1 files changed, 68 insertions, 0 deletions

diff --git a/CHANGELOG b/CHANGELOG
new file mode 100644
index 000000000000..f7041712694e
--- /dev/null
+++ b/CHANGELOG
@@ -0,0 +1,68 @@
+Added support for IKEv2 make-before-break reauthentication. By using a global
+CHILD_SA reqid allocation mechanism, charon supports overlapping CHILD_SAs.
+This allows the use of make-before-break instead of the previously supported
+break-before-make reauthentication, avoiding connectivity gaps during that
+procedure. As the new mechanism may fail with peers not supporting it (such
+as any previous strongSwan release) it must be explicitly enabled using
+the charon.make_before_break strongswan.conf option.
+
+Support for Signature Authentication in IKEv2 (RFC 7427) has been added.
+This allows the use of stronger hash algorithms for public key authentication.
+
+By default, signature schemes are chosen based on the strength of the
+signature key, but specific hash algorithms may be configured in leftauth.
+Key types and hash algorithms specified in rightauth are now also checked
+against IKEv2 signature schemes. If such constraints are used for certificate
+chain validation in existing configurations, in particular with peers that
+don't support RFC 7427, it may be necessary to disable this feature with the
+charon.signature_authentication_constraints setting, because the signature
+scheme used in classic IKEv2 public key authentication may not be strong
+enough.
+
+The new connmark plugin allows a host to bind conntrack flows to a specific
+CHILD_SA by applying and restoring the SA mark to conntrack entries. This
+allows a peer to handle multiple transport mode connections coming over the
+same NAT device for client-initiated flows (a common use case is to protect
+L2TP/IPsec). See ikev2/host2host-transport-connmark for an example.
+
+The forecast plugin can forward broadcast and multicast messages between
+connected clients and a LAN. For CHILD_SA using unique marks, it sets up
+the required Netfilter rules and uses a multicast/broadcast listener that
+forwards such messages to all connected clients. This plugin is designed for
+Windows 7 IKEv2 clients, which announce their services over the tunnel if the
+negotiated IPsec policy allows it. See ikev2/forecast for an example.
+
+For the vici plugin a Python Egg has been added to allow Python applications
+to control or monitor the IKE daemon using the VICI interface, similar to the
+existing ruby gem. The Python library has been contributed by Björn Schuberg.
+
+EAP server methods now can fulfill public key constraints, such as rightcert
+or rightca. Additionally, public key and signature constraints can be
+specified for EAP methods in the rightauth keyword. Currently the EAP-TLS and
+EAP-TTLS methods provide verification details to constraints checking.
+
+Upgrade of the BLISS post-quantum signature algorithm to the improved BLISS-B
+variant. Can be used in conjunction with the SHA256, SHA384 and SHA512 hash
+algorithms with SHA512 being the default.
+
+The IF-IMV 1.4 interface now makes the IP address of the TNC access requestor
+as seen by the TNC server available to all IMVs. This information can be
+forwarded to policy enforcement points (e.g. firewalls or routers).
+
+The new mutual tnccs-20 plugin parameter activates mutual TNC measurements
+in PB-TNC half-duplex mode between two endpoints over either a PT-EAP or
+PT-TLS transport medium.
+
+SPIs in IKEv1 DELETE payloads are now compared to those of the current IKE SA.
+This is required for interoperability with OpenBSD's isakmpd, which always uses the
+latest IKE SA to delete other expired SAs.
+
+The files plugin provides a simple fetcher for file:// URIs (1735d80f38).
+
+Fixed CRL verification for PKIs that don't use SHA-1 hashes of the public key
+as subjectKeyIdentifier or authorityKeyIdentifier (6133770db4).
+
+Route priorities are now considered when doing manual route lookups (6b57790270).
+
+Policies are now removed from the kernel before IPsec SAs, to avoid acquires
+for untrapped policies (46188b0eb0).