From 1f949d3b6cdeead351731caa16283b10c0a30a50 Mon Sep 17 00:00:00 2001 From: tteras Date: Fri, 23 Jan 2009 09:40:56 +0000 Subject: [PATCH] Update NEWS with major changes since 0.7 release. --- crypto/dist/ipsec-tools/NEWS | 39 ++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/crypto/dist/ipsec-tools/NEWS b/crypto/dist/ipsec-tools/NEWS index 9b4b530ae8d5..deba2acf915a 100644 --- a/crypto/dist/ipsec-tools/NEWS +++ b/crypto/dist/ipsec-tools/NEWS @@ -1,6 +1,38 @@ Version history: ---------------- -0.7??? - ?? +0.8 CVS (no official release yet) + o Fix authentication method ambiguity with kerberos and xauth + o RFC2253 compliant escaping of asn1dn identifiers (Cyrus Rahman) + o Local address code rewrite to speed things up + o Improved MIPv6 support (Arnaud Ebalard) + o ISAKMP SA (phase1) rekeying + o Improved scheduler (faster algorithm, support monotonic clock) + o Handle RESPONDER-LIFETIME in quick mode + o Handle INITIAL-CONTACT in from main mode too + o Rewritten event handling framework for admin port + o Ability to initiate IPsec SA through admin port + o NAT-T Original Address handling (transport mode NAT-T support) + o Remove various obsolete configuration options + o A lot of other bug fixes, performance improvements and clean ups + +0.7.1 - 23 July 2008 + o Fixes a memory leak when invalid proposal received + o Some fixes in DPD + o do not set default gss id if xauth is used + o fixed hybrid enabled builds + o fixed compilation on FreeBSD8 + o cleanup in network port value manipulation + o Gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in + purge_ipsec_spi() + o Generates a log if cert validation has been disabled by + configuration + o better handling for pfkey socket read errors + o Fixes in yacc / bison stuff + o new plog() macro (reduced CPU usage when logging is disabled) + o Try to work better with huge SPD/SAD + o Corrected modecfg option syntax + +0.7 - 09 August 2007 o Xauth with pre-shared key PSK o Xauth with certificates o SHA2 support @@ -20,7 +52,6 @@ Version history: o Modecfg SplitDNS attribute support ( server side ) o Modecfg Default Domain attribute support o Modecfg DNS/WINS server multiple attribute support - o NAT-T Original Address handling 0.6 - 27 June 2005 o Generated policies are now correctly flushed @@ -32,7 +63,7 @@ Version history: o ESP fragmentation in tunnel mode can be tunned (NetBSD only) o racoon admin interface is exported (header and library) to help building control programs for racoon (think GUI) - o Fixed single DES support; single DES users MUST UPGRADE. + o Fixed single DES support; single DES users MUST UPGRADE. 0.5 - 10 April 2005 o Rewritten buildsystem. Now completely autoconfed, automaked, @@ -60,7 +91,7 @@ Version history: o All source files now have 3-clause BSD license. 0.3 - 14 April 2004 - o Fixed setkey to handle multiline commands again. + o Fixed setkey to handle multiline commands again. o Added command 'exit' to setkey. o Fixed racoon to only Warn if no CRL was found. o Improved testsuite.