updates.

[website.git] / docs / toolkit / ChangeLog

commit bd463a75d37dd2ec164dc14dee4bb2550d6a778a
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon May 5 13:53:08 2014 +0300

    silcclient: check packet type as responder before starting AKE
    
    Do not immediately start the private message key autonegotiation as
    responder when a packet comes in but wait until it is decoded from the
    private message payload so that responder can properly set up the SKE
    properties and start the SKE in proper state.  Initiator is allowed to
    start SKE with SILC_PACKET_KEY_EXCHANGE at any time, including when a key
    already exists and it would be error to expect that initiator should have
    sent SILC_PACKET_KEY_EXCHANGE_1 just because key exists in responder side.

commit c849f909fc98a2460ffc1c7becf17b7417e391e7
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon May 5 11:23:48 2014 +0300

    Fix compilation warnings

commit b7c5d77228c07bf2974e986c362e5fb0014f9fff
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon May 5 11:24:08 2014 +0300

    silc-toolkit: rpm packaging updates

commit 0c5b4cf8af092fd6c3d3d4cd03efd299c7020cc1
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue Apr 29 10:56:24 2014 +0300

    SKE: handle invalid protocol state errors
    
    With SKE over UDP we can receive packets in wrong order or do
    retransmissions but in TCP receiving wrong SKE packet at wrong time is
    a protocol error and must result to end of the key exchange.

commit fb7bc4b5172fd6fa0ae96f876a33cd2ec5139b6e
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 23:00:02 2014 +0300

    Bump version numbers
    
    Bump library version numbers, API has changed.

commit 80d10dbf48785c2163551a7f94a46f6f5849c4a7
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 22:59:28 2014 +0300

    silcclient: auto-negotiation of private message key using SKE over SILCnet
    
    Previously in SILC private messages have been protected in normal mode
    using the session key shared between the client and server and other
    servers in the network.  This obviously has security implications if
    the SILC servers cannot be trusted.
    
    To overcome this issue silcclient library has offered user the ability to
    use pre-shared key (or password) as the secret key to protect private
    message, or to negotiate fresh key material using SKE peer-to-peer over
    the internet (key agreement).
    
    However, both of these feature have severe limitations.  The first one
    requiring coordinated effort to somehow share the key or password and
    the second requiring peer-to-peer connection which may not be possible
    due to NAT and firewalls.
    
    This commit adds a new private message protection method and takes it
    into use as the default protection method.  The commits adds support
    for automatic negotiation of the private message key using SKE but instead
    of doing it peer-to-peer over the internet it is done client-to-client
    over the SILC network itself.  This is accomplished by tunneling the
    SKE protocol inside private message packets.  As SKE is safe over the
    unprotected and untrusted internet it is safe also over the SILC network.
    
    The end result of the auto-negotiation is a shared secret known only
    to the two clients.  The SKE provides mutual authentication with digital
    signatures to prevent man-in-the-middle attack.  The private messages
    protected with this key can be read only by the two clients.  SILC servers
    along the way cannot decrypt them.  The key is periodically re-keyed
    (5 minutes or so) and it provides Perfect Forward Secrecy.
    
    The auto-negotiation is enabled by default.  It can detect within seconds
    if the remote client supports the method and if it doesn't it gives a
    notification that the private message protection has been reverted back
    to session keys.  Application can disable the feature, if wanted.
    
    This feature does not require any changes to SILC servers.

commit d7f1e81fea0d1da2ac870b8dfa600669aa280cd5
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 22:43:44 2014 +0300

    silcclient: fix packet stream coder function
    
    Generate correct FTP packet after, after the packet stream coder function
    semantics changed in commit 705167687caeaa66c371dce7cc88719687337b9e.

commit 77774e96ef3f5011bb85f7e0ec68a7f3a4a4d6e8
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 22:42:43 2014 +0300

    silcclient: Add generic client entry operation context
    
    Add generic client entry async operation context to the internal
    context.  Change the key agreement to start using it.
    
    Add support for aborting client entry operations when the client entry
    is deleted or when the connection is closed to the server.

commit 7f26bf8964b7269f9a9f295afdff1b870ecc68e2
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 22:39:06 2014 +0300

    SKE: support for simplified key exchange
    
    This commit adds support for simplified SILC Key Exchange protocol by
    allowing the caller to specify the security properties to be used in
    the key exchange.  This will stop the library from exchanging the
    SILC_PACKET_KEY_EXCHANGE packet containing the properties.
    
    Support for not sending the SILC_PACKET_SUCCESS acks after a successful
    key exchange.
    
    These two changes allow the SKE to be simplified to exchanging only
    the SILC_PACKET_KEY_EXHANGE_1 and SILC_PACKET_KEY_EXCHANGE_2 packets
    to produce the shared key and to do mutual authentication.
    
    The commit also adds support for generating small proposals in
    SILC_PACKET_KEY_EXCHANGE packet by including only one security property
    per item instead of listing all of them in the proposal.
    
    Additionally the commit adds support for probe timeout which affects
    the first packet sent by initiator.  If responder does not respond to
    the first packet in the specified timeframe the key exchange will
    timeout.  If it replies the normal key exchange timeout has effect after
    that.

commit 705167687caeaa66c371dce7cc88719687337b9e
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 22:31:35 2014 +0300

    silccore: packet injection and stream wrap improvements
    
    Add silc_packet_stream_inject to allow injecting of packets to the
    specified packet stream.
    
    Add support for specifying the source and destination ids for the
    wrapped packet stream allowing to use them in packet sending and using
    them in packet reception to take only packets with the specified ids.
    
    The semantics of CAN_WRITE and CAN_READ of wrapped packet stream coder
    function has been changed to allow the coder to filter out packets it
    does not want or to handle errors in coding.

commit 2d1796c19aaf7b3e1f07f95e0271e64fdea1da2f
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Mon Apr 28 21:55:33 2014 +0300

    Robodoc compilation update
    
    Update robodoc compilation.

commit 39e99da8fc2c49fe989ef50b040866f735fefd5b
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Sun Apr 27 10:48:43 2014 +0300

    Use backtrace() in stack tracing for prettier output
    
    This commit takes the backtrace() call in use to produce stack trace
    outputs, plus it gives us x86-64 support for stack trace.

commit 2559c5da3d5353f97f16b387bff02373b258a3df
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Sun Apr 27 10:38:34 2014 +0300

    Static analyzer fixes
    
    More small fixes resulting from clang static analysis.

commit 644f8b14010e05d55b5cde8514f6efdca8c21c5b
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue Apr 22 15:29:07 2014 +0300

    Enable higher security messages MACs
    
    The code to include the source and destination ID in the message payload
    MAC has been there for a long time but the use of it has been disabled.
    This commit enables it but preserves the backwards support for those
    clients unable to verify the MACs.  The support for the newer MACs
    have been there for several years.

commit e7ecca35b79220f947ae30c98f80688db1d2a101
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue Apr 22 15:26:55 2014 +0300

    Remove obsolete backwards support code
    
    Remove the old zero-client id backwards support when starting SKE protocol.

commit 40df0fe9d2a0a7648a111ca03de16f7a740cf5ad
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue Apr 22 15:25:37 2014 +0300

    Longer default PKCS keys
    
    This commit changes the default PKCS key length from 2048 bits to 4096
    bits.  It adds warnings to both SILC client and SILC server in start up
    in case the existing key is shorter than 4096 to encourage people to
    generate new key longer key pair.
    
    This commit also changes the default SKE DH group from 1024 to 1536 bits.
    The old group is still supported.

commit d4ead7075692a4abdc487fcb422cb9fd5b41a596
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue Apr 22 15:22:38 2014 +0300

    Static analyzer bug fixes
    
    Bunch of small bugs fixed here and there found during static analysis.

commit f38b21315fc72df3914664227ebcece766f01f66
Author: Pekka Riikonen <priikone@Pekkas-MacBook-Air.local>
Date:   Fri Jun 22 22:21:38 2012 +0300

    Mac OS X >= 10.7 support
    
    Add support for compiling on Mac OS X > 10.7 and newer.  Summary of
    changes:
    
     - Remove config.guess and config.sub, let the autodist copy proper
       versions from the system.
    
     - Add support for autoconfg 2.68 and newer.
    
     - Add support for compiing x86-64 AES code with NASM.
    
     - Update Mac OS X installation instructions.

commit 27a4ad25c65fa7b4fdbbe53b3551a687a9b43214
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue May 25 07:24:28 2010 +0300

    Client: Fix signature verification double free
    
    When client receives public key in the message payload and is compared
    against the client's own public key, when the keys differ we have to
    return immediately and not try to verify the signature.

commit a2f2afc03242a6f8b77953203f8e3767a6e703c4
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue May 11 07:44:09 2010 +0300

    Packet engine: prevent divide by 0

commit 5fff0bf9cd2c72027c9f42f2e60b415ba4848ae6
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Tue May 11 07:41:03 2010 +0300

    SKE: Make sure failure received from remote is error status.

commit bb61286f7ac90ebcdaa9b00991a9a98b6cd8663f
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Fri Sep 25 12:07:41 2009 +0300

    Set SO_KEEPALIVE for all accept()ed sockets.

commit 80bb7b35c2a1f44702631f1a5cf5685d5ce4b2c7
Author: Pekka Riikonen <priikone@silcnet.org>
Date:   Fri Sep 25 12:06:45 2009 +0300

    clientlib: Close connection after failed rekey

 .cvsignore => .gitignore                           |   18 +
 INSTALL                                            |    3 +
 README                                             |  114 +-
 README.MACOSX                                      |   33 +-
 TODO                                               |  304 +-
 config.guess                                       | 1471 -----
 config.sub                                         | 1599 -----
 configure.ad                                       |   62 +-
 distdir/pre-run                                    |    2 +-
 lib/Makefile.ad                                    |    8 +-
 lib/configure.ad                                   |   16 +-
 lib/contrib/nfkc.c                                 |    3 +
 lib/doc/LIBINDEX                                   |    2 +-
 lib/silcapputil/silcapputil.c                      |    4 +-
 lib/silcapputil/silcapputil.h                      |    2 +-
 lib/silcasn1/silcasn1.c                            |    4 +-
 lib/silcasn1/silcasn1_decode.c                     |    2 +-
 lib/silcasn1/silcasn1_encode.c                     |    2 +-
 lib/silcclient/client.c                            |   27 +-
 lib/silcclient/client.h                            |   11 +-
 lib/silcclient/client_attrs.c                      |    2 +-
 lib/silcclient/client_channel.c                    |   20 +-
 lib/silcclient/client_connect.c                    |   14 +-
 lib/silcclient/client_entry.c                      |   22 +-
 lib/silcclient/client_ftp.c                        |   17 +-
 lib/silcclient/client_internal.h                   |    6 +-
 lib/silcclient/client_keyagr.c                     |   32 +-
 lib/silcclient/client_listener.c                   |    2 +-
 lib/silcclient/client_notify.c                     |    2 +-
 lib/silcclient/client_prvmsg.c                     |  720 ++-
 lib/silcclient/client_prvmsg.h                     |   12 +-
 lib/silcclient/client_register.c                   |    2 +-
 lib/silcclient/command_reply.c                     |   12 +-
 lib/silcclient/silcclient.h                        |   24 +-
 lib/silcclient/tests/test_silcclient.c             |    4 +-
 lib/silccore/silcargument.c                        |    2 -
 lib/silccore/silcattrs.c                           |    9 +-
 lib/silccore/silcauth.c                            |    2 +-
 lib/silccore/silcmessage.c                         |   21 +-
 lib/silccore/silcmessage.h                         |    5 +-
 lib/silccore/silcpacket.c                          |  145 +-
 lib/silccore/silcpacket.h                          |   60 +-
 lib/silccore/tests/test_silcmessage.c              |    4 +-
 lib/silccrypt/aes.c                                |   18 +-
 lib/silccrypt/aes_x86_64.asm                       |    8 +-
 lib/silccrypt/md5.c                                |    2 +-
 lib/silccrypt/silccipher.c                         |    3 +-
 lib/silccrypt/silchash.c                           |    3 +-
 lib/silccrypt/silchmac.c                           |    3 +-
 lib/silccrypt/silcpk.h                             |    4 +-
 lib/silccrypt/silcpkcs.c                           |    3 +-
 lib/silccrypt/silcpkcs1.c                          |   32 +-
 lib/silccrypt/silcrng.c                            |   18 +-
 lib/silccrypt/tests/test_silcpkcs.c                |    4 +-
 lib/silccrypt/twofish.c                            |    2 +-
 lib/silchttp/silchttpserver.c                      |    3 +
 lib/silcmath/mp_gmp.c                              |    3 +-
 lib/silcmath/mp_tfm.c                              |    3 +-
 lib/silcmath/mp_tma.c                              |    3 +-
 lib/silcmath/silcmp.h                              |    2 +-
 lib/silcmath/tma.c                                 |    5 +
 lib/silcserver/tests/test_silcserver.c             |    2 +-
 lib/silcsftp/sftp_fs_memory.c                      |    2 +
 lib/silcske/groups.c                               |   44 +-
 lib/silcske/payload.c                              |   11 +-
 lib/silcske/silcske.c                              |  531 +-
 lib/silcske/silcske.h                              |   23 +-
 lib/silcske/silcske_groups.h                       |    7 +-
 lib/silcske/silcske_i.h                            |    4 +-
 lib/silcutil/Makefile.ad                           |    2 -
 lib/silcutil/silcbuffmt.c                          |    4 +-
 lib/silcutil/silcfileutil.c                        |    2 +-
 lib/silcutil/silcmemory.h                          |    4 -
 lib/silcutil/silcmime.c                            |    5 +-
 lib/silcutil/silcnet.c                             |   54 +-
 lib/silcutil/silcschedule.c                        |    9 +-
 lib/silcutil/silctime.c                            |    8 +-
 lib/silcutil/stacktrace.c                          |   58 +-
 lib/silcutil/unix/silcunixnet.c                    |    1 +
 silc-toolkit.spec.in                               |  250 +-
 179 files changed, 15541 insertions(+), 8210 deletions(-)
 rename .cvsignore => .gitignore (70%)
 delete mode 100755 config.guess
 delete mode 100755 config.sub