source: CHANGELOG @ 9e26562

Revision 9e26562, 6.3 KB checked in by Erik Ekman <erik@…>, 3 years ago (diff)

Fix authentication bypass bug

The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.

Backported to iodine 0.6 branch.

  • Property mode set to 100644
Line 
1
2iodine - http://code.kryo.se/iodine
3
4***********************************
5
6CHANGES:
7
82014-06-17: 0.6.0
9        - Fix authentication bypass vulnerability; found by Oscar Reparaz.
10
112010-02-06: 0.6.0-rc1 "Hotspotify"
12        - Fixed tunnel not working on Windows.
13        - Any device name is now supported on Windows, fixes #47.
14        - Multiple installed TAP32 interfaces are now supported, fixes #46.
15        - Return nonzero if tunnel fails to open, fixes #62.
16        - Support for setting a SELinux context, based on patch by
17                Sebastien Raveau. Sample context file in doc/iodine.te
18        - Allow listen port and DNS forward port to be the same if listen IP
19                does not include localhost.
20        - The client will now exit if configuring IP or MTU fails.
21        - The starting cache miss value is randomized at startup, fixes #65.
22        - Raw UDP mode added. If the iodined server is reachable directly,
23                packets can be sent to it without DNS encoding. Fixes #36.
24        - Do not overwrite users CC/CFLAGS/LDFLAGS, only add to them.
25        - Added -F option to write pidfile, based on patch from
26                misc at mandriva.org. Fixes #70.
27        - Allow password to be set via environment variable, fixes #77.
28                Based on patch by logix.
29        - Client now prints server tunnel IP, fixes #78. Patch by logix.
30        - Fix build error on Mac OS X 10.6, patch by G. Rischard. #79.
31        - Added support for CNAME/TXT/A/MX query types, fixes #75.
32                Patch by Anne Bezemer, merge help by logix.
33        - Merged low-latency patch from Anne Bezemer, fixes #76.
34        - Resolve client nameserver argument if given as hostname, fixes #82.
35        - Open log before chroot, fixes #86: logging on FreeBSD.
36
372009-06-01: 0.5.2 "WifiFree"
38        - Fixed client segfault on OS X, #57
39        - Added check that nameserver lookup was successful
40        - Fixed ENOTSOCK error on OS X and FreeBSD, #58.
41
422009-03-21: 0.5.1 "Boringo"
43        - Added initial Windows support, fixes #43.
44        - Added length check of autoprobe responses
45        - Refactored and added unit tests
46        - Added syslog logging for iodined on version and login packets
47        - Fixed segfault when encoding just one block, fixes #51.
48                The normal code was never affected by this.
49        - Added win32 code to read DNS server from system, fixes #45.
50        - Disabled password echo on win32, fixes #44.
51        - Fix encoding error making all autoprobing > 1024 bytes fail, #52.
52        - Increase default interface MTU to 1200.
53        - Fix autoprobing error making every third probe fail, set IP flag
54                Dont-Fragment where supported. Fixes #54.
55        - Added TAP32 version 0901 as accepted (#53).
56
572009-01-23: 0.5.0 "iPassed"
58        - Fixed segfault in server when sending version reject.
59        - Applied patch to make iodine build on BeOS R5-BONE and Haiku,
60                from Francois Revol. Still work to do to get tun device working.
61        - Added capability to forward DNS queries outside tunnel domain to
62                a nameserver on localhost. Use -b port to enable, fixes #31.
63        - iodined now replies to NS request on its own domain, fixes issue #33.
64                The destination IP address is sent as reply. Use -n to specify
65                a specific IP address to return (if behind NAT etc).
66        - Upstream data is now Base64 encoded if relay server preserves case and
67                supports the plus (+) character in domain names, fixes #16.
68        - Fixed problem in client when DNS trans. ID has highest bit set (#37)
69        - IP addresses are now assigned within the netmask, so iodined can
70                use any address for itself, fixes #28.
71        - Netmask size is now adjustable. Setting a small net will reduce the
72                number of users. Use x.x.x.x/n notation on iodined tunnel ip.
73                This fixes #27.
74        - Downstream data is now fragmented, and the fragment size is auto-
75                probed after login. Fixes #7. It only took a few years :)
76        - Enhanced the checks that validates incoming packets
77        - Fixed endless loop in fragment size autodetection, #39.
78        - Fixed broken hostname dot placing with specific lengths, #40.
79
802008-08-06: 0.4.2 "Opened Zone"
81        - Applied a few small patches from Maxim Bourmistrov and Gregor Herrmann
82        - Applied a patch for not creating and configuring the tun interface,
83                Debian bug #477692 by Vincent Bernat, controlled by -s switch
84        - Applied a security patch from Andrew Griffiths, use setgroups() to
85                limit the groups of the user
86        - Applied a patch to make iodine build on (Open)Solaris, from Albert Lee
87                Needs TUN/TAP driver http://www.whiteboard.ne.jp/~admin2/tuntap/
88                Still needs more code in tun.c for opening/closing the device
89        - Added option in server (-c) to disable IP/port checking on packets,
90                will hopefully help when server is behind NAT
91        - Fixed bug #21, now only IP address part of each packet is checked.
92                Should remove the need for the -c option and also work with
93                bugfixed DNS servers worldwide.
94        - Added -D option on server to enable debugging. Debug level 1 now
95                prints info about each RX/TX datagram.
96
972007-11-30: 0.4.1 "Tea Online"
98        - Introduced encoding API
99        - Switched to new Base32 implementation
100        - Added Base64 implementation that only uses 63 chars (not used yet)
101        - Refined 'install' make target and use $(MAKE) for recursive calls
102        - All received error messages (RCODE field) are echoed
103        - Top domain limited to 128 chars
104        - Case preservation check sent after login to decide codec
105        - Fixed crash on incoming NULL query in server with bad top domain
106        - /etc/resolv.conf is consulted if no nameserver is given on commandline
107        - Applied patch from Matthew W. S. Bell (Detach before chroot/dropping priv)
108
1092007-03-25: 0.4.0 "Run Home"
110        - Added multiuser support (up to 8 users simultaneously)
111        - Added authentication (password entered as argument or on stdin)
112        - Added manpage
113        - Added install/uninstall make target
114        - Cleanup of dns code, more test cases, use check library
115        - Changed directory structure
116
1172006-11-08: 0.3.4
118        - Fixed handshake() buffer overflow
119          (Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
120        - Added more tests
121        - More name parsing enhancements
122        - Now runs on Linux/AMD64
123        - Added setting to change server port
124
1252006-11-05: 0.3.3
126        - Fixed possible buffer overflow
127          (Found by poplix, Bugtraq ID: 20883)
128        - Reworked dns hostname encoding
129
1302006-09-11: 0.3.2
131        - Support for NetBSD
132        - Fixed potential security problems
133        - Name parsing routines rewritten, added regression tests
134        - New encoding, 25% more peak upstream throughput
135        - New -l option to set local ip to listen to on server
136
1372006-07-11: 0.3.1
138        - Add Mac OSX support
139        - Add setting device name
140        - Use compression of domain name in reply (should allow setting MTU
141                approx 200 bytes higher)
142
1432006-06-24: 0.3.0
144        - First public release
145        - Support for Linux, FreeBSD, OpenBSD
Note: See TracBrowser for help on using the repository browser.