<div dir="ltr">Hi all<br><br>Believe it or not, there has been some work done in the last four years..<br>I have been planning to make a new release soon and a newly discovered security issue made it more urgent. <br><br>Versions before the new 0.7.0 are vulnerable to a authentication bypass issue by an evil client which may process to guess the network ip addresses and continue setting up the connnection even if the password was incorrect. If the network information is correct it will be allowed to send traffic like normal.<br>
<br>The new release also contains some new features:<br><br> - Partial IPv6 support (#107)<br> Client can connect to iodined through an relaying IPv6<br> nameserver. Server only supports IPv4 for now.<br> Traffic inside tunnel is IPv4.<br>
- Add socket activation for systemd, by Michael Scherer.<br> - Add automated lookup of external ip (via -n auto).<br> - Bugfix for OS X (Can't assign requested address)<br> - Fix DNS tunneling bug caused by uninitialized variable, #94<br>
- Handle spaces when entering password interactively, fixes #93.<br> Patch by Hagar.<br> - Add -R option to set OpenBSD routing domain for the DNS socket.<br> Patch by laurent at gouloum fr, fixes #95.<br> - Add android patches and makefile, from Marcel Bokhorst, fixes #105.<br>
- Added missing break in iodine.c, by Pavel Pergamenshchik, #108.<br> - A number of minor patches from Frank Denis, Gregor Herrmann and<br> Barak A. Pearlmutter.<br> - Testcase compilation fixes for OS X and FreeBSD<br>
- Do not let sockets be inherited by sub-processes, fixes #99.<br> - Add unspecified RR type (called PRIVATE; id 65399, in private use<br> range). For servers with RFC3597 support. Fixes #97.<br> - Fix authentication bypass vulnerability; found by Oscar Reparaz.<br>
<div><br></div><div>Get the new release now at <a href="http://code.kryo.se/iodine/">http://code.kryo.se/iodine/</a></div><div>Download as source, 32/64 bit binaries for windows, or as Android binaries.</div><div><br></div>
<div>/Erik<br></div></div>