1 version 1.0pre6 Mar 27 2002
3 * Improvement of redundant links:
5 * Non-blocking connects.
7 * Protocol broadcast messages can no longer go into an infinite loop.
9 * Graph algorithm updated to look harder for direct connections.
11 * Good support for routing IPv6 packets over the VPN. Works on Linux,
12 FreeBSD, possibly OpenBSD but not on Solaris.
14 * Support for tunnels over IPv6 networks. Works on all supported
17 * Optional compression of UDP connections using zlib.
19 * Optionally let UDP connections inherit TOS field of tunneld packets.
21 * Optionally start scripts when certain hosts become (un)reachable.
24 version 1.0pre5 Feb 9 2002
26 * Security enhancements:
28 * Added sequence number and optional message authentication code to
31 * Configurable encryption cipher and digest algorithms.
33 * More robust handling of dis- and reconnects.
35 * Added a "switch" and a "hub" mode to allow bridging setups.
37 * Preliminary support for routing of IPv6 packets.
39 * Supports Linux, FreeBSD, OpenBSD and Solaris.
42 It looks like this might be the last release before 1.0.
45 version 1.0pre4 Jan 17 2001
47 * Updated documentation; the documentation now reflects the
48 configuration as it is.
50 * Some internal changes to make tinc scale better for large
51 networks, such as using AVL trees instead of linked lists for the
54 * RSA keys can be stored in separate files if needed. See the
55 documentation for more information.
57 * tinc has now been reported to run on Linux PowerPC and FreeBSD x86.
61 version 1.0pre3 Oct 31 2000
63 * The protocol has been redesigned, and although some details are
64 still under discussion, this is secure. Care has been taken to
65 resist most, if not all, attacks.
67 * Unfortunately this protocol is not compatible with earlier versions,
68 nor are earlier versions compatible with this version. Because the
69 older protocol has huge security flaws, we feel that not
70 implementing backwards compatibility is justified.
72 * Some data about the protocol:
74 * It uses public/private RSA keys for authentication (this is the
75 actual fix for the security hole).
77 * All cryptographic functions have been taken out of tinc, instead
78 it uses the OpenSSL library functions.
80 * Offers support for multiple subnets per tinc daemon.
82 * New is also the support for the universal tun/tap device. This
83 means better portability to FreeBSD and Solaris.
85 * tinc is tested to compile on Solaris, Linux x86, Linux alpha.
87 * tinc now uses the OpenSSL library for cryptographic operations.
88 More information on getting and installing OpenSSL is in the manual.
89 This also means that the GMP library is no longer required.
91 * Further, thanks to Enrique Zanardi, we have Spanish messages; Matias
92 Carrasco provided us with a Spanish translation of the manual.
95 What still needs to be done before 1.0:
97 * Documentation. Especially since the protocol has changed, and a lot
98 of configuration directives have been added.
103 version 1.0pre2 May 31 2000
105 * This version has been internationalized; and a Dutch translation has
108 * Two configuration variables have been added:
109 * VpnMask - the IP network mask for the entire VPN, not just our
110 subnet (as given by MyVirtualIP). The Redhat and Debian packages
111 use this variable in their system startup scripts, but it is
113 * Hostnames - if set to `yes', look up the names of IP addresses
114 trying to connect to us. Default set to `no', to prevent lockups
117 * The system startup scripts for Debian and Redhat use
118 /etc/tinc/nets.boot to find out which networks need to be started
121 * Fixes to prevent denial of service attacks by sending random data
122 after connecting (and even when the connection has been established),
123 either random garbage or just nonsensical protocol fields.
125 * tinc will retry to connect upon startup, does not quit if it doesn't
128 * Hosts that are disconnected implicitly if we lose a connection get
129 deleted from the internal list, to prevent hogging eachother with
130 add and delete requests when the connection is restored.
133 What still needs to be done before 1.0:
136 * Failover ConnectTo lines, try another one if the first doesn't work.
141 version 1.0pre1 May 12 2000
143 * Various other bugfixes
144 * Documentation updates
146 version 0.3.3 Feb 9 2000
147 * Fixed bug that made tinc stop working with latest kernels (Guus
151 version 0.3.2 Nov 12 1999
152 * no more `Invalid filedescriptor' when working with multiple
154 * forward unknown packets to uplink
156 version 0.3.1 Oct 20 1999
157 * fixed a bug where tinc would exit without a trace
159 version 0.3 Aug 20 1999
160 * pings now work immediately
161 * all packet sizes get transmitted correctly
163 version 0.2.26 Aug 15 1999
164 * fixed some remaining bugs
165 * --sysconfdir works with configure
166 * last version before 0.3
168 version 0.2.25 Aug 8 1999
169 * improved stability, going towards 0.3 now.
171 version 0.2.24 Aug 7 1999
172 * added key aging, there's a new config variable, KeyExpire.
173 * updated man and info pages
175 version 0.2.23 Aug 5 1999
176 * all known bugs fixed, this is a candidate for 0.3
178 version 0.2.22 Apr 11 1999
179 * multiconnection thing is now working nearly perfect :)
181 version 0.2.21 Apr 10 1999
182 * You shouldn't notice a thing, but a lot has changed wrt key
183 management - except that it refuses to talk to versions < 0.2.20
187 version 0.2.19 Apr 3 1999
188 * don't install a libcipher.so
190 version 0.2.18 Apr 3 1999
191 * blowfish library dynamically loaded upon execution
192 * included Eric Young's IDEA library
194 version 0.2.17 Apr 1 1999
195 * tincd now re-executes itself in case of a segmentation fault.
197 version 0.2.16 Apr 1 1999
198 * wrote tincd.conf(5) man page, which still needs a lot of work.
199 * config file now accepts and tolerates spaces, and any integer base
200 for integer variables, and better error reporting. See
201 doc/tincd.conf.sample for an example.
203 version 0.2.15 Mar 29 1999
206 version 0.2.14 Feb 10 1999
207 * added --timeout flag and PingTimeout configuration
208 * did some first syslog cleanup work
210 version 0.2.13 Jan 23 1999
213 version 0.2.12 Jan 23 1999
214 * fixed nauseating bug so that it would crash whenever a connection
217 version 0.2.11 Jan 22 1999
218 * framework for multiple connections has been done
219 * simple manpage for tincd
221 version 0.2.10 Jan 18 1999
222 * passphrase support added
224 version 0.2.9 Jan 13 1999
227 version 0.2.8 Jan 11 1999
228 * a reworked protocol version
230 * more reliable networking code
231 * automatic reconnection
232 * still does not work with more than one connection :)
233 * strips MAC addresses before sending, so there's less overhead, and
236 version 0.2.7 Jan 3 1999
237 * several updates to make extending more easy.
239 version 0.2.6 Dec 20 1998
240 * Point-to-Point connections have been established, including
241 blowfish encryption and a secret key-exchange.
243 version 0.2.5 Dec 16 1998
244 * Project renamed to tinc, in honour of TINC.
246 version 0.2.4 Dec 16 1998
247 * now it really does ;)
249 version 0.2.3 Nov 24 1998
250 * it sort of works now
252 version 0.2.2 Nov 20 1998
255 version 0.2.1 Nov 14 1998