---------------------------------------------

	0.2.5 released

2004-04-05  Michal Ludvig  <mludvig@suse.cz>

	* NEWS: Notes about 0.2.5
	* configure.ac: Bump up version to 0.2.5

2004-04-05  Michal Ludvig  <mludvig@suse.cz>

	Fix for a security bug found by Ralf Spenneberg:
	* src/racoon/crypto_openssl.c (eay_check_x509sign): Directly generate 
	  'evp' instead of 'pubkey'.
	  (eay_rsa_sign): Use the above.
	* src/racoon/crypto_openssl.h: Update prototypes for the above.

2004-02-03  Michal Ludvig  <mludvig@suse.cz>

	* src/racoon/Makefile.in: Fix install to $(sbindir)
	* src/setkey/parse.y: Avoid GCC 3.3 warning (type-punned pointer).

---------------------------------------------

	0.2.4 released

2004-01-29  Michal Ludvig  <mludvig@suse.cz>

	* NEWS: Notes about 0.2.4
	* configure.ac: Bump up version to 0.2.4

2004-01-27  Michal Ludvig  <mludvig@suse.cz>

	* src/libipsec/pfkey.c: Don't include 'sadb_key' in SADB_UPDATE 
	  message for IPcomp SA. (by Brian Buesker <bbuesker@qualcomm.com>)
	* src/libipsec/ipsec_dump_policy.c: Dump FWD policies correctly.

2004-01-26  Aidas Kasparas  <a.kasparas@gmc.lt>

	Backout of changes breaking interface and functionality backwards
	compatibility. Following changes backed:
	- encryption algorithm name simple -> null
	- mip6->proxy
	- setkey: no key accepted if algo do not requires one
	- ESP parameter checks in proposals

2004-01-17  Aidas Kasparas  <a.kasparas@gmc.lt>

	* src/racoon/isakmp_inf.c: endian mismatch fix. From iij seil team

2004-01-17  Aidas Kasparas  <a.kasparas@gmc.lt>

	Sync with KAME 2004-01-07
	* src/libipsec/pfkey.c: memory leak fix; comment typo fixes
	* src/libipsec/{pfkey.c,pfkey_dump.c}: allow compilation even 
	  no SADB_X_EXT_TAG defined
	* src/libipsec/pfkey_dump.c: information about algorithms 
	  ripemd160, aes-xcbc, aes-ctr; bigger buffers; <tag> support
	* src/libipsec/policy_parse.y: memory leak
	* src/libipsec/policy_token.l: memory leak
	* src/libipsec/test-policy.c: unneeded \n removed
	* src/racoon/Makefile.in: $(sbindir) support
	* src/racoon/admin.c: interface changes due to proxy support 
	* src/racoon/algorithm.c: SHA2 #ifdefs
	* src/racoon/{cfparse.y,cftoken.l}: license text added
	* src/racoon/cfparse.y: mip6 obsoleted by proxy support
	* src/racoon/cfparse.y: from directive support; new algorithms
	* src/racoon/cftoken.l: support for globbing of include files
	* src/racoon/configure.in: more verbose information about problems 
	  with SHA2
	* src/racoon/crypto_openssl.c: use new DES API if supported; algorithm 
	  key size fixes
	* src/racoon/eaytest.c: SHA2 #ifdefs; keysize len check
	* src/racoon/ipsec_doi.c: use VPTRINIT; ESP parameter validity checks;
	  style change
	* src/racoon/isakmp.c: use VPTRINIT; interface changes due to
	  mip6->proxy; typo
	* src/racoon/isakmp_inf.c: use VPTRINIT
	* src/racoon/isakmp_quick.c: mip6->proxy
	* src/racoon/kmpstat.c: not used variables removed
	* src/racoon/pfkey.c: mip6->proxy; schedule leak
	* src/racoon/proposal.c: style
	* src/racoon/remoteconf.c: mip6->proxy
	* src/racoon/sainfo.c: from directive support
	* src/racoon/sockmisc.c: side correction; addrinfo leak
	* src/racoon/strnames.c: typo in descriptions; wrong upper bound check
	* src/racoon/missing/crypto/sha2/sha2.c: wrong size
	* src/setkey/parse.y: extra algorithms; tagged; not needed periods
	  removed; memory shortage checks
	* src/setkey/setkey.8: typos; tagged; new algorithms
	* src/setkey/setkey.c: standard argument names for main(); hexdump
	  support; info in file support
	* src/setkey/token.l: new algorithms; memory shortage checks
	  Parts not taken from KAME:
	* kernelfs stuff;
	* sysctl stuff

---------------------------------------------

	0.2.3 released

2004-01-15  Michal Ludvig  <mludvig@suse.cz>

	* src/racoon/isakmp.c: Don't try to bind to IPv6 multicast addresses.
	* src/racoon/isakmp_inf.c: Prevent unauthorized deletion of SA
	  (reported on bugtraq, fixed by itojun).
	* src/racoon/plog.c: Fix racoon segfault on AMD64 (backport from 
	  mainline).
	* bootstrap: Don't require older versions of autoconf & co.
	* src/racoon/config.{sub,guess}: Update to recognize AMD64.
	* configure.ac: Bump up version to 0.2.3 (yes, we're getting closer).
	* src/racoon/main.c: Ditto.
	* src/racoon/crypto_openssl.c: Enhance support for OpenSSL 0.9.7
	  (by Brian Buesker <bbuesker@qualcomm.com>
	   and Christophe Saout <christophe@saout.de>)
	* NEWS: Update for 0.2.3

2004-01-07  Michal Ludvig  <michal@logix.cz>

	* src/setkey/token.l, src/setkey/parse.y: Add support for lifetime 
 	  specified in bytes (by Michal Ludvig).
	* src/setkey/setkey.8: Document -bh/-bs options for the above feature.

2004-01-07  Michal Ludvig  <michal@logix.cz>

	* src/racoon/proposal.c: Be more verbose.

2004-01-02  Michal Ludvig  <michal@logix.cz>

	* src/racoon/cfparse.y: Flush SA on SIGHUP
	  (by Brian Buesker <bbuesker@qualcomm.com>)
	* src/racoon/pfkey.c: IPcomp fixes
	  (by Brian Buesker <bbuesker@qualcomm.com>)
	* src/racoon/proposal.c: Fix typo lifebyte -> lifetime.
	* src/racoon/grabmyaddr.c: Prevent segfault if getifaddrs() returns
	  an entry with NULL ifa_addr (Michal Ludvig).
	* configure.ac: Change path to kernel headers 
	  from /usr/src/devel-2.5/devel to /usr/src/linux

2003-06-20  Derek Atkins  <derek@ihtfp.com>

	* src/racoon/aclocal.m4:
	* src/racoon/configure:
	  Don't execute "for i in $3" if "$3" doesn't exist.
	  Fixes bug #721296.
	
2003-03-13  Derek Atkins  <derek@ihtfp.com>

	* rpm/ipsec-tools.spec.in: Bill Nottingham's SPEC-file patch:
	  This switches it to use %{_lib} (for /lib64 systems such as
	  x86-64 and s390x, and has it own the /etc/racoon directory in
	  the package as well.
	
---------------------------------------------

	0.2.2 released

2003-03-13  Derek Atkins  <derek@ihtfp.com>

	* configure.am, NEWS:
	  Update for 0.2.2 release

	* Makefile.am: distribute depcomp
	
2003-03-10  Derek Atkins  <derek@ihtfp.com>

	* src/racoon/Makefile.in: add @LEXLIB@ to the LIBS line to make
	  sure we link against the lexer library when necessary.
	
2003-03-07  Derek Atkins  <derek@ihtfp.com>

	* configure.am:
	* Makefile.am:
	* rpm/Makefile.am:
	* rpm/ipsec-tools.spec.in:
	  Added RPM SPEC to CVS
	
---------------------------------------------

	0.2.1 released

2003-03-07  Derek Atkins  <derek@ihtfp.com>

	* src/racoon/configure.in:  change "CFLAGS" to "CPPFLAGS" for
	  ssl include directory, to make sure the other tests work properly.

2003-03-06  Derek Atkins  <derek@ihtfp.com>

	* src/racoon/kmpstat.c:  fix gcc-3.2.2 compiler warning

	* src/racoon/configure.in:  look for krb5-config and don't
	  use it if it's not found.  Fixes a configure-time warning.
	
--------------------------------------------

	0.2 Released