nightly

cleanup: Add nullability to more function params and return types.

v0.2.22

Release notes

This release focuses on hardening, architectural refinement, and better testing capabilities.

On the Hardening front, the ToxAV module has undergone significant security improvements. We have addressed a heap buffer overflow in RTP packet handling and fixed several logic bugs in the bandwidth controller and audio modules that could affect stability.

Architectural Refactoring continues with the internalization of core system dependencies. The system clock, random number generation, and memory management are now accessed through abstract interfaces, further decoupling the core from OS-specific implementations and making the codebase more portable and testable.

Bug Fixes

• Prevent potential integer overflow in group chat handshake. (8b467cc9)
• potential division by zero in toxav and unsafe hex parsing (fc4396ce)
• correct printf format specifiers for unsigned integers (46bfdc2d)
• DHT: Correct node skipping logic timed out nodes. (d5b5e879)
• autotools: add tox_log_level.h to public headers list (b79b7d43)
• group_chats: fix sync packets reverting topics (e206bffa)
• group_moderation: allow validating unsorted sanction list signatures (ece0e898)
• toxav:
  • fix heap buffer overflow in RTP video packet handling (4fbd7c10)
  • harden video processing and fix large frame handling (da1c13a2)
  • fix multiple logic bugs in audio module (47282528)
  • fix multiple bugs in bandwidth controller and add tests (dc963d9a)
  • handle vpx_image_alloc failure (3e22fd5c)
• toxencryptsave: Wipe salt and passkey after usage. (7cefa93c)

Features

• Add a way to look up a file number by ID. (b144e8db)
• Add a way to fetch groups by chat ID. (849281ea)
• Add Event Loop abstraction (Ev). (2f87ac67)

Performance

• Add a timed limit of number of cookie requests. (8f92e710)
• toxav: optimize audio and video intermediate buffers by keeping them around (d68d1d09)

v0.2.22-rc.1

Release notes

This release focuses on hardening, architectural refinement, and better testing capabilities.

On the Hardening front, the ToxAV module has undergone significant security improvements. We have addressed a heap buffer overflow in RTP packet handling and fixed several logic bugs in the bandwidth controller and audio modules that could affect stability.

Architectural Refactoring continues with the internalization of core system dependencies. The system clock, random number generation, and memory management are now accessed through abstract interfaces, further decoupling the core from OS-specific implementations and making the codebase more portable and testable.

Bug Fixes

• Prevent potential integer overflow in group chat handshake. (8b467cc9)
• potential division by zero in toxav and unsafe hex parsing (fc4396ce)
• correct printf format specifiers for unsigned integers (46bfdc2d)
• DHT: Correct node skipping logic timed out nodes. (d5b5e879)
• autotools: add tox_log_level.h to public headers list (b79b7d43)
• group_chats: fix sync packets reverting topics (e206bffa)
• group_moderation: allow validating unsorted sanction list signatures (ece0e898)
• toxav:
  • fix heap buffer overflow in RTP video packet handling (4fbd7c10)
  • harden video processing and fix large frame handling (da1c13a2)
  • fix multiple logic bugs in audio module (47282528)
  • fix multiple bugs in bandwidth controller and add tests (dc963d9a)
  • handle vpx_image_alloc failure (3e22fd5c)
• toxencryptsave: Wipe salt and passkey after usage. (7cefa93c)

Features

• Add a way to look up a file number by ID. (b144e8db)
• Add a way to fetch groups by chat ID. (849281ea)
• Add Event Loop abstraction (Ev). (2f87ac67)

Performance

• Add a timed limit of number of cookie requests. (8f92e710)
• toxav: optimize audio and video intermediate buffers by keeping them around (d68d1d09)

v0.2.21

Release notes

This release brings 2 great featues. First, the abillty to disable DNS lookups, which has been a long requested security feature, which we plan to default to in an upcoming version.
Second, there is an network profiler, which tallies up sent and received network packets.

Beside these features we also have fixes like a 75% memory usage reduction for NGCs and connecting to NGC with a password if we are already joined, which might be necessary if a password was set or changed while you where away.
Furthermore, we now have better localhost discovery, which means that nodes on the same system find each other.

---

If you have not yet upgraded to the previous release (0.2.20), you absolutely should, as it fixes a security issue. All releases before 0.2.20 used VBR opus encoding, which is susceptible to transcription attacks. ( see #2757 )

Features

• Add a Makefile for the single file deploy build. (432ab60c)
• Implement Tox network profiler (80fabd4a)
• Add to_string functions for toxencryptsave errors. (d10c966b)
• implement the last 2 missing network struct functions and make use of them (ac812871)
• Add option to disable DNS lookups in toxcore. (819aa2b2)
• net: add missing connect to network struct (2e94da60)

Performance

• Use stack allocation for strerror rendering. (f1991aaa)

Bug Fixes

• ip to string function not accepting tcp families (26a991ed)
• run do_gca also in bootstrap nodes (9f723f89)
• Don't crash on malloc failures in bin_unpack. (edb4dfc4)
• Fake broadcast address for 127.x.x.x (d9b8fa60)
• Avoid memcpy-ing structs into onion ping id data. (3cfe41c7)
• Add more information on why the frame was not sent. (e32ac001)
• Allow TCP connections to fail connect calls. (ab887003)
• Allow peers to reconnect to group chats using a password (fc065060)
• reduce memory usage in group chats by 75% Significantly reduced the memory usage of groups since all message slots are preallocated for every peer for send and receive buffers of buffer size (hundreds of MiB peak when save contained alot of peers to try to connect to) (11ab1d2a)
• friend requests with very long messages are no longer dropped (93aafd78)
• windows use of REUSEADDR (0ac23cee)
• forgot an enum in the nodes request rename see #2860 (9324a974)
• bazel:
  • one more fuzz target that needs netprof (1d4cc783)
  • make net_prof visible to its consumers (066aafbf)
  • missing dep for auto_tests (9dcc2f53)
  • missing dep for fuzz target (741ac5f5)
• ngc: dont double every message, if we are not directly connected but we and the other peer would support direct. (219773bf)

v0.2.21-rc.1

Release notes

Pre-release for toxcore. Primarily, we now have an experimental network profiling callback.

Features

• Add a Makefile for the single file deploy build. (432ab60c)
• Implement Tox network profiler (80fabd4a)
• Add to_string functions for toxencryptsave errors. (d10c966b)
• implement the last 2 missing network struct functions and make use of them (ac812871)
• Add option to disable DNS lookups in toxcore. (819aa2b2)
• net: add missing connect to network struct (2e94da60)

Performance

• Use stack allocation for strerror rendering. (f1991aaa)

Bug Fixes

• ip to string function not accepting tcp families (26a991ed)
• run do_gca also in bootstrap nodes (9f723f89)
• Don't crash on malloc failures in bin_unpack. (edb4dfc4)
• Fake broadcast address for 127.x.x.x (d9b8fa60)
• Avoid memcpy-ing structs into onion ping id data. (3cfe41c7)
• Add more information on why the frame was not sent. (e32ac001)
• Allow TCP connections to fail connect calls. (ab887003)
• Allow peers to reconnect to group chats using a password (fc065060)
• reduce memory usage in group chats by 75% Significantly reduced the memory usage of groups since all message slots are preallocated for every peer for send and receive buffers of buffer size (hundreds of MiB peak when save contained alot of peers to try to connect to) (11ab1d2a)
• friend requests with very long messages are no longer dropped (93aafd78)
• windows use of REUSEADDR (0ac23cee)

v0.2.20

Release Notes

• Make tox-bootstrapd use bool instead of int @nurupo (#2692)
• Add release-drafter github action. @iphydf (#2780)
• Use toktok's cmp instead of upstream. @iphydf (#2779)
• Sort apk/apt install commands in Dockerfiles. @iphydf (#2778)
• Upgrade to FreeBSD 14.1 in cirrus build. @iphydf (#2777)
• set options changes as cache and with force @Green-Sky (#2762)
• Use Opus in the CBR mode @nurupo (#2757)
• new minimum for all android versions is 21 @Green-Sky (#2769)
• Fix GitHub actions deprecation warnings @robinlinden (#2745)

Bug Fixes

• Add missing free in dht_get_nodes_response event. @iphydf (#2788)
• pass video bit rate as kbit @Green-Sky (#2782)
• friend_connections leak on allocation failure. @Green-Sky (#2772)
• wrong comment for closelist @Green-Sky (#2785)
• events leak that can occur if allocation fails @Green-Sky (#2771)
• Return an error instead of crashing on nullptr args in NGC. @iphydf (#2783)
• toxav rtp temp buffer allocation size was too large @Green-Sky (#2768)

Documentation

• fix docs of toxav.h @Green-Sky (#2754)
• wrong comment for closelist @Green-Sky (#2785)

Maintenance (Grunt tasks)

• Release 0.2.20 @robinlinden (#2792)
• lower cirrus ci timeout drastically @Green-Sky (#2784)
• Fix CI @nurupo (#2761)
• Fix Circle CI build failing @nurupo (#2755)
• Memory leak in the bootstrap daemon @nurupo (#2747)

Maintenance (Code cleanup)

• Fix all -Wsign-compare warnings. @iphydf (#2786)
• Remove useless if clause @JFreegman (#2717)

Maintenance (Dependencies)

• bump golang.org/x/net from 0.17.0 to 0.23.0 in /other/bootstrap_daemon/websocket/websockify @dependabot (#2751)

Maintenance (Refactoring)

• Make ToxAV independent of toxcore internals. @iphydf (#2651)

v0.2.19

Release Notes

• Add cmake flag to disable unit tests. @iphydf (#2742)
• Document that group topic lock is default on. @iphydf (#2744)
• Add missing param docs for callbacks. @iphydf (#2743)
• Don't expose Tox_System in the public API @nurupo (#2741)
• Small API doc fixes @nurupo (#2735)
• Rename out parameters to out_$something. @iphydf (#2726)
• event length naming inconsistencies @Green-Sky (#2732)
• flaky tcp test @Green-Sky (#2369)
• Update and improve the Windows cross-compilation @nurupo (#2713)
• Use a specific non-broken slimcc version. @iphydf (#2718)
• Update github actions. @iphydf (#2712)
• Update the list of CMake options @nurupo (#2710)
• Rename Queries to Query to align with other enums. @iphydf (#2705)
• Correct type for conference offline peer numbers. @iphydf (#2704)
• Add pkgsrc build. @iphydf (#2699)
• Add FreeBSD VM action on GitHub. @iphydf (#2700)
• Build toxcore on NetBSD (VM). @iphydf (#2697)
• Only install tox_private.h on request. @iphydf (#2698)
• Don't serve files from websockify. @iphydf (#2695)
• Correctly pass extended public keys to group moderation code. @iphydf (#2689)
• Use structs for extended public/secret keys. @iphydf (#2672)
• Compile libsodium reference implementation with compcert. @iphydf (#2686)
• Don't use memcpy to cast arbitrary structs to uint8_t[]. @iphydf (#2684)
• Pass array, not array pointer, to memcmp. @iphydf (#2683)
• Never pass void* directly to memcpy. @iphydf (#2682)
• Use tox rng to seed the keypair generation. @iphydf (#2671)
• Small improvements found by PVS Studio. @iphydf (#2666)
• Disable NGC saving by default, enable through Tox_Options. @iphydf (#2678)
• Replace pointer arithmetic with explicit &arr[i]. @iphydf (#2675)
• Use strong typedef for NGC peer id. @iphydf (#2643)
• Simplify custom packet length check in NGC. @iphydf (#2659)
• Correct a few potential null derefs in bootstrap daemon. @iphydf (#2662)
• Add missing memunlock of local variable when it goes out of scope. @iphydf (#2660)
• Zero out stack-allocated secret key before return. @iphydf (#2661)
• Make prune_gc_sanctions_list more obviously correct. @iphydf (#2658)
• Add static analysis tool list to README. @iphydf (#2656)
• Run prettier-markdown on markdown files. @iphydf (#2664)
• Use strong typedef instead of struct for Socket. @iphydf (#2640)
• Fix some false positive from PVS Studio. @iphydf (#2657)
• Check that WINXP macro exists before comparing it. @iphydf (#2655)
• Make tox mutex non-recursive. @iphydf (#2652)
• Fix up doxyfile. @iphydf (#2647)
• Add more documentation to crypto_core. @iphydf (#2648)
• Remove Tox * from tox_dispatch. @iphydf (#2645)
• Don't rely on tox_dispatch passing tox in tests. @iphydf (#2644)
• Use C++ mode for clang-tidy. @iphydf (#2642)
• Check that both gtest and gmock exist for tests. @iphydf (#2637)
• Add slimcc compiler compatibility test. @iphydf (#2624)
• Add some comments to the astyle config. @iphydf (#2634)
• Remove implicit bool conversions. @iphydf (#2621)
• Rename C++ headers to .hh suffixes. @iphydf (#2626)
• Further #include cleanups. @iphydf (#2617)
• Only check the bootstrap daemon checksum on release. @iphydf (#2620)
• Add more const where possible. @iphydf (#2622)
• Use Bazel modules to enforce proper #include hygiene. @iphydf (#2614)
• Move pack/unpack IP_Port from DHT into network module. @iphydf (#2612)
• Really fix coverage docker image build. @iphydf (#2611)
• Fix post-submit coverage image. @iphydf (#2610)
• Don't use memcmp to compare IP_Ports. @iphydf (#2605)
• Fix rpm build; add a CI check for it. @iphydf (#2604)
• Speed up docker builds a bit by reducing layer count. @iphydf (#2603)
• Add const where possible in auto tests. @iphydf (#2602)
• Minor cleanup of event unpack code. @iphydf (#2580)
• Rename system_{memory,...} to os_{memory,...}. @iphydf (#2598)
• Remove all uses of SIZEOF_VLA. @iphydf (#2592)
• Add goblint static analyser. @iphydf (#2597)
• Use memzero(x, s) instead of memset(x, 0, s). @iphydf (#2594)
• Use explicit 0 instead of PACKET_ID_PADDING. @iphydf (#2593)
• Expand the Tox_Options accessor macros. @iphydf (#2591)
• Remove plan9 support. @iphydf (#2588)
• Add a simple new/delete test for Tox. @iphydf (#2590)
• Add comment after every #endif. @iphydf (#2587)
• Fix comment I broke in the events test PR. @iphydf (#2583)
• Migrate auto_tests to new events API. @iphydf (#2559)
• Add common msgpack array packer with callback. @iphydf (#2577)
• Rename group to conference in groupav documentation. @iphydf (#2582)
• Ensure handler params are named after callback params. @iphydf (#2581)
• Pass this pointer as first param to s11n callbacks. @iphydf (#2575)
• Allow NULL pointers for byte arrays in events. @iphydf (#2578)
• Remove bin_pack_{new,free}. @iphydf (#2572)
• Add dht_get_nodes_response event to the events system. @iphydf (#2568)
• Use enum-specific pack functions for enum values. @iphydf (#2567)
• Factor out union pack switch from event packer. @iphydf (#2565)
• Move the 2-element array pack out of individual events. @iphydf (#2564)
• Remove empty test doing nothing. @iphydf (#2566)
• Add printf log statement to group_moderation_test. @iphydf (#2563)
• Make event dispatch ordered by receive time. @iphydf (#2392)
• tests use ipv6 by default, even with USE_IPV6 set to 0 @Green-Sky (#2468)
• add clangd files to .gitignore @Green-Sky (#2562)
• Move file streaming test to its own file. @iphydf (#2561)
• window builds now build in parallel @Green-Sky (#2560)
• Add C++ classes wrapping system interfaces. @iphydf (#2557)
• Make all the fuzzers work again, and add a test for protodump. @iphydf (#2554)
• Factor out malloc+memcpy into memdup. @iphydf (#2538)
• Make sure there's enough space for CONSUME1 in fuzzers. @iphydf (#2552)
• Add fuzz tests to the coverage run. @iphydf (#2547)
• Move from gcov to llvm source-based coverage. @iphydf (#2551)
• Use operator== for equality tests of Node_format. @iphydf (#2545)
• Slightly nicer C++ interface to tox Random. @iphydf (#2543)
• Minor refactoring of get_close_nodes functions. @iphydf (#2539)
• Some more test cleanups, removing overly smart code. @iphydf (#2536)
• Assign malloc return to a local variable first. @iphydf (#2530)
• Add more unit tests for add_to_list. @iphydf (#2531)
• Add "infer" CI check to github, remove from circle. @iphydf (#2529)
• Add dynamically derived array sizes to the API. @iphydf (#2525)
• Add explicit array sizes to toxencryptsave. @iphydf (#2524)
• Add Toxav alias for ToxAV. @iphydf (#2527)
• Make Tox_Options a typedef. @iphydf (#2526)
• Simplify msvc build using vcpkg. @iphydf (#2498)
• Move tox_get_system out of the public API. @iphydf (#2523)
• Align group message sending with other send functions. @iphydf (#2519)
• Make setters take non-const Tox *. @iphydf (#2522)
• Mark arrays in the tox API as [] instead of *. @iphydf (#2520)
• Make array params in toxav [] instead of *. @iphydf (#2521)
• Add typedefs for public API int identifiers. @iphydf (#2518)
• Add fetch-sha256 script to update bootstrap node hash. @iphydf (#2513)
• Remove settings.yml in favour of hs-github-tools. @iphydf (#2516)
• Use GPL license with https. @iphydf (#2515)
• Move all vptr-to-ptr casts to the beginning of a function. @iphydf (#2512)
• Use github actions matrix to simplify CI. @iphydf (#2510)
• Use QueryPerformanceCounter on windows for monotonic time. @iphydf (#2509)
• Add net_(new|kill)_strerror to cppcheck's allocators. @iphydf (#2508)
• Run clang-tidy on headers, as well. @iphydf (#2507)
• Make TCP connection failures a warning instead of error. @iphydf (#2506)
• Make all .c files include the headers they need. @iphydf (#2505)
• Upgrade to clang-tidy-17 and fix some warnings. @iphydf (#2503)
• Upgrade cppcheck, fix some warnings. @iphydf (#2504)
• Use pkg_search_module directly in cmake. @iphydf (#2502)
• Use target_link_libraries directly in cmake. @iphydf (#2499)
• Add IMPORTED_TARGET to pkg-config packages. @iphydf (#2501)
• Remove NaCl support. @iphydf (#2497)
• unpack enum function names in event impl generator @Green-Sky (#2494)
• Disable targets for cross-compilation. @iphydf (#2493)
• Build a docker image with coverage info in it. @iphydf (#2491)
• Some portability/warning fixes for Windows builds. @iphydf (#2490)
• Correct a use-after-free and fix some memory leaks. @iphydf (#2488)
• Change all enum-like #define sequences into enums. @iphydf (#2487)
• Fix make_single_file to support core-only. @iphydf (#2484)
• Change the TCP_PACKET_* defines into an enum. @iphydf (#2486)
• event generation tool for reorder pr @Green-Sky (#2485)
• Give enum-from-int functions the ability to report errors. @iphydf (#2475)
• Update github actions uses. @iphydf (#2481)
• Make esp32 build actually try to instantiate tox. @iphydf (#2439)
• Remove test net support. @iphydf (#2474)
• add ngc related unpack functions @Green-Sky (#2480)
• Add to_string functions for all public enums. @iphydf (#2479)
• add real timeout test @Green-Sky (#2477)
• Move s390x build to post-merge. @iphydf (#2476)
• Slightly reduce bandwidth usage when there are few nodes. @iphydf (#2442)
• Enable ubsan on bootstrap nodes. @iphydf (#2472)
• Add check-c run to bazel build. @iphydf (#2470)
• increase NGC lossy custom packet size @Green-Sky (#2384)
• replace memset with a loop @nurupo (#2465)
• also Install header for private/experimental API functions with autotools @zoff99 (#2458)
• Enable debug flag for ubsan. @iphydf (#2459)
• memory leaks @nurupo (#2454)
• replace DEFAULT_TCP_RELAY_PORTS_COUNT with a compile-time calculation @nurupo (#2452)
• clarify disabling of static assert checks @nurupo (#2451)
• Use Bin_Pack for packing Node_format. @iphydf (#2420)
• replace tabs with spaces @nurupo (#2449)
• Docker tox-bootstrapd hash update f...

v0.2.18

Release Notes

Features

• Merge group announce portion of new groupchats implementation @JFreegman (#2230)
• Allow overriding mono_time in tox_new. @iphydf (#2206)
• Store announcements @zugz (#2147)
• Add support for custom random number generator. @iphydf (#2190)
• Merge moderation portion of new groupchats codebase @JFreegman (#2169)
• Add support for overriding network functions. @iphydf (#2177)
• Merge onion_announce changes from new groupchats fork @JFreegman (#2164)

Performance improvements

• Make time move a lot faster in fuzzing runs. @iphydf (#2193)

Bug Fixes

• remove the assert because buffer can be larger than UINT16_MAX. @zoff99 (#2299)
• Don't allow onion paths to be built from real friends. @iphydf (#2287)
• Fix potential array out-of-bounds in DHT onion path building. @iphydf (#2282)
• Allow onion paths to be built from more random nodes. @iphydf (#2283)
• Really fix overrun added in e49a477 @zugz (#2273)
• Add missing return on error @JFreegman (#2272)
• Fixed leak and overrun added in e49a477 @zugz (#2266)
• Format IP as string again in error log. @iphydf (#2257)
• Fix a stack overflow triggered by small DHT packets. @iphydf (#2255)
• Don't crash if RNG init failed. @iphydf (#2246)
• fix typo in git command in INSTALL.md @zugz (#2225)
• Correct calculation of packet sent time @zugz (#2195)
• Eliminate memory leak in toxav. @iphydf (#2155)
• Allow port range in DHT_bootstrap.c. @iphydf (#2143)

Documentation

• Add information regarding git submodules, cmp to INSTALL.md @Tha14 (#2201)
• Put all the tox public api into a fake "tox" namespace. @iphydf (#2153)

Maintenance (Grunt tasks)

• Release 0.2.18 @robinlinden (#2300)
• Downgrade C++ version to 17 @JFreegman (#2275)
• Upgrade to C++20 in CMake build. @iphydf (#2263)
• Add initial ESP32 docker build. @iphydf (#2243)
• Add MISRA-2012 check using cppcheck's misra addon. @iphydf (#2251)
• Support producing shared libraries on Windows @robinlinden (#2204)
• Add dependabot config. @iphydf (#2236)
• Fix path to fuzzer binaries in clusterfuzz build. @iphydf (#2228)
• Add uint8_t version of bin_pack for numbers. @iphydf (#2223)
• Clone submodules in clusterfuzzlite Dockerfile. @iphydf (#2210)
• Remove valgrind build. @iphydf (#2208)
• Add third_party to toxcore-sources docker image. @iphydf (#2189)
• Use "master" as the branch in toktok-fuzzer. @iphydf (#2173)
• Enable memory sanitizer build. @iphydf (#2163)
• Update the Appveyor build to VS2019 to work around conan issues @robinlinden (#2159)
• Be even more explicit about integer range bounds. @iphydf (#2145)
• Add testing/Dockerfile to the CI build. @iphydf (#2146)

Maintenance (Code cleanup)

• remove unused field last_seen from Onion_Friend @zugz (#2297)
• Avoid goto in msi.c. @iphydf (#2281)
• Replace a series of if statements with a switch. @iphydf (#2233)
• remove populate_path_nodes_tcp @zugz (#2250)
• Use static_assert instead of assert where possible. @iphydf (#2242)
• Make *_free and kill_* functions nullable. @iphydf (#2238)
• Remove layers in the cmake build. @iphydf (#2229)
• Add Network object parameter for addr_resolve. @iphydf (#2217)
• Remove unused random_testing program. @iphydf (#2213)
• Remove all uses of TOX_*_MAX_SIZE macros. @iphydf (#2214)
• Add include for assert.h for the fuzzing build. @iphydf (#2224)
• Move definitions of tox_private.h functions to tox_private.c. @iphydf (#2211)
• Expand CONST_FUNCTION and remove the macro. @iphydf (#2212)
• Mark Mono_Time const where possible. @iphydf (#2199)
• Avoid name clash between struct field and function. @iphydf (#2202)
• Add more null checks in tox_new. @iphydf (#2200)
• Make addr_resolve a private function. @iphydf (#2188)
• Use _Static_assert in gcc/clang. @iphydf (#2186)
• improve CMakeLists.txt structure @sudden6 (#2101)
• Expose struct Tox to internal code. @iphydf (#2158)
• Reduce scope of array-typed variables where possible. @iphydf (#2167)
• Reduce scope of variables as requested by cimple. @iphydf (#2166)
• Avoid memset on structs. @iphydf (#2149)
• Split the huge TCP client packet handler. @iphydf (#2157)
• Sync doc comments between .h and .c files. @iphydf (#2156)
• Move all the group.h structs into group.c. @iphydf (#2150)
• Minor cleanups in TCP_connection.c. @iphydf (#2144)
• Count re-adding an existing bootstrap node as success. @iphydf (#2142)
• Disable LAN discovery in TCP-only mode. @iphydf (#2141)
• Add assertion for decrypted data length. @iphydf (#2140)

Maintenance (Dependencies)

• Use upstream cmp directly instead of our fork. @iphydf (#2240)

Maintenance (Refactoring)

• Move crypto utilities from util to crypto_core. @iphydf (#2284)
• Avoid static_cast in Fuzz_System functions. @iphydf (#2277)
• Protect array unpacking against invalid lengths. @iphydf (#2261)
• Rename announce functions into their own namespace. @iphydf (#2258)
• Use a struct for the ip_ntoa buffer. @iphydf (#2248)
• Allow NULL logger; make it no-op in NDEBUG. @iphydf (#2244)
• Rename bin_pack/unpack functions the same as cmp funcs. @iphydf (#2219)
• Use cmp instead of msgpack-c for events packing. @iphydf (#2175)

Maintenance (Tests)

• Improve test hermeticity by using local TCP relay. @iphydf (#2280)
• Add a Null_System used in toxsave_harness. @iphydf (#2289)
• enable additional sanitizers for fuzzing @sudden6 (#2288)
• Enable fuzzing for TCP. @iphydf (#2279)
• Don't abort fuzz test when tox_new fails. @iphydf (#2285)
• Improve error messages in toxav_basic_test. @iphydf (#2270)
• Add more functionality to the bootstrap fuzz harness. @iphydf (#2234)
• Improve stability of forwarding_test. @iphydf (#2249)
• Add fuzzer support functions for internal toxcore objects. @iphydf (#2232)
• Add DHT and tox_events fuzz tests to the cmake build. @iphydf (#2187)
• Remove save_load_test from autotools build. @iphydf (#2196)
• Enable more tests for msan. @iphydf (#2183)
• Add some support functions to make writing fuzzers easier. @iphydf (#2184)
• Improve stability of tox_many_tcp_test. @iphydf (#2182)
• try to save the fuzzed save file again @sudden6 (#2176)
• Add fuzzer tests to the bazel build. @iphydf (#2170)
• Improve the stability of the save_load test @robinlinden (#2160)
• Speed up toxav_many_test by using fake mono_time. @iphydf (#2154)

v0.2.17

Release Notes

Performance improvements

• Refactor onion_client.c do_friends() to reduce network traffic @JFreegman (#2078)
• fix issue with friend finding taking too long after disconnects. @JFreegman (#2092)

Bug Fixes

• Report failure to DHT bootstrap back to the client. @iphydf (#2104)
• Null function pointer dereference. @iphydf (#2094)
• out-of-memory condition by corrupted save file @sudden6 (#2084)
• toxsave memory leak while loading groups @sudden6 (#2064)

Documentation

• Clean up doxygen comments to be more doxygen-like. @iphydf (#2136)

Maintenance (Grunt tasks)

• Enable a bunch more warnings in GCC builds. @iphydf (#2122)
• remove cpufeatures.c @sudden6 (#2100)
• remove DHT_test.c since it's unused @sudden6 (#2098)
• Add a .clang-format that mostly agrees with astyle. @iphydf (#2075)
• Make coverity scan a nightly job. @iphydf (#2074)
• Simplify and speed up windows builds using docker image. @iphydf (#2072)
• Fix build-args in win32/win64 docker build. @iphydf (#2073)
• Add docker image builds for windows cross compiler. @iphydf (#2070)

Maintenance (Code cleanup)

• Add explicit callback setters for MSI callbacks. @iphydf (#2134)
• Split util.c out of the network library. @iphydf (#2131)
• Remove redundant () around return expression. @iphydf (#2130)
• Move test-only functions into tests. @iphydf (#2135)
• Remove redundant Messenger and DHT tests. @iphydf (#2133)
• Remove EAGAIN from the list of ignored errors. @iphydf (#2127)
• Remove port from Broadcast_Info. @iphydf (#2126)
• Don't reference local variables in macro bodies. @iphydf (#2125)
• Remove some more implicit bool conversions. @iphydf (#2123)
• Log at ERROR level when connect() fails. @iphydf (#2115)
• Remove all boolean-int conversions. @iphydf (#2120)
• Remove more boolean conversions (and a bugfix). @iphydf (#2116)
• Comply with strict include ordering. @iphydf (#2117)
• Avoid creating invalid enum values. @iphydf (#2114)
• Remove superfluous parentheses on the rhs of assignments. @iphydf (#2113)
• Change valid status of onion friend to bool. @iphydf (#2105)
• Remove more implicit bool conversions. @iphydf (#2103)
• Mark all local non-pointers as const where possible. @iphydf (#2102)
• Reduce name shadowing; remove ptr-to-bool conversions. @iphydf (#2099)
• Remove implicit conversions from uint32_t to bool. @iphydf (#2097)
• Return boolean constants, not ints from bool functions. @iphydf (#2096)
• Remove any disallowed casts. @iphydf (#2093)
• Avoid casting function pointers. @iphydf (#2091)
• Enable most cppcheck warnings as errors. @iphydf (#2086)
• Remove all implicit bool conversions in if-conditions. @iphydf (#2088)
• Remove unused execution trace library. @iphydf (#2079)

Maintenance (Refactoring)

• Move tox_new_log to auto_test_support. @iphydf (#2090)

Maintenance (Tests)

• Add unit test for create/handle request packets. @iphydf (#2128)
• Add mallocfail and proxy test to our coverage runs. @iphydf (#2108)
• Add test coverage docker build for local tests. @iphydf (#2106)

v0.2.16

Release Notes

Features

• Improve how we share TCP relays with friends @JFreegman (#2047)
• add DHT queries to private API @JFreegman (#1935)
• add bash-completion for tox-bootstrapd @nurupo (#2007)
• Add unpacker functions for events structures. @iphydf (#1996)
• Add binary packing functions for tox events. @iphydf (#1993)
• Add async event handling (callbacks) code. @iphydf (#1952)

Performance improvements

• Take advantage of fast networks for file transfers @zugz (#1668)
• Reduce minimal encoding size of packed events. @iphydf (#2024)

Bug Fixes

• properly deallocate frozen peers @sudden6 (#2058)
• Fix return type of functions returning uint64_t. @iphydf (#2052)
• file transfer bug introduced in commit 2073d02 @JFreegman (#2041)
• remove bogus asserts in fuzzer harness @sudden6 (#2031)
• syntax error introduced in 8bf3799 @sudden6 (#2028)
• add continous fuzzing @sudden6 (#2027)
• Coverty scan @nurupo (#2018)
• shared toxcore autotools build failing @nurupo (#2015)
• Conan build link failures @robinlinden (#2011)

Documentation

• Add libmsgpack dependency in INSTALL.md @cryptogospod (#2016)

Maintenance (Grunt tasks)

• Simplify and speed up nacl build using toxchat/nacl. @iphydf (#2069)
• Add BUILD file for websockify. @iphydf (#2036)
• fine tune fuzzing settings @sudden6 (#2035)
• update the list of CMake options & Windows Docker build deps @nurupo (#2032)
• expand fuzzing to toxsave @sudden6 (#2030)
• Fix implicit declaration warning in fuzz build @robinlinden (#2026)
• add continous fuzzing to our CI @sudden6 (#2025)
• Set up an Android CI job @robinlinden (#1992)
• Disable non-null attributes by default. @iphydf (#2021)
• Silence clang compile warnings causing circle-ci/asan to fail @JFreegman (#2019)
• Coverty scan @nurupo (#2018)
• get skeletons out of the closet @nurupo (#2008)
• shared toxcore autotools build failing @nurupo (#2015)
• Remove duplicate source file in autotools build. @iphydf (#2010)
• Add an undefined behaviour/integer sanitizer build. @iphydf (#2001)
• Speed up cmake builds with UNITY_BUILD. @iphydf (#1999)
• Add an easy way to run autotools and circleci builds locally. @iphydf (#1982)
• Update readme header @robinlinden (#1979)

Maintenance (Code cleanup)

• Enable tokstyle's -Wlarge-struct-params. @iphydf (#2053)
• Avoid implicit bool conversions in logical operators. @iphydf (#2055)
• Avoid implicit boolean and floating point conversions in decls. @iphydf (#2056)
• Apply stronger type checks and fix errors. @iphydf (#2049)
• Avoid implicit pointer-to-bool conversion in if in toxav. @iphydf (#2046)
• Add some more error path logging to TCP server code. @iphydf (#2033)
• Add wrapper library for msgpack pack functions @JFreegman (#2023)
• Don't use VLAs for huge allocations. @iphydf (#2013)
• Split tox_unpack into two smaller libs @JFreegman (#2022)
• get skeletons out of the closet @nurupo (#2008)
• Add more nonnull and nullable annotations. @iphydf (#2006)
• Add nonnull annotations to function definitions. @iphydf (#2002)
• Make LAN discovery thread-safe without data races. @iphydf (#1988)
• Comply with new cimple callback rules. @iphydf (#1987)
• Split msi callback array into 1 member per callback @robinlinden (#1985)

Maintenance (Refactoring)

• Compare pointers in if conditions to nullptr. @iphydf (#2043)
• Add a bit more logging; change WARNING to ERROR. @iphydf (#2039)

Maintenance (Tests)

• Add a profiling script and Dockerfile. @iphydf (#2066)