to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.
sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
Changes:
- Portability: Check threads support in OpenBSD.
- Security: Fixed string format vulnerability in client entry handling.
- Autoconf upgrade.
- PacketEngine: Don't free underlaying stream in packet stream create error
- If packet stream creation failed it freed the stream given as argument.
This is wrong. It is the caller's responsibility to free it if the
packet stream creation failed.
- SKE: When failure is received mark SKE always failed
Mark the SKE failed even if we don't receive error from remote. Fixes
crash where the callback is called back to application without valid
key material and without error status.
ChangeLog for 1.1.5 somehow got lost, but here are the bits from 1.1.6 and
1.1.7:
- Fixed channel MAC key setting in JOIN notify and command reply.
- Fix reference count bug leading to memory corruption on duplicate deletions.
- Avoid NULL dereference when leaving a channel with a private key.
- Fix crash on expired keyboard prompts.
- Add support for autosendcmd on channel entries.
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
various character set problems. The security issues fixed:
* NICK_CHANGE buffer overflow: CVE-2007-3728.
* pkcs_decode buffer overflow: CORE-2007-1212.
Changes since version 1.0.4.1:
- Fixed NEW_CLIENT packet handling crash.
- Fixed partial encryption in CTR mode in AES.
- Fixed printable fingerprint buffer overflow.
- Fixed UNIX signal delivery il SILC scheduler.
- Reprocess JOIN command synchronously after resolving channel user list.
- In JOIN command reply check if the channel key is already saved.
- Remove all channel keys and hmacs after giving LEAVE command.
- Added missing channel unreferencing in CMODE, CUMODE, TOPIC, INVITE,
BAN and KICK command replies.
- Fixed connection authentication with public keys to use correct public
key as responder.
- Zero tail of CTR mode IV in IV Included mode.
- Fixed CTR mode rekey.
- Rewrote the IV Included CTR mode encryption/decryption in packet engine.
- Fixed non-IPv6 compilation error.
- Fixed channel private key deleting when deleting the channel.
- Fixed TIMEOUT handling in user info resolving during JOINing, fixes crash.
- Fixed mandatory UN and HN SILC public key identifier checking.
- Fixed alignment issues with 64-bit CPUs.
- Added "There are now xx nick's" to "are xx nicks".
- Fixed USERS command user mode handling (integer overflow).
- Fixed big-endian issues from aes implementation.
- Fixed lib/silcutil/silcatomic.h compilation on IA64.
- Fixed public key identifier parsing to check lengths correctly.
- In silc_client_free check that scheduler is allocated before trying to
free it.
- Fixed buffer overflow in NICK_CHANGE notify. The destination buffer for
old nicknames was too small.
- Added support for rekey with PFS when using CTR mode encryption.
- Added silc_idcache_move that can be used to move entries between caches.
- Added better checks for invalid argument and notify payloads.
- Fixed SILC_PACKET_FLAG_LONG_PAD bitmask value.
- Set the destination ID to packet stream as SKE responder if ID was
present in key exchange packet.
- Compile sources with _GNU_SOURCE on Linux systems.
- Fixed Unix signal task dispatching to not lock the signals when
dispatching the callback to avoid deadlocks.
- Added SILC_VERSION macro for checking package versions at compile time.
- Use SILC_VERIFY to assert that silc_rwlock_wrlock can be called only
once per thread on Unix.
- Fixed USERS command reply write-lock unlocking.
- Fixed silc_create_key_pair to check for valid identifier.
- Rewrite signed public message handling, adopting the new hilight interface.
- Fix off by one error when loading modules.
- Don't delete hilight entry (because it's just a pointer, not a copy).
- Added __SILC_TOOLKIT_x_x_x macro to all Toolkit distribution which can
be used to check for Toolkit version in third-party software.
- Added support for channel@server channel name strings to client library
(SILC protocol version 1.3 change).
- Added full_nicknames and full_channel_names settings to SilcClientParams
that can be used to specify whether client library returns full nickname
and channel name strings. Full strings are nick@server and channel@server.
- Fixed unix connecting failure to return error code correctly.
- Fixed SKE timeout double free crash.
- Fixed MIME multipart decoding buffer overflow.
- Fixed connection auth protocol timeout crash.
- Fixed FSM machine finishing to check for existing threads at the final
free callback to allow time for the threads to finish.
- Fixed silc_client_get_clients_local to check the nick's server also if
nick@server nickname string is given to the function.
- And many more, oh well. For the user this means: better charset support,
less crashes, nick names now potentially user#23, server specific
channels and more sanity.
Talked over a while ago with wiz with no objections.
Addresses PR pkg/36355
Changes:
1.0.4.1:
========
o Fix a segfault when joining an unknown channel
1.0.4:
======
- Update Makefiles so parallel make is possible
- Include scripts from the SILC Plugin for automatically signing all
messages
- Use known passwords when joining password protected channels
1.0.3:
======
- empty realname and hostname is permitted again (and the user gets to
see the error message if something goes wrong)
- various small fixes
set OVERRIDE_DIRDEPTH to find any libtool scripts deeper in the WRKSRC
tree unless they're named something other than "libtool".
SHLIBTOOL_OVERRIDE generally doesn't need to be specified either -- just
define it to the empty list and shlibtool-override will look for libtool
scripts.
Changes:
- convert to options.mk
1.0.2:
======
Due to the new SILC Server release with support to the UTF-8 nicknames and
channel names new version of the SILC Client is released as it seems the
older ones do not function very well with the new server. This version
includes support to the UTF-8 encoded nicknames and channel names, however,
certain problems may still exists, as this is a slight premature release.
- Added support for UTF-8 encoded nicknames and channel names.
- Command queue implemented for better UTF-8 support.
- --with-silc-includes and --with-silc-libs added gto configure to use
pre-installed SILC Toolkit.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
- Rework how and where is silc-client installed (in preparation for
silc-toolkit import).
- Rework PLIST.perl handling, now it works with threaded Perl as well.
- Minor cleanups.
When you are upgrading from a prior release to SILC Client 1.0.1, there
are two issues you have to take special care of:
First of all the default theme (as defined in the file default.theme in
the source package) has changed. You may need to update your personal
theme to reflect those changes. The second change affects the filename
used to store the session data when /DETACH'ing. If you have detached
from a SILC network with your old client and want to resume the session
with SILC Client 1.0.1, you first have to
/SET session_filename session
After successfully resuming your session, you can revert the setting to
its default "session.$chatnet" again.
Changes:
--------
- /NOTICE and /ACTION command now both take a mandatory target argument
and an option -sign flag. Both work in channels and queries, /IGNORE
now correctly treats both. default.theme has changed, please update
your theme. Closes#1.
- /SILCNET [ADD|REMOVE|LIST] command to manage different SILC networks.
- /SMSG and /MMSG now correctly open new query windows if wished.
- New settings session_filename defines the filename used to store
session information generated by /DETACH. A setting like
session.$chatnet allows you to detach from different networks.
Changes:
- disable perl support. it's broken and needs patches for lang/perl5[8] which
won't be applied during the freeze
1.0:
====
- Help file updates.
- added dependency on p5-File-MMagic if perl support enabled (for MMSG
support)
Changes:
- Fixed race condition between silc_client_init and my_silc_scheduler.
- Take reference of the socket in the parser context, as it's possible
to have the parsers in queue after the socket is disconnected and this
may cause crash.
- Check that packet queue purging was successful.
- Optimized the socket referencing in packet routines.
- Resolve the IP for file transfer listener from the connection socket.
- Added LISTKEYS command which can be used to list server and client
public keys from the ~./silc directory. See /HELP LISTKEYS.
- Improved the MMSG command. It now supports the target so it can be used
to send private messages too without opening a windows. It also
detects the MIME type now automatically. Support for digitally signing
the messages was also added. See /HELP MMSG, the help file is there
now. :) Replace the old silc-mime.pl script with the new one to take
advantage of all new features.
- Added /MMSG command help file.
Changes:
- remove patch-ab, merged into distribution
- cleanups in Makefile
0.9.13:
=======
- Lots of bugs was fixed. Also several security bugs has been fixed.
- Inviting and banning now works with a public key. Fixed also banning
with nickname (example, /ban +nickname).
- Support for channel public key authentication added. The CMODE command
has a new option 'C', which can be used to add and remove channel
public keys on the channel. The channel public keys work the same way
as the channel passphrase. Only the person posessing the corresponding
private key of the public key added on the channel is able to join the
channel. It is possible to add multiple channel public keys to the
public key list.
Give /HELP CMODE to see how to use the command. If the /CMODE +C is
given without arguments you will get list of current channel public
keys. This feature works only with new SILC Server 0.9.14 an newer.
You will also need to be channel founder.
- Automatic lag detector, to detect lag between your client and your
server. The lag (if any) is displayed on the status bar.
- /ME, /ACTION and /NOTICE now fully supports UTF-8 text messages.
- Using '@' and '!' characters in invite and ban strings is prohibited.
Those characters cannot be anymore used as part of invite and ban
strings.
- Better caching of old channel keys (for period of 10 seconds) to avoid
loosing any channel messages.
Changes:
- Fixed RESOLVING flag handling in JOIN notify and other
notifys to handle the resolvings correctly in client library.
- Fixed incorrect connection deletion from client library
after calling "connect" client operation. Could cause
crashes for example during reconnect timeouts.
- Removed --session and --dummy options from Irssi SILC Client.
-d option is available only if --enable-debug was given.
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
IMPORTANT NOTE: This version does not include backwards support
for the old style SILC private key so if you
skipped 0.9.10 version you won't be able to run
this client without generating new key pair.
Changes between 0.9.10 and 0.9.11
=================================
* workaround a bug in GCC which causes memory exhaustion when
compiling sha1 with optimizations on UltraSPARC. from openbsd
* Don't display "foo appears as foo\nYou're now known as foo"
messages.
* Do not print the nickname in SERVER_SIGNOFF if we do not
have it. Prevents asserts in Irssi core. It is possible we
don't have the nick if it was just being resolved when server
signoff.
* Prevent endless resolving of user informations in USERS
command by checking the command reply status correctly.
* Don't print signed messages when sending failed.
* Send adequate signal when founding a channel by joing it.
* Make GETKEY to update the client entrys fingerprint too.
* Fixed autonick crashbug in client library.
* Fix theme abstracts parsing.
* Fixed double free in SKE library error hadling when signature
error occurred.
There are fixes in crypto library, especially in the
private key file format which had bugs in the encryption
process. When you run the new client it will automatically
change your private keyfile format so that you don't have
to do anything to it manually. The next versions will not
have this feature so if you'll skip this version you won't
be able to run your client after new version of SILC Client
comes out later (without generating new key pair).
Channel private keys and private message keys were using MD5
hash function, which is actually wrong. The code was
supposed to use SHA1 which is the mandatory hash function in
SILC. This version changes this and for this reason you may
experience some problems using channel private keys and
private message keys together with older client versions.
Make sure you and your friends are running latest client
version to avoid problems. This is inconvenient, but was a
must fix.
Changes between 0.9.9.1 and 0.9.10
==================================
* Removed 1.0 protocol backwards compat code from client
library.
* Changed the channel private key and private message
key generation (with static keys) to use SHA1 instead
of MD5, as SHA1 is the mandatory hash function in SILC.
* Changed the private key file encryption to use SHA1
instead of MD5. Added support for the old generation
and added automatic change of the key (to be removed
later).
* Format CMODE +c and +h to display both the mode and
the argument.
* Added support for inviting and banning by public key.
* Added support to set and use specific public key in
CUMODE.
* Changed the private_message and channel_message client
operations to deliver the SilcMessagePayload to the
application too. Application can use it fe. to get
the signature from the message for verification.
* Added more reliable check for whether nickname did
change or not, or whether only Client ID changed in
NICK_CHANGE notify.
* Set realname and hostname in NICK_REC records.
* Display signature verification result in public and
private messages using theme abstracts.
See irssi/default.theme for examples of their usage.
* Verify signature payload for signed messages.
* Added ignore_message_signatures setting which can be
used to ignore signatures in messages.
* Fixed fingerprint/babbleprint showing in invite and
ban list command replys.
* Fixed founder key sending in CMODE command.
* Fixed bugs in Irssi's theme parsing.
Changes between 0.9.8 and 0.9.9.1
=================================
* Updated protocol version to 1.2.
Clients and servers with support for 1.1 are not compatible with the new
protocol!
* Added -no-listener option to FILE SEND command, Renamed FILE RECEIVE
to FILE ACCEPT.
* Added idle and signon fields to the ATTRIBUTE_SERVICE attribute to
indicate the user's current idle and signon time of a service.
* Added MAC field to the Private Message Payload to protect against
chosen ciphertext attacks.
* Added support for normal client to kill its own entries from the network.
* Added ERR_UNSUPPORTED_PUBLIC_KEY and ERR_OPERATION_ALLOWED status types.
* Defined the SILC_MESSAGE_FLAG_SIGNED.
* Defined that all public keys sent in commands and notify payloads are
actually Public Key Payloads not raw public key data.
* Compute maximum padding for authentication packets to make passphrase
approximation attacks impossible (padding must be at least 8 bytes now).
* Added support for rekey before 2^32 sequence number wraps.
* Added Encrypt-Then-MAC order to Channel Message Payload MAC generation.
* Added Encrypt-Then-MAC order to SILC packet MAC generation. Deprecated
the old Encrypt-And-MAC order.
* Added expando $j which expands to current SILC Client version
* SILC_UMODE_GONE changes are now propagated correctly to the client.
* Print "nick now appears as newnick" and update nicklist when you
change your nick to "nick".
* Added support for setting FOUNDER mode on channel with specific public
key which can be set with CMODE command.
* Unified the Channel Message Payload and Private Message into one
Message Payload.
* UTF-8 decode topics also in JOIN command reply and TOPIC_SET notifys
in client.
* Added support to client sending new BAN and INVITE commands. Display
INVITE and BAN lists as specified by SILC 1.2
* Merged with Irssi 0.8.6.
* Added library versioning for shared libraries.
* Do reverse lookups for server when /CONNECT-ing.
* MARS support is now gone.
* Fixed PING command sending in client library and handling in server.
The server ID must be ID Payload, not raw ID data.
* Fixed example in /HELP KEY
* Fixed the client to correctly shutdown the client library to avoid
memory leaks.
* Fixed few double frees from client library.
Changes between 0.9.5.1 and 0.9.8
=================================
* Added STATS command.
* Added Requested Attributes support.
* Added -details option to WHOIS command to support the requested
attributes. By default it requests all attributes.
* Added implementation of VCard (RFC 2426) which can be used as
part of Requested Attributes in WHOIS command.
* Added ATTR command which is used to manage user's Requested
Attributes sending and values for WHOIS command.
* Added support for saving the requested attributes in WHOIS to
directory.
* Added support for auto-passphrase authentication from the config
file during connecting which was not implemented yet.
* Added shared library complation support.
* Added support for encrypted private key files. Now passphrase
must be provided when new key pair is created and prompted when
loading the private key.
* Added -P option which can be used to change the passphrase of
the private key.
* UTF-8 decode the topic in TOPIC command reply and LIST command
reply.
* Added manpage for silc(1).
* Fixed string formatting crashbug in lib/silccore/silcattrs.c
* Fixed double free in RSA public key set function.
* Fixed a bug in authentication protocol failure handling which
was processing wrong callback context.
* Merged DISCONNECT fix, and autoconn port fix from Irssi CVS.
* Merged c0ffee's /set heartbeat patch and fixed the heartbeat
sending.
* Fixed connection closing in client library to not crash.
* Fixed the INVITE command to not crash client when given without
nickname argument.
buildlink->buildlink2
Main changes between 0.9.2 and 0.9.5.1
=======================================
* Do not set the locally resolved hostname for local client entry but take
what server sends. This way the real hostname is shown in WHOIS for
yourself.
* Fixed duplicate PKCS name registering to not allow it.
* Enabled SIM support on *BSD systems.
* Fixed buffer overflow and security problems (loosing bits in CFB
encryption) in SILC RNG.
* Fixed buffer overflow with CUMODE mode->mode character conversion.
* Fixed a crash in client libary in NICK_CHANGE notify when NICK_CHANGE
arrived for client entry we are resolving currently.
* Don't do SILC_STRING_LANGUAGE encoding if the outbuffer is NULL since it
seems that on some platforms NULL is allowed and on some it's not.
Fallback encoding is used instead.
* Fixed a bug in Irssi SILC client to close the connection properly when
disconnecting from server. Handle local errors correctly during resuming.
Update submitted by Lubomir Sedlacik <salo@xtrmntr.org> in PR 18277.
closing that PR. Thanks to Lubomir Sedlacik.
Changes between 0.9.1 and 0.9.2
===============================
* Fixed a bug in client to close the connection properly when
disconnecting from server and fixed some error checkings from
the SFTP library which caused misbehaviour.
* Added SILC_MESSAGE_FLAG_UTF8 to the protocol specs and the
core library, and implemented it. All textual messages SHOULD
use this flag and the message MUST be UTF-8 encoded.
All text messages sent by Irssi SILC client are now UTF-8
encoded (regardless whether the terminal supports UTF-8 or not).
* Implemented the SILC_CHANNEL_UMODE_QUIET mode that can be used
to silence a user on a channel.
* Added new "debug" and "debug_string" settings to Irssi SILC
client which can be used to print runtime debugging on the
Irssi's screen. Available when compiled with --enable-debug
* Made the private key generation after expiration optional.
If not created after expiration the old key will re-expire
at a later time (and thus key pair is not necessary to
change).
* Display the user mode on the status bar.
* Display notification about data messages that cannot be
displayed. (e.g. image/jpeg)
* Call the completion for resolving client information only
after all resolvers has finished. This fixes a crash in
the client. Added support for checking when the resolvers
are finished.
* Wait by default 3 seconds before reconnecting to the server
after being disconnected. Makes the /detach command a bit
more usable.
* Remove the client entry from cache if the WATCH notify type
is KILLED, SERVER_SIGNOFF or SIGNOFF.
* Fixed a crash in OPER and SILCOPER command sending. Empty
passphrase caused the crash.
* Merged with Irssi CVS for Irssi SILC client.
* Added permanent channels support by making the channel
permanent when FOUNDER_AUTH mode is set on the channel.
The channel will not be destroyed even if channel is empty
when that mode is set. Protocol TODO #17.
* Fixed rekey protocol with PFS in the client library.
* Fixed client info resolving on LEAVE command in client
library to not crash.
* Defined that the NICK command replies with thew changed
nickname too, to make the nickname changing simpler at
the client's end. Updated protocol specs and the code
in client and server.
* Remove pending command callbacks also if the connection
to the server is destroyed.
* Added new channel user modes BLOCK_MESSAGES_USERS and
BLOCK_MESSAGES_ROBOTS. Updated the protocol specs and the
code.
* Added support for watch list. It is possible to add nicknames
to be watched, and when they come to network, leave network
or user mode changes the watcher will be notified of this
change. Added SILC_COMMAND_WATCH command, added new
notify type SILC_NOTIFY_TYPE_WATCH to deliver the watch
notifications. Updated the protocol specs and implemented
this to library, client and server. Protocol TODO #21.
* Added user mode SILC_UMODE_REJECT_WATCHING to reject
somebody watching you. Updated the protocol specs and the
code.
* Added MIME header parsing in Irssi SILC Client. It displays
all textual MIME objects, others it ignores.
* Defined <channel user mode list> argument to WHOIS command
reply for returning user modes on the channels. The
channel list now doesn't include the user mode anymore but the
actual channel mode. Updated protocol specs and the code in
client and server.
* Added SILC session detachment/resuming support. It is possible
to detach by closing the network connection and then re-connect
and resume to the old client session. Added DETACHED user
mode that server will set for detached client. Added new
packet RESUME_CLIENT which is used to perform the resuming
process. Added DETACH command. Updated the protocol specs,
core library, client and server. Protocol TODO #22.
* Added new user modes ANONYMOUS for special anonymous servers
that may set the mode for client, and BLOCK_PRIVMSG which
client may set to block incoming private messages unless the
Private Message Key flag is set (using private keys to protect
private messages). Updated protocol specs and code in client
and server and core library. Protocol TODO #23.
* Added new channel user mode BLOCK_MESSAGES which the client
may set to itself to tell server not send channel messages.
Other packets such as channel key packets are still sent.
Protocol TODO #23. Updated the protocol specs, client and
server.
* Added more IM-like features by introducing new user modes
for setting various presence information. Added new modes:
INDISPOSED, BUSY, PAGE, HYPER and ROBOT. Updated protocol
specs and code. Protocol TODO #19.
* The LIST command reply in client libary now adds new channel
entry if the returned channel doesn't exist yet in cache,
and returns the channel entry to the application in the
command_reply client operation.
* Rewrote the version SKE version checking in client libary
and in server to use the silc_parse_version_string.
* Added two new channel modes: SILC_CMODE_SILENCE_USERS
and SILC_CMODE_SILENCE_OPERS which can be used to moderate
the channel. Updated protocol specs and impelemented this
to client and server. Protocol TODO #6.
Added new options m and M to CMODE command in Irssi SILC
client to set these modes.
* Deprecated all administrative commands from SILC protocol
since they are highly implementation specific commands.
Updated protocol specs. Moved the old commands in
implementations to private range of command types.
* Some client implementations quit network by doing first LEAVE
and then immediately SIGNOFF (like Bombyx). We now do check
after a short time after LEAVE notify and check whether the
client is still valid after LEAVE, and if not we remove it from
cache.
Patch submitted by Lubomir Sedlacik <salo@Xtrmntr.org> in PR 16980.
