Initial revision

doc/GNUmakefile

@@ -0,0 +1,23 @@
+# Having a separate GNUmakefile lets me use features of GNU make
+# to generate the man pages.
+# This makefile is used only if you run GNU Make.
+# It is necessary if you want to build targets usually of interest
+# only to the maintainer.
+
+have-Makefile := $(shell test -f Makefile && echo yes)
+
+# If the user runs GNU make but has not yet run ./configure,
+# give them a diagnostic.
+ifeq ($(have-Makefile),yes)
+
+include Makefile
+include $(srcdir)/Makefile.maint
+
+else
+
+all:
+	@echo There seems to be no Makefile in this directory.
+	@echo "You must run ./configure before running \`make'."
+	@exit 1
+
+endif

doc/Makefile.am

@@ -0,0 +1,23 @@
+## Process this file with automake to get Makefile.in
+
+info_TEXINFOS = tinc.texi
+
+dyn_MANS = tincd.8
+man_aux = $(dyn_MANS:.8=.x)
+
+man_MANS = tincd.conf.5 $(dyn_MANS)
+
+PERL = @PERL@
+HELP2MAN = help2man
+MAINTAINERCLEANFILES = $(dyn_MANS)
+
+EXTRA_DIST = $(man_MANS) $(HELP2MAN) $(man_aux) \
+  Makefile.maint GNUmakefile Makefile.summ tincd.conf.sample
+
+# Use `ginstall' in the definition of man_MANS to avoid
+# confusion with the `install' target.  The install rule transforms `ginstall'
+# to install before applying any user-specified name transformations.
+transform = s/ginstall/install/; @program_transform_name@
+
+# For additional rules usually of interest only to the maintainer,
+# see GNUmakefile and Makefile.maint.

doc/Makefile.maint

@@ -0,0 +1,35 @@
+# This -*- Makefile -*- uses features of GNU make.
+# It is included via GNUmakefile.
+
+# The following one line summaries were extracted from the
+# original man pages using this bit of sh code:
+# for i in *.1; do echo "$i: "|tr -d '\012'; \
+#   grep -A1 SH.NAME $i|sed '/SH NAME/d;s/^[^ ][^ ]* .- //'; done
+
+include Makefile.summ
+
+HELP2MAN-run = $(PERL) -w -- $(srcdir)/$(HELP2MAN)
+
+# Depend on configure.in to get version number changes.
+$(dyn_MANS): $(top_srcdir)/configure.in
+
+# Depend on the source file containing the --help text.
+# Filter out irregular cases.
+regular-men = $(filter-out $(irregular-men),$(dyn_MANS))
+$(regular-men): %.8: $(top_srcdir)/src/%.c
+
+executable = $(patsubst %/install,%/ginstall, ../src/$(basename $@))
+$(dyn_MANS): %.8: %.x $(HELP2MAN)
+	@if test -f $(executable); then \
+	  echo "Updating man page $@"; \
+	  rm -f $@-t $@; \
+	  $(HELP2MAN-run) \
+	    --name="$($(basename $@)-summary)" \
+	    --include=$(basename $@).x \
+	    $(executable) > $@-t; \
+	  chmod -w $@-t; \
+	  mv $@-t $@; \
+	else \
+	  echo "WARNING: The man page $@ cannot be updated yet."; \
+	  echo "         Retry once the corresponding executable is built."; \
+	fi

doc/Makefile.summ

@@ -0,0 +1,2 @@
+# -*- makefile -*-
+tincd-summary = tinc daemon

doc/help2man

@@ -0,0 +1,375 @@
+#!/usr/bin/perl -w
+
+# Generate a short man page from --help and --version output.
+# Copyright © 1997, 98 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+# Written by Brendan O'Dea <bod@compusol.com.au>
+
+use 5.004;
+use strict;
+use Getopt::Long;
+use POSIX qw(strftime setlocale LC_TIME);
+
+my $this_program = 'help2man';
+my $this_version = '1.006';
+my $version_info = <<EOT;
+$this_program $this_version
+
+Copyright (C) 1997, 98 Free Software Foundation, Inc.
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+Written by Brendan O'Dea <bod\@compusol.com.au>
+EOT
+
+my $help_info = <<EOT;
+`$this_program' generates a man page out of `--help' and `--version' output.
+
+Usage: $this_program [OPTION]... EXECUTABLE
+
+  --name=STRING       use `STRING' as the description for the NAME paragraph
+  --include=FILE      include material from `FILE'
+  --opt-include=FILE  include material from `FILE' if it exists
+  --output=FILE       send output to `FILE'
+  --no-info           suppress pointer to Texinfo manual
+  --help              print this help, then exit
+  --version           print $this_program program version number, then exit
+
+EXECUTABLE should accept `--help' and `version' options.
+EOT
+
+my ($include, $opt_name, $opt_include, $opt_output, $opt_no_info);
+
+# Parse options.
+GetOptions (
+    'name=s'	    => \$opt_name,
+    'include=s'	    => \$include,
+    'opt-include=s' => \$opt_include,
+    'output=s'	    => \$opt_output,
+    'no-info'	    => \$opt_no_info,
+    help	    => sub { print $help_info; exit },
+    version	    => sub { print $version_info; exit },
+) or die $help_info;
+
+die $help_info unless @ARGV == 1;
+
+my %include = ();
+my @include = (); # to retain order
+
+# Process include file (if given).  Format is:
+#
+# [section name]
+# verbatim text
+
+if ($include or $opt_include)
+{
+    if (open INC, $include || $opt_include)
+    {
+	my $sect;
+
+	while (<INC>)
+	{
+	    if (/^\[([^]]+)\]/)
+	    {
+		$sect = uc $1;
+		$sect =~ s/^\s+//;
+		$sect =~ s/\s+$//;
+		next;
+	    }
+
+	    # Silently ignore anything before the first
+	    # section--allows for comments and revision info.
+	    next unless $sect;
+
+	    push @include, $sect unless $include{$sect};
+	    $include{$sect} ||= '';
+	    $include{$sect} .= $_;
+	}
+
+	close INC;
+
+	die "$this_program: no valid information found in `$include'\n"
+	    unless %include;
+
+	# Compress trailing blank lines.
+	for (keys %include)
+	{
+	    $include{$_} =~ s/\n+$//;
+	    $include{$_} .= "\n" unless /^NAME$/;
+	}
+    }
+    else
+    {
+	die "$this_program: can't open `$include' ($!)\n" if $include;
+    }
+}
+
+# Turn off localisation of executable's ouput.
+@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
+
+# Turn off localisation of date (for strftime)
+setlocale LC_TIME, 'C';
+
+# Grab help and version paragraphs from executable
+my @help = split /\n\n+/, `$ARGV[0] --help 2>/dev/null`
+    or die "$this_program: can't get `--help' info from $ARGV[0]\n";
+
+my @version = split /\n\n+/, `$ARGV[0] --version 2>/dev/null`
+    or die "$this_program: can't get `--version' info from $ARGV[0]\n";
+
+my $date = strftime "%B %Y", localtime;
+my $program = $ARGV[0]; $program =~ s!.*/!!;
+my $package = $program;
+my $version;
+
+if ($opt_output)
+{
+    unlink $opt_output
+	or die "$this_program: can't unlink $opt_output ($!)\n"
+	if -e $opt_output;
+
+    open STDOUT, ">$opt_output"
+	or die "$this_program: can't create $opt_output ($!)\n";
+}
+
+# The first line of the --version information is assumed to be in one
+# of the following formats:
+#
+#   <version>
+#   <program> <version>
+#   GNU <program> <version>
+#   <program> (GNU <package>) <version>
+#   <program> - GNU <package> <version>
+#
+# and seperated from any copyright/author details by a blank line.
+
+$_ = shift @version;
+
+if (/^(\S+)\s+\((GNU\s+[^)]+)\)\s+(.*)/ or
+    /^(\S+)\s+-\s*(GNU\s+\S+)\s+(.*)/)
+{
+    $program = $1;
+    $package = $2;
+    $version = $3;
+}
+elsif (/^(GNU\s+)?(\S+)\s+(.*)/)
+{
+    $program = $2;
+    $package = $1 ? "$1$2" : $2;
+    $version = $3;
+}
+else
+{
+    $version = $_;
+}
+
+$program =~ s!.*/!!;
+
+# no info for `info' itself
+$opt_no_info = 1 if $program eq 'info';
+
+# --name overrides --include contents
+$include{NAME} = "$program \\- $opt_name" if $opt_name;
+
+# Default (useless) NAME paragraph
+$include{NAME} ||= "$program \\- manual page for $program $version";
+
+# Man pages traditionally have the page title in caps.
+my $PROGRAM = uc $program;
+
+# Header.
+print <<EOT;
+.\" DO NOT MODIFY THIS FILE!  It was generated by $this_program $this_version.
+.TH $PROGRAM 1 "$date" "$package $version" "FSF"
+.SH NAME
+$include{NAME}
+EOT
+
+my $accumulate = 1;
+my @description = ();
+
+sub convert_option;
+
+# Output converted --help information.
+for (@help)
+{
+    chomp;
+
+    if (s/^Usage:\s+\S+\s+(.*)\n?//)
+    {
+	# Turn the usage clause into a synopsis.
+	my $synopsis = '';
+
+	do {
+	    my $syn = $1;
+	    $syn =~ s/(([][]|\.\.+)+)/\\fR$1\\fI/g;
+	    $syn =~ s/^/\\fI/ unless $syn =~ s/^\\fR//;
+	    $syn .= '\fR';
+	    $syn =~ s/\\fI(\s*)\\fR/$1/g;
+
+	    $synopsis .= ".br\n" unless $accumulate;
+	    $synopsis .= ".B $program\n";
+	    $synopsis .= "$syn\n";
+	    $accumulate = 0;
+	} while s/^(?:Usage|\s*or):\s+\S+\s+(.*)\n?//;
+
+	# Include file overrides SYNOPSIS.
+	print ".SH SYNOPSIS\n", $include{SYNOPSIS} || $synopsis;
+
+	# Dump any accumulated description text.
+	print ".SH DESCRIPTION\n";
+	print @description;
+
+	# Add additional description text from include file.
+	if ($include{DESCRIPTION})
+	{
+	    print ".PP\n" unless $include{DESCRIPTION} =~ /^\..P/;
+	    print $include{DESCRIPTION};
+	}
+
+	next unless $_;
+    }
+
+    # Accumulate text if the synopsis has not been produced yet.
+    if ($accumulate)
+    {
+	push @description, ".PP\n" if @description;
+	push @description, "$_\n";
+	next;
+    }
+
+    # Catch start of options.
+    if (/^Options:/)
+    {
+	print qq(.SH OPTIONS\n);
+	s/Options://;
+    }
+
+    # Catch bug report text.
+    if (/^Report bugs |^Email bug reports to /)
+    {
+	print qq(.SH "REPORTING BUGS"\n$_\n);
+	next;
+    }
+
+    # Special case for tar 1.12: --label=NAME\nPATTERN.
+    s{(\n[ \t]*)(-V,[ \t]+--label=NAME.*)\n[ \t]+PATTERN[ \t]+}
+     {$1$2$1\\&...=PATTERN };
+
+    # Convert options.
+    s/(\s)(-[][\w=-]+|\\&\S+)/$1 . convert_option $2/ge;
+
+    # Option subsections have second line indented.
+    print qq(.SS "$1"\n) if s/^(\S.*)\n(\s)/$2/;
+
+    # Lines indented more than about 10 spaces may be assumed to be
+    # continuations of the previous line.
+    s/\n {10,}/ /g;
+
+    # Lines following dotted (*) or numbered points may also be
+    # continued if indented to the same level as the text following
+    # the point.
+    1 while s{((?:^|\n)(\s+)(?:[1-9][.)]|\*)(\s+)(?:[^\n]+))\n\2 \3(\S)}
+	     {$1 $4}g;
+
+    # Indented paragraph.
+    if (/^\s/)
+    {
+	for (split /\n/)
+	{
+	    s/^\s+//;
+	    s/([^,])\s+/$1\n/;
+	    print ".TP\n$_\n" if $_;
+	}
+    }
+    # Anything else.
+    else
+    {
+	print ".PP\n$_\n";
+    }
+}
+
+# Print any include items other than the ones we have already dealt
+# with.
+for (@include)
+{
+    print qq(.SH "$_"\n$include{$_})
+	unless /^(NAME|SYNOPSIS|DESCRIPTION|SEE ALSO)$/;
+}
+
+# Refer to the real documentation.
+if ($include{'SEE ALSO'} or !$opt_no_info)
+{
+    print qq(.SH "SEE ALSO"\n);
+    print $include{'SEE ALSO'}, ".PP\n" if $include{'SEE ALSO'};
+
+    print <<EOT unless $opt_no_info;
+The full documentation for
+.B $program
+is maintained as a Texinfo manual.  If the
+.B info
+and
+.B $program
+programs are properly installed at your site, the command
+.IP
+.B info $program
+.PP
+should give you access to the complete manual.
+EOT
+}
+
+# Output converted --version information.
+for (@version)
+{
+    chomp;
+
+    # Join hyphenated lines.
+    s/([A-Za-z])-\n */$1/g;
+
+    # Convert copyright symbol or (c) to nroff character.
+    s/Copyright\s+(?:\xa9|\([Cc]\))/Copyright \\(co/g;
+
+    # Insert appropriate headings for copyright and author.
+    if    (/^Copyright\s\\/) { print ".SH COPYRIGHT\n" }
+    elsif (/^Written\s+by/)  { print ".SH AUTHOR\n" }
+    else		     { print ".PP\n"; }
+
+    # Insert line breaks before additional copyright messages and the
+    # disclaimer.
+    s/(.)\n(Copyright\s|This is free software)/$1\n.br\n$2/g;
+
+    print "$_\n";
+}
+
+exit;
+
+# Convert option dashes to \- to stop nroff from hyphenating 'em, and
+# embolden.  Option arguments get italicised.
+sub convert_option
+{
+    my $option = '\fB' . shift;
+
+    $option =~ s/-/\\-/g;
+    unless ($option =~ s/\[=(.*)\]$/\\fR[=\\fI$1\\fR]/)
+    {
+	$option =~ s/=(.)/\\fR=\\fI$1/;
+	$option =~ s/ (.)/ \\fI$1/;
+	$option .= '\fR';
+    }
+
+    $option;
+}

doc/tincd.conf.5

@@ -0,0 +1,157 @@
+.TH TINC 5 "March 1999" "tinc version 0.2.16" "FSF"
+.SH NAME
+tincd.conf \- tinc daemon configuration
+.SH "DESCRIPTION"
+The files in the \fI/etc/tinc\fR directory contain runtime and
+security information for the \fBtinc\fR(8) daemon.
+.PP
+.SH "NETWORKS"
+It is perfectly ok for you to run more than one tinc daemon. However,
+in its default form, you will soon notice that you can't use two
+different configuration files without the \fI-c\fR option.
+
+We have thought of another way of dealing with this: network
+names. This means that you call \fBtincd\fR with the \fI-n\fR argument,
+which will assign a name to this daemon.
+
+The effect of this is that the daemon will set its configuration
+``root'' to \fI/etc/tinc/\fBnn\fI/\fR, where \fBnn\fR is your argument
+to the \fI-n\fR option. You'll notice that it appears in syslog as
+``tincd.\fBnn\fR''.
+
+However, it is not strictly necessary that you call tinc with the -n
+option. In this case, the network name would just be empty, and it
+will be used as such. tinc now looks for files in \fI/etc/tinc/\fR,
+instead of \fI/etc/tinc/\fBnn\fI/\fR; the configuration file should be
+\fI/etc/tinc/tincd.conf\fR, and the passphrases are now expected to be
+in \fI/etc/tinc/passphrases/\fR.
+
+But it is highly recommended that you use this feature of tinc,
+because it will be so much clearer whom your daemon talks to. Hence,
+we will assume that you use it.
+.PP
+.SH "PASSPHRASES"
+You should use the \fBgenauth\fR(8) program to generate passphrases.
+with, it accepts a single parameter, which is the number of bits the
+passphrase should be. Its output should be stored in
+\fI/etc/tinc/\fBnn\fI/passphrases/local\fR \-\- where \fBnn\fR stands
+for the network (See under \fBNETWORKS\fR) above.
+
+Please see the manpage for \fBgenauth\fR to learn more about setting
+up an authentication scheme.
+.PP
+.SH "CONFIGURATION"
+The actual configuration of the daemon is done in the file
+\fI/etc/tinc/\fBnn\fI/tincd.conf\fR.
+
+This file consists of comments (lines started with a \fB#\fR) or
+assignments in the form of
+.PP
+.Vb 1
+\&    \fIVariable \fB= \fIValue\fR.
+.Ve
+.PP
+The variable names are case insensitive, and any spaces, tabs,
+newlines and carriage returns are ignored. \fINote\fR: it is not
+required that you put in the \fB=\fR sign, but doing so improves
+readability. If you leave it out, remember to replace it with at least
+one space character.
+.PP
+.SH "VARIABLES"
+.PP
+Here are all valid variables, listed in alphabetical order:
+.TP
+\fBAllowConnect = \fB(\fIyes\fB|\fIno\fB)\fR
+If set to \fIyes\fR, anyone may try to connect to you. If you set this
+to no, no incoming connections will be accepted. This does not affect
+the outgoing connections.
+.TP
+\fBConnectPort = \fIport\fR
+Connect to the upstream host (given with the \fBConnectTo\fR
+directive) on port \fIport\fR. \fIport\fR may be given in decimal
+(default), octal (when preceded by a single zero) or hexadecimal
+(prefixed with \fB0x\fR). \fIport\fR is the port number for both the
+UDP and the TCP (meta) connections.
+.TP
+\fBConnectTo = \fB(\fIIP address\fB|\fIhostname\fB)\fR
+Specifies which host to connect to on startup. If the
+\fBConnectPort\fR variable is omitted, then tinc will try to connect
+to port 655.
+
+If you don't specify a host with \fBConnectTo\fR, tinc won't connect
+at all, and will instead just listen for incoming connections. Only
+the initiator of a tinc VPN should need this.
+.TP
+\fBKeyExpire = \fIs\fR
+The secret (and public) key expires after \fIs\fR seconds. The default
+is 3600 seconds, or one hour.
+
+If you make it shorter, a lot of time and bandwidth is spent
+negotiating over the new keys. If you make it longer, you make
+yourself more vulnerable to crackers, because they have more data to
+work with. The best value depends on the speed of the link, and the
+amount of data that goes over it.
+.TP
+\fBListenPort = \fIport\fR
+Listen on local port \fIport\fR. The computer connecting to this
+daemon should use this number as the argument for his
+\fBConnectPort\fR. Again, the default is 655.
+.TP
+\fBMyOwnVPNIP = \fInetwork address\fR[\fB/\fImaskbits\fR]
+The \fInetwork address\fR is the number that the daemon will propagate
+to other daemons on the network when it is identifying itself. Hence
+this will be the file name of the passphrase file that the other end
+expects to find the passphrase in.
+
+\fImaskbits\fR is the number of bits set to 1 in the netmask part.
+.TP
+\fBMyVirtualIP = \fInetwork address\fR[\fB/\fImaskbits\fR]
+This is an alias for \fBMyOwnVPNIP\fR.
+.TP
+\fBPassphrases = \fIdirectory\fR
+The directory where tinc will look for passphrases when someone tries
+to cennect. Please see the manpage for \fBgenauth\fR(8) for more
+information about passphrases as used by tinc.
+.TP
+\fBPingTimeout = \fInumber\fR
+The number of seconds of inactivity that tinc will wait before sending
+a probe to the other end. If that other end doesn't answer within that
+same amount of seconds, the connection is terminated, and the others
+will be notified of this.
+.TP
+\fBTapDevice = \fIdevice\fR
+The ethertap device to use. Note that you can only use one device per
+daemon. The info pages of the tinc package contain more information
+about configuring an ethertap device for linux.
+.PP
+.SH "FILES"
+.TP
+\fI/etc/tinc/\fR
+The top directory for configuration files.
+.TP
+\fI/etc/tinc/\fBnn\fI/tincd.conf\fR
+The default name of the configuration file for net
+\fBnn\fR.
+.TP
+\fI/etc/tinc/\fBnn\fI/passphrases/\fR
+Passphrases are kept in this directory. (See the section
+\fBPASSPHRASES\fR above).
+.PP
+.SH "SEE ALSO"
+\fBtincd\fR(8), \fBgenauth\fR(8)
+.PP
+The full documentation for
+.B tinc
+is maintained as a Texinfo manual.  If the
+.B info
+and
+.B tinc
+programs are properly installed at your site, the command
+.IP
+.B info tinc
+.PP
+should give you access to the complete manual.
+.PP
+tinc comes with ABSOLUTELY NO WARRANTY.  This is free software,
+and you are welcome to redistribute it under certain conditions;
+see the file COPYING for details.

doc/tincd.conf.sample

@@ -0,0 +1,40 @@
+# Sample tinc configuration file
+
+# This is a comment.
+# Lines can have a maximum of 80 characters.
+# Spaces and tabs are eliminated.
+# The = sign isn't strictly necessary any longer, though you may want
+# to leave it in as it improves readability :)
+# Variable names are treated case insensitive.
+
+# The internet host to connect with
+# comment these out to make yourself a listen-only connection
+# You may use an IP address or its FQDN.
+ConnectTo = 1.2.3.4
+
+# Connect to which port of the `ConnectTo' host
+
+# It is advised that you only connect to ports that are < 1024,
+# because some malicious (non-root) user may run a fake tincd on ports
+# above 1024.
+# The default port is 655, the port that has been assigned to tinc
+# by the IANA. If you want tincd to listen on any other port than 655,
+# you can use ListenPort for the `server', and ConnectPort for the
+# `client'.
+
+# You may use the prefixes 0x or 0 to denote a hexadecimal or octal
+# number respectively.
+ConnectPort = 0x300
+
+# Listen on which port
+ListenPort = 200
+
+# My own VPN IP
+# You may use the /nn notation to indicate the number of bits used for
+# the mask, /8 is equivalent to the netmask 255.0.0.0 (the first 8
+# bits are set to 1).
+MyOwnVPNIP = 10.x.x.x/8
+
+# Which local file?
+# Default is /dev/tap0
+TapDevice = /dev/tap1

doc/tincd.x

@@ -0,0 +1,20 @@
+[DESCRIPTION]
+." Add any additional description here
+
+This is the daemon part of tinc. tinc is a secure virtual private
+network (VPN) project.
+
+.SH OPTIONS
+
+
+[FILES]
+.TP
+\fI/etc/tinc\fR
+The top directory for configuration files.
+.PP
+
+[SEE ALSO]
+\fBtincd.conf\fR(5)
+.TP
+\fBhttp://www.cabal.org/\fR
+