similar to: [Announcement] Version 1.1pre2 released

With pleasure we announce the release of version 1.1pre3. Here is a summary of the changes: * New experimental protocol: * Uses 521 bit ECDSA keys for authentication. * Uses AES-256-CTR and HMAC-SHA256. * Always provides perfect forward secrecy. * Used for both meta-connections and VPN packets. * VPN packets are encrypted end-to-end. * Many improvements to tincctl: *

With pleasure we announce the release of version 1.1pre3. Here is a summary of the changes: * New experimental protocol: * Uses 521 bit ECDSA keys for authentication. * Uses AES-256-CTR and HMAC-SHA256. * Always provides perfect forward secrecy. * Used for both meta-connections and VPN packets. * VPN packets are encrypted end-to-end. * Many improvements to tincctl: *

In the past 24 hours multiple persons have contacted me regarding the use of elliptic curve cryptography in tinc 1.1 in light of the suspicion that the NSA might have weakened algorithms and/or elliptic curves published by NIST. The new protocol in tinc 1.1 (SPTPS) uses ECDH and ECDSA to do session key exchange and authentication, in such a way that it has the perfect forward secrecy (PFS)

In the past 24 hours multiple persons have contacted me regarding the use of elliptic curve cryptography in tinc 1.1 in light of the suspicion that the NSA might have weakened algorithms and/or elliptic curves published by NIST. The new protocol in tinc 1.1 (SPTPS) uses ECDH and ECDSA to do session key exchange and authentication, in such a way that it has the perfect forward secrecy (PFS)

With pleasure we announce the release of tinc version 1.1pre10. Here is a summary of the changes: * Added a benchmark tool (sptps_speed) for the new protocol. * Fixed a crash when using Name = $HOST while $HOST is not set. * Use AES-256-GCM for the new protocol. * Updated support for Solaris. * Allow running tincd without a private ECDSA key present when ExperimentalProtocol is not

With pleasure we announce the release of tinc version 1.1pre10. Here is a summary of the changes: * Added a benchmark tool (sptps_speed) for the new protocol. * Fixed a crash when using Name = $HOST while $HOST is not set. * Use AES-256-GCM for the new protocol. * Updated support for Solaris. * Allow running tincd without a private ECDSA key present when ExperimentalProtocol is not

>From this change (res_rtp_asterisk): ast 13.10 to 13.11 webrtc JSSIP stop working, failing with chan_sip.c:4083 retrans_pkt: Hanging up call 7238b48c11581d4166b899bf747a05f7 at 130.211.62.184:0 - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions). is there any way to configure to have the previous behaviour? Im trying to set

With pleasure we announce the release of version 1.1pre3. Here is a summary of the changes: * Added the "AutoConnect" option which will let tinc automatically select which nodes to connect to. * Improved performance of VLAN-tagged IP traffic inside the VPN. * Ensured LocalDiscovery works with multiple BindToAddress statements and/or IPv6-only LANs. * Dropped dependency on

With pleasure we announce the release of version 1.1pre3. Here is a summary of the changes: * Added the "AutoConnect" option which will let tinc automatically select which nodes to connect to. * Improved performance of VLAN-tagged IP traffic inside the VPN. * Ensured LocalDiscovery works with multiple BindToAddress statements and/or IPv6-only LANs. * Dropped dependency on

Hi there, we're using tinc to mesh together hosts in a public datacenter (instead of using a private VLAN, sort of). So all hosts are reasonably modern; connections are low latency with an available bandwith of around 500Mbit/s or 1Gbit/s (depending on how close they are to each other). Iperf between two nodes directly reports around 940Mbit/s. The CPUs are Intel(R) Core(TM) i7-4770 CPU @

With pleasure we announce the release of tinc version 1.1pre5. Here is a summary of the changes: * Fixed long delays and possible hangs on Windows. * Fixed support for the tunemu device on iOS, the UML and VDE devices. * Small improvements to the documentation and error messages. * Fixed broadcast packets not reaching the whole VPN. * Tincctl now connects via a UNIX socket to the tincd

With pleasure we announce the release of tinc version 1.1pre5. Here is a summary of the changes: * Fixed long delays and possible hangs on Windows. * Fixed support for the tunemu device on iOS, the UML and VDE devices. * Small improvements to the documentation and error messages. * Fixed broadcast packets not reaching the whole VPN. * Tincctl now connects via a UNIX socket to the tincd

With pleasure we announce the release of tinc version 1.1pre6. Here is a summary of the changes: * Fixed tincd exitting immediately on Windows. * Detect PMTU increases. * Fixed crashes when using a SOCKS5 proxy. * Fixed control connection when using a proxy. This is the sixth pre-release of the 1.1 branch of tinc. Tinc 1.1 is protocol compatible with 1.0.x, but will have large

With pleasure we announce the release of tinc version 1.1pre6. Here is a summary of the changes: * Fixed tincd exitting immediately on Windows. * Detect PMTU increases. * Fixed crashes when using a SOCKS5 proxy. * Fixed control connection when using a proxy. This is the sixth pre-release of the 1.1 branch of tinc. Tinc 1.1 is protocol compatible with 1.0.x, but will have large

With pleasure we announce the release of tinc version 1.0.22 and of version 1.1pre8. Here is a summary of the changes in version 1.0.22: * Fixed the combination of Mode = router and DeviceType = tap. * The $NAME variable is now set in subnet-up/down scripts. * Tinc now gives an error when unknown options are given on the command line. * Tinc now correctly handles a space between a short

With pleasure we announce the release of tinc version 1.0.22 and of version 1.1pre8. Here is a summary of the changes in version 1.0.22: * Fixed the combination of Mode = router and DeviceType = tap. * The $NAME variable is now set in subnet-up/down scripts. * Tinc now gives an error when unknown options are given on the command line. * Tinc now correctly handles a space between a short

Hi, I am a big fan of your project. Recently, I was trying to upgrade from tinc 1.1pre9 to pre10, and activating the experimental protocol, but a few things are not working. First of all, required libraries are missing in the windows installer, e.g. zlib.dll. Luckily, I still got them lying around from earlier versions (I don't remember, where I got them exactly.) I don't recall

Because of a security vulnerability in tinc that was recently discovered, we hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the changes in tinc 1.0.21: * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). Here is a summary of the changes in tinc 1.1pre7: * Fixed large latencies on Windows. * Renamed the tincctl tool to tinc. * Simplified changing the

Because of a security vulnerability in tinc that was recently discovered, we hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the changes in tinc 1.0.21: * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). Here is a summary of the changes in tinc 1.1pre7: * Fixed large latencies on Windows. * Renamed the tincctl tool to tinc. * Simplified changing the

Currently, dovecot generates two primes for Diffie-Hellman key exchanges: a 512-bit one and a 1024-bit one. In light of recent events, I think it would be wise to add support for 2048-bit primes as well, or even better, add a configuration option that lets the user select a file (or files) containing the DH parameters In recent years, there has been increased interest in DH especially in its