Annotation of embedaddon/ipsec-tools/NEWS, revision 1.1
1.1 ! misho 1: Version history:
! 2: ----------------
! 3: 0.8 - 18 March 2011
! 4: o Fix authentication method ambiguity with kerberos and xauth
! 5: o RFC2253 compliant escaping of asn1dn identifiers (Cyrus Rahman)
! 6: o Local address code rewrite to speed things up
! 7: o Improved MIPv6 support (Arnaud Ebalard)
! 8: o ISAKMP SA (phase1) rekeying
! 9: o Improved scheduler (faster algorithm, support monotonic clock)
! 10: o Handle RESPONDER-LIFETIME in quick mode
! 11: o Handle INITIAL-CONTACT in from main mode too
! 12: o Rewritten event handling framework for admin port
! 13: o Ability to initiate IPsec SA through admin port
! 14: o NAT-T Original Address handling (transport mode NAT-T support)
! 15: o clean NAT-T - PFkey support
! 16: o support for multiple anonymous remoteconfs
! 17: o Remove various obsolete configuration options
! 18: o A lot of other bug fixes, performance improvements and clean ups
! 19:
! 20: 0.7.1 - 23 July 2008
! 21: o Fixes a memory leak when invalid proposal received
! 22: o Some fixes in DPD
! 23: o do not set default gss id if xauth is used
! 24: o fixed hybrid enabled builds
! 25: o fixed compilation on FreeBSD8
! 26: o cleanup in network port value manipulation
! 27: o Gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in
! 28: purge_ipsec_spi()
! 29: o Generates a log if cert validation has been disabled by
! 30: configuration
! 31: o better handling for pfkey socket read errors
! 32: o Fixes in yacc / bison stuff
! 33: o new plog() macro (reduced CPU usage when logging is disabled)
! 34: o Try to work better with huge SPD/SAD
! 35: o Corrected modecfg option syntax
! 36:
! 37: 0.7 - 09 August 2007
! 38: o Xauth with pre-shared key PSK
! 39: o Xauth with certificates
! 40: o SHA2 support
! 41: o pkcs7 support
! 42: o system accounting (utmp)
! 43: o Darwin support
! 44: o configuration can be reloaded
! 45: o Support for UNIQUE generated policies
! 46: o Support for semi anonymous sainfos
! 47: o Support for ph1id to remoteid matching
! 48: o Plain RSA authentication
! 49: o Native LDAP support for Xauth and modecfg
! 50: o Group membership checks for Xauth and sainfo selection
! 51: o Camellia cipher support
! 52: o IKE Fragment force option
! 53: o Modecfg SplitNet attribute support
! 54: o Modecfg SplitDNS attribute support ( server side )
! 55: o Modecfg Default Domain attribute support
! 56: o Modecfg DNS/WINS server multiple attribute support
! 57:
! 58: 0.6 - 27 June 2005
! 59: o Generated policies are now correctly flushed
! 60: o NAT-T works with multiple peers behind the NAT (need kernel support)
! 61: o Xauth can use shadow passwords
! 62: o TCP-MD5 support
! 63: o PAM support for Xauth
! 64: o Privilege separation
! 65: o ESP fragmentation in tunnel mode can be tunned (NetBSD only)
! 66: o racoon admin interface is exported (header and library) to
! 67: help building control programs for racoon (think GUI)
! 68: o Fixed single DES support; single DES users MUST UPGRADE.
! 69:
! 70: 0.5 - 10 April 2005
! 71: o Rewritten buildsystem. Now completely autoconfed, automaked,
! 72: libtoolized.
! 73: o IPsec-tools now compiles on NetBSD and FreeBSD again.
! 74: o Support for server-side hybrid authentication, with full
! 75: RADIUS supoort. This is interoperable with the Cisco VPN client.
! 76: o Support for client-side hybrid authentication (Tested only with
! 77: a racoon server)
! 78: o ISAKMP mode config support
! 79: o IKE fragmentation support
! 80: o Fixed FWD policy support.
! 81: o Fixed IPv6 compilation.
! 82: o Readline is optional, fixed setkey when compiled without readline.
! 83: o Configurable Root-CA certificate.
! 84: o Dead Peer Detection (DPD) support.
! 85:
! 86: 0.4rc1 - 09 August 2004
! 87: o Merged support for PlainRSA keys from the 'plainrsa' branch.
! 88: o Inheritance of 'remote{}' sections.
! 89: o Support for SPD policy priorities in setkey.
! 90: o Ciphers are now used through the 'EVP' interface which allows
! 91: using hardware crypto accelerators.
! 92: o Setkey has new option -n (no action).
! 93: o All source files now have 3-clause BSD license.
! 94:
! 95: 0.3 - 14 April 2004
! 96: o Fixed setkey to handle multiline commands again.
! 97: o Added command 'exit' to setkey.
! 98: o Fixed racoon to only Warn if no CRL was found.
! 99: o Improved testsuite.
! 100:
! 101: 0.3rc5 - 05 April 2004
! 102: o Security bugfix WRT handling X.509 signatures.
! 103: o Stability fix WRT unknown PF_KEY messages.
! 104: o Fixed NAT-T with more proposals (e.g. more crypto algos).
! 105: o Setkey parses lines one by one => doesn't exit on errors.
! 106: o Setkey supports readline => more user friendly.
! 107:
! 108: 0.3rc4 - 25 March 2004
! 109: o Fixed adding "null" encryption via 'setkey'.
! 110: o Fixed segfault when using AES in Phase1 with OpenSSL>=0.9.7
! 111: o Fixed NAT-T in aggresive mode.
! 112: o Fixed testsuite and added testsuite run into make check.
! 113:
! 114: 0.3rc3 - 19 March 2004
! 115: o Fixed compilation error with --enble-yydebug
! 116: o Better diagnostic when proposals don't match.
! 117: o Changed/added options to setkey.
! 118:
! 119: 0.3rc2 - 11 March 2004
! 120: o Added documentation for NAT-T
! 121: o Better NAT-T diagnostic.
! 122: o Test and workaround for missing va_copy()
! 123:
! 124: 0.3rc1 - 04 March 2004
! 125: o Support for NAT Traversal (NAT-T)
! 126:
! 127: 0.2.4 - 29 January 2004
! 128: o Sync with KAME as of 2004-01-07
! 129: o Fixed unauthorized deletion of SA in racoon (again).
! 130:
! 131: 0.2.3 - 15 January 2004
! 132: o Support for SA lifetime specified in bytes
! 133: (see setkey -bs/-bh options)
! 134: o Enhance support for OpenSSL 0.9.7
! 135: o Let racoon be more verbose
! 136: o Fixed some simple bugs (see ChangeLog for details)
! 137: o Fixed unauthorized deletion of SA in racoon
! 138: o Fixed problems on AMD64
! 139: o Ignore multicast addresses for IKE
! 140:
! 141: 0.2.2 - 13 March 2003
! 142: o Fix racoon to build on some systems that require linking against -lfl
! 143: o add an RPM spec to the distribution
! 144:
! 145: 0.2.1 - 07 March 2003
! 146: o Fix some more gcc-3.2.2 compiler warnings
! 147: o Fix racoon to actually configure with ssl in a non-standard location
! 148: o Fix racoon to not complain if krb5-config is not installed
! 149:
! 150: 0.2 - 06 March 2003
! 151: o Glibc-2.3 support
! 152: o OpenSSL-0.9.7 support
! 153: o Fixed duplicate-macro problems
! 154: o Fix racoon lex/yacc support
! 155: o Install psk.txt mode 600, racoon.conf mode 644
! 156: o Fix racoon to look in the correct directory for config files
! 157:
! 158: 0.1 - 03 March 2003
! 159: o Initial release of IPsec-Tools
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to NEWS CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools