X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fnews.texi;h=d70471509ce0a18727ad6a0c8475a2979881bf40;hb=cb53249d78d1a4c175312fbe83bd3127e0067e4c;hp=9eacc0f9129eda41e25616d26437ede13076505a;hpb=296f3d2e9197b76209a4e86ed8856aea9195d94c;p=govpn.git diff --git a/doc/news.texi b/doc/news.texi index 9eacc0f..d704715 100644 --- a/doc/news.texi +++ b/doc/news.texi @@ -3,9 +3,53 @@ @table @strong +@item Release 5.1 +@itemize +@item Server is configured using @url{http://yaml.org/, YAML} file. It +is very convenient to have comments and templates, comparing to JSON. +@item Incompatible with previous versions replacement of @emph{HSalsa20} +with @emph{BLAKE2b} in handshake code. +@end itemize + +@item Release 5.0 +@itemize +@item New optional @ref{Encless, encryptionless mode} of operation. +Technically no encryption functions are applied for outgoing packets, so +you can not be forced to reveal your encryption keys or sued for +encryption usage. +@item @ref{MTU}s are configured on per-user basis. +@item Simplified payload padding scheme, saving one byte of data. +@item Ability to specify TAP interface name explicitly without any +up-scripts for convenience. +@item @code{govpn-verifier} utility also can use @ref{EGD}. +@end itemize + +@item Release 4.2 +@itemize +@item Fixed non-critical bug when server may fail if up-script is not +executed successfully. +@end itemize + +@item Release 4.1 +@itemize +@item @url{https://password-hashing.net/#argon2, Argon2d} is used instead +of PBKDF2 for password verifier hashing. +@item Client's identity is stored inside the verifier, so it simplifies +server-side configuration and the code. +@end itemize + +@item Release 4.0 +@itemize +@item Handshake messages can be noised: their messages lengths are +hidden. Now they are indistinguishable from transport messages. +@item Parallelized clients processing on the server side. +@item Much higher overall performance. +@item Single JSON file server configuration. +@end itemize + @item Release 3.5 -@itemize @bullet -@item Ability to use @ref{Network transport, TCP} network transport. +@itemize +@item Ability to use @ref{Network, TCP} network transport. Server can listen on both UDP and TCP sockets. @item Ability to use @ref{Proxy, HTTP proxies} (through CONNECT method) for accessing the server. Server can also emulate HTTP proxy behaviour. @@ -15,7 +59,7 @@ reasons. @end itemize @item Release 3.4 -@itemize @bullet +@itemize @item Ability to use external @ref{EGD}-compatible PRNGs. Now you are able to use GoVPN even on systems with the bad @code{/dev/random}, providing higher quality entropy from external sources. @@ -25,7 +69,7 @@ without performance degradation related to inbound packets reordering. @end itemize @item Release 3.3 -@itemize @bullet +@itemize @item Compatibility with an old GNU Make 3.x. Previously only BSD Make and GNU Make 4.x were supported. @item /dev/urandom is used for correct client identity generation under @@ -35,7 +79,7 @@ GNU/Linux systems. Previously /dev/random can produce less than required @end itemize @item Release 3.2 -@itemize @bullet +@itemize @item Deterministic building: dependent libraries source code commits are fixed in our makefiles. @@ -47,7 +91,7 @@ FreeBSD Make compatibility. GNU Make is not necessary anymore. @end itemize @item Release 3.1 -@itemize @bullet +@itemize @item Diffie-Hellman public keys are encoded with Elligator algorithm when sending over the wire, making them indistinguishable from the random @@ -57,7 +101,7 @@ consume twice entropy for DH key generation in average. @end itemize @item Release 3.0 -@itemize @bullet +@itemize @item EKE protocol is replaced by Augmented-EKE and static symmetric (both sides have it) pre-shared key replaced with server-side verifier. This @@ -89,18 +133,18 @@ Per-peer @code{-timeout}, @code{-noncediff}, @code{-noise} and @end itemize @item Release 2.4 -@itemize @bullet +@itemize @item Added ability to optionally run built-in HTTP-server responding with JSON of all known connected peers information. Real-time client's statistics. @item -Documentation is explicitly licensed under GNU FDL 1.3+. +Documentation is explicitly licenced under GNU FDL 1.3+. @end itemize @item Release 2.3 -@itemize @bullet +@itemize @item Handshake packets became indistinguishable from the random. Now all GoVPN's traffic is the noise for men in the middle. @@ -115,46 +159,46 @@ consuming and resource heavy computations. @end itemize @item Release 2.2 -@itemize @bullet +@itemize @item Fixed several possible channel deadlocks. @end itemize @item Release 2.1 -@itemize @bullet +@itemize @item Fixed Linux-related building. @end itemize @item Release 2.0 -@itemize @bullet +@itemize @item Added clients identification. @item Simultaneous several clients support by server. @item Per-client up/down scripts. @end itemize @item Release 1.5 -@itemize @bullet +@itemize @item Nonce obfuscation/encryption. @end itemize @item Release 1.4 -@itemize @bullet +@itemize @item Performance optimizations. @end itemize @item Release 1.3 -@itemize @bullet +@itemize @item Heartbeat feature. @item Rehandshake feature. @item up- and down- optinal scripts. @end itemize @item Release 1.1 -@itemize @bullet +@itemize @item FreeBSD support. @end itemize @item Release 1.0 -@itemize @bullet +@itemize @item Initial stable release. @end itemize