4
* src/version.h: Release version 3.0.0
8
* Protocol-v2.html: Clarified the uniqueness conditions for the
11
* src/auth.c (otrl_auth_handle_v1_key_exchange): Clear the auth
12
structure when we receive an unexpected v1 Key Exchange Message.
18
* src/message.c: Ensure version 2 AKEs are always done with
23
* src/message.c: Add a "flags" field to the version 2 Data
24
Message, which can indicate that the Data Message should be
25
ignored if unreadable (as opposed to displaying an error).
29
* toolkit/otr_parse.c:
30
* toolkit/otr_remac.c: Deal with the new kind of Data Message.
32
* src/message.c: Use the gone_secure callback instead of the
33
still_secure callback if the other side changes its fingerprint.
38
* src/context.c: Added protocol_version as an explicit field in
42
* src/message.c: protocol_version no longer needs to be
43
explicitly passed to the gone_secure() and still_secure()
46
* packaging/fedora/libotr.spec: Patches from Paul
48
* src/proto.c (rotate_dh_keys): Avoid potential double
51
* src/tests.c: Regression test for double gcry_cipher_close().
55
* Major overhaul with implementation of version 2 AKE.
59
* toolkit/otr_parse.c (parse): Ignore MACs that are too short,
60
rather than going into an infinite loop.
64
* Protocol: Added section describing fragments.
67
* src/proto.c (otrl_proto_fragment_accumulate):
69
* src/context.c (new_context, otrl_context_force_setup): Keep
70
track of fragments in the ConnContext structure.
72
* src/message.c (otrl_message_receiving): Handle fragments in
75
* src/mem.c: Don't do arithmetic on void pointers.
80
* src/message.c: Move ops to be the first param of
81
new_fingerprint, as it is with all the other callbacks.
84
* src/context.c (otrl_context_set_preshared_secret):
86
* src/dh.c (otrl_dh_session, otrl_dh_cmpctr):
88
* src/message.c (otrl_message_sending, send_or_error, process_kem)
89
(otrl_message_receiving, otrl_message_disconnect):
91
* src/privkey.c (otrl_privkey_hash_to_human):
93
* src/proto.c (otrl_proto_create_data):
95
* src/tlv.c (otrl_tlv_new, otrl_tlv_parse, otrl_tlv_seriallen)
96
(otrl_tlv_serialize): Add missing "const"s. (Closes #1243963)
102
* packaging/fedora/libotr.spec:
103
* src/version.h: Change version to 3.0.0 (but don't yet release)
105
* Protocol: Clarify that, if the user requests to see the secure
106
session id in the middle of the conversation, the value
107
displayed should be the one calculated at the time the private
108
connection was established (the last Key Exchange Message that
109
caused a rekeying), _not_ the DH secure id calculated from DH
110
keys in more recent Data Messages.
112
* libotr.m4: Have the version check require an exact match on
113
the major version, since, for example, source that expects
114
libotr 2.0.0 won't work with libotr 3.0.0.
116
* libotr.m4: Add #include <stdlib.h> to the version test so that
117
it compiles cleanly with -Wall -Werror.
123
* src/context.c: Save the secure session id so that it can be
124
displayed to the user upon request, instead of only when the
125
private session is initially set up.
129
* src/context.c: Allow the app to set a "trust level" for
130
fingerprints. This is an arbitrary string, intended to indicate
131
whether (or possibly by what means) the user has verified that
132
this fingerprint is accurate.
135
* src/context.c: Allow the app to set an arbitrary binary
136
"preshared secret" for the ConnContext. This is currently
137
unused, but in the future it would allow for users to exchange a
138
secret _before_ they generate their fingerprints. [But the
139
protocol would have to be extended to support this.]
142
* src/message.c: Remove the "confirm_fingerprint" callback
143
which requires the user to acknowledge the new fingerprint
144
before it can be used. Replace it with a "new_fingerprint"
145
callback which merely informs the user that a new fingerprint
150
* libotr.m4: Fixed a bug which made configure fail to find the
151
libotr header files if they weren't in the standard place.
155
* src/privkey.c (otrl_privkey_read_fingerprints): Allow fields,
156
particularly accountnames, to contain spaces. Closes #1198379.