Import Debian changes 1.0.13-1~bpo50
tinc (1.0.13-1~bpo50) lenny-backports; urgency=low * New upstream release.
This commit is contained in:
commit
2006358f32
56 changed files with 1588 additions and 440 deletions
178
ChangeLog
178
ChangeLog
|
@ -1,3 +1,181 @@
|
|||
commit 26b8cf8680ae68443dccac2adbc2361caafc3712
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 20:40:20 2010 +0200
|
||||
|
||||
Releasing 1.0.13.
|
||||
|
||||
commit 74653beb5bc510e60579058ee15c0f66350f5137
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 19:47:44 2010 +0200
|
||||
|
||||
Mark Forwarding and DirectOnly options as being experimental.
|
||||
|
||||
commit 0ddce6370d39eff162bd212a6e47fe3a8e96a09e
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 19:39:31 2010 +0200
|
||||
|
||||
Don't redefine MAX if it already exists.
|
||||
|
||||
commit a9bbb3357a89e27185312fbce0ee134eda4eda90
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 19:20:02 2010 +0200
|
||||
|
||||
Fixes for definitions under Windows.
|
||||
|
||||
commit 4708f2c89edea4be2562256544cf35309cf1ea89
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 18:34:50 2010 +0200
|
||||
|
||||
Ensure subnet-up/down scripts are called after HUP when necessary.
|
||||
|
||||
commit 32f5524c4b52a2d3a96bc48ee2437f8b9b4dbe10
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 04:35:16 2010 +0200
|
||||
|
||||
Fix reloading Subnets when StrictSubnets is set.
|
||||
|
||||
commit 9f53ab209d8a6a7622a49ed03cef735b6e3f3eeb
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Apr 11 00:50:42 2010 +0200
|
||||
|
||||
Reload Subnets when getting a HUP signal and StrictSubnets is used.
|
||||
|
||||
commit d1cc637470edaed663e694fdeb290eb45cc9ecca
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Apr 10 23:55:15 2010 +0200
|
||||
|
||||
Ensure ICMP_NET_ANO is defined.
|
||||
|
||||
commit f75e71bc693847af71f61fb72cd788e3e47f9bd3
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Apr 3 09:46:45 2010 +0100
|
||||
|
||||
Convert Port to numeric form before sending it to other nodes.
|
||||
|
||||
If one uses a symbolic name for the Port option, tinc will send that name
|
||||
literally to other nodes. However, it is not guaranteed that all nodes have
|
||||
the same contents in /etc/services, or have such a file at all.
|
||||
|
||||
commit 292354912f346fe467f557f0dc026b519997289c
|
||||
Author: Sven-Haegar Koch <haegar@ccc.de>
|
||||
Date: Wed Mar 10 02:50:51 2010 +0100
|
||||
|
||||
Never delete Subnets when StrictSubnets is set
|
||||
|
||||
If a node is unreachable, and not connected to an edge anymore, it gets
|
||||
deleted. When this happens its subnets are also removed, which should
|
||||
not happen with StrictSubnets=yes.
|
||||
|
||||
Solution:
|
||||
- do not remove subnets in src/net.c::purge(), we know that all subnets
|
||||
in the list came from our hosts files.
|
||||
I think here you got the check wrong by looking at the tunnelserver
|
||||
code below it - with strictsubnets we still inform others but do not
|
||||
remove the subnet from our data.
|
||||
- do not remove nodes in net.c::purge() that still have subnets
|
||||
attached.
|
||||
|
||||
commit 146760bd35b351d58e817ce0e67f5c6f74750cd4
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Wed Mar 10 16:07:01 2010 +0100
|
||||
|
||||
Fix typo.
|
||||
|
||||
commit f2346771cf5b22092dd3f5af3674008aa1e878d1
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Mar 8 21:44:32 2010 +0100
|
||||
|
||||
Log unauthorized Subnets when StrictSubnets is set.
|
||||
|
||||
commit ee64b8ef33b709fabfc1ed56762d5f52fc026e52
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Mar 8 17:54:57 2010 +0100
|
||||
|
||||
ConnectTo does not mean tinc does not listen for incoming connections anymore.
|
||||
|
||||
commit 8ae54dc7c782bcc4b771ec0766fcf9eee115756e
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Mar 2 23:27:50 2010 +0100
|
||||
|
||||
Fixes for the Forwarding option.
|
||||
|
||||
commit 3e4829e78a3c7f7e19017d05611e5b69d5268119
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Mar 2 22:55:24 2010 +0100
|
||||
|
||||
Add the DirectOnly option.
|
||||
|
||||
When this option is enabled, packets that cannot be sent directly to the destination node,
|
||||
but which would have to be forwarded by an intermediate node, are dropped instead.
|
||||
When combined with the IndirectData option,
|
||||
packets for nodes for which we do not have a meta connection with are also dropped.
|
||||
|
||||
commit 95a6974de173e0cb78611c6704ed09631d510dae
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Mar 2 22:34:26 2010 +0100
|
||||
|
||||
Add the Forwarding option.
|
||||
|
||||
This determines if and how incoming packets that are not meant for the local
|
||||
node are forwarded. It can either be off, internal (tinc forwards them itself,
|
||||
as in previous versions), or kernel (packets are always sent to the TUN/TAP
|
||||
device, letting the kernel sort them out).
|
||||
|
||||
commit 5038964032ef55913b2d4741c67bf191b2208abb
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Mar 2 00:18:44 2010 +0100
|
||||
|
||||
Add the StrictSubnets option.
|
||||
|
||||
When this option is enabled, tinc will not accept dynamic updates of Subnets
|
||||
from other nodes, but will only use Subnets read from local host config files
|
||||
to build its routing table.
|
||||
|
||||
commit 9fed0ec34b9208611a7e96a595f23fa04e60a5c0
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Mar 1 23:44:56 2010 +0100
|
||||
|
||||
Preload all Subnets in TunnelServer mode.
|
||||
|
||||
This simplifies the logic in protocol_subnet.c.
|
||||
|
||||
commit d47ab576a25d91600acf7eecf376ed026bdc9c83
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Mar 1 23:44:46 2010 +0100
|
||||
|
||||
Check for dirent.h.
|
||||
|
||||
commit 21f33b638291c2ffe7156e6c1e0df339f855d831
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Mar 1 23:35:02 2010 +0100
|
||||
|
||||
Simplify reading lines from configuration files.
|
||||
|
||||
Instead of allocating storage for each line read, we now read into fixed-size
|
||||
buffers on the stack. This fixes a case where a malformed configuration file
|
||||
could crash tinc.
|
||||
|
||||
commit 3cb91d75f874e3398c35cd4280c1e0a1ceeedabc
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Feb 28 18:20:13 2010 +0100
|
||||
|
||||
Clamp MSS to miminum MTU in both directions.
|
||||
|
||||
Clamp MSS of both incoming and outgoing packets, and use the minimum of the
|
||||
PMTU of both directions when clamping.
|
||||
|
||||
commit ddb8cb0779ed36d17ce186dd0bf67e9f0c860d28
|
||||
Author: Timothy Redaelli <timothy@redaelli.eu>
|
||||
Date: Wed Feb 10 14:52:15 2010 +0100
|
||||
|
||||
Add --disable-zlib configure option
|
||||
|
||||
commit eeb505af36ba9496ad29b32cd0917afb8c6cd355
|
||||
Author: Timothy Redaelli <timothy@redaelli.eu>
|
||||
Date: Wed Feb 10 13:24:33 2010 +0100
|
||||
|
||||
Add --disable-lzo configure option
|
||||
|
||||
commit f7b2a2ea43fca323f543e152e6a43a29a4eb6671
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Wed Feb 3 22:49:48 2010 +0100
|
||||
|
|
12
NEWS
12
NEWS
|
@ -1,3 +1,15 @@
|
|||
Version 1.0.13 Apr 11 2010
|
||||
|
||||
* Allow building tinc without LZO and/or Zlib.
|
||||
|
||||
* Clamp MSS of TCP packets in both directions.
|
||||
|
||||
* Experimental StrictSubnets, Forwarding and DirectOnly options,
|
||||
giving more control over information and packets received from/sent to other
|
||||
nodes.
|
||||
|
||||
* Ensure tinc never sends symbolic names for ports over the wire.
|
||||
|
||||
Version 1.0.12 Feb 3 2010
|
||||
|
||||
* Really allow fast roaming of hosts to other nodes in a switched VPN.
|
||||
|
|
4
README
4
README
|
@ -1,4 +1,4 @@
|
|||
This is the README file for tinc version 1.0.12. Installation
|
||||
This is the README file for tinc version 1.0.13. Installation
|
||||
instructions may be found in the INSTALL file.
|
||||
|
||||
tinc is Copyright (C) 1998-2010 by:
|
||||
|
@ -55,7 +55,7 @@ should be changed into "Device", and "Device" should be changed into
|
|||
Compatibility
|
||||
-------------
|
||||
|
||||
Version 1.0.12 is compatible with 1.0pre8, 1.0 and later, but not with older
|
||||
Version 1.0.13 is compatible with 1.0pre8, 1.0 and later, but not with older
|
||||
versions of tinc.
|
||||
|
||||
|
||||
|
|
1
THANKS
1
THANKS
|
@ -34,6 +34,7 @@ We would like to thank the following people for their contributions to tinc:
|
|||
* Scott Lamb
|
||||
* Sven-Haegar Koch
|
||||
* Teemu Kiviniemi
|
||||
* Timothy Redaelli
|
||||
* Tonnerre Lombard
|
||||
* Wessel Dankers
|
||||
* Wouter van Heyst
|
||||
|
|
149
config.guess
vendored
149
config.guess
vendored
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Attempt to guess a canonical system name.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
|
||||
# Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2009-06-10'
|
||||
timestamp='2009-12-30'
|
||||
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
|
@ -27,16 +27,16 @@ timestamp='2009-06-10'
|
|||
# the same distribution terms that you use for the rest of that program.
|
||||
|
||||
|
||||
# Originally written by Per Bothner <per@bothner.com>.
|
||||
# Please send patches to <config-patches@gnu.org>. Submit a context
|
||||
# diff and a properly formatted ChangeLog entry.
|
||||
# Originally written by Per Bothner. Please send patches (context
|
||||
# diff format) to <config-patches@gnu.org> and include a ChangeLog
|
||||
# entry.
|
||||
#
|
||||
# This script attempts to guess a canonical system name similar to
|
||||
# config.sub. If it succeeds, it prints the system name on stdout, and
|
||||
# exits with 0. Otherwise, it exits with 1.
|
||||
#
|
||||
# The plan is that this can be called by configure scripts if you
|
||||
# don't specify an explicit build system type.
|
||||
# You can get the latest version of this script from:
|
||||
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
|
||||
|
||||
me=`echo "$0" | sed -e 's,.*/,,'`
|
||||
|
||||
|
@ -56,8 +56,9 @@ version="\
|
|||
GNU config.guess ($timestamp)
|
||||
|
||||
Originally written by Per Bothner.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
|
||||
2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
|
||||
Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -333,6 +334,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
|
|||
sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
|
||||
echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
|
||||
exit ;;
|
||||
i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
|
||||
echo i386-pc-auroraux${UNAME_RELEASE}
|
||||
exit ;;
|
||||
i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
|
||||
eval $set_cc_for_build
|
||||
SUN_ARCH="i386"
|
||||
|
@ -807,12 +811,12 @@ EOF
|
|||
i*:PW*:*)
|
||||
echo ${UNAME_MACHINE}-pc-pw32
|
||||
exit ;;
|
||||
*:Interix*:[3456]*)
|
||||
*:Interix*:*)
|
||||
case ${UNAME_MACHINE} in
|
||||
x86)
|
||||
echo i586-pc-interix${UNAME_RELEASE}
|
||||
exit ;;
|
||||
EM64T | authenticamd | genuineintel)
|
||||
authenticamd | genuineintel | EM64T)
|
||||
echo x86_64-unknown-interix${UNAME_RELEASE}
|
||||
exit ;;
|
||||
IA64)
|
||||
|
@ -854,6 +858,20 @@ EOF
|
|||
i*86:Minix:*:*)
|
||||
echo ${UNAME_MACHINE}-pc-minix
|
||||
exit ;;
|
||||
alpha:Linux:*:*)
|
||||
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
|
||||
EV5) UNAME_MACHINE=alphaev5 ;;
|
||||
EV56) UNAME_MACHINE=alphaev56 ;;
|
||||
PCA56) UNAME_MACHINE=alphapca56 ;;
|
||||
PCA57) UNAME_MACHINE=alphapca56 ;;
|
||||
EV6) UNAME_MACHINE=alphaev6 ;;
|
||||
EV67) UNAME_MACHINE=alphaev67 ;;
|
||||
EV68*) UNAME_MACHINE=alphaev68 ;;
|
||||
esac
|
||||
objdump --private-headers /bin/sh | grep -q ld.so.1
|
||||
if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
|
||||
exit ;;
|
||||
arm*:Linux:*:*)
|
||||
eval $set_cc_for_build
|
||||
if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
|
||||
|
@ -876,6 +894,17 @@ EOF
|
|||
frv:Linux:*:*)
|
||||
echo frv-unknown-linux-gnu
|
||||
exit ;;
|
||||
i*86:Linux:*:*)
|
||||
LIBC=gnu
|
||||
eval $set_cc_for_build
|
||||
sed 's/^ //' << EOF >$dummy.c
|
||||
#ifdef __dietlibc__
|
||||
LIBC=dietlibc
|
||||
#endif
|
||||
EOF
|
||||
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
|
||||
echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
|
||||
exit ;;
|
||||
ia64:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
|
@ -901,39 +930,18 @@ EOF
|
|||
#endif
|
||||
#endif
|
||||
EOF
|
||||
eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
|
||||
/^CPU/{
|
||||
s: ::g
|
||||
p
|
||||
}'`"
|
||||
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
|
||||
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
|
||||
;;
|
||||
or32:Linux:*:*)
|
||||
echo or32-unknown-linux-gnu
|
||||
exit ;;
|
||||
ppc:Linux:*:*)
|
||||
echo powerpc-unknown-linux-gnu
|
||||
exit ;;
|
||||
ppc64:Linux:*:*)
|
||||
echo powerpc64-unknown-linux-gnu
|
||||
exit ;;
|
||||
alpha:Linux:*:*)
|
||||
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
|
||||
EV5) UNAME_MACHINE=alphaev5 ;;
|
||||
EV56) UNAME_MACHINE=alphaev56 ;;
|
||||
PCA56) UNAME_MACHINE=alphapca56 ;;
|
||||
PCA57) UNAME_MACHINE=alphapca56 ;;
|
||||
EV6) UNAME_MACHINE=alphaev6 ;;
|
||||
EV67) UNAME_MACHINE=alphaev67 ;;
|
||||
EV68*) UNAME_MACHINE=alphaev68 ;;
|
||||
esac
|
||||
objdump --private-headers /bin/sh | grep -q ld.so.1
|
||||
if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
|
||||
exit ;;
|
||||
padre:Linux:*:*)
|
||||
echo sparc-unknown-linux-gnu
|
||||
exit ;;
|
||||
parisc64:Linux:*:* | hppa64:Linux:*:*)
|
||||
echo hppa64-unknown-linux-gnu
|
||||
exit ;;
|
||||
parisc:Linux:*:* | hppa:Linux:*:*)
|
||||
# Look for CPU level
|
||||
case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
|
||||
|
@ -942,8 +950,11 @@ EOF
|
|||
*) echo hppa-unknown-linux-gnu ;;
|
||||
esac
|
||||
exit ;;
|
||||
parisc64:Linux:*:* | hppa64:Linux:*:*)
|
||||
echo hppa64-unknown-linux-gnu
|
||||
ppc64:Linux:*:*)
|
||||
echo powerpc64-unknown-linux-gnu
|
||||
exit ;;
|
||||
ppc:Linux:*:*)
|
||||
echo powerpc-unknown-linux-gnu
|
||||
exit ;;
|
||||
s390:Linux:*:* | s390x:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-ibm-linux
|
||||
|
@ -966,58 +977,6 @@ EOF
|
|||
xtensa*:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
i*86:Linux:*:*)
|
||||
# The BFD linker knows what the default object file format is, so
|
||||
# first see if it will tell us. cd to the root directory to prevent
|
||||
# problems with other programs or directories called `ld' in the path.
|
||||
# Set LC_ALL=C to ensure ld outputs messages in English.
|
||||
ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
|
||||
| sed -ne '/supported targets:/!d
|
||||
s/[ ][ ]*/ /g
|
||||
s/.*supported targets: *//
|
||||
s/ .*//
|
||||
p'`
|
||||
case "$ld_supported_targets" in
|
||||
elf32-i386)
|
||||
TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
|
||||
;;
|
||||
esac
|
||||
# Determine whether the default compiler is a.out or elf
|
||||
eval $set_cc_for_build
|
||||
sed 's/^ //' << EOF >$dummy.c
|
||||
#include <features.h>
|
||||
#ifdef __ELF__
|
||||
# ifdef __GLIBC__
|
||||
# if __GLIBC__ >= 2
|
||||
LIBC=gnu
|
||||
# else
|
||||
LIBC=gnulibc1
|
||||
# endif
|
||||
# else
|
||||
LIBC=gnulibc1
|
||||
# endif
|
||||
#else
|
||||
#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
|
||||
LIBC=gnu
|
||||
#else
|
||||
LIBC=gnuaout
|
||||
#endif
|
||||
#endif
|
||||
#ifdef __dietlibc__
|
||||
LIBC=dietlibc
|
||||
#endif
|
||||
EOF
|
||||
eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
|
||||
/^LIBC/{
|
||||
s: ::g
|
||||
p
|
||||
}'`"
|
||||
test x"${LIBC}" != x && {
|
||||
echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
|
||||
exit
|
||||
}
|
||||
test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
|
||||
;;
|
||||
i*86:DYNIX/ptx:4*:*)
|
||||
# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
|
||||
# earlier versions are messed up and put the nodename in both
|
||||
|
@ -1247,6 +1206,16 @@ EOF
|
|||
*:Darwin:*:*)
|
||||
UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
|
||||
case $UNAME_PROCESSOR in
|
||||
i386)
|
||||
eval $set_cc_for_build
|
||||
if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
|
||||
if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
|
||||
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
|
||||
grep IS_64BIT_ARCH >/dev/null
|
||||
then
|
||||
UNAME_PROCESSOR="x86_64"
|
||||
fi
|
||||
fi ;;
|
||||
unknown) UNAME_PROCESSOR=powerpc ;;
|
||||
esac
|
||||
echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
|
||||
|
|
|
@ -55,6 +55,9 @@
|
|||
don't. */
|
||||
#undef HAVE_DECL_GETNAMEINFO
|
||||
|
||||
/* Define to 1 if you have the <dirent.h> header file. */
|
||||
#undef HAVE_DIRENT_H
|
||||
|
||||
/* Define to 1 if you have the `EVP_EncryptInit_ex' function. */
|
||||
#undef HAVE_EVP_ENCRYPTINIT_EX
|
||||
|
||||
|
@ -94,6 +97,9 @@
|
|||
/* Define to 1 if you have the <linux/if_tun.h> header file. */
|
||||
#undef HAVE_LINUX_IF_TUN_H
|
||||
|
||||
/* enable lzo compression support */
|
||||
#undef HAVE_LZO
|
||||
|
||||
/* Define to 1 if you have the <lzo1x.h> header file. */
|
||||
#undef HAVE_LZO1X_H
|
||||
|
||||
|
@ -327,6 +333,9 @@
|
|||
/* Define to 1 if you have the `writev' function. */
|
||||
#undef HAVE_WRITEV
|
||||
|
||||
/* have zlib compression support */
|
||||
#undef HAVE_ZLIB
|
||||
|
||||
/* Define to 1 if you have the <zlib.h> header file. */
|
||||
#undef HAVE_ZLIB_H
|
||||
|
||||
|
|
47
config.sub
vendored
47
config.sub
vendored
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Configuration validation subroutine script.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
|
||||
# Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2009-06-11'
|
||||
timestamp='2010-01-22'
|
||||
|
||||
# This file is (in principle) common to ALL GNU software.
|
||||
# The presence of a machine in this file suggests that SOME GNU software
|
||||
|
@ -32,13 +32,16 @@ timestamp='2009-06-11'
|
|||
|
||||
|
||||
# Please send patches to <config-patches@gnu.org>. Submit a context
|
||||
# diff and a properly formatted ChangeLog entry.
|
||||
# diff and a properly formatted GNU ChangeLog entry.
|
||||
#
|
||||
# Configuration subroutine to validate and canonicalize a configuration type.
|
||||
# Supply the specified configuration type as an argument.
|
||||
# If it is invalid, we print an error message on stderr and exit with code 1.
|
||||
# Otherwise, we print the canonical config type on stdout and succeed.
|
||||
|
||||
# You can get the latest version of this script from:
|
||||
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
|
||||
|
||||
# This file is supposed to be the same for all GNU packages
|
||||
# and recognize all the CPU types, system types and aliases
|
||||
# that are meaningful with *any* GNU software.
|
||||
|
@ -72,8 +75,9 @@ Report bugs and patches to <config-patches@gnu.org>."
|
|||
version="\
|
||||
GNU config.sub ($timestamp)
|
||||
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
|
||||
2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
|
||||
Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -149,7 +153,7 @@ case $os in
|
|||
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
|
||||
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
|
||||
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
|
||||
-apple | -axis | -knuth | -cray)
|
||||
-apple | -axis | -knuth | -cray | -microblaze)
|
||||
os=
|
||||
basic_machine=$1
|
||||
;;
|
||||
|
@ -284,6 +288,7 @@ case $basic_machine in
|
|||
| pdp10 | pdp11 | pj | pjl \
|
||||
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
|
||||
| pyramid \
|
||||
| rx \
|
||||
| score \
|
||||
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
|
||||
| sh64 | sh64le \
|
||||
|
@ -291,13 +296,14 @@ case $basic_machine in
|
|||
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
|
||||
| spu | strongarm \
|
||||
| tahoe | thumb | tic4x | tic80 | tron \
|
||||
| ubicom32 \
|
||||
| v850 | v850e \
|
||||
| we32k \
|
||||
| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
|
||||
| z8k | z80)
|
||||
basic_machine=$basic_machine-unknown
|
||||
;;
|
||||
m6811 | m68hc11 | m6812 | m68hc12)
|
||||
m6811 | m68hc11 | m6812 | m68hc12 | picochip)
|
||||
# Motorola 68HC11/12.
|
||||
basic_machine=$basic_machine-unknown
|
||||
os=-none
|
||||
|
@ -340,7 +346,7 @@ case $basic_machine in
|
|||
| lm32-* \
|
||||
| m32c-* | m32r-* | m32rle-* \
|
||||
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
|
||||
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
|
||||
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
|
||||
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
|
||||
| mips16-* \
|
||||
| mips64-* | mips64el-* \
|
||||
|
@ -368,15 +374,17 @@ case $basic_machine in
|
|||
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
|
||||
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
|
||||
| pyramid-* \
|
||||
| romp-* | rs6000-* \
|
||||
| romp-* | rs6000-* | rx-* \
|
||||
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
|
||||
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
|
||||
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
|
||||
| sparclite-* \
|
||||
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
|
||||
| tahoe-* | thumb-* \
|
||||
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
|
||||
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
|
||||
| tile-* | tilegx-* \
|
||||
| tron-* \
|
||||
| ubicom32-* \
|
||||
| v850-* | v850e-* | vax-* \
|
||||
| we32k-* \
|
||||
| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
|
||||
|
@ -726,6 +734,9 @@ case $basic_machine in
|
|||
basic_machine=ns32k-utek
|
||||
os=-sysv
|
||||
;;
|
||||
microblaze)
|
||||
basic_machine=microblaze-xilinx
|
||||
;;
|
||||
mingw32)
|
||||
basic_machine=i386-pc
|
||||
os=-mingw32
|
||||
|
@ -1076,6 +1087,11 @@ case $basic_machine in
|
|||
basic_machine=tic6x-unknown
|
||||
os=-coff
|
||||
;;
|
||||
# This must be matched before tile*.
|
||||
tilegx*)
|
||||
basic_machine=tilegx-unknown
|
||||
os=-linux-gnu
|
||||
;;
|
||||
tile*)
|
||||
basic_machine=tile-unknown
|
||||
os=-linux-gnu
|
||||
|
@ -1247,6 +1263,9 @@ case $os in
|
|||
# First match some system type aliases
|
||||
# that might get confused with valid system types.
|
||||
# -solaris* is a basic system type, with this one exception.
|
||||
-auroraux)
|
||||
os=-auroraux
|
||||
;;
|
||||
-solaris1 | -solaris1.*)
|
||||
os=`echo $os | sed -e 's|solaris1|sunos4|'`
|
||||
;;
|
||||
|
@ -1268,8 +1287,8 @@ case $os in
|
|||
# -sysv* is not here because it comes later, after sysvr4.
|
||||
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
|
||||
| -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
|
||||
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
|
||||
| -kopensolaris* \
|
||||
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
|
||||
| -sym* | -kopensolaris* \
|
||||
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
|
||||
| -aos* | -aros* \
|
||||
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
|
||||
|
@ -1290,7 +1309,7 @@ case $os in
|
|||
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
|
||||
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
|
||||
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
|
||||
| -skyos* | -haiku* | -rdos* | -toppers* | -drops*)
|
||||
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
|
||||
# Remember, each alternative MUST END IN *, to match a version number.
|
||||
;;
|
||||
-qnx*)
|
||||
|
@ -1423,6 +1442,8 @@ case $os in
|
|||
-dicos*)
|
||||
os=-dicos
|
||||
;;
|
||||
-nacl*)
|
||||
;;
|
||||
-none)
|
||||
;;
|
||||
*)
|
||||
|
|
56
configure
vendored
56
configure
vendored
|
@ -702,9 +702,11 @@ with_windows2000
|
|||
with_openssl
|
||||
with_openssl_include
|
||||
with_openssl_lib
|
||||
enable_zlib
|
||||
with_zlib
|
||||
with_zlib_include
|
||||
with_zlib_lib
|
||||
enable_lzo
|
||||
with_lzo
|
||||
with_lzo_include
|
||||
with_lzo_lib
|
||||
|
@ -1341,6 +1343,8 @@ Optional Features:
|
|||
--disable-dependency-tracking speeds up one-time build
|
||||
--enable-dependency-tracking do not reject slow dependency extractors
|
||||
--enable-tunemu enable support for the tunemu driver
|
||||
--disable-zlib disable zlib compression support
|
||||
--disable-lzo disable lzo compression support
|
||||
--enable-jumbograms enable support for jumbograms (packets up to 9000
|
||||
bytes)
|
||||
|
||||
|
@ -2704,7 +2708,7 @@ fi
|
|||
|
||||
# Define the identity of the package.
|
||||
PACKAGE=tinc
|
||||
VERSION=1.0.12
|
||||
VERSION=1.0.13
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
|
@ -5001,7 +5005,7 @@ $as_echo "#define STDC_HEADERS 1" >>confdefs.h
|
|||
|
||||
fi
|
||||
|
||||
for ac_header in stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h
|
||||
for ac_header in stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h
|
||||
do :
|
||||
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
|
||||
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
|
||||
|
@ -6347,12 +6351,22 @@ fi
|
|||
|
||||
|
||||
|
||||
# Check whether --enable-zlib was given.
|
||||
if test "${enable_zlib+set}" = set; then :
|
||||
enableval=$enable_zlib;
|
||||
fi
|
||||
|
||||
if test "x$enable_zlib" != "xno"; then :
|
||||
|
||||
|
||||
$as_echo "#define HAVE_ZLIB 1" >>confdefs.h
|
||||
|
||||
|
||||
# Check whether --with-zlib was given.
|
||||
if test "${with_zlib+set}" = set; then :
|
||||
withval=$with_zlib; zlib="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"
|
||||
|
||||
fi
|
||||
|
||||
|
@ -6361,7 +6375,7 @@ fi
|
|||
# Check whether --with-zlib-include was given.
|
||||
if test "${with_zlib_include+set}" = set; then :
|
||||
withval=$with_zlib_include; zlib_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"
|
||||
|
||||
fi
|
||||
|
||||
|
@ -6370,12 +6384,12 @@ fi
|
|||
# Check whether --with-zlib-lib was given.
|
||||
if test "${with_zlib_lib+set}" = set; then :
|
||||
withval=$with_zlib_lib; zlib_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"
|
||||
|
||||
fi
|
||||
|
||||
|
||||
for ac_header in zlib.h
|
||||
for ac_header in zlib.h
|
||||
do :
|
||||
ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default"
|
||||
if test "x$ac_cv_header_zlib_h" = x""yes; then :
|
||||
|
@ -6391,7 +6405,7 @@ fi
|
|||
done
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress2 in -lz" >&5
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress2 in -lz" >&5
|
||||
$as_echo_n "checking for compress2 in -lz... " >&6; }
|
||||
if test "${ac_cv_lib_z_compress2+set}" = set; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
|
@ -6435,13 +6449,25 @@ else
|
|||
fi
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# Check whether --enable-lzo was given.
|
||||
if test "${enable_lzo+set}" = set; then :
|
||||
enableval=$enable_lzo;
|
||||
fi
|
||||
|
||||
if test "x$enable_lzo" != "xno"; then :
|
||||
|
||||
|
||||
$as_echo "#define HAVE_LZO 1" >>confdefs.h
|
||||
|
||||
|
||||
# Check whether --with-lzo was given.
|
||||
if test "${with_lzo+set}" = set; then :
|
||||
withval=$with_lzo; lzo="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"
|
||||
|
||||
fi
|
||||
|
||||
|
@ -6450,7 +6476,7 @@ fi
|
|||
# Check whether --with-lzo-include was given.
|
||||
if test "${with_lzo_include+set}" = set; then :
|
||||
withval=$with_lzo_include; lzo_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"
|
||||
|
||||
fi
|
||||
|
||||
|
@ -6459,12 +6485,12 @@ fi
|
|||
# Check whether --with-lzo-lib was given.
|
||||
if test "${with_lzo_lib+set}" = set; then :
|
||||
withval=$with_lzo_lib; lzo_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"
|
||||
|
||||
fi
|
||||
|
||||
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for lzo1x_1_compress in -llzo2" >&5
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for lzo1x_1_compress in -llzo2" >&5
|
||||
$as_echo_n "checking for lzo1x_1_compress in -llzo2... " >&6; }
|
||||
if test "${ac_cv_lib_lzo2_lzo1x_1_compress+set}" = set; then :
|
||||
$as_echo_n "(cached) " >&6
|
||||
|
@ -6550,7 +6576,7 @@ fi
|
|||
fi
|
||||
|
||||
|
||||
for ac_header in lzo/lzo1x.h
|
||||
for ac_header in lzo/lzo1x.h
|
||||
do :
|
||||
ac_fn_c_check_header_mongrel "$LINENO" "lzo/lzo1x.h" "ac_cv_header_lzo_lzo1x_h" "$ac_includes_default"
|
||||
if test "x$ac_cv_header_lzo_lzo1x_h" = x""yes; then :
|
||||
|
@ -6600,6 +6626,8 @@ fi
|
|||
done
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# Check whether --enable-jumbograms was given.
|
||||
if test "${enable_jumbograms+set}" = set; then :
|
||||
|
|
|
@ -3,7 +3,7 @@ dnl Process this file with autoconf to produce a configure script.
|
|||
AC_PREREQ(2.61)
|
||||
AC_INIT
|
||||
AC_CONFIG_SRCDIR([src/tincd.c])
|
||||
AM_INIT_AUTOMAKE(tinc, 1.0.12)
|
||||
AM_INIT_AUTOMAKE(tinc, 1.0.13)
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
AM_MAINTAINER_MODE
|
||||
|
||||
|
@ -99,7 +99,7 @@ dnl Checks for header files.
|
|||
dnl We do this in multiple stages, because unlike Linux all the other operating systems really suck and don't include their own dependencies.
|
||||
|
||||
AC_HEADER_STDC
|
||||
AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h])
|
||||
AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h])
|
||||
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h],
|
||||
[], [], [#include "have.h"]
|
||||
)
|
||||
|
|
33
debian/changelog
vendored
33
debian/changelog
vendored
|
@ -1,27 +1,24 @@
|
|||
tinc (1.0.12-2) unstable; urgency=low
|
||||
|
||||
* Remove debconf questions. Closes: #572116
|
||||
Apparently debconf may not be used to ask a question at install time and
|
||||
use the answer at upgrade time. Instead of kludging around this
|
||||
restriction, no questions are asked anymore, and tinc will now always be
|
||||
restarted when upgrading.
|
||||
* Wait up to 5 seconds for tinc daemon to stop before restarting it.
|
||||
|
||||
-- Guus Sliepen <guus@debian.org> Tue, 02 Mar 2010 14:01:36 +0100
|
||||
|
||||
tinc (1.0.12-1) unstable; urgency=low
|
||||
tinc (1.0.13-1~bpo50) lenny-backports; urgency=low
|
||||
|
||||
* New upstream release.
|
||||
* Bump Standards-Version.
|
||||
* Migrate from CDBS to debhelper.
|
||||
* Convert source package to 3.0 (quilt) format.
|
||||
* Remove useless tinc.modules.
|
||||
|
||||
-- Guus Sliepen <guus@debian.org> Thu, 02 Sep 2010 14:40:42 +0200
|
||||
|
||||
tinc (1.0.12-1~bpo50) lenny-backports; urgency=low
|
||||
|
||||
* New upstream release.
|
||||
* Keep debian/ from 1.0.11-1~bpo50.
|
||||
* Use init.d script from Michael Tokarev, allowing per-network arguments to
|
||||
tincd.
|
||||
* Remove update-rc.d calls from postinst and postrm.
|
||||
* Let the init.d script depend on $remote_fs.
|
||||
|
||||
-- Guus Sliepen <guus@debian.org> Thu, 04 Feb 2010 00:56:45 +0100
|
||||
-- Guus Sliepen <guus@debian.org> Wed, 17 Feb 2010 22:00:31 +0000
|
||||
|
||||
tinc (1.0.11-1~bpo50+1) lenny-backports; urgency=low
|
||||
|
||||
* Rebuild for lenny-backports.
|
||||
|
||||
-- Guus Sliepen <guus@debian.org> Thu, 04 Feb 2010 19:03:00 +0000
|
||||
|
||||
tinc (1.0.11-1) unstable; urgency=low
|
||||
|
||||
|
|
9
debian/config
vendored
Normal file
9
debian/config
vendored
Normal file
|
@ -0,0 +1,9 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
# Source debconf library.
|
||||
. /usr/share/debconf/confmodule
|
||||
|
||||
db_title tinc configuration
|
||||
|
||||
db_input medium tinc/restart_on_upgrade || true
|
||||
db_go
|
6
debian/control
vendored
6
debian/control
vendored
|
@ -2,13 +2,13 @@ Source: tinc
|
|||
Section: net
|
||||
Priority: optional
|
||||
Maintainer: Guus Sliepen <guus@debian.org>
|
||||
Standards-Version: 3.8.4
|
||||
Build-Depends: libssl-dev, debhelper (>= 7.0.50~), gettext, texi2html, texinfo, zlib1g-dev, liblzo2-dev
|
||||
Standards-Version: 3.8.3
|
||||
Build-Depends: libssl-dev, debhelper (>= 7), gettext, texi2html, texinfo, zlib1g-dev, cdbs, liblzo2-dev
|
||||
Homepage: http://www.tinc-vpn.org/
|
||||
|
||||
Package: tinc
|
||||
Architecture: any
|
||||
Depends: ${shlibs:Depends}, ${misc:Depends}
|
||||
Depends: debconf | debconf-2.0, ${shlibs:Depends}, ${misc:Depends}
|
||||
Description: Virtual Private Network daemon
|
||||
tinc is a daemon with which you can create a virtual private network
|
||||
(VPN). One daemon can handle multiple connections, so you can
|
||||
|
|
13
debian/init.d
vendored
13
debian/init.d
vendored
|
@ -54,18 +54,7 @@ reload() {
|
|||
$DAEMON -n $1 -kHUP
|
||||
}
|
||||
restart() {
|
||||
stop "$@"
|
||||
sleep 0.5
|
||||
i=0;
|
||||
while [ -f /var/run/tinc.$1.pid ] ; do
|
||||
if [ $i = '10' ] ; then
|
||||
break
|
||||
else
|
||||
echo -n "."
|
||||
sleep 0.5
|
||||
i=$(($i+1))
|
||||
fi
|
||||
done
|
||||
stop "$@" && sleep 1
|
||||
start "$@"
|
||||
}
|
||||
|
||||
|
|
1
debian/po/POTFILES.in
vendored
Normal file
1
debian/po/POTFILES.in
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
[type: gettext/rfc822deb] tinc.templates
|
63
debian/po/cs.po
vendored
Normal file
63
debian/po/cs.po
vendored
Normal file
|
@ -0,0 +1,63 @@
|
|||
#
|
||||
# Translators, if you are not familiar with the PO format, gettext
|
||||
# documentation is worth reading, especially sections dedicated to
|
||||
# this format, e.g. by running:
|
||||
# info -n '(gettext)PO Files'
|
||||
# info -n '(gettext)Header Entry'
|
||||
#
|
||||
# Some information specific to po-debconf are available at
|
||||
# /usr/share/doc/po-debconf/README-trans
|
||||
# or http://www.debian.org/intl/l10n/po-debconf/README-trans
|
||||
#
|
||||
# Developers do not need to manually edit POT or PO files.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.4-1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-06-10 22:44+0200\n"
|
||||
"Last-Translator: Martin Sin <martin.sin@seznam.cz>\n"
|
||||
"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=ISO-8859-2\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Restartovat tinc pøi ka¾dé aktualizaci?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Mù¾ete zvolit, zda restartovat tinc daemona poka¾dé, kdy¾ je instalována "
|
||||
"nová verze tohoto balíèku."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Nìkdy tuto mo¾nost nepotøebujete, napøíklad pokud provádíte aktualizaci "
|
||||
"pøes tunel, který je vytvoøen pomocí tinc. Zastavení tohoto daemona "
|
||||
"vám pravdìpodobnì zanechá \"mrtvé pøipojení\" a navíc se tinc nemusí znovu "
|
||||
"spustit."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Pokud zamítnete, musíte po aktualizaci restartovat tinc ruènì, zadáním "
|
||||
"pøíkazu `invoke-rc.d tinc restart' kdykoliv se vám to hodí."
|
55
debian/po/de.po
vendored
Normal file
55
debian/po/de.po
vendored
Normal file
|
@ -0,0 +1,55 @@
|
|||
# Translation of tinc debconf templates to German
|
||||
# Copyright (C) Helge Kreutzmann <debian@helgefjell.de>, 2007.
|
||||
# This file is distributed under the same license as the tinc package.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.7-1\n"
|
||||
"Report-Msgid-Bugs-To: tinc@packages.debian.org\n"
|
||||
"POT-Creation-Date: 2007-01-13 20:22+0100\n"
|
||||
"PO-Revision-Date: 2007-02-25 16:43+0100\n"
|
||||
"Last-Translator: Helge Kreutzmann <debian@helgefjell.de>\n"
|
||||
"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=ISO-8859-15\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Tinc bei jedem Upgrade neu starten?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Sie können dies auswählen, falls Sie möchten, dass jedes mal, wenn Sie eine "
|
||||
"neue Version installieren, Tinc neu gestartet werden soll."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"In manchen Situationen ist dies nicht gewollt, zum Beispiel falls Sie das "
|
||||
"Upgrade über einen Tunnel durchführen, der mit Tinc erstellt wurde. Würde "
|
||||
"dann der Daemon beendet, wäre die Kommunikation tot und Tinc könnte sich "
|
||||
"nicht neu starten."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Falls Sie hier ablehnen, müssen Sie Tinc selbst neu starten, wenn Sie ein "
|
||||
"Upgrade durchgeführt haben, indem Sie »invoke-rc.d tinc restart« eingeben, "
|
||||
"wenn es Ihnen passt."
|
62
debian/po/fr.po
vendored
Normal file
62
debian/po/fr.po
vendored
Normal file
|
@ -0,0 +1,62 @@
|
|||
#
|
||||
# Translators, if you are not familiar with the PO format, gettext
|
||||
# documentation is worth reading, especially sections dedicated to
|
||||
# this format, e.g. by running:
|
||||
# info -n '(gettext)PO Files'
|
||||
# info -n '(gettext)Header Entry'
|
||||
# Some information specific to po-debconf are available at
|
||||
# /usr/share/doc/po-debconf/README-trans
|
||||
# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
|
||||
# Developers do not need to manually edit POT or PO files.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc_1.0.3-4\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-02-18 12:42+0100\n"
|
||||
"Last-Translator: Michel Grentzinger <mic.grentz@online.fr>\n"
|
||||
"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=ISO-8859-15\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Faut-il redémarrer tinc à chaque mise à jour ?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Vous pouvez choisir de redémarrer le démon tinc à chaque fois que vous "
|
||||
"installez une nouvelle version de ce paquet."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Dans certains cas, vous devrez éviter de le faire, par exemple si vous "
|
||||
"mettez à jour à travers un tunnel créé avec tinc. Arrêter le démon "
|
||||
"laisserait sans doute une connexion inactive et tinc ne pourrait pas être "
|
||||
"redémarré."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Si vous refusez cette option, vous devrez redémarrer tinc vous-même en cas "
|
||||
"de mise à jour, avec la commande : « invoke-rc.d tinc restart », au moment "
|
||||
"où cela vous conviendra."
|
49
debian/po/ja.po
vendored
Normal file
49
debian/po/ja.po
vendored
Normal file
|
@ -0,0 +1,49 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.4-1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-06-14 21:09+0900\n"
|
||||
"Last-Translator: Atsushi Shimono <shimono@kwasan.kyoto-u.ac.jp>\n"
|
||||
"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=EUC-JP\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "アップグレードのたびに tinc を再起動しますか?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"このパッケージの新しいバージョンをインストールするたびに、tinc デーモンを"
|
||||
"再起動するかどうかを選択できます。"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"tinc のトンネルを経由してアップグレードを行っているときなど、これを行い"
|
||||
"たくないことがあると思います。デーモンを止めることで接続が失われ、tinc "
|
||||
"も再起動しなくなります。"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"これを選択しない場合、アップグレードを行った際、都合が良いときに "
|
||||
"'invoke-rc.d tinc restart' を実行して tinc を自分で再起動する必要があります。"
|
63
debian/po/nl.po
vendored
Normal file
63
debian/po/nl.po
vendored
Normal file
|
@ -0,0 +1,63 @@
|
|||
#
|
||||
# Translators, if you are not familiar with the PO format, gettext
|
||||
# documentation is worth reading, especially sections dedicated to
|
||||
# this format, e.g. by running:
|
||||
# info -n '(gettext)PO Files'
|
||||
# info -n '(gettext)Header Entry'
|
||||
#
|
||||
# Some information specific to po-debconf are available at
|
||||
# /usr/share/doc/po-debconf/README-trans
|
||||
# or http://www.debian.org/intl/l10n/po-debconf/README-trans
|
||||
#
|
||||
# Developers do not need to manually edit POT or PO files.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc_1.0.4-1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-05-04 21:40+0200\n"
|
||||
"Last-Translator: Guus Sliepen <guus@debian.org>\n"
|
||||
"Language-Team: Dutch <nl@li.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Start tinc opnieuw na iedere upgrade?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Je kunt kiezen of ik de tinc daemon opnieuw moet starten iedere keer als je "
|
||||
"een nieuwe versie van het pakket installeert."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Soms wil je dit niet doen, bij voorbeeld als je de upgrade uitvoert over een "
|
||||
"tunnel die met tinc is gemaakt. Het stoppen van tinc resulteert dan "
|
||||
"waarschijnlijk is een dode verbinding, en tinc wordt dan misschien niet "
|
||||
"opnieuw gestart."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Als je weigert, moet je zelf tinc opnieuw starten na een upgrade, door"
|
||||
"`invoke-rc.d tinc restart' in te tiepen wanneer het goed uitkomt."
|
56
debian/po/pt.po
vendored
Normal file
56
debian/po/pt.po
vendored
Normal file
|
@ -0,0 +1,56 @@
|
|||
# translation of tinc debconf to Portuguese
|
||||
# Copyright (C) 2007 Américo Monteiro
|
||||
# This file is distributed under the same license as the tinc package.
|
||||
#
|
||||
# Américo Monteiro <a_monteiro@netcabo.pt>, 2007.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc_1.0.8-1_templates\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2007-05-25 04:46+0200\n"
|
||||
"PO-Revision-Date: 2007-07-21 16:38+0100\n"
|
||||
"Last-Translator: Américo Monteiro <a_monteiro@netcabo.pt>\n"
|
||||
"Language-Team: Portuguese <traduz@debianpt.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"X-Generator: KBabel 1.11.4\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Reiniciar o tinc em cada actualização?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Você pode escolher se quer eu reinicie o serviço tinc toda a vez que instalar "
|
||||
"uma nova versão deste pacote."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Por vezes você não querer que isto aconteça, por exemplo, se estiver a fazer "
|
||||
"a actualização por um túnel que é criado pelo tinc. Parando o serviço iria provavelmente "
|
||||
"deixá-lo com uma ligação morta, e o tinc poderia não arrancar de novo."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Se recusar, terá que ser você a reiniciar o tinc se o actualizar, escrevendo "
|
||||
"'invoke-rc.d tinc restart' ou outro comando que lhe sirva."
|
||||
|
58
debian/po/ru.po
vendored
Normal file
58
debian/po/ru.po
vendored
Normal file
|
@ -0,0 +1,58 @@
|
|||
# translation of tinc_1.0.9-1_ru.po to Russian
|
||||
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
|
||||
# This file is distributed under the same license as the PACKAGE package.
|
||||
#
|
||||
# Yuri Kozlov <yuray@komyakino.ru>, 2009.
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.9-1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2008-12-27 10:27+0100\n"
|
||||
"PO-Revision-Date: 2009-09-13 09:42+0400\n"
|
||||
"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
|
||||
"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"X-Generator: KBabel 1.11.4\n"
|
||||
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Перезапускать tinc после каждого обновления?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Вы можете указать, что нужно перезапускать службу tinc каждый раз при "
|
||||
"установке новой версии данного пакета."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Иногда вы не хотели бы это делать, например, если вы производите "
|
||||
"обновление через туннель, созданный с помощью tinc. Остановка службы, "
|
||||
"скорее всего, приведёт к повисшему соединению, и tinc не сможет запуститься "
|
||||
"снова."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:1001
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Если ответите отрицательно, то вам нужно перезапустить tinc вручную с помощью "
|
||||
"команды `invoke-rc.d tinc restart' в более удобное время."
|
||||
|
62
debian/po/sv.po
vendored
Normal file
62
debian/po/sv.po
vendored
Normal file
|
@ -0,0 +1,62 @@
|
|||
# Translators, if you are not familiar with the PO format, gettext
|
||||
# documentation is worth reading, especially sections dedicated to
|
||||
# this format, e.g. by running:
|
||||
# info -n '(gettext)PO Files'
|
||||
# info -n '(gettext)Header Entry'
|
||||
# Some information specific to po-debconf are available at
|
||||
# /usr/share/doc/po-debconf/README-trans
|
||||
# or http://www.debian.org/intl/l10n/po-debconf/README-trans
|
||||
# Developers do not need to manually edit POT or PO files.
|
||||
# , fuzzy
|
||||
#
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.4-3\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-10-10 22:06+0200\n"
|
||||
"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
|
||||
"Language-Team: Swedish <sv@li.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=iso-8859-1\n"
|
||||
"Content-Transfer-Encoding: 8bit"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Starta om tinc vid varje uppgradering?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
"Du kan välja om du vill att jag startar om tinc-daemonen varje gång du installerar en "
|
||||
"ny version av detta paket."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
"Ibland vill du kanske inte göra detta, till exempel om du gör en uppgradering "
|
||||
"via en tunnel som är skapad med tinc. Stoppa daemonen skulle antagligen koppla ner "
|
||||
"förbindelsen och tinc kan inte startas igen."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
||||
"Om du vägrar måste du starta om tinc själv om du uppgraderat, genom att skriva "
|
||||
"'invoke-rc.d tinc restart' när det passar dig."
|
||||
|
56
debian/po/templates.pot
vendored
Normal file
56
debian/po/templates.pot
vendored
Normal file
|
@ -0,0 +1,56 @@
|
|||
#
|
||||
# Translators, if you are not familiar with the PO format, gettext
|
||||
# documentation is worth reading, especially sections dedicated to
|
||||
# this format, e.g. by running:
|
||||
# info -n '(gettext)PO Files'
|
||||
# info -n '(gettext)Header Entry'
|
||||
#
|
||||
# Some information specific to po-debconf are available at
|
||||
# /usr/share/doc/po-debconf/README-trans
|
||||
# or http://www.debian.org/intl/l10n/po-debconf/README-trans
|
||||
#
|
||||
# Developers do not need to manually edit POT or PO files.
|
||||
#
|
||||
#, fuzzy
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=CHARSET\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr ""
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr ""
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr ""
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr ""
|
48
debian/po/vi.po
vendored
Normal file
48
debian/po/vi.po
vendored
Normal file
|
@ -0,0 +1,48 @@
|
|||
# Vietnamese translation for tinc.
|
||||
# Copyright © 2005 Free Software Foundation, Inc.
|
||||
# Clytie Siddall <clytie@riverland.net.au>, 2005.
|
||||
#
|
||||
msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: tinc 1.0.4-2\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2004-11-11 20:06+0000\n"
|
||||
"PO-Revision-Date: 2005-08-10 17:13+0930\n"
|
||||
"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
|
||||
"Language-Team: Vietnamese <gnomevi-list@lists.sourceforge.net>\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=utf-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=1; plural=0\n"
|
||||
"X-Generator: LocFactoryEditor 1.2.2\n"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid "Restart tinc on each upgrade?"
|
||||
msgstr "Khởi chạy lại trình tinc mỗi lần nâng cấp không?"
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"You may choose if you want me to restart the tinc daemon every time you "
|
||||
"install a new version of this package."
|
||||
msgstr "Tại đây bạn có thể chọn tự động khởi chạy lại trình nền (dæmon) tinc mỗi lần bạn cài đặt phiên bản mới của gói này hay không."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"Sometimes you don't want to do this, for example if you are doing the "
|
||||
"upgrade over a tunnel that is created with tinc. Stopping the daemon would "
|
||||
"probably leave you with a dead connection, and tinc may not be started again."
|
||||
msgstr "Đôi khi bạn không muốn làm như thế, lấy thí dụ nếu bạn đang nâng cấp qua đường hầm mà tinc tạo. Trong trường hợp này, ngừng trình nền rất có thể sẽ ngắt kết nối, và có lẽ tinc sẽ không khởi chạy lại."
|
||||
|
||||
#. Type: boolean
|
||||
#. Description
|
||||
#: ../tinc.templates:4
|
||||
msgid ""
|
||||
"If you refuse, you have to restart tinc yourself if you upgraded, by typing "
|
||||
"`invoke-rc.d tinc restart' whenever it suits you."
|
||||
msgstr "Nếu bạn từ chối thì bạn cần phải tự khởi chạy lại trình tinc mỗi lần nâng cấp, bằng cách gõ lệnh « invoke-rc.d tinc restart » (gọi-rc.d tinc khởi chạy lại) khi thích hợp."
|
64
debian/postinst
vendored
64
debian/postinst
vendored
|
@ -1,9 +1,54 @@
|
|||
#! /bin/sh
|
||||
# postinst script for tinc
|
||||
#
|
||||
# $Id: postinst,v 1.6 2000/05/21 23:01:28 zarq Exp $
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
NETSFILE="/etc/tinc/nets.boot"
|
||||
TCONF="/etc/tinc"
|
||||
NETSFILE="$TCONF/nets.boot"
|
||||
RET="false"
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <postinst> `configure' <most-recently-configured-version>
|
||||
# * <old-postinst> `abort-upgrade' <new version>
|
||||
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
|
||||
# <new-version>
|
||||
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
|
||||
# <failed-install-package> <version> `removing'
|
||||
# <conflicting-package> <version>
|
||||
# for details, see /usr/doc/packaging-manual/
|
||||
#
|
||||
# quoting from the policy:
|
||||
# Any necessary prompting should almost always be confined to the
|
||||
# post-installation script, and should be protected with a conditional
|
||||
# so that unnecessary prompting doesn't happen if a package's
|
||||
# installation fails and the `postinst' is called with `abort-upgrade',
|
||||
# `abort-remove' or `abort-deconfigure'.
|
||||
|
||||
# Automatically added by dh_installinit, edited for use with debconf
|
||||
if [ -x "/etc/init.d/tinc" ]; then
|
||||
update-rc.d tinc defaults >/dev/null
|
||||
|
||||
if [ "$1" = "configure" ] ; then
|
||||
if dpkg --compare-versions "$2" lt "1.0pre5-4" ; then
|
||||
RET="true"
|
||||
else
|
||||
if [ -e /usr/share/debconf/confmodule ] ; then
|
||||
. /usr/share/debconf/confmodule
|
||||
db_get tinc/restart_on_upgrade
|
||||
db_stop
|
||||
else
|
||||
RET="true"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
# End automatically added section
|
||||
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
if [ ! -e /dev/.devfsd ] ; then if [ ! -e /dev/.devfs ] ; then
|
||||
|
@ -16,9 +61,17 @@ case "$1" in
|
|||
if [ ! -e $NETSFILE ] ; then
|
||||
echo "## This file contains all names of the networks to be started on system startup." > $NETSFILE
|
||||
fi
|
||||
;;
|
||||
|
||||
if [ "$RET" = "true" ] ; then
|
||||
invoke-rc.d tinc restart
|
||||
else
|
||||
echo "I have not stopped or restarted the tinc daemon. You should do this"
|
||||
echo "yourself whenever you're ready; type \`\`invoke-rc.d tinc restart''."
|
||||
fi
|
||||
;;
|
||||
|
||||
abort-upgrade|abort-remove|abort-deconfigure)
|
||||
|
||||
;;
|
||||
|
||||
*)
|
||||
|
@ -27,4 +80,11 @@ case "$1" in
|
|||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
||||
|
||||
|
|
5
debian/postrm
vendored
5
debian/postrm
vendored
|
@ -1,9 +1,10 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# Automatically added by package maintainer
|
||||
if [ "$1" = purge ]; then
|
||||
rm -f /etc/tinc/nets.boot
|
||||
update-rc.d tinc remove >/dev/null 2>/dev/null
|
||||
fi
|
||||
# End automatically added section
|
||||
|
||||
#DEBHELPER#
|
||||
|
|
20
debian/prerm
vendored
Normal file
20
debian/prerm
vendored
Normal file
|
@ -0,0 +1,20 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# Automatically added by dh_installinit, edited for use with debconf
|
||||
if [ -x "/etc/init.d/tinc" -a "$1" != "upgrade" ]; then
|
||||
if [ -e /usr/share/debconf/confmodule ] ; then
|
||||
. /usr/share/debconf/confmodule
|
||||
db_get tinc/restart_on_upgrade
|
||||
if [ "$RET" = "true" ] ; then
|
||||
invoke-rc.d tinc stop
|
||||
fi
|
||||
db_stop
|
||||
else
|
||||
invoke-rc.d tinc stop
|
||||
fi
|
||||
fi
|
||||
# End automatically added section
|
||||
|
||||
#DEBHELPER#
|
42
debian/rules
vendored
42
debian/rules
vendored
|
@ -1,33 +1,21 @@
|
|||
#!/usr/bin/make -f
|
||||
# -*- makefile -*-
|
||||
# Sample debian/rules that uses debhelper.
|
||||
# This file was originally written by Joey Hess and Craig Small.
|
||||
# As a special exception, when this file is copied by dh-make into a
|
||||
# dh-make output file, you may use that output file without restriction.
|
||||
# This special exception was added by Craig Small in version 0.37 of dh-make.
|
||||
|
||||
# Uncomment this to turn on verbose mode.
|
||||
#export DH_VERBOSE=1
|
||||
include /usr/share/cdbs/1/rules/debhelper.mk
|
||||
#include /usr/share/cdbs/1/rules/simple-patchsys.mk
|
||||
include /usr/share/cdbs/1/class/autotools.mk
|
||||
|
||||
%:
|
||||
dh $@
|
||||
# A bit of a kludge, we have our own init.d handling in postinst, but
|
||||
# cdbs calls dh_installinit anyway.
|
||||
DEB_DH_INSTALLINIT_ARGS = -n
|
||||
|
||||
override_dh_auto_build:
|
||||
dh_auto_build
|
||||
cd doc && $(MAKE) texi2html
|
||||
|
||||
override_dh_auto_install:
|
||||
dh_auto_install
|
||||
clean::
|
||||
rm -rf src/device.c doc/tinc
|
||||
build/tinc::
|
||||
cd doc && $(MAKE) texi2html
|
||||
binary-post-install/tinc::
|
||||
# Guess where texi2html installed its output today...
|
||||
[ -f doc/tinc/tinc.html ] \
|
||||
&& mv doc/tinc/*.html debian/tinc/usr/share/doc/tinc/ \
|
||||
|| mv doc/*.html debian/tinc/usr/share/doc/tinc/
|
||||
# Remove info dir file
|
||||
rm -f debian/tinc/usr/share/info/dir
|
||||
|
||||
override_dh_installinit:
|
||||
dh_installinit -R
|
||||
|
||||
override_dh_clean:
|
||||
dh_clean
|
||||
rm -f src/device.c
|
||||
&& mv -v doc/tinc/*.html debian/$(cdbs_curpkg)/usr/share/doc/$(cdbs_curpkg)/ \
|
||||
|| mv -v doc/*.html debian/$(cdbs_curpkg)/usr/share/doc/$(cdbs_curpkg)/
|
||||
rm -f debian/$(cdbs_curpkg)/usr/share/info/dir*
|
||||
cd debian/$(cdbs_curpkg)/usr/share/doc/$(cdbs_curpkg)/ && tar xzf ../../../../../../doc/sample-config.tar.gz && mv sample-config examples && rm -rf examples/CVS examples/hosts/CVS
|
||||
|
|
1
debian/source/format
vendored
1
debian/source/format
vendored
|
@ -1 +0,0 @@
|
|||
3.0 (quilt)
|
12
debian/tinc.modules
vendored
Normal file
12
debian/tinc.modules
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
alias char-major-36 netlink_dev
|
||||
alias char-major-10-200 tun
|
||||
|
||||
alias tap0 ethertap
|
||||
alias tap1 ethertap
|
||||
alias tap2 ethertap
|
||||
alias tap3 ethertap
|
||||
|
||||
options tap0 -o tap0 -x unit=0
|
||||
options tap1 -o tap1 -x unit=1
|
||||
options tap2 -o tap2 -x unit=2
|
||||
options tap3 -o tap3 -x unit=3
|
14
debian/tinc.templates
vendored
Normal file
14
debian/tinc.templates
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
Template: tinc/restart_on_upgrade
|
||||
Type: boolean
|
||||
Default: true
|
||||
_Description: Restart tinc on each upgrade?
|
||||
You may choose if you want me to restart the tinc daemon every time you
|
||||
install a new version of this package.
|
||||
.
|
||||
Sometimes you don't want to do this, for example if you are doing the
|
||||
upgrade over a tunnel that is created with tinc. Stopping the daemon
|
||||
would probably leave you with a dead connection, and tinc may not be
|
||||
started again.
|
||||
.
|
||||
If you refuse, you have to restart tinc yourself if you upgraded, by
|
||||
typing `invoke-rc.d tinc restart' whenever it suits you.
|
Binary file not shown.
|
@ -199,6 +199,32 @@ Tinc will expect packets read from the virtual network device
|
|||
to start with an Ethernet header.
|
||||
.El
|
||||
|
||||
.It Va DirectOnly Li = yes | no Po no Pc Bq experimental
|
||||
When this option is enabled, packets that cannot be sent directly to the destination node,
|
||||
but which would have to be forwarded by an intermediate node, are dropped instead.
|
||||
When combined with the IndirectData option,
|
||||
packets for nodes for which we do not have a meta connection with are also dropped.
|
||||
|
||||
.It Va Forwarding Li = off | internal | kernel Po internal Pc Bq experimental
|
||||
This option selects the way indirect packets are forwarded.
|
||||
.Bl -tag -width indent
|
||||
|
||||
.It off
|
||||
Incoming packets that are not meant for the local node,
|
||||
but which should be forwarded to another node, are dropped.
|
||||
|
||||
.It internal
|
||||
Incoming packets that are meant for another node are forwarded by tinc internally.
|
||||
|
||||
.Pp
|
||||
This is the default mode, and unless you really know you need another forwarding mode, don't change it.
|
||||
|
||||
.It kernel
|
||||
Incoming packets are always sent to the TUN/TAP device, even if the packets are not for the local node.
|
||||
This is less efficient, but allows the kernel to apply its routing and firewall rules on them,
|
||||
and can also help debugging.
|
||||
.El
|
||||
|
||||
.It Va GraphDumpFile Li = Ar filename Bq experimental
|
||||
If this option is present,
|
||||
.Nm tinc
|
||||
|
@ -308,11 +334,18 @@ specified in the configuration file.
|
|||
When this option is used the priority of the tincd process will be adjusted.
|
||||
Increasing the priority may help to reduce latency and packet loss on the VPN.
|
||||
|
||||
.It Va TunnelServer Li = yes | no Po no Pc Bq experimental
|
||||
When this option is enabled tinc will no longer forward information between other tinc daemons,
|
||||
and will only allow nodes and subnets on the VPN which are present in the
|
||||
.It Va StrictSubnets Li = yes | no Po no Pc Bq experimental
|
||||
When this option is enabled tinc will only use Subnet statements which are
|
||||
present in the host config files in the local
|
||||
.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/
|
||||
directory.
|
||||
|
||||
.It Va TunnelServer Li = yes | no Po no Pc Bq experimental
|
||||
When this option is enabled tinc will no longer forward information between other tinc daemons,
|
||||
and will only allow connections with nodes for which host config files are present in the local
|
||||
.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/
|
||||
directory.
|
||||
Setting this options also implicitly sets StrictSubnets.
|
||||
.El
|
||||
|
||||
.Sh HOST CONFIGURATION FILES
|
||||
|
|
149
doc/tinc.info
149
doc/tinc.info
|
@ -5,7 +5,7 @@ START-INFO-DIR-ENTRY
|
|||
* tinc: (tinc). The tinc Manual.
|
||||
END-INFO-DIR-ENTRY
|
||||
|
||||
This is the info manual for tinc version 1.0.12, a Virtual Private
|
||||
This is the info manual for tinc version 1.0.13, a Virtual Private
|
||||
Network daemon.
|
||||
|
||||
Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen
|
||||
|
@ -738,6 +738,33 @@ DeviceType = <tun|tunnohead|tunifhead|tap> (only supported on BSD platforms)
|
|||
Set type to tap. Tinc will expect packets read from the
|
||||
virtual network device to start with an Ethernet header.
|
||||
|
||||
DirectOnly = <yes|no> (no) [experimental]
|
||||
When this option is enabled, packets that cannot be sent directly
|
||||
to the destination node, but which would have to be forwarded by
|
||||
an intermediate node, are dropped instead. When combined with the
|
||||
IndirectData option, packets for nodes for which we do not have a
|
||||
meta connection with are also dropped.
|
||||
|
||||
Forwarding = <off|internal|kernel> (internal) [experimental]
|
||||
This option selects the way indirect packets are forwarded.
|
||||
|
||||
off
|
||||
Incoming packets that are not meant for the local node, but
|
||||
which should be forwarded to another node, are dropped.
|
||||
|
||||
internal
|
||||
Incoming packets that are meant for another node are
|
||||
forwarded by tinc internally.
|
||||
|
||||
This is the default mode, and unless you really know you need
|
||||
another forwarding mode, don't change it.
|
||||
|
||||
kernel
|
||||
Incoming packets are always sent to the TUN/TAP device, even
|
||||
if the packets are not for the local node. This is less
|
||||
efficient, but allows the kernel to apply its routing and
|
||||
firewall rules on them, and can also help debugging.
|
||||
|
||||
GraphDumpFile = <FILENAME> [experimental]
|
||||
If this option is present, tinc will dump the current network
|
||||
graph to the file FILENAME every minute, unless there were no
|
||||
|
@ -842,11 +869,17 @@ ProcessPriority = <low|normal|high>
|
|||
adjusted. Increasing the priority may help to reduce latency and
|
||||
packet loss on the VPN.
|
||||
|
||||
StrictSubnets <yes|no> (no) [experimental]
|
||||
When this option is enabled tinc will only use Subnet statements
|
||||
which are present in the host config files in the local
|
||||
`/etc/tinc/NETNAME/hosts/' directory.
|
||||
|
||||
TunnelServer = <yes|no> (no) [experimental]
|
||||
When this option is enabled tinc will no longer forward
|
||||
information between other tinc daemons, and will only allow nodes
|
||||
and subnets on the VPN which are present in the
|
||||
`/etc/tinc/NETNAME/hosts/' directory.
|
||||
information between other tinc daemons, and will only allow
|
||||
connections with nodes for which host config files are present in
|
||||
the local `/etc/tinc/NETNAME/hosts/' directory. Setting this
|
||||
options also implicitly sets StrictSubnets.
|
||||
|
||||
|
||||
|
||||
|
@ -1200,9 +1233,9 @@ _BranchA_ would be configured like this:
|
|||
|
||||
Note that the IP addresses of eth0 and tap0 are the same. This is
|
||||
quite possible, if you make sure that the netmasks of the interfaces
|
||||
are different. It is in fact recommended to give give both real
|
||||
internal network interfaces and tap interfaces the same IP address,
|
||||
since that will make things a lot easier to remember and set up.
|
||||
are different. It is in fact recommended to give both real internal
|
||||
network interfaces and tap interfaces the same IP address, since that
|
||||
will make things a lot easier to remember and set up.
|
||||
|
||||
For Branch B
|
||||
............
|
||||
|
@ -1220,8 +1253,8 @@ In `/etc/tinc/company/tinc-up':
|
|||
ConnectTo = BranchA
|
||||
|
||||
Note here that the internal address (on eth0) doesn't have to be the
|
||||
same as on the tap0 device. Also, ConnectTo is given so that no-one can
|
||||
connect to this node.
|
||||
same as on the tap0 device. Also, ConnectTo is given so that this node
|
||||
will always try to connect to BranchA.
|
||||
|
||||
On all hosts, in `/etc/tinc/company/hosts/BranchB':
|
||||
|
||||
|
@ -2258,47 +2291,51 @@ Concept Index
|
|||
(line 45)
|
||||
* Digest: Host configuration variables.
|
||||
(line 29)
|
||||
* DirectOnly: Main configuration variables.
|
||||
(line 73)
|
||||
* encapsulating: The UDP tunnel. (line 30)
|
||||
* encryption: Encryption of network packets.
|
||||
(line 6)
|
||||
* environment variables: Scripts. (line 43)
|
||||
* example: Example configuration.
|
||||
(line 6)
|
||||
* Forwarding: Main configuration variables.
|
||||
(line 80)
|
||||
* frame type: The UDP tunnel. (line 6)
|
||||
* GraphDumpFile: Main configuration variables.
|
||||
(line 73)
|
||||
(line 100)
|
||||
* Hostnames: Main configuration variables.
|
||||
(line 81)
|
||||
(line 108)
|
||||
* hub: Main configuration variables.
|
||||
(line 122)
|
||||
(line 149)
|
||||
* ID: Authentication protocol.
|
||||
(line 10)
|
||||
* IndirectData: Host configuration variables.
|
||||
(line 34)
|
||||
* INTERFACE: Scripts. (line 58)
|
||||
* Interface: Main configuration variables.
|
||||
(line 91)
|
||||
(line 118)
|
||||
* IRC: Contact information. (line 9)
|
||||
* key generation: Generating keypairs. (line 6)
|
||||
* KEY_CHANGED: The meta-protocol. (line 64)
|
||||
* KeyExpire: Main configuration variables.
|
||||
(line 127)
|
||||
(line 154)
|
||||
* libraries: Libraries. (line 6)
|
||||
* license: OpenSSL. (line 36)
|
||||
* lzo: lzo. (line 6)
|
||||
* MACExpire: Main configuration variables.
|
||||
(line 133)
|
||||
(line 160)
|
||||
* MACLength: Host configuration variables.
|
||||
(line 42)
|
||||
* meta-protocol: The meta-connection. (line 18)
|
||||
* META_KEY: Authentication protocol.
|
||||
(line 10)
|
||||
* Mode: Main configuration variables.
|
||||
(line 99)
|
||||
(line 126)
|
||||
* multiple networks: Multiple networks. (line 6)
|
||||
* NAME: Scripts. (line 52)
|
||||
* Name: Main configuration variables.
|
||||
(line 138)
|
||||
(line 165)
|
||||
* netmask: Network interfaces. (line 34)
|
||||
* NETNAME: Scripts. (line 49)
|
||||
* netname: Multiple networks. (line 6)
|
||||
|
@ -2311,9 +2348,9 @@ Concept Index
|
|||
(line 67)
|
||||
* PING: The meta-protocol. (line 89)
|
||||
* PingInterval: Main configuration variables.
|
||||
(line 143)
|
||||
(line 170)
|
||||
* PingTimeout: Main configuration variables.
|
||||
(line 147)
|
||||
(line 174)
|
||||
* platforms: Supported platforms. (line 6)
|
||||
* PMTU: Host configuration variables.
|
||||
(line 47)
|
||||
|
@ -2324,15 +2361,15 @@ Concept Index
|
|||
(line 55)
|
||||
* port numbers: Other files. (line 17)
|
||||
* PriorityInheritance: Main configuration variables.
|
||||
(line 153)
|
||||
(line 180)
|
||||
* private: Virtual Private Networks.
|
||||
(line 10)
|
||||
* PrivateKey: Main configuration variables.
|
||||
(line 158)
|
||||
(line 185)
|
||||
* PrivateKeyFile: Main configuration variables.
|
||||
(line 164)
|
||||
(line 191)
|
||||
* ProcessPriority: Main configuration variables.
|
||||
(line 172)
|
||||
(line 199)
|
||||
* PublicKey: Host configuration variables.
|
||||
(line 59)
|
||||
* PublicKeyFile: Host configuration variables.
|
||||
|
@ -2343,13 +2380,15 @@ Concept Index
|
|||
* REQ_KEY: The meta-protocol. (line 64)
|
||||
* requirements: Libraries. (line 6)
|
||||
* router: Main configuration variables.
|
||||
(line 102)
|
||||
(line 129)
|
||||
* runtime options: Runtime options. (line 9)
|
||||
* scalability: tinc. (line 19)
|
||||
* scripts: Scripts. (line 6)
|
||||
* server: How connections work.
|
||||
(line 18)
|
||||
* signals: Signals. (line 6)
|
||||
* StrictSubnets: Main configuration variables.
|
||||
(line 204)
|
||||
* SUBNET: Scripts. (line 74)
|
||||
* Subnet: Host configuration variables.
|
||||
(line 74)
|
||||
|
@ -2357,7 +2396,7 @@ Concept Index
|
|||
(line 97)
|
||||
* SVPN: Security. (line 11)
|
||||
* switch: Main configuration variables.
|
||||
(line 111)
|
||||
(line 138)
|
||||
* TCP: The meta-connection. (line 10)
|
||||
* TCPonly: Host configuration variables.
|
||||
(line 104)
|
||||
|
@ -2371,7 +2410,7 @@ Concept Index
|
|||
* tunifhead: Main configuration variables.
|
||||
(line 62)
|
||||
* TunnelServer: Main configuration variables.
|
||||
(line 177)
|
||||
(line 209)
|
||||
* tunnohead: Main configuration variables.
|
||||
(line 56)
|
||||
* UDP <1>: Encryption of network packets.
|
||||
|
@ -2424,34 +2463,34 @@ Node: Multiple networks21168
|
|||
Node: How connections work22594
|
||||
Node: Configuration files23816
|
||||
Node: Main configuration variables24823
|
||||
Node: Host configuration variables32865
|
||||
Node: Scripts38276
|
||||
Node: How to configure41046
|
||||
Node: Generating keypairs42309
|
||||
Node: Network interfaces42808
|
||||
Node: Example configuration44656
|
||||
Node: Running tinc49968
|
||||
Node: Runtime options50558
|
||||
Node: Signals53353
|
||||
Node: Debug levels54422
|
||||
Node: Solving problems55358
|
||||
Node: Error messages56910
|
||||
Node: Sending bug reports60923
|
||||
Node: Technical information61875
|
||||
Node: The connection62106
|
||||
Node: The UDP tunnel62418
|
||||
Node: The meta-connection65479
|
||||
Node: The meta-protocol66948
|
||||
Node: Security71957
|
||||
Node: Authentication protocol73087
|
||||
Node: Encryption of network packets78091
|
||||
Node: Security issues79464
|
||||
Node: Platform specific information81081
|
||||
Node: Interface configuration81309
|
||||
Node: Routes83208
|
||||
Node: About us85124
|
||||
Node: Contact information85299
|
||||
Node: Authors85703
|
||||
Node: Concept Index86108
|
||||
Node: Host configuration variables34334
|
||||
Node: Scripts39745
|
||||
Node: How to configure42515
|
||||
Node: Generating keypairs43778
|
||||
Node: Network interfaces44277
|
||||
Node: Example configuration46125
|
||||
Node: Running tinc51448
|
||||
Node: Runtime options52038
|
||||
Node: Signals54833
|
||||
Node: Debug levels55902
|
||||
Node: Solving problems56838
|
||||
Node: Error messages58390
|
||||
Node: Sending bug reports62403
|
||||
Node: Technical information63355
|
||||
Node: The connection63586
|
||||
Node: The UDP tunnel63898
|
||||
Node: The meta-connection66959
|
||||
Node: The meta-protocol68428
|
||||
Node: Security73437
|
||||
Node: Authentication protocol74567
|
||||
Node: Encryption of network packets79571
|
||||
Node: Security issues80944
|
||||
Node: Platform specific information82561
|
||||
Node: Interface configuration82789
|
||||
Node: Routes84688
|
||||
Node: About us86604
|
||||
Node: Contact information86779
|
||||
Node: Authors87183
|
||||
Node: Concept Index87588
|
||||
|
||||
End Tag Table
|
||||
|
|
|
@ -818,6 +818,33 @@ Tinc will expect packets read from the virtual network device
|
|||
to start with an Ethernet header.
|
||||
@end table
|
||||
|
||||
@cindex DirectOnly
|
||||
@item DirectOnly = <yes|no> (no) [experimental]
|
||||
When this option is enabled, packets that cannot be sent directly to the destination node,
|
||||
but which would have to be forwarded by an intermediate node, are dropped instead.
|
||||
When combined with the IndirectData option,
|
||||
packets for nodes for which we do not have a meta connection with are also dropped.
|
||||
|
||||
@cindex Forwarding
|
||||
@item Forwarding = <off|internal|kernel> (internal) [experimental]
|
||||
This option selects the way indirect packets are forwarded.
|
||||
|
||||
@table @asis
|
||||
@item off
|
||||
Incoming packets that are not meant for the local node,
|
||||
but which should be forwarded to another node, are dropped.
|
||||
|
||||
@item internal
|
||||
Incoming packets that are meant for another node are forwarded by tinc internally.
|
||||
|
||||
This is the default mode, and unless you really know you need another forwarding mode, don't change it.
|
||||
|
||||
@item kernel
|
||||
Incoming packets are always sent to the TUN/TAP device, even if the packets are not for the local node.
|
||||
This is less efficient, but allows the kernel to apply its routing and firewall rules on them,
|
||||
and can also help debugging.
|
||||
@end table
|
||||
|
||||
@cindex GraphDumpFile
|
||||
@item GraphDumpFile = <@var{filename}> [experimental]
|
||||
If this option is present,
|
||||
|
@ -928,11 +955,18 @@ specified in the configuration file.
|
|||
When this option is used the priority of the tincd process will be adjusted.
|
||||
Increasing the priority may help to reduce latency and packet loss on the VPN.
|
||||
|
||||
@cindex StrictSubnets
|
||||
@item StrictSubnets <yes|no> (no) [experimental]
|
||||
When this option is enabled tinc will only use Subnet statements which are
|
||||
present in the host config files in the local
|
||||
@file{@value{sysconfdir}/tinc/@var{netname}/hosts/} directory.
|
||||
|
||||
@cindex TunnelServer
|
||||
@item TunnelServer = <yes|no> (no) [experimental]
|
||||
When this option is enabled tinc will no longer forward information between other tinc daemons,
|
||||
and will only allow nodes and subnets on the VPN which are present in the
|
||||
and will only allow connections with nodes for which host config files are present in the local
|
||||
@file{@value{sysconfdir}/tinc/@var{netname}/hosts/} directory.
|
||||
Setting this options also implicitly sets StrictSubnets.
|
||||
|
||||
@end table
|
||||
|
||||
|
@ -1314,7 +1348,7 @@ Address = 1.2.3.4
|
|||
|
||||
Note that the IP addresses of eth0 and tap0 are the same.
|
||||
This is quite possible, if you make sure that the netmasks of the interfaces are different.
|
||||
It is in fact recommended to give give both real internal network interfaces and tap interfaces the same IP address,
|
||||
It is in fact recommended to give both real internal network interfaces and tap interfaces the same IP address,
|
||||
since that will make things a lot easier to remember and set up.
|
||||
|
||||
|
||||
|
@ -1337,8 +1371,8 @@ ConnectTo = BranchA
|
|||
@end example
|
||||
|
||||
Note here that the internal address (on eth0) doesn't have to be the
|
||||
same as on the tap0 device. Also, ConnectTo is given so that no-one can
|
||||
connect to this node.
|
||||
same as on the tap0 device. Also, ConnectTo is given so that this node will
|
||||
always try to connect to BranchA.
|
||||
|
||||
On all hosts, in @file{@value{sysconfdir}/tinc/company/hosts/BranchB}:
|
||||
|
||||
|
|
4
have.h
4
have.h
|
@ -96,6 +96,10 @@
|
|||
#include <sys/uio.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_DIRENT_H
|
||||
#include <dirent.h>
|
||||
#endif
|
||||
|
||||
/* SunOS really wants sys/socket.h BEFORE net/if.h,
|
||||
and FreeBSD wants these lines below the rest. */
|
||||
|
||||
|
|
|
@ -45,6 +45,10 @@
|
|||
#define ICMP_NET_UNREACH 0
|
||||
#endif
|
||||
|
||||
#ifndef ICMP_NET_ANO
|
||||
#define ICMP_NET_ANO 9
|
||||
#endif
|
||||
|
||||
#ifndef IP_MSS
|
||||
#define IP_MSS 576
|
||||
#endif
|
||||
|
|
|
@ -95,6 +95,7 @@ struct icmp6_hdr {
|
|||
#define ICMP6_DST_UNREACH_NOROUTE 0
|
||||
#define ICMP6_DST_UNREACH 1
|
||||
#define ICMP6_PACKET_TOO_BIG 2
|
||||
#define ICMP6_DST_UNREACH_ADMIN 1
|
||||
#define ICMP6_DST_UNREACH_ADDR 3
|
||||
#define ND_NEIGHBOR_SOLICIT 135
|
||||
#define ND_NEIGHBOR_ADVERT 136
|
||||
|
|
71
m4/lzo.m4
71
m4/lzo.m4
|
@ -2,41 +2,46 @@ dnl Check to find the lzo headers/libraries
|
|||
|
||||
AC_DEFUN([tinc_LZO],
|
||||
[
|
||||
AC_ARG_WITH(lzo,
|
||||
AS_HELP_STRING([--with-lzo=DIR], [lzo base directory, or:]),
|
||||
[lzo="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"]
|
||||
)
|
||||
AC_ARG_ENABLE([lzo],
|
||||
AS_HELP_STRING([--disable-lzo], [disable lzo compression support]))
|
||||
AS_IF([test "x$enable_lzo" != "xno"], [
|
||||
AC_DEFINE(HAVE_LZO, 1, [enable lzo compression support])
|
||||
AC_ARG_WITH(lzo,
|
||||
AS_HELP_STRING([--with-lzo=DIR], [lzo base directory, or:]),
|
||||
[lzo="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"]
|
||||
)
|
||||
|
||||
AC_ARG_WITH(lzo-include,
|
||||
AS_HELP_STRING([--with-lzo-include=DIR], [lzo headers directory]),
|
||||
[lzo_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"]
|
||||
)
|
||||
AC_ARG_WITH(lzo-include,
|
||||
AS_HELP_STRING([--with-lzo-include=DIR], [lzo headers directory]),
|
||||
[lzo_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"]
|
||||
)
|
||||
|
||||
AC_ARG_WITH(lzo-lib,
|
||||
AS_HELP_STRING([--with-lzo-lib=DIR], [lzo library directory]),
|
||||
[lzo_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"]
|
||||
)
|
||||
AC_ARG_WITH(lzo-lib,
|
||||
AS_HELP_STRING([--with-lzo-lib=DIR], [lzo library directory]),
|
||||
[lzo_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"]
|
||||
)
|
||||
|
||||
AC_CHECK_LIB(lzo2, lzo1x_1_compress,
|
||||
[LIBS="$LIBS -llzo2"],
|
||||
[AC_CHECK_LIB(lzo, lzo1x_1_compress,
|
||||
[LIBS="$LIBS -llzo"],
|
||||
[AC_MSG_ERROR("lzo libraries not found."); break]
|
||||
)]
|
||||
)
|
||||
|
||||
AC_CHECK_HEADERS(lzo/lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo/lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_CHECK_HEADERS(lzo2/lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo2/lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_CHECK_HEADERS(lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_MSG_ERROR("lzo header files not found."); break]
|
||||
AC_CHECK_LIB(lzo2, lzo1x_1_compress,
|
||||
[LIBS="$LIBS -llzo2"],
|
||||
[AC_CHECK_LIB(lzo, lzo1x_1_compress,
|
||||
[LIBS="$LIBS -llzo"],
|
||||
[AC_MSG_ERROR("lzo libraries not found."); break]
|
||||
)]
|
||||
)]
|
||||
)
|
||||
)
|
||||
|
||||
AC_CHECK_HEADERS(lzo/lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo/lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_CHECK_HEADERS(lzo2/lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo2/lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_CHECK_HEADERS(lzo1x.h,
|
||||
[AC_DEFINE(LZO1X_H, [<lzo1x.h>], [Location of lzo1x.h])],
|
||||
[AC_MSG_ERROR("lzo header files not found."); break]
|
||||
)]
|
||||
)]
|
||||
)
|
||||
])
|
||||
])
|
||||
|
|
53
m4/zlib.m4
53
m4/zlib.m4
|
@ -2,32 +2,37 @@ dnl Check to find the zlib headers/libraries
|
|||
|
||||
AC_DEFUN([tinc_ZLIB],
|
||||
[
|
||||
AC_ARG_WITH(zlib,
|
||||
AS_HELP_STRING([--with-zlib=DIR], [zlib base directory, or:]),
|
||||
[zlib="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"]
|
||||
)
|
||||
AC_ARG_ENABLE([zlib],
|
||||
AS_HELP_STRING([--disable-zlib], [disable zlib compression support]))
|
||||
AS_IF([test "x$enable_zlib" != "xno"], [
|
||||
AC_DEFINE(HAVE_ZLIB, 1, [have zlib compression support])
|
||||
AC_ARG_WITH(zlib,
|
||||
AS_HELP_STRING([--with-zlib=DIR], [zlib base directory, or:]),
|
||||
[zlib="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval/include"
|
||||
LDFLAGS="$LDFLAGS -L$withval/lib"]
|
||||
)
|
||||
|
||||
AC_ARG_WITH(zlib-include,
|
||||
AS_HELP_STRING([--with-zlib-include=DIR], [zlib headers directory]),
|
||||
[zlib_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"]
|
||||
)
|
||||
AC_ARG_WITH(zlib-include,
|
||||
AS_HELP_STRING([--with-zlib-include=DIR], [zlib headers directory]),
|
||||
[zlib_include="$withval"
|
||||
CPPFLAGS="$CPPFLAGS -I$withval"]
|
||||
)
|
||||
|
||||
AC_ARG_WITH(zlib-lib,
|
||||
AS_HELP_STRING([--with-zlib-lib=DIR], [zlib library directory]),
|
||||
[zlib_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"]
|
||||
)
|
||||
AC_ARG_WITH(zlib-lib,
|
||||
AS_HELP_STRING([--with-zlib-lib=DIR], [zlib library directory]),
|
||||
[zlib_lib="$withval"
|
||||
LDFLAGS="$LDFLAGS -L$withval"]
|
||||
)
|
||||
|
||||
AC_CHECK_HEADERS(zlib.h,
|
||||
[],
|
||||
[AC_MSG_ERROR("zlib header files not found."); break]
|
||||
)
|
||||
AC_CHECK_HEADERS(zlib.h,
|
||||
[],
|
||||
[AC_MSG_ERROR("zlib header files not found."); break]
|
||||
)
|
||||
|
||||
AC_CHECK_LIB(z, compress2,
|
||||
[LIBS="$LIBS -lz"],
|
||||
[AC_MSG_ERROR("zlib libraries not found.")]
|
||||
)
|
||||
AC_CHECK_LIB(z, compress2,
|
||||
[LIBS="$LIBS -lz"],
|
||||
[AC_MSG_ERROR("zlib libraries not found.")]
|
||||
)
|
||||
])
|
||||
])
|
||||
|
|
116
src/conf.c
116
src/conf.c
|
@ -26,6 +26,7 @@
|
|||
#include "conf.h"
|
||||
#include "logger.h"
|
||||
#include "netutl.h" /* for str2address */
|
||||
#include "protocol.h"
|
||||
#include "utils.h" /* for cp */
|
||||
#include "xalloc.h"
|
||||
|
||||
|
@ -206,111 +207,60 @@ bool get_config_subnet(const config_t *cfg, subnet_t ** result) {
|
|||
}
|
||||
|
||||
/*
|
||||
Read exactly one line and strip the trailing newline if any. If the
|
||||
file was on EOF, return NULL. Otherwise, return all the data in a
|
||||
dynamically allocated buffer.
|
||||
|
||||
If line is non-NULL, it will be used as an initial buffer, to avoid
|
||||
unnecessary mallocing each time this function is called. If buf is
|
||||
given, and buf needs to be expanded, the var pointed to by buflen
|
||||
will be increased.
|
||||
Read exactly one line and strip the trailing newline if any.
|
||||
*/
|
||||
static char *readline(FILE * fp, char **buf, size_t *buflen) {
|
||||
static char *readline(FILE * fp, char *buf, size_t buflen) {
|
||||
char *newline = NULL;
|
||||
char *p;
|
||||
char *line; /* The array that contains everything that has been read so far */
|
||||
char *idx; /* Read into this pointer, which points to an offset within line */
|
||||
size_t size, newsize; /* The size of the current array pointed to by line */
|
||||
size_t maxlen; /* Maximum number of characters that may be read with fgets. This is newsize - oldsize. */
|
||||
|
||||
if(feof(fp))
|
||||
return NULL;
|
||||
|
||||
if(buf && buflen) {
|
||||
size = *buflen;
|
||||
line = *buf;
|
||||
} else {
|
||||
size = 100;
|
||||
line = xmalloc(size);
|
||||
}
|
||||
p = fgets(buf, buflen, fp);
|
||||
|
||||
maxlen = size;
|
||||
idx = line;
|
||||
*idx = 0;
|
||||
if(!p)
|
||||
return NULL;
|
||||
|
||||
for(;;) {
|
||||
errno = 0;
|
||||
p = fgets(idx, maxlen, fp);
|
||||
newline = strchr(p, '\n');
|
||||
|
||||
if(!p) { /* EOF or error */
|
||||
if(feof(fp))
|
||||
break;
|
||||
if(!newline)
|
||||
return NULL;
|
||||
|
||||
/* otherwise: error; let the calling function print an error message if applicable */
|
||||
free(line);
|
||||
return NULL;
|
||||
}
|
||||
*newline = '\0'; /* kill newline */
|
||||
if(newline > p && newline[-1] == '\r') /* and carriage return if necessary */
|
||||
newline[-1] = '\0';
|
||||
|
||||
newline = strchr(p, '\n');
|
||||
|
||||
if(!newline) { /* We haven't yet read everything to the end of the line */
|
||||
newsize = size << 1;
|
||||
line = xrealloc(line, newsize);
|
||||
idx = &line[size - 1];
|
||||
maxlen = newsize - size + 1;
|
||||
size = newsize;
|
||||
} else {
|
||||
*newline = '\0'; /* kill newline */
|
||||
if(newline > p && newline[-1] == '\r') /* and carriage return if necessary */
|
||||
newline[-1] = '\0';
|
||||
break; /* yay */
|
||||
}
|
||||
}
|
||||
|
||||
if(buf && buflen) {
|
||||
*buflen = size;
|
||||
*buf = line;
|
||||
}
|
||||
|
||||
return line;
|
||||
return buf;
|
||||
}
|
||||
|
||||
/*
|
||||
Parse a configuration file and put the results in the configuration tree
|
||||
starting at *base.
|
||||
*/
|
||||
int read_config_file(avl_tree_t *config_tree, const char *fname) {
|
||||
int err = -2; /* Parse error */
|
||||
bool read_config_file(avl_tree_t *config_tree, const char *fname) {
|
||||
FILE *fp;
|
||||
char *buffer, *line;
|
||||
char buffer[MAX_STRING_SIZE];
|
||||
char *line;
|
||||
char *variable, *value, *eol;
|
||||
int lineno = 0;
|
||||
int len;
|
||||
bool ignore = false;
|
||||
config_t *cfg;
|
||||
size_t bufsize;
|
||||
bool result = false;
|
||||
|
||||
fp = fopen(fname, "r");
|
||||
|
||||
if(!fp) {
|
||||
logger(LOG_ERR, "Cannot open config file %s: %s", fname,
|
||||
strerror(errno));
|
||||
return -3;
|
||||
logger(LOG_ERR, "Cannot open config file %s: %s", fname, strerror(errno));
|
||||
return false;
|
||||
}
|
||||
|
||||
bufsize = 100;
|
||||
buffer = xmalloc(bufsize);
|
||||
|
||||
for(;;) {
|
||||
if(feof(fp)) {
|
||||
err = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
line = readline(fp, &buffer, &bufsize);
|
||||
line = readline(fp, buffer, sizeof buffer);
|
||||
|
||||
if(!line) {
|
||||
err = -1;
|
||||
if(feof(fp))
|
||||
result = true;
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -361,46 +311,46 @@ int read_config_file(avl_tree_t *config_tree, const char *fname) {
|
|||
config_add(config_tree, cfg);
|
||||
}
|
||||
|
||||
free(buffer);
|
||||
fclose(fp);
|
||||
|
||||
return err;
|
||||
return result;
|
||||
}
|
||||
|
||||
bool read_server_config() {
|
||||
char *fname;
|
||||
int x;
|
||||
bool x;
|
||||
|
||||
xasprintf(&fname, "%s/tinc.conf", confbase);
|
||||
x = read_config_file(config_tree, fname);
|
||||
|
||||
if(x == -1) { /* System error: complain */
|
||||
if(!x) { /* System error: complain */
|
||||
logger(LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno));
|
||||
}
|
||||
|
||||
free(fname);
|
||||
|
||||
return x == 0;
|
||||
return x;
|
||||
}
|
||||
|
||||
FILE *ask_and_open(const char *filename, const char *what) {
|
||||
FILE *r;
|
||||
char *directory;
|
||||
char *fn;
|
||||
char line[PATH_MAX];
|
||||
const char *fn;
|
||||
|
||||
/* Check stdin and stdout */
|
||||
if(!isatty(0) || !isatty(1)) {
|
||||
/* Argh, they are running us from a script or something. Write
|
||||
the files to the current directory and let them burn in hell
|
||||
for ever. */
|
||||
fn = xstrdup(filename);
|
||||
fn = filename;
|
||||
} else {
|
||||
/* Ask for a file and/or directory name. */
|
||||
fprintf(stdout, "Please enter a file to save %s to [%s]: ",
|
||||
what, filename);
|
||||
fflush(stdout);
|
||||
|
||||
fn = readline(stdin, NULL, NULL);
|
||||
fn = readline(stdin, line, sizeof line);
|
||||
|
||||
if(!fn) {
|
||||
fprintf(stderr, "Error while reading stdin: %s\n",
|
||||
|
@ -410,7 +360,7 @@ FILE *ask_and_open(const char *filename, const char *what) {
|
|||
|
||||
if(!strlen(fn))
|
||||
/* User just pressed enter. */
|
||||
fn = xstrdup(filename);
|
||||
fn = filename;
|
||||
}
|
||||
|
||||
#ifdef HAVE_MINGW
|
||||
|
@ -423,7 +373,6 @@ FILE *ask_and_open(const char *filename, const char *what) {
|
|||
|
||||
directory = get_current_dir_name();
|
||||
xasprintf(&p, "%s/%s", directory, fn);
|
||||
free(fn);
|
||||
free(directory);
|
||||
fn = p;
|
||||
}
|
||||
|
@ -437,12 +386,9 @@ FILE *ask_and_open(const char *filename, const char *what) {
|
|||
if(!r) {
|
||||
fprintf(stderr, "Error opening file `%s': %s\n",
|
||||
fn, strerror(errno));
|
||||
free(fn);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
free(fn);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ extern bool get_config_string(const config_t *, char **);
|
|||
extern bool get_config_address(const config_t *, struct addrinfo **);
|
||||
extern bool get_config_subnet(const config_t *, struct subnet_t **);
|
||||
|
||||
extern int read_config_file(avl_tree_t *, const char *);
|
||||
extern bool read_config_file(avl_tree_t *, const char *);
|
||||
extern bool read_server_config(void);
|
||||
extern FILE *ask_and_open(const char *, const char *);
|
||||
extern bool is_safe_path(const char *);
|
||||
|
|
|
@ -130,11 +130,11 @@ void dump_connections(void) {
|
|||
|
||||
bool read_connection_config(connection_t *c) {
|
||||
char *fname;
|
||||
int x;
|
||||
bool x;
|
||||
|
||||
xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
|
||||
x = read_config_file(c->config_tree, fname);
|
||||
free(fname);
|
||||
|
||||
return x == 0;
|
||||
return x;
|
||||
}
|
||||
|
|
39
src/net.c
39
src/net.c
|
@ -68,9 +68,9 @@ static void purge(void) {
|
|||
for(snode = n->subnet_tree->head; snode; snode = snext) {
|
||||
snext = snode->next;
|
||||
s = snode->data;
|
||||
if(!tunnelserver)
|
||||
send_del_subnet(broadcast, s);
|
||||
subnet_del(n, s);
|
||||
send_del_subnet(broadcast, s);
|
||||
if(!strictsubnets)
|
||||
subnet_del(n, s);
|
||||
}
|
||||
|
||||
for(enode = n->edge_tree->head; enode; enode = enext) {
|
||||
|
@ -98,7 +98,8 @@ static void purge(void) {
|
|||
break;
|
||||
}
|
||||
|
||||
if(!enode)
|
||||
if(!enode && (!strictsubnets || !n->subnet_tree->head))
|
||||
/* in strictsubnets mode do not delete nodes with subnets */
|
||||
node_del(n);
|
||||
}
|
||||
}
|
||||
|
@ -488,6 +489,36 @@ int main_loop(void) {
|
|||
|
||||
last_config_check = now;
|
||||
|
||||
/* If StrictSubnet is set, expire deleted Subnets and read new ones in */
|
||||
|
||||
if(strictsubnets) {
|
||||
subnet_t *subnet;
|
||||
|
||||
for(node = subnet_tree->head; node; node = node->next) {
|
||||
subnet = node->data;
|
||||
subnet->expires = 1;
|
||||
}
|
||||
|
||||
load_all_subnets();
|
||||
|
||||
for(node = subnet_tree->head; node; node = next) {
|
||||
next = node->next;
|
||||
subnet = node->data;
|
||||
if(subnet->expires == 1) {
|
||||
send_del_subnet(broadcast, subnet);
|
||||
if(subnet->owner->status.reachable)
|
||||
subnet_update(subnet->owner, subnet, false);
|
||||
subnet_del(subnet->owner, subnet);
|
||||
} else if(subnet->expires == -1) {
|
||||
subnet->expires = 0;
|
||||
} else {
|
||||
send_add_subnet(broadcast, subnet);
|
||||
if(subnet->owner->status.reachable)
|
||||
subnet_update(subnet->owner, subnet, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Try to make outgoing connections */
|
||||
|
||||
try_outgoing_connections();
|
||||
|
|
|
@ -139,6 +139,7 @@ extern void terminate_connection(struct connection_t *, bool);
|
|||
extern void flush_queue(struct node_t *);
|
||||
extern bool read_rsa_public_key(struct connection_t *);
|
||||
extern void send_mtu_probe(struct node_t *);
|
||||
extern void load_all_subnets();
|
||||
|
||||
#ifndef HAVE_MINGW
|
||||
#define closesocket(s) close(s)
|
||||
|
|
|
@ -26,8 +26,13 @@
|
|||
#include <openssl/pem.h>
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
#ifdef HAVE_ZLIB
|
||||
#include <zlib.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_LZO
|
||||
#include LZO1X_H
|
||||
#endif
|
||||
|
||||
#include "avl_tree.h"
|
||||
#include "conf.h"
|
||||
|
@ -48,7 +53,9 @@
|
|||
|
||||
int keylifetime = 0;
|
||||
int keyexpires = 0;
|
||||
#ifdef HAVE_LZO
|
||||
static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999_MEM_COMPRESS : LZO1X_1_MEM_COMPRESS];
|
||||
#endif
|
||||
|
||||
static void send_udppacket(node_t *, vpn_packet_t *);
|
||||
|
||||
|
@ -147,40 +154,61 @@ void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
|
|||
}
|
||||
|
||||
static length_t compress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
|
||||
if(level == 10) {
|
||||
if(level == 0) {
|
||||
memcpy(dest, source, len);
|
||||
return len;
|
||||
} else if(level == 10) {
|
||||
#ifdef HAVE_LZO
|
||||
lzo_uint lzolen = MAXSIZE;
|
||||
lzo1x_1_compress(source, len, dest, &lzolen, lzo_wrkmem);
|
||||
return lzolen;
|
||||
#else
|
||||
return -1;
|
||||
#endif
|
||||
} else if(level < 10) {
|
||||
#ifdef HAVE_ZLIB
|
||||
unsigned long destlen = MAXSIZE;
|
||||
if(compress2(dest, &destlen, source, len, level) == Z_OK)
|
||||
return destlen;
|
||||
else
|
||||
#endif
|
||||
return -1;
|
||||
} else {
|
||||
#ifdef HAVE_LZO
|
||||
lzo_uint lzolen = MAXSIZE;
|
||||
lzo1x_999_compress(source, len, dest, &lzolen, lzo_wrkmem);
|
||||
return lzolen;
|
||||
#else
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
static length_t uncompress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
|
||||
if(level > 9) {
|
||||
if(level == 0) {
|
||||
memcpy(dest, source, len);
|
||||
return len;
|
||||
} else if(level > 9) {
|
||||
#ifdef HAVE_LZO
|
||||
lzo_uint lzolen = MAXSIZE;
|
||||
if(lzo1x_decompress_safe(source, len, dest, &lzolen, NULL) == LZO_E_OK)
|
||||
return lzolen;
|
||||
else
|
||||
#endif
|
||||
return -1;
|
||||
} else {
|
||||
}
|
||||
#ifdef HAVE_ZLIB
|
||||
else {
|
||||
unsigned long destlen = MAXSIZE;
|
||||
if(uncompress(dest, &destlen, source, len) == Z_OK)
|
||||
return destlen;
|
||||
else
|
||||
return -1;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
|
|
@ -201,6 +201,68 @@ bool read_rsa_private_key(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
/*
|
||||
Read Subnets from all host config files
|
||||
*/
|
||||
void load_all_subnets(void) {
|
||||
DIR *dir;
|
||||
struct dirent *ent;
|
||||
char *dname;
|
||||
char *fname;
|
||||
avl_tree_t *config_tree;
|
||||
config_t *cfg;
|
||||
subnet_t *s, *s2;
|
||||
node_t *n;
|
||||
bool result;
|
||||
|
||||
xasprintf(&dname, "%s/hosts", confbase);
|
||||
dir = opendir(dname);
|
||||
if(!dir) {
|
||||
logger(LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
|
||||
free(dname);
|
||||
return;
|
||||
}
|
||||
|
||||
while((ent = readdir(dir))) {
|
||||
if(!check_id(ent->d_name))
|
||||
continue;
|
||||
|
||||
n = lookup_node(ent->d_name);
|
||||
#ifdef _DIRENT_HAVE_D_TYPE
|
||||
//if(ent->d_type != DT_REG)
|
||||
// continue;
|
||||
#endif
|
||||
|
||||
xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
|
||||
init_configuration(&config_tree);
|
||||
result = read_config_file(config_tree, fname);
|
||||
free(fname);
|
||||
if(!result)
|
||||
continue;
|
||||
|
||||
if(!n) {
|
||||
n = new_node();
|
||||
n->name = xstrdup(ent->d_name);
|
||||
node_add(n);
|
||||
}
|
||||
|
||||
for(cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
|
||||
if(!get_config_subnet(cfg, &s))
|
||||
continue;
|
||||
|
||||
if((s2 = lookup_subnet(n, s))) {
|
||||
s2->expires = -1;
|
||||
} else {
|
||||
subnet_add(n, s);
|
||||
}
|
||||
}
|
||||
|
||||
exit_configuration(&config_tree);
|
||||
}
|
||||
|
||||
closedir(dir);
|
||||
}
|
||||
|
||||
/*
|
||||
Configure node_t myself and set up the local sockets (listen only)
|
||||
*/
|
||||
|
@ -250,6 +312,16 @@ bool setup_myself(void) {
|
|||
&& !get_config_string(lookup_config(myself->connection->config_tree, "Port"), &myport))
|
||||
myport = xstrdup("655");
|
||||
|
||||
if(!atoi(myport)) {
|
||||
struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM);
|
||||
sockaddr_t sa;
|
||||
if(!ai || !ai->ai_addr)
|
||||
return false;
|
||||
free(myport);
|
||||
memcpy(&sa, ai->ai_addr, ai->ai_addrlen);
|
||||
sockaddr2str(&sa, NULL, &myport);
|
||||
}
|
||||
|
||||
/* Read in all the subnets specified in the host configuration file */
|
||||
|
||||
cfg = lookup_config(myself->connection->config_tree, "Subnet");
|
||||
|
@ -280,7 +352,10 @@ bool setup_myself(void) {
|
|||
if(myself->options & OPTION_TCPONLY)
|
||||
myself->options |= OPTION_INDIRECT;
|
||||
|
||||
get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
|
||||
get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
|
||||
get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
|
||||
strictsubnets |= tunnelserver;
|
||||
|
||||
if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
|
||||
if(!strcasecmp(mode, "router"))
|
||||
|
@ -294,8 +369,21 @@ bool setup_myself(void) {
|
|||
return false;
|
||||
}
|
||||
free(mode);
|
||||
} else
|
||||
routing_mode = RMODE_ROUTER;
|
||||
}
|
||||
|
||||
if(get_config_string(lookup_config(config_tree, "Forwarding"), &mode)) {
|
||||
if(!strcasecmp(mode, "off"))
|
||||
forwarding_mode = FMODE_OFF;
|
||||
else if(!strcasecmp(mode, "internal"))
|
||||
forwarding_mode = FMODE_INTERNAL;
|
||||
else if(!strcasecmp(mode, "kernel"))
|
||||
forwarding_mode = FMODE_KERNEL;
|
||||
else {
|
||||
logger(LOG_ERR, "Invalid forwarding mode!");
|
||||
return false;
|
||||
}
|
||||
free(mode);
|
||||
}
|
||||
|
||||
choice = true;
|
||||
get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice);
|
||||
|
@ -426,6 +514,9 @@ bool setup_myself(void) {
|
|||
|
||||
graph();
|
||||
|
||||
if(strictsubnets)
|
||||
load_all_subnets();
|
||||
|
||||
/* Open device */
|
||||
|
||||
if(!setup_device())
|
||||
|
|
|
@ -102,8 +102,10 @@ void sockaddr2str(const sockaddr_t *sa, char **addrstr, char **portstr) {
|
|||
if(scopeid)
|
||||
*scopeid = '\0'; /* Descope. */
|
||||
|
||||
*addrstr = xstrdup(address);
|
||||
*portstr = xstrdup(port);
|
||||
if(addrstr)
|
||||
*addrstr = xstrdup(address);
|
||||
if(portstr)
|
||||
*portstr = xstrdup(port);
|
||||
}
|
||||
|
||||
char *sockaddr2hostname(const sockaddr_t *sa) {
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
#include "xalloc.h"
|
||||
|
||||
bool tunnelserver = false;
|
||||
bool strictsubnets = false;
|
||||
|
||||
/* Jumptable for the request handlers */
|
||||
|
||||
|
|
|
@ -53,6 +53,7 @@ typedef struct past_request_t {
|
|||
} past_request_t;
|
||||
|
||||
extern bool tunnelserver;
|
||||
extern bool strictsubnets;
|
||||
|
||||
/* Maximum size of strings in a request.
|
||||
* scanf terminates %2048s with a NUL character,
|
||||
|
|
|
@ -497,7 +497,7 @@ static void send_everything(connection_t *c) {
|
|||
|
||||
bool ack_h(connection_t *c) {
|
||||
char hisport[MAX_STRING_SIZE];
|
||||
char *hisaddress, *dummy;
|
||||
char *hisaddress;
|
||||
int weight, mtu;
|
||||
uint32_t options;
|
||||
node_t *n;
|
||||
|
@ -566,10 +566,9 @@ bool ack_h(connection_t *c) {
|
|||
c->edge = new_edge();
|
||||
c->edge->from = myself;
|
||||
c->edge->to = n;
|
||||
sockaddr2str(&c->address, &hisaddress, &dummy);
|
||||
sockaddr2str(&c->address, &hisaddress, NULL);
|
||||
c->edge->address = str2sockaddr(hisaddress, hisport);
|
||||
free(hisaddress);
|
||||
free(dummy);
|
||||
c->edge->weight = (weight + c->estimated_weight) / 2;
|
||||
c->edge->connection = c;
|
||||
c->edge->options = c->options;
|
||||
|
|
|
@ -104,29 +104,21 @@ bool add_subnet_h(connection_t *c) {
|
|||
return true;
|
||||
}
|
||||
|
||||
/* In tunnel server mode, check if the subnet matches one in the config file of this node */
|
||||
/* In tunnel server mode, we should already know all allowed subnets */
|
||||
|
||||
if(tunnelserver) {
|
||||
config_t *cfg;
|
||||
subnet_t *allowed;
|
||||
logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
|
||||
"ADD_SUBNET", c->name, c->hostname, subnetstr);
|
||||
return true;
|
||||
}
|
||||
|
||||
for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
|
||||
if(!get_config_subnet(cfg, &allowed))
|
||||
continue;
|
||||
/* Ignore if strictsubnets is true, but forward it to others */
|
||||
|
||||
if(!subnet_compare(&s, allowed))
|
||||
break;
|
||||
|
||||
free_subnet(allowed);
|
||||
}
|
||||
|
||||
if(!cfg) {
|
||||
logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
|
||||
"ADD_SUBNET", c->name, c->hostname, subnetstr);
|
||||
return true;
|
||||
}
|
||||
|
||||
free_subnet(allowed);
|
||||
if(strictsubnets) {
|
||||
logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
|
||||
"ADD_SUBNET", c->name, c->hostname, subnetstr);
|
||||
forward_request(c);
|
||||
return true;
|
||||
}
|
||||
|
||||
/* If everything is correct, add the subnet to the list of the owner */
|
||||
|
@ -139,8 +131,7 @@ bool add_subnet_h(connection_t *c) {
|
|||
|
||||
/* Tell the rest */
|
||||
|
||||
if(!tunnelserver)
|
||||
forward_request(c);
|
||||
forward_request(c);
|
||||
|
||||
/* Fast handoff of roaming MAC addresses */
|
||||
|
||||
|
@ -216,6 +207,8 @@ bool del_subnet_h(connection_t *c) {
|
|||
if(!find) {
|
||||
ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which does not appear in his subnet tree",
|
||||
"DEL_SUBNET", c->name, c->hostname, name);
|
||||
if(strictsubnets)
|
||||
forward_request(c);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -228,10 +221,14 @@ bool del_subnet_h(connection_t *c) {
|
|||
return true;
|
||||
}
|
||||
|
||||
if(tunnelserver)
|
||||
return true;
|
||||
|
||||
/* Tell the rest */
|
||||
|
||||
if(!tunnelserver)
|
||||
forward_request(c);
|
||||
forward_request(c);
|
||||
if(strictsubnets)
|
||||
return true;
|
||||
|
||||
/* Finally, delete it. */
|
||||
|
||||
|
|
50
src/route.c
50
src/route.c
|
@ -33,6 +33,8 @@
|
|||
#include "utils.h"
|
||||
|
||||
rmode_t routing_mode = RMODE_ROUTER;
|
||||
fmode_t forwarding_mode = FMODE_INTERNAL;
|
||||
bool directonly = false;
|
||||
bool priorityinheritance = false;
|
||||
int macexpire = 600;
|
||||
bool overwrite_mac = false;
|
||||
|
@ -48,7 +50,10 @@ static const size_t ip6_size = sizeof(struct ip6_hdr);
|
|||
static const size_t icmp6_size = sizeof(struct icmp6_hdr);
|
||||
static const size_t ns_size = sizeof(struct nd_neighbor_solicit);
|
||||
static const size_t opt_size = sizeof(struct nd_opt_hdr);
|
||||
#define max(a, b) ((a) > (b) ? (a) : (b))
|
||||
|
||||
#ifndef MAX
|
||||
#define MAX(a, b) ((a) > (b) ? (a) : (b))
|
||||
#endif
|
||||
|
||||
/* RFC 1071 */
|
||||
|
||||
|
@ -94,9 +99,13 @@ static bool checklength(node_t *source, vpn_packet_t *packet, length_t length) {
|
|||
}
|
||||
|
||||
static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *packet) {
|
||||
if(!via || via == myself || !(via->options & OPTION_CLAMP_MSS))
|
||||
if(!source || !via || !(via->options & OPTION_CLAMP_MSS))
|
||||
return;
|
||||
|
||||
uint16_t mtu = source->mtu;
|
||||
if(via != myself && via->mtu < mtu)
|
||||
mtu = via->mtu;
|
||||
|
||||
/* Find TCP header */
|
||||
int start = 0;
|
||||
uint16_t type = packet->data[12] << 8 | packet->data[13];
|
||||
|
@ -140,7 +149,7 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac
|
|||
|
||||
/* Found it */
|
||||
uint16_t oldmss = packet->data[start + 22 + i] << 8 | packet->data[start + 23 + i];
|
||||
uint16_t newmss = via->mtu - start - 20;
|
||||
uint16_t newmss = mtu - start - 20;
|
||||
uint16_t csum = packet->data[start + 16] << 8 | packet->data[start + 17];
|
||||
|
||||
if(oldmss <= newmss)
|
||||
|
@ -379,17 +388,23 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) {
|
|||
}
|
||||
|
||||
if(!subnet->owner->status.reachable)
|
||||
route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_UNREACH);
|
||||
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_UNREACH);
|
||||
|
||||
if(forwarding_mode == FMODE_OFF && source != myself && subnet->owner != myself)
|
||||
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
|
||||
|
||||
if(priorityinheritance)
|
||||
packet->priority = packet->data[15];
|
||||
|
||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||
|
||||
if(via && packet->len > max(via->mtu, 590) && via != myself) {
|
||||
if(directonly && subnet->owner != via)
|
||||
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
|
||||
|
||||
if(via && packet->len > MAX(via->mtu, 590) && via != myself) {
|
||||
ifdebug(TRAFFIC) logger(LOG_INFO, "Packet for %s (%s) length %d larger than MTU %d", subnet->owner->name, subnet->owner->hostname, packet->len, via->mtu);
|
||||
if(packet->data[20] & 0x40) {
|
||||
packet->len = max(via->mtu, 590);
|
||||
packet->len = MAX(via->mtu, 590);
|
||||
route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED);
|
||||
} else {
|
||||
fragment_ipv4_packet(via, packet);
|
||||
|
@ -527,13 +542,19 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) {
|
|||
}
|
||||
|
||||
if(!subnet->owner->status.reachable)
|
||||
route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOROUTE);
|
||||
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOROUTE);
|
||||
|
||||
if(forwarding_mode == FMODE_OFF && source != myself && subnet->owner != myself)
|
||||
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
|
||||
|
||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||
|
||||
if(via && packet->len > max(via->mtu, 1294) && via != myself) {
|
||||
if(directonly && subnet->owner != via)
|
||||
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
|
||||
|
||||
if(via && packet->len > MAX(via->mtu, 1294) && via != myself) {
|
||||
ifdebug(TRAFFIC) logger(LOG_INFO, "Packet for %s (%s) length %d larger than MTU %d", subnet->owner->name, subnet->owner->hostname, packet->len, via->mtu);
|
||||
packet->len = max(via->mtu, 1294);
|
||||
packet->len = MAX(via->mtu, 1294);
|
||||
route_ipv6_unreachable(source, packet, ICMP6_PACKET_TOO_BIG, 0);
|
||||
return;
|
||||
}
|
||||
|
@ -792,9 +813,15 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
|
|||
return;
|
||||
}
|
||||
|
||||
if(forwarding_mode == FMODE_OFF && source != myself && subnet->owner != myself)
|
||||
return;
|
||||
|
||||
// Handle packets larger than PMTU
|
||||
|
||||
node_t *via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||
|
||||
if(directonly && subnet->owner != via)
|
||||
return;
|
||||
|
||||
if(via && packet->len > via->mtu && via != myself) {
|
||||
ifdebug(TRAFFIC) logger(LOG_INFO, "Packet for %s (%s) length %d larger than MTU %d", subnet->owner->name, subnet->owner->hostname, packet->len, via->mtu);
|
||||
|
@ -820,6 +847,11 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
|
|||
}
|
||||
|
||||
void route(node_t *source, vpn_packet_t *packet) {
|
||||
if(forwarding_mode == FMODE_KERNEL && source != myself) {
|
||||
send_packet(myself, packet);
|
||||
return;
|
||||
}
|
||||
|
||||
if(!checklength(source, packet, ether_size))
|
||||
return;
|
||||
|
||||
|
|
|
@ -30,7 +30,15 @@ typedef enum rmode_t {
|
|||
RMODE_ROUTER,
|
||||
} rmode_t;
|
||||
|
||||
typedef enum fmode_t {
|
||||
FMODE_OFF = 0,
|
||||
FMODE_INTERNAL,
|
||||
FMODE_KERNEL,
|
||||
} fmode_t;
|
||||
|
||||
extern rmode_t routing_mode;
|
||||
extern fmode_t forwarding_mode;
|
||||
extern bool directonly;
|
||||
extern bool overwrite_mac;
|
||||
extern bool priorityinheritance;
|
||||
extern int macexpire;
|
||||
|
|
|
@ -64,6 +64,8 @@ typedef struct subnet_t {
|
|||
|
||||
#define MAXNETSTR 64
|
||||
|
||||
extern avl_tree_t *subnet_tree;
|
||||
|
||||
extern int subnet_compare(const struct subnet_t *, const struct subnet_t *);
|
||||
extern subnet_t *new_subnet(void) __attribute__ ((__malloc__));
|
||||
extern void free_subnet(subnet_t *);
|
||||
|
|
|
@ -37,7 +37,9 @@
|
|||
#include <openssl/evp.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#ifdef HAVE_LZO
|
||||
#include LZO1X_H
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_MINGW
|
||||
#include <pwd.h>
|
||||
|
@ -540,10 +542,12 @@ int main(int argc, char **argv) {
|
|||
if(!read_server_config())
|
||||
return 1;
|
||||
|
||||
#ifdef HAVE_LZO
|
||||
if(lzo_init() != LZO_E_OK) {
|
||||
logger(LOG_ERR, "Error initializing LZO compressor!");
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_MINGW
|
||||
if(WSAStartup(MAKEWORD(2, 2), &wsa_state)) {
|
||||
|
|
Loading…
Reference in a new issue