128 bits. The default key
+ length in SILC is now 256 bits.
+
+ * Added new command status type: SILC_STATUS_ERR_UNKOWN_ALGORITHM
+ to indicate unsupported algorithm.
+
+ * Renamed rijndael.c to aes.c and all functions as well.
+
+ * Fixed a long standing channel key setting bug in client library.
+ Weird that it has never surfaced before.
+
+ * Fixed bug in channel deletion. If the entire channel is removed
+ then it must also delete the references of the channel entry
+ from the client's channel list as the client's channel entry and
+ the channel's client entry share same memory.
+
+Sun Feb 25 20:47:29 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Implemented CONNECT and SHUTDOWN commands in the client.
+
+ * Implemented CLOSE command to the client.
+
+ * Added the function silc_idlist_find_server_by_name into the
+ files silcd/idlist.[ch].
+
+ Added the function silc_idlist_find_server_by_conn into the
+ files silcd/idlist.[ch].
+
+Sat Feb 24 23:45:49 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * DIE command was renamed to SHUTDOWN. Updated the both code
+ and protocol specs.
+
+ * Defined SILC_UMODE_NONE, SILC_UMODE_SERVER_OPERATOR and
+ SILC_UMODE_ROUTER_OPERATOR modes into lib/silccore/silcmode.h.
+
+ * Implemented CONNECT, CLOSE and SHUTDOWN commands to the server
+ side.
+
+ * Added function silc_server_create_connection function to create
+ connection to remote router. My server implementation actually
+ does not allow router to connect to normal server (it expects
+ that normal server always initiates the connection to the router)
+ so the CONNECT command is only good for connecting to another
+ router.
+
Sat Feb 24 16:03:45 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Added SILC_NOTIFY_TYPE_KICKED to indicate that the client
* Added new command status type SILC_STATUS_ERR_NO_CHANNEL_FOPRIV
to indicate that the client is not channel founder.
+ * Updated TODO.
+
Sat Feb 24 00:00:55 EET 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Removed the rng context from SilcPacketContext structure and
projects / silc.git / blobdiff