| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234 |
- version 1.0pre5 Feb 9 2002
- * Security enhancements:
- * Added sequence number and optional message authentication code to
- the packets.
- * Configurable encryption cipher and digest algorithms.
- * More robust handling of dis- and reconnects.
- * Added a "switch" and a "hub" mode to allow bridging setups.
- * Preliminary support for routing of IPv6 packets.
- * Supports Linux, FreeBSD, OpenBSD and Solaris.
- It looks like this might be the last release before 1.0.
- version 1.0pre4 Jan 17 2001
- * Updated documentation; the documentation now reflects the
- configuration as it is.
- * Some internal changes to make tinc scale better for large
- networks, such as using AVL trees instead of linked lists for the
- connection list.
- * RSA keys can be stored in separate files if needed. See the
- documentation for more information.
- * tinc has now been reported to run on Linux PowerPC and FreeBSD x86.
- version 1.0pre3 Oct 31 2000
- * The protocol has been redesigned, and although some details are
- still under discussion, this is secure. Care has been taken to
- resist most, if not all, attacks.
-
- * Unfortunately this protocol is not compatible with earlier versions,
- nor are earlier versions compatible with this version. Because the
- older protocol has huge security flaws, we feel that not
- implementing backwards compatibility is justified.
- * Some data about the protocol:
- * It uses public/private RSA keys for authentication (this is the
- actual fix for the security hole).
- * All cryptographic functions have been taken out of tinc, instead
- it uses the OpenSSL library functions.
- * Offers support for multiple subnets per tinc daemon.
- * New is also the support for the universal tun/tap device. This
- means better portability to FreeBSD and Solaris.
- * tinc is tested to compile on Solaris, Linux x86, Linux alpha.
- * tinc now uses the OpenSSL library for cryptographic operations.
- More information on getting and installing OpenSSL is in the manual.
- This also means that the GMP library is no longer required.
- * Further, thanks to Enrique Zanardi, we have Spanish messages; Matias
- Carrasco provided us with a Spanish translation of the manual.
- What still needs to be done before 1.0:
- * Documentation. Especially since the protocol has changed, and a lot
- of configuration directives have been added.
- version 1.0pre2 May 31 2000
- * This version has been internationalized; and a Dutch translation has
- been included.
-
- * Two configuration variables have been added:
- * VpnMask - the IP network mask for the entire VPN, not just our
- subnet (as given by MyVirtualIP). The Redhat and Debian packages
- use this variable in their system startup scripts, but it is
- ignored by tinc.
- * Hostnames - if set to `yes', look up the names of IP addresses
- trying to connect to us. Default set to `no', to prevent lockups
- during lookups.
-
- * The system startup scripts for Debian and Redhat use
- /etc/tinc/nets.boot to find out which networks need to be started
- during system boot.
-
- * Fixes to prevent denial of service attacks by sending random data
- after connecting (and even when the connection has been established),
- either random garbage or just nonsensical protocol fields.
-
- * tinc will retry to connect upon startup, does not quit if it doesn't
- work the first time.
-
- * Hosts that are disconnected implicitly if we lose a connection get
- deleted from the internal list, to prevent hogging eachother with
- add and delete requests when the connection is restored.
-
-
- What still needs to be done before 1.0:
-
- * Documentation.
- * Failover ConnectTo lines, try another one if the first doesn't work.
- version 1.0pre1 May 12 2000
- * New meta-protocol
- * Various other bugfixes
- * Documentation updates
- version 0.3.3 Feb 9 2000
- * Fixed bug that made tinc stop working with latest kernels (Guus
- Sliepen)
- * Updated the manual
- version 0.3.2 Nov 12 1999
- * no more `Invalid filedescriptor' when working with multiple
- connections
- * forward unknown packets to uplink
- version 0.3.1 Oct 20 1999
- * fixed a bug where tinc would exit without a trace
- version 0.3 Aug 20 1999
- * pings now work immediately
- * all packet sizes get transmitted correctly
- version 0.2.26 Aug 15 1999
- * fixed some remaining bugs
- * --sysconfdir works with configure
- * last version before 0.3
- version 0.2.25 Aug 8 1999
- * improved stability, going towards 0.3 now.
- version 0.2.24 Aug 7 1999
- * added key aging, there's a new config variable, KeyExpire.
- * updated man and info pages
- version 0.2.23 Aug 5 1999
- * all known bugs fixed, this is a candidate for 0.3
- version 0.2.22 Apr 11 1999
- * multiconnection thing is now working nearly perfect :)
- version 0.2.21 Apr 10 1999
- * You shouldn't notice a thing, but a lot has changed wrt key
- management - except that it refuses to talk to versions < 0.2.20
- version 0.2.20
- version 0.2.19 Apr 3 1999
- * don't install a libcipher.so
- version 0.2.18 Apr 3 1999
- * blowfish library dynamically loaded upon execution
- * included Eric Young's IDEA library
- version 0.2.17 Apr 1 1999
- * tincd now re-executes itself in case of a segmentation fault.
- version 0.2.16 Apr 1 1999
- * wrote tincd.conf(5) man page, which still needs a lot of work.
- * config file now accepts and tolerates spaces, and any integer base
- for integer variables, and better error reporting. See
- doc/tincd.conf.sample for an example.
- version 0.2.15 Mar 29 1999
- * fixed bugs
- version 0.2.14 Feb 10 1999
- * added --timeout flag and PingTimeout configuration
- * did some first syslog cleanup work
- version 0.2.13 Jan 23 1999
- * bugfixes
- version 0.2.12 Jan 23 1999
- * fixed nauseating bug so that it would crash whenever a connection
- got lost
- version 0.2.11 Jan 22 1999
- * framework for multiple connections has been done
- * simple manpage for tincd
- version 0.2.10 Jan 18 1999
- * passphrase support added
- version 0.2.9 Jan 13 1999
- * bugs fixed.
- version 0.2.8 Jan 11 1999
- * a reworked protocol version
- * a ping/pong system
- * more reliable networking code
- * automatic reconnection
- * still does not work with more than one connection :)
- * strips MAC addresses before sending, so there's less overhead, and
- less redundancy
- version 0.2.7 Jan 3 1999
- * several updates to make extending more easy.
- version 0.2.6 Dec 20 1998
- * Point-to-Point connections have been established, including
- blowfish encryption and a secret key-exchange.
- version 0.2.5 Dec 16 1998
- * Project renamed to tinc, in honour of TINC.
- version 0.2.4 Dec 16 1998
- * now it really does ;)
- version 0.2.3 Nov 24 1998
- * it sort of works now
- version 0.2.2 Nov 20 1998
- * uses GNU gmp.
- version 0.2.1 Nov 14 1998
- * Bare version.
|
