Revision history
0.13 - Fixed a bug where supplying 4 parameters to substr() choked on older versions of perl
substr() calls now only use 3 paramaters.
- Added 2 new methods, addclientip() and deleteclientip() which may be used to restrict
a server to only accept connections from certain IP addresses.
0.12 - Fixed a bug where if Crypt::RSA was not installed the test suite would fail.
- The welcome message viewable via telnet-ting into the server is now formatted nicer.
0.11
- Fixed a small issue where if a server and a client were configured to use a password, the
password negotiation occurred before the encryption negotiation, which caused the password
hash to be transmitted using weak internal encryption. This has been fixed by making the
password negotiation occur after encryption negotiation. It's not really a major security
issue since only a hash and not the real password was transmitted, but still.... this forces
a hacker to break the encryption first before they can get the hash, which they THEN have
to brute-force break....
- As requested by a CPAN tester, added numbers to the output of 'make test'. Note that due to
the fact that make test fork()s, the numbers may not be consequtive.
- The server will generate a new RSA keypair every hour, this substantially increases
security.
- Implemented support of "donotcheckversion" which would allow the client to continue
negotiating even if an encryption/compression module version mismatch is encountered.
Before you use this feature read the POD/man Net::EasyTCP documentation to understand the
consequences.
- The clear-text welcome message displayed by the server is now more organized.
- Clarified some vague error messages that were sometimes returned if negotiations failed.
- Minor internal re-organizations.
0.10
- Bugfixes release.
- A bug was introduced in version 0.09 where if a client did not have any encryption modules
installed it would fail negotiating with the server and would not be able to connect. This
was fixed.
- A bug where failure to generate encryption keys was not handled correctly and passed on as
a success, causing random halts and freezes during. This was fixed.
- Clarified the error message when a client times out during negotiating with a server
- Encryption keypairs were always being generated and not used even if the objects were created
with "donotencrypt". This caused slowdown especially when Crypt::RSA was used due to it's
slowness in generating keypairs. This issue was fixed.
- A potential bug where an encryption or compression module version-conflict error was incorrectly
reported.
0.09
- Implemented Crypt::RSA support. This is the first supported module that implements
assymmetric cryptography. Users who are serious about the security of their en-route
data are strongly advised to upgrade and make use of this encryption module.
- Small bugfix where client-negotiation-timeouts were not reported correctly.
0.08
- Bugfix release. An internal variable was assigned to both Crypt::Rijndael and Crypt::RC6
(they should have received different variables). This causes negotiations to often fail
when a client has RC6 and not Rijndael and the server had the opposite, or vice-versa.
- Implemented encryption and compression module version checking. The client will fail
to connect to a server if the agreed-on encryption or compression module has a version
mismatch. The failure error in $@ will advise of so.
0.07
- Minor changes to the negotiation routine, including improved security during encryption key
exchange.
- Implemented a "password" feature where a server will require a password from the client before
accepting connection.
- Added 2 methods (remoteip() and remoteport()) to retrieve the IP address/port of the remote
connection.
- Added support to Crypt::Rijndael encryption.
- Added support to Crypt::RC6 encryption.
- Changes to the send and receive routines to allow the server to better manage large amounts
of data from several clients at the same time.
0.06
- Re-organized many internal functions to better manage memmory and free up memory no longer used
sooner.
- Added new method clients() to return the list of clients or number of clients connected to a
server.
- Modified the new() constructor to accept a "Welcome" message visible by telnetting into a server.
0.05
- Fixed a bug where calling the receive() method may have failed if a signal (such as child dying)
was delivered to the process at the same time. The bug became apparent on heavily-stormed
servers with many forked() children dying, causing the negotiation with new clients to sometimes
fail.
- Re-wrote the server-side negotiating code to prevent it from blocking for couple of seconds during
negotiating with a newly connected client.
0.04
- Fixed a bug where older versions of Crypt::CBC were not called correctly causing "make test"
and almost everything else to fail.
- Minor changes to the protocol negotiation
0.03
- Added encryption support for Crypt::DES_EDE3, Crypt::DES and Crypt::Blowfish
- Added 2 new methods to determine what type of compression and encryption has been negotiated.
0.02
- Implemented transparent compression
- Implemented transparent encryption
- Internal protocol majorly re-designed to accomodate new and future features
- Re-wrote the test routine to use fork() and simulate a real-world scenario
- Minor bugfixes in receive()
0.01
- original version; created by h2xs 1.19