+strongswan-4.1.4
+----------------
+
+- The pluto IKEv1 daemon now exhibits the same behaviour as its
+ IKEv2 companion charon by inserting an explicit route via the
+ _updown script only if a sourceip exists. This is admissible
+ since routing through the IPsec tunnel is handled automatically
+ by NETKEY's IPsec policies. As a consequence the left|rightnexthop
+ parameter is not required any more.
+
+- The new IKEv1 parameter right|leftallowany parameters helps to handle
+ the case where both peers possess dynamic IP addresses that are
+ usually resolved using DynDNS or a similar service. The configuration
+
+ right=peer.foo.bar
+ rightallowany=yes
+
+ can be used by the initiator to start up a connection to a peer
+ by resolving peer.foo.bar into the currently allocated IP address.
+ Thanks to the rightallowany flag the connection behaves later on
+ as
+
+ right=%any
+
+ so that the peer can rekey the connection as an initiator when his
+ IP address changes.
+
+
+strongswan-4.1.3
+----------------
+
+- IKEv2 peer configuration selection now can be based on a given
+ certification authority using the rightca= statement.
+
+- IKEv2 authentication based on RSA signatures now can handle multiple
+ certificates issued for a given peer ID. This allows a smooth transition
+ in the case of a peer certificate renewal.
+
+- IKEv2: Support for requesting a specific virtual IP using leftsourceip on the
+ client and returning requested virtual IPs using rightsourceip=%config
+ on the server. If the server does not support configuration payloads, the
+ client enforces its leftsourceip parameter.
+
+- The ./configure options --with-uid/--with-gid allow pluto and charon
+ to drop their privileges to a minimum and change to an other UID/GID. This
+ improves the systems security, as a possible intruder may only get the
+ CAP_NET_ADMIN capability.
+
+- Further modularization of charon: Pluggable control interface and
+ configuration backend modules provide extensibility. The control interface
+ for stroke is included, and further interfaces using DBUS (NetworkManager)
+ or XML are on the way. A backend for storing configurations in the daemon
+ is provided and more advanced backends (using e.g. a database) are trivial
+ to implement.
+
+ - Fixed a compilation failure in libfreeswan occuring with Linux kernel
+ headers > 2.6.17.
+
+
+strongswan-4.1.2
+----------------
+
+- Support for an additional Diffie-Hellman exchange when creating/rekeying
+ a CHILD_SA in IKEv2 (PFS). PFS is enabled when the proposal contains a
+ DH group (e.g. "esp=aes128-sha1-modp1536"). Further, DH group negotiation
+ is implemented properly for rekeying.
+
+- Support for the AES-XCBC-96 MAC algorithm for IPsec SAs when using IKEv2
+ (requires linux >= 2.6.20). It is enabled using e.g. "esp=aes256-aesxcbc".
+
+- Working IPv4-in-IPv6 and IPv6-in-IPv4 tunnels for linux >= 2.6.21.
+
+- Added support for EAP modules which do not establish an MSK.
+
+- Removed the dependencies from the /usr/include/linux/ headers by
+ including xfrm.h, ipsec.h, and pfkeyv2.h in the distribution.
+
+- crlNumber is now listed by ipsec listcrls
+
+- The xauth_modules.verify_secret() function now passes the
+ connection name.
+
+
+strongswan-4.1.1
+----------------
+
+- Server side cookie support. If to may IKE_SAs are in CONNECTING state,
+ cookies are enabled and protect against DoS attacks with faked source
+ addresses. Number of IKE_SAs in CONNECTING state is also limited per
+ peer address to avoid resource exhaustion. IKE_SA_INIT messages are
+ compared to properly detect retransmissions and incoming retransmits are
+ detected even if the IKE_SA is blocked (e.g. doing OCSP fetches).
+
+- The IKEv2 daemon charon now supports dynamic http- and ldap-based CRL
+ fetching enabled by crlcheckinterval > 0 and caching fetched CRLs
+ enabled by cachecrls=yes.
+
+- Added the configuration options --enable-nat-transport which enables
+ the potentially insecure NAT traversal for IPsec transport mode and
+ --disable-vendor-id which disables the sending of the strongSwan
+ vendor ID.
+
+- Fixed a long-standing bug in the pluto IKEv1 daemon which caused
+ a segmentation fault if a malformed payload was detected in the
+ IKE MR2 message and pluto tried to send an encrypted notification
+ message.
+
+- Added the NATT_IETF_02_N Vendor ID in order to support IKEv1 connections
+ with Windows 2003 Server which uses a wrong VID hash.
+
+
+strongswan-4.1.0
+----------------
+
+- Support of SHA2_384 hash function for protecting IKEv1
+ negotiations and support of SHA2 signatures in X.509 certificates.
+
+- Fixed a serious bug in the computation of the SHA2-512 HMAC
+ function. Introduced automatic self-test of all IKEv1 hash
+ and hmac functions during pluto startup. Failure of a self-test
+ currently issues a warning only but does not exit pluto [yet].
+
+- Support for SHA2-256/384/512 PRF and HMAC functions in IKEv2.
+
+- Full support of CA information sections. ipsec listcainfos
+ now shows all collected crlDistributionPoints and OCSP
+ accessLocations.
+
+- Support of the Online Certificate Status Protocol (OCSP) for IKEv2.
+ This feature requires the HTTP fetching capabilities of the libcurl
+ library which must be enabled by setting the --enable-http configure
+ option.
+
+- Refactored core of the IKEv2 message processing code, allowing better
+ code reuse and separation.
+
+- Virtual IP support in IKEv2 using INTERNAL_IP4/6_ADDRESS configuration
+ payload. Additionally, the INTERNAL_IP4/6_DNS attribute is interpreted
+ by the requestor and installed in a resolv.conf file.
+
+- The IKEv2 daemon charon installs a route for each IPsec policy to use
+ the correct source address even if an application does not explicitly
+ specify it.
+
+- Integrated the EAP framework into charon which loads pluggable EAP library
+ modules. The ipsec.conf parameter authby=eap initiates EAP authentication
+ on the client side, while the "eap" parameter on the server side defines
+ the EAP method to use for client authentication.
+ A generic client side EAP-Identity module and an EAP-SIM authentication
+ module using a third party card reader implementation are included.
+
+- Added client side support for cookies.
+
+- Integrated the fixes done at the IKEv2 interoperability bakeoff, including
+ strict payload order, correct INVALID_KE_PAYLOAD rejection and other minor
+ fixes to enhance interoperability with other implementations.
+
+
+strongswan-4.0.7
+----------------
+
+- strongSwan now interoperates with the NCP Secure Entry Client,
+ the Shrew Soft VPN Client, and the Cisco VPN client, doing both
+ XAUTH and Mode Config.
+
+- UNITY attributes are now recognized and UNITY_BANNER is set
+ to a default string.
+
+
+strongswan-4.0.6
+----------------
+
+- IKEv1: Support for extended authentication (XAUTH) in combination
+ with ISAKMP Main Mode RSA or PSK authentication. Both client and
+ server side were implemented. Handling of user credentials can
+ be done by a run-time loadable XAUTH module. By default user
+ credentials are stored in ipsec.secrets.
+
+- IKEv2: Support for reauthentication when rekeying
+
+- IKEv2: Support for transport mode
+
+- fixed a lot of bugs related to byte order
+
+- various other bugfixes
+
+
+strongswan-4.0.5
+----------------
+
+- IKEv1: Implementation of ModeConfig push mode via the new connection
+ keyword modeconfig=push allows interoperability with Cisco VPN gateways.
+
+- IKEv1: The command ipsec statusall now shows "DPD active" for all
+ ISAKMP SAs that are under active Dead Peer Detection control.
+
+- IKEv2: Charon's logging and debugging framework has been completely rewritten.
+ Instead of logger, special printf() functions are used to directly
+ print objects like hosts (%H) identifications (%D), certificates (%Q),
+ etc. The number of debugging levels have been reduced to:
+
+ 0 (audit), 1 (control), 2 (controlmore), 3 (raw), 4 (private)
+
+ The debugging levels can either be specified statically in ipsec.conf as
+
+ config setup
+ charondebug="lib 1, cfg 3, net 2"
+
+ or changed at runtime via stroke as
+
+ ipsec stroke loglevel cfg 2
+
+
+strongswan-4.0.4
+----------------
+
+- Implemented full support for IPv6-in-IPv6 tunnels.
+
+- Added configuration options for dead peer detection in IKEv2. dpd_action
+ types "clear", "hold" and "restart" are supported. The dpd_timeout
+ value is not used, as the normal retransmission policy applies to
+ detect dead peers. The dpd_delay parameter enables sending of empty
+ informational message to detect dead peers in case of inactivity.
+
+- Added support for preshared keys in IKEv2. PSK keys configured in
+ ipsec.secrets are loaded. The authby parameter specifies the authentication
+ method to authentificate ourself, the other peer may use PSK or RSA.
+
+- Changed retransmission policy to respect the keyingtries parameter.
+
+- Added private key decryption. PEM keys encrypted with AES-128/192/256
+ or 3DES are supported.
+
+- Implemented DES/3DES algorithms in libstrongswan. 3DES can be used to
+ encrypt IKE traffic.
+
+- Implemented SHA-256/384/512 in libstrongswan, allows usage of certificates
+ signed with such a hash algorithm.
+
+- Added initial support for updown scripts. The actions up-host/client and
+ down-host/client are executed. The leftfirewall=yes parameter
+ uses the default updown script to insert dynamic firewall rules, a custom
+ updown script may be specified with the leftupdown parameter.
+
+
strongswan-4.0.3
----------------
new keys are generated using perfect forward secrecy. An optional flag
which enforces reauthentication will be implemented later.
+- "sha" and "sha1" are now treated as synonyms in the ike= and esp=
+ algorithm configuration statements.
+
+
strongswan-4.0.2
----------------
listcerts and allows proper load, reload and delete of connections
via ipsec starter.
+
strongswan-4.0.0
----------------