Commit graph

9 commits

Author SHA1 Message Date
jlam
e46a9dd380 Create directories before installing files into them. 2005-06-17 03:50:19 +00:00
tv
f816d81489 Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. 2005-04-11 21:44:48 +00:00
agc
d81d19f8e0 Add RMD160 digests. 2005-02-24 12:51:41 +00:00
tv
60e35d18fe Fix compilation error on LP64 due to a prototype mismatch. (Arg changed
from time_t to long, but prototype wasn't updated to match.)
2004-12-01 12:50:39 +00:00
tv
c51cbf2b83 Include bsd.prefs.mk before adding to CFLAGS, just in case. 2004-11-29 04:21:33 +00:00
tv
6058af6c07 Update to 1.13. Among other things, the hash format has changed since the
0.xx releases.  Full changelog:

hashcash-1.13 - 16-Oct-2004 - Adam Back <adam@cypherspace.org>

	* fix bug where grace period not applied to double-spend db.
	  I think this could allow people to double-spend in the time
	  period after the resulting premature purging and before
	  expiry (which is the grace period)

	* add new feature where -e <period> can be used with -p to
	  override the expiry given at spend time (that is stored in
	  the double-spend db).  Inspired by question from Atom
          Smasher <atom@suspicious.org>.

	* clean up some memory leaks

	* add hashcash_free function (DLL scenario caller can't rely
          on having same deallocator to call as library compiled with)

	* lots more function documentation in hashcash.h for
	  library/DLL users, renamed all exported library functions to
	  start with hashcash_ prefix.

	* added hashcash_version function.

	* added callback function to allow user quit (returns
	  HASHCASH_USER_ABORT) and to give progress feedback.

	* added option -P which uses the callback to show progress.

	* added -O core option to allow user selection of core.

	* added small parameter to hashcash (to request small stamps
	  rather than slightly larger fast to generate stamps), and -Z
	  option to turn this on.  (In fact it is not implemented yet
	  but want to avoid changing library interface later).

hashcash-1.12 - 03-Oct-2004 - Adam Back <adam@cypherspace.org>

	* make a HASHCASH.DLL on windows using MINGW.

hashcash-1.11 - 02-Oct-2004 - Adam Back <adam@cypherspace.org>

	* _really_ fix trailing ascii(32) (spaces).  I have no idea
	  how I decided the 1.10 code fixed it.  Must have messed up
	  the test I was using to check it worked.

hashcash-1.10 - 01-Oct-2004 - Adam Back <adam@cypherspace.org>

	* remove trailing ascii(32) (spaces) which padding somehow
	  leaves

hashcash-1.09 - 17-Sep-2004 - Adam Back <adam@cypherspace.org>

	* fix missing space between resource name and width with -cv
	  reported by Panta Admin.

	* apply cumulative patch of 3 patches from Jonathan Morton.

hashcash-1.08 - 12-Sep-2004 - Adam Back <adam@cypherspace.org>

	* fix bug reported by Panta Admin <admin@panta-rhei.dyndns.org>
	  must have introduced in recent version where with pipe
	  prints stamp twice.

	* attempt to work around MINGW problem with signals -- somehow
	  it is changing it's mind about whether the MMX core can run
	  from the first call to the 2nd call.  But the test result
          is cached so it is hard to see how this happens.  Not clear
	  if this work-around will work as don't have a 486 to test
	  on.  (Work around is make single gIsMMXpresent shared
	  between the two mmx cores, should at least result in signal
	  call being used fewer times (max 1 time).  Also pass 1 to
	  longjmp.)

	* give up entirely on conditional make.  One Makefile, no
	  funky stuff.  Prints info about what you need to do to
	  compile on your platform and goes ahead and compiles with
	  generic anyway.  Make new gnu (generic) target for gcc, and
	  normal generic with no gcc specific flags.

hashcash-1.07 - 11-Sep-2004 - Adam Back <adam@cypherspace.org>

	* patch from J H Wilson <jhw@ieee.org> to initialize a bunch
	  of variables (actually I had to back some of these out to
	  get to compile on non gnu compilers -- some of those
	  structure initializations are gnu extensions I think.)

	* also J H Wilson one of patch changes was to avoid mmx
	  assembler code clobbering ebx register which is needed for
	  fPIC support.

	* better randomness on windows using the CAPI rng
	  CryptGenRandom.  Still compiles using MINGW ... whee!

	* made a separate GNUmakefile for gnu make (it takes that one
	  first over Makefile) and a Makefile which is the same but no
	  ifdef stuff which confuses some other makes, and no gnu
	  specific compile options (for x86 anyway).

	* add gettimeofday timer into entropy to improve randomness on
	  systems which do not have /dev/urandom, and are not windows

hashcash-1.06 - 10-Sep-2004 - Adam Back <adam@cypherspace.org>

	* patch from Justin Guyett <justin@soze.net> to fix unsigned
	  error which would have made libfastmint do something odd if
	  no minter worked.

	* Makefile changes to compile under MINGW (gnu for windows
	  portability layer which produces win32 exes).  new target
	  mingw-exe

	* #ifdefs to avoid locking on MINGW (seems no lock support!)

	* #ifdefs to use longjmp instead of siglongjmp, signal instead
	  of sigaction on MINGW

	* #ifdef to use chsize instead of ftruncate on MINGW

hashcash-1.05 - 08-Sep-2004 - Adam Back <adam@cypherspace.org>

	* and another issue (last I promise!) with case comparison.
	  1.04 change was good; however flaw in 1.02 means 1.04 minted
	  stamps (resource not canonicalized to lowercase) can falsely
	  fail to verify with 1.02 - 1.00 as those versions presume
	  canonicalized stamp.  So we go back to making -C have effect
	  on minting also.  With no -C canonicalize to lowercase, with
	  -C use resource as-is.

	* get rid of -W flag reserved for posix, use -M in it's place.

hashcash-1.04 - 07-Sep-2004 - Adam Back <adam@cypherspace.org>

	* fixed issue with case comparisons -- presumed resources were
	  in lower case at minting -- better to just ignore case
	  during comparison.  Then will accept stamps containing upper
	  case or mixed-case resource names.

	* integrate fastmint_benchtest as -sv option to hashcash.

	* introduce COPT as well as CFLAGS as optimization subset of
	  flags passed with CFLAGS to nested make -- suits RPM

hashcash-1.03 - 07-Sep-2004 - Adam Back <adam@cypherspace.org>

	* remove TARGET_ARCH again, let's keep things simple.  Just
	  use CFLAGS period.

	* figured out what GENTOO ebuild is doing, changed ebuild file

	* remove recursion from hashcash_fastmint

	* start using TARGET_ARCH in Makefile, hope it's portable;
	  it's an attempt to be more GENTOO ebuild friendly

	* Makefile change: when PACKAGE is defined build default
	  target, otherwise echo the target info as before

	* removed a bunch of old code replaced by fastmint, got rid of
	  CHROMATIX define

	* fix following errors reported by Atom Smasher <atom@suspicious.org>

		* fix width measuring bug with v0 stamps

		* fix resource read from stdin bug

		* use GNU getopt source always -- getopt
		  on BSD behaves differently (the getopt source is
		  smart -- it comments itself out on machines with
		  GNU_LIBRARY so using it always is not a problem)

		* bug: should send the time estimate to
		  stderr, and the stamp to stdout

		* -z width flag not properly error checked
		  to enforce UTCTIME restrictions (only valid widths
		  6, 10 or 12 digits)

	* update LICENSE to note you end up with some GNU GPL taint
	  from getopt on systems without POSIX getopt which probably
	  forces you to use GPL as I link against it.  Unless someone
	  wants to re-write the getopt or can point me at a public
	  domain replacement.  In particular this includes BSD and
	  MACH (OSX) and as before windows.

	* apply patch from Jonathan Morton <chromi@chromatix.demon.co.uk>
	  with following fixes:

	  	* fix bug in mmx assembler code exposed by integration

		* add generic target in Makefile

		* increase benchmark work factor to improve accuracy of
		  results (as not used at run-time)

		* new hashcash_quickbench()

	* changes to hashcash_quickbench() to give faster timing on
       	  linux x86 which has low resolution clock() (1/100th sec vs
	  1usec on OSX).  (It was taking ~ 0.6sec on linux x86, code
	  takes 0.1 sec now which is less noticeable)

	* related to above studiously avoided calling hc_per_sec()
	  which invokes hashcash_quickbench() -- seems a shame to burn
	  1/10th sec in default mint creation path if user typically
	  doesn't care about the info about how long it took.  Now you
	  have to give -s or -v to get speed info when minting.

	* fix case sensitivity bug reported by Atom Smasher
	  <atom@suspicious.org>

	* add CPL option back to LICENSE file
	* add make targets for different processors
	* remove 2nd call of hashcash_benchtest (supposed to call
	  hc_per_second which caches not hashcash_per_second)
	* enable static selection of fastmint cores, disable run
	  time benchtest

	* applied fastmint fix patch from Jonathan Morton
	  <chromi@chromatix.demon.co.uk> and re-enabled fastmint
	  (remove -DCHROMATIX in Makefile to disable)

hashcash-1.02 - 11-Aug-2004 - Adam Back <adam@cypherspace.org>

	* minor documentation stuff (put back ref to sha1-hashcash in
	  hashcash.pod manpage)

	* add back requests to LICENSE file

hashcash-1.01 - 08-Aug-2004 - Adam Back <adam@cypherspace.org>

	* fold in patches from by Hubert Chan
	  <hubert@uhoreg.ca> and Justin Guyett <justin@soze.net> to
	  clean up some stuff and fix minor bugs.

	* another couple of minor bug fixes.

hashcash-1.00 - 07-Aug-2004 - Adam Back <adam@cypherspace.org>

	* increment version number, 1.x to reflect move to version 1
	  stamp format

	* explicit bits field in token (helps people who want to
	  prevalidate header and parse, and who want to know what the
	  intended bits were vs how lucky the sender got); new stamp
	  size definition is min( counted_bits, explicit bits field )

	* no : in resource field to make easier to parse eg with cut,
	  awk etc

	* new extension field

	* reclaimed -x to use for passing eXtension data (old -x no longer
	  available, use -X, which has string fixed to X-Hashcash)

	* put /dev/urandom macro for MAC from
	  Jonathan Morton <chromi@chromatix.demon.co.uk> so we use
	  /dev/urandom on MAC

	* copy in and adjust Makefile for Jonathan Morton's optimized
	  minter (need to integrate)

	* copy in Jonathan Morton's COMPACT option (method B vs method A
	  from fips-180-1, uses less registers) for libsha1.c

	* copy in next rev of minter breaks 4megahashes/sec barrier on
	  3.06Ghz P4 -- disabled at present until some stuff gets
	  fixed and we figure out rpm/deb package portability

	* added back v0 read support (but still only generates v1)

	* pr5: first attempt at integrating libfastmint (some bug in
	  my integration code, broken so far)

	* (pr6: libfastmint integ still not working)

	* pr6: made X-Hashcash header accepatance case insensitive

	* pr7: also reject tokens with count_bits < claimed_bits
	  (as previous logic of setting bits = min( count_bits, claimed_bits)
	  necessary to avoid people getting lucky

	* use clock() instead of wall time

	* expand max stamp size out to cope with 10KB extension fields

	* update man page and usage with v1 stuff

	* and release as 1.00 ready for Hubert Chan <hubert@uhoreg.ca>
	  to package for the imminent debian release

hashcash-0.33 - 13-Apr-2004 - Adam Back <adam@cypherspace.org>

	* allow wild card without @ sign if there is no @ sign in
	  pattern
2004-11-29 01:56:16 +00:00
tv
1a48a554a7 Update to 0.32. Changes:
hashcash-0.32 - 09-Apr-2004 - Adam Back <adam@cypherspace.org>

	* documentation fixes

	* change multiple regexp behavior; previous algorithm only allowed
	  higher overrides; need to support both higher and lower
	  overrides.  This also required introducing -o option to join
	  regexps which are set intersections where otherwise risk of
	  uninteded override occuring and mail being rejected as spent or
	  insufficent bits.  Now revert to lexical order most specific
	  regexp first.

	* wrote test script test.sh

	* fix a few minor bugs uncovered by above test script

	* -c now means check date

	* allow -n etc with -X

	* introduced -b relative to default way of specifying bits

	* -b is no optional, if want token fully checked, but can give -b
	  default; or new relative to default -b +0.


hashcash-0.31 - 01-Apr-2004 - Adam Back <adam@cypherspace.org>

	* final 0.x version (v0 format) release before 1.x version (v1
	  format) (bug fixes / maintenance only afterwards on 0.x version)

	* remove -O3 from Makefile, use -O instead as fails on HPUX or
	  sun.

	* fix some out of date usage stuff in hashcash man page.

	* disable timing loop unless timing needed

	* fix multiple reciept bug in -cX/-cx reported by Junior Ang
	  <junior@chrysant.com>.  If you receive a mail multiple times
	  because you are on the receipt list multiple times, there will
	  be multiple hashcash headers for you.  In this case it is
	  necessary to examine the first matching, non-spent stamp.  The
	  bug was previous versions stopped on the first matching stamp
	  and then failed because it was spent.  Need to keep going and
	  check later also matching stamps until find one which is not
	  spent.

	* rationalize command line args further.  No implied -m , more
	  things that are awkward to implement but not that useful are
	  disallowed.

	* change purge operation to use read-write operations in the same
	  sdb file rather than creating a temporary file.  This makes
	  locking easier and is also aesthetically nicer.

	* add flock(2) database file write locking, and change creation
	  logic to use open(2) to avoid creation db race-condition also.

	* make resource string case insensitive by default to match email
	  semantics; add -C option to force case sensitivity if desired
	  (email addresses are converted to and stored in lower case, so
	  you have to both mint and verify with case sensitivity turned on
	  to make use of case sensitivity)

	* support minting multiple resources with multiple command line
	  args.  Also if no resources given on command line, read
	  resources from stdin.

	* support supplying multiple email addresses, for people who want
	  to accept as multiple addresses.

	* support multiple resources on purging also.

	* support multiple tokens with check mode as cmd line args, if
	  none given as args, read tokens from stdin; if -X/-x read from
	  cmd line args, then from stdin as email (matching stamp headers
	  skipping stamp headers)

	* rename default simple database to hashcash.sdb (.sdb extension),
	  to distinguish from planned support for better database.

	* fix bug in PPUTS didn't match PPRINTF

	* fixup -l, -w, -n so they support multiple tokens also

	* made use of -b optional (get the default on mint & check)

	* added "-b default" to specify default number of bits with -s
	  (otherwise no way to measure the default speed without
	  specifying the number of bits -- and when this can change over
	  time it would be inconvenient for scripting to have to
	  separately obtain this)

	* added support for wildcard email addresses with '*' wildcard
	  marker.  '*' before '@' does not match '@', '*' after '@' does
	  not match '.'.  And both email addresses must contain @ sign and
	  same number of '.' separated sub domains as wildcard address.
	  Wildcard matching is the new default.  Use -S to get plain
	  string match.  Can turn back on with -W.

	* increased size of random string to reduce chance of collisions
	  between users.  Now negligible chance of collision with typical
	  token sizes.

	* added support for regexps.  Can work from POSIX library or BSD
	  regexp library.  Use -E to get regexps.  Input is always in
	  POSIX syntax (specials are not quoted to have special action;
	  are quoted to have plain meaning).  If using BSD library still
	  give input in POSIX syntax, it's converted to BSD internally.

	* implement highest matching semantics.  Ensures that eg -c -b10
	  *@bar.invalid -b15 adam@bar.invalid will not accept a 10 bit
	  token for adam@bar.invalid.  (This is done by sorting resources
	  highest bits required first and accepting only the first highest
	  matching resource.)

	* change arg parsing so -b, -e, -g, -z, -E, -W, -S, apply to the
	  following resources and tokens, and can be changed for later
	  resources/tokens with tokens and args interspersed.  Means you
	  have to give these args before the resource/token or you will
	  get defaults.
2004-08-01 18:35:30 +00:00
tv
f2a3e889cf Update to 0.30 (distfile site changed for newer releases, too):
hashcash-0.30 - 04-Mar-2004 - Adam Back <adam@cypherspace.org>

        * make -cX check multiple X-Hashcash lines until it finds the
          right one.  Bug reported by Kyle Hasselbacher <kyle@toehold.com>.

hashcash-0.29 - 04-Mar-2004 - Adam Back <adam@cypherspace.org>

        * fix prototype mismatch of function hashcash_check in
          hashcash.h vs libhc.c which caused compile failure on
          openBSD and freeBSD

        * change to make it compile on MAC OSX (need to recognize OSX
          and treat as unix like for headers to include)

        * change to make it compile on solaris 9 (and POSIX / SVR
          systems in general).  Turns out putenv(3) is more portable
          than setenv(3) / unsetenv(3)

        * update sha1 man page to name it sha1-hashcash to avoid collision
          with openssl sha1(1).  By default with openssl there is not
          actually any program named sha1, rather sha1 is a subprogram of
          openssl invoked "openssl sha1".  However I think it may still be
          possible to compile that as a separate program or symlink sha1 to
          openssl to get that.

        * update sha1 man pages to refer to the other common sha1
          implementations.

        * update LICENSE request
2004-03-29 19:09:06 +00:00
tv
fe42e93ed0 Hashcash is a denial-of-service counter measure tool. It's main current
use is to help hashcash users avoid losing email due to content based
    and blacklist based anti-spam systems.

    The hashcash tool allows you to create hashcash tokens to attach to
    emails you send, and to verify hashcash tokens attached to emails you
    receive. Email senders attach hashcash tokens with the X-Hashcash:
    header. Vendors and authors of anti-spam tools are encouraged to exempt
    mail sent with hashcash from their blacklists and content based
    filtering rules.
2004-03-29 19:01:34 +00:00