Changes:
- Portability: Check threads support in OpenBSD.
- Security: Fixed string format vulnerability in client entry handling.
- Autoconf upgrade.
- PacketEngine: Don't free underlaying stream in packet stream create error
- If packet stream creation failed it freed the stream given as argument.
This is wrong. It is the caller's responsibility to free it if the
packet stream creation failed.
- SKE: When failure is received mark SKE always failed
Mark the SKE failed even if we don't receive error from remote. Fixes
crash where the callback is called back to application without valid
key material and without error status.
ChangeLog for 1.1.5 somehow got lost, but here are the bits from 1.1.6 and
1.1.7:
- Fixed channel MAC key setting in JOIN notify and command reply.
- Fix reference count bug leading to memory corruption on duplicate deletions.
- Avoid NULL dereference when leaving a channel with a private key.
- Fix crash on expired keyboard prompts.
- Add support for autosendcmd on channel entries.
various character set problems. The security issues fixed:
* NICK_CHANGE buffer overflow: CVE-2007-3728.
* pkcs_decode buffer overflow: CORE-2007-1212.
Changes since version 1.0.4.1:
- Fixed NEW_CLIENT packet handling crash.
- Fixed partial encryption in CTR mode in AES.
- Fixed printable fingerprint buffer overflow.
- Fixed UNIX signal delivery il SILC scheduler.
- Reprocess JOIN command synchronously after resolving channel user list.
- In JOIN command reply check if the channel key is already saved.
- Remove all channel keys and hmacs after giving LEAVE command.
- Added missing channel unreferencing in CMODE, CUMODE, TOPIC, INVITE,
BAN and KICK command replies.
- Fixed connection authentication with public keys to use correct public
key as responder.
- Zero tail of CTR mode IV in IV Included mode.
- Fixed CTR mode rekey.
- Rewrote the IV Included CTR mode encryption/decryption in packet engine.
- Fixed non-IPv6 compilation error.
- Fixed channel private key deleting when deleting the channel.
- Fixed TIMEOUT handling in user info resolving during JOINing, fixes crash.
- Fixed mandatory UN and HN SILC public key identifier checking.
- Fixed alignment issues with 64-bit CPUs.
- Added "There are now xx nick's" to "are xx nicks".
- Fixed USERS command user mode handling (integer overflow).
- Fixed big-endian issues from aes implementation.
- Fixed lib/silcutil/silcatomic.h compilation on IA64.
- Fixed public key identifier parsing to check lengths correctly.
- In silc_client_free check that scheduler is allocated before trying to
free it.
- Fixed buffer overflow in NICK_CHANGE notify. The destination buffer for
old nicknames was too small.
- Added support for rekey with PFS when using CTR mode encryption.
- Added silc_idcache_move that can be used to move entries between caches.
- Added better checks for invalid argument and notify payloads.
- Fixed SILC_PACKET_FLAG_LONG_PAD bitmask value.
- Set the destination ID to packet stream as SKE responder if ID was
present in key exchange packet.
- Compile sources with _GNU_SOURCE on Linux systems.
- Fixed Unix signal task dispatching to not lock the signals when
dispatching the callback to avoid deadlocks.
- Added SILC_VERSION macro for checking package versions at compile time.
- Use SILC_VERIFY to assert that silc_rwlock_wrlock can be called only
once per thread on Unix.
- Fixed USERS command reply write-lock unlocking.
- Fixed silc_create_key_pair to check for valid identifier.
- Rewrite signed public message handling, adopting the new hilight interface.
- Fix off by one error when loading modules.
- Don't delete hilight entry (because it's just a pointer, not a copy).
- Added __SILC_TOOLKIT_x_x_x macro to all Toolkit distribution which can
be used to check for Toolkit version in third-party software.
- Added support for channel@server channel name strings to client library
(SILC protocol version 1.3 change).
- Added full_nicknames and full_channel_names settings to SilcClientParams
that can be used to specify whether client library returns full nickname
and channel name strings. Full strings are nick@server and channel@server.
- Fixed unix connecting failure to return error code correctly.
- Fixed SKE timeout double free crash.
- Fixed MIME multipart decoding buffer overflow.
- Fixed connection auth protocol timeout crash.
- Fixed FSM machine finishing to check for existing threads at the final
free callback to allow time for the threads to finish.
- Fixed silc_client_get_clients_local to check the nick's server also if
nick@server nickname string is given to the function.
- And many more, oh well. For the user this means: better charset support,
less crashes, nick names now potentially user#23, server specific
channels and more sanity.
Talked over a while ago with wiz with no objections.
Addresses PR pkg/36355
Changes:
1.0.4.1:
========
o Fix a segfault when joining an unknown channel
1.0.4:
======
- Update Makefiles so parallel make is possible
- Include scripts from the SILC Plugin for automatically signing all
messages
- Use known passwords when joining password protected channels
1.0.3:
======
- empty realname and hostname is permitted again (and the user gets to
see the error message if something goes wrong)
- various small fixes
Changes:
- convert to options.mk
1.0.2:
======
Due to the new SILC Server release with support to the UTF-8 nicknames and
channel names new version of the SILC Client is released as it seems the
older ones do not function very well with the new server. This version
includes support to the UTF-8 encoded nicknames and channel names, however,
certain problems may still exists, as this is a slight premature release.
- Added support for UTF-8 encoded nicknames and channel names.
- Command queue implemented for better UTF-8 support.
- --with-silc-includes and --with-silc-libs added gto configure to use
pre-installed SILC Toolkit.
- Rework how and where is silc-client installed (in preparation for
silc-toolkit import).
- Rework PLIST.perl handling, now it works with threaded Perl as well.
- Minor cleanups.
When you are upgrading from a prior release to SILC Client 1.0.1, there
are two issues you have to take special care of:
First of all the default theme (as defined in the file default.theme in
the source package) has changed. You may need to update your personal
theme to reflect those changes. The second change affects the filename
used to store the session data when /DETACH'ing. If you have detached
from a SILC network with your old client and want to resume the session
with SILC Client 1.0.1, you first have to
/SET session_filename session
After successfully resuming your session, you can revert the setting to
its default "session.$chatnet" again.
Changes:
--------
- /NOTICE and /ACTION command now both take a mandatory target argument
and an option -sign flag. Both work in channels and queries, /IGNORE
now correctly treats both. default.theme has changed, please update
your theme. Closes#1.
- /SILCNET [ADD|REMOVE|LIST] command to manage different SILC networks.
- /SMSG and /MMSG now correctly open new query windows if wished.
- New settings session_filename defines the filename used to store
session information generated by /DETACH. A setting like
session.$chatnet allows you to detach from different networks.
Changes:
- disable perl support. it's broken and needs patches for lang/perl5[8] which
won't be applied during the freeze
1.0:
====
- Help file updates.
Changes:
- Fixed the file transfer (see /HELP FILE) session accepting and closing.
- Fixed nickname formatting to not mess the /NAMES command output.
- Fixed MIME header parsing to not show extra characters in the MIME type
name.
- Several other bugfixes were made.
- Removed RC6 algorithm from distribution.
- Added /LISTKEYS help file (see /HELP LISTKEYS).
- Implemented optimized RSA algorithm for faster private key operations.
Private key operations are now at least 30% faster. Note however that,
this optimization works only with newly generated key pairs.
Unfortunately, it is not possible to transfer the old private key to
the new optimized format. There is no compatibility issues with old or
new private keys (new private keys work with older SILC Clients as
well, but they are slower to use).
- Implemented support for searching users in the network by their public
keys using WHOIS command. Note that, this feature will work only with
upcoming SILC Server. Current SILC Server 0.9.15 or older does not
support this feature.
See the /HELP WHOIS for revised help information on searching by
public key. Examples:
To search nickname 'nick' that has the specified public key, give:
/WHOIS nick -pubkey /path/to/the/public_key.pub
To search all usesr that has the specified public key, give:
/WHOIS -pubkey /path/to/the/public_key.pub
This search feature is the first search feature that uses the
Requested Attributes in WHOIS to base on the search or to narrow down
the searched values.
- added dependency on p5-File-MMagic if perl support enabled (for MMSG
support)
Changes:
- Fixed race condition between silc_client_init and my_silc_scheduler.
- Take reference of the socket in the parser context, as it's possible
to have the parsers in queue after the socket is disconnected and this
may cause crash.
- Check that packet queue purging was successful.
- Optimized the socket referencing in packet routines.
- Resolve the IP for file transfer listener from the connection socket.
- Added LISTKEYS command which can be used to list server and client
public keys from the ~./silc directory. See /HELP LISTKEYS.
- Improved the MMSG command. It now supports the target so it can be used
to send private messages too without opening a windows. It also
detects the MIME type now automatically. Support for digitally signing
the messages was also added. See /HELP MMSG, the help file is there
now. :) Replace the old silc-mime.pl script with the new one to take
advantage of all new features.
- Added /MMSG command help file.
Changes:
- Fixed a crashbug that occurred frequently when joining and leaving
channels.
- Fixed a crashbug in secure file transfer.
- Several other bugfixes were made.
- Introduction of multimedia message sending and reception. A perl script
silc-mime will introduce a new command MMSG, which can be used to send
MIME messages. This enables users to send for example images and other
messages. The SILC Client will automatically launch the application
that is able to view the message.
To start the script give command /script load silc-mime. It will try
to find a mailcap file which defines the MIME types and applications
that can show the MIME messages. If you want to receive MIME messages
you will also need to load the script.
To send a messages use /MMSG command. Give for example
/MMSG -channel foobar /path/to/file.gif to send a GIF image to channel
foobar. A shortcoming in the MMSG command makes it impossible to send
private messages without first opening a window for the query. This
will be fixed later.
Changes:
- remove patch-ab, merged into distribution
- cleanups in Makefile
0.9.13:
=======
- Lots of bugs was fixed. Also several security bugs has been fixed.
- Inviting and banning now works with a public key. Fixed also banning
with nickname (example, /ban +nickname).
- Support for channel public key authentication added. The CMODE command
has a new option 'C', which can be used to add and remove channel
public keys on the channel. The channel public keys work the same way
as the channel passphrase. Only the person posessing the corresponding
private key of the public key added on the channel is able to join the
channel. It is possible to add multiple channel public keys to the
public key list.
Give /HELP CMODE to see how to use the command. If the /CMODE +C is
given without arguments you will get list of current channel public
keys. This feature works only with new SILC Server 0.9.14 an newer.
You will also need to be channel founder.
- Automatic lag detector, to detect lag between your client and your
server. The lag (if any) is displayed on the status bar.
- /ME, /ACTION and /NOTICE now fully supports UTF-8 text messages.
- Using '@' and '!' characters in invite and ban strings is prohibited.
Those characters cannot be anymore used as part of invite and ban
strings.
- Better caching of old channel keys (for period of 10 seconds) to avoid
loosing any channel messages.
