Changelog
=========

3.3.0      2021-11-24
           Feature release to make the package more useful for servers
           Bugfix: canlock-mhp utility no longer hangs if field name was
            not found
           Bugfix: Potential NULL-pointer dereference fixed in canlock
            utility (Reported by Dennis Preiser)
           Bugfix: Two memory leaks fixed in canlock-hfp utility
            (Reported by Dennis Preiser)
           Bugfix: Multiple bugs in test suite fixed, where return
            values from library functions were not handled correctly
            (Reported by Dennis Preiser)
           Bugfix: Two memory leaks fixed in test suite for legacy API
            (Found by Valgrind)
           Bugfix: NAME sections of cl_clear_secret(), cl_get_lock(),
            cl_split() and cl_verify() man pages fixed (Reported by
            Julien Elie)
           Bugfix: Typos in canlock-mhp, cl_get_key() and cl_get_lock()
            man pages fixed (Reported by Julien Elie)
           Bugfix: Typos in comments and documentation fixed (Reported
            by Urs Janssen)
           Separate library libcanlock-hp added to execute the header
            parsers (for operating systems with POSIX API)
           New libcanlock-hp API function to unfold header fields added
            (Suggested by Julien Elie)
           Manual pages added for the new library
           Test suite extended for the new library. Tests for parser
            functions are skipped by default (because they require the
            installed parser utilities)
           New libcanlock API function cl_verify_multi() added to check
            multiple keys against multiple locks
            Library API and ABI are backward compatible
           Test suite extended: It now tests cl_verify_multi() too
           canlock utility now supports the option "-m" to check
            multiple keys against multiple locks
           Option "-m" added to SYNOPSIS section of canlock man page
            (Suggested by Marcel Logen)
           Example programs added to the "examples" and "hp/examples"
            subdirectories (Suggested by Julien Elie)
           Documentation for RFC 8315 Section 4 added to cl_get_key()
            and cl_get_lock() man pages (Suggested by Julien Elie)
           Paragraph for optional User-ID (<uid> in RFC 8315 notation)
            added to cl_get_key() and cl_get_lock() man pages (Suggested
            by Julien Elie)
           Examples for minimum size of local secret added to cl_get_key()
            and cl_get_lock() man pages (Suggested by Julien Elie)
           Removed some redundant notes from the output of "canlock -h"
            (Suggested by Julien Elie)

3.2.2      2021-01-07
           Bugfix: Header field name is not found by canlock-mhp if there
            is another header field for which only the prefix differs (and
            that other field is processed first)
           Test suite for canlock-mhp parser extended: It now tests headers
            larger than 4 KiByte and for the field prefix bug fixed in this
            version
           Lexer of canlock-hfp has problems to detect T_CTEXT tokens on
            HP-UX (relevant only if the header field contains comments).
            The syntax of the ERE for T_CTEXT was rewritten to be compatible
            with the SysV lex of HP-UX 11.11
           Test suite for canlock-hfp parser extended to test comments harder
           Namespace clash of internal library functions with libc on NetBSD
            Changed internal API function names hmac* to RFC2104Hmac*
            Changed internal API function names hkdf* to RFC5869Hkdf*
            Library API and ABI are fully compatible if no undocumented
            functions are used
           libcanlock-3.pc: Changed protocol in URL from http to https

3.2.1      2020-11-28
           Bugfix: off-by-one heap buffer overflow fixed in canlock-mhp
            (If header is larger than 4 KiByte. Found by Valgrind)
           Bugfix: canlock-mhp end of header detection fixed
            (Found by test suite on openSUSE. Reported by Martin Hauke)

3.2.0      2020-05-11
           Support for pkg-config with option "--enable-pc-files" added
            (Default behaviour is unchanged). This option installs the
            pkg-config file "libcanlock-3.pc". The standard option
            "--with-pkgconfigdir" can be used to specify the target directory
           Shared library no longer exports internal symbols, if possible
            (using #pragma GCC visibility). Library API and ABI are fully
            compatible if no undocumented functions are used.
           Build system: Distributed autotools files updated

3.1.1      2019-12-29
           Bugfix: Potential buffer overflows in code from RFC6234 fixed.
            Related code is used for test suite only, installed library and
            utilities are not affected (Reported by Florian Schlichting)
           Build system: Makefile rules fixed that use DIST_SUBDIRS variable
           src/canlock.c: Fixed typo in comment (Reported by Urs Janssen)

3.1.0      2019-01-26
           Merged canlock-hp into libcanlock package (now tracking the version
            number of the libcanlock package)
           Configure option "--disable-hp" added (Default is set to build
            canlock-hp, use this option to get the behaviour from 3.0.x)
           Manual page of canlock-hfp utility updated
           Library API and ABI are unchanged

3.0.3      2018-12-05
           Build system fixed for cross build (Patch suggested by Helmut Grohne,
            modified to work on macOS)

3.0.2      2018-08-18
           Configure option "--disable-legacy-api" added (Default behaviour is
            unchanged)
           Test suite updated:
            API test 5 with <clue-string> removed (Obsolete since 20 years)
            API test 8 with unknown <scheme> added
            API test 9 with <scheme> mismatch added
           Manual page of canlock utility updated

3.0.1      2018-03-16
           Man page section numbers fixed (Patch from Florian Schlichting)
           Minimum required automake version set to 1.11.6 (there is a security
            vulnerability in 1.11.5)

3.0.0      2018-01-17
           API for arbitrary hash algorithm added (Written by Dennis Preiser)
           Support for SHA2 added (Using code from RFC6234 section 8)
           SHA1 implementation replaced (Using code from RFC6234 section 8)
           Function to overwrite secret data in memory added
           Command line utility added
           Test program for new API added
           Test program for SHA implementation replaced
           New portable build system added (Based on GNU autotools)
           Man pages added
           Release version scheme changed


EOF