X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=NEWS;h=8628bcb217e26937bcdde7fa53a0473f09e73900;hp=736f5e69db55fb690f78262365a4a7086fdc593a;hb=2769a110fe286365babfe7591eb7418f31bf02d6;hpb=c81f90b91a054eeafcc3c8c45abc52045e4a8146 diff --git a/NEWS b/NEWS index 736f5e69..8628bcb2 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,210 @@ +Version 1.0.23 October 19 2013 + + * Start authentication immediately on outgoing connections (useful for sslh). + + * Fixed segfault when Name = $HOST but $HOST is not set. + + * Updated the build system and the documentation. + + * Clean up child processes left over from Proxy = exec. + +Version 1.0.22 August 13 2013 + + * Fixed the combination of Mode = router and DeviceType = tap. + + * The $NAME variable is now set in subnet-up/down scripts. + + * Tinc now gives an error when unknown options are given on the command line. + + * Tinc now correctly handles a space between a short command line option and + an optional argument. + +Thanks to Etienne Dechamps for his contribution to this version of tinc. + +Version 1.0.21 April 22 2013 + + * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). + +Thanks to Martin Schobert for auditing tinc and reporting this vulnerability. + +Version 1.0.20 March 03 2013 + + * Use /dev/tap0 by default on FreeBSD and NetBSD when using switch mode. + + * Minor improvements and clarifications in the documentation. + + * Allow tinc to be cross-compiled with Android's NDK. + + * The discovered PMTU is now also applied to VLAN tagged traffic. + + * The LocalDiscovery option now makes use of all addresses tinc is bound to. + + * Fixed support for tunemu on iOS devices. + + * The PriorityInheritance option now also works with switch mode. + + * Fixed tinc crashing when using a SOCKS5 proxy. + +Thanks to Mesar Hameed, Vilbrekin and Martin Schürrer for their contributions +to this version of tinc. + +Version 1.0.19 June 25 2012 + + * Allow :: notation in IPv6 Subnets. + + * Add support for systemd style socket activation. + + * Allow environment variables to be used for the Name option. + + * Add basic support for SOCKS proxies, HTTP proxies, and proxying through an + external command. + +Thanks to Anthony G. Basile and Michael Tokarev for their contributions to +this version of tinc. + +Version 1.0.18 March 25 2012 + + * Fixed IPv6 in switch mode by turning off DecrementTTL by default. + + * Allow a port number to be specified in BindToAddress, which also allows tinc + to listen on multiple ports. + + * Add support for multicast communication with UML/QEMU/KVM. + +Version 1.0.17 March 10 2012 + + * The DeviceType option can now be used to select dummy, raw socket, UML and + VDE devices without needing to recompile tinc. + + * Allow multiple BindToAddress statements. + + * Decrement TTL value of IPv4 and IPv6 packets. + + * Add LocalDiscovery option allowing tinc to detect peers that are behind the + same NAT. + + * Accept Subnets passed with the -o option when StrictSubnets = yes. + + * Disabling old RSA keys when generating new ones now also works properly on + Windows. + +Thanks to Nick Hibma for his contribution to this version of tinc. + +Version 1.0.16 July 23 2011 + + * Fixed a performance issue with TCP communication under Windows. + + * Fixed code that, during network outages, would cause tinc to exit when it + thought two nodes with identical Names were on the VPN. + +Version 1.0.15 June 24 2011 + + * Improved logging to file. + + * Reduced amount of process wakeups on platforms which support pselect(). + + * Fixed ProcessPriority option under Windows. + +Version 1.0.14 May 8 2011 + + * Fixed reading configuration files that do not end with a newline. Again. + + * Allow arbitrary configuration options being specified on the command line. + + * Allow all options in both tinc.conf and the local host config file. + + * Configurable replay window, UDP send and receive buffers for performance tuning. + + * Try harder to get UDP communication back after falling back to TCP. + + * Initial support for attaching tinc to a VDE switch. + + * DragonFly BSD support. + + * Allow linking with OpenSSL 1.0.0. + + Thanks to Brandon Black, Julien Muchembled, Michael Tokarev, Rumko and Timothy + Redaelli for their contributions to this version of tinc. + +Version 1.0.13 Apr 11 2010 + + * Allow building tinc without LZO and/or Zlib. + + * Clamp MSS of TCP packets in both directions. + + * Experimental StrictSubnets, Forwarding and DirectOnly options, + giving more control over information and packets received from/sent to other + nodes. + + * Ensure tinc never sends symbolic names for ports over the wire. + +Version 1.0.12 Feb 3 2010 + + * Really allow fast roaming of hosts to other nodes in a switched VPN. + + * Fixes missing or incorrect environment variables when calling host-up/down + and subnet-up/down scripts in some cases. + + * Allow port to be specified in Address statements. + + * Clamp MSS of TCP packets to the discovered path MTU. + + * Let two nodes behind NAT learn each others current UDP address and port via + a third node, potentially allowing direct communications in a similar way to + STUN. + +Version 1.0.11 Nov 1 2009 + + * Fixed potential crash when the HUP signal is sent. + + * Fixes handling of weighted Subnets in switch and hub modes, preventing + unnecessary broadcasts. + + * Works around a MinGW bug that caused packets to Windows nodes to always be + sent via TCP. + + * Improvements to the PMTU discovery code, especially on Windows. + + * Use UDP again in certain cases where 1.0.10 was too conservative and fell + back to TCP unnecessarily. + + * Allow fast roaming of hosts to other nodes in a switched VPN. + +Version 1.0.10 Oct 18 2009 + + * Fixed potential crashes during shutdown and (in rare conditions) when other + nodes disconnected from the VPN. + + * Improved NAT handling: tinc now copes with mangled port numbers, and will + automatically fall back to TCP if direct UDP connection between nodes is not + possible. The TCPOnly option should not have to be used anymore. + + * Allow configuration files with CRLF line endings to be read on UNIX. + + * Disable old RSA keys when generating new ones, and raise the default size of + new RSA keys to 2048 bits. + + * Many fixes in the path MTU discovery code, especially when Compression is + being used. + + * Tinc can now drop privileges and/or chroot itself. + + * The TunnelServer code now just ignores information from clients instead of + disconnecting them. + + * Improved performance on Windows by using the new ProcessPriority option and + by making the handling of packets received from the TAP-Win32 adapter more + efficient. + + * Code cleanups: tinc now follows the C99 standard, copyright headers have + been updated to include patch authors, checkpoint tracing and localisation + features have been removed. + + * Support for (jailbroken) iPhone and iPod Touch has been added. + + Thanks to Florian Forster, Grzegorz Dymarek and especially Michael Tokarev for + their contributions to this version of tinc. + Version 1.0.9 Dec 26 2008 * Fixed tinc as a service under Windows 2003. @@ -15,12 +222,16 @@ Version 1.0.9 Dec 26 2008 * Fixed a memory leak that occured when connections were closed. + Thanks to Max Rijevski for his contributions to this version of tinc. + Version 1.0.8 May 16 2007 * Fixed some memory and resource leaks. * Made network sockets non-blocking under Windows. + Thanks to Scott Lamb and "dnk" for their contributions to this version of tinc. + Version 1.0.7 Jan 5 2007 * Fixed a bug that caused slow network speeds on Windows. @@ -48,6 +259,8 @@ version 1.0.5 Nov 14 2006 * Support LZO 2.0 and later. + Thanks to Scott Lamb for his contributions to this version of tinc. + version 1.0.4 May 4 2005 * Fix switch and hub modes.