X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fnews.texi;h=d70471509ce0a18727ad6a0c8475a2979881bf40;hb=cb53249d78d1a4c175312fbe83bd3127e0067e4c;hp=8b68bf462af13c8693102ed3574d0d730b79b7d2;hpb=d3495f5a1d42c4cdeeeca5c8020efbd050fbde03;p=govpn.git diff --git a/doc/news.texi b/doc/news.texi index 8b68bf4..d704715 100644 --- a/doc/news.texi +++ b/doc/news.texi @@ -2,8 +2,84 @@ @unnumbered News @table @strong + +@item Release 5.1 +@itemize +@item Server is configured using @url{http://yaml.org/, YAML} file. It +is very convenient to have comments and templates, comparing to JSON. +@item Incompatible with previous versions replacement of @emph{HSalsa20} +with @emph{BLAKE2b} in handshake code. +@end itemize + +@item Release 5.0 +@itemize +@item New optional @ref{Encless, encryptionless mode} of operation. +Technically no encryption functions are applied for outgoing packets, so +you can not be forced to reveal your encryption keys or sued for +encryption usage. +@item @ref{MTU}s are configured on per-user basis. +@item Simplified payload padding scheme, saving one byte of data. +@item Ability to specify TAP interface name explicitly without any +up-scripts for convenience. +@item @code{govpn-verifier} utility also can use @ref{EGD}. +@end itemize + +@item Release 4.2 +@itemize +@item Fixed non-critical bug when server may fail if up-script is not +executed successfully. +@end itemize + +@item Release 4.1 +@itemize +@item @url{https://password-hashing.net/#argon2, Argon2d} is used instead +of PBKDF2 for password verifier hashing. +@item Client's identity is stored inside the verifier, so it simplifies +server-side configuration and the code. +@end itemize + +@item Release 4.0 +@itemize +@item Handshake messages can be noised: their messages lengths are +hidden. Now they are indistinguishable from transport messages. +@item Parallelized clients processing on the server side. +@item Much higher overall performance. +@item Single JSON file server configuration. +@end itemize + +@item Release 3.5 +@itemize +@item Ability to use @ref{Network, TCP} network transport. +Server can listen on both UDP and TCP sockets. +@item Ability to use @ref{Proxy, HTTP proxies} (through CONNECT method) +for accessing the server. Server can also emulate HTTP proxy behaviour. +@item Updated Poly1305 library with ARM-related bugfixes. +@item Go 1.5+ version is highly recommended because of performance +reasons. +@end itemize + +@item Release 3.4 +@itemize +@item Ability to use external @ref{EGD}-compatible PRNGs. Now you are +able to use GoVPN even on systems with the bad @code{/dev/random}, +providing higher quality entropy from external sources. +@item Removed @code{-noncediff} option. It is replaced with in-memory +storage of seen nonces, thus eliminating possible replay attacks at all +without performance degradation related to inbound packets reordering. +@end itemize + +@item Release 3.3 +@itemize +@item Compatibility with an old GNU Make 3.x. Previously only BSD Make +and GNU Make 4.x were supported. +@item /dev/urandom is used for correct client identity generation under +GNU/Linux systems. Previously /dev/random can produce less than required +128-bits of random. +@item Updated user manual examples. +@end itemize + @item Release 3.2 -@itemize @bullet +@itemize @item Deterministic building: dependent libraries source code commits are fixed in our makefiles. @@ -15,7 +91,7 @@ FreeBSD Make compatibility. GNU Make is not necessary anymore. @end itemize @item Release 3.1 -@itemize @bullet +@itemize @item Diffie-Hellman public keys are encoded with Elligator algorithm when sending over the wire, making them indistinguishable from the random @@ -25,7 +101,7 @@ consume twice entropy for DH key generation in average. @end itemize @item Release 3.0 -@itemize @bullet +@itemize @item EKE protocol is replaced by Augmented-EKE and static symmetric (both sides have it) pre-shared key replaced with server-side verifier. This @@ -57,18 +133,18 @@ Per-peer @code{-timeout}, @code{-noncediff}, @code{-noise} and @end itemize @item Release 2.4 -@itemize @bullet +@itemize @item Added ability to optionally run built-in HTTP-server responding with JSON of all known connected peers information. Real-time client's statistics. @item -Documentation is explicitly licensed under GNU FDL 1.3+. +Documentation is explicitly licenced under GNU FDL 1.3+. @end itemize @item Release 2.3 -@itemize @bullet +@itemize @item Handshake packets became indistinguishable from the random. Now all GoVPN's traffic is the noise for men in the middle. @@ -83,46 +159,47 @@ consuming and resource heavy computations. @end itemize @item Release 2.2 -@itemize @bullet +@itemize @item Fixed several possible channel deadlocks. @end itemize @item Release 2.1 -@itemize @bullet +@itemize @item Fixed Linux-related building. @end itemize @item Release 2.0 -@itemize @bullet +@itemize @item Added clients identification. @item Simultaneous several clients support by server. @item Per-client up/down scripts. @end itemize @item Release 1.5 -@itemize @bullet +@itemize @item Nonce obfuscation/encryption. @end itemize @item Release 1.4 -@itemize @bullet +@itemize @item Performance optimizations. @end itemize @item Release 1.3 -@itemize @bullet +@itemize @item Heartbeat feature. @item Rehandshake feature. @item up- and down- optinal scripts. @end itemize @item Release 1.1 -@itemize @bullet +@itemize @item FreeBSD support. @end itemize @item Release 1.0 -@itemize @bullet +@itemize @item Initial stable release. @end itemize + @end table