Releases: privacybydesign/irmago
Releases · privacybydesign/irmago
v0.13.0
Added
- E-mail address revalidation, addressing issues where user's e-mail addresses can be (temporary) invalid
- Publish the Docker image of the
irma
CLI tool on ghcr.io/privacybydesign/irma - Support for revocation db type
sqlserver
(Microsoft SQL Server)
Changed
- Use separate application user in Dockerfile for entrypoint
- Rename RevocationStorage's UpdateLatest function to LatestUpdates. This name better fits its behaviour. The functionality stays the same.
- Validate revocation witness before revocation update is applied
- RevocationStorage's EnableRevocation function does not return an error anymore if it has been enabled already
- Use a Docker image created from scratch as base for the Dockerfile
- Custom WrapErrorPrefix function that respects the error's type
- Log info message of irma.SessionError errors
As part of e-mail address revalidation:
VerifyMXRecord
incorporates a check to see if there is an active network connection- MyIrma server:
/user
returns an additional fieldrevalidate_in_progress
in the JSON response body, indicating whether the e-mail address is being revalidated or not - MyIrma server:
/user/delete
and/email/remove
return a 500 status code andREVALIDATE_EMAIL
error type if one or more e-mail addresses of the user are invalid
Note: Enabling e-mail address revalidation requires a change in the database schema. In order to do this please add the revalidate_on
column of type bigint
to the irma.emails
table. See the schema file. Otherwise e-mail address revalidation is disabled and there will not be a breaking change.
Fixed
- Race conditions in database logic of revocation storage
irma scheme verify
not detecting missing files in index- Scheme verification/signing does not reject credentials with invalid revocation settings
- Write transactions within memory implementation of revocation storage may lead to unintended changes
Removed
- Superfluous openssl package in Dockerfile
Security
- Let IRMA servers by default reject IRMA/Yivi apps that don't support pairing codes (IRMA protocol version <= 2.7)
Note: This is an important security update for issuers to make sure that pairing codes cannot be circumvented.
IRMA apps that don't support pairing codes should not be in circulation anymore, so this change won't affect users.
Yivi apps have always supported pairing codes.
Internal
- Linter switch from golint to staticcheck
- Use Postgres 15 for unit and component tests
v0.12.6
v0.12.5
v0.12.4
v0.12.3
Changed
- Move checks for missing schemes from scheme parsing to storage parsing
- Ignore directories in irma_configuration directory that don't contain a scheme
Fixed
- Stability issues in transport logic
- Server and client timeouts are out-of-sync
- Keyshare server returns 403 status codes when database is down
- Handling invalid email or login tokens gives different status codes in different contexts
- CopyDirectory function may fail when relative paths are used
Security
- Improve randomness of session tokens and pairing codes
Internal
- Change contact e-mail address in README to Yivi
- Phase out deprecated io/ioutil library
v0.12.2
v0.12.1
v0.12.0
Added
- Separate timeout constraints for the amount of time a client has to complete a session (
MaxSessionLifetime
) and a requestor has to retrieve the session result from the server (SessionResultLifetime
) - In
keyshareserver
,EmailTokenValidity
allows configuring how long an e-mail address validation token is valid
Changed
- The maximum time a client has to complete a session is increased in
MaxSessionLifetime
to 15 minutes by default myirmaserver
returns a more appropriate403 Invalid token
error response during e-mail address verification at/verify
when the provided token is expired and therefore not found in the database.
Security
- Update dependency
golang.org/x/net
to v0.7.0, addressing CVE-2022-27664 - Update dependency
golang.org/x/text/language
to v0.7.0, addressing CVE-2022-32149
v0.11.2
v0.11.1
Added
- Missing support for keyshare server endpoint versioning
Removed
- Superfluous endpoint versioning in HTTP response headers of keyshare server
Fixed
- Race condition in revocation gocron instance due to jobs that start too soon
- Deal with leftover temp dirs in scheme folder if updating is aborted
- Scheme index updates within UpdateSchemes should be written to disk atomically
- InstallScheme does not undo its changes when an error occurs
- Test: race condition in StartBadHttpServer handler
Note: On 23-01-2023 we fixed an issue in the irma CLI tool artifacts. This means that the file hashes have changed.