diff options
| -rw-r--r-- | NEWS | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -1,7 +1,7 @@ strongswan-4.2.1 ---------------- -- Support for hash and URL encoded certificate payloads has been implemented +- Support for "Hash and URL" encoded certificate payloads has been implemented in the IKEv2 daemon charon. Using the "certuribase" option of a CA section allows to assign a base URL to all certificates issued by the specified CA. The final URL is then built by concatenating that base and the hex encoded @@ -15,11 +15,11 @@ strongswan-4.2.1 - The crypto factory in libstrongswan additionaly supports random number generators, plugins may provide other sources of randomness. The default - plugin reads random data from /dev/(u)random. + plugin reads raw random data from /dev/(u)random. - Extended the credential framework by a caching option to allow plugins persistent caching of fetched credentials. The "cachecrl" option has been - reeimplemented. + re-implemented. - The new trustchain verification introduced in 4.2.0 has been parallelized. Threads fetching CRL or OCSP information no longer block other threads. @@ -34,12 +34,12 @@ strongswan-4.2.1 the value "%poolname", where "poolname" identifies a pool provided by a separate plugin. -- Fixed compilation on uClibc and a couple of minor bugs. +- Fixed compilation on uClibc and a couple of other minor bugs. -- set DPD defaults in ipsec starter to dpd_delay=30s and dpd_timeout=150s. +- Set DPD defaults in ipsec starter to dpd_delay=30s and dpd_timeout=150s. - The IKEv1 pluto daemon now supports the ESP encryption algorithm CAMELLIA - with bit lengths of 128, 192, and 256 bits, as well as the authentication + with key lengths of 128, 192, and 256 bits, as well as the authentication algorithm AES_XCBC_MAC. Configuration example: esp=camellia192-aesxcbc. |