j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
tinc/src/Makefile.am

281 lines
5.3 KiB
Makefile
Raw Normal View History

Initial revision
2000-03-26 00:33:07 +00:00
## Produce this file with automake to get Makefile.in
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
sbin_PROGRAMS = tincd tinc sptps_test sptps_keypair
Initial revision
2000-03-26 00:33:07 +00:00
Use git description as the tinc version. Instead of using the hardcoded version number in configure.ac, this makes tinc use the live version reported by "git describe", queried on-the-fly during the build process and regenerated for every build. This makes tinc version output more useful, as tinc will now display the number of commits since the last tag as well as the commit the binary is built from, following the format described in git-describe(1). Here's an example of tincd --version output: tinc version release-1.1pre10-48-gc149315 (built Jun 29 2014 15:21:10, protocol 17.3) When building directly from a release tag, this will look like the following: tinc version release-1.1pre10 (built Jun 29 2014 15:21:10, protocol 17.3) (Note that the format is slightly different - because of the way the tags are named, it says "release-1.1pre10" instead of just "1.1pre10") If git describe fails (for example when building from a release tarball), the build automatically falls back to the autoconf-provided VERSION macro (i.e. the old behavior).
2014-06-29 14:22:10 +00:00
## Make sure version.c is always rebuilt with the latest git information
Fix src/Makefile.am for *BSD. Apparently the BSDs don't like $(srcdir) but want to see ${srcdir} in their rules.
2015-05-19 12:09:53 +00:00
.PHONY: ${srcdir}/version.c version_git.h
Use git description as the tinc version. Instead of using the hardcoded version number in configure.ac, this makes tinc use the live version reported by "git describe", queried on-the-fly during the build process and regenerated for every build. This makes tinc version output more useful, as tinc will now display the number of commits since the last tag as well as the commit the binary is built from, following the format described in git-describe(1). Here's an example of tincd --version output: tinc version release-1.1pre10-48-gc149315 (built Jun 29 2014 15:21:10, protocol 17.3) When building directly from a release tag, this will look like the following: tinc version release-1.1pre10 (built Jun 29 2014 15:21:10, protocol 17.3) (Note that the format is slightly different - because of the way the tags are named, it says "release-1.1pre10" instead of just "1.1pre10") If git describe fails (for example when building from a release tarball), the build automatically falls back to the autoconf-provided VERSION macro (i.e. the old behavior).
2014-06-29 14:22:10 +00:00
version_git.h:
echo >$@
Add support for out-of-tree ("VPATH") builds. This fixes some issues with the build system when building out of tree. With this commit, it is now possible to do the following: $ cd /tmp/build $ /path/to/tinc/configure $ make
2014-07-12 15:01:41 +00:00
-(cd $(srcdir) && git describe) && echo '#define GIT_DESCRIPTION "'`(cd $(srcdir) && git describe) | sed 's/release-//'`'"' >$@
Fix src/Makefile.am for *BSD. Apparently the BSDs don't like $(srcdir) but want to see ${srcdir} in their rules.
2015-05-19 12:09:53 +00:00
${srcdir}/version.c: version_git.h
Regenerate build date and time every time tinc is built. This prevents the date and time shown in version information from getting stale because of partial builds. With these changes, date and time information is written to a dedicated object file that gets rebuilt every time make is run, even if there are no changes.
2014-06-29 13:57:42 +00:00
Add a benchmark for the SPTPS protocol.
2013-09-15 15:35:55 +00:00
if LINUX
sbin_PROGRAMS += sptps_speed
endif
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
ed25519_SOURCES = \
ed25519/add_scalar.c \
ed25519/ed25519.h \
ed25519/fe.c ed25519/fe.h \
ed25519/fixedint.h \
ed25519/ge.c ed25519/ge.h \
ed25519/key_exchange.c \
ed25519/keypair.c \
ed25519/precomp_data.h \
ed25519/sc.c ed25519/sc.h \
ed25519/sha512.c ed25519/sha512.h \
ed25519/sign.c \
ed25519/verify.c
Use the ChaCha-Poly1305 cipher for the SPTPS protocol. The main reason to switch from AES-256-GCM to ChaCha-Poly1305 is to remove a dependency on OpenSSL, whose behaviour of the AES-256-GCM decryption function changes between versions. The source code for ChaCha-Pol1305 is small and in the public domain, and can therefore be easily included in tinc itself. Moreover, it is very fast even without using any optimized assembler, easily outperforming AES-256-GCM on platforms that don't have special AES instructions in hardware.
2014-04-14 19:43:45 +00:00
chacha_poly1305_SOURCES = \
chacha-poly1305/chacha.c chacha-poly1305/chacha.h \
chacha-poly1305/chacha-poly1305.c chacha-poly1305/chacha-poly1305.h \
chacha-poly1305/poly1305.c chacha-poly1305/poly1305.h
Move source from lib/ to src/. The utility functions in the lib/ directory do not really form a library. Also, now that we build two binaries, tincctl does not need everything that was in libvpn.a, so it is wasteful to link to it.
2009-12-31 12:19:13 +00:00
tincd_SOURCES = \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
buffer.c buffer.h \
cipher.h \
conf.c conf.h \
connection.c connection.h \
control.c control.h \
control_common.h \
crypto.h \
device.h \
digest.h \
dropin.c dropin.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
dummy_device.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
ecdh.h \
ecdsa.h \
ecdsagen.h \
edge.c edge.h \
ethernet.h \
event.c event.h \
fake-gai-errnos.h \
fake-getaddrinfo.c fake-getaddrinfo.h \
fake-getnameinfo.c fake-getnameinfo.h \
graph.c graph.h \
hash.c hash.h \
have.h \
ipv4.h \
ipv6.h \
list.c list.h \
logger.c logger.h \
meta.c meta.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
multicast_device.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
names.c names.h \
net.c net.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
net_packet.c \
net_setup.c \
net_socket.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
netutl.c netutl.h \
node.c node.h \
prf.h \
process.c process.h \
protocol.c protocol.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
protocol_auth.c \
protocol_edge.c \
protocol_key.c \
protocol_misc.c \
protocol_subnet.c \
raw_socket_device.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
route.c route.h \
rsa.h \
rsagen.h \
Use PATHEXT when checking for the presence of scripts on Windows. It seems like a lot of overhead to call access() for every possible extension defined in PATHEXT, but apparently this is what Windows does itself too. At least this avoids calling system() when the script one is looking for does not exist at all. Since the tinc utility also needs to call scripts, execute_script() is now split off into its own source file.
2013-08-23 17:24:36 +00:00
script.c script.h \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
splay_tree.c splay_tree.h \
sptps.c sptps.h \
subnet.c subnet.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
subnet_parse.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
system.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
tincd.c \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
utils.c utils.h \
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
xalloc.h \
Don't include build-time generated version_git.h in the tarball.
2015-05-05 21:05:22 +00:00
version.c version.h \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
ed25519/ecdh.c \
ed25519/ecdsa.c \
Use the ChaCha-Poly1305 cipher for the SPTPS protocol. The main reason to switch from AES-256-GCM to ChaCha-Poly1305 is to remove a dependency on OpenSSL, whose behaviour of the AES-256-GCM decryption function changes between versions. The source code for ChaCha-Pol1305 is small and in the public domain, and can therefore be easily included in tinc itself. Moreover, it is very fast even without using any optimized assembler, easily outperforming AES-256-GCM on platforms that don't have special AES instructions in hardware.
2014-04-14 19:43:45 +00:00
$(ed25519_SOURCES) \
$(chacha_poly1305_SOURCES)
Use conditional compilation for device.c. This requires the automake option "subdir-objects" to be enabled, and it becomes more critical to specify the exact path to local header files.
2013-05-01 10:20:06 +00:00
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
tinc_SOURCES = \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
dropin.c dropin.h \
getopt.c getopt.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
getopt1.c \
Add the "fsck" command to the CLI. This will report possible problems in the configuration files, and in some cases offers to fix them. The code is far from perfect yet. It expects keys to be in their default locations, it doesn't check for Public/PrivateKey[File] statemetns yet. It also does not correctly handle Ed25519 public keys yet.
2015-01-15 21:57:56 +00:00
fsck.c fsck.h \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
info.c info.h \
invitation.c invitation.h \
list.c list.h \
names.c names.h \
netutl.c netutl.h \
Use PATHEXT when checking for the presence of scripts on Windows. It seems like a lot of overhead to call access() for every possible extension defined in PATHEXT, but apparently this is what Windows does itself too. At least this avoids calling system() when the script one is looking for does not exist at all. Since the tinc utility also needs to call scripts, execute_script() is now split off into its own source file.
2013-08-23 17:24:36 +00:00
script.c script.h \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
sptps.c sptps.h \
subnet_parse.c subnet.h \
tincctl.c tincctl.h \
top.c top.h \
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
utils.c utils.h \
Don't include build-time generated version_git.h in the tarball.
2015-05-05 21:05:22 +00:00
version.c version.h \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
ed25519/ecdh.c \
ed25519/ecdsa.c \
ed25519/ecdsagen.c \
Use the ChaCha-Poly1305 cipher for the SPTPS protocol. The main reason to switch from AES-256-GCM to ChaCha-Poly1305 is to remove a dependency on OpenSSL, whose behaviour of the AES-256-GCM decryption function changes between versions. The source code for ChaCha-Pol1305 is small and in the public domain, and can therefore be easily included in tinc itself. Moreover, it is very fast even without using any optimized assembler, easily outperforming AES-256-GCM on platforms that don't have special AES instructions in hardware.
2014-04-14 19:43:45 +00:00
$(ed25519_SOURCES) \
$(chacha_poly1305_SOURCES)
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
sptps_test_SOURCES = \
Move .h files from noinst_HEADERS to tincd_SOURCES. This is the recommended way according to the Automake manual.
2013-08-13 18:35:48 +00:00
logger.c logger.h \
sptps.c sptps.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
sptps_test.c \
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
utils.c utils.h \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
ed25519/ecdh.c \
ed25519/ecdsa.c \
Use the ChaCha-Poly1305 cipher for the SPTPS protocol. The main reason to switch from AES-256-GCM to ChaCha-Poly1305 is to remove a dependency on OpenSSL, whose behaviour of the AES-256-GCM decryption function changes between versions. The source code for ChaCha-Pol1305 is small and in the public domain, and can therefore be easily included in tinc itself. Moreover, it is very fast even without using any optimized assembler, easily outperforming AES-256-GCM on platforms that don't have special AES instructions in hardware.
2014-04-14 19:43:45 +00:00
$(ed25519_SOURCES) \
$(chacha_poly1305_SOURCES)
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
sptps_keypair_SOURCES = \
sptps_keypair.c \
utils.c utils.h \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
ed25519/ecdsagen.c \
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
$(ed25519_SOURCES)
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
Add a benchmark for the SPTPS protocol.
2013-09-15 15:35:55 +00:00
sptps_speed_SOURCES = \
logger.c logger.h \
sptps.c sptps.h \
sptps_speed.c \
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
utils.c utils.h \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
ed25519/ecdh.c \
ed25519/ecdsa.c \
ed25519/ecdsagen.c \
Use the ChaCha-Poly1305 cipher for the SPTPS protocol. The main reason to switch from AES-256-GCM to ChaCha-Poly1305 is to remove a dependency on OpenSSL, whose behaviour of the AES-256-GCM decryption function changes between versions. The source code for ChaCha-Pol1305 is small and in the public domain, and can therefore be easily included in tinc itself. Moreover, it is very fast even without using any optimized assembler, easily outperforming AES-256-GCM on platforms that don't have special AES instructions in hardware.
2014-04-14 19:43:45 +00:00
$(ed25519_SOURCES) \
$(chacha_poly1305_SOURCES)
Add a benchmark for the SPTPS protocol.
2013-09-15 15:35:55 +00:00
Use conditional compilation for device.c. This requires the automake option "subdir-objects" to be enabled, and it becomes more critical to specify the exact path to local header files.
2013-05-01 10:20:06 +00:00
## Conditionally compile device drivers
Don't compile getopt*.c if the system provides getopt_long(). # Conflicts: # configure.ac # src/Makefile.am # src/tincd.c
2016-04-08 15:49:49 +00:00
if !GETOPT
tincd_SOURCES += \
getopt.c getopt.h \
getopt1.c
tinc_SOURCES += \
getopt.c getopt.h \
getopt1.cendif
sptps_test_SOURCES += \
getopt.c getopt.h \
getopt1.c
sptps_keypair_SOURCES += \
getopt.c getopt.h \
getopt1.c
endif
Use conditional compilation for device.c. This requires the automake option "subdir-objects" to be enabled, and it becomes more critical to specify the exact path to local header files.
2013-05-01 10:20:06 +00:00
if LINUX
tincd_SOURCES += linux/device.c
endif
if BSD
tincd_SOURCES += bsd/device.c
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
if TUNEMU
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
tincd_SOURCES += bsd/tunemu.c bsd/tunemu.h
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
endif
Use conditional compilation for device.c. This requires the automake option "subdir-objects" to be enabled, and it becomes more critical to specify the exact path to local header files.
2013-05-01 10:20:06 +00:00
endif
if SOLARIS
tincd_SOURCES += solaris/device.c
endif
if MINGW
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
tincd_SOURCES += mingw/device.c mingw/common.h
Use conditional compilation for device.c. This requires the automake option "subdir-objects" to be enabled, and it becomes more critical to specify the exact path to local header files.
2013-05-01 10:20:06 +00:00
endif
if CYGWIN
tincd_SOURCES += cygwin/device.c
endif
Allow linking with multiple device drivers. Apart from the platform specific tun/tap driver, link with the dummy and raw_socket devices, and optionally with support for UML and VDE devices. At runtime, the DeviceType option can be used to select which driver to use.
2011-12-04 00:20:59 +00:00
if UML
tincd_SOURCES += uml_device.c
endif
if VDE
tincd_SOURCES += vde_device.c
endif
Ensure the right files end up in the tarball after make dist.
2011-06-25 15:08:40 +00:00
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
if OPENSSL
tincd_SOURCES += \
openssl/cipher.c \
openssl/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
openssl/digest.c openssl/digest.h \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
openssl/prf.c \
openssl/rsa.c
tinc_SOURCES += \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
openssl/cipher.c \
openssl/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
openssl/digest.c openssl/digest.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
openssl/prf.c \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
openssl/rsa.c \
openssl/rsagen.c
sptps_test_SOURCES += \
openssl/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
openssl/digest.c openssl/digest.h \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
openssl/prf.c
Use Ed25519 keys. This uses the portable Ed25519 library made by Orson Peters, which in turn uses the reference implementation made by Daniel J. Bernstein. This implementation also allows Ed25519 keys to be used for key exchange, so there is no need to add a separate implementation of Curve25519.
2014-04-06 20:47:26 +00:00
sptps_keypair_SOURCES += \
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
openssl/crypto.c
Add a benchmark for the SPTPS protocol.
2013-09-15 15:35:55 +00:00
sptps_speed_SOURCES += \
openssl/crypto.c \
openssl/digest.c openssl/digest.h \
openssl/prf.c
Fixes for bugs in src/Makefile.am and tincctl.c introduced by cfe9285adf391ab66faeb5def811fe08e47a221a.
2014-12-31 23:52:39 +00:00
else
if GCRYPT
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
tincd_SOURCES += \
gcrypt/cipher.c \
gcrypt/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
gcrypt/digest.c gcrypt/digest.h \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
gcrypt/prf.c \
gcrypt/rsa.c
tinc_SOURCES += \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
gcrypt/cipher.c \
gcrypt/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
gcrypt/digest.c gcrypt/digest.h \
Add an invitation protocol. Using the tinc command, an administrator of an existing VPN can generate invitations for new nodes. The invitation is a small URL that can easily be copy&pasted into email or live chat. Another person can have tinc automatically setup the necessary configuration files and exchange keys with the server, by only using the invitation URL. The invitation protocol uses temporary ECDSA keys. The invitation URL consists of the hostname and port of the server, a hash of the server's temporary ECDSA key and a cookie. When the client wants to accept an invitation, it also creates a temporary ECDSA key, connects to the server and says it wants to accept an invitation. Both sides exchange their temporary keys. The client verifies that the server's key matches the hash in the invitation URL. After setting up an SPTPS connection using the temporary keys, the client gives the cookie to the server. If the cookie is valid, the server sends the client an invitation file containing the client's new name and a copy of the server's host config file. If everything is ok, the client will generate a long-term ECDSA key and send it to the server, which will add it to a new host config file for the client. The invitation protocol currently allows multiple host config files to be send from the server to the client. However, the client filters out most configuration variables for its own host configuration file. In particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and AutoConnect. Also, at the moment no tinc-up script is generated. When an invitation has succesfully been accepted, the client needs to start the tinc daemon manually.
2013-05-29 16:31:10 +00:00
gcrypt/prf.c \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
gcrypt/rsa.c \
gcrypt/rsagen.c
sptps_test_SOURCES += \
gcrypt/cipher.c \
gcrypt/crypto.c \
Stop using EXTRA_DIST in src/Makefile.am. Automake finds the files in the subdirectories of src/ now that they are properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause .o files to be included in the tarball.
2013-08-14 14:17:12 +00:00
gcrypt/digest.c gcrypt/digest.h \
Use conditional compilation for cryptographic functions. This gets rid of the rest of the symbolic links. However, as a consequence, the crypto header files have now moved to src/, and can no longer contain library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t and rsa_t are now all opaque types, and only pointers to those types can be used.
2013-05-01 15:17:22 +00:00
gcrypt/prf.c
Allow tinc to be compiled without OpenSSL. The option "--disable-legacy-protocol" was added to the configure script. The new protocol does not depend on any external crypto libraries, so when the option is used tinc is no longer linked to OpenSSL's libcrypto.
2014-12-29 21:57:18 +00:00
sptps_keypair_SOURCES += \
openssl/crypto.c
sptps_speed_SOURCES += \
openssl/crypto.c \
openssl/digest.c openssl/digest.h \
openssl/prf.c
else
tincd_SOURCES += \
nolegacy/crypto.c \
nolegacy/prf.c
tinc_SOURCES += \
nolegacy/crypto.c \
nolegacy/prf.c
sptps_test_SOURCES += \
nolegacy/crypto.c \
nolegacy/prf.c
sptps_keypair_SOURCES += \
nolegacy/crypto.c
sptps_speed_SOURCES += \
nolegacy/crypto.c \
nolegacy/prf.c
Add support for iPhones and recent iPods. This is a slightly modified patch from Grzegorz Dymarek that allows tinc to use the tunemu device, which allows tinc to be compiled for iPhones and recent iPods. To enable support for tunemu, the --enable-tunemu option has to be used when running the configure script.
2009-09-10 17:32:54 +00:00
endif
Fixes for bugs in src/Makefile.am and tincctl.c introduced by cfe9285adf391ab66faeb5def811fe08e47a221a.
2014-12-31 23:52:39 +00:00
endif
Add support for iPhones and recent iPods. This is a slightly modified patch from Grzegorz Dymarek that allows tinc to use the tunemu device, which allows tinc to be compiled for iPhones and recent iPods. To enable support for tunemu, the --enable-tunemu option has to be used when running the configure script.
2009-09-10 17:32:54 +00:00
Add UPnP support to tincd. This commit makes tincd capable of discovering UPnP-IGD devices on the local network, and add mappings (port redirects) for its TCP and/or UDP port. The goal is to improve reliability and performance of tinc with nodes sitting behind home routers that support UPnP, by making it less reliant on UDP Hole Punching, which is prone to failure when "hostile" NATs are involved. The way this is implemented is by leveraging the libminiupnpc library, which we have just added a new dependency on. We use pthread to run the UPnP client code in a dedicated thread; we can't use the tinc event loop because libminiupnpc doesn't have a non-blocking API.
2015-11-15 13:40:07 +00:00
if MINIUPNPC
Add upnp.h to tincd SOURCES. This was missing from 513bffe1fee07bcbcb50691e221874adc1507857.
2015-11-22 18:57:59 +00:00
tincd_SOURCES += upnp.h upnp.c
Add UPnP support to tincd. This commit makes tincd capable of discovering UPnP-IGD devices on the local network, and add mappings (port redirects) for its TCP and/or UDP port. The goal is to improve reliability and performance of tinc with nodes sitting behind home routers that support UPnP, by making it less reliant on UDP Hole Punching, which is prone to failure when "hostile" NATs are involved. The way this is implemented is by leveraging the libminiupnpc library, which we have just added a new dependency on. We use pthread to run the UPnP client code in a dedicated thread; we can't use the tinc event loop because libminiupnpc doesn't have a non-blocking API.
2015-11-15 13:40:07 +00:00
tincd_LDADD = $(MINIUPNPC_LIBS)
tincd_LDFLAGS = -pthread
endif
Rename tincctl to tinc.
2013-03-08 15:22:56 +00:00
tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS)
Link sptps_speed with -lrt. This is necessary for clock_gettime() on older versions of libc.
2013-09-15 20:03:00 +00:00
sptps_speed_LDADD = -lrt
Add a very primitive "top" command to tincctl.
2011-05-15 11:16:48 +00:00
Use a smarter algorithm for choosing MTU discovery probe sizes. Currently, tinc uses a naive algorithm for choosing MTU discovery probe sizes, picking a size at random between minmtu and maxmtu. This is of course suboptimal - since the behavior of probes is deterministic (assuming no packet loss), it seems likely that using a non-deterministic discovery algorithm will not yield the best results. Furthermore, the randomness introduces a lot of variation in convergence times. The random solution also suffers from pathological cases - since it's using a uniform distribution, it doesn't take into account the fact that it's often more interesting to send small probes rather than large ones, because getting replies is the only way we can make progress (assuming the worst case scenario in which the OS doesn't know anything, therefore keeping maxmtu constant). This can lead to absurd situations where the discovery algorithm is close to the real MTU, but can't get to it because the random number generator keeps generating numbers that are past it. The algorithm implemented in this patch aims to improve on the naive random algorithm. It is organized around "cycles" of 8 probes; the sizes of the probes decrease as we go through the cycle, thus making sure the algorithm can cover lots of ground quickly (in case we're far from actual MTU), but also examining the local area (in case we're close to actual MTU). Using cycles ensures that the algorithm will "go back" to large probes to better cover the new interval and to protect against packet loss. For the probe size itself, various mathematical models were simulated in an attempt to find the one that converges the fastest; it has been determined that using an exponential based on the size of the remaining interval was the most effective option. The exponential is adjusted with a magic multiplier fine-tuned to make tinc jump to the "most interesting" (i.e. 1400+) section as soon as discovery starts. Simulations indicate that assuming no packet loss and no help from the OS (i.e. maxmtu stays constant), this algorithm will typically converge to the *exact* MTU value in less than 10 probes, and will get within 8 bytes in less than 5 probes, for actual MTUs between 1417 and ~1450 (which is the range the algorithm is fine-tuned for). In contrast, the previous algorithm gives results all over the place, sometimes taking 30+ probes to get in the ballpark. Because of the issues with the distribution, the previous algorithm sometimes never gets to the precise MTU value within any reasonable amount of time - in contrast, the new algorithm will always get to the precise value in less than 30 probes, even if the actual MTU is completely outside the optimized range.
2014-12-30 16:34:48 +00:00
LIBS = @LIBS@ -lm
Initial revision
2000-03-26 00:33:07 +00:00
Add support for iPhones and recent iPods. This is a slightly modified patch from Grzegorz Dymarek that allows tinc to use the tunemu device, which allows tinc to be compiled for iPhones and recent iPods. To enable support for tunemu, the --enable-tunemu option has to be used when running the configure script.
2009-09-10 17:32:54 +00:00
if TUNEMU
LIBS += -lpcap
endif
Don't pollute the system header directory namespace. Since commit 13f9bc1ff199bea46d3dde391a848f119e2cc0f0, tinc passes the -I. option to the preprocessor so that version_git.h can be found during out-of-tree ("VPATH") builds. The problem is, this option also affects the directory search for files included *from* system headers. For example, on MinGW, unistd.h contains the following line: #include <process.h> Which, due to -I. putting the tinc directory at the head of the search order, results in tinc's process.h being included instead of the file from MinGW. Hilarity ensues. This commit fixes the issue by using -iquote, which doesn't affect system headers.
2015-05-17 21:36:15 +00:00
AM_CFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DLOCALSTATEDIR=\"$(localstatedir)\" -DSBINDIR=\"$(sbindir)\" -iquote.
Reference in a new issue Copy permalink