- strongSwan-4.0.0 / R:967
-==========================
-
-- removed IKEV2 ifdefs
-- applied patch from andreas
- - added charonstart option to config
- - new ikev2 tests for UML
-- applied patch from andreas
- - pem loading
- - secrets file parsing
- - ikev2 testcase
- - some other additions here and there
-- connection termination is handled cleanly by name now
-- fixed bad bug, certs load now cleanly again
-- fixed make install (subdir order)
-- fixed include path
-- added missing script
-- finished initial import of strongswan file tree
-- removed a lot of old and unused stuff
-- moved RFCs from ikev2 into doc dir
-- added missing files for starter
-- applied patch for charon (this time really)
-- import of strongswan-2.7.0
-- applied patch for charon
-- renamed get_block_size of hasher
-- reworked usage of IDs in various states
-- using ID_ANY for any, not NULL as before
-- initiator sends IDr payload in IKE_AUTH when ID unique
-- fixed charon checks
-- using status & statusall
-- patch for 2.7.0
-- add connection names to connections
-- stroke status / ipsec status shows them
-- added statusall for stroke
-- added status by connection name
-- some tests repaired, more to come
-- fixed spi conversion
-- improved "stroke status" output
-- setup PID file after daemon initilization, to correctly inform
- starter about daemon startup
-- added separate implementation for connection_store, credential_store, policy_store
-- added folder structure to config
-- credentials are fetched solely on IDs now
-- identification_t supports now almost all id types
-- x509 certificates work with identification_t now
-- fixes here, fixes there
-- fixed doxygen build
-- seperates now in lib and charon
-- library initialization done at a central point (library.c)
-- some leak_detective fixes
-- updated Todos
-- fixed log-to-syslog behavior
-- added patch against strongswan-2.6.4
-- x509 certificate loading with pluto asn1 code
-- x509 needs a lot more attention!
-- renamed some files
-- using asn1 pluto stuff now
-- removed, since we use pluto asn1 stuff
-- leak detective is usable, but does not show static function names
- - a script which gets address via ldd and resolves address via addr2line would be nice
-- fixed a leak in child_sa with new detective ;-)
-- some improvements to new asn1 stuff
-- to be continued
-- fixed bad bugs in kernel interface
-- added some logging info
-- works now much more stable
-- startet importing pluto ASN1 stuff
-- der PKCS#1 key loading works (as it did with der_decoder)
-- split up in libstrong, charon, stroke, testing done
-- new leak detective with malloc hook in library
- - useable, but needs improvements
-- logger_manager has now a single instance per library
- - allows use of loggers from any linking prog
-- a LOT of other things
-../svn-commit.tmp
-- added misssing stroke.h
-- improved strokeing
- - down connection
- - status
-- some other tweaks
-- rewrote a lot of RSA stuff
-- done major work for ASN1/decoder
-- allow loading of ASN1 der encoded private keys, public keys and certificates
-- extracting public key from certificates
-- passing certificates from stroke to charon
-=> basic authentication with RSA certificates works!
-- starter work on asn1 with der de/encoder
-- RSA private and public key can load read key from ASN1 DER
-- some other fixes here and there
-- rewrite of logger_manager, uses now one instance per context
-- cleanups for logger here and there
-- removed critical flag check in payload verification (conformance to IKEv2)
-- so thats and theres everywere... ;-)
-- patch for strongswan-2.6.3
-- added charon support for strongswan build process
-- ipsec starter supports charon startup and control
-- removed old diploma thesis scripts
-- some cleanups
-- compatibility to strongswan, Makefile can be called by "make programs"
- and "make install" (ikev2 patch must be applied to strongswan)
-- first version of stroke control utility
-- moved output to doc/api, since doc is used for other docs now
-- some first documentation in english
-- removed old eclipse project files
-- works quite well now with ipsec.conf & ipsec starter
-- belongs to previous commit ;-)
-- reworked configuration framework completly
-- configuration is now split up in: connections, policies, credentials and daemon config
-- further alloc/free fixes needed!
-- first attempt for connection loading and starting via "stroke"
-- some improvements here and there
-- configuration_manager replaced by configuration_t interface
-- current configuration_manager is now static_configuration (testing)
-- first draft of starter_configuration, which should once interact with ipsec starter (via whack?)
-- some cleanups
-- socket_t uses RAW socket, which allows parallel service of pluto/charon
-- comments and cleanups
-- working policy installation and removal
-- fixed policy setup bug
-- proposal setup implementation begun
-- fixed socket code, so we know on which address we receive traffic
-- AH/ESP setup in kernel is working now!!! :-)))
-- installing of child sa works
-- need correct IP adresses to actually use IPsec
-- new RFCs of IKEv2, IKEv2 algs and IPSec arch added
-- update of IKEv2 clarification document
-- refactored ike proposal
-- uses now proposal_t, wich is also used by child proposals
-- ike key derivation refactored
-- crypter_t api has get_key_size now
-- some other improvements here and there
-- config uses uml hosts alice and bob
-- key derivation for child_sa works
-- some fixes here and there
-- fixed memleaks
-- works with new proposal code
-- still some(!) memleaks
-- fixed alot of bugs in child_proposal
-- near to working state ;-)
-- dead end implementation
-
-- ... there is a lot more of it, but
- nothing of interest
+A summary of changes is available in the NEWS file. For a more
+detailed Changelog, refer to the completed versions on the project's roadmap
+(https://wiki.strongswan.org/projects/strongswan/roadmap) or use the Git
+repository (see HACKING) or its web interface available at
+https://git.strongswan.org.
projects / people / ms / strongswan.git / blobdiff