iodine - http://code.kryo.se/iodine *********************************** CHANGES: 2008-xx-xx: 0.x.x - Delayed sending responses in server to improve latency. Pings from server to client are now always fast instead of cycling from fast to 1000 ms. - The server now replies to all received queries. - Fixed segfault in server when sending version reject. - The interval between "pings" from clients is now 5 seconds. - Eliminited extra "ping" messages from client to server when server sends data and gets data back directly. - Applied patch to make iodine build on BeOS R5-BONE and Haiku, from Francois Revol. Still work to do to get tun device working. - Added capability to forward DNS queries outside tunnel domain to a nameserver on localhost. Use -b port to enable. 2008-08-06: 0.4.2 "Opened Zone" - Applied a few small patches from Maxim Bourmistrov and Gregor Herrmann - Applied a patch for not creating and configuring the tun interface, Debian bug #477692 by Vincent Bernat, controlled by -s switch - Applied a security patch from Andrew Griffiths, use setgroups() to limit the groups of the user - Applied a patch to make iodine build on (Open)Solaris, from Albert Lee Needs TUN/TAP driver: http://www.whiteboard.ne.jp/~admin2/tuntap/ Still needs some more code in tun.c for opening/closing the device - Added option in server (-c) to disable IP/port checking on each packet, will hopefully help when server is behind NAT - Fixed bug #21, now only IP address part of each packet is checked. Should remove the need for the -c option and also work with bugfixed DNS servers worldwide. - Added -D option on server to enable debugging. Debug level 1 now prints info about each RX/TX datagram. 2007-11-30: 0.4.1 "Tea Online" - Introduced encoding API - Switched to new Base32 implementation - Added Base64 implementation that only uses 63 chars (not used yet) - Refined 'install' make target and use $(MAKE) for recursive calls - All received error messages (RCODE field) are echoed - Top domain limited to 128 chars - Case preservation check sent after login to decide codec - Fixed crash on incoming NULL query in server with bad top domain - /etc/resolv.conf is consulted if no nameserver is given on commandline - Applied patch from Matthew W. S. Bell (Detach before chroot/dropping priv) 2007-03-25: 0.4.0 "Run Home" - Added multiuser support (up to 8 users simultaneously) - Added authentication (password entered as argument or on stdin) - Added manpage - Added install/uninstall make target - Cleanup of dns code, more test cases, use check library - Changed directory structure 2006-11-08: 0.3.4 - Fixed handshake() buffer overflow (Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333) - Added more tests - More name parsing enhancements - Now runs on Linux/AMD64 - Added setting to change server port 2006-11-05: 0.3.3 - Fixed possible buffer overflow (Found by poplix, Bugtraq ID: 20883) - Reworked dns hostname encoding 2006-09-11: 0.3.2 - Support for NetBSD - Fixed potential security problems - Name parsing routines rewritten, added regression tests - New encoding, 25% more peak upstream throughput - New -l option to set local ip to listen to on server 2006-07-11: 0.3.1 - Add Mac OSX support - Add setting device name - Use compression of domain name in reply (should allow setting MTU approx 200 bytes higher) 2006-06-24: 0.3.0 - First public release - Support for Linux, FreeBSD, OpenBSD