HIPL 1.0.0 Release Notes ======================== Differences to previous release ------------------------------- This release equals to hipl--main--2.6--patch-123 in the version control. Diffs to earlier release in a NUT shell: - Code moved entirely from the kernelspace to userspace - IPv4 outer address support - Many bugs solved - New features - HIP Client NAT support - HIP Rendezvous UDP encapsulation support - New features excluded from the binary release (but included in the source release by configure options) - HIP firewall (netfilter) daemon - Graphical Control User Interface Agent - Relay HIP related traffic through i3 overlay network (Hi3) - Support for setting cookies based only HITs (and not IP addresses) - Rendezvous server (non-interoperable, based on an earlier version - Support for IP address based IPsec communication for legacy applications (very experimental and unstable) - Looking up HITs from OpenDHT See Changelog from the release directory for more detailed diffs. Interoperability Summary (IETF65) --------------------------------- Jeff, Jan, Kristian and me did some interopping every now and then during the past two weeks. The following features were successfully interoperated both on IPv4 and IPv6: * Base exchange * CLOSE * Rekeying without new DH The following features still need to interoperated: * Mobility and multihoming extensions * Rekeying with DH The interops were based on base-05, esp-02, mm-03 and khi-00. We did not find any errors from the drafts, and all of the problems were just implementation problems. Most of the problems were related to handling of the ESP_INFO and new KHI. Since I am writing this email, I'll also add a small advertisement here :) InfraHIP HIPL implementation was interoperated first time in full userspace mode, based on our on-going efforts on Linux kernel 2.6.x BEET IPsec mode: http://infrahip.hiit.fi/beet/ The beet directory also contains patches for later kernels (with BEET pseudoheader implemented). Special thanks for Diego Beltrami and Herbert Xu for their dedication on the patches. We are working on to polish and finalize the patches to get them accepted in the vanilla kernel. Known bugs and missing features/improvements in this release ------------------------------------------------------------ A list of open issues in this release are listed below. Some experimental features are excluded from the list, (GUI, server nat, etc). There are a lot of smaller fixes or feature requests, but there are few important issues that should be implemented for the next release. These are: * problems with hosts that have different IPv4 network prefixes (175) * mobility code should be rewritten (179) * multihoming support (96) * global HIT prefix (98) 101: "LSI support" 111: "interfamily handovers" 118: "incoming SPs are not required in BEET mode", 9: "Base exchange using RVS with java is slow" 33: "HIP loopback does not work" 71: "NAI in the host id may be incorrectly coded" 73: "libinet6 crashes if the HIT is not found" 89: "consider merging libinet6 and libhiptool" 94: "handle SA expiration properly" 96: "The BEET patch does not support multiaddressing properly" 98: "global HIT prefix" 100: "how to determine details about local HITs e.g. DSA/RSA" 104: "HIPD failure on EM64T: OVERRUN Bad address" 107: "adding an invalid mapping causes a kernel crash" 108: "some memory leaks in hipd initialization" 110: ""UPDATE and retransmission support" 119: ""poisoning of HIT-to-IP address mappings" 121: "hip_handle_add_local_hi gets tangled with parameters on ppc" 123: "code clean-up" 139: "refresh keymaterial periodically" 141: "libinet6 resolves too long from the dns" 142: "rekeying when keymaterial ends" 143: "clean up the policy-sleep patch" 170: "first connection is slow" 172: "priviledge separation for hipd" 175: "initiating from multiple source HITs when hosts are in different networks" 13: "Alias names in the resolver library do not work correctly." 49: "Interoperability tests for mobility and multihoming" 90: "create /etc/hip/hosts file" 138: "reduce the need to use libinet6" 3: Native HIP API does not work with UDP" 50: "Test applications" 27: "All the functions are not documented using the docbook format." 34: "The syntax of the native HIP API is out-of-date" 38: "Implement HIP_HI_ANY and the variants" 39: "Implement getlocaledinfo() and getpeeredinfo()" 42: "Handle access control to local HIs properly" 179: "rewrite the update code" See the below link for more detailed info about bugs: http://hipl.hiit.fi/bugzilla Before reporting any new bugs for this release, please try out the nightly tarball first: http://hipl.hiit.fi/hipl/hipl.tar.gz To report a bug, please subscribe to the hipl-users mailing list and report the bug there: http://www.freelists.org/list/hipl-users