DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (3e31d6562a39)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026
2016-03-07

	* tests/regression/client/Makefile.am:
	* tests/unit/Makefile.am: Add LIBGCRYPT_CFLAGS to the test suite

	* Makefile.am:
	* configure.ac: Only build the test suite on Linux, since it
	currently uses Linux-specific features such as epoll

2016-03-06

	* Makefile.am: Add bootstrap to the tarball

2016-03-04

	* README:
	* configure.ac:
	* src/version.h: Bump version number to 4.1.1

2016-03-03

	* src/proto.c (otrl_proto_accept_data):
	* src/proto.c (otrl_proto_fragment_accumulate):
	* src/proto.c (otrl_proto_fragment_create): Prevent integer
	overflow on 64-bit architectures when receiving 4GB messages.
	In several places in proto.c, the sizes of portions of incoming
	messages were stored in variables of type int or unsigned int
	instead of size_t.  If a message arrives with very large
	sizes (for example unsigned int datalen = UINT_MAX), then
	constructions like malloc(datalen+1) will turn into malloc(0),
	which on some architectures returns a non-NULL pointer, but
	UINT_MAX bytes will get written to that pointer.  Ensure all
	calls to malloc or realloc cannot integer overflow like this.
	Thanks to Markus Vervier of X41 D-Sec GmbH
	<markus.vervier@x41-dsec.de> for the report.

	* Protocol-v3.html: Clarify that instance tags and fragment
	numbers in the OTR fragment format are allowed to have leading
	0s.  Also fix that how to handle v2 versus v3 messages for the
	Reveal Signature and Signature messages was missing.  Thanks to
	Ola Bini <obini@thoughtworks.com> for the report.

2015-12-25

	* src/instag.c (otrl_instag_read_FILEp): Fix memory leak in
	otrl_instag_read_FILEp if the tag file is malformed.  Thanks to
	Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for the
	report.

2015-08-18

	* src/message.c (otrl_message_receiving):
	* src/proto.c (otrl_proto_create_data): Set to NULL the sendsmp
	pointer when handling SMP to avoid a potential free() of an
	uninitialized pointer.  Also ensure the message pointer is set
	to NULL in otrl_proto_create_data for extra precaution and to
	prevent future code paths from having the same error.  Thanks to
	Nicolas Guigo <nicolas.guigo@nccgroup.trust> and Ben Hawkes
	<hawkes@inertiawar.com> for the report.

2015-02-08

	* Protocol-v3.html: Typo fixes, thanks to Hannes Mehnert
	<hannes@mehnert.org> and Nadim Kobeissi <nadim@nadim.computer>
	for the reports.

	* src/message.c: Be stricter about parsing v3 fragments.  Thanks
	to Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com> for
	the report.

2014-12-18

	* Protocol-v3.html: Remove "sender_instance, receiver_instance,"
	from description of v2 fragmentation and clarify that you can't
	fragment a fragment.  Thanks to Hannes Mehnert
	<hannes@mehnert.org> for the report.

	* Protocol-v3.html: Remove a stray "DRAFT" from the <title> tag.

	* Protocol-v2.html:
	* Protocol-v3.html: Clarify the DSA computation in the protocol
	specs.  Thanks to Adam Langley <agl@imperialviolet.org> and
	Hannes Mehnert <hannes@mehnert.org> for the report.

2014-11-29

	* README:
	* Makefile.am:
	* configure.ac:
	* tests/*: Brand new testsuite, thanks to
	David Goulet <dgoulet@ev0ke.net> and
	Julien Voisin <julien.voisin@dustri.org>.
	"make check" to run it.

2014-11-11

	* b64.c (otrl_base64_otr_encode): In case some future code path
	tries to call otrl_base64_otr_encode with a buffer more than
	3/4 the size of all addressable memory, return NULL rather than
	causing an integer overflow and a heap overrun.  Thanks to
	David Remahl <david@remahl.se> for the report.
	* proto.c (otrl_proto_create_data): Tiny refactor to call
	otrl_base64_otr_encode instead of duplicating the code here.

2014-10-18

	* README:
	* configure.ac:
	* src/version.h: Bump version number to 4.1.0

2014-10-18

	* Protocol-v3.html: Correctly count the number of actions an OTR
	client must handle.  Thanks to Fred Yontz <fred@ridersite.org>
	for the report.

2014-10-13

	* src/context.h: Add API functions
	otrl_context_find_recent_instance and
	otrl_context_find_recent_secure_instance.

2014-10-13

	* src/context.c (otrl_context_forget): Correct check for
	children contexts' state being OTRL_MSGSTATE_PLAINTEXT.  Thanks
	to k007k <k007k@wp.pl> for the report.

2014-10-13

	* src/message.c (otrl_message_receiving): Fix memory leak in
	fragment reassembly.  Thanks to Matthew D. Green
	<matthewdgreen@gmail.com> for the report and David Goulet
	<dgoulet@ev0ke.net> for the patch.

2014-10-13

	* src/message.c (otrl_message_sending): Fix possible memory
	leak.

2014-07-13

	* src/auth.c (otrl_auth_handle_commit): Add a clarifying
	comment.

2014-06-12

	* src/message.h: Typo fix.

2014-06-03

	* Makefile.am:
	* configure.ac: Modernize autoconf build system.  Thanks to
	David Goulet <dgoulet@ev0ke.net> for the patch.

2014-05-22

	* README:
	* src/context.c: Typo fixes.

2014-05-04

	* INSTALL:
	* bootstrap: Add bootstrap script to set up the build system.
	Thanks to David Goulet <dgoulet@ev0ke.net> for the patch.

2014-05-04

	* src/dh.c:
	* src/sm.c:
	* toolkit/sesskeys.c: Use gcrypt secure memory allocation.
	Thanks to Julien Voisin <julien.voisin@dustri.org> for the
	patch.

2014-04-21

	* src/mem.c (otrl_mem_differ): Simplify otrl_mem_differ.  Thanks
	to Julien Voisin <julien.voisin@dustri.org> for the patch.

2014-02-20

	* src/proto.c (otrl_proto_instance): Fix a memory leak when
	receiving an invalid instance tag.  Thanks to Julien Voisin
	<julien.voisin@dustri.org> for the patch.

2014-02-15

	* src/proto.c:
	* src/auth.c:
	* src/mem.c:
	* src/mem.h: Use a constant-time memory comparison for safety.
	Thanks to jvoisin <julien.voisin@dustri.org> for the suggestion.

2013-10-13

	* src/proto.c: Return 0 instead of crashing from
	otrl_proto_query_bestversion if passed an illegal input.
	Thanks to Conrad Hoffmann <ch@bitfehler.net> for the report and
	the patch.

2013-08-21

	* src/proto.c: Fix warning from clang in proto.c. Before, trying
	to fragment a message into more than 65535 pieces would cause
	incorrect fragments to be output.  Now, it just returns an error
	(as that is disallowed by the spec).  Thanks to Teemu Huovila
	<thuovila@cs.helsinki.fi> for reporting the issue.

2013-08-08

	* Protocol-v3.html: Random exponents in SMP should be 1536 bits.
	The spec (but not the code) incorrectly said "128 bits" before.

2013-07-28

	* packaging/fedora/libotr.spec: Fedora spec file for 4.x from
	Paul Wouters <paul@cypherpunks.ca>

2013-07-17

	* toolkit/sesskeys.c: Workaround for a crash bug in libgcrypt
	affecting otr_sesskeys.  Passing a private key value of 0 to
	otr_sesskeys would cause libgcrypt to crash in gcry_mpi_powm.
	We reported this libgcrypt bug and it was then fixed in
	http://lists.gnupg.org/pipermail/gcrypt-devel/2013-July/002251.html
	but the workaround is simply to use
	gcry_mpi_new(DH1536_MOD_LEN_BITS) instead of gcry_mpi_new(0).
	Note that this only affected the otr_sesskeys toolkit program,
	and not libotr itself.
	Thanks to the Mayhem Team at CMU (Alexandre Rebert, Thanassis
	Avgerinos, Sang Kil Cha, David Brumley, Manuel Egele) for the
	report.

2013-01-19

	* src/message.c: pass opdata when sending message fragment
	The inject_message callback was missing the opdata when sending
	message fragments.  Thanks to David Goulet <dgoulet@ev0ke.net>
	for the report.

2012-12-18

	* src/message.c: Copy lastmessage to the newly created context.
	This fixes a case where the first user message gets lost when
	OTRL_POLICY_REQUIRE_ENCRYPTION policy is set because after
	establishing the encryption lastmessage remains with the master
	context and will not be resent.  Thanks to Andreas Schlick
	<schlick@lavabit.com> for the report.

2012-09-09

	* configure.ac: Make linker hardening [DEP, ALSR] work on
	Windows builds.  Thanks to Daniel Atallah <datallah@pidgin.im>
	for noticing that it wasn't working before.

2012-09-04

	* README: Release 4.0.0

2012-08-28

	* UPGRADING:
	* src/proto.h:
	* src/proto.c: Don't have otrl_init call exit(1) if the
	application's requested version number differs from libotr's.
	Rather, return a non-zero error code, and have the application
	clean up gracefully.  The OTRL_INIT macro now checks the error
	code and does an exit(1) as the default behaviour, but the
	application can do what it likes.

2012-08-27

	* src/auth.h:
	* src/auth.c:
	* src/message.c: Record the time the last COMMIT was sent from a
	master context.  This will be used to clear the committed key
	from the master context once we don't expect any more instances
	of our buddy to respond with a DHKEY message.

	* UPGRADING:
	* src/userstate.h:
	* src/userstate.c:
	* src/message.h:
	* src/message.c: Add a timer_control callback to
	OtrlMessageAppOps in order to actually clear out the above stale
	committed keys.

2012-08-26

	* src/context.c:
	* src/context_priv.c:
	* src/context_priv.h: libotr was exporting exactly two functions
	without the otrl_ prefix: context_priv_new and
	context_priv_force_finished.  Change the names of these
	functions to start with otrl_.  Thanks to David Goulet
	<dgoulet@ev0ke.net> for noticing it.

	* Protocol-v3.html: Document the v3 whitespace tag, and better
	document the extra symmetric key.  Thanks to Kjell Braden
	<kb@pentabarf.de> for noticing the omission.

2012-08-25

	* src/sm.c:
	* src/context.c:
	* src/auth.c:
	* src/message.c: If OTRL_DEBUGGING is non-zero, then a message
	containing a special debug string ("?OTR!") will cause debug
	info to be printed to stderr.  (This #define should *not* be set
	in release code.)

	* src/auth.c:
	* src/auth.h:
	* src/message.c: Correct the logic for handling incoming COMMIT
	messages when we've recently sent our own COMMIT message.

	* src/message.c: Don't update the recent_sent_child field to
	point to the master context just becuase we sent a version 3
	COMMIT message (which has no destination instance).

2012-08-24

	* README:
	* configure.ac: Prepare for release 4.0.0

2012-08-24

	* src/message.c: Consider copying the master auth context to the
	child, even if the child is already in ENCRYPTED, because we
	might be trying to refresh a private conversation.

2012-08-22

	* configure.ac: Use gcc and ld hardening flags, where possible.
	* configure.ac:
	* src/auth.c:
	* src/dh.c:
	* src/mem.c:
	* src/privkey.c:
	* src/proto.c:
	* src/sm.c:
	* toolkit/sesskey.c: Build cleanly with -Wall -Wextra
	-Wformat-security -Wno-unused-parameter

2012-08-17

	* src/message.c: Don't call memchr(foo,'\0',-1) even if it has
	no ill effects.  Thanks to George Kadianakis
	<desnacked@riseup.net> for the report.

2012-07-20

	* src/message.c, src/instag.c, toolkit/parse.c, src/sm.c,
	src/proto.c, src/privkey.c, src/auth.c, src/context.[ch]:
	Fix some memory leaks, some NULL pointer handling, and
	compilation warnings.  Thanks to Paul Wouters
	<pwouters@redhat.com> for the report.

	* src/message.c: Better handling of OTRv3 fragments.

2012-07-19

	* src/b64.[ch], src/proto.c, toolkit/parse.c: Clean up the
	previous b64 patch and apply it to all places where
	otrl_base64_decode() is called.

2012-07-17

	* src/b64.c: Use ceil instead of floor to compute the size
	of the data buffer.  This prevents a one-byte heap buffer
	overflow.  Thanks to Justin Ferguson <jnferguson@gmail.com>
	for the report.

2012-06-21

	* src/context.c: A couple bug fixes.
	* Release 4.0.0-beta2

2012-06-07

	* Release 4.0.0-beta1

2012-05-08:

	* src/instag.c:
	* src/message.c: Returning proper gcry types to avoid 
	compile warnings.

2012-05-03:

	* src/instag.c: Fixed otrl_instag_new().

2012-04-30:

	* AUTHORS:
	* README:
	* toolkit/otr_parse.c:
	* toolkit/otr_remac.c:
	* toolkit/parse.c:
	* toolkit/parse.h:
	* src/auth.c:
	* src/auth.h:
	* src/context.c:
	* src/context.h:
	* src/message.c:
	* src/message.h:
	* src/privkey.c:
	* src/privkey.h:
	* src/proto.c:
	* src/proto.h:
	* src/serial.h:
	* src/tests.c:
	* src/userstate.c:
	* src/userstate.h: More changes for instance tags (Rob Smits).

2009-06-11:

	* src/auth.c:
	* src/auth.h:
	* src/context.c:
	* src/context.h:
	* src/context_priv.h:
	* src/message.c:
	* src/message.h:
	* src/privkey.c:
	* src/privkey.h:
	* src/proto.c:
	* src/proto.h:
	* src/serial.h:
	* src/tests.c:
	* src/userstate.c:
	* src/userstate.h: Core instance tag functionality (Lisa Du).

2009-09-30:

	* Protocol-v2.html: Edits from Göran Weinholt
	<goran@weinholt.se>

2009-04-28:

	* src/auth.c: pubkey_type should be shifted by 8, not 16.  It
	doesn't matter right now, because it's always 0, but still.
	(Thanks to Can Tang.)

2008-08-15:

	* src/Makefile.am:
	* src/context.c:
	* src/context.h:
	* src/context_priv.c:
	* src/context_priv.h:
	* src/message.c:
	* src/message.h:
	* src/proto.c:
	* src/proto.h: Willy Lew's updates of the libotr API

2008-08-06:

	* src/proto.c: gcc 4.2 with -O2 assumes that integer overflow
	never occurs when optimizing away tests, including those for
	integer overflow.  The code was made more specific.

2008-07-09:

	* src/privkey.h:
	* src/privkey.c: Add otrl_privkey_generate_cancel to handle the
	case that the background key generation thread is cancelled or
	fails.

2008-07-06:

	* configure.ac: Update libtool version to match 4.0.0.

	* src/privkey-t.h:
	* src/privkey.c:
	* src/privkey.h:
	* src/userstate.c:
	* src/userstate.h: Support for generating privkeys in a
	background thread.

2008-07-02:

	* version.h: Change version number to 4.0.0 (but still far from
	release).

	* tlv.h:
	* proto.h:
	* proto.c:
	* message.h:
	* message.c:
	* dh.h:
	* dh.c: Support for applications requesting an extra session key
	that can be used for things like file transfers.

	* message.h:
	* message.c: Applications now use the handle_smp_event callback
	to handle SMP events, rather than having to hardcode part of the
	SMP state machine themselves.

2008-06-15:

	* README: Release version 3.2.0.

2008-06-13:

	* UPGRADING: Clarify what was new in 3.1.0, what was changed
	in 3.2.0.

2008-05-27:

	* UPGRADING: Update documentation.

	* README:
	* toolkit/*.[ch]:
	* src/*.[ch]: Update copyright dates to 2004-2008.

	* src/tlv.h: Add new OTRL_TLV_SMP1Q TLV type to indicate an
	instance of the first SMP message, with an explicit question.

	* src/sm.h:
	* src/sm.c: More carefully track the progress of the SMP using a
	new smp_prog_state field.  Also keep track of whether Bob
	received an explicit question from Alice using a new
	received_question field.

	* src/message.c: Handle explicit questions for the SMP.

	* src/message.c: Behave better if an SMP message fails
	verification.

	* README:
	* configure.ac:
	* src/version.h: Update version number to 3.2.0.

2007-07-26

	* src/sm.c:
	* src/message.c: ISO C cleanups (no mixing declarations with
	code)

	* src/sm.c: Fixed a 64-bit pointer error

2007-07-25

	* src/message.c: Behave sanely if we receive a totally malformed
	SMP message.

2007-07-24

	* src/proto.h:
	* src/proto.c:
	* src/message.c: Implemented fragmentation of large messages

	* src/message.h: New callback for fragmentation

	* src/privkey.h:
	* src/privkey.c (otrl_privkey_fingerprint_raw): New function to
	return a raw hash of an account's public key

	* src/proto.c: Keep track of the API version number passed to
	otrl_init()

	* src/context.h:
	* src/context.c:
	* src/tlv.h:
	* src/sm.h:
	* src/sm.c: Implemented the Socialist Millionaires' Protocol for
	authenticating buddies without using user-visible fingerprints

	* src/b64.h:
	* src/b64.c (decode, otrl_base64_decode): Corrected char vs.
	unsigned char

	* README:
	* configure.ac:
	* src/version.h: Change version number to 3.1.0

	* Most files: Update copyright information

2007-07-23

	* src/message.h:
	* src/message.c: Added account_name and account_name_free callbacks
	to OtrlMessageAppOps to let the application choose how to
	display the account name in OTR Error Messages.  Based on a
	patch from Evan Schoenberg <evan.s@dreskin.net>.

2006-07-24

	* src/privkey.h:
	* src/privkey.c: Add routines to read and write privkey and
	fingerprint data to FILE*s, instead of to filenames.

2006-05-09

	* Protocol-v2.html: Fix a typo, and correct the documentation
	regarding when MAC keys are revealed.

2006-04-13

	* src/context.h: Change "struct fingerprint" to "struct
	s_fingerprint" to appease some C++ compilers.

2006-02-09

	* src/auth.c (otrl_auth_handle_v1_key_exchange): Fix
	uninitialized variable received_pub.

2005-12-30

	* src/message.c: Fix a typo, thanks to Anton Blanchard
	<anton@samba.org>.

2005-11-20

	* src/proto.h: Fix typo in policy #defines.

2005-11-02

	* README:
	* src/version.h: Release version 3.0.0

2005-10-30

	* Protocol-v2.html: Clarified the uniqueness conditions for the
	counter.

	* src/auth.c (otrl_auth_handle_v1_key_exchange): Clear the auth
	structure when we receive an unexpected v1 Key Exchange Message.

2005-10-27

	* src/auth.h:
	* src/auth.c:
	* src/message.c: Ensure version 2 AKEs are always done with
	fresh D-H parameters.

	* src/proto.h:
	* src/proto.c:
	* src/message.c: Add a "flags" field to the version 2 Data
	Message, which can indicate that the Data Message should be
	ignored if unreadable (as opposed to displaying an error).

	* toolkit/parse.h:
	* toolkit/parse.c:
	* toolkit/otr_parse.c:
	* toolkit/otr_remac.c: Deal with the new kind of Data Message.

	* src/message.c: Use the gone_secure callback instead of the
	still_secure callback if the other side changes its fingerprint.

2005-10-19

	* src/context.h:
	* src/context.c: Added protocol_version as an explicit field in
	the ConnContext.

	* src/message.h:
	* src/message.c: protocol_version no longer needs to be
	explicitly passed to the gone_secure() and still_secure()
	callbacks.

	* packaging/fedora/libotr.spec: Patches from Paul

	* src/proto.c (rotate_dh_keys): Avoid potential double
	gcry_cipher_close().

	* src/tests.c: Regression test for double gcry_cipher_close().

2005-10-16

	* Major overhaul with implementation of version 2 AKE.

2005-08-08

	* toolkit/otr_parse.c (parse): Ignore MACs that are too short,
	rather than going into an infinite loop.

2005-08-04

	* Protocol: Added section describing fragments.

	* src/proto.h:
	* src/proto.c (otrl_proto_fragment_accumulate): 
	* src/context.h:
	* src/context.c (new_context, otrl_context_force_setup): Keep
	track of fragments in the ConnContext structure.

	* src/message.c (otrl_message_receiving): Handle fragments in
	received messages.

	* src/mem.c: Don't do arithmetic on void pointers.

2005-07-29

	* src/message.h:
	* src/message.c: Move ops to be the first param of
	new_fingerprint, as it is with all the other callbacks.

	* src/context.h:
	* src/context.c (otrl_context_set_preshared_secret):
	* src/dh.h:
	* src/dh.c (otrl_dh_session, otrl_dh_cmpctr):
	* src/message.h:
	* src/message.c (otrl_message_sending, send_or_error, process_kem)
	(otrl_message_receiving, otrl_message_disconnect):
	* src/privkey.h:
	* src/privkey.c (otrl_privkey_hash_to_human):
	* src/proto.h:
	* src/proto.c (otrl_proto_create_data):
	* src/tlv.h:
	* src/tlv.c (otrl_tlv_new, otrl_tlv_parse, otrl_tlv_seriallen)
	(otrl_tlv_serialize): Add missing "const"s.  (Closes #1243963)

2005-06-24

	* README:
	* configure.ac:
	* packaging/fedora/libotr.spec:
	* src/version.h: Change version to 3.0.0 (but don't yet release)

	* Protocol: Clarify that, if the user requests to see the secure
	session id in the middle of the conversation, the value
	displayed should be the one calculated at the time the private
	connection was established (the last Key Exchange Message that
	caused a rekeying), _not_ the DH secure id calculated from DH
	keys in more recent Data Messages.

	* libotr.m4: Have the version check require an exact match on
	the major version, since, for example, source that expects
	libotr 2.0.0 won't work with libotr 3.0.0.

	* libotr.m4: Add #include <stdlib.h> to the version test so that
	it compiles cleanly with -Wall -Werror.

	* src/proto.c:
	* src/dh.h:
	* src/dh.c:
	* src/context.h:
	* src/context.c: Save the secure session id so that it can be
	displayed to the user upon request, instead of only when the
	private session is initially set up.

	* src/privkey.c:
	* src/context.h:
	* src/context.c: Allow the app to set a "trust level" for
	fingerprints.  This is an arbitrary string, intended to indicate
	whether (or possibly by what means) the user has verified that
	this fingerprint is accurate.

	* src/context.h:
	* src/context.c: Allow the app to set an arbitrary binary
	"preshared secret" for the ConnContext.  This is currently
	unused, but in the future it would allow for users to exchange a
	secret _before_ they generate their fingerprints.  [But the
	protocol would have to be extended to support this.]

	* src/message.h:
	* src/message.c: Remove the "confirm_fingerprint" callback
	which requires the user to acknowledge the new fingerprint
	before it can be used.  Replace it with a "new_fingerprint"
	callback which merely informs the user that a new fingerprint
	has been received.

2005-05-13

	* libotr.m4: Fixed a bug which made configure fail to find the
	libotr header files if they weren't in the standard place.

2005-05-09

	* src/privkey.c (otrl_privkey_read_fingerprints): Allow fields,
	particularly accountnames, to contain spaces.  Closes #1198379.

2005-05-03

	* README:
	* configure.ac:
	* packaging/fedora/libotr.spec:
	* src/version.h: Change version to 2.0.2

	* packaging/debian: Remove this directory, as Thibaut VARENE
	<varenet@debian.org> is now responsible for the debian packages.

2005-02-23

	* src/privkey.c (otrl_privkey_hash_to_human): Avoid writing a
	NUL one byte past the end of the buffer

2005-02-16

	* README:
	* configure.ac:
	* packaging/debian/changelog:
	* packaging/fedora/libotr.spec:
	* src/version.h: Change version to 2.0.1

2005-02-15

	* src/message.c (otrl_message_sending, otrl_message_receiving)
	(otrl_message_disconnect):
	* src/proto.c (otrl_proto_accept_key_exchange)
	(otrl_proto_create_data, otrl_proto_accept_data): Don't send
	encrypted messages to a buddy who has disconnected his private
	connection with us.

	* src/message.c (otrl_message_sending): Don't show the user the
	"the last message was resent" notice if the message has never
	actually been sent before.

2005-02-09

	* src/proto.c (otrl_proto_create_data): Copy the msg before
	using since, since it may be an alias for context->lastmessage,
	which we're going to gcry_free().

2005-02-08

	* README:
	* configure.ac:
	* packaging/debian/changelog:
	* packaging/fedora/libotr.spec:
	* src/version.h: Change version to 2.0.0

2005-02-07

	* src/context.h:
	* src/context.c (new_context, otrl_context_force_setup):
	* src/message.c (otrl_message_sending, otrl_message_receiving):
	* src/proto.c (otrl_proto_accept_key_exchange): Keep track of
	whether the last message is eligible for retransmission.

2005-02-02

	* README:
	* configure.ac:
	* packaging/debian/changelog:
	* packaging/fedora/libotr.spec:
	* src/version.h: Change version to 1.99.0

	* packaging/debian/libotr1.dirs:
	* packaging/debian/libotr1.install:
	* packaging/debian/rules: Build and install with the correct mandir

	* packaging/debian/rules: Install a shlibs file

	* packaging/debian/control: Add Replaces: to the packages so
	that dpkg -i will install them.

	* toolkit/Makefile.am: Create the mandir if it's not yet there

	* packaging/debian/libotr1-dev.dirs:
	* packaging/debian/libotr1-dev.install:
	* packaging/fedora/libotr.spec: Package the libotr.m4 file

	* Protocol: Added sections on policies and TLVs

2005-02-01

	* Makefile.am:
	* src/Makefile.am:
	* toolkit/Makefile.am: Use automake-1.8

2005-01-31

	* tlv.h:
	* tlv.c:
	* src/Makefile.am: add new files tlv.c and tlv.h

	* src/message.c (otrl_message_sending): Allow you to specify a
	TLV chain to attach to a message.

	* src/message.c (otrl_message_receiving): Also return any TLV
	chain attached to the message, if present.

	* src/README: Document new TLV parameters to message functions.

	* src/message.c (otrl_message_receiving): No longer handle
	messages starting with "?OTR:" specially; that functionality now
	goes into TLVs.

	* src/message.c (otrl_message_disconnect): Send the notice of
	disconnect as a OTRL_TLV_DISCONNECTED TLV.

2005-01-30

	* README: update documentation for 2.0.0 API

	* src/message.c (otrl_message_receiving): Only send heartbeats
	in response to "real" messages.

	* src/message.c (otrl_message_receiving): If we receive a DATA
	message whose *plaintext* starts with "?OTR:", display it with
	display_otr_message if possible.

	* src/message.c (otrl_message_receiving): Display OTR_ERROR
	messages without the leading '?' using display_otr_message.

	* src/message.h (otrl_message_disconnect):
	* src/message.c (otrl_message_disconnect): new function

	* src/message.c (otrl_message_receiving): Display the "received
	unencrypted" warning message if we receive an unencrypted
	message with policy ALWAYS, even when not CONNECTED.

2005-01-29

	* src/proto.c (otrl_proto_accept_key_exchange):
	* src/message.c (otrl_message_sending, process_kem): Make the
	retransmission of an unencrypted message in ALWAYS work.

2005-01-28

	* src/message.h: New callback for checking whether a given user
	is online.

	* src/message.c (otrl_message_sending): Notify the user if he
	attempts to send an unencrypted message with policy ALWAYS.

	* src/message.h: New callback for fetching OTR policy
	* src/message.c (otrl_message_sending): Create a ConnContext if
	we don't have one already.  Use it to fetch the OTR policy.
	Just return if the policy is NEVER.  Only append the whitespace
	tag if the policy is OPPORTUNISTIC or ALWAYS.  Don't send
	unencrypted messages in ALWAYS, but store them for
	retransmission later.
	* src/message.c (otrl_message_receiving): Fetch the OTR policy.
	Just return if the policy is NEVER.  Only send a Key Exchange
	Message in response to an unexpected Data or Error Message in
	OPPORTUNISTIC and ALWAYS.  Only recognize the whitespace tag in
	OPPORTUNISTIC and ALWAYS.

	* src/message.h:
	* src/message.c: add accountname/protocol/username parameters to
	notify callback

	* src/message.h:
	* src/message.c: add display_otr_message callback for displaying
	OTR control messages

2005-01-27
	
	* src/privkey.h: #include <gcrypt.h> since we use things from
	libgcrypt in the .h file

	* src/proto.h:
	* src/proto.c: Make otrl_init take unsigned ints as arguments.

	* src/context.h:
	* src/context.c:
	* src/message.c:
	* src/proto.c: Keep track of the last message sent, and
	potentially resend it if sending it the first time triggered a
	rekey (because the other side had lost its OTR state, for
	example).

2005-01-26

	* packaging/debian/control: Changed debian package names to
	libotr1 and libotr1-dev.

	* libotr.m4: Added copyright notice, more comments

	* src/userstate.c:
	* src/userstate.h: New files

	* src/Makefile.am: Added -Wall to default CFLAGS
	* toolkit/Makefile.am: Added -Wall to default CFLAGS

	* src/context.c (otrl_context_find, otrl_context_forget_all):
	* src/context.h (otrl_context_find, otrl_context_forget_all):
	* src/message.c (otrl_message_sending, process_kem)
	(process_confresp, otrl_message_receiving):
	* src/message.h (otrl_message_sending, otrl_message_receiving)
	(OtrlMessageAppOps.confirm_fingerprint):
	* src/privkey.c (otrl_privkey_fingerprint, otrl_privkey_read)
	(otrl_privkey_generate, otrl_privkey_read_fingerprints)
	(otrl_privkey_write_fingerprints, otrl_privkey_find)
	(otrl_privkey_forget_all):
	* src/privkey.h (otrl_privkey_fingerprint, otrl_privkey_read)
	(otrl_privkey_generate, otrl_privkey_read_fingerprints)
	(otrl_privkey_write_fingerprints, otrl_privkey_find)
	(otrl_privkey_forget_all):
	* src/proto.c (otrl_proto_create_key_exchange)
	(otrl_proto_accept_key_exchange):
	* src/proto.h (otrl_proto_create_key_exchange)
	(otrl_proto_accept_key_exchange): Added OtrlUserState parameter
	to many calls, eliminating global state.

	* src/privkey.c (otrl_privkey_fingerprint): the buffer is now
	passed in, and not static

2005-01-25
	
	* src/version.h: bumped version number to 2.0.0 because API
	changed incompatibly
	* configure.ac: bumped version number to 2.0.0 because API
	changed incompatibly

	* src/message.h: added accountname parameter to
	confirm_fingerprint callback
	* src/message.c: passed accountname to confirm_fingerprint
	callback

	* libotr.m4: new file
	* Makefile.am: install (and uninstall) new libotr.m4 file

	* tools/Makefile.am: clean up manpage symlinks and add an
	uninstall rule

2005-01-23

	* src/proto.h: moved numeric version defines into version.h
	* src/version.h: moved numeric version defines into version.h

	* src/message.c (otrl_message_receiving): Update the context
	list if we create a new context

2005-01-22

	Released 1.0.4.

	Initial autoconfiscation, thanks to Greg Troxel <gdt@ir.bbn.com>.

	* src/message.c: log, but otherwise ignore, unrecognized OTR
	messages