File: NEWS

package info (click to toggle)
ipsec-tools 1:0.6.6-3.1
  • links: PTS
  • area: main
  • in suites: etch-m68k
  • size: 4,844 kB
  • ctags: 4,389
  • sloc: ansic: 52,142; sh: 9,008; yacc: 3,813; perl: 2,001; lex: 1,273; makefile: 267
file content (129 lines) | stat: -rw-r--r-- 4,235 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
Version history:
----------------

0.6.6	- 13 June  2006
	o Some various bugfixes

0.6.5	- 02 February 2006
	o Some various bugfixes

0.6.4	- 09 December 2005
	o Backported %zu workaround
	o Fixed a possible race condition in signal handler
	o Ehanced setkey/libipsec to use/show ports

0.6.3	- 21 November 2005
	o Various bug fixes

0.6.2	- 14 October 2005
	o ISAKMP mode config works without Xauth

0.6.1	- 10 august 2005
	o NAT-T fixes for situations where NAT-T is not used
	o OpenSSL 0.9.8 support
	o keys are not restricted to OpenSSL default size anymore
	o PKCS7 support
	o SHA2 support

0.6	- 27 June 2005
	o Generated policies are now correctly flushed
	o NAT-T works with multiple peers behind the NAT (need kernel support)
	o Xauth can use shadow passwords
	o TCP-MD5 support
	o PAM support for Xauth
	o Privilege separation
	o ESP fragmentation in tunnel mode can be tunned (NetBSD only)
	o racoon admin interface is exported (header and library) to 
	  help building control programs for racoon (think GUI)
 	o Fixed single DES support; single DES users MUST UPGRADE

0.5	- 10 April 2005
	o Rewritten buildsystem. Now completely autoconfed, automaked,
	  libtoolized.
	o IPsec-tools now compiles on NetBSD and FreeBSD again.
	o Support for server-side hybrid authentication, with full 
	  RADIUS supoort. This is interoperable with the Cisco VPN client.
	o Support for client-side hybrid authentication (Tested only with
	  a racoon server)
	o ISAKMP mode config support
	o IKE fragmentation support
	o Fixed FWD policy support.
	o Fixed IPv6 compilation.
	o Readline is optional, fixed setkey when compiled without readline.
	o Configurable Root-CA certificate.
	o Dead Peer Detection (DPD) support.

0.4rc1	- 09 August 2004
	o Merged support for PlainRSA keys from the 'plainrsa' branch.
	o Inheritance of 'remote{}' sections.
	o Support for SPD policy priorities in setkey.
	o Ciphers are now used through the 'EVP' interface which allows
	  using hardware crypto accelerators.
	o Setkey has new option -n (no action).
	o All source files now have 3-clause BSD license.

0.3	- 14 April 2004
        o Fixed setkey to handle multiline commands again.
	o Added command 'exit' to setkey.
	o Fixed racoon to only Warn if no CRL was found.
	o Improved testsuite.

0.3rc5	- 05 April 2004
	o Security bugfix WRT handling X.509 signatures.
	o Stability fix WRT unknown PF_KEY messages.
	o Fixed NAT-T with more proposals (e.g. more crypto algos).
	o Setkey parses lines one by one => doesn't exit on errors.
	o Setkey supports readline => more user friendly.

0.3rc4	- 25 March 2004
	o Fixed adding "null" encryption via 'setkey'.
	o Fixed segfault when using AES in Phase1 with OpenSSL>=0.9.7
	o Fixed NAT-T in aggresive mode.
	o Fixed testsuite and added testsuite run into make check.

0.3rc3	- 19 March 2004
	o Fixed compilation error with --enble-yydebug
	o Better diagnostic when proposals don't match.
	o Changed/added options to setkey.

0.3rc2	- 11 March 2004
	o Added documentation for NAT-T
	o Better NAT-T diagnostic.
	o Test and workaround for missing va_copy()

0.3rc1	- 04 March 2004
	o Support for NAT Traversal (NAT-T)

0.2.4	- 29 January 2004
	o Sync with KAME as of 2004-01-07
	o Fixed unauthorized deletion of SA in racoon (again).

0.2.3	- 15 January 2004
	o Support for SA lifetime specified in bytes
	  (see setkey -bs/-bh options)
	o Enhance support for OpenSSL 0.9.7
	o Let racoon be more verbose
	o Fixed some simple bugs (see ChangeLog for details)
	o Fixed unauthorized deletion of SA in racoon
	o Fixed problems on AMD64
	o Ignore multicast addresses for IKE

0.2.2	- 13 March 2003
	o Fix racoon to build on some systems that require linking against -lfl
	o add an RPM spec to the distribution

0.2.1	- 07 March 2003
	o Fix some more gcc-3.2.2 compiler warnings
	o Fix racoon to actually configure with ssl in a non-standard location
	o Fix racoon to not complain if krb5-config is not installed

0.2	- 06 March 2003
	o Glibc-2.3 support
	o OpenSSL-0.9.7 support
	o Fixed duplicate-macro problems
	o Fix racoon lex/yacc support
	o Install psk.txt mode 600, racoon.conf mode 644
	o Fix racoon to look in the correct directory for config files

0.1	- 03 March 2003
	o Initial release of IPsec-Tools