aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS20
1 files changed, 18 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 960aa8036..79e6c896d 100644
--- a/NEWS
+++ b/NEWS
@@ -4,12 +4,28 @@ strongswan-4.6.3
- The tnc-pdp plugin implements a RADIUS server interface allowing
a strongSwan TNC server to act as a Policy Decision Point.
-- Added infrastructure to listen to RADIUS Dynamic Authorization
- Extension requests.
+- The eap-radius authentication backend enforces Session-Timeout attributes
+ using RFC4478 repeated authentication and acts upon RADIUS Dynamic
+ Authorization extensions, RFC 5176. Currently supported are disconnect
+ requests and CoA messages containing a Session-Timeout.
+
+- The eap-radius plugin can forward arbitrary RADIUS attributes from and to
+ clients using custom IKEv2 notify payloads. The new radattr plugin reads
+ attributes to include from files and prints received attributes to the
+ console.
- Added support for untruncated MD5 and SHA1 HMACs in ESP as used in
RFC 4595.
+- The cmac plugin implements the AES-CMAC-96 and AES-CMAC-PRF-128 algorithms
+ as defined in RFC 4494 and RFC 4615, respectively.
+
+- The resolve plugin automatically installs nameservers via resolvconf(8),
+ if it is installed, instead of modifying /etc/resolv.conf directly.
+
+- The IKEv2 charon daemon supports now raw RSA public keys in RFC 3110
+ DNSKEY and PKCS#1 file format.
+
strongswan-4.6.2
----------------