X-Git-Url: http://git.meshlink.io/?p=meshlink;a=blobdiff_plain;f=NEWS;h=806f2b79317ae1dbc05f9d34cc69924f8c4985c9;hp=b5ce49600d12c92ec1d529f5717fa91a44abf30d;hb=0db9e471ea53b48687ea247c855cd95ec453530c;hpb=4766359e1426bdf1383c898d6103d8760e5e296d diff --git a/NEWS b/NEWS index b5ce4960..806f2b79 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,132 @@ -Version 1.0.14 not released yet +Version 1.1pre3 October 14 2012 + + * New experimental protocol: + * Uses 521 bit ECDSA keys for authentication. + * Uses AES-256-CTR and HMAC-SHA256. + * Always provides perfect forward secrecy. + * Used for both meta-connections and VPN packets. + * VPN packets are encrypted end-to-end. + + * Many improvements to tincctl: + * "config" command shows/adds/changes configuration variables. + * "export" and "import" commands help exchange configuration files. + * "init" command sets up initial configuration files. + * "info" command shows details about a node, subnet or address. + * "log" command shows live log messages. + * Without a command it acts as a shell, with history and TAB completion. + * Improved starting/stopping tincd. + * Improved graph output. + + * When trying to directly send UDP packets to a node for which multiple + addresses are known, all of them are tried. + + * Many small fixes, code cleanups and documentation updates. + +Version 1.1pre2 July 17 2011 + + * .cookie files are renamed to .pid files, which are compatible with 1.0.x. + + * Experimental protocol enhancements that can be enabled with the option + ExperimentalProtocol = yes: + + * Ephemeral ECDH key exchange will be used for both the meta protocol and + UDP session keys. + * Key exchanges are signed with ECDSA. + * ECDSA public keys are automatically exchanged after RSA authentication if + nodes do not know each other's ECDSA public key yet. + +Version 1.1pre1 June 25 2011 + + * Control interface allows control of a running tinc daemon. Used by: + * tincctl, a commandline utility + * tinc-gui, a preliminary GUI implemented in Python/wxWidgets + + * Code cleanups and reorganization. + + * Repleacable cryptography backend, currently supports OpenSSL and libgcrypt. + + * Use libevent to handle I/O events and timeouts. + + * Use splay trees instead of AVL trees to manage internal datastructures. + + Thanks to Scott Lamb and Sven-Haegar Koch for their contributions to this + version of tinc. + +Version 1.0.19 June 25 2012 + + * Allow :: notation in IPv6 Subnets. + + * Add support for systemd style socket activation. + + * Allow environment variables to be used for the Name option. + + * Add basic support for SOCKS proxies, HTTP proxies, and proxying through an + external command. + +Version 1.0.18 March 25 2012 + + * Fixed IPv6 in switch mode by turning off DecrementTTL by default. + + * Allow a port number to be specified in BindToAddress, which also allows tinc + to listen on multiple ports. + + * Add support for multicast communication with UML/QEMU/KVM. + +Version 1.0.17 March 10 2012 + + * The DeviceType option can now be used to select dummy, raw socket, UML and + VDE devices without needing to recompile tinc. + + * Allow multiple BindToAddress statements. + + * Decrement TTL value of IPv4 and IPv6 packets. + + * Add LocalDiscovery option allowing tinc to detect peers that are behind the + same NAT. + + * Accept Subnets passed with the -o option when StrictSubnets = yes. + + * Disabling old RSA keys when generating new ones now also works properly on + Windows. + +Version 1.0.16 July 23 2011 + + * Fixed a performance issue with TCP communication under Windows. + + * Fixed code that, during network outages, would cause tinc to exit when it + thought two nodes with identical Names were on the VPN. + +Version 1.0.15 June 24 2011 + + * Improved logging to file. + + * Reduced amount of process wakeups on platforms which support pselect(). + + * Fixed ProcessPriority option under Windows. + + Thanks to Loïc Grenié for his contribution to this version of tinc. + +Version 1.0.14 May 8 2011 * Fixed reading configuration files that do not end with a newline. Again. + * Allow arbitrary configuration options being specified on the command line. + + * Allow all options in both tinc.conf and the local host config file. + + * Configurable replay window, UDP send and receive buffers for performance tuning. + + * Try harder to get UDP communication back after falling back to TCP. + + * Initial support for attaching tinc to a VDE switch. + + * DragonFly BSD support. + + * Allow linking with OpenSSL 1.0.0. + + Thanks to Brandon Black, Julien Muchembled, Michael Tokarev, Rumko and Timothy + Redaelli for their contributions to this version of tinc. + Version 1.0.13 Apr 11 2010 * Allow building tinc without LZO and/or Zlib.