| 1 | POSSIBLE TODO send sha1hash of public key for better error reporting(?) |
1 | 1.7 |
| 2 | POSSIBLE TODO check own keypair for better error reporting |
2 | - first gnu release. |
| 3 | TODO vpn::tap_ev does not handle EOF well, or does it? (CHECK) |
3 | - renamed vped => gvpe and vpectrl => gvpectrl, as well as |
| 4 | TODO vpn::tcpv4_ev does not handle EOF well, or does it? (CHECK) |
4 | vped.conf => gvpe.conf. |
| 5 | TODO tcp_connection::tcpv4_ev does not handle EOF well, or does it? (CHECK) |
5 | - new per-mode option "max-retry". |
|
|
6 | - asymmetric rekeying behaviour, so hosts don't rekey simultaneously. |
|
|
7 | - new configure option --enable-static-daemon. |
|
|
8 | - fix configure --help output. |
|
|
9 | - many documentation layout fixes. |
| 6 | |
10 | |
| 7 | 1.5 |
11 | 1.6.1 Wed May 12 14:48:20 CEST 2004 |
|
|
12 | - fix -c switch that has been broken due to a last-minute fix |
|
|
13 | to option and config file parsing. |
|
|
14 | |
|
|
15 | 1.6 Mon May 10 20:55:10 CEST 2004 |
| 8 | - protocol version 0.1, compatible with older releases. |
16 | - protocol version 0.1, compatible with older releases. |
|
|
17 | - do not RESET on out-of-sequence packets (good for wireless). |
|
|
18 | - various non-security-related bugfixes. |
|
|
19 | - c++ify (at least make it compile with g++-3.4, which should make |
|
|
20 | it a little bit more standard c++). |
|
|
21 | |
|
|
22 | 1.5 Fri Jan 30 00:50:04 CET 2004 |
|
|
23 | - protocol version 0.1, compatible with older releases. |
| 9 | - vped will refuse to start when hostkey and public key do not match. |
24 | - vped will refuse to start when hostkey and public key do not match. |
| 10 | - updated lzf code to version 1.2. |
25 | - updated lzf code to version 1.2. |
| 11 | - better error reporting for "unusual" conditions, like failing |
26 | - better error reporting for "unusual" conditions, like failing |
| 12 | to allocate memory, that should not normally happen and |
27 | to allocate memory, that should not normally happen and |
| 13 | will otherwise result in spurious other error messages. Also |
28 | will otherwise result in spurious other error messages. Also |
| 14 | adds paranoid checks in case openssl's API changes in a bad way. |
29 | adds paranoid checks in case openssl's API changes in a bad way. |
| 15 | - fix a bug where queued vpn packets were cleared to zero. while |
30 | - fix a bug where queued vpn packets were cleared to zero. while |
| 16 | this doesn't affect security, it did cause warning messages and |
31 | this doesn't affect security, it did cause warning messages and |
| 17 | unnecessary connectivity delays. |
32 | unnecessary connectivity delays. |
| 18 | |
33 | |
| 19 | 1.4 Sat Jan 17 15:49:21 CET 2004 |
34 | 1.4 Sat Jan 17 15:49:21 CET 2004 |
| 20 | - protocol version 0.1, compatible with older releases. |
35 | - protocol version 0.1, compatible with older releases. |
| 21 | - better retry behaviour on key mismatch. |
36 | - better retry behaviour on key mismatch. |
| 22 | - use select-based io_manager instead of poll-based one. |
37 | - use select-based io_manager instead of poll-based one. |
| 23 | - share io manager between rxvt-unicode and vpe. |
38 | - share io manager between rxvt-unicode and vpe. |
| 24 | - sooo many *BSD workarounds because no BSD I could find is even |
39 | - sooo many *BSD workarounds because no BSD I could find is even |
| 25 | remotely POSIX-compatible. |
40 | remotely POSIX-compatible. |
| 26 | |
41 | |
| 27 | 1.2 Fri Oct 17 03:44:44 CEST 2003 |
42 | 1.2 Fri Oct 17 03:44:44 CEST 2003 |
| 28 | - protocol version 0.1. |
43 | - protocol version 0.1. |
| 29 | - tincd kernel interface code imported, more supported platforms |
44 | - tincd kernel interface code imported, more supported platforms |
| 30 | (native/linux (2.4), tincd/linux (2.2 and 2.4), tincd/freebsd, |
45 | (native/linux (2.4), tincd/linux (2.2 and 2.4), tincd/freebsd, |
| 31 | native/cygwin). |
46 | native/cygwin). |
| 32 | - added primitive ethernet emulation (ipv4 only), which allows |
47 | - added primitive ethernet emulation (ipv4 only), which allows |
| 33 | the following platforms that only have tun drivers to work: |
48 | the following platforms that only have tun drivers to work: |
| 34 | /* none yet tested */ |
49 | /* none yet tested */ |
| 35 | - portability workarounds, especially for unfriendly freebsd |
50 | - portability workarounds, especially for unfriendly freebsd |
| 36 | - very minor bugfixes |
51 | - very minor bugfixes |
| 37 | - warnings when choosing insecure ciphers/hashes |
52 | - warnings when choosing insecure ciphers/hashes |
| 38 | - reduced default hmac length to 8. |
53 | - reduced default hmac length to 8. |
| 39 | - cvs now contains configure, Makefile.in and other generated files. |
54 | - cvs now contains configure, Makefile.in and other generated files. |
| 40 | - added doc/complex-example to the distribution. |
55 | - added doc/complex-example to the distribution. |
| 41 | |
56 | |
| 42 | 1.0 |
57 | 1.0 distant past |
| 43 | - protocol version 0.1. |
58 | - protocol version 0.1. |
| 44 | - tweaked various timeouts to help very slow (486) class |
59 | - tweaked various timeouts to help very slow (486) class |
| 45 | machines or nets with many hosts. |
60 | machines or nets with many hosts. |
| 46 | - tweaked rate-limiting to be more forgiving for hosts |
61 | - tweaked rate-limiting to be more forgiving for hosts |
| 47 | connecting through routers (not a fix). |
62 | connecting through routers (not a fix). |
| 48 | |
63 | |
