+Thu Nov 8 22:21:09 EET 2001 Pekka Riikonen <priikone@silcnet.org>
+
+ * Call check_version SKE callback for initiator too. Affected
+ file lib/silcske/silcske.c.
+
+ * Implemented fix for security hole found in the SKE that was
+ fixed in the specification few days back; the initiator's
+ public key is now added to the HASH value computation.
+ Added backwards support for the old way of doing it too, for
+ old clients and old servers. Affected file is
+ lib/silcske/silcske.c.
+
+ * Enabled mutual authentication by default in SKE. If initiator
+ is not providing mutual authentication the responder will
+ force it. This will provide the proof of posession of the
+ private key for responder. The affected files are
+ lib/silcclient/protocol.c and silcd/protocol.c.
+
+ * Do not cache anymore the server's public key during SKE.
+ We do mutual authentication so the proof of posession of
+ private key is done, and if the server is authenticated in
+ conn auth protocol with public key we must have the public
+ key already. Affected file silcd/protocol.c.
+
+ * Added new global debug variable: silc_debug_hexdump. If
+ it is set to TRUE SILC_LOG_HEXDUMP will be printed. Affected
+ file lib/silcutil/silclog.[ch].
+
+ * Fixed compilation warning due to char * -> const char *.
+ Affected files lib/silcutil/silcnet.h, and
+ lib/silccore/silcauth.[ch].
+
+Wed Nov 7 20:43:03 EET 2001 Pekka Riikonen <priikone@silcnet.org>
+
+ * Fixed CMODE command when new channel key was created. If
+ the creation failed the old key was removed. Next time giving
+ same command would crash the server since the old key was
+ freed already. Affected file silcd/command.c.
+
+ * Fixed the silc_server_announce_get_channels to not crash
+ on reconnect. Affected file silcd/server.c.
+
+Wed Nov 7 17:15:07 EET 2001 Pekka Riikonen <priikone@silcnet.org>
+
+ * Added silc_log_set_debug_string function to set a regex
+ string to match for debug output. Only the function names,
+ or filenames matching the given debug string is actually
+ printed. This way it is possible to filter out those debug
+ strings that user is not interested in.
+
+ Fixed a bug in silc_string_regexify.
+
+ Affected files lib/silcutil/silclog.[ch], and
+ lib/silcutil/unix/silcunixutil.c.
+
+ * Changed the -d options in both server and Irssi SILC client
+ to take the debug string as argument. Affected files
+ silcd/silcd.c and irssi/src/silc/core/silc-core.c.
+
+Tue Nov 6 21:31:54 EET 2001 Pekka Riikonen <priikone@silcnet.org>
+
+ * Added silc_hash_babbleprint to create a Bubble Babble
+ Encoded fingerprint. The encoding is developed by Antti
+ Huima (draft-huima-babble-01.txt), and it creates human
+ readable strings out of binary data. Affected file
+ lib/silccrypt/silchash.[ch].
+
+ * Print the babble print now in addition of fingerprint as well
+ in Irssi SILC client. Affected files are
+ irssi/src/fe-common/silc/module-formats.[ch],
+ irssi/src/fe-common/silc/core/client_ops.c.
+
+Sun Nov 4 23:37:28 EET 2001 Pekka Riikonen <priikone@silcnet.org>
+
+ * Fixed a security problem found in SKE. The initiator's
+ public key too is now added to the HASH hash value creation
+ which is signed by the responder to create the SIGN value.
+ This will prevent anyone in the middle to lie to the responder
+ about the initiator's public key. If this is done now, the
+ man in the middle will get caught. Updated the protocol
+ specification.
+
Sun Nov 4 11:43:53 EET 2001 Pekka Riikonen <priikone@silcnet.org>
* Better installation directory handling. Configure module
projects / silc.git / blobdiff