[Announce] ANNOUNCE: strongswan-4.1.3 released
andreas.steffen at strongswan.org
Thu May 31 10:25:17 CEST 2007
we are happy to announce the latest stable release 4.1.3 from the
strongSwan booth at LinuxTag 2007 in Berlin.
New features and bug fixes:
- IKEv2: Peer configuration selection now can be based on a given
certification authority using the rightca= statement.
- IKEv2: Authentication based on RSA signatures now can handle multiple
certificates issued for a given peer ID. This allows a smooth transition
in the case of a peer certificate renewal.
- IKEv2: Support for requesting a specific virtual IP using leftsourceip on the
client and returning requested virtual IPs using rightsourceip=%config
on the server. If the server does not support configuration payloads, the
client enforces its leftsourceip parameter.
- The ./configure options --with-uid/--with-gid allow pluto and charon
to drop their privileges to a minimum and change to an other UID/GID. This
improves the systems security, as a possible intruder may only get the
- Further modularization of charon: Pluggable control interface and
configuration backend modules provide extensibility. The control interface
for stroke is included, and further interfaces using DBUS (NetworkManager)
or XML are on the way. A backend for storing configurations in the daemon
is provided and more advanced backends (using e.g. a database) are trivial
- Fixed a compilation failure in libfreeswan occuring with Linux kernel
headers > 2.6.17.
Visit us at LinuxTag!
Martin Willi & Andreas Steffen
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Announce