Commit | Line | Data |
---|---|---|
6c23d95c IJ |
1 | secnet (0.4.0~~iwj~) UNRELEASED; urgency=low |
2 | ||
1e36b4e9 IJ |
3 | New features: |
4 | * Support transport over IPv6. (We do not yet carry IPv6 in the private | |
5 | network.) IPv6 support depends on IPv6-capable adns (adns 1.5.x). | |
6 | * New polypath comm, which can duplicate packets so as to send them via | |
7 | multiple routes over the public network, for increased | |
8 | reliability/performance (but increased cost). Currently Linux-only | |
9 | but should be fairly easy to port. | |
10 | * Support multiple public addresses for peers. | |
11 | * Discard previously-received packets (by default). | |
12 | ||
13 | Logging improvements: | |
14 | * Report (each first) transmission and reception success and failure. | |
15 | * Log reason for DNS reolution failure. | |
16 | * Log unexpected kinds of death from userv. | |
17 | * Log authbind exit status as errno value (if appropriate). | |
18 | ||
19 | Configuration adjustments: | |
20 | * Adjust default number of mobile peer addresses to store when a peer | |
21 | public address is also configured. | |
22 | * Make specifying peer public port optional. This avoids making special | |
23 | arrangements to bind to a port for in mobile sites with no public | |
24 | stable address. | |
25 | ||
26 | Bugfixes: | |
27 | * Hackypar children will die if they get a terminating signal. | |
28 | * Fix signal dispositions inherited by secnet's child processes. | |
29 | * Fix off-by-one error which prevented setting transport-peers-max to 5. | |
30 | ||
31 | Test, build and internal improvements: | |
32 | * Use conventional IP address handling library ipaddr.py. | |
33 | * Provide a fuzzer for the slip decoder. | |
34 | * Build system improvements. | |
35 | * Many source code cleanups. | |
6c23d95c IJ |
36 | |
37 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 09 Oct 2014 19:19:05 +0100 | |
38 | ||
5d8fc5c0 IJ |
39 | secnet (0.3.4) unstable; urgency=low |
40 | ||
41 | SECURITY FIX: | |
42 | * The previous security fix to buffer handling was entirely wrong. This | |
43 | one is better. Thanks to Simon Tatham for the report and the patch. | |
44 | ||
45 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Mon, 22 Sep 2014 16:16:11 +0100 | |
46 | ||
3c35339b IJ |
47 | secnet (0.3.3) unstable; urgency=high |
48 | ||
49 | SECURITY FIXES: | |
50 | * Pass correct size argument to recvfrom. This is a serious security | |
51 | problem which may be exploitable from outside the VPN. | |
52 | * Fix a memory leak in some error logging. | |
53 | ||
54 | Other related fixes: | |
55 | * Two other latent bugs in buffer length handling found and fixed. | |
56 | * Non-critical stylistic improvements to buffer length handling, to make | |
57 | the code clearer and to assist audit. | |
58 | ||
59 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 19 Sep 2014 23:50:45 +0100 | |
60 | ||
cad61687 IJ |
61 | secnet (0.3.3~beta1) unstable; urgency=low |
62 | ||
63 | Installation compatibility fix: | |
64 | * In make-secnet-sites, always use our own ipaddr.py even if the | |
65 | incompatible modern ipaddr.py is installed (eg via python-ipaddr.deb). | |
66 | (Future versions of secnet are going to need that Python module to be | |
67 | installed.) | |
68 | ||
69 | For links involving mobile sites: | |
70 | * Use source of NAK packets as hint for peer transport address. | |
71 | * When initiating rekey, make use of data transport peer addresses. | |
72 | ||
73 | Build fix: | |
74 | * Provide clean target in test-example/Makefile. | |
75 | ||
76 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 19 Sep 2014 00:11:44 +0100 | |
77 | ||
79c6c87c IJ |
78 | secnet (0.3.2) unstable; urgency=low |
79 | ||
80 | * Release of 0.3.2. No code changes since 0.3.1~beta1. | |
81 | ||
82 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 26 Jun 2014 20:27:58 +0100 | |
83 | ||
27ee084e | 84 | secnet (0.3.2~beta1) unstable; urgency=low |
af0869f5 | 85 | |
27ee084e | 86 | For links involving mobile sites: |
f09b3955 | 87 | * SECURITY: Properly update peer address array when it is full. |
27ee084e IJ |
88 | * Do name-resolution on peer-initiated key setup too, when we are mobile |
89 | (and other name-resolution improvements). | |
90 | ||
91 | Other minor improvements: | |
f09b3955 | 92 | * Log peer addresses on key exchange timeout. |
e4cfe537 IJ |
93 | * When printing version (eg during startup), use value from git-describe |
94 | and thus include git commit id where applicable. | |
af0869f5 | 95 | * Updates to release checklist in Makefile.in. |
09aecaa2 | 96 | * Use C99 _Bool for bool_t. |
af0869f5 | 97 | |
27ee084e | 98 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 06 Jun 2014 01:17:54 +0100 |
af0869f5 | 99 | |
88356888 IJ |
100 | secnet (0.3.1) unstable; urgency=low |
101 | ||
102 | * Release of 0.3.1. No code changes since 0.3.1~beta3. | |
103 | ||
104 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 15 May 2014 01:08:30 +0100 | |
105 | ||
c1e8412b IJ |
106 | secnet (0.3.1~beta3) unstable; urgency=low |
107 | ||
108 | * Build fixes for non-i386 architectures and gcc 4.8.2. | |
109 | ||
110 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 08 May 2014 19:53:43 +0100 | |
111 | ||
2368720d IJ |
112 | secnet (0.3.1~beta2) unstable; urgency=low |
113 | ||
114 | Fix relating to new fragmentation / ICMP functionality: | |
115 | * Generate ICMP packets correctly in point-to-point configurations. | |
116 | ||
117 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sat, 03 May 2014 18:58:09 +0100 | |
118 | ||
d3dd9ddc | 119 | secnet (0.3.1~beta1) unstable; urgency=low |
1ca0593d | 120 | |
d3dd9ddc | 121 | Security fixes (vulnerabilities are to inside attackers only): |
32240a83 | 122 | * SECURITY: Fixes to MTU and fragmentation handling. |
cfd79482 | 123 | * SECURITY: Correctly set "unused" ICMP header field. |
e8b1adac | 124 | * SECURITY: Fix IP length check not to crash on very short packets. |
d3dd9ddc IJ |
125 | |
126 | New feature: | |
3ed1846a | 127 | * Make the inter-site MTU configurable, and negotiate it with the peer. |
1ca0593d | 128 | |
d3dd9ddc IJ |
129 | Bugfixes etc.: |
130 | * Fix netlink SEGV on clientless netlinks (i.e. configuration error). | |
131 | * Fix formatting error in p-t-p startup message. | |
132 | * Do not send ICMP errors in response to unknown incoming ICMP. | |
133 | * Fix formatting error in secnet.8 manpage. | |
134 | * Internal code rearrangements and improvements. | |
135 | ||
136 | Packaging improvements: | |
137 | * Updates to release checklist in Makefile.in. | |
138 | * Additions to the test-example suite. | |
139 | ||
140 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 01 May 2014 19:02:56 +0100 | |
1ca0593d | 141 | |
53dea2fb IJ |
142 | secnet (0.3.0) unstable; urgency=low |
143 | ||
144 | * Release of 0.3.0. No code changes since 0.3.0~beta3. | |
145 | * Update release checklist. | |
146 | ||
147 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sun, 01 Sep 2013 20:27:48 +0100 | |
148 | ||
74f85762 | 149 | secnet (0.3.0~beta3) unstable; urgency=low |
8aaaa634 IJ |
150 | |
151 | * New upstream version. | |
152 | - Stability bugfix: properly initialise site's scratch buffer. | |
153 | ||
74f85762 | 154 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Mon, 05 Aug 2013 11:54:09 +0100 |
8aaaa634 | 155 | |
f0b0f549 IJ |
156 | secnet (0.3.0~beta2) unstable; urgency=low |
157 | ||
158 | * New upstream version. | |
159 | - SECURITY FIX: RSA public modulus and exponent buffer overflow. | |
160 | - SECURITY FIX: Use constant-time memcmp for message authentication. | |
161 | - SECURITY FIX: Provide a new transform, eax-serpent, to replace cbcmac. | |
162 | - SECURITY FIX: No longer send NAKs for NAKs, avoiding NAK storm. | |
163 | - SECURITY FIX: Fix site name checking when site name A is prefix of B. | |
663d9d5f | 164 | - SECURITY FIX: Safely reject too-short IP packets. |
f0b0f549 IJ |
165 | - Better robustness for mobile sites (proper user of NAKs, new PROD msg). |
166 | - Better robustness against SLIP decoding errors. | |
167 | - Fix bugs which caused routes to sometimes not be advertised. | |
168 | - Protocol capability negotiation mechanism. | |
169 | - Improvements and fixes to protocol and usage documentation. | |
170 | - Other bugfixes and code tidying up. | |
171 | ||
172 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 25 Jul 2013 18:26:01 +0100 | |
173 | ||
e42d5acf IJ |
174 | secnet (0.3.0~beta1) unstable; urgency=low |
175 | ||
176 | * New upstream version. | |
177 | - SECURITY FIX: avoid crashes (or buffer overrun) on short packets. | |
178 | - Bugfixes relating to packet loss during key exchange. | |
179 | - Bugfixes relating to link up/down status. | |
180 | - Bugfixes relating to logging. | |
181 | - make-secnet-sites made more sophisticated to support two vpns on chiark. | |
182 | - Documentation improvements. | |
183 | - Build system improvements. | |
f2376399 IJ |
184 | * Debian packaging improvements: |
185 | - Native package. | |
186 | - Maintainer / uploaders. | |
187 | - init script requires $remove_fs since we're in /usr. | |
e42d5acf IJ |
188 | |
189 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Thu, 12 Jul 2012 20:18:16 +0100 | |
190 | ||
37b5bdcf IJ |
191 | secnet (0.2.1-1) unstable; urgency=low |
192 | ||
193 | * New upstream version. (authbind endianness fix) | |
194 | ||
195 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sun, 11 Dec 2011 13:14:57 +0000 | |
196 | ||
9ee89d42 IJ |
197 | secnet (0.2.0-1) unstable; urgency=low |
198 | ||
199 | * New upstream version. | |
200 | ||
4253701c | 201 | -- Ian Jackson <ijackson@chiark.greenend.org.uk> Sat, 10 Dec 2011 22:44:41 +0000 |
9ee89d42 | 202 | |
ca58ee48 | 203 | secnet (0.1.18-1) unstable; urgency=low |
9d3a4132 SE |
204 | |
205 | * New upstream version. | |
206 | ||
ca58ee48 | 207 | -- Stephen Early <steve@greenend.org.uk> Tue, 18 Mar 2008 17:45:00 +0000 |