pEpEngine/NEWS

* update pEpEngineSequoiaBackend dependency: this in its turn will use a more
  recent sequoia-openpgp, which fixes a performance bug.
* update_pEp_user_trust_vals: fix and generalise my previous fix.

v3.2.0-RC14
* Provide a local.conf.example
* In local.conf.example explain how the DEBUG variable has changed behaviour
  in an incompatible way since Engine 3.2.0-RC13
* New API function stringpair_list_find_case_insensitive
* When searching for message headers always compare names case-insensitively.
  This is an incompatibile change, but the previous behaviour was incorrect.
* bug fix in set_as_pEp_user: do not hardwire the pEp protocol version to 2.1!
  The code doing that was particularly treacherous.  In order to prevent such
  errors in the future, introduce and use...
* PEP_PROTOCOL_VERSION_MAJOR, PEP_PROTOCOL_VERSION_MINOR: ...New macros.
* PEP_VERSION is now only a deprecated alias for PEP_PROTOCOL_VERSION,
  automatically computed from the two macros above.
* Rename PEP_CANNOT_SET_PEP_VERSION to PEP_CANNOT_SET_PEP_PROTOCOL_VERSION; keep
  the old name as a compatibility alias
* PEP_enc_format: new case aliases PEP_enc_PEP_message_v1 and
  PEP_enc_PEP_message_v2; the numeric values have not changes.
* rating_to_string: add a case for PEP_rating_media_key_protected, fixing #94.
* fix windows compilation problem releated to strcasecmp; problem reported by
  Alex.  This fixes
  https://gitea.pep.foundation/pEp.foundation/pEpEngine/issues/109 .
* New protocol version 3.3.
  The only difference is the new handling of trustwords with RIPEMD-160.
* Unfortunately we have to disable backward compatibility by default to prevent
  downgrade attacks.
  Compatibility with older protocols requiring xor trustwords is kept if the
  Engine is built with the CPP macro
  PEP_TRUSTWORDS_XOR_COMPATIBILITY defined.  This can be accomplished by adding
    -DPEP_TRUSTWORDS_XOR_COMPATIBILITY=1
  to the command line, or (when using our Makefile) by building with the make
  variable TRUSTWORDSXORCOMPATIBILITY defined.
  Explicitly calling get_xor_trustwords_for_fprs will always yield xor
  trustwords.
* A further incompatible change in xor trustwords, "[A_XOR_A]": combining an fpr
  with itself no longer returns the same fpr as the result.  In other words we
  no longer have a special case to force
    for every A  A xor A == A
  .  Instead I am switching to the correct alternative: now
    for every A  A xor A == 0
  .  The test suite used to explicitly check this case; I changed the test suite
  to agree with Mathematics.
  I significantly factored, rewrote and and cleand up the old trustword code in
  src/message_api.c .
* local.conf.example: document TRUSTWORDSXORCOMPATIBILITY.
* PUBLIC_API get_trustwords_for_fprs ranamed to
  get_xor_trustwords_for_fprs : this implements the old, weaker FPR combination
  which might be vulnerable to a collision attack
  (It is not possible to write a higher-level backwards-compatible function
  get_trustwords_for_fprs which decides the best algorithm: the two FPRs are
  not enough to decide which algorithm is needed)
* New PUBLIC_API:
  get_ripemd_trustwords_for_fprs : this implement the new, stronger FPR
  combination
* The following PUBLIC_API functions have a new behaviour but the same API:
  * get_trustwords (taking identity arguments)
  * get_message_trustwords (taking a message and a recipient identity)
  In case xor-trustwords-compatibility is disabled these function now return
  PEP_TRUSTWORD_NOT_FOUND (instead of mismatching trustwords) when refusing to
  downgrade.
* Bug fix: update the pEp protocol version supported by a communication partner
  on successful decrpyption of a message from her (including on PEP_UNENCRYPTED);
  I believe that this behaviour had always been intended.
* add a THANKS file

v3.2.0-RC13
* add NEWS file
* add release script (for the Engine maintainer): the Engine version is now in a
  machine-generated file src/pEpEngine_version.h
* Merge pull request 'PEMA-41 Make the ObjC adapterbuild for iOS agains the
  latest engine (master/v3.2.0-RC11)' (#92) from dirk/pEpEngine:PEMA-41 into
  master

v3.2.0-RC12
* handle_pong: fix bug preventing notification from being called, reported by
  Alex Sualdea
* Merge pull request 'PEMA-103-hotfix' (#88) from
  TSaschabc/pEpEngine:PEMA-103-hotfix into master
* Update sqlite amalgamation to 3.40.0

v3.2.0-RC11
* add the new pEp_log functionality -- notice that some platform code is
  UNTESTED; I am waiting for feedback from platform maintainers;
* add the new pEp_debug functionality;
* convert existing code to use the new logging and debugging functionality;
* set_debug_color: remove DYNAMIC_API function.
* log_event, log_service, _service_error_log:  remove DYNAMIC_API functions,
  replaced by the new log functionality in src/pEp_log.h; I could re-implement
  the old functions based on the new API if people want that, but using the API

v3.2.0-RC10
From this point on we consistently adopt the new naming scheme for tags: we
start the tag name with "v" instead of "Release_".
* fix compilation on windows (probably: untested).

Release_3.2.0-RC9
* BUILD: Fix - Effectively add include and lib dir from local.conf' (#82)
* unfinished debug / log changes
* (broken on windows)

v3.2.0-RC8
No complete change log for this RC, the first in the 3.x series to be actually
used.  The most important change from 2.x is Key-Election Removal; the list of
other changes (but not the changes themselves) is now lost.
Highligths:
* Switch from the old Sequoia-FFI to pEpEngineSequoiaBackend;
* Distribution.Echo protocol, ported from 2.x;
* Media keys, ported from 2.x;




This is a list of changes since Autumn 2022.  We did not formally keep track of
changes older than that, and in particular the changes from v2 to v3 are too
numerous to list.
Newer changes are at the top of this file.