source: CHANGELOG @ d10319

Revision d10319, 6.3 KB checked in by Erik Ekman <erik@…>, 3 years ago (diff)

Update versions to 0.6.0

  • Property mode set to 100644
RevLine 
[b12fce]1
[1d6d82]2iodine - http://code.kryo.se/iodine
[b12fce]3
[1d6d82]4***********************************
[b12fce]5
[d10319]6CHANGES FOR 0.6 BRANCH:
[b12fce]7
[9e26562]82014-06-17: 0.6.0
9        - Fix authentication bypass vulnerability; found by Oscar Reparaz.
10
112010-02-06: 0.6.0-rc1 "Hotspotify"
[f517ce]12        - Fixed tunnel not working on Windows.
[0b695e]13        - Any device name is now supported on Windows, fixes #47.
[563167]14        - Multiple installed TAP32 interfaces are now supported, fixes #46.
[35b7f3]15        - Return nonzero if tunnel fails to open, fixes #62.
[9e26841]16        - Support for setting a SELinux context, based on patch by
17                Sebastien Raveau. Sample context file in doc/iodine.te
[f1f7fa]18        - Allow listen port and DNS forward port to be the same if listen IP
19                does not include localhost.
[6033e2]20        - The client will now exit if configuring IP or MTU fails.
21        - The starting cache miss value is randomized at startup, fixes #65.
[7f76ce]22        - Raw UDP mode added. If the iodined server is reachable directly,
23                packets can be sent to it without DNS encoding. Fixes #36.
[482e50]24        - Do not overwrite users CC/CFLAGS/LDFLAGS, only add to them.
[021a6b]25        - Added -F option to write pidfile, based on patch from
26                misc at mandriva.org. Fixes #70.
[dfd746]27        - Allow password to be set via environment variable, fixes #77.
28                Based on patch by logix.
[bcd7c1]29        - Client now prints server tunnel IP, fixes #78. Patch by logix.
[5c64a4]30        - Fix build error on Mac OS X 10.6, patch by G. Rischard. #79.
[1e72e7]31        - Added support for CNAME/TXT/A/MX query types, fixes #75.
32                Patch by Anne Bezemer, merge help by logix.
[c9debe]33        - Merged low-latency patch from Anne Bezemer, fixes #76.
[4d42db]34        - Resolve client nameserver argument if given as hostname, fixes #82.
[dc140c]35        - Open log before chroot, fixes #86: logging on FreeBSD.
[f517ce]36
[ae8f7c]372009-06-01: 0.5.2 "WifiFree"
[4a517b]38        - Fixed client segfault on OS X, #57
39        - Added check that nameserver lookup was successful
[aa0c6a]40        - Fixed ENOTSOCK error on OS X and FreeBSD, #58.
[4a517b]41
[949b41]422009-03-21: 0.5.1 "Boringo"
[d7aea7]43        - Added initial Windows support, fixes #43.
[f741e3]44        - Added length check of autoprobe responses
45        - Refactored and added unit tests
46        - Added syslog logging for iodined on version and login packets
[982e89]47        - Fixed segfault when encoding just one block, fixes #51.
48                The normal code was never affected by this.
[a3cea7]49        - Added win32 code to read DNS server from system, fixes #45.
[cf2551]50        - Disabled password echo on win32, fixes #44.
[21808e7]51        - Fix encoding error making all autoprobing > 1024 bytes fail, #52.
[4c7f66]52        - Increase default interface MTU to 1200.
53        - Fix autoprobing error making every third probe fail, set IP flag
54                Dont-Fragment where supported. Fixes #54.
[bd4986]55        - Added TAP32 version 0901 as accepted (#53).
[d7aea7]56
[31b295]572009-01-23: 0.5.0 "iPassed"
[188e69]58        - Fixed segfault in server when sending version reject.
[b61966]59        - Applied patch to make iodine build on BeOS R5-BONE and Haiku,
60                from Francois Revol. Still work to do to get tun device working.
[c96b83]61        - Added capability to forward DNS queries outside tunnel domain to
[cb0fa5]62                a nameserver on localhost. Use -b port to enable, fixes #31.
[4c805f]63        - iodined now replies to NS request on its own domain, fixes issue #33.
[55176a]64                The destination IP address is sent as reply. Use -n to specify
65                a specific IP address to return (if behind NAT etc).
[4203f1]66        - Upstream data is now Base64 encoded if relay server preserves case and
67                supports the plus (+) character in domain names, fixes #16.
[58f789]68        - Fixed problem in client when DNS trans. ID has highest bit set (#37)
[f8eb4c]69        - IP addresses are now assigned within the netmask, so iodined can
70                use any address for itself, fixes #28.
71        - Netmask size is now adjustable. Setting a small net will reduce the
72                number of users. Use x.x.x.x/n notation on iodined tunnel ip.
73                This fixes #27.
[db13d8]74        - Downstream data is now fragmented, and the fragment size is auto-
75                probed after login. Fixes #7. It only took a few years :)
[d7f07d]76        - Enhanced the checks that validates incoming packets
[ae1b5d]77        - Fixed endless loop in fragment size autodetection, #39.
78        - Fixed broken hostname dot placing with specific lengths, #40.
[9c74eb]79
[d2b11c]802008-08-06: 0.4.2 "Opened Zone"
[3f4852]81        - Applied a few small patches from Maxim Bourmistrov and Gregor Herrmann
82        - Applied a patch for not creating and configuring the tun interface,
83                Debian bug #477692 by Vincent Bernat, controlled by -s switch
[71c5fe]84        - Applied a security patch from Andrew Griffiths, use setgroups() to
85                limit the groups of the user
[ad8afc]86        - Applied a patch to make iodine build on (Open)Solaris, from Albert Lee
[cb0fa5]87                Needs TUN/TAP driver http://www.whiteboard.ne.jp/~admin2/tuntap/
88                Still needs more code in tun.c for opening/closing the device
89        - Added option in server (-c) to disable IP/port checking on packets,
[4d79bf]90                will hopefully help when server is behind NAT
[468bd7]91        - Fixed bug #21, now only IP address part of each packet is checked.
92                Should remove the need for the -c option and also work with
93                bugfixed DNS servers worldwide.
[cb0fa5]94        - Added -D option on server to enable debugging. Debug level 1 now
95                prints info about each RX/TX datagram.
[3f4852]96
[b6340a]972007-11-30: 0.4.1 "Tea Online"
[acc8b7]98        - Introduced encoding API
99        - Switched to new Base32 implementation
[3b43db]100        - Added Base64 implementation that only uses 63 chars (not used yet)
101        - Refined 'install' make target and use $(MAKE) for recursive calls
[5f6b71]102        - All received error messages (RCODE field) are echoed
[aae942]103        - Top domain limited to 128 chars
104        - Case preservation check sent after login to decide codec
[d5ffc2]105        - Fixed crash on incoming NULL query in server with bad top domain
[f67357]106        - /etc/resolv.conf is consulted if no nameserver is given on commandline
[3b43db]107        - Applied patch from Matthew W. S. Bell (Detach before chroot/dropping priv)
[acc8b7]108
[f9aa19]1092007-03-25: 0.4.0 "Run Home"
[b5243b]110        - Added multiuser support (up to 8 users simultaneously)
[1c7f63]111        - Added authentication (password entered as argument or on stdin)
[b5243b]112        - Added manpage
113        - Added install/uninstall make target
114        - Cleanup of dns code, more test cases, use check library
[1c7f63]115        - Changed directory structure
116
[8455d6]1172006-11-08: 0.3.4
118        - Fixed handshake() buffer overflow
119          (Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
120        - Added more tests
[4db285]121        - More name parsing enhancements
122        - Now runs on Linux/AMD64
123        - Added setting to change server port
124
[125f6c]1252006-11-05: 0.3.3
[20c8aa]126        - Fixed possible buffer overflow
[4db285]127          (Found by poplix, Bugtraq ID: 20883)
[20c8aa]128        - Reworked dns hostname encoding
129
[18cb02]1302006-09-11: 0.3.2
[369c4d]131        - Support for NetBSD
[18cb02]132        - Fixed potential security problems
[369c4d]133        - Name parsing routines rewritten, added regression tests
[0ee1f2]134        - New encoding, 25% more peak upstream throughput
135        - New -l option to set local ip to listen to on server
136
[b12fce]1372006-07-11: 0.3.1
138        - Add Mac OSX support
139        - Add setting device name
140        - Use compression of domain name in reply (should allow setting MTU
141                approx 200 bytes higher)
142
1432006-06-24: 0.3.0
144        - First public release
145        - Support for Linux, FreeBSD, OpenBSD
Note: See TracBrowser for help on using the repository browser.