Import Upstream version 1.0.33

This commit is contained in:
Guus Sliepen 2019-08-26 13:44:48 +02:00
parent e0e55285b8
commit 5969674c46
109 changed files with 5599 additions and 5444 deletions

View file

@ -4,23 +4,12 @@ info_TEXINFOS = tinc.texi
man_MANS = tincd.8 tinc.conf.5
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config
CLEANFILES = *.html tincd.8 tinc.conf.5 tincinclude.texi
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; @program_transform_name@
# For additional rules usually of interest only to the maintainer,
# see GNUmakefile and Makefile.maint.
sample-config.tar.gz: sample-config
$(AM_V_GEN)GZIP=$(GZIP_ENV) $(AMTAR) chozf sample-config.tar.gz --exclude .svn sample-config
texi2html: tinc.texi
$(AM_V_GEN)texi2html -split=chapter tinc.texi
$(AM_V_GEN)texi2html -split=chapter $<
tincd.8.html: tincd.8
$(AM_V_GEN)w3mman2html $< > $@
@ -32,15 +21,16 @@ substitute = sed \
-e s,'@PACKAGE\@',"$(PACKAGE)",g \
-e s,'@VERSION\@',"$(VERSION)",g \
-e s,'@sysconfdir\@',"$(sysconfdir)",g \
-e s,'@runstatedir\@',"$(runstatedir)",g \
-e s,'@localstatedir\@',"$(localstatedir)",g
tincd.8: tincd.8.in
$(AM_V_GEN)$(substitute) tincd.8.in > tincd.8
tincd.8: $(srcdir)/tincd.8.in
$(AM_V_GEN)$(substitute) $< > $@
tinc.conf.5: tinc.conf.5.in
$(AM_V_GEN)$(substitute) tinc.conf.5.in > tinc.conf.5
tinc.conf.5: $(srcdir)/tinc.conf.5.in
$(AM_V_GEN)$(substitute) $< > $@
tincinclude.texi: $(srcdir)/tincinclude.texi.in
$(AM_V_GEN)$(substitute) $< > $@
tincinclude.texi: tincinclude.texi.in
$(AM_V_GEN)$(substitute) tincinclude.texi.in > tincinclude.texi
tinc.texi: tincinclude.texi

View file

@ -78,6 +78,7 @@ install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
@ -145,7 +146,7 @@ AM_V_texidevnull = $(am__v_texidevnull_@AM_V@)
am__v_texidevnull_ = $(am__v_texidevnull_@AM_DEFAULT_V@)
am__v_texidevnull_0 = > /dev/null
am__v_texidevnull_1 =
INFO_DEPS = $(srcdir)/tinc.info
INFO_DEPS = tinc.info
am__TEXINFO_TEX_DIR = $(srcdir)
DVIS = tinc.dvi
PDFS = tinc.pdf
@ -198,11 +199,6 @@ MANS = $(man_MANS)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
am__DIST_COMMON = $(srcdir)/Makefile.in texinfo.tex
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; @program_transform_name@
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
@ -233,7 +229,6 @@ LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
@ -306,19 +301,20 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
info_TEXINFOS = tinc.texi
man_MANS = tincd.8 tinc.conf.5
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config
CLEANFILES = *.html tincd.8 tinc.conf.5 tincinclude.texi
substitute = sed \
-e s,'@PACKAGE\@',"$(PACKAGE)",g \
-e s,'@VERSION\@',"$(VERSION)",g \
-e s,'@sysconfdir\@',"$(sysconfdir)",g \
-e s,'@runstatedir\@',"$(runstatedir)",g \
-e s,'@localstatedir\@',"$(localstatedir)",g
all: all-am
.SUFFIXES:
.SUFFIXES: .dvi .html .info .pdf .ps .texi
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
.SUFFIXES: .dvi .ps
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@ -342,59 +338,51 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
.texi.info:
tinc.info: tinc.texi
$(AM_V_MAKEINFO)restore=: && backupdir="$(am__leading_dot)am$$$$" && \
am__cwd=`pwd` && $(am__cd) $(srcdir) && \
rm -rf $$backupdir && mkdir $$backupdir && \
if ($(MAKEINFO) --version) >/dev/null 2>&1; then \
for f in $@ $@-[0-9] $@-[0-9][0-9] $(@:.info=).i[0-9] $(@:.info=).i[0-9][0-9]; do \
if test -f $$f; then mv $$f $$backupdir; restore=mv; else :; fi; \
done; \
else :; fi && \
cd "$$am__cwd"; \
if $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \
-o $@ $<; \
-o $@ `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi; \
then \
rc=0; \
$(am__cd) $(srcdir); \
else \
rc=$$?; \
$(am__cd) $(srcdir) && \
$$restore $$backupdir/* `echo "./$@" | sed 's|[^/]*$$||'`; \
fi; \
rm -rf $$backupdir; exit $$rc
.texi.dvi:
tinc.dvi: tinc.texi
$(AM_V_TEXI2DVI)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \
MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \
$(TEXI2DVI) $(AM_V_texinfo) --build-dir=$(@:.dvi=.t2d) -o $@ $(AM_V_texidevnull) \
$<
`test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi
.texi.pdf:
tinc.pdf: tinc.texi
$(AM_V_TEXI2PDF)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \
MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \
$(TEXI2PDF) $(AM_V_texinfo) --build-dir=$(@:.pdf=.t2p) -o $@ $(AM_V_texidevnull) \
$<
`test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi
.texi.html:
tinc.html: tinc.texi
$(AM_V_MAKEINFO)rm -rf $(@:.html=.htp)
$(AM_V_at)if $(MAKEINFOHTML) $(AM_MAKEINFOHTMLFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \
-o $(@:.html=.htp) $<; \
-o $(@:.html=.htp) `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi; \
then \
rm -rf $@ && mv $(@:.html=.htp) $@; \
else \
rm -rf $(@:.html=.htp); exit 1; \
fi
$(srcdir)/tinc.info: tinc.texi
tinc.dvi: tinc.texi
tinc.pdf: tinc.texi
tinc.html: tinc.texi
.dvi.ps:
$(AM_V_DVIPS)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \
$(DVIPS) $(AM_V_texinfo) -o $@ $<
@ -833,14 +821,8 @@ uninstall-man: uninstall-man5 uninstall-man8
.PRECIOUS: Makefile
# For additional rules usually of interest only to the maintainer,
# see GNUmakefile and Makefile.maint.
sample-config.tar.gz: sample-config
$(AM_V_GEN)GZIP=$(GZIP_ENV) $(AMTAR) chozf sample-config.tar.gz --exclude .svn sample-config
texi2html: tinc.texi
$(AM_V_GEN)texi2html -split=chapter tinc.texi
$(AM_V_GEN)texi2html -split=chapter $<
tincd.8.html: tincd.8
$(AM_V_GEN)w3mman2html $< > $@
@ -848,14 +830,14 @@ tincd.8.html: tincd.8
tinc.conf.5.html: tinc.conf.5
$(AM_V_GEN)w3mman2html $< > $@
tincd.8: tincd.8.in
$(AM_V_GEN)$(substitute) tincd.8.in > tincd.8
tincd.8: $(srcdir)/tincd.8.in
$(AM_V_GEN)$(substitute) $< > $@
tinc.conf.5: tinc.conf.5.in
$(AM_V_GEN)$(substitute) tinc.conf.5.in > tinc.conf.5
tinc.conf.5: $(srcdir)/tinc.conf.5.in
$(AM_V_GEN)$(substitute) $< > $@
tincinclude.texi: tincinclude.texi.in
$(AM_V_GEN)$(substitute) tincinclude.texi.in > tincinclude.texi
tincinclude.texi: $(srcdir)/tincinclude.texi.in
$(AM_V_GEN)$(substitute) $< > $@
tinc.texi: tincinclude.texi

Binary file not shown.

View file

@ -0,0 +1,15 @@
# Sample host configuration file
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.234.35.67
# Portnumber for incoming connections. Default is 655.
Port = 655
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.1.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

View file

@ -0,0 +1,16 @@
# Sample host configuration file
# This file was generated by host beta.
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.45.67.189
# Portnumber for incoming connections. Default is 655.
Port = 6500
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.2.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

View file

@ -0,0 +1 @@
# Generate this file with `tincd -n example -K`

View file

@ -0,0 +1,4 @@
#!/bin/sh
# This file closes down the tap device.
ifconfig $INTERFACE down

11
doc/sample-config/tinc-up Normal file
View file

@ -0,0 +1,11 @@
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# The environment variable $INTERFACE is set to the right name
# on most platforms, but if it doesn't work try to set it manually.
# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0

View file

@ -0,0 +1,22 @@
# Sample tinc configuration file
# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The name of this tinc host. Required.
Name = alpha
# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
ConnectTo = beta
# The tap device tinc will use.
# /dev/tap0 for ethertap, FreeBSD or OpenBSD
# /dev/tun0 for Solaris
# /dev/net/tun for Linux tun/tap
Device = /dev/net/tun

View file

@ -222,7 +222,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
Create a UNIX socket with the filename specified by
.Va Device ,
or
.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
.Pa @runstatedir@/ Ns Ar NETNAME Ns Pa .umlsocket
if not specified.
.Nm tinc
will wait for a User Mode Linux instance to connect to this socket.
@ -231,7 +231,7 @@ Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
.Va Device ,
or
.Pa @localstatedir@/run/vde.ctl
.Pa @runstatedir@/vde.ctl
if not specified.
.El
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,

View file

@ -1,11 +1,11 @@
This is tinc.info, produced by makeinfo version 6.4.90 from tinc.texi.
This is tinc.info, produced by makeinfo version 6.5 from tinc.texi.
INFO-DIR-SECTION Networking tools
START-INFO-DIR-ENTRY
* tinc: (tinc). The tinc Manual.
END-INFO-DIR-ENTRY
This is the info manual for tinc version 1.0.31, a Virtual Private
This is the info manual for tinc version 1.0.33, a Virtual Private
Network daemon.
Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen
@ -791,13 +791,13 @@ DeviceType = <TYPE> (platform dependent)
uml (not compiled in by default)
Create a UNIX socket with the filename specified by DEVICE, or
'/var/run/NETNAME.umlsocket' if not specified. Tinc will wait
for a User Mode Linux instance to connect to this socket.
'/run/NETNAME.umlsocket' if not specified. Tinc will wait for
a User Mode Linux instance to connect to this socket.
vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual
Distributed Ethernet switch, using the UNIX socket specified
by DEVICE, or '/var/run/vde.ctl' if not specified.
by DEVICE, or '/run/vde.ctl' if not specified.
Also, in case tinc does not seem to correctly interpret packets
received from the virtual network device, it can be used to change
@ -1597,7 +1597,7 @@ command line options.
'/var/log/tinc.NETNAME.log'.
'--pidfile=FILE'
Write PID to FILE instead of '/var/run/tinc.NETNAME.pid'.
Write PID to FILE instead of '/run/tinc.NETNAME.pid'.
'--bypass-security'
Disables encryption and authentication. Only useful for debugging.
@ -1609,12 +1609,16 @@ command line options.
chroot is performed after all the initialization is done, after
writing pid files and opening network sockets.
Note that this option alone does not do any good without -U/-user,
below.
This option is best used in combination with the -U/-user option
described below.
Note also that tinc can't run scripts anymore (such as tinc-down or
host-up), unless it's setup to be runnable inside chroot
environment.
You will need to ensure the chroot environment contains all the
files necessary for tinc to run correctly. Most importantly, for
tinc to be able to resolve hostnames inside the chroot environment,
you must copy '/etc/resolv.conf' into the chroot directory. If you
want to be able to run scripts other than 'tinc-up' in the chroot,
you must ensure the appropriate shell is also installed in the
chroot, along with all its dependencies.
'-U, --user=USER'
Switch to the given USER after initialization, at the same time as
@ -2650,66 +2654,66 @@ Concept Index

Tag Table:
Node: Top809
Node: Introduction1108
Node: Virtual Private Networks1918
Node: tinc3642
Node: Supported platforms5169
Node: Preparations5870
Node: Configuring the kernel6126
Node: Configuration of Linux kernels6536
Node: Configuration of FreeBSD kernels7391
Node: Configuration of OpenBSD kernels7856
Node: Configuration of NetBSD kernels8213
Node: Configuration of Solaris kernels8618
Node: Configuration of Darwin (Mac OS X) kernels9281
Node: Configuration of Windows10100
Node: Libraries10640
Node: LibreSSL/OpenSSL11049
Node: zlib13591
Node: lzo14623
Node: Installation15606
Node: Building and installing tinc16516
Node: Darwin (Mac OS X) build environment17176
Node: Cygwin (Windows) build environment17741
Node: MinGW (Windows) build environment18330
Node: System files18924
Node: Device files19189
Node: Other files19605
Node: Configuration20218
Node: Configuration introduction20529
Node: Multiple networks21797
Node: How connections work23223
Node: Configuration files24445
Node: Main configuration variables25939
Node: Host configuration variables42195
Node: Scripts47727
Node: How to configure50993
Node: Generating keypairs52251
Node: Network interfaces52750
Node: Example configuration54598
Node: Running tinc59923
Node: Runtime options60513
Node: Signals63815
Node: Debug levels65006
Node: Solving problems65942
Node: Error messages67494
Node: Sending bug reports71503
Node: Technical information72450
Node: The connection72681
Node: The UDP tunnel72993
Node: The meta-connection76054
Node: The meta-protocol77523
Node: Security82540
Node: Authentication protocol83682
Node: Encryption of network packets88727
Node: Security issues90103
Node: Platform specific information91742
Node: Interface configuration91970
Node: Routes94441
Node: About us96455
Node: Contact information96630
Node: Authors97033
Node: Concept Index97438
Node: Top806
Node: Introduction1105
Node: Virtual Private Networks1915
Node: tinc3639
Node: Supported platforms5166
Node: Preparations5867
Node: Configuring the kernel6123
Node: Configuration of Linux kernels6533
Node: Configuration of FreeBSD kernels7388
Node: Configuration of OpenBSD kernels7853
Node: Configuration of NetBSD kernels8210
Node: Configuration of Solaris kernels8615
Node: Configuration of Darwin (Mac OS X) kernels9278
Node: Configuration of Windows10097
Node: Libraries10637
Node: LibreSSL/OpenSSL11046
Node: zlib13588
Node: lzo14620
Node: Installation15603
Node: Building and installing tinc16513
Node: Darwin (Mac OS X) build environment17173
Node: Cygwin (Windows) build environment17738
Node: MinGW (Windows) build environment18327
Node: System files18921
Node: Device files19186
Node: Other files19602
Node: Configuration20215
Node: Configuration introduction20526
Node: Multiple networks21794
Node: How connections work23220
Node: Configuration files24442
Node: Main configuration variables25936
Node: Host configuration variables42184
Node: Scripts47716
Node: How to configure50982
Node: Generating keypairs52240
Node: Network interfaces52739
Node: Example configuration54587
Node: Running tinc59912
Node: Runtime options60502
Node: Signals64127
Node: Debug levels65318
Node: Solving problems66254
Node: Error messages67806
Node: Sending bug reports71815
Node: Technical information72762
Node: The connection72993
Node: The UDP tunnel73305
Node: The meta-connection76366
Node: The meta-protocol77835
Node: Security82852
Node: Authentication protocol83994
Node: Encryption of network packets89039
Node: Security issues90415
Node: Platform specific information92054
Node: Interface configuration92282
Node: Routes94753
Node: About us96767
Node: Contact information96942
Node: Authors97345
Node: Concept Index97750

End Tag Table

View file

@ -860,7 +860,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
@cindex UML
@item uml (not compiled in by default)
Create a UNIX socket with the filename specified by
@var{Device}, or @file{@value{localstatedir}/run/@var{netname}.umlsocket}
@var{Device}, or @file{@value{runstatedir}/@var{netname}.umlsocket}
if not specified.
Tinc will wait for a User Mode Linux instance to connect to this socket.
@ -868,7 +868,7 @@ Tinc will wait for a User Mode Linux instance to connect to this socket.
@item vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
@var{Device}, or @file{@value{localstatedir}/run/vde.ctl}
@var{Device}, or @file{@value{runstatedir}/vde.ctl}
if not specified.
@end table
@ -1730,7 +1730,7 @@ Write log entries to a file instead of to the system logging facility.
If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}.
@item --pidfile=@var{file}
Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
Write PID to @var{file} instead of @file{@value{runstatedir}/tinc.@var{netname}.pid}.
@item --bypass-security
Disables encryption and authentication.
@ -1743,10 +1743,14 @@ located (@file{@value{sysconfdir}/tinc/@var{netname}/} as determined by
The chroot is performed after all the initialization is done, after
writing pid files and opening network sockets.
Note that this option alone does not do any good without -U/--user, below.
This option is best used in combination with the -U/--user option described below.
Note also that tinc can't run scripts anymore (such as tinc-down or host-up),
unless it's setup to be runnable inside chroot environment.
You will need to ensure the chroot environment contains all the files necessary
for tinc to run correctly.
Most importantly, for tinc to be able to resolve hostnames inside the chroot environment,
you must copy @file{/etc/resolv.conf} into the chroot directory.
If you want to be able to run scripts other than @file{tinc-up} in the chroot,
you must ensure the appropriate shell is also installed in the chroot, along with all its dependencies.
@item -U, --user=@var{user}
Switch to the given @var{user} after initialization, at the same time as

View file

@ -109,7 +109,7 @@ is omitted, the default is
Write PID to
.Ar FILE
instead of
.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
.Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid.
Under Windows this option will be ignored.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
@ -190,7 +190,7 @@ This will log all network traffic over the virtual private network.
Directory containing the configuration files tinc uses.
For more information, see
.Xr tinc.conf 5 .
.It Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid
.It Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid
The PID of the currently running
.Nm
is stored in this file.

View file

@ -2,3 +2,4 @@
@set PACKAGE @PACKAGE@
@set sysconfdir @sysconfdir@
@set localstatedir @localstatedir@
@set runstatedir @runstatedir@