X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=NEWS;h=ffd6be297bf96cfa4cce388a2da094c9e847c0d8;hb=refs%2Fheads%2F1.1;hp=f49e3d3a884bb66450c10a4d2d25ad112095409e;hpb=2055c3e21d5b3f4217883d52d5e5b0fbad504785;p=tinc diff --git a/NEWS b/NEWS index f49e3d3a..ffd6be29 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,88 @@ +# Version 1.1pre18 June 27 2021 + +* Check all Address statements when making outgoing connections. +* Make more variables safe for use in invitations. +* Allow "tinc --force join" to accept all variables sent in an invitation. +* Make sure the stop command works on Windows if tincd is running in the + foreground. +* Handle DOS line endings in invitation files. +* Double-quote node names in dump graph output. +* Prevent large amounts of UDP probes being sent consecutively. +* Try harder to reconnect with unreachable nodes. +* Generate tinc-up.bat on Windows. +* Fix a possible infinite loop when adding Subnets to a running tincd. +* Allow a tun/tap filedescriptor to be passed through a UNIX socket. +* Use auto-clone tun/tap devices as default on FreeBSD and DragonFlyBSD. + +Thanks to Fabian Maurer, Ilia Pavlikhin, Maciej S. Szmigiero, Pacien +Tran-Girard, Aaron Li, Andreas Rammhold, Rosen Penev, Shengjing Zhu, Werner +Schreiber, iczero and leptonyu for their contributions to this version of tinc. + +# Version 1.1pre17 October 8 2018 + +* Prevent oracle attacks in the legacy protocol (CVE-2018-16737, + CVE-2018-16738). +* Prevent a MITM from forcing a NULL cipher for UDP in the legacy protocol + (CVE-2018-16758). +* AutoConnect is now enabled by default. +* Per-node network traffic statistics are now shown in the output of "info" and + "dump nodes" commands. + +Thanks to volth and Rafael Sadowski for their contributions to this version of +tinc. + +# Version 1.1pre16 June 12 2018 + +* Fixed building with support for UML sockets. +* Documentation updates and spelling fixes. +* Support for MSS clamping of IP-in-IP packets. +* Fixed parsing of the -b flag. +* Added the ability to set a firemall mark on sockets on Linux. +* Minor improvements to the build system. +* Added a cache of recently seen addresses of peers. +* Add support for --runstatedir to the configure script. +* Fixed linking with libncurses on some distributions. +* Automatically disable PMTUDiscovery when TCPOnly is enabled. +* Fixed removing the tinc service on Windows in some situations. +* Fixed the TAP-Win32 device locking up after waking up from suspend. + +Thanks to Todd C. Miller, Etienne Dechamps, Daniel Lublin, +Gjergji Ramku, Mike Sullivan and Oliver Freyermuth for their +contributions to this version of tinc. + +# Version 1.1pre15 September 2 2017 + +* Detect when the machine is resuming from suspension or hibernation. +* When an old PID file is found, check whether the old daemon is still alive. +* Remember scope_id for IPv6 addresses when sending UDP packets to link-local + addresses. +* Ensure compatibility with OpenSSL 1.1. +* Only log about dropped packets with debug level 5. +* Warn when trying to generate RSA keys less than 2048 bits. +* Use AES256 and SHA256 as the default encryption and digest algorithms. +* Add DeviceType = fd to support tinc on Android without requiring root. +* Support PriorityInheritance for IPv6 packets. +* Fixes for Solaris tun/tap support. +* Add a configurable expiration time for invitations. +* Store invitation data after a successful join. +* Exit gracefully when the tun/tap device is in a bad state. +* Add the LogLevel option. +* AutoConnect now actively tries to heal split networks. + +Thanks to Etienne Dechamps, Rafał Leśniak, Sean McVeigh, Vittorio Gambaletta, +Dennis Lan, Pacien Tran-Girard, Roman Savelyev, lemoer and volth for their +contributions to this version of tinc. + +# Version 1.1pre14 May 1 2016 + +* Add tinc.service back. + +# Version 1.1pre13 April 30 2016 + +* Fix BSD tun device support that was broken in 1.1pre12. +* Speed up AutoConnect when there are many host config files present without + an Address. + # Version 1.1pre12 April 24 2016 * Added a "--syslog" option to force logging to syslog even if running in the @@ -10,7 +95,7 @@ * Allow tinc to be compiled without LibreSSL or OpenSSL (this drops compatibility with nodes running 1.0.x). * Added a "fsck" command to check the configuration files for problems. -* Tinc "start" now checks whether the daemon really started succesfully, and +* Tinc "start" now checks whether the daemon really started successfully, and displays error messages otherwise. * Added systemd service files. * Use the recvmmsg() function if available. @@ -345,7 +430,7 @@ their contributions to this version of tinc. * Improved default settings of tun and tap devices on BSD platforms. * Make IPv6 sockets bind only to IPv6 on Linux. * Enable path MTU discovery by default. -* Fixed a memory leak that occured when connections were closed. +* Fixed a memory leak that occurred when connections were closed. Thanks to Max Rijevski for his contributions to this version of tinc. @@ -519,7 +604,7 @@ Thanks to Scott Lamb for his contributions to this version of tinc. * Tinc will retry to connect upon startup, does not quit if it doesn't work the first time. * Hosts that are disconnected implicitly if we lose a connection get - deleted from the internal list, to prevent hogging eachother with + deleted from the internal list, to prevent hogging each other with add and delete requests when the connection is restored. # Version 1.0pre1 May 12 2000