Version 5.8.3 » History » Version 4
Tobias Brunner, 13.03.2020 15:25
| 1 | 1 | Tobias Brunner | h1. Version 5.8.3 |
|---|---|---|---|
| 2 | 1 | Tobias Brunner | |
| 3 | 2 | Tobias Brunner | * Updates for the [[NetworkManager|NM plugin]] (and backend, which has to be updated to be compatible): |
| 4 | 2 | Tobias Brunner | |
| 5 | 2 | Tobias Brunner | * EAP-TLS authentication (#2097) |
| 6 | 2 | Tobias Brunner | * Certificate source (file, agent, smartcard) is selectable independently |
| 7 | 2 | Tobias Brunner | * Add support to configure local and remote identities (#2581) |
| 8 | 2 | Tobias Brunner | * Support configuring a custom server port (#625) |
| 9 | 2 | Tobias Brunner | * Show hint regarding password storage policy |
| 10 | 2 | Tobias Brunner | * Replaced the term "gateway" with "server" |
| 11 | 2 | Tobias Brunner | * Fixes build issues due to use of deprecated GLib macros/functions |
| 12 | 2 | Tobias Brunner | * Updated Glade file to GTK 3.2 |
| 13 | 2 | Tobias Brunner | |
| 14 | 2 | Tobias Brunner | * The NM backend now supports reauthentication and redirection (#852). |
| 15 | 2 | Tobias Brunner | |
| 16 | 2 | Tobias Brunner | * Previously used reqids are now reallocated, which works around an issue on FreeBSD where the kernel |
| 17 | 3 | Tobias Brunner | doesn't allow the daemon to use reqids > 16383 (#2315). |
| 18 | 2 | Tobias Brunner | |
| 19 | 2 | Tobias Brunner | * On Linux, throw type routes are installed in table 220 for passthrough policies. The kernel will then fall |
| 20 | 2 | Tobias Brunner | back on routes in routing tables with lower priorities for matching traffic. This way, they require less |
| 21 | 2 | Tobias Brunner | information (e.g. no interface or source IP) and can be installed earlier and are not affected by updates. |
| 22 | 2 | Tobias Brunner | |
| 23 | 2 | Tobias Brunner | * For IKEv1, the lifetimes of the actually selected transform are returned to the initiator, which is an issue |
| 24 | 2 | Tobias Brunner | if the peer uses different lifetimes for different transforms (#3329). We now also return the correct |
| 25 | 2 | Tobias Brunner | transform and proposal IDs (proposal ID was always 0, transform ID 1). |
| 26 | 2 | Tobias Brunner | |
| 27 | 2 | Tobias Brunner | * IKE_SAs are now not re-established anymore (e.g. after several retransmits) if a deletion has been |
| 28 | 2 | Tobias Brunner | queued (#3335). |
| 29 | 2 | Tobias Brunner | |
| 30 | 2 | Tobias Brunner | * Added support for Ed448 keys and certificates via _openssl_ plugin and [[ipsecpki|pki tool]]. |
| 31 | 2 | Tobias Brunner | |
| 32 | 2 | Tobias Brunner | * Added support for SHA-3 and SHAKE128/256 in the _openssl_ plugin. |
| 33 | 2 | Tobias Brunner | |
| 34 | 2 | Tobias Brunner | * The use of algorithm IDs from the private use range can now be enabled globally, to use them even if no |
| 35 | 2 | Tobias Brunner | strongSwan vendor ID was exchanged (commit:05e373aeb0). |
| 36 | 2 | Tobias Brunner | |
| 37 | 4 | Tobias Brunner | * Fixed a compiler issue that may have caused invalid keyUsage extensions in certificates (#3249). |
| 38 | 4 | Tobias Brunner | |
| 39 | 2 | Tobias Brunner | * A lot of spelling fixes courtesy of Josh Soref (https://github.com/jsoref/spelling). |
| 40 | 2 | Tobias Brunner | |
| 41 | 2 | Tobias Brunner | * CI builds on "LGTM":https://lgtm.com and via Travis CI on new platforms (ARM64, IBM Power and IBM Z - the latter is big-endian). |
| 42 | 2 | Tobias Brunner | Fixed several reported issues. |