HOME


sh-3ll 1.0
DIR:/usr/share/doc/libdomainkeys/
Upload File :
Current File : //usr/share/doc/libdomainkeys/CHANGES
Changed from 0.68 to 0.69:
	API:
	o Added dk_granularity() to retrieve the value of (g=) tag in DNS lookup (called after dk_end)
	o Added DK_STAT_GRANULARITY status enumeration
	o Fixed dktest.c to check for DK_STAT_GRANULARITY
	
	Internal:
	o Fixed dk_headers() to always return the proper length of a null terminated header list, even with a NULL argument and
		RDUPE on
	o Added dk->granularity pointer to DK struct
	o Python wrapper updates
	o Updated Documentation and test script
	o Fixed bug with policy:
		Consider a message with both a Sender: and a From: header, but no DK signature.
	
Changed from 0.67 to 0.68:

  API:
    o Added dk_settxt() to bypass dns lookups and set query responses manually
    o Added dk_domain() to return the domain name used (dk->domain)
    o Added python wrapper (domainkeys_wrap.c) (use make python to make shared object to import)

  Internal:

Changed from 0.66 to 0.67:

  API:
  o Incompatible changes made: dk_free requires an additional parameter, used to specify the OpenSSL Error State should be cleared
  o Added dk_setopts() and dk_getopts()
  o Deprecated dk_enable_trace() and dk_remdupe() in favor of using dk_setopts()
  o Added dk_shutdown() to be used at application shutdown (frees dklib and openssl memory when done)

  Internal:
  o Clarified documented behavior for dk_end()/dk_policy() and flag retrieval
  o Performance improvments (see source for DK_HASH_BUFF)
  o Fixed dkt_generate to remove the last ':' char and report accurate length of string returned
  o Fixed memory leak in dk_headers()
  o Added dk_init() Documentation update (Safe Multi-Thread Usage)

Changed from 0.65 to 0.66:

  API:
  o No incompatible changes made.
  o Added dk_compare_trace(), dk_enable_trace() and dk_get_trace()
  o Added -T option to dktest to enable generation of trace headers

  Internal:
  o Added test to dk_message() to detect stray CRs
  o Fixed parent domain handling

Changes from 0.64 to 0.65:
  API:
  o No incompatible changes made.
  o Added dk_remdupe() to turn on/off ignoring hashing in duplicate headers when signing
  o Added dk_selector() to return the selector name used or NULL if there isn't one
  o Added -h option to dktest to add h= tag when signing
  o Added -r option to dktest to enable ignoring duplicate headers when signing (implies -h)

  Internal:
  o Win32 and Unixware compatability
  o dk_headers() now reports accurate length of h= list and preserves duplicate headers
  o Fixed dkheaders_header() to properly handle h= tags when verifying, handles duplicate headers properly
  o Fixed simple canon, no longer unfolds headers when in simple canon
  o Fixed nofws canon when an embedded \r is in the body of a message
  o Fixed dk_from() to properly report the senders domain when the message is not signed
  o Fixed dk_from() to properly return NULL when the sender address is malformed (ie: @host, user@, @, <empty>)
  o Added check in dkheaders() to check dk_from() after parsing headers to make sure there is a valid sender address
  o Fixed dk_policy() to use dk_from(), not value in dk->from
  o Fixed handling of messages when verifying and more than one DK-Sig header is found, now uses the first DK-Sig found properly
  o Fixed handling of messages when signing and there is an existing DK-Sig (Sender: before DK-Sig), pre-existing DK-Sig is ignored

Changes from 0.63 to 0.64:

  API:
  o No incompatible changes made.
  o Added dk_headers().
  o Added DK_FLAG_G, which reports that g= was present.
  o Added dk_address().
  o Deprecated dk_from().
  o Added dk_end() (like dk_eom only it doesn't call dk_policy()).
  o Added dk_policy().
  o Deprecated dk_eom() in favor of calling dk_end and dk_policy.

  Internal:
  o dns_txt replaced by dns_text (internal-only change).
  o dns_text now always returns a malloc'ed string.
  o Added copyright and license.
  o Added DK_MALLOC(), DK_MFREE(), and dk_strdup.  They use openssl's.
  o Changed dkparse822() to make an address for dk_address(), which see.
  o Fixed a bug in dknewkey where it inserted an extra quote char.
  o Fixed a memory leak in dk_free().  Thanks Robert Powers.
  o Fixed makeheader to exit with zero.  Thanks Slava Filimonov
  o Added clean to Makefile targets
  o Made changes to dktest to support new api entry points.
  o Adjust test cases.

Changes from 0.62 to 0.63:

  o Change dktest's "-t 7" option so that it works even if not signing.
  o When using the h= tag, sign ALL instances of a header.
  o Only remember the Sender AFTER the DK-Sig when verifying.
  o Explicitly return DK_STAT_NOSIG if no sig was found.
  o Explicitly finish off the headers if there is no body.
  o Adjust test cases.

Changes from 0.61 to 0.62:

  o This release now supports the -01 spec.
  o If the domain was missing from the DK-S: header, it segfaulted.
  o The TC8 test needed to have real headers rather than /dev/null.
  o The TC14 test returns different results in 0.61 and needed fixing.
  o Fix the bug reported by Richard Lyons on the qmail mailing list in
    message 120186:
    2.  If the program is given a message to sign that's
        already signed, it will try to verify it.
  o dktest wasn't carrying failure status around properly.
  o Added support for multiple canonicalizations.
    . Have to parse the DK-Sig line earlier to get c= value.
    . Folded EVP_SignUpdate and EVP_VerifyUpdate into EVP_DigestUpdate.
    . Folded header and body processing into one call.
  o Fixed support for c=simple so it works with trailing blank lines.
  o Added support for Sender: signing domains.
  o Added a check for a=rsa-sha1
  o Added a check for q=dns
  o Fixed a memory leak (wouldn't free the From: address)
  o Added support for signing domain being a subdomain of d=.
  o Used to be checking policy from signing domain, but spec says to
    use d=domain.
  o Added comments to makeheader.c and blank lines to its output.
  o dkparselist had a subtle bug wherein it skipped a character after
    the ';'.  Most often that was a space, so no matter until I started
    deleting spaces for nofws testing.
  o dkparselist now checks for a trailing key but no value.
  o Found a memory leak.  dk->sender wasn't being freed.
  o Added nofws support.
  o Broke dkpolicy() out into its own subroutine.  It's now called in two
    places: if the signature doesn't verify, and if there is no signature at
    all.
  o Added a copyright license.
  o Completely changed the way headers were parsed, to handle h=.
  o Added h= support.
  o Added test cases.

Changes from 0.60 to 0.61:

  o added -DBIND_8_COMPAT for BIND9's sake.
  o added dk_siglen to get the signature length.
  o moved privatekey parameter from dk_sign to dk_getsig.

Changes from 0.59 to 0.60:

  o dns_txt.c should extract the TXT record into a PACKETSZ buffer,
    not MAXDNAME.
  o Fixed two error return values in dns_txt.c
  o dknewkey should delete its temporary file.
  o Implemented full-RFC2822 address parsing.
  o Added test case for dk_from to dktest.c
  o Wasn't returning flags correctly in dk_eom().
  o Wasn't properly null-terminating the signature string.
  o Removed error notes from 'test'.
  o Added whole piles of RFC2822 address parsing to 'test'.

Changes from 0.58 to 0.59:

  o dktest strips off the path from the key filename to get the selector.
  o dktest's -a option is now -b.
  o dktest now rewinds its stdin.
  o Added support for SWIG.
  o Added dknewkey, which generates a private/public key pair and formats
    the public key for insertion into a zone file.
  o Wrote man pages for dktest and dknewkey in HTML.
  o Portability fixes to Makefile, test, and dns_txt.c
  o Fixed a bug in multiple TXT character-string handling.