All releases tagged 2.x
Release Notes: About 20 bugfixes were collected over a long time. Fixes were made for newer kernels, nhelpers, NAT-T, busybox, IKE algos, and smartcards. DISABLE_UDP_CHECKSUM was added to ignore checksums on udp-encaps packets.
Release Notes: Compile fixes for 2.6.16-2.6.18-rc2, a dpdaction=restart fix, and various miscellaneous fixes for ipcomp, nat-t, and rekeys.
Release Notes: Fixes for l2tp, nat-t, and rekey issues. Support for modern Linux kernels (upto 2.6.16), MTU fixes, memory leak fixes, padlock fixes, and 20+ smaller fixes from the bugs database.
Release Notes: An ASSERTION FAILED error in state.c was fixed. A fix was made for kernels having strstr. A questionable spin_unlock was commented out. This might fix reported SMP crash errors.
Release Notes: NAT-T support for KLIPS on 2.6. Additional cipher support with KLIPS on 2.6. A fix for NAT-T/PSK rekey. 20+ other bugfixes.
Release Notes: This version features NAT-T RFC support, a NAT-T Server Side rewrite that now handles rekeying a lot better, and a fix for a NAT-T Client Side rekey bug. It removes the HowTo, includes IPKG packaging updates, updates the log message, features dpdaction=restart support, and includes KLIPS fixes for 2.6, AES fixes, and support for 'ip xfrm', so ipsec-tools is no longer required.
Release Notes: KLIPS for 2.6 support, Aggressive Mode support (client and server), IKE Mode Config support, Cisco VPN 3xxx client interoperability, a cryptographic helpers framework, fixes for NAT-T on 2.4.28+ kernels, a fix for a long-standing KLIPS bug with the snmpd kernel crasher, fixes for DPD with multiple tunnels between the same peers, fixes for DPD interoperability with Cisco, fixes for loading proper NETKEY kernel modules (eg xfrm4_tunnel), and fixes to RPM spec files. AES is now the default proposal and SHA1 is now perferred over MD5.
Release Notes: This release added RFC 3706 DPD support, AES from JuanJo's ALG patches, and fixes for /proc filesystem issues. X.509 1.5.4 and the latest security fixes were merged. The .spec file was updated for building RPMS compatible with Kernel 2.6. Fixes for NAT-T were included along with fixes for SA Selectors.
Release Notes: A fix was made for NAT-T on 2.6 in some situations. Fixes from X.509 1.6.3 were backported from 2.2.0.
Release Notes: X.509 0.9.41 was merged, including another security fix which fixes CAN-2004-0590; see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0590 and http://www.openswan.org/support/vuln/can-2004-0590. Loading of 2.6 modules was fixed. A fix was made for snprintfs() in /proc. The checks for some log files/dirs were fixed for the case when they are sockets or pipes. A fix was made for a crash in crl.pem. Corruption of some /proc files was fixed. The leftsendcert= flag was fixed.
