1 commit bd463a75d37dd2ec164dc14dee4bb2550d6a778a
2 Author: Pekka Riikonen <priikone@silcnet.org>
3 Date: Mon May 5 13:53:08 2014 +0300
5 silcclient: check packet type as responder before starting AKE
7 Do not immediately start the private message key autonegotiation as
8 responder when a packet comes in but wait until it is decoded from the
9 private message payload so that responder can properly set up the SKE
10 properties and start the SKE in proper state. Initiator is allowed to
11 start SKE with SILC_PACKET_KEY_EXCHANGE at any time, including when a key
12 already exists and it would be error to expect that initiator should have
13 sent SILC_PACKET_KEY_EXCHANGE_1 just because key exists in responder side.
15 commit c849f909fc98a2460ffc1c7becf17b7417e391e7
16 Author: Pekka Riikonen <priikone@silcnet.org>
17 Date: Mon May 5 11:23:48 2014 +0300
19 Fix compilation warnings
21 commit b7c5d77228c07bf2974e986c362e5fb0014f9fff
22 Author: Pekka Riikonen <priikone@silcnet.org>
23 Date: Mon May 5 11:24:08 2014 +0300
25 silc-toolkit: rpm packaging updates
27 commit 0c5b4cf8af092fd6c3d3d4cd03efd299c7020cc1
28 Author: Pekka Riikonen <priikone@silcnet.org>
29 Date: Tue Apr 29 10:56:24 2014 +0300
31 SKE: handle invalid protocol state errors
33 With SKE over UDP we can receive packets in wrong order or do
34 retransmissions but in TCP receiving wrong SKE packet at wrong time is
35 a protocol error and must result to end of the key exchange.
37 commit fb7bc4b5172fd6fa0ae96f876a33cd2ec5139b6e
38 Author: Pekka Riikonen <priikone@silcnet.org>
39 Date: Mon Apr 28 23:00:02 2014 +0300
43 Bump library version numbers, API has changed.
45 commit 80d10dbf48785c2163551a7f94a46f6f5849c4a7
46 Author: Pekka Riikonen <priikone@silcnet.org>
47 Date: Mon Apr 28 22:59:28 2014 +0300
49 silcclient: auto-negotiation of private message key using SKE over SILCnet
51 Previously in SILC private messages have been protected in normal mode
52 using the session key shared between the client and server and other
53 servers in the network. This obviously has security implications if
54 the SILC servers cannot be trusted.
56 To overcome this issue silcclient library has offered user the ability to
57 use pre-shared key (or password) as the secret key to protect private
58 message, or to negotiate fresh key material using SKE peer-to-peer over
59 the internet (key agreement).
61 However, both of these feature have severe limitations. The first one
62 requiring coordinated effort to somehow share the key or password and
63 the second requiring peer-to-peer connection which may not be possible
64 due to NAT and firewalls.
66 This commit adds a new private message protection method and takes it
67 into use as the default protection method. The commits adds support
68 for automatic negotiation of the private message key using SKE but instead
69 of doing it peer-to-peer over the internet it is done client-to-client
70 over the SILC network itself. This is accomplished by tunneling the
71 SKE protocol inside private message packets. As SKE is safe over the
72 unprotected and untrusted internet it is safe also over the SILC network.
74 The end result of the auto-negotiation is a shared secret known only
75 to the two clients. The SKE provides mutual authentication with digital
76 signatures to prevent man-in-the-middle attack. The private messages
77 protected with this key can be read only by the two clients. SILC servers
78 along the way cannot decrypt them. The key is periodically re-keyed
79 (5 minutes or so) and it provides Perfect Forward Secrecy.
81 The auto-negotiation is enabled by default. It can detect within seconds
82 if the remote client supports the method and if it doesn't it gives a
83 notification that the private message protection has been reverted back
84 to session keys. Application can disable the feature, if wanted.
86 This feature does not require any changes to SILC servers.
88 commit d7f1e81fea0d1da2ac870b8dfa600669aa280cd5
89 Author: Pekka Riikonen <priikone@silcnet.org>
90 Date: Mon Apr 28 22:43:44 2014 +0300
92 silcclient: fix packet stream coder function
94 Generate correct FTP packet after, after the packet stream coder function
95 semantics changed in commit 705167687caeaa66c371dce7cc88719687337b9e.
97 commit 77774e96ef3f5011bb85f7e0ec68a7f3a4a4d6e8
98 Author: Pekka Riikonen <priikone@silcnet.org>
99 Date: Mon Apr 28 22:42:43 2014 +0300
101 silcclient: Add generic client entry operation context
103 Add generic client entry async operation context to the internal
104 context. Change the key agreement to start using it.
106 Add support for aborting client entry operations when the client entry
107 is deleted or when the connection is closed to the server.
109 commit 7f26bf8964b7269f9a9f295afdff1b870ecc68e2
110 Author: Pekka Riikonen <priikone@silcnet.org>
111 Date: Mon Apr 28 22:39:06 2014 +0300
113 SKE: support for simplified key exchange
115 This commit adds support for simplified SILC Key Exchange protocol by
116 allowing the caller to specify the security properties to be used in
117 the key exchange. This will stop the library from exchanging the
118 SILC_PACKET_KEY_EXCHANGE packet containing the properties.
120 Support for not sending the SILC_PACKET_SUCCESS acks after a successful
123 These two changes allow the SKE to be simplified to exchanging only
124 the SILC_PACKET_KEY_EXHANGE_1 and SILC_PACKET_KEY_EXCHANGE_2 packets
125 to produce the shared key and to do mutual authentication.
127 The commit also adds support for generating small proposals in
128 SILC_PACKET_KEY_EXCHANGE packet by including only one security property
129 per item instead of listing all of them in the proposal.
131 Additionally the commit adds support for probe timeout which affects
132 the first packet sent by initiator. If responder does not respond to
133 the first packet in the specified timeframe the key exchange will
134 timeout. If it replies the normal key exchange timeout has effect after
137 commit 705167687caeaa66c371dce7cc88719687337b9e
138 Author: Pekka Riikonen <priikone@silcnet.org>
139 Date: Mon Apr 28 22:31:35 2014 +0300
141 silccore: packet injection and stream wrap improvements
143 Add silc_packet_stream_inject to allow injecting of packets to the
144 specified packet stream.
146 Add support for specifying the source and destination ids for the
147 wrapped packet stream allowing to use them in packet sending and using
148 them in packet reception to take only packets with the specified ids.
150 The semantics of CAN_WRITE and CAN_READ of wrapped packet stream coder
151 function has been changed to allow the coder to filter out packets it
152 does not want or to handle errors in coding.
154 commit 2d1796c19aaf7b3e1f07f95e0271e64fdea1da2f
155 Author: Pekka Riikonen <priikone@silcnet.org>
156 Date: Mon Apr 28 21:55:33 2014 +0300
158 Robodoc compilation update
160 Update robodoc compilation.
162 commit 39e99da8fc2c49fe989ef50b040866f735fefd5b
163 Author: Pekka Riikonen <priikone@silcnet.org>
164 Date: Sun Apr 27 10:48:43 2014 +0300
166 Use backtrace() in stack tracing for prettier output
168 This commit takes the backtrace() call in use to produce stack trace
169 outputs, plus it gives us x86-64 support for stack trace.
171 commit 2559c5da3d5353f97f16b387bff02373b258a3df
172 Author: Pekka Riikonen <priikone@silcnet.org>
173 Date: Sun Apr 27 10:38:34 2014 +0300
175 Static analyzer fixes
177 More small fixes resulting from clang static analysis.
179 commit 644f8b14010e05d55b5cde8514f6efdca8c21c5b
180 Author: Pekka Riikonen <priikone@silcnet.org>
181 Date: Tue Apr 22 15:29:07 2014 +0300
183 Enable higher security messages MACs
185 The code to include the source and destination ID in the message payload
186 MAC has been there for a long time but the use of it has been disabled.
187 This commit enables it but preserves the backwards support for those
188 clients unable to verify the MACs. The support for the newer MACs
189 have been there for several years.
191 commit e7ecca35b79220f947ae30c98f80688db1d2a101
192 Author: Pekka Riikonen <priikone@silcnet.org>
193 Date: Tue Apr 22 15:26:55 2014 +0300
195 Remove obsolete backwards support code
197 Remove the old zero-client id backwards support when starting SKE protocol.
199 commit 40df0fe9d2a0a7648a111ca03de16f7a740cf5ad
200 Author: Pekka Riikonen <priikone@silcnet.org>
201 Date: Tue Apr 22 15:25:37 2014 +0300
203 Longer default PKCS keys
205 This commit changes the default PKCS key length from 2048 bits to 4096
206 bits. It adds warnings to both SILC client and SILC server in start up
207 in case the existing key is shorter than 4096 to encourage people to
208 generate new key longer key pair.
210 This commit also changes the default SKE DH group from 1024 to 1536 bits.
211 The old group is still supported.
213 commit d4ead7075692a4abdc487fcb422cb9fd5b41a596
214 Author: Pekka Riikonen <priikone@silcnet.org>
215 Date: Tue Apr 22 15:22:38 2014 +0300
217 Static analyzer bug fixes
219 Bunch of small bugs fixed here and there found during static analysis.
221 commit f38b21315fc72df3914664227ebcece766f01f66
222 Author: Pekka Riikonen <priikone@Pekkas-MacBook-Air.local>
223 Date: Fri Jun 22 22:21:38 2012 +0300
225 Mac OS X >= 10.7 support
227 Add support for compiling on Mac OS X > 10.7 and newer. Summary of
230 - Remove config.guess and config.sub, let the autodist copy proper
231 versions from the system.
233 - Add support for autoconfg 2.68 and newer.
235 - Add support for compiing x86-64 AES code with NASM.
237 - Update Mac OS X installation instructions.
239 commit 27a4ad25c65fa7b4fdbbe53b3551a687a9b43214
240 Author: Pekka Riikonen <priikone@silcnet.org>
241 Date: Tue May 25 07:24:28 2010 +0300
243 Client: Fix signature verification double free
245 When client receives public key in the message payload and is compared
246 against the client's own public key, when the keys differ we have to
247 return immediately and not try to verify the signature.
249 commit a2f2afc03242a6f8b77953203f8e3767a6e703c4
250 Author: Pekka Riikonen <priikone@silcnet.org>
251 Date: Tue May 11 07:44:09 2010 +0300
253 Packet engine: prevent divide by 0
255 commit 5fff0bf9cd2c72027c9f42f2e60b415ba4848ae6
256 Author: Pekka Riikonen <priikone@silcnet.org>
257 Date: Tue May 11 07:41:03 2010 +0300
259 SKE: Make sure failure received from remote is error status.
261 commit bb61286f7ac90ebcdaa9b00991a9a98b6cd8663f
262 Author: Pekka Riikonen <priikone@silcnet.org>
263 Date: Fri Sep 25 12:07:41 2009 +0300
265 Set SO_KEEPALIVE for all accept()ed sockets.
267 commit 80bb7b35c2a1f44702631f1a5cf5685d5ce4b2c7
268 Author: Pekka Riikonen <priikone@silcnet.org>
269 Date: Fri Sep 25 12:06:45 2009 +0300
271 clientlib: Close connection after failed rekey
273 .cvsignore => .gitignore | 18 +
276 README.MACOSX | 33 +-
278 config.guess | 1471 -----
279 config.sub | 1599 -----
281 distdir/pre-run | 2 +-
282 lib/Makefile.ad | 8 +-
283 lib/configure.ad | 16 +-
284 lib/contrib/nfkc.c | 3 +
285 lib/doc/LIBINDEX | 2 +-
286 lib/silcapputil/silcapputil.c | 4 +-
287 lib/silcapputil/silcapputil.h | 2 +-
288 lib/silcasn1/silcasn1.c | 4 +-
289 lib/silcasn1/silcasn1_decode.c | 2 +-
290 lib/silcasn1/silcasn1_encode.c | 2 +-
291 lib/silcclient/client.c | 27 +-
292 lib/silcclient/client.h | 11 +-
293 lib/silcclient/client_attrs.c | 2 +-
294 lib/silcclient/client_channel.c | 20 +-
295 lib/silcclient/client_connect.c | 14 +-
296 lib/silcclient/client_entry.c | 22 +-
297 lib/silcclient/client_ftp.c | 17 +-
298 lib/silcclient/client_internal.h | 6 +-
299 lib/silcclient/client_keyagr.c | 32 +-
300 lib/silcclient/client_listener.c | 2 +-
301 lib/silcclient/client_notify.c | 2 +-
302 lib/silcclient/client_prvmsg.c | 720 ++-
303 lib/silcclient/client_prvmsg.h | 12 +-
304 lib/silcclient/client_register.c | 2 +-
305 lib/silcclient/command_reply.c | 12 +-
306 lib/silcclient/silcclient.h | 24 +-
307 lib/silcclient/tests/test_silcclient.c | 4 +-
308 lib/silccore/silcargument.c | 2 -
309 lib/silccore/silcattrs.c | 9 +-
310 lib/silccore/silcauth.c | 2 +-
311 lib/silccore/silcmessage.c | 21 +-
312 lib/silccore/silcmessage.h | 5 +-
313 lib/silccore/silcpacket.c | 145 +-
314 lib/silccore/silcpacket.h | 60 +-
315 lib/silccore/tests/test_silcmessage.c | 4 +-
316 lib/silccrypt/aes.c | 18 +-
317 lib/silccrypt/aes_x86_64.asm | 8 +-
318 lib/silccrypt/md5.c | 2 +-
319 lib/silccrypt/silccipher.c | 3 +-
320 lib/silccrypt/silchash.c | 3 +-
321 lib/silccrypt/silchmac.c | 3 +-
322 lib/silccrypt/silcpk.h | 4 +-
323 lib/silccrypt/silcpkcs.c | 3 +-
324 lib/silccrypt/silcpkcs1.c | 32 +-
325 lib/silccrypt/silcrng.c | 18 +-
326 lib/silccrypt/tests/test_silcpkcs.c | 4 +-
327 lib/silccrypt/twofish.c | 2 +-
328 lib/silchttp/silchttpserver.c | 3 +
329 lib/silcmath/mp_gmp.c | 3 +-
330 lib/silcmath/mp_tfm.c | 3 +-
331 lib/silcmath/mp_tma.c | 3 +-
332 lib/silcmath/silcmp.h | 2 +-
333 lib/silcmath/tma.c | 5 +
334 lib/silcserver/tests/test_silcserver.c | 2 +-
335 lib/silcsftp/sftp_fs_memory.c | 2 +
336 lib/silcske/groups.c | 44 +-
337 lib/silcske/payload.c | 11 +-
338 lib/silcske/silcske.c | 531 +-
339 lib/silcske/silcske.h | 23 +-
340 lib/silcske/silcske_groups.h | 7 +-
341 lib/silcske/silcske_i.h | 4 +-
342 lib/silcutil/Makefile.ad | 2 -
343 lib/silcutil/silcbuffmt.c | 4 +-
344 lib/silcutil/silcfileutil.c | 2 +-
345 lib/silcutil/silcmemory.h | 4 -
346 lib/silcutil/silcmime.c | 5 +-
347 lib/silcutil/silcnet.c | 54 +-
348 lib/silcutil/silcschedule.c | 9 +-
349 lib/silcutil/silctime.c | 8 +-
350 lib/silcutil/stacktrace.c | 58 +-
351 lib/silcutil/unix/silcunixnet.c | 1 +
352 silc-toolkit.spec.in | 250 +-
353 179 files changed, 15541 insertions(+), 8210 deletions(-)
354 rename .cvsignore => .gitignore (70%)
355 delete mode 100755 config.guess
356 delete mode 100755 config.sub