NEWS: VICI updates

This commit is contained in:
Tobias Brunner 2017-02-15 17:49:06 +01:00
parent 8bd8dcd522
commit e16d1005f7
1 changed files with 15 additions and 1 deletions

16
NEWS
View File

@ -8,9 +8,23 @@ strongswan-5.5.2
draft-ietf-ipsecme-eddsa. Ed25519-based public key pairs, X.509 certificates
and CRLs can be generated and printed by the pki tool.
- In-place update of cached base and delta CRLs does no leave dozens
- In-place update of cached base and delta CRLs does not leave dozens
of stale copies in cache memory.
- Several new features for the VICI interface and the swanctl utility: Querying
specific pools, enumerating and unloading keys and shared secrets, loading
keys and certificates from PKCS#11 tokens, the ability to initiate, install
and uninstall connections and policies by their exact name (if multiple child
sections in different connections share the same name), a command to initiate
the rekeying of IKE and IPsec SAs, support for settings previously only
supported by the old config files (plain pubkeys, dscp, certificate policies,
IPv6 Transport Proxy Mode, NT Hash secrets, mediation extension).
Important: Due to issues with VICI bindings that map sub-sections to
dictionaries the CHILD_SA sections returned via list-sas now have a unique
name, the original name of a CHILD_SA is returned in the "name" key of its
section.
strongswan-5.5.1
----------------