2017-01-18 16:48:48 +01:00
|
|
|
Changes in `2.2.0 <http://matrix.org/git/olm/commit/?h=2.2.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
|
|
|
This release includes the following changes since 2.1.0:
|
|
|
|
|
|
|
|
* Add Java wrappers to allow use under Android.
|
|
|
|
|
|
|
|
New functionality:
|
|
|
|
|
|
|
|
* Add a number of methods allowing InboundGroupSessions to be exported and
|
|
|
|
imported. These are: ``olm_inbound_group_session_first_known_index``,
|
|
|
|
``olm_export_inbound_group_session_length``,
|
|
|
|
``olm_export_inbound_group_session``, ``olm_import_inbound_group_session``
|
|
|
|
and ``olm_inbound_group_session_is_verified``. Corresponding wrappers are
|
|
|
|
available in the Javascript, Python, Objective-C and Android wrappers.
|
|
|
|
|
|
|
|
Objective-C wrapper:
|
|
|
|
|
|
|
|
* Fix a number of issues with the build scripts which prevented it being used
|
|
|
|
for macOS/Swift projects. Thanks to Avery Pierce.
|
|
|
|
|
2016-12-22 15:49:49 +01:00
|
|
|
Changes in `2.1.0 <http://matrix.org/git/olm/commit/?h=2.1.0>`_
|
2016-11-17 14:03:15 +01:00
|
|
|
===============================================================
|
|
|
|
|
2016-12-22 15:49:49 +01:00
|
|
|
This release includes the following changes since 2.0.0:
|
|
|
|
|
|
|
|
* Add OLMKit, the Objective-C wrapper. Thanks to Chris Ballinger for the
|
|
|
|
initial work on this.
|
|
|
|
|
|
|
|
Javascript wrapper:
|
|
|
|
|
|
|
|
* Handle exceptions during loading better (don't leave a half-initialised
|
|
|
|
state).
|
|
|
|
* Allow applications to tune emscripten options (such as the amount of heap).
|
|
|
|
* Allocate memory for encrypted/decrypted messages on the empscripten heap,
|
|
|
|
rather than the stack, allowing more efficient memory use.
|
2016-11-17 14:03:15 +01:00
|
|
|
|
|
|
|
|
2016-10-24 17:51:20 +02:00
|
|
|
Changes in `2.0.0 <http://matrix.org/git/olm/commit/?h=2.0.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
|
|
|
This release includes the following changes since 1.3.0:
|
|
|
|
|
|
|
|
* Fix a buffer bounds check when decoding group messages.
|
|
|
|
* Update ``olm_group_decrypt`` to return the ratchet index for decrypted
|
|
|
|
messages.
|
|
|
|
* Fix ``olm_pickle_account``, ``olm_pickle_session``,
|
|
|
|
``olm_pickle_inbound_group_session`` and
|
|
|
|
``olm_pickle_outbound_group_session`` to correctly return the length of the
|
|
|
|
pickled object.
|
|
|
|
* Add a `specification <./docs/megolm.rst>`_ of the Megolm ratchet, and add
|
|
|
|
some information on mitigating unknown key-share attacks to the `Olm
|
|
|
|
specification <./docs/olm.rst>`_.
|
2016-10-24 18:22:43 +02:00
|
|
|
* Add an ``install-headers`` target to the Makefile (and run it when installing
|
|
|
|
the library). (Credit to Emmanuel Gil Peyrot).
|
2016-10-24 17:51:20 +02:00
|
|
|
|
2016-12-22 15:49:49 +01:00
|
|
|
|
2016-09-14 14:55:54 +02:00
|
|
|
Changes in `1.3.0 <http://matrix.org/git/olm/commit/?h=1.3.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
2016-10-24 17:51:20 +02:00
|
|
|
This release updates the group session identifier to avoid collisions.
|
|
|
|
Group sessions are now identified by their ed25519 public key.
|
2016-09-14 14:55:54 +02:00
|
|
|
|
|
|
|
These changes alter the pickle format of outbound group sessions, attempting
|
|
|
|
to unpickle an outbound group session created with a previous version of olm
|
|
|
|
will give ``OLM_CORRUPTED_PICKLE``. Inbound sessions are unaffected.
|
|
|
|
|
|
|
|
This release alters the format of group session_key messages to include the
|
|
|
|
ratchet counter. The session_key messages are now self signed with their
|
|
|
|
ed25519 key. No attempt was made to preserve backwards-compatibility.
|
|
|
|
Attempting to send session_keys between old and new versions will give
|
|
|
|
``OLM_BAD_SESSION_KEY``.
|
|
|
|
|
2016-09-06 18:04:37 +02:00
|
|
|
Changes in `1.2.0 <http://matrix.org/git/olm/commit/?h=1.2.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
|
|
|
This release updates the implementation of group session communications, to
|
|
|
|
include Ed25519 signatures on group messages, to ensure that participants in
|
|
|
|
group sessions cannot masquerade as each other.
|
|
|
|
|
|
|
|
These changes necessitate changes to the pickle format of inbound and outbound
|
|
|
|
group sessions, as well as the session_keys exchanged between them. No attempt
|
|
|
|
has been made to preserve backwards-compatibility:
|
|
|
|
|
|
|
|
* Attempting to restore old pickles will give ``OLM_CORRUPTED_PICKLE``.
|
|
|
|
* Attempting to send session_keys between old and new versions will give
|
|
|
|
``OLM_BAD_SESSION_KEY``.
|
|
|
|
* Attempting to send messages between old and new versions will give one of a
|
|
|
|
number of errors.
|
|
|
|
|
|
|
|
There were also a number of implementation changes made as part of this
|
|
|
|
release, aimed at making the codebase more consistent, and to help with the
|
|
|
|
implementation of the group message signatures.
|
|
|
|
|
|
|
|
|
2016-09-01 14:35:23 +02:00
|
|
|
Changes in `1.1.0 <http://matrix.org/git/olm/commit/?h=1.1.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
|
|
|
This release includes a fix to a bug which caused Ed25519 keypairs to be
|
|
|
|
generated and used insecurely. Any Ed25519 keys generated by libolm 1.0.0
|
2016-09-01 15:00:26 +02:00
|
|
|
or earlier should be considered compromised.
|
2016-09-01 14:35:23 +02:00
|
|
|
|
|
|
|
The fix necessitates a change to the format of the OlmAccount pickle; since
|
|
|
|
existing OlmAccounts should in any case be considered compromised (as above),
|
|
|
|
the library refuses to load them, returning OLM_BAD_LEGACY_ACCOUNT_PICKLE.
|
|
|
|
|
|
|
|
|
2016-07-11 13:50:11 +02:00
|
|
|
Changes in `1.0.0 <http://matrix.org/git/olm/commit/?h=1.0.0>`_
|
|
|
|
===============================================================
|
|
|
|
|
|
|
|
This release includes a fix to a bug which had the potential to leak sensitive
|
|
|
|
data to the application: see
|
|
|
|
https://github.com/vector-im/vector-web/issues/1719. Users of pre-1.x.x
|
|
|
|
versions of the Olm library should upgrade. Our thanks to `Dmitry Luyciv
|
|
|
|
<https://github.com/dluciv>`_ for bringing our attention to the bug.
|
|
|
|
|
|
|
|
Other changes since 0.1.0:
|
|
|
|
|
|
|
|
* *Experimental* implementation of the primitives for group sessions. This
|
|
|
|
implementation has not yet been used in an application and developers are
|
|
|
|
advised not to rely on its stability.
|
|
|
|
|
|
|
|
* Replace custom build scripts with a Makefile.
|
|
|
|
|
|
|
|
* Include the major version number in the soname of libolm.so (credit to
|
|
|
|
Emmanuel Gil Peyrot).
|