Version 4.6.0 » History » Version 4
Tobias Brunner, 17.11.2011 10:09
| 1 | 1 | Tobias Brunner | h1. Version 4.6.0 |
|---|---|---|---|
| 2 | 1 | Tobias Brunner | |
| 3 | 2 | Tobias Brunner | * The new libstrongswan [[certexpire|certexpire plugin]] collects expiration information of |
| 4 | 2 | Tobias Brunner | all used certificates and exports them to CSV files. It either directly |
| 5 | 2 | Tobias Brunner | exports them or uses cron style scheduling for batch exports. |
| 6 | 2 | Tobias Brunner | |
| 7 | 2 | Tobias Brunner | * starter passes unresolved hostnames to charon, allowing it to do name |
| 8 | 2 | Tobias Brunner | resolution not before the connection attempt. This is especially useful with |
| 9 | 2 | Tobias Brunner | connections between hosts using dynamic IP addresses. Thanks to Mirko Parthey |
| 10 | 2 | Tobias Brunner | for the initial patch. |
| 11 | 2 | Tobias Brunner | |
| 12 | 2 | Tobias Brunner | * The [[android]] plugin can now be used without the Android frontend patch and |
| 13 | 2 | Tobias Brunner | provides DNS server registration and logging to logcat. |
| 14 | 2 | Tobias Brunner | |
| 15 | 4 | Tobias Brunner | * Pluto and starter (plus stroke and whack) have been ported to Android. With starter and |
| 16 | 4 | Tobias Brunner | stroke the IKEv2 daemon charon can now be configured via [[ipsec.conf]] on Android. |
| 17 | 2 | Tobias Brunner | |
| 18 | 2 | Tobias Brunner | * Support for ECDSA private and public key operations has been added to the |
| 19 | 2 | Tobias Brunner | [[SmartCardsIKEv2|pkcs11 plugin]]. The plugin now also provides DH and ECDH via PKCS#11 and can |
| 20 | 2 | Tobias Brunner | use tokens as random number generators (RNG). By default only private key |
| 21 | 2 | Tobias Brunner | operations are enabled, more advanced features have to be enabled by their |
| 22 | 2 | Tobias Brunner | option in [[strongswan.conf]]. This also applies to public key operations (even |
| 23 | 2 | Tobias Brunner | for keys not stored on the token) which were enabled by default before. |
| 24 | 2 | Tobias Brunner | |
| 25 | 2 | Tobias Brunner | * The libstrongswan plugin system now supports detailed plugin dependencies. |
| 26 | 2 | Tobias Brunner | Many plugins have been extended to export their capabilities and requirements. |
| 27 | 2 | Tobias Brunner | This allows the plugin loader to resolve plugin loading order automatically, |
| 28 | 2 | Tobias Brunner | and in future releases, to dynamically load the required features on demand. |
| 29 | 2 | Tobias Brunner | Existing third party plugins are source (but not binary) compatible if they |
| 30 | 2 | Tobias Brunner | properly initialize the new get_features() plugin function to NULL. |
| 31 | 2 | Tobias Brunner | |
| 32 | 2 | Tobias Brunner | * The [[IfMap|tnc-ifmap plugin]] implements a TNC IF-MAP 2.0 client which can deliver |
| 33 | 2 | Tobias Brunner | metadata about IKE_SAs via a SOAP interface to a MAP server. The tnc-ifmap |
| 34 | 2 | Tobias Brunner | plugin requires the "Apache Axis2/C library":http://axis.apache.org/axis2/c/core/. |
| 35 | 3 | Tobias Brunner | |
| 36 | 3 | Tobias Brunner | * Remote attestation effected by the TCG Platform Trust Service (PTS) |
| 37 | 3 | Tobias Brunner | can be transferred via the TNC IF-M 1.0 protocol (RFC 5792 PA-TNC) |
| 38 | 3 | Tobias Brunner | to a strongSwan TNC server. Currently remote file measurements are |
| 39 | 3 | Tobias Brunner | supported with full TPM support expected for the [[4.6.1|4.6.1 release]]. |
| 40 | 3 | Tobias Brunner | For details consult the following link: http://www.strongswan.org/uml/pts/ |