1 |
GVPE NEWS |
2 |
|
3 |
TODO: updqate donna? |
4 |
TODO: clear one-time key/auth material from memory? |
5 |
- update embedded liblzf. |
6 |
- use liblzf with static hash table: lowers stack usage. |
7 |
- do not initialise liblzf hash table for faster operation. |
8 |
- use C++ variadic templates for callback.h, get rid of callback.pl. |
9 |
- update autoconf. |
10 |
- slightly modernise code. |
11 |
- make use of ICMPFILTER again, this stopped working because it |
12 |
is not defined in the glibc header files. |
13 |
|
14 |
3.1 Sat Oct 27 07:50:43 CEST 2018 |
15 |
- port to openssl 1.1 BUT SEE WARNING IN configure.ac. Do not use! |
16 |
- tinc cruft removal: remove getopt.[ch], it's less portable to |
17 |
have it then to not have it. |
18 |
- tinc cruft removal: use pkg-config to detect libressl/openssl. |
19 |
- minor cleanups. |
20 |
|
21 |
3.0 Thu Nov 10 15:39:58 CET 2016 |
22 |
- INCOMPATIBLE CHANGE: core protocol version 1.0. |
23 |
- INCOMPATIBLE CHANGE: node sections are now introduced |
24 |
with "node nodename", not "node = nodename". |
25 |
- INCOMPATIBLE CHANGE: gvpectrl -g will now generate a single |
26 |
keypair, while -G will try to generate all keypairs as before. |
27 |
- openssl 1.0.2 is the latest supported openssl release, |
28 |
openssl 1.1.0 is not supported at the moment as the work to |
29 |
make it compatible to both versions is just too much. a switch |
30 |
to openssl 1.1 or another library will be done in a future release. |
31 |
- update examples to not generate keys centrally, but locally on each |
32 |
node. |
33 |
- add workaround for temporary/rare ENOBUFS condition. |
34 |
- while individual packets couldn't be replayed, a whole session |
35 |
could be replayed - this has been fixed by an extra key exchange. |
36 |
- fix a delete vs. delete [] mismatch in the central logging function. |
37 |
- in addition to rsa key exchange and authentication, the handshake now |
38 |
adds a diffie-hellman key exchange (using curve25119) for perfect |
39 |
forward secrecy. mac and cipher keys are derived using HKDF. |
40 |
- rsa key sizes are now configurable and larger (default is 3072). |
41 |
correspondingly, the minimum mtu is no longer 296 but 576. |
42 |
- fixed a potential (unverified) buffer overrun on rsa decryption. |
43 |
- new per-node low-power setting that tries to reduce cpu/network usage. |
44 |
- router reconnects could cause excessive rekeying on other connections. |
45 |
- gvpectrl no longer generates all missing public keys, but |
46 |
only missing private keys. private keys are also put |
47 |
into the configured location. |
48 |
- the pid-file now accepts %s as nodename as elsewhere. |
49 |
- switch to counter mode (only aes supported at the moment in |
50 |
openssl). this gets rid of the need to generate a random iv, |
51 |
is likely more secure (and, as a side effect, gets rid of |
52 |
slow randomness generation. counter mode is often faster |
53 |
then cbc mode as well, and packets are smaller). |
54 |
- no longer use RAND_bytes to generate session keys - you NEED |
55 |
a real source of entropy now (e.g. egd or /dev/random - see the |
56 |
openssl documentation). |
57 |
- multiple node statements for the same node are now supported |
58 |
and will be merged. |
59 |
- a new directive "global" switches back to the global section |
60 |
of the config file. |
61 |
- if-up scripts can now be specified with absolute paths. |
62 |
- new global option: serial, to detect configuration mismatches. |
63 |
- use HKDF as authentication proof, not HMAC or a plain hash |
64 |
(hint by Ilmari Karonen). |
65 |
- during rekeying or connection establishments, hmac authentication |
66 |
errors could occur and reset the connection. Transient hmac |
67 |
authentication errors are now being ignored for 3 seconds. |
68 |
- log the reason for a conneciton loss. |
69 |
- use a (hopefully) constant time memcmp to compare internal secrets. |
70 |
- fix a (harmless) errornous out of bounds stack read that would trigger |
71 |
gcc's -fsanitize=address. |
72 |
- bump old packet window size from 512 to 65536. |
73 |
- update for big changes in openssl 1.1 API, wrap primitives |
74 |
to make further changes easier. |
75 |
- correctly check return values for openssl 1.0.0 and later. |
76 |
- check for both public and private key file when deciding whether |
77 |
to skip generating a key to avoid accidental overwrites. |
78 |
|
79 |
2.25 Sat Jul 13 06:42:33 CEST 2013 |
80 |
- INCOMPATIBLE CHANGE: no longer enable udp protocol if no other |
81 |
protocols are enabled - this is necessary when you have nodes with |
82 |
completely unknown protocols, to force mediated connection requests. |
83 |
- INCOMPATIBLE CHANGE: dns transport protocol bumped to version 2. |
84 |
- core protocol version 0.1, compatible with older releases. |
85 |
- switch to using RSA_generate_key_ex, which is the badly documented |
86 |
and needlessly more complicated replacement for the RSA_generate_key |
87 |
function which is now deprecated. |
88 |
- support additional hmac hashes: sha256 and sha512, usually truncated. |
89 |
- change public exponent for rsa keys from 65535 to 65537, for |
90 |
efficiency reasons - only affects new keys. |
91 |
- nodes would sometimes declare transport endpoints valid despite |
92 |
the protocol not being configured locally. |
93 |
- new global configuration options: chroot, chuser, chuid, chgid, |
94 |
to chroot to a specified or anonymous new root, and change user id. |
95 |
- new global configuration options seed_device and seed_interval, |
96 |
to configure another device than /dev/urandom for random seeds, |
97 |
and to configure a regular interval to reseed the rng. |
98 |
- prefer inet_aton over gethostbyname, as the latter is not guaranteed |
99 |
to "resolve" literal ip addresses. |
100 |
- configure didn't detect openssl 1.0 because SHA1_version became private |
101 |
(patch by TANIGUCHI Takaki). |
102 |
- fix a bug where nodes would tell the other side that it supports |
103 |
the same protocols as that other side, instead of its own. |
104 |
- add zlib when found, as openssl depends on it in newer versions. |
105 |
- work around append-bugs in uclibc by using an extra seek. |
106 |
- new "include" directive for the config file. |
107 |
- gvpectrl no longer evaluates any "on" directives. |
108 |
- icmp and rawip protocols weren't upgradable to each other. |
109 |
- major, but incremental, dns transport improvements: |
110 |
- do not simply abort in some error cases in the dns transport, |
111 |
but try to recover. |
112 |
- allow lowercase/uppercase aliases for base-n encodings that do |
113 |
not rely on case. |
114 |
- use base26 instead of base22 encoding for dns syn's, and |
115 |
base36 instead of base22 for headers (saves one byte/packet). |
116 |
- back off far quicker in dns tunnel when idling - increases |
117 |
latency on an idle link somewhat, but avoids hundreds of |
118 |
needless packets. |
119 |
- poll more aggressively when idling in dns (poll once per |
120 |
second as opposed to once per 5 seconds). |
121 |
- reduce dns send payload size to allow greater rate of ack |
122 |
messages (should help sack and ipv6). |
123 |
- allow for ip options in rawip/icmp transports, even though gvpe |
124 |
doesn't generate them. |
125 |
- upgrade to autoconf 2.69, automake 1.11. |
126 |
- upgrade to libev 4 API. |
127 |
- replace COPYING file by actual GPLv3 - files were relicensed to GPLv3 |
128 |
earlier but COPYING was forgotten. |
129 |
|
130 |
2.24 Sat Feb 12 05:15:48 CET 2011 |
131 |
- protocol version 0.1, compatible with older releases. |
132 |
- due to a bug, when packets were lost, a connection could go into a |
133 |
state where a ping/connection request from another node would be |
134 |
ignored, leading to connections not being re-established. |
135 |
- due to a bug, compression was almost always enabled. |
136 |
- enable-max-mtu was actually enable-mtu, contrary to documentation. |
137 |
- add nfmark support. |
138 |
- add node-change script support. |
139 |
- new DESTSI variable for node-xxx scripts. |
140 |
- updated codingstyle a bit, declared truly static stuff as static. |
141 |
- clarify compression docs. |
142 |
|
143 |
2.22 Sun Feb 1 17:25:28 CET 2009 |
144 |
- protocol version 0.1, compatible with older releases. |
145 |
- enabled icmp/tcp/http-proxy protocols by default. |
146 |
- updated copyright in program greetings. |
147 |
- fix some configure messages. |
148 |
- updated to libev 3.52. |
149 |
|
150 |
2.21 Wed Sep 3 06:56:27 CEST 2008 |
151 |
- protocol version 0.1, compatible with older releases. |
152 |
- add missing ev++.h include header to tarball, which everybody |
153 |
who tested it apparently had in their include path :(. Caught |
154 |
by Karl Kleinpaste and Marcus Kong. |
155 |
|
156 |
2.2 Mon Sep 1 06:28:09 CEST 2008 |
157 |
- protocol version 0.1, compatible with older releases. |
158 |
but upgrade is recommended to due changed ondemand behaviour. |
159 |
- new per-node options max-ttl and max-queue. |
160 |
- convert from iom.C to libev, a high-performance event loop |
161 |
(http://software.schmorp.de/pkg/libev). |
162 |
- tcp connections were leaking in some cases. |
163 |
- retry more aggressively (once/s) to establish a connection if |
164 |
new packets arrive for it. |
165 |
- save a lot of setsockopt calls when the tos doesn't change. |
166 |
- honor disabled even on initial connect attempt. |
167 |
- changed callback mechanism to be slightly less portable |
168 |
but more efficient mechanism (standards-compliant c++ compilers |
169 |
should work). |
170 |
- increased receive window positive size, to allow for massive |
171 |
packet loss due to occasional longer drop-outs. |
172 |
- send RST when a positive window size violation is detected, but |
173 |
not in other cases, to reconnect more quickly. |
174 |
- upgraded liblzf to version 3.4. |
175 |
- dropped -fno-exceptions due to ev++.h using it. |
176 |
- node-up/down scripts are now run in sequence. |
177 |
- new -q switch for gvpectrl, for when you run it often. |
178 |
- work around the horribly inconsistent, ad-hoc, ever-changing |
179 |
and broken texinfo syntax. YMMV. avoid texinfo. |
180 |
- keepalive is more aggressive now, sensding ping's every 3 seconds |
181 |
and killing the conenction after 15 seconds. |
182 |
- bugfixes. |
183 |
|
184 |
2.01 Thu Mar 29 19:26:04 CEST 2007 |
185 |
- protocol version 0.1, compatible with older releases. |
186 |
- bugfix of callback.h, might have cause callback return values to |
187 |
be corrupted on architectures like sparc before. |
188 |
- dns transport retries more aggressively. |
189 |
- updated documentation, improved dns transport reliability |
190 |
and throughput. |
191 |
- added experimental support for sha256 and sha512 digests. |
192 |
|
193 |
2.0 Mon Dec 5 13:59:26 CET 2005 |
194 |
- protocol version 0.1, compatible with older releases. |
195 |
- implement allow-direct, deny-direct node config statements. |
196 |
- implemented != for sockinfo. This fixes a bug where |
197 |
gvpe sent packets to the old ip address of another host |
198 |
even though it had received packets from it's new address. |
199 |
This only causes problems if you forget to -HUP your gvpe after |
200 |
your ip address changed, which is *required*. |
201 |
- sets close-on-exec flag on tcp connections. This fixes a bug |
202 |
where child processes kept tcp connections open and caused |
203 |
connections to fail when only one side can connect. |
204 |
- fixed a bug in receive sequence checking that made gvpe |
205 |
accept out-of-window packets in most cases. |
206 |
- tighter limit for the maximum sequence # to avoid overflow |
207 |
conditions + allow more headroom for packet reordering. |
208 |
- replace some asserts that trapped config mismatches by |
209 |
more useful log messages. |
210 |
- fix spurious extra newline in some log messages. |
211 |
|
212 |
1.9 Tue Apr 19 06:21:50 CEST 2005 |
213 |
- protocol version 0.1, compatible with older releases. |
214 |
- WARNING: this version checks the return value of if-up etc. |
215 |
scripts and exits on failure. |
216 |
- IMPORTANT: run if-up/node-up etc. scripts via /bin/sh. |
217 |
- IMPORTANT: interface initialization (MAC, MTU) is now done |
218 |
automatically in most configurations. |
219 |
- options can now be specified on the gvpe command line, too. |
220 |
- make some DNS transport values configurable and document them. |
221 |
- improved OS specific information in gvpe.osdep(5). |
222 |
- new tap device type "native/darwin", that supports the tap |
223 |
driver available for darwin (thanks to matthew mead who tested |
224 |
it out with me in a long session). tincd/darwin is still available. |
225 |
- new device type "tincd/bsd", which is a newer version of the |
226 |
*bsd-drivers taken from tinc. |
227 |
- fixed a bug in relying on the order of global construction |
228 |
when tcp transport was enabled. The fix makes it use no |
229 |
cpu time unless it is in use, too. |
230 |
- information about other nodes is now available to if-up etc. scripts. |
231 |
- the value of the config variable if-up-data is passed to the if-up |
232 |
etc. scripts. |
233 |
- skip unparsable config lines with a warning instead of stopping |
234 |
parsing and continuing with a certainly unusable config. |
235 |
|
236 |
1.8 Fri Mar 18 00:58:55 CET 2005 |
237 |
- protocol version 0.1, compatible with older releases. |
238 |
- enable-udp = yes is now default only when no other protocols |
239 |
are enabled. otherwise it is disabled unless explicitly enabled. |
240 |
- implemented dns tunneling (experimental now and in the future). |
241 |
- remove support for pre-release version protocol. |
242 |
- updated tincd drivers (rev 1433), added uml_socket driver, documented |
243 |
tincd drivers a bit better. |
244 |
- document icmp configuration values. |
245 |
- document transport protocols in gvpe.protocol(7). |
246 |
- remove unused ChangeLog file. |
247 |
- created a mailinglist at gvpe@lists.schmorp.de. |
248 |
- added an exemption to allow distribution of binaries linked against |
249 |
OpenSSL, as suggested by Guus Sliepen (author of tinc). No |
250 |
GNUTLS conversion in sight. |
251 |
- some portability fixes with respect to --disable-nls. |
252 |
|
253 |
1.7 Tue Feb 22 23:58:59 CET 2005 |
254 |
- protocol version 0.1, compatible with older releases. |
255 |
- first gnu release. |
256 |
- documented the special value 1 for router-priority. |
257 |
- renamed vped => gvpe and vpectrl => gvpectrl, as well as |
258 |
vped.conf => gvpe.conf. |
259 |
- new per-node option "max-retry". |
260 |
- asymmetric rekeying behaviour, so hosts don't rekey simultaneously. |
261 |
- new configure option --enable-static-daemon. |
262 |
- fix configure --help output. |
263 |
- many documentation layout fixes. |
264 |
- synced iom.[Ch] from rxvt-unicode. |
265 |
- try to cope with some non-monotonic time changes. |
266 |
- revert to locale.h - a usual, clocale is nonfunctioning on macosx. |
267 |
- considerably improved pod2texi and the resulting texi doc. |
268 |
|
269 |
1.6.1 Wed May 12 14:48:20 CEST 2004 |
270 |
- protocol version 0.1, compatible with older releases. |
271 |
- fix -c switch that has been broken due to a last-minute fix |
272 |
to option and config file parsing. |
273 |
|
274 |
1.6 Mon May 10 20:55:10 CEST 2004 |
275 |
- protocol version 0.1, compatible with older releases. |
276 |
- do not RESET on out-of-sequence packets (good for wireless). |
277 |
- various non-security-related bugfixes. |
278 |
- c++ify (at least make it compile with g++-3.4, which should make |
279 |
it a little bit more standard c++). |
280 |
|
281 |
1.5 Fri Jan 30 00:50:04 CET 2004 |
282 |
- protocol version 0.1, compatible with older releases. |
283 |
- vped will refuse to start when hostkey and public key do not match. |
284 |
- updated lzf code to version 1.2. |
285 |
- better error reporting for "unusual" conditions, like failing |
286 |
to allocate memory, that should not normally happen and |
287 |
will otherwise result in spurious other error messages. Also |
288 |
adds paranoid checks in case openssl's API changes in a bad way. |
289 |
- fix a bug where queued vpn packets were cleared to zero. while |
290 |
this doesn't affect security, it did cause warning messages and |
291 |
unnecessary connectivity delays. |
292 |
|
293 |
1.4 Sat Jan 17 15:49:21 CET 2004 |
294 |
- protocol version 0.1, compatible with older releases. |
295 |
- better retry behaviour on key mismatch. |
296 |
- use select-based io_manager instead of poll-based one. |
297 |
- share io manager between rxvt-unicode and vpe. |
298 |
- sooo many *BSD workarounds because no BSD I could find is even |
299 |
remotely POSIX-compatible. |
300 |
|
301 |
1.2 Fri Oct 17 03:44:44 CEST 2003 |
302 |
- protocol version 0.1. |
303 |
- tincd kernel interface code imported, more supported platforms |
304 |
(native/linux (2.4), tincd/linux (2.2 and 2.4), tincd/freebsd, |
305 |
native/cygwin). |
306 |
- added primitive ethernet emulation (ipv4 only), which allows |
307 |
the following platforms that only have tun drivers to work: |
308 |
/* none yet tested */ |
309 |
- portability workarounds, especially for unfriendly freebsd |
310 |
- very minor bugfixes |
311 |
- warnings when choosing insecure ciphers/hashes |
312 |
- reduced default hmac length to 8. |
313 |
- cvs now contains configure, Makefile.in and other generated files. |
314 |
- added doc/complex-example to the distribution. |
315 |
|
316 |
1.0 distant past |
317 |
- protocol version 0.1. |
318 |
- tweaked various timeouts to help very slow (486) class |
319 |
machines or nets with many hosts. |
320 |
- tweaked rate-limiting to be more forgiving for hosts |
321 |
connecting through routers (not a fix). |
322 |
|