Changelog for diohsc
This file covers only non-trivial user-visible changes;
see the git log for full gory details.
0.1.12
- SECURITY FIX: Restrict TOFU-trust of a certificate to a single service. Previous behaviour could be exploited for a MitM attack, by convincing the user to accept a certificate for one host, then using it in a MitM for another host.
- Immediately run commands entered in pager mode
- Wrap title lines
- Tell user if a certificate has been temporarily trusted before
0.1.11
- Drop targets of "log" from queues
- Preserve history when using relative links (e.g. "2?foo")
- Document backslash escapes in query
0.1.10
- Allow pre-fetched items in queue, with new "fetch" command to add them
- Add named queues, e.g. foo~
- Implement notation for (n-from) last element of a list, e.g. _$, _$2, _5-$2
- Run default action on a history item when going to it, e.g. with <
- Don't shell-quote explicit '%s' arguments, only implicit final argument
0.1.9
- Improve wrapping and paging with long words, wide chars, or thin terminals
- Shell-quote arguments to 'browse' and '!'
- Save uri with null last path segment under penultimate segment / hostname
- Sort file:// directory listings
0.1.8
- Use standard PEM/DER format for identities, allowing import/export
- Optionally generate Ed25519 client certificates ("TARGET id NAME ed")
- Require confirmation before following redirect into scope of identity
- TOFU-trust by default even if there are V3 or NameMismatch errors
0.1.7
- Handle ^C during streaming by truncating the stream
- Always request when going to uris using an identity
0.1.6.1
- Use canonical notBefore (00:00:00 1 Jan 1950) in client certs
- Add --prompt option, enabling usual command prompt after -e/-f
- Fix query escaping
- Fix colouring of wrapped link descriptions being lost when paging
- Fix --ghost not affecting queue loading
0.1.6
- New command "query" for e.g. convenient use of search engines
- Allow IRIs in user input (converted to URIs)
- Implement SOCKS5 support (-S and -P options)
- Fix bug triggered by /home being a symlink
- Fix bug with connecting to literal IPv6 addresses
0.1.5
- Align and wrap link lines; add option to print description first
- Use reverse video in prompt for added visibility (thanks Ben)
- Try all addresses when making connections (thanks rwv)
- Improve behaviour in non-interactive mode; add --batch to enable it
- Fix X.509 version and use dummy notAfter in generated client certificates
- Fix bugs in wrapping and relative link display
0.1.4
- Indicate links to cached history items
- Retry with full handshake if session resume fails
- Recommend trust for new certificate signed by previous certificate
- Increase client cert validity to 50y
- Make ghost mode even more spectral
0.1.3
- Allow trusting certificates just for the current session
- Don't require tail certificates to be v3
- Add uri of any request to log, even if request fails
- Just show fingerprint of known cert rather than picture
0.1.2
- Add @ target modifier for history root
- Understand e.g. ~<
- Suppress alt text by default
- Fix: uri quoting for queries and file:// was incorrect
- Fix: queue was not appended to on exit in non-interactive mode