[Swan-announce] libreswan-5.0rc2 Release Candidate 2 released
The Libreswan Team
team at libreswan.org
Tue Mar 12 00:01:04 EET 2024
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The Libreswan Project has issued a Release Candidate 2 for libreswan-5.0
This release is a major release with many features and bugfixes. We
strongly encourage developers, system integrators, and distribution
vendors to carefully test this release for any unexpected regressions.
A list of major items for this release:
* A new option to globally disable IKEv1 (enabled by default)
* Combined Traffic Selectors within a single IPsec SA
* Combined addresspool support (addresspool=v4/mask,v6/mask)
* Nic Hardware Offload support (eg Nvidia/Mellanox ConnectX)
* "ipsec auto --option" obsoleted for "ipsec option"
(eg ipsec auto --up conn is now "ipsec up conn")
(auto is still working for backwards compatibility)
* XFRM interface IP management from pluto
* nftables support (now the default over iptables)
* Many bugfixes around restarting/reviving connections
* Improved PFS/rekey compatibility
* Drop prefix numbers from ipsec/whack command output
* IKEv2 Labeled IPsec fixes (IKEv1 support removed)
* Removal of _stackmanager
* XFRM flushing moved from init system to pluto
* cleanup of man pages
* added various missing whack options
* Internal SPD routing improvements
For new configuration keywords and whack commands, please see:
* man libreswan
* man pluto
* man ipsec whack
You can download release candidates of libreswan via https at:
https://download.libreswan.org/development/
The full changelog is available at:
https://github.com/libreswan/libreswan/blob/main/CHANGES
Please report bugs either via one of the mailinglists or at our bug
tracker:
https://lists.libreswan.org/
https://github.com/libreswan/libreswan/
-----BEGIN PGP SIGNATURE-----
iQJHBAEBCgAxFiEEkH55DyXB6OVhzXO1hf9LQ7MPxvkFAmXvfwETHHRlYW1AbGli
cmVzd2FuLm9yZwAKCRCF/0tDsw/G+RDdD/4lif+bZJsijg16JEqdHh9lBD/pjZGa
5G4R+T35AL8JLK00IbsAKCrc2WPgIq9e2twRqAOmUKilLdgAxnuNtgzIJo6hIe8W
qBv2eJMKn8I2yxGnZ+De9GkXyaauouRT3uvX1avE24oD/gxsFYzL4XGwEV57xjc3
IJx319soqRD+ErlpTURtz3V+fWvhIus95eSTk2uR7tPKmuTB4UcqGCRH/nnF1tR6
td215y+Vx5oAbJkhtXvbRtZ7DKE7QiPFGF7txthB0rcn/YJdHsIUlQuZbPYXmW/l
fwsHwF8BkBcRHWa7Sfp44ydtCFyZ4Hfgt6ga6bQTZmHzlORd82ztUxDUZjYBU4z4
H5IsGdE8pTRTSEoZCLnbXTv2uwuHFicStAcn6/KLA7hIi0Kiz5GdRqLcLa8iqjTV
ms8uNMItuq+Vw/5FRJFJPZHoww+/N6HFH+ikaNqldvlEvGQY7fvVqvHgOeDAe47c
kcaxAziRuefM6wka7p0UxK15/XFaMO5PZCtTvPJtYsFO66c+0uBc7glP81lkYB61
i1+S0GoqmO9w1pzhDaadVnVdWTbXkAM+xNfoyKqwYWLM06v5f8r9VA6qY1Ftm+Y7
hB7izUe7BY727VLymk2vySlfBuw7HaBdyUxDCTmqG72YBc2KYhXh4+RCSfw/138U
IAIhH+d7FthPNA==
=M7xs
-----END PGP SIGNATURE-----
More information about the Swan-announce
mailing list