- A NetworkManager plugin allows GUI-based configuration of road-warrior
clients in a simple way. It features X509 based gateway authentication
and EAP client authentication, tunnel setup/teardown and storing passwords
in the Gnome Keyring.
- A new EAP-GTC plugin implements draft-sheffer-ikev2-gtc-00.txt and allows
username/password authentication against any PAM service on the gateway.
The new EAP method interacts nicely with the NetworkManager plugin and allows
client authentication against e.g. LDAP.
- Improved support for the EAP-Identity method. The new ipsec.conf eap_identity
parameter defines an additional identity to pass to the server in EAP
- The "ipsec statusall" command now lists CA restrictions, EAP
authentication types and EAP identities.
- Fixed two multithreading deadlocks occurring when starting up
several hundred tunnels concurrently.
- Fixed the --enable-integrity-test configure option which
computes a SHA-1 checksum over the libstrongswan library.