Commit | Line | Data |
---|---|---|
a9c69a6f MW |
1 | tripe (1.0.0pre16.1) experimental; urgency=low |
2 | ||
3 | * tripe: Diagnose a mismatch between two peers' choice of bulk crypto | |
4 | transforms. | |
5 | ||
6 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 17 Feb 2015 21:33:47 +0000 | |
7 | ||
472fc6bd MW |
8 | tripe (1.0.0pre16) experimental; urgency=low |
9 | ||
10 | * pathmtu: Use `IP_PMTUDISC_PROBE' rather than `..._DO' when doing | |
11 | Linux-specific probing: this prevents inexplicable `EMSGSIZE' failures | |
12 | from write(2). | |
13 | * tripe: New bulk-crypto transform `iiv', which (a) reduces encryption | |
14 | overhead and (b) is fully deterministic, closing a possible | |
15 | kleptographic channel. | |
16 | * tripe: Improve logging options in the client and startup scripts. | |
17 | * tripe: Ship experimental systemd units as examples. | |
18 | * tripe-peer-services: `conntrack' supports newer GLib bindings. | |
19 | * tripe-peer-services: `connect' now only polls its database once a minute | |
20 | (rather than once a second). | |
21 | * tripemon: Support for newer Gtk bindings. | |
22 | * tripemon: More distinctive highlighting of entry fields with invalid | |
23 | contents. | |
24 | * tripemon: Show per-peer crypto details in info sheet. | |
25 | * tripemon: Support new options in `Add peer' dialogue. | |
26 | ||
27 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 20 Jul 2014 21:48:23 +0100 | |
28 | ||
8886c0f9 MW |
29 | tripe (1.0.0pre15) experimental; urgency=low |
30 | ||
31 | * Allow network masks in the `laddr' and `raddr' lists. | |
32 | ||
33 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 19 Apr 2014 14:34:22 +0100 | |
34 | ||
cf035d96 MW |
35 | tripe (1.0.0pre14) experimental; urgency=low |
36 | ||
37 | * Abolish the `watch' service. Its functionality has been absorbed into | |
38 | `connect', and the postinst script now attempts to remove the obsolete | |
39 | symbolic link from /etc/tripe/services. | |
40 | * Many internal build changes. | |
41 | ||
42 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 28 Jan 2014 15:39:24 +0000 | |
43 | ||
04ed79b8 MW |
44 | tripe (1.0.0pre13) experimental; urgency=low |
45 | ||
46 | * Compare MAC tags in constant time. (Fixes a timing attack performed | |
47 | by an adversary who can watch the timestamp on the server log.) | |
48 | ||
49 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 27 May 2013 22:58:31 +0100 | |
50 | ||
c2f28e4b MW |
51 | tripe (1.0.0pre12.2) experimental; urgency=low |
52 | ||
53 | * New `tripe-keys' command: `check' reports on keys which will expire | |
54 | soon, so that someone remembers to refresh them. | |
55 | ||
56 | -- Mark Wooding <mdw@distorted.org.uk> Thu, 07 Feb 2013 10:37:01 +0000 | |
57 | ||
b2a72eca MW |
58 | tripe (1.0.0pre12.1) experimental; urgency=low |
59 | ||
60 | * Extract Wireshark version number from `wireshark-common' rather than | |
61 | `wireshark': the latter need not be installed. | |
62 | ||
63 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 12 Jan 2013 22:30:32 +0000 | |
64 | ||
d3731285 MW |
65 | tripe (1.0.0pre12) experimental; urgency=low |
66 | ||
67 | * tripe-peer-services: Add machinery for notifying a peer that we no | |
68 | longer require its services. | |
69 | ||
70 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 05 Jan 2013 07:50:33 +0000 | |
71 | ||
791a8698 MW |
72 | tripe (1.0.0pre11.1) experimental; urgency=low |
73 | ||
74 | * tripe: Fix segfault from PEERINFO command. | |
75 | * tripe: Include missing documentation of ADD command's `-priv' option. | |
76 | * tripe: Fix warning message which didn't match documentation. | |
77 | ||
78 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 15 Dec 2012 14:14:36 +0000 | |
79 | ||
87c06f6b | 80 | tripe (1.0.0pre11) experimental; urgency=low |
1a372224 MW |
81 | |
82 | * Fix log/permissions foul-up. Move the logs to /var/log/tripe, and | |
83 | arrange for that directory to exist with the correct permissions. | |
84 | Don't try to open the log until after dropping privileges, so as to | |
85 | provide a check that we can reopen them later. | |
8743c776 MW |
86 | * New peer option `mobile' can be set in peers.d files to indicate that |
87 | the peer's IP address and/or port are highly volatile and the server | |
88 | should try to keep up with changes by attempting to decrypt incoming | |
89 | packets using any available mobile keys. | |
87c06f6b MW |
90 | * tripe: Mobile peers: track changes in remote address automatically. |
91 | * pathmtu: New mode uses raw sockets for portability. | |
92 | * tripe-peer-services: Support IPv6 interface configuration. (There's | |
93 | still no support for sending encrypted packets over IPv6.) | |
94 | * tripe: Randomize exponential backoff for retransmission. [mdw/backoff] | |
95 | * tripe: Support multiple private keys and cipher suites in the same | |
96 | server. | |
1a372224 | 97 | |
87c06f6b | 98 | -- Mark Wooding <mdw@distorted.org.uk> Tue, 18 Sep 2012 03:39:52 +0100 |
1a372224 | 99 | |
550edef7 MW |
100 | tripe (1.0.0pre10) experimental; urgency=low |
101 | ||
102 | * Overhaul SLIP error handling. | |
103 | * Have conntrack tear VPN down in some networks. | |
104 | ||
105 | -- Mark Wooding <mdw@distorted.org.uk> Fri, 22 Apr 2011 16:48:31 +0100 | |
106 | ||
29b6a378 MW |
107 | tripe (1.0.0pre9) experimental; urgency=low |
108 | ||
109 | * Make conntrack rather more robust against errors. | |
110 | * Logically separate key tags from peer names. | |
111 | ||
112 | -- Mark Wooding <mdw@distorted.org.uk> Mon, 17 May 2010 20:27:33 +0100 | |
113 | ||
642bde67 MW |
114 | tripe (1.0.0pre8.1) experimental; urgency=low |
115 | ||
116 | * Whoops. conntrack was almost completely broken. Fix it a lot. | |
117 | ||
118 | -- Mark Wooding <mdw@distorted.org.uk> Sat, 15 May 2010 20:06:12 +0100 | |
119 | ||
06007586 MW |
120 | tripe (1.0.0pre8) experimental; urgency=low |
121 | ||
122 | * Many changes, enhancements and bug fixes. Like, way too many to list | |
123 | here. | |
124 | ||
125 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 09 May 2010 15:32:30 +0100 | |
126 | ||
d36eda2a | 127 | tripe (1.0.0pre7) experimental; urgency=low |
128 | ||
129 | * Support SLIP encapsulation. | |
130 | ||
82c75bd9 | 131 | -- Mark Wooding <mdw@distorted.org.uk> Sun, 4 Sep 2005 00:52:56 +0100 |
d36eda2a | 132 | |
ef4a1ab7 | 133 | tripe (1.0.0pre6) experimental; urgency=low |
134 | ||
135 | * Debianization! | |
52c03a2a | 136 | * Don't report uninteresting errors when accepting connections. |
137 | * Support elliptic curve keys. | |
c55f55af | 138 | * Allow user selection of symmetric crypto algorithms. |
ef4a1ab7 | 139 | |
c55f55af | 140 | -- Mark Wooding <mdw@nsict.org> Mon, 19 Apr 2004 08:44:00 +0100 |