-version 1.0pre2 xx xx xx
- * Internationalized, Dutch translation available.
- * Many sanity checks on the meta protocol added
+Version 1.0.9 Dec 26 2008
+
+ * Fixed tinc as a service under Windows 2003.
+
+ * Fixed reading configuration files that do not end with a newline.
+
+ * Fixed crashes in situations where hostnames could not be resolved or hosts
+ would disconnect at the same time as session keys were exchanged.
+
+ * Improved default settings of tun and tap devices on BSD platforms.
+
+ * Make IPv6 sockets bind only to IPv6 on Linux.
+
+ * Enable path MTU discovery by default.
+
+ * Fixed a memory leak that occured when connections were closed.
+
+Version 1.0.8 May 16 2007
+
+ * Fixed some memory and resource leaks.
+
+ * Made network sockets non-blocking under Windows.
+
+Version 1.0.7 Jan 5 2007
+
+ * Fixed a bug that caused slow network speeds on Windows.
+
+ * Fixed a bug that caused tinc unable to write packets to the tun device on
+ OpenBSD.
+
+Version 1.0.6 Dec 18 2006
+
+ * More flexible detection of the LZO libraries when compiling.
+
+ * Fixed a bug where broadcasts in switch and hub modes sometimes would not
+ work anymore when part of the VPN had become disconnected from the rest.
+
+version 1.0.5 Nov 14 2006
+
+ * Lots of small fixes.
+
+ * Broadcast packets no longer grow in size with each hop. This should
+ fix switch mode (again).
+
+ * Generic host-up and host-down scripts.
+
+ * Optionally dump graph in graphviz format to a file or a script.
+
+ * Support LZO 2.0 and later.
+
+version 1.0.4 May 4 2005
+
+ * Fix switch and hub modes.
+
+ * Optionally start scripts when a Subnet becomes (un)reachable.
+
+version 1.0.3 Nov 11 2004
+
+* Show error message when failing to write a PID file.
+
+* Ignore spaces at end of lines in config files.
+
+* Fix handling of late packets.
+
+* Unify BSD tun/tap device handling. This allows IPv6 on tun devices and
+ anything on tap devices as long as the underlying OS supports it.
+
+* Handle IPv6 on Solaris tun devices.
+
+* Allow tinc to work properly under Windows XP SP2.
+
+* Allow VLAN tagged Ethernet frames in switch and hub mode.
+
+* Experimental PMTUDiscovery, TunnelServer and BlockingTCP options.
+
+version 1.0.2 Nov 8 2003
+
+* Fix address and hostname resolving under Windows.
+
+* Remove warnings about non-existing scripts and unsupported address families.
+
+* Use the event logger under Windows.
+
+* Fix quoting of filenames and command line arguments under Windows.
+
+* Strict checks for length incoming network packets and return values of
+ cryptographic functions,
+
+* Fix a bug in metadata handling that made the tinc daemon abort.
+
+version 1.0.1 Aug 14 2003
+
+* Allow empty lines in config files.
+
+* Fix handling of spaces and backslashes in filenames under native Windows.
+
+* Allow scripts to be executed under native Windows.
+
+* Update documentation, make it less Linux specific.
+
+version 1.0 Aug 4 2003
+
+* Lots of small bugfixes and code cleanups.
+
+* Throughput doubled and latency reduced.
+
+* Added support for LZO compression.
+
+* No need to set MAC address or disable ARP anymore.
+
+* Added support for Windows 2000 and XP, both natively and in a Cygwin
+ environment.
+
+version 1.0pre8 Sep 16 2002
+
+* More fixes for subnets with prefixlength undivisible by 8.
+
+* Added support for NetBSD and MacOS/X.
+
+* Switched from undirected graphs to directed graphs to avoid certain race
+ conditions and improve scalability.
+
+* Generalized broadcasting and forwarding of protocol messages.
+
+* Cleanup of source code.
+
+
+version 1.0pre7 Apr 7 2002
+
+* Don't do blocking read()s when getting a signal.
+
+* Remove RSA key checking code, since it sometimes thinks perfectly good RSA
+ keys are bad.
+
+* Fix handling of subnets when prefixlength isn't divisible by 8.
+
+
+version 1.0pre6 Mar 27 2002
+
+* Improvement of redundant links:
+
+ * Non-blocking connects.
+
+ * Protocol broadcast messages can no longer go into an infinite loop.
+
+ * Graph algorithm updated to look harder for direct connections.
+
+* Good support for routing IPv6 packets over the VPN. Works on Linux,
+ FreeBSD, possibly OpenBSD but not on Solaris.
+
+* Support for tunnels over IPv6 networks. Works on all supported
+ operating systems.
+
+* Optional compression of UDP connections using zlib.
+
+* Optionally let UDP connections inherit TOS field of tunneled packets.
+
+* Optionally start scripts when certain hosts become (un)reachable.
+
+
+version 1.0pre5 Feb 9 2002
+
+* Security enhancements:
+
+ * Added sequence number and optional message authentication code to
+ the packets.
+
+ * Configurable encryption cipher and digest algorithms.
+
+* More robust handling of dis- and reconnects.
+
+* Added a "switch" and a "hub" mode to allow bridging setups.
+
+* Preliminary support for routing of IPv6 packets.
+
+* Supports Linux, FreeBSD, OpenBSD and Solaris.
+
+
+It looks like this might be the last release before 1.0.
+
+
+version 1.0pre4 Jan 17 2001
+
+* Updated documentation; the documentation now reflects the
+ configuration as it is.
+
+* Some internal changes to make tinc scale better for large
+ networks, such as using AVL trees instead of linked lists for the
+ connection list.
+
+* RSA keys can be stored in separate files if needed. See the
+ documentation for more information.
+
+* tinc has now been reported to run on Linux PowerPC and FreeBSD x86.
+
+
+
+version 1.0pre3 Oct 31 2000
+
+* The protocol has been redesigned, and although some details are
+ still under discussion, this is secure. Care has been taken to
+ resist most, if not all, attacks.
+
+* Unfortunately this protocol is not compatible with earlier versions,
+ nor are earlier versions compatible with this version. Because the
+ older protocol has huge security flaws, we feel that not
+ implementing backwards compatibility is justified.
+
+* Some data about the protocol:
+
+ * It uses public/private RSA keys for authentication (this is the
+ actual fix for the security hole).
+
+ * All cryptographic functions have been taken out of tinc, instead
+ it uses the OpenSSL library functions.
+
+ * Offers support for multiple subnets per tinc daemon.
+
+* New is also the support for the universal tun/tap device. This
+ means better portability to FreeBSD and Solaris.
+
+* tinc is tested to compile on Solaris, Linux x86, Linux alpha.
+
+* tinc now uses the OpenSSL library for cryptographic operations.
+ More information on getting and installing OpenSSL is in the manual.
+ This also means that the GMP library is no longer required.
+
+* Further, thanks to Enrique Zanardi, we have Spanish messages; Matias
+ Carrasco provided us with a Spanish translation of the manual.
+
+
+What still needs to be done before 1.0:
+
+* Documentation. Especially since the protocol has changed, and a lot
+ of configuration directives have been added.
+
+
+
+
+version 1.0pre2 May 31 2000
+
+* This version has been internationalized; and a Dutch translation has
+ been included.
+
+* Two configuration variables have been added:
+ * VpnMask - the IP network mask for the entire VPN, not just our
+ subnet (as given by MyVirtualIP). The Redhat and Debian packages
+ use this variable in their system startup scripts, but it is
+ ignored by tinc.
+ * Hostnames - if set to `yes', look up the names of IP addresses
+ trying to connect to us. Default set to `no', to prevent lockups
+ during lookups.
+
+* The system startup scripts for Debian and Redhat use
+ /etc/tinc/nets.boot to find out which networks need to be started
+ during system boot.
+
+* Fixes to prevent denial of service attacks by sending random data
+ after connecting (and even when the connection has been established),
+ either random garbage or just nonsensical protocol fields.
+
+* tinc will retry to connect upon startup, does not quit if it doesn't
+ work the first time.
+
+* Hosts that are disconnected implicitly if we lose a connection get
+ deleted from the internal list, to prevent hogging eachother with
+ add and delete requests when the connection is restored.
+
+
+What still needs to be done before 1.0:
+
+* Documentation.
+* Failover ConnectTo lines, try another one if the first doesn't work.
+
+
+
version 1.0pre1 May 12 2000
* New meta-protocol
projects / tinc / blobdiff