[Announce] ANNOUNCE: strongswan-4.2.0 released

Andreas Steffen andreas.steffen at strongswan.org
Thu Apr 3 10:37:45 CEST 2008

Dear list members,

at last, after a lot of code refactoring we are happy to announce
the modular and therefore much more extensible major strongSwan 4.2
release. It offers the following new features:

* libstrongswan has been modularized to attach crypto algorithms,
   credential implementations (secret and private keys, certificates)
   and http/ldap fetchers dynamically through plugins.

   Existing code has been ported to default plugins:
     - RSA/Diffie-Hellman implementation using the GNU Multi
       Precision library (GMP)
     - X.509 certificate framework supporting CRLs, OCSP and
       attribute certificates
     - Multiple plugins providing encryption, hash and prf algorithms
       in software
     - http fetcher based on cURL and ldap fetcher based on OpenLDAP

* A relational database API that uses pluggable database providers
   was added to libstrongswan. Plugins for MySQL and SQLite are

* The IKEv2 keying charon daemon has become more extensible. Generic
   plugins can provide arbitrary interfaces to credential stores and
   connection management interfaces. Also any EAP method can be added.

   Existing code has been ported to plugins:
     - EAP-AKA, EAP-SIM, EAP-MD5 and EAP-Identity
     - stroke configuration, credential and control (compatible to pluto)
     - XML bases management protocol to control and query the daemon

   The following new plugins are available:
     - An experimental SQL configuration, credential and logging
       plugin based on a MySQL or SQLite database
     - A unit testing plugin to run tests at daemon startup

* The authentication and credential framework in charon has been
   heavily refactored to support modular credential providers,
   proper CERTREQ/CERT payload exchanges and extensible authorization

* The strongSwan Manager tool has evolved into the "libfast"
   (FastCGI Application Server with Templates) web application framework
   that can be employed by other applications.

For mission-critical applications we recommend to use the stable
4.1.11 strongSwan release for the time being because in spite of
our extensive testing there might still be some hidden bugs lurking
in the initial 4.2.0 version. Please report any errors back to us.

Explore the new release!

Martin Willi                 Andreas Steffen
IKEv2 Software Architect     strongSwan Project Leader

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2316 bytes
Desc: S/MIME Cryptographic Signature
Url : https://lists.strongswan.org/pipermail/announce/attachments/20080403/8a1e2f29/attachment.bin 

More information about the Announce mailing list