GitLab

Similarly to the previous commit, if we receive a COMMIT message, we
should just use it to start a new SIGMA protocol, rather than comparing
it against the old COMMIT message we may have still lying around.  This
completely removes the need for the otrl_auth_copy_on_commit function.

If we receive a COMMIT message after sending our own COMMIT, it used to
be the case that this was a simultaneous attempt to start OTR from each
side.  Now it's much more likely that one side sent its COMMIT some time
in the past, but it stuck around in the master context, just in case
some other logged in instance of the buddy is still going to respond
with a DHKEY message.  So if we now receive a COMMIT *to* the master
context, ignore the old COMMIT we sent, and always use the received one
to start a new SIGMA protocol.

If debugging is enabled, and you type ?OTR!!, all contexts will be
dumped to stderr.

If OTRL_DEBUGGING is set, add functions to dump the internal
state of a ConnContext to a FILE*.

Consider copying the master auth context to the child, even if the child
is already in ENCRYPTED, because we might be trying to refresh a private
conversation.

checks for support LD support for -pie, --dynamicbase,
and --nxcompat on win32.

checks for support of CC support for -fPIE.

    These new compiler and linker hardening options may be disabled at
    your own peril with the following options to configure:

      --disable-gcc-hardening, disable compiler security checks
      --disable-linker-hardening, disable linker security fixups

Thanks to George Kadianakis <desnacked@riseup.net> for the report.

Just to make it a bit cleaner

It turns out it can't happen in the current code, as messagep
can't be NULL at this point if an error hasn't been flagged.
But still, better safe, in case something changes later.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Thanks to Paul Wouters <paul@cypherpunks.ca> for the report.

Clean up the previous b64 patch and apply it to all places where
otrl_base64_decode() is called.

This prevents a one-byte heap buffer overflow.  Thanks to Justin
Ferguson <jnferguson@gmail.com> for the report.

(It wouldn't appear in practice, as we don't send around >2GB objects,
but still, better to close a possible attack vector.)

Preparing for 4.0.0-beta2.