diff --git a/ChangeLog b/ChangeLog index bfad860..cf0adf7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,34 @@ Changelog ========= +v1.1 (2019-12-28) +----------------- + +Changes +~~~~~~~ +- [doc] Changelog reflecting v1.0 release. [Alexandre Dulaunoy] + +Other +~~~~~ +- Merge pull request #24 from mattslot/master. [Alexandre Dulaunoy] + + Explicit parameter types for static prototypes +- Explicit parameter types for static prototypes. [Matt Slot] +- Merge pull request #22 from EaseTheWorld/handshake. [Alexandre + Dulaunoy] + + Handle weird 3-way handshake(syn&ack -> syn -> ack) +- Handle weird 3-way handshake(syn&ack -> syn -> ack) I have pcaps from + Cisco2960 span port and found some tcp handshake has weird order 3-way + handshake. It seems first packet order between sessions is not + guaranted for cisco span. maybe. Current state transition is + INIT -- syn --> SYN1 -- syn&ack --> SYN2 -- ack --> ESTABLISHED New + state transition starts with SYN1 or SYN2 and adds(revive actually) + STATE_ACK to handle both cases. case1 : INIT -- syn --> SYN1 -- + syn&ack -->ACK -- ack --> ESTABLISHED (normal) case2 : INIT -- syn&ack + --> SYN2 -- syn -->ACK -- ack --> ESTABLISHED (weird) [EaseTheWorld] + + v1.0 (2019-05-26) ----------------- @@ -205,169 +233,3 @@ Other - Ssldump_0.9b3.orig.tar.gz Import. [Alexandre Dulaunoy] - -Original changelog file ------------------------ - -Mon 29 May 2017 03:49:00 PM +03 Alper - * Fix packet length calculation if IP length is - 0 due to TSO. - -Wed Aug 21 10:48:45 2002 EKR - * Installed Greg Stark's new Win32 patches. - - * Added updated VLAN support (Jeffrey Hafey) - -Fri Aug 16 16:56:23 2002 EKR - * Cleaned up 56-bit ciphersuites in ciphersuites.c - - * Fixed memory errors in packet copying. - - * Fixed bugs in processing of bogus SSLv2 messages. - - * Fixed bugs in TCP packet reassembly code. - -Tue Aug 13 13:03:41 2002 EKR - * Fixed EXPORT1024 DES cipher suites - -Mon Aug 12 16:49:51 2002 EKR - * Added support for VLAN networks (Jeffrey Hafey) - - * Fixed printing of data with embedded tabs (Pavel Curtis) - - * Added support for non-promiscuous mode (-P flag) - (Bruce M Simpson) - - * Fixed potential small overrun in RSA decryption. - -Fri Sep 28 15:54:47 2001 EKR - * Fixed install so that we install in /usr/local/sbin - with mode 755. Bug report ssldump/22. - (Dave Jagoda) - - * Fixed compilation warning about create_null_analyzer - Bug report ssldump/23. - -Wed Sep 26 14:49:06 2001 EKR - * Fixed SYN & SYN/ACK detection to that it works with ECN. - (Henrik Nordstrom) - - * Added /usr/include/pcap to the PCAP search path - (Henrik Nordstrom) - -Sat Sep 15 13:41:10 2001 EKR - * Fix to ssldecode.c to remove error with empty - struct when compiling with VC++ and no OpenSSL - (Greg Stark) - - * Change to vcwin32.mak to print out that you're not - using OpenSSL (Greg Stark) - - * Automatic version changing courtesy of version-change.pl - -Fri Sep 14 15:22:29 2001 EKR - * Fixed bug 4. Delete the MS after decrypting a PMS - to force new MS generation in the key generation phase. - This makes decryption of renegotiated connections work - correctly. This got broken when session resumption - was added. - -2001-09-14 Eric Rescorla - - * Imported Greg Stark's Win32 port - -Sun Sep 2 15:53:06 2001 EKR - * Fixed the reassembler so it doesn't crash when - FIN/RST segments have data. - - * closure/connection freeing now works, thus meaning less - memory leakage and less crashing. - - * A bunch of trivial makefile/configure fixes. - -Fri Jul 20 16:40:51 2001 EKR - * Removed loading of certificate file. This served - no real purpose. Fix for bug 5. - -Fri Jul 20 11:02:09 2001 EKR - * Fixed initialization so that the key file is loaded - only once. - - Removed default keyfile and password. You now must - specify them. You also get an error if you specify - a bad password or keyfile. - -Fri Jul 20 10:17:36 2001 EKR - * Added support for session resumption. - -Fri Jul 20 10:17:16 2001 EKR - * Fixed SEQ_LT problems on Linux and other compilation - problems. - -Tue Mar 6 2001 EKR - * Removed statically allocated conn array. We can now - have an arbitrary number of - -Thu Nov 9 12:14:15 2000 EKR - * Cleanups to the man page and cleaned up some cases - where printing didn't work quite right. - -Mon Nov 6 10:22:25 2000 EKR - * Added the -X flag to force hex-only printing when - binary data is displayed as hex dumps. - -Fri Nov 3 09:23:35 2000 EKR - * cleaned up the case where multiple handshake messages - are in the same SSL record. - -Fri Nov 3 09:14:39 2000 EKR - * Modified printing so that when we're printing hex dumps - of application data traffic we also print the printable - sections of the data itself in a column on the side. - -Thu Nov 2 14:14:21 2000 EKR - * Modified cipher suite printing so that the names have - SSL_ if we're doing SSLv3 and TLS_ if we're doing TLS. - Suggestion by Eric Murray. - -Thu Nov 2 13:07:09 2000 EKR - * Fixed an ABW in ssldecode.c that caused crashes - on Solaris. Also, fixed a bunch of memory leaks - using Purify. - -Thu Nov 2 08:45:42 2000 EKR - * Various Portability fixes - CC=gcc -> CC=@CC@ in Makefile - Removed FLAGS in Makefile (it was a noop) - in base/tcpconn.c, changed {} to {0} to appease HPUX's compiler - made create_null_analyzer.c static as it should be. - Removed the final (bogus) entry in null_vtbl. - made sslx__print_serial() static to match its prototype - Rearranged library order for better linkage - Thanks to Lutze Jainecke for these fixes. - -Thu Nov 2 08:41:10 2000 EKR - * Added -r as a synonym for -f. -f will eventually - be removed and reused for some other option. - This was done for option compatibility with tcpdump - and on the theory that someday I might add a -w. - - * Renamed -h to -H and added it to the documentation. - -h now triggers usage info. - -Thu Nov 2 08:38:06 2000 EKR - * Removed blank lines in the man page. This confuses some - man page formatters. (Thanks to Hugh Mandeville for pointing - this one out) - -Thu Nov 2 08:37:59 2000 EKR - * Wired up -N (it was unwired) - -Thu Nov 2 08:37:47 2000 EKR - * Added -D_BSD_SOURCE=1 when you're compiling on Linux. - (Allowing it to compile) - - - - -