X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=NEWS;h=806f2b79317ae1dbc05f9d34cc69924f8c4985c9;hb=0db9e471ea53b48687ea247c855cd95ec453530c;hp=e2215fce0dde1ed47cfdbfa16d751a193cc0d28f;hpb=482c6119a7ae80f320e5b519ef2e785e04a77b8e;p=tinc diff --git a/NEWS b/NEWS index e2215fce..806f2b79 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,68 @@ +Version 1.1pre3 October 14 2012 + + * New experimental protocol: + * Uses 521 bit ECDSA keys for authentication. + * Uses AES-256-CTR and HMAC-SHA256. + * Always provides perfect forward secrecy. + * Used for both meta-connections and VPN packets. + * VPN packets are encrypted end-to-end. + + * Many improvements to tincctl: + * "config" command shows/adds/changes configuration variables. + * "export" and "import" commands help exchange configuration files. + * "init" command sets up initial configuration files. + * "info" command shows details about a node, subnet or address. + * "log" command shows live log messages. + * Without a command it acts as a shell, with history and TAB completion. + * Improved starting/stopping tincd. + * Improved graph output. + + * When trying to directly send UDP packets to a node for which multiple + addresses are known, all of them are tried. + + * Many small fixes, code cleanups and documentation updates. + +Version 1.1pre2 July 17 2011 + + * .cookie files are renamed to .pid files, which are compatible with 1.0.x. + + * Experimental protocol enhancements that can be enabled with the option + ExperimentalProtocol = yes: + + * Ephemeral ECDH key exchange will be used for both the meta protocol and + UDP session keys. + * Key exchanges are signed with ECDSA. + * ECDSA public keys are automatically exchanged after RSA authentication if + nodes do not know each other's ECDSA public key yet. + +Version 1.1pre1 June 25 2011 + + * Control interface allows control of a running tinc daemon. Used by: + * tincctl, a commandline utility + * tinc-gui, a preliminary GUI implemented in Python/wxWidgets + + * Code cleanups and reorganization. + + * Repleacable cryptography backend, currently supports OpenSSL and libgcrypt. + + * Use libevent to handle I/O events and timeouts. + + * Use splay trees instead of AVL trees to manage internal datastructures. + + Thanks to Scott Lamb and Sven-Haegar Koch for their contributions to this + version of tinc. + +Version 1.0.19 June 25 2012 + + * Allow :: notation in IPv6 Subnets. + + * Add support for systemd style socket activation. + + * Allow environment variables to be used for the Name option. + + * Add basic support for SOCKS proxies, HTTP proxies, and proxying through an + external command. + Version 1.0.18 March 25 2012 * Fixed IPv6 in switch mode by turning off DecrementTTL by default. @@ -39,6 +104,8 @@ Version 1.0.15 June 24 2011 * Fixed ProcessPriority option under Windows. + Thanks to Loïc Grenié for his contribution to this version of tinc. + Version 1.0.14 May 8 2011 * Fixed reading configuration files that do not end with a newline. Again.