TODO list * DONE: implement ISAKMP and IPSEC SA negotiate support * DONE: fix delete message * DONE --non-interactive * DONE --pid-file * DONE VERSION * DONE don't ignore all notifies at ipsec-sa-negotation * DONE hide user/pass from --debug output * DONE --verbose * DONE fix vpnc-disconnect * DONE NetBSD supported * DONE FreeBSD supported * DONE ignore attr 32136! (Cisco extension: XAUTH Vendor) * DONE ignore "metric10 xx" * DONE make /var/run/vpnc as needed * DONE support for new libgcrypt versions * DONE passcode == password * DONE post link to http://www.liebchen-online.de/vpn-zaurus.html * DONE post rfcs and drafts * DONE include man-page * DONE fix link at alioth * DONE memleak fix from Sebastian Biallas * DONE include OpenBSD support from Nikolay Sturm * DONE load balancing support (fixes INVALID_EXCHANGE_TYPE in S4.5) * DONE accept (== ignore) lifetime update in phase1 * DONE send lifetime in phase1 and phase2 * DONE send version string * DONE automatic handling of pfs * DONE ask for dns/wins servers, default domain, pfs setting, netmask * DONE spawn post-connect script * DONE check /dev/net/tun, reject /dev/tun* on linux *** * DONE XAUTH Domain: (empty) * DONE svn-Repository * DONE implement udp encap via port 10.000 - apply patch * DONE fix Makefile (install, DESTDIR, CFLAGS, ...) * DONE implement udp transport NAT-T - apply patch * links to packages, howtos, etc. - http://localhost.ruhr.de/~stefan/uni-duisburg.ai/vpnc.shtml - link to kvpnc? * add macosx support - add pointer to http://chrisp.de/en/projects/tunnel.html * factor out crypto stuff (cipher, hmac, dh) - http://libtomcrypt.org/features.html - http://www.foldr.org/~michaelw/ patch fertig - libgcrypt (old too?) - autodetect? - openssl?? * relicense to gpl+ssl? * --local-address * clean up scripts * update "check pfs setting" error message * better handling of routing * better handling of resolv.conf? * use in-kernel-ipsec with pf-key - apply patch * make doing xauth optional * add support for pcap for packet capture -- * implement compression * implement rekeying / DPD / frozen connections? * implement certificate support * implement hybrid-auth * optional drop root (rekey? reconnect?) * nortel support?