$Header: /cvsroot/Net::EasyTCP/Changes,v 1.33 2003/05/14 20:20:25 mina Exp $


REVISION HISTORY:

0.21
	- Fixed a bug that prevented version 0.20 clients to talk to servers in older versions.


0.20
	- No more strict dependency on exact versions match for the Storable module, encryption
	  or compression modules.
	  It used to be that Net::EasyTCP clients and servers insisted that if they use a module
	  mentioned above, that both ends used the same version.  This was required because it
	  was observed that different versions of the same module could sometime produce
	  incompatible data (which is a bad thing when you're trying to decrypt an encrypted
	  message you just received).
	  This problem is now fixed.  During the negotiation phase, the clients and the servers
	  will test all the modules and decide on which to use on compatability checks and the
	  ability to deal with sample data, as opposed to version checks.
	- Callback suppplied to the start() method will be given the server object as it's only
	  argument as opposed to no arguments.
	- Internal code cleanups


0.19
	- Fixed a bug in the testing script that caused the test to fail if you already had a
	  TCP/IP daemon on the machine listening on port 2345
	- Increased the timeout for a client negotiationg with a server to avoid a race
	  condition of a server and a client launching shortly after each other (as in the
	  case of the test script) while the server takes a bit of time to prepare itself
	  before it's ready for negotiation.
	- Implemented various minor potential bugfixes and fixed some strict/warning error
	  messages thanks to Michael Krause (VKrauseM@web.de)'s patches
	- Implemented a "timeout" option that you can supply to the new() constructor
	  while creating a new client object, which you can use to override the default
	  30 second timeout to establish a TCP/IP socket with the server.  Thanks to Michael
	  Krause (VKrauseM@web.de)
	- Minor code cleanup, with slightly faster encryption key generation time compared
	  to version 0.18


0.18
	- Fixed a bug that caused clients on certain OSes (Noticably SunOS 5.6) to randomly fail
	  logging on to a server giving a "Server rejected supplied password" error
	- Minor internal code cleanups


0.17
	- Fixed some warnings that might have been generated by use strict/warnings. Thanks to
	  Michael Krause.
	- Changed test.pl a fork() to create a seperate client-and-server processes instead
	  of trying to multitask using select() and alarms (that failed on some older SunOSs).
	- Test script no longer hangs at step #4 for that long.
	- Fixed minor error message if do_one_loop() was invoked on a client object.


0.16
	- Fixed a bug that was introduced in 0.15 where the module died if Crypt::Random existed
	  but it was older than 0.34 or modules IT depended on (such as Math::Pari) didn't exist.


0.15
	- Implemented stronger number generator (Crypt::Random).  This module will be used instead
	  of perl's built-in rand() if it's available.
	- Fixed a potential bug that was introduced in version 0.14 that might have stopped the
	  test script (although not the module) from succeeding on BSD systems.
	- Test suite will now (nicely) refuse to run under Win32 as opposed to the fiasco that
	  happened before.  Keep in mind that the module itself should work okay under win32, the
	  problem was only with the test script trying to act as both a client and server without
	  being able to fork() or use alarm().  Testing could be done manually bu the /util/client.pl
	  and /util/server.pl scripts.
	- Implemented a (weak) internal encryption routine that will be used to encrypt the password
	  hash and encryption keys in transit, as a last resort in case no encryption modules were
	  found.
	- Fixed some warnings that might have been generated by use strict/warnings. Thanks to
	  Michael Krause.
	- Implemented more secure communications when using symmetric encryption modules by
	  utilizing the "password" paramater as part of the non-broadcastable encryption key.
	  This should dramatically increase the security of symmetric encryption, however it's
	  still no match for As-symmetric encryption modules such as Crypt::RSA.
	- Implemented an optional parameter to be passed to the start() method (a coderef).
	  If supplied, the code will be called every loop.  This could be used to allow you
	  to do other things concurrently while a server's running (comparable to the
	  do_one_loop() philosophy).
	- Added to the handshake phase the comparison of the version of the Storable module as
	  which would produce the same error as compression/encryption module version mismatches.
	  This can (also) be turned off by supplying the donotcheckversion constructor option.


0.14
	- Implemented a do_one_loop() method to allow servers you write to do other things
	  concurrently instead of the old way of being dedicated through the start() method.
	- Localized some variables to the server object.  This prevented running multiple servers
	  previously within the same program.
	- Added some more internal notes.


0.13
	- Fixed a bug where supplying 4 parameters to substr() choked on older versions of perl
	  substr() calls now only use 3 paramaters.
	- Added 2 new methods, addclientip() and deleteclientip() which may be used to restrict
	  a server to only accept connections from certain IP addresses.


0.12
	- Fixed a bug where if Crypt::RSA was not installed the test suite would fail.
	- The welcome message viewable via telnet-ting into the server is now formatted nicer.


0.11
	- Fixed a small issue where if a server and a client were configured to use a password, the
	  password negotiation occurred before the encryption negotiation, which caused the password
	  hash to be transmitted using weak internal encryption.  This has been fixed by making the
	  password negotiation occur after encryption negotiation.  It's not really a major security
	  issue since only a hash and not the real password was transmitted, but still.... this forces
	  a hacker to break the encryption first before they can get the hash, which they THEN have
	  to brute-force break....
	- As requested by a CPAN tester, added numbers to the output of 'make test'. Note that due to
	  the fact that make test fork()s, the numbers may not be consequtive.
	- The server will generate a new RSA keypair every hour, this substantially increases
	  security.
	- Implemented support of "donotcheckversion" which would allow the client to continue
	  negotiating even if an encryption/compression module version mismatch is encountered.
	  Before you use this feature read the POD/man Net::EasyTCP documentation to understand the
	  consequences.
	- The clear-text welcome message displayed by the server is now more organized.
	- Clarified some vague error messages that were sometimes returned if negotiations failed.
	- Minor internal re-organizations.


0.10
	- Bugfixes release.
	- A bug was introduced in version 0.09 where if a client did not have any encryption modules
	  installed it would fail negotiating with the server and would not be able to connect.  This
	  was fixed.
	- A bug where failure to generate encryption keys was not handled correctly and passed on as
	  a success, causing random halts and freezes during.  This was fixed.
	- Clarified the error message when a client times out during negotiating with a server
	- Encryption keypairs were always being generated and not used even if the objects were created
	  with "donotencrypt".  This caused slowdown especially when Crypt::RSA was used due to it's
	  slowness in generating keypairs.  This issue was fixed.
	- A potential bug where an encryption or compression module version-conflict error was incorrectly
	  reported.


0.09
	- Implemented Crypt::RSA support.  This is the first supported module that implements
	  assymmetric cryptography.  Users who are serious about the security of their en-route
	  data are strongly advised to upgrade and make use of this encryption module.
	- Small bugfix where client-negotiation-timeouts were not reported correctly.


0.08
	- Bugfix release.  An internal variable was assigned to both Crypt::Rijndael and Crypt::RC6
	  (they should have received different variables).  This causes negotiations to often fail
	  when a client has RC6 and not Rijndael and the server had the opposite, or vice-versa.
	- Implemented encryption and compression module version checking.  The client will fail
	  to connect to a server if the agreed-on encryption or compression module has a version
	  mismatch.  The failure error in $@ will advise of so.


0.07
	- Minor changes to the negotiation routine, including improved security during encryption key
	  exchange.
	- Implemented a "password" feature where a server will require a password from the client before
	  accepting connection.
	- Added 2 methods (remoteip() and remoteport()) to retrieve the IP address/port of the remote
	  connection.
	- Added support to Crypt::Rijndael encryption.
	- Added support to Crypt::RC6 encryption.
	- Changes to the send and receive routines to allow the server to better manage large amounts
	  of data from several clients at the same time.


0.06
	- Re-organized many internal functions to better manage memmory and free up memory no longer used
	  sooner.
	- Added new method clients() to return the list of clients or number of clients connected to a
	  server.
	- Modified the new() constructor to accept a "Welcome" message visible by telnetting into a server.


0.05
	- Fixed a bug where calling the receive() method may have failed if a signal (such as child dying)
	  was delivered to the process at the same time.  The bug became apparent on heavily-stormed
	  servers with many forked() children dying, causing the negotiation with new clients to sometimes
	  fail.
	- Re-wrote the server-side negotiating code to prevent it from blocking for couple of seconds during
	  negotiating with a newly connected client.


0.04
	- Fixed a bug where older versions of Crypt::CBC were not called correctly causing "make test"
	  and almost everything else to fail.
	- Minor changes to the protocol negotiation


0.03
	- Added encryption support for Crypt::DES_EDE3, Crypt::DES and Crypt::Blowfish
	- Added 2 new methods to determine what type of compression and encryption has been negotiated.


0.02
	- Implemented transparent compression
	- Implemented transparent encryption
	- Internal protocol majorly re-designed to accomodate new and future features
	- Re-wrote the test routine to use fork() and simulate a real-world scenario
	- Minor bugfixes in receive()


0.01
	- original version; created by h2xs 1.19