Seeking in files and rewriting parts of them does not seem to work properly on
Windows. Instead, when old RSA keys are found when generating new ones, the
file containing the old keys is copied to a temporary file where the changes
are made, and that file is renamed back to the original filename. On Windows,
we cannot atomically replace files with a rename(), so we need to move the
original file out of the way first. If anything fails, the new code will warn
that the user has to solve the problem by hand.
This allows tincctl to receive log messages from a running tincd,
independent of what is logged to syslog or to file. Tincctl can receive
debug messages with an arbitrary level.
If we don't have ECDSA keys for the node we connect to, set protocol_minor
to 1, to indicate this to the other end. This will first complete the
old way of authentication with RSA keys, and will then exchange ECDSA keys.
The connection will be terminated right afterwards, and the next attempt
will use ECDSA keys.
Options given on the command line have precedence over configuration from files.
This can be useful, for example, for a roaming node, for which 'ConnectTo' and
<host>.Address depends on its location.
Instead of allocating storage for each line read, we now read into fixed-size
buffers on the stack. This fixes a case where a malformed configuration file
could crash tinc.
When generating an RSA keypair, the new public and private keys are appended to
files. However, when OpenSSL reads keys it only reads the first in a file, not
the last. Instead of printing an easily ignored warning, tinc now disables old
keys when appending new ones.
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c
It compiles, but it won't link.
- Store everything in AVL trees (fast lookup)
- No need for hazahaza anymore
- Parse values when needed
- This simplifies a lot of config variable lookups.
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub (work like a hub, broadcasting everything)
Note: tinc ignores private key in the main config file, tinc.conf,
because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
the public key to the host configuration file (otherwise rsa_key.pub).
