ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/NEWS
(Generate patch)

Comparing gvpe/NEWS (file contents):
Revision 1.103 by root, Wed Oct 12 22:51:10 2011 UTC vs.
Revision 1.116 by root, Thu Jul 18 13:35:19 2013 UTC

1GVPE NEWS 1GVPE NEWS
2 2
3TODO: bridge mode, finally?
4TODO: gcm mode?
5TODO: replace ripemd160 as the only authentication hash.
6TODO: increase rsa size.
7TODO: replace transport bits by transport endpoint structs?
8TODO: ecdh to avoid session replay attacks
9TODO: http://incog-izick.blogspot.de/2011/08/using-openssl-aes-gcm.html
10TODO: http://stackoverflow.com/questions/12153009/openssl-c-example-of-aes-gcm-using-evp-interfaces
11
12proposed: 3 types, req, resreq, res
13
14req (hmac1) rsa(seqno1 hmac1 aes1 seqno2 hmac2 aes2 auth) ecdh1
15res (hmac1) hash(rsa-contents) ecdh2
16
17req hmac0(*) rsa(seqno hmac0 hmac aes auth) hkdf-salt ecdh1
18res hmac0(rsa-contents ecdh2)
19 hmac_key = hkdf(hkdf-salt, hmac | ecdh)
20 aes_key = hkdf(hkdf-salt, aes | ecdh)
21
22TODO: protocol magic fixen(!!!)
23TODO: "global"
24TODO: verify
25TODO: make sense of overhead calculation
26TODO: use aes in ctr mode for IV values
27 - INCOMPATIBLE CHANGE: core protocol version 1.0.
28 - INCOMPATIBLE CHANGE: node sextions are now introduced
29 with "node nodename", not "node = nodename".
30 - while individual packets couldn't be replayed, a whole session
31 could be replayed - this has been fixed by an extra key exchange.
32 - in addition to rsa key exchange and authentication, the handshake now
33 adds a diffie-hellman key exchange (using curve25119) for perfect
34 forward secrecy. mac and cipher keys are derived using HKDF.
35 - rsa key sizes are now configurable and larger (default is 3072).
36 correspondingly, the minimum mtu is no longer 296 but 576.
37 - fixed a potential (unverified) buffer overrun on rsa decryption.
38 - gvpectrl no longer generates all missing public keys, but
39 only missing private keys. private keys are also put
40 into the configured location.
41 - the pid-file now accepts %s as nodename as elsewhere.
42 - no longer use RAND_bytes to generate session keys - you NEED
43 a real source of entropy now (e.g. egd or /dev/random - see the
44 openssl documentation).
45 - multiple node statements for the same node are now supported
46 and will be merged.
47 - a new directive "global" switches back to the global section
48 of the config file.
49 - 12 random prefix bytes are now properly supported, leading to
50 a fully random IV.
51 - use aes with a random key in counter-mode to generate IVs,
52 for speed reasons (generating 12 random bytes with openssl can
53 take longer than encrypting and mac'ing a 1.5kb packet, and IVs
54 do not need to be cryptographically strong random numbers
55 (and in fact, shouldn't be)).
56 - if-up scripts can now be specified with absolute paths.
57
582.25 Sat Jul 13 06:42:33 CEST 2013
3 - INCOMPATIBLE CHANGE: no longer enable udp protocol if no other 59 - INCOMPATIBLE CHANGE: no longer enable udp protocol if no other
4 protocols are enabled - this is necessary when you have nodes with 60 protocols are enabled - this is necessary when you have nodes with
5 completely unknown protocols, to force mediated connection requests. 61 completely unknown protocols, to force mediated connection requests.
6 - INCOMPATIBLE CHANGE: dns transport protocol bumped to version 2. 62 - INCOMPATIBLE CHANGE: dns transport protocol bumped to version 2.
63 - core protocol version 0.1, compatible with older releases.
64 - switch to using RSA_generate_key_ex, which is the badly documented
65 and needlessly more complicated replacement for the RSA_generate_key
66 function which is now deprecated.
67 - support additional hmac hashes: sha256 and sha512, usually truncated.
68 - change public exponent for rsa keys from 65535 to 65537, for
69 efficiency reasons - only affects new keys.
70 - nodes would sometimes declare transport endpoints valid despite
71 the protocol not being configured locally.
72 - new global configuration options: chroot, chuser, chuid, chgid,
73 to chroot to a specified or anonymous new root, and change user id.
74 - new global configuration options seed_device and seed_interval,
75 to configure another device than /dev/urandom for random seeds,
76 and to configure a regular interval to reseed the rng.
77 - prefer inet_aton over gethostbyname, as the latter is not guaranteed
78 to "resolve" literal ip addresses.
7 - configure didn't detect openssl 1.0 because SHA1_version became private 79 - configure didn't detect openssl 1.0 because SHA1_version became private
8 (patch by TANIGUCHI Takaki). 80 (patch by TANIGUCHI Takaki).
9 - core protocol version 0.1, compatible with older releases.
10 - fix a bug where nodes would tell the other side that it supports 81 - fix a bug where nodes would tell the other side that it supports
11 the same protocols as that other side, instead of its own. 82 the same protocols as that other side, instead of its own.
12 - add zlib when found, as openssl depends on it in newer versions. 83 - add zlib when found, as openssl depends on it in newer versions.
13 - work around append-bugs in uclibc by using an extra seek. 84 - work around append-bugs in uclibc by using an extra seek.
14 - new "include" directive for the config file. 85 - new "include" directive for the config file.
15 - gvpectrl no longer evaluates any "on" directives. 86 - gvpectrl no longer evaluates any "on" directives.
16 - icmp and rawip protocols weren't upgradable to each other. 87 - icmp and rawip protocols weren't upgradable to each other.
17 - major, but incremental, dns transport improvements: 88 - major, but incremental, dns transport improvements:
18 - do not simply abort in some error cases in the dns transport, 89 - do not simply abort in some error cases in the dns transport,
19 but try to recover. 90 but try to recover.
20 - allow lowercase/uppercase alises for base-n encodings that do 91 - allow lowercase/uppercase aliases for base-n encodings that do
21 not rely on case. 92 not rely on case.
22 - use base26 instead of base22 encoding for dns syn's, and 93 - use base26 instead of base22 encoding for dns syn's, and
23 base36 instead of base22 for headers (saves one byte/packet). 94 base36 instead of base22 for headers (saves one byte/packet).
24 - back off far quicker in dns tunnel when idling - increases 95 - back off far quicker in dns tunnel when idling - increases
25 latency on an idle link somewhat, but avoids hundreds of 96 latency on an idle link somewhat, but avoids hundreds of
26 needless packets. 97 needless packets.
27 - poll more aggressively when idling in dns (poll once per 98 - poll more aggressively when idling in dns (poll once per
28 second as opposed to once per 5 seconds). 99 second as opposed to once per 5 seconds).
100 - reduce dns send payload size to allow greater rate of ack
101 messages (should help sack and ipv6).
29 - allow for ip options in rawip/icmp transports, even though gvpe 102 - allow for ip options in rawip/icmp transports, even though gvpe
30 doesn't generate them. 103 doesn't generate them.
104 - upgrade to autoconf 2.69, automake 1.11.
31 - upgrade to libev 4 API. 105 - upgrade to libev 4 API.
106 - replace COPYING file by actual GPLv3 - files were relicensed to GPLv3
107 earlier but COPYING was forgotten.
32 108
332.24 Sat Feb 12 05:15:48 CET 2011 1092.24 Sat Feb 12 05:15:48 CET 2011
34 - protocol version 0.1, compatible with older releases. 110 - protocol version 0.1, compatible with older releases.
35 - due to a bug, when packets were lost, a connection could go into a 111 - due to a bug, when packets were lost, a connection could go into a
36 state where a ping/connection request from another node would be 112 state where a ping/connection request from another node would be

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines