+tripe (1.0.0pre19) experimental; urgency=low
+
+ * tripe: Use Catacomb `rand_quick' to collect system-specific entropy,
+ e.g., from the x86 `rdrand' isntruction.
+ * tripe: Fix memory leak of key-data objects.
+ * tripe: Add new `naclbox' bulk-crypto transform based on Salsa20/ChaCha
+ and Poly1305.
+ * tripe: Support X25519 and X448 as key-exchange groups.
+ * tripe-keys: Support Ed25519 and Ed448 signature schemes.
+ * tripe-keys: Allow more control over key generation. In particular,
+ arbitrary attributes can now be set on master keys and key-exchange
+ keys.
+ * tripe-uslip: Clean up sockets on signal.
+ * A number of documentation fixes.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sun, 14 May 2017 18:18:17 +0100
+
+tripe (1.0.0pre18) experimental; urgency=low
+
+ * general: Fixed some 64-bit portability bugs.
+ * debian: Improve the Debian packaging: there are now explicit versions
+ on dependencies; the build-depependencies are correct; and there are
+ separate build-dependencies for the (rather more demanding)
+ architecture-neutral packages.
+ * tests: Fixed the server test suite to remove spurious failures.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 30 Apr 2016 18:13:31 +0100
+
+tripe (1.0.0pre17.1) experimental; urgency=low
+
+ * tests: More warning suppressions.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Mon, 11 May 2015 00:52:01 +0100
+
+tripe (1.0.0pre17) experimental; urgency=low
+
+ * tripe-peer-services: The `tripe-newpeers' program now implements
+ multiple inheritance of configuration sections. See peers.in(5) for
+ the details.
+ * tripe-peer-services: The base configuration now has different timeouts
+ for active and passive dynamic peers. The thinking behind this is
+ explained in connect(8).
+ * tripe: The example `knock' script now works with OpenSSH forced-
+ commands, as well as custom shells.
+ * tripe: Include a configuration file for `sshsvc-mkauthkeys', to help
+ with setting up passive peers.
+ * tripe-peer-services: Fix a bug which broke the `connect' service's
+ `KICK' command.
+ * Attach a `tripe' suffix to most of the manpage names. Some of the
+ services, in particular, have rather generic names and it's only luck
+ that there haven't been conflicts yet.
+ * tripe: New `-W' option for `tripectl' to set the watch list.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Fri, 08 May 2015 19:22:25 +0100
+
+tripe (1.0.0pre16.2) experimental; urgency=low
+
+ * tripe-peer-services: `tripe-ifup' is now more tolerant of errors, and
+ more useful at reporting them.
+ * tripe-peer-services: `tripe-ifup' strips any explicit prefix length
+ from the remote internal address when adding routes naming it as a
+ gateway.
+ * tripe-peer-services: `tripe-ifup' explicitly forces the sysctl setting
+ `net.ipv6.conf.IFACE.disable_ipv6' off before configuring an IPv6
+ address as a workaround for some devices which try to turn IPv6 off
+ globally if they can't get a route.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 14 Mar 2015 19:35:18 +0000
+
+tripe (1.0.0pre16.1) experimental; urgency=low
+
+ * tripe: Diagnose a mismatch between two peers' choice of bulk crypto
+ transforms.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Tue, 17 Feb 2015 21:33:47 +0000
+
+tripe (1.0.0pre16) experimental; urgency=low
+
+ * pathmtu: Use `IP_PMTUDISC_PROBE' rather than `..._DO' when doing
+ Linux-specific probing: this prevents inexplicable `EMSGSIZE' failures
+ from write(2).
+ * tripe: New bulk-crypto transform `iiv', which (a) reduces encryption
+ overhead and (b) is fully deterministic, closing a possible
+ kleptographic channel.
+ * tripe: Improve logging options in the client and startup scripts.
+ * tripe: Ship experimental systemd units as examples.
+ * tripe-peer-services: `conntrack' supports newer GLib bindings.
+ * tripe-peer-services: `connect' now only polls its database once a minute
+ (rather than once a second).
+ * tripemon: Support for newer Gtk bindings.
+ * tripemon: More distinctive highlighting of entry fields with invalid
+ contents.
+ * tripemon: Show per-peer crypto details in info sheet.
+ * tripemon: Support new options in `Add peer' dialogue.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sun, 20 Jul 2014 21:48:23 +0100
+
+tripe (1.0.0pre15) experimental; urgency=low
+
+ * Allow network masks in the `laddr' and `raddr' lists.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 19 Apr 2014 14:34:22 +0100
+
tripe (1.0.0pre14) experimental; urgency=low
* Abolish the `watch' service. Its functionality has been absorbed into
~mdw / tripe / blobdiff