diff --git a/ChangeLog b/ChangeLog index 01a1494..0feb52e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,74 @@ +Version 1.1pre8 August 13 2013 +------------------------------------------------------------------------ + +Guus Sliepen (56): + Don't try to create tinc.conf when using set or add commands. + Modernize the configure script a bit. + Use conditional compilation for device.c. + Use conditional compilation for cryptographic functions. + Rename xmalloc_and_zero() to xzalloc(). + Add generic crypto headers. + Add more __attribute__((malloc)) where appropriate. + Add __attribute__((warn_unused_result)) to crypto functions. + Fix warnings for functions marked __attribute((warn_unused_result)). + Add a few more checks and warnings in the crypto functions. + Enable the SPTPS protocol by default. + Fix check for presence of ECDSA public key for outgoing connections. + Use read_host_config() where appropriate. + Don't free ephemeral ECDH keys twice. + Fix potential NULL pointer dereferences. + Don't try to handle incoming data if sptps_start() has not been called yet. + Enable and fix warnings from automake. + Send a new key when we receive packets from a node we don't have a valid key for. + Annotate the xalloc functions. + Improve base64 encoding/decoding, add URL-safe variant. + Add a newline when logging to stderr in the tinc binary. + Fix port number in pidfile. + Add an invitation protocol. + Better optional argument handling. + Allow the log output to be stopped with control-C in tinc's shell. + Use strerror() instead of gai_strerror() when err == EAI_SYSTEM. + Add the LocalDiscoveryAddress option. + Set $NAME when calling host-up/down and subnet-up/down scripts. + Add connection rate limiting. + Fix warning "Both netname and configuration directory given" on Windows. + Add missing definitions on Windows. + Don't search in local directories for include files. + Don't use vasprintf() anymore on Windows. + Attribution for Etienne Dechamps. + Forbid protocol version rollback. + Allow extra options to be passed to "tinc restart" again. + Honour umask, let temporary key files inherit original's permissions. + Fix compression when using the SPTPS protocol. + Warn when incorrect use of add or set causes variables to be removed. + Allow control-C to stop tincd without stopping the tinc shell. + Don't forget the Port variable when creating an invitation URL. + Choose a different Port when 655 isn't available when doing "tinc init". + Choose a different Port when 655 isn't available when doing "tinc join". + Make absolutely sure we can write config files before accepting an invitation. + Defer handling netname conflicts when accepting an invitation. + Use umask() to set file and UNIX socket permissions without race conditions. + Clean up the SIGINT handler. + Really retry outgoing connections immediately if requested. + Non-zero exit code when reloading config file fails after SIGHUP. + Fix a typo. + Don't echo broadcast packets back when Broadcast = direct. + Move .h files from noinst_HEADERS to tincd_SOURCES. + Build .tar.gz instead of .tar.xz. + Update copyright notices. + Don't typedef the same struct in two header files. + Releasing 1.1pre8. + +Etienne Dechamps (5): + Fix combination of Mode = router and DeviceType = tap on Linux. + Fix hash_function(). + Disable PMTU discovery when TCPOnly is set. + Introduce lightweight PMTU probe replies. + Further improve bandwidth estimation for type 2 MTU probe replies. + +Sven-Haegar Koch (1): + Modified some error messages in src/sptps.c. + Version 1.1pre7 April 22 2013 ------------------------------------------------------------------------ diff --git a/INSTALL b/INSTALL index a1e89e1..007e939 100644 --- a/INSTALL +++ b/INSTALL @@ -1,7 +1,7 @@ Installation Instructions ************************* -Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation, +Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation, Inc. Copying and distribution of this file, with or without modification, @@ -309,9 +309,10 @@ causes the specified `gcc' to be used as the C compiler (unless it is overridden in the site shell script). Unfortunately, this technique does not work for `CONFIG_SHELL' due to -an Autoconf bug. Until the bug is fixed you can use this workaround: +an Autoconf limitation. Until the limitation is lifted, you can use +this workaround: - CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash + CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash `configure' Invocation ====================== @@ -367,4 +368,3 @@ operates. `configure' also accepts some other, not widely useful, options. Run `configure --help' for more details. - diff --git a/Makefile.am b/Makefile.am index 130cd6e..d2e6f3f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,7 +6,7 @@ SUBDIRS = m4 src doc gui ACLOCAL_AMFLAGS = -I m4 -EXTRA_DIST = have.h system.h COPYING.README README.android +EXTRA_DIST = COPYING.README README.android ChangeLog: git log > ChangeLog diff --git a/Makefile.in b/Makefile.in index 5ae644b..3ca1385 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,23 +14,51 @@ @SET_MAKE@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -51,15 +78,16 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = . -DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in $(srcdir)/config.h.in \ - $(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \ - THANKS config.guess config.sub depcomp install-sh missing +DIST_COMMON = INSTALL NEWS README AUTHORS ChangeLog \ + $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/configure $(am__configure_deps) \ + $(srcdir)/config.h.in COPYING THANKS compile config.guess \ + config.sub depcomp install-sh missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in + $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ @@ -68,15 +96,28 @@ mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = SOURCES = DIST_SOURCES = -RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \ - html-recursive info-recursive install-data-recursive \ - install-dvi-recursive install-exec-recursive \ - install-html-recursive install-info-recursive \ - install-pdf-recursive install-ps-recursive install-recursive \ - installcheck-recursive installdirs-recursive pdf-recursive \ - ps-recursive uninstall-recursive +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -84,11 +125,33 @@ am__can_run_installinfo = \ esac RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive -AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \ - $(RECURSIVE_CLEAN_TARGETS:-recursive=) tags TAGS ctags CTAGS \ - distdir dist dist-all distcheck +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + cscope distdir dist dist-all distcheck +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ + $(LISP)config.h.in +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags +CSCOPE = cscope DIST_SUBDIRS = $(SUBDIRS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) @@ -99,6 +162,7 @@ am__remove_distdir = \ && rm -rf "$(distdir)" \ || { sleep 5 && rm -rf "$(distdir)"; }; \ else :; fi +am__post_remove_distdir = $(am__remove_distdir) am__relativize = \ dir0=`pwd`; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \ @@ -126,12 +190,14 @@ am__relativize = \ reldir="$$dir2" DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best +DIST_TARGETS = dist-gzip distuninstallcheck_listfiles = find . -type f -print am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' distcleancheck_listfiles = find . -type f -print ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -151,7 +217,6 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ -INCLUDES = @INCLUDES@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -165,7 +230,6 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ @@ -236,14 +300,14 @@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = gnu SUBDIRS = m4 src doc gui ACLOCAL_AMFLAGS = -I m4 -EXTRA_DIST = have.h system.h COPYING.README README.android +EXTRA_DIST = COPYING.README README.android all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive .SUFFIXES: am--refresh: Makefile @: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -270,9 +334,9 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(top_srcdir)/configure: $(am__configure_deps) $(am__cd) $(srcdir) && $(AUTOCONF) -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) $(am__aclocal_m4_deps): @@ -283,7 +347,7 @@ config.h: stamp-h1 stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h -$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(srcdir)/config.h.in: $(am__configure_deps) ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ @@ -292,22 +356,25 @@ distclean-hdr: -rm -f config.h stamp-h1 # This directory's subdirectories are mostly independent; you can cd -# into them and run `make' without going through this Makefile. -# To change the values of `make' variables: instead of editing Makefiles, -# (1) if the variable is set in `config.status', edit `config.status' -# (which will cause the Makefiles to be regenerated when you run `make'); -# (2) otherwise, pass the desired values on the `make' command line. -$(RECURSIVE_TARGETS): - @fail= failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ - list='$(SUBDIRS)'; for subdir in $$list; do \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ @@ -322,57 +389,12 @@ $(RECURSIVE_TARGETS): $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" -$(RECURSIVE_CLEAN_TARGETS): - @fail= failcom='exit 1'; \ - for f in x $$MAKEFLAGS; do \ - case $$f in \ - *=* | --[!k]*);; \ - *k*) failcom='fail=yes';; \ - esac; \ - done; \ - dot_seen=no; \ - case "$@" in \ - distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ - *) list='$(SUBDIRS)' ;; \ - esac; \ - rev=''; for subdir in $$list; do \ - if test "$$subdir" = "."; then :; else \ - rev="$$subdir $$rev"; \ - fi; \ - done; \ - rev="$$rev ."; \ - target=`echo $@ | sed s/-recursive//`; \ - for subdir in $$rev; do \ - echo "Making $$target in $$subdir"; \ - if test "$$subdir" = "."; then \ - local_target="$$target-am"; \ - else \ - local_target="$$target"; \ - fi; \ - ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ - || eval $$failcom; \ - done && test -z "$$fail" -tags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ - done -ctags-recursive: - list='$(SUBDIRS)'; for subdir in $$list; do \ - test "$$subdir" = . || ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \ - done +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ @@ -388,12 +410,7 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ - list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ + $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ @@ -405,15 +422,11 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $$unique; \ fi; \ fi -ctags: CTAGS -CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique @@ -422,11 +435,39 @@ GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" +cscope: cscope.files + test ! -s cscope.files \ + || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) +clean-cscope: + -rm -f cscope.files +cscope.files: clean-cscope cscopelist +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + -rm -f cscope.out cscope.in.out cscope.po.out cscope.files distdir: $(DISTFILES) + @case `sed 15q $(srcdir)/NEWS` in \ + *"$(VERSION)"*) : ;; \ + *) \ + echo "NEWS not updated; not releasing" 1>&2; \ + exit 1;; \ + esac $(am__remove_distdir) test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ @@ -492,40 +533,36 @@ distdir: $(DISTFILES) || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) + $(am__post_remove_distdir) dist-bzip2: distdir tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 - $(am__remove_distdir) + $(am__post_remove_distdir) dist-lzip: distdir tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz - $(am__remove_distdir) - -dist-lzma: distdir - tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma - $(am__remove_distdir) + $(am__post_remove_distdir) dist-xz: distdir tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz - $(am__remove_distdir) + $(am__post_remove_distdir) dist-tarZ: distdir tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z - $(am__remove_distdir) + $(am__post_remove_distdir) dist-shar: distdir shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz - $(am__remove_distdir) + $(am__post_remove_distdir) dist-zip: distdir -rm -f $(distdir).zip zip -rq $(distdir).zip $(distdir) - $(am__remove_distdir) + $(am__post_remove_distdir) -dist dist-all: distdir - tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) +dist dist-all: + $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' + $(am__post_remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another @@ -536,8 +573,6 @@ distcheck: dist GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ - *.tar.lzma*) \ - lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ *.tar.lz*) \ lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ *.tar.xz*) \ @@ -549,9 +584,9 @@ distcheck: dist *.zip*) \ unzip $(distdir).zip ;;\ esac - chmod -R a-w $(distdir); chmod u+w $(distdir) - mkdir $(distdir)/_build - mkdir $(distdir)/_inst + chmod -R a-w $(distdir) + chmod u+w $(distdir) + mkdir $(distdir)/_build $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ @@ -583,7 +618,7 @@ distcheck: dist && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ && cd "$$am__cwd" \ || exit 1 - $(am__remove_distdir) + $(am__post_remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' @@ -717,13 +752,12 @@ ps-am: uninstall-am: -.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) all \ - ctags-recursive install-am install-strip tags-recursive +.MAKE: $(am__recursive_targets) all install-am install-strip -.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ - all all-am am--refresh check check-am clean clean-generic \ - ctags ctags-recursive dist dist-all dist-bzip2 dist-gzip \ - dist-lzip dist-lzma dist-shar dist-tarZ dist-xz dist-zip \ +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ + am--refresh check check-am clean clean-cscope clean-generic \ + cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ + dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ distcheck distclean distclean-generic distclean-hdr \ distclean-tags distcleancheck distdir distuninstallcheck dvi \ dvi-am html html-am info info-am install install-am \ @@ -733,8 +767,8 @@ uninstall-am: install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs installdirs-am \ maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic pdf pdf-am ps ps-am tags tags-recursive \ - uninstall uninstall-am + mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am ChangeLog: diff --git a/NEWS b/NEWS index 960b85c..66ed06f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,19 @@ +Version 1.1pre8 August 13 2013 + + * ExperimentalProtocol is now enabled by default. + + * Added an invitation protocol that makes it easy to invite new nodes. + + * Added the LocalDiscoveryAddress option to change the broadcast address used + to find local nodes. + + * Limit the rate of incoming meta-connections. + + * Many small bug fixes and code cleanups. + +Thanks to Etienne Dechamps and Sven-Haegar Koch for their contributions to this +version of tinc. + Version 1.1pre7 April 22 2013 * Fixed large latencies on Windows. @@ -105,6 +121,46 @@ Version 1.1pre1 June 25 2011 Thanks to Scott Lamb and Sven-Haegar Koch for their contributions to this version of tinc. +Version 1.0.22 August 13 2013 + + * Fixed the combination of Mode = router and DeviceType = tap. + + * The $NAME variable is now set in subnet-up/down scripts. + + * Tinc now gives an error when unknown options are given on the command line. + + * Tinc now correctly handles a space between a short command line option and + an optional argument. + +Thanks to Etienne Dechamps for his contribution to this version of tinc. + +Version 1.0.21 April 22 2013 + + * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). + +Thanks to Martin Schobert for auditing tinc and reporting this vulnerability. + +Version 1.0.20 March 03 2013 + + * Use /dev/tap0 by default on FreeBSD and NetBSD when using switch mode. + + * Minor improvements and clarifications in the documentation. + + * Allow tinc to be cross-compiled with Android's NDK. + + * The discovered PMTU is now also applied to VLAN tagged traffic. + + * The LocalDiscovery option now makes use of all addresses tinc is bound to. + + * Fixed support for tunemu on iOS devices. + + * The PriorityInheritance option now also works with switch mode. + + * Fixed tinc crashing when using a SOCKS5 proxy. + +Thanks to Mesar Hameed, Vilbrekin and Martin Schürrer for their contributions +to this version of tinc. + Version 1.0.19 June 25 2012 * Allow :: notation in IPv6 Subnets. diff --git a/README b/README index 3267829..73eb070 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -This is the README file for tinc version 1.1pre7. Installation +This is the README file for tinc version 1.1pre8. Installation instructions may be found in the INSTALL file. tinc is Copyright (C) 1998-2013 by: @@ -36,11 +36,12 @@ at your own risk. Compatibility ------------- -Version 1.1pre7 is compatible with 1.0pre8, 1.0 and later, but not with older +Version 1.1pre8 is compatible with 1.0pre8, 1.0 and later, but not with older versions of tinc. -When the ExperimentalProtocol option is used, tinc is still compatible with -1.0.X and 1.1pre7 itself, but not with any other 1.1preX version. +When the ExperimentalProtocol option is used, which is the default since +1.1pre8, tinc is still compatible with 1.0.X and 1.1pre8 itself, but not with +any other 1.1preX version. Requirements @@ -49,7 +50,8 @@ Requirements In order to compile tinc, you will need a GNU C compiler environment. Please ensure you have the latest stable versions of all the required libraries: -- OpenSSL (http://www.openssl.org/) version 1.0.0 or later. +- OpenSSL (http://www.openssl.org/) version 1.0.0 or later, with support for + elliptic curve cryptography (ECC) enabeld. The following libraries are used by default, but can be disabled if necessary: diff --git a/THANKS b/THANKS index 040f33d..6753c2f 100644 --- a/THANKS +++ b/THANKS @@ -13,6 +13,7 @@ We would like to thank the following people for their contributions to tinc: * dnk * Enrique Zanardi * Erik Tews +* Etienne Dechamps * Flynn Marquardt * Grzegorz Dymarek * Hans Bayle diff --git a/aclocal.m4 b/aclocal.m4 index 181bd2f..b4047e3 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,8 +1,7 @@ -# generated automatically by aclocal 1.11.6 -*- Autoconf -*- +# generated automatically by aclocal 1.13.3 -*- Autoconf -*- + +# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, -# Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -12,13 +11,14 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, [m4_warning([this file was generated for autoconf 2.69. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. -To do so, use the procedure documented by the package, typically `autoreconf'.])]) +To do so, use the procedure documented by the package, typically 'autoreconf'.])]) dnl Autoconf macros for libgcrypt dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc. @@ -144,25 +144,22 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], AC_SUBST(LIBGCRYPT_LIBS) ]) -# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 2002-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 1 - # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.11' +[am__api_version='1.13' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.11.6], [], +m4_if([$1], [1.13.3], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -178,24 +175,22 @@ m4_define([_AM_AUTOCONF_VERSION], []) # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.11.6])dnl +[AM_AUTOMAKE_VERSION([1.13.3])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # AM_AUX_DIR_EXPAND -*- Autoconf -*- -# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 1 - # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets -# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to -# `$srcdir', `$srcdir/..', or `$srcdir/../..'. +# $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to +# '$srcdir', '$srcdir/..', or '$srcdir/../..'. # # Of course, Automake must honor this variable whenever it calls a # tool from the auxiliary directory. The problem is that $srcdir (and @@ -214,7 +209,7 @@ _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # # The reason of the latter failure is that $top_srcdir and $ac_aux_dir # are both prefixed by $srcdir. In an in-source build this is usually -# harmless because $srcdir is `.', but things will broke when you +# harmless because $srcdir is '.', but things will broke when you # start a VPATH build or use an absolute $srcdir. # # So we could use something similar to $top_srcdir/$ac_aux_dir/missing, @@ -240,22 +235,19 @@ am_aux_dir=`cd $ac_aux_dir && pwd` # AM_CONDITIONAL -*- Autoconf -*- -# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006, 2008 -# Free Software Foundation, Inc. +# Copyright (C) 1997-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 9 - # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. AC_DEFUN([AM_CONDITIONAL], -[AC_PREREQ(2.52)dnl - ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], - [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +[AC_PREREQ([2.52])dnl + m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl @@ -274,16 +266,14 @@ AC_CONFIG_COMMANDS_PRE( Usually this means the macro was only invoked conditionally.]]) fi])]) -# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009, -# 2010, 2011 Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 12 -# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be +# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, # will think it sees a *use*, and therefore will trigger all it's # C support machinery. Also note that it means that autoscan, seeing @@ -293,7 +283,7 @@ fi])]) # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. -# NAME is "CC", "CXX", "GCJ", or "OBJC". +# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". # We try a few techniques and use that to set a single cache variable. # # We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was @@ -306,12 +296,13 @@ AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl AC_REQUIRE([AM_MAKE_INCLUDE])dnl AC_REQUIRE([AM_DEP_TRACK])dnl -ifelse([$1], CC, [depcc="$CC" am_compiler_list=], - [$1], CXX, [depcc="$CXX" am_compiler_list=], - [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], - [$1], UPC, [depcc="$UPC" am_compiler_list=], - [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], - [depcc="$$1" am_compiler_list=]) +m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], + [$1], [CXX], [depcc="$CXX" am_compiler_list=], + [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], + [$1], [UPC], [depcc="$UPC" am_compiler_list=], + [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) AC_CACHE_CHECK([dependency style of $depcc], [am_cv_$1_dependencies_compiler_type], @@ -319,8 +310,8 @@ AC_CACHE_CHECK([dependency style of $depcc], # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're @@ -360,16 +351,16 @@ AC_CACHE_CHECK([dependency style of $depcc], : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - # We check with `-c' and `-o' for the sake of the "dashmstdout" + # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. Also, some Intel - # versions had trouble with output in subdirs + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in @@ -378,8 +369,8 @@ AC_CACHE_CHECK([dependency style of $depcc], test "$am__universal" = false || continue ;; nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else @@ -387,7 +378,7 @@ AC_CACHE_CHECK([dependency style of $depcc], fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) - # This compiler won't grok `-c -o', but also, the minuso test has + # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} @@ -435,7 +426,7 @@ AM_CONDITIONAL([am__fastdep$1], [ # AM_SET_DEPDIR # ------------- # Choose a directory name for dependency files. -# This macro is AC_REQUIREd in _AM_DEPENDENCIES +# This macro is AC_REQUIREd in _AM_DEPENDENCIES. AC_DEFUN([AM_SET_DEPDIR], [AC_REQUIRE([AM_SET_LEADING_DOT])dnl AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl @@ -445,9 +436,13 @@ AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl # AM_DEP_TRACK # ------------ AC_DEFUN([AM_DEP_TRACK], -[AC_ARG_ENABLE(dependency-tracking, -[ --disable-dependency-tracking speeds up one-time build - --enable-dependency-tracking do not reject slow dependency extractors]) +[AC_ARG_ENABLE([dependency-tracking], [dnl +AS_HELP_STRING( + [--enable-dependency-tracking], + [do not reject slow dependency extractors]) +AS_HELP_STRING( + [--disable-dependency-tracking], + [speeds up one-time build])]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' @@ -462,20 +457,18 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl # Generate code to set up dependency tracking. -*- Autoconf -*- -# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2008 -# Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -#serial 5 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], [{ - # Autoconf 2.62 quotes --file arguments for eval, but not when files + # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in @@ -488,7 +481,7 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named `Makefile.in', but + # We used to match only the files named 'Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. @@ -500,21 +493,19 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], continue fi # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running `make'. + # from the Makefile without running 'make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "am__include" && continue + test -z "$am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n 's/^U = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`AS_DIRNAME(["$file"])` @@ -532,7 +523,7 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], # This macro should only be invoked once -- use via AC_REQUIRE. # # This code is only required when automatic dependency tracking -# is enabled. FIXME. This creates each `.P' file that we will +# is enabled. FIXME. This creates each '.P' file that we will # need in order to bootstrap the dependency handling code. AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [AC_CONFIG_COMMANDS([depfiles], @@ -542,15 +533,12 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], # Do all the work for Automake. -*- Autoconf -*- -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006, 2008, 2009 Free Software Foundation, Inc. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 16 - # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. @@ -566,7 +554,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_PREREQ([2.62])dnl +[AC_PREREQ([2.65])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl @@ -595,31 +583,40 @@ AC_SUBST([CYGPATH_W]) # Define the identity of the package. dnl Distinguish between old-style and new-style calls. m4_ifval([$2], -[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl +[AC_DIAGNOSE([obsolete], + [$0: two- and three-arguments forms are deprecated.]) +m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl AC_SUBST([PACKAGE], [$1])dnl AC_SUBST([VERSION], [$2])], [_AM_SET_OPTIONS([$1])dnl dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. -m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, +m4_if( + m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), + [ok:ok],, [m4_fatal([AC_INIT should be called with package and version arguments])])dnl AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl _AM_IF_OPTION([no-define],, -[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) - AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl +[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) + AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl # Some tools Automake needs. AC_REQUIRE([AM_SANITY_CHECK])dnl AC_REQUIRE([AC_ARG_PROGRAM])dnl -AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) -AM_MISSING_PROG(AUTOCONF, autoconf) -AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) -AM_MISSING_PROG(AUTOHEADER, autoheader) -AM_MISSING_PROG(MAKEINFO, makeinfo) +AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) +AM_MISSING_PROG([AUTOCONF], [autoconf]) +AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) +AM_MISSING_PROG([AUTOHEADER], [autoheader]) +AM_MISSING_PROG([MAKEINFO], [makeinfo]) AC_REQUIRE([AM_PROG_INSTALL_SH])dnl AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl -AC_REQUIRE([AM_PROG_MKDIR_P])dnl +AC_REQUIRE([AC_PROG_MKDIR_P])dnl +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +AC_SUBST([mkdir_p], ['$(MKDIR_P)']) # We need awk for the "check" target. The system "awk" is bad on # some platforms. AC_REQUIRE([AC_PROG_AWK])dnl @@ -630,28 +627,32 @@ _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], - [_AM_DEPENDENCIES(CC)], - [define([AC_PROG_CC], - defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl + [_AM_DEPENDENCIES([CC])], + [m4_define([AC_PROG_CC], + m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], - [_AM_DEPENDENCIES(CXX)], - [define([AC_PROG_CXX], - defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl + [_AM_DEPENDENCIES([CXX])], + [m4_define([AC_PROG_CXX], + m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], - [_AM_DEPENDENCIES(OBJC)], - [define([AC_PROG_OBJC], - defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl + [_AM_DEPENDENCIES([OBJC])], + [m4_define([AC_PROG_OBJC], + m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], + [_AM_DEPENDENCIES([OBJCXX])], + [m4_define([AC_PROG_OBJCXX], + m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl ]) -_AM_IF_OPTION([silent-rules], [AC_REQUIRE([AM_SILENT_RULES])])dnl -dnl The `parallel-tests' driver may need to know about EXEEXT, so add the -dnl `am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This macro -dnl is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_REQUIRE([AM_SILENT_RULES])dnl +dnl The testsuite driver may need to know about EXEEXT, so add the +dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This +dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. AC_CONFIG_COMMANDS_PRE(dnl [m4_provide_if([_AM_COMPILER_EXEEXT], [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl ]) -dnl Hook into `_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further dnl mangled by Autoconf and run in a shell conditional statement. m4_define([_AC_COMPILER_EXEEXT], @@ -679,15 +680,12 @@ for _am_header in $config_headers :; do done echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) -# Copyright (C) 2001, 2003, 2005, 2008, 2011 Free Software Foundation, -# Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 1 - # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. @@ -701,16 +699,14 @@ if test x"${install_sh}" != xset; then install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi -AC_SUBST(install_sh)]) +AC_SUBST([install_sh])]) -# Copyright (C) 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2003-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], @@ -724,56 +720,14 @@ fi rmdir .tst 2>/dev/null AC_SUBST([am__leading_dot])]) -# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- -# From Jim Meyering - -# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008, -# 2011 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 5 - -# AM_MAINTAINER_MODE([DEFAULT-MODE]) -# ---------------------------------- -# Control maintainer-specific portions of Makefiles. -# Default is to disable them, unless `enable' is passed literally. -# For symmetry, `disable' may be passed as well. Anyway, the user -# can override the default with the --enable/--disable switch. -AC_DEFUN([AM_MAINTAINER_MODE], -[m4_case(m4_default([$1], [disable]), - [enable], [m4_define([am_maintainer_other], [disable])], - [disable], [m4_define([am_maintainer_other], [enable])], - [m4_define([am_maintainer_other], [enable]) - m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) -AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) - dnl maintainer-mode's default is 'disable' unless 'enable' is passed - AC_ARG_ENABLE([maintainer-mode], -[ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful - (and sometimes confusing) to the casual installer], - [USE_MAINTAINER_MODE=$enableval], - [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) - AC_MSG_RESULT([$USE_MAINTAINER_MODE]) - AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) - MAINT=$MAINTAINER_MODE_TRUE - AC_SUBST([MAINT])dnl -] -) - -AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) - # Check to see how 'make' treats includes. -*- Autoconf -*- -# Copyright (C) 2001, 2002, 2003, 2005, 2009 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 4 - # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. @@ -791,7 +745,7 @@ am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf -# Ignore all kinds of additional output from `make'. +# Ignore all kinds of additional output from 'make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include @@ -816,16 +770,45 @@ AC_MSG_RESULT([$_am_result]) rm -f confinc confmf ]) -# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- - -# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005, 2008 -# Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 6 +# AM_PROG_CC_C_O +# -------------- +# Like AC_PROG_CC_C_O, but changed for automake. +AC_DEFUN([AM_PROG_CC_C_O], +[AC_REQUIRE([AC_PROG_CC_C_O])dnl +AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([compile])dnl +# FIXME: we rely on the cache variable name because +# there is no other way. +set dummy $CC +am_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` +eval am_t=\$ac_cv_prog_cc_${am_cc}_c_o +if test "$am_t" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +dnl Make sure AC_PROG_CC is never called again, or it will override our +dnl setting of CC. +m4_define([AC_PROG_CC], + [m4_fatal([AC_PROG_CC cannot be called after AM_PROG_CC_C_O])]) +]) + +# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- + +# Copyright (C) 1997-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ @@ -834,11 +817,10 @@ AC_DEFUN([AM_MISSING_PROG], $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) - # AM_MISSING_HAS_RUN # ------------------ -# Define MISSING if not defined so far and test if it supports --run. -# If it does, set am_missing_run to use it, otherwise, to nothing. +# Define MISSING if not defined so far and test if it is modern enough. +# If it is, set am_missing_run to use it, otherwise, to nothing. AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl @@ -851,54 +833,22 @@ if test x"${MISSING+set}" != xset; then esac fi # Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " else am_missing_run= - AC_MSG_WARN([`missing' script is too old or missing]) + AC_MSG_WARN(['missing' script is too old or missing]) fi ]) -# Copyright (C) 2003, 2004, 2005, 2006, 2011 Free Software Foundation, -# Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 1 - -# AM_PROG_MKDIR_P -# --------------- -# Check for `mkdir -p'. -AC_DEFUN([AM_PROG_MKDIR_P], -[AC_PREREQ([2.60])dnl -AC_REQUIRE([AC_PROG_MKDIR_P])dnl -dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, -dnl while keeping a definition of mkdir_p for backward compatibility. -dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. -dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of -dnl Makefile.ins that do not define MKDIR_P, so we do our own -dnl adjustment using top_builddir (which is defined more often than -dnl MKDIR_P). -AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl -case $mkdir_p in - [[\\/$]]* | ?:[[\\/]]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac -]) - # Helper functions for option handling. -*- Autoconf -*- -# Copyright (C) 2001, 2002, 2003, 2005, 2008, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 - # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], @@ -908,7 +858,7 @@ AC_DEFUN([_AM_MANGLE_OPTION], # -------------------- # Set option NAME. Presently that only means defining a flag for this option. AC_DEFUN([_AM_SET_OPTION], -[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) +[m4_define(_AM_MANGLE_OPTION([$1]), [1])]) # _AM_SET_OPTIONS(OPTIONS) # ------------------------ @@ -924,22 +874,16 @@ AC_DEFUN([_AM_IF_OPTION], # Check to make sure that the build environment is sane. -*- Autoconf -*- -# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005, 2008 -# Free Software Foundation, Inc. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 - # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], [AC_MSG_CHECKING([whether build environment is sane]) -# Just in case -sleep 1 -echo timestamp > conftest.file # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' @@ -950,32 +894,40 @@ case `pwd` in esac case $srcdir in *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) - AC_MSG_ERROR([unsafe srcdir value: `$srcdir']);; + AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; esac -# Do `set' in a subshell so we don't clobber the current shell's +# Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( - set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` - if test "$[*]" = "X"; then - # -L didn't work. - set X `ls -t "$srcdir/configure" conftest.file` - fi - rm -f conftest.file - if test "$[*]" != "X $srcdir/configure conftest.file" \ - && test "$[*]" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken -alias in your environment]) - fi + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken + alias in your environment]) + fi + if test "$[2]" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done test "$[2]" = conftest.file ) then @@ -985,46 +937,118 @@ else AC_MSG_ERROR([newly created file is older than distributed files! Check your system clock]) fi -AC_MSG_RESULT(yes)]) +AC_MSG_RESULT([yes]) +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! +fi +AC_CONFIG_COMMANDS_PRE( + [AC_MSG_CHECKING([that generated files are newer than configure]) + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + AC_MSG_RESULT([done])]) +rm -f conftest.file +]) -# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc. +# Copyright (C) 2009-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 1 +# AM_SILENT_RULES([DEFAULT]) +# -------------------------- +# Enable less verbose build rules; with the default set to DEFAULT +# ("yes" being less verbose, "no" or empty being verbose). +AC_DEFUN([AM_SILENT_RULES], +[AC_ARG_ENABLE([silent-rules], [dnl +AS_HELP_STRING( + [--enable-silent-rules], + [less verbose build output (undo: "make V=1")]) +AS_HELP_STRING( + [--disable-silent-rules], + [verbose build output (undo: "make V=0")])dnl +]) +case $enable_silent_rules in @%:@ ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; +esac +dnl +dnl A few 'make' implementations (e.g., NonStop OS and NextStep) +dnl do not support nested variable expansions. +dnl See automake bug#9928 and bug#10237. +am_make=${MAKE-make} +AC_CACHE_CHECK([whether $am_make supports nested variables], + [am_cv_make_support_nested_variables], + [if AS_ECHO([['TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi]) +if test $am_cv_make_support_nested_variables = yes; then + dnl Using '$V' instead of '$(V)' breaks IRIX make. + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AC_SUBST([AM_V])dnl +AM_SUBST_NOTMAKE([AM_V])dnl +AC_SUBST([AM_DEFAULT_V])dnl +AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl +AC_SUBST([AM_DEFAULT_VERBOSITY])dnl +AM_BACKSLASH='\' +AC_SUBST([AM_BACKSLASH])dnl +_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl +]) + +# Copyright (C) 2001-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. # AM_PROG_INSTALL_STRIP # --------------------- -# One issue with vendor `install' (even GNU) is that you can't +# One issue with vendor 'install' (even GNU) is that you can't # specify the program used to strip binaries. This is especially # annoying in cross-compiling environments, where the build's strip # is unlikely to handle the host's binaries. # Fortunately install-sh will honor a STRIPPROG variable, so we -# always use install-sh in `make install-strip', and initialize +# always use install-sh in "make install-strip", and initialize # STRIPPROG with the value of the STRIP variable (set by the user). AC_DEFUN([AM_PROG_INSTALL_STRIP], [AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -dnl Don't test for $cross_compiling = yes, because it might be `maybe'. +# will honor the 'STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. if test "$cross_compiling" != no; then AC_CHECK_TOOL([STRIP], [strip], :) fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) -# Copyright (C) 2006, 2008, 2010 Free Software Foundation, Inc. +# Copyright (C) 2006-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 - # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. @@ -1038,18 +1062,16 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) # Check how to create a tarball. -*- Autoconf -*- -# Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc. +# Copyright (C) 2004-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. -# FORMAT should be one of `v7', `ustar', or `pax'. +# FORMAT should be one of 'v7', 'ustar', or 'pax'. # # Substitute a variable $(am__tar) that is a command # writing to stdout a FORMAT-tarball containing the directory @@ -1059,76 +1081,114 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) # Substitute a variable $(am__untar) that extract such # a tarball read from stdin. # $(am__untar) < result.tar +# AC_DEFUN([_AM_PROG_TAR], [# Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AC_SUBST([AMTAR], ['$${TAR-tar}']) -m4_if([$1], [v7], - [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], - [m4_case([$1], [ustar],, [pax],, - [m4_fatal([Unknown tar format])]) -AC_MSG_CHECKING([how to create a $1 tar archive]) -# Loop over all known methods to create a tar archive until one works. + +# We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' -_am_tools=${am_cv_prog_tar_$1-$_am_tools} -# Do not fold the above two line into one, because Tru64 sh and -# Solaris sh will not grok spaces in the rhs of `-'. -for _am_tool in $_am_tools -do - case $_am_tool in - gnutar) - for _am_tar in tar gnutar gtar; - do - AM_RUN_LOG([$_am_tar --version]) && break - done - am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' - am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' - am__untar="$_am_tar -xf -" - ;; - plaintar) - # Must skip GNU tar: if it does not support --format= it doesn't create - # ustar tarball either. - (tar --version) >/dev/null 2>&1 && continue - am__tar='tar chf - "$$tardir"' - am__tar_='tar chf - "$tardir"' - am__untar='tar xf -' - ;; - pax) - am__tar='pax -L -x $1 -w "$$tardir"' - am__tar_='pax -L -x $1 -w "$tardir"' - am__untar='pax -r' - ;; - cpio) - am__tar='find "$$tardir" -print | cpio -o -H $1 -L' - am__tar_='find "$tardir" -print | cpio -o -H $1 -L' - am__untar='cpio -i -H $1 -d' - ;; - none) - am__tar=false - am__tar_=false - am__untar=false - ;; - esac - # If the value was cached, stop now. We just wanted to have am__tar - # and am__untar set. - test -n "${am_cv_prog_tar_$1}" && break +m4_if([$1], [v7], + [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], - # tar/untar a dummy directory, and stop if the command works + [m4_case([$1], + [ustar], + [# The POSIX 1988 'ustar' format is defined with fixed-size fields. + # There is notably a 21 bits limit for the UID and the GID. In fact, + # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 + # and bug#13588). + am_max_uid=2097151 # 2^21 - 1 + am_max_gid=$am_max_uid + # The $UID and $GID variables are not portable, so we need to resort + # to the POSIX-mandated id(1) utility. Errors in the 'id' calls + # below are definitely unexpected, so allow the users to see them + # (that is, avoid stderr redirection). + am_uid=`id -u || echo unknown` + am_gid=`id -g || echo unknown` + AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) + if test $am_uid -le $am_max_uid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi + AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) + if test $am_gid -le $am_max_gid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi], + + [pax], + [], + + [m4_fatal([Unknown tar format])]) + + AC_MSG_CHECKING([how to create a $1 tar archive]) + + # Go ahead even if we have the value already cached. We do so because we + # need to set the values for the 'am__tar' and 'am__untar' variables. + _am_tools=${am_cv_prog_tar_$1-$_am_tools} + + for _am_tool in $_am_tools; do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac + + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works. + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar /dev/null 2>&1 && break + fi + done rm -rf conftest.dir - mkdir conftest.dir - echo GrepMe > conftest.dir/file - AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) - rm -rf conftest.dir - if test -s conftest.tar; then - AM_RUN_LOG([$am__untar /dev/null 2>&1 && break - fi -done -rm -rf conftest.dir -AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) -AC_MSG_RESULT([$am_cv_prog_tar_$1])]) + AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) + AC_MSG_RESULT([$am_cv_prog_tar_$1])]) + AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR diff --git a/compile b/compile new file mode 100755 index 0000000..531136b --- /dev/null +++ b/compile @@ -0,0 +1,347 @@ +#! /bin/sh +# Wrapper for compilers which do not understand '-c -o'. + +scriptversion=2012-10-14.11; # UTC + +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Written by Tom Tromey . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: compile [--help] [--version] PROGRAM [ARGS] + +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining +arguments, and rename the output as expected. + +If you are trying to build a whole package this is not the +right script to run: please start by reading the file 'INSTALL'. + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "compile $scriptversion" + exit $? + ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; +esac + +ofile= +cfile= + +for arg +do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. + eat=1 + case $2 in + *.o | *.obj) + ofile=$2 + ;; + *) + set x "$@" -o "$2" + shift + ;; + esac + ;; + *.c) + cfile=$1 + set x "$@" "$1" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift +done + +if test -z "$ofile" || test -z "$cfile"; then + # If no '-o' option was seen then we might have been invoked from a + # pattern rule where we don't need one. That is ok -- this is a + # normal compilation that the losing compiler can handle. If no + # '.c' file was seen then we are probably linking. That is also + # ok. + exec "$@" +fi + +# Name of file we expect compiler to create. +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` + +# Create the lock directory. +# Note: use '[/\\:.-]' here to ensure that we don't use the same name +# that we are using for the .o file. Also, base the name on the expected +# object file name, since that is what matters with a parallel build. +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d +while true; do + if mkdir "$lockdir" >/dev/null 2>&1; then + break + fi + sleep 1 +done +# FIXME: race condition here if user kills between mkdir and trap. +trap "rmdir '$lockdir'; exit 1" 1 2 15 + +# Run the compile. +"$@" +ret=$? + +if test -f "$cofile"; then + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" +elif test -f "${cofile}bj"; then + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" +fi + +rmdir "$lockdir" +exit $ret + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/config.guess b/config.guess index d622a44..b79252d 100755 --- a/config.guess +++ b/config.guess @@ -1,14 +1,12 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2012-02-10' +timestamp='2013-06-10' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -22,19 +20,17 @@ timestamp='2012-02-10' # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to and include a ChangeLog -# entry. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). # -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. +# Originally written by Per Bothner. # # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD +# +# Please send patches with a ChangeLog entry to config-patches@gnu.org. + me=`echo "$0" | sed -e 's,.*/,,'` @@ -54,9 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -138,6 +132,27 @@ UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in @@ -200,6 +215,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -302,7 +321,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -801,6 +820,9 @@ EOF i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; @@ -852,21 +874,21 @@ EOF exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; aarch64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in @@ -879,59 +901,54 @@ EOF EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi else - echo ${UNAME_MACHINE}-unknown-linux-gnueabihf + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf fi fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; hexagon:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build @@ -950,54 +967,63 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; + or1k:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; or32:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) - echo sparc-unknown-linux-gnu + echo sparc-unknown-linux-${LIBC} exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + echo powerpc64-unknown-linux-${LIBC} exit ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -1201,6 +1227,9 @@ EOF BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1227,19 +1256,21 @@ EOF exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) @@ -1256,7 +1287,7 @@ EOF NEO-?:NONSTOP_KERNEL:*:*) echo neo-tandem-nsk${UNAME_RELEASE} exit ;; - NSE-?:NONSTOP_KERNEL:*:*) + NSE-*:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) @@ -1330,9 +1361,6 @@ EOF exit ;; esac -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - eval $set_cc_for_build cat >$dummy.c <. @@ -26,11 +20,12 @@ timestamp='2012-04-18' # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). -# Please send patches to . Submit a context -# diff and a properly formatted GNU ChangeLog entry. +# Please send patches with a ChangeLog entry to config-patches@gnu.org. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. @@ -73,9 +68,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -123,7 +116,7 @@ esac maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) @@ -156,7 +149,7 @@ case $os in -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) + -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; @@ -259,10 +252,12 @@ case $basic_machine in | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | be32 | be64 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | be32 | be64 \ | bfin \ - | c4x | clipper \ + | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ | epiphany \ | fido | fr30 | frv \ @@ -273,7 +268,7 @@ case $basic_machine in | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -291,16 +286,17 @@ case $basic_machine in | mipsisa64r2 | mipsisa64r2el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ | nds32 | nds32le | nds32be \ - | nios | nios2 \ + | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ | open8 \ - | or32 \ + | or1k | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ @@ -370,13 +366,13 @@ case $basic_machine in | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ | be32-* | be64-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | clipper-* | craynv-* | cydra-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ @@ -389,7 +385,8 @@ case $basic_machine in | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ @@ -407,12 +404,13 @@ case $basic_machine in | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | open8-* \ | orion-* \ @@ -788,11 +786,15 @@ case $basic_machine in basic_machine=ns32k-utek os=-sysv ;; - microblaze) + microblaze*) basic_machine=microblaze-xilinx ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; mingw32) - basic_machine=i386-pc + basic_machine=i686-pc os=-mingw32 ;; mingw32ce) @@ -828,7 +830,7 @@ case $basic_machine in basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; msys) - basic_machine=i386-pc + basic_machine=i686-pc os=-msys ;; mvs) @@ -1019,7 +1021,11 @@ case $basic_machine in basic_machine=i586-unknown os=-pw32 ;; - rdos) + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) basic_machine=i386-pc os=-rdos ;; @@ -1346,21 +1352,21 @@ case $os in -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ + | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ + | -bitrig* | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-android* \ - | -linux-newlib* | -linux-uclibc* \ + | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ @@ -1492,9 +1498,6 @@ case $os in -aros*) os=-aros ;; - -kaos*) - os=-kaos - ;; -zvmoe) os=-zvmoe ;; @@ -1543,6 +1546,9 @@ case $basic_machine in c4x-* | tic4x-*) os=-coff ;; + c8051-*) + os=-elf + ;; hexagon-*) os=-elf ;; @@ -1586,6 +1592,9 @@ case $basic_machine in mips*-*) os=-elf ;; + or1k-*) + os=-elf + ;; or32-*) os=-coff ;; diff --git a/configure b/configure index 8c3051f..ae5c23d 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69. +# Generated by GNU Autoconf 2.69 for tinc 1.1pre8. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -575,12 +575,12 @@ MFLAGS= MAKEFLAGS= # Identity of this package. -PACKAGE_NAME= -PACKAGE_TARNAME= -PACKAGE_VERSION= -PACKAGE_STRING= -PACKAGE_BUGREPORT= -PACKAGE_URL= +PACKAGE_NAME='tinc' +PACKAGE_TARNAME='tinc' +PACKAGE_VERSION='1.1pre8' +PACKAGE_STRING='tinc 1.1pre8' +PACKAGE_BUGREPORT='' +PACKAGE_URL='' ac_unique_file="src/tincd.c" # Factoring default headers for most tests. @@ -623,7 +623,10 @@ ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS -INCLUDES +GCRYPT_FALSE +GCRYPT_TRUE +OPENSSL_FALSE +OPENSSL_TRUE LIBGCRYPT_LIBS LIBGCRYPT_CFLAGS LIBGCRYPT_CONFIG @@ -635,6 +638,16 @@ VDE_FALSE VDE_TRUE UML_FALSE UML_TRUE +CYGWIN_FALSE +CYGWIN_TRUE +MINGW_FALSE +MINGW_TRUE +SOLARIS_FALSE +SOLARIS_TRUE +BSD_FALSE +BSD_TRUE +LINUX_FALSE +LINUX_TRUE host_os host_vendor host_cpu @@ -645,9 +658,10 @@ build_cpu build RANLIB LN_S -MAINT -MAINTAINER_MODE_FALSE -MAINTAINER_MODE_TRUE +AM_BACKSLASH +AM_DEFAULT_VERBOSITY +AM_DEFAULT_V +AM_V am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE @@ -733,7 +747,7 @@ ac_subst_files='' ac_user_opts=' enable_option_checking enable_dependency_tracking -enable_maintainer_mode +enable_silent_rules enable_uml enable_vde enable_tunemu @@ -809,7 +823,7 @@ sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' -docdir='${datarootdir}/doc/${PACKAGE}' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' @@ -1309,7 +1323,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures this package to adapt to many kinds of systems. +\`configure' configures tinc 1.1pre8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1357,7 +1371,7 @@ Fine tuning of the installation directories: --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] + --docdir=DIR documentation root [DATAROOTDIR/doc/tinc] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] @@ -1378,17 +1392,21 @@ _ACEOF fi if test -n "$ac_init_help"; then - + case $ac_init_help in + short | recursive ) echo "Configuration of tinc 1.1pre8:";; + esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --disable-dependency-tracking speeds up one-time build - --enable-dependency-tracking do not reject slow dependency extractors - --enable-maintainer-mode enable make rules and dependencies not useful - (and sometimes confusing) to the casual installer + --enable-dependency-tracking + do not reject slow dependency extractors + --disable-dependency-tracking + speeds up one-time build + --enable-silent-rules less verbose build output (undo: "make V=1") + --disable-silent-rules verbose build output (undo: "make V=0") --enable-uml enable support for User Mode Linux --enable-vde enable support for Virtual Distributed Ethernet --enable-tunemu enable support for the tunemu driver @@ -1502,7 +1520,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -configure +tinc configure 1.1pre8 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1967,7 +1985,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by $as_me, which was +It was created by tinc $as_me 1.1pre8, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3565,7 +3583,7 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } -am__api_version='1.11' +am__api_version='1.13' ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do @@ -3691,9 +3709,6 @@ test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 $as_echo_n "checking whether build environment is sane... " >&6; } -# Just in case -sleep 1 -echo timestamp > conftest.file # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' @@ -3704,32 +3719,40 @@ case `pwd` in esac case $srcdir in *[\\\"\#\$\&\'\`$am_lf\ \ ]*) - as_fn_error $? "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; + as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; esac -# Do `set' in a subshell so we don't clobber the current shell's +# Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( - set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` - if test "$*" = "X"; then - # -L didn't work. - set X `ls -t "$srcdir/configure" conftest.file` - fi - rm -f conftest.file - if test "$*" != "X $srcdir/configure conftest.file" \ - && test "$*" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - as_fn_error $? "ls -t appears to fail. Make sure there is not a broken -alias in your environment" "$LINENO" 5 - fi + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$*" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$*" != "X $srcdir/configure conftest.file" \ + && test "$*" != "X conftest.file $srcdir/configure"; then + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + as_fn_error $? "ls -t appears to fail. Make sure there is not a broken + alias in your environment" "$LINENO" 5 + fi + if test "$2" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done test "$2" = conftest.file ) then @@ -3741,6 +3764,16 @@ Check your system clock" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! +fi + +rm -f conftest.file + test "$program_prefix" != NONE && program_transform_name="s&^&$program_prefix&;$program_transform_name" # Use a double $ so make ignores it. @@ -3763,12 +3796,12 @@ if test x"${MISSING+set}" != xset; then esac fi # Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " else am_missing_run= - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`missing' script is too old or missing" >&5 -$as_echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 +$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} fi if test x"${install_sh}" != xset; then @@ -3780,10 +3813,10 @@ if test x"${install_sh}" != xset; then esac fi -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. +# will honor the 'STRIP' environment variable to overrule this program. if test "$cross_compiling" != no; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. @@ -3922,12 +3955,6 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 $as_echo "$MKDIR_P" >&6; } -mkdir_p="$MKDIR_P" -case $mkdir_p in - [\\/$]* | ?:[\\/]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac - for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. @@ -4029,7 +4056,7 @@ am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf -# Ignore all kinds of additional output from `make'. +# Ignore all kinds of additional output from 'make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include @@ -4073,6 +4100,45 @@ else fi +# Check whether --enable-silent-rules was given. +if test "${enable_silent_rules+set}" = set; then : + enableval=$enable_silent_rules; +fi + +case $enable_silent_rules in # ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=1;; +esac +am_make=${MAKE-make} +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 +$as_echo_n "checking whether $am_make supports nested variables... " >&6; } +if ${am_cv_make_support_nested_variables+:} false; then : + $as_echo_n "(cached) " >&6 +else + if $as_echo 'TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 +$as_echo "$am_cv_make_support_nested_variables" >&6; } +if test $am_cv_make_support_nested_variables = yes; then + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AM_BACKSLASH='\' + if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." @@ -4094,8 +4160,8 @@ fi # Define the identity of the package. - PACKAGE=tinc - VERSION=1.1pre7 + PACKAGE='tinc' + VERSION='1.1pre8' cat >>confdefs.h <<_ACEOF @@ -4123,17 +4189,28 @@ AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +mkdir_p='$(MKDIR_P)' + # We need awk for the "check" target. The system "awk" is bad on # some platforms. # Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AMTAR='$${TAR-tar}' + +# We'll loop over all known methods to create a tar archive until one works. +_am_tools='gnutar pax cpio none' + am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' + depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 @@ -4145,8 +4222,8 @@ else # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're @@ -4181,16 +4258,16 @@ else : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - # We check with `-c' and `-o' for the sake of the "dashmstdout" + # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. Also, some Intel - # versions had trouble with output in subdirs + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in @@ -4199,8 +4276,8 @@ else test "$am__universal" = false || continue ;; nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else @@ -4208,7 +4285,7 @@ else fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) - # This compiler won't grok `-c -o', but also, the minuso test has + # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} @@ -4266,29 +4343,6 @@ fi ac_config_headers="$ac_config_headers config.h" -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 -$as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } - # Check whether --enable-maintainer-mode was given. -if test "${enable_maintainer_mode+set}" = set; then : - enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval -else - USE_MAINTAINER_MODE=no -fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 -$as_echo "$USE_MAINTAINER_MODE" >&6; } - if test $USE_MAINTAINER_MODE = yes; then - MAINTAINER_MODE_TRUE= - MAINTAINER_MODE_FALSE='#' -else - MAINTAINER_MODE_TRUE='#' - MAINTAINER_MODE_FALSE= -fi - - MAINT=$MAINTAINER_MODE_TRUE - - - # Enable GNU extensions. # Define this here, not in acconfig's @TOP@ section, since definitions # in the latter don't make it into the configure-time tests. @@ -4716,6 +4770,133 @@ else fi +if test "x$CC" != xcc; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC and cc understand -c and -o together" >&5 +$as_echo_n "checking whether $CC and cc understand -c and -o together... " >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether cc understands -c and -o together" >&5 +$as_echo_n "checking whether cc understands -c and -o together... " >&6; } +fi +set dummy $CC; ac_cc=`$as_echo "$2" | + sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` +if eval \${ac_cv_prog_cc_${ac_cc}_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +# Make sure it works both with $CC and with simple cc. +# We do the test twice because some compilers refuse to overwrite an +# existing .o file with -o, though they will create one. +ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5' +rm -f conftest2.* +if { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; +then + eval ac_cv_prog_cc_${ac_cc}_c_o=yes + if test "x$CC" != xcc; then + # Test first that cc exists at all. + if { ac_try='cc -c conftest.$ac_ext >&5' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5' + rm -f conftest2.* + if { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; + then + # cc works too. + : + else + # cc exists but doesn't like -o. + eval ac_cv_prog_cc_${ac_cc}_c_o=no + fi + fi + fi +else + eval ac_cv_prog_cc_${ac_cc}_c_o=no +fi +rm -f core conftest* + +fi +if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define NO_MINUS_C_MINUS_O 1" >>confdefs.h + +fi + +# FIXME: we rely on the cache variable name because +# there is no other way. +set dummy $CC +am_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` +eval am_t=\$ac_cv_prog_cc_${am_cc}_c_o +if test "$am_t" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi + + + # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || @@ -4791,66 +4972,66 @@ case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac case $host_os in *linux*) + linux=true $as_echo "#define HAVE_LINUX 1" >>confdefs.h - rm -f src/device.c; ln -sf linux/device.c src/device.c ;; *freebsd*) + bsd=true $as_echo "#define HAVE_FREEBSD 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *darwin*) + bsd=true $as_echo "#define HAVE_DARWIN 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *solaris*) + solaris=true $as_echo "#define HAVE_SOLARIS 1" >>confdefs.h - rm -f src/device.c; ln -sf solaris/device.c src/device.c ;; *openbsd*) + bsd=true $as_echo "#define HAVE_OPENBSD 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *netbsd*) + bsd=true $as_echo "#define HAVE_NETBSD 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *dragonfly*) + bsd=true $as_echo "#define HAVE_DRAGONFLY 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *bsd*) + bsd=true { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \"Unknown BSD variant" >&5 $as_echo "$as_me: WARNING: \"Unknown BSD variant" >&2;} $as_echo "#define HAVE_BSD 1" >>confdefs.h - rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; *cygwin*) + cygwin=true $as_echo "#define HAVE_CYGWIN 1" >>confdefs.h - rm -f src/device.c; ln -sf cygwin/device.c src/device.c ;; *mingw*) + mingw=true $as_echo "#define HAVE_MINGW 1" >>confdefs.h - rm -f src/device.c; cp -f src/mingw/device.c src/device.c LIBS="$LIBS -lws2_32 -lgdi32 -lcrypt32" ;; *) @@ -4939,6 +5120,46 @@ fi fi + if test "$linux" = true; then + LINUX_TRUE= + LINUX_FALSE='#' +else + LINUX_TRUE='#' + LINUX_FALSE= +fi + + if test "$bsd" = true; then + BSD_TRUE= + BSD_FALSE='#' +else + BSD_TRUE='#' + BSD_FALSE= +fi + + if test "$solaris" = true; then + SOLARIS_TRUE= + SOLARIS_FALSE='#' +else + SOLARIS_TRUE='#' + SOLARIS_FALSE= +fi + + if test "$mingw" = true; then + MINGW_TRUE= + MINGW_FALSE='#' +else + MINGW_TRUE='#' + MINGW_FALSE= +fi + + if test "$cygwin" = true; then + CYGWIN_TRUE= + CYGWIN_FALSE='#' +else + CYGWIN_TRUE='#' + CYGWIN_FALSE= +fi + if test "$uml" = true; then UML_TRUE= UML_FALSE='#' @@ -5186,7 +5407,7 @@ done for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h time.h netpacket/packet.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"src/have.h\" " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : @@ -5201,7 +5422,7 @@ done for ac_header in netinet/if_ether.h netinet/ip.h netinet/ip6.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"src/have.h\" " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : @@ -5216,7 +5437,7 @@ done for ac_header in netinet/tcp.h netinet/ip_icmp.h netinet/icmp6.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` -ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"src/have.h\" " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : @@ -5472,7 +5693,41 @@ $as_echo "#define __malloc__ /**/" >>confdefs.h fi -ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include \"have.h\" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working __warn_unused_result__ attribute" >&5 +$as_echo_n "checking for working __warn_unused_result__ attribute... " >&6; } +if ${tinc_cv_attribute___warn_unused_result__+:} false; then : + $as_echo_n "(cached) " >&6 +else + + tempcflags="$CFLAGS" + CFLAGS="$CFLAGS -Wall -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +void test(void) __attribute__ ((__warn_unused_result__)); + void test(void) { return; } + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + tinc_cv_attribute___warn_unused_result__=yes +else + tinc_cv_attribute___warn_unused_result__=no + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$tempcflags" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $tinc_cv_attribute___warn_unused_result__" >&5 +$as_echo "$tinc_cv_attribute___warn_unused_result__" >&6; } + + if test ${tinc_cv_attribute___warn_unused_result__} = no; then + +$as_echo "#define __warn_unused_result__ /**/" >>confdefs.h + + fi + + +ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include \"src/have.h\" " if test "x$ac_cv_type_socklen_t" = xyes; then : @@ -5483,7 +5738,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct ether_header" "ac_cv_type_struct_ether_header" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct ether_header" "ac_cv_type_struct_ether_header" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_ether_header" = xyes; then : @@ -5494,7 +5749,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct arphdr" "ac_cv_type_struct_arphdr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct arphdr" "ac_cv_type_struct_arphdr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_arphdr" = xyes; then : @@ -5505,7 +5760,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct ether_arp" "ac_cv_type_struct_ether_arp" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct ether_arp" "ac_cv_type_struct_ether_arp" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_ether_arp" = xyes; then : @@ -5516,7 +5771,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct in_addr" "ac_cv_type_struct_in_addr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct in_addr" "ac_cv_type_struct_in_addr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_in_addr" = xyes; then : @@ -5527,7 +5782,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct addrinfo" "ac_cv_type_struct_addrinfo" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct addrinfo" "ac_cv_type_struct_addrinfo" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_addrinfo" = xyes; then : @@ -5538,7 +5793,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct ip" "ac_cv_type_struct_ip" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct ip" "ac_cv_type_struct_ip" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_ip" = xyes; then : @@ -5549,7 +5804,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct icmp" "ac_cv_type_struct_icmp" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct icmp" "ac_cv_type_struct_icmp" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_icmp" = xyes; then : @@ -5560,7 +5815,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct in6_addr" "ac_cv_type_struct_in6_addr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct in6_addr" "ac_cv_type_struct_in6_addr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_in6_addr" = xyes; then : @@ -5571,7 +5826,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct sockaddr_in6" "ac_cv_type_struct_sockaddr_in6" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct sockaddr_in6" "ac_cv_type_struct_sockaddr_in6" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_sockaddr_in6" = xyes; then : @@ -5582,7 +5837,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct ip6_hdr" "ac_cv_type_struct_ip6_hdr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct ip6_hdr" "ac_cv_type_struct_ip6_hdr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_ip6_hdr" = xyes; then : @@ -5593,7 +5848,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct icmp6_hdr" "ac_cv_type_struct_icmp6_hdr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct icmp6_hdr" "ac_cv_type_struct_icmp6_hdr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_icmp6_hdr" = xyes; then : @@ -5604,7 +5859,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct nd_neighbor_solicit" "ac_cv_type_struct_nd_neighbor_solicit" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct nd_neighbor_solicit" "ac_cv_type_struct_nd_neighbor_solicit" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_nd_neighbor_solicit" = xyes; then : @@ -5615,7 +5870,7 @@ _ACEOF fi -ac_fn_c_check_type "$LINENO" "struct nd_opt_hdr" "ac_cv_type_struct_nd_opt_hdr" "#include \"have.h\" +ac_fn_c_check_type "$LINENO" "struct nd_opt_hdr" "ac_cv_type_struct_nd_opt_hdr" "#include \"src/have.h\" " if test "x$ac_cv_type_struct_nd_opt_hdr" = xyes; then : @@ -5782,7 +6037,7 @@ fi fi -ac_fn_c_check_decl "$LINENO" "freeaddrinfo" "ac_cv_have_decl_freeaddrinfo" "#include \"have.h\" +ac_fn_c_check_decl "$LINENO" "freeaddrinfo" "ac_cv_have_decl_freeaddrinfo" "#include \"src/have.h\" " if test "x$ac_cv_have_decl_freeaddrinfo" = xyes; then : @@ -5794,7 +6049,7 @@ fi cat >>confdefs.h <<_ACEOF #define HAVE_DECL_FREEADDRINFO $ac_have_decl _ACEOF -ac_fn_c_check_decl "$LINENO" "gai_strerror" "ac_cv_have_decl_gai_strerror" "#include \"have.h\" +ac_fn_c_check_decl "$LINENO" "gai_strerror" "ac_cv_have_decl_gai_strerror" "#include \"src/have.h\" " if test "x$ac_cv_have_decl_gai_strerror" = xyes; then : @@ -5806,7 +6061,7 @@ fi cat >>confdefs.h <<_ACEOF #define HAVE_DECL_GAI_STRERROR $ac_have_decl _ACEOF -ac_fn_c_check_decl "$LINENO" "getaddrinfo" "ac_cv_have_decl_getaddrinfo" "#include \"have.h\" +ac_fn_c_check_decl "$LINENO" "getaddrinfo" "ac_cv_have_decl_getaddrinfo" "#include \"src/have.h\" " if test "x$ac_cv_have_decl_getaddrinfo" = xyes; then : @@ -5818,7 +6073,7 @@ fi cat >>confdefs.h <<_ACEOF #define HAVE_DECL_GETADDRINFO $ac_have_decl _ACEOF -ac_fn_c_check_decl "$LINENO" "getnameinfo" "ac_cv_have_decl_getnameinfo" "#include \"have.h\" +ac_fn_c_check_decl "$LINENO" "getnameinfo" "ac_cv_have_decl_getnameinfo" "#include \"src/have.h\" " if test "x$ac_cv_have_decl_getnameinfo" = xyes; then : @@ -6409,6 +6664,7 @@ fi if test "$with_libgcrypt" = yes; then + gcrypt=true # Check whether --with-libgcrypt-prefix was given. if test "${with_libgcrypt_prefix+set}" = set; then : @@ -6624,8 +6880,8 @@ $as_echo "$as_me: WARNING: - ln -sf gcrypt/cipher.c gcrypt/cipher.h gcrypt/crypto.c gcrypt/crypto.h gcrypt/digest.c gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdh.h gcrypt/ecdsa.c gcrypt/ecdsa.h gcrypt/ecdsagen.c gcrypt/ecdsagen.h gcrypt/prf.c gcrypt/prf.h gcrypt/rsa.c gcrypt/rsa.h gcrypt/rsagen.c gcrypt/rsagen.h src/ else + openssl=true case $host_os in *mingw*) @@ -6798,7 +7054,22 @@ else fi - ln -sf openssl/cipher.c openssl/cipher.h openssl/crypto.c openssl/crypto.h openssl/digest.c openssl/digest.h openssl/ecdh.c openssl/ecdh.h openssl/ecdsa.c openssl/ecdsa.h openssl/ecdsagen.c openssl/ecdsagen.h openssl/prf.c openssl/prf.h openssl/rsa.c openssl/rsa.h openssl/rsagen.c openssl/rsagen.h src/ +fi + + if test "$openssl" = true; then + OPENSSL_TRUE= + OPENSSL_FALSE='#' +else + OPENSSL_TRUE='#' + OPENSSL_FALSE= +fi + + if test "$grypt" = true; then + GCRYPT_TRUE= + GCRYPT_FALSE='#' +else + GCRYPT_TRUE='#' + GCRYPT_FALSE= fi @@ -6814,8 +7085,6 @@ fi fi - - ac_config_files="$ac_config_files Makefile src/Makefile doc/Makefile m4/Makefile gui/Makefile" @@ -6928,6 +7197,14 @@ LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 +$as_echo_n "checking that generated files are newer than configure... " >&6; } + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 +$as_echo "done" >&6; } if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then as_fn_error $? "conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -6944,8 +7221,24 @@ else am__EXEEXT_FALSE= fi -if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then - as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. +if test -z "${LINUX_TRUE}" && test -z "${LINUX_FALSE}"; then + as_fn_error $? "conditional \"LINUX\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BSD_TRUE}" && test -z "${BSD_FALSE}"; then + as_fn_error $? "conditional \"BSD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${SOLARIS_TRUE}" && test -z "${SOLARIS_FALSE}"; then + as_fn_error $? "conditional \"SOLARIS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${MINGW_TRUE}" && test -z "${MINGW_FALSE}"; then + as_fn_error $? "conditional \"MINGW\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${CYGWIN_TRUE}" && test -z "${CYGWIN_FALSE}"; then + as_fn_error $? "conditional \"CYGWIN\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${UML_TRUE}" && test -z "${UML_FALSE}"; then @@ -6960,6 +7253,14 @@ if test -z "${TUNEMU_TRUE}" && test -z "${TUNEMU_FALSE}"; then as_fn_error $? "conditional \"TUNEMU\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${OPENSSL_TRUE}" && test -z "${OPENSSL_FALSE}"; then + as_fn_error $? "conditional \"OPENSSL\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GCRYPT_TRUE}" && test -z "${GCRYPT_FALSE}"; then + as_fn_error $? "conditional \"GCRYPT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 @@ -7357,7 +7658,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by $as_me, which was +This file was extended by tinc $as_me 1.1pre8, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -7423,7 +7724,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -config.status +tinc config.status 1.1pre8 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -8155,7 +8456,7 @@ $as_echo "$as_me: executing $ac_file commands" >&6;} case $ac_file$ac_mode in "depfiles":C) test x"$AMDEP_TRUE" != x"" || { - # Autoconf 2.62 quotes --file arguments for eval, but not when files + # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in @@ -8168,7 +8469,7 @@ $as_echo "$as_me: executing $ac_file commands" >&6;} # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named `Makefile.in', but + # We used to match only the files named 'Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. @@ -8202,21 +8503,19 @@ $as_echo X"$mf" | continue fi # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running `make'. + # from the Makefile without running 'make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "am__include" && continue + test -z "$am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n 's/^U = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`$as_dirname -- "$file" || diff --git a/configure.in b/configure.ac similarity index 77% rename from configure.in rename to configure.ac index a59482a..af12f12 100644 --- a/configure.in +++ b/configure.ac @@ -1,12 +1,11 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT +AC_INIT([tinc], [1.1pre8]) AC_CONFIG_SRCDIR([src/tincd.c]) AC_GNU_SOURCE -AM_INIT_AUTOMAKE(tinc, 1.1pre7) +AM_INIT_AUTOMAKE([check-news std-options subdir-objects -Wall]) AC_CONFIG_HEADERS([config.h]) -AM_MAINTAINER_MODE # Enable GNU extensions. # Define this here, not in acconfig's @TOP@ section, since definitions @@ -21,51 +20,53 @@ AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_RANLIB +AM_PROG_CC_C_O + dnl Check and set OS AC_CANONICAL_HOST case $host_os in *linux*) + linux=true AC_DEFINE(HAVE_LINUX, 1, [Linux]) - [ rm -f src/device.c; ln -sf linux/device.c src/device.c ] ;; *freebsd*) + bsd=true AC_DEFINE(HAVE_FREEBSD, 1, [FreeBSD]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *darwin*) + bsd=true AC_DEFINE(HAVE_DARWIN, 1, [Darwin (MacOS/X)]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *solaris*) + solaris=true AC_DEFINE(HAVE_SOLARIS, 1, [Solaris/SunOS]) - [ rm -f src/device.c; ln -sf solaris/device.c src/device.c ] ;; *openbsd*) + bsd=true AC_DEFINE(HAVE_OPENBSD, 1, [OpenBSD]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *netbsd*) + bsd=true AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *dragonfly*) + bsd=true AC_DEFINE(HAVE_DRAGONFLY, 1, [DragonFly]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *bsd*) + bsd=true AC_MSG_WARN("Unknown BSD variant, tinc might not compile or work!") AC_DEFINE(HAVE_BSD, 1, [Unknown BSD variant]) - [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; *cygwin*) + cygwin=true AC_DEFINE(HAVE_CYGWIN, 1, [Cygwin]) - [ rm -f src/device.c; ln -sf cygwin/device.c src/device.c ] ;; *mingw*) + mingw=true AC_DEFINE(HAVE_MINGW, 1, [MinGW]) - [ rm -f src/device.c; cp -f src/mingw/device.c src/device.c ] LIBS="$LIBS -lws2_32 -lgdi32 -lcrypt32" ;; *) @@ -114,6 +115,11 @@ AC_ARG_WITH(windows2000, ] ) +AM_CONDITIONAL(LINUX, test "$linux" = true) +AM_CONDITIONAL(BSD, test "$bsd" = true) +AM_CONDITIONAL(SOLARIS, test "$solaris" = true) +AM_CONDITIONAL(MINGW, test "$mingw" = true) +AM_CONDITIONAL(CYGWIN, test "$cygwin" = true) AM_CONDITIONAL(UML, test "$uml" = true) AM_CONDITIONAL(VDE, test "$vde" = true) AM_CONDITIONAL(TUNEMU, test "$tunemu" = true) @@ -133,13 +139,13 @@ dnl We do this in multiple stages, because unlike Linux all the other operating AC_HEADER_STDC AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h sys/uio.h sys/un.h sys/wait.h netdb.h arpa/inet.h dirent.h]) AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h time.h netpacket/packet.h], - [], [], [#include "have.h"] + [], [], [#include "src/have.h"] ) AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h], - [], [], [#include "have.h"] + [], [], [#include "src/have.h"] ) AC_CHECK_HEADERS([netinet/tcp.h netinet/ip_icmp.h netinet/icmp6.h], - [], [], [#include "have.h"] + [], [], [#include "src/have.h"] ) dnl Checks for typedefs, structures, and compiler characteristics. @@ -151,15 +157,16 @@ AC_HEADER_TIME AC_STRUCT_TM tinc_ATTRIBUTE(__malloc__) +tinc_ATTRIBUTE(__warn_unused_result__) AC_CHECK_TYPES([socklen_t, struct ether_header, struct arphdr, struct ether_arp, struct in_addr, struct addrinfo, struct ip, struct icmp, struct in6_addr, struct sockaddr_in6, struct ip6_hdr, struct icmp6_hdr, struct nd_neighbor_solicit, struct nd_opt_hdr], , , - [#include "have.h"] + [#include "src/have.h"] ) dnl Checks for library functions. AC_TYPE_SIGNAL AC_CHECK_FUNCS([asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall putenv random select strdup strerror strsignal strtol system time usleep unsetenv vsyslog writev], - [], [], [#include "have.h"] + [], [], [#include "src/have.h"] ) dnl Support for SunOS @@ -172,7 +179,7 @@ AC_CHECK_FUNC(gethostbyname, [], [ ]) AC_CHECK_DECLS([freeaddrinfo, gai_strerror, getaddrinfo, getnameinfo], - [], [], [#include "have.h"] + [], [], [#include "src/have.h"] ) AC_CACHE_SAVE @@ -187,13 +194,15 @@ tinc_ZLIB tinc_LZO if test "$with_libgcrypt" = yes; then + gcrypt=true AM_PATH_LIBGCRYPT([1.4.0], [], []) - ln -sf gcrypt/cipher.c gcrypt/cipher.h gcrypt/crypto.c gcrypt/crypto.h gcrypt/digest.c gcrypt/digest.h gcrypt/ecdh.c gcrypt/ecdh.h gcrypt/ecdsa.c gcrypt/ecdsa.h gcrypt/ecdsagen.c gcrypt/ecdsagen.h gcrypt/prf.c gcrypt/prf.h gcrypt/rsa.c gcrypt/rsa.h gcrypt/rsagen.c gcrypt/rsagen.h src/ else + openssl=true tinc_OPENSSL - ln -sf openssl/cipher.c openssl/cipher.h openssl/crypto.c openssl/crypto.h openssl/digest.c openssl/digest.h openssl/ecdh.c openssl/ecdh.h openssl/ecdsa.c openssl/ecdsa.h openssl/ecdsagen.c openssl/ecdsagen.h openssl/prf.c openssl/prf.h openssl/rsa.c openssl/rsa.h openssl/rsagen.c openssl/rsagen.h src/ fi +AM_CONDITIONAL(OPENSSL, test "$openssl" = true) +AM_CONDITIONAL(GCRYPT, test "$grypt" = true) dnl Check if support for jumbograms is requested AC_ARG_ENABLE(jumbograms, @@ -203,8 +212,6 @@ AC_ARG_ENABLE(jumbograms, ] ) -AC_SUBST(INCLUDES) - AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile m4/Makefile gui/Makefile]) AC_OUTPUT diff --git a/debian/changelog b/debian/changelog index 04844cd..e7b0071 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +tinc (1.1~pre8-1) experimental; urgency=low + + * New upstream release. + - Handles whitespace between command line flags and optional arguments. + Closes: #710267 + * Bump Standards-Version. + * Source /lib/lsb/init-functions in the init.d script. + * Don't use texi2html anymore, use automake's install-html target which uses + makeinfo. + + -- Guus Sliepen Wed, 14 Aug 2013 15:34:41 +0200 + tinc (1.1~pre7-2) experimental; urgency=low [ Gian Piero Carrubba ] diff --git a/debian/control b/debian/control index e159004..1881f30 100644 --- a/debian/control +++ b/debian/control @@ -2,8 +2,8 @@ Source: tinc Section: net Priority: optional Maintainer: Guus Sliepen -Standards-Version: 3.9.3 -Build-Depends: libssl-dev (>>1.0.0), debhelper (>= 9), texi2html, texinfo, zlib1g-dev, liblzo2-dev, libncurses5-dev, libreadline-dev, libvdeplug-dev +Standards-Version: 3.9.4 +Build-Depends: libssl-dev (>>1.0.0), debhelper (>= 9), texinfo, zlib1g-dev, liblzo2-dev, libncurses5-dev, libreadline-dev, libvdeplug-dev Homepage: http://www.tinc-vpn.org/ Package: tinc diff --git a/debian/doc-base.tinc b/debian/doc-base.tinc index 3fea71b..a37f46a 100644 --- a/debian/doc-base.tinc +++ b/debian/doc-base.tinc @@ -6,5 +6,5 @@ Abstract: This manual describes how to set up a Virtual Private Section: System/Security Format: HTML -Files: /usr/share/doc/tinc/tinc*.html -Index: /usr/share/doc/tinc/tinc_toc.html +Files: /usr/share/doc/tinc/tinc.html/* +Index: /usr/share/doc/tinc/tinc.html/index.html diff --git a/debian/rules b/debian/rules index a256d44..613102a 100755 --- a/debian/rules +++ b/debian/rules @@ -17,23 +17,10 @@ override_dh_auto_configure: dh_auto_configure -- --enable-uml --enable-vde -override_dh_auto_build: - dh_auto_build - cd doc && $(MAKE) texi2html - override_dh_auto_install: - dh_auto_install - # Guess where texi2html installed its output today... - [ -f doc/tinc/tinc.html ] \ - && mv doc/tinc/*.html debian/tinc/usr/share/doc/tinc/ \ - || mv doc/*.html debian/tinc/usr/share/doc/tinc/ + dh_auto_install -- install-html # Remove info dir file rm -f debian/tinc/usr/share/info/dir override_dh_installinit: dh_installinit -R - -override_dh_clean: - dh_clean - rm -f src/device.c - rm -f src/rsa.[ch] src/rsagen.[ch] src/prf.[ch] src/ecdh.[ch] src/ecdsa.[ch] src/ecdsagen.[ch] src/digest.[ch] src/crypto.[ch] src/cipher.[ch] diff --git a/debian/tinc.init b/debian/tinc.init index ed354cb..5ec9721 100644 --- a/debian/tinc.init +++ b/debian/tinc.init @@ -18,6 +18,8 @@ # # Based on Lubomir Bulej's Redhat init script. +. /lib/lsb/init-functions + DAEMON="/usr/sbin/tincd" CONTROL="/usr/sbin/tinc" NAME="tinc" diff --git a/debian/tinc.install b/debian/tinc.install index e9b5b6d..d008a1f 100644 --- a/debian/tinc.install +++ b/debian/tinc.install @@ -1,5 +1,6 @@ usr/sbin/tincd usr/sbin/tinc +usr/share/doc/tinc/tinc.html usr/share/man/man5 usr/share/man/man8/tincd.* usr/share/man/man8/tinc.* diff --git a/depcomp b/depcomp index 25a39e6..4ebd5b3 100755 --- a/depcomp +++ b/depcomp @@ -1,10 +1,9 @@ #! /bin/sh # depcomp - compile a program generating dependencies as side-effects -scriptversion=2012-03-27.16; # UTC +scriptversion=2013-05-30.07; # UTC -# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009, 2010, -# 2011, 2012 Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -28,9 +27,9 @@ scriptversion=2012-03-27.16; # UTC case $1 in '') - echo "$0: No command. Try '$0 --help' for more information." 1>&2 - exit 1; - ;; + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; -h | --h*) cat <<\EOF Usage: depcomp [--help] [--version] PROGRAM [ARGS] @@ -57,11 +56,65 @@ EOF ;; esac +# Get the directory component of the given path, and save it in the +# global variables '$dir'. Note that this directory component will +# be either empty or ending with a '/' character. This is deliberate. +set_dir_from () +{ + case $1 in + */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; + *) dir=;; + esac +} + +# Get the suffix-stripped basename of the given path, and save it the +# global variable '$base'. +set_base_from () +{ + base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` +} + +# If no dependency file was actually created by the compiler invocation, +# we still have to create a dummy depfile, to avoid errors with the +# Makefile "include basename.Plo" scheme. +make_dummy_depfile () +{ + echo "#dummy" > "$depfile" +} + +# Factor out some common post-processing of the generated depfile. +# Requires the auxiliary global variable '$tmpdepfile' to be set. +aix_post_process_depfile () +{ + # If the compiler actually managed to produce a dependency file, + # post-process it. + if test -f "$tmpdepfile"; then + # Each line is of the form 'foo.o: dependency.h'. + # Do two passes, one to just change these to + # $object: dependency.h + # and one to simply output + # dependency.h: + # which is needed to avoid the deleted-header problem. + { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" + sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" + } > "$depfile" + rm -f "$tmpdepfile" + else + make_dummy_depfile + fi +} + # A tabulation character. tab=' ' # A newline character. nl=' ' +# Character ranges might be problematic outside the C locale. +# These definitions help. +upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ +lower=abcdefghijklmnopqrstuvwxyz +digits=0123456789 +alpha=${upper}${lower} if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 @@ -75,6 +128,9 @@ tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} rm -f "$tmpdepfile" +# Avoid interferences from the environment. +gccflag= dashmflag= + # Some modes work just like other modes, but use different flags. We # parameterize here, but still list the modes in the big case below, # to make depend.m4 easier to write. Note that we *cannot* use a case @@ -86,32 +142,32 @@ if test "$depmode" = hp; then fi if test "$depmode" = dashXmstdout; then - # This is just like dashmstdout with a different argument. - dashmflag=-xM - depmode=dashmstdout + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout fi cygpath_u="cygpath -u -f -" if test "$depmode" = msvcmsys; then - # This is just like msvisualcpp but w/o cygpath translation. - # Just convert the backslash-escaped backslashes to single forward - # slashes to satisfy depend.m4 - cygpath_u='sed s,\\\\,/,g' - depmode=msvisualcpp + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvisualcpp fi if test "$depmode" = msvc7msys; then - # This is just like msvc7 but w/o cygpath translation. - # Just convert the backslash-escaped backslashes to single forward - # slashes to satisfy depend.m4 - cygpath_u='sed s,\\\\,/,g' - depmode=msvc7 + # This is just like msvc7 but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvc7 fi if test "$depmode" = xlc; then - # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency informations. - gccflag=-qmakedep=gcc,-MF - depmode=gcc + # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. + gccflag=-qmakedep=gcc,-MF + depmode=gcc fi case "$depmode" in @@ -134,8 +190,7 @@ gcc3) done "$@" stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -143,13 +198,17 @@ gcc3) ;; gcc) +## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. +## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. +## (see the conditional assignment to $gccflag above). ## There are various ways to get dependency output from gcc. Here's ## why we pick this rather obscure method: ## - Don't want to use -MD because we'd like the dependencies to end ## up in a subdir. Having to rename by hand is ugly. ## (We might end up doing this anyway to support other compilers.) ## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like -## -MM, not -M (despite what the docs say). +## -MM, not -M (despite what the docs say). Also, it might not be +## supported by the other compilers which use the 'gcc' depmode. ## - Using -M directly means running the compiler twice (even worse ## than renaming). if test -z "$gccflag"; then @@ -157,15 +216,14 @@ gcc) fi "$@" -Wp,"$gccflag$tmpdepfile" stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" - alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz -## The second -e expression handles DOS-style file names with drive letters. + # The second -e expression handles DOS-style file names with drive + # letters. sed -e 's/^[^:]*: / /' \ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" ## This next piece of magic avoids the "deleted header file" problem. @@ -174,15 +232,15 @@ gcc) ## typically no way to rebuild the header). We avoid this by adding ## dummy dependencies for each header file. Too bad gcc doesn't do ## this for us directly. - tr ' ' "$nl" < "$tmpdepfile" | ## Some versions of gcc put a space before the ':'. On the theory ## that the space means something, we add a space to the output as ## well. hp depmode also adds that space, but also prefixes the VPATH ## to the object. Take care to not repeat it in the output. ## Some versions of the HPUX 10.20 sed can't process this invocation ## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ - | sed -e 's/$/ :/' >> "$depfile" + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -200,8 +258,7 @@ sgi) "$@" -MDupdate "$tmpdepfile" fi stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -209,7 +266,6 @@ sgi) if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files echo "$object : \\" > "$depfile" - # Clip off the initial element (the dependent). Don't try to be # clever and replace this with sed code, as IRIX sed won't handle # lines with more than a fixed number of characters (4096 in @@ -217,19 +273,15 @@ sgi) # the IRIX cc adds comments like '#:fec' to the end of the # dependency line. tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ - tr "$nl" ' ' >> "$depfile" + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ + | tr "$nl" ' ' >> "$depfile" echo >> "$depfile" - # The second pass generates a dummy entry for each header file. tr ' ' "$nl" < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ - >> "$depfile" + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" + make_dummy_depfile fi rm -f "$tmpdepfile" ;; @@ -247,9 +299,8 @@ aix) # current directory. Also, the AIX compiler puts '$object:' at the # start of each line; $object doesn't have directory information. # Version 6 uses the directory in both cases. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + set_dir_from "$object" + set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.u tmpdepfile2=$base.u @@ -262,9 +313,7 @@ aix) "$@" -M fi stat=$? - - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi @@ -273,65 +322,113 @@ aix) do test -f "$tmpdepfile" && break done - if test -f "$tmpdepfile"; then - # Each line is of the form 'foo.o: dependent.h'. - # Do two passes, one to just change these to - # '$object: dependent.h' and one to simply 'dependent.h:'. - sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" - sed -e 's,^.*\.[a-z]*:['"$tab"' ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" - else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" + aix_post_process_depfile ;; -icc) - # Intel's C compiler anf tcc (Tiny C Compiler) understand '-MD -MF file'. - # However on - # $CC -MD -MF foo.d -c -o sub/foo.o sub/foo.c - # ICC 7.0 will fill foo.d with something like - # foo.o: sub/foo.c - # foo.o: sub/foo.h - # which is wrong. We want - # sub/foo.o: sub/foo.c - # sub/foo.o: sub/foo.h - # sub/foo.c: - # sub/foo.h: - # ICC 7.1 will output - # foo.o: sub/foo.c sub/foo.h - # and will wrap long lines using '\': - # foo.o: sub/foo.c ... \ - # sub/foo.h ... \ - # ... - # tcc 0.9.26 (FIXME still under development at the moment of writing) - # will emit a similar output, but also prepend the continuation lines - # with horizontal tabulation characters. +tcc) + # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 + # FIXME: That version still under development at the moment of writing. + # Make that this statement remains true also for stable, released + # versions. + # It will wrap lines (doesn't matter whether long or short) with a + # trailing '\', as in: + # + # foo.o : \ + # foo.c \ + # foo.h \ + # + # It will put a trailing '\' even on the last line, and will use leading + # spaces rather than leading tabs (at least since its commit 0394caf7 + # "Emit spaces for -MD"). "$@" -MD -MF "$tmpdepfile" stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" - # Each line is of the form 'foo.o: dependent.h', - # or 'foo.o: dep1.h dep2.h \', or ' dep3.h dep4.h \'. + # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. + # We have to change lines of the first kind to '$object: \'. + sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" + # And for each line of the second kind, we have to emit a 'dep.h:' + # dummy dependency, to avoid the deleted-header problem. + sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" + rm -f "$tmpdepfile" + ;; + +## The order of this option in the case statement is important, since the +## shell code in configure will try each of these formats in the order +## listed in this file. A plain '-MD' option would be understood by many +## compilers, so we must ensure this comes after the gcc and icc options. +pgcc) + # Portland's C compiler understands '-MD'. + # Will always output deps to 'file.d' where file is the root name of the + # source file under compilation, even if file resides in a subdirectory. + # The object file name does not affect the name of the '.d' file. + # pgcc 10.2 will output + # foo.o: sub/foo.c sub/foo.h + # and will wrap long lines using '\' : + # foo.o: sub/foo.c ... \ + # sub/foo.h ... \ + # ... + set_dir_from "$object" + # Use the source, not the object, to determine the base name, since + # that's sadly what pgcc will do too. + set_base_from "$source" + tmpdepfile=$base.d + + # For projects that build the same source file twice into different object + # files, the pgcc approach of using the *source* file root name can cause + # problems in parallel builds. Use a locking strategy to avoid stomping on + # the same $tmpdepfile. + lockdir=$base.d-lock + trap " + echo '$0: caught signal, cleaning up...' >&2 + rmdir '$lockdir' + exit 1 + " 1 2 13 15 + numtries=100 + i=$numtries + while test $i -gt 0; do + # mkdir is a portable test-and-set. + if mkdir "$lockdir" 2>/dev/null; then + # This process acquired the lock. + "$@" -MD + stat=$? + # Release the lock. + rmdir "$lockdir" + break + else + # If the lock is being held by a different process, wait + # until the winning process is done or we timeout. + while test -d "$lockdir" && test $i -gt 0; do + sleep 1 + i=`expr $i - 1` + done + fi + i=`expr $i - 1` + done + trap - 1 2 13 15 + if test $i -le 0; then + echo "$0: failed to acquire lock after $numtries attempts" >&2 + echo "$0: check lockdir '$lockdir'" >&2 + exit 1 + fi + + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each line is of the form `foo.o: dependent.h', + # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. # Do two passes, one to just change these to - # '$object: dependent.h' and one to simply 'dependent.h:'. - sed -e "s/^[ $tab][ $tab]*/ /" -e "s,^[^:]*:,$object :," \ - < "$tmpdepfile" > "$depfile" - sed ' - s/[ '"$tab"'][ '"$tab"']*/ /g - s/^ *// - s/ *\\*$// - s/^[^:]*: *// - /^$/d - /:$/d - s/$/ :/ - ' < "$tmpdepfile" >> "$depfile" + # `$object: dependent.h' and one to simply `dependent.h:'. + sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -342,9 +439,8 @@ hp2) # 'foo.d', which lands next to the object file, wherever that # happens to be. # Much of this is similar to the tru64 case; see comments there. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + set_dir_from "$object" + set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.d tmpdepfile2=$dir.libs/$base.d @@ -355,8 +451,7 @@ hp2) "$@" +Maked fi stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" exit $stat fi @@ -366,76 +461,61 @@ hp2) test -f "$tmpdepfile" && break done if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" + sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" # Add 'dependent.h:' lines. sed -ne '2,${ - s/^ *// - s/ \\*$// - s/$/:/ - p - }' "$tmpdepfile" >> "$depfile" + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" else - echo "#dummy" > "$depfile" + make_dummy_depfile fi rm -f "$tmpdepfile" "$tmpdepfile2" ;; tru64) - # The Tru64 compiler uses -MD to generate dependencies as a side - # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. - # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put - # dependencies in 'foo.d' instead, so we check for that too. - # Subdirectories are respected. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in 'foo.d' instead, so we check for that too. + # Subdirectories are respected. + set_dir_from "$object" + set_base_from "$object" - if test "$libtool" = yes; then - # With Tru64 cc, shared objects can also be used to make a - # static library. This mechanism is used in libtool 1.4 series to - # handle both shared and static libraries in a single compilation. - # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d. - # - # With libtool 1.5 this exception was removed, and libtool now - # generates 2 separate objects for the 2 libraries. These two - # compilations output dependencies in $dir.libs/$base.o.d and - # in $dir$base.o.d. We have to check for both files, because - # one of the two compilations can be disabled. We should prefer - # $dir$base.o.d over $dir.libs/$base.o.d because the latter is - # automatically cleaned when .libs/ is deleted, while ignoring - # the former would cause a distcleancheck panic. - tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4 - tmpdepfile2=$dir$base.o.d # libtool 1.5 - tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5 - tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504 - "$@" -Wc,-MD - else - tmpdepfile1=$dir$base.o.d - tmpdepfile2=$dir$base.d - tmpdepfile3=$dir$base.d - tmpdepfile4=$dir$base.d - "$@" -MD - fi + if test "$libtool" = yes; then + # Libtool generates 2 separate objects for the 2 libraries. These + # two compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir$base.o.d # libtool 1.5 + tmpdepfile2=$dir.libs/$base.o.d # Likewise. + tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + "$@" -MD + fi - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - exit $stat - fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - do - test -f "$tmpdepfile" && break - done - if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" - sed -e 's,^.*\.[a-z]*:['"$tab"' ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" - else - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" - ;; + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + # Same post-processing that is required for AIX mode. + aix_post_process_depfile + ;; msvc7) if test "$libtool" = yes; then @@ -446,8 +526,7 @@ msvc7) "$@" $showIncludes > "$tmpdepfile" stat=$? grep -v '^Note: including file: ' "$tmpdepfile" - if test "$stat" = 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -473,6 +552,7 @@ $ { G p }' >> "$depfile" + echo >> "$depfile" # make sure the fragment doesn't end with a backslash rm -f "$tmpdepfile" ;; @@ -524,13 +604,14 @@ dashmstdout) # in the target name. This is to cope with DOS-style filenames: # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. "$@" $dashmflag | - sed 's:^['"$tab"' ]*[^:'"$tab"' ][^:][^:]*\:['"$tab"' ]*:'"$object"'\: :' > "$tmpdepfile" + sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" rm -f "$depfile" cat < "$tmpdepfile" > "$depfile" - tr ' ' "$nl" < "$tmpdepfile" | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + # Some versions of the HPUX 10.20 sed can't process this sed invocation + # correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -583,10 +664,12 @@ makedepend) # makedepend may prepend the VPATH from the source file name to the object. # No need to regex-escape $object, excess matching of '.' is harmless. sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" - sed '1,2d' "$tmpdepfile" | tr ' ' "$nl" | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + # Some versions of the HPUX 10.20 sed can't process the last invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed '1,2d' "$tmpdepfile" \ + | tr ' ' "$nl" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" "$tmpdepfile".bak ;; @@ -622,10 +705,10 @@ cpp) esac done - "$@" -E | - sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ - -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' | - sed '$ s: \\$::' > "$tmpdepfile" + "$@" -E \ + | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + | sed '$ s: \\$::' > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" cat < "$tmpdepfile" >> "$depfile" @@ -657,15 +740,15 @@ msvisualcpp) shift ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") - set fnord "$@" - shift - shift - ;; + set fnord "$@" + shift + shift + ;; *) - set fnord "$@" "$arg" - shift - shift - ;; + set fnord "$@" "$arg" + shift + shift + ;; esac done "$@" -E 2>/dev/null | diff --git a/doc/Makefile.in b/doc/Makefile.in index b95f19c..823c951 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,23 +14,51 @@ @SET_MAKE@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -50,20 +77,60 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = doc -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in texinfo.tex +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am texinfo.tex ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in + $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = SOURCES = DIST_SOURCES = +AM_V_DVIPS = $(am__v_DVIPS_@AM_V@) +am__v_DVIPS_ = $(am__v_DVIPS_@AM_DEFAULT_V@) +am__v_DVIPS_0 = @echo " DVIPS " $@; +am__v_DVIPS_1 = +AM_V_MAKEINFO = $(am__v_MAKEINFO_@AM_V@) +am__v_MAKEINFO_ = $(am__v_MAKEINFO_@AM_DEFAULT_V@) +am__v_MAKEINFO_0 = @echo " MAKEINFO" $@; +am__v_MAKEINFO_1 = +AM_V_INFOHTML = $(am__v_INFOHTML_@AM_V@) +am__v_INFOHTML_ = $(am__v_INFOHTML_@AM_DEFAULT_V@) +am__v_INFOHTML_0 = @echo " INFOHTML" $@; +am__v_INFOHTML_1 = +AM_V_TEXI2DVI = $(am__v_TEXI2DVI_@AM_V@) +am__v_TEXI2DVI_ = $(am__v_TEXI2DVI_@AM_DEFAULT_V@) +am__v_TEXI2DVI_0 = @echo " TEXI2DVI" $@; +am__v_TEXI2DVI_1 = +AM_V_TEXI2PDF = $(am__v_TEXI2PDF_@AM_V@) +am__v_TEXI2PDF_ = $(am__v_TEXI2PDF_@AM_DEFAULT_V@) +am__v_TEXI2PDF_0 = @echo " TEXI2PDF" $@; +am__v_TEXI2PDF_1 = +AM_V_texinfo = $(am__v_texinfo_@AM_V@) +am__v_texinfo_ = $(am__v_texinfo_@AM_DEFAULT_V@) +am__v_texinfo_0 = -q +am__v_texinfo_1 = +AM_V_texidevnull = $(am__v_texidevnull_@AM_V@) +am__v_texidevnull_ = $(am__v_texidevnull_@AM_DEFAULT_V@) +am__v_texidevnull_0 = > /dev/null +am__v_texidevnull_1 = INFO_DEPS = tinc.info am__TEXINFO_TEX_DIR = $(srcdir) DVIS = tinc.dvi @@ -114,6 +181,7 @@ man5dir = $(mandir)/man5 man8dir = $(mandir)/man8 NROFF = nroff MANS = $(man_MANS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) # Use `ginstall' in the definition of man_MANS to avoid @@ -122,6 +190,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) transform = s/ginstall/install/; @program_transform_name@ ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -141,7 +210,6 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ -INCLUDES = @INCLUDES@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -155,7 +223,6 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ @@ -237,7 +304,7 @@ all: all-am .SUFFIXES: .SUFFIXES: .dvi .ps -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -262,14 +329,14 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): tinc.info: tinc.texi - restore=: && backupdir="$(am__leading_dot)am$$$$" && \ + $(AM_V_MAKEINFO)restore=: && backupdir="$(am__leading_dot)am$$$$" && \ rm -rf $$backupdir && mkdir $$backupdir && \ if ($(MAKEINFO) --version) >/dev/null 2>&1; then \ for f in $@ $@-[0-9] $@-[0-9][0-9] $(@:.info=).i[0-9] $(@:.info=).i[0-9][0-9]; do \ @@ -287,18 +354,20 @@ tinc.info: tinc.texi rm -rf $$backupdir; exit $$rc tinc.dvi: tinc.texi - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ + $(AM_V_TEXI2DVI)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \ - $(TEXI2DVI) -o $@ `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi + $(TEXI2DVI) $(AM_V_texinfo) --build-dir=$(@:.dvi=.t2d) -o $@ $(AM_V_texidevnull) \ + `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi tinc.pdf: tinc.texi - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ + $(AM_V_TEXI2PDF)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ MAKEINFO='$(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir)' \ - $(TEXI2PDF) -o $@ `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi + $(TEXI2PDF) $(AM_V_texinfo) --build-dir=$(@:.pdf=.t2p) -o $@ $(AM_V_texidevnull) \ + `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi tinc.html: tinc.texi - rm -rf $(@:.html=.htp) - if $(MAKEINFOHTML) $(AM_MAKEINFOHTMLFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \ + $(AM_V_MAKEINFO)rm -rf $(@:.html=.htp) + $(AM_V_at)if $(MAKEINFOHTML) $(AM_MAKEINFOHTMLFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) \ -o $(@:.html=.htp) `test -f 'tinc.texi' || echo '$(srcdir)/'`tinc.texi; \ then \ rm -rf $@; \ @@ -310,8 +379,8 @@ tinc.html: tinc.texi exit 1; \ fi .dvi.ps: - TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ - $(DVIPS) -o $@ $< + $(AM_V_DVIPS)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \ + $(DVIPS) $(AM_V_texinfo) -o $@ $< uninstall-dvi-am: @$(NORMAL_UNINSTALL) @@ -390,9 +459,7 @@ dist-info: $(INFO_DEPS) done mostlyclean-aminfo: - -rm -rf tinc.aux tinc.cp tinc.cps tinc.fn tinc.fns tinc.ky tinc.kys \ - tinc.log tinc.pg tinc.pgs tinc.tmp tinc.toc tinc.tp tinc.tps \ - tinc.vr tinc.vrs + -rm -rf tinc.t2d tinc.t2p clean-aminfo: -test -z "tinc.dvi tinc.pdf tinc.ps tinc.html" \ @@ -490,27 +557,14 @@ uninstall-man8: } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -tags: TAGS -TAGS: +tags TAGS: -ctags: CTAGS -CTAGS: +ctags CTAGS: + +cscope cscopelist: distdir: $(DISTFILES) - @list='$(MANS)'; if test -n "$$list"; then \ - list=`for p in $$list; do \ - if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ - if test -f "$$d$$p"; then echo "$$d$$p"; else :; fi; done`; \ - if test -n "$$list" && \ - grep 'ab help2man is required to generate this page' $$list >/dev/null; then \ - echo "error: found man pages containing the \`missing help2man' replacement text:" >&2; \ - grep -l 'ab help2man is required to generate this page' $$list | sed 's/^/ /' >&2; \ - echo " to fix them, install help2man, remove and regenerate the man pages;" >&2; \ - echo " typically \`make maintainer-clean' will remove them" >&2; \ - exit 1; \ - else :; fi; \ - else :; fi @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -745,19 +799,19 @@ uninstall-man: uninstall-man5 uninstall-man8 .MAKE: install-am install-strip .PHONY: all all-am check check-am clean clean-aminfo clean-generic \ - dist-info distclean distclean-generic distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-man5 install-man8 \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-aminfo \ - maintainer-clean-generic mostlyclean mostlyclean-aminfo \ - mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \ - uninstall-dvi-am uninstall-html-am uninstall-info-am \ - uninstall-man uninstall-man5 uninstall-man8 uninstall-pdf-am \ - uninstall-ps-am + cscopelist-am ctags-am dist-info distclean distclean-generic \ + distdir dvi dvi-am html html-am info info-am install \ + install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-man5 install-man8 install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-aminfo maintainer-clean-generic mostlyclean \ + mostlyclean-aminfo mostlyclean-generic pdf pdf-am ps ps-am \ + tags-am uninstall uninstall-am uninstall-dvi-am \ + uninstall-html-am uninstall-info-am uninstall-man \ + uninstall-man5 uninstall-man8 uninstall-pdf-am uninstall-ps-am # For additional rules usually of interest only to the maintainer, diff --git a/doc/sample-config.tar.gz b/doc/sample-config.tar.gz index aa515c9..1a766a6 100644 Binary files a/doc/sample-config.tar.gz and b/doc/sample-config.tar.gz differ diff --git a/doc/texinfo.tex b/doc/texinfo.tex index 85b68e7..85f184c 100644 --- a/doc/texinfo.tex +++ b/doc/texinfo.tex @@ -3,11 +3,11 @@ % Load plain if necessary, i.e., if running under initex. \expandafter\ifx\csname fmtname\endcsname\relax\input plain\fi % -\def\texinfoversion{2012-03-11.15} +\def\texinfoversion{2013-02-01.11} % % Copyright 1985, 1986, 1988, 1990, 1991, 1992, 1993, 1994, 1995, % 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, -% 2007, 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc. +% 2007, 2008, 2009, 2010, 2011, 2012, 2013 Free Software Foundation, Inc. % % This texinfo.tex file is free software: you can redistribute it and/or % modify it under the terms of the GNU General Public License as @@ -24,13 +24,14 @@ % % As a special exception, when this file is read by TeX when processing % a Texinfo source document, you may use the result without -% restriction. (This has been our intent since Texinfo was invented.) +% restriction. This Exception is an additional permission under section 7 +% of the GNU General Public License, version 3 ("GPLv3"). % % Please try the latest version of texinfo.tex before submitting bug % reports; you can get the latest version from: -% http://www.gnu.org/software/texinfo/ (the Texinfo home page), or -% ftp://tug.org/tex/texinfo.tex -% (and all CTAN mirrors, see http://www.ctan.org). +% http://ftp.gnu.org/gnu/texinfo/ (the Texinfo release area), or +% http://ftpmirror.gnu.org/texinfo/ (same, via a mirror), or +% http://www.gnu.org/software/texinfo/ (the Texinfo home page) % The texinfo.tex in any given distribution could well be out % of date, so if that's what you're using, please check. % @@ -594,7 +595,7 @@ \def\:{\spacefactor=1000 } % @* forces a line break. -\def\*{\hfil\break\hbox{}\ignorespaces} +\def\*{\unskip\hfil\break\hbox{}\ignorespaces} % @/ allows a line break. \let\/=\allowbreak @@ -1117,7 +1118,7 @@ where each line of input produces a line of output.} % #1 is a control sequence in which to do the replacements, % which we \xdef. \def\txiescapepdf#1{% - \ifx\pdfescapestring\relax + \ifx\pdfescapestring\thisisundefined % No primitive available; should we give a warning or log? % Many times it won't matter. \else @@ -1367,9 +1368,8 @@ output) for that.)} \def\skipspaces#1{\def\PP{#1}\def\D{|}% \ifx\PP\D\let\nextsp\relax \else\let\nextsp\skipspaces - \ifx\p\space\else\addtokens{\filename}{\PP}% - \advance\filenamelength by 1 - \fi + \addtokens{\filename}{\PP}% + \advance\filenamelength by 1 \fi \nextsp} \def\getfilename#1{% @@ -1475,9 +1475,6 @@ output) for that.)} \def\ttsl{\setfontstyle{ttsl}} -% Default leading. -\newdimen\textleading \textleading = 13.2pt - % Set the baselineskip to #1, and the lineskip and strut size % correspondingly. There is no deep meaning behind these magic numbers % used as factors; they just match (closely enough) what Knuth defined. @@ -1489,6 +1486,7 @@ output) for that.)} % can get a sort of poor man's double spacing by redefining this. \def\baselinefactor{1} % +\newdimen\textleading \def\setleading#1{% \dimen0 = #1\relax \normalbaselineskip = \baselinefactor\dimen0 @@ -1761,18 +1759,24 @@ end \fi\fi -% Set the font macro #1 to the font named #2, adding on the -% specified font prefix (normally `cm'). +% Set the font macro #1 to the font named \fontprefix#2. % #3 is the font's design size, #4 is a scale factor, #5 is the CMap -% encoding (currently only OT1, OT1IT and OT1TT are allowed, pass -% empty to omit). +% encoding (only OT1, OT1IT and OT1TT are allowed, or empty to omit). +% Example: +% #1 = \textrm +% #2 = \rmshape +% #3 = 10 +% #4 = \mainmagstep +% #5 = OT1 +% \def\setfont#1#2#3#4#5{% \font#1=\fontprefix#2#3 scaled #4 \csname cmap#5\endcsname#1% } % This is what gets called when #5 of \setfont is empty. \let\cmap\gobble -% emacs-page end of cmaps +% +% (end of cmaps) % Use cm as the default font prefix. % To specify the font prefix, you must define \fontprefix @@ -1782,7 +1786,7 @@ end \fi % Support font families that don't use the same naming scheme as CM. \def\rmshape{r} -\def\rmbshape{bx} %where the normal face is bold +\def\rmbshape{bx} % where the normal face is bold \def\bfshape{b} \def\bxshape{bx} \def\ttshape{tt} @@ -1797,8 +1801,7 @@ end \def\scshape{csc} \def\scbshape{csc} -% Definitions for a main text size of 11pt. This is the default in -% Texinfo. +% Definitions for a main text size of 11pt. (The default in Texinfo.) % \def\definetextfontsizexi{% % Text fonts (11.2pt, magstep1). @@ -1923,7 +1926,7 @@ end \textleading = 13.2pt % line spacing for 11pt CM \textfonts % reset the current fonts \rm -} % end of 11pt text font size definitions +} % end of 11pt text font size definitions, \definetextfontsizexi % Definitions to make the main text be 10pt Computer Modern, with @@ -2055,7 +2058,7 @@ end \textleading = 12pt % line spacing for 10pt CM \textfonts % reset the current fonts \rm -} % end of 10pt text font size definitions +} % end of 10pt text font size definitions, \definetextfontsizex % We provide the user-level command @@ -2270,8 +2273,6 @@ end \gdef\markupsetcodequoteleft{\let`\codequoteleft} \gdef\markupsetcodequoteright{\let'\codequoteright} - -\gdef\markupsetnoligaturesquoteleft{\let`\noligaturesquoteleft} } \let\markupsetuplqcode \markupsetcodequoteleft @@ -2280,6 +2281,9 @@ end \let\markupsetuplqexample \markupsetcodequoteleft \let\markupsetuprqexample \markupsetcodequoteright % +\let\markupsetuplqkbd \markupsetcodequoteleft +\let\markupsetuprqkbd \markupsetcodequoteright +% \let\markupsetuplqsamp \markupsetcodequoteleft \let\markupsetuprqsamp \markupsetcodequoteright % @@ -2289,8 +2293,6 @@ end \let\markupsetuplqverbatim \markupsetcodequoteleft \let\markupsetuprqverbatim \markupsetcodequoteright -\let\markupsetuplqkbd \markupsetnoligaturesquoteleft - % Allow an option to not use regular directed right quote/apostrophe % (char 0x27), but instead the undirected quote from cmtt (char 0x0d). % The undirected quote is ugly, so don't make it the default, but it @@ -2380,8 +2382,7 @@ end \aftersmartic } -% like \smartslanted except unconditionally uses \ttsl, and no ic. -% @var is set to this for defun arguments. +% Unconditional use \ttsl, and no ic. @var is set to this for defuns. \def\ttslanted#1{{\ttsl #1}} % @cite is like \smartslanted except unconditionally use \sl. We never want @@ -2446,34 +2447,12 @@ end % @samp. \def\samp#1{{\setupmarkupstyle{samp}\lq\tclose{#1}\rq\null}} -% definition of @key that produces a lozenge. Doesn't adjust to text size. -%\setfont\keyrm\rmshape{8}{1000}{OT1} -%\font\keysy=cmsy9 -%\def\key#1{{\keyrm\textfont2=\keysy \leavevmode\hbox{% -% \raise0.4pt\hbox{\angleleft}\kern-.08em\vtop{% -% \vbox{\hrule\kern-0.4pt -% \hbox{\raise0.4pt\hbox{\vphantom{\angleleft}}#1}}% -% \kern-0.4pt\hrule}% -% \kern-.06em\raise0.4pt\hbox{\angleright}}}} +% @indicateurl is \samp, that is, with quotes. +\let\indicateurl=\samp -% definition of @key with no lozenge. If the current font is already -% monospace, don't change it; that way, we respect @kbdinputstyle. But -% if it isn't monospace, then use \tt. -% -\def\key#1{{\setupmarkupstyle{key}% - \nohyphenation - \ifmonospace\else\tt\fi - #1}\null} - -% ctrl is no longer a Texinfo command. -\def\ctrl #1{{\tt \rawbackslash \hat}#1} - -% @file, @option are the same as @samp. -\let\file=\samp -\let\option=\samp - -% @code is a modification of @t, -% which makes spaces the same size as normal in the surrounding text. +% @code (and similar) prints in typewriter, but with spaces the same +% size as normal in the surrounding text, without hyphenation, etc. +% This is a subroutine for that. \def\tclose#1{% {% % Change normal interword space to be same as for the current font. @@ -2498,7 +2477,7 @@ end % We *must* turn on hyphenation at `-' and `_' in @code. % Otherwise, it is too hard to avoid overfull hboxes % in the Emacs manual, the Library manual, etc. - +% % Unfortunately, TeX uses one parameter (\hyphenchar) to control % both hyphenation at - and hyphenation within words. % We must therefore turn them both off (\tclose does that) @@ -2517,7 +2496,7 @@ end \let-\codedash \let_\codeunder \else - \let-\realdash + \let-\normaldash \let_\realunder \fi \codex @@ -2526,7 +2505,7 @@ end \def\codex #1{\tclose{#1}\endgroup} -\def\realdash{-} +\def\normaldash{-} \def\codedash{-\discretionary{}{}{}} \def\codeunder{% % this is all so @math{@code{var_name}+1} can work. In math mode, _ @@ -2541,9 +2520,9 @@ end } % An additional complication: the above will allow breaks after, e.g., -% each of the four underscores in __typeof__. This is undesirable in -% some manuals, especially if they don't have long identifiers in -% general. @allowcodebreaks provides a way to control this. +% each of the four underscores in __typeof__. This is bad. +% @allowcodebreaks provides a document-level way to turn breaking at - +% and _ on and off. % \newif\ifallowcodebreaks \allowcodebreakstrue @@ -2562,6 +2541,13 @@ end \fi\fi } +% For @command, @env, @file, @option quotes seem unnecessary, +% so use \code rather than \samp. +\let\command=\code +\let\env=\code +\let\file=\code +\let\option=\code + % @uref (abbreviation for `urlref') takes an optional (comma-separated) % second argument specifying the text to display and an optional third % arg as text to display instead of (rather than in addition to) the url @@ -2708,10 +2694,6 @@ end \let\email=\uref \fi -% @kbd is like @code, except that if the argument is just one @key command, -% then @kbd has no effect. -\def\kbd#1{{\setupmarkupstyle{kbd}\def\look{#1}\expandafter\kbdfoo\look??\par}} - % @kbdinputstyle -- arg is `distinct' (@kbd uses slanted tty font always), % `example' (@kbd uses ttsl only inside of @example and friends), % or `code' (@kbd uses normal tty font always). @@ -2735,16 +2717,36 @@ end % Default is `distinct'. \kbdinputstyle distinct -\def\xkey{\key} -\def\kbdfoo#1#2#3\par{\def\one{#1}\def\three{#3}\def\threex{??}% -\ifx\one\xkey\ifx\threex\three \key{#2}% -\else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi -\else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi} +% @kbd is like @code, except that if the argument is just one @key command, +% then @kbd has no effect. +\def\kbd#1{{\def\look{#1}\expandafter\kbdsub\look??\par}} -% For @indicateurl, @env, @command quotes seem unnecessary, so use \code. -\let\indicateurl=\code -\let\env=\code -\let\command=\code +\def\xkey{\key} +\def\kbdsub#1#2#3\par{% + \def\one{#1}\def\three{#3}\def\threex{??}% + \ifx\one\xkey\ifx\threex\three \key{#2}% + \else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi + \else{\tclose{\kbdfont\setupmarkupstyle{kbd}\look}}\fi +} + +% definition of @key that produces a lozenge. Doesn't adjust to text size. +%\setfont\keyrm\rmshape{8}{1000}{OT1} +%\font\keysy=cmsy9 +%\def\key#1{{\keyrm\textfont2=\keysy \leavevmode\hbox{% +% \raise0.4pt\hbox{\angleleft}\kern-.08em\vtop{% +% \vbox{\hrule\kern-0.4pt +% \hbox{\raise0.4pt\hbox{\vphantom{\angleleft}}#1}}% +% \kern-0.4pt\hrule}% +% \kern-.06em\raise0.4pt\hbox{\angleright}}}} + +% definition of @key with no lozenge. If the current font is already +% monospace, don't change it; that way, we respect @kbdinputstyle. But +% if it isn't monospace, then use \tt. +% +\def\key#1{{\setupmarkupstyle{key}% + \nohyphenation + \ifmonospace\else\tt\fi + #1}\null} % @clicksequence{File @click{} Open ...} \def\clicksequence#1{\begingroup #1\endgroup} @@ -2852,6 +2854,9 @@ end } } +% ctrl is no longer a Texinfo command, but leave this definition for fun. +\def\ctrl #1{{\tt \rawbackslash \hat}#1} + % @inlinefmt{FMTNAME,PROCESSED-TEXT} and @inlineraw{FMTNAME,RAW-TEXT}. % Ignore unless FMTNAME == tex; then it is like @iftex and @tex, % except specified as a normal braced arg, so no newlines to worry about. @@ -3142,12 +3147,17 @@ end % hopefully nobody will notice/care. \edef\ecsize{\csname\curfontsize ecsize\endcsname}% \edef\nominalsize{\csname\curfontsize nominalsize\endcsname}% - \ifx\curfontstyle\bfstylename - % bold: - \font\thisecfont = ecb\ifusingit{i}{x}\ecsize \space at \nominalsize + \ifmonospace + % typewriter: + \font\thisecfont = ectt\ecsize \space at \nominalsize \else - % regular: - \font\thisecfont = ec\ifusingit{ti}{rm}\ecsize \space at \nominalsize + \ifx\curfontstyle\bfstylename + % bold: + \font\thisecfont = ecb\ifusingit{i}{x}\ecsize \space at \nominalsize + \else + % regular: + \font\thisecfont = ec\ifusingit{ti}{rm}\ecsize \space at \nominalsize + \fi \fi \thisecfont } @@ -3260,6 +3270,20 @@ end \finishedtitlepagetrue } +% Settings used for typesetting titles: no hyphenation, no indentation, +% don't worry much about spacing, ragged right. This should be used +% inside a \vbox, and fonts need to be set appropriately first. Because +% it is always used for titles, nothing else, we call \rmisbold. \par +% should be specified before the end of the \vbox, since a vbox is a group. +% +\def\raggedtitlesettings{% + \rmisbold + \hyphenpenalty=10000 + \parindent=0pt + \tolerance=5000 + \ptexraggedright +} + % Macros to be used within @titlepage: \let\subtitlerm=\tenrm @@ -3267,7 +3291,7 @@ end \parseargdef\title{% \checkenv\titlepage - \leftline{\titlefonts\rmisbold #1} + \vbox{\titlefonts \raggedtitlesettings #1\par}% % print a rule at the page bottom also. \finishedtitlepagefalse \vskip4pt \hrule height 4pt width \hsize \vskip4pt @@ -4164,7 +4188,7 @@ end % ..., but we might end up with active ones in the argument if % we're called from @code, as @code{@value{foo-bar_}}, though. % So \let them to their normal equivalents. - \let-\realdash \let_\normalunderscore + \let-\normaldash \let_\normalunderscore } } @@ -4204,7 +4228,7 @@ end } \def\ifsetfail{\doignore{ifset}} -% @ifclear VAR ... @end ifclear reads the `...' iff VAR has never been +% @ifclear VAR ... @end executes the `...' iff VAR has never been % defined with @set, or has been undefined with @clear. % % The `\else' inside the `\doifset' parameter is a trick to reuse the @@ -4215,6 +4239,35 @@ end \def\ifclear{\parsearg{\doifset{\else \let\next=\ifclearfail}}} \def\ifclearfail{\doignore{ifclear}} +% @ifcommandisdefined CMD ... @end executes the `...' if CMD (written +% without the @) is in fact defined. We can only feasibly check at the +% TeX level, so something like `mathcode' is going to considered +% defined even though it is not a Texinfo command. +% +\makecond{ifcommanddefined} +\def\ifcommanddefined{\parsearg{\doifcmddefined{\let\next=\ifcmddefinedfail}}} +% +\def\doifcmddefined#1#2{{% + \makevalueexpandable + \let\next=\empty + \expandafter\ifx\csname #2\endcsname\relax + #1% If not defined, \let\next as above. + \fi + \expandafter + }\next +} +\def\ifcmddefinedfail{\doignore{ifcommanddefined}} + +% @ifcommandnotdefined CMD ... handled similar to @ifclear above. +\makecond{ifcommandnotdefined} +\def\ifcommandnotdefined{% + \parsearg{\doifcmddefined{\else \let\next=\ifcmdnotdefinedfail}}} +\def\ifcmdnotdefinedfail{\doignore{ifcommandnotdefined}} + +% Set the `txicommandconditionals' variable, so documents have a way to +% test if the @ifcommand...defined conditionals are available. +\set txicommandconditionals + % @dircategory CATEGORY -- specify a category of the dir file % which this file should belong to. Ignore this in TeX. \let\dircategory=\comment @@ -4451,6 +4504,7 @@ end \definedummyword\guillemetright \definedummyword\guilsinglleft \definedummyword\guilsinglright + \definedummyword\lbracechar \definedummyword\leq \definedummyword\minus \definedummyword\ogonek @@ -4463,6 +4517,7 @@ end \definedummyword\quoteleft \definedummyword\quoteright \definedummyword\quotesinglbase + \definedummyword\rbracechar \definedummyword\result \definedummyword\textdegree % @@ -4514,6 +4569,7 @@ end \definedummyword\t % % Commands that take arguments. + \definedummyword\abbr \definedummyword\acronym \definedummyword\anchor \definedummyword\cite @@ -4525,7 +4581,9 @@ end \definedummyword\emph \definedummyword\env \definedummyword\file + \definedummyword\image \definedummyword\indicateurl + \definedummyword\inforef \definedummyword\kbd \definedummyword\key \definedummyword\math @@ -4572,7 +4630,10 @@ end % content at all. So for index sorting, we map @{ and @} to strings % starting with |, since that ASCII character is between ASCII { and }. \def\{{|a}% + \def\lbracechar{|a}% + % \def\}{|b}% + \def\rbracechar{|b}% % % Non-English letters. \def\AA{AA}% @@ -5533,14 +5594,6 @@ end % Define @majorheading, @heading and @subheading -% NOTE on use of \vbox for chapter headings, section headings, and such: -% 1) We use \vbox rather than the earlier \line to permit -% overlong headings to fold. -% 2) \hyphenpenalty is set to 10000 because hyphenation in a -% heading is obnoxious; this forbids it. -% 3) Likewise, headings look best if no \parindent is used, and -% if justification is not attempted. Hence \raggedright. - \def\majorheading{% {\advance\chapheadingskip by 10pt \chapbreak }% \parsearg\chapheadingzzz @@ -5548,10 +5601,8 @@ end \def\chapheading{\chapbreak \parsearg\chapheadingzzz} \def\chapheadingzzz#1{% - {\chapfonts \vbox{\hyphenpenalty=10000\tolerance=5000 - \parindent=0pt\ptexraggedright - \rmisbold #1\hfill}}% - \bigskip \par\penalty 200\relax + \vbox{\chapfonts \raggedtitlesettings #1\par}% + \nobreak\bigskip \nobreak \suppressfirstparagraphindent } @@ -5710,8 +5761,7 @@ end % % Typeset the actual heading. \nobreak % Avoid page breaks at the interline glue. - \vbox{\hyphenpenalty=10000 \tolerance=5000 \parindent=0pt \ptexraggedright - \hangindent=\wd0 \centerparametersmaybe + \vbox{\raggedtitlesettings \hangindent=\wd0 \centerparametersmaybe \unhbox0 #1\par}% }% \nobreak\bigskip % no page break after a chapter title @@ -5733,18 +5783,18 @@ end \def\setchapterstyle #1 {\csname CHAPF#1\endcsname} % \def\unnchfopen #1{% -\chapoddpage {\chapfonts \vbox{\hyphenpenalty=10000\tolerance=5000 - \parindent=0pt\ptexraggedright - \rmisbold #1\hfill}}\bigskip \par\nobreak + \chapoddpage + \vbox{\chapfonts \raggedtitlesettings #1\par}% + \nobreak\bigskip\nobreak } \def\chfopen #1#2{\chapoddpage {\chapfonts \vbox to 3in{\vfil \hbox to\hsize{\hfil #2} \hbox to\hsize{\hfil #1} \vfil}}% \par\penalty 5000 % } \def\centerchfopen #1{% -\chapoddpage {\chapfonts \vbox{\hyphenpenalty=10000\tolerance=5000 - \parindent=0pt - \hfill {\rmisbold #1}\hfill}}\bigskip \par\nobreak + \chapoddpage + \vbox{\chapfonts \raggedtitlesettings \hfill #1\hfill}% + \nobreak\bigskip \nobreak } \def\CHAPFopen{% \global\let\chapmacro=\chfopen @@ -6510,16 +6560,9 @@ end \makedispenvdef{quotation}{\quotationstart} % \def\quotationstart{% - {\parskip=0pt \aboveenvbreak}% because \aboveenvbreak inserts \parskip - \parindent=0pt - % - % @cartouche defines \nonarrowing to inhibit narrowing at next level down. + \indentedblockstart % same as \indentedblock, but increase right margin too. \ifx\nonarrowing\relax - \advance\leftskip by \lispnarrowing \advance\rightskip by \lispnarrowing - \exdentamount = \lispnarrowing - \else - \let\nonarrowing = \relax \fi \parsearg\quotationlabel } @@ -6545,6 +6588,32 @@ end \fi } +% @indentedblock is like @quotation, but indents only on the left and +% has no optional argument. +% +\makedispenvdef{indentedblock}{\indentedblockstart} +% +\def\indentedblockstart{% + {\parskip=0pt \aboveenvbreak}% because \aboveenvbreak inserts \parskip + \parindent=0pt + % + % @cartouche defines \nonarrowing to inhibit narrowing at next level down. + \ifx\nonarrowing\relax + \advance\leftskip by \lispnarrowing + \exdentamount = \lispnarrowing + \else + \let\nonarrowing = \relax + \fi +} + +% Keep a nonzero parskip for the environment, since we're doing normal filling. +% +\def\Eindentedblock{% + \par + {\parskip=0pt \afterenvbreak}% +} +\def\Esmallindentedblock{\Eindentedblock} + % LaTeX-like @verbatim...@end verbatim and @verb{...} % If we want to allow any as delimiter, @@ -7023,7 +7092,10 @@ end \df \sl \hyphenchar\font=0 % % On the other hand, if an argument has two dashes (for instance), we - % want a way to get ttsl. Let's try @var for that. + % want a way to get ttsl. We used to recommend @var for that, so + % leave the code in, but it's strange for @var to lead to typewriter. + % Nowadays we recommend @code, since the difference between a ttsl hyphen + % and a tt hyphen is pretty tiny. @code also disables ?` !`. \def\var##1{{\setupmarkupstyle{var}\ttslanted{##1}}}% #1% \sl\hyphenchar\font=45 @@ -7807,7 +7879,7 @@ end \fi\fi } - +% % @xref, @pxref, and @ref generate cross-references. For \xrefX, #1 is % the node name, #2 the name of the Info cross-reference, #3 the printed % node name, #4 the name of the Info file, #5 the name of the printed @@ -7817,16 +7889,21 @@ end \def\xref#1{\putwordSee{} \xrefX[#1,,,,,,,]} \def\ref#1{\xrefX[#1,,,,,,,]} % -\newbox\topbox +\newbox\toprefbox \newbox\printedrefnamebox +\newbox\infofilenamebox \newbox\printedmanualbox % \def\xrefX[#1,#2,#3,#4,#5,#6]{\begingroup \unsepspaces % + % Get args without leading/trailing spaces. \def\printedrefname{\ignorespaces #3}% \setbox\printedrefnamebox = \hbox{\printedrefname\unskip}% % + \def\infofilename{\ignorespaces #4}% + \setbox\infofilenamebox = \hbox{\infofilename\unskip}% + % \def\printedmanual{\ignorespaces #5}% \setbox\printedmanualbox = \hbox{\printedmanual\unskip}% % @@ -7861,11 +7938,18 @@ end \turnoffactive \makevalueexpandable % This expands tokens, so do it after making catcode changes, so _ - % etc. don't get their TeX definitions. + % etc. don't get their TeX definitions. This ignores all spaces in + % #4, including (wrongly) those in the middle of the filename. \getfilename{#4}% % + % This (wrongly) does not take account of leading or trailing + % spaces in #1, which should be ignored. \edef\pdfxrefdest{#1}% - \txiescapepdf\pdfxrefdest + \ifx\pdfxrefdest\empty + \def\pdfxrefdest{Top}% no empty targets + \else + \txiescapepdf\pdfxrefdest % escape PDF special chars + \fi % \leavevmode \startlink attr{/Border [0 0 0]}% @@ -7898,7 +7982,7 @@ end \printedrefname \fi % - % if the user also gave the printed manual name (fifth arg), append + % If the user also gave the printed manual name (fifth arg), append % "in MANUALNAME". \ifdim \wd\printedmanualbox > 0pt \space \putwordin{} \cite{\printedmanual}% @@ -7913,32 +7997,20 @@ end % this is a loss. Therefore, we give the text of the node name % again, so it is as if TeX is seeing it for the first time. % - % Cross-manual reference. Only include the "Section ``foo'' in" if - % the foo is neither missing or Top. Thus, @xref{,,,foo,The Foo Manual} - % outputs simply "see The Foo Manual". \ifdim \wd\printedmanualbox > 0pt - % What is the 7sp about? The idea is that we also want to omit - % the Section part if we would be printing "Top", since they are - % clearly trying to refer to the whole manual. But, this being - % TeX, we can't easily compare strings while ignoring the possible - % spaces before and after in the input. By adding the arbitrary - % 7sp, we make it much less likely that a real node name would - % happen to have the same width as "Top" (e.g., in a monospaced font). - % I hope it will never happen in practice. + % Cross-manual reference with a printed manual name. % - % For the same basic reason, we retypeset the "Top" at every - % reference, since the current font is indeterminate. + \crossmanualxref{\cite{\printedmanual\unskip}}% + % + \else\ifdim \wd\infofilenamebox > 0pt + % Cross-manual reference with only an info filename (arg 4), no + % printed manual name (arg 5). This is essentially the same as + % the case above; we output the filename, since we have nothing else. % - \setbox\topbox = \hbox{Top\kern7sp}% - \setbox2 = \hbox{\ignorespaces \printedrefname \unskip \kern7sp}% - \ifdim \wd2 > 7sp - \ifdim \wd2 = \wd\topbox \else - \putwordSection{} ``\printedrefname'' \putwordin{}\space - \fi - \fi - \cite{\printedmanual}% + \crossmanualxref{\code{\infofilename\unskip}}% + % \else - % Reference in this manual. + % Reference within this manual. % % _ (for example) has to be the character _ for the purposes of the % control sequence corresponding to the node, but it has to expand @@ -7959,11 +8031,37 @@ end % % output the `page 3'. \turnoffactive \putwordpage\tie\refx{#1-pg}{}% - \fi + \fi\fi \fi \endlink \endgroup} +% Output a cross-manual xref to #1. Used just above (twice). +% +% Only include the text "Section ``foo'' in" if the foo is neither +% missing or Top. Thus, @xref{,,,foo,The Foo Manual} outputs simply +% "see The Foo Manual", the idea being to refer to the whole manual. +% +% But, this being TeX, we can't easily compare our node name against the +% string "Top" while ignoring the possible spaces before and after in +% the input. By adding the arbitrary 7sp below, we make it much less +% likely that a real node name would have the same width as "Top" (e.g., +% in a monospaced font). Hopefully it will never happen in practice. +% +% For the same basic reason, we retypeset the "Top" at every +% reference, since the current font is indeterminate. +% +\def\crossmanualxref#1{% + \setbox\toprefbox = \hbox{Top\kern7sp}% + \setbox2 = \hbox{\ignorespaces \printedrefname \unskip \kern7sp}% + \ifdim \wd2 > 7sp % nonempty? + \ifdim \wd2 = \wd\toprefbox \else % same as Top? + \putwordSection{} ``\printedrefname'' \putwordin{}\space + \fi + \fi + #1% +} + % This macro is called from \xrefX for the `[nodename]' part of xref % output. It's a separate macro only so it can be changed more easily, % since square brackets don't work well in some documents. Particularly @@ -9895,22 +9993,26 @@ directory should work if nowhere else does.} @gdef@otherbackslash{@let\=@realbackslash} % Same as @turnoffactive except outputs \ as {\tt\char`\\} instead of -% the literal character `\'. +% the literal character `\'. Also revert - to its normal character, in +% case the active - from code has slipped in. % -@def@normalturnoffactive{% - @let"=@normaldoublequote - @let$=@normaldollar %$ font-lock fix - @let+=@normalplus - @let<=@normalless - @let>=@normalgreater - @let\=@normalbackslash - @let^=@normalcaret - @let_=@normalunderscore - @let|=@normalverticalbar - @let~=@normaltilde - @markupsetuplqdefault - @markupsetuprqdefault - @unsepspaces +{@catcode`- = @active + @gdef@normalturnoffactive{% + @let-=@normaldash + @let"=@normaldoublequote + @let$=@normaldollar %$ font-lock fix + @let+=@normalplus + @let<=@normalless + @let>=@normalgreater + @let\=@normalbackslash + @let^=@normalcaret + @let_=@normalunderscore + @let|=@normalverticalbar + @let~=@normaltilde + @markupsetuplqdefault + @markupsetuprqdefault + @unsepspaces + } } % Make _ and + \other characters, temporarily. diff --git a/doc/tinc.8.in b/doc/tinc.8.in index fba373e..ebf9df1 100644 --- a/doc/tinc.8.in +++ b/doc/tinc.8.in @@ -90,6 +90,15 @@ is used. The same as export followed by import. .It exchange-all Op Fl -force The same as export-all followed by import. +.It invite Ar name +Prepares an invitation for a new node with the given +.Ar name , +and prints a short invitation URL that can be used with the join command. +.It join Op Ar URL +Join an existing VPN using an invitation URL created using the invite command. +If no +.Ar URL +is given, it will be read from standard input. .It start Op tincd options Start .Xr tincd 8 , @@ -97,9 +106,10 @@ optionally with the given extra options. .It stop Stop .Xr tincd 8 . -.It restart +.It restart Op tincd options Restart -.Xr tincd 8 . +.Xr tincd 8 , +optionally with the given extra options. .It reload Partially rereads configuration files. Connections to hosts whose host config files are removed are closed. New outgoing connections specified diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in index 1cca366..69deace 100644 --- a/doc/tinc.conf.5.in +++ b/doc/tinc.conf.5.in @@ -274,14 +274,12 @@ The file in which the private ECDSA key of this tinc daemon resides. This is only used if .Va ExperimentalProtocol is enabled. -.It Va ExperimentalProtocol Li = yes | no Po no Pc Bq experimental -When this option is enabled, experimental protocol enhancements will be used. +.It Va ExperimentalProtocol Li = yes | no Pq yes +When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it. Ephemeral ECDH will be used for key exchanges, and ECDSA will be used instead of RSA for authentication. When enabled, an ECDSA key must have been generated before with .Nm tinc generate-ecdsa-keys . -The experimental protocol may change at any time, -and there is no guarantee that tinc will run stable when it is used. .It Va Forwarding Li = off | internal | kernel Po internal Pc Bq experimental This option selects the way indirect packets are forwarded. .Bl -tag -width indent @@ -328,12 +326,20 @@ which normally would prevent the peers from learning each other's LAN address. .Pp Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery. This feature may not work in all possible situations. +.It Va LocalDiscoveryAddress Li = Ar address +If this variable is specified, local discovery packets are sent to the given +.Ar address . .It Va MACExpire Li = Ar seconds Pq 600 This option controls the amount of time MAC addresses are kept before they are removed. This only has effect when .Va Mode is set to .Qq switch . +.It Va MaxConnectionBurst Li = Ar count Pq 100 +This option controls how many connections tinc accepts in quick succession. +If there are more connections than the given number in a short time interval, +tinc will reduce the number of accepted connections to only one per second, +until the burst has passed. .It Va MaxTimeout Li = Ar seconds Pq 900 This is the maximum delay before trying to reconnect to other tinc daemons. .It Va Mode Li = router | switch | hub Pq router diff --git a/doc/tinc.info b/doc/tinc.info index f46a430..0e4c5ec 100644 --- a/doc/tinc.info +++ b/doc/tinc.info @@ -1,11 +1,11 @@ -This is tinc.info, produced by makeinfo version 4.13 from tinc.texi. +This is tinc.info, produced by makeinfo version 5.1 from tinc.texi. INFO-DIR-SECTION Networking tools START-INFO-DIR-ENTRY * tinc: (tinc). The tinc Manual. END-INFO-DIR-ENTRY - This is the info manual for tinc version 1.1pre7, a Virtual Private +This is the info manual for tinc version 1.1pre7, a Virtual Private Network daemon. Copyright (C) 1998-2013 Ivo Timmermans, Guus Sliepen @@ -74,7 +74,7 @@ A Virtual Private Network or VPN is a network that can only be accessed by a few elected computers that participate. This goal is achievable in more than just one way. -Private networks can consist of a single stand-alone Ethernet LAN. Or +Private networks can consist of a single stand-alone Ethernet LAN. Or even two computers hooked up using a null-modem cable. In these cases, it is obvious that the network is _private_, no one can access it from the outside. But if your computers are linked to the Internet, the @@ -94,10 +94,10 @@ As is the case with either type of VPN, anybody could eavesdrop. Or worse, alter data. Hence it's probably advisable to encrypt the data that flows over the network. -When one introduces encryption, we can form a true VPN. Other people -may see encrypted traffic, but if they don't know how to decipher it -(they need to know the key for that), they cannot read the information -that flows through the VPN. This is what tinc was made for. +When one introduces encryption, we can form a true VPN. Other people may +see encrypted traffic, but if they don't know how to decipher it (they +need to know the key for that), they cannot read the information that +flows through the VPN. This is what tinc was made for.  File: tinc.info, Node: tinc, Next: Supported platforms, Prev: Virtual Private Networks, Up: Introduction @@ -108,8 +108,8 @@ File: tinc.info, Node: tinc, Next: Supported platforms, Prev: Virtual Private I really don't quite remember what got us started, but it must have been Guus' idea. He wrote a simple implementation (about 50 lines of C) that used the ethertap device that Linux knows of since somewhere about -kernel 2.1.60. It didn't work immediately and he improved it a bit. -At this stage, the project was still simply called "vpnd". +kernel 2.1.60. It didn't work immediately and he improved it a bit. At +this stage, the project was still simply called "vpnd". Since then, a lot has changed--to say the least. @@ -119,13 +119,13 @@ runtime-configurable--in short, it has become a full-fledged professional package. Tinc also allows more than two sites to connect to eachother and form a -single VPN. Traditionally VPNs are created by making tunnels, which -only have two endpoints. Larger VPNs with more sites are created by -adding more tunnels. Tinc takes another approach: only endpoints are +single VPN. Traditionally VPNs are created by making tunnels, which only +have two endpoints. Larger VPNs with more sites are created by adding +more tunnels. Tinc takes another approach: only endpoints are specified, the software itself will take care of creating the tunnels. This allows for easier configuration and improved scalability. -A lot can--and will be--changed. We have a number of things that we +A lot can--and will be--changed. We have a number of things that we would like to see in the future releases of tinc. Not everything will be available in the near future. Our first objective is to make tinc work perfectly as it stands, and then add more advanced features. @@ -148,7 +148,7 @@ will most likely compile and run, but it will not be able to send or receive data packets. For an up to date list of supported platforms, please check the list on -our website: `http://www.tinc-vpn.org/platforms/'. +our website: .  File: tinc.info, Node: Preparations, Next: Installation, Prev: Introduction, Up: Top @@ -199,7 +199,7 @@ It's not necessary to compile this driver as a module, even if you are going to run more than one instance of tinc. If you decide to build the tun/tap driver as a kernel module, add these -lines to `/etc/modules.conf': +lines to '/etc/modules.conf': alias char-major-10-200 tun @@ -211,8 +211,8 @@ File: tinc.info, Node: Configuration of FreeBSD kernels, Next: Configuration o For FreeBSD version 4.1 and higher, tun and tap drivers are included in the default kernel configuration. The tap driver can be loaded with -`kldload if_tap', or by adding `if_tap_load="YES"' to -`/boot/loader.conf'. +'kldload if_tap', or by adding 'if_tap_load="YES"' to +'/boot/loader.conf'.  File: tinc.info, Node: Configuration of OpenBSD kernels, Next: Configuration of NetBSD kernels, Prev: Configuration of FreeBSD kernels, Up: Configuring the kernel @@ -222,7 +222,7 @@ File: tinc.info, Node: Configuration of OpenBSD kernels, Next: Configuration o For OpenBSD version 2.9 and higher, the tun driver is included in the default kernel configuration. There is also a kernel patch from -`http://diehard.n-r-g.com/stuff/openbsd/' which adds a tap device to + which adds a tap device to OpenBSD which should work with tinc, but with recent versions of OpenBSD, a tun device can act as a tap device by setting the link0 option with ifconfig. @@ -246,9 +246,9 @@ File: tinc.info, Node: Configuration of Solaris kernels, Next: Configuration o For Solaris 8 (SunOS 5.8) and higher, the tun driver may or may not be included in the default kernel configuration. If it isn't, the source -can be downloaded from `http://vtun.sourceforge.net/tun/'. For x86 and +can be downloaded from . For x86 and sparc64 architectures, precompiled versions can be found at -`http://www.monkey.org/~dugsong/fragroute/'. If the `net/if_tun.h' +. If the 'net/if_tun.h' header file is missing, install it from the source package.  @@ -259,11 +259,11 @@ File: tinc.info, Node: Configuration of Darwin (MacOS/X) kernels, Next: Config Tinc on Darwin relies on a tunnel driver for its data acquisition from the kernel. Tinc supports either the driver from -`http://tuntaposx.sourceforge.net/', which supports both tun and tap +, which supports both tun and tap style devices, and also the driver from from -`http://chrisp.de/en/projects/tunnel.html'. The former driver is -recommended. The tunnel driver must be loaded before starting tinc -with the following command: +. The former driver is +recommended. The tunnel driver must be loaded before starting tinc with +the following command: kmodload tunnel @@ -273,8 +273,8 @@ File: tinc.info, Node: Configuration of Windows, Prev: Configuration of Darwin 2.1.7 Configuration of Windows ------------------------------ -You will need to install the latest TAP-Win32 driver from OpenVPN. You -can download it from `http://openvpn.sourceforge.net'. Using the +You will need to install the latest TAP-Win32 driver from OpenVPN. You +can download it from . Using the Network Connections control panel, configure the TAP-Win32 network interface in the same way as you would do from the tinc-up script, as explained in the rest of the documentation. @@ -287,8 +287,8 @@ File: tinc.info, Node: Libraries, Prev: Configuring the kernel, Up: Preparati Before you can configure or build tinc, you need to have the OpenSSL, zlib and lzo libraries installed on your system. If you try to -configure tinc without having them installed, configure will give you -an error message, and stop. +configure tinc without having them installed, configure will give you an +error message, and stop. * Menu: @@ -316,10 +316,9 @@ available. Make sure you install the development AND runtime versions of this package. If you have to install OpenSSL manually, you can get the source code -from `http://www.openssl.org/'. Instructions on how to configure, -build and install this package are included within the package. Please -make sure you build development and runtime libraries (which is the -default). +from . Instructions on how to configure, build +and install this package are included within the package. Please make +sure you build development and runtime libraries (which is the default). If you installed the OpenSSL libraries from source, it may be necessary to let configure know where they are, by passing configure one of the @@ -337,21 +336,21 @@ License The complete source code of tinc is covered by the GNU GPL version 2. Since the license under which OpenSSL is distributed is not directly compatible with the terms of the GNU GPL -`http://www.openssl.org/support/faq.html#LEGAL2', we include an +, we include an exemption to the GPL (see also the file COPYING.README) to allow everyone to create a statically or dynamically linked executable: This program is released under the GPL with the additional - exemption that compiling, linking, and/or using OpenSSL is - allowed. You may provide binary packages linked to the OpenSSL - libraries, provided that all other requirements of the GPL are met. + exemption that compiling, linking, and/or using OpenSSL is allowed. + You may provide binary packages linked to the OpenSSL libraries, + provided that all other requirements of the GPL are met. Since the LZO library used by tinc is also covered by the GPL, we also present the following exemption: Hereby I grant a special exception to the tinc VPN project - (http://www.tinc-vpn.org/) to link the LZO library with the - OpenSSL library (http://www.openssl.org). + (http://www.tinc-vpn.org/) to link the LZO library with the OpenSSL + library (http://www.openssl.org). Markus F.X.J. Oberhumer @@ -367,7 +366,7 @@ provided by the zlib library. If this library is not installed, you wil get an error when running the configure script. You can either install the zlib library, or disable support for zlib compression by using the "-disable-zlib" option when -running the configure script. Note that if you disable support for +running the configure script. Note that if you disable support for zlib, the resulting binary will not work correctly on VPNs where zlib compression is used. @@ -376,7 +375,7 @@ available. Make sure you install the development AND runtime versions of this package. If you have to install zlib manually, you can get the source code from -`http://www.gzip.org/zlib/'. Instructions on how to configure, build +. Instructions on how to configure, build and install this package are included within the package. Please make sure you build development and runtime libraries (which is the default). @@ -391,7 +390,7 @@ Another form of compression is offered using the LZO library. If this library is not installed, you wil get an error when running the configure script. You can either install the LZO library, or disable support for LZO compression by using the "-disable-lzo" option when -running the configure script. Note that if you disable support for LZO, +running the configure script. Note that if you disable support for LZO, the resulting binary will not work correctly on VPNs where LZO compression is used. @@ -400,7 +399,7 @@ available. Make sure you install the development AND runtime versions of this package. If you have to install lzo manually, you can get the source code from -`http://www.oberhumer.com/opensource/lzo/'. Instructions on how to +. Instructions on how to configure, build and install this package are included within the package. Please make sure you build development and runtime libraries (which is the default). @@ -418,14 +417,14 @@ configure script. You can either install a suitable curses library, or disable all functionality that depends on a curses library by using the "-disable-curses" option when running the configure script. -There are several curses libraries. It is recommended that you install -"ncurses" (`http://invisible-island.net/ncurses/'), however other -curses libraries should also work. In particular, "PDCurses" -(`http://pdcurses.sourceforge.net/') is recommended if you want to +There are several curses libraries. It is recommended that you install +"ncurses" (), however other curses +libraries should also work. In particular, "PDCurses" +() is recommended if you want to compile tinc for Windows. You can use your operating system's package manager to install this if -available. Make sure you install the development AND runtime versions +available. Make sure you install the development AND runtime versions of this package.  @@ -439,16 +438,16 @@ library. If this library is not installed, you wil get an error when running the configure script. You can either install a suitable readline library, -or disable all functionality that depends on a readline library by -using the "-disable-readline" option when running the configure script. +or disable all functionality that depends on a readline library by using +the "-disable-readline" option when running the configure script. You can use your operating system's package manager to install this if available. Make sure you install the development AND runtime versions of this package. -If you have to install libreadline manually, you can get the source -code from `http://www.gnu.org/software/readline/'. Instructions on how -to configure, build and install this package are included within the +If you have to install libreadline manually, you can get the source code +from . Instructions on how to +configure, build and install this package are included within the package. Please make sure you build development and runtime libraries (which is the default). @@ -464,15 +463,15 @@ startup scripts and sample configurations. If you cannot use one of the precompiled packages, or you want to compile tinc for yourself, you can use the source. The source is -distributed under the GNU General Public License (GPL). Download the -source from the download page (http://www.tinc-vpn.org/download/), -which has the checksums of these files listed; you may wish to check -these with md5sum before continuing. +distributed under the GNU General Public License (GPL). Download the +source from the download page (http://www.tinc-vpn.org/download/), which +has the checksums of these files listed; you may wish to check these +with md5sum before continuing. Tinc comes in a convenient autoconf/automake package, which you can just treat the same as any other package. Which is just untar it, type -`./configure' and then `make'. More detailed instructions are in the -file `INSTALL', which is included in the source distribution. +'./configure' and then 'make'. More detailed instructions are in the +file 'INSTALL', which is included in the source distribution. * Menu: @@ -486,12 +485,12 @@ File: tinc.info, Node: Building and installing tinc, Next: System files, Up: ================================ Detailed instructions on configuring the source, building tinc and -installing tinc can be found in the file called `INSTALL'. +installing tinc can be found in the file called 'INSTALL'. If you happen to have a binary package for tinc for your distribution, -you can use the package management tools of that distribution to -install tinc. The documentation that comes along with your -distribution will tell you how to do that. +you can use the package management tools of that distribution to install +tinc. The documentation that comes along with your distribution will +tell you how to do that. * Menu: @@ -506,9 +505,8 @@ File: tinc.info, Node: Darwin (MacOS/X) build environment, Next: Cygwin (Windo ---------------------------------------- In order to build tinc on Darwin, you need to install the MacOS/X -Developer Tools from -`http://developer.apple.com/tools/macosxtools.html' and a recent -version of Fink from `http://www.finkproject.org/'. +Developer Tools from +and a recent version of Fink from . After installation use fink to download and install the following packages: autoconf25, automake, dlcompat, m4, openssl, zlib and lzo. @@ -520,11 +518,11 @@ File: tinc.info, Node: Cygwin (Windows) build environment, Next: MinGW (Window ---------------------------------------- If Cygwin hasn't already been installed, install it directly from -`http://www.cygwin.com/'. +. When tinc is compiled in a Cygwin environment, it can only be run in this environment, but all programs, including those started outside the -Cygwin environment, will be able to use the VPN. It will also support +Cygwin environment, will be able to use the VPN. It will also support all features.  @@ -534,7 +532,7 @@ File: tinc.info, Node: MinGW (Windows) build environment, Prev: Cygwin (Window --------------------------------------- You will need to install the MinGW environment from -`http://www.mingw.org'. +. When tinc is compiled using MinGW it runs natively under Windows, it is not necessary to keep MinGW installed. @@ -576,20 +574,20 @@ File: tinc.info, Node: Other files, Prev: Device files, Up: System files 3.2.2 Other files ----------------- -`/etc/networks' +'/etc/networks' ............... -You may add a line to `/etc/networks' so that your VPN will get a +You may add a line to '/etc/networks' so that your VPN will get a symbolic name. For example: myvpn 10.0.0.0 -`/etc/services' +'/etc/services' ............... -You may add this line to `/etc/services'. The effect is that you may -supply a `tinc' as a valid port number to some programs. The number -655 is registered with the IANA. +You may add this line to '/etc/services'. The effect is that you may +supply a 'tinc' as a valid port number to some programs. The number 655 +is registered with the IANA. tinc 655/tcp TINC tinc 655/udp TINC @@ -620,23 +618,23 @@ Before actually starting to configure tinc and editing files, make sure you have read this entire section so you know what to expect. Then, make it clear to yourself how you want to organize your VPN: What are the nodes (computers running tinc)? What IP addresses/subnets do they -have? What is the network mask of the entire VPN? Do you need special +have? What is the network mask of the entire VPN? Do you need special firewall rules? Do you have to set up masquerading or forwarding rules? Do you want to run tinc in router mode or switch mode? These questions can only be answered by yourself, you will not find the answers in this -documentation. Make sure you have an adequate understanding of -networks in general. A good resource on networking is the Linux -Network Administrators Guide (http://www.tldp.org/LDP/nag2/). +documentation. Make sure you have an adequate understanding of networks +in general. A good resource on networking is the Linux Network +Administrators Guide (http://www.tldp.org/LDP/nag2/). If you have everything clearly pictured in your mind, proceed in the following order: First, create the initial configuration files and public/private keypairs using the following command: tinc -n NETNAME init NAME -Second, use `tinc -n NETNAME add ...' to further configure tinc. -Finally, export your host configuration file using `tinc -n NETNAME +Second, use 'tinc -n NETNAME add ...' to further configure tinc. +Finally, export your host configuration file using 'tinc -n NETNAME export' and send it to those people or computers you want tinc to connect to. They should send you their host configuration file back, -which you can import using `tinc -n NETNAME import'. +which you can import using 'tinc -n NETNAME import'. These steps are described in the subsections below. @@ -648,7 +646,7 @@ File: tinc.info, Node: Multiple networks, Next: How connections work, Prev: C In order to allow you to run more than one tinc daemon on one computer, for instance if your computer is part of more than one VPN, you can -assign a NETNAME to your VPN. It is not required if you only run one +assign a NETNAME to your VPN. It is not required if you only run one tinc daemon, it doesn't even have to be the same on all the nodes of your VPN, but it is recommended that you choose one anyway. @@ -656,18 +654,18 @@ We will asume you use a netname throughout this document. This means that you call tinc with the -n argument, which will specify the netname. The effect of this option is that tinc will set its configuration root -to `/etc/tinc/NETNAME/', where NETNAME is your argument to the -n +to '/etc/tinc/NETNAME/', where NETNAME is your argument to the -n option. You will also notice that log messages it appears in syslog as -coming from `tinc.NETNAME', and on Linux, unless specified otherwise, +coming from 'tinc.NETNAME', and on Linux, unless specified otherwise, the name of the virtual network interface will be the same as the network name. However, it is not strictly necessary that you call tinc with the -n -option. If you don not use it, the network name will just be empty, and -tinc will look for files in `/etc/tinc/' instead of -`/etc/tinc/NETNAME/'; the configuration file will then be -`/etc/tinc/tinc.conf', and the host configuration files are expected to -be in `/etc/tinc/hosts/'. +option. If you don not use it, the network name will just be empty, and +tinc will look for files in '/etc/tinc/' instead of +'/etc/tinc/NETNAME/'; the configuration file will then be +'/etc/tinc/tinc.conf', and the host configuration files are expected to +be in '/etc/tinc/hosts/'.  File: tinc.info, Node: How connections work, Next: Configuration files, Prev: Multiple networks, Up: Configuration @@ -676,38 +674,38 @@ File: tinc.info, Node: How connections work, Next: Configuration files, Prev: ======================== When tinc starts up, it parses the command-line options and then reads -in the configuration file tinc.conf. If it sees one or more -`ConnectTo' values pointing to other tinc daemons in that file, it will -try to connect to those other daemons. Whether this succeeds or not -and whether `ConnectTo' is specified or not, tinc will listen for -incoming connection from other deamons. If you did specify a -`ConnectTo' value and the other side is not responding, tinc will keep -retrying. This means that once started, tinc will stay running until -you tell it to stop, and failures to connect to other tinc daemons will -not stop your tinc daemon for trying again later. This means you don't -have to intervene if there are temporary network problems. +in the configuration file tinc.conf. If it sees one or more 'ConnectTo' +values pointing to other tinc daemons in that file, it will try to +connect to those other daemons. Whether this succeeds or not and +whether 'ConnectTo' is specified or not, tinc will listen for incoming +connection from other deamons. If you did specify a 'ConnectTo' value +and the other side is not responding, tinc will keep retrying. This +means that once started, tinc will stay running until you tell it to +stop, and failures to connect to other tinc daemons will not stop your +tinc daemon for trying again later. This means you don't have to +intervene if there are temporary network problems. There is no real distinction between a server and a client in tinc. If -you wish, you can view a tinc daemon without a `ConnectTo' value as a +you wish, you can view a tinc daemon without a 'ConnectTo' value as a server, and one which does specify such a value as a client. It does -not matter if two tinc daemons have a `ConnectTo' value pointing to -each other however. +not matter if two tinc daemons have a 'ConnectTo' value pointing to each +other however. -Connections specified using `ConnectTo' are so-called meta-connections. -Tinc daemons exchange information about all other daemon they know -about via these meta-connections. After learning about all the daemons -in the VPN, tinc will create other connections as necessary in order to -communicate with them. For example, if there are three daemons named -A, B and C, and A has `ConnectTo = B' in its tinc.conf file, and C has -`ConnectTo = B' in its tinc.conf file, then A will learn about C from B, -and will be able to exchange VPN packets with C without the need to -have `ConnectTo = C' in its tinc.conf file. +Connections specified using 'ConnectTo' are so-called meta-connections. +Tinc daemons exchange information about all other daemon they know about +via these meta-connections. After learning about all the daemons in the +VPN, tinc will create other connections as necessary in order to +communicate with them. For example, if there are three daemons named A, +B and C, and A has 'ConnectTo = B' in its tinc.conf file, and C has +'ConnectTo = B' in its tinc.conf file, then A will learn about C from B, +and will be able to exchange VPN packets with C without the need to have +'ConnectTo = C' in its tinc.conf file. It could be that some daemons are located behind a Network Address Translation (NAT) device, or behind a firewall. In the above scenario with three daemons, if A and C are behind a NAT, B will automatically -help A and C punch holes through their NAT, in a way similar to the -STUN protocol, so that A and C can still communicate with each other +help A and C punch holes through their NAT, in a way similar to the STUN +protocol, so that A and C can still communicate with each other directly. It is not always possible to do this however, and firewalls might also prevent direct communication. In that case, VPN packets between A and C will be forwarded by B. @@ -723,8 +721,8 @@ File: tinc.info, Node: Configuration files, Next: Network interfaces, Prev: H ======================= The actual configuration of the daemon is done in the file -`/etc/tinc/NETNAME/tinc.conf' and at least one other file in the -directory `/etc/tinc/NETNAME/hosts/'. +'/etc/tinc/NETNAME/tinc.conf' and at least one other file in the +directory '/etc/tinc/NETNAME/hosts/'. These file consists of comments (lines started with a #) or assignments in the form of @@ -733,13 +731,13 @@ in the form of The variable names are case insensitive, and any spaces, tabs, newlines and carriage returns are ignored. Note: it is not required that you put -in the `=' sign, but doing so improves readability. If you leave it +in the '=' sign, but doing so improves readability. If you leave it out, remember to replace it with at least one space character. The server configuration is complemented with host specific -configuration (see the next section). Although all host configuration +configuration (see the next section). Although all host configuration options for the local node listed in this document can also be put in -`/etc/tinc/NETNAME/tinc.conf', it is recommended to put host specific +'/etc/tinc/NETNAME/tinc.conf', it is recommended to put host specific configuration options in the host configuration file, as this makes it easy to exchange with other nodes. @@ -789,34 +787,33 @@ BindToAddress =
[] BindToInterface = [experimental] If you have more than one network interface in your computer, tinc - will by default listen on all of them for incoming connections. - It is possible to bind tinc to a single interface like eth0 or - ppp0 with this variable. + will by default listen on all of them for incoming connections. It + is possible to bind tinc to a single interface like eth0 or ppp0 + with this variable. - This option may not work on all platforms. Also, on some - platforms it will not actually bind to an interface, but rather to - the address that the interface has at the moment a socket is - created. + This option may not work on all platforms. Also, on some platforms + it will not actually bind to an interface, but rather to the + address that the interface has at the moment a socket is created. Broadcast = (mst) [experimental] This option selects the way broadcast packets are sent to other daemons. _NOTE: all nodes in a VPN must use the same Broadcast mode, otherwise routing loops can form._ - no + no Broadcast packets are never sent to other nodes. - mst - Broadcast packets are sent and forwarded via the VPN's - Minimum Spanning Tree. This ensures broadcast packets reach - all nodes. + mst + Broadcast packets are sent and forwarded via the VPN's Minimum + Spanning Tree. This ensures broadcast packets reach all + nodes. - direct + direct Broadcast packets are sent directly to all nodes that can be - reached directly. Broadcast packets received from other - nodes are never forwarded. If the IndirectData option is - also set, broadcast packets will only be sent to nodes which - we have a meta connection to. + reached directly. Broadcast packets received from other nodes + are never forwarded. If the IndirectData option is also set, + broadcast packets will only be sent to nodes which we have a + meta connection to. ConnectTo = Specifies which other tinc daemon to connect to on startup. @@ -838,12 +835,12 @@ DecrementTTL = (no) [experimental] Do not use this option if you use switch mode and want to use IPv6. -Device = (`/dev/tap0', `/dev/net/tun' or other depending on platform) +Device = ('/dev/tap0', '/dev/net/tun' or other depending on platform) The virtual network device to use. Tinc will automatically detect what kind of device it is. Note that you can only use one device per daemon. Under Windows, use INTERFACE instead of DEVICE. Note - that you can only use one device per daemon. See also *note - Device files::. + that you can only use one device per daemon. See also *note Device + files::. DeviceType = (platform dependent) The type of the virtual network device. Tinc will normally @@ -852,99 +849,97 @@ DeviceType = (platform dependent) select one of the special interface types, if support for them is compiled in. - dummy - Use a dummy interface. No packets are ever read or written - to a virtual network device. Useful for testing, or when - setting up a node that only forwards packets for other nodes. + dummy + Use a dummy interface. No packets are ever read or written to + a virtual network device. Useful for testing, or when setting + up a node that only forwards packets for other nodes. - raw_socket + raw_socket Open a raw socket, and bind it to a pre-existing INTERFACE (eth0 by default). All packets are read from this interface. Packets received for the local node are written to the raw - socket. However, at least on Linux, the operating system - does not process IP packets destined for the local host. + socket. However, at least on Linux, the operating system does + not process IP packets destined for the local host. - multicast + multicast Open a multicast UDP socket and bind it to the address and port (separated by spaces) and optionally a TTL value specified using DEVICE. Packets are read from and written to this multicast socket. This can be used to connect to UML, QEMU or KVM instances listening on the same multicast address. Do NOT connect multiple tinc daemons to the same multicast - address, this will very likely cause routing loops. Also - note that this can cause decrypted VPN packets to be sent out - on a real network if misconfigured. + address, this will very likely cause routing loops. Also note + that this can cause decrypted VPN packets to be sent out on a + real network if misconfigured. - uml (not compiled in by default) - Create a UNIX socket with the filename specified by DEVICE, - or `/var/run/NETNAME.umlsocket' if not specified. Tinc will - wait for a User Mode Linux instance to connect to this socket. + uml (not compiled in by default) + Create a UNIX socket with the filename specified by DEVICE, or + '/var/run/NETNAME.umlsocket' if not specified. Tinc will wait + for a User Mode Linux instance to connect to this socket. - vde (not compiled in by default) + vde (not compiled in by default) Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch, using the UNIX socket specified - by DEVICE, or `/var/run/vde.ctl' if not specified. + by DEVICE, or '/var/run/vde.ctl' if not specified. Also, in case tinc does not seem to correctly interpret packets received from the virtual network device, it can be used to change the way packets are interpreted: - tun (BSD and Linux) + tun (BSD and Linux) Set type to tun. Depending on the platform, this can either be with or without an address family header (see below). - tunnohead (BSD) + tunnohead (BSD) Set type to tun without an address family header. Tinc will expect packets read from the virtual network device to start with an IP header. On some platforms IPv6 packets cannot be read from or written to the device in this mode. - tunifhead (BSD) + tunifhead (BSD) Set type to tun with an address family header. Tinc will expect packets read from the virtual network device to start with a four byte header containing the address family, followed by an IP header. This mode should support both IPv4 and IPv6 packets. - tap (BSD and Linux) + tap (BSD and Linux) Set type to tap. Tinc will expect packets read from the virtual network device to start with an Ethernet header. DirectOnly = (no) [experimental] When this option is enabled, packets that cannot be sent directly - to the destination node, but which would have to be forwarded by - an intermediate node, are dropped instead. When combined with the + to the destination node, but which would have to be forwarded by an + intermediate node, are dropped instead. When combined with the IndirectData option, packets for nodes for which we do not have a meta connection with are also dropped. -ECDSAPrivateKeyFile = (`/etc/tinc/NETNAME/ecdsa_key.priv') +ECDSAPrivateKeyFile = ('/etc/tinc/NETNAME/ecdsa_key.priv') The file in which the private ECDSA key of this tinc daemon resides. This is only used if ExperimentalProtocol is enabled. -ExperimentalProtocol = (no) [experimental] - When this option is enabled, experimental protocol enhancements - will be used. Ephemeral ECDH will be used for key exchanges, and - ECDSA will be used instead of RSA for authentication. When - enabled, an ECDSA key must have been generated before with `tinc - generate-ecdsa-keys'. The experimental protocol may change at any - time, and there is no guarantee that tinc will run stable when it - is used. +ExperimentalProtocol = (yes) + When this option is enabled, the SPTPS protocol will be used when + connecting to nodes that also support it. Ephemeral ECDH will be + used for key exchanges, and ECDSA will be used instead of RSA for + authentication. When enabled, an ECDSA key must have been + generated before with 'tinc generate-ecdsa-keys'. Forwarding = (internal) [experimental] This option selects the way indirect packets are forwarded. - off + off Incoming packets that are not meant for the local node, but which should be forwarded to another node, are dropped. - internal - Incoming packets that are meant for another node are - forwarded by tinc internally. + internal + Incoming packets that are meant for another node are forwarded + by tinc internally. This is the default mode, and unless you really know you need another forwarding mode, don't change it. - kernel + kernel Incoming packets are always sent to the TUN/TAP device, even if the packets are not for the local node. This is less efficient, but allows the kernel to apply its routing and @@ -977,13 +972,17 @@ LocalDiscovery = (no) prevent the peers from learning each other's LAN address. Currently, local discovery is implemented by sending broadcast - packets to the LAN during path MTU discovery. This feature may - not work in all possible situations. + packets to the LAN during path MTU discovery. This feature may not + work in all possible situations. + +LocalDiscoveryAddress
+ If this variable is specified, local discovery packets are sent to + the given ADDRESS. Mode = (router) This option selects the way packets are routed to other daemons. - router + router In this mode Subnet variables in the host configuration files will be used to form a routing table. Only packets of routable protocols (IPv4 and IPv6) are supported in this mode. @@ -991,7 +990,7 @@ Mode = (router) This is the default mode, and unless you really know you need another mode, don't change it. - switch + switch In this mode the MAC addresses of the packets on the VPN will be used to dynamically create a routing table just like an Ethernet switch does. Unicast, multicast and broadcast @@ -1002,7 +1001,7 @@ Mode = (router) This mode is primarily useful if you want to bridge Ethernet segments. - hub + hub This mode is almost the same as the switch mode, but instead every packet will be broadcast to the other daemons while no routing table is managed. @@ -1018,6 +1017,12 @@ MACExpire = (600) before they are removed. This only has effect when Mode is set to "switch". +MaxConnectionBurst = (100) + This option controls how many connections tinc accepts in quick + succession. If there are more connections than the given number in + a short time interval, tinc will reduce the number of accepted + connections to only one per second, until the burst has passed. + Name = [required] This is a symbolic name for this connection. The name should consist only of alfanumeric and underscore characters (a-z, A-Z, @@ -1025,9 +1030,9 @@ Name = [required] If Name starts with a $, then the contents of the environment variable that follows will be used. In that case, invalid - characters will be converted to underscores. If Name is $HOST, - but no such environment variable exist, the hostname will be read - using the gethostname() system call. + characters will be converted to underscores. If Name is $HOST, but + no such environment variable exist, the hostname will be read using + the gethostname() system call. PingInterval = (60) The number of seconds of inactivity that tinc will wait before @@ -1035,7 +1040,7 @@ PingInterval = (60) PingTimeout = (5) The number of seconds to wait for a response to pings or to allow - meta connections to block. If the other end doesn't respond within + meta connections to block. If the other end doesn't respond within this time, the connection is terminated, and the others will be notified of this. @@ -1045,14 +1050,14 @@ PriorityInheritance = (no) [experimental] out. PrivateKey = [obsolete] - This is the RSA private key for tinc. However, for safety reasons + This is the RSA private key for tinc. However, for safety reasons it is advised to store private keys of any kind in separate files. This prevents accidental eavesdropping if you are editting the configuration file. -PrivateKeyFile = (`/etc/tinc/NETNAME/rsa_key.priv') +PrivateKeyFile = ('/etc/tinc/NETNAME/rsa_key.priv') This is the full path name of the RSA private key file that was - generated by `tinc generate-keys'. It must be a full path, not a + generated by 'tinc generate-keys'. It must be a full path, not a relative directory. ProcessPriority = @@ -1064,47 +1069,47 @@ Proxy = socks4 | socks4 | http | exec ... [experimental] Use a proxy when making outgoing connections. The following proxy types are currently supported: - socks4
[] + socks4
[] Connects to the proxy using the SOCKS version 4 protocol. - Optionally, a USERNAME can be supplied which will be passed - on to the proxy server. + Optionally, a USERNAME can be supplied which will be passed on + to the proxy server. - socks4
[ ] - Connect to the proxy using the SOCKS version 5 protocol. If - a USERNAME and PASSWORD are given, basic username/password + socks4
[ ] + Connect to the proxy using the SOCKS version 5 protocol. If a + USERNAME and PASSWORD are given, basic username/password authentication will be used, otherwise no authentication will be used. - http
+ http
Connects to the proxy and sends a HTTP CONNECT request. - exec + exec Executes the given command which should set up the outgoing - connection. The environment variables `NAME', `NODE', - `REMOTEADDRES' and `REMOTEPORT' are available. + connection. The environment variables 'NAME', 'NODE', + 'REMOTEADDRES' and 'REMOTEPORT' are available. ReplayWindow = (16) This is the size of the replay tracking window for each remote - node, in bytes. The window is a bitfield which tracks 1 packet - per bit, so for example the default setting of 16 will track up to - 128 packets in the window. In high bandwidth scenarios, setting - this to a higher value can reduce packet loss from the interaction - of replay tracking with underlying real packet loss and/or - reordering. Setting this to zero will disable replay tracking - completely and pass all traffic, but leaves tinc vulnerable to - replay-based attacks on your traffic. + node, in bytes. The window is a bitfield which tracks 1 packet per + bit, so for example the default setting of 16 will track up to 128 + packets in the window. In high bandwidth scenarios, setting this + to a higher value can reduce packet loss from the interaction of + replay tracking with underlying real packet loss and/or reordering. + Setting this to zero will disable replay tracking completely and + pass all traffic, but leaves tinc vulnerable to replay-based + attacks on your traffic. StrictSubnets (no) [experimental] When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local - `/etc/tinc/NETNAME/hosts/' directory. + '/etc/tinc/NETNAME/hosts/' directory. TunnelServer = (no) [experimental] - When this option is enabled tinc will no longer forward - information between other tinc daemons, and will only allow - connections with nodes for which host config files are present in - the local `/etc/tinc/NETNAME/hosts/' directory. Setting this - options also implicitly sets StrictSubnets. + When this option is enabled tinc will no longer forward information + between other tinc daemons, and will only allow connections with + nodes for which host config files are present in the local + '/etc/tinc/NETNAME/hosts/' directory. Setting this options also + implicitly sets StrictSubnets. UDPRcvBuf = (OS default) Sets the socket receive buffer size for the UDP socket, in bytes. @@ -1116,7 +1121,6 @@ UDPSndBuf = Pq OS default unset, the default buffer size will be used by the operating system. -  File: tinc.info, Node: Host configuration variables, Next: Scripts, Prev: Main configuration variables, Up: Configuration files @@ -1124,24 +1128,24 @@ File: tinc.info, Node: Host configuration variables, Next: Scripts, Prev: Mai ---------------------------------- Address = [] [recommended] - This variable is only required if you want to connect to this - host. It must resolve to the external IP address where the host - can be reached, not the one that is internal to the VPN. If no - port is specified, the default Port is used. + This variable is only required if you want to connect to this host. + It must resolve to the external IP address where the host can be + reached, not the one that is internal to the VPN. If no port is + specified, the default Port is used. Cipher = (blowfish) The symmetric cipher algorithm used to encrypt UDP packets using the legacy protocol. Any cipher supported by OpenSSL is recognized. Furthermore, specifying "none" will turn off packet - encryption. It is best to use only those ciphers which support - CBC mode. This option has no effect for connections using the - SPTPS protocol, which always use AES-256-CTR. + encryption. It is best to use only those ciphers which support CBC + mode. This option has no effect for connections using the SPTPS + protocol, which always use AES-256-CTR. ClampMSS = (yes) - This option specifies whether tinc should clamp the maximum - segment size (MSS) of TCP packets to the path MTU. This helps in - situations where ICMP Fragmentation Needed or Packet too Big - messages are dropped by firewalls. + This option specifies whether tinc should clamp the maximum segment + size (MSS) of TCP packets to the path MTU. This helps in situations + where ICMP Fragmentation Needed or Packet too Big messages are + dropped by firewalls. Compression = (0) This option sets the level of compression used for UDP packets. @@ -1152,8 +1156,8 @@ Digest = (sha1) The digest algorithm used to authenticate UDP packets using the legacy protocol. Any digest supported by OpenSSL is recognized. Furthermore, specifying "none" will turn off packet authentication. - This option has no effect for connections using the SPTPS - protocol, which always use HMAC-SHA-256. + This option has no effect for connections using the SPTPS protocol, + which always use HMAC-SHA-256. IndirectData = (no) When set to yes, other nodes which do not already have a meta @@ -1163,33 +1167,33 @@ IndirectData = (no) MACLength = (4) The length of the message authentication code used to authenticate UDP packets using the legacy protocol. Can be anything from 0 up - to the length of the digest produced by the digest algorithm. - This option has no effect for connections using the SPTPS - protocol, which never truncate MACs. + to the length of the digest produced by the digest algorithm. This + option has no effect for connections using the SPTPS protocol, + which never truncate MACs. PMTU = (1514) This option controls the initial path MTU to this node. PMTUDiscovery = (yes) - When this option is enabled, tinc will try to discover the path - MTU to this node. After the path MTU has been discovered, it will - be enforced on the VPN. + When this option is enabled, tinc will try to discover the path MTU + to this node. After the path MTU has been discovered, it will be + enforced on the VPN. Port = (655) This is the port this tinc daemon listens on. You can use decimal - portnumbers or symbolic names (as listed in `/etc/services'). + portnumbers or symbolic names (as listed in '/etc/services'). PublicKey = [obsolete] This is the RSA public key for this host. PublicKeyFile = [obsolete] This is the full path name of the RSA public key file that was - generated by `tinc generate-keys'. It must be a full path, not a + generated by 'tinc generate-keys'. It must be a full path, not a relative directory. From version 1.0pre4 on tinc will store the public key directly into the host configuration file in PEM format, the above two - options then are not necessary. Either the PEM format is used, or + options then are not necessary. Either the PEM format is used, or exactly *one of the above two options* must be specified in each host configuration file, if you want to be able to establish a connection with that host. @@ -1197,39 +1201,38 @@ PublicKeyFile = [obsolete] Subnet = The subnet which this tinc daemon will serve. Tinc tries to look up which other daemon it should send a packet to by searching the - appropiate subnet. If the packet matches a subnet, it will be - sent to the daemon who has this subnet in his host configuration - file. Multiple subnet lines can be specified for each daemon. + appropiate subnet. If the packet matches a subnet, it will be sent + to the daemon who has this subnet in his host configuration file. + Multiple subnet lines can be specified for each daemon. Subnets can either be single MAC, IPv4 or IPv6 addresses, in which - case a subnet consisting of only that single address is assumed, - or they can be a IPv4 or IPv6 network address with a prefixlength. + case a subnet consisting of only that single address is assumed, or + they can be a IPv4 or IPv6 network address with a prefixlength. For example, IPv4 subnets must be in a form like 192.168.1.0/24, where 192.168.1.0 is the network address and 24 is the number of - bits set in the netmask. Note that subnets like 192.168.1.1/24 - are invalid! Read a networking HOWTO/FAQ/guide if you don't - understand this. IPv6 subnets are notated like fec0:0:0:1::/64. - MAC addresses are notated like 0:1a:2b:3c:4d:5e. + bits set in the netmask. Note that subnets like 192.168.1.1/24 are + invalid! Read a networking HOWTO/FAQ/guide if you don't understand + this. IPv6 subnets are notated like fec0:0:0:1::/64. MAC + addresses are notated like 0:1a:2b:3c:4d:5e. Prefixlength is the number of bits set to 1 in the netmask part; for example: netmask 255.255.255.0 would become /24, 255.255.252.0 - becomes /22. This conforms to standard CIDR notation as described + becomes /22. This conforms to standard CIDR notation as described in RFC1519 (http://www.ietf.org/rfc/rfc1519.txt) A Subnet can be given a weight to indicate its priority over - identical Subnets owned by different nodes. The default weight is - 10. Lower values indicate higher priority. Packets will be sent to - the node with the highest priority, unless that node is not + identical Subnets owned by different nodes. The default weight is + 10. Lower values indicate higher priority. Packets will be sent + to the node with the highest priority, unless that node is not reachable, in which case the node with the next highest priority will be tried, and so on. TCPonly = (no) - If this variable is set to yes, then the packets are tunnelled - over a TCP connection instead of a UDP connection. This is - especially useful for those who want to run a tinc daemon from - behind a masquerading firewall, or if UDP packet routing is - disabled somehow. Setting this options also implicitly sets - IndirectData. + If this variable is set to yes, then the packets are tunnelled over + a TCP connection instead of a UDP connection. This is especially + useful for those who want to run a tinc daemon from behind a + masquerading firewall, or if UDP packet routing is disabled + somehow. Setting this options also implicitly sets IndirectData.  File: tinc.info, Node: Scripts, Next: How to configure, Prev: Host configuration variables, Up: Configuration files @@ -1241,7 +1244,7 @@ Apart from reading the server and host configuration files, tinc can also run scripts at certain moments. Under Windows (not Cygwin), the scripts should have the extension .bat. -`/etc/tinc/NETNAME/tinc-up' +'/etc/tinc/NETNAME/tinc-up' This is the most important script. If it is present it will be executed right after the tinc daemon has been started and has connected to the virtual network device. It should be used to set @@ -1249,74 +1252,71 @@ scripts should have the extension .bat. start other things. Under Windows you can use the Network Connections control panel instead of creating this script. -`/etc/tinc/NETNAME/tinc-down' +'/etc/tinc/NETNAME/tinc-down' This script is started right before the tinc daemon quits. -`/etc/tinc/NETNAME/hosts/HOST-up' +'/etc/tinc/NETNAME/hosts/HOST-up' This script is started when the tinc daemon with name HOST becomes reachable. -`/etc/tinc/NETNAME/hosts/HOST-down' +'/etc/tinc/NETNAME/hosts/HOST-down' This script is started when the tinc daemon with name HOST becomes unreachable. -`/etc/tinc/NETNAME/host-up' +'/etc/tinc/NETNAME/host-up' This script is started when any host becomes reachable. -`/etc/tinc/NETNAME/host-down' +'/etc/tinc/NETNAME/host-down' This script is started when any host becomes unreachable. -`/etc/tinc/NETNAME/subnet-up' - This script is started when a Subnet becomes reachable. The - Subnet and the node it belongs to are passed in environment - variables. +'/etc/tinc/NETNAME/subnet-up' + This script is started when a Subnet becomes reachable. The Subnet + and the node it belongs to are passed in environment variables. -`/etc/tinc/NETNAME/subnet-down' +'/etc/tinc/NETNAME/subnet-down' This script is started when a Subnet becomes unreachable. -The scripts are started without command line arguments, but can make -use of certain environment variables. Under UNIX like operating -systems the names of environment variables must be preceded by a $ in -scripts. Under Windows, in `.bat' files, they have to be put between % -signs. +The scripts are started without command line arguments, but can make use +of certain environment variables. Under UNIX like operating systems the +names of environment variables must be preceded by a $ in scripts. +Under Windows, in '.bat' files, they have to be put between % signs. -`NETNAME' +'NETNAME' If a netname was specified, this environment variable contains it. -`NAME' +'NAME' Contains the name of this tinc daemon. -`DEVICE' +'DEVICE' Contains the name of the virtual network device that tinc uses. -`INTERFACE' +'INTERFACE' Contains the name of the virtual network interface that tinc uses. This should be used for commands like ifconfig. -`NODE' +'NODE' When a host becomes (un)reachable, this is set to its name. If a subnet becomes (un)reachable, this is set to the owner of that subnet. -`REMOTEADDRESS' +'REMOTEADDRESS' When a host becomes (un)reachable, this is set to its real address. -`REMOTEPORT' +'REMOTEPORT' When a host becomes (un)reachable, this is set to the port number it uses for communication with other tinc daemons. -`SUBNET' +'SUBNET' When a subnet becomes (un)reachable, this is set to the subnet. -  File: tinc.info, Node: How to configure, Prev: Scripts, Up: Configuration files 4.4.4 How to configure ---------------------- -Step 1. Creating initial configuration files. -.............................................. +Step 1. Creating initial configuration files. +............................................. The initial directory structure, configuration files and public/private keypairs are created using the following command: @@ -1324,35 +1324,35 @@ keypairs are created using the following command: tinc -n NETNAME init NAME (You will need to run this as root, or use "sudo".) This will create -the configuration directory `/etc/tinc/NETNAME.', and inside it will -create another directory named `hosts/'. In the configuration -directory, it will create the file `tinc.conf' with the following +the configuration directory '/etc/tinc/NETNAME.', and inside it will +create another directory named 'hosts/'. In the configuration +directory, it will create the file 'tinc.conf' with the following contents: Name = NAME It will also create private RSA and ECDSA keys, which will be stored in -the files `rsa_key.priv' and `ecdsa_key.priv'. It will also create a -host configuration file `hosts/NAME', which will contain the +the files 'rsa_key.priv' and 'ecdsa_key.priv'. It will also create a +host configuration file 'hosts/NAME', which will contain the corresponding public RSA and ECDSA keys. Finally, on UNIX operating systems, it will create an executable script -`tinc-up', which will initially not do anything except warning that you +'tinc-up', which will initially not do anything except warning that you should edit it. -Step 2. Modifying the initial configuration. -............................................. +Step 2. Modifying the initial configuration. +............................................ Unless you want to use tinc in switch mode, you should now configure -which range of addresses you will use on the VPN. Let's assume you -will be part of a VPN which uses the address range 192.168.0.0/16, and -you yourself have a smaller portion of that range: 192.168.2.0/24. -Then you should run the following command: +which range of addresses you will use on the VPN. Let's assume you will +be part of a VPN which uses the address range 192.168.0.0/16, and you +yourself have a smaller portion of that range: 192.168.2.0/24. Then you +should run the following command: tinc -n NETNAME add subnet 192.168.2.0/24 This will add a Subnet statement to your host configuration file. Try -opening the file `/etc/tinc/NETNAME/hosts/NAME' in an editor. You +opening the file '/etc/tinc/NETNAME/hosts/NAME' in an editor. You should now see a file containing the public RSA and ECDSA keys (which looks like a bunch of random characters), and the following line at the bottom: @@ -1365,8 +1365,8 @@ add it as well: tinc -n NETNAME add subnet fec0:0:0:2::/24 -This will add another line to the file `hosts/NAME'. If you make a -mistake, you can undo it by simply using `del' instead of `add'. +This will add another line to the file 'hosts/NAME'. If you make a +mistake, you can undo it by simply using 'del' instead of 'add'. If you want other tinc daemons to create meta-connections to your daemon, you should add your public IP address or hostname to your host @@ -1384,26 +1384,25 @@ want to connect to a daemon named "bar", run: Note that you specify the Name of the other daemon here, not an IP address or hostname! When you start tinc, and it tries to make a connection to "bar", it will look for a host configuration file named -`hosts/bar', and will read Address statements and public keys from that +'hosts/bar', and will read Address statements and public keys from that file. -Step 2. Exchanging configuration files. -........................................ +Step 2. Exchanging configuration files. +....................................... -If your daemon has a ConnectTo = bar statement in its `tinc.conf' file, +If your daemon has a ConnectTo = bar statement in its 'tinc.conf' file, or if bar has a ConnectTo your daemon, then you both need each other's -host configuration files. You should send `hosts/NAME' to bar, and bar -should send you his file which you should move to `hosts/bar'. If you +host configuration files. You should send 'hosts/NAME' to bar, and bar +should send you his file which you should move to 'hosts/bar'. If you are on a UNIX platform, you can easily send an email containing the -necessary information using the following command (assuming the owner -of bar has the email address bar@example.org): +necessary information using the following command (assuming the owner of +bar has the email address bar@example.org): tinc -n NETNAME export | mail -s "My config file" bar@example.org -If the owner of bar does the same to send his host configuration file -to you, you can probably pipe his email through the following command, -or you can just start this command in a terminal and copy&paste the -email: +If the owner of bar does the same to send his host configuration file to +you, you can probably pipe his email through the following command, or +you can just start this command in a terminal and copy&paste the email: tinc -n NETNAME import @@ -1418,9 +1417,8 @@ following command: You should repeat this for all nodes you ConnectTo, or which ConnectTo you. However, remember that you do not need to ConnectTo all nodes in the VPN; it is only necessary to create one or a few meta-connections, -after the connections are made tinc will learn about all the other -nodes in the VPN, and will automatically make other connections as -necessary. +after the connections are made tinc will learn about all the other nodes +in the VPN, and will automatically make other connections as necessary.  File: tinc.info, Node: Network interfaces, Next: Example configuration, Prev: Configuration files, Up: Configuration @@ -1434,23 +1432,23 @@ the virtual network interface. First, decide which IP addresses you want to have associated with these devices, and what network mask they must have. -Tinc will open a virtual network device (`/dev/tun', `/dev/tap0' or +Tinc will open a virtual network device ('/dev/tun', '/dev/tap0' or similar), which will also create a network interface called something -like `tun0', `tap0'. If you are using the Linux tun/tap driver, the +like 'tun0', 'tap0'. If you are using the Linux tun/tap driver, the network interface will by default have the same name as the NETNAME. Under Windows you can change the name of the network interface from the Network Connections control panel. You can configure the network interface by putting ordinary ifconfig, -route, and other commands to a script named `/etc/tinc/NETNAME/tinc-up'. -When tinc starts, this script will be executed. When tinc exits, it -will execute the script named `/etc/tinc/NETNAME/tinc-down', but +route, and other commands to a script named '/etc/tinc/NETNAME/tinc-up'. +When tinc starts, this script will be executed. When tinc exits, it +will execute the script named '/etc/tinc/NETNAME/tinc-down', but normally you don't need to create that script. You can manually open the script in an editor, or use the following command: tinc -n NETNAME edit tinc-up -An example `tinc-up' script, that would be appropriate for the scenario +An example 'tinc-up' script, that would be appropriate for the scenario in the previous section, is: #!/bin/sh @@ -1459,14 +1457,14 @@ in the previous section, is: The first command gives the interface an IPv4 address and a netmask. The kernel will also automatically add an IPv4 route to this interface, -so normally you don't need to add route commands to the `tinc-up' -script. The kernel will also bring the interface up after this command. The -netmask is the mask of the _entire_ VPN network, not just your own +so normally you don't need to add route commands to the 'tinc-up' +script. The kernel will also bring the interface up after this command. +The netmask is the mask of the _entire_ VPN network, not just your own subnet. The second command gives the interface an IPv6 address and netmask, which will also automatically add an IPv6 route. If you only want to use "ip addr" commands on Linux, don't forget that it doesn't -bring the interface up, unlike ifconfig, so you need to add `ip link -set $INTERFACE up' in that case. +bring the interface up, unlike ifconfig, so you need to add 'ip link set +$INTERFACE up' in that case. The exact syntax of the ifconfig and route commands differs from platform to platform. You can look up the commands for setting @@ -1480,13 +1478,13 @@ File: tinc.info, Node: Example configuration, Prev: Network interfaces, Up: C 4.6 Example configuration ========================= -Imagine the following situation. Branch A of our example `company' +Imagine the following situation. Branch A of our example 'company' wants to connect three branch offices in B, C and D using the Internet. All four offices have a 24/7 connection to the Internet. A is going to serve as the center of the network. B and C will connect -to A, and D will connect to C. Each office will be assigned their own -IP network, 10.x.0.0. +to A, and D will connect to C. Each office will be assigned their own IP +network, 10.x.0.0. A: net 10.1.0.0 mask 255.255.0.0 gateway 10.1.54.1 internet IP 1.2.3.4 B: net 10.2.0.0 mask 255.255.0.0 gateway 10.2.1.12 internet IP 2.3.4.5 @@ -1502,10 +1500,10 @@ In this example, it is assumed that eth0 is the interface that points to the inner (physical) LAN of the office, although this could also be the same as the interface that leads to the Internet. The configuration of the real interface is also shown as a comment, to give you an idea of -how these example host is set up. All branches use the netname `company' -for this particular VPN. +how these example host is set up. All branches use the netname +'company' for this particular VPN. -Each branch is set up using the `tinc init' and `tinc config' commands, +Each branch is set up using the 'tinc init' and 'tinc config' commands, here we just show the end results: For Branch A @@ -1513,7 +1511,7 @@ For Branch A _BranchA_ would be configured like this: -In `/etc/tinc/company/tinc-up': +In '/etc/tinc/company/tinc-up': #!/bin/sh @@ -1522,11 +1520,11 @@ In `/etc/tinc/company/tinc-up': ifconfig $INTERFACE 10.1.54.1 netmask 255.0.0.0 -and in `/etc/tinc/company/tinc.conf': +and in '/etc/tinc/company/tinc.conf': Name = BranchA -On all hosts, `/etc/tinc/company/hosts/BranchA' contains: +On all hosts, '/etc/tinc/company/hosts/BranchA' contains: Subnet = 10.1.0.0/16 Address = 1.2.3.4 @@ -1544,7 +1542,7 @@ since that will make things a lot easier to remember and set up. For Branch B ............ -In `/etc/tinc/company/tinc-up': +In '/etc/tinc/company/tinc-up': #!/bin/sh @@ -1553,7 +1551,7 @@ In `/etc/tinc/company/tinc-up': ifconfig $INTERFACE 10.2.1.12 netmask 255.0.0.0 -and in `/etc/tinc/company/tinc.conf': +and in '/etc/tinc/company/tinc.conf': Name = BranchB ConnectTo = BranchA @@ -1562,7 +1560,7 @@ Note here that the internal address (on eth0) doesn't have to be the same as on the VPN interface. Also, ConnectTo is given so that this node will always try to connect to BranchA. -On all hosts, in `/etc/tinc/company/hosts/BranchB': +On all hosts, in '/etc/tinc/company/hosts/BranchB': Subnet = 10.2.0.0/16 Address = 2.3.4.5 @@ -1574,7 +1572,7 @@ On all hosts, in `/etc/tinc/company/hosts/BranchB': For Branch C ............ -In `/etc/tinc/company/tinc-up': +In '/etc/tinc/company/tinc-up': #!/bin/sh @@ -1583,16 +1581,16 @@ In `/etc/tinc/company/tinc-up': ifconfig $INTERFACE 10.3.69.254 netmask 255.0.0.0 -and in `/etc/tinc/company/tinc.conf': +and in '/etc/tinc/company/tinc.conf': Name = BranchC ConnectTo = BranchA C already has another daemon that runs on port 655, so they have to -reserve another port for tinc. It knows the portnumber it has to listen +reserve another port for tinc. It knows the portnumber it has to listen on from it's own host configuration file. -On all hosts, in `/etc/tinc/company/hosts/BranchC': +On all hosts, in '/etc/tinc/company/hosts/BranchC': Address = 3.4.5.6 Subnet = 10.3.0.0/16 @@ -1605,7 +1603,7 @@ On all hosts, in `/etc/tinc/company/hosts/BranchC': For Branch D ............ -In `/etc/tinc/company/tinc-up': +In '/etc/tinc/company/tinc-up': #!/bin/sh @@ -1614,15 +1612,15 @@ In `/etc/tinc/company/tinc-up': ifconfig $INTERFACE 10.4.3.32 netmask 255.0.0.0 -and in `/etc/tinc/company/tinc.conf': +and in '/etc/tinc/company/tinc.conf': Name = BranchD ConnectTo = BranchC D will be connecting to C, which has a tincd running for this network on -port 2000. It knows the port number from the host configuration file. +port 2000. It knows the port number from the host configuration file. -On all hosts, in `/etc/tinc/company/hosts/BranchD': +On all hosts, in '/etc/tinc/company/hosts/BranchD': Subnet = 10.4.0.0/16 Address = 4.5.6.7 @@ -1636,10 +1634,10 @@ Key files A, B, C and D all have their own public/private keypairs: -The private RSA key is stored in `/etc/tinc/company/rsa_key.priv', the -private ECDSA key is stored in `/etc/tinc/company/ecdsa_key.priv', and +The private RSA key is stored in '/etc/tinc/company/rsa_key.priv', the +private ECDSA key is stored in '/etc/tinc/company/ecdsa_key.priv', and the public RSA and ECDSA keys are put into the host configuration file -in the `/etc/tinc/company/hosts/' directory. +in the '/etc/tinc/company/hosts/' directory. Starting ........ @@ -1661,10 +1659,10 @@ command: tinc -n NETNAME start -Tinc will detach from the terminal and continue to run in the -background like a good daemon. If there are any problems however you -can try to increase the debug level and look in the syslog to find out -what the problems are. +Tinc will detach from the terminal and continue to run in the background +like a good daemon. If there are any problems however you can try to +increase the debug level and look in the syslog to find out what the +problems are. * Menu: @@ -1684,53 +1682,53 @@ File: tinc.info, Node: Runtime options, Next: Signals, Up: Running tinc Besides the settings in the configuration file, tinc also accepts some command line options. -`-c, --config=PATH' +'-c, --config=PATH' Read configuration options from the directory PATH. The default is - `/etc/tinc/NETNAME/'. + '/etc/tinc/NETNAME/'. -`-D, --no-detach' +'-D, --no-detach' Don't fork and detach. This will also disable the automatic restart mechanism for fatal errors. -`-d, --debug=LEVEL' +'-d, --debug=LEVEL' Set debug level to LEVEL. The higher the debug level, the more gets logged. Everything goes via syslog. -`-n, --net=NETNAME' +'-n, --net=NETNAME' Use configuration for net NETNAME. This will let tinc read all - configuration files from `/etc/tinc/NETNAME/'. Specifying . for + configuration files from '/etc/tinc/NETNAME/'. Specifying . for NETNAME is the same as not specifying any NETNAME. *Note Multiple networks::. -`--pidfile=FILENAME' +'--pidfile=FILENAME' Store a cookie in FILENAME which allows tinc to authenticate. If - unspecified, the default is `/var/run/tinc.NETNAME.pid'. + unspecified, the default is '/var/run/tinc.NETNAME.pid'. -`-o, --option=[HOST.]KEY=VALUE' +'-o, --option=[HOST.]KEY=VALUE' Without specifying a HOST, this will set server configuration variable KEY to VALUE. If specified as HOST.KEY=VALUE, this will set the host configuration variable KEY of the host named HOST to VALUE. This option can be used more than once to specify multiple configuration variables. -`-L, --mlock' +'-L, --mlock' Lock tinc into main memory. This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. This option is not supported on all platforms. -`--logfile[=FILE]' +'--logfile[=FILE]' Write log entries to a file instead of to the system logging facility. If FILE is omitted, the default is - `/var/log/tinc.NETNAME.log'. + '/var/log/tinc.NETNAME.log'. -`--bypass-security' +'--bypass-security' Disables encryption and authentication. Only useful for debugging. -`-R, --chroot' +'-R, --chroot' Change process root directory to the directory where the config - file is located (`/etc/tinc/NETNAME/' as determined by -n/-net + file is located ('/etc/tinc/NETNAME/' as determined by -n/-net option or as given by -c/-config option), for added security. The chroot is performed after all the initialization is done, after writing pid files and opening network sockets. @@ -1738,26 +1736,24 @@ command line options. Note that this option alone does not do any good without -U/-user, below. - Note also that tinc can't run scripts anymore (such as tinc-down - or host-up), unless it's setup to be runnable inside chroot + Note also that tinc can't run scripts anymore (such as tinc-down or + host-up), unless it's setup to be runnable inside chroot environment. This option is not supported on all platforms. - -`-U, --user=USER' +'-U, --user=USER' Switch to the given USER after initialization, at the same time as chroot is performed (see -chroot above). With this option tinc drops privileges, for added security. This option is not supported on all platforms. -`--help' +'--help' Display a short reminder of these runtime options and terminate. -`--version' +'--version' Output version information and exit. -  File: tinc.info, Node: Signals, Next: Debug levels, Prev: Runtime options, Up: Running tinc @@ -1766,20 +1762,19 @@ File: tinc.info, Node: Signals, Next: Debug levels, Prev: Runtime options, U You can also send the following signals to a running tincd process: -`ALRM' +'ALRM' Forces tinc to try to connect to all uplinks immediately. Usually tinc attempts to do this itself, but increases the time it waits between the attempts each time it failed, and if tinc didn't - succeed to connect to an uplink the first time after it started, - it defaults to the maximum time of 15 minutes. + succeed to connect to an uplink the first time after it started, it + defaults to the maximum time of 15 minutes. -`HUP' +'HUP' Partially rereads configuration files. Connections to hosts whose host config file are removed are closed. New outgoing connections - specified in `tinc.conf' will be made. If the -logfile option is - used, this will also close and reopen the log file, useful when - log rotation is used. - + specified in 'tinc.conf' will be made. If the -logfile option is + used, this will also close and reopen the log file, useful when log + rotation is used.  File: tinc.info, Node: Debug levels, Next: Solving problems, Prev: Signals, Up: Running tinc @@ -1788,33 +1783,32 @@ File: tinc.info, Node: Debug levels, Next: Solving problems, Prev: Signals, ================ The tinc daemon can send a lot of messages to the syslog. The higher -the debug level, the more messages it will log. Each level inherits -all messages of the previous level: +the debug level, the more messages it will log. Each level inherits all +messages of the previous level: -`0' +'0' This will log a message indicating tinc has started along with a version number. It will also log any serious error. -`1' +'1' This will log all connections that are made with other tinc daemons. -`2' - This will log status and error messages from scripts and other - tinc daemons. +'2' + This will log status and error messages from scripts and other tinc + daemons. -`3' +'3' This will log all requests that are exchanged with other tinc - daemons. These include authentication, key exchange and connection + daemons. These include authentication, key exchange and connection list updates. -`4' +'4' This will log a copy of everything received on the meta socket. -`5' +'5' This will log all network traffic over the virtual private network. -  File: tinc.info, Node: Solving problems, Next: Error messages, Prev: Debug levels, Up: Running tinc @@ -1831,7 +1825,7 @@ directly see everything tinc logs: If tinc does not log any error messages, then you might want to check the following things: - * `tinc-up' script Does this script contain the right commands? + * 'tinc-up' script Does this script contain the right commands? Normally you must give the interface the address of this host on the VPN, and the netmask must be big enough so that the entire VPN is covered. @@ -1845,10 +1839,9 @@ the following things: masquerading)? If so, check that it allows TCP and UDP traffic on port 655. If it masquerades and the host running tinc is behind it, make sure that it forwards TCP and UDP traffic to port 655 to - the host running tinc. You can add `TCPOnly = yes' to your host - config file to force tinc to only use a single TCP connection, - this works through most firewalls and NATs. - + the host running tinc. You can add 'TCPOnly = yes' to your host + config file to force tinc to only use a single TCP connection, this + works through most firewalls and NATs.  File: tinc.info, Node: Error messages, Next: Sending bug reports, Prev: Solving problems, Up: Running tinc @@ -1860,98 +1853,98 @@ What follows is a list of the most common error messages you might find in the logs. Some of them will only be visible if the debug level is high enough. -`Could not open /dev/tap0: No such device' - * You forgot to `modprobe netlink_dev' or `modprobe ethertap'. +'Could not open /dev/tap0: No such device' - * You forgot to compile `Netlink device emulation' in the + * You forgot to 'modprobe netlink_dev' or 'modprobe ethertap'. + * You forgot to compile 'Netlink device emulation' in the kernel. -`Can't write to /dev/net/tun: No such device' - * You forgot to `modprobe tun'. +'Can't write to /dev/net/tun: No such device' - * You forgot to compile `Universal TUN/TAP driver' in the + * You forgot to 'modprobe tun'. + * You forgot to compile 'Universal TUN/TAP driver' in the kernel. + * The tun device is located somewhere else in '/dev/'. - * The tun device is located somewhere else in `/dev/'. +'Network address and prefix length do not match!' -`Network address and prefix length do not match!' * The Subnet field must contain a _network_ address, trailing bits should be 0. - * If you only want to use one IP address, set the netmask to /32. -`Error reading RSA key file `rsa_key.priv': No such file or directory' +'Error reading RSA key file `rsa_key.priv': No such file or directory' + * You forgot to create a public/private keypair. + * Specify the complete pathname to the private key file with the + 'PrivateKeyFile' option. - * Specify the complete pathname to the private key file with - the `PrivateKeyFile' option. +'Warning: insecure file permissions for RSA private key file `rsa_key.priv'!' -`Warning: insecure file permissions for RSA private key file `rsa_key.priv'!' * The private key file is readable by users other than root. Use chmod to correct the file permissions. -`Creating metasocket failed: Address family not supported' +'Creating metasocket failed: Address family not supported' + * By default tinc tries to create both IPv4 and IPv6 sockets. On some platforms this might not be implemented. If the logs - show `Ready' later on, then at least one metasocket was + show 'Ready' later on, then at least one metasocket was created, and you can ignore this message. You can add - `AddressFamily = ipv4' to `tinc.conf' to prevent this from + 'AddressFamily = ipv4' to 'tinc.conf' to prevent this from happening. -`Cannot route packet: unknown IPv4 destination 1.2.3.4' +'Cannot route packet: unknown IPv4 destination 1.2.3.4' + * You try to send traffic to a host on the VPN for which no Subnet is known. - * If it is a broadcast address (ending in .255), it probably is a samba server or a Windows host sending broadcast packets. You can ignore it. -`Cannot route packet: ARP request for unknown address 1.2.3.4' +'Cannot route packet: ARP request for unknown address 1.2.3.4' + * You try to send traffic to a host on the VPN for which no Subnet is known. -`Packet with destination 1.2.3.4 is looping back to us!' - * Something is not configured right. Packets are being sent out +'Packet with destination 1.2.3.4 is looping back to us!' + + * Something is not configured right. Packets are being sent out to the virtual network device, but according to the Subnet directives in your host configuration file, those packets - should go to your own host. Most common mistake is that you + should go to your own host. Most common mistake is that you have a Subnet line in your host configuration file with a prefix length which is just as large as the prefix of the - virtual network interface. The latter should in almost all - cases be larger. Rethink your configuration. Note that you - will only see this message if you specified a debug level of - 5 or higher! + virtual network interface. The latter should in almost all + cases be larger. Rethink your configuration. Note that you + will only see this message if you specified a debug level of 5 + or higher! + * Chances are that a 'Subnet = ...' line in the host + configuration file of this tinc daemon is wrong. Change it to + a subnet that is accepted locally by another interface, or if + that is not the case, try changing the prefix length into /32. - * Chances are that a `Subnet = ...' line in the host - configuration file of this tinc daemon is wrong. Change it - to a subnet that is accepted locally by another interface, or - if that is not the case, try changing the prefix length into - /32. +'Node foo (1.2.3.4) is not reachable' -`Node foo (1.2.3.4) is not reachable' * Node foo does not have a connection anymore, its tinc daemon is not running or its connection to the Internet is broken. -`Received UDP packet from unknown source 1.2.3.4 (port 12345)' +'Received UDP packet from unknown source 1.2.3.4 (port 12345)' + * If you see this only sporadically, it is harmless and caused by a node sending packets using an old key. - * If you see this often and another node is not reachable anymore, then a NAT (masquerading firewall) is changing the - source address of UDP packets. You can add `TCPOnly = yes' - to host configuration files to force all VPN traffic to go - over a TCP connection. + source address of UDP packets. You can add 'TCPOnly = yes' to + host configuration files to force all VPN traffic to go over a + TCP connection. + +'Got bad/bogus/unauthorized REQUEST from foo (1.2.3.4 port 12345)' -`Got bad/bogus/unauthorized REQUEST from foo (1.2.3.4 port 12345)' * Node foo does not have the right public/private keypair. Generate new keypairs and distribute them again. - * An attacker tries to gain access to your VPN. - * A network error caused corruption of metadata sent from foo. -  File: tinc.info, Node: Sending bug reports, Prev: Error messages, Up: Running tinc @@ -1965,19 +1958,14 @@ bugreport: * A clear description of what you are trying to achieve and what the problem is. - * What platform (operating system, version, hardware architecture) and which version of tinc you use. - - * If compiling tinc fails, a copy of `config.log' and the error + * If compiling tinc fails, a copy of 'config.log' and the error messages you get. - - * Otherwise, a copy of `tinc.conf', `tinc-up' and all files in the - `hosts/' directory. - - * The output of the commands `ifconfig -a' and `route -n' (or - `netstat -rn' if that doesn't work). - + * Otherwise, a copy of 'tinc.conf', 'tinc-up' and all files in the + 'hosts/' directory. + * The output of the commands 'ifconfig -a' and 'route -n' (or + 'netstat -rn' if that doesn't work). * The output of any command that fails to work as it should (like ping or traceroute). @@ -1987,7 +1975,7 @@ File: tinc.info, Node: Controlling tinc, Next: Technical information, Prev: R 6 Controlling tinc ****************** -You can control and inspect a running tincd through the tinc command. A +You can control and inspect a running tincd through the tinc command. A quick example: tinc -n NETNAME reload @@ -2006,34 +1994,33 @@ File: tinc.info, Node: tinc runtime options, Next: tinc environment variables, 6.1 tinc runtime options ======================== -`-c, --config=PATH' +'-c, --config=PATH' Read configuration options from the directory PATH. The default is - `/etc/tinc/NETNAME/'. + '/etc/tinc/NETNAME/'. -`-n, --net=NETNAME' - Use configuration for net NETNAME. *Note Multiple networks::. +'-n, --net=NETNAME' + Use configuration for net NETNAME. *Note Multiple networks::. -`--pidfile=FILENAME' +'--pidfile=FILENAME' Use the cookie from FILENAME to authenticate with a running tinc daemon. If unspecified, the default is - `/var/run/tinc.NETNAME.pid'. + '/var/run/tinc.NETNAME.pid'. -`--help' +'--help' Display a short reminder of runtime options and commands, then terminate. -`--version' +'--version' Output version information and exit. -  File: tinc.info, Node: tinc environment variables, Next: tinc commands, Prev: tinc runtime options, Up: Controlling tinc 6.2 tinc environment variables ============================== -`NETNAME' - If no netname is specified on the command line with the `-n' +'NETNAME' + If no netname is specified on the command line with the '-n' option, the value of this environment variable is used.  @@ -2042,132 +2029,149 @@ File: tinc.info, Node: tinc commands, Next: tinc examples, Prev: tinc environ 6.3 tinc commands ================= -`init [NAME]' +'init [NAME]' Create initial configuration files and RSA and ECDSA keypairs with default length. If no NAME for this node is given, it will be asked for. -`get VARIABLE' +'get VARIABLE' Print the current value of configuration variable VARIABLE. If - more than one variable with the same name exists, the value of - each of them will be printed on a separate line. + more than one variable with the same name exists, the value of each + of them will be printed on a separate line. -`set VARIABLE VALUE' +'set VARIABLE VALUE' Set configuration variable VARIABLE to the given VALUE. All previously existing configuration variables with the same name are removed. To set a variable for a specific host, use the notation HOST.VARIABLE. -`add VARIABLE VALUE' +'add VARIABLE VALUE' As above, but without removing any previously existing configuration variables. -`del VARIABLE [VALUE]' - Remove configuration variables with the same name and VALUE. If - no VALUE is given, all configuration variables with the same name - will be removed. +'del VARIABLE [VALUE]' + Remove configuration variables with the same name and VALUE. If no + VALUE is given, all configuration variables with the same name will + be removed. -`edit FILENAME' +'edit FILENAME' Start an editor for the given configuration file. You do not need to specify the full path to the file. -`export' +'export' Export the host configuration file of the local node to standard output. -`export-all' +'export-all' Export all host configuration files to standard output. -`import [--force]' +'import [--force]' Import host configuration file(s) generated by the tinc export command from standard input. Already existing host configuration files are not overwritten unless the option -force is used. -`exchange [--force]' +'exchange [--force]' The same as export followed by import. -`exchange-all [--force]' +'exchange-all [--force]' The same as export-all followed by import. -`start [tincd options]' - Start `tincd', optionally with the given extra options. +'invite NAME' + Prepares an invitation for a new node with the given NAME, and + prints a short invitation URL that can be used with the join + command. -`stop' - Stop `tincd'. +'join [URL]' + Join an existing VPN using an invitation URL created using the + invite command. If no URL is given, it will be read from standard + input. -`restart' - Restart `tincd'. +'start [tincd options]' + Start 'tincd', optionally with the given extra options. -`reload' - Partially rereads configuration files. Connections to hosts whose - host config files are removed are closed. New outgoing connections - specified in `tinc.conf' will be made. +'stop' + Stop 'tincd'. -`pid' - Shows the PID of the currently running `tincd'. +'restart [tincd options]' + Restart 'tincd', optionally with the given extra options. -`generate-keys [BITS]' - Generate public/private keypair of BITS length. If BITS is not - specified, 1024 is the default. tinc will ask where you want to - store the files, but will default to the configuration directory - (you can use the -c or -n option). +'reload' + Partially rereads configuration files. Connections to hosts whose + host config files are removed are closed. New outgoing connections + specified in 'tinc.conf' will be made. -`dump [reachable] nodes' - Dump a list of all known nodes in the VPN. If the reachable - keyword is used, only lists reachable nodes. +'pid' + Shows the PID of the currently running 'tincd'. -`dump edges' +'generate-keys [BITS]' + Generate both RSA and ECDSA keypairs (see below) and exit. tinc + will ask where you want to store the files, but will default to the + configuration directory (you can use the -c or -n option). + +'generate-ecdsa-keys' + Generate public/private ECDSA keypair and exit. + +'generate-rsa-keys [BITS]' + Generate public/private RSA keypair and exit. If BITS is omitted, + the default length will be 2048 bits. When saving keys to existing + files, tinc will not delete the old keys; you have to remove them + manually. + +'dump [reachable] nodes' + Dump a list of all known nodes in the VPN. If the reachable keyword + is used, only lists reachable nodes. + +'dump edges' Dump a list of all known connections in the VPN. -`dump subnets' +'dump subnets' Dump a list of all known subnets in the VPN. -`dump connections' +'dump connections' Dump a list of all meta connections with ourself. -`dump graph | digraph' +'dump graph | digraph' Dump a graph of the VPN in dotty format. Nodes are colored according to their reachability: red nodes are unreachable, orange nodes are indirectly reachable, green nodes are directly reachable. - Black nodes are either directly or indirectly reachable, but - direct reachability has not been tried yet. + Black nodes are either directly or indirectly reachable, but direct + reachability has not been tried yet. -`info NODE | SUBNET | ADDRESS' - Show information about a particular NODE, SUBNET or ADDRESS. If - an ADDRESS is given, any matching subnet will be shown. +'info NODE | SUBNET | ADDRESS' + Show information about a particular NODE, SUBNET or ADDRESS. If an + ADDRESS is given, any matching subnet will be shown. -`purge' +'purge' Purges all information remembered about unreachable nodes. -`debug LEVEL' +'debug LEVEL' Sets debug level to LEVEL. -`log [LEVEL]' - Capture log messages from a running tinc daemon. An optional - debug level can be given that will be applied only for log - messages sent to tinc. +'log [LEVEL]' + Capture log messages from a running tinc daemon. An optional debug + level can be given that will be applied only for log messages sent + to tinc. -`retry' +'retry' Forces tinc to try to connect to all uplinks immediately. Usually tinc attempts to do this itself, but increases the time it waits between the attempts each time it failed, and if tinc didn't - succeed to connect to an uplink the first time after it started, - it defaults to the maximum time of 15 minutes. + succeed to connect to an uplink the first time after it started, it + defaults to the maximum time of 15 minutes. -`disconnect NODE' +'disconnect NODE' Closes the meta connection with the given NODE. -`top' +'top' If tinc is compiled with libcurses support, this will display live - traffic statistics for all the known nodes, similar to the UNIX - top command. See below for more information. - -`pcap' - Dump VPN traffic going through the local tinc node in - pcap-savefile format to standard output, from where it can be - redirected to a file or piped through a program that can parse it - directly, such as tcpdump. + traffic statistics for all the known nodes, similar to the UNIX top + command. See below for more information. +'pcap' + Dump VPN traffic going through the local tinc node in pcap-savefile + format to standard output, from where it can be redirected to a + file or piped through a program that can parse it directly, such as + tcpdump.  File: tinc.info, Node: tinc examples, Next: tinc top, Prev: tinc commands, Up: Controlling tinc @@ -2195,12 +2199,12 @@ File: tinc.info, Node: tinc top, Prev: tinc examples, Up: Controlling tinc 6.5 tinc top ============ -The top command connects to a running tinc daemon and repeatedly -queries its per-node traffic counters. It displays a list of all the -known nodes in the left-most column, and the amount of bytes and -packets read from and sent to each node in the other columns. By -default, the information is updated every second. The behaviour of the -top command can be changed using the following keys: +The top command connects to a running tinc daemon and repeatedly queries +its per-node traffic counters. It displays a list of all the known +nodes in the left-most column, and the amount of bytes and packets read +from and sent to each node in the other columns. By default, the +information is updated every second. The behaviour of the top command +can be changed using the following keys: Change the interval between updates. After pressing the key, @@ -2251,7 +2255,6 @@ top command can be changed using the following keys: Quit. -  File: tinc.info, Node: Technical information, Next: Platform specific information, Prev: Controlling tinc, Up: Top @@ -2288,30 +2291,30 @@ The data itself is read from a character device file, the so-called _virtual network device_. This device is associated with a network interface. Any data sent to this interface can be read from the device, and any data written to the device gets sent from the interface. There -are two possible types of virtual network devices: `tun' style, which +are two possible types of virtual network devices: 'tun' style, which are point-to-point devices which can only handle IPv4 and/or IPv6 -packets, and `tap' style, which are Ethernet devices and handle -complete Ethernet frames. +packets, and 'tap' style, which are Ethernet devices and handle complete +Ethernet frames. So when tinc reads an Ethernet frame from the device, it determines its -type. When tinc is in it's default routing mode, it can handle IPv4 and -IPv6 packets. Depending on the Subnet lines, it will send the packets -off to their destination IP address. In the `switch' and `hub' mode, +type. When tinc is in it's default routing mode, it can handle IPv4 and +IPv6 packets. Depending on the Subnet lines, it will send the packets +off to their destination IP address. In the 'switch' and 'hub' mode, tinc will use broadcasts and MAC address discovery to deduce the destination of the packets. Since the latter modes only depend on the link layer information, any protocol that runs over Ethernet is -supported (for instance IPX and Appletalk). However, only `tap' style +supported (for instance IPX and Appletalk). However, only 'tap' style devices provide this information. -After the destination has been determined, the packet will be -compressed (optionally), a sequence number will be added to the packet, -the packet will then be encrypted and a message authentication code -will be appended. +After the destination has been determined, the packet will be compressed +(optionally), a sequence number will be added to the packet, the packet +will then be encrypted and a message authentication code will be +appended. -When that is done, time has come to actually transport the packet to -the destination computer. We do this by sending the packet over an UDP -connection to the destination host. This is called _encapsulating_, -the VPN packet (though now encrypted) is encapsulated in another IP +When that is done, time has come to actually transport the packet to the +destination computer. We do this by sending the packet over an UDP +connection to the destination host. This is called _encapsulating_, the +VPN packet (though now encrypted) is encapsulated in another IP datagram. When the destination receives this packet, the same thing happens, only @@ -2319,22 +2322,22 @@ in reverse. So it checks the message authentication code, decrypts the contents of the UDP datagram, checks the sequence number and writes the decrypted information to its own virtual network device. -If the virtual network device is a `tun' device (a point-to-point +If the virtual network device is a 'tun' device (a point-to-point tunnel), there is no problem for the kernel to accept a packet. -However, if it is a `tap' device (this is the only available type on +However, if it is a 'tap' device (this is the only available type on FreeBSD), the destination MAC address must match that of the virtual network interface. If tinc is in it's default routing mode, ARP does -not work, so the correct destination MAC can not be known by the -sending host. Tinc solves this by letting the receiving end detect the -MAC address of its own virtual network interface and overwriting the +not work, so the correct destination MAC can not be known by the sending +host. Tinc solves this by letting the receiving end detect the MAC +address of its own virtual network interface and overwriting the destination MAC address of the received packet. In switch or hub modes ARP does work so the sender already knows the correct destination MAC address. In those modes every interface should have a unique MAC address, so make sure they are not the same. Because switch and hub modes rely on MAC addresses to function correctly, these -modes cannot be used on the following operating systems which don't -have a `tap' style virtual network device: OpenBSD, NetBSD, Darwin and +modes cannot be used on the following operating systems which don't have +a 'tap' style virtual network device: OpenBSD, NetBSD, Darwin and Solaris.  @@ -2375,9 +2378,8 @@ File: tinc.info, Node: The meta-protocol, Next: Security, Prev: The connectio 7.2 The meta-protocol ===================== -The meta protocol is used to tie all tinc daemons together, and -exchange information about which tinc daemon serves which virtual -subnet. +The meta protocol is used to tie all tinc daemons together, and exchange +information about which tinc daemon serves which virtual subnet. The meta protocol consists of requests that can be sent to the other side. Each request has a unique number and several parameters. All @@ -2386,7 +2388,7 @@ possible to use tools such as telnet or netcat to connect to a tinc daemon started with the -bypass-security option and to read and write requests by hand, provided that one understands the numeric codes sent. -The authentication scheme is described in *note Security::. After a +The authentication scheme is described in *note Security::. After a successful authentication, the server and the client will exchange all the information about other tinc daemons and subnets they know of, so that both sides (and all the other tinc daemons behind them) have their @@ -2408,12 +2410,12 @@ information synchronised. +------------------> owner of this subnet ------------------------------------------------------------------ -The ADD_EDGE messages are to inform other tinc daemons that a -connection between two nodes exist. The address of the destination node -is available so that VPN packets can be sent directly to that node. +The ADD_EDGE messages are to inform other tinc daemons that a connection +between two nodes exist. The address of the destination node is +available so that VPN packets can be sent directly to that node. The ADD_SUBNET messages inform other tinc daemons that certain subnets -belong to certain nodes. tinc will use it to determine to which node a +belong to certain nodes. tinc will use it to determine to which node a VPN packet has to be sent. message @@ -2429,7 +2431,7 @@ VPN packet has to be sent. ------------------------------------------------------------------ In case a connection between two daemons is closed or broken, DEL_EDGE -messages are sent to inform the other daemons of that fact. Each daemon +messages are sent to inform the other daemons of that fact. Each daemon will calculate a new route to the the daemons, or mark them unreachable if there isn't any. @@ -2451,10 +2453,10 @@ if there isn't any. +--> daemon that has changed it's packet key ------------------------------------------------------------------ -The keys used to encrypt VPN packets are not sent out directly. This is +The keys used to encrypt VPN packets are not sent out directly. This is because it would generate a lot of traffic on VPNs with many daemons, and chances are that not every tinc daemon will ever send a packet to -every other daemon. Instead, if a daemon needs a key it sends a request +every other daemon. Instead, if a daemon needs a key it sends a request for it via the meta connection of the nearest hop in the direction of the destination. @@ -2464,11 +2466,11 @@ the destination. dest. PONG ------------------------------------------------------------------ -There is also a mechanism to check if hosts are still alive. Since +There is also a mechanism to check if hosts are still alive. Since network failures or a crash can cause a daemon to be killed without properly shutting down the TCP connection, this is necessary to keep an -up to date connection list. PINGs are sent at regular intervals, except -when there is also some other traffic. A little bit of salt (random +up to date connection list. PINGs are sent at regular intervals, except +when there is also some other traffic. A little bit of salt (random data) is added with each PING and PONG message, to make sure that long sequences of PING/PONG messages without any other traffic won't result in known plaintext. @@ -2483,24 +2485,23 @@ File: tinc.info, Node: Security, Prev: The meta-protocol, Up: Technical infor Tinc got its name from "TINC," short for _There Is No Cabal_; the alleged Cabal was/is an organisation that was said to keep an eye on the -entire Internet. As this is exactly what you _don't_ want, we named -the tinc project after TINC. +entire Internet. As this is exactly what you _don't_ want, we named the +tinc project after TINC. But in order to be "immune" to eavesdropping, you'll have to encrypt -your data. Because tinc is a _Secure_ VPN (SVPN) daemon, it does +your data. Because tinc is a _Secure_ VPN (SVPN) daemon, it does exactly that: encrypt. However, encryption in itself does not prevent an attacker from modifying the encrypted data. Therefore, tinc also authenticates the data. Finally, tinc uses sequence numbers (which -themselves are also authenticated) to prevent an attacker from -replaying valid packets. +themselves are also authenticated) to prevent an attacker from replaying +valid packets. -Since version 1.1pre3, tinc has two protocols used to protect your -data; the legacy protocol, and the new Simple Peer-to-Peer Security -(SPTPS) protocol. The SPTPS protocol is designed to address some -weaknesses in the legacy protocol. The new authentication protocol is -used when two nodes connect to each other that both have the -ExperimentalProtocol option set to yes, otherwise the legacy protocol -will be used. +Since version 1.1pre3, tinc has two protocols used to protect your data; +the legacy protocol, and the new Simple Peer-to-Peer Security (SPTPS) +protocol. The SPTPS protocol is designed to address some weaknesses in +the legacy protocol. The new authentication protocol is used when two +nodes connect to each other that both have the ExperimentalProtocol +option set to yes, otherwise the legacy protocol will be used. * Menu: @@ -2552,13 +2553,12 @@ File: tinc.info, Node: Legacy authentication protocol, Next: Simple Peer-to-Pe The protocol allows each side to specify encryption algorithms and parameters, but in practice they are always fixed, since older versions -of tinc did not allow them to be different from the default values. The +of tinc did not allow them to be different from the default values. The cipher is always Blowfish in OFB mode, the digest is SHA1, but the MAC length is zero and no compression is used. From now on: * the client will symmetrically encrypt outgoing traffic using S1 - * the server will symmetrically encrypt outgoing traffic using S2 -------------------------------------------------------------------------- @@ -2593,19 +2593,19 @@ From now on: This legacy authentication protocol has several weaknesses, pointed out by security export Peter Gutmann. First, data is encrypted with RSA without padding. Padding schemes are designed to prevent attacks when -the size of the plaintext is not equal to the size of the RSA key. -Tinc always encrypts random nonces that have the same size as the RSA -key, so we do not believe this leads to a break of the security. There -might be timing or other side-channel attacks against RSA encryption -and decryption, tinc does not employ any protection against those. +the size of the plaintext is not equal to the size of the RSA key. Tinc +always encrypts random nonces that have the same size as the RSA key, so +we do not believe this leads to a break of the security. There might be +timing or other side-channel attacks against RSA encryption and +decryption, tinc does not employ any protection against those. Furthermore, both sides send identical messages to each other, there is -no distinction between server and client, which could make a MITM -attack easier. However, no exploit is known in which a third party who -is not already trusted by other nodes in the VPN could gain access. -Finally, the RSA keys are used to directly encrypt the session keys, -which means that if the RSA keys are compromised, it is possible to -decrypt all previous VPN traffic. In other words, the legacy protocol -does not provide perfect forward secrecy. +no distinction between server and client, which could make a MITM attack +easier. However, no exploit is known in which a third party who is not +already trusted by other nodes in the VPN could gain access. Finally, +the RSA keys are used to directly encrypt the session keys, which means +that if the RSA keys are compromised, it is possible to decrypt all +previous VPN traffic. In other words, the legacy protocol does not +provide perfect forward secrecy.  File: tinc.info, Node: Simple Peer-to-Peer Security, Next: Encryption of network packets, Prev: Legacy authentication protocol, Up: Security @@ -2626,24 +2626,20 @@ Similar to TLS, messages are split up in records. A complete logical record contains the following information: * uint32_t seqno (network byte order) - * uint16_t length (network byte order) - * uint8_t type - * opaque data[length] - * opaque hmac[HMAC_SIZE] (HMAC over all preceding fields) Depending on whether SPTPS records are sent via TCP or UDP, either the seqno or the length field is omitted on the wire (but they are still -included in the calculation of the HMAC); for TCP packets are -guaranteed to arrive in-order so we can infer the seqno, but packets -can be split or merged, so we still need the length field to determine -the boundaries between records; for UDP packets we know that there is -exactly one record per packet, and we know the length of a packet, but -packets can be dropped, duplicated and/or reordered, so we need to -include the seqno. +included in the calculation of the HMAC); for TCP packets are guaranteed +to arrive in-order so we can infer the seqno, but packets can be split +or merged, so we still need the length field to determine the boundaries +between records; for UDP packets we know that there is exactly one +record per packet, and we know the length of a packet, but packets can +be dropped, duplicated and/or reordered, so we need to include the +seqno. The type field is used to distinguish between application records or handshake records. Types 0 to 127 are application records, type 128 is @@ -2698,9 +2694,7 @@ an incoming connection. Key EXchange message: * uint8_t kex_version (always 0 in this version of SPTPS) - * opaque nonce[32] (random number) - * opaque ecdh_key[ECDH_SIZE] SIGnature message: @@ -2715,63 +2709,46 @@ Remarks: * At the start, both peers generate a random nonce and an Elliptic Curve public key and send it to the other in the KEX message. - * After receiving the other's KEX message, both KEX messages are - concatenated (see below), and the result is signed using ECDSA. - The result is sent to the other. - + concatenated (see below), and the result is signed using ECDSA. The + result is sent to the other. * After receiving the other's SIG message, the signature is verified. - If it is correct, the shared secret is calculated from the public + If it is correct, the shared secret is calculated from the public keys exchanged in the KEX message using the Elliptic Curve Diffie-Helman algorithm. - - * The shared secret key is expanded using a PRF. Both nonces and - the application specific label are also used as input for the PRF. - + * The shared secret key is expanded using a PRF. Both nonces and the + application specific label are also used as input for the PRF. * An ACK message is sent only when doing key renegotiation, and is sent using the old encryption keys. - * The expanded key is used to key the encryption and HMAC algorithms. The signature is calculated over this string: * uint8_t initiator (0 = local peer, 1 = remote peer is initiator) - * opaque remote_kex_message[1 + 32 + ECDH_SIZE] - * opaque local_kex_message[1 + 32 + ECDH_SIZE] - * opaque label[label_length] The PRF is calculated as follows: * A HMAC using SHA512 is used, the shared secret is used as the key. - - * For each block of 64 bytes, a HMAC is calculated. For block n: - hmac[n] = HMAC_SHA512(hmac[n - 1] + seed) - - * For the first block (n = 1), hmac[0] is given by - HMAC_SHA512(zeroes + seed), where zeroes is a block of 64 zero - bytes. + * For each block of 64 bytes, a HMAC is calculated. For block n: + hmac[n] = HMAC_SHA512(hmac[n - 1] + seed) + * For the first block (n = 1), hmac[0] is given by HMAC_SHA512(zeroes + + seed), where zeroes is a block of 64 zero bytes. The seed is as follows: * const char[13] "key expansion" - * opaque responder_nonce[32] - * opaque initiator_nonce[32] - * opaque label[label_length] The expanded key is used as follows: * opaque responder_cipher_key[CIPHER_KEYSIZE] - * opaque responder_digest_key[DIGEST_KEYSIZE] - * opaque initiator_cipher_key[CIPHER_KEYSIZE] - * opaque initiator_digest_key[DIGEST_KEYSIZE] Where initiator_cipher_key is the key used by session initiator to @@ -2795,13 +2772,13 @@ File: tinc.info, Node: Encryption of network packets, Next: Security issues, ----------------------------------- A data packet can only be sent if the encryption key is known to both -parties, and the connection is activated. If the encryption key is not -known, a request is sent to the destination using the meta connection -to retrieve it. +parties, and the connection is activated. If the encryption key is not +known, a request is sent to the destination using the meta connection to +retrieve it. -The UDP packets can be either encrypted with the legacy protocol or -with SPTPS. In case of the legacy protocol, the UDP packet containing -the network packet from the VPN has the following layout: +The UDP packets can be either encrypted with the legacy protocol or with +SPTPS. In case of the legacy protocol, the UDP packet containing the +network packet from the VPN has the following layout: ... | IP header | UDP header | seqno | VPN packet | MAC | UDP trailer \___________________/\_____/ @@ -2810,17 +2787,18 @@ the network packet from the VPN has the following layout: Encrypted with symmetric cipher So, the entire VPN packet is encrypted using a symmetric cipher, -including a 32 bits sequence number that is added in front of the -actual VPN packet, to act as a unique IV for each packet and to prevent -replay attacks. A message authentication code is added to the UDP -packet to prevent alteration of packets. Tinc by default encrypts -network packets using Blowfish with 128 bit keys in CBC mode and uses 4 -byte long message authentication codes to make sure eavesdroppers -cannot get and cannot change any information at all from the packets -they can intercept. The encryption algorithm and message authentication -algorithm can be changed in the configuration. The length of the message -authentication codes is also adjustable. The length of the key for the -encryption algorithm is always the default length used by OpenSSL. +including a 32 bits sequence number that is added in front of the actual +VPN packet, to act as a unique IV for each packet and to prevent replay +attacks. A message authentication code is added to the UDP packet to +prevent alteration of packets. Tinc by default encrypts network packets +using Blowfish with 128 bit keys in CBC mode and uses 4 byte long +message authentication codes to make sure eavesdroppers cannot get and +cannot change any information at all from the packets they can +intercept. The encryption algorithm and message authentication +algorithm can be changed in the configuration. The length of the +message authentication codes is also adjustable. The length of the key +for the encryption algorithm is always the default length used by +OpenSSL. The SPTPS protocol is described in *note Simple Peer-to-Peer Security::. For comparison, this is how SPTPS UDP packets look: @@ -2832,10 +2810,10 @@ For comparison, this is how SPTPS UDP packets look: Encrypted with symmetric cipher The difference is that the seqno is not encrypted, since the encryption -cipher is used in CTR mode, and therefore the seqno must be known -before the packet can be decrypted. Furthermore, the MAC is never -truncated. The SPTPS protocol always uses the AES-256-CTR cipher and -HMAC-SHA-256 digest, this cannot be changed. +cipher is used in CTR mode, and therefore the seqno must be known before +the packet can be decrypted. Furthermore, the MAC is never truncated. +The SPTPS protocol always uses the AES-256-CTR cipher and HMAC-SHA-256 +digest, this cannot be changed.  File: tinc.info, Node: Security issues, Prev: Encryption of network packets, Up: Security @@ -2844,33 +2822,33 @@ File: tinc.info, Node: Security issues, Prev: Encryption of network packets, --------------------- In August 2000, we discovered the existence of a security hole in all -versions of tinc up to and including 1.0pre2. This had to do with the -way we exchanged keys. Since then, we have been working on a new -authentication scheme to make tinc as secure as possible. The current -version uses the OpenSSL library and uses strong authentication with -RSA keys. +versions of tinc up to and including 1.0pre2. This had to do with the +way we exchanged keys. Since then, we have been working on a new +authentication scheme to make tinc as secure as possible. The current +version uses the OpenSSL library and uses strong authentication with RSA +keys. On the 29th of December 2001, Jerome Etienne posted a security analysis -of tinc 1.0pre4. Due to a lack of sequence numbers and a message +of tinc 1.0pre4. Due to a lack of sequence numbers and a message authentication code for each packet, an attacker could possibly disrupt certain network services or launch a denial of service attack by -replaying intercepted packets. The current version adds sequence +replaying intercepted packets. The current version adds sequence numbers and message authentication codes to prevent such attacks. On the 15th of September 2003, Peter Gutmann posted a security analysis -of tinc 1.0.1. He argues that the 32 bit sequence number used by tinc +of tinc 1.0.1. He argues that the 32 bit sequence number used by tinc is not a good IV, that tinc's default length of 4 bytes for the MAC is too short, and he doesn't like tinc's use of RSA during authentication. -We do not know of a security hole in the legacy protocol of tinc, but -it is not as strong as TLS or IPsec. +We do not know of a security hole in the legacy protocol of tinc, but it +is not as strong as TLS or IPsec. This version of tinc comes with an improved protocol, called Simple -Peer-to-Peer Security, which aims to be as strong as TLS with one of -the strongest cipher suites. +Peer-to-Peer Security, which aims to be as strong as TLS with one of the +strongest cipher suites. -Cryptography is a hard thing to get right. We cannot make any -guarantees. Time, review and feedback are the only things that can -prove the security of any cryptographic product. If you wish to review +Cryptography is a hard thing to get right. We cannot make any +guarantees. Time, review and feedback are the only things that can +prove the security of any cryptographic product. If you wish to review tinc or give us feedback, you are stronly encouraged to do so.  @@ -2901,30 +2879,30 @@ that it encompasses the entire VPN. For IPv4 addresses: -Linux `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -Linux iproute2 `ip addr add' ADDRESS`/'PREFIXLENGTH `dev' INTERFACE -FreeBSD `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -OpenBSD `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -NetBSD `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -Solaris `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -Darwin (MacOS/X) `ifconfig' INTERFACE ADDRESS `netmask' NETMASK -Windows `netsh interface ip set address' INTERFACE `static' ADDRESS NETMASK +Linux 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +Linux iproute2 'ip addr add' ADDRESS'/'PREFIXLENGTH 'dev' INTERFACE +FreeBSD 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +OpenBSD 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +NetBSD 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +Solaris 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +Darwin (MacOS/X) 'ifconfig' INTERFACE ADDRESS 'netmask' NETMASK +Windows 'netsh interface ip set address' INTERFACE 'static' ADDRESS NETMASK For IPv6 addresses: -Linux `ifconfig' INTERFACE `add' ADDRESS`/'PREFIXLENGTH -FreeBSD `ifconfig' INTERFACE `inet6' ADDRESS `prefixlen' PREFIXLENGTH -OpenBSD `ifconfig' INTERFACE `inet6' ADDRESS `prefixlen' PREFIXLENGTH -NetBSD `ifconfig' INTERFACE `inet6' ADDRESS `prefixlen' PREFIXLENGTH -Solaris `ifconfig' INTERFACE `inet6 plumb up' - `ifconfig' INTERFACE `inet6 addif' ADDRESS ADDRESS -Darwin (MacOS/X) `ifconfig' INTERFACE `inet6' ADDRESS `prefixlen' PREFIXLENGTH -Windows `netsh interface ipv6 add address' INTERFACE `static' ADDRESS/PREFIXLENGTH +Linux 'ifconfig' INTERFACE 'add' ADDRESS'/'PREFIXLENGTH +FreeBSD 'ifconfig' INTERFACE 'inet6' ADDRESS 'prefixlen' PREFIXLENGTH +OpenBSD 'ifconfig' INTERFACE 'inet6' ADDRESS 'prefixlen' PREFIXLENGTH +NetBSD 'ifconfig' INTERFACE 'inet6' ADDRESS 'prefixlen' PREFIXLENGTH +Solaris 'ifconfig' INTERFACE 'inet6 plumb up' + 'ifconfig' INTERFACE 'inet6 addif' ADDRESS ADDRESS +Darwin (MacOS/X) 'ifconfig' INTERFACE 'inet6' ADDRESS 'prefixlen' PREFIXLENGTH +Windows 'netsh interface ipv6 add address' INTERFACE 'static' ADDRESS/PREFIXLENGTH On some platforms, when running tinc in switch mode, the VPN interface must be set to tap mode with an ifconfig command: -OpenBSD `ifconfig' INTERFACE `link0' +OpenBSD 'ifconfig' INTERFACE 'link0' On Linux, it is possible to create a persistent tun/tap interface which will continue to exist even if tinc quit, although this is normally not @@ -2932,7 +2910,7 @@ required. It can be useful to set up a tun/tap interface owned by a non-root user, so tinc can be started without needing any root privileges at all. -Linux `ip tuntap add dev' INTERFACE `mode' TUN|TAP `user' USERNAME +Linux 'ip tuntap add dev' INTERFACE 'mode' TUN|TAP 'user' USERNAME  File: tinc.info, Node: Routes, Prev: Interface configuration, Up: Platform specific information @@ -2944,31 +2922,31 @@ In some cases it might be necessary to add more routes to the virtual network interface. There are two ways to indicate which interface a packet should go to, one is to use the name of the interface itself, another way is to specify the (local) address that is assigned to that -interface (LOCAL_ADDRESS). The former way is unambiguous and therefore +interface (LOCAL_ADDRESS). The former way is unambiguous and therefore preferable, but not all platforms support this. Adding routes to IPv4 subnets: -Linux `route add -net' NETWORK_ADDRESS `netmask' NETMASK INTERFACE -Linux iproute2 `ip route add' NETWORK_ADDRESS`/'PREFIXLENGTH `dev' INTERFACE -FreeBSD `route add' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS -OpenBSD `route add' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS -NetBSD `route add' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS -Solaris `route add' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS `-interface' -Darwin (MacOS/X) `route add' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS -Windows `netsh routing ip add persistentroute' NETWORK_ADDRESS NETMASK INTERFACE +Linux 'route add -net' NETWORK_ADDRESS 'netmask' NETMASK INTERFACE +Linux iproute2 'ip route add' NETWORK_ADDRESS'/'PREFIXLENGTH 'dev' INTERFACE +FreeBSD 'route add' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS +OpenBSD 'route add' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS +NetBSD 'route add' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS +Solaris 'route add' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS '-interface' +Darwin (MacOS/X) 'route add' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS +Windows 'netsh routing ip add persistentroute' NETWORK_ADDRESS NETMASK INTERFACE LOCAL_ADDRESS Adding routes to IPv6 subnets: -Linux `route add -A inet6' NETWORK_ADDRESS`/'PREFIXLENGTH INTERFACE -Linux iproute2 `ip route add' NETWORK_ADDRESS`/'PREFIXLENGTH `dev' INTERFACE -FreeBSD `route add -inet6' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS -OpenBSD `route add -inet6' NETWORK_ADDRESS LOCAL_ADDRESS `-prefixlen' PREFIXLENGTH -NetBSD `route add -inet6' NETWORK_ADDRESS LOCAL_ADDRESS `-prefixlen' PREFIXLENGTH -Solaris `route add -inet6' NETWORK_ADDRESS`/'PREFIXLENGTH LOCAL_ADDRESS `-interface' +Linux 'route add -A inet6' NETWORK_ADDRESS'/'PREFIXLENGTH INTERFACE +Linux iproute2 'ip route add' NETWORK_ADDRESS'/'PREFIXLENGTH 'dev' INTERFACE +FreeBSD 'route add -inet6' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS +OpenBSD 'route add -inet6' NETWORK_ADDRESS LOCAL_ADDRESS '-prefixlen' PREFIXLENGTH +NetBSD 'route add -inet6' NETWORK_ADDRESS LOCAL_ADDRESS '-prefixlen' PREFIXLENGTH +Solaris 'route add -inet6' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDRESS '-interface' Darwin (MacOS/X) ? -Windows `netsh interface ipv6 add route' NETWORK ADDRESS/PREFIXLENGTH INTERFACE +Windows 'netsh interface ipv6 add route' NETWORK ADDRESS/PREFIXLENGTH INTERFACE  File: tinc.info, Node: About us, Next: Concept Index, Prev: Platform specific information, Up: Top @@ -2987,11 +2965,11 @@ File: tinc.info, Node: Contact information, Next: Authors, Up: About us 9.1 Contact information ======================= -Tinc's website is at `http://www.tinc-vpn.org/', this server is located +Tinc's website is at , this server is located in the Netherlands. -We have an IRC channel on the FreeNode and OFTC IRC networks. Connect to -irc.freenode.net (http://www.freenode.net/) or irc.oftc.net +We have an IRC channel on the FreeNode and OFTC IRC networks. Connect +to irc.freenode.net (http://www.freenode.net/) or irc.oftc.net (http://www.oftc.net/) and join channel #tinc.  @@ -3001,12 +2979,11 @@ File: tinc.info, Node: Authors, Prev: Contact information, Up: About us =========== Ivo Timmermans (zarq) - Guus Sliepen (guus) () We have received a lot of valuable input from users. With their help, tinc has become the flexible and robust tool that it is today. We have -composed a list of contributions, in the file called `THANKS' in the +composed a list of contributions, in the file called 'THANKS' in the source distribution.  @@ -3020,13 +2997,13 @@ Concept Index * ACK: Legacy authentication protocol. (line 6) -* ADD_EDGE: The meta-protocol. (line 23) -* ADD_SUBNET: The meta-protocol. (line 23) * Address: Host configuration variables. (line 6) * AddressFamily: Main configuration variables. (line 6) -* ANS_KEY: The meta-protocol. (line 64) +* ADD_EDGE: The meta-protocol. (line 22) +* ADD_SUBNET: The meta-protocol. (line 22) +* ANS_KEY: The meta-protocol. (line 63) * AutoConnect: Main configuration variables. (line 12) * binary package: Building and installing tinc. @@ -3036,12 +3013,12 @@ Concept Index * BindToInterface: Main configuration variables. (line 30) * Broadcast: Main configuration variables. - (line 41) + (line 40) * Cabal: Security. (line 6) -* CHAL_REPLY: Legacy authentication protocol. - (line 6) * CHALLENGE: Legacy authentication protocol. (line 6) +* CHAL_REPLY: Legacy authentication protocol. + (line 6) * CIDR notation: Host configuration variables. (line 94) * Cipher: Host configuration variables. @@ -3055,136 +3032,140 @@ Concept Index (line 26) * connection: The connection. (line 6) * ConnectTo: Main configuration variables. - (line 61) + (line 60) * daemon: Running tinc. (line 11) * data-protocol: The meta-connection. (line 18) * debug level: Runtime options. (line 17) * debug levels: Debug levels. (line 6) * DecrementTTL: Main configuration variables. - (line 72) -* DEL_EDGE: The meta-protocol. (line 47) -* DEL_SUBNET: The meta-protocol. (line 47) -* DEVICE: Scripts. (line 55) + (line 71) +* DEL_EDGE: The meta-protocol. (line 46) +* DEL_SUBNET: The meta-protocol. (line 46) * Device: Main configuration variables. - (line 81) + (line 80) +* DEVICE: Scripts. (line 53) * device files: Device files. (line 6) * DeviceType: Main configuration variables. - (line 88) + (line 87) * Digest: Host configuration variables. (line 31) * DirectOnly: Main configuration variables. - (line 153) + (line 152) * dummy: Main configuration variables. - (line 95) + (line 94) * ECDSAPrivateKeyFile: Main configuration variables. - (line 160) + (line 159) * encapsulating: The UDP tunnel. (line 30) * encryption: Encryption of network packets. (line 6) -* environment variables: Scripts. (line 43) +* environment variables: Scripts. (line 42) * example: Example configuration. (line 6) * exec: Main configuration variables. - (line 321) + (line 328) * ExperimentalProtocol: Main configuration variables. - (line 164) + (line 163) * Forwarding: Main configuration variables. - (line 173) + (line 170) * frame type: The UDP tunnel. (line 6) * Hostnames: Main configuration variables. - (line 193) + (line 190) * http: Main configuration variables. - (line 318) + (line 325) * hub: Main configuration variables. - (line 245) + (line 246) * ID: Legacy authentication protocol. (line 6) * IndirectData: Host configuration variables. (line 38) -* INTERFACE: Scripts. (line 58) * Interface: Main configuration variables. - (line 204) + (line 201) +* INTERFACE: Scripts. (line 56) * IRC: Contact information. (line 9) -* KEY_CHANGED: The meta-protocol. (line 64) * KeyExpire: Main configuration variables. - (line 250) + (line 251) +* KEY_CHANGED: The meta-protocol. (line 63) * legacy authentication protocol: Legacy authentication protocol. (line 6) * libcurses: libcurses. (line 6) * libraries: Libraries. (line 6) * libreadline: libreadline. (line 6) -* license: OpenSSL. (line 36) +* license: OpenSSL. (line 35) * LocalDiscovery: Main configuration variables. - (line 212) + (line 209) +* LocalDiscoveryAddress: Main configuration variables. + (line 220) * lzo: lzo. (line 6) * MACExpire: Main configuration variables. - (line 256) + (line 257) * MACLength: Host configuration variables. (line 43) +* MaxConnectionBurst: Main configuration variables. + (line 262) * meta-protocol: The meta-connection. (line 18) * META_KEY: Legacy authentication protocol. (line 6) * Mode: Main configuration variables. - (line 223) + (line 224) * multicast: Main configuration variables. - (line 107) + (line 106) * multiple networks: Multiple networks. (line 6) -* NAME: Scripts. (line 52) * Name: Main configuration variables. - (line 261) -* netmask: Network interfaces. (line 38) + (line 268) +* NAME: Scripts. (line 50) +* netmask: Network interfaces. (line 39) +* netname: Multiple networks. (line 6) +* NETNAME: Scripts. (line 47) * NETNAME <1>: tinc environment variables. (line 6) -* NETNAME: Scripts. (line 49) -* netname: Multiple networks. (line 6) * Network Administrators Guide: Configuration introduction. (line 15) -* NODE: Scripts. (line 62) +* NODE: Scripts. (line 60) * OpenSSL: OpenSSL. (line 6) * options: Runtime options. (line 9) * PEM format: Host configuration variables. (line 70) -* PING: The meta-protocol. (line 89) +* PING: The meta-protocol. (line 88) * PingInterval: Main configuration variables. - (line 272) + (line 279) * PingTimeout: Main configuration variables. - (line 276) + (line 283) * platforms: Supported platforms. (line 6) * PMTU: Host configuration variables. (line 50) * PMTUDiscovery: Host configuration variables. (line 53) -* PONG: The meta-protocol. (line 89) +* PONG: The meta-protocol. (line 88) * Port: Host configuration variables. (line 58) * port numbers: Other files. (line 17) * PriorityInheritance: Main configuration variables. - (line 282) + (line 289) * private: Virtual Private Networks. (line 10) * PrivateKey: Main configuration variables. - (line 287) + (line 294) * PrivateKeyFile: Main configuration variables. - (line 293) + (line 300) * ProcessPriority: Main configuration variables. - (line 298) + (line 305) * Proxy: Main configuration variables. - (line 303) + (line 310) * PublicKey: Host configuration variables. (line 62) * PublicKeyFile: Host configuration variables. (line 65) * raw_socket: Main configuration variables. - (line 100) + (line 99) * release: Supported platforms. (line 14) -* REMOTEADDRESS: Scripts. (line 67) -* REMOTEPORT: Scripts. (line 70) +* REMOTEADDRESS: Scripts. (line 65) +* REMOTEPORT: Scripts. (line 68) * ReplayWindow: Main configuration variables. - (line 326) -* REQ_KEY: The meta-protocol. (line 64) + (line 333) * requirements: Libraries. (line 6) +* REQ_KEY: The meta-protocol. (line 63) * router: Main configuration variables. - (line 226) + (line 227) * runtime options: Runtime options. (line 9) * scalability: tinc. (line 19) * scripts: Scripts. (line 6) @@ -3192,48 +3173,48 @@ Concept Index (line 18) * signals: Signals. (line 6) * socks4: Main configuration variables. - (line 307) + (line 314) * socks5: Main configuration variables. - (line 312) + (line 319) * SPTPS: Simple Peer-to-Peer Security. (line 6) * StrictSubnets: Main configuration variables. - (line 337) -* SUBNET: Scripts. (line 74) + (line 344) * Subnet: Host configuration variables. (line 77) +* SUBNET: Scripts. (line 72) * SVPN: Security. (line 11) * switch: Main configuration variables. - (line 234) + (line 235) * TCP: The meta-connection. (line 10) * TCPonly: Host configuration variables. (line 106) -* TINC: Security. (line 6) * tinc: Introduction. (line 6) +* TINC: Security. (line 6) * tinc-down: Scripts. (line 18) -* tinc-up <1>: Network interfaces. (line 19) * tinc-up: Scripts. (line 10) +* tinc-up <1>: Network interfaces. (line 19) * tincd: tinc. (line 14) * traditional VPNs: tinc. (line 19) * tunifhead: Main configuration variables. - (line 142) + (line 141) * TunnelServer: Main configuration variables. - (line 342) + (line 349) * tunnohead: Main configuration variables. - (line 136) + (line 135) +* UDP: The UDP tunnel. (line 30) * UDP <1>: Encryption of network packets. (line 11) -* UDP: The UDP tunnel. (line 30) * UDPRcvBuf: Main configuration variables. - (line 349) + (line 356) * UDPSndBuf: Main configuration variables. - (line 354) + (line 361) * UML: Main configuration variables. - (line 118) + (line 117) * Universal tun/tap: Configuration of Linux kernels. (line 6) * VDE: Main configuration variables. - (line 123) + (line 122) * virtual: Virtual Private Networks. (line 18) * virtual network device: The UDP tunnel. (line 6) @@ -3246,74 +3227,74 @@ Concept Index  Tag Table: -Node: Top811 -Node: Introduction1131 -Node: Virtual Private Networks1935 -Node: tinc3650 -Node: Supported platforms5161 -Node: Preparations5857 -Node: Configuring the kernel6113 -Node: Configuration of Linux kernels6522 -Node: Configuration of FreeBSD kernels7371 -Node: Configuration of OpenBSD kernels7836 -Node: Configuration of NetBSD kernels8444 -Node: Configuration of Solaris kernels8846 -Node: Configuration of Darwin (MacOS/X) kernels9507 -Node: Configuration of Windows10196 -Node: Libraries10710 -Node: OpenSSL11128 -Node: zlib13401 -Node: lzo14418 -Node: libcurses15407 -Node: libreadline16315 -Node: Installation17251 -Node: Building and installing tinc18261 -Node: Darwin (MacOS/X) build environment18917 -Node: Cygwin (Windows) build environment19481 -Node: MinGW (Windows) build environment20066 -Node: System files20584 -Node: Device files20849 -Node: Other files21262 -Node: Configuration21875 -Node: Configuration introduction22162 -Node: Multiple networks23684 -Node: How connections work25052 -Node: Configuration files27613 -Node: Main configuration variables29140 -Node: Host configuration variables45548 -Node: Scripts51020 -Node: How to configure53696 -Node: Network interfaces58178 -Node: Example configuration60557 -Node: Running tinc65648 -Node: Runtime options66235 -Node: Signals69096 -Node: Debug levels69946 -Node: Solving problems70882 -Node: Error messages72309 -Node: Sending bug reports76631 -Node: Controlling tinc77583 -Node: tinc runtime options77959 -Node: tinc environment variables78646 -Node: tinc commands78975 -Node: tinc examples83404 -Node: tinc top83967 -Node: Technical information85553 -Node: The connection85788 -Node: The UDP tunnel86100 -Node: The meta-connection89143 -Node: The meta-protocol90601 -Node: Security95575 -Node: Legacy authentication protocol96911 -Node: Simple Peer-to-Peer Security101526 -Node: Encryption of network packets107223 -Node: Security issues109850 -Node: Platform specific information111576 -Node: Interface configuration111804 -Node: Routes114245 -Node: About us116155 -Node: Contact information116330 -Node: Authors116731 -Node: Concept Index117134 +Node: Top807 +Node: Introduction1127 +Node: Virtual Private Networks1931 +Node: tinc3643 +Node: Supported platforms5155 +Node: Preparations5851 +Node: Configuring the kernel6107 +Node: Configuration of Linux kernels6516 +Node: Configuration of FreeBSD kernels7365 +Node: Configuration of OpenBSD kernels7830 +Node: Configuration of NetBSD kernels8438 +Node: Configuration of Solaris kernels8840 +Node: Configuration of Darwin (MacOS/X) kernels9501 +Node: Configuration of Windows10190 +Node: Libraries10703 +Node: OpenSSL11121 +Node: zlib13393 +Node: lzo14411 +Node: libcurses15401 +Node: libreadline16311 +Node: Installation17248 +Node: Building and installing tinc18257 +Node: Darwin (MacOS/X) build environment18913 +Node: Cygwin (Windows) build environment19477 +Node: MinGW (Windows) build environment20061 +Node: System files20579 +Node: Device files20844 +Node: Other files21257 +Node: Configuration21870 +Node: Configuration introduction22157 +Node: Multiple networks23678 +Node: How connections work25046 +Node: Configuration files27607 +Node: Main configuration variables29135 +Node: Host configuration variables45893 +Node: Scripts51364 +Node: How to configure54033 +Node: Network interfaces58509 +Node: Example configuration60888 +Node: Running tinc65981 +Node: Runtime options66568 +Node: Signals69428 +Node: Debug levels70277 +Node: Solving problems71213 +Node: Error messages72639 +Node: Sending bug reports76956 +Node: Controlling tinc77903 +Node: tinc runtime options78280 +Node: tinc environment variables78967 +Node: tinc commands79296 +Node: tinc examples84406 +Node: tinc top84969 +Node: Technical information86554 +Node: The connection86789 +Node: The UDP tunnel87101 +Node: The meta-connection90146 +Node: The meta-protocol91604 +Node: Security96587 +Node: Legacy authentication protocol97924 +Node: Simple Peer-to-Peer Security102541 +Node: Encryption of network packets108201 +Node: Security issues110830 +Node: Platform specific information112565 +Node: Interface configuration112793 +Node: Routes115234 +Node: About us117145 +Node: Contact information117320 +Node: Authors117722 +Node: Concept Index118124  End Tag Table diff --git a/doc/tinc.texi b/doc/tinc.texi index e1af55c..a295293 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -1002,14 +1002,12 @@ The file in which the private ECDSA key of this tinc daemon resides. This is only used if ExperimentalProtocol is enabled. @cindex ExperimentalProtocol -@item ExperimentalProtocol = (no) [experimental] -When this option is enabled, experimental protocol enhancements will be used. +@item ExperimentalProtocol = (yes) +When this option is enabled, the SPTPS protocol will be used when connecting to nodes that also support it. Ephemeral ECDH will be used for key exchanges, and ECDSA will be used instead of RSA for authentication. When enabled, an ECDSA key must have been generated before with @samp{tinc generate-ecdsa-keys}. -The experimental protocol may change at any time, -and there is no guarantee that tinc will run stable when it is used. @cindex Forwarding @item Forwarding = (internal) [experimental] @@ -1058,6 +1056,10 @@ which normally would prevent the peers from learning each other's LAN address. Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery. This feature may not work in all possible situations. +@cindex LocalDiscoveryAddress +@item LocalDiscoveryAddress <@var{address}> +If this variable is specified, local discovery packets are sent to the given @var{address}. + @cindex Mode @item Mode = (router) This option selects the way packets are routed to other daemons. @@ -1099,6 +1101,13 @@ impossible to crack a single key. This option controls the amount of time MAC addresses are kept before they are removed. This only has effect when Mode is set to "switch". +@cindex MaxConnectionBurst +@item MaxConnectionBurst = <@var{count}> (100) +This option controls how many connections tinc accepts in quick succession. +If there are more connections than the given number in a short time interval, +tinc will reduce the number of accepted connections to only one per second, +until the burst has passed. + @cindex Name @item Name = <@var{name}> [required] This is a symbolic name for this connection. @@ -1180,7 +1189,6 @@ reordering. Setting this to zero will disable replay tracking completely and pass all traffic, but leaves tinc vulnerable to replay-based attacks on your traffic. - @cindex StrictSubnets @item StrictSubnets (no) [experimental] When this option is enabled tinc will only use Subnet statements which are @@ -2216,14 +2224,22 @@ The same as export followed by import. @item exchange-all [--force] The same as export-all followed by import. +@item invite @var{name} +Prepares an invitation for a new node with the given @var{name}, +and prints a short invitation URL that can be used with the join command. + +@item join [@var{URL}] +Join an existing VPN using an invitation URL created using the invite command. +If no @var{URL} is given, it will be read from standard input. + @item start [tincd options] Start @samp{tincd}, optionally with the given extra options. @item stop Stop @samp{tincd}. -@item restart -Restart @samp{tincd}. +@item restart [tincd options] +Restart @samp{tincd}, optionally with the given extra options. @item reload Partially rereads configuration files. Connections to hosts whose host @@ -2234,10 +2250,17 @@ in @file{tinc.conf} will be made. Shows the PID of the currently running @samp{tincd}. @item generate-keys [@var{bits}] -Generate public/private keypair of @var{bits} length. If @var{bits} is not specified, -1024 is the default. tinc will ask where you want to store the files, -but will default to the configuration directory (you can use the -c or -n -option). +Generate both RSA and ECDSA keypairs (see below) and exit. +tinc will ask where you want to store the files, but will default to the +configuration directory (you can use the -c or -n option). + +@item generate-ecdsa-keys +Generate public/private ECDSA keypair and exit. + +@item generate-rsa-keys [@var{bits}] +Generate public/private RSA keypair and exit. If @var{bits} is omitted, the +default length will be 2048 bits. When saving keys to existing files, tinc +will not delete the old keys; you have to remove them manually. @item dump [reachable] nodes Dump a list of all known nodes in the VPN. diff --git a/gui/Makefile.in b/gui/Makefile.in index 2e52de5..52c86ab 100644 --- a/gui/Makefile.in +++ b/gui/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -16,23 +15,51 @@ @SET_MAKE@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -52,13 +79,13 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = gui -DIST_COMMON = $(dist_bin_SCRIPTS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(dist_bin_SCRIPTS) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in + $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -94,6 +121,18 @@ am__uninstall_files_from_dir = { \ } am__installdirs = "$(DESTDIR)$(bindir)" SCRIPTS = $(dist_bin_SCRIPTS) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = SOURCES = DIST_SOURCES = am__can_run_installinfo = \ @@ -101,9 +140,11 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -123,7 +164,6 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ -INCLUDES = @INCLUDES@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -137,7 +177,6 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ @@ -210,7 +249,7 @@ extra_DIST = README.gui all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -235,9 +274,9 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): install-dist_binSCRIPTS: $(dist_bin_SCRIPTS) @@ -275,11 +314,26 @@ uninstall-dist_binSCRIPTS: files=`for p in $$list; do echo "$$p"; done | \ sed -e 's,.*/,,;$(transform)'`; \ dir='$(DESTDIR)$(bindir)'; $(am__uninstall_files_from_dir) -tags: TAGS -TAGS: -ctags: CTAGS -CTAGS: +installcheck-dist_binSCRIPTS: $(dist_bin_SCRIPTS) + bad=0; pid=$$$$; list="$(dist_bin_SCRIPTS)"; for p in $$list; do \ + case ' $(AM_INSTALLCHECK_STD_OPTIONS_EXEMPT) ' in \ + *" $$p "* | *" $(srcdir)/$$p "*) continue;; \ + esac; \ + f=`echo "$$p" | sed 's,^.*/,,;$(transform)'`; \ + for opt in --help --version; do \ + if "$(DESTDIR)$(bindir)/$$f" $$opt >c$${pid}_.out \ + 2>c$${pid}_.err &2; bad=1; fi; \ + done; \ + done; rm -f c$${pid}_.???; exit $$bad +tags TAGS: + +ctags CTAGS: + +cscope cscopelist: distdir: $(DISTFILES) @@ -395,7 +449,7 @@ install-ps: install-ps-am install-ps-am: -installcheck-am: +installcheck-am: installcheck-dist_binSCRIPTS maintainer-clean: maintainer-clean-am -rm -f Makefile @@ -417,16 +471,17 @@ uninstall-am: uninstall-dist_binSCRIPTS .MAKE: install-am install-strip -.PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am \ - install-dist_binSCRIPTS install-dvi install-dvi-am \ - install-exec install-exec-am install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ +.PHONY: all all-am check check-am clean clean-generic cscopelist-am \ + ctags-am distclean distclean-generic distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dist_binSCRIPTS install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am \ + installcheck-dist_binSCRIPTS installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-generic pdf \ - pdf-am ps ps-am uninstall uninstall-am \ + pdf-am ps ps-am tags-am uninstall uninstall-am \ uninstall-dist_binSCRIPTS diff --git a/install-sh b/install-sh index a9244eb..377bb86 100755 --- a/install-sh +++ b/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2011-01-19.21; # UTC +scriptversion=2011-11-20.07; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -35,7 +35,7 @@ scriptversion=2011-01-19.21; # UTC # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it +# 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written @@ -156,7 +156,7 @@ while test $# -ne 0; do -s) stripcmd=$stripprog;; -t) dst_arg=$2 - # Protect names problematic for `test' and other utilities. + # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac @@ -190,7 +190,7 @@ if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then fi shift # arg dst_arg=$arg - # Protect names problematic for `test' and other utilities. + # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac @@ -202,7 +202,7 @@ if test $# -eq 0; then echo "$0: no input file specified." >&2 exit 1 fi - # It's OK to call `install-sh -d' without argument. + # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi @@ -240,7 +240,7 @@ fi for src do - # Protect names problematic for `test' and other utilities. + # Protect names problematic for 'test' and other utilities. case $src in -* | [=\(\)!]) src=./$src;; esac @@ -354,7 +354,7 @@ do if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writeable bit of parent directory when it shouldn't. + # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. ls_ld_tmpdir=`ls -ld "$tmpdir"` case $ls_ld_tmpdir in diff --git a/m4/Makefile.in b/m4/Makefile.in index 557ba46..fc5af2d 100644 --- a/m4/Makefile.in +++ b/m4/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,23 +14,51 @@ @SET_MAKE@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -51,18 +78,30 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = m4 -DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am README ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in + $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = SOURCES = DIST_SOURCES = am__can_run_installinfo = \ @@ -70,9 +109,11 @@ am__can_run_installinfo = \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -92,7 +133,6 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ -INCLUDES = @INCLUDES@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -106,7 +146,6 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ @@ -178,7 +217,7 @@ EXTRA_DIST = README *.m4 all: all-am .SUFFIXES: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -203,16 +242,16 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): -tags: TAGS -TAGS: +tags TAGS: -ctags: CTAGS -CTAGS: +ctags CTAGS: + +cscope cscopelist: distdir: $(DISTFILES) @@ -347,15 +386,16 @@ uninstall-am: .MAKE: install-am install-strip -.PHONY: all all-am check check-am clean clean-generic distclean \ - distclean-generic distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am install-man \ - install-pdf install-pdf-am install-ps install-ps-am \ - install-strip installcheck installcheck-am installdirs \ - maintainer-clean maintainer-clean-generic mostlyclean \ - mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am +.PHONY: all all-am check check-am clean clean-generic cscopelist-am \ + ctags-am distclean distclean-generic distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic pdf \ + pdf-am ps ps-am tags-am uninstall uninstall-am # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/missing b/missing index 86a8fc3..cdea514 100755 --- a/missing +++ b/missing @@ -1,11 +1,10 @@ #! /bin/sh -# Common stub for a few missing GNU programs while installing. +# Common wrapper for a few potentially missing GNU programs. -scriptversion=2012-01-06.13; # UTC +scriptversion=2012-06-26.16; # UTC -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, -# 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc. -# Originally by Fran,cois Pinard , 1996. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Originally written by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,68 +25,40 @@ scriptversion=2012-01-06.13; # UTC # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "Try '$0 --help' for more information" exit 1 fi -run=: -sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' -sed_minuso='s/.* -o \([^ ]*\).*/\1/p' - -# In the cases where this matters, `missing' is being run in the -# srcdir already. -if test -f configure.ac; then - configure_ac=configure.ac -else - configure_ac=configure.in -fi - -msg="missing on your system" - case $1 in ---run) - # Try to run requested program, and just exit if it succeeds. - run= - shift - "$@" && exit 0 - # Exit code 63 means version mismatch. This often happens - # when the user try to use an ancient version of a tool on - # a file that requires a minimum version. In this case we - # we should proceed has if the program had been absent, or - # if --run hadn't been passed. - if test $? = 63; then - run=: - msg="probably too old" - fi - ;; + + --is-lightweight) + # Used by our autoconf macros to check whether the available missing + # script is modern enough. + exit 0 + ;; + + --run) + # Back-compat with the calling convention used by older automake. + shift + ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. +Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due +to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit - --run try to run the given command, and emulate it if it fails Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - yacc create \`y.tab.[ch]', if possible, from existing .[ch] + aclocal autoconf autoheader autom4te automake makeinfo + bison yacc flex lex help2man -Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and -\`g' are ignored when checking the name. +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. Send bug reports to ." exit $? @@ -99,228 +70,141 @@ Send bug reports to ." ;; -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "$0: unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac -# normalize program name to check for. -program=`echo "$1" | sed ' - s/^gnu-//; t - s/^gnu//; t - s/^g//; t'` +# Run the given program, remember its exit status. +"$@"; st=$? -# Now exit if we have it, but it failed. Also exit now if we -# don't have it and --version was passed (most likely to detect -# the program). This is about non-GNU programs, so use $1 not -# $program. -case $1 in - lex*|yacc*) - # Not GNU programs, they don't have --version. +# If it succeeded, we are done. +test $st -eq 0 && exit 0 + +# Also exit now if we it failed (or wasn't found), and '--version' was +# passed; such an option is passed most likely to detect whether the +# program is present and works. +case $2 in --version|--help) exit $st;; esac + +# Exit code 63 means version mismatch. This often happens when the user +# tries to use an ancient version of a tool on a file that requires a +# minimum version. +if test $st -eq 63; then + msg="probably too old" +elif test $st -eq 127; then + # Program was missing. + msg="missing on your system" +else + # Program was found and executed, but failed. Give up. + exit $st +fi + +perl_URL=http://www.perl.org/ +flex_URL=http://flex.sourceforge.net/ +gnu_software_URL=http://www.gnu.org/software + +program_details () +{ + case $1 in + aclocal|automake) + echo "The '$1' program is part of the GNU Automake package:" + echo "<$gnu_software_URL/automake>" + echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/autoconf>" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + autoconf|autom4te|autoheader) + echo "The '$1' program is part of the GNU Autoconf package:" + echo "<$gnu_software_URL/autoconf/>" + echo "It also requires GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + esac +} + +give_advice () +{ + # Normalize program name to check for. + normalized_program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + + printf '%s\n' "'$1' is $msg." + + configure_deps="'configure.ac' or m4 files included by 'configure.ac'" + case $normalized_program in + autoconf*) + echo "You should only need it if you modified 'configure.ac'," + echo "or m4 files included by it." + program_details 'autoconf' + ;; + autoheader*) + echo "You should only need it if you modified 'acconfig.h' or" + echo "$configure_deps." + program_details 'autoheader' + ;; + automake*) + echo "You should only need it if you modified 'Makefile.am' or" + echo "$configure_deps." + program_details 'automake' + ;; + aclocal*) + echo "You should only need it if you modified 'acinclude.m4' or" + echo "$configure_deps." + program_details 'aclocal' + ;; + autom4te*) + echo "You might have modified some maintainer files that require" + echo "the 'automa4te' program to be rebuilt." + program_details 'autom4te' + ;; + bison*|yacc*) + echo "You should only need it if you modified a '.y' file." + echo "You may want to install the GNU Bison package:" + echo "<$gnu_software_URL/bison/>" + ;; + lex*|flex*) + echo "You should only need it if you modified a '.l' file." + echo "You may want to install the Fast Lexical Analyzer package:" + echo "<$flex_URL>" + ;; + help2man*) + echo "You should only need it if you modified a dependency" \ + "of a man page." + echo "You may want to install the GNU Help2man package:" + echo "<$gnu_software_URL/help2man/>" ;; + makeinfo*) + echo "You should only need it if you modified a '.texi' file, or" + echo "any other file indirectly affecting the aspect of the manual." + echo "You might want to install the Texinfo package:" + echo "<$gnu_software_URL/texinfo/>" + echo "The spurious makeinfo call might also be the consequence of" + echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" + echo "want to install GNU make:" + echo "<$gnu_software_URL/make/>" + ;; + *) + echo "You might have modified some files without having the proper" + echo "tools for further handling them. Check the 'README' file, it" + echo "often tells you about the needed prerequisites for installing" + echo "this package. You may also peek at any GNU archive site, in" + echo "case some other package contains this missing '$1' program." + ;; + esac +} - *) - if test -z "$run" && ($1 --version) > /dev/null 2>&1; then - # We have it, but it failed. - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether - # $TOOL exists and not knowing $TOOL uses missing. - exit 1 - fi - ;; -esac +give_advice "$1" | sed -e '1s/^/WARNING: /' \ + -e '2,$s/^/ /' >&2 -# If it does not exist, or fails to run (possibly an outdated version), -# try to emulate it. -case $program in - aclocal*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case $f in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; - - autom4te*) - echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. - You might have modified some files without having the - proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU - archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo "#! /bin/sh" - echo "# Created by GNU Automake missing as a replacement of" - echo "# $ $@" - echo "exit 0" - chmod +x $file - exit 1 - fi - ;; - - bison*|yacc*) - echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if test $# -ne 1; then - eval LASTARG=\${$#} - case $LASTARG in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if test ! -f y.tab.h; then - echo >y.tab.h - fi - if test ! -f y.tab.c; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex*|flex*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if test $# -ne 1; then - eval LASTARG=\${$#} - case $LASTARG in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if test ! -f lex.yy.c; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - help2man*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo ".ab help2man is required to generate this page" - exit $? - fi - ;; - - makeinfo*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - # The file to touch is that specified with -o ... - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -z "$file"; then - # ... or it is the one specified with @setfilename ... - infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n ' - /^@setfilename/{ - s/.* \([^ ]*\) *$/\1/ - p - q - }' $infile` - # ... or it is derived from the source name (dir/f.texi becomes f.info) - test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info - fi - # If the file does not exist, the user really needs makeinfo; - # let's fail without touching anything. - test -f $file || exit 1 - touch $file - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. - You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequisites for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac - -exit 0 +# Propagate the correct exit status (expected to be 127 for a program +# not found, 63 for a program that failed due to version mismatch). +exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) diff --git a/src/Makefile.am b/src/Makefile.am index c073eec..27d2330 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -4,13 +4,114 @@ sbin_PROGRAMS = tincd tinc sptps_test EXTRA_DIST = linux bsd solaris cygwin mingw openssl gcrypt +DEFAULT_INCLUDES = + tincd_SOURCES = \ - utils.c getopt.c getopt1.c list.c splay_tree.c dropin.c fake-getaddrinfo.c fake-getnameinfo.c hash.c \ - buffer.c conf.c connection.c control.c edge.c graph.c logger.c meta.c net.c net_packet.c net_setup.c \ - net_socket.c netutl.c node.c process.c protocol.c protocol_auth.c protocol_edge.c protocol_misc.c \ - protocol_key.c protocol_subnet.c route.c sptps.c subnet.c subnet_parse.c event.c tincd.c \ - dummy_device.c raw_socket_device.c multicast_device.c names.c + buffer.c buffer.h \ + cipher.h \ + conf.c conf.h \ + connection.c connection.h \ + control.c control.h \ + control_common.h \ + crypto.h \ + device.h \ + digest.h \ + dropin.c dropin.h \ + dummy_device.c \ + ecdh.h \ + ecdsa.h \ + ecdsagen.h \ + edge.c edge.h \ + ethernet.h \ + event.c event.h \ + fake-gai-errnos.h \ + fake-getaddrinfo.c fake-getaddrinfo.h \ + fake-getnameinfo.c fake-getnameinfo.h \ + getopt.c getopt.h \ + getopt1.c \ + graph.c graph.h \ + hash.c hash.h \ + have.h \ + ipv4.h \ + ipv6.h \ + list.c list.h \ + logger.c logger.h \ + meta.c meta.h \ + multicast_device.c \ + names.c names.h \ + net.c net.h \ + net_packet.c \ + net_setup.c \ + net_socket.c \ + netutl.c netutl.h \ + node.c node.h \ + prf.h \ + process.c process.h \ + protocol.c protocol.h \ + protocol_auth.c \ + protocol_edge.c \ + protocol_key.c \ + protocol_misc.c \ + protocol_subnet.c \ + raw_socket_device.c \ + route.c route.h \ + rsa.h \ + rsagen.h \ + splay_tree.c splay_tree.h \ + sptps.c sptps.h \ + subnet.c subnet.h \ + subnet_parse.c \ + system.h \ + tincd.c \ + utils.c utils.h \ + xalloc.h + +tinc_SOURCES = \ + dropin.c dropin.h \ + getopt.c getopt.h \ + getopt1.c \ + info.c info.h \ + invitation.c invitation.h \ + list.c list.h \ + names.c names.h \ + netutl.c netutl.h \ + sptps.c sptps.h \ + subnet_parse.c subnet.h \ + tincctl.c tincctl.h \ + top.c top.h \ + utils.c utils.h + +sptps_test_SOURCES = \ + logger.c logger.h \ + sptps.c sptps.h \ + sptps_test.c \ + utils.c utils.h + +## Conditionally compile device drivers +if LINUX +tincd_SOURCES += linux/device.c +endif + +if BSD +tincd_SOURCES += bsd/device.c +if TUNEMU +tincd_SOURCES += bsd/tunemu.c +endif +endif + +if SOLARIS +tincd_SOURCES += solaris/device.c +endif + +if MINGW +tincd_SOURCES += mingw/device.c +endif + +if CYGWIN +tincd_SOURCES += cygwin/device.c +endif + if UML tincd_SOURCES += uml_device.c endif @@ -19,38 +120,64 @@ if VDE tincd_SOURCES += vde_device.c endif -nodist_tincd_SOURCES = \ - device.c cipher.c crypto.c ecdh.c ecdsa.c digest.c prf.c rsa.c +if OPENSSL +tincd_SOURCES += \ + openssl/cipher.c \ + openssl/crypto.c \ + openssl/digest.c \ + openssl/ecdh.c \ + openssl/ecdsa.c \ + openssl/prf.c \ + openssl/rsa.c +tinc_SOURCES += \ + openssl/cipher.c \ + openssl/crypto.c \ + openssl/digest.c \ + openssl/ecdh.c \ + openssl/ecdsa.c \ + openssl/ecdsagen.c \ + openssl/prf.c \ + openssl/rsa.c \ + openssl/rsagen.c +sptps_test_SOURCES += \ + openssl/cipher.c \ + openssl/crypto.c \ + openssl/digest.c \ + openssl/ecdh.c \ + openssl/ecdsa.c \ + openssl/prf.c +endif -tinc_SOURCES = \ - utils.c getopt.c getopt1.c dropin.c \ - info.c list.c subnet_parse.c tincctl.c top.c names.c - -nodist_tinc_SOURCES = \ - ecdsagen.c rsagen.c - -sptps_test_SOURCES = \ - logger.c cipher.c crypto.c ecdh.c ecdsa.c digest.c prf.c \ - sptps.c sptps_test.c utils.c - -if TUNEMU -tincd_SOURCES += bsd/tunemu.c +if GCRYPT +tincd_SOURCES += \ + gcrypt/cipher.c \ + gcrypt/crypto.c \ + gcrypt/digest.c \ + gcrypt/ecdh.c \ + gcrypt/ecdsa.c \ + gcrypt/prf.c \ + gcrypt/rsa.c +tinc_SOURCES += \ + gcrypt/cipher.c \ + gcrypt/crypto.c \ + gcrypt/digest.c \ + gcrypt/ecdh.c \ + gcrypt/ecdsa.c \ + gcrypt/ecdsagen.c \ + gcrypt/prf.c \ + gcrypt/rsa.c \ + gcrypt/rsagen.c +sptps_test_SOURCES += \ + gcrypt/cipher.c \ + gcrypt/crypto.c \ + gcrypt/digest.c \ + gcrypt/ecdh.c \ + gcrypt/ecdsa.c \ + gcrypt/prf.c endif tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS) -DEFAULT_INCLUDES = - -INCLUDES = @INCLUDES@ -I$(top_builddir) - -noinst_HEADERS = \ - xalloc.h utils.h getopt.h list.h splay_tree.h dropin.h fake-getaddrinfo.h fake-getnameinfo.h fake-gai-errnos.h ipv6.h ipv4.h ethernet.h \ - buffer.h conf.h connection.h control.h control_common.h device.h edge.h graph.h info.h logger.h meta.h net.h netutl.h node.h process.h \ - protocol.h route.h subnet.h sptps.h tincctl.h top.h bsd/tunemu.h hash.h event.h names.h - -nodist_noinst_HEADERS = \ - cipher.h crypto.h ecdh.h ecdsa.h digest.h prf.h rsa.h ecdsagen.h rsagen.h - LIBS = @LIBS@ @LIBGCRYPT_LIBS@ if TUNEMU diff --git a/src/Makefile.in b/src/Makefile.in index 48f7dad..ab5daa4 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.13.3 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,25 +14,52 @@ @SET_MAKE@ - VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -53,18 +79,79 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ sbin_PROGRAMS = tincd$(EXEEXT) tinc$(EXEEXT) sptps_test$(EXEEXT) -@UML_TRUE@am__append_1 = uml_device.c -@VDE_TRUE@am__append_2 = vde_device.c -@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c -@TUNEMU_TRUE@am__append_4 = -lpcap +@LINUX_TRUE@am__append_1 = linux/device.c +@BSD_TRUE@am__append_2 = bsd/device.c +@BSD_TRUE@@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c +@SOLARIS_TRUE@am__append_4 = solaris/device.c +@MINGW_TRUE@am__append_5 = mingw/device.c +@CYGWIN_TRUE@am__append_6 = cygwin/device.c +@UML_TRUE@am__append_7 = uml_device.c +@VDE_TRUE@am__append_8 = vde_device.c +@OPENSSL_TRUE@am__append_9 = \ +@OPENSSL_TRUE@ openssl/cipher.c \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ openssl/digest.c \ +@OPENSSL_TRUE@ openssl/ecdh.c \ +@OPENSSL_TRUE@ openssl/ecdsa.c \ +@OPENSSL_TRUE@ openssl/prf.c \ +@OPENSSL_TRUE@ openssl/rsa.c + +@OPENSSL_TRUE@am__append_10 = \ +@OPENSSL_TRUE@ openssl/cipher.c \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ openssl/digest.c \ +@OPENSSL_TRUE@ openssl/ecdh.c \ +@OPENSSL_TRUE@ openssl/ecdsa.c \ +@OPENSSL_TRUE@ openssl/ecdsagen.c \ +@OPENSSL_TRUE@ openssl/prf.c \ +@OPENSSL_TRUE@ openssl/rsa.c \ +@OPENSSL_TRUE@ openssl/rsagen.c + +@OPENSSL_TRUE@am__append_11 = \ +@OPENSSL_TRUE@ openssl/cipher.c \ +@OPENSSL_TRUE@ openssl/crypto.c \ +@OPENSSL_TRUE@ openssl/digest.c \ +@OPENSSL_TRUE@ openssl/ecdh.c \ +@OPENSSL_TRUE@ openssl/ecdsa.c \ +@OPENSSL_TRUE@ openssl/prf.c + +@GCRYPT_TRUE@am__append_12 = \ +@GCRYPT_TRUE@ gcrypt/cipher.c \ +@GCRYPT_TRUE@ gcrypt/crypto.c \ +@GCRYPT_TRUE@ gcrypt/digest.c \ +@GCRYPT_TRUE@ gcrypt/ecdh.c \ +@GCRYPT_TRUE@ gcrypt/ecdsa.c \ +@GCRYPT_TRUE@ gcrypt/prf.c \ +@GCRYPT_TRUE@ gcrypt/rsa.c + +@GCRYPT_TRUE@am__append_13 = \ +@GCRYPT_TRUE@ gcrypt/cipher.c \ +@GCRYPT_TRUE@ gcrypt/crypto.c \ +@GCRYPT_TRUE@ gcrypt/digest.c \ +@GCRYPT_TRUE@ gcrypt/ecdh.c \ +@GCRYPT_TRUE@ gcrypt/ecdsa.c \ +@GCRYPT_TRUE@ gcrypt/ecdsagen.c \ +@GCRYPT_TRUE@ gcrypt/prf.c \ +@GCRYPT_TRUE@ gcrypt/rsa.c \ +@GCRYPT_TRUE@ gcrypt/rsagen.c + +@GCRYPT_TRUE@am__append_14 = \ +@GCRYPT_TRUE@ gcrypt/cipher.c \ +@GCRYPT_TRUE@ gcrypt/crypto.c \ +@GCRYPT_TRUE@ gcrypt/digest.c \ +@GCRYPT_TRUE@ gcrypt/ecdh.c \ +@GCRYPT_TRUE@ gcrypt/ecdsa.c \ +@GCRYPT_TRUE@ gcrypt/prf.c + +@TUNEMU_TRUE@am__append_15 = -lpcap subdir = src -DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/curses.m4 $(top_srcdir)/m4/lzo.m4 \ $(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/readline.m4 \ - $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in + $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -73,76 +160,170 @@ CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" PROGRAMS = $(sbin_PROGRAMS) -am_sptps_test_OBJECTS = logger.$(OBJEXT) cipher.$(OBJEXT) \ - crypto.$(OBJEXT) ecdh.$(OBJEXT) ecdsa.$(OBJEXT) \ - digest.$(OBJEXT) prf.$(OBJEXT) sptps.$(OBJEXT) \ - sptps_test.$(OBJEXT) utils.$(OBJEXT) +am__sptps_test_SOURCES_DIST = logger.c logger.h sptps.c sptps.h \ + sptps_test.c utils.c utils.h openssl/cipher.c openssl/crypto.c \ + openssl/digest.c openssl/ecdh.c openssl/ecdsa.c openssl/prf.c \ + gcrypt/cipher.c gcrypt/crypto.c gcrypt/digest.c gcrypt/ecdh.c \ + gcrypt/ecdsa.c gcrypt/prf.c +am__dirstamp = $(am__leading_dot)dirstamp +@OPENSSL_TRUE@am__objects_1 = openssl/cipher.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) +@GCRYPT_TRUE@am__objects_2 = gcrypt/cipher.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/prf.$(OBJEXT) +am_sptps_test_OBJECTS = logger.$(OBJEXT) sptps.$(OBJEXT) \ + sptps_test.$(OBJEXT) utils.$(OBJEXT) $(am__objects_1) \ + $(am__objects_2) sptps_test_OBJECTS = $(am_sptps_test_OBJECTS) sptps_test_LDADD = $(LDADD) -am_tinc_OBJECTS = utils.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) \ - dropin.$(OBJEXT) info.$(OBJEXT) list.$(OBJEXT) \ +am__tinc_SOURCES_DIST = dropin.c dropin.h getopt.c getopt.h getopt1.c \ + info.c info.h invitation.c invitation.h list.c list.h names.c \ + names.h netutl.c netutl.h sptps.c sptps.h subnet_parse.c \ + subnet.h tincctl.c tincctl.h top.c top.h utils.c utils.h \ + openssl/cipher.c openssl/crypto.c openssl/digest.c \ + openssl/ecdh.c openssl/ecdsa.c openssl/ecdsagen.c \ + openssl/prf.c openssl/rsa.c openssl/rsagen.c gcrypt/cipher.c \ + gcrypt/crypto.c gcrypt/digest.c gcrypt/ecdh.c gcrypt/ecdsa.c \ + gcrypt/ecdsagen.c gcrypt/prf.c gcrypt/rsa.c gcrypt/rsagen.c +@OPENSSL_TRUE@am__objects_3 = openssl/cipher.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/ecdsagen.$(OBJEXT) openssl/prf.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/rsa.$(OBJEXT) openssl/rsagen.$(OBJEXT) +@GCRYPT_TRUE@am__objects_4 = gcrypt/cipher.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/ecdsagen.$(OBJEXT) gcrypt/prf.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/rsa.$(OBJEXT) gcrypt/rsagen.$(OBJEXT) +am_tinc_OBJECTS = dropin.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) \ + info.$(OBJEXT) invitation.$(OBJEXT) list.$(OBJEXT) \ + names.$(OBJEXT) netutl.$(OBJEXT) sptps.$(OBJEXT) \ subnet_parse.$(OBJEXT) tincctl.$(OBJEXT) top.$(OBJEXT) \ - names.$(OBJEXT) -nodist_tinc_OBJECTS = ecdsagen.$(OBJEXT) rsagen.$(OBJEXT) -tinc_OBJECTS = $(am_tinc_OBJECTS) $(nodist_tinc_OBJECTS) + utils.$(OBJEXT) $(am__objects_3) $(am__objects_4) +tinc_OBJECTS = $(am_tinc_OBJECTS) am__DEPENDENCIES_1 = tinc_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -am__tincd_SOURCES_DIST = utils.c getopt.c getopt1.c list.c \ - splay_tree.c dropin.c fake-getaddrinfo.c fake-getnameinfo.c \ - hash.c buffer.c conf.c connection.c control.c edge.c graph.c \ - logger.c meta.c net.c net_packet.c net_setup.c net_socket.c \ - netutl.c node.c process.c protocol.c protocol_auth.c \ - protocol_edge.c protocol_misc.c protocol_key.c \ - protocol_subnet.c route.c sptps.c subnet.c subnet_parse.c \ - event.c tincd.c dummy_device.c raw_socket_device.c \ - multicast_device.c names.c uml_device.c vde_device.c \ - bsd/tunemu.c -@UML_TRUE@am__objects_1 = uml_device.$(OBJEXT) -@VDE_TRUE@am__objects_2 = vde_device.$(OBJEXT) -@TUNEMU_TRUE@am__objects_3 = tunemu.$(OBJEXT) -am_tincd_OBJECTS = utils.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) \ - list.$(OBJEXT) splay_tree.$(OBJEXT) dropin.$(OBJEXT) \ +am__tincd_SOURCES_DIST = buffer.c buffer.h cipher.h conf.c conf.h \ + connection.c connection.h control.c control.h control_common.h \ + crypto.h device.h digest.h dropin.c dropin.h dummy_device.c \ + ecdh.h ecdsa.h ecdsagen.h edge.c edge.h ethernet.h event.c \ + event.h fake-gai-errnos.h fake-getaddrinfo.c \ + fake-getaddrinfo.h fake-getnameinfo.c fake-getnameinfo.h \ + getopt.c getopt.h getopt1.c graph.c graph.h hash.c hash.h \ + have.h ipv4.h ipv6.h list.c list.h logger.c logger.h meta.c \ + meta.h multicast_device.c names.c names.h net.c net.h \ + net_packet.c net_setup.c net_socket.c netutl.c netutl.h node.c \ + node.h prf.h process.c process.h protocol.c protocol.h \ + protocol_auth.c protocol_edge.c protocol_key.c protocol_misc.c \ + protocol_subnet.c raw_socket_device.c route.c route.h rsa.h \ + rsagen.h splay_tree.c splay_tree.h sptps.c sptps.h subnet.c \ + subnet.h subnet_parse.c system.h tincd.c utils.c utils.h \ + xalloc.h linux/device.c bsd/device.c bsd/tunemu.c \ + solaris/device.c mingw/device.c cygwin/device.c uml_device.c \ + vde_device.c openssl/cipher.c openssl/crypto.c \ + openssl/digest.c openssl/ecdh.c openssl/ecdsa.c openssl/prf.c \ + openssl/rsa.c gcrypt/cipher.c gcrypt/crypto.c gcrypt/digest.c \ + gcrypt/ecdh.c gcrypt/ecdsa.c gcrypt/prf.c gcrypt/rsa.c +@LINUX_TRUE@am__objects_5 = linux/device.$(OBJEXT) +@BSD_TRUE@am__objects_6 = bsd/device.$(OBJEXT) +@BSD_TRUE@@TUNEMU_TRUE@am__objects_7 = bsd/tunemu.$(OBJEXT) +@SOLARIS_TRUE@am__objects_8 = solaris/device.$(OBJEXT) +@MINGW_TRUE@am__objects_9 = mingw/device.$(OBJEXT) +@CYGWIN_TRUE@am__objects_10 = cygwin/device.$(OBJEXT) +@UML_TRUE@am__objects_11 = uml_device.$(OBJEXT) +@VDE_TRUE@am__objects_12 = vde_device.$(OBJEXT) +@OPENSSL_TRUE@am__objects_13 = openssl/cipher.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/crypto.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/digest.$(OBJEXT) openssl/ecdh.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/ecdsa.$(OBJEXT) openssl/prf.$(OBJEXT) \ +@OPENSSL_TRUE@ openssl/rsa.$(OBJEXT) +@GCRYPT_TRUE@am__objects_14 = gcrypt/cipher.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/crypto.$(OBJEXT) gcrypt/digest.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/ecdh.$(OBJEXT) gcrypt/ecdsa.$(OBJEXT) \ +@GCRYPT_TRUE@ gcrypt/prf.$(OBJEXT) gcrypt/rsa.$(OBJEXT) +am_tincd_OBJECTS = buffer.$(OBJEXT) conf.$(OBJEXT) \ + connection.$(OBJEXT) control.$(OBJEXT) dropin.$(OBJEXT) \ + dummy_device.$(OBJEXT) edge.$(OBJEXT) event.$(OBJEXT) \ fake-getaddrinfo.$(OBJEXT) fake-getnameinfo.$(OBJEXT) \ - hash.$(OBJEXT) buffer.$(OBJEXT) conf.$(OBJEXT) \ - connection.$(OBJEXT) control.$(OBJEXT) edge.$(OBJEXT) \ - graph.$(OBJEXT) logger.$(OBJEXT) meta.$(OBJEXT) net.$(OBJEXT) \ + getopt.$(OBJEXT) getopt1.$(OBJEXT) graph.$(OBJEXT) \ + hash.$(OBJEXT) list.$(OBJEXT) logger.$(OBJEXT) meta.$(OBJEXT) \ + multicast_device.$(OBJEXT) names.$(OBJEXT) net.$(OBJEXT) \ net_packet.$(OBJEXT) net_setup.$(OBJEXT) net_socket.$(OBJEXT) \ netutl.$(OBJEXT) node.$(OBJEXT) process.$(OBJEXT) \ protocol.$(OBJEXT) protocol_auth.$(OBJEXT) \ - protocol_edge.$(OBJEXT) protocol_misc.$(OBJEXT) \ - protocol_key.$(OBJEXT) protocol_subnet.$(OBJEXT) \ - route.$(OBJEXT) sptps.$(OBJEXT) subnet.$(OBJEXT) \ - subnet_parse.$(OBJEXT) event.$(OBJEXT) tincd.$(OBJEXT) \ - dummy_device.$(OBJEXT) raw_socket_device.$(OBJEXT) \ - multicast_device.$(OBJEXT) names.$(OBJEXT) $(am__objects_1) \ - $(am__objects_2) $(am__objects_3) -nodist_tincd_OBJECTS = device.$(OBJEXT) cipher.$(OBJEXT) \ - crypto.$(OBJEXT) ecdh.$(OBJEXT) ecdsa.$(OBJEXT) \ - digest.$(OBJEXT) prf.$(OBJEXT) rsa.$(OBJEXT) -tincd_OBJECTS = $(am_tincd_OBJECTS) $(nodist_tincd_OBJECTS) + protocol_edge.$(OBJEXT) protocol_key.$(OBJEXT) \ + protocol_misc.$(OBJEXT) protocol_subnet.$(OBJEXT) \ + raw_socket_device.$(OBJEXT) route.$(OBJEXT) \ + splay_tree.$(OBJEXT) sptps.$(OBJEXT) subnet.$(OBJEXT) \ + subnet_parse.$(OBJEXT) tincd.$(OBJEXT) utils.$(OBJEXT) \ + $(am__objects_5) $(am__objects_6) $(am__objects_7) \ + $(am__objects_8) $(am__objects_9) $(am__objects_10) \ + $(am__objects_11) $(am__objects_12) $(am__objects_13) \ + $(am__objects_14) +tincd_OBJECTS = $(am_tincd_OBJECTS) tincd_LDADD = $(LDADD) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = CCLD = $(CC) LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -SOURCES = $(sptps_test_SOURCES) $(tinc_SOURCES) $(nodist_tinc_SOURCES) \ - $(tincd_SOURCES) $(nodist_tincd_SOURCES) -DIST_SOURCES = $(sptps_test_SOURCES) $(tinc_SOURCES) \ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(sptps_test_SOURCES) $(tinc_SOURCES) $(tincd_SOURCES) +DIST_SOURCES = $(am__sptps_test_SOURCES_DIST) $(am__tinc_SOURCES_DIST) \ $(am__tincd_SOURCES_DIST) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac -HEADERS = $(nodist_noinst_HEADERS) $(noinst_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -162,7 +343,6 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ -INCLUDES = @INCLUDES@ -I$(top_builddir) INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -173,10 +353,9 @@ LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ @LIBGCRYPT_LIBS@ $(am__append_4) +LIBS = @LIBS@ @LIBGCRYPT_LIBS@ $(am__append_15) LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ @@ -245,45 +424,40 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ EXTRA_DIST = linux bsd solaris cygwin mingw openssl gcrypt -tincd_SOURCES = utils.c getopt.c getopt1.c list.c splay_tree.c \ - dropin.c fake-getaddrinfo.c fake-getnameinfo.c hash.c buffer.c \ - conf.c connection.c control.c edge.c graph.c logger.c meta.c \ - net.c net_packet.c net_setup.c net_socket.c netutl.c node.c \ - process.c protocol.c protocol_auth.c protocol_edge.c \ - protocol_misc.c protocol_key.c protocol_subnet.c route.c \ - sptps.c subnet.c subnet_parse.c event.c tincd.c dummy_device.c \ - raw_socket_device.c multicast_device.c names.c $(am__append_1) \ - $(am__append_2) $(am__append_3) -nodist_tincd_SOURCES = \ - device.c cipher.c crypto.c ecdh.c ecdsa.c digest.c prf.c rsa.c - -tinc_SOURCES = \ - utils.c getopt.c getopt1.c dropin.c \ - info.c list.c subnet_parse.c tincctl.c top.c names.c - -nodist_tinc_SOURCES = \ - ecdsagen.c rsagen.c - -sptps_test_SOURCES = \ - logger.c cipher.c crypto.c ecdh.c ecdsa.c digest.c prf.c \ - sptps.c sptps_test.c utils.c - -tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS) DEFAULT_INCLUDES = -noinst_HEADERS = \ - xalloc.h utils.h getopt.h list.h splay_tree.h dropin.h fake-getaddrinfo.h fake-getnameinfo.h fake-gai-errnos.h ipv6.h ipv4.h ethernet.h \ - buffer.h conf.h connection.h control.h control_common.h device.h edge.h graph.h info.h logger.h meta.h net.h netutl.h node.h process.h \ - protocol.h route.h subnet.h sptps.h tincctl.h top.h bsd/tunemu.h hash.h event.h names.h - -nodist_noinst_HEADERS = \ - cipher.h crypto.h ecdh.h ecdsa.h digest.h prf.h rsa.h ecdsagen.h rsagen.h - +tincd_SOURCES = buffer.c buffer.h cipher.h conf.c conf.h connection.c \ + connection.h control.c control.h control_common.h crypto.h \ + device.h digest.h dropin.c dropin.h dummy_device.c ecdh.h \ + ecdsa.h ecdsagen.h edge.c edge.h ethernet.h event.c event.h \ + fake-gai-errnos.h fake-getaddrinfo.c fake-getaddrinfo.h \ + fake-getnameinfo.c fake-getnameinfo.h getopt.c getopt.h \ + getopt1.c graph.c graph.h hash.c hash.h have.h ipv4.h ipv6.h \ + list.c list.h logger.c logger.h meta.c meta.h \ + multicast_device.c names.c names.h net.c net.h net_packet.c \ + net_setup.c net_socket.c netutl.c netutl.h node.c node.h prf.h \ + process.c process.h protocol.c protocol.h protocol_auth.c \ + protocol_edge.c protocol_key.c protocol_misc.c \ + protocol_subnet.c raw_socket_device.c route.c route.h rsa.h \ + rsagen.h splay_tree.c splay_tree.h sptps.c sptps.h subnet.c \ + subnet.h subnet_parse.c system.h tincd.c utils.c utils.h \ + xalloc.h $(am__append_1) $(am__append_2) $(am__append_3) \ + $(am__append_4) $(am__append_5) $(am__append_6) \ + $(am__append_7) $(am__append_8) $(am__append_9) \ + $(am__append_12) +tinc_SOURCES = dropin.c dropin.h getopt.c getopt.h getopt1.c info.c \ + info.h invitation.c invitation.h list.c list.h names.c names.h \ + netutl.c netutl.h sptps.c sptps.h subnet_parse.c subnet.h \ + tincctl.c tincctl.h top.c top.h utils.c utils.h \ + $(am__append_10) $(am__append_13) +sptps_test_SOURCES = logger.c logger.h sptps.c sptps.h sptps_test.c \ + utils.c utils.h $(am__append_11) $(am__append_14) +tinc_LDADD = $(READLINE_LIBS) $(CURSES_LIBS) AM_CFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DLOCALSTATEDIR=\"$(localstatedir)\" -DSBINDIR=\"$(sbindir)\" all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -308,9 +482,9 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) +$(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) +$(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): install-sbinPROGRAMS: $(sbin_PROGRAMS) @@ -322,10 +496,11 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS) fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p; \ - then echo "$$p"; echo "$$p"; else :; fi; \ + while read p p1; do if test -f $$p \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ @@ -346,42 +521,152 @@ uninstall-sbinPROGRAMS: @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ + -e 's/$$/$(EXEEXT)/' \ + `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) + +installcheck-sbinPROGRAMS: $(sbin_PROGRAMS) + bad=0; pid=$$$$; list="$(sbin_PROGRAMS)"; for p in $$list; do \ + case ' $(AM_INSTALLCHECK_STD_OPTIONS_EXEMPT) ' in \ + *" $$p "* | *" $(srcdir)/$$p "*) continue;; \ + esac; \ + f=`echo "$$p" | \ + sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ + for opt in --help --version; do \ + if "$(DESTDIR)$(sbindir)/$$f" $$opt >c$${pid}_.out \ + 2>c$${pid}_.err &2; bad=1; fi; \ + done; \ + done; rm -f c$${pid}_.???; exit $$bad +openssl/$(am__dirstamp): + @$(MKDIR_P) openssl + @: > openssl/$(am__dirstamp) +openssl/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) openssl/$(DEPDIR) + @: > openssl/$(DEPDIR)/$(am__dirstamp) +openssl/cipher.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/crypto.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/digest.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/ecdh.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/ecdsa.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/prf.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +gcrypt/$(am__dirstamp): + @$(MKDIR_P) gcrypt + @: > gcrypt/$(am__dirstamp) +gcrypt/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) gcrypt/$(DEPDIR) + @: > gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/cipher.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/crypto.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/digest.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/ecdh.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/ecdsa.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/prf.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) + sptps_test$(EXEEXT): $(sptps_test_OBJECTS) $(sptps_test_DEPENDENCIES) $(EXTRA_sptps_test_DEPENDENCIES) @rm -f sptps_test$(EXEEXT) - $(LINK) $(sptps_test_OBJECTS) $(sptps_test_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(sptps_test_OBJECTS) $(sptps_test_LDADD) $(LIBS) +openssl/ecdsagen.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/rsa.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +openssl/rsagen.$(OBJEXT): openssl/$(am__dirstamp) \ + openssl/$(DEPDIR)/$(am__dirstamp) +gcrypt/ecdsagen.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/rsa.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) +gcrypt/rsagen.$(OBJEXT): gcrypt/$(am__dirstamp) \ + gcrypt/$(DEPDIR)/$(am__dirstamp) + tinc$(EXEEXT): $(tinc_OBJECTS) $(tinc_DEPENDENCIES) $(EXTRA_tinc_DEPENDENCIES) @rm -f tinc$(EXEEXT) - $(LINK) $(tinc_OBJECTS) $(tinc_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(tinc_OBJECTS) $(tinc_LDADD) $(LIBS) +linux/$(am__dirstamp): + @$(MKDIR_P) linux + @: > linux/$(am__dirstamp) +linux/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) linux/$(DEPDIR) + @: > linux/$(DEPDIR)/$(am__dirstamp) +linux/device.$(OBJEXT): linux/$(am__dirstamp) \ + linux/$(DEPDIR)/$(am__dirstamp) +bsd/$(am__dirstamp): + @$(MKDIR_P) bsd + @: > bsd/$(am__dirstamp) +bsd/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) bsd/$(DEPDIR) + @: > bsd/$(DEPDIR)/$(am__dirstamp) +bsd/device.$(OBJEXT): bsd/$(am__dirstamp) \ + bsd/$(DEPDIR)/$(am__dirstamp) +bsd/tunemu.$(OBJEXT): bsd/$(am__dirstamp) \ + bsd/$(DEPDIR)/$(am__dirstamp) +solaris/$(am__dirstamp): + @$(MKDIR_P) solaris + @: > solaris/$(am__dirstamp) +solaris/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) solaris/$(DEPDIR) + @: > solaris/$(DEPDIR)/$(am__dirstamp) +solaris/device.$(OBJEXT): solaris/$(am__dirstamp) \ + solaris/$(DEPDIR)/$(am__dirstamp) +mingw/$(am__dirstamp): + @$(MKDIR_P) mingw + @: > mingw/$(am__dirstamp) +mingw/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) mingw/$(DEPDIR) + @: > mingw/$(DEPDIR)/$(am__dirstamp) +mingw/device.$(OBJEXT): mingw/$(am__dirstamp) \ + mingw/$(DEPDIR)/$(am__dirstamp) +cygwin/$(am__dirstamp): + @$(MKDIR_P) cygwin + @: > cygwin/$(am__dirstamp) +cygwin/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) cygwin/$(DEPDIR) + @: > cygwin/$(DEPDIR)/$(am__dirstamp) +cygwin/device.$(OBJEXT): cygwin/$(am__dirstamp) \ + cygwin/$(DEPDIR)/$(am__dirstamp) + tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES) $(EXTRA_tincd_DEPENDENCIES) @rm -f tincd$(EXEEXT) - $(LINK) $(tincd_OBJECTS) $(tincd_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(tincd_OBJECTS) $(tincd_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) + -rm -f bsd/*.$(OBJEXT) + -rm -f cygwin/*.$(OBJEXT) + -rm -f gcrypt/*.$(OBJEXT) + -rm -f linux/*.$(OBJEXT) + -rm -f mingw/*.$(OBJEXT) + -rm -f openssl/*.$(OBJEXT) + -rm -f solaris/*.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/buffer.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cipher.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/control.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/device.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/digest.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dropin.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dummy_device.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecdh.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecdsa.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ecdsagen.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fake-getaddrinfo.Po@am__quote@ @@ -391,6 +676,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hash.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/info.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/invitation.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logger.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/meta.Po@am__quote@ @@ -402,7 +688,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_socket.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/netutl.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/node.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/process.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_auth.Po@am__quote@ @@ -412,8 +697,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/raw_socket_device.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsa.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsagen.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/splay_tree.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sptps_test.Po@am__quote@ @@ -422,59 +705,59 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincctl.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/top.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tunemu.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/tunemu.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@cygwin/$(DEPDIR)/device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/cipher.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/crypto.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/digest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/ecdh.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/ecdsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/ecdsagen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/prf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/rsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@gcrypt/$(DEPDIR)/rsagen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@linux/$(DEPDIR)/device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mingw/$(DEPDIR)/device.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/cipher.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/crypto.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/digest.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdh.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/ecdsagen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/prf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/rsa.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@openssl/$(DEPDIR)/rsagen.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@solaris/$(DEPDIR)/device.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` -tunemu.o: bsd/tunemu.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tunemu.o -MD -MP -MF $(DEPDIR)/tunemu.Tpo -c -o tunemu.o `test -f 'bsd/tunemu.c' || echo '$(srcdir)/'`bsd/tunemu.c -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tunemu.Tpo $(DEPDIR)/tunemu.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bsd/tunemu.c' object='tunemu.o' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tunemu.o `test -f 'bsd/tunemu.c' || echo '$(srcdir)/'`bsd/tunemu.c +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags -tunemu.obj: bsd/tunemu.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT tunemu.obj -MD -MP -MF $(DEPDIR)/tunemu.Tpo -c -o tunemu.obj `if test -f 'bsd/tunemu.c'; then $(CYGPATH_W) 'bsd/tunemu.c'; else $(CYGPATH_W) '$(srcdir)/bsd/tunemu.c'; fi` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/tunemu.Tpo $(DEPDIR)/tunemu.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='bsd/tunemu.c' object='tunemu.obj' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o tunemu.obj `if test -f 'bsd/tunemu.c'; then $(CYGPATH_W) 'bsd/tunemu.c'; else $(CYGPATH_W) '$(srcdir)/bsd/tunemu.c'; fi` - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ + $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ @@ -486,15 +769,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $$unique; \ fi; \ fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique @@ -503,6 +782,21 @@ GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -542,7 +836,7 @@ distdir: $(DISTFILES) dist-hook check-am: all-am check: check-am -all-am: Makefile $(PROGRAMS) $(HEADERS) +all-am: Makefile $(PROGRAMS) installdirs: for dir in "$(DESTDIR)$(sbindir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ @@ -573,6 +867,20 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f bsd/$(DEPDIR)/$(am__dirstamp) + -rm -f bsd/$(am__dirstamp) + -rm -f cygwin/$(DEPDIR)/$(am__dirstamp) + -rm -f cygwin/$(am__dirstamp) + -rm -f gcrypt/$(DEPDIR)/$(am__dirstamp) + -rm -f gcrypt/$(am__dirstamp) + -rm -f linux/$(DEPDIR)/$(am__dirstamp) + -rm -f linux/$(am__dirstamp) + -rm -f mingw/$(DEPDIR)/$(am__dirstamp) + -rm -f mingw/$(am__dirstamp) + -rm -f openssl/$(DEPDIR)/$(am__dirstamp) + -rm -f openssl/$(am__dirstamp) + -rm -f solaris/$(DEPDIR)/$(am__dirstamp) + -rm -f solaris/$(am__dirstamp) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -582,7 +890,7 @@ clean: clean-am clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) + -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -625,10 +933,10 @@ install-ps: install-ps-am install-ps-am: -installcheck-am: +installcheck-am: installcheck-sbinPROGRAMS maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) + -rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) gcrypt/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) openssl/$(DEPDIR) solaris/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -648,18 +956,19 @@ uninstall-am: uninstall-sbinPROGRAMS .MAKE: install-am install-strip -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-sbinPROGRAMS ctags dist-hook distclean distclean-compile \ - distclean-generic distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-sbinPROGRAMS install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-sbinPROGRAMS +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-sbinPROGRAMS cscopelist-am ctags ctags-am dist-hook \ + distclean distclean-compile distclean-generic distclean-tags \ + distdir dvi dvi-am html html-am info info-am install \ + install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-sbinPROGRAMS install-strip installcheck \ + installcheck-am installcheck-sbinPROGRAMS installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am uninstall-sbinPROGRAMS dist-hook: diff --git a/src/bsd/.deps/device.Po b/src/bsd/.deps/device.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/bsd/.deps/device.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/bsd/.deps/tunemu.Po b/src/bsd/.deps/tunemu.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/bsd/.deps/tunemu.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/bsd/device.c b/src/bsd/device.c index 9bf0cd5..e083519 100644 --- a/src/bsd/device.c +++ b/src/bsd/device.c @@ -19,16 +19,16 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "names.h" -#include "net.h" -#include "route.h" -#include "utils.h" -#include "xalloc.h" +#include "../conf.h" +#include "../device.h" +#include "../logger.h" +#include "../names.h" +#include "../net.h" +#include "../route.h" +#include "../utils.h" +#include "../xalloc.h" #ifdef ENABLE_TUNEMU #include "bsd/tunemu.h" diff --git a/src/bsd/device.c.orig b/src/bsd/device.c.orig deleted file mode 100644 index a204040..0000000 --- a/src/bsd/device.c.orig +++ /dev/null @@ -1,386 +0,0 @@ -/* - device.c -- Interaction BSD tun/tap device - Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2012 Guus Sliepen - 2009 Grzegorz Dymarek - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" - -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "net.h" -#include "route.h" -#include "utils.h" -#include "xalloc.h" - -#ifdef ENABLE_TUNEMU -#include "bsd/tunemu.h" -#endif - -#define DEFAULT_TUN_DEVICE "/dev/tun0" -#if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) -#define DEFAULT_TAP_DEVICE "/dev/tap0" -#else -#define DEFAULT_TAP_DEVICE "/dev/tun0" -#endif - -typedef enum device_type { - DEVICE_TYPE_TUN, - DEVICE_TYPE_TUNIFHEAD, - DEVICE_TYPE_TAP, -#ifdef ENABLE_TUNEMU - DEVICE_TYPE_TUNEMU, -#endif -} device_type_t; - -int device_fd = -1; -char *device = NULL; -char *iface = NULL; -static char *device_info = NULL; -static uint64_t device_total_in = 0; -static uint64_t device_total_out = 0; -#if defined(ENABLE_TUNEMU) -static device_type_t device_type = DEVICE_TYPE_TUNEMU; -#elif defined(HAVE_OPENBSD) || defined(HAVE_FREEBSD) || defined(HAVE_DRAGONFLY) -static device_type_t device_type = DEVICE_TYPE_TUNIFHEAD; -#else -static device_type_t device_type = DEVICE_TYPE_TUN; -#endif - -static bool setup_device(void) { - char *type; - - if(!get_config_string(lookup_config(config_tree, "Device"), &device)) { - if(routing_mode == RMODE_ROUTER) - device = xstrdup(DEFAULT_TUN_DEVICE); - else - device = xstrdup(DEFAULT_TAP_DEVICE); - } - - if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) - iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); - - if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) { - if(!strcasecmp(type, "tun")) -<<<<<<< HEAD - /* use default */; -#ifdef HAVE_TUNEMU -======= - /* use default */; -#ifdef ENABLE_TUNEMU ->>>>>>> 2a3e343... Fix support for tunemu on iOS devices. - else if(!strcasecmp(type, "tunemu")) - device_type = DEVICE_TYPE_TUNEMU; -#endif - else if(!strcasecmp(type, "tunnohead")) - device_type = DEVICE_TYPE_TUN; - else if(!strcasecmp(type, "tunifhead")) - device_type = DEVICE_TYPE_TUNIFHEAD; - else if(!strcasecmp(type, "tap")) - device_type = DEVICE_TYPE_TAP; - else { - logger(DEBUG_ALWAYS, LOG_ERR, "Unknown device type %s!", type); - return false; - } - } else { - if(strstr(device, "tap") || routing_mode != RMODE_ROUTER) - device_type = DEVICE_TYPE_TAP; - } - - switch(device_type) { -#ifdef ENABLE_TUNEMU - case DEVICE_TYPE_TUNEMU: { - char dynamic_name[256] = ""; - device_fd = tunemu_open(dynamic_name); - } - break; -#endif - default: - device_fd = open(device, O_RDWR | O_NONBLOCK); - } - - if(device_fd < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", device, strerror(errno)); - return false; - } - -#ifdef FD_CLOEXEC - fcntl(device_fd, F_SETFD, FD_CLOEXEC); -#endif - - switch(device_type) { - default: - device_type = DEVICE_TYPE_TUN; - case DEVICE_TYPE_TUN: -#ifdef TUNSIFHEAD - { - const int zero = 0; - if(ioctl(device_fd, TUNSIFHEAD, &zero, sizeof zero) == -1) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "ioctl", strerror(errno)); - return false; - } - } -#endif -#if defined(TUNSIFMODE) && defined(IFF_BROADCAST) && defined(IFF_MULTICAST) - { - const int mode = IFF_BROADCAST | IFF_MULTICAST; - ioctl(device_fd, TUNSIFMODE, &mode, sizeof mode); - } -#endif - - device_info = "Generic BSD tun device"; - break; - case DEVICE_TYPE_TUNIFHEAD: -#ifdef TUNSIFHEAD - { - const int one = 1; - if(ioctl(device_fd, TUNSIFHEAD, &one, sizeof one) == -1) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "ioctl", strerror(errno)); - return false; - } - } -#endif -#if defined(TUNSIFMODE) && defined(IFF_BROADCAST) && defined(IFF_MULTICAST) - { - const int mode = IFF_BROADCAST | IFF_MULTICAST; - ioctl(device_fd, TUNSIFMODE, &mode, sizeof mode); - } -#endif - - device_info = "Generic BSD tun device"; - break; - case DEVICE_TYPE_TAP: - if(routing_mode == RMODE_ROUTER) - overwrite_mac = true; - device_info = "Generic BSD tap device"; -#ifdef TAPGIFNAME - { - struct ifreq ifr; - if(ioctl(device_fd, TAPGIFNAME, (void*)&ifr) == 0) { - if(iface) - free(iface); - iface = xstrdup(ifr.ifr_name); - } - } - -#endif - break; -#ifdef ENABLE_TUNEMU - case DEVICE_TYPE_TUNEMU: - device_info = "BSD tunemu device"; - break; -#endif - } - - logger(DEBUG_ALWAYS, LOG_INFO, "%s is a %s", device, device_info); - - return true; -} - -static void close_device(void) { - switch(device_type) { -#ifdef ENABLE_TUNEMU - case DEVICE_TYPE_TUNEMU: - tunemu_close(device_fd); - break; -#endif - default: - close(device_fd); - } - - free(device); - free(iface); -} - -static bool read_packet(vpn_packet_t *packet) { - int inlen; - - switch(device_type) { - case DEVICE_TYPE_TUN: -#ifdef ENABLE_TUNEMU - case DEVICE_TYPE_TUNEMU: - if(device_type == DEVICE_TYPE_TUNEMU) - inlen = tunemu_read(device_fd, packet->data + 14, MTU - 14); - else -#endif - inlen = read(device_fd, packet->data + 14, MTU - 14); - - if(inlen <= 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - - switch(packet->data[14] >> 4) { - case 4: - packet->data[12] = 0x08; - packet->data[13] = 0x00; - break; - case 6: - packet->data[12] = 0x86; - packet->data[13] = 0xDD; - break; - default: - logger(DEBUG_TRAFFIC, LOG_ERR, - "Unknown IP version %d while reading packet from %s %s", - packet->data[14] >> 4, device_info, device); - return false; - } - - memset(packet->data, 0, 12); - packet->len = inlen + 14; - break; - - case DEVICE_TYPE_TUNIFHEAD: { - u_int32_t type; - struct iovec vector[2] = {{&type, sizeof type}, {packet->data + 14, MTU - 14}}; - - if((inlen = readv(device_fd, vector, 2)) <= 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - - switch (ntohl(type)) { - case AF_INET: - packet->data[12] = 0x08; - packet->data[13] = 0x00; - break; - - case AF_INET6: - packet->data[12] = 0x86; - packet->data[13] = 0xDD; - break; - - default: - logger(DEBUG_TRAFFIC, LOG_ERR, - "Unknown address family %x while reading packet from %s %s", - ntohl(type), device_info, device); - return false; - } - - memset(packet->data, 0, 12); - packet->len = inlen + 10; - break; - } - - case DEVICE_TYPE_TAP: - if((inlen = read(device_fd, packet->data, MTU)) <= 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading from %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - - packet->len = inlen; - break; - - default: - return false; - } - - device_total_in += packet->len; - - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Read packet of %d bytes from %s", - packet->len, device_info); - - return true; -} - -static bool write_packet(vpn_packet_t *packet) { - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Writing packet of %d bytes to %s", - packet->len, device_info); - - switch(device_type) { - case DEVICE_TYPE_TUN: - if(write(device_fd, packet->data + 14, packet->len - 14) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - break; - - case DEVICE_TYPE_TUNIFHEAD: { - u_int32_t type; - struct iovec vector[2] = {{&type, sizeof type}, {packet->data + 14, packet->len - 14}}; - int af; - - af = (packet->data[12] << 8) + packet->data[13]; - - switch (af) { - case 0x0800: - type = htonl(AF_INET); - break; - case 0x86DD: - type = htonl(AF_INET6); - break; - default: - logger(DEBUG_TRAFFIC, LOG_ERR, - "Unknown address family %x while writing packet to %s %s", - af, device_info, device); - return false; - } - - if(writev(device_fd, vector, 2) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Can't write to %s %s: %s", device_info, device, - strerror(errno)); - return false; - } - break; - } - - case DEVICE_TYPE_TAP: - if(write(device_fd, packet->data, packet->len) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - break; - -#ifdef ENABLE_TUNEMU - case DEVICE_TYPE_TUNEMU: - if(tunemu_write(device_fd, packet->data + 14, packet->len - 14) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while writing to %s %s: %s", device_info, - device, strerror(errno)); - return false; - } - break; -#endif - - default: - return false; - } - - device_total_out += packet->len; - - return true; -} - -static void dump_device_stats(void) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); - logger(DEBUG_ALWAYS, LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); -} - -const devops_t os_devops = { - .setup = setup_device, - .close = close_device, - .read = read_packet, - .write = write_packet, - .dump_stats = dump_device_stats, -}; diff --git a/src/cipher.c b/src/cipher.c deleted file mode 100644 index 553b4ad..0000000 --- a/src/cipher.c +++ /dev/null @@ -1,218 +0,0 @@ -/* - cipher.c -- Symmetric block cipher handling - Copyright (C) 2007-2012 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" - -#include -#include - -#include "cipher.h" -#include "logger.h" -#include "xalloc.h" - -typedef struct cipher_counter { - unsigned char counter[EVP_MAX_IV_LENGTH]; - unsigned char block[EVP_MAX_IV_LENGTH]; - int n; -} cipher_counter_t; - -static bool cipher_open(cipher_t *cipher) { - EVP_CIPHER_CTX_init(&cipher->ctx); - - return true; -} - -bool cipher_open_by_name(cipher_t *cipher, const char *name) { - cipher->cipher = EVP_get_cipherbyname(name); - - if(cipher->cipher) - return cipher_open(cipher); - - logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher name '%s'!", name); - return false; -} - -bool cipher_open_by_nid(cipher_t *cipher, int nid) { - cipher->cipher = EVP_get_cipherbynid(nid); - - if(cipher->cipher) - return cipher_open(cipher); - - logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher nid %d!", nid); - return false; -} - -bool cipher_open_blowfish_ofb(cipher_t *cipher) { - cipher->cipher = EVP_bf_ofb(); - return cipher_open(cipher); -} - -void cipher_close(cipher_t *cipher) { - EVP_CIPHER_CTX_cleanup(&cipher->ctx); - free(cipher->counter); - cipher->counter = NULL; -} - -size_t cipher_keylength(const cipher_t *cipher) { - return cipher->cipher->key_len + cipher->cipher->block_size; -} - -bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) { - bool result; - - if(encrypt) - result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + cipher->cipher->key_len); - else - result = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, (unsigned char *)key + cipher->cipher->key_len); - - if(result) - return true; - - logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -bool cipher_set_key_from_rsa(cipher_t *cipher, void *key, size_t len, bool encrypt) { - bool result; - - if(encrypt) - result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - cipher->cipher->key_len, (unsigned char *)key + len - cipher->cipher->iv_len - cipher->cipher->key_len); - else - result = EVP_DecryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key + len - cipher->cipher->key_len, (unsigned char *)key + len - cipher->cipher->iv_len - cipher->cipher->key_len); - - if(result) - return true; - - logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -bool cipher_set_counter(cipher_t *cipher, const void *counter, size_t len) { - if(len > cipher->cipher->block_size - 4) { - logger(DEBUG_ALWAYS, LOG_ERR, "Counter too long"); - abort(); - } - - memcpy(cipher->counter->counter + cipher->cipher->block_size - len, counter, len); - memset(cipher->counter->counter, 0, 4); - cipher->counter->n = 0; - - return true; -} - -bool cipher_set_counter_key(cipher_t *cipher, void *key) { - int result = EVP_EncryptInit_ex(&cipher->ctx, cipher->cipher, NULL, (unsigned char *)key, NULL); - if(!result) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while setting key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - if(!cipher->counter) - cipher->counter = xmalloc_and_zero(sizeof *cipher->counter); - else - cipher->counter->n = 0; - - memcpy(cipher->counter->counter, (unsigned char *)key + cipher->cipher->key_len, cipher->cipher->block_size); - - return true; -} - -bool cipher_counter_xor(cipher_t *cipher, const void *indata, size_t inlen, void *outdata) { - if(!cipher->counter) { - logger(DEBUG_ALWAYS, LOG_ERR, "Counter not initialized"); - return false; - } - - const unsigned char *in = indata; - unsigned char *out = outdata; - - while(inlen--) { - // Encrypt the new counter value if we need it - if(!cipher->counter->n) { - int len; - if(!EVP_EncryptUpdate(&cipher->ctx, cipher->counter->block, &len, cipher->counter->counter, cipher->cipher->block_size)) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - // Increase the counter value - for(int i = 0; i < cipher->cipher->block_size; i++) - if(++cipher->counter->counter[i]) - break; - } - - *out++ = *in++ ^ cipher->counter->counter[cipher->counter->n++]; - - if(cipher->counter->n >= cipher->cipher->block_size) - cipher->counter->n = 0; - } - - return true; -} - - -bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) { - if(oneshot) { - int len, pad; - if(EVP_EncryptInit_ex(&cipher->ctx, NULL, NULL, NULL, NULL) - && EVP_EncryptUpdate(&cipher->ctx, (unsigned char *)outdata, &len, indata, inlen) - && EVP_EncryptFinal(&cipher->ctx, (unsigned char *)outdata + len, &pad)) { - if(outlen) *outlen = len + pad; - return true; - } - } else { - int len; - if(EVP_EncryptUpdate(&cipher->ctx, outdata, &len, indata, inlen)) { - if(outlen) *outlen = len; - return true; - } - } - - logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) { - if(oneshot) { - int len, pad; - if(EVP_DecryptInit_ex(&cipher->ctx, NULL, NULL, NULL, NULL) - && EVP_DecryptUpdate(&cipher->ctx, (unsigned char *)outdata, &len, indata, inlen) - && EVP_DecryptFinal(&cipher->ctx, (unsigned char *)outdata + len, &pad)) { - if(outlen) *outlen = len + pad; - return true; - } - } else { - int len; - if(EVP_EncryptUpdate(&cipher->ctx, outdata, &len, indata, inlen)) { - if(outlen) *outlen = len; - return true; - } - } - - logger(DEBUG_ALWAYS, LOG_ERR, "Error while decrypting: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -int cipher_get_nid(const cipher_t *cipher) { - return cipher->cipher ? cipher->cipher->nid : 0; -} - -bool cipher_active(const cipher_t *cipher) { - return cipher->cipher && cipher->cipher->nid != 0; -} diff --git a/src/openssl/cipher.h b/src/cipher.h similarity index 56% rename from src/openssl/cipher.h rename to src/cipher.h index c9f89eb..17ca614 100644 --- a/src/openssl/cipher.h +++ b/src/cipher.h @@ -1,6 +1,6 @@ /* cipher.h -- header file cipher.c - Copyright (C) 2007-2012 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,30 +20,25 @@ #ifndef __TINC_CIPHER_H__ #define __TINC_CIPHER_H__ -#include +#define CIPHER_MAX_BLOCK_SIZE 32 +#define CIPHER_MAX_IV_SIZE 16 +#define CIPHER_MAX_KEY_SIZE 32 -#define CIPHER_MAX_BLOCK_SIZE EVP_MAX_BLOCK_LENGTH -#define CIPHER_MAX_KEY_SIZE EVP_MAX_KEY_LENGTH -#define CIPHER_MAX_IV_SIZE EVP_MAX_IV_LENGTH +typedef struct cipher cipher_t; -typedef struct cipher { - EVP_CIPHER_CTX ctx; - const EVP_CIPHER *cipher; - struct cipher_counter *counter; -} cipher_t; - -extern bool cipher_open_by_name(cipher_t *, const char *); -extern bool cipher_open_by_nid(cipher_t *, int); -extern bool cipher_open_blowfish_ofb(cipher_t *); +extern cipher_t *cipher_open_by_name(const char *) __attribute__ ((__malloc__)); +extern cipher_t *cipher_open_by_nid(int) __attribute__ ((__malloc__)); +extern cipher_t *cipher_open_blowfish_ofb(void) __attribute__ ((__malloc__)); extern void cipher_close(cipher_t *); extern size_t cipher_keylength(const cipher_t *); -extern bool cipher_set_key(cipher_t *, void *, bool); -extern bool cipher_set_key_from_rsa(cipher_t *, void *, size_t, bool); -extern bool cipher_set_counter(cipher_t *, const void *, size_t); -extern bool cipher_set_counter_key(cipher_t *, void *); -extern bool cipher_encrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool); -extern bool cipher_decrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool); -extern bool cipher_counter_xor(cipher_t *, const void *indata, size_t inlen, void *outdata); +extern void cipher_get_key(const cipher_t *, void *); +extern bool cipher_set_key(cipher_t *, void *, bool) __attribute__ ((__warn_unused_result__)); +extern bool cipher_set_key_from_rsa(cipher_t *, void *, size_t, bool) __attribute__ ((__warn_unused_result__)); +extern bool cipher_set_counter(cipher_t *, const void *, size_t) __attribute__ ((__warn_unused_result__)); +extern bool cipher_set_counter_key(cipher_t *, void *) __attribute__ ((__warn_unused_result__)); +extern bool cipher_encrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) __attribute__ ((__warn_unused_result__)); +extern bool cipher_decrypt(cipher_t *, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) __attribute__ ((__warn_unused_result__)); +extern bool cipher_counter_xor(cipher_t *, const void *indata, size_t inlen, void *outdata) __attribute__ ((__warn_unused_result__)); extern int cipher_get_nid(const cipher_t *); extern bool cipher_active(const cipher_t *); diff --git a/src/conf.c b/src/conf.c index c4f8abb..3c64519 100644 --- a/src/conf.c +++ b/src/conf.c @@ -71,7 +71,7 @@ void exit_configuration(splay_tree_t ** config_tree) { } config_t *new_config(void) { - return xmalloc_and_zero(sizeof(config_t)); + return xzalloc(sizeof(config_t)); } void free_config(config_t *cfg) { @@ -373,9 +373,10 @@ bool read_server_config(void) { read_config_options(config_tree, NULL); xasprintf(&fname, "%s" SLASH "tinc.conf", confbase); + errno = 0; x = read_config_file(config_tree, fname); - if(!x) + if(!x && errno) logger(DEBUG_ALWAYS, LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno)); free(fname); diff --git a/src/connection.c b/src/connection.c index 4798c5a..496f674 100644 --- a/src/connection.c +++ b/src/connection.c @@ -1,6 +1,6 @@ /* connection.c -- connection list management - Copyright (C) 2000-2012 Guus Sliepen , + Copyright (C) 2000-2013 Guus Sliepen , 2000-2005 Ivo Timmermans 2008 Max Rijevski @@ -27,6 +27,7 @@ #include "control_common.h" #include "list.h" #include "logger.h" +#include "rsa.h" #include "subnet.h" #include "utils.h" #include "xalloc.h" @@ -47,21 +48,21 @@ void exit_connections(void) { } connection_t *new_connection(void) { - return xmalloc_and_zero(sizeof(connection_t)); + return xzalloc(sizeof(connection_t)); } void free_connection(connection_t *c) { if(!c) return; - cipher_close(&c->incipher); - digest_close(&c->indigest); - cipher_close(&c->outcipher); - digest_close(&c->outdigest); + cipher_close(c->incipher); + digest_close(c->indigest); + cipher_close(c->outcipher); + digest_close(c->outdigest); sptps_stop(&c->sptps); - ecdsa_free(&c->ecdsa); - rsa_free(&c->rsa); + ecdsa_free(c->ecdsa); + rsa_free(c->rsa); free(c->hischallenge); diff --git a/src/connection.h b/src/connection.h index 10f4a76..b5d3d18 100644 --- a/src/connection.h +++ b/src/connection.h @@ -1,6 +1,6 @@ /* connection.h -- header for connection.c - Copyright (C) 2000-2012 Guus Sliepen , + Copyright (C) 2000-2013 Guus Sliepen , 2000-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -47,7 +47,9 @@ typedef struct connection_status_t { unsigned int control:1; /* 1 if this is a control connection */ unsigned int pcap:1; /* 1 if this is a control connection requesting packet capture */ unsigned int log:1; /* 1 if this is a control connection requesting log dump */ - unsigned int unused:20; + unsigned int invitation:1; /* 1 if this is an invitation */ + unsigned int invitation_used:1; /* 1 if the invitation has been consumed */ + unsigned int unused:19; } connection_status_t; #include "ecdsa.h" @@ -73,12 +75,12 @@ typedef struct connection_t { struct node_t *node; /* node associated with the other end */ struct edge_t *edge; /* edge associated with this connection */ - rsa_t rsa; /* his public RSA key */ - ecdsa_t ecdsa; /* his public ECDSA key */ - cipher_t incipher; /* Cipher he will use to send data to us */ - cipher_t outcipher; /* Cipher we will use to send data to him */ - digest_t indigest; - digest_t outdigest; + rsa_t *rsa; /* his public RSA key */ + ecdsa_t *ecdsa; /* his public ECDSA key */ + cipher_t *incipher; /* Cipher he will use to send data to us */ + cipher_t *outcipher; /* Cipher we will use to send data to him */ + digest_t *indigest; + digest_t *outdigest; sptps_t sptps; int inmaclength; diff --git a/src/control.c b/src/control.c index 539ff36..84098be 100644 --- a/src/control.c +++ b/src/control.c @@ -137,17 +137,16 @@ bool init_control(void) { randomize(controlcookie, sizeof controlcookie / 2); bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2); + mode_t mask = umask(0); + umask(mask | 077); FILE *f = fopen(pidfilename, "w"); + umask(mask); + if(!f) { logger(DEBUG_ALWAYS, LOG_ERR, "Cannot write control socket cookie file %s: %s", pidfilename, strerror(errno)); return false; } -#ifdef HAVE_FCHMOD - fchmod(fileno(f), 0600); -#else - chmod(pidfilename, 0600); -#endif // Get the address and port of the first listening socket char *localhost = NULL; @@ -157,7 +156,7 @@ bool init_control(void) { // Make sure we have a valid address, and map 0.0.0.0 and :: to 127.0.0.1 and ::1. if(getsockname(listen_socket[0].tcp.fd, (struct sockaddr *)&sa, &len)) { - xasprintf(&localhost, "127.0.0.1 port %d", myport); + xasprintf(&localhost, "127.0.0.1 port %s", myport); } else { if(sa.sa.sa_family == AF_INET) { if(sa.in.sin_addr.s_addr == 0) diff --git a/src/openssl/crypto.h b/src/crypto.h similarity index 93% rename from src/openssl/crypto.h rename to src/crypto.h index 8047bfb..cd3654f 100644 --- a/src/openssl/crypto.h +++ b/src/crypto.h @@ -1,6 +1,6 @@ /* crypto.h -- header for crypto.c - Copyright (C) 2007 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/cygwin/.deps/device.Po b/src/cygwin/.deps/device.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/cygwin/.deps/device.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/cygwin/device.c b/src/cygwin/device.c index b050140..f4dcae4 100644 --- a/src/cygwin/device.c +++ b/src/cygwin/device.c @@ -18,21 +18,21 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "names.h" -#include "net.h" -#include "route.h" -#include "utils.h" -#include "xalloc.h" +#include "../conf.h" +#include "../device.h" +#include "../logger.h" +#include "../names.h" +#include "../net.h" +#include "../route.h" +#include "../utils.h" +#include "../xalloc.h" -#include "mingw/common.h" +#include "../mingw/common.h" int device_fd = -1; static HANDLE device_handle = INVALID_HANDLE_VALUE; diff --git a/src/digest.c b/src/digest.c deleted file mode 100644 index 79db491..0000000 --- a/src/digest.c +++ /dev/null @@ -1,127 +0,0 @@ -/* - digest.c -- Digest handling - Copyright (C) 2007-2012 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" -#include "utils.h" -#include "xalloc.h" - -#include -#include - -#include "digest.h" -#include "logger.h" - -static void set_maclength(digest_t *digest, int maclength) { - int digestlen = EVP_MD_size(digest->digest); - - if(maclength > digestlen || maclength < 0) - digest->maclength = digestlen; - else - digest->maclength = maclength; -} - -bool digest_open_by_name(digest_t *digest, const char *name, int maclength) { - digest->digest = EVP_get_digestbyname(name); - digest->key = NULL; - - if(!digest->digest) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest name '%s'!", name); - return false; - } - - set_maclength(digest, maclength); - return true; -} - -bool digest_open_by_nid(digest_t *digest, int nid, int maclength) { - digest->digest = EVP_get_digestbynid(nid); - digest->key = NULL; - - if(!digest->digest) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest nid %d!", nid); - return false; - } - - set_maclength(digest, maclength); - return true; -} - -bool digest_open_sha1(digest_t *digest, int maclength) { - digest->digest = EVP_sha1(); - digest->key = NULL; - - set_maclength(digest, maclength); - return true; -} - -bool digest_set_key(digest_t *digest, const void *key, size_t len) { - digest->key = xrealloc(digest->key, len); - memcpy(digest->key, key, len); - digest->keylength = len; - return true; -} - -void digest_close(digest_t *digest) { - free(digest->key); - digest->key = NULL; -} - -bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) { - size_t len = EVP_MD_size(digest->digest); - unsigned char tmpdata[len]; - - if(digest->key) { - HMAC(digest->digest, digest->key, digest->keylength, indata, inlen, tmpdata, NULL); - } else { - EVP_MD_CTX ctx; - - if(!EVP_DigestInit(&ctx, digest->digest) - || !EVP_DigestUpdate(&ctx, indata, inlen) - || !EVP_DigestFinal(&ctx, tmpdata, NULL)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "Error creating digest: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - } - - memcpy(outdata, tmpdata, digest->maclength); - return true; -} - -bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *cmpdata) { - size_t len = digest->maclength; - unsigned char outdata[len]; - - return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, digest->maclength); -} - -int digest_get_nid(const digest_t *digest) { - return digest->digest ? digest->digest->type : 0; -} - -size_t digest_keylength(const digest_t *digest) { - return digest->digest->md_size; -} - -size_t digest_length(const digest_t *digest) { - return digest->maclength; -} - -bool digest_active(const digest_t *digest) { - return digest->digest && digest->digest->type != 0; -} diff --git a/src/digest.h b/src/digest.h new file mode 100644 index 0000000..1e14945 --- /dev/null +++ b/src/digest.h @@ -0,0 +1,39 @@ +/* + digest.h -- header file digest.c + Copyright (C) 2007-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#ifndef __TINC_DIGEST_H__ +#define __TINC_DIGEST_H__ + +#define DIGEST_MAX_SIZE 64 + +typedef struct digest digest_t; + +extern digest_t *digest_open_by_name(const char *name, int maclength) __attribute__ ((__malloc__)); +extern digest_t *digest_open_by_nid(int nid, int maclength) __attribute__ ((__malloc__)); +extern digest_t *digest_open_sha1(int maclength) __attribute__ ((__malloc__)); +extern void digest_close(digest_t *); +extern bool digest_create(digest_t *, const void *indata, size_t inlen, void *outdata) __attribute__ ((__warn_unused_result__)); +extern bool digest_verify(digest_t *, const void *indata, size_t inlen, const void *digestdata) __attribute__ ((__warn_unused_result__)); +extern bool digest_set_key(digest_t *, const void *key, size_t len) __attribute__ ((__warn_unused_result__)); +extern int digest_get_nid(const digest_t *); +extern size_t digest_keylength(const digest_t *); +extern size_t digest_length(const digest_t *); +extern bool digest_active(const digest_t *); + +#endif diff --git a/src/dropin.c b/src/dropin.c index ab3fd6b..6d40850 100644 --- a/src/dropin.c +++ b/src/dropin.c @@ -1,7 +1,7 @@ /* dropin.c -- a set of drop-in replacements for libc functions Copyright (C) 2000-2005 Ivo Timmermans, - 2000-2011 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/dropin.h b/src/dropin.h index 5279de7..5601a31 100644 --- a/src/dropin.h +++ b/src/dropin.h @@ -1,7 +1,7 @@ /* dropin.h -- header file for dropin.c Copyright (C) 2000-2005 Ivo Timmermans, - 2000-2011 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -63,4 +63,11 @@ extern int usleep(long long usec); } while (0) #endif +#ifdef HAVE_MINGW +#define mkdir(a, b) mkdir(a) +#ifndef SHUT_RDWR +#define SHUT_RDWR SD_BOTH +#endif +#endif + #endif /* __DROPIN_H__ */ diff --git a/src/ecdh.c b/src/ecdh.c deleted file mode 100644 index f94555d..0000000 --- a/src/ecdh.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - ecdh.c -- Diffie-Hellman key exchange handling - Copyright (C) 2011-2012 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" -#include "utils.h" -#include "xalloc.h" - -#include -#include -#include - -#include "ecdh.h" -#include "logger.h" - -bool ecdh_generate_public(ecdh_t *ecdh, void *pubkey) { - *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!*ecdh) { - logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - if(!EC_KEY_generate_key(*ecdh)) { - EC_KEY_free(*ecdh); - *ecdh = NULL; - logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - const EC_POINT *point = EC_KEY_get0_public_key(*ecdh); - if(!point) { - EC_KEY_free(*ecdh); - *ecdh = NULL; - logger(DEBUG_ALWAYS, LOG_ERR, "Getting public key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - size_t result = EC_POINT_point2oct(EC_KEY_get0_group(*ecdh), point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); - if(!result) { - EC_KEY_free(*ecdh); - *ecdh = NULL; - logger(DEBUG_ALWAYS, LOG_ERR, "Converting EC_POINT to binary failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { - EC_POINT *point = EC_POINT_new(EC_KEY_get0_group(*ecdh)); - if(!point) { - logger(DEBUG_ALWAYS, LOG_ERR, "EC_POINT_new() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - int result = EC_POINT_oct2point(EC_KEY_get0_group(*ecdh), point, pubkey, ECDH_SIZE, NULL); - if(!result) { - EC_POINT_free(point); - logger(DEBUG_ALWAYS, LOG_ERR, "Converting binary to EC_POINT failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - result = ECDH_compute_key(shared, ECDH_SIZE, point, *ecdh, NULL); - EC_POINT_free(point); - EC_KEY_free(*ecdh); - *ecdh = NULL; - - if(!result) { - logger(DEBUG_ALWAYS, LOG_ERR, "Computing Elliptic Curve Diffie-Hellman shared key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -void ecdh_free(ecdh_t *ecdh) { - if(*ecdh) { - EC_KEY_free(*ecdh); - *ecdh = NULL; - } -} diff --git a/src/openssl/ecdh.h b/src/ecdh.h similarity index 78% rename from src/openssl/ecdh.h rename to src/ecdh.h index ef7de6e..fbd4729 100644 --- a/src/openssl/ecdh.h +++ b/src/ecdh.h @@ -1,6 +1,6 @@ /* ecdh.h -- header file for ecdh.c - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,15 +20,15 @@ #ifndef __TINC_ECDH_H__ #define __TINC_ECDH_H__ -#include - #define ECDH_SIZE 67 #define ECDH_SHARED_SIZE 66 -typedef EC_KEY *ecdh_t; +#ifndef __TINC_ECDH_INTERNAL__ +typedef struct ecdh ecdh_t; +#endif -extern bool ecdh_generate_public(ecdh_t *ecdh, void *pubkey); -extern bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared); +extern ecdh_t *ecdh_generate_public(void *pubkey) __attribute__ ((__malloc__)); +extern bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) __attribute__ ((__warn_unused_result__)); extern void ecdh_free(ecdh_t *ecdh); #endif diff --git a/src/ecdsa.c b/src/ecdsa.c deleted file mode 100644 index e2af6f9..0000000 --- a/src/ecdsa.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - ecdsa.c -- ECDSA key handling - Copyright (C) 2011-2012 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" - -#include -#include - -#include "logger.h" -#include "ecdsa.h" -#include "utils.h" - -// Get and set ECDSA keys -// -bool ecdsa_set_base64_public_key(ecdsa_t *ecdsa, const char *p) { - *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!*ecdsa) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "EC_KEY_new_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - int len = strlen(p); - unsigned char pubkey[len / 4 * 3 + 3]; - const unsigned char *ppubkey = pubkey; - len = b64decode(p, (char *)pubkey, len); - - if(!o2i_ECPublicKey(ecdsa, &ppubkey, len)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "o2i_ECPublicKey failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { - unsigned char *pubkey = NULL; - int len = i2o_ECPublicKey(*ecdsa, &pubkey); - - char *base64 = malloc(len * 4 / 3 + 5); - b64encode((char *)pubkey, base64, len); - - free(pubkey); - - return base64; -} - -// Read PEM ECDSA keys - -bool ecdsa_read_pem_public_key(ecdsa_t *ecdsa, FILE *fp) { - *ecdsa = PEM_read_EC_PUBKEY(fp, ecdsa, NULL, NULL); - - if(*ecdsa) - return true; - - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -bool ecdsa_read_pem_private_key(ecdsa_t *ecdsa, FILE *fp) { - *ecdsa = PEM_read_ECPrivateKey(fp, NULL, NULL, NULL); - - if(*ecdsa) - return true; - - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; -} - -size_t ecdsa_size(ecdsa_t *ecdsa) { - return ECDSA_size(*ecdsa); -} - -// TODO: standardise output format? - -bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { - unsigned int siglen = ECDSA_size(*ecdsa); - - unsigned char hash[SHA512_DIGEST_LENGTH]; - SHA512(in, len, hash); - - memset(sig, 0, siglen); - - if(!ECDSA_sign(0, hash, sizeof hash, sig, &siglen, *ecdsa)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_sign() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { - unsigned int siglen = ECDSA_size(*ecdsa); - - unsigned char hash[SHA512_DIGEST_LENGTH]; - SHA512(in, len, hash); - - if(!ECDSA_verify(0, hash, sizeof hash, sig, siglen, *ecdsa)) { - logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_verify() failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; - } - - return true; -} - -bool ecdsa_active(ecdsa_t *ecdsa) { - return *ecdsa; -} - -void ecdsa_free(ecdsa_t *ecdsa) { - if(*ecdsa) { - EC_KEY_free(*ecdsa); - *ecdsa = NULL; - } -} diff --git a/src/openssl/ecdsa.h b/src/ecdsa.h similarity index 69% rename from src/openssl/ecdsa.h rename to src/ecdsa.h index 04f9eb9..d03a58e 100644 --- a/src/openssl/ecdsa.h +++ b/src/ecdsa.h @@ -1,6 +1,6 @@ /* ecdsa.h -- ECDSA key handling - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,17 +20,17 @@ #ifndef __TINC_ECDSA_H__ #define __TINC_ECDSA_H__ -#include +#ifndef __TINC_ECDSA_INTERNAL__ +typedef struct ecdsa ecdsa_t; +#endif -typedef EC_KEY *ecdsa_t; - -extern bool ecdsa_set_base64_public_key(ecdsa_t *ecdsa, const char *p); +extern ecdsa_t *ecdsa_set_base64_public_key(const char *p) __attribute__ ((__malloc__)); extern char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa); -extern bool ecdsa_read_pem_public_key(ecdsa_t *ecdsa, FILE *fp); -extern bool ecdsa_read_pem_private_key(ecdsa_t *ecdsa, FILE *fp); +extern ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) __attribute__ ((__malloc__)); +extern ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) __attribute__ ((__malloc__)); extern size_t ecdsa_size(ecdsa_t *ecdsa); -extern bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t inlen, void *out); -extern bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t inlen, const void *out); +extern bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t inlen, void *out) __attribute__ ((__warn_unused_result__)); +extern bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t inlen, const void *out) __attribute__ ((__warn_unused_result__)); extern bool ecdsa_active(ecdsa_t *ecdsa); extern void ecdsa_free(ecdsa_t *ecdsa); diff --git a/src/openssl/ecdsagen.h b/src/ecdsagen.h similarity index 82% rename from src/openssl/ecdsagen.h rename to src/ecdsagen.h index 8a40e45..12e5c00 100644 --- a/src/openssl/ecdsagen.h +++ b/src/ecdsagen.h @@ -1,6 +1,6 @@ /* ecdsagen.h -- ECDSA key generation and export - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,9 +22,8 @@ #include "ecdsa.h" -extern bool ecdsa_generate(ecdsa_t *ecdsa); -extern bool ecdsa_write_pem_public_key(ecdsa_t *ecdsa, FILE *fp); -extern bool ecdsa_write_pem_private_key(ecdsa_t *ecdsa, FILE *fp); -extern char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa); +extern ecdsa_t *ecdsa_generate(void) __attribute__ ((__malloc__)); +extern bool ecdsa_write_pem_public_key(ecdsa_t *ecdsa, FILE *fp) __attribute__ ((__warn_unused_result__)); +extern bool ecdsa_write_pem_private_key(ecdsa_t *ecdsa, FILE *fp) __attribute__ ((__warn_unused_result__)); #endif diff --git a/src/edge.c b/src/edge.c index fd03327..f185b4f 100644 --- a/src/edge.c +++ b/src/edge.c @@ -1,6 +1,6 @@ /* edge.c -- edge tree management - Copyright (C) 2000-2012 Guus Sliepen , + Copyright (C) 2000-2013 Guus Sliepen , 2000-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -70,7 +70,7 @@ void exit_edges(void) { /* Creation and deletion of connection elements */ edge_t *new_edge(void) { - return xmalloc_and_zero(sizeof(edge_t)); + return xzalloc(sizeof(edge_t)); } void free_edge(edge_t *e) { diff --git a/src/event.c b/src/event.c index 095e7c3..5a1e4f5 100644 --- a/src/event.c +++ b/src/event.c @@ -1,6 +1,6 @@ /* event.c -- I/O, timeout and signal event handling - Copyright (C) 2012 Guus Sliepen + Copyright (C) 2012-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/event.h b/src/event.h index bd91b7b..c6522c0 100644 --- a/src/event.h +++ b/src/event.h @@ -1,6 +1,6 @@ /* event.h -- I/O, timeout and signal event handling - Copyright (C) 2012 Guus Sliepen + Copyright (C) 2012-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/fake-gai-errnos.h b/src/fake-gai-errnos.h index 33913eb..2f41d8f 100644 --- a/src/fake-gai-errnos.h +++ b/src/fake-gai-errnos.h @@ -17,3 +17,7 @@ #ifndef EAI_FAMILY #define EAI_FAMILY 3 #endif + +#ifndef EAI_SYSTEM +#define EAI_SYSTEM 4 +#endif diff --git a/src/fake-getaddrinfo.c b/src/fake-getaddrinfo.c index db50f73..cb821b5 100644 --- a/src/fake-getaddrinfo.c +++ b/src/fake-getaddrinfo.c @@ -48,7 +48,7 @@ void freeaddrinfo(struct addrinfo *ai) { static struct addrinfo *malloc_ai(uint16_t port, uint32_t addr) { struct addrinfo *ai; - ai = xmalloc_and_zero(sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); + ai = xzalloc(sizeof(struct addrinfo) + sizeof(struct sockaddr_in)); ai->ai_addr = (struct sockaddr *)(ai + 1); ai->ai_addrlen = sizeof(struct sockaddr_in); diff --git a/src/gcrypt/.deps/cipher.Po b/src/gcrypt/.deps/cipher.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/cipher.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/crypto.Po b/src/gcrypt/.deps/crypto.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/crypto.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/digest.Po b/src/gcrypt/.deps/digest.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/digest.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/ecdh.Po b/src/gcrypt/.deps/ecdh.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/ecdh.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/ecdsa.Po b/src/gcrypt/.deps/ecdsa.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/ecdsa.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/ecdsagen.Po b/src/gcrypt/.deps/ecdsagen.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/ecdsagen.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/prf.Po b/src/gcrypt/.deps/prf.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/prf.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/rsa.Po b/src/gcrypt/.deps/rsa.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/rsa.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/.deps/rsagen.Po b/src/gcrypt/.deps/rsagen.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/gcrypt/.deps/rsagen.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/gcrypt/ecdh.c b/src/gcrypt/ecdh.c new file mode 100644 index 0000000..4e30733 --- /dev/null +++ b/src/gcrypt/ecdh.c @@ -0,0 +1,37 @@ +/* + ecdh.c -- Diffie-Hellman key exchange handling + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "../ecdh.h" +#include "../logger.h" +#include "../utils.h" +#include "../xalloc.h" + +ecdh_t *ecdh_generate_public(void *pubkey) { + logger(DEBUG_ALWAYS, LOG_ERR, "EC support using libgcrypt not implemented"); + return NULL; +} + +bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { + return false +} + +void ecdh_free(ecdh_t *ecdh) { +} diff --git a/src/gcrypt/ecdsa.c b/src/gcrypt/ecdsa.c new file mode 100644 index 0000000..ee19aec --- /dev/null +++ b/src/gcrypt/ecdsa.c @@ -0,0 +1,67 @@ +/* + ecdsa.c -- ECDSA key handling + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "../logger.h" +#include "../ecdsa.h" +#include "../utils.h" +#include "../xalloc.h" + +// Get and set ECDSA keys +// +ecdsa_t *ecdsa_set_base64_public_key(const char *p) { + logger(DEBUG_ALWAYS, LOG_ERR, "EC support using libgcrypt not implemented"); + return NULL; +} + +char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { + return NULL; +} + +// Read PEM ECDSA keys + +ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) { + logger(DEBUG_ALWAYS, LOG_ERR, "EC support using libgcrypt not implemented"); + return NULL; +} + +ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) { + logger(DEBUG_ALWAYS, LOG_ERR, "EC support using libgcrypt not implemented"); + return NULL; +} + +size_t ecdsa_size(ecdsa_t *ecdsa) { + return 0; +} + +bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { + return false; +} + +bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { + return false; +} + +bool ecdsa_active(ecdsa_t *ecdsa) { + return false; +} + +void ecdsa_free(ecdsa_t *ecdsa) { +} diff --git a/src/crypto.c b/src/gcrypt/ecdsagen.c similarity index 58% rename from src/crypto.c rename to src/gcrypt/ecdsagen.c index c695be8..2d4912d 100644 --- a/src/crypto.c +++ b/src/gcrypt/ecdsagen.c @@ -1,6 +1,6 @@ /* - crypto.c -- Cryptographic miscellaneous functions and initialisation - Copyright (C) 2007 Guus Sliepen + ecdsagen.c -- ECDSA key generation and export + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,27 +17,25 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" -#include -#include -#include +#include "../ecdsagen.h" +#include "../utils.h" +#include "../xalloc.h" -#include "crypto.h" +// Generate ECDSA key -void crypto_init(void) { - RAND_load_file("/dev/urandom", 1024); - - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); - - OpenSSL_add_all_algorithms(); +ecdsa_t *ecdsa_generate(void) { + logger(DEBUG_ALWAYS, LOG_ERR, "EC support using libgcrypt not implemented"); + return NULL; } -void crypto_exit(void) { - EVP_cleanup(); +// Write PEM ECDSA keys + +bool ecdsa_write_pem_public_key(ecdsa_t *ecdsa, FILE *fp) { + return false; } -void randomize(void *out, size_t outlen) { - RAND_pseudo_bytes(out, outlen); +bool ecdsa_write_pem_private_key(ecdsa_t *ecdsa, FILE *fp) { + return false; } diff --git a/src/gcrypt/prf.c b/src/gcrypt/prf.c new file mode 100644 index 0000000..f9a2112 --- /dev/null +++ b/src/gcrypt/prf.c @@ -0,0 +1,29 @@ +/* + prf.c -- Pseudo-Random Function for key material generation + Copyright (C) 2011-2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../system.h" + +#include "digest.h" +#include "../digest.h" +#include "../prf.h" + +bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) { + logger(DEBUG_ALWAYS, LOG_ERR, "PRF support using libgcrypt not implemented"); + return false; +} diff --git a/src/getopt.c b/src/getopt.c index a6782ed..d63887e 100644 --- a/src/getopt.c +++ b/src/getopt.c @@ -31,7 +31,7 @@ with this program; if not, write to the Free Software Foundation, Inc., #endif #ifdef HAVE_CONFIG_H -#include +#include "../config.h" #endif #if !defined (__STDC__) || !__STDC__ diff --git a/src/getopt1.c b/src/getopt1.c index 86545f2..19605a5 100644 --- a/src/getopt1.c +++ b/src/getopt1.c @@ -20,7 +20,7 @@ with this program; if not, write to the Free Software Foundation, Inc., */ #ifdef HAVE_CONFIG_H -#include +#include "../config.h" #endif #include "getopt.h" diff --git a/src/graph.c b/src/graph.c index 4506379..b4c01bb 100644 --- a/src/graph.c +++ b/src/graph.c @@ -44,7 +44,6 @@ #include "system.h" -#include "config.h" #include "connection.h" #include "device.h" #include "edge.h" @@ -236,7 +235,7 @@ static void check_reachability(void) { char *name; char *address; char *port; - char *envp[7]; + char *envp[8] = {NULL}; xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); @@ -245,7 +244,7 @@ static void check_reachability(void) { sockaddr2str(&n->address, &address, &port); xasprintf(&envp[4], "REMOTEADDRESS=%s", address); xasprintf(&envp[5], "REMOTEPORT=%s", port); - envp[6] = NULL; + xasprintf(&envp[6], "NAME=%s", myself->name); execute_script(n->status.reachable ? "host-up" : "host-down", envp); @@ -256,7 +255,7 @@ static void check_reachability(void) { free(address); free(port); - for(int i = 0; i < 6; i++) + for(int i = 0; i < 7; i++) free(envp[i]); subnet_update(n, NULL, n->status.reachable); diff --git a/src/hash.c b/src/hash.c index 1d203c5..8fb9ca6 100644 --- a/src/hash.c +++ b/src/hash.c @@ -1,6 +1,6 @@ /* hash.c -- hash table management - Copyright (C) 2012 Guus Sliepen + Copyright (C) 2012-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -29,7 +29,7 @@ static uint32_t hash_function(const void *p, size_t len) { uint32_t hash = 0; while(true) { for(int i = len > 4 ? 4 : len; --i;) - hash += q[i] << (8 * i); + hash += q[len - i] << (8 * i); hash *= 0x9e370001UL; // Golden ratio prime. if(len <= 4) break; @@ -52,11 +52,11 @@ static uint32_t modulo(uint32_t hash, size_t n) { /* (De)allocation */ hash_t *hash_alloc(size_t n, size_t size) { - hash_t *hash = xmalloc_and_zero(sizeof *hash); + hash_t *hash = xzalloc(sizeof *hash); hash->n = n; hash->size = size; - hash->keys = xmalloc_and_zero(hash->n * hash->size); - hash->values = xmalloc_and_zero(hash->n * sizeof *hash->values); + hash->keys = xzalloc(hash->n * hash->size); + hash->values = xzalloc(hash->n * sizeof *hash->values); return hash; } diff --git a/have.h b/src/have.h similarity index 98% rename from have.h rename to src/have.h index 6d65bcd..3ada63a 100644 --- a/have.h +++ b/src/have.h @@ -1,7 +1,7 @@ /* have.h -- include headers which are known to exist Copyright (C) 1998-2005 Ivo Timmermans - 2003-2012 Guus Sliepen + 2003-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/info.c b/src/info.c index 8e91a22..af085bc 100644 --- a/src/info.c +++ b/src/info.c @@ -1,6 +1,6 @@ /* info.c -- Show information about a node, subnet or address - Copyright (C) 2012 Guus Sliepen + Copyright (C) 2012-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -31,6 +31,7 @@ void logger(int level, int priority, const char *format, ...) { va_start(ap, format); vfprintf(stderr, format, ap); va_end(ap); + fputc('\n', stderr); } char *strip_weight(char *netstr) { diff --git a/src/invitation.c b/src/invitation.c new file mode 100644 index 0000000..f1cde58 --- /dev/null +++ b/src/invitation.c @@ -0,0 +1,939 @@ +/* + invitation.c -- Create and accept invitations + Copyright (C) 2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "system.h" + +#include "control_common.h" +#include "crypto.h" +#include "ecdsa.h" +#include "ecdsagen.h" +#include "invitation.h" +#include "names.h" +#include "netutl.h" +#include "rsagen.h" +#include "sptps.h" +#include "tincctl.h" +#include "utils.h" +#include "xalloc.h" + +#ifdef HAVE_MINGW +#define SCRIPTEXTENSION ".bat" +#else +#define SCRIPTEXTENSION "" +#endif + +int addressfamily = AF_UNSPEC; + +char *get_my_hostname() { + char *hostname = NULL; + char *port = NULL; + char *hostport = NULL; + char *name = get_my_name(false); + char *filename = NULL; + + // Use first Address statement in own host config file + if(check_id(name)) { + xasprintf(&filename, "%s" SLASH "hosts" SLASH "%s", confbase, name); + FILE *f = fopen(filename, "r"); + if(f) { + while(fgets(line, sizeof line, f)) { + if(!rstrip(line)) + continue; + char *p = line, *q; + p += strcspn(p, "\t ="); + if(!*p) + continue; + q = p + strspn(p, "\t "); + if(*q == '=') + q += 1 + strspn(q + 1, "\t "); + *p = 0; + p = q + strcspn(q, "\t "); + if(*p) + *p++ = 0; + p += strspn(p, "\t "); + p[strcspn(p, "\t ")] = 0; + if(!port && !strcasecmp(line, "Port")) { + port = xstrdup(q); + continue; + } + if(strcasecmp(line, "Address")) + continue; + hostname = xstrdup(q); + if(*p) { + free(port); + port = xstrdup(p); + } + break; + } + fclose(f); + } + } + + if(hostname) + goto done; + + // If that doesn't work, guess externally visible hostname + fprintf(stderr, "Trying to discover externally visible hostname...\n"); + struct addrinfo *ai = str2addrinfo("ifconfig.me", "80", SOCK_STREAM); + static const char request[] = "GET /host HTTP/1.0\r\n\r\n"; + if(ai) { + int s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if(s >= 0) { + if(connect(s, ai->ai_addr, ai->ai_addrlen)) { + closesocket(s); + s = -1; + } + } + if(s >= 0) { + send(s, request, sizeof request - 1, 0); + int len = recv(s, line, sizeof line - 1, MSG_WAITALL); + if(len > 0) { + line[len] = 0; + if(line[len - 1] == '\n') + line[--len] = 0; + char *p = strrchr(line, '\n'); + if(p && p[1]) + hostname = xstrdup(p + 1); + } + closesocket(s); + } + freeaddrinfo(ai); + } + + // Check that the hostname is reasonable + if(hostname) { + for(char *p = hostname; *p; p++) { + if(isalnum(*p) || *p == '-' || *p == '.') + continue; + // If not, forget it. + free(hostname); + hostname = NULL; + break; + } + } + +again: + printf("Please enter your host's external address or hostname"); + if(hostname) + printf(" [%s]", hostname); + printf(": "); + fflush(stdout); + + if(!fgets(line, sizeof line, stdin)) { + fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); + free(hostname); + return NULL; + } + + if(!rstrip(line)) { + if(hostname) + goto save; + else + goto again; + } + + for(char *p = line; *p; p++) { + if(isalnum(*p) || *p == '-' || *p == '.') + continue; + fprintf(stderr, "Invalid address or hostname.\n"); + goto again; + } + + free(hostname); + hostname = xstrdup(line); + +save: + if(filename) { + FILE *f = fopen(filename, "a"); + if(f) { + fprintf(f, "\nAddress = %s\n", hostname); + fclose(f); + } else { + fprintf(stderr, "Could not append Address to %s: %s\n", filename, strerror(errno)); + } + } + +done: + if(port) { + if(strchr(hostname, ':')) + xasprintf(&hostport, "[%s]:%s", hostname, port); + else + xasprintf(&hostport, "%s:%s", hostname, port); + } else { + hostport = hostname; + hostname = NULL; + } + + free(hostname); + free(port); + free(filename); + return hostport; +} + +static bool fcopy(FILE *out, const char *filename) { + FILE *in = fopen(filename, "r"); + if(!in) { + fprintf(stderr, "Could not open %s: %s\n", filename, strerror(errno)); + return false; + } + + char buf[1024]; + size_t len; + while((len = fread(buf, 1, sizeof buf, in))) + fwrite(buf, len, 1, out); + fclose(in); + return true; +} + +int cmd_invite(int argc, char *argv[]) { + if(argc < 2) { + fprintf(stderr, "Not enough arguments!\n"); + return 1; + } + + // Check validity of the new node's name + if(!check_id(argv[1])) { + fprintf(stderr, "Invalid name for node.\n"); + return 1; + } + + char *myname = get_my_name(true); + if(!myname) + return 1; + + // Ensure no host configuration file with that name exists + char *filename = NULL; + xasprintf(&filename, "%s" SLASH "hosts" SLASH "%s", confbase, argv[1]); + if(!access(filename, F_OK)) { + free(filename); + fprintf(stderr, "A host config file for %s already exists!\n", argv[1]); + return 1; + } + free(filename); + + // If a daemon is running, ensure no other nodes now about this name + bool found = false; + if(connect_tincd(false)) { + sendline(fd, "%d %d", CONTROL, REQ_DUMP_NODES); + + while(recvline(fd, line, sizeof line)) { + char node[4096]; + int code, req; + if(sscanf(line, "%d %d %s", &code, &req, node) != 3) + break; + if(!strcmp(node, argv[1])) + found = true; + } + + if(found) { + fprintf(stderr, "A node with name %s is already known!\n", argv[1]); + return 1; + } + } + + char hash[25]; + + xasprintf(&filename, "%s" SLASH "invitations", confbase); + if(mkdir(filename, 0700) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", filename, strerror(errno)); + free(filename); + return 1; + } + + // Count the number of valid invitations, clean up old ones + DIR *dir = opendir(filename); + if(!dir) { + fprintf(stderr, "Could not read directory %s: %s\n", filename, strerror(errno)); + free(filename); + return 1; + } + + errno = 0; + int count = 0; + struct dirent *ent; + time_t deadline = time(NULL) - 604800; // 1 week in the past + + while((ent = readdir(dir))) { + if(strlen(ent->d_name) != 24) + continue; + char *invname; + struct stat st; + xasprintf(&invname, "%s" SLASH "%s", filename, ent->d_name); + if(!stat(invname, &st)) { + if(deadline < st.st_mtime) + count++; + else + unlink(invname); + } else { + fprintf(stderr, "Could not stat %s: %s\n", invname, strerror(errno)); + errno = 0; + } + free(invname); + } + + if(errno) { + fprintf(stderr, "Error while reading directory %s: %s\n", filename, strerror(errno)); + closedir(dir); + free(filename); + return 1; + } + + closedir(dir); + free(filename); + + ecdsa_t *key; + xasprintf(&filename, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase); + + // Remove the key if there are no outstanding invitations. + if(!count) + unlink(filename); + + // Create a new key if necessary. + FILE *f = fopen(filename, "r"); + if(!f) { + if(errno != ENOENT) { + fprintf(stderr, "Could not read %s: %s\n", filename, strerror(errno)); + free(filename); + return 1; + } + + key = ecdsa_generate(); + if(!key) { + free(filename); + return 1; + } + f = fopen(filename, "w"); + if(!f) { + fprintf(stderr, "Could not write %s: %s\n", filename, strerror(errno)); + free(filename); + return 1; + } + chmod(filename, 0600); + ecdsa_write_pem_private_key(key, f); + } else { + key = ecdsa_read_pem_private_key(f); + if(!key) + fprintf(stderr, "Could not read private key from %s\n", filename); + } + fclose(f); + free(filename); + if(!key) + return 1; + + // Create a hash of the key. + char *fingerprint = ecdsa_get_base64_public_key(key); + digest_t *digest = digest_open_by_name("sha256", 18); + if(!digest) + abort(); + digest_create(digest, fingerprint, strlen(fingerprint), hash); + b64encode_urlsafe(hash, hash, 18); + + // Create a random cookie for this invitation. + char cookie[25]; + randomize(cookie, 18); + b64encode_urlsafe(cookie, cookie, 18); + + // Create a file containing the details of the invitation. + xasprintf(&filename, "%s" SLASH "invitations" SLASH "%s", confbase, cookie); + int ifd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600); + if(!ifd) { + fprintf(stderr, "Could not create invitation file %s: %s\n", filename, strerror(errno)); + free(filename); + return 1; + } + free(filename); + f = fdopen(ifd, "w"); + if(!f) + abort(); + + // Fill in the details. + fprintf(f, "Name = %s\n", argv[1]); + if(netname) + fprintf(f, "NetName = %s\n", netname); + fprintf(f, "ConnectTo = %s\n", myname); + // TODO: copy Broadcast and Mode + fprintf(f, "#---------------------------------------------------------------#\n"); + fprintf(f, "Name = %s\n", myname); + + xasprintf(&filename, "%s" SLASH "hosts" SLASH "%s", confbase, myname); + fcopy(f, filename); + fclose(f); + + // Create an URL from the local address, key hash and cookie + char *address = get_my_hostname(); + printf("%s/%s%s\n", address, hash, cookie); + free(filename); + free(address); + + return 0; +} + +static int sock; +static char cookie[18]; +static sptps_t sptps; +static char *data; +static size_t datalen; +static bool success = false; + +static char cookie[18], hash[18]; + +static char *get_line(const char **data) { + if(!data || !*data) + return NULL; + + if(!**data) { + *data = NULL; + return NULL; + } + + static char line[1024]; + const char *end = strchr(*data, '\n'); + size_t len = end ? end - *data : strlen(*data); + if(len >= sizeof line) { + fprintf(stderr, "Maximum line length exceeded!\n"); + return NULL; + } + if(len && !isprint(**data)) + abort(); + + memcpy(line, *data, len); + line[len] = 0; + + if(end) + *data = end + 1; + else + *data = NULL; + + return line; +} + +static char *get_value(const char *data, const char *var) { + char *line = get_line(&data); + if(!line) + return NULL; + + char *sep = line + strcspn(line, " \t="); + char *val = sep + strspn(sep, " \t"); + if(*val == '=') + val += 1 + strspn(val + 1, " \t"); + *sep = 0; + if(strcasecmp(line, var)) + return NULL; + return val; +} + +static char *grep(const char *data, const char *var) { + static char value[1024]; + + const char *p = data; + int varlen = strlen(var); + + // Skip all lines not starting with var + while(strncasecmp(p, var, varlen) || !strchr(" \t=", p[varlen])) { + p = strchr(p, '\n'); + if(!p) + break; + else + p++; + } + + if(!p) + return NULL; + + p += varlen; + p += strspn(p, " \t"); + if(*p == '=') + p += 1 + strspn(p + 1, " \t"); + + const char *e = strchr(p, '\n'); + if(!e) + return xstrdup(p); + + if(e - p >= sizeof value) { + fprintf(stderr, "Maximum line length exceeded!\n"); + return NULL; + } + + memcpy(value, p, e - p); + value[e - p] = 0; + return value; +} + +static bool finalize_join(void) { + char *name = xstrdup(get_value(data, "Name")); + if(!name) { + fprintf(stderr, "No Name found in invitation!\n"); + return false; + } + + if(!check_id(name)) { + fprintf(stderr, "Invalid Name found in invitation: %s!\n", name); + return false; + } + + if(!netname) + netname = grep(data, "NetName"); + + bool ask_netname = false; + char temp_netname[32]; + +make_names: + if(!confbasegiven) { + free(confbase); + confbase = NULL; + } + + make_names(); + + free(tinc_conf); + free(hosts_dir); + + xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase); + xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase); + + if(!access(tinc_conf, F_OK)) { + fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf); + if(!tty || confbasegiven) + return false; + + // Generate a random netname, ask for a better one later. + ask_netname = true; + snprintf(temp_netname, sizeof temp_netname, "join_%x", rand()); + netname = temp_netname; + goto make_names; + } + + if(mkdir(confbase, 0777) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); + return false; + } + + if(mkdir(hosts_dir, 0777) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", hosts_dir, strerror(errno)); + return false; + } + + FILE *f = fopen(tinc_conf, "w"); + if(!f) { + fprintf(stderr, "Could not create file %s: %s\n", tinc_conf, strerror(errno)); + return false; + } + + fprintf(f, "Name = %s\n", name); + + char *filename; + xasprintf(&filename, "%s" SLASH "%s", hosts_dir, name); + FILE *fh = fopen(filename, "w"); + if(!fh) { + fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); + return false; + } + + // Filter first chunk on approved keywords, split between tinc.conf and hosts/Name + // Other chunks go unfiltered to their respective host config files + const char *p = data; + char *l, *value; + + while((l = get_line(&p))) { + // Ignore comments + if(*l == '#') + continue; + + // Split line into variable and value + int len = strcspn(l, "\t ="); + value = l + len; + value += strspn(value, "\t "); + if(*value == '=') { + value++; + value += strspn(value, "\t "); + } + l[len] = 0; + + // Is it a Name? + if(!strcasecmp(l, "Name")) + if(strcmp(value, name)) + break; + else + continue; + else if(!strcasecmp(l, "NetName")) + continue; + + // Check the list of known variables + bool found = false; + int i; + for(i = 0; variables[i].name; i++) { + if(strcasecmp(l, variables[i].name)) + continue; + found = true; + break; + } + + // Ignore unknown and unsafe variables + if(!found) { + fprintf(stderr, "Ignoring unknown variable '%s' in invitation.\n", l); + continue; + } else if(!(variables[i].type & VAR_SAFE)) { + fprintf(stderr, "Ignoring unsafe variable '%s' in invitation.\n", l); + continue; + } + + // Copy the safe variable to the right config file + fprintf(variables[i].type & VAR_HOST ? fh : f, "%s = %s\n", l, value); + } + + fclose(f); + free(filename); + + while(l && !strcasecmp(l, "Name")) { + if(!check_id(value)) { + fprintf(stderr, "Invalid Name found in invitation.\n"); + return false; + } + + if(!strcmp(value, name)) { + fprintf(stderr, "Secondary chunk would overwrite our own host config file.\n"); + return false; + } + + xasprintf(&filename, "%s" SLASH "%s", hosts_dir, value); + f = fopen(filename, "w"); + + if(!f) { + fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); + return false; + } + + while((l = get_line(&p))) { + if(!strcmp(l, "#---------------------------------------------------------------#")) + continue; + int len = strcspn(l, "\t ="); + if(len == 4 && !strncasecmp(l, "Name", 4)) { + value = l + len; + value += strspn(value, "\t "); + if(*value == '=') { + value++; + value += strspn(value, "\t "); + } + l[len] = 0; + break; + } + + fputs(l, f); + fputc('\n', f); + } + + fclose(f); + free(filename); + } + + // Generate our key and send a copy to the server + ecdsa_t *key = ecdsa_generate(); + if(!key) + return false; + + char *b64key = ecdsa_get_base64_public_key(key); + if(!b64key) + return false; + + xasprintf(&filename, "%s" SLASH "ecdsa_key.priv", confbase); + f = fopenmask(filename, "w", 0600); + + if(!ecdsa_write_pem_private_key(key, f)) { + fprintf(stderr, "Error writing private key!\n"); + ecdsa_free(key); + fclose(f); + return false; + } + + fclose(f); + + fprintf(fh, "ECDSAPublicKey = %s\n", b64key); + + sptps_send_record(&sptps, 1, b64key, strlen(b64key)); + free(b64key); + + + rsa_t *rsa = rsa_generate(2048, 0x1001); + xasprintf(&filename, "%s" SLASH "rsa_key.priv", confbase); + f = fopenmask(filename, "w", 0600); + + rsa_write_pem_private_key(rsa, f); + fclose(f); + + rsa_write_pem_public_key(rsa, fh); + fclose(fh); + + ecdsa_free(key); + rsa_free(rsa); + + check_port(name); + + fprintf(stderr, "Invitation succesfully accepted.\n"); + shutdown(sock, SHUT_RDWR); + success = true; + +ask_netname: + if(ask_netname) { + fprintf(stderr, "Enter a new netname: "); + if(!fgets(line, sizeof line, stdin)) { + fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); + return false; + } + if(!*line || *line == '\n') + goto ask_netname; + + line[strlen(line) - 1] = 0; + + char *newbase; + xasprintf(&newbase, CONFDIR SLASH "tinc" SLASH "%s", line); + if(rename(confbase, newbase)) { + fprintf(stderr, "Error trying to rename %s to %s: %s\n", confbase, newbase, strerror(errno)); + free(newbase); + goto ask_netname; + } + + free(newbase); + netname = line; + make_names(); + } + + return true; +} + +static bool invitation_send(void *handle, uint8_t type, const char *data, size_t len) { + while(len) { + int result = send(sock, data, len, 0); + if(result == -1 && errno == EINTR) + continue; + else if(result <= 0) + return false; + data += result; + len -= result; + } + return true; +} + +static bool invitation_receive(void *handle, uint8_t type, const char *msg, uint16_t len) { + switch(type) { + case SPTPS_HANDSHAKE: + return sptps_send_record(&sptps, 0, cookie, sizeof cookie); + + case 0: + data = xrealloc(data, datalen + len + 1); + memcpy(data + datalen, msg, len); + datalen += len; + data[datalen] = 0; + break; + + case 1: + return finalize_join(); + + default: + return false; + } + + return true; +} + +int cmd_join(int argc, char *argv[]) { + free(data); + data = NULL; + datalen = 0; + + if(argc > 2) { + fprintf(stderr, "Too many arguments!\n"); + return 1; + } + + // Make sure confbase exists and is accessible. + if(strcmp(confdir, confbase) && mkdir(confdir, 0755) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", confdir, strerror(errno)); + return 1; + } + + if(mkdir(confbase, 0777) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); + return 1; + } + + if(access(confbase, R_OK | W_OK | X_OK)) { + fprintf(stderr, "No permission to write in directory %s: %s\n", confbase, strerror(errno)); + return 1; + } + + // If a netname or explicit configuration directory is specified, check for an existing tinc.conf. + if((netname || confbasegiven) && !access(tinc_conf, F_OK)) { + fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf); + return 1; + } + + // Either read the invitation from the command line or from stdin. + char *invitation; + + if(argc > 1) { + invitation = argv[1]; + } else { + if(tty) { + printf("Enter invitation URL: "); + fflush(stdout); + } + errno = EPIPE; + if(!fgets(line, sizeof line, stdin)) { + fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); + return false; + } + invitation = line; + } + + // Parse the invitation URL. + rstrip(line); + + char *slash = strchr(invitation, '/'); + if(!slash) + goto invalid; + + *slash++ = 0; + + if(strlen(slash) != 48) + goto invalid; + + char *address = invitation; + char *port = NULL; + if(*address == '[') { + address++; + char *bracket = strchr(address, ']'); + if(!bracket) + goto invalid; + *bracket = 0; + if(bracket[1] == ':') + port = bracket + 2; + } else { + port = strchr(address, ':'); + if(port) + *port++ = 0; + } + + if(!port || !*port) + port = "655"; + + if(!b64decode(slash, hash, 18) || !b64decode(slash + 24, cookie, 18)) + goto invalid; + + // Generate a throw-away key for the invitation. + ecdsa_t *key = ecdsa_generate(); + if(!key) + return 1; + + char *b64key = ecdsa_get_base64_public_key(key); + + // Connect to the tinc daemon mentioned in the URL. + struct addrinfo *ai = str2addrinfo(address, port, SOCK_STREAM); + if(!ai) + return 1; + + sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); + if(sock <= 0) { + fprintf(stderr, "Could not open socket: %s\n", strerror(errno)); + return 1; + } + + if(connect(sock, ai->ai_addr, ai->ai_addrlen)) { + fprintf(stderr, "Could not connect to %s port %s: %s\n", address, port, strerror(errno)); + closesocket(sock); + return 1; + } + + fprintf(stderr, "Connected to %s port %s...\n", address, port); + + // Tell him we have an invitation, and give him our throw-away key. + int len = snprintf(line, sizeof line, "0 ?%s %d.%d\n", b64key, PROT_MAJOR, PROT_MINOR); + if(len <= 0 || len >= sizeof line) + abort(); + + if(!sendline(sock, "0 ?%s %d.%d", b64key, PROT_MAJOR, 1)) { + fprintf(stderr, "Error sending request to %s port %s: %s\n", address, port, strerror(errno)); + closesocket(sock); + return 1; + } + + char hisname[4096] = ""; + int code, hismajor, hisminor = 0; + + if(!recvline(sock, line, sizeof line) || sscanf(line, "%d %s %d.%d", &code, hisname, &hismajor, &hisminor) < 3 || code != 0 || hismajor != PROT_MAJOR || !check_id(hisname) || !recvline(sock, line, sizeof line) || !rstrip(line) || sscanf(line, "%d ", &code) != 1 || code != ACK || strlen(line) < 3) { + fprintf(stderr, "Cannot read greeting from peer\n"); + closesocket(sock); + return 1; + } + + // Check if the hash of the key he gave us matches the hash in the URL. + char *fingerprint = line + 2; + digest_t *digest = digest_open_by_name("sha256", 18); + if(!digest) + abort(); + char hishash[18]; + if(!digest_create(digest, fingerprint, strlen(fingerprint), hishash)) { + fprintf(stderr, "Could not create digest\n%s\n", line + 2); + return 1; + } + if(memcmp(hishash, hash, 18)) { + fprintf(stderr, "Peer has an invalid key!\n%s\n", line + 2); + return 1; + + } + + ecdsa_t *hiskey = ecdsa_set_base64_public_key(fingerprint); + if(!hiskey) + return 1; + + // Start an SPTPS session + if(!sptps_start(&sptps, NULL, true, false, key, hiskey, "tinc invitation", 15, invitation_send, invitation_receive)) + return 1; + + // Feed rest of input buffer to SPTPS + if(!sptps_receive_data(&sptps, buffer, blen)) + return 1; + + while((len = recv(sock, line, sizeof line, 0))) { + if(len < 0) { + if(errno == EINTR) + continue; + fprintf(stderr, "Error reading data from %s port %s: %s\n", address, port, strerror(errno)); + return 1; + } + + if(!sptps_receive_data(&sptps, line, len)) + return 1; + } + + sptps_stop(&sptps); + ecdsa_free(hiskey); + ecdsa_free(key); + closesocket(sock); + + if(!success) { + fprintf(stderr, "Connection closed by peer, invitation cancelled.\n"); + return 1; + } + + return 0; + +invalid: + fprintf(stderr, "Invalid invitation URL.\n"); + return 1; +} diff --git a/src/invitation.h b/src/invitation.h new file mode 100644 index 0000000..3d017e9 --- /dev/null +++ b/src/invitation.h @@ -0,0 +1,27 @@ +/* + invitation.h -- header for invitation.c. + Copyright (C) 2013 Guus Sliepen + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#ifndef __TINC_INVITATION_H__ +#define __TINC_INVITATION_H__ + +bool recvdata(int fd, char *data, size_t len); +int cmd_invite(int argc, char *argv[]); +int cmd_join(int argc, char *argv[]); + +#endif diff --git a/src/linux/.deps/.dirstamp b/src/linux/.deps/.dirstamp new file mode 100644 index 0000000..e69de29 diff --git a/src/linux/.deps/device.Po b/src/linux/.deps/device.Po new file mode 100644 index 0000000..8541068 --- /dev/null +++ b/src/linux/.deps/device.Po @@ -0,0 +1,467 @@ +linux/device.o: linux/device.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h linux/../system.h \ + linux/../../config.h linux/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h linux/../dropin.h \ + linux/../fake-getaddrinfo.h linux/../fake-gai-errnos.h \ + linux/../fake-getnameinfo.h /usr/include/linux/if_tun.h \ + /usr/include/linux/filter.h linux/../conf.h linux/../splay_tree.h \ + linux/../list.h linux/../subnet.h linux/../net.h linux/../ipv6.h \ + linux/../cipher.h linux/../digest.h linux/../event.h linux/../conf.h \ + linux/../connection.h linux/../buffer.h linux/../rsa.h linux/../sptps.h \ + linux/../system.h linux/../ecdh.h linux/../ecdsa.h linux/../edge.h \ + linux/../node.h linux/../device.h linux/../logger.h linux/../names.h \ + linux/../net.h linux/../route.h linux/../utils.h linux/../xalloc.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +linux/../system.h: + +linux/../../config.h: + +linux/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +linux/../dropin.h: + +linux/../fake-getaddrinfo.h: + +linux/../fake-gai-errnos.h: + +linux/../fake-getnameinfo.h: + +/usr/include/linux/if_tun.h: + +/usr/include/linux/filter.h: + +linux/../conf.h: + +linux/../splay_tree.h: + +linux/../list.h: + +linux/../subnet.h: + +linux/../net.h: + +linux/../ipv6.h: + +linux/../cipher.h: + +linux/../digest.h: + +linux/../event.h: + +linux/../conf.h: + +linux/../connection.h: + +linux/../buffer.h: + +linux/../rsa.h: + +linux/../sptps.h: + +linux/../system.h: + +linux/../ecdh.h: + +linux/../ecdsa.h: + +linux/../edge.h: + +linux/../node.h: + +linux/../device.h: + +linux/../logger.h: + +linux/../names.h: + +linux/../net.h: + +linux/../route.h: + +linux/../utils.h: + +linux/../xalloc.h: diff --git a/src/linux/.dirstamp b/src/linux/.dirstamp new file mode 100644 index 0000000..e69de29 diff --git a/src/linux/device.c b/src/linux/device.c index e262c6a..127e3e8 100644 --- a/src/linux/device.c +++ b/src/linux/device.c @@ -18,20 +18,20 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #define DEFAULT_DEVICE "/dev/net/tun" -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "names.h" -#include "net.h" -#include "route.h" -#include "utils.h" -#include "xalloc.h" -#include "device.h" +#include "../conf.h" +#include "../device.h" +#include "../logger.h" +#include "../names.h" +#include "../net.h" +#include "../route.h" +#include "../utils.h" +#include "../xalloc.h" +#include "../device.h" typedef enum device_type_t { DEVICE_TYPE_TUN, @@ -84,6 +84,8 @@ static bool setup_device(void) { device_type = DEVICE_TYPE_TUN; device_info = "Linux tun/tap device (tun mode)"; } else { + if (routing_mode == RMODE_ROUTER) + overwrite_mac = true; ifr.ifr_flags = IFF_TAP | IFF_NO_PI; device_type = DEVICE_TYPE_TAP; device_info = "Linux tun/tap device (tap mode)"; diff --git a/src/linux/device.o b/src/linux/device.o new file mode 100644 index 0000000..6502843 Binary files /dev/null and b/src/linux/device.o differ diff --git a/src/list.c b/src/list.c index 2dd414a..0bbc5d4 100644 --- a/src/list.c +++ b/src/list.c @@ -1,7 +1,7 @@ /* list.c -- functions to deal with double linked lists Copyright (C) 2000-2005 Ivo Timmermans - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -26,7 +26,7 @@ /* (De)constructors */ list_t *list_alloc(list_action_t delete) { - list_t *list = xmalloc_and_zero(sizeof(list_t)); + list_t *list = xzalloc(sizeof(list_t)); list->delete = delete; return list; @@ -37,7 +37,7 @@ void list_free(list_t *list) { } list_node_t *list_alloc_node(void) { - return xmalloc_and_zero(sizeof(list_node_t)); + return xzalloc(sizeof(list_node_t)); } void list_free_node(list_t *list, list_node_t *node) { diff --git a/src/meta.c b/src/meta.c index fafba65..887da4a 100644 --- a/src/meta.c +++ b/src/meta.c @@ -1,6 +1,6 @@ /* meta.c -- handle the meta communication - Copyright (C) 2000-2012 Guus Sliepen , + Copyright (C) 2000-2013 Guus Sliepen , 2000-2005 Ivo Timmermans 2006 Scott Lamb @@ -60,7 +60,7 @@ bool send_meta(connection_t *c, const char *buffer, int length) { if(c->status.encryptout) { size_t outlen = length; - if(!cipher_encrypt(&c->outcipher, buffer, length, buffer_prepare(&c->outbuf, length), &outlen, false) || outlen != length) { + if(!cipher_encrypt(c->outcipher, buffer, length, buffer_prepare(&c->outbuf, length), &outlen, false) || outlen != length) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while encrypting metadata to %s (%s)", c->name, c->hostname); return false; @@ -171,7 +171,7 @@ bool receive_meta(connection_t *c) { } else { size_t outlen = inlen; - if(!cipher_decrypt(&c->incipher, bufp, inlen, buffer_prepare(&c->inbuf, inlen), &outlen, false) || inlen != outlen) { + if(!cipher_decrypt(c->incipher, bufp, inlen, buffer_prepare(&c->inbuf, inlen), &outlen, false) || inlen != outlen) { logger(DEBUG_ALWAYS, LOG_ERR, "Error while decrypting metadata from %s (%s)", c->name, c->hostname); return false; diff --git a/src/mingw/.deps/device.Po b/src/mingw/.deps/device.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/mingw/.deps/device.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/mingw/device.c b/src/mingw/device.c index ac83d8c..abe544e 100644 --- a/src/mingw/device.c +++ b/src/mingw/device.c @@ -18,21 +18,21 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "names.h" -#include "net.h" -#include "route.h" -#include "utils.h" -#include "xalloc.h" +#include "../conf.h" +#include "../device.h" +#include "../logger.h" +#include "../names.h" +#include "../net.h" +#include "../route.h" +#include "../utils.h" +#include "../xalloc.h" -#include "mingw/common.h" +#include "common.h" int device_fd = -1; static HANDLE device_handle = INVALID_HANDLE_VALUE; diff --git a/src/multicast_device.c b/src/multicast_device.c index e58d293..5eaf103 100644 --- a/src/multicast_device.c +++ b/src/multicast_device.c @@ -1,7 +1,7 @@ /* device.c -- multicast socket Copyright (C) 2002-2005 Ivo Timmermans, - 2002-2012 Guus Sliepen + 2002-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/names.c b/src/names.c index cc72a11..a631ad9 100644 --- a/src/names.c +++ b/src/names.c @@ -42,6 +42,9 @@ void make_names(void) { DWORD len = sizeof installdir; #endif + if(netname && confbase) + logger(DEBUG_ALWAYS, LOG_INFO, "Both netname and configuration directory given, using the latter..."); + if(netname) xasprintf(&identname, "tinc.%s", netname); else @@ -84,13 +87,10 @@ void make_names(void) { strcpy(unixsocketname + len, ".socket"); } - if(netname) { - if(!confbase) + if(!confbase) { + if(netname) xasprintf(&confbase, CONFDIR SLASH "tinc" SLASH "%s", netname); else - logger(DEBUG_ALWAYS, LOG_INFO, "Both netname and configuration directory given, using the latter..."); - } else { - if(!confbase) xasprintf(&confbase, CONFDIR SLASH "tinc"); } } diff --git a/src/net.c b/src/net.c index 1487e81..bf6cfcf 100644 --- a/src/net.c +++ b/src/net.c @@ -41,6 +41,8 @@ int contradicting_add_edge = 0; int contradicting_del_edge = 0; static int sleeptime = 10; time_t last_config_check = 0; +static timeout_t pingtimer; +static timeout_t periodictimer; /* Purge edges and subnets of unreachable nodes. Use carefully. */ @@ -224,7 +226,7 @@ static void periodic_handler(void *data) { if(!found) { logger(DEBUG_CONNECTIONS, LOG_INFO, "Autoconnecting to %s", n->name); - outgoing_t *outgoing = xmalloc_and_zero(sizeof *outgoing); + outgoing_t *outgoing = xzalloc(sizeof *outgoing); outgoing->name = xstrdup(n->name); list_insert_tail(outgoing_list, outgoing); setup_outgoing_connection(outgoing); @@ -296,7 +298,8 @@ static void sigterm_handler(void *data) { static void sighup_handler(void *data) { logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum)); reopenlogger(); - reload_configuration(); + if(reload_configuration()) + exit(1); } static void sigalrm_handler(void *data) { @@ -306,7 +309,7 @@ static void sigalrm_handler(void *data) { #endif int reload_configuration(void) { - char *fname; + char *fname = NULL; /* Reread our own configuration file */ @@ -314,8 +317,7 @@ int reload_configuration(void) { init_configuration(&config_tree); if(!read_server_config()) { - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file, exitting."); - event_exit(); + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file."); return EINVAL; } @@ -412,24 +414,27 @@ int reload_configuration(void) { } void retry(void) { - for list_each(connection_t, c, connection_list) { - if(c->outgoing && !c->node) { - timeout_del(&c->outgoing->ev); - if(c->status.connecting) - close(c->socket); - c->outgoing->timeout = 0; - terminate_connection(c, c->status.active); - } + /* Reset the reconnection timers for all outgoing connections */ + for list_each(outgoing_t, outgoing, outgoing_list) { + outgoing->timeout = 0; + if(outgoing->ev.cb) + timeout_set(&outgoing->ev, &(struct timeval){0, 0}); } + + /* Check for outgoing connections that are in progress, and reset their ping timers */ + for list_each(connection_t, c, connection_list) { + if(c->outgoing && !c->node) + c->last_ping_time = 0; + } + + /* Kick the ping timeout handler */ + timeout_set(&pingtimer, &(struct timeval){0, 0}); } /* this is where it all happens... */ int main_loop(void) { - timeout_t pingtimer = {{0}}; - timeout_t periodictimer = {{0}}; - timeout_add(&pingtimer, timeout_handler, &pingtimer, &(struct timeval){pingtimeout, rand() % 100000}); timeout_add(&periodictimer, periodic_handler, &periodictimer, &(struct timeval){pingtimeout, rand() % 100000}); @@ -454,9 +459,10 @@ int main_loop(void) { #ifndef HAVE_MINGW signal_del(&sighup); - signal_del(&sigalrm); - signal_del(&sigquit); signal_del(&sigterm); + signal_del(&sigquit); + signal_del(&sigint); + signal_del(&sigalrm); #endif timeout_del(&periodictimer); diff --git a/src/net.h b/src/net.h index 879dfff..9a97276 100644 --- a/src/net.h +++ b/src/net.h @@ -125,6 +125,7 @@ extern int seconds_till_retry; extern int addressfamily; extern unsigned replaywin; extern bool localdiscovery; +extern sockaddr_t localdiscovery_address; extern listen_socket_t listen_socket[MAXSOCKETS]; extern int listen_sockets; @@ -132,6 +133,7 @@ extern io_t unix_socket; extern int keylifetime; extern int udp_rcvbuf; extern int udp_sndbuf; +extern int max_connection_burst; extern bool do_prune; extern char *myport; extern int autoconnect; diff --git a/src/net_packet.c b/src/net_packet.c index 27ca714..f79c9a7 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -56,6 +56,7 @@ static void send_udppacket(node_t *, vpn_packet_t *); unsigned replaywin = 16; bool localdiscovery = false; +sockaddr_t localdiscovery_address; #define MAX_SEQNO 1073741824 @@ -178,12 +179,25 @@ void send_mtu_probe(node_t *n) { } static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { - logger(DEBUG_TRAFFIC, LOG_INFO, "Got MTU probe length %d from %s (%s)", packet->len, n->name, n->hostname); - if(!packet->data[0]) { + logger(DEBUG_TRAFFIC, LOG_INFO, "Got MTU probe request %d from %s (%s)", packet->len, n->name, n->hostname); + /* It's a probe request, send back a reply */ - packet->data[0] = 1; + /* Type 2 probe replies were introduced in protocol 17.3 */ + if ((n->options >> 24) == 3) { + uint8_t* data = packet->data; + *data++ = 2; + uint16_t len16 = htons(len); memcpy(data, &len16, 2); data += 2; + struct timeval now; + gettimeofday(&now, NULL); + uint32_t sec = htonl(now.tv_sec); memcpy(data, &sec, 4); data += 4; + uint32_t usec = htonl(now.tv_usec); memcpy(data, &usec, 4); data += 4; + packet->len = data - packet->data; + } else { + /* Legacy protocol: n won't understand type 2 probe replies. */ + packet->data[0] = 1; + } /* Temporarily set udp_confirmed, so that the reply is sent back exactly the way it came in. */ @@ -193,6 +207,16 @@ static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { send_udppacket(n, packet); n->status.udp_confirmed = udp_confirmed; } else { + length_t probelen = len; + if (packet->data[0] == 2) { + if (len < 3) + logger(DEBUG_TRAFFIC, LOG_WARNING, "Received invalid (too short) MTU probe reply from %s (%s)", n->name, n->hostname); + else { + uint16_t probelen16; memcpy(&probelen16, packet->data + 1, 2); probelen = ntohs(probelen16); + } + } + logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d MTU probe reply %d from %s (%s)", packet->data[0], probelen, n->name, n->hostname); + /* It's a valid reply: now we know bidirectional communication is possible using the address and socket that the reply packet used. */ @@ -202,7 +226,7 @@ static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { /* If we haven't established the PMTU yet, restart the discovery process. */ if(n->mtuprobes > 30) { - if (len == n->maxmtu + 8) { + if (probelen == n->maxmtu + 8) { logger(DEBUG_TRAFFIC, LOG_INFO, "Increase in PMTU to %s (%s) detected, restarting PMTU discovery", n->name, n->hostname); n->maxmtu = MTU; n->mtuprobes = 10; @@ -217,27 +241,38 @@ static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { /* If applicable, raise the minimum supported MTU */ - if(len > n->maxmtu) - len = n->maxmtu; - if(n->minmtu < len) - n->minmtu = len; + if(probelen > n->maxmtu) + probelen = n->maxmtu; + if(n->minmtu < probelen) + n->minmtu = probelen; /* Calculate RTT and bandwidth. The RTT is the time between the MTU probe burst was sent and the first reply is received. The bandwidth is measured using the time between the - arrival of the first and third probe reply. + arrival of the first and third probe reply (or type 2 probe requests). */ struct timeval now, diff; gettimeofday(&now, NULL); timersub(&now, &n->probe_time, &diff); + + struct timeval probe_timestamp = now; + if (packet->data[0] == 2 && packet->len >= 11) { + uint32_t sec; memcpy(&sec, packet->data + 3, 4); + uint32_t usec; memcpy(&usec, packet->data + 7, 4); + probe_timestamp.tv_sec = ntohl(sec); + probe_timestamp.tv_usec = ntohl(usec); + } + n->probe_counter++; if(n->probe_counter == 1) { n->rtt = diff.tv_sec + diff.tv_usec * 1e-6; - n->probe_time = now; + n->probe_time = probe_timestamp; } else if(n->probe_counter == 3) { - n->bandwidth = 2.0 * len / (diff.tv_sec + diff.tv_usec * 1e-6); + struct timeval probe_timestamp_diff; + timersub(&probe_timestamp, &n->probe_time, &probe_timestamp_diff); + n->bandwidth = 2.0 * probelen / (probe_timestamp_diff.tv_sec + probe_timestamp_diff.tv_usec * 1e-6); logger(DEBUG_TRAFFIC, LOG_DEBUG, "%s (%s) RTT %.2f ms, burst bandwidth %.3f Mbit/s, rx packet loss %.2f %%", n->name, n->hostname, n->rtt * 1e3, n->bandwidth * 8e-6, n->packetloss * 1e2); } } @@ -318,10 +353,10 @@ static bool try_mac(node_t *n, const vpn_packet_t *inpkt) { if(n->status.sptps) return sptps_verify_datagram(&n->sptps, (char *)&inpkt->seqno, inpkt->len); - if(!digest_active(&n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest)) + if(!digest_active(n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) return false; - return digest_verify(&n->indigest, &inpkt->seqno, inpkt->len - n->indigest.maclength, (const char *)&inpkt->seqno + inpkt->len - n->indigest.maclength); + return digest_verify(n->indigest, &inpkt->seqno, inpkt->len - digest_length(n->indigest), (const char *)&inpkt->seqno + inpkt->len - digest_length(n->indigest)); } static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { @@ -332,19 +367,27 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { size_t outlen; if(n->status.sptps) { + if(!n->sptps.state) { + if(!n->status.waitingforkey) { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but we haven't exchanged keys yet", n->name, n->hostname); + send_req_key(n); + } else { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); + } + return; + } sptps_receive_data(&n->sptps, (char *)&inpkt->seqno, inpkt->len); return; } - if(!cipher_active(&n->incipher)) { - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", - n->name, n->hostname); + if(!cipher_active(n->incipher)) { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); return; } /* Check packet length */ - if(inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest)) { + if(inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got too short packet from %s (%s)", n->name, n->hostname); return; @@ -352,20 +395,20 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { /* Check the message authentication code */ - if(digest_active(&n->indigest)) { - inpkt->len -= n->indigest.maclength; - if(!digest_verify(&n->indigest, &inpkt->seqno, inpkt->len, (const char *)&inpkt->seqno + inpkt->len)) { + if(digest_active(n->indigest)) { + inpkt->len -= digest_length(n->indigest); + if(!digest_verify(n->indigest, &inpkt->seqno, inpkt->len, (const char *)&inpkt->seqno + inpkt->len)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got unauthenticated packet from %s (%s)", n->name, n->hostname); return; } } /* Decrypt the packet */ - if(cipher_active(&n->incipher)) { + if(cipher_active(n->incipher)) { outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_decrypt(&n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_decrypt(n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Error decrypting packet from %s (%s)", n->name, n->hostname); return; } @@ -572,12 +615,22 @@ static void choose_broadcast_address(const node_t *n, const sockaddr_t **sa, int *sock = rand() % listen_sockets; if(listen_socket[*sock].sa.sa.sa_family == AF_INET6) { - broadcast_ipv6.in6.sin6_port = n->prevedge->address.in.sin_port; - broadcast_ipv6.in6.sin6_scope_id = listen_socket[*sock].sa.in6.sin6_scope_id; - *sa = &broadcast_ipv6; + if(localdiscovery_address.sa.sa_family == AF_INET6) { + localdiscovery_address.in6.sin6_port = n->prevedge->address.in.sin_port; + *sa = &localdiscovery_address; + } else { + broadcast_ipv6.in6.sin6_port = n->prevedge->address.in.sin_port; + broadcast_ipv6.in6.sin6_scope_id = listen_socket[*sock].sa.in6.sin6_scope_id; + *sa = &broadcast_ipv6; + } } else { - broadcast_ipv4.in.sin_port = n->prevedge->address.in.sin_port; - *sa = &broadcast_ipv4; + if(localdiscovery_address.sa.sa_family == AF_INET) { + localdiscovery_address.in.sin_port = n->prevedge->address.in.sin_port; + *sa = &localdiscovery_address; + } else { + broadcast_ipv4.in.sin_port = n->prevedge->address.in.sin_port; + *sa = &broadcast_ipv4; + } } } @@ -653,11 +706,11 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Encrypt the packet */ - if(cipher_active(&n->outcipher)) { + if(cipher_active(n->outcipher)) { outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_encrypt(&n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_encrypt(n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); goto end; } @@ -668,9 +721,13 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Add the message authentication code */ - if(digest_active(&n->outdigest)) { - digest_create(&n->outdigest, &inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len); - inpkt->len += digest_length(&n->outdigest); + if(digest_active(n->outdigest)) { + if(!digest_create(n->outdigest, &inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len)) { + logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); + goto end; + } + + inpkt->len += digest_length(n->outdigest); } /* Send the packet */ @@ -719,10 +776,12 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { b64encode(data, buf, len); /* If no valid key is known yet, send the packets using ANS_KEY requests, to ensure we get to learn the reflexive UDP address. */ - if(!to->status.validkey) - return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, myself->name, to->name, buf, myself->incompression); - else + if(!to->status.validkey) { + to->incompression = myself->incompression; + return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, myself->name, to->name, buf, to->incompression); + } else { return send_request(to->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, to->name, REQ_SPTPS, buf); + } } /* Otherwise, send the packet via UDP */ @@ -902,7 +961,7 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet) { break; for splay_each(node_t, n, node_tree) - if(n->status.reachable && ((n->via == myself && n->nexthop == n) || n->via == n)) + if(n->status.reachable && n != myself && ((n->via == myself && n->nexthop == n) || n->via == n)) send_packet(n, packet); break; diff --git a/src/net_setup.c b/src/net_setup.c index bf0c5a5..0fedafa 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -58,25 +58,22 @@ char *scriptinterpreter; char *scriptextension; bool node_read_ecdsa_public_key(node_t *n) { - if(ecdsa_active(&n->ecdsa)) + if(ecdsa_active(n->ecdsa)) return true; splay_tree_t *config_tree; FILE *fp; - char *pubname = NULL, *hcfname = NULL; + char *pubname = NULL; char *p; - bool result = false; - - xasprintf(&hcfname, "%s" SLASH "hosts" SLASH "%s", confbase, n->name); init_configuration(&config_tree); - if(!read_config_file(config_tree, hcfname)) + if(!read_host_config(config_tree, n->name)) goto exit; /* First, check for simple ECDSAPublicKey statement */ if(get_config_string(lookup_config(config_tree, "ECDSAPublicKey"), &p)) { - result = ecdsa_set_base64_public_key(&n->ecdsa, p); + n->ecdsa = ecdsa_set_base64_public_key(p); free(p); goto exit; } @@ -93,28 +90,35 @@ bool node_read_ecdsa_public_key(node_t *n) { goto exit; } - result = ecdsa_read_pem_public_key(&n->ecdsa, fp); + n->ecdsa = ecdsa_read_pem_public_key(fp); fclose(fp); exit: exit_configuration(&config_tree); - free(hcfname); free(pubname); - return result; + return n->ecdsa; } bool read_ecdsa_public_key(connection_t *c) { + if(ecdsa_active(c->ecdsa)) + return true; + FILE *fp; char *fname; char *p; - bool result; + + if(!c->config_tree) { + init_configuration(&c->config_tree); + if(!read_host_config(c->config_tree, c->name)) + return false; + } /* First, check for simple ECDSAPublicKey statement */ if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) { - result = ecdsa_set_base64_public_key(&c->ecdsa, p); + c->ecdsa = ecdsa_set_base64_public_key(p); free(p); - return result; + return c->ecdsa; } /* Else, check for ECDSAPublicKeyFile statement and read it */ @@ -131,27 +135,29 @@ bool read_ecdsa_public_key(connection_t *c) { return false; } - result = ecdsa_read_pem_public_key(&c->ecdsa, fp); + c->ecdsa = ecdsa_read_pem_public_key(fp); fclose(fp); - if(!result) + if(!c->ecdsa) logger(DEBUG_ALWAYS, LOG_ERR, "Parsing ECDSA public key file `%s' failed.", fname); free(fname); - return result; + return c->ecdsa; } bool read_rsa_public_key(connection_t *c) { + if(ecdsa_active(c->ecdsa)) + return true; + FILE *fp; char *fname; char *n; - bool result; /* First, check for simple PublicKey statement */ if(get_config_string(lookup_config(c->config_tree, "PublicKey"), &n)) { - result = rsa_set_hex_public_key(&c->rsa, n, "FFFF"); + c->rsa = rsa_set_hex_public_key(n, "FFFF"); free(n); - return result; + return c->rsa; } /* Else, check for PublicKeyFile statement and read it */ @@ -167,19 +173,18 @@ bool read_rsa_public_key(connection_t *c) { return false; } - result = rsa_read_pem_public_key(&c->rsa, fp); + c->rsa = rsa_read_pem_public_key(fp); fclose(fp); - if(!result) + if(!c->rsa) logger(DEBUG_ALWAYS, LOG_ERR, "Reading RSA public key file `%s' failed: %s", fname, strerror(errno)); free(fname); - return result; + return c->rsa; } static bool read_ecdsa_private_key(void) { FILE *fp; char *fname; - bool result; /* Check for PrivateKeyFile statement and read it */ @@ -190,6 +195,8 @@ static bool read_ecdsa_private_key(void) { if(!fp) { logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA private key file `%s': %s", fname, strerror(errno)); + if(errno == ENOENT) + logger(DEBUG_ALWAYS, LOG_INFO, "Create an ECDSA keypair with `tinc -n %s generate-ecdsa-keys'.", netname ?: "."); free(fname); return false; } @@ -207,20 +214,43 @@ static bool read_ecdsa_private_key(void) { logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for ECDSA private key file `%s'!", fname); #endif - result = ecdsa_read_pem_private_key(&myself->connection->ecdsa, fp); + myself->connection->ecdsa = ecdsa_read_pem_private_key(fp); fclose(fp); - if(!result) + if(!myself->connection->ecdsa) logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno)); free(fname); - return result; + return myself->connection->ecdsa; +} + +static bool read_invitation_key(void) { + FILE *fp; + char *fname; + + if(invitation_key) { + ecdsa_free(invitation_key); + invitation_key = NULL; + } + + xasprintf(&fname, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase); + + fp = fopen(fname, "r"); + + if(fp) { + invitation_key = ecdsa_read_pem_private_key(fp); + fclose(fp); + if(!invitation_key) + logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno)); + } + + free(fname); + return invitation_key; } static bool read_rsa_private_key(void) { FILE *fp; char *fname; char *n, *d; - bool result; /* First, check for simple PrivateKey statement */ @@ -230,10 +260,10 @@ static bool read_rsa_private_key(void) { free(d); return false; } - result = rsa_set_hex_private_key(&myself->connection->rsa, n, "FFFF", d); + myself->connection->rsa = rsa_set_hex_private_key(n, "FFFF", d); free(n); free(d); - return result; + return myself->connection->rsa; } /* Else, check for PrivateKeyFile statement and read it */ @@ -263,13 +293,13 @@ static bool read_rsa_private_key(void) { logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for RSA private key file `%s'!", fname); #endif - result = rsa_read_pem_private_key(&myself->connection->rsa, fp); + myself->connection->rsa = rsa_read_pem_private_key(fp); fclose(fp); - if(!result) + if(!myself->connection->rsa) logger(DEBUG_ALWAYS, LOG_ERR, "Reading RSA private key file `%s' failed: %s", fname, strerror(errno)); free(fname); - return result; + return myself->connection->rsa; } static timeout_t keyexpire_timeout; @@ -310,14 +340,10 @@ void load_all_subnets(void) { // continue; #endif - char *fname; - xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name); - splay_tree_t *config_tree; init_configuration(&config_tree); read_config_options(config_tree, ent->d_name); - read_config_file(config_tree, fname); - free(fname); + read_host_config(config_tree, ent->d_name); if(!n) { n = new_node(); @@ -418,6 +444,7 @@ bool setup_myself_reloadable(void) { char *fmode = NULL; char *bmode = NULL; char *afname = NULL; + char *address = NULL; char *space; bool choice; @@ -508,6 +535,16 @@ bool setup_myself_reloadable(void) { get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly); get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery); + memset(&localdiscovery_address, 0, sizeof localdiscovery_address); + if(get_config_string(lookup_config(config_tree, "LocalDiscoveryAddress"), &address)) { + struct addrinfo *ai = str2addrinfo(address, myport, SOCK_DGRAM); + free(address); + if(!ai) + return false; + memcpy(&localdiscovery_address, ai->ai_addr, ai->ai_addrlen); + } + + if(get_config_string(lookup_config(config_tree, "Mode"), &rmode)) { if(!strcasecmp(rmode, "router")) routing_mode = RMODE_ROUTER; @@ -601,6 +638,8 @@ bool setup_myself_reloadable(void) { get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers); + read_invitation_key(); + return true; } @@ -609,7 +648,6 @@ bool setup_myself_reloadable(void) { */ static bool setup_myself(void) { char *name, *hostname, *cipher, *digest, *type; - char *fname = NULL; char *address = NULL; if(!(name = get_name())) { @@ -621,10 +659,7 @@ static bool setup_myself(void) { myself->connection = new_connection(); myself->name = name; myself->connection->name = xstrdup(name); - xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, name); - read_config_options(config_tree, name); - read_config_file(config_tree, fname); - free(fname); + read_host_config(config_tree, name); if(!get_config_string(lookup_config(config_tree, "Port"), &myport)) myport = xstrdup("655"); @@ -676,7 +711,12 @@ static bool setup_myself(void) { get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver); strictsubnets |= tunnelserver; - + if(get_config_int(lookup_config(config_tree, "MaxConnectionBurst"), &max_connection_burst)) { + if(max_connection_burst <= 0) { + logger(DEBUG_ALWAYS, LOG_ERR, "MaxConnectionBurst cannot be negative!"); + return false; + } + } if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) { if(udp_rcvbuf <= 0) { @@ -707,7 +747,7 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher)) cipher = xstrdup("blowfish"); - if(!cipher_open_by_name(&myself->incipher, cipher)) { + if(!(myself->incipher = cipher_open_by_name(cipher))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized cipher type!"); return false; } @@ -730,7 +770,7 @@ static bool setup_myself(void) { if(!get_config_string(lookup_config(config_tree, "Digest"), &digest)) digest = xstrdup("sha1"); - if(!digest_open_by_name(&myself->indigest, digest, maclength)) { + if(!(myself->indigest = digest_open_by_name(digest, maclength))) { logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized digest type!"); return false; } @@ -793,12 +833,11 @@ static bool setup_myself(void) { io_add(&device_io, handle_device_data, NULL, device_fd, IO_READ); /* Run tinc-up script to further initialize the tap interface */ - char *envp[5]; + char *envp[5] = {NULL}; xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); xasprintf(&envp[3], "NAME=%s", myself->name); - envp[4] = NULL; execute_script("tinc-up", envp); @@ -829,7 +868,12 @@ static bool setup_myself(void) { unlink(unixsocketname); - if(bind(unix_fd, (struct sockaddr *)&sa, sizeof sa) < 0) { + mode_t mask = umask(0); + umask(mask | 077); + int result = bind(unix_fd, (struct sockaddr *)&sa, sizeof sa); + umask(mask); + + if(result < 0) { logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno)); return false; } @@ -914,8 +958,7 @@ static bool setup_myself(void) { free(address); if(err || !ai) { - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", - gai_strerror(err)); + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", err == EAI_SYSTEM ? strerror(err) : gai_strerror(err)); return false; } @@ -1031,12 +1074,11 @@ void close_network_connections(void) { close(unix_socket.fd); #endif - char *envp[5]; + char *envp[5] = {NULL}; xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); xasprintf(&envp[3], "NAME=%s", myself->name); - envp[4] = NULL; exit_requests(); exit_edges(); diff --git a/src/net_socket.c b/src/net_socket.c index 5332ed2..ded9224 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -45,6 +45,7 @@ int maxtimeout = 900; int seconds_till_retry = 5; int udp_rcvbuf = 0; int udp_sndbuf = 0; +int max_connection_burst = 100; listen_socket_t listen_socket[MAXSOCKETS]; int listen_sockets; @@ -561,6 +562,47 @@ void handle_new_meta_connection(void *data, int flags) { sockaddrunmap(&sa); + // Check if we get many connections from the same host + + static sockaddr_t prev_sa; + static time_t prev_time; + static int tarpit = -1; + + if(tarpit >= 0) { + closesocket(tarpit); + tarpit = -1; + } + + if(prev_time == now.tv_sec && !sockaddrcmp_noport(&sa, &prev_sa)) { + // if so, keep the connection open but ignore it completely. + tarpit = fd; + return; + } + + memcpy(&prev_sa, &sa, sizeof sa); + prev_time = now.tv_sec; + + // Check if we get many connections from different hosts + + static int connection_burst; + static int connection_burst_time; + + if(now.tv_sec - connection_burst_time > connection_burst) + connection_burst = 0; + else + connection_burst -= now.tv_sec - connection_burst_time; + + connection_burst_time = now.tv_sec; + connection_burst++; + + if(connection_burst >= max_connection_burst) { + connection_burst = max_connection_burst; + tarpit = fd; + return; + } + + // Accept the new connection + c = new_connection(); c->name = xstrdup(""); c->outcipher = myself->connection->outcipher; @@ -674,7 +716,7 @@ void try_outgoing_connections(void) { } if(!found) { - outgoing_t *outgoing = xmalloc_and_zero(sizeof *outgoing); + outgoing_t *outgoing = xzalloc(sizeof *outgoing); outgoing->name = name; list_insert_tail(outgoing_list, outgoing); setup_outgoing_connection(outgoing); diff --git a/src/netutl.c b/src/netutl.c index a55eaea..989a152 100644 --- a/src/netutl.c +++ b/src/netutl.c @@ -1,7 +1,7 @@ /* netutl.c -- some supporting network utility code Copyright (C) 1998-2005 Ivo Timmermans - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -42,8 +42,7 @@ struct addrinfo *str2addrinfo(const char *address, const char *service, int sock err = getaddrinfo(address, service, &hint, &ai); if(err) { - logger(DEBUG_ALWAYS, LOG_WARNING, "Error looking up %s port %s: %s", address, - service, gai_strerror(err)); + logger(DEBUG_ALWAYS, LOG_WARNING, "Error looking up %s port %s: %s", address, service, err == EAI_SYSTEM ? strerror(errno) : gai_strerror(err)); return NULL; } @@ -92,8 +91,7 @@ void sockaddr2str(const sockaddr_t *sa, char **addrstr, char **portstr) { err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof address, port, sizeof port, NI_NUMERICHOST | NI_NUMERICSERV); if(err) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while translating addresses: %s", - gai_strerror(err)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while translating addresses: %s", err == EAI_SYSTEM ? strerror(errno) : gai_strerror(err)); abort(); } @@ -122,8 +120,7 @@ char *sockaddr2hostname(const sockaddr_t *sa) { err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof address, port, sizeof port, hostnames ? 0 : (NI_NUMERICHOST | NI_NUMERICSERV)); if(err) { - logger(DEBUG_ALWAYS, LOG_ERR, "Error while looking up hostname: %s", - gai_strerror(err)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while looking up hostname: %s", err == EAI_SYSTEM ? strerror(errno) : gai_strerror(err)); } xasprintf(&str, "%s port %s", address, port); diff --git a/src/netutl.h b/src/netutl.h index 0fef2d6..471cae7 100644 --- a/src/netutl.h +++ b/src/netutl.h @@ -1,7 +1,7 @@ /* netutl.h -- header file for netutl.c Copyright (C) 1998-2005 Ivo Timmermans - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,10 +25,10 @@ extern bool hostnames; -extern struct addrinfo *str2addrinfo(const char *, const char *, int); +extern struct addrinfo *str2addrinfo(const char *, const char *, int) __attribute__ ((__malloc__)); extern sockaddr_t str2sockaddr(const char *, const char *); extern void sockaddr2str(const sockaddr_t *, char **, char **); -extern char *sockaddr2hostname(const sockaddr_t *); +extern char *sockaddr2hostname(const sockaddr_t *) __attribute__ ((__malloc__)); extern int sockaddrcmp(const sockaddr_t *, const sockaddr_t *); extern int sockaddrcmp_noport(const sockaddr_t *, const sockaddr_t *); extern void sockaddrunmap(sockaddr_t *); diff --git a/src/node.c b/src/node.c index 465a48a..aab83ca 100644 --- a/src/node.c +++ b/src/node.c @@ -1,6 +1,6 @@ /* node.c -- node tree management - Copyright (C) 2001-2012 Guus Sliepen , + Copyright (C) 2001-2013 Guus Sliepen , 2001-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -50,9 +50,9 @@ void exit_nodes(void) { } node_t *new_node(void) { - node_t *n = xmalloc_and_zero(sizeof *n); + node_t *n = xzalloc(sizeof *n); - if(replaywin) n->late = xmalloc_and_zero(replaywin); + if(replaywin) n->late = xzalloc(replaywin); n->subnet_tree = new_subnet_tree(); n->edge_tree = new_edge_tree(); n->mtu = MTU; @@ -70,12 +70,12 @@ void free_node(node_t *n) { sockaddrfree(&n->address); - cipher_close(&n->incipher); - digest_close(&n->indigest); - cipher_close(&n->outcipher); - digest_close(&n->outdigest); + cipher_close(n->incipher); + digest_close(n->indigest); + cipher_close(n->outcipher); + digest_close(n->outdigest); - ecdsa_free(&n->ecdsa); + ecdsa_free(n->ecdsa); sptps_stop(&n->sptps); timeout_del(&n->mtutimeout); @@ -145,8 +145,8 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) { bool dump_nodes(connection_t *c) { for splay_each(node_t, n, node_tree) send_request(c, "%d %d %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES, - n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(&n->outcipher), - digest_get_nid(&n->outdigest), (int)digest_length(&n->outdigest), n->outcompression, + n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher), + digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), n->outcompression, n->options, bitfield_to_int(&n->status, sizeof n->status), n->nexthop ? n->nexthop->name : "-", n->via ? n->via->name ?: "-" : "-", n->distance, n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change); diff --git a/src/node.h b/src/node.h index e4b47b3..e704ba8 100644 --- a/src/node.h +++ b/src/node.h @@ -52,14 +52,14 @@ typedef struct node_t { time_t last_state_change; time_t last_req_key; - ecdsa_t ecdsa; /* His public ECDSA key */ + ecdsa_t *ecdsa; /* His public ECDSA key */ sptps_t sptps; - cipher_t incipher; /* Cipher for UDP packets */ - digest_t indigest; /* Digest for UDP packets */ + cipher_t *incipher; /* Cipher for UDP packets */ + digest_t *indigest; /* Digest for UDP packets */ - cipher_t outcipher; /* Cipher for UDP packets */ - digest_t outdigest; /* Digest for UDP packets */ + cipher_t *outcipher; /* Cipher for UDP packets */ + digest_t *outdigest; /* Digest for UDP packets */ int incompression; /* Compressionlevel, 0 = no compression */ int outcompression; /* Compressionlevel, 0 = no compression */ diff --git a/src/openssl/.deps/.dirstamp b/src/openssl/.deps/.dirstamp new file mode 100644 index 0000000..e69de29 diff --git a/src/openssl/.deps/cipher.Po b/src/openssl/.deps/cipher.Po new file mode 100644 index 0000000..05e8926 --- /dev/null +++ b/src/openssl/.deps/cipher.Po @@ -0,0 +1,454 @@ +openssl/cipher.o: openssl/cipher.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/rand.h \ + /usr/include/openssl/ossl_typ.h /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/err.h /usr/include/openssl/bio.h \ + /usr/include/openssl/crypto.h /usr/include/openssl/stack.h \ + /usr/include/openssl/safestack.h /usr/include/openssl/opensslv.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/lhash.h \ + /usr/include/openssl/evp.h /usr/include/openssl/objects.h \ + /usr/include/openssl/obj_mac.h /usr/include/openssl/asn1.h \ + /usr/include/openssl/bn.h openssl/../cipher.h openssl/../logger.h \ + openssl/../xalloc.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/rand.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/err.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +openssl/../cipher.h: + +openssl/../logger.h: + +openssl/../xalloc.h: diff --git a/src/openssl/.deps/crypto.Po b/src/openssl/.deps/crypto.Po new file mode 100644 index 0000000..7175d88 --- /dev/null +++ b/src/openssl/.deps/crypto.Po @@ -0,0 +1,482 @@ +openssl/crypto.o: openssl/crypto.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/rand.h \ + /usr/include/openssl/ossl_typ.h /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/evp.h /usr/include/openssl/symhacks.h \ + /usr/include/openssl/bio.h /usr/include/openssl/crypto.h \ + /usr/include/openssl/stack.h /usr/include/openssl/safestack.h \ + /usr/include/openssl/opensslv.h /usr/include/openssl/objects.h \ + /usr/include/openssl/obj_mac.h /usr/include/openssl/asn1.h \ + /usr/include/openssl/bn.h /usr/include/openssl/engine.h \ + /usr/include/openssl/rsa.h /usr/include/openssl/dsa.h \ + /usr/include/openssl/dh.h /usr/include/openssl/ecdh.h \ + /usr/include/openssl/ec.h /usr/include/openssl/ecdsa.h \ + /usr/include/openssl/ui.h /usr/include/openssl/err.h \ + /usr/include/openssl/lhash.h /usr/include/openssl/x509.h \ + /usr/include/openssl/buffer.h /usr/include/openssl/sha.h \ + /usr/include/openssl/x509_vfy.h /usr/include/openssl/pkcs7.h \ + openssl/../crypto.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/rand.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/engine.h: + +/usr/include/openssl/rsa.h: + +/usr/include/openssl/dsa.h: + +/usr/include/openssl/dh.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/ecdsa.h: + +/usr/include/openssl/ui.h: + +/usr/include/openssl/err.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/x509.h: + +/usr/include/openssl/buffer.h: + +/usr/include/openssl/sha.h: + +/usr/include/openssl/x509_vfy.h: + +/usr/include/openssl/pkcs7.h: + +openssl/../crypto.h: diff --git a/src/openssl/.deps/digest.Po b/src/openssl/.deps/digest.Po new file mode 100644 index 0000000..6d30f41 --- /dev/null +++ b/src/openssl/.deps/digest.Po @@ -0,0 +1,458 @@ +openssl/digest.o: openssl/digest.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h openssl/../utils.h openssl/../xalloc.h \ + /usr/include/openssl/err.h /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/ossl_typ.h /usr/include/openssl/bio.h \ + /usr/include/openssl/crypto.h /usr/include/openssl/stack.h \ + /usr/include/openssl/safestack.h /usr/include/openssl/opensslv.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/lhash.h \ + /usr/include/openssl/hmac.h /usr/include/openssl/evp.h \ + /usr/include/openssl/objects.h /usr/include/openssl/obj_mac.h \ + /usr/include/openssl/asn1.h /usr/include/openssl/bn.h openssl/digest.h \ + openssl/../digest.h openssl/../logger.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +openssl/../utils.h: + +openssl/../xalloc.h: + +/usr/include/openssl/err.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/hmac.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +openssl/digest.h: + +openssl/../digest.h: + +openssl/../logger.h: diff --git a/src/openssl/.deps/ecdh.Po b/src/openssl/.deps/ecdh.Po new file mode 100644 index 0000000..96dcd00 --- /dev/null +++ b/src/openssl/.deps/ecdh.Po @@ -0,0 +1,454 @@ +openssl/ecdh.o: openssl/ecdh.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/err.h \ + /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/ossl_typ.h /usr/include/openssl/bio.h \ + /usr/include/openssl/crypto.h /usr/include/openssl/stack.h \ + /usr/include/openssl/safestack.h /usr/include/openssl/opensslv.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/lhash.h \ + /usr/include/openssl/ec.h /usr/include/openssl/asn1.h \ + /usr/include/openssl/bn.h /usr/include/openssl/ecdh.h \ + /usr/include/openssl/obj_mac.h openssl/../ecdh.h openssl/../logger.h \ + openssl/../utils.h openssl/../xalloc.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/err.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/obj_mac.h: + +openssl/../ecdh.h: + +openssl/../logger.h: + +openssl/../utils.h: + +openssl/../xalloc.h: diff --git a/src/openssl/.deps/ecdsa.Po b/src/openssl/.deps/ecdsa.Po new file mode 100644 index 0000000..f6e3f65 --- /dev/null +++ b/src/openssl/.deps/ecdsa.Po @@ -0,0 +1,487 @@ +openssl/ecdsa.o: openssl/ecdsa.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/pem.h \ + /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/bio.h /usr/include/openssl/crypto.h \ + /usr/include/openssl/stack.h /usr/include/openssl/safestack.h \ + /usr/include/openssl/opensslv.h /usr/include/openssl/ossl_typ.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/evp.h \ + /usr/include/openssl/objects.h /usr/include/openssl/obj_mac.h \ + /usr/include/openssl/asn1.h /usr/include/openssl/bn.h \ + /usr/include/openssl/x509.h /usr/include/openssl/buffer.h \ + /usr/include/openssl/ec.h /usr/include/openssl/ecdsa.h \ + /usr/include/openssl/ecdh.h /usr/include/openssl/rsa.h \ + /usr/include/openssl/dsa.h /usr/include/openssl/dh.h \ + /usr/include/openssl/sha.h /usr/include/openssl/x509_vfy.h \ + /usr/include/openssl/lhash.h /usr/include/openssl/pkcs7.h \ + /usr/include/openssl/pem2.h /usr/include/openssl/err.h \ + openssl/../logger.h openssl/../ecdsa.h openssl/../utils.h \ + openssl/../xalloc.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/pem.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/x509.h: + +/usr/include/openssl/buffer.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/ecdsa.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/rsa.h: + +/usr/include/openssl/dsa.h: + +/usr/include/openssl/dh.h: + +/usr/include/openssl/sha.h: + +/usr/include/openssl/x509_vfy.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/pkcs7.h: + +/usr/include/openssl/pem2.h: + +/usr/include/openssl/err.h: + +openssl/../logger.h: + +openssl/../ecdsa.h: + +openssl/../utils.h: + +openssl/../xalloc.h: diff --git a/src/openssl/.deps/ecdsagen.Po b/src/openssl/.deps/ecdsagen.Po new file mode 100644 index 0000000..51e34f5 --- /dev/null +++ b/src/openssl/.deps/ecdsagen.Po @@ -0,0 +1,487 @@ +openssl/ecdsagen.o: openssl/ecdsagen.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/pem.h \ + /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/bio.h /usr/include/openssl/crypto.h \ + /usr/include/openssl/stack.h /usr/include/openssl/safestack.h \ + /usr/include/openssl/opensslv.h /usr/include/openssl/ossl_typ.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/evp.h \ + /usr/include/openssl/objects.h /usr/include/openssl/obj_mac.h \ + /usr/include/openssl/asn1.h /usr/include/openssl/bn.h \ + /usr/include/openssl/x509.h /usr/include/openssl/buffer.h \ + /usr/include/openssl/ec.h /usr/include/openssl/ecdsa.h \ + /usr/include/openssl/ecdh.h /usr/include/openssl/rsa.h \ + /usr/include/openssl/dsa.h /usr/include/openssl/dh.h \ + /usr/include/openssl/sha.h /usr/include/openssl/x509_vfy.h \ + /usr/include/openssl/lhash.h /usr/include/openssl/pkcs7.h \ + /usr/include/openssl/pem2.h /usr/include/openssl/err.h \ + openssl/../ecdsagen.h openssl/../ecdsa.h openssl/../utils.h \ + openssl/../xalloc.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/pem.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/x509.h: + +/usr/include/openssl/buffer.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/ecdsa.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/rsa.h: + +/usr/include/openssl/dsa.h: + +/usr/include/openssl/dh.h: + +/usr/include/openssl/sha.h: + +/usr/include/openssl/x509_vfy.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/pkcs7.h: + +/usr/include/openssl/pem2.h: + +/usr/include/openssl/err.h: + +openssl/../ecdsagen.h: + +openssl/../ecdsa.h: + +openssl/../utils.h: + +openssl/../xalloc.h: diff --git a/src/openssl/.deps/prf.Po b/src/openssl/.deps/prf.Po new file mode 100644 index 0000000..aa2ae6d --- /dev/null +++ b/src/openssl/.deps/prf.Po @@ -0,0 +1,446 @@ +openssl/prf.o: openssl/prf.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/obj_mac.h \ + openssl/digest.h /usr/include/openssl/evp.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/ossl_typ.h /usr/include/openssl/e_os2.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/bio.h \ + /usr/include/openssl/crypto.h /usr/include/openssl/stack.h \ + /usr/include/openssl/safestack.h /usr/include/openssl/opensslv.h \ + /usr/include/openssl/objects.h /usr/include/openssl/asn1.h \ + /usr/include/openssl/bn.h openssl/../digest.h openssl/../prf.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/obj_mac.h: + +openssl/digest.h: + +/usr/include/openssl/evp.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +openssl/../digest.h: + +openssl/../prf.h: diff --git a/src/openssl/.deps/rsa.Po b/src/openssl/.deps/rsa.Po new file mode 100644 index 0000000..c3ac6ac --- /dev/null +++ b/src/openssl/.deps/rsa.Po @@ -0,0 +1,482 @@ +openssl/rsa.o: openssl/rsa.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/pem.h \ + /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/bio.h /usr/include/openssl/crypto.h \ + /usr/include/openssl/stack.h /usr/include/openssl/safestack.h \ + /usr/include/openssl/opensslv.h /usr/include/openssl/ossl_typ.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/evp.h \ + /usr/include/openssl/objects.h /usr/include/openssl/obj_mac.h \ + /usr/include/openssl/asn1.h /usr/include/openssl/bn.h \ + /usr/include/openssl/x509.h /usr/include/openssl/buffer.h \ + /usr/include/openssl/ec.h /usr/include/openssl/ecdsa.h \ + /usr/include/openssl/ecdh.h /usr/include/openssl/rsa.h \ + /usr/include/openssl/dsa.h /usr/include/openssl/dh.h \ + /usr/include/openssl/sha.h /usr/include/openssl/x509_vfy.h \ + /usr/include/openssl/lhash.h /usr/include/openssl/pkcs7.h \ + /usr/include/openssl/pem2.h /usr/include/openssl/err.h \ + openssl/../logger.h openssl/../rsa.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/pem.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/x509.h: + +/usr/include/openssl/buffer.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/ecdsa.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/rsa.h: + +/usr/include/openssl/dsa.h: + +/usr/include/openssl/dh.h: + +/usr/include/openssl/sha.h: + +/usr/include/openssl/x509_vfy.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/pkcs7.h: + +/usr/include/openssl/pem2.h: + +/usr/include/openssl/err.h: + +openssl/../logger.h: + +openssl/../rsa.h: diff --git a/src/openssl/.deps/rsagen.Po b/src/openssl/.deps/rsagen.Po new file mode 100644 index 0000000..8c50bea --- /dev/null +++ b/src/openssl/.deps/rsagen.Po @@ -0,0 +1,484 @@ +openssl/rsagen.o: openssl/rsagen.c /usr/include/stdc-predef.h \ + /usr/include/x86_64-linux-gnu/bits/predefs.h openssl/../system.h \ + openssl/../../config.h openssl/../have.h /usr/include/stdio.h \ + /usr/include/features.h /usr/include/x86_64-linux-gnu/sys/cdefs.h \ + /usr/include/x86_64-linux-gnu/bits/wordsize.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs.h \ + /usr/include/x86_64-linux-gnu/gnu/stubs-64.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h \ + /usr/include/x86_64-linux-gnu/bits/types.h \ + /usr/include/x86_64-linux-gnu/bits/typesizes.h /usr/include/libio.h \ + /usr/include/_G_config.h /usr/include/wchar.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h \ + /usr/include/x86_64-linux-gnu/bits/stdio_lim.h \ + /usr/include/x86_64-linux-gnu/bits/sys_errlist.h \ + /usr/include/x86_64-linux-gnu/bits/stdio.h /usr/include/stdlib.h \ + /usr/include/x86_64-linux-gnu/bits/waitflags.h \ + /usr/include/x86_64-linux-gnu/bits/waitstatus.h /usr/include/endian.h \ + /usr/include/x86_64-linux-gnu/bits/endian.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap.h \ + /usr/include/x86_64-linux-gnu/bits/byteswap-16.h /usr/include/xlocale.h \ + /usr/include/x86_64-linux-gnu/sys/types.h /usr/include/time.h \ + /usr/include/x86_64-linux-gnu/sys/select.h \ + /usr/include/x86_64-linux-gnu/bits/select.h \ + /usr/include/x86_64-linux-gnu/bits/sigset.h \ + /usr/include/x86_64-linux-gnu/bits/time.h \ + /usr/include/x86_64-linux-gnu/sys/sysmacros.h \ + /usr/include/x86_64-linux-gnu/bits/pthreadtypes.h /usr/include/alloca.h \ + /usr/include/x86_64-linux-gnu/bits/stdlib-float.h /usr/include/string.h \ + /usr/include/x86_64-linux-gnu/bits/string.h \ + /usr/include/x86_64-linux-gnu/bits/string2.h /usr/include/ctype.h \ + /usr/include/signal.h /usr/include/x86_64-linux-gnu/bits/signum.h \ + /usr/include/x86_64-linux-gnu/bits/siginfo.h \ + /usr/include/x86_64-linux-gnu/bits/sigaction.h \ + /usr/include/x86_64-linux-gnu/bits/sigcontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigstack.h \ + /usr/include/x86_64-linux-gnu/sys/ucontext.h \ + /usr/include/x86_64-linux-gnu/bits/sigthread.h /usr/include/errno.h \ + /usr/include/x86_64-linux-gnu/bits/errno.h /usr/include/linux/errno.h \ + /usr/include/x86_64-linux-gnu/asm/errno.h \ + /usr/include/asm-generic/errno.h /usr/include/asm-generic/errno-base.h \ + /usr/include/fcntl.h /usr/include/x86_64-linux-gnu/bits/fcntl.h \ + /usr/include/x86_64-linux-gnu/bits/fcntl-linux.h \ + /usr/include/x86_64-linux-gnu/bits/uio.h \ + /usr/include/x86_64-linux-gnu/bits/stat.h /usr/include/unistd.h \ + /usr/include/x86_64-linux-gnu/bits/posix_opt.h \ + /usr/include/x86_64-linux-gnu/bits/environments.h \ + /usr/include/x86_64-linux-gnu/bits/confname.h /usr/include/getopt.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h \ + /usr/include/inttypes.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h /usr/include/stdint.h \ + /usr/include/x86_64-linux-gnu/bits/wchar.h /usr/include/syslog.h \ + /usr/include/x86_64-linux-gnu/sys/syslog.h \ + /usr/include/x86_64-linux-gnu/bits/syslog-path.h \ + /usr/include/x86_64-linux-gnu/sys/time.h \ + /usr/include/x86_64-linux-gnu/bits/timex.h \ + /usr/include/x86_64-linux-gnu/sys/stat.h \ + /usr/include/x86_64-linux-gnu/sys/file.h \ + /usr/include/x86_64-linux-gnu/sys/wait.h \ + /usr/include/x86_64-linux-gnu/sys/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctls.h \ + /usr/include/x86_64-linux-gnu/asm/ioctls.h \ + /usr/include/asm-generic/ioctls.h /usr/include/linux/ioctl.h \ + /usr/include/x86_64-linux-gnu/asm/ioctl.h \ + /usr/include/asm-generic/ioctl.h \ + /usr/include/x86_64-linux-gnu/bits/ioctl-types.h \ + /usr/include/x86_64-linux-gnu/sys/ttydefaults.h \ + /usr/include/x86_64-linux-gnu/sys/param.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h \ + /usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h \ + /usr/include/limits.h /usr/include/x86_64-linux-gnu/bits/posix1_lim.h \ + /usr/include/x86_64-linux-gnu/bits/local_lim.h \ + /usr/include/linux/limits.h \ + /usr/include/x86_64-linux-gnu/bits/posix2_lim.h \ + /usr/include/x86_64-linux-gnu/bits/xopen_lim.h \ + /usr/include/x86_64-linux-gnu/bits/param.h /usr/include/linux/param.h \ + /usr/include/x86_64-linux-gnu/asm/param.h \ + /usr/include/asm-generic/param.h \ + /usr/include/x86_64-linux-gnu/sys/resource.h \ + /usr/include/x86_64-linux-gnu/bits/resource.h \ + /usr/include/x86_64-linux-gnu/sys/uio.h \ + /usr/include/x86_64-linux-gnu/sys/un.h \ + /usr/include/x86_64-linux-gnu/bits/sockaddr.h /usr/include/dirent.h \ + /usr/include/x86_64-linux-gnu/bits/dirent.h /usr/include/netdb.h \ + /usr/include/netinet/in.h /usr/include/x86_64-linux-gnu/sys/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket.h \ + /usr/include/x86_64-linux-gnu/bits/socket_type.h \ + /usr/include/x86_64-linux-gnu/asm/socket.h \ + /usr/include/asm-generic/socket.h \ + /usr/include/x86_64-linux-gnu/asm/sockios.h \ + /usr/include/asm-generic/sockios.h \ + /usr/include/x86_64-linux-gnu/bits/in.h /usr/include/rpc/netdb.h \ + /usr/include/x86_64-linux-gnu/bits/netdb.h /usr/include/net/if.h \ + /usr/include/netinet/in_systm.h /usr/include/arpa/inet.h \ + /usr/include/netinet/ip.h /usr/include/netinet/tcp.h \ + /usr/include/netinet/ip6.h /usr/include/net/ethernet.h \ + /usr/include/linux/if_ether.h /usr/include/linux/types.h \ + /usr/include/x86_64-linux-gnu/asm/types.h \ + /usr/include/asm-generic/types.h /usr/include/asm-generic/int-ll64.h \ + /usr/include/x86_64-linux-gnu/asm/bitsperlong.h \ + /usr/include/asm-generic/bitsperlong.h /usr/include/linux/posix_types.h \ + /usr/include/linux/stddef.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types.h \ + /usr/include/x86_64-linux-gnu/asm/posix_types_64.h \ + /usr/include/asm-generic/posix_types.h /usr/include/net/if_arp.h \ + /usr/include/netinet/ip_icmp.h /usr/include/netinet/icmp6.h \ + /usr/include/netinet/if_ether.h openssl/../dropin.h \ + openssl/../fake-getaddrinfo.h openssl/../fake-gai-errnos.h \ + openssl/../fake-getnameinfo.h /usr/include/openssl/pem.h \ + /usr/include/openssl/e_os2.h \ + /usr/include/x86_64-linux-gnu/openssl/opensslconf.h \ + /usr/include/openssl/bio.h /usr/include/openssl/crypto.h \ + /usr/include/openssl/stack.h /usr/include/openssl/safestack.h \ + /usr/include/openssl/opensslv.h /usr/include/openssl/ossl_typ.h \ + /usr/include/openssl/symhacks.h /usr/include/openssl/evp.h \ + /usr/include/openssl/objects.h /usr/include/openssl/obj_mac.h \ + /usr/include/openssl/asn1.h /usr/include/openssl/bn.h \ + /usr/include/openssl/x509.h /usr/include/openssl/buffer.h \ + /usr/include/openssl/ec.h /usr/include/openssl/ecdsa.h \ + /usr/include/openssl/ecdh.h /usr/include/openssl/rsa.h \ + /usr/include/openssl/dsa.h /usr/include/openssl/dh.h \ + /usr/include/openssl/sha.h /usr/include/openssl/x509_vfy.h \ + /usr/include/openssl/lhash.h /usr/include/openssl/pkcs7.h \ + /usr/include/openssl/pem2.h /usr/include/openssl/err.h \ + openssl/../logger.h openssl/../rsagen.h openssl/../rsa.h + +/usr/include/stdc-predef.h: + +/usr/include/x86_64-linux-gnu/bits/predefs.h: + +openssl/../system.h: + +openssl/../../config.h: + +openssl/../have.h: + +/usr/include/stdio.h: + +/usr/include/features.h: + +/usr/include/x86_64-linux-gnu/sys/cdefs.h: + +/usr/include/x86_64-linux-gnu/bits/wordsize.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs.h: + +/usr/include/x86_64-linux-gnu/gnu/stubs-64.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stddef.h: + +/usr/include/x86_64-linux-gnu/bits/types.h: + +/usr/include/x86_64-linux-gnu/bits/typesizes.h: + +/usr/include/libio.h: + +/usr/include/_G_config.h: + +/usr/include/wchar.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdarg.h: + +/usr/include/x86_64-linux-gnu/bits/stdio_lim.h: + +/usr/include/x86_64-linux-gnu/bits/sys_errlist.h: + +/usr/include/x86_64-linux-gnu/bits/stdio.h: + +/usr/include/stdlib.h: + +/usr/include/x86_64-linux-gnu/bits/waitflags.h: + +/usr/include/x86_64-linux-gnu/bits/waitstatus.h: + +/usr/include/endian.h: + +/usr/include/x86_64-linux-gnu/bits/endian.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap.h: + +/usr/include/x86_64-linux-gnu/bits/byteswap-16.h: + +/usr/include/xlocale.h: + +/usr/include/x86_64-linux-gnu/sys/types.h: + +/usr/include/time.h: + +/usr/include/x86_64-linux-gnu/sys/select.h: + +/usr/include/x86_64-linux-gnu/bits/select.h: + +/usr/include/x86_64-linux-gnu/bits/sigset.h: + +/usr/include/x86_64-linux-gnu/bits/time.h: + +/usr/include/x86_64-linux-gnu/sys/sysmacros.h: + +/usr/include/x86_64-linux-gnu/bits/pthreadtypes.h: + +/usr/include/alloca.h: + +/usr/include/x86_64-linux-gnu/bits/stdlib-float.h: + +/usr/include/string.h: + +/usr/include/x86_64-linux-gnu/bits/string.h: + +/usr/include/x86_64-linux-gnu/bits/string2.h: + +/usr/include/ctype.h: + +/usr/include/signal.h: + +/usr/include/x86_64-linux-gnu/bits/signum.h: + +/usr/include/x86_64-linux-gnu/bits/siginfo.h: + +/usr/include/x86_64-linux-gnu/bits/sigaction.h: + +/usr/include/x86_64-linux-gnu/bits/sigcontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigstack.h: + +/usr/include/x86_64-linux-gnu/sys/ucontext.h: + +/usr/include/x86_64-linux-gnu/bits/sigthread.h: + +/usr/include/errno.h: + +/usr/include/x86_64-linux-gnu/bits/errno.h: + +/usr/include/linux/errno.h: + +/usr/include/x86_64-linux-gnu/asm/errno.h: + +/usr/include/asm-generic/errno.h: + +/usr/include/asm-generic/errno-base.h: + +/usr/include/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl.h: + +/usr/include/x86_64-linux-gnu/bits/fcntl-linux.h: + +/usr/include/x86_64-linux-gnu/bits/uio.h: + +/usr/include/x86_64-linux-gnu/bits/stat.h: + +/usr/include/unistd.h: + +/usr/include/x86_64-linux-gnu/bits/posix_opt.h: + +/usr/include/x86_64-linux-gnu/bits/environments.h: + +/usr/include/x86_64-linux-gnu/bits/confname.h: + +/usr/include/getopt.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdbool.h: + +/usr/include/inttypes.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include/stdint.h: + +/usr/include/stdint.h: + +/usr/include/x86_64-linux-gnu/bits/wchar.h: + +/usr/include/syslog.h: + +/usr/include/x86_64-linux-gnu/sys/syslog.h: + +/usr/include/x86_64-linux-gnu/bits/syslog-path.h: + +/usr/include/x86_64-linux-gnu/sys/time.h: + +/usr/include/x86_64-linux-gnu/bits/timex.h: + +/usr/include/x86_64-linux-gnu/sys/stat.h: + +/usr/include/x86_64-linux-gnu/sys/file.h: + +/usr/include/x86_64-linux-gnu/sys/wait.h: + +/usr/include/x86_64-linux-gnu/sys/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctls.h: + +/usr/include/x86_64-linux-gnu/asm/ioctls.h: + +/usr/include/asm-generic/ioctls.h: + +/usr/include/linux/ioctl.h: + +/usr/include/x86_64-linux-gnu/asm/ioctl.h: + +/usr/include/asm-generic/ioctl.h: + +/usr/include/x86_64-linux-gnu/bits/ioctl-types.h: + +/usr/include/x86_64-linux-gnu/sys/ttydefaults.h: + +/usr/include/x86_64-linux-gnu/sys/param.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/limits.h: + +/usr/lib/gcc/x86_64-linux-gnu/4.8/include-fixed/syslimits.h: + +/usr/include/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix1_lim.h: + +/usr/include/x86_64-linux-gnu/bits/local_lim.h: + +/usr/include/linux/limits.h: + +/usr/include/x86_64-linux-gnu/bits/posix2_lim.h: + +/usr/include/x86_64-linux-gnu/bits/xopen_lim.h: + +/usr/include/x86_64-linux-gnu/bits/param.h: + +/usr/include/linux/param.h: + +/usr/include/x86_64-linux-gnu/asm/param.h: + +/usr/include/asm-generic/param.h: + +/usr/include/x86_64-linux-gnu/sys/resource.h: + +/usr/include/x86_64-linux-gnu/bits/resource.h: + +/usr/include/x86_64-linux-gnu/sys/uio.h: + +/usr/include/x86_64-linux-gnu/sys/un.h: + +/usr/include/x86_64-linux-gnu/bits/sockaddr.h: + +/usr/include/dirent.h: + +/usr/include/x86_64-linux-gnu/bits/dirent.h: + +/usr/include/netdb.h: + +/usr/include/netinet/in.h: + +/usr/include/x86_64-linux-gnu/sys/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket.h: + +/usr/include/x86_64-linux-gnu/bits/socket_type.h: + +/usr/include/x86_64-linux-gnu/asm/socket.h: + +/usr/include/asm-generic/socket.h: + +/usr/include/x86_64-linux-gnu/asm/sockios.h: + +/usr/include/asm-generic/sockios.h: + +/usr/include/x86_64-linux-gnu/bits/in.h: + +/usr/include/rpc/netdb.h: + +/usr/include/x86_64-linux-gnu/bits/netdb.h: + +/usr/include/net/if.h: + +/usr/include/netinet/in_systm.h: + +/usr/include/arpa/inet.h: + +/usr/include/netinet/ip.h: + +/usr/include/netinet/tcp.h: + +/usr/include/netinet/ip6.h: + +/usr/include/net/ethernet.h: + +/usr/include/linux/if_ether.h: + +/usr/include/linux/types.h: + +/usr/include/x86_64-linux-gnu/asm/types.h: + +/usr/include/asm-generic/types.h: + +/usr/include/asm-generic/int-ll64.h: + +/usr/include/x86_64-linux-gnu/asm/bitsperlong.h: + +/usr/include/asm-generic/bitsperlong.h: + +/usr/include/linux/posix_types.h: + +/usr/include/linux/stddef.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types.h: + +/usr/include/x86_64-linux-gnu/asm/posix_types_64.h: + +/usr/include/asm-generic/posix_types.h: + +/usr/include/net/if_arp.h: + +/usr/include/netinet/ip_icmp.h: + +/usr/include/netinet/icmp6.h: + +/usr/include/netinet/if_ether.h: + +openssl/../dropin.h: + +openssl/../fake-getaddrinfo.h: + +openssl/../fake-gai-errnos.h: + +openssl/../fake-getnameinfo.h: + +/usr/include/openssl/pem.h: + +/usr/include/openssl/e_os2.h: + +/usr/include/x86_64-linux-gnu/openssl/opensslconf.h: + +/usr/include/openssl/bio.h: + +/usr/include/openssl/crypto.h: + +/usr/include/openssl/stack.h: + +/usr/include/openssl/safestack.h: + +/usr/include/openssl/opensslv.h: + +/usr/include/openssl/ossl_typ.h: + +/usr/include/openssl/symhacks.h: + +/usr/include/openssl/evp.h: + +/usr/include/openssl/objects.h: + +/usr/include/openssl/obj_mac.h: + +/usr/include/openssl/asn1.h: + +/usr/include/openssl/bn.h: + +/usr/include/openssl/x509.h: + +/usr/include/openssl/buffer.h: + +/usr/include/openssl/ec.h: + +/usr/include/openssl/ecdsa.h: + +/usr/include/openssl/ecdh.h: + +/usr/include/openssl/rsa.h: + +/usr/include/openssl/dsa.h: + +/usr/include/openssl/dh.h: + +/usr/include/openssl/sha.h: + +/usr/include/openssl/x509_vfy.h: + +/usr/include/openssl/lhash.h: + +/usr/include/openssl/pkcs7.h: + +/usr/include/openssl/pem2.h: + +/usr/include/openssl/err.h: + +openssl/../logger.h: + +openssl/../rsagen.h: + +openssl/../rsa.h: diff --git a/src/openssl/.dirstamp b/src/openssl/.dirstamp new file mode 100644 index 0000000..e69de29 diff --git a/src/openssl/cipher.c b/src/openssl/cipher.c index 553b4ad..c0307f8 100644 --- a/src/openssl/cipher.c +++ b/src/openssl/cipher.c @@ -1,6 +1,6 @@ /* cipher.c -- Symmetric block cipher handling - Copyright (C) 2007-2012 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,59 +17,73 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include +#include -#include "cipher.h" -#include "logger.h" -#include "xalloc.h" +#include "../cipher.h" +#include "../logger.h" +#include "../xalloc.h" + +struct cipher { + EVP_CIPHER_CTX ctx; + const EVP_CIPHER *cipher; + struct cipher_counter *counter; +}; typedef struct cipher_counter { - unsigned char counter[EVP_MAX_IV_LENGTH]; - unsigned char block[EVP_MAX_IV_LENGTH]; + unsigned char counter[CIPHER_MAX_IV_SIZE]; + unsigned char block[CIPHER_MAX_IV_SIZE]; int n; } cipher_counter_t; -static bool cipher_open(cipher_t *cipher) { +static cipher_t *cipher_open(const EVP_CIPHER *evp_cipher) { + cipher_t *cipher = xzalloc(sizeof *cipher); + cipher->cipher = evp_cipher; EVP_CIPHER_CTX_init(&cipher->ctx); - return true; + return cipher; } -bool cipher_open_by_name(cipher_t *cipher, const char *name) { - cipher->cipher = EVP_get_cipherbyname(name); +cipher_t *cipher_open_by_name(const char *name) { + const EVP_CIPHER *evp_cipher = EVP_get_cipherbyname(name); + if(!evp_cipher) { + logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher name '%s'!", name); + return NULL; + } - if(cipher->cipher) - return cipher_open(cipher); - - logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher name '%s'!", name); - return false; + return cipher_open(evp_cipher); } -bool cipher_open_by_nid(cipher_t *cipher, int nid) { - cipher->cipher = EVP_get_cipherbynid(nid); +cipher_t *cipher_open_by_nid(int nid) { + const EVP_CIPHER *evp_cipher = EVP_get_cipherbynid(nid); + if(!evp_cipher) { + logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher nid %d!", nid); + return NULL; + } - if(cipher->cipher) - return cipher_open(cipher); - - logger(DEBUG_ALWAYS, LOG_ERR, "Unknown cipher nid %d!", nid); - return false; + return cipher_open(evp_cipher); } -bool cipher_open_blowfish_ofb(cipher_t *cipher) { - cipher->cipher = EVP_bf_ofb(); - return cipher_open(cipher); +cipher_t *cipher_open_blowfish_ofb(void) { + return cipher_open(EVP_bf_ofb()); } void cipher_close(cipher_t *cipher) { + if(!cipher) + return; + EVP_CIPHER_CTX_cleanup(&cipher->ctx); free(cipher->counter); - cipher->counter = NULL; + free(cipher); } size_t cipher_keylength(const cipher_t *cipher) { + if(!cipher || !cipher->cipher) + return 0; + return cipher->cipher->key_len + cipher->cipher->block_size; } @@ -124,7 +138,7 @@ bool cipher_set_counter_key(cipher_t *cipher, void *key) { } if(!cipher->counter) - cipher->counter = xmalloc_and_zero(sizeof *cipher->counter); + cipher->counter = xzalloc(sizeof *cipher->counter); else cipher->counter->n = 0; @@ -210,9 +224,12 @@ bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou } int cipher_get_nid(const cipher_t *cipher) { - return cipher->cipher ? cipher->cipher->nid : 0; + if(!cipher || !cipher->cipher) + return 0; + + return cipher->cipher->nid; } bool cipher_active(const cipher_t *cipher) { - return cipher->cipher && cipher->cipher->nid != 0; + return cipher && cipher->cipher && cipher->cipher->nid != 0; } diff --git a/src/openssl/cipher.o b/src/openssl/cipher.o new file mode 100644 index 0000000..3831ed8 Binary files /dev/null and b/src/openssl/cipher.o differ diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c index c695be8..6c5cbc8 100644 --- a/src/openssl/crypto.c +++ b/src/openssl/crypto.c @@ -1,6 +1,6 @@ /* crypto.c -- Cryptographic miscellaneous functions and initialisation - Copyright (C) 2007 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,13 +17,13 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include #include -#include "crypto.h" +#include "../crypto.h" void crypto_init(void) { RAND_load_file("/dev/urandom", 1024); @@ -31,7 +31,13 @@ void crypto_init(void) { ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); + ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); + + if(!RAND_status()) { + fprintf(stderr, "Not enough entropy for the PRNG!\n"); + abort(); + } } void crypto_exit(void) { diff --git a/src/openssl/crypto.o b/src/openssl/crypto.o new file mode 100644 index 0000000..cad569b Binary files /dev/null and b/src/openssl/crypto.o differ diff --git a/src/openssl/digest.c b/src/openssl/digest.c index 79db491..0e600b9 100644 --- a/src/openssl/digest.c +++ b/src/openssl/digest.c @@ -1,6 +1,6 @@ /* digest.c -- Digest handling - Copyright (C) 2007-2012 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,57 +17,55 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" -#include "utils.h" -#include "xalloc.h" +#include "../system.h" +#include "../utils.h" +#include "../xalloc.h" #include #include #include "digest.h" -#include "logger.h" +#include "../digest.h" +#include "../logger.h" + +static digest_t *digest_open(const EVP_MD *evp_md, int maclength) { + digest_t *digest = xzalloc(sizeof *digest); + digest->digest = evp_md; -static void set_maclength(digest_t *digest, int maclength) { int digestlen = EVP_MD_size(digest->digest); if(maclength > digestlen || maclength < 0) digest->maclength = digestlen; else digest->maclength = maclength; + + return digest; } -bool digest_open_by_name(digest_t *digest, const char *name, int maclength) { - digest->digest = EVP_get_digestbyname(name); - digest->key = NULL; +digest_t *digest_open_by_name(const char *name, int maclength) { + const EVP_MD *evp_md = EVP_get_digestbyname(name); - if(!digest->digest) { + if(!evp_md) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest name '%s'!", name); return false; } - set_maclength(digest, maclength); - return true; + return digest_open(evp_md, maclength); } -bool digest_open_by_nid(digest_t *digest, int nid, int maclength) { - digest->digest = EVP_get_digestbynid(nid); - digest->key = NULL; +digest_t *digest_open_by_nid(int nid, int maclength) { + const EVP_MD *evp_md = EVP_get_digestbynid(nid); - if(!digest->digest) { + if(!evp_md) { logger(DEBUG_ALWAYS, LOG_DEBUG, "Unknown digest nid %d!", nid); return false; } - set_maclength(digest, maclength); - return true; + return digest_open(evp_md, maclength); } -bool digest_open_sha1(digest_t *digest, int maclength) { - digest->digest = EVP_sha1(); - digest->key = NULL; - - set_maclength(digest, maclength); - return true; +digest_t *digest_open_sha1(int maclength) { + return digest_open(EVP_sha1(), maclength); } bool digest_set_key(digest_t *digest, const void *key, size_t len) { @@ -78,8 +76,11 @@ bool digest_set_key(digest_t *digest, const void *key, size_t len) { } void digest_close(digest_t *digest) { + if(!digest) + return; + free(digest->key); - digest->key = NULL; + free(digest); } bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) { @@ -87,7 +88,10 @@ bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *out unsigned char tmpdata[len]; if(digest->key) { - HMAC(digest->digest, digest->key, digest->keylength, indata, inlen, tmpdata, NULL); + if(!HMAC(digest->digest, digest->key, digest->keylength, indata, inlen, tmpdata, NULL)) { + logger(DEBUG_ALWAYS, LOG_DEBUG, "Error creating digest: %s", ERR_error_string(ERR_get_error(), NULL)); + return false; + } } else { EVP_MD_CTX ctx; @@ -111,17 +115,26 @@ bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const voi } int digest_get_nid(const digest_t *digest) { - return digest->digest ? digest->digest->type : 0; + if(!digest || !digest->digest) + return 0; + + return digest->digest->type; } size_t digest_keylength(const digest_t *digest) { + if(!digest || !digest->digest) + return 0; + return digest->digest->md_size; } size_t digest_length(const digest_t *digest) { + if(!digest) + return 0; + return digest->maclength; } bool digest_active(const digest_t *digest) { - return digest->digest && digest->digest->type != 0; + return digest && digest->digest && digest->digest->type != 0; } diff --git a/src/openssl/digest.h b/src/openssl/digest.h index c192249..0a32707 100644 --- a/src/openssl/digest.h +++ b/src/openssl/digest.h @@ -1,6 +1,6 @@ /* digest.h -- header file digest.c - Copyright (C) 2007-2011 Guus Sliepen + Copyright (C) 2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,30 +17,16 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#ifndef __TINC_DIGEST_H__ -#define __TINC_DIGEST_H__ +#ifndef __TINC_OPENSSL_DIGEST_H__ +#define __TINC_OPENSSL_DIGEST_H__ #include -#define DIGEST_MAX_SIZE EVP_MAX_MD_SIZE - -typedef struct digest { +struct digest { const EVP_MD *digest; int maclength; int keylength; char *key; -} digest_t; - -extern bool digest_open_by_name(struct digest *, const char *name, int maclength); -extern bool digest_open_by_nid(struct digest *, int nid, int maclength); -extern bool digest_open_sha1(struct digest *, int maclength); -extern void digest_close(struct digest *); -extern bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata); -extern bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata); -extern bool digest_set_key(struct digest *, const void *key, size_t len); -extern int digest_get_nid(const struct digest *); -extern size_t digest_keylength(const struct digest *); -extern size_t digest_length(const struct digest *); -extern bool digest_active(const struct digest *); +}; #endif diff --git a/src/openssl/digest.o b/src/openssl/digest.o new file mode 100644 index 0000000..64e8d0d Binary files /dev/null and b/src/openssl/digest.o differ diff --git a/src/openssl/ecdh.c b/src/openssl/ecdh.c index f94555d..d997007 100644 --- a/src/openssl/ecdh.c +++ b/src/openssl/ecdh.c @@ -1,6 +1,6 @@ /* ecdh.c -- Diffie-Hellman key exchange handling - Copyright (C) 2011-2012 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,68 +17,70 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" -#include "utils.h" -#include "xalloc.h" +#include "../system.h" #include #include +#include #include -#include "ecdh.h" -#include "logger.h" +#define __TINC_ECDH_INTERNAL__ +typedef EC_KEY ecdh_t; -bool ecdh_generate_public(ecdh_t *ecdh, void *pubkey) { - *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!*ecdh) { +#include "../ecdh.h" +#include "../logger.h" +#include "../utils.h" +#include "../xalloc.h" + +ecdh_t *ecdh_generate_public(void *pubkey) { + ecdh_t *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); + if(!ecdh) { logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); return false; } - if(!EC_KEY_generate_key(*ecdh)) { - EC_KEY_free(*ecdh); - *ecdh = NULL; + if(!EC_KEY_generate_key(ecdh)) { + EC_KEY_free(ecdh); logger(DEBUG_ALWAYS, LOG_ERR, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return NULL; } - const EC_POINT *point = EC_KEY_get0_public_key(*ecdh); + const EC_POINT *point = EC_KEY_get0_public_key(ecdh); if(!point) { - EC_KEY_free(*ecdh); - *ecdh = NULL; + EC_KEY_free(ecdh); logger(DEBUG_ALWAYS, LOG_ERR, "Getting public key failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return NULL; } - size_t result = EC_POINT_point2oct(EC_KEY_get0_group(*ecdh), point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); + size_t result = EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); if(!result) { - EC_KEY_free(*ecdh); - *ecdh = NULL; + EC_KEY_free(ecdh); logger(DEBUG_ALWAYS, LOG_ERR, "Converting EC_POINT to binary failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return NULL; } - return true; + return ecdh; } bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { - EC_POINT *point = EC_POINT_new(EC_KEY_get0_group(*ecdh)); + EC_POINT *point = EC_POINT_new(EC_KEY_get0_group(ecdh)); if(!point) { logger(DEBUG_ALWAYS, LOG_ERR, "EC_POINT_new() failed: %s", ERR_error_string(ERR_get_error(), NULL)); + EC_KEY_free(ecdh); return false; } - int result = EC_POINT_oct2point(EC_KEY_get0_group(*ecdh), point, pubkey, ECDH_SIZE, NULL); + int result = EC_POINT_oct2point(EC_KEY_get0_group(ecdh), point, pubkey, ECDH_SIZE, NULL); if(!result) { EC_POINT_free(point); + EC_KEY_free(ecdh); logger(DEBUG_ALWAYS, LOG_ERR, "Converting binary to EC_POINT failed: %s", ERR_error_string(ERR_get_error(), NULL)); return false; } - result = ECDH_compute_key(shared, ECDH_SIZE, point, *ecdh, NULL); + result = ECDH_compute_key(shared, ECDH_SIZE, point, ecdh, NULL); EC_POINT_free(point); - EC_KEY_free(*ecdh); - *ecdh = NULL; + EC_KEY_free(ecdh); if(!result) { logger(DEBUG_ALWAYS, LOG_ERR, "Computing Elliptic Curve Diffie-Hellman shared key failed: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -89,8 +91,6 @@ bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) { } void ecdh_free(ecdh_t *ecdh) { - if(*ecdh) { - EC_KEY_free(*ecdh); - *ecdh = NULL; - } + if(ecdh) + EC_KEY_free(ecdh); } diff --git a/src/openssl/ecdh.o b/src/openssl/ecdh.o new file mode 100644 index 0000000..f7188b8 Binary files /dev/null and b/src/openssl/ecdh.o differ diff --git a/src/openssl/ecdsa.c b/src/openssl/ecdsa.c index e2af6f9..bca89fc 100644 --- a/src/openssl/ecdsa.c +++ b/src/openssl/ecdsa.c @@ -1,6 +1,6 @@ /* ecdsa.c -- ECDSA key handling - Copyright (C) 2011-2012 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,22 +17,26 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include -#include "logger.h" -#include "ecdsa.h" -#include "utils.h" +#define __TINC_ECDSA_INTERNAL__ +typedef EC_KEY ecdsa_t; + +#include "../logger.h" +#include "../ecdsa.h" +#include "../utils.h" +#include "../xalloc.h" // Get and set ECDSA keys // -bool ecdsa_set_base64_public_key(ecdsa_t *ecdsa, const char *p) { - *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!*ecdsa) { +ecdsa_t *ecdsa_set_base64_public_key(const char *p) { + ecdsa_t *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); + if(!ecdsa) { logger(DEBUG_ALWAYS, LOG_DEBUG, "EC_KEY_new_by_curve_name failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return NULL; } int len = strlen(p); @@ -40,19 +44,20 @@ bool ecdsa_set_base64_public_key(ecdsa_t *ecdsa, const char *p) { const unsigned char *ppubkey = pubkey; len = b64decode(p, (char *)pubkey, len); - if(!o2i_ECPublicKey(ecdsa, &ppubkey, len)) { + if(!o2i_ECPublicKey(&ecdsa, &ppubkey, len)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "o2i_ECPublicKey failed: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + EC_KEY_free(ecdsa); + return NULL; } - return true; + return ecdsa; } char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { unsigned char *pubkey = NULL; - int len = i2o_ECPublicKey(*ecdsa, &pubkey); + int len = i2o_ECPublicKey(ecdsa, &pubkey); - char *base64 = malloc(len * 4 / 3 + 5); + char *base64 = xmalloc(len * 4 / 3 + 5); b64encode((char *)pubkey, base64, len); free(pubkey); @@ -62,41 +67,39 @@ char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { // Read PEM ECDSA keys -bool ecdsa_read_pem_public_key(ecdsa_t *ecdsa, FILE *fp) { - *ecdsa = PEM_read_EC_PUBKEY(fp, ecdsa, NULL, NULL); +ecdsa_t *ecdsa_read_pem_public_key(FILE *fp) { + ecdsa_t *ecdsa = PEM_read_EC_PUBKEY(fp, NULL, NULL, NULL); - if(*ecdsa) - return true; + if(!ecdsa) + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return ecdsa; } -bool ecdsa_read_pem_private_key(ecdsa_t *ecdsa, FILE *fp) { - *ecdsa = PEM_read_ECPrivateKey(fp, NULL, NULL, NULL); +ecdsa_t *ecdsa_read_pem_private_key(FILE *fp) { + ecdsa_t *ecdsa = PEM_read_ECPrivateKey(fp, NULL, NULL, NULL); - if(*ecdsa) - return true; + if(!ecdsa) + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read ECDSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return ecdsa; } size_t ecdsa_size(ecdsa_t *ecdsa) { - return ECDSA_size(*ecdsa); + return ECDSA_size(ecdsa); } // TODO: standardise output format? bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { - unsigned int siglen = ECDSA_size(*ecdsa); + unsigned int siglen = ECDSA_size(ecdsa); unsigned char hash[SHA512_DIGEST_LENGTH]; SHA512(in, len, hash); memset(sig, 0, siglen); - if(!ECDSA_sign(0, hash, sizeof hash, sig, &siglen, *ecdsa)) { + if(!ECDSA_sign(0, hash, sizeof hash, sig, &siglen, ecdsa)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_sign() failed: %s", ERR_error_string(ERR_get_error(), NULL)); return false; } @@ -105,12 +108,12 @@ bool ecdsa_sign(ecdsa_t *ecdsa, const void *in, size_t len, void *sig) { } bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { - unsigned int siglen = ECDSA_size(*ecdsa); + unsigned int siglen = ECDSA_size(ecdsa); unsigned char hash[SHA512_DIGEST_LENGTH]; SHA512(in, len, hash); - if(!ECDSA_verify(0, hash, sizeof hash, sig, siglen, *ecdsa)) { + if(!ECDSA_verify(0, hash, sizeof hash, sig, siglen, ecdsa)) { logger(DEBUG_ALWAYS, LOG_DEBUG, "ECDSA_verify() failed: %s", ERR_error_string(ERR_get_error(), NULL)); return false; } @@ -119,12 +122,10 @@ bool ecdsa_verify(ecdsa_t *ecdsa, const void *in, size_t len, const void *sig) { } bool ecdsa_active(ecdsa_t *ecdsa) { - return *ecdsa; + return ecdsa; } void ecdsa_free(ecdsa_t *ecdsa) { - if(*ecdsa) { - EC_KEY_free(*ecdsa); - *ecdsa = NULL; - } + if(ecdsa) + EC_KEY_free(ecdsa); } diff --git a/src/openssl/ecdsa.o b/src/openssl/ecdsa.o new file mode 100644 index 0000000..bbdc905 Binary files /dev/null and b/src/openssl/ecdsa.o differ diff --git a/src/openssl/ecdsagen.c b/src/openssl/ecdsagen.c index 883c77e..31e5847 100644 --- a/src/openssl/ecdsagen.c +++ b/src/openssl/ecdsagen.c @@ -1,6 +1,6 @@ /* ecdsagen.c -- ECDSA key generation and export - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,59 +17,54 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include #include -#include "ecdsagen.h" -#include "utils.h" +#define __TINC_ECDSA_INTERNAL__ +typedef EC_KEY ecdsa_t; + +#include "../ecdsagen.h" +#include "../utils.h" +#include "../xalloc.h" // Generate ECDSA key -bool ecdsa_generate(ecdsa_t *ecdsa) { - *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); +ecdsa_t *ecdsa_generate(void) { + ecdsa_t *ecdsa = EC_KEY_new_by_curve_name(NID_secp521r1); - if(!EC_KEY_generate_key(*ecdsa)) { + if(!ecdsa || !EC_KEY_generate_key(ecdsa)) { fprintf(stderr, "Generating EC key failed: %s", ERR_error_string(ERR_get_error(), NULL)); + ecdsa_free(ecdsa); return false; } - EC_KEY_set_asn1_flag(*ecdsa, OPENSSL_EC_NAMED_CURVE); - EC_KEY_set_conv_form(*ecdsa, POINT_CONVERSION_COMPRESSED); + EC_KEY_set_asn1_flag(ecdsa, OPENSSL_EC_NAMED_CURVE); + EC_KEY_set_conv_form(ecdsa, POINT_CONVERSION_COMPRESSED); - return true; + return ecdsa; } // Write PEM ECDSA keys bool ecdsa_write_pem_public_key(ecdsa_t *ecdsa, FILE *fp) { BIO *out = BIO_new(BIO_s_file()); - BIO_set_fp(out,fp,BIO_NOCLOSE); - PEM_write_bio_EC_PUBKEY(out, *ecdsa); + if(!out) + return false; + BIO_set_fp(out, fp, BIO_NOCLOSE); + bool result = PEM_write_bio_EC_PUBKEY(out, ecdsa); BIO_free(out); - return true; + return result; } bool ecdsa_write_pem_private_key(ecdsa_t *ecdsa, FILE *fp) { BIO *out = BIO_new(BIO_s_file()); - BIO_set_fp(out,fp,BIO_NOCLOSE); - PEM_write_bio_ECPrivateKey(out, *ecdsa, NULL, NULL, 0, NULL, NULL); + if(!out) + return false; + BIO_set_fp(out, fp, BIO_NOCLOSE); + bool result = PEM_write_bio_ECPrivateKey(out, ecdsa, NULL, NULL, 0, NULL, NULL); BIO_free(out); - return true; -} - -// Convert ECDSA public key to base64 format - -char *ecdsa_get_base64_public_key(ecdsa_t *ecdsa) { - unsigned char *pubkey = NULL; - int len = i2o_ECPublicKey(*ecdsa, &pubkey); - - char *base64 = malloc(len * 4 / 3 + 5); - b64encode((char *)pubkey, base64, len); - - free(pubkey); - - return base64; + return result; } diff --git a/src/openssl/ecdsagen.o b/src/openssl/ecdsagen.o new file mode 100644 index 0000000..ce79180 Binary files /dev/null and b/src/openssl/ecdsagen.o differ diff --git a/src/openssl/prf.c b/src/openssl/prf.c index b37efdf..4f5a52b 100644 --- a/src/openssl/prf.c +++ b/src/openssl/prf.c @@ -1,6 +1,6 @@ /* prf.c -- Pseudo-Random Function for key material generation - Copyright (C) 2011-2012 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,27 +17,30 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include "digest.h" -#include "prf.h" +#include "../digest.h" +#include "../prf.h" /* Generate key material from a master secret and a seed, based on RFC 4346 section 5. We use SHA512 instead of MD5 and SHA1. */ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) { - digest_t digest; + digest_t *digest = digest_open_by_nid(nid, -1); - if(!digest_open_by_nid(&digest, nid, -1)) + if(!digest) return false; - if(!digest_set_key(&digest, secret, secretlen)) + if(!digest_set_key(digest, secret, secretlen)) { + digest_close(digest); return false; + } - size_t len = digest_length(&digest); + size_t len = digest_length(digest); /* Data is what the "inner" HMAC function processes. It consists of the previous HMAC result plus the seed. @@ -51,10 +54,16 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s while(outlen > 0) { /* Inner HMAC */ - digest_create(&digest, data, len + seedlen, data); + if(!digest_create(digest, data, len + seedlen, data)) { + digest_close(digest); + return false; + } /* Outer HMAC */ - digest_create(&digest, data, len + seedlen, hash); + if(!digest_create(digest, data, len + seedlen, hash)) { + digest_close(digest); + return false; + } /* XOR the results of the outer HMAC into the out buffer */ for(int i = 0; i < len && i < outlen; i++) @@ -63,7 +72,7 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s outlen -= len; } - digest_close(&digest); + digest_close(digest); return true; } diff --git a/src/openssl/prf.o b/src/openssl/prf.o new file mode 100644 index 0000000..10ca7c7 Binary files /dev/null and b/src/openssl/prf.o differ diff --git a/src/openssl/rsa.c b/src/openssl/rsa.c index 1b5ce56..20bfb65 100644 --- a/src/openssl/rsa.c +++ b/src/openssl/rsa.c @@ -1,6 +1,6 @@ /* rsa.c -- RSA key handling - Copyright (C) 2007-2012 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,69 +17,74 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include -#include "logger.h" -#include "rsa.h" +#define __TINC_RSA_INTERNAL__ +typedef RSA rsa_t; + +#include "../logger.h" +#include "../rsa.h" // Set RSA keys -bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e) { - *rsa = RSA_new(); - if(BN_hex2bn(&(*rsa)->n, n) != strlen(n)) +rsa_t *rsa_set_hex_public_key(char *n, char *e) { + rsa_t *rsa = RSA_new(); + if(!rsa) + return NULL; + + if(BN_hex2bn(&rsa->n, n) != strlen(n) || BN_hex2bn(&rsa->e, e) != strlen(e)) { + RSA_free(rsa); return false; - if(BN_hex2bn(&(*rsa)->e, e) != strlen(e)) - return false; - return true; + } + + return rsa; } -bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d) { - *rsa = RSA_new(); - if(BN_hex2bn(&(*rsa)->n, n) != strlen(n)) +rsa_t *rsa_set_hex_private_key(char *n, char *e, char *d) { + rsa_t *rsa = RSA_new(); + if(!rsa) + return NULL; + + if(BN_hex2bn(&rsa->n, n) != strlen(n) || BN_hex2bn(&rsa->e, e) != strlen(e) || BN_hex2bn(&rsa->d, d) != strlen(d)) { + RSA_free(rsa); return false; - if(BN_hex2bn(&(*rsa)->e, e) != strlen(e)) - return false; - if(BN_hex2bn(&(*rsa)->d, d) != strlen(d)) - return false; - return true; + } + + return rsa; } // Read PEM RSA keys -bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) { - *rsa = PEM_read_RSAPublicKey(fp, rsa, NULL, NULL); +rsa_t *rsa_read_pem_public_key(FILE *fp) { + rsa_t *rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL); - if(*rsa) - return true; + if(!rsa) + rsa = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL); - *rsa = PEM_read_RSA_PUBKEY(fp, rsa, NULL, NULL); + if(!rsa) + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - if(*rsa) - return true; - - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return rsa; } -bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) { - *rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); +rsa_t *rsa_read_pem_private_key(FILE *fp) { + rsa_t *rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); - if(*rsa) - return true; + if(!rsa) + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", ERR_error_string(ERR_get_error(), NULL)); - return false; + return rsa; } size_t rsa_size(rsa_t *rsa) { - return RSA_size(*rsa); + return RSA_size(rsa); } bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { - if(RSA_public_encrypt(len, in, out, *rsa, RSA_NO_PADDING) == len) + if(RSA_public_encrypt(len, in, out, rsa, RSA_NO_PADDING) == len) return true; logger(DEBUG_ALWAYS, LOG_ERR, "Unable to perform RSA encryption: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -87,7 +92,7 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { } bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { - if(RSA_private_decrypt(len, in, out, *rsa, RSA_NO_PADDING) == len) + if(RSA_private_decrypt(len, in, out, rsa, RSA_NO_PADDING) == len) return true; logger(DEBUG_ALWAYS, LOG_ERR, "Unable to perform RSA decryption: %s", ERR_error_string(ERR_get_error(), NULL)); @@ -95,12 +100,10 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { } bool rsa_active(rsa_t *rsa) { - return *rsa; + return rsa; } void rsa_free(rsa_t *rsa) { - if(*rsa) { - RSA_free(*rsa); - *rsa = NULL; - } + if(rsa) + RSA_free(rsa); } diff --git a/src/openssl/rsa.o b/src/openssl/rsa.o new file mode 100644 index 0000000..9a12d0c Binary files /dev/null and b/src/openssl/rsa.o differ diff --git a/src/openssl/rsagen.c b/src/openssl/rsagen.c index 0f4a4fa..3a8c8ad 100644 --- a/src/openssl/rsagen.c +++ b/src/openssl/rsagen.c @@ -1,6 +1,6 @@ /* rsagen.c -- RSA key generation and export - Copyright (C) 2008 Guus Sliepen + Copyright (C) 2008-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,13 +17,16 @@ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include "system.h" +#include "../system.h" #include #include -#include "logger.h" -#include "rsagen.h" +#define __TINC_RSA_INTERNAL__ +typedef RSA rsa_t; + +#include "../logger.h" +#include "../rsagen.h" /* This function prettyprints the key generation process */ @@ -63,21 +66,16 @@ static void indicator(int a, int b, void *p) { // Generate RSA key -bool rsa_generate(rsa_t *rsa, size_t bits, unsigned long exponent) { - *rsa = RSA_generate_key(bits, exponent, indicator, NULL); - - return *rsa; +rsa_t *rsa_generate(size_t bits, unsigned long exponent) { + return RSA_generate_key(bits, exponent, indicator, NULL); } // Write PEM RSA keys bool rsa_write_pem_public_key(rsa_t *rsa, FILE *fp) { - PEM_write_RSAPublicKey(fp, *rsa); - - return true; + return PEM_write_RSAPublicKey(fp, rsa); } bool rsa_write_pem_private_key(rsa_t *rsa, FILE *fp) { - PEM_write_RSAPrivateKey(fp, *rsa, NULL, NULL, 0, NULL, NULL); - return true; + return PEM_write_RSAPrivateKey(fp, rsa, NULL, NULL, 0, NULL, NULL); } diff --git a/src/openssl/rsagen.o b/src/openssl/rsagen.o new file mode 100644 index 0000000..4d1c766 Binary files /dev/null and b/src/openssl/rsagen.o differ diff --git a/src/prf.c b/src/prf.c deleted file mode 100644 index b37efdf..0000000 --- a/src/prf.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - prf.c -- Pseudo-Random Function for key material generation - Copyright (C) 2011-2012 Guus Sliepen - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "system.h" - -#include - -#include "digest.h" -#include "prf.h" - -/* Generate key material from a master secret and a seed, based on RFC 4346 section 5. - We use SHA512 instead of MD5 and SHA1. - */ - -static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) { - digest_t digest; - - if(!digest_open_by_nid(&digest, nid, -1)) - return false; - - if(!digest_set_key(&digest, secret, secretlen)) - return false; - - size_t len = digest_length(&digest); - - /* Data is what the "inner" HMAC function processes. - It consists of the previous HMAC result plus the seed. - */ - - char data[len + seedlen]; - memset(data, 0, len); - memcpy(data + len, seed, seedlen); - - char hash[len]; - - while(outlen > 0) { - /* Inner HMAC */ - digest_create(&digest, data, len + seedlen, data); - - /* Outer HMAC */ - digest_create(&digest, data, len + seedlen, hash); - - /* XOR the results of the outer HMAC into the out buffer */ - for(int i = 0; i < len && i < outlen; i++) - *out++ ^= hash[i]; - - outlen -= len; - } - - digest_close(&digest); - return true; -} - -bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) { - /* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */ - memset(out, 0, outlen); - - return prf_xor(NID_sha512, secret, secretlen, seed, seedlen, out, outlen); -} diff --git a/src/openssl/prf.h b/src/prf.h similarity index 85% rename from src/openssl/prf.h rename to src/prf.h index 6525505..ef4b99b 100644 --- a/src/openssl/prf.h +++ b/src/prf.h @@ -1,6 +1,6 @@ /* prf.h -- header file for prf.c - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,6 +20,6 @@ #ifndef __TINC_PRF_H__ #define __TINC_PRF_H__ -extern bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen); +extern bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) __attribute__ ((__warn_unused_result__)); #endif diff --git a/src/protocol.c b/src/protocol.c index ad0fa8d..374c522 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -1,7 +1,7 @@ /* protocol.c -- handle the meta-protocol, basic functions Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -30,7 +30,7 @@ bool tunnelserver = false; bool strictsubnets = false; -bool experimental = false; +bool experimental = true; /* Jumptable for the request handlers */ diff --git a/src/protocol.h b/src/protocol.h index 1df54fc..e771c54 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -1,7 +1,7 @@ /* protocol.h -- header for protocol.c Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,10 +21,12 @@ #ifndef __TINC_PROTOCOL_H__ #define __TINC_PROTOCOL_H__ +#include "ecdsa.h" + /* Protocol version. Different major versions are incompatible. */ #define PROT_MAJOR 17 -#define PROT_MINOR 2 /* Should not exceed 255! */ +#define PROT_MINOR 3 /* Should not exceed 255! */ /* Silly Windows */ @@ -59,6 +61,8 @@ extern bool tunnelserver; extern bool strictsubnets; extern bool experimental; +extern ecdsa_t *invitation_key; + /* Maximum size of strings in a request. * scanf terminates %2048s with a NUL character, * but the NUL character can be written after the 2048th non-NUL character. diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 5f2dcaa..f8a3cc3 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -1,7 +1,7 @@ /* protocol_auth.c -- handle the meta-protocol, authentication Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,10 +27,12 @@ #include "cipher.h" #include "crypto.h" #include "digest.h" +#include "ecdsa.h" #include "edge.h" #include "graph.h" #include "logger.h" #include "meta.h" +#include "names.h" #include "net.h" #include "netutl.h" #include "node.h" @@ -41,6 +43,8 @@ #include "utils.h" #include "xalloc.h" +ecdsa_t *invitation_key = NULL; + static bool send_proxyrequest(connection_t *c) { switch(proxytype) { case PROXY_HTTP: { @@ -133,7 +137,7 @@ bool send_id(connection_t *c) { int minor = 0; if(experimental) { - if(c->config_tree && !read_ecdsa_public_key(c)) + if(c->outgoing && !read_ecdsa_public_key(c)) minor = 1; else minor = myself->connection->protocol_minor; @@ -146,6 +150,107 @@ bool send_id(connection_t *c) { return send_request(c, "%d %s %d.%d", ID, myself->connection->name, myself->connection->protocol_major, minor); } +static bool finalize_invitation(connection_t *c, const char *data, uint16_t len) { + if(strchr(data, '\n')) { + logger(DEBUG_ALWAYS, LOG_ERR, "Received invalid key from invited node %s (%s)!\n", c->name, c->hostname); + return false; + } + + // Create a new host config file + char filename[PATH_MAX]; + snprintf(filename, sizeof filename, "%s" SLASH "hosts" SLASH "%s", confbase, c->name); + if(!access(filename, F_OK)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Host config file for %s (%s) already exists!\n", c->name, c->hostname); + return false; + } + + FILE *f = fopen(filename, "w"); + if(!f) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to create %s: %s\n", filename, strerror(errno)); + return false; + } + + fprintf(f, "ECDSAPublicKey = %s\n", data); + fclose(f); + + logger(DEBUG_CONNECTIONS, LOG_INFO, "Key succesfully received from %s (%s)", c->name, c->hostname); + return true; +} + +static bool receive_invitation_sptps(void *handle, uint8_t type, const char *data, uint16_t len) { + connection_t *c = handle; + + if(type == 128) + return true; + + if(type == 1 && c->status.invitation_used) + return finalize_invitation(c, data, len); + + if(type != 0 || len != 18 || c->status.invitation_used) + return false; + + char cookie[25]; + b64encode_urlsafe(data, cookie, 18); + + char filename[PATH_MAX], usedname[PATH_MAX]; + snprintf(filename, sizeof filename, "%s" SLASH "invitations" SLASH "%s", confbase, cookie); + snprintf(usedname, sizeof usedname, "%s" SLASH "invitations" SLASH "%s.used", confbase, cookie); + + // Atomically rename the invitation file + if(rename(filename, usedname)) { + if(errno == ENOENT) + logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s tried to use non-existing invitation %s\n", c->hostname, cookie); + else + logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to rename invitation %s\n", cookie); + return false; + } + + // Open the renamed file + FILE *f = fopen(usedname, "r"); + if(!f) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error trying to open invitation %s\n", cookie); + return false; + } + + // Read the new node's Name from the file + char buf[1024]; + fgets(buf, sizeof buf, f); + if(*buf) + buf[strlen(buf) - 1] = 0; + + len = strcspn(buf, " \t="); + char *name = buf + len; + name += strspn(name, " \t"); + if(*name == '=') { + name++; + name += strspn(name, " \t"); + } + buf[len] = 0; + + if(!*buf || !*name || strcasecmp(buf, "Name") || !check_id(name)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Invalid invitation file %s\n", cookie); + fclose(f); + return false; + } + + free(c->name); + c->name = xstrdup(name); + + // Send the node the contents of the invitation file + rewind(f); + size_t result; + while((result = fread(buf, 1, sizeof buf, f))) + sptps_send_record(&c->sptps, 0, buf, result); + sptps_send_record(&c->sptps, 1, buf, 0); + fclose(f); + unlink(usedname); + + c->status.invitation_used = true; + + logger(DEBUG_CONNECTIONS, LOG_INFO, "Invitation %s succesfully sent to %s (%s)", cookie, c->name, c->hostname); + return true; +} + bool id_h(connection_t *c, const char *request) { char name[MAX_STRING_SIZE]; @@ -168,6 +273,31 @@ bool id_h(connection_t *c, const char *request) { return send_request(c, "%d %d %d", ACK, TINC_CTL_VERSION_CURRENT, getpid()); } + if(name[0] == '?') { + if(!invitation_key) { + logger(DEBUG_ALWAYS, LOG_ERR, "Got invitation from %s but we don't have an invitation key", c->hostname); + return false; + } + + c->ecdsa = ecdsa_set_base64_public_key(name + 1); + if(!c->ecdsa) { + logger(DEBUG_ALWAYS, LOG_ERR, "Got bad invitation from %s", c->hostname); + return false; + } + + c->status.invitation = true; + char *mykey = ecdsa_get_base64_public_key(invitation_key); + if(!mykey) + return false; + if(!send_request(c, "%d %s", ACK, mykey)) + return false; + free(mykey); + + c->protocol_minor = 2; + + return sptps_start(&c->sptps, c, false, false, invitation_key, c->ecdsa, "tinc invitation", 15, send_meta_sptps, receive_invitation_sptps); + } + /* Check if identity is a valid name */ if(!check_id(name)) { @@ -194,7 +324,7 @@ bool id_h(connection_t *c, const char *request) { if(c->protocol_major != myself->connection->protocol_major) { logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s (%s) uses incompatible version %d.%d", - c->name, c->hostname, c->protocol_major, c->protocol_minor); + c->name, c->hostname, c->protocol_major, c->protocol_minor); return false; } @@ -216,15 +346,21 @@ bool id_h(connection_t *c, const char *request) { return false; } - if(experimental && c->protocol_minor >= 2) { - if(!read_ecdsa_public_key(c)) - return false; - } + if(experimental) + read_ecdsa_public_key(c); } else { - if(c->protocol_minor && !ecdsa_active(&c->ecdsa)) + if(c->protocol_minor && !ecdsa_active(c->ecdsa)) c->protocol_minor = 1; } + /* Forbid version rollback for nodes whose ECDSA key we know */ + + if(ecdsa_active(c->ecdsa) && c->protocol_minor < 2) { + logger(DEBUG_ALWAYS, LOG_ERR, "Peer %s (%s) tries to roll back protocol version to %d.%d", + c->name, c->hostname, c->protocol_major, c->protocol_minor); + return false; + } + c->allow_request = METAKEY; if(c->protocol_minor >= 2) { @@ -246,13 +382,13 @@ bool send_metakey(connection_t *c) { if(!read_rsa_public_key(c)) return false; - if(!cipher_open_blowfish_ofb(&c->outcipher)) + if(!(c->outcipher = cipher_open_blowfish_ofb())) return false; - if(!digest_open_sha1(&c->outdigest, -1)) + if(!(c->outdigest = digest_open_sha1(-1))) return false; - size_t len = rsa_size(&c->rsa); + size_t len = rsa_size(c->rsa); char key[len]; char enckey[len]; char hexkey[2 * len + 1]; @@ -273,7 +409,8 @@ bool send_metakey(connection_t *c) { key[0] &= 0x7F; - cipher_set_key_from_rsa(&c->outcipher, key, len, true); + if(!cipher_set_key_from_rsa(c->outcipher, key, len, true)) + return false; if(debug_level >= DEBUG_SCARY_THINGS) { bin2hex(key, hexkey, len); @@ -287,7 +424,7 @@ bool send_metakey(connection_t *c) { with a length equal to that of the modulus of the RSA key. */ - if(!rsa_public_encrypt(&c->rsa, key, len, enckey)) { + if(!rsa_public_encrypt(c->rsa, key, len, enckey)) { logger(DEBUG_ALWAYS, LOG_ERR, "Error during encryption of meta key for %s (%s)", c->name, c->hostname); return false; } @@ -299,8 +436,8 @@ bool send_metakey(connection_t *c) { /* Send the meta key */ bool result = send_request(c, "%d %d %d %d %d %s", METAKEY, - cipher_get_nid(&c->outcipher), - digest_get_nid(&c->outdigest), c->outmaclength, + cipher_get_nid(c->outcipher), + digest_get_nid(c->outdigest), c->outmaclength, c->outcompression, hexkey); c->status.encryptout = true; @@ -310,7 +447,7 @@ bool send_metakey(connection_t *c) { bool metakey_h(connection_t *c, const char *request) { char hexkey[MAX_STRING_SIZE]; int cipher, digest, maclength, compression; - size_t len = rsa_size(&myself->connection->rsa); + size_t len = rsa_size(myself->connection->rsa); char enckey[len]; char key[len]; @@ -332,7 +469,7 @@ bool metakey_h(connection_t *c, const char *request) { /* Decrypt the meta key */ - if(!rsa_private_decrypt(&myself->connection->rsa, enckey, len, key)) { + if(!rsa_private_decrypt(myself->connection->rsa, enckey, len, key)) { logger(DEBUG_ALWAYS, LOG_ERR, "Error during decryption of meta key for %s (%s)", c->name, c->hostname); return false; } @@ -344,12 +481,12 @@ bool metakey_h(connection_t *c, const char *request) { /* Check and lookup cipher and digest algorithms */ - if(!cipher_open_by_nid(&c->incipher, cipher) || !cipher_set_key_from_rsa(&c->incipher, key, len, false)) { + if(!(c->incipher = cipher_open_by_nid(cipher)) || !cipher_set_key_from_rsa(c->incipher, key, len, false)) { logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of cipher from %s (%s)", c->name, c->hostname); return false; } - if(!digest_open_by_nid(&c->indigest, digest, -1)) { + if(!(c->indigest = digest_open_by_nid(digest, -1))) { logger(DEBUG_ALWAYS, LOG_ERR, "Error during initialisation of digest from %s (%s)", c->name, c->hostname); return false; } @@ -362,7 +499,7 @@ bool metakey_h(connection_t *c, const char *request) { } bool send_challenge(connection_t *c) { - size_t len = rsa_size(&c->rsa); + size_t len = rsa_size(c->rsa); char buffer[len * 2 + 1]; if(!c->hischallenge) @@ -383,8 +520,8 @@ bool send_challenge(connection_t *c) { bool challenge_h(connection_t *c, const char *request) { char buffer[MAX_STRING_SIZE]; - size_t len = rsa_size(&myself->connection->rsa); - size_t digestlen = digest_length(&c->indigest); + size_t len = rsa_size(myself->connection->rsa); + size_t digestlen = digest_length(c->indigest); char digest[digestlen]; if(sscanf(request, "%*d " MAX_STRING, buffer) != 1) { @@ -403,11 +540,10 @@ bool challenge_h(connection_t *c, const char *request) { return false; } - c->allow_request = CHAL_REPLY; - /* Calculate the hash from the challenge we received */ - digest_create(&c->indigest, buffer, len, digest); + if(!digest_create(c->indigest, buffer, len, digest)) + return false; /* Convert the hash to a hexadecimal formatted string */ @@ -415,6 +551,8 @@ bool challenge_h(connection_t *c, const char *request) { /* Send the reply */ + c->allow_request = CHAL_REPLY; + return send_request(c, "%d %s", CHAL_REPLY, buffer); } @@ -433,7 +571,7 @@ bool chal_reply_h(connection_t *c, const char *request) { /* Check if the length of the hash is all right */ - if(inlen != digest_length(&c->outdigest)) { + if(inlen != digest_length(c->outdigest)) { logger(DEBUG_ALWAYS, LOG_ERR, "Possible intruder %s (%s): %s", c->name, c->hostname, "wrong challenge reply length"); return false; } @@ -441,7 +579,7 @@ bool chal_reply_h(connection_t *c, const char *request) { /* Verify the hash */ - if(!digest_verify(&c->outdigest, c->hischallenge, rsa_size(&c->rsa), hishash)) { + if(!digest_verify(c->outdigest, c->hischallenge, rsa_size(c->rsa), hishash)) { logger(DEBUG_ALWAYS, LOG_ERR, "Possible intruder %s (%s): %s", c->name, c->hostname, "wrong challenge reply"); return false; } @@ -461,7 +599,7 @@ static bool send_upgrade(connection_t *c) { /* Special case when protocol_minor is 1: the other end is ECDSA capable, * but doesn't know our key yet. So send it now. */ - char *pubkey = ecdsa_get_base64_public_key(&myself->connection->ecdsa); + char *pubkey = ecdsa_get_base64_public_key(myself->connection->ecdsa); if(!pubkey) return false; @@ -545,7 +683,7 @@ static bool upgrade_h(connection_t *c, const char *request) { return false; } - if(ecdsa_active(&c->ecdsa) || read_ecdsa_public_key(c)) { + if(ecdsa_active(c->ecdsa) || read_ecdsa_public_key(c)) { logger(DEBUG_ALWAYS, LOG_INFO, "Already have ECDSA public key from %s (%s), not upgrading.", c->name, c->hostname); return false; } diff --git a/src/protocol_key.c b/src/protocol_key.c index 57377b2..a3cf3f5 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -124,7 +124,7 @@ bool send_req_key(node_t *to) { static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, int reqno) { switch(reqno) { case REQ_PUBKEY: { - char *pubkey = ecdsa_get_base64_public_key(&myself->connection->ecdsa); + char *pubkey = ecdsa_get_base64_public_key(myself->connection->ecdsa); send_request(from->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, from->name, ANS_PUBKEY, pubkey); free(pubkey); return true; @@ -137,7 +137,7 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, in } char pubkey[MAX_STRING_SIZE]; - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, pubkey) != 1 || !ecdsa_set_base64_public_key(&from->ecdsa, pubkey)) { + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, pubkey) != 1 || !(from->ecdsa = ecdsa_set_base64_public_key(pubkey))) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s): %s", "ANS_PUBKEY", from->name, from->hostname, "invalid pubkey"); return true; } @@ -158,11 +158,12 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, in logger(DEBUG_ALWAYS, LOG_DEBUG, "Got REQ_KEY from %s while we already started a SPTPS session!", from->name); char buf[MAX_STRING_SIZE]; - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1) { + int len; + + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1 || !(len = b64decode(buf, buf, strlen(buf)))) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s): %s", "REQ_SPTPS_START", from->name, from->hostname, "invalid SPTPS data"); return true; } - int len = b64decode(buf, buf, strlen(buf)); char label[25 + strlen(from->name) + strlen(myself->name)]; snprintf(label, sizeof label, "tinc UDP key expansion %s %s", from->name, myself->name); @@ -182,11 +183,11 @@ static bool req_key_ext_h(connection_t *c, const char *request, node_t *from, in } char buf[MAX_STRING_SIZE]; - if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1) { + int len; + if(sscanf(request, "%*d %*s %*s %*d " MAX_STRING, buf) != 1 || !(len = b64decode(buf, buf, strlen(buf)))) { logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s): %s", "REQ_SPTPS", from->name, from->hostname, "invalid SPTPS data"); return true; } - int len = b64decode(buf, buf, strlen(buf)); sptps_receive_data(&from->sptps, buf, len); return true; } @@ -259,19 +260,24 @@ bool send_ans_key(node_t *to) { if(to->status.sptps) abort(); - size_t keylen = cipher_keylength(&myself->incipher); + size_t keylen = cipher_keylength(myself->incipher); char key[keylen * 2 + 1]; - cipher_close(&to->incipher); - digest_close(&to->indigest); + cipher_close(to->incipher); + digest_close(to->indigest); - cipher_open_by_nid(&to->incipher, cipher_get_nid(&myself->incipher)); - digest_open_by_nid(&to->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest)); + to->incipher = cipher_open_by_nid(cipher_get_nid(myself->incipher)); + to->indigest = digest_open_by_nid(digest_get_nid(myself->indigest), digest_length(myself->indigest)); to->incompression = myself->incompression; + if(!to->incipher || !to->indigest) + abort(); + randomize(key, keylen); - cipher_set_key(&to->incipher, key, false); - digest_set_key(&to->indigest, key, keylen); + if(!cipher_set_key(to->incipher, key, false)) + abort(); + if(!digest_set_key(to->indigest, key, keylen)) + abort(); bin2hex(key, key, keylen); @@ -283,9 +289,9 @@ bool send_ans_key(node_t *to) { return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY, myself->name, to->name, key, - cipher_get_nid(&to->incipher), - digest_get_nid(&to->indigest), - (int)digest_length(&to->indigest), + cipher_get_nid(to->incipher), + digest_get_nid(to->indigest), + (int)digest_length(to->indigest), to->incompression); } @@ -353,8 +359,8 @@ bool ans_key_h(connection_t *c, const char *request) { } /* Don't use key material until every check has passed. */ - cipher_close(&from->outcipher); - digest_close(&from->outdigest); + cipher_close(from->outcipher); + digest_close(from->outdigest); from->status.validkey = false; if(compression < 0 || compression > 11) { @@ -370,7 +376,7 @@ bool ans_key_h(connection_t *c, const char *request) { char buf[strlen(key)]; int len = b64decode(key, buf, strlen(key)); - if(!sptps_receive_data(&from->sptps, buf, len)) + if(!len || !sptps_receive_data(&from->sptps, buf, len)) logger(DEBUG_ALWAYS, LOG_ERR, "Error processing SPTPS data from %s (%s)", from->name, from->hostname); if(from->status.validkey) { @@ -380,7 +386,7 @@ bool ans_key_h(connection_t *c, const char *request) { update_node_udp(from, &sa); } - if(from->options & OPTION_PMTU_DISCOVERY) + if(from->options & OPTION_PMTU_DISCOVERY && !(from->options & OPTION_TCPONLY)) send_mtu_probe(from); } @@ -389,17 +395,17 @@ bool ans_key_h(connection_t *c, const char *request) { /* Check and lookup cipher and digest algorithms */ - if(!cipher_open_by_nid(&from->outcipher, cipher)) { + if(!(from->outcipher = cipher_open_by_nid(cipher))) { logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown cipher!", from->name, from->hostname); return false; } - if(!digest_open_by_nid(&from->outdigest, digest, maclength)) { + if(!(from->outdigest = digest_open_by_nid(digest, maclength))) { logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses unknown digest!", from->name, from->hostname); return false; } - if(maclength != digest_length(&from->outdigest)) { + if(maclength != digest_length(from->outdigest)) { logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses bogus MAC length!", from->name, from->hostname); return false; } @@ -408,15 +414,17 @@ bool ans_key_h(connection_t *c, const char *request) { keylen = hex2bin(key, key, sizeof key); - if(keylen != cipher_keylength(&from->outcipher)) { + if(keylen != cipher_keylength(from->outcipher)) { logger(DEBUG_ALWAYS, LOG_ERR, "Node %s (%s) uses wrong keylength!", from->name, from->hostname); return true; } /* Update our copy of the origin's packet key */ - cipher_set_key(&from->outcipher, key, true); - digest_set_key(&from->outdigest, key, keylen); + if(!cipher_set_key(from->outcipher, key, true)) + return false; + if(!digest_set_key(from->outdigest, key, keylen)) + return false; from->status.validkey = true; from->sent_seqno = 0; @@ -427,7 +435,7 @@ bool ans_key_h(connection_t *c, const char *request) { update_node_udp(from, &sa); } - if(from->options & OPTION_PMTU_DISCOVERY) + if(from->options & OPTION_PMTU_DISCOVERY && !(from->options & OPTION_TCPONLY)) send_mtu_probe(from); return true; diff --git a/src/protocol_misc.c b/src/protocol_misc.c index a4ad73d..022438e 100644 --- a/src/protocol_misc.c +++ b/src/protocol_misc.c @@ -1,7 +1,7 @@ /* protocol_misc.c -- handle the meta-protocol, miscellaneous functions Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/src/openssl/rsa.h b/src/rsa.h similarity index 55% rename from src/openssl/rsa.h rename to src/rsa.h index 9a826cb..f4290d4 100644 --- a/src/openssl/rsa.h +++ b/src/rsa.h @@ -1,6 +1,6 @@ /* rsa.h -- RSA key handling - Copyright (C) 2007-2011 Guus Sliepen + Copyright (C) 2007-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,19 +20,17 @@ #ifndef __TINC_RSA_H__ #define __TINC_RSA_H__ -#include +#ifndef __TINC_RSA_INTERNAL__ +typedef struct rsa rsa_t; +#endif -typedef RSA *rsa_t; - -extern bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e); -extern bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d); -extern bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp); -extern bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp); -extern size_t rsa_size(rsa_t *rsa); -extern bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t inlen, void *out); -extern bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t inlen, void *out); -extern bool rsa_active(rsa_t *rsa); extern void rsa_free(rsa_t *rsa); - +extern rsa_t *rsa_set_hex_public_key(char *n, char *e) __attribute__ ((__malloc__)); +extern rsa_t *rsa_set_hex_private_key(char *n, char *e, char *d) __attribute__ ((__malloc__)); +extern rsa_t *rsa_read_pem_public_key(FILE *fp) __attribute__ ((__malloc__)); +extern rsa_t *rsa_read_pem_private_key(FILE *fp) __attribute__ ((__malloc__)); +extern size_t rsa_size(rsa_t *rsa); +extern bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) __attribute__ ((__warn_unused_result__)); +extern bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) __attribute__ ((__warn_unused_result__)); #endif diff --git a/src/openssl/rsagen.h b/src/rsagen.h similarity index 70% rename from src/openssl/rsagen.h rename to src/rsagen.h index 422d156..58ce29f 100644 --- a/src/openssl/rsagen.h +++ b/src/rsagen.h @@ -1,6 +1,6 @@ /* rsagen.h -- RSA key generation and export - Copyright (C) 2008 Guus Sliepen + Copyright (C) 2008-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,8 +22,8 @@ #include "rsa.h" -extern bool rsa_generate(rsa_t *rsa, size_t bits, unsigned long exponent); -extern bool rsa_write_pem_public_key(rsa_t *rsa, FILE *fp); -extern bool rsa_write_pem_private_key(rsa_t *rsa, FILE *fp); +extern rsa_t *rsa_generate(size_t bits, unsigned long exponent) __attribute__ ((__malloc__)); +extern bool rsa_write_pem_public_key(rsa_t *rsa, FILE *fp) __attribute__ ((__warn_unused_result__)); +extern bool rsa_write_pem_private_key(rsa_t *rsa, FILE *fp) __attribute__ ((__warn_unused_result__)); #endif diff --git a/src/solaris/.deps/device.Po b/src/solaris/.deps/device.Po new file mode 100644 index 0000000..9ce06a8 --- /dev/null +++ b/src/solaris/.deps/device.Po @@ -0,0 +1 @@ +# dummy diff --git a/src/solaris/device.c b/src/solaris/device.c index c8c5cbf..21ce73f 100644 --- a/src/solaris/device.c +++ b/src/solaris/device.c @@ -19,19 +19,19 @@ */ -#include "system.h" +#include "../system.h" #include #include #include -#include "conf.h" -#include "device.h" -#include "logger.h" -#include "names.h" -#include "net.h" -#include "utils.h" -#include "xalloc.h" +#include "../conf.h" +#include "../device.h" +#include "../logger.h" +#include "../names.h" +#include "../net.h" +#include "../utils.h" +#include "../xalloc.h" #define DEFAULT_DEVICE "/dev/tun" diff --git a/src/splay_tree.c b/src/splay_tree.c index 54a46f2..bd0f06b 100644 --- a/src/splay_tree.c +++ b/src/splay_tree.c @@ -1,6 +1,6 @@ /* splay_tree.c -- splay tree and linked list convenience - Copyright (C) 2004-2012 Guus Sliepen + Copyright (C) 2004-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -238,7 +238,7 @@ static void splay_bottom_up(splay_tree_t *tree, splay_node_t *node) { splay_tree_t *splay_alloc_tree(splay_compare_t compare, splay_action_t delete) { splay_tree_t *tree; - tree = xmalloc_and_zero(sizeof(splay_tree_t)); + tree = xzalloc(sizeof(splay_tree_t)); tree->compare = compare; tree->delete = delete; @@ -250,7 +250,7 @@ void splay_free_tree(splay_tree_t *tree) { } splay_node_t *splay_alloc_node(void) { - return xmalloc_and_zero(sizeof(splay_node_t)); + return xzalloc(sizeof(splay_node_t)); } void splay_free_node(splay_tree_t *tree, splay_node_t *node) { diff --git a/src/splay_tree.h b/src/splay_tree.h index 8367ce7..5848870 100644 --- a/src/splay_tree.h +++ b/src/splay_tree.h @@ -1,6 +1,6 @@ /* splay_tree.h -- header file for splay_tree.c - Copyright (C) 2004-2012 Guus Sliepen + Copyright (C) 2004-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -64,10 +64,10 @@ typedef struct splay_tree_t { /* (De)constructors */ -extern splay_tree_t *splay_alloc_tree(splay_compare_t, splay_action_t); +extern splay_tree_t *splay_alloc_tree(splay_compare_t, splay_action_t) __attribute__ ((__malloc__)); extern void splay_free_tree(splay_tree_t *); -extern splay_node_t *splay_alloc_node(void); +extern splay_node_t *splay_alloc_node(void) __attribute__ ((__malloc__)); extern void splay_free_node(splay_tree_t *tree, splay_node_t *); /* Insertion and deletion */ diff --git a/src/sptps.c b/src/sptps.c index 8242cad..6869575 100644 --- a/src/sptps.c +++ b/src/sptps.c @@ -98,11 +98,13 @@ static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const char *data if(s->outstate) { // If first handshake has finished, encrypt and HMAC - cipher_set_counter(&s->outcipher, &seqno, sizeof seqno); - if(!cipher_counter_xor(&s->outcipher, buffer + 6, len + 1UL, buffer + 6)) + if(!cipher_set_counter(s->outcipher, &seqno, sizeof seqno)) return false; - if(!digest_create(&s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) + if(!cipher_counter_xor(s->outcipher, buffer + 6, len + 1UL, buffer + 6)) + return false; + + if(!digest_create(s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) return false; return s->send_data(s->handle, type, buffer + 2, len + 21UL); @@ -131,10 +133,10 @@ static bool send_record_priv(sptps_t *s, uint8_t type, const char *data, uint16_ if(s->outstate) { // If first handshake has finished, encrypt and HMAC - if(!cipher_counter_xor(&s->outcipher, buffer + 4, len + 3UL, buffer + 4)) + if(!cipher_counter_xor(s->outcipher, buffer + 4, len + 3UL, buffer + 4)) return false; - if(!digest_create(&s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) + if(!digest_create(s->outdigest, buffer, len + 7UL, buffer + 7UL + len)) return false; return s->send_data(s->handle, type, buffer + 4, len + 19UL); @@ -175,7 +177,7 @@ static bool send_kex(sptps_t *s) { randomize(s->mykex + 1, 32); // Create a new ECDH public key. - if(!ecdh_generate_public(&s->ecdh, s->mykex + 1 + 32)) + if(!(s->ecdh = ecdh_generate_public(s->mykex + 1 + 32))) return false; return send_record_priv(s, SPTPS_HANDSHAKE, s->mykex, 1 + 32 + keylen); @@ -184,7 +186,7 @@ static bool send_kex(sptps_t *s) { // Send a SIGnature record, containing an ECDSA signature over both KEX records. static bool send_sig(sptps_t *s) { size_t keylen = ECDH_SIZE; - size_t siglen = ecdsa_size(&s->mykey); + size_t siglen = ecdsa_size(s->mykey); // Concatenate both KEX messages, plus tag indicating if it is from the connection originator, plus label char msg[(1 + 32 + keylen) * 2 + 1 + s->labellen]; @@ -196,7 +198,7 @@ static bool send_sig(sptps_t *s) { memcpy(msg + 1 + 2 * (33 + keylen), s->label, s->labellen); // Sign the result. - if(!ecdsa_sign(&s->mykey, msg, sizeof msg, sig)) + if(!ecdsa_sign(s->mykey, msg, sizeof msg, sig)) return false; // Send the SIG exchange record. @@ -207,17 +209,16 @@ static bool send_sig(sptps_t *s) { static bool generate_key_material(sptps_t *s, const char *shared, size_t len) { // Initialise cipher and digest structures if necessary if(!s->outstate) { - bool result - = cipher_open_by_name(&s->incipher, "aes-256-ecb") - && cipher_open_by_name(&s->outcipher, "aes-256-ecb") - && digest_open_by_name(&s->indigest, "sha256", 16) - && digest_open_by_name(&s->outdigest, "sha256", 16); - if(!result) + s->incipher = cipher_open_by_name("aes-256-ecb"); + s->outcipher = cipher_open_by_name("aes-256-ecb"); + s->indigest = digest_open_by_name("sha256", 16); + s->outdigest = digest_open_by_name("sha256", 16); + if(!s->incipher || !s->outcipher || !s->indigest || !s->outdigest) return false; } // Allocate memory for key material - size_t keylen = digest_keylength(&s->indigest) + digest_keylength(&s->outdigest) + cipher_keylength(&s->incipher) + cipher_keylength(&s->outcipher); + size_t keylen = digest_keylength(s->indigest) + digest_keylength(s->outdigest) + cipher_keylength(s->incipher) + cipher_keylength(s->outcipher); s->key = realloc(s->key, keylen); if(!s->key) @@ -254,14 +255,14 @@ static bool receive_ack(sptps_t *s, const char *data, uint16_t len) { if(s->initiator) { bool result - = cipher_set_counter_key(&s->incipher, s->key) - && digest_set_key(&s->indigest, s->key + cipher_keylength(&s->incipher), digest_keylength(&s->indigest)); + = cipher_set_counter_key(s->incipher, s->key) + && digest_set_key(s->indigest, s->key + cipher_keylength(s->incipher), digest_keylength(s->indigest)); if(!result) return false; } else { bool result - = cipher_set_counter_key(&s->incipher, s->key + cipher_keylength(&s->outcipher) + digest_keylength(&s->outdigest)) - && digest_set_key(&s->indigest, s->key + cipher_keylength(&s->outcipher) + digest_keylength(&s->outdigest) + cipher_keylength(&s->incipher), digest_keylength(&s->indigest)); + = cipher_set_counter_key(s->incipher, s->key + cipher_keylength(s->outcipher) + digest_keylength(s->outdigest)) + && digest_set_key(s->indigest, s->key + cipher_keylength(s->outcipher) + digest_keylength(s->outdigest) + cipher_keylength(s->incipher), digest_keylength(s->indigest)); if(!result) return false; } @@ -296,7 +297,7 @@ static bool receive_kex(sptps_t *s, const char *data, uint16_t len) { // Receive a SIGnature record, verify it, if it passed, compute the shared secret and calculate the session keys. static bool receive_sig(sptps_t *s, const char *data, uint16_t len) { size_t keylen = ECDH_SIZE; - size_t siglen = ecdsa_size(&s->hiskey); + size_t siglen = ecdsa_size(s->hiskey); // Verify length of KEX record. if(len != siglen) @@ -311,13 +312,14 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) { memcpy(msg + 1 + 2 * (33 + keylen), s->label, s->labellen); // Verify signature. - if(!ecdsa_verify(&s->hiskey, msg, sizeof msg, data)) + if(!ecdsa_verify(s->hiskey, msg, sizeof msg, data)) return false; // Compute shared secret. char shared[ECDH_SHARED_SIZE]; - if(!ecdh_compute_shared(&s->ecdh, s->hiskex + 1 + 32, shared)) + if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared)) return false; + s->ecdh = NULL; // Generate key material from shared secret. if(!generate_key_material(s, shared, sizeof shared)) @@ -336,14 +338,14 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) { // TODO: only set new keys after ACK has been set/received if(s->initiator) { bool result - = cipher_set_counter_key(&s->outcipher, s->key + cipher_keylength(&s->incipher) + digest_keylength(&s->indigest)) - && digest_set_key(&s->outdigest, s->key + cipher_keylength(&s->incipher) + digest_keylength(&s->indigest) + cipher_keylength(&s->outcipher), digest_keylength(&s->outdigest)); + = cipher_set_counter_key(s->outcipher, s->key + cipher_keylength(s->incipher) + digest_keylength(s->indigest)) + && digest_set_key(s->outdigest, s->key + cipher_keylength(s->incipher) + digest_keylength(s->indigest) + cipher_keylength(s->outcipher), digest_keylength(s->outdigest)); if(!result) return false; } else { bool result - = cipher_set_counter_key(&s->outcipher, s->key) - && digest_set_key(&s->outdigest, s->key + cipher_keylength(&s->outcipher), digest_keylength(&s->outdigest)); + = cipher_set_counter_key(s->outcipher, s->key) + && digest_set_key(s->outdigest, s->key + cipher_keylength(s->outcipher), digest_keylength(s->outdigest)); if(!result) return false; } @@ -398,7 +400,7 @@ static bool receive_handshake(sptps_t *s, const char *data, uint16_t len) { return true; // TODO: split ACK into a VERify and ACK? default: - return error(s, EIO, "Invalid session state"); + return error(s, EIO, "Invalid session state %d", s->state); } } @@ -413,7 +415,7 @@ bool sptps_verify_datagram(sptps_t *s, const char *data, size_t len) { memcpy(buffer, &netlen, 2); memcpy(buffer + 2, data, len); - return digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14); + return digest_verify(s->indigest, buffer, len - 14, buffer + len - 14); } // Receive incoming data, datagram version. @@ -447,7 +449,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len memcpy(buffer, &netlen, 2); memcpy(buffer + 2, data, len); - if(!digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14)) + if(!digest_verify(s->indigest, buffer, len - 14, buffer + len - 14)) return error(s, EIO, "Invalid HMAC"); // Replay protection using a sliding window of configurable size. @@ -491,8 +493,9 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len // Decrypt. memcpy(&seqno, buffer + 2, 4); - cipher_set_counter(&s->incipher, &seqno, sizeof seqno); - if(!cipher_counter_xor(&s->incipher, buffer + 6, len - 4, buffer + 6)) + if(!cipher_set_counter(s->incipher, &seqno, sizeof seqno)) + return false; + if(!cipher_counter_xor(s->incipher, buffer + 6, len - 4, buffer + 6)) return false; // Append a NULL byte for safety. @@ -509,7 +512,7 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len if(!receive_handshake(s, buffer + 7, len - 21)) return false; } else { - return error(s, EIO, "Invalid record type"); + return error(s, EIO, "Invalid record type %d", type); } return true; @@ -517,6 +520,9 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len // Receive incoming data. Check if it contains a complete record, if so, handle it. bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { + if(!s->state) + return error(s, EIO, "Invalid session state zero"); + if(s->datagram) return sptps_receive_data_datagram(s, data, len); @@ -540,7 +546,7 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { // Decrypt the length bytes if(s->instate) { - if(!cipher_counter_xor(&s->incipher, s->inbuf + 4, 2, &s->reclen)) + if(!cipher_counter_xor(s->incipher, s->inbuf + 4, 2, &s->reclen)) return false; } else { memcpy(&s->reclen, s->inbuf + 4, 2); @@ -578,10 +584,10 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { // Check HMAC and decrypt. if(s->instate) { - if(!digest_verify(&s->indigest, s->inbuf, s->reclen + 7UL, s->inbuf + s->reclen + 7UL)) + if(!digest_verify(s->indigest, s->inbuf, s->reclen + 7UL, s->inbuf + s->reclen + 7UL)) return error(s, EIO, "Invalid HMAC"); - if(!cipher_counter_xor(&s->incipher, s->inbuf + 6UL, s->reclen + 1UL, s->inbuf + 6UL)) + if(!cipher_counter_xor(s->incipher, s->inbuf + 6UL, s->reclen + 1UL, s->inbuf + 6UL)) return false; } @@ -599,7 +605,7 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { if(!receive_handshake(s, s->inbuf + 7, s->reclen)) return false; } else { - return error(s, EIO, "Invalid record type"); + return error(s, EIO, "Invalid record type %d", type); } s->buflen = 4; @@ -609,7 +615,7 @@ bool sptps_receive_data(sptps_t *s, const char *data, size_t len) { } // Start a SPTPS session. -bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t mykey, ecdsa_t hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) { +bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record) { // Initialise struct sptps memset(s, 0, sizeof *s); @@ -651,11 +657,11 @@ bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_ // Stop a SPTPS session. bool sptps_stop(sptps_t *s) { // Clean up any resources. - cipher_close(&s->incipher); - cipher_close(&s->outcipher); - digest_close(&s->indigest); - digest_close(&s->outdigest); - ecdh_free(&s->ecdh); + cipher_close(s->incipher); + cipher_close(s->outcipher); + digest_close(s->indigest); + digest_close(s->outdigest); + ecdh_free(s->ecdh); free(s->inbuf); free(s->mykex); free(s->hiskex); diff --git a/src/sptps.h b/src/sptps.h index 1fead07..3a8e65f 100644 --- a/src/sptps.h +++ b/src/sptps.h @@ -35,10 +35,10 @@ #define SPTPS_CLOSE 130 // Application closed the connection // Key exchange states -#define SPTPS_KEX 0 // Waiting for the first Key EXchange record -#define SPTPS_SECONDARY_KEX 1 // Ready to receive a secondary Key EXchange record -#define SPTPS_SIG 2 // Waiting for a SIGnature record -#define SPTPS_ACK 3 // Waiting for an ACKnowledgement record +#define SPTPS_KEX 1 // Waiting for the first Key EXchange record +#define SPTPS_SECONDARY_KEX 2 // Ready to receive a secondary Key EXchange record +#define SPTPS_SIG 3 // Waiting for a SIGnature record +#define SPTPS_ACK 4 // Waiting for an ACKnowledgement record typedef bool (*send_data_t)(void *handle, uint8_t type, const char *data, size_t len); typedef bool (*receive_record_t)(void *handle, uint8_t type, const char *data, uint16_t len); @@ -53,8 +53,8 @@ typedef struct sptps { uint16_t reclen; bool instate; - cipher_t incipher; - digest_t indigest; + cipher_t *incipher; + digest_t *indigest; uint32_t inseqno; uint32_t received; unsigned int replaywin; @@ -62,13 +62,13 @@ typedef struct sptps { char *late; bool outstate; - cipher_t outcipher; - digest_t outdigest; + cipher_t *outcipher; + digest_t *outdigest; uint32_t outseqno; - ecdsa_t mykey; - ecdsa_t hiskey; - ecdh_t ecdh; + ecdsa_t *mykey; + ecdsa_t *hiskey; + ecdh_t *ecdh; char *mykex; char *hiskex; @@ -85,7 +85,7 @@ extern unsigned int sptps_replaywin; extern void sptps_log_quiet(sptps_t *s, int s_errno, const char *format, va_list ap); extern void sptps_log_stderr(sptps_t *s, int s_errno, const char *format, va_list ap); extern void (*sptps_log)(sptps_t *s, int s_errno, const char *format, va_list ap); -extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t mykey, ecdsa_t hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record); +extern bool sptps_start(sptps_t *s, void *handle, bool initiator, bool datagram, ecdsa_t *mykey, ecdsa_t *hiskey, const char *label, size_t labellen, send_data_t send_data, receive_record_t receive_record); extern bool sptps_stop(sptps_t *s); extern bool sptps_send_record(sptps_t *s, uint8_t type, const char *data, uint16_t len); extern bool sptps_receive_data(sptps_t *s, const char *data, size_t len); diff --git a/src/sptps_test.c b/src/sptps_test.c index 2a9fca0..2ce9804 100644 --- a/src/sptps_test.c +++ b/src/sptps_test.c @@ -1,6 +1,6 @@ /* sptps_test.c -- Simple Peer-to-Peer Security test program - Copyright (C) 2011-2012 Guus Sliepen , + Copyright (C) 2011-2013 Guus Sliepen , This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -31,7 +31,7 @@ bool send_meta(void *c, const char *msg , int len) { return false; } char *logfilename = NULL; struct timeval now; -ecdsa_t mykey, hiskey; +ecdsa_t *mykey, *hiskey; static bool send_data(void *handle, uint8_t type, const char *data, size_t len) { char hex[len * 2 + 1]; @@ -143,12 +143,12 @@ int main(int argc, char *argv[]) { crypto_init(); FILE *fp = fopen(argv[1], "r"); - if(!ecdsa_read_pem_private_key(&mykey, fp)) + if(!(mykey = ecdsa_read_pem_private_key(fp))) return 1; fclose(fp); fp = fopen(argv[2], "r"); - if(!ecdsa_read_pem_public_key(&hiskey, fp)) + if(!(hiskey = ecdsa_read_pem_public_key(fp))) return 1; fclose(fp); diff --git a/src/subnet.c b/src/subnet.c index 12ca03c..3b98030 100644 --- a/src/subnet.c +++ b/src/subnet.c @@ -79,7 +79,7 @@ void free_subnet_tree(splay_tree_t *subnet_tree) { /* Allocating and freeing space for subnets */ subnet_t *new_subnet(void) { - return xmalloc_and_zero(sizeof(subnet_t)); + return xzalloc(sizeof(subnet_t)); } void free_subnet(subnet_t *subnet) { @@ -204,7 +204,7 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { // Prepare environment variables to be passed to the script - char *envp[9] = {NULL}; + char *envp[10] = {NULL}; xasprintf(&envp[0], "NETNAME=%s", netname ? : ""); xasprintf(&envp[1], "DEVICE=%s", device ? : ""); xasprintf(&envp[2], "INTERFACE=%s", iface ? : ""); @@ -219,6 +219,8 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { free(address); } + xasprintf(&envp[8], "NAME=%s", myself->name); + name = up ? "subnet-up" : "subnet-down"; if(!subnet) { @@ -260,7 +262,7 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) { } } - for(int i = 0; envp[i] && i < 8; i++) + for(int i = 0; envp[i] && i < 9; i++) free(envp[i]); } diff --git a/system.h b/src/system.h similarity index 91% rename from system.h rename to src/system.h index c688622..7180b87 100644 --- a/system.h +++ b/src/system.h @@ -1,7 +1,7 @@ /* system.h -- system headers Copyright (C) 1998-2005 Ivo Timmermans - 2003-2009 Guus Sliepen + 2003-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,7 +21,7 @@ #ifndef __TINC_SYSTEM_H__ #define __TINC_SYSTEM_H__ -#include "config.h" +#include "../config.h" #include "have.h" @@ -37,7 +37,7 @@ typedef int bool; /* Other functions */ -#include "src/dropin.h" +#include "dropin.h" #ifndef HAVE_SOCKLEN_T typedef int socklen_t; diff --git a/src/tincctl.c b/src/tincctl.c index e022cdd..55e14e5 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -29,8 +29,10 @@ #include "xalloc.h" #include "protocol.h" #include "control_common.h" +#include "crypto.h" #include "ecdsagen.h" #include "info.h" +#include "invitation.h" #include "names.h" #include "rsagen.h" #include "utils.h" @@ -38,7 +40,9 @@ #include "top.h" #ifdef HAVE_MINGW -#define mkdir(a, b) mkdir(a) +#define SCRIPTEXTENSION ".bat" +#else +#define SCRIPTEXTENSION "" #endif static char **orig_argv; @@ -52,19 +56,21 @@ static bool show_version = false; static char *name = NULL; static char controlcookie[1025]; -static char *tinc_conf = NULL; -static char *hosts_dir = NULL; +char *tinc_conf = NULL; +char *hosts_dir = NULL; struct timeval now; // Horrible global variables... static int pid = 0; -static int fd = -1; -static char line[4096]; +int fd = -1; +char line[4096]; static int code; static int req; static int result; static bool force = false; -static bool tty = true; +bool tty = true; +bool confbasegiven = false; +bool netnamegiven = false; #ifdef HAVE_MINGW static struct WSAData wsa_state; @@ -72,19 +78,11 @@ static struct WSAData wsa_state; static struct option const long_options[] = { {"config", required_argument, NULL, 'c'}, - {"debug", optional_argument, NULL, 0}, - {"no-detach", no_argument, NULL, 0}, - {"mlock", no_argument, NULL, 0}, {"net", required_argument, NULL, 'n'}, {"help", no_argument, NULL, 1}, {"version", no_argument, NULL, 2}, - {"pidfile", required_argument, NULL, 5}, - {"logfile", required_argument, NULL, 0}, - {"bypass-security", no_argument, NULL, 0}, - {"chroot", no_argument, NULL, 0}, - {"user", required_argument, NULL, 0}, - {"option", required_argument, NULL, 0}, - {"force", no_argument, NULL, 6}, + {"pidfile", required_argument, NULL, 3}, + {"force", no_argument, NULL, 4}, {NULL, 0, NULL, 0} }; @@ -118,7 +116,7 @@ static void usage(bool status) { " del VARIABLE [VALUE] Remove VARIABLE [only ones with watching VALUE]\n" " start [tincd options] Start tincd.\n" " stop Stop tincd.\n" - " restart Restart tincd.\n" + " restart [tincd options] Restart tincd.\n" " reload Partially reload configuration of running tincd.\n" " pid Show PID of currently running tincd.\n" " generate-keys [bits] Generate new RSA and ECDSA public/private keypairs.\n" @@ -145,6 +143,8 @@ static void usage(bool status) { " import [--force] Import host configuration file(s) from standard input\n" " exchange [--force] Same as export followed by import\n" " exchange-all [--force] Same as export-all followed by import\n" + " invite NODE [...] Generate an invitation for NODE\n" + " join INVITATION Join a VPN using an INVITIATION\n" "\n"); printf("Report bugs to tinc@tinc-vpn.org.\n"); } @@ -154,13 +154,14 @@ static bool parse_options(int argc, char **argv) { int r; int option_index = 0; - while((r = getopt_long(argc, argv, "c:n:Dd::Lo:RU:", long_options, &option_index)) != EOF) { + while((r = getopt_long(argc, argv, "+c:n:", long_options, &option_index)) != EOF) { switch (r) { case 0: /* long option */ break; case 'c': /* config file */ confbase = xstrdup(optarg); + confbasegiven = true; break; case 'n': /* net name given */ @@ -175,11 +176,11 @@ static bool parse_options(int argc, char **argv) { show_version = true; break; - case 5: /* open control socket here */ + case 3: /* open control socket here */ pidfilename = xstrdup(optarg); break; - case 6: /* force */ + case 4: /* force */ force = true; break; @@ -210,6 +211,23 @@ static bool parse_options(int argc, char **argv) { return true; } +/* Open a file with the desired permissions, minus the umask. + Also, if we want to create an executable file, we call fchmod() + to set the executable bits. */ + +FILE *fopenmask(const char *filename, const char *mode, mode_t perms) { + mode_t mask = umask(0); + perms &= ~mask; + umask(~perms); + FILE *f = fopen(filename, mode); +#ifdef HAVE_FCHMOD + if((perms & 0444) && f) + fchmod(fileno(f), perms); +#endif + umask(mask); + return f; +} + static void disable_old_keys(const char *filename, const char *what) { char tmpfile[PATH_MAX] = ""; char buf[1024]; @@ -224,7 +242,9 @@ static void disable_old_keys(const char *filename, const char *what) { snprintf(tmpfile, sizeof tmpfile, "%s.tmp", filename); - w = fopen(tmpfile, "w"); + struct stat st = {.st_mode = 0600}; + fstat(fileno(r), &st); + w = fopenmask(tmpfile, "w", st.st_mode); while(fgets(buf, sizeof buf, r)) { if(!block && !strncmp(buf, "-----BEGIN ", 11)) { @@ -287,7 +307,7 @@ static void disable_old_keys(const char *filename, const char *what) { unlink(tmpfile); } -static FILE *ask_and_open(const char *filename, const char *what, const char *mode, bool ask) { +static FILE *ask_and_open(const char *filename, const char *what, const char *mode, bool ask, mode_t perms) { FILE *r; char *directory; char buf[PATH_MAX]; @@ -296,13 +316,11 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo /* Check stdin and stdout */ if(ask && tty) { /* Ask for a file and/or directory name. */ - fprintf(stdout, "Please enter a file to save %s to [%s]: ", - what, filename); + fprintf(stdout, "Please enter a file to save %s to [%s]: ", what, filename); fflush(stdout); if(fgets(buf, sizeof buf, stdin) == NULL) { - fprintf(stderr, "Error while reading stdin: %s\n", - strerror(errno)); + fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); return NULL; } @@ -325,13 +343,11 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo filename = buf2; } - umask(0077); /* Disallow everything for group and other */ - disable_old_keys(filename, what); /* Open it first to keep the inode busy */ - r = fopen(filename, mode); + r = fopenmask(filename, mode, perms); if(!r) { fprintf(stderr, "Error opening file `%s': %s\n", filename, strerror(errno)); @@ -346,31 +362,31 @@ static FILE *ask_and_open(const char *filename, const char *what, const char *mo them in. */ static bool ecdsa_keygen(bool ask) { - ecdsa_t key; + ecdsa_t *key; FILE *f; char *pubname, *privname; fprintf(stderr, "Generating ECDSA keypair:\n"); - if(!ecdsa_generate(&key)) { + if(!(key = ecdsa_generate())) { fprintf(stderr, "Error during key generation!\n"); return false; } else fprintf(stderr, "Done.\n"); xasprintf(&privname, "%s" SLASH "ecdsa_key.priv", confbase); - f = ask_and_open(privname, "private ECDSA key", "a", ask); + f = ask_and_open(privname, "private ECDSA key", "a", ask, 0600); free(privname); if(!f) return false; -#ifdef HAVE_FCHMOD - /* Make it unreadable for others. */ - fchmod(fileno(f), 0600); -#endif - - ecdsa_write_pem_private_key(&key, f); + if(!ecdsa_write_pem_private_key(key, f)) { + fprintf(stderr, "Error writing private key!\n"); + ecdsa_free(key); + fclose(f); + return false; + } fclose(f); @@ -379,17 +395,18 @@ static bool ecdsa_keygen(bool ask) { else xasprintf(&pubname, "%s" SLASH "ecdsa_key.pub", confbase); - f = ask_and_open(pubname, "public ECDSA key", "a", ask); + f = ask_and_open(pubname, "public ECDSA key", "a", ask, 0666); free(pubname); if(!f) return false; - char *pubkey = ecdsa_get_base64_public_key(&key); + char *pubkey = ecdsa_get_base64_public_key(key); fprintf(f, "ECDSAPublicKey = %s\n", pubkey); free(pubkey); fclose(f); + ecdsa_free(key); return true; } @@ -399,31 +416,31 @@ static bool ecdsa_keygen(bool ask) { them in. */ static bool rsa_keygen(int bits, bool ask) { - rsa_t key; + rsa_t *key; FILE *f; char *pubname, *privname; fprintf(stderr, "Generating %d bits keys:\n", bits); - if(!rsa_generate(&key, bits, 0x10001)) { + if(!(key = rsa_generate(bits, 0x10001))) { fprintf(stderr, "Error during key generation!\n"); return false; } else fprintf(stderr, "Done.\n"); xasprintf(&privname, "%s" SLASH "rsa_key.priv", confbase); - f = ask_and_open(privname, "private RSA key", "a", ask); + f = ask_and_open(privname, "private RSA key", "a", ask, 0600); free(privname); if(!f) return false; -#ifdef HAVE_FCHMOD - /* Make it unreadable for others. */ - fchmod(fileno(f), 0600); -#endif - - rsa_write_pem_private_key(&key, f); + if(!rsa_write_pem_private_key(key, f)) { + fprintf(stderr, "Error writing private key!\n"); + fclose(f); + rsa_free(key); + return false; + } fclose(f); @@ -432,25 +449,34 @@ static bool rsa_keygen(int bits, bool ask) { else xasprintf(&pubname, "%s" SLASH "rsa_key.pub", confbase); - f = ask_and_open(pubname, "public RSA key", "a", ask); + f = ask_and_open(pubname, "public RSA key", "a", ask, 0666); free(pubname); if(!f) return false; - rsa_write_pem_public_key(&key, f); + if(!rsa_write_pem_public_key(key, f)) { + fprintf(stderr, "Error writing public key!\n"); + fclose(f); + rsa_free(key); + return false; + } fclose(f); + rsa_free(key); return true; } -static char buffer[4096]; -static size_t blen = 0; +char buffer[4096]; +size_t blen = 0; bool recvline(int fd, char *line, size_t len) { char *newline = NULL; + if(!fd) + abort(); + while(!(newline = memchr(buffer, '\n', blen))) { int result = recv(fd, buffer + blen, sizeof buffer - blen, 0); if(result == -1 && errno == EINTR) @@ -473,7 +499,10 @@ bool recvline(int fd, char *line, size_t len) { return true; } -static bool recvdata(int fd, char *data, size_t len) { +bool recvdata(int fd, char *data, size_t len) { + if(len == -1) + len = blen; + while(blen < len) { int result = recv(fd, buffer + blen, sizeof buffer - blen, 0); if(result == -1 && errno == EINTR) @@ -623,7 +652,7 @@ static bool remove_service(void) { } #endif -static bool connect_tincd(bool verbose) { +bool connect_tincd(bool verbose) { if(fd >= 0) { fd_set r; FD_ZERO(&r); @@ -775,7 +804,7 @@ static int cmd_start(int argc, char *argv[]) { c = "tincd"; int nargc = 0; - char **nargv = xmalloc_and_zero((optind + argc) * sizeof *nargv); + char **nargv = xzalloc((optind + argc) * sizeof *nargv); nargv[nargc++] = c; for(int i = 1; i < optind; i++) @@ -800,8 +829,16 @@ static int cmd_start(int argc, char *argv[]) { free(nargv); - int status = -1; - if(waitpid(pid, &status, 0) != pid || !WIFEXITED(status) || WEXITSTATUS(status)) { + int status = -1, result; +#ifdef SIGINT + signal(SIGINT, SIG_IGN); +#endif + result = waitpid(pid, &status, 0); +#ifdef SIGINT + signal(SIGINT, SIG_DFL); +#endif + + if(result != pid || !WIFEXITED(status) || WEXITSTATUS(status)) { fprintf(stderr, "Error starting %s\n", c); return 1; } @@ -849,7 +886,7 @@ static int cmd_stop(int argc, char *argv[]) { } static int cmd_restart(int argc, char *argv[]) { - cmd_stop(argc, argv); + cmd_stop(1, argv); return cmd_start(argc, argv); } @@ -1165,6 +1202,13 @@ static int cmd_pcap(int argc, char *argv[]) { return 0; } +#ifdef SIGINT +static void sigint_handler(int sig) { + fprintf(stderr, "\n"); + shutdown(fd, SHUT_RDWR); +} +#endif + static int cmd_log(int argc, char *argv[]) { if(argc > 2) { fprintf(stderr, "Too many arguments!\n"); @@ -1174,7 +1218,18 @@ static int cmd_log(int argc, char *argv[]) { if(!connect_tincd(true)) return 1; +#ifdef SIGINT + signal(SIGINT, sigint_handler); +#endif + logcontrol(fd, stdout, argc > 1 ? atoi(argv[1]) : -1); + +#ifdef SIGINT + signal(SIGINT, SIG_DFL); +#endif + + close(fd); + fd = -1; return 0; } @@ -1191,14 +1246,14 @@ static int cmd_pid(int argc, char *argv[]) { return 0; } -static int rstrip(char *value) { +int rstrip(char *value) { int len = strlen(value); while(len && strchr("\t\r\n ", value[len - 1])) value[--len] = 0; return len; } -static char *get_my_name(bool verbose) { +char *get_my_name(bool verbose) { FILE *f = fopen(tinc_conf, "r"); if(!f) { if(verbose) @@ -1233,22 +1288,14 @@ static char *get_my_name(bool verbose) { return NULL; } -#define VAR_SERVER 1 /* Should be in tinc.conf */ -#define VAR_HOST 2 /* Can be in host config file */ -#define VAR_MULTIPLE 4 /* Multiple statements allowed */ -#define VAR_OBSOLETE 8 /* Should not be used anymore */ - -static struct { - const char *name; - int type; -} const variables[] = { +const var_t variables[] = { /* Server configuration */ {"AddressFamily", VAR_SERVER}, - {"AutoConnect", VAR_SERVER}, + {"AutoConnect", VAR_SERVER | VAR_SAFE}, {"BindToAddress", VAR_SERVER | VAR_MULTIPLE}, {"BindToInterface", VAR_SERVER}, - {"Broadcast", VAR_SERVER}, - {"ConnectTo", VAR_SERVER | VAR_MULTIPLE}, + {"Broadcast", VAR_SERVER | VAR_SAFE}, + {"ConnectTo", VAR_SERVER | VAR_MULTIPLE | VAR_SAFE}, {"DecrementTTL", VAR_SERVER}, {"Device", VAR_SERVER}, {"DeviceType", VAR_SERVER}, @@ -1263,9 +1310,10 @@ static struct { {"KeyExpire", VAR_SERVER}, {"LocalDiscovery", VAR_SERVER}, {"MACExpire", VAR_SERVER}, + {"MaxConnectionBurst", VAR_SERVER}, {"MaxOutputBufferSize", VAR_SERVER}, {"MaxTimeout", VAR_SERVER}, - {"Mode", VAR_SERVER}, + {"Mode", VAR_SERVER | VAR_SAFE}, {"Name", VAR_SERVER}, {"PingInterval", VAR_SERVER}, {"PingTimeout", VAR_SERVER}, @@ -1298,9 +1346,9 @@ static struct { {"Port", VAR_HOST}, {"PublicKey", VAR_HOST | VAR_OBSOLETE}, {"PublicKeyFile", VAR_SERVER | VAR_HOST | VAR_OBSOLETE}, - {"Subnet", VAR_HOST | VAR_MULTIPLE}, + {"Subnet", VAR_HOST | VAR_MULTIPLE | VAR_SAFE}, {"TCPOnly", VAR_SERVER | VAR_HOST}, - {"Weight", VAR_HOST}, + {"Weight", VAR_HOST | VAR_SAFE}, {NULL, 0} }; @@ -1373,6 +1421,7 @@ static int cmd_config(int argc, char *argv[]) { /* Some simple checks. */ bool found = false; + bool warnonremove = false; for(int i = 0; variables[i].name; i++) { if(strcasecmp(variables[i].name, variable)) @@ -1411,6 +1460,16 @@ static int cmd_config(int argc, char *argv[]) { return 1; } + /* Change "add" into "set" for variables that do not allow multiple occurences. + Turn on warnings when it seems variables might be removed unintentionally. */ + + if(action == 1 && !(variables[i].type & VAR_MULTIPLE)) { + warnonremove = true; + action = 0; + } else if(action == 0 && (variables[i].type & VAR_MULTIPLE)) { + warnonremove = true; + } + break; } @@ -1437,19 +1496,8 @@ static int cmd_config(int argc, char *argv[]) { FILE *f = fopen(filename, "r"); if(!f) { - if(action < 0 || errno != ENOENT) { - fprintf(stderr, "Could not open configuration file %s: %s\n", filename, strerror(errno)); - return 1; - } - - // If it doesn't exist, create it. - f = fopen(filename, "a+"); - if(!f) { - fprintf(stderr, "Could not create configuration file %s: %s\n", filename, strerror(errno)); - return 1; - } else { - fprintf(stderr, "Created configuration file %s.\n", filename); - } + fprintf(stderr, "Could not open configuration file %s: %s\n", filename, strerror(errno)); + return 1; } char *tmpfile = NULL; @@ -1504,9 +1552,14 @@ static int cmd_config(int argc, char *argv[]) { } // Set } else if(action == 0) { + // Warn if "set" was used for variables that can occur multiple times + if(warnonremove && strcasecmp(bvalue, value)) + fprintf(stderr, "Warning: removing %s = %s\n", variable, bvalue); + // Already set? Delete the rest... if(set) continue; + // Otherwise, replace. if(fprintf(tf, "%s = %s\n", variable, value) < 0) { fprintf(stderr, "Error writing to temporary file %s: %s\n", tmpfile, strerror(errno)); @@ -1603,6 +1656,64 @@ bool check_id(const char *name) { return true; } +static bool try_bind(int port) { + struct addrinfo *ai = NULL; + struct addrinfo hint = { + .ai_flags = AI_PASSIVE, + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + .ai_protocol = IPPROTO_TCP, + }; + + char portstr[16]; + snprintf(portstr, sizeof portstr, "%d", port); + + if(getaddrinfo(NULL, portstr, &hint, &ai) || !ai) + return false; + + while(ai) { + int fd = socket(ai->ai_family, SOCK_STREAM, IPPROTO_TCP); + if(!fd) + return false; + int result = bind(fd, ai->ai_addr, ai->ai_addrlen); + closesocket(fd); + if(result) + return false; + ai = ai->ai_next; + } + + return true; +} + +int check_port(char *name) { + if(try_bind(655)) + return 655; + + fprintf(stderr, "Warning: could not bind to port 655. "); + + for(int i = 0; i < 100; i++) { + int port = 0x1000 + (rand() & 0x7fff); + if(try_bind(port)) { + char *filename; + xasprintf(&filename, "%s" SLASH "hosts" SLASH "%s", confbase, name); + FILE *f = fopen(filename, "a"); + free(filename); + if(!f) { + fprintf(stderr, "Please change tinc's Port manually.\n"); + return 0; + } + + fprintf(f, "Port = %d\n", port); + fclose(f); + fprintf(stderr, "Tinc will instead listen on port %d.\n", port); + return port; + } + } + + fprintf(stderr, "Please change tinc's Port manually.\n"); + return 0; +} + static int cmd_init(int argc, char *argv[]) { if(!access(tinc_conf, F_OK)) { fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf); @@ -1644,17 +1755,17 @@ static int cmd_init(int argc, char *argv[]) { return 1; } - if(mkdir(confdir, 0755) && errno != EEXIST) { - fprintf(stderr, "Could not create directory %s: %s\n", CONFDIR, strerror(errno)); + if(strcmp(confdir, confbase) && mkdir(confdir, 0755) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", confdir, strerror(errno)); return 1; } - if(mkdir(confbase, 0755) && errno != EEXIST) { + if(mkdir(confbase, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); return 1; } - if(mkdir(hosts_dir, 0755) && errno != EEXIST) { + if(mkdir(hosts_dir, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", hosts_dir, strerror(errno)); return 1; } @@ -1671,16 +1782,17 @@ static int cmd_init(int argc, char *argv[]) { if(!rsa_keygen(2048, false) || !ecdsa_keygen(false)) return 1; + check_port(name); + #ifndef HAVE_MINGW char *filename; xasprintf(&filename, "%s" SLASH "tinc-up", confbase); if(access(filename, F_OK)) { - FILE *f = fopen(filename, "w"); + FILE *f = fopenmask(filename, "w", 0777); if(!f) { fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); return 1; } - fchmod(fileno(f), 0755); fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE netmask \n"); fclose(f); } @@ -2008,6 +2120,8 @@ static const struct { {"import", cmd_import}, {"exchange", cmd_exchange}, {"exchange-all", cmd_exchange_all}, + {"invite", cmd_invite}, + {"join", cmd_join}, {NULL, NULL}, }; @@ -2060,7 +2174,7 @@ static char *complete_config(const char *text, int state) { if(dot) { if((variables[i].type & VAR_HOST) && !strncasecmp(variables[i].name, dot + 1, strlen(dot + 1))) { char *match; - xasprintf(&match, "%.*s.%s", dot - text, text, variables[i].name); + xasprintf(&match, "%.*s.%s", (int)(dot - text), text, variables[i].name); return match; } } else { @@ -2256,6 +2370,9 @@ int main(int argc, char *argv[]) { return 0; } + srand(time(NULL)); + crypto_init(); + tty = isatty(0) && isatty(1); if(optind >= argc) diff --git a/src/tincctl.h b/src/tincctl.h index 114b931..e636887 100644 --- a/src/tincctl.h +++ b/src/tincctl.h @@ -1,6 +1,6 @@ /* tincctl.h -- header for tincctl.c. - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,8 +20,35 @@ #ifndef __TINC_TINCCTL_H__ #define __TINC_TINCCTL_H__ +extern bool tty; +extern char line[4096]; +extern int fd; +extern char buffer[4096]; +extern size_t blen; +extern bool confbasegiven; +extern char *tinc_conf; +extern char *hosts_dir; + +#define VAR_SERVER 1 /* Should be in tinc.conf */ +#define VAR_HOST 2 /* Can be in host config file */ +#define VAR_MULTIPLE 4 /* Multiple statements allowed */ +#define VAR_OBSOLETE 8 /* Should not be used anymore */ +#define VAR_SAFE 16 /* Variable is safe when accepting invitations */ + +typedef struct { + const char *name; + int type; +} var_t; + +extern const var_t variables[]; + +extern int rstrip(char *value); +extern char *get_my_name(bool verbose); +extern bool connect_tincd(bool verbose); extern bool sendline(int fd, char *format, ...); extern bool recvline(int fd, char *line, size_t len); +extern int check_port(char *name); +extern FILE *fopenmask(const char *filename, const char *mode, mode_t perms); #endif diff --git a/src/tincd.c b/src/tincd.c index 333a207..3d6db8b 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -167,7 +167,9 @@ static bool parse_options(int argc, char **argv) { break; #endif - case 'd': /* inc debug level */ + case 'd': /* increase debug level */ + if(!optarg && optind < argc && *argv[optind] != '-') + optarg = argv[optind++]; if(optarg) debug_level = atoi(optarg); else @@ -214,6 +216,8 @@ static bool parse_options(int argc, char **argv) { case 4: /* write log entries to a file */ use_logfile = true; + if(!optarg && optind < argc && *argv[optind] != '-') + optarg = argv[optind++]; if(optarg) logfilename = xstrdup(optarg); break; @@ -231,6 +235,12 @@ static bool parse_options(int argc, char **argv) { } } + if(optind < argc) { + fprintf(stderr, "%s: unrecognized argument '%s'\n", argv[0], argv[optind]); + usage(true); + return false; + } + if(!netname && (netname = getenv("NETNAME"))) netname = xstrdup(netname); @@ -311,7 +321,7 @@ int main(int argc, char **argv) { if(show_version) { printf("%s version %s (built %s %s, protocol %d.%d)\n", PACKAGE, VERSION, __DATE__, __TIME__, PROT_MAJOR, PROT_MINOR); - printf("Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.\n" + printf("Copyright (C) 1998-2013 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" diff --git a/src/top.c b/src/top.c index 703391c..b1ab40c 100644 --- a/src/top.c +++ b/src/top.c @@ -108,7 +108,7 @@ static void update(int fd) { found = ns; break; } else { - found = xmalloc_and_zero(sizeof *found); + found = xzalloc(sizeof *found); found->name = xstrdup(name); list_insert_before(&node_list, node, found); changed = true; @@ -117,7 +117,7 @@ static void update(int fd) { } if(!found) { - found = xmalloc_and_zero(sizeof *found); + found = xzalloc(sizeof *found); found->name = xstrdup(name); list_insert_tail(&node_list, found); changed = true; diff --git a/src/utils.c b/src/utils.c index aefec8c..edaa354 100644 --- a/src/utils.c +++ b/src/utils.c @@ -1,7 +1,7 @@ /* utils.c -- gathering of some stupid small functions Copyright (C) 1999-2005 Ivo Timmermans - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -24,7 +24,26 @@ #include "utils.h" static const char hexadecimals[] = "0123456789ABCDEF"; -static const char base64imals[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +static const char base64_original[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +static const char base64_urlsafe[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; +static const char base64_decode[256] = { + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, + -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, +}; static int charhex2bin(char c) { if(isdigit(c)) @@ -33,19 +52,6 @@ static int charhex2bin(char c) { return toupper(c) - 'A' + 10; } -static int charb64decode(char c) { - if(c >= 'a') - return c - 'a' + 26; - else if(c >= 'A') - return c - 'A'; - else if(c >= '0') - return c - '0' + 52; - else if(c == '+') - return 62; - else - return 63; -} - int hex2bin(const char *src, char *dst, int length) { int i; for(i = 0; i < length && isxdigit(src[i * 2]) && isxdigit(src[i * 2 + 1]); i++) @@ -68,8 +74,10 @@ int b64decode(const char *src, char *dst, int length) { unsigned char *udst = (unsigned char *)dst; for(i = 0; i < length / 3 * 4 && src[i]; i++) { - triplet |= charb64decode(src[i]) << (6 * (i & 3)); + triplet |= base64_decode[src[i] & 0xff] << (6 * (i & 3)); if((i & 3) == 3) { + if(triplet & 0xff000000U) + return 0; udst[0] = triplet & 0xff; triplet >>= 8; udst[1] = triplet & 0xff; triplet >>= 8; udst[2] = triplet; @@ -77,6 +85,8 @@ int b64decode(const char *src, char *dst, int length) { udst += 3; } } + if(triplet & 0xff000000U) + return 0; if((i & 3) == 3) { udst[0] = triplet & 0xff; triplet >>= 8; udst[1] = triplet & 0xff; @@ -89,7 +99,7 @@ int b64decode(const char *src, char *dst, int length) { } } -int b64encode(const char *src, char *dst, int length) { +static int b64encode_internal(const char *src, char *dst, int length, const char *alphabet) { uint32_t triplet; const unsigned char *usrc = (unsigned char *)src; int si = length / 3 * 3; @@ -98,16 +108,16 @@ int b64encode(const char *src, char *dst, int length) { switch(length % 3) { case 2: triplet = usrc[si] | usrc[si + 1] << 8; - dst[di] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 1] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 2] = base64imals[triplet]; + dst[di] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 1] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 2] = alphabet[triplet]; dst[di + 3] = 0; length = di + 2; break; case 1: triplet = usrc[si]; - dst[di] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 1] = base64imals[triplet]; + dst[di] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 1] = alphabet[triplet]; dst[di + 2] = 0; length = di + 1; break; @@ -121,15 +131,23 @@ int b64encode(const char *src, char *dst, int length) { di -= 4; si -= 3; triplet = usrc[si] | usrc[si + 1] << 8 | usrc[si + 2] << 16; - dst[di] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 1] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 2] = base64imals[triplet & 63]; triplet >>= 6; - dst[di + 3] = base64imals[triplet]; + dst[di] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 1] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 2] = alphabet[triplet & 63]; triplet >>= 6; + dst[di + 3] = alphabet[triplet]; } return length; } +int b64encode(const char *src, char *dst, int length) { + return b64encode_internal(src, dst, length, base64_original); +} + +int b64encode_urlsafe(const char *src, char *dst, int length) { + return b64encode_internal(src, dst, length, base64_urlsafe); +} + #if defined(HAVE_MINGW) || defined(HAVE_CYGWIN) #ifdef HAVE_CYGWIN #include diff --git a/src/utils.h b/src/utils.h index 04e478a..85d6bf2 100644 --- a/src/utils.h +++ b/src/utils.h @@ -1,7 +1,7 @@ /* utils.h -- header file for utils.c Copyright (C) 1999-2005 Ivo Timmermans - 2000-2011 Guus Sliepen + 2000-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,6 +25,7 @@ extern int hex2bin(const char *src, char *dst, int length); extern int bin2hex(const char *src, char *dst, int length); extern int b64encode(const char *src, char *dst, int length); +extern int b64encode_urlsafe(const char *src, char *dst, int length); extern int b64decode(const char *src, char *dst, int length); #ifdef HAVE_MINGW diff --git a/src/xalloc.h b/src/xalloc.h index 42d0d95..28960fb 100644 --- a/src/xalloc.h +++ b/src/xalloc.h @@ -1,7 +1,7 @@ /* xalloc.h -- malloc and related fuctions with out of memory checking Copyright (C) 1990, 91, 92, 93, 94, 95, 96, 97 Free Software Foundation, Inc. - Copyright (C) 2011 Guus Sliepen + Copyright (C) 2011-2013 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,6 +20,7 @@ #ifndef __TINC_XALLOC_H__ #define __TINC_XALLOC_H__ +static inline void *xmalloc(size_t n) __attribute__ ((__malloc__)); static inline void *xmalloc(size_t n) { void *p = malloc(n); if(!p) @@ -27,7 +28,8 @@ static inline void *xmalloc(size_t n) { return p; } -static inline void *xmalloc_and_zero(size_t n) { +static inline void *xzalloc(size_t n) __attribute__ ((__malloc__)); +static inline void *xzalloc(size_t n) { void *p = calloc(1, n); if(!p) abort(); @@ -41,6 +43,7 @@ static inline void *xrealloc(void *p, size_t n) { return p; } +static inline char *xstrdup(const char *s) __attribute__ ((__malloc__)); static inline char *xstrdup(const char *s) { char *p = strdup(s); if(!p) @@ -49,12 +52,21 @@ static inline char *xstrdup(const char *s) { } static inline int xvasprintf(char **strp, const char *fmt, va_list ap) { +#ifdef HAVE_MINGW + char buf[1024]; + int result = vsnprintf(buf, sizeof buf, fmt, ap); + if(result < 0) + abort(); + *strp = xstrdup(buf); +#else int result = vasprintf(strp, fmt, ap); if(result < 0) abort(); +#endif return result; } +static inline int xasprintf(char **strp, const char *fmt, ...) __attribute__ ((__format__(printf, 2, 3))); static inline int xasprintf(char **strp, const char *fmt, ...) { va_list ap; va_start(ap, fmt);