Version 1.0.16 released.

• Fixed a performance issue with TCP communication under Windows.
• Fixed code that, during network outages, would cause tinc to exit when it thought two nodes with identical Names were on the VPN.

Version 1.1pre2 released.

• .cookie files are renamed to .pid files, which are compatible with 1.0.x.
• Experimental protocol enhancements that can be enabled with the option ExperimentalProtocol = yes:
  • Ephemeral ECDH key exchange will be used for both the meta protocol and UDP session keys.
  • Key exchanges are signed with ECDSA.
  • ECDSA public keys are automatically exchanged after RSA authentication if nodes do not know each other’s ECDSA public key yet.

Version 1.1pre1 released.

• Control interface allows control of a running tinc daemon. Used by:
  • tincctl, a commandline utility
  • tinc-gui, a preliminary GUI implemented in Python/wxWidgets
• Code cleanups and reorganization.
• Repleacable cryptography backend, currently supports OpenSSL and libgcrypt.
• Use libevent to handle I/O events and timeouts.
• Use splay trees instead of AVL trees to manage internal datastructures.

This is the first pre-release of the 1.1 branch of tinc. Tinc 1.1 is protocol compatible with 1.0.x, but will have large architectural changes and new features. Tinc 1.0.x will still be maintained. Please try out this new version, and let us know what you think of, and report any bugs you find.

Version 1.0.15 released.

• Improved logging to file.
• Reduced amount of process wakeups on platforms which support pselect().
• Fixed ProcessPriority option under Windows.

Thanks to Loïc Grenié for his contribution to this version of tinc.

Version 1.0.14 released.

• Fixed reading configuration files that do not end with a newline. Again.
• Allow arbitrary configuration options being specified on the command line.
• Allow all options in both tinc.conf and the local host config file.
• Configurable replay window, UDP send and receive buffers for performance tuning.
• Try harder to get UDP communication back after falling back to TCP.
• Initial support for attaching tinc to a VDE switch.
• DragonFly BSD support.
• Allow linking with OpenSSL 1.0.0.

Thanks to Brandon Black, Julien Muchembled, Michael Tokarev, Rumko and Timothy Redaelli for their contributions to this version of tinc.

At FOSDEM 2011, on Sunday morning February 6, there will be three tinc related talks in the New challenges in Virtualization devroom:

• 10:00 Brandon Black: “Building VPNs in EC2”
• 10:20 Guus Sliepen: “The difficulties of a peer-to-peer VPN on the hostile Internet”
• 11:00 Saverio Proto: “FairVPN - Fairness-oriented Overlay VPN topology construction”

You are invited to come by and discuss tinc, VPNs and other virtualization issues here.

A clone of the official tinc repository is now available at GitHub:

https://github.com/gsliepen/tinc

Developers can use this to make their own public “fork” of the git repository, and push their own commits to GitHub. One can still send regular patches or use other git workflows.

At FOSDEM 2011, we will be present in the devroom New challenges in Virtualization. You are invited to come by and discuss tinc, VPNs and other virtualization issues here.

FOSDEM 2011 will take place on February 5 and 6 in Brussels, Belgium.

Version 1.0.13 released.

• Allow building tinc without LZO and/or Zlib.
• Clamp MSS of TCP packets in both directions.
• Experimental StrictSubnets, Forwarding and DirectOnly options, giving more control over information and packets received from/sent to other nodes.
• Ensure tinc never sends symbolic names for ports over the wire.

The slides from the FOSDEM 2010 lightning talk are now online.