Import Upstream version 1.0.17
This commit is contained in:
parent
bb1aebd963
commit
b9a1c8df12
61 changed files with 3238 additions and 1255 deletions
2
COPYING
2
COPYING
|
@ -1,4 +1,4 @@
|
|||
Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen and others.
|
||||
Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.
|
||||
See the AUTHORS file for a complete list.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify it under
|
||||
|
|
260
ChangeLog
260
ChangeLog
|
@ -1,3 +1,263 @@
|
|||
commit 28a1501b9a8b4c730f7f965d6b2e8fc50feba261
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Mar 10 13:31:36 2012 +0100
|
||||
|
||||
Releasing 1.0.17.
|
||||
|
||||
commit 4712d8f92e63e86e835ffb624d6399343ee568ea
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Mar 10 13:23:08 2012 +0100
|
||||
|
||||
Update copyright notices.
|
||||
|
||||
commit 5b0f5ad958d6db4e73aebc5ee6c608cdae81b7b5
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Thu Mar 8 23:23:39 2012 +0100
|
||||
|
||||
Make sure disabling old RSA keys works on Windows.
|
||||
|
||||
Seeking in files and rewriting parts of them does not seem to work properly on
|
||||
Windows. Instead, when old RSA keys are found when generating new ones, the
|
||||
file containing the old keys is copied to a temporary file where the changes
|
||||
are made, and that file is renamed back to the original filename. On Windows,
|
||||
we cannot atomically replace files with a rename(), so we need to move the
|
||||
original file out of the way first. If anything fails, the new code will warn
|
||||
that the user has to solve the problem by hand.
|
||||
|
||||
commit 2f1c337c541fcb7e2c62aeeab245ff7a43eb51a5
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Thu Mar 8 22:19:20 2012 +0100
|
||||
|
||||
Add missing ICMP6 message type definitions.
|
||||
|
||||
commit 9dea33f5301119dd4423eb962956cf2d246af3f3
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Wed Mar 7 10:40:06 2012 +0100
|
||||
|
||||
Accept Subnets passed with the -o option when StrictSubnets = yes.
|
||||
|
||||
commit 63f8303a5dc1758876451a580a8317dbc3d295d6
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Fri Mar 2 16:09:58 2012 +0100
|
||||
|
||||
Only log errors sending UDP packets when debug level >= 5.
|
||||
|
||||
Since tinc will fall back to TCP or route via another node, it is not necessary
|
||||
to log such errors unconditionally.
|
||||
|
||||
commit ae5249610954af17c68c547bb1b45ad286ad647e
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Feb 26 16:23:02 2012 +0100
|
||||
|
||||
Only use broadcast at the start of the PMTU discovery phase.
|
||||
|
||||
For local peer discovery, only a handful of packets are necessary for
|
||||
peers to detect each other.
|
||||
|
||||
commit 5140656de6bcfda72951a7827b05414ce306e3ca
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 25 22:11:30 2012 +0100
|
||||
|
||||
Stricter checks against routing loops.
|
||||
|
||||
If a packet that had to be sent via an intermediate hop, and that intermediate
|
||||
hop was the one that sent the packet, we drop it.
|
||||
|
||||
commit f1d5eae643cdf537ef357f10f2da8ff83bdf32b4
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 25 21:46:18 2012 +0100
|
||||
|
||||
Don't send ICMP Time Exceeded messages for other Time Exceeded messages.
|
||||
|
||||
That would be silly.
|
||||
|
||||
commit 5a28aa7b8b0ab6237c2eab5f8b11253ea3ec5a05
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Wed Feb 22 23:17:43 2012 +0100
|
||||
|
||||
Add LocalDiscovery option which tries to detect peers on the local network.
|
||||
|
||||
Currently, this is implemented by sending IPv4 broadcast packets to the
|
||||
LAN during path MTU discovery.
|
||||
|
||||
commit 8e717ddb602f01f656369106ec0398efbe9ca4a4
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Wed Feb 22 14:37:56 2012 +0100
|
||||
|
||||
Pass index into listen_socket[] to handle_incoming_vpn_data().
|
||||
|
||||
commit 65e8e06c6dc7349b11c3c1e8f4071b51e2994c65
|
||||
Author: Nick Hibma <nick@van-laarhoven.org>
|
||||
Date: Tue Feb 21 15:26:58 2012 +0100
|
||||
|
||||
Add missing ICMP message type definitions.
|
||||
|
||||
commit ac48c4ee8c09c8144f830cb66386b9dbe7298440
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Feb 21 14:06:55 2012 +0100
|
||||
|
||||
Fix check for raw socket support.
|
||||
|
||||
Also, move some variables so there are no compiler warnings about unused
|
||||
variables when there is no support for raw sockets.
|
||||
|
||||
commit d9ad3d313d96d30ef45cd53367dff9a855a396d4
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Feb 21 13:31:21 2012 +0100
|
||||
|
||||
Fix a bug that caused tinc to ignore all but the last listening socket.
|
||||
|
||||
commit 46506b7aaf6c6a8a85561c38fdb9c95eae21aa75
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Feb 21 13:13:40 2012 +0100
|
||||
|
||||
Document the command line flag -o and provide --option as well.
|
||||
|
||||
commit 7d76e287598c8c18cadfb5818046d9dd1b0ad881
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Feb 21 11:39:21 2012 +0100
|
||||
|
||||
Move initialization of char *priority up to prevent freeing an uninitialized pointer.
|
||||
|
||||
commit 8420a0c8bde1781db04dd2436eb9d5dca5a1732a
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Feb 20 17:19:00 2012 +0100
|
||||
|
||||
Allow disabling of broadcast packets.
|
||||
|
||||
The Broadcast option can be used to cause tinc to drop all broadcast and
|
||||
multicast packets. This option might be expanded in the future to selectively
|
||||
allow only some broadcast packet types.
|
||||
|
||||
commit ea415ccc1690d6e5864a7500977b181e5c8faafe
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Feb 20 17:12:48 2012 +0100
|
||||
|
||||
Rename connection_t *broadcast to everyone.
|
||||
|
||||
commit cff5a844a3e6b494f4a4f6eb5b48a84780f2d0e5
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Feb 20 16:52:53 2012 +0100
|
||||
|
||||
Don't bind outgoing TCP sockets anymore.
|
||||
|
||||
The code introduced in commit 41a05f59ba2c3eb5caab555f096ed1b9fbe69ee3 is not
|
||||
needed anymore, since tinc has been able to handle UDP packets from a different
|
||||
source address than those of the TCP packets since 1.0.10. When using multiple
|
||||
BindToAddress statements, this code does not make sense anymore, we do want the
|
||||
kernel to choose the source address on its own.
|
||||
|
||||
commit 0233b1d710222cb09be0cbd08c1297e3ece38a9f
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Feb 20 16:34:02 2012 +0100
|
||||
|
||||
Decrement TTL of incoming packets.
|
||||
|
||||
Tinc will now, by default, decrement the TTL field of incoming IPv4 and IPv6
|
||||
packets, before forwarding them to the virtual network device or to another
|
||||
node. Packets with a TTL value of zero will be dropped, and an ICMP Time
|
||||
Exceeded message will be sent back.
|
||||
|
||||
This behaviour can be disabled using the DecrementTTL option.
|
||||
|
||||
commit 6289859ab365dc1c0d420323174418b316b14502
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Mon Feb 20 15:44:52 2012 +0100
|
||||
|
||||
Only compile raw socket code when it is supported on that platform.
|
||||
|
||||
commit d1dcdf8eb6f800704be426b1ce6f6c1a8e65ba0d
|
||||
Merge: 1b2846d 3b1fad0
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 18 14:31:08 2012 +0100
|
||||
|
||||
Merge branch 'master' of black:tinc
|
||||
|
||||
commit 3b1fad04de6bed2f284fdf3d5b27d4162aeebc8c
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 18 14:37:52 2012 +0100
|
||||
|
||||
Allow setting DeviceType to tun or tap on Linux.
|
||||
|
||||
commit 6455654d26d204cea4bbc102e5bd6550b7fff7a7
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 18 11:48:21 2012 +0100
|
||||
|
||||
Send packets back using the same socket as they were received on.
|
||||
|
||||
commit 1b2846d907adfc8472fc9da0c951c3243c7ee143
|
||||
Merge: 9f6a96a 6455654
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Feb 18 11:43:00 2012 +0100
|
||||
|
||||
Merge branch 'master' of black:tinc
|
||||
|
||||
commit 9f6a96af3939bd2de410ce346a8c8fbcf93e7c9b
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Fri Feb 17 16:25:00 2012 +0100
|
||||
|
||||
Allow multiple BindToAddress statements.
|
||||
|
||||
commit 708314df2f61675d0f54e541c9fff62ac1f433b5
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Fri Feb 17 16:13:38 2012 +0100
|
||||
|
||||
Set FD_CLOEXEC flag on all sockets.
|
||||
|
||||
Scripts called by tinc would inherit its open filedescriptors. This could
|
||||
be a problem if other long-running daemons are started from those scripts,
|
||||
if those daemons would not close all filedescriptors before going into the
|
||||
background.
|
||||
|
||||
Problem found and solution suggested by Nick Hibma.
|
||||
|
||||
commit 178e52f76ef4ba40748c13ea7e518837394d6dbc
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Dec 4 01:20:59 2011 +0100
|
||||
|
||||
Allow linking with multiple device drivers.
|
||||
|
||||
Apart from the platform specific tun/tap driver, link with the dummy and
|
||||
raw_socket devices, and optionally with support for UML and VDE devices.
|
||||
At runtime, the DeviceType option can be used to select which driver to
|
||||
use.
|
||||
|
||||
commit 5672863e59e6a114ac6b66de98254b14266c0e61
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Dec 3 21:59:47 2011 +0100
|
||||
|
||||
Fix a few small memory leaks.
|
||||
|
||||
commit 52ded09d1713b83222b56db7d29ff061aefb95e3
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Nov 27 12:13:16 2011 +0100
|
||||
|
||||
Add vde/device.c to the tarball.
|
||||
|
||||
commit 2c7c87ec75c94d0b3cca9f7a5aeba34384f77cc1
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sun Nov 27 12:12:34 2011 +0100
|
||||
|
||||
Fix compilation of VDE and UML interfaces.
|
||||
|
||||
commit ddea7a23a66b8fee4942f2ce237dcabe02e17270
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Aug 30 20:49:48 2011 +0200
|
||||
|
||||
Return false instead of void when there is an error.
|
||||
|
||||
commit e838289683c0039fac0ae6172d40b4177c17911b
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Tue Aug 30 19:56:56 2011 +0200
|
||||
|
||||
Prevent read_rsa_public_key() from returning an uninitialized RSA structure.
|
||||
|
||||
In case the config file could not be opened a new but unitialized RSA structure
|
||||
would be returned, causing a segmentation fault later on. This would only
|
||||
happen in the case that the config file could be opened before, but not when
|
||||
read_rsa_public_key() was called. This situation could occur when the --user
|
||||
option was used, and the config files were not readable by the specified user.
|
||||
|
||||
commit 0f2aa4bd8b698608876bec141c5aef1aa619730b
|
||||
Author: Guus Sliepen <guus@tinc-vpn.org>
|
||||
Date: Sat Jul 23 14:12:23 2011 +0200
|
||||
|
|
9
INSTALL
9
INSTALL
|
@ -1,8 +1,8 @@
|
|||
Installation Instructions
|
||||
*************************
|
||||
|
||||
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
|
||||
2006, 2007, 2008, 2009 Free Software Foundation, Inc.
|
||||
Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
|
||||
Inc.
|
||||
|
||||
Copying and distribution of this file, with or without modification,
|
||||
are permitted in any medium without royalty provided the copyright
|
||||
|
@ -226,6 +226,11 @@ order to use an ANSI C compiler:
|
|||
|
||||
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
|
||||
|
||||
HP-UX `make' updates targets which have the same time stamps as
|
||||
their prerequisites, which makes it generally unusable when shipped
|
||||
generated files such as `configure' are involved. Use GNU `make'
|
||||
instead.
|
||||
|
||||
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
|
||||
parse its `<wchar.h>' header file. The option `-nodtk' can be used as
|
||||
a workaround. If GNU CC is not installed, it is therefore recommended
|
||||
|
|
88
Makefile.in
88
Makefile.in
|
@ -1,9 +1,9 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.11.3 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -37,7 +37,8 @@ subdir = .
|
|||
DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
|
||||
$(srcdir)/Makefile.in $(srcdir)/config.h.in \
|
||||
$(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \
|
||||
THANKS config.guess config.sub depcomp install-sh missing
|
||||
THANKS config.guess config.sub depcomp install-sh missing \
|
||||
mkinstalldirs
|
||||
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||
am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
|
||||
$(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \
|
||||
|
@ -46,7 +47,7 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
|||
$(ACLOCAL_M4)
|
||||
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
|
||||
configure.lineno config.status.lineno
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
|
||||
CONFIG_HEADER = config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
|
@ -71,9 +72,11 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
|||
distdir = $(PACKAGE)-$(VERSION)
|
||||
top_distdir = $(distdir)
|
||||
am__remove_distdir = \
|
||||
{ test ! -d "$(distdir)" \
|
||||
|| { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
|
||||
&& rm -fr "$(distdir)"; }; }
|
||||
if test -d "$(distdir)"; then \
|
||||
find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
|
||||
&& rm -rf "$(distdir)" \
|
||||
|| { sleep 5 && rm -rf "$(distdir)"; }; \
|
||||
else :; fi
|
||||
am__relativize = \
|
||||
dir0=`pwd`; \
|
||||
sed_first='s,^\([^/]*\)/.*$$,\1,'; \
|
||||
|
@ -102,6 +105,8 @@ am__relativize = \
|
|||
DIST_ARCHIVES = $(distdir).tar.gz
|
||||
GZIP_ENV = --best
|
||||
distuninstallcheck_listfiles = find . -type f -print
|
||||
am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
|
||||
| sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
|
||||
distcleancheck_listfiles = find . -type f -print
|
||||
ACLOCAL = @ACLOCAL@
|
||||
ALLOCA = @ALLOCA@
|
||||
|
@ -210,7 +215,7 @@ all: config.h
|
|||
$(MAKE) $(AM_MAKEFLAGS) all-recursive
|
||||
|
||||
.SUFFIXES:
|
||||
am--refresh:
|
||||
am--refresh: Makefile
|
||||
@:
|
||||
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
|
||||
@for dep in $?; do \
|
||||
|
@ -246,10 +251,8 @@ $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
|
|||
$(am__aclocal_m4_deps):
|
||||
|
||||
config.h: stamp-h1
|
||||
@if test ! -f $@; then \
|
||||
rm -f stamp-h1; \
|
||||
$(MAKE) $(AM_MAKEFLAGS) stamp-h1; \
|
||||
else :; fi
|
||||
@if test ! -f $@; then rm -f stamp-h1; else :; fi
|
||||
@if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) stamp-h1; else :; fi
|
||||
|
||||
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
|
||||
@rm -f stamp-h1
|
||||
|
@ -469,7 +472,11 @@ dist-gzip: distdir
|
|||
$(am__remove_distdir)
|
||||
|
||||
dist-bzip2: distdir
|
||||
tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
|
||||
tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-lzip: distdir
|
||||
tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-lzma: distdir
|
||||
|
@ -477,7 +484,7 @@ dist-lzma: distdir
|
|||
$(am__remove_distdir)
|
||||
|
||||
dist-xz: distdir
|
||||
tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz
|
||||
tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
|
||||
$(am__remove_distdir)
|
||||
|
||||
dist-tarZ: distdir
|
||||
|
@ -508,6 +515,8 @@ distcheck: dist
|
|||
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
|
||||
*.tar.lzma*) \
|
||||
lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
|
||||
*.tar.lz*) \
|
||||
lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
|
||||
*.tar.xz*) \
|
||||
xz -dc $(distdir).tar.xz | $(am__untar) ;;\
|
||||
*.tar.Z*) \
|
||||
|
@ -527,6 +536,7 @@ distcheck: dist
|
|||
&& am__cwd=`pwd` \
|
||||
&& $(am__cd) $(distdir)/_build \
|
||||
&& ../configure --srcdir=.. --prefix="$$dc_install_base" \
|
||||
$(AM_DISTCHECK_CONFIGURE_FLAGS) \
|
||||
$(DISTCHECK_CONFIGURE_FLAGS) \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) \
|
||||
&& $(MAKE) $(AM_MAKEFLAGS) dvi \
|
||||
|
@ -555,8 +565,16 @@ distcheck: dist
|
|||
list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
|
||||
sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
|
||||
distuninstallcheck:
|
||||
@$(am__cd) '$(distuninstallcheck_dir)' \
|
||||
&& test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \
|
||||
@test -n '$(distuninstallcheck_dir)' || { \
|
||||
echo 'ERROR: trying to run $@ with an empty' \
|
||||
'$$(distuninstallcheck_dir)' >&2; \
|
||||
exit 1; \
|
||||
}; \
|
||||
$(am__cd) '$(distuninstallcheck_dir)' || { \
|
||||
echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
|
||||
exit 1; \
|
||||
}; \
|
||||
test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
|
||||
|| { echo "ERROR: files left after uninstall:" ; \
|
||||
if test -n "$(DESTDIR)"; then \
|
||||
echo " (check DESTDIR support)"; \
|
||||
|
@ -587,10 +605,15 @@ install-am: all-am
|
|||
|
||||
installcheck: installcheck-recursive
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
if test -z '$(STRIP)'; then \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
install; \
|
||||
else \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
|
||||
fi
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
@ -677,17 +700,18 @@ uninstall-am:
|
|||
.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
|
||||
all all-am am--refresh check check-am clean clean-generic \
|
||||
ctags ctags-recursive dist dist-all dist-bzip2 dist-gzip \
|
||||
dist-lzma dist-shar dist-tarZ dist-xz dist-zip distcheck \
|
||||
distclean distclean-generic distclean-hdr distclean-tags \
|
||||
distcleancheck distdir distuninstallcheck dvi dvi-am html \
|
||||
html-am info info-am install install-am install-data \
|
||||
install-data-am install-dvi install-dvi-am install-exec \
|
||||
install-exec-am install-html install-html-am install-info \
|
||||
install-info-am install-man install-pdf install-pdf-am \
|
||||
install-ps install-ps-am install-strip installcheck \
|
||||
installcheck-am installdirs installdirs-am maintainer-clean \
|
||||
maintainer-clean-generic mostlyclean mostlyclean-generic pdf \
|
||||
pdf-am ps ps-am tags tags-recursive uninstall uninstall-am
|
||||
dist-lzip dist-lzma dist-shar dist-tarZ dist-xz dist-zip \
|
||||
distcheck distclean distclean-generic distclean-hdr \
|
||||
distclean-tags distcleancheck distdir distuninstallcheck dvi \
|
||||
dvi-am html html-am info info-am install install-am \
|
||||
install-data install-data-am install-dvi install-dvi-am \
|
||||
install-exec install-exec-am install-html install-html-am \
|
||||
install-info install-info-am install-man install-pdf \
|
||||
install-pdf-am install-ps install-ps-am install-strip \
|
||||
installcheck installcheck-am installdirs installdirs-am \
|
||||
maintainer-clean maintainer-clean-generic mostlyclean \
|
||||
mostlyclean-generic pdf pdf-am ps ps-am tags tags-recursive \
|
||||
uninstall uninstall-am
|
||||
|
||||
|
||||
ChangeLog:
|
||||
|
|
17
NEWS
17
NEWS
|
@ -1,3 +1,20 @@
|
|||
Version 1.0.17 March 10 2012
|
||||
|
||||
* The DeviceType option can now be used to select dummy, raw socket, UML and
|
||||
VDE devices without needing to recompile tinc.
|
||||
|
||||
* Allow multiple BindToAddress statements.
|
||||
|
||||
* Decrement TTL value of IPv4 and IPv6 packets.
|
||||
|
||||
* Add LocalDiscovery option allowing tinc to detect peers that are behind the
|
||||
same NAT.
|
||||
|
||||
* Accept Subnets passed with the -o option when StrictSubnets = yes.
|
||||
|
||||
* Disabling old RSA keys when generating new ones now also works properly on
|
||||
Windows.
|
||||
|
||||
Version 1.0.16 July 23 2011
|
||||
|
||||
* Fixed a performance issue with TCP communication under Windows.
|
||||
|
|
6
README
6
README
|
@ -1,7 +1,7 @@
|
|||
This is the README file for tinc version 1.0.16. Installation
|
||||
This is the README file for tinc version 1.0.17. Installation
|
||||
instructions may be found in the INSTALL file.
|
||||
|
||||
tinc is Copyright (C) 1998-2011 by:
|
||||
tinc is Copyright (C) 1998-2012 by:
|
||||
|
||||
Ivo Timmermans,
|
||||
Guus Sliepen <guus@tinc-vpn.org>,
|
||||
|
@ -55,7 +55,7 @@ should be changed into "Device", and "Device" should be changed into
|
|||
Compatibility
|
||||
-------------
|
||||
|
||||
Version 1.0.16 is compatible with 1.0pre8, 1.0 and later, but not with older
|
||||
Version 1.0.17 is compatible with 1.0pre8, 1.0 and later, but not with older
|
||||
versions of tinc.
|
||||
|
||||
|
||||
|
|
1
THANKS
1
THANKS
|
@ -31,6 +31,7 @@ We would like to thank the following people for their contributions to tinc:
|
|||
* Menno Smits
|
||||
* Michael Tokarev
|
||||
* Miles Nordin
|
||||
* Nick Hibma
|
||||
* Nick Patavalis
|
||||
* Paul Littlefield
|
||||
* Robert van der Meulen
|
||||
|
|
74
aclocal.m4
vendored
74
aclocal.m4
vendored
|
@ -1,7 +1,8 @@
|
|||
# generated automatically by aclocal 1.11.1 -*- Autoconf -*-
|
||||
# generated automatically by aclocal 1.11.3 -*- Autoconf -*-
|
||||
|
||||
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
|
||||
# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
|
||||
# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,
|
||||
# Inc.
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -19,12 +20,15 @@ You have another version of autoconf. It may work, but is not guaranteed to.
|
|||
If you have problems, you may need to regenerate the build system entirely.
|
||||
To do so, use the procedure documented by the package, typically `autoreconf'.])])
|
||||
|
||||
# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 1
|
||||
|
||||
# AM_AUTOMAKE_VERSION(VERSION)
|
||||
# ----------------------------
|
||||
# Automake X.Y traces this macro to ensure aclocal.m4 has been
|
||||
|
@ -34,7 +38,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
|
|||
[am__api_version='1.11'
|
||||
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
|
||||
dnl require some minimum version. Point them to the right macro.
|
||||
m4_if([$1], [1.11.1], [],
|
||||
m4_if([$1], [1.11.3], [],
|
||||
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
|
||||
])
|
||||
|
||||
|
@ -50,19 +54,21 @@ m4_define([_AM_AUTOCONF_VERSION], [])
|
|||
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
|
||||
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
|
||||
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
|
||||
[AM_AUTOMAKE_VERSION([1.11.1])dnl
|
||||
[AM_AUTOMAKE_VERSION([1.11.3])dnl
|
||||
m4_ifndef([AC_AUTOCONF_VERSION],
|
||||
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
|
||||
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
|
||||
|
||||
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
|
||||
|
||||
# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 1
|
||||
|
||||
# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
|
||||
# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to
|
||||
# `$srcdir', `$srcdir/..', or `$srcdir/../..'.
|
||||
|
@ -144,14 +150,14 @@ AC_CONFIG_COMMANDS_PRE(
|
|||
Usually this means the macro was only invoked conditionally.]])
|
||||
fi])])
|
||||
|
||||
# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009
|
||||
# Free Software Foundation, Inc.
|
||||
# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009,
|
||||
# 2010, 2011 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 10
|
||||
# serial 12
|
||||
|
||||
# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be
|
||||
# written in clear, in which case automake, when reading aclocal.m4,
|
||||
|
@ -191,6 +197,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
|
|||
# instance it was reported that on HP-UX the gcc test will end up
|
||||
# making a dummy file named `D' -- because `-MD' means `put the output
|
||||
# in D'.
|
||||
rm -rf conftest.dir
|
||||
mkdir conftest.dir
|
||||
# Copy depcomp to subdir because otherwise we won't find it if we're
|
||||
# using a relative directory.
|
||||
|
@ -255,7 +262,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
|
|||
break
|
||||
fi
|
||||
;;
|
||||
msvisualcpp | msvcmsys)
|
||||
msvc7 | msvc7msys | msvisualcpp | msvcmsys)
|
||||
# This compiler won't grok `-c -o', but also, the minuso test has
|
||||
# not run yet. These depmodes are late enough in the game, and
|
||||
# so weak that their functioning should not be impacted.
|
||||
|
@ -320,10 +327,13 @@ AC_DEFUN([AM_DEP_TRACK],
|
|||
if test "x$enable_dependency_tracking" != xno; then
|
||||
am_depcomp="$ac_aux_dir/depcomp"
|
||||
AMDEPBACKSLASH='\'
|
||||
am__nodep='_no'
|
||||
fi
|
||||
AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
|
||||
AC_SUBST([AMDEPBACKSLASH])dnl
|
||||
_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
|
||||
AC_SUBST([am__nodep])dnl
|
||||
_AM_SUBST_NOTMAKE([am__nodep])dnl
|
||||
])
|
||||
|
||||
# Generate code to set up dependency tracking. -*- Autoconf -*-
|
||||
|
@ -545,12 +555,15 @@ for _am_header in $config_headers :; do
|
|||
done
|
||||
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
|
||||
|
||||
# Copyright (C) 2001, 2003, 2005, 2008 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2003, 2005, 2008, 2011 Free Software Foundation,
|
||||
# Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 1
|
||||
|
||||
# AM_PROG_INSTALL_SH
|
||||
# ------------------
|
||||
# Define $install_sh.
|
||||
|
@ -590,8 +603,8 @@ AC_SUBST([am__leading_dot])])
|
|||
# Add --enable-maintainer-mode option to configure. -*- Autoconf -*-
|
||||
# From Jim Meyering
|
||||
|
||||
# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008
|
||||
# Free Software Foundation, Inc.
|
||||
# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
|
@ -611,7 +624,7 @@ AC_DEFUN([AM_MAINTAINER_MODE],
|
|||
[disable], [m4_define([am_maintainer_other], [enable])],
|
||||
[m4_define([am_maintainer_other], [enable])
|
||||
m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])])
|
||||
AC_MSG_CHECKING([whether to am_maintainer_other maintainer-specific portions of Makefiles])
|
||||
AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
|
||||
dnl maintainer-mode's default is 'disable' unless 'enable' is passed
|
||||
AC_ARG_ENABLE([maintainer-mode],
|
||||
[ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful
|
||||
|
@ -722,12 +735,15 @@ else
|
|||
fi
|
||||
])
|
||||
|
||||
# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2003, 2004, 2005, 2006, 2011 Free Software Foundation,
|
||||
# Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 1
|
||||
|
||||
# AM_PROG_MKDIR_P
|
||||
# ---------------
|
||||
# Check for `mkdir -p'.
|
||||
|
@ -750,13 +766,14 @@ esac
|
|||
|
||||
# Helper functions for option handling. -*- Autoconf -*-
|
||||
|
||||
# Copyright (C) 2001, 2002, 2003, 2005, 2008 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2002, 2003, 2005, 2008, 2010 Free Software
|
||||
# Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 4
|
||||
# serial 5
|
||||
|
||||
# _AM_MANGLE_OPTION(NAME)
|
||||
# -----------------------
|
||||
|
@ -764,13 +781,13 @@ AC_DEFUN([_AM_MANGLE_OPTION],
|
|||
[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
|
||||
|
||||
# _AM_SET_OPTION(NAME)
|
||||
# ------------------------------
|
||||
# --------------------
|
||||
# Set option NAME. Presently that only means defining a flag for this option.
|
||||
AC_DEFUN([_AM_SET_OPTION],
|
||||
[m4_define(_AM_MANGLE_OPTION([$1]), 1)])
|
||||
|
||||
# _AM_SET_OPTIONS(OPTIONS)
|
||||
# ----------------------------------
|
||||
# ------------------------
|
||||
# OPTIONS is a space-separated list of Automake options.
|
||||
AC_DEFUN([_AM_SET_OPTIONS],
|
||||
[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
|
||||
|
@ -846,12 +863,14 @@ Check your system clock])
|
|||
fi
|
||||
AC_MSG_RESULT(yes)])
|
||||
|
||||
# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 1
|
||||
|
||||
# AM_PROG_INSTALL_STRIP
|
||||
# ---------------------
|
||||
# One issue with vendor `install' (even GNU) is that you can't
|
||||
|
@ -874,13 +893,13 @@ fi
|
|||
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
|
||||
AC_SUBST([INSTALL_STRIP_PROGRAM])])
|
||||
|
||||
# Copyright (C) 2006, 2008 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2006, 2008, 2010 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
||||
# serial 2
|
||||
# serial 3
|
||||
|
||||
# _AM_SUBST_NOTMAKE(VARIABLE)
|
||||
# ---------------------------
|
||||
|
@ -889,13 +908,13 @@ AC_SUBST([INSTALL_STRIP_PROGRAM])])
|
|||
AC_DEFUN([_AM_SUBST_NOTMAKE])
|
||||
|
||||
# AM_SUBST_NOTMAKE(VARIABLE)
|
||||
# ---------------------------
|
||||
# --------------------------
|
||||
# Public sister of _AM_SUBST_NOTMAKE.
|
||||
AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
|
||||
|
||||
# Check how to create a tarball. -*- Autoconf -*-
|
||||
|
||||
# Copyright (C) 2004, 2005 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
|
@ -917,10 +936,11 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
|
|||
# a tarball read from stdin.
|
||||
# $(am__untar) < result.tar
|
||||
AC_DEFUN([_AM_PROG_TAR],
|
||||
[# Always define AMTAR for backward compatibility.
|
||||
AM_MISSING_PROG([AMTAR], [tar])
|
||||
[# Always define AMTAR for backward compatibility. Yes, it's still used
|
||||
# in the wild :-( We should find a proper way to deprecate it ...
|
||||
AC_SUBST([AMTAR], ['$${TAR-tar}'])
|
||||
m4_if([$1], [v7],
|
||||
[am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'],
|
||||
[am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
|
||||
[m4_case([$1], [ustar],, [pax],,
|
||||
[m4_fatal([Unknown tar format])])
|
||||
AC_MSG_CHECKING([how to create a $1 tar archive])
|
||||
|
|
49
config.guess
vendored
49
config.guess
vendored
|
@ -2,9 +2,9 @@
|
|||
# Attempt to guess a canonical system name.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
# 2011, 2012 Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2011-05-11'
|
||||
timestamp='2012-02-10'
|
||||
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
|
@ -17,9 +17,7 @@ timestamp='2011-05-11'
|
|||
# General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
|
||||
# 02110-1301, USA.
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# As a special exception to the GNU General Public License, if you
|
||||
# distribute this file as part of a program that contains a
|
||||
|
@ -57,8 +55,8 @@ GNU config.guess ($timestamp)
|
|||
|
||||
Originally written by Per Bothner.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
|
||||
Software Foundation, Inc.
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
|
||||
Free Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -145,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
|
|||
case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
|
||||
*:NetBSD:*:*)
|
||||
# NetBSD (nbsd) targets should (where applicable) match one or
|
||||
# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
|
||||
# more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
|
||||
# *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
|
||||
# switched to ELF, *-*-netbsd* would select the old
|
||||
# object file format. This provides both forward
|
||||
|
@ -792,13 +790,12 @@ EOF
|
|||
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
|
||||
exit ;;
|
||||
*:FreeBSD:*:*)
|
||||
case ${UNAME_MACHINE} in
|
||||
pc98)
|
||||
echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
|
||||
UNAME_PROCESSOR=`/usr/bin/uname -p`
|
||||
case ${UNAME_PROCESSOR} in
|
||||
amd64)
|
||||
echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
|
||||
*)
|
||||
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
|
||||
echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
|
||||
esac
|
||||
exit ;;
|
||||
i*:CYGWIN*:*)
|
||||
|
@ -807,6 +804,9 @@ EOF
|
|||
*:MINGW*:*)
|
||||
echo ${UNAME_MACHINE}-pc-mingw32
|
||||
exit ;;
|
||||
i*:MSYS*:*)
|
||||
echo ${UNAME_MACHINE}-pc-msys
|
||||
exit ;;
|
||||
i*:windows32*:*)
|
||||
# uname -m includes "-pc" on this system.
|
||||
echo ${UNAME_MACHINE}-mingw32
|
||||
|
@ -861,6 +861,13 @@ EOF
|
|||
i*86:Minix:*:*)
|
||||
echo ${UNAME_MACHINE}-pc-minix
|
||||
exit ;;
|
||||
aarch64:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
aarch64_be:Linux:*:*)
|
||||
UNAME_MACHINE=aarch64_be
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
alpha:Linux:*:*)
|
||||
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
|
||||
EV5) UNAME_MACHINE=alphaev5 ;;
|
||||
|
@ -895,13 +902,16 @@ EOF
|
|||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
cris:Linux:*:*)
|
||||
echo cris-axis-linux-gnu
|
||||
echo ${UNAME_MACHINE}-axis-linux-gnu
|
||||
exit ;;
|
||||
crisv32:Linux:*:*)
|
||||
echo crisv32-axis-linux-gnu
|
||||
echo ${UNAME_MACHINE}-axis-linux-gnu
|
||||
exit ;;
|
||||
frv:Linux:*:*)
|
||||
echo frv-unknown-linux-gnu
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
hexagon:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
i*86:Linux:*:*)
|
||||
LIBC=gnu
|
||||
|
@ -943,7 +953,7 @@ EOF
|
|||
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
|
||||
;;
|
||||
or32:Linux:*:*)
|
||||
echo or32-unknown-linux-gnu
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
padre:Linux:*:*)
|
||||
echo sparc-unknown-linux-gnu
|
||||
|
@ -978,13 +988,13 @@ EOF
|
|||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
tile*:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-tilera-linux-gnu
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
vax:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-dec-linux-gnu
|
||||
exit ;;
|
||||
x86_64:Linux:*:*)
|
||||
echo x86_64-unknown-linux-gnu
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
xtensa*:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
|
@ -1315,6 +1325,9 @@ EOF
|
|||
i*86:AROS:*:*)
|
||||
echo ${UNAME_MACHINE}-pc-aros
|
||||
exit ;;
|
||||
x86_64:VMkernel:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-esx
|
||||
exit ;;
|
||||
esac
|
||||
|
||||
#echo '(No uname command or uname output not recognized.)' 1>&2
|
||||
|
|
12
config.h.in
12
config.h.in
|
@ -14,6 +14,12 @@
|
|||
/* Support for tunemu */
|
||||
#undef ENABLE_TUNEMU
|
||||
|
||||
/* Support for UML */
|
||||
#undef ENABLE_UML
|
||||
|
||||
/* Support for VDE */
|
||||
#undef ENABLE_VDE
|
||||
|
||||
/* Define to 1 if you have `alloca', as a function or macro. */
|
||||
#undef HAVE_ALLOCA
|
||||
|
||||
|
@ -94,6 +100,9 @@
|
|||
/* Define to 1 if you have the `socket' library (-lsocket). */
|
||||
#undef HAVE_LIBSOCKET
|
||||
|
||||
/* Define to 1 if you have the <libvdeplug_dyn.h> header file. */
|
||||
#undef HAVE_LIBVDEPLUG_DYN_H
|
||||
|
||||
/* Linux */
|
||||
#undef HAVE_LINUX
|
||||
|
||||
|
@ -158,6 +167,9 @@
|
|||
/* Define to 1 if you have the <netinet/tcp.h> header file. */
|
||||
#undef HAVE_NETINET_TCP_H
|
||||
|
||||
/* Define to 1 if you have the <netpacket/packet.h> header file. */
|
||||
#undef HAVE_NETPACKET_PACKET_H
|
||||
|
||||
/* Define to 1 if you have the <net/ethernet.h> header file. */
|
||||
#undef HAVE_NET_ETHERNET_H
|
||||
|
||||
|
|
65
config.sub
vendored
65
config.sub
vendored
|
@ -2,9 +2,9 @@
|
|||
# Configuration validation subroutine script.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
# 2011, 2012 Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2011-03-23'
|
||||
timestamp='2012-02-10'
|
||||
|
||||
# This file is (in principle) common to ALL GNU software.
|
||||
# The presence of a machine in this file suggests that SOME GNU software
|
||||
|
@ -21,9 +21,7 @@ timestamp='2011-03-23'
|
|||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
|
||||
# 02110-1301, USA.
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# As a special exception to the GNU General Public License, if you
|
||||
# distribute this file as part of a program that contains a
|
||||
|
@ -76,8 +74,8 @@ version="\
|
|||
GNU config.sub ($timestamp)
|
||||
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
|
||||
Software Foundation, Inc.
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
|
||||
Free Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -132,6 +130,10 @@ case $maybe_os in
|
|||
os=-$maybe_os
|
||||
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
|
||||
;;
|
||||
android-linux)
|
||||
os=-linux-android
|
||||
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
|
||||
;;
|
||||
*)
|
||||
basic_machine=`echo $1 | sed 's/-[^-]*$//'`
|
||||
if [ $basic_machine != $1 ]
|
||||
|
@ -247,17 +249,22 @@ case $basic_machine in
|
|||
# Some are omitted here because they have special meanings below.
|
||||
1750a | 580 \
|
||||
| a29k \
|
||||
| aarch64 | aarch64_be \
|
||||
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
|
||||
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
|
||||
| am33_2.0 \
|
||||
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
|
||||
| be32 | be64 \
|
||||
| bfin \
|
||||
| c4x | clipper \
|
||||
| d10v | d30v | dlx | dsp16xx \
|
||||
| epiphany \
|
||||
| fido | fr30 | frv \
|
||||
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
|
||||
| hexagon \
|
||||
| i370 | i860 | i960 | ia64 \
|
||||
| ip2k | iq2000 \
|
||||
| le32 | le64 \
|
||||
| lm32 \
|
||||
| m32c | m32r | m32rle | m68000 | m68k | m88k \
|
||||
| maxq | mb | microblaze | mcore | mep | metag \
|
||||
|
@ -291,7 +298,7 @@ case $basic_machine in
|
|||
| pdp10 | pdp11 | pj | pjl \
|
||||
| powerpc | powerpc64 | powerpc64le | powerpcle \
|
||||
| pyramid \
|
||||
| rx \
|
||||
| rl78 | rx \
|
||||
| score \
|
||||
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
|
||||
| sh64 | sh64le \
|
||||
|
@ -300,7 +307,7 @@ case $basic_machine in
|
|||
| spu \
|
||||
| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
|
||||
| ubicom32 \
|
||||
| v850 | v850e \
|
||||
| v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
|
||||
| we32k \
|
||||
| x86 | xc16x | xstormy16 | xtensa \
|
||||
| z8k | z80)
|
||||
|
@ -315,8 +322,7 @@ case $basic_machine in
|
|||
c6x)
|
||||
basic_machine=tic6x-unknown
|
||||
;;
|
||||
m6811 | m68hc11 | m6812 | m68hc12 | picochip)
|
||||
# Motorola 68HC11/12.
|
||||
m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip)
|
||||
basic_machine=$basic_machine-unknown
|
||||
os=-none
|
||||
;;
|
||||
|
@ -329,7 +335,10 @@ case $basic_machine in
|
|||
strongarm | thumb | xscale)
|
||||
basic_machine=arm-unknown
|
||||
;;
|
||||
|
||||
xgate)
|
||||
basic_machine=$basic_machine-unknown
|
||||
os=-none
|
||||
;;
|
||||
xscaleeb)
|
||||
basic_machine=armeb-unknown
|
||||
;;
|
||||
|
@ -352,11 +361,13 @@ case $basic_machine in
|
|||
# Recognize the basic CPU types with company name.
|
||||
580-* \
|
||||
| a29k-* \
|
||||
| aarch64-* | aarch64_be-* \
|
||||
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
|
||||
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
|
||||
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
|
||||
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
|
||||
| avr-* | avr32-* \
|
||||
| be32-* | be64-* \
|
||||
| bfin-* | bs2000-* \
|
||||
| c[123]* | c30-* | [cjt]90-* | c4x-* \
|
||||
| clipper-* | craynv-* | cydra-* \
|
||||
|
@ -365,8 +376,10 @@ case $basic_machine in
|
|||
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
|
||||
| h8300-* | h8500-* \
|
||||
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
|
||||
| hexagon-* \
|
||||
| i*86-* | i860-* | i960-* | ia64-* \
|
||||
| ip2k-* | iq2000-* \
|
||||
| le32-* | le64-* \
|
||||
| lm32-* \
|
||||
| m32c-* | m32r-* | m32rle-* \
|
||||
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
|
||||
|
@ -400,7 +413,7 @@ case $basic_machine in
|
|||
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
|
||||
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
|
||||
| pyramid-* \
|
||||
| romp-* | rs6000-* | rx-* \
|
||||
| rl78-* | romp-* | rs6000-* | rx-* \
|
||||
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
|
||||
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
|
||||
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
|
||||
|
@ -408,10 +421,11 @@ case $basic_machine in
|
|||
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
|
||||
| tahoe-* \
|
||||
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
|
||||
| tile-* | tilegx-* \
|
||||
| tile*-* \
|
||||
| tron-* \
|
||||
| ubicom32-* \
|
||||
| v850-* | v850e-* | vax-* \
|
||||
| v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
|
||||
| vax-* \
|
||||
| we32k-* \
|
||||
| x86-* | x86_64-* | xc16x-* | xps100-* \
|
||||
| xstormy16-* | xtensa*-* \
|
||||
|
@ -711,7 +725,6 @@ case $basic_machine in
|
|||
i370-ibm* | ibm*)
|
||||
basic_machine=i370-ibm
|
||||
;;
|
||||
# I'm not sure what "Sysv32" means. Should this be sysv3.2?
|
||||
i*86v32)
|
||||
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
|
||||
os=-sysv32
|
||||
|
@ -808,10 +821,18 @@ case $basic_machine in
|
|||
ms1-*)
|
||||
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
|
||||
;;
|
||||
msys)
|
||||
basic_machine=i386-pc
|
||||
os=-msys
|
||||
;;
|
||||
mvs)
|
||||
basic_machine=i370-ibm
|
||||
os=-mvs
|
||||
;;
|
||||
nacl)
|
||||
basic_machine=le32-unknown
|
||||
os=-nacl
|
||||
;;
|
||||
ncr3000)
|
||||
basic_machine=i486-ncr
|
||||
os=-sysv4
|
||||
|
@ -1120,13 +1141,8 @@ case $basic_machine in
|
|||
basic_machine=t90-cray
|
||||
os=-unicos
|
||||
;;
|
||||
# This must be matched before tile*.
|
||||
tilegx*)
|
||||
basic_machine=tilegx-unknown
|
||||
os=-linux-gnu
|
||||
;;
|
||||
tile*)
|
||||
basic_machine=tile-unknown
|
||||
basic_machine=$basic_machine-unknown
|
||||
os=-linux-gnu
|
||||
;;
|
||||
tx39)
|
||||
|
@ -1336,7 +1352,7 @@ case $os in
|
|||
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
|
||||
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
|
||||
| -chorusos* | -chorusrdb* | -cegcc* \
|
||||
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
|
||||
| -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
|
||||
| -mingw32* | -linux-gnu* | -linux-android* \
|
||||
| -linux-newlib* | -linux-uclibc* \
|
||||
| -uxpv* | -beos* | -mpeix* | -udk* \
|
||||
|
@ -1548,9 +1564,6 @@ case $basic_machine in
|
|||
;;
|
||||
m68000-sun)
|
||||
os=-sunos3
|
||||
# This also exists in the configure program, but was not the
|
||||
# default.
|
||||
# os=-sunos4
|
||||
;;
|
||||
m68*-cisco)
|
||||
os=-aout
|
||||
|
|
85
configure
vendored
85
configure
vendored
|
@ -607,6 +607,10 @@ ALLOCA
|
|||
LIBOBJS
|
||||
TUNEMU_FALSE
|
||||
TUNEMU_TRUE
|
||||
VDE_FALSE
|
||||
VDE_TRUE
|
||||
UML_FALSE
|
||||
UML_TRUE
|
||||
host_os
|
||||
host_vendor
|
||||
host_cpu
|
||||
|
@ -623,6 +627,7 @@ CPP
|
|||
am__fastdepCC_FALSE
|
||||
am__fastdepCC_TRUE
|
||||
CCDEPMODE
|
||||
am__nodep
|
||||
AMDEPBACKSLASH
|
||||
AMDEP_FALSE
|
||||
AMDEP_TRUE
|
||||
|
@ -705,6 +710,8 @@ ac_user_opts='
|
|||
enable_option_checking
|
||||
enable_maintainer_mode
|
||||
enable_dependency_tracking
|
||||
enable_uml
|
||||
enable_vde
|
||||
enable_tunemu
|
||||
with_windows2000
|
||||
enable_zlib
|
||||
|
@ -1351,6 +1358,8 @@ Optional Features:
|
|||
(and sometimes confusing) to the casual installer
|
||||
--disable-dependency-tracking speeds up one-time build
|
||||
--enable-dependency-tracking do not reject slow dependency extractors
|
||||
--enable-uml enable support for User Mode Linux
|
||||
--enable-vde enable support for Virtual Distributed Ethernet
|
||||
--enable-tunemu enable support for the tunemu driver
|
||||
--disable-zlib disable zlib compression support
|
||||
--disable-lzo disable lzo compression support
|
||||
|
@ -2731,7 +2740,7 @@ fi
|
|||
|
||||
# Define the identity of the package.
|
||||
PACKAGE=tinc
|
||||
VERSION=1.0.16
|
||||
VERSION=1.0.17
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
|
@ -2761,11 +2770,11 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
|
|||
|
||||
# We need awk for the "check" target. The system "awk" is bad on
|
||||
# some platforms.
|
||||
# Always define AMTAR for backward compatibility.
|
||||
# Always define AMTAR for backward compatibility. Yes, it's still used
|
||||
# in the wild :-( We should find a proper way to deprecate it ...
|
||||
AMTAR='$${TAR-tar}'
|
||||
|
||||
AMTAR=${AMTAR-"${am_missing_run}tar"}
|
||||
|
||||
am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'
|
||||
am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'
|
||||
|
||||
|
||||
|
||||
|
@ -2852,6 +2861,7 @@ fi
|
|||
if test "x$enable_dependency_tracking" != xno; then
|
||||
am_depcomp="$ac_aux_dir/depcomp"
|
||||
AMDEPBACKSLASH='\'
|
||||
am__nodep='_no'
|
||||
fi
|
||||
if test "x$enable_dependency_tracking" != xno; then
|
||||
AMDEP_TRUE=
|
||||
|
@ -3665,6 +3675,7 @@ else
|
|||
# instance it was reported that on HP-UX the gcc test will end up
|
||||
# making a dummy file named `D' -- because `-MD' means `put the output
|
||||
# in D'.
|
||||
rm -rf conftest.dir
|
||||
mkdir conftest.dir
|
||||
# Copy depcomp to subdir because otherwise we won't find it if we're
|
||||
# using a relative directory.
|
||||
|
@ -3724,7 +3735,7 @@ else
|
|||
break
|
||||
fi
|
||||
;;
|
||||
msvisualcpp | msvcmsys)
|
||||
msvc7 | msvc7msys | msvisualcpp | msvcmsys)
|
||||
# This compiler won't grok `-c -o', but also, the minuso test has
|
||||
# not run yet. These depmodes are late enough in the game, and
|
||||
# so weak that their functioning should not be impacted.
|
||||
|
@ -4804,6 +4815,42 @@ $as_echo "#define HAVE_MINGW 1" >>confdefs.h
|
|||
;;
|
||||
esac
|
||||
|
||||
# Check whether --enable-uml was given.
|
||||
if test "${enable_uml+set}" = set; then :
|
||||
enableval=$enable_uml;
|
||||
$as_echo "#define ENABLE_UML 1" >>confdefs.h
|
||||
|
||||
uml=true
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# Check whether --enable-vde was given.
|
||||
if test "${enable_vde+set}" = set; then :
|
||||
enableval=$enable_vde; for ac_header in libvdeplug_dyn.h
|
||||
do :
|
||||
ac_fn_c_check_header_mongrel "$LINENO" "libvdeplug_dyn.h" "ac_cv_header_libvdeplug_dyn_h" "$ac_includes_default"
|
||||
if test "x$ac_cv_header_libvdeplug_dyn_h" = xyes; then :
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define HAVE_LIBVDEPLUG_DYN_H 1
|
||||
_ACEOF
|
||||
|
||||
else
|
||||
as_fn_error $? "VDE plug header files not found." "$LINENO" 5; break
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
|
||||
$as_echo "#define ENABLE_VDE 1" >>confdefs.h
|
||||
|
||||
vde=true
|
||||
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# Check whether --enable-tunemu was given.
|
||||
if test "${enable_tunemu+set}" = set; then :
|
||||
enableval=$enable_tunemu;
|
||||
|
@ -4825,6 +4872,22 @@ $as_echo "#define WITH_WINDOWS2000 1" >>confdefs.h
|
|||
fi
|
||||
|
||||
|
||||
if test "$uml" = true; then
|
||||
UML_TRUE=
|
||||
UML_FALSE='#'
|
||||
else
|
||||
UML_TRUE='#'
|
||||
UML_FALSE=
|
||||
fi
|
||||
|
||||
if test "$vde" = true; then
|
||||
VDE_TRUE=
|
||||
VDE_FALSE='#'
|
||||
else
|
||||
VDE_TRUE='#'
|
||||
VDE_FALSE=
|
||||
fi
|
||||
|
||||
if test "$tunemu" = true; then
|
||||
TUNEMU_TRUE=
|
||||
TUNEMU_FALSE='#'
|
||||
|
@ -5054,7 +5117,7 @@ fi
|
|||
|
||||
done
|
||||
|
||||
for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h
|
||||
for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h
|
||||
do :
|
||||
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
|
||||
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\"
|
||||
|
@ -6768,6 +6831,14 @@ if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
|
|||
as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." "$LINENO" 5
|
||||
fi
|
||||
if test -z "${UML_TRUE}" && test -z "${UML_FALSE}"; then
|
||||
as_fn_error $? "conditional \"UML\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." "$LINENO" 5
|
||||
fi
|
||||
if test -z "${VDE_TRUE}" && test -z "${VDE_FALSE}"; then
|
||||
as_fn_error $? "conditional \"VDE\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." "$LINENO" 5
|
||||
fi
|
||||
if test -z "${TUNEMU_TRUE}" && test -z "${TUNEMU_FALSE}"; then
|
||||
as_fn_error $? "conditional \"TUNEMU\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." "$LINENO" 5
|
||||
|
|
21
configure.in
21
configure.in
|
@ -3,7 +3,7 @@ dnl Process this file with autoconf to produce a configure script.
|
|||
AC_PREREQ(2.61)
|
||||
AC_INIT
|
||||
AC_CONFIG_SRCDIR([src/tincd.c])
|
||||
AM_INIT_AUTOMAKE(tinc, 1.0.16)
|
||||
AM_INIT_AUTOMAKE(tinc, 1.0.17)
|
||||
AC_CONFIG_HEADERS([config.h])
|
||||
AM_MAINTAINER_MODE
|
||||
|
||||
|
@ -72,6 +72,21 @@ case $host_os in
|
|||
;;
|
||||
esac
|
||||
|
||||
AC_ARG_ENABLE(uml,
|
||||
AS_HELP_STRING([--enable-uml], [enable support for User Mode Linux]),
|
||||
[ AC_DEFINE(ENABLE_UML, 1, [Support for UML])
|
||||
uml=true
|
||||
]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(vde,
|
||||
AS_HELP_STRING([--enable-vde], [enable support for Virtual Distributed Ethernet]),
|
||||
[ AC_CHECK_HEADERS(libvdeplug_dyn.h, [], [AC_MSG_ERROR([VDE plug header files not found.]); break])
|
||||
AC_DEFINE(ENABLE_VDE, 1, [Support for VDE])
|
||||
vde=true
|
||||
]
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE(tunemu,
|
||||
AS_HELP_STRING([--enable-tunemu], [enable support for the tunemu driver]),
|
||||
[ AC_DEFINE(ENABLE_TUNEMU, 1, [Support for tunemu])
|
||||
|
@ -84,6 +99,8 @@ AC_ARG_WITH(windows2000,
|
|||
[AC_DEFINE(WITH_WINDOWS2000, 1, [Compile with support for Windows 2000])]
|
||||
)
|
||||
|
||||
AM_CONDITIONAL(UML, test "$uml" = true)
|
||||
AM_CONDITIONAL(VDE, test "$vde" = true)
|
||||
AM_CONDITIONAL(TUNEMU, test "$tunemu" = true)
|
||||
|
||||
AC_CACHE_SAVE
|
||||
|
@ -102,7 +119,7 @@ dnl We do this in multiple stages, because unlike Linux all the other operating
|
|||
|
||||
AC_HEADER_STDC
|
||||
AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h])
|
||||
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h],
|
||||
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h],
|
||||
[], [], [#include "have.h"]
|
||||
)
|
||||
AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h],
|
||||
|
|
74
depcomp
74
depcomp
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# depcomp - compile a program generating dependencies as side-effects
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
scriptversion=2011-12-04.11; # UTC
|
||||
|
||||
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free
|
||||
# Software Foundation, Inc.
|
||||
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009, 2010,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
|
@ -44,7 +44,7 @@ Environment variables:
|
|||
object Object file output by `PROGRAMS ARGS'.
|
||||
DEPDIR directory where to store dependencies.
|
||||
depfile Dependency file to output.
|
||||
tmpdepfile Temporary file to use when outputing dependencies.
|
||||
tmpdepfile Temporary file to use when outputting dependencies.
|
||||
libtool Whether libtool is used (yes/no).
|
||||
|
||||
Report bugs to <bug-automake@gnu.org>.
|
||||
|
@ -90,10 +90,18 @@ if test "$depmode" = msvcmsys; then
|
|||
# This is just like msvisualcpp but w/o cygpath translation.
|
||||
# Just convert the backslash-escaped backslashes to single forward
|
||||
# slashes to satisfy depend.m4
|
||||
cygpath_u="sed s,\\\\\\\\,/,g"
|
||||
cygpath_u='sed s,\\\\,/,g'
|
||||
depmode=msvisualcpp
|
||||
fi
|
||||
|
||||
if test "$depmode" = msvc7msys; then
|
||||
# This is just like msvc7 but w/o cygpath translation.
|
||||
# Just convert the backslash-escaped backslashes to single forward
|
||||
# slashes to satisfy depend.m4
|
||||
cygpath_u='sed s,\\\\,/,g'
|
||||
depmode=msvc7
|
||||
fi
|
||||
|
||||
case "$depmode" in
|
||||
gcc3)
|
||||
## gcc 3 implements dependency tracking that does exactly what
|
||||
|
@ -158,10 +166,12 @@ gcc)
|
|||
' < "$tmpdepfile" |
|
||||
## Some versions of gcc put a space before the `:'. On the theory
|
||||
## that the space means something, we add a space to the output as
|
||||
## well.
|
||||
## well. hp depmode also adds that space, but also prefixes the VPATH
|
||||
## to the object. Take care to not repeat it in the output.
|
||||
## Some versions of the HPUX 10.20 sed can't process this invocation
|
||||
## correctly. Breaking it into two sed invocations is a workaround.
|
||||
sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
|
||||
sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
|
||||
| sed -e 's/$/ :/' >> "$depfile"
|
||||
rm -f "$tmpdepfile"
|
||||
;;
|
||||
|
||||
|
@ -405,6 +415,52 @@ tru64)
|
|||
rm -f "$tmpdepfile"
|
||||
;;
|
||||
|
||||
msvc7)
|
||||
if test "$libtool" = yes; then
|
||||
showIncludes=-Wc,-showIncludes
|
||||
else
|
||||
showIncludes=-showIncludes
|
||||
fi
|
||||
"$@" $showIncludes > "$tmpdepfile"
|
||||
stat=$?
|
||||
grep -v '^Note: including file: ' "$tmpdepfile"
|
||||
if test "$stat" = 0; then :
|
||||
else
|
||||
rm -f "$tmpdepfile"
|
||||
exit $stat
|
||||
fi
|
||||
rm -f "$depfile"
|
||||
echo "$object : \\" > "$depfile"
|
||||
# The first sed program below extracts the file names and escapes
|
||||
# backslashes for cygpath. The second sed program outputs the file
|
||||
# name when reading, but also accumulates all include files in the
|
||||
# hold buffer in order to output them again at the end. This only
|
||||
# works with sed implementations that can handle large buffers.
|
||||
sed < "$tmpdepfile" -n '
|
||||
/^Note: including file: *\(.*\)/ {
|
||||
s//\1/
|
||||
s/\\/\\\\/g
|
||||
p
|
||||
}' | $cygpath_u | sort -u | sed -n '
|
||||
s/ /\\ /g
|
||||
s/\(.*\)/ \1 \\/p
|
||||
s/.\(.*\) \\/\1:/
|
||||
H
|
||||
$ {
|
||||
s/.*/ /
|
||||
G
|
||||
p
|
||||
}' >> "$depfile"
|
||||
rm -f "$tmpdepfile"
|
||||
;;
|
||||
|
||||
msvc7msys)
|
||||
# This case exists only to let depend.m4 do its work. It works by
|
||||
# looking at the text of this script. This case will never be run,
|
||||
# since it is checked for above.
|
||||
exit 1
|
||||
;;
|
||||
|
||||
#nosideeffect)
|
||||
# This comment above is used by automake to tell side-effect
|
||||
# dependency tracking mechanisms from slower ones.
|
||||
|
@ -503,7 +559,9 @@ makedepend)
|
|||
touch "$tmpdepfile"
|
||||
${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
|
||||
rm -f "$depfile"
|
||||
cat < "$tmpdepfile" > "$depfile"
|
||||
# makedepend may prepend the VPATH from the source file name to the object.
|
||||
# No need to regex-escape $object, excess matching of '.' is harmless.
|
||||
sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
|
||||
sed '1,2d' "$tmpdepfile" | tr ' ' '
|
||||
' | \
|
||||
## Some versions of the HPUX 10.20 sed can't process this invocation
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.11.3 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -40,7 +40,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
|
|||
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
|
||||
CONFIG_HEADER = $(top_builddir)/config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
|
@ -81,6 +81,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
|
|||
am__base_list = \
|
||||
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
|
||||
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
|
||||
am__uninstall_files_from_dir = { \
|
||||
test -z "$$files" \
|
||||
|| { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
|
||||
|| { echo " ( cd '$$dir' && rm -f" $$files ")"; \
|
||||
$(am__cd) "$$dir" && rm -f $$files; }; \
|
||||
}
|
||||
man5dir = $(mandir)/man5
|
||||
man8dir = $(mandir)/man8
|
||||
NROFF = nroff
|
||||
|
@ -408,9 +414,7 @@ uninstall-man5:
|
|||
sed -n '/\.5[a-z]*$$/p'; \
|
||||
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \
|
||||
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
|
||||
test -z "$$files" || { \
|
||||
echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \
|
||||
cd "$(DESTDIR)$(man5dir)" && rm -f $$files; }
|
||||
dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir)
|
||||
install-man8: $(man_MANS)
|
||||
@$(NORMAL_INSTALL)
|
||||
test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
|
||||
|
@ -446,9 +450,7 @@ uninstall-man8:
|
|||
sed -n '/\.8[a-z]*$$/p'; \
|
||||
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
|
||||
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
|
||||
test -z "$$files" || { \
|
||||
echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \
|
||||
cd "$(DESTDIR)$(man8dir)" && rm -f $$files; }
|
||||
dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir)
|
||||
tags: TAGS
|
||||
TAGS:
|
||||
|
||||
|
@ -519,10 +521,15 @@ install-am: all-am
|
|||
|
||||
installcheck: installcheck-am
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
if test -z '$(STRIP)'; then \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
install; \
|
||||
else \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
|
||||
fi
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
@ -582,13 +589,14 @@ install-html-am: $(HTMLS)
|
|||
for p in $$list; do \
|
||||
if test -f "$$p" || test -d "$$p"; then d=; else d="$(srcdir)/"; fi; \
|
||||
$(am__strip_dir) \
|
||||
if test -d "$$d$$p"; then \
|
||||
d2=$$d$$p; \
|
||||
if test -d "$$d2"; then \
|
||||
echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)/$$f'"; \
|
||||
$(MKDIR_P) "$(DESTDIR)$(htmldir)/$$f" || exit 1; \
|
||||
echo " $(INSTALL_DATA) '$$d$$p'/* '$(DESTDIR)$(htmldir)/$$f'"; \
|
||||
$(INSTALL_DATA) "$$d$$p"/* "$(DESTDIR)$(htmldir)/$$f" || exit $$?; \
|
||||
echo " $(INSTALL_DATA) '$$d2'/* '$(DESTDIR)$(htmldir)/$$f'"; \
|
||||
$(INSTALL_DATA) "$$d2"/* "$(DESTDIR)$(htmldir)/$$f" || exit $$?; \
|
||||
else \
|
||||
list2="$$list2 $$d$$p"; \
|
||||
list2="$$list2 $$d2"; \
|
||||
fi; \
|
||||
done; \
|
||||
test -z "$$list2" || { echo "$$list2" | $(am__base_list) | \
|
||||
|
@ -620,8 +628,13 @@ install-info-am: $(INFO_DEPS)
|
|||
echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(infodir)'"; \
|
||||
$(INSTALL_DATA) $$files "$(DESTDIR)$(infodir)" || exit $$?; done
|
||||
@$(POST_INSTALL)
|
||||
@if (install-info --version && \
|
||||
install-info --version 2>&1 | sed 1q | grep -i -v debian) >/dev/null 2>&1; then \
|
||||
@am__run_installinfo=yes; \
|
||||
case $$AM_UPDATE_INFO_DIR in \
|
||||
n|no|NO) am__run_installinfo=no;; \
|
||||
*) (install-info --version) >/dev/null 2>&1 \
|
||||
|| am__run_installinfo=no;; \
|
||||
esac; \
|
||||
if test $$am__run_installinfo = yes; then \
|
||||
list='$(INFO_DEPS)'; test -n "$(infodir)" || list=; \
|
||||
for file in $$list; do \
|
||||
relfile=`echo "$$file" | sed 's|^.*/||'`; \
|
||||
|
|
Binary file not shown.
1874
doc/texinfo.tex
1874
doc/texinfo.tex
File diff suppressed because it is too large
Load diff
|
@ -133,7 +133,10 @@ IPv6 listening sockets will be created.
|
|||
If your computer has more than one IPv4 or IPv6 address,
|
||||
.Nm tinc
|
||||
will by default listen on all of them for incoming connections.
|
||||
It is possible to bind only to a single address with this variable.
|
||||
Multiple
|
||||
.Va BindToAddress
|
||||
variables may be specified,
|
||||
in which case listening sockets for each specified address are made.
|
||||
|
||||
.Pp
|
||||
This option may not work on all platforms.
|
||||
|
@ -147,6 +150,9 @@ It is possible to bind only to a single interface with this variable.
|
|||
.Pp
|
||||
This option may not work on all platforms.
|
||||
|
||||
.It Va Broadcast Li = yes | no Po yes Pc Bq experimental
|
||||
When disabled, tinc will drop all broadcast and multicast packets, in both router and switch mode.
|
||||
|
||||
.It Va ConnectTo Li = Ar name
|
||||
Specifies which other tinc daemon to connect to on startup.
|
||||
Multiple
|
||||
|
@ -165,6 +171,14 @@ If you don't specify a host with
|
|||
won't try to connect to other daemons at all,
|
||||
and will instead just listen for incoming connections.
|
||||
|
||||
.It Va DecrementTTL Li = yes | no Po yes Pc
|
||||
When enabled,
|
||||
.Nm tinc
|
||||
will decrement the Time To Live field in IPv4 packets, or the Hop Limit field in IPv6 packets,
|
||||
before forwarding a received packet to the virtual network device or to another node,
|
||||
and will drop packets that have a TTL value of zero,
|
||||
in which case it will send an ICMP Time Exceeded packet back.
|
||||
|
||||
.It Va Device Li = Ar device Po Pa /dev/tap0 , Pa /dev/net/tun No or other depending on platform Pc
|
||||
The virtual network device to use.
|
||||
.Nm tinc
|
||||
|
@ -177,30 +191,65 @@ instead of
|
|||
The info pages of the tinc package contain more information
|
||||
about configuring the virtual network device.
|
||||
|
||||
.It Va DeviceType Li = tun | tunnohead | tunifhead | tap Po only supported on BSD platforms Pc
|
||||
.It Va DeviceType Li = Ar type Pq platform dependent
|
||||
The type of the virtual network device.
|
||||
Tinc will normally automatically select the right type, and this option should not be used.
|
||||
However, in case tinc does not seem to correctly interpret packets received from the virtual network device,
|
||||
using this option might help.
|
||||
Tinc will normally automatically select the right type of tun/tap interface, and this option should not be used.
|
||||
However, this option can be used to select one of the special interface types, if support for them is compiled in.
|
||||
.Bl -tag -width indent
|
||||
|
||||
.It tun
|
||||
.It dummy
|
||||
Use a dummy interface.
|
||||
No packets are ever read or written to a virtual network device.
|
||||
Useful for testing, or when setting up a node that only forwards packets for other nodes.
|
||||
|
||||
.It raw_socket
|
||||
Open a raw socket, and bind it to a pre-existing
|
||||
.Va Interface
|
||||
(eth0 by default).
|
||||
All packets are read from this interface.
|
||||
Packets received for the local node are written to the raw socket.
|
||||
However, at least on Linux, the operating system does not process IP packets destined for the local host.
|
||||
|
||||
.It uml Pq not compiled in by default
|
||||
Create a UNIX socket with the filename specified by
|
||||
.Va Device ,
|
||||
or
|
||||
.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
|
||||
if not specified.
|
||||
.Nm tinc
|
||||
will wait for a User Mode Linux instance to connect to this socket.
|
||||
|
||||
.It vde Pq not compiled in by default
|
||||
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
|
||||
using the UNIX socket specified by
|
||||
.Va Device ,
|
||||
or
|
||||
.Pa @localstatedir@/run/vde.ctl
|
||||
if not specified.
|
||||
.El
|
||||
|
||||
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
|
||||
it can be used to change the way packets are interpreted:
|
||||
|
||||
.Bl -tag -width indent
|
||||
|
||||
.It tun Pq BSD and Linux
|
||||
Set type to tun.
|
||||
Depending on the platform, this can either be with or without an address family header (see below).
|
||||
|
||||
.It tunnohead
|
||||
.It tunnohead Pq BSD
|
||||
Set type to tun without an address family header.
|
||||
Tinc will expect packets read from the virtual network device to start with an IP header.
|
||||
On some platforms IPv6 packets cannot be read from or written to the device in this mode.
|
||||
|
||||
.It tunifhead
|
||||
.It tunifhead Pq BSD
|
||||
Set type to tun with an address family header.
|
||||
Tinc will expect packets read from the virtual network device
|
||||
to start with a four byte header containing the address family,
|
||||
followed by an IP header.
|
||||
This mode should support both IPv4 and IPv6 packets.
|
||||
|
||||
.It tap
|
||||
.It tap Pq BSD and Linux
|
||||
Set type to tap.
|
||||
Tinc will expect packets read from the virtual network device
|
||||
to start with an Ethernet header.
|
||||
|
@ -271,6 +320,18 @@ This option controls the period the encryption keys used to encrypt the data are
|
|||
It is common practice to change keys at regular intervals to make it even harder for crackers,
|
||||
even though it is thought to be nearly impossible to crack a single key.
|
||||
|
||||
.It Va LocalDiscovery Li = yes | no Po no Pc Bq experimental
|
||||
When enabled,
|
||||
.Nm tinc
|
||||
will try to detect peers that are on the same local network.
|
||||
This will allow direct communication using LAN addresses, even if both peers are behind a NAT
|
||||
and they only ConnectTo a third node outside the NAT,
|
||||
which normally would prevent the peers from learning each other's LAN address.
|
||||
|
||||
.Pp
|
||||
Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
|
||||
This feature may not work in all possible situations.
|
||||
|
||||
.It Va MACExpire Li = Ar seconds Pq 600
|
||||
This option controls the amount of time MAC addresses are kept before they are removed.
|
||||
This only has effect when
|
||||
|
|
212
doc/tinc.info
212
doc/tinc.info
|
@ -5,10 +5,10 @@ START-INFO-DIR-ENTRY
|
|||
* tinc: (tinc). The tinc Manual.
|
||||
END-INFO-DIR-ENTRY
|
||||
|
||||
This is the info manual for tinc version 1.0.15, a Virtual Private
|
||||
This is the info manual for tinc version 1.0.17, a Virtual Private
|
||||
Network daemon.
|
||||
|
||||
Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen
|
||||
Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen
|
||||
<guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>.
|
||||
|
||||
Permission is granted to make and distribute verbatim copies of this
|
||||
|
@ -686,8 +686,9 @@ AddressFamily = <ipv4|ipv6|any> (any)
|
|||
|
||||
BindToAddress = <ADDRESS> [experimental]
|
||||
If your computer has more than one IPv4 or IPv6 address, tinc will
|
||||
by default listen on all of them for incoming connections. It is
|
||||
possible to bind only to a single address with this variable.
|
||||
by default listen on all of them for incoming connections.
|
||||
Multiple BindToAddress variables may be specified, in which case
|
||||
listening sockets for each specified address are made.
|
||||
|
||||
This option may not work on all platforms.
|
||||
|
||||
|
@ -699,6 +700,10 @@ BindToInterface = <INTERFACE> [experimental]
|
|||
|
||||
This option may not work on all platforms.
|
||||
|
||||
Broadcast = <yes | no> (yes) [experimental]
|
||||
When disabled, tinc will drop all broadcast and multicast packets,
|
||||
in both router and switch mode.
|
||||
|
||||
ConnectTo = <NAME>
|
||||
Specifies which other tinc daemon to connect to on startup.
|
||||
Multiple ConnectTo variables may be specified, in which case
|
||||
|
@ -710,6 +715,13 @@ ConnectTo = <NAME>
|
|||
connect to other daemons at all, and will instead just listen for
|
||||
incoming connections.
|
||||
|
||||
DecrementTTL = <yes | no> (yes)
|
||||
When enabled, tinc will decrement the Time To Live field in IPv4
|
||||
packets, or the Hop Limit field in IPv6 packets, before forwarding
|
||||
a received packet to the virtual network device or to another node,
|
||||
and will drop packets that have a TTL value of zero, in which case
|
||||
it will send an ICMP Time Exceeded packet back.
|
||||
|
||||
Device = <DEVICE> (`/dev/tap0', `/dev/net/tun' or other depending on platform)
|
||||
The virtual network device to use. Tinc will automatically detect
|
||||
what kind of device it is. Note that you can only use one device
|
||||
|
@ -717,31 +729,57 @@ Device = <DEVICE> (`/dev/tap0', `/dev/net/tun' or other depending on platform)
|
|||
that you can only use one device per daemon. See also *note
|
||||
Device files::.
|
||||
|
||||
DeviceType = <tun|tunnohead|tunifhead|tap> (only supported on BSD platforms)
|
||||
DeviceType = <TYPE> (platform dependent)
|
||||
The type of the virtual network device. Tinc will normally
|
||||
automatically select the right type, and this option should not be
|
||||
used. However, in case tinc does not seem to correctly interpret
|
||||
packets received from the virtual network device, using this
|
||||
option might help.
|
||||
automatically select the right type of tun/tap interface, and this
|
||||
option should not be used. However, this option can be used to
|
||||
select one of the special interface types, if support for them is
|
||||
compiled in.
|
||||
|
||||
tun
|
||||
dummy
|
||||
Use a dummy interface. No packets are ever read or written
|
||||
to a virtual network device. Useful for testing, or when
|
||||
setting up a node that only forwards packets for other nodes.
|
||||
|
||||
raw_socket
|
||||
Open a raw socket, and bind it to a pre-existing INTERFACE
|
||||
(eth0 by default). All packets are read from this interface.
|
||||
Packets received for the local node are written to the raw
|
||||
socket. However, at least on Linux, the operating system
|
||||
does not process IP packets destined for the local host.
|
||||
|
||||
uml (not compiled in by default)
|
||||
Create a UNIX socket with the filename specified by DEVICE,
|
||||
or `/var/run/NETNAME.umlsocket' if not specified. Tinc will
|
||||
wait for a User Mode Linux instance to connect to this socket.
|
||||
|
||||
vde (not compiled in by default)
|
||||
Uses the libvdeplug library to connect to a Virtual
|
||||
Distributed Ethernet switch, using the UNIX socket specified
|
||||
by DEVICE, or `/var/run/vde.ctl' if not specified.
|
||||
|
||||
Also, in case tinc does not seem to correctly interpret packets
|
||||
received from the virtual network device, it can be used to change
|
||||
the way packets are interpreted:
|
||||
|
||||
tun (BSD and Linux)
|
||||
Set type to tun. Depending on the platform, this can either
|
||||
be with or without an address family header (see below).
|
||||
|
||||
tunnohead
|
||||
tunnohead (BSD)
|
||||
Set type to tun without an address family header. Tinc will
|
||||
expect packets read from the virtual network device to start
|
||||
with an IP header. On some platforms IPv6 packets cannot be
|
||||
read from or written to the device in this mode.
|
||||
|
||||
tunifhead
|
||||
tunifhead (BSD)
|
||||
Set type to tun with an address family header. Tinc will
|
||||
expect packets read from the virtual network device to start
|
||||
with a four byte header containing the address family,
|
||||
followed by an IP header. This mode should support both IPv4
|
||||
and IPv6 packets.
|
||||
|
||||
tap
|
||||
tap (BSD and Linux)
|
||||
Set type to tap. Tinc will expect packets read from the
|
||||
virtual network device to start with an Ethernet header.
|
||||
|
||||
|
@ -798,6 +836,17 @@ Interface = <INTERFACE>
|
|||
interface will be used. If you specified a Device, this variable
|
||||
is almost always already correctly set.
|
||||
|
||||
LocalDiscovery = <yes | no> (no) [experimental]
|
||||
When enabled, tinc will try to detect peers that are on the same
|
||||
local network. This will allow direct communication using LAN
|
||||
addresses, even if both peers are behind a NAT and they only
|
||||
ConnectTo a third node outside the NAT, which normally would
|
||||
prevent the peers from learning each other's LAN address.
|
||||
|
||||
Currently, local discovery is implemented by sending broadcast
|
||||
packets to the LAN during path MTU discovery. This feature may
|
||||
not work in all possible situations.
|
||||
|
||||
Mode = <router|switch|hub> (router)
|
||||
This option selects the way packets are routed to other daemons.
|
||||
|
||||
|
@ -1443,6 +1492,13 @@ command line options.
|
|||
(you can use the -c or -n option in combination with -K). After
|
||||
that, tinc will quit.
|
||||
|
||||
`-o, --option=[HOST.]KEY=VALUE'
|
||||
Without specifying a HOST, this will set server configuration
|
||||
variable KEY to VALUE. If specified as HOST.KEY=VALUE, this will
|
||||
set the host configuration variable KEY of the host named HOST to
|
||||
VALUE. This option can be used more than once to specify multiple
|
||||
configuration variables.
|
||||
|
||||
`-L, --mlock'
|
||||
Lock tinc into main memory. This will prevent sensitive data like
|
||||
shared private keys to be written to the system swap
|
||||
|
@ -2290,7 +2346,9 @@ Concept Index
|
|||
* BindToAddress: Main configuration variables.
|
||||
(line 12)
|
||||
* BindToInterface: Main configuration variables.
|
||||
(line 19)
|
||||
(line 20)
|
||||
* Broadcast: Main configuration variables.
|
||||
(line 28)
|
||||
* Cabal: Security. (line 6)
|
||||
* CHAL_REPLY: Authentication protocol.
|
||||
(line 10)
|
||||
|
@ -2309,23 +2367,27 @@ Concept Index
|
|||
(line 24)
|
||||
* connection: The connection. (line 6)
|
||||
* ConnectTo: Main configuration variables.
|
||||
(line 27)
|
||||
(line 32)
|
||||
* daemon: Running tinc. (line 11)
|
||||
* data-protocol: The meta-connection. (line 18)
|
||||
* debug level: Runtime options. (line 17)
|
||||
* debug levels: Debug levels. (line 6)
|
||||
* DecrementTTL: Main configuration variables.
|
||||
(line 43)
|
||||
* DEL_EDGE: The meta-protocol. (line 47)
|
||||
* DEL_SUBNET: The meta-protocol. (line 47)
|
||||
* DEVICE: Scripts. (line 55)
|
||||
* Device: Main configuration variables.
|
||||
(line 38)
|
||||
(line 50)
|
||||
* device files: Device files. (line 6)
|
||||
* DeviceType: Main configuration variables.
|
||||
(line 45)
|
||||
(line 57)
|
||||
* Digest: Host configuration variables.
|
||||
(line 29)
|
||||
* DirectOnly: Main configuration variables.
|
||||
(line 73)
|
||||
(line 111)
|
||||
* dummy: Main configuration variables.
|
||||
(line 64)
|
||||
* encapsulating: The UDP tunnel. (line 30)
|
||||
* encryption: Encryption of network packets.
|
||||
(line 6)
|
||||
|
@ -2333,42 +2395,44 @@ Concept Index
|
|||
* example: Example configuration.
|
||||
(line 6)
|
||||
* Forwarding: Main configuration variables.
|
||||
(line 80)
|
||||
(line 118)
|
||||
* frame type: The UDP tunnel. (line 6)
|
||||
* GraphDumpFile: Main configuration variables.
|
||||
(line 100)
|
||||
(line 138)
|
||||
* Hostnames: Main configuration variables.
|
||||
(line 108)
|
||||
(line 146)
|
||||
* hub: Main configuration variables.
|
||||
(line 149)
|
||||
(line 198)
|
||||
* ID: Authentication protocol.
|
||||
(line 10)
|
||||
* IndirectData: Host configuration variables.
|
||||
(line 34)
|
||||
* INTERFACE: Scripts. (line 58)
|
||||
* Interface: Main configuration variables.
|
||||
(line 118)
|
||||
(line 156)
|
||||
* IRC: Contact information. (line 9)
|
||||
* key generation: Generating keypairs. (line 6)
|
||||
* KEY_CHANGED: The meta-protocol. (line 64)
|
||||
* KeyExpire: Main configuration variables.
|
||||
(line 154)
|
||||
(line 203)
|
||||
* libraries: Libraries. (line 6)
|
||||
* license: OpenSSL. (line 36)
|
||||
* LocalDiscovery: Main configuration variables.
|
||||
(line 164)
|
||||
* lzo: lzo. (line 6)
|
||||
* MACExpire: Main configuration variables.
|
||||
(line 160)
|
||||
(line 209)
|
||||
* MACLength: Host configuration variables.
|
||||
(line 42)
|
||||
* meta-protocol: The meta-connection. (line 18)
|
||||
* META_KEY: Authentication protocol.
|
||||
(line 10)
|
||||
* Mode: Main configuration variables.
|
||||
(line 126)
|
||||
(line 175)
|
||||
* multiple networks: Multiple networks. (line 6)
|
||||
* NAME: Scripts. (line 52)
|
||||
* Name: Main configuration variables.
|
||||
(line 165)
|
||||
(line 214)
|
||||
* netmask: Network interfaces. (line 34)
|
||||
* NETNAME: Scripts. (line 49)
|
||||
* netname: Multiple networks. (line 6)
|
||||
|
@ -2381,9 +2445,9 @@ Concept Index
|
|||
(line 67)
|
||||
* PING: The meta-protocol. (line 89)
|
||||
* PingInterval: Main configuration variables.
|
||||
(line 170)
|
||||
(line 219)
|
||||
* PingTimeout: Main configuration variables.
|
||||
(line 174)
|
||||
(line 223)
|
||||
* platforms: Supported platforms. (line 6)
|
||||
* PMTU: Host configuration variables.
|
||||
(line 47)
|
||||
|
@ -2394,28 +2458,30 @@ Concept Index
|
|||
(line 55)
|
||||
* port numbers: Other files. (line 17)
|
||||
* PriorityInheritance: Main configuration variables.
|
||||
(line 180)
|
||||
(line 229)
|
||||
* private: Virtual Private Networks.
|
||||
(line 10)
|
||||
* PrivateKey: Main configuration variables.
|
||||
(line 185)
|
||||
(line 234)
|
||||
* PrivateKeyFile: Main configuration variables.
|
||||
(line 191)
|
||||
(line 240)
|
||||
* ProcessPriority: Main configuration variables.
|
||||
(line 199)
|
||||
(line 248)
|
||||
* PublicKey: Host configuration variables.
|
||||
(line 59)
|
||||
* PublicKeyFile: Host configuration variables.
|
||||
(line 62)
|
||||
* raw_socket: Main configuration variables.
|
||||
(line 69)
|
||||
* release: Supported platforms. (line 14)
|
||||
* REMOTEADDRESS: Scripts. (line 67)
|
||||
* REMOTEPORT: Scripts. (line 70)
|
||||
* ReplayWindow: Main configuration variables.
|
||||
(line 204)
|
||||
(line 253)
|
||||
* REQ_KEY: The meta-protocol. (line 64)
|
||||
* requirements: Libraries. (line 6)
|
||||
* router: Main configuration variables.
|
||||
(line 129)
|
||||
(line 178)
|
||||
* runtime options: Runtime options. (line 9)
|
||||
* scalability: tinc. (line 19)
|
||||
* scripts: Scripts. (line 6)
|
||||
|
@ -2423,7 +2489,7 @@ Concept Index
|
|||
(line 18)
|
||||
* signals: Signals. (line 6)
|
||||
* StrictSubnets: Main configuration variables.
|
||||
(line 215)
|
||||
(line 264)
|
||||
* SUBNET: Scripts. (line 74)
|
||||
* Subnet: Host configuration variables.
|
||||
(line 74)
|
||||
|
@ -2431,7 +2497,7 @@ Concept Index
|
|||
(line 97)
|
||||
* SVPN: Security. (line 11)
|
||||
* switch: Main configuration variables.
|
||||
(line 138)
|
||||
(line 187)
|
||||
* TCP: The meta-connection. (line 10)
|
||||
* TCPonly: Host configuration variables.
|
||||
(line 104)
|
||||
|
@ -2443,20 +2509,24 @@ Concept Index
|
|||
* tincd: tinc. (line 14)
|
||||
* traditional VPNs: tinc. (line 19)
|
||||
* tunifhead: Main configuration variables.
|
||||
(line 62)
|
||||
(line 100)
|
||||
* TunnelServer: Main configuration variables.
|
||||
(line 220)
|
||||
(line 269)
|
||||
* tunnohead: Main configuration variables.
|
||||
(line 56)
|
||||
(line 94)
|
||||
* UDP <1>: Encryption of network packets.
|
||||
(line 12)
|
||||
* UDP: The UDP tunnel. (line 30)
|
||||
* UDPRcvBuf: Main configuration variables.
|
||||
(line 227)
|
||||
(line 276)
|
||||
* UDPSndBuf: Main configuration variables.
|
||||
(line 232)
|
||||
(line 281)
|
||||
* UML: Main configuration variables.
|
||||
(line 76)
|
||||
* Universal tun/tap: Configuration of Linux kernels.
|
||||
(line 6)
|
||||
* VDE: Main configuration variables.
|
||||
(line 81)
|
||||
* virtual: Virtual Private Networks.
|
||||
(line 18)
|
||||
* virtual network device: The UDP tunnel. (line 6)
|
||||
|
@ -2502,34 +2572,34 @@ Node: Multiple networks21169
|
|||
Node: How connections work22595
|
||||
Node: Configuration files23817
|
||||
Node: Main configuration variables25204
|
||||
Node: Host configuration variables35709
|
||||
Node: Scripts41120
|
||||
Node: How to configure43890
|
||||
Node: Generating keypairs45153
|
||||
Node: Network interfaces45652
|
||||
Node: Example configuration47500
|
||||
Node: Running tinc52823
|
||||
Node: Runtime options53413
|
||||
Node: Signals56369
|
||||
Node: Debug levels57561
|
||||
Node: Solving problems58497
|
||||
Node: Error messages60049
|
||||
Node: Sending bug reports64062
|
||||
Node: Technical information65014
|
||||
Node: The connection65245
|
||||
Node: The UDP tunnel65557
|
||||
Node: The meta-connection68618
|
||||
Node: The meta-protocol70087
|
||||
Node: Security75096
|
||||
Node: Authentication protocol76226
|
||||
Node: Encryption of network packets81230
|
||||
Node: Security issues82603
|
||||
Node: Platform specific information84220
|
||||
Node: Interface configuration84448
|
||||
Node: Routes86347
|
||||
Node: About us88263
|
||||
Node: Contact information88438
|
||||
Node: Authors88842
|
||||
Node: Concept Index89247
|
||||
Node: Host configuration variables38105
|
||||
Node: Scripts43516
|
||||
Node: How to configure46286
|
||||
Node: Generating keypairs47549
|
||||
Node: Network interfaces48048
|
||||
Node: Example configuration49896
|
||||
Node: Running tinc55219
|
||||
Node: Runtime options55809
|
||||
Node: Signals59109
|
||||
Node: Debug levels60301
|
||||
Node: Solving problems61237
|
||||
Node: Error messages62789
|
||||
Node: Sending bug reports66802
|
||||
Node: Technical information67754
|
||||
Node: The connection67985
|
||||
Node: The UDP tunnel68297
|
||||
Node: The meta-connection71358
|
||||
Node: The meta-protocol72827
|
||||
Node: Security77836
|
||||
Node: Authentication protocol78966
|
||||
Node: Encryption of network packets83970
|
||||
Node: Security issues85343
|
||||
Node: Platform specific information86960
|
||||
Node: Interface configuration87188
|
||||
Node: Routes89087
|
||||
Node: About us91003
|
||||
Node: Contact information91178
|
||||
Node: Authors91582
|
||||
Node: Concept Index91987
|
||||
|
||||
End Tag Table
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
|
||||
|
||||
Copyright @copyright{} 1998-2011 Ivo Timmermans,
|
||||
Copyright @copyright{} 1998-2012 Ivo Timmermans,
|
||||
Guus Sliepen <guus@@tinc-vpn.org> and
|
||||
Wessel Dankers <wsl@@tinc-vpn.org>.
|
||||
|
||||
|
@ -39,7 +39,7 @@ permission notice identical to this one.
|
|||
@vskip 0pt plus 1filll
|
||||
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
|
||||
|
||||
Copyright @copyright{} 1998-2011 Ivo Timmermans,
|
||||
Copyright @copyright{} 1998-2012 Ivo Timmermans,
|
||||
Guus Sliepen <guus@@tinc-vpn.org> and
|
||||
Wessel Dankers <wsl@@tinc-vpn.org>.
|
||||
|
||||
|
@ -759,7 +759,8 @@ both IPv4 and IPv6 or just IPv6 listening sockets will be created.
|
|||
@item BindToAddress = <@var{address}> [experimental]
|
||||
If your computer has more than one IPv4 or IPv6 address, tinc
|
||||
will by default listen on all of them for incoming connections.
|
||||
It is possible to bind only to a single address with this variable.
|
||||
Multiple BindToAddress variables may be specified,
|
||||
in which case listening sockets for each specified address are made.
|
||||
|
||||
This option may not work on all platforms.
|
||||
|
||||
|
@ -772,6 +773,10 @@ variable.
|
|||
|
||||
This option may not work on all platforms.
|
||||
|
||||
@cindex Broadcast
|
||||
@item Broadcast = <yes | no> (yes) [experimental]
|
||||
When disabled, tinc will drop all broadcast and multicast packets, in both router and switch mode.
|
||||
|
||||
@cindex ConnectTo
|
||||
@item ConnectTo = <@var{name}>
|
||||
Specifies which other tinc daemon to connect to on startup.
|
||||
|
@ -784,6 +789,13 @@ If you don't specify a host with ConnectTo,
|
|||
tinc won't try to connect to other daemons at all,
|
||||
and will instead just listen for incoming connections.
|
||||
|
||||
@cindex DecrementTTL
|
||||
@item DecrementTTL = <yes | no> (yes)
|
||||
When enabled, tinc will decrement the Time To Live field in IPv4 packets, or the Hop Limit field in IPv6 packets,
|
||||
before forwarding a received packet to the virtual network device or to another node,
|
||||
and will drop packets that have a TTL value of zero,
|
||||
in which case it will send an ICMP Time Exceeded packet back.
|
||||
|
||||
@cindex Device
|
||||
@item Device = <@var{device}> (@file{/dev/tap0}, @file{/dev/net/tun} or other depending on platform)
|
||||
The virtual network device to use.
|
||||
|
@ -794,32 +806,64 @@ Note that you can only use one device per daemon.
|
|||
See also @ref{Device files}.
|
||||
|
||||
@cindex DeviceType
|
||||
@item DeviceType = <tun|tunnohead|tunifhead|tap> (only supported on BSD platforms)
|
||||
@item DeviceType = <@var{type}> (platform dependent)
|
||||
The type of the virtual network device.
|
||||
Tinc will normally automatically select the right type, and this option should not be used.
|
||||
However, in case tinc does not seem to correctly interpret packets received from the virtual network device,
|
||||
using this option might help.
|
||||
Tinc will normally automatically select the right type of tun/tap interface, and this option should not be used.
|
||||
However, this option can be used to select one of the special interface types, if support for them is compiled in.
|
||||
|
||||
@table @asis
|
||||
@item tun
|
||||
@cindex dummy
|
||||
@item dummy
|
||||
Use a dummy interface.
|
||||
No packets are ever read or written to a virtual network device.
|
||||
Useful for testing, or when setting up a node that only forwards packets for other nodes.
|
||||
|
||||
@cindex raw_socket
|
||||
@item raw_socket
|
||||
Open a raw socket, and bind it to a pre-existing
|
||||
@var{Interface} (eth0 by default).
|
||||
All packets are read from this interface.
|
||||
Packets received for the local node are written to the raw socket.
|
||||
However, at least on Linux, the operating system does not process IP packets destined for the local host.
|
||||
|
||||
@cindex UML
|
||||
@item uml (not compiled in by default)
|
||||
Create a UNIX socket with the filename specified by
|
||||
@var{Device}, or @file{@value{localstatedir}/run/@var{netname}.umlsocket}
|
||||
if not specified.
|
||||
Tinc will wait for a User Mode Linux instance to connect to this socket.
|
||||
|
||||
@cindex VDE
|
||||
@item vde (not compiled in by default)
|
||||
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
|
||||
using the UNIX socket specified by
|
||||
@var{Device}, or @file{@value{localstatedir}/run/vde.ctl}
|
||||
if not specified.
|
||||
@end table
|
||||
|
||||
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
|
||||
it can be used to change the way packets are interpreted:
|
||||
|
||||
@table @asis
|
||||
@item tun (BSD and Linux)
|
||||
Set type to tun.
|
||||
Depending on the platform, this can either be with or without an address family header (see below).
|
||||
|
||||
@cindex tunnohead
|
||||
@item tunnohead
|
||||
@item tunnohead (BSD)
|
||||
Set type to tun without an address family header.
|
||||
Tinc will expect packets read from the virtual network device to start with an IP header.
|
||||
On some platforms IPv6 packets cannot be read from or written to the device in this mode.
|
||||
|
||||
@cindex tunifhead
|
||||
@item tunifhead
|
||||
@item tunifhead (BSD)
|
||||
Set type to tun with an address family header.
|
||||
Tinc will expect packets read from the virtual network device
|
||||
to start with a four byte header containing the address family,
|
||||
followed by an IP header.
|
||||
This mode should support both IPv4 and IPv6 packets.
|
||||
|
||||
@item tap
|
||||
@item tap (BSD and Linux)
|
||||
Set type to tap.
|
||||
Tinc will expect packets read from the virtual network device
|
||||
to start with an Ethernet header.
|
||||
|
@ -879,6 +923,16 @@ Depending on the operating system and the type of device this may or may not act
|
|||
Under Windows, this variable is used to select which network interface will be used.
|
||||
If you specified a Device, this variable is almost always already correctly set.
|
||||
|
||||
@cindex LocalDiscovery
|
||||
@item LocalDiscovery = <yes | no> (no) [experimental]
|
||||
When enabled, tinc will try to detect peers that are on the same local network.
|
||||
This will allow direct communication using LAN addresses, even if both peers are behind a NAT
|
||||
and they only ConnectTo a third node outside the NAT,
|
||||
which normally would prevent the peers from learning each other's LAN address.
|
||||
|
||||
Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
|
||||
This feature may not work in all possible situations.
|
||||
|
||||
@cindex Mode
|
||||
@item Mode = <router|switch|hub> (router)
|
||||
This option selects the way packets are routed to other daemons.
|
||||
|
@ -1577,6 +1631,12 @@ Generate public/private keypair of @var{bits} length. If @var{bits} is not speci
|
|||
but will default to the configuration directory (you can use the -c or -n option
|
||||
in combination with -K). After that, tinc will quit.
|
||||
|
||||
@item -o, --option=[@var{HOST}.]@var{KEY}=@var{VALUE}
|
||||
Without specifying a @var{HOST}, this will set server configuration variable @var{KEY} to @var{VALUE}.
|
||||
If specified as @var{HOST}.@var{KEY}=@var{VALUE},
|
||||
this will set the host configuration variable @var{KEY} of the host named @var{HOST} to @var{VALUE}.
|
||||
This option can be used more than once to specify multiple configuration variables.
|
||||
|
||||
@item -L, --mlock
|
||||
Lock tinc into main memory.
|
||||
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
|
||||
|
|
|
@ -8,13 +8,14 @@
|
|||
.Nd tinc VPN daemon
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl cdDkKnLRU
|
||||
.Op Fl cdDkKnoLRU
|
||||
.Op Fl -config Ns = Ns Ar DIR
|
||||
.Op Fl -no-detach
|
||||
.Op Fl -debug Ns Op = Ns Ar LEVEL
|
||||
.Op Fl -kill Ns Op = Ns Ar SIGNAL
|
||||
.Op Fl -net Ns = Ns Ar NETNAME
|
||||
.Op Fl -generate-keys Ns Op = Ns Ar BITS
|
||||
.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE
|
||||
.Op Fl -mlock
|
||||
.Op Fl -logfile Ns Op = Ns Ar FILE
|
||||
.Op Fl -pidfile Ns = Ns Ar FILE
|
||||
|
@ -79,6 +80,22 @@ If
|
|||
is omitted, the default length will be 2048 bits.
|
||||
When saving keys to existing files, tinc will not delete the old keys,
|
||||
you have to remove them manually.
|
||||
.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE
|
||||
Without specifying a
|
||||
.Ar HOST ,
|
||||
this will set server configuration variable
|
||||
.Ar KEY
|
||||
to
|
||||
.Ar VALUE .
|
||||
If specified as
|
||||
.Ar HOST.KEY=VALUE ,
|
||||
this will set the host configuration variable
|
||||
.Ar KEY
|
||||
of the host named
|
||||
.Ar HOST
|
||||
to
|
||||
.Ar VALUE .
|
||||
This option can be used more than once to specify multiple configuration variables.
|
||||
.It Fl L, -mlock
|
||||
Lock tinc into main memory.
|
||||
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
|
||||
|
|
29
install-sh
29
install-sh
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
# install - install a program, script, or datafile
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
scriptversion=2011-01-19.21; # UTC
|
||||
|
||||
# This originates from X11R5 (mit/util/scripts/install.sh), which was
|
||||
# later released in X11R6 (xc/config/util/install.sh) with the
|
||||
|
@ -156,6 +156,10 @@ while test $# -ne 0; do
|
|||
-s) stripcmd=$stripprog;;
|
||||
|
||||
-t) dst_arg=$2
|
||||
# Protect names problematic for `test' and other utilities.
|
||||
case $dst_arg in
|
||||
-* | [=\(\)!]) dst_arg=./$dst_arg;;
|
||||
esac
|
||||
shift;;
|
||||
|
||||
-T) no_target_directory=true;;
|
||||
|
@ -186,6 +190,10 @@ if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
|
|||
fi
|
||||
shift # arg
|
||||
dst_arg=$arg
|
||||
# Protect names problematic for `test' and other utilities.
|
||||
case $dst_arg in
|
||||
-* | [=\(\)!]) dst_arg=./$dst_arg;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
|
||||
|
@ -200,7 +208,11 @@ if test $# -eq 0; then
|
|||
fi
|
||||
|
||||
if test -z "$dir_arg"; then
|
||||
trap '(exit $?); exit' 1 2 13 15
|
||||
do_exit='(exit $ret); exit $ret'
|
||||
trap "ret=129; $do_exit" 1
|
||||
trap "ret=130; $do_exit" 2
|
||||
trap "ret=141; $do_exit" 13
|
||||
trap "ret=143; $do_exit" 15
|
||||
|
||||
# Set umask so as not to create temps with too-generous modes.
|
||||
# However, 'strip' requires both read and write access to temps.
|
||||
|
@ -228,9 +240,9 @@ fi
|
|||
|
||||
for src
|
||||
do
|
||||
# Protect names starting with `-'.
|
||||
# Protect names problematic for `test' and other utilities.
|
||||
case $src in
|
||||
-*) src=./$src;;
|
||||
-* | [=\(\)!]) src=./$src;;
|
||||
esac
|
||||
|
||||
if test -n "$dir_arg"; then
|
||||
|
@ -252,12 +264,7 @@ do
|
|||
echo "$0: no destination specified." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
dst=$dst_arg
|
||||
# Protect names starting with `-'.
|
||||
case $dst in
|
||||
-*) dst=./$dst;;
|
||||
esac
|
||||
|
||||
# If destination is a directory, append the input filename; won't work
|
||||
# if double slashes aren't ignored.
|
||||
|
@ -385,7 +392,7 @@ do
|
|||
|
||||
case $dstdir in
|
||||
/*) prefix='/';;
|
||||
-*) prefix='./';;
|
||||
[-=\(\)!]*) prefix='./';;
|
||||
*) prefix='';;
|
||||
esac
|
||||
|
||||
|
@ -403,7 +410,7 @@ do
|
|||
|
||||
for d
|
||||
do
|
||||
test -z "$d" && continue
|
||||
test X"$d" = X && continue
|
||||
|
||||
prefix=$prefix$d
|
||||
if test -d "$prefix"; then
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.11.3 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -44,7 +44,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
|
|||
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
|
||||
CONFIG_HEADER = $(top_builddir)/config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
|
@ -213,7 +213,7 @@ $(am__aclocal_m4_deps):
|
|||
|
||||
clean-noinstLIBRARIES:
|
||||
-test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES)
|
||||
libvpn.a: $(libvpn_a_OBJECTS) $(libvpn_a_DEPENDENCIES)
|
||||
libvpn.a: $(libvpn_a_OBJECTS) $(libvpn_a_DEPENDENCIES) $(EXTRA_libvpn_a_DEPENDENCIES)
|
||||
-rm -f libvpn.a
|
||||
$(libvpn_a_AR) libvpn.a $(libvpn_a_OBJECTS) $(libvpn_a_LIBADD)
|
||||
$(RANLIB) libvpn.a
|
||||
|
@ -349,10 +349,15 @@ install-am: all-am
|
|||
|
||||
installcheck: installcheck-am
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
if test -z '$(STRIP)'; then \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
install; \
|
||||
else \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
|
||||
fi
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
|
10
lib/ipv4.h
10
lib/ipv4.h
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
ipv4.h -- missing IPv4 related definitions
|
||||
Copyright (C) 2005 Ivo Timmermans
|
||||
2006 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2006-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -41,6 +41,14 @@
|
|||
#define ICMP_NET_UNKNOWN 6
|
||||
#endif
|
||||
|
||||
#ifndef ICMP_TIME_EXCEEDED
|
||||
#define ICMP_TIME_EXCEEDED 11
|
||||
#endif
|
||||
|
||||
#ifndef ICMP_EXC_TTL
|
||||
#define ICMP_EXC_TTL 0
|
||||
#endif
|
||||
|
||||
#ifndef ICMP_NET_UNREACH
|
||||
#define ICMP_NET_UNREACH 0
|
||||
#endif
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
ipv6.h -- missing IPv6 related definitions
|
||||
Copyright (C) 2005 Ivo Timmermans
|
||||
2006 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2006-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -95,8 +95,10 @@ struct icmp6_hdr {
|
|||
#define ICMP6_DST_UNREACH_NOROUTE 0
|
||||
#define ICMP6_DST_UNREACH 1
|
||||
#define ICMP6_PACKET_TOO_BIG 2
|
||||
#define ICMP6_TIME_EXCEEDED 3
|
||||
#define ICMP6_DST_UNREACH_ADMIN 1
|
||||
#define ICMP6_DST_UNREACH_ADDR 3
|
||||
#define ICMP6_TIME_EXCEED_TRANSIT 0
|
||||
#define ND_NEIGHBOR_SOLICIT 135
|
||||
#define ND_NEIGHBOR_ADVERT 136
|
||||
#define icmp6_data32 icmp6_dataun.icmp6_un_data32
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.11.3 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -41,7 +41,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
|
|||
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
|
||||
CONFIG_HEADER = $(top_builddir)/config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
|
@ -232,10 +232,15 @@ install-am: all-am
|
|||
|
||||
installcheck: installcheck-am
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
if test -z '$(STRIP)'; then \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
install; \
|
||||
else \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
|
||||
fi
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
|
53
missing
53
missing
|
@ -1,10 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Common stub for a few missing GNU programs while installing.
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
scriptversion=2012-01-06.13; # UTC
|
||||
|
||||
# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
|
||||
# 2008, 2009 Free Software Foundation, Inc.
|
||||
# 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
|
||||
# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
|
||||
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
|
@ -84,7 +84,6 @@ Supported PROGRAM values:
|
|||
help2man touch the output file
|
||||
lex create \`lex.yy.c', if possible, from existing .c
|
||||
makeinfo touch the output file
|
||||
tar try tar, gnutar, gtar, then tar without non-portable flags
|
||||
yacc create \`y.tab.[ch]', if possible, from existing .[ch]
|
||||
|
||||
Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
|
||||
|
@ -122,15 +121,6 @@ case $1 in
|
|||
# Not GNU programs, they don't have --version.
|
||||
;;
|
||||
|
||||
tar*)
|
||||
if test -n "$run"; then
|
||||
echo 1>&2 "ERROR: \`tar' requires --run"
|
||||
exit 1
|
||||
elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
|
||||
*)
|
||||
if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
|
||||
# We have it, but it failed.
|
||||
|
@ -226,7 +216,7 @@ WARNING: \`$1' $msg. You should only need it if
|
|||
\`Bison' from any GNU archive site."
|
||||
rm -f y.tab.c y.tab.h
|
||||
if test $# -ne 1; then
|
||||
eval LASTARG="\${$#}"
|
||||
eval LASTARG=\${$#}
|
||||
case $LASTARG in
|
||||
*.y)
|
||||
SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
|
||||
|
@ -256,7 +246,7 @@ WARNING: \`$1' is $msg. You should only need it if
|
|||
\`Flex' from any GNU archive site."
|
||||
rm -f lex.yy.c
|
||||
if test $# -ne 1; then
|
||||
eval LASTARG="\${$#}"
|
||||
eval LASTARG=\${$#}
|
||||
case $LASTARG in
|
||||
*.l)
|
||||
SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
|
||||
|
@ -318,41 +308,6 @@ WARNING: \`$1' is $msg. You should only need it if
|
|||
touch $file
|
||||
;;
|
||||
|
||||
tar*)
|
||||
shift
|
||||
|
||||
# We have already tried tar in the generic part.
|
||||
# Look for gnutar/gtar before invocation to avoid ugly error
|
||||
# messages.
|
||||
if (gnutar --version > /dev/null 2>&1); then
|
||||
gnutar "$@" && exit 0
|
||||
fi
|
||||
if (gtar --version > /dev/null 2>&1); then
|
||||
gtar "$@" && exit 0
|
||||
fi
|
||||
firstarg="$1"
|
||||
if shift; then
|
||||
case $firstarg in
|
||||
*o*)
|
||||
firstarg=`echo "$firstarg" | sed s/o//`
|
||||
tar "$firstarg" "$@" && exit 0
|
||||
;;
|
||||
esac
|
||||
case $firstarg in
|
||||
*h*)
|
||||
firstarg=`echo "$firstarg" | sed s/h//`
|
||||
tar "$firstarg" "$@" && exit 0
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
echo 1>&2 "\
|
||||
WARNING: I can't seem to be able to run \`tar' with the given arguments.
|
||||
You may want to install GNU tar or Free paxutils, or check the
|
||||
command line arguments."
|
||||
exit 1
|
||||
;;
|
||||
|
||||
*)
|
||||
echo 1>&2 "\
|
||||
WARNING: \`$1' is needed, and is $msg.
|
||||
|
|
162
mkinstalldirs
Executable file
162
mkinstalldirs
Executable file
|
@ -0,0 +1,162 @@
|
|||
#! /bin/sh
|
||||
# mkinstalldirs --- make directory hierarchy
|
||||
|
||||
scriptversion=2009-04-28.21; # UTC
|
||||
|
||||
# Original author: Noah Friedman <friedman@prep.ai.mit.edu>
|
||||
# Created: 1993-05-16
|
||||
# Public domain.
|
||||
#
|
||||
# This file is maintained in Automake, please report
|
||||
# bugs to <bug-automake@gnu.org> or send patches to
|
||||
# <automake-patches@gnu.org>.
|
||||
|
||||
nl='
|
||||
'
|
||||
IFS=" "" $nl"
|
||||
errstatus=0
|
||||
dirmode=
|
||||
|
||||
usage="\
|
||||
Usage: mkinstalldirs [-h] [--help] [--version] [-m MODE] DIR ...
|
||||
|
||||
Create each directory DIR (with mode MODE, if specified), including all
|
||||
leading file name components.
|
||||
|
||||
Report bugs to <bug-automake@gnu.org>."
|
||||
|
||||
# process command line arguments
|
||||
while test $# -gt 0 ; do
|
||||
case $1 in
|
||||
-h | --help | --h*) # -h for help
|
||||
echo "$usage"
|
||||
exit $?
|
||||
;;
|
||||
-m) # -m PERM arg
|
||||
shift
|
||||
test $# -eq 0 && { echo "$usage" 1>&2; exit 1; }
|
||||
dirmode=$1
|
||||
shift
|
||||
;;
|
||||
--version)
|
||||
echo "$0 $scriptversion"
|
||||
exit $?
|
||||
;;
|
||||
--) # stop option processing
|
||||
shift
|
||||
break
|
||||
;;
|
||||
-*) # unknown option
|
||||
echo "$usage" 1>&2
|
||||
exit 1
|
||||
;;
|
||||
*) # first non-opt arg
|
||||
break
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
for file
|
||||
do
|
||||
if test -d "$file"; then
|
||||
shift
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
case $# in
|
||||
0) exit 0 ;;
|
||||
esac
|
||||
|
||||
# Solaris 8's mkdir -p isn't thread-safe. If you mkdir -p a/b and
|
||||
# mkdir -p a/c at the same time, both will detect that a is missing,
|
||||
# one will create a, then the other will try to create a and die with
|
||||
# a "File exists" error. This is a problem when calling mkinstalldirs
|
||||
# from a parallel make. We use --version in the probe to restrict
|
||||
# ourselves to GNU mkdir, which is thread-safe.
|
||||
case $dirmode in
|
||||
'')
|
||||
if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then
|
||||
echo "mkdir -p -- $*"
|
||||
exec mkdir -p -- "$@"
|
||||
else
|
||||
# On NextStep and OpenStep, the `mkdir' command does not
|
||||
# recognize any option. It will interpret all options as
|
||||
# directories to create, and then abort because `.' already
|
||||
# exists.
|
||||
test -d ./-p && rmdir ./-p
|
||||
test -d ./--version && rmdir ./--version
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
if mkdir -m "$dirmode" -p --version . >/dev/null 2>&1 &&
|
||||
test ! -d ./--version; then
|
||||
echo "mkdir -m $dirmode -p -- $*"
|
||||
exec mkdir -m "$dirmode" -p -- "$@"
|
||||
else
|
||||
# Clean up after NextStep and OpenStep mkdir.
|
||||
for d in ./-m ./-p ./--version "./$dirmode";
|
||||
do
|
||||
test -d $d && rmdir $d
|
||||
done
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
for file
|
||||
do
|
||||
case $file in
|
||||
/*) pathcomp=/ ;;
|
||||
*) pathcomp= ;;
|
||||
esac
|
||||
oIFS=$IFS
|
||||
IFS=/
|
||||
set fnord $file
|
||||
shift
|
||||
IFS=$oIFS
|
||||
|
||||
for d
|
||||
do
|
||||
test "x$d" = x && continue
|
||||
|
||||
pathcomp=$pathcomp$d
|
||||
case $pathcomp in
|
||||
-*) pathcomp=./$pathcomp ;;
|
||||
esac
|
||||
|
||||
if test ! -d "$pathcomp"; then
|
||||
echo "mkdir $pathcomp"
|
||||
|
||||
mkdir "$pathcomp" || lasterr=$?
|
||||
|
||||
if test ! -d "$pathcomp"; then
|
||||
errstatus=$lasterr
|
||||
else
|
||||
if test ! -z "$dirmode"; then
|
||||
echo "chmod $dirmode $pathcomp"
|
||||
lasterr=
|
||||
chmod "$dirmode" "$pathcomp" || lasterr=$?
|
||||
|
||||
if test ! -z "$lasterr"; then
|
||||
errstatus=$lasterr
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
pathcomp=$pathcomp/
|
||||
done
|
||||
done
|
||||
|
||||
exit $errstatus
|
||||
|
||||
# Local Variables:
|
||||
# mode: shell-script
|
||||
# sh-indentation: 2
|
||||
# eval: (add-hook 'write-file-hooks 'time-stamp)
|
||||
# time-stamp-start: "scriptversion="
|
||||
# time-stamp-format: "%:y-%02m-%02d.%02H"
|
||||
# time-stamp-time-zone: "UTC"
|
||||
# time-stamp-end: "; # UTC"
|
||||
# End:
|
|
@ -2,11 +2,20 @@
|
|||
|
||||
sbin_PROGRAMS = tincd
|
||||
|
||||
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h raw_socket/device.c uml_socket/device.c
|
||||
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h
|
||||
|
||||
tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c meta.c net.c net_packet.c net_setup.c \
|
||||
net_socket.c netutl.c node.c process.c protocol.c protocol_auth.c protocol_edge.c protocol_misc.c \
|
||||
protocol_key.c protocol_subnet.c route.c subnet.c tincd.c
|
||||
protocol_key.c protocol_subnet.c route.c subnet.c tincd.c \
|
||||
dummy_device.c raw_socket_device.c
|
||||
|
||||
if UML
|
||||
tincd_SOURCES += uml_device.c
|
||||
endif
|
||||
|
||||
if VDE
|
||||
tincd_SOURCES += vde_device.c
|
||||
endif
|
||||
|
||||
if TUNEMU
|
||||
tincd_SOURCES += bsd/tunemu.c
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
# Makefile.in generated by automake 1.11.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.11.3 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
|
||||
# Inc.
|
||||
# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
|
||||
# Foundation, Inc.
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
# with or without modifications, as long as this notice is preserved.
|
||||
|
@ -36,8 +36,10 @@ POST_UNINSTALL = :
|
|||
build_triplet = @build@
|
||||
host_triplet = @host@
|
||||
sbin_PROGRAMS = tincd$(EXEEXT)
|
||||
@TUNEMU_TRUE@am__append_1 = bsd/tunemu.c
|
||||
@TUNEMU_TRUE@am__append_2 = -lpcap
|
||||
@UML_TRUE@am__append_1 = uml_device.c
|
||||
@VDE_TRUE@am__append_2 = vde_device.c
|
||||
@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c
|
||||
@TUNEMU_TRUE@am__append_4 = -lpcap
|
||||
subdir = src
|
||||
DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \
|
||||
$(srcdir)/Makefile.in
|
||||
|
@ -47,7 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
|
|||
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
mkinstalldirs = $(install_sh) -d
|
||||
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
|
||||
CONFIG_HEADER = $(top_builddir)/config.h
|
||||
CONFIG_CLEAN_FILES =
|
||||
CONFIG_CLEAN_VPATH_FILES =
|
||||
|
@ -57,8 +59,11 @@ am__tincd_SOURCES_DIST = conf.c connection.c edge.c event.c graph.c \
|
|||
logger.c meta.c net.c net_packet.c net_setup.c net_socket.c \
|
||||
netutl.c node.c process.c protocol.c protocol_auth.c \
|
||||
protocol_edge.c protocol_misc.c protocol_key.c \
|
||||
protocol_subnet.c route.c subnet.c tincd.c bsd/tunemu.c
|
||||
@TUNEMU_TRUE@am__objects_1 = tunemu.$(OBJEXT)
|
||||
protocol_subnet.c route.c subnet.c tincd.c dummy_device.c \
|
||||
raw_socket_device.c uml_device.c vde_device.c bsd/tunemu.c
|
||||
@UML_TRUE@am__objects_1 = uml_device.$(OBJEXT)
|
||||
@VDE_TRUE@am__objects_2 = vde_device.$(OBJEXT)
|
||||
@TUNEMU_TRUE@am__objects_3 = tunemu.$(OBJEXT)
|
||||
am_tincd_OBJECTS = conf.$(OBJEXT) connection.$(OBJEXT) edge.$(OBJEXT) \
|
||||
event.$(OBJEXT) graph.$(OBJEXT) logger.$(OBJEXT) \
|
||||
meta.$(OBJEXT) net.$(OBJEXT) net_packet.$(OBJEXT) \
|
||||
|
@ -67,7 +72,9 @@ am_tincd_OBJECTS = conf.$(OBJEXT) connection.$(OBJEXT) edge.$(OBJEXT) \
|
|||
protocol_auth.$(OBJEXT) protocol_edge.$(OBJEXT) \
|
||||
protocol_misc.$(OBJEXT) protocol_key.$(OBJEXT) \
|
||||
protocol_subnet.$(OBJEXT) route.$(OBJEXT) subnet.$(OBJEXT) \
|
||||
tincd.$(OBJEXT) $(am__objects_1)
|
||||
tincd.$(OBJEXT) dummy_device.$(OBJEXT) \
|
||||
raw_socket_device.$(OBJEXT) $(am__objects_1) $(am__objects_2) \
|
||||
$(am__objects_3)
|
||||
nodist_tincd_OBJECTS = device.$(OBJEXT)
|
||||
tincd_OBJECTS = $(am_tincd_OBJECTS) $(nodist_tincd_OBJECTS)
|
||||
tincd_DEPENDENCIES = $(top_builddir)/lib/libvpn.a
|
||||
|
@ -113,7 +120,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
|
|||
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
|
||||
LDFLAGS = @LDFLAGS@
|
||||
LIBOBJS = @LIBOBJS@
|
||||
LIBS = @LIBS@ $(am__append_2)
|
||||
LIBS = @LIBS@ $(am__append_4)
|
||||
LN_S = @LN_S@
|
||||
LTLIBOBJS = @LTLIBOBJS@
|
||||
MAINT = @MAINT@
|
||||
|
@ -183,12 +190,13 @@ target_alias = @target_alias@
|
|||
top_build_prefix = @top_build_prefix@
|
||||
top_builddir = @top_builddir@
|
||||
top_srcdir = @top_srcdir@
|
||||
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h raw_socket/device.c uml_socket/device.c
|
||||
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h
|
||||
tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c \
|
||||
meta.c net.c net_packet.c net_setup.c net_socket.c netutl.c \
|
||||
node.c process.c protocol.c protocol_auth.c protocol_edge.c \
|
||||
protocol_misc.c protocol_key.c protocol_subnet.c route.c \
|
||||
subnet.c tincd.c $(am__append_1)
|
||||
subnet.c tincd.c dummy_device.c raw_socket_device.c \
|
||||
$(am__append_1) $(am__append_2) $(am__append_3)
|
||||
nodist_tincd_SOURCES = device.c
|
||||
DEFAULT_INCLUDES =
|
||||
noinst_HEADERS = conf.h connection.h device.h edge.h event.h graph.h logger.h meta.h net.h netutl.h node.h process.h \
|
||||
|
@ -269,7 +277,7 @@ uninstall-sbinPROGRAMS:
|
|||
|
||||
clean-sbinPROGRAMS:
|
||||
-test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS)
|
||||
tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES)
|
||||
tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES) $(EXTRA_tincd_DEPENDENCIES)
|
||||
@rm -f tincd$(EXEEXT)
|
||||
$(LINK) $(tincd_OBJECTS) $(tincd_LDADD) $(LIBS)
|
||||
|
||||
|
@ -282,6 +290,7 @@ distclean-compile:
|
|||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/device.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dummy_device.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@
|
||||
|
@ -300,10 +309,13 @@ distclean-compile:
|
|||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_key.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_misc.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/raw_socket_device.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tunemu.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@
|
||||
|
||||
.c.o:
|
||||
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
|
||||
|
@ -435,10 +447,15 @@ install-am: all-am
|
|||
|
||||
installcheck: installcheck-am
|
||||
install-strip:
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
`test -z '$(STRIP)' || \
|
||||
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
|
||||
if test -z '$(STRIP)'; then \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
install; \
|
||||
else \
|
||||
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
|
||||
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
|
||||
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
|
||||
fi
|
||||
mostlyclean-generic:
|
||||
|
||||
clean-generic:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- Interaction BSD tun/tap device
|
||||
Copyright (C) 2001-2005 Ivo Timmermans,
|
||||
2001-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2001-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2009 Grzegorz Dymarek <gregd72002@googlemail.com>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
@ -58,7 +58,7 @@ static device_type_t device_type = DEVICE_TYPE_TUNIFHEAD;
|
|||
static device_type_t device_type = DEVICE_TYPE_TUN;
|
||||
#endif
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
char *type;
|
||||
|
||||
if(!get_config_string(lookup_config(config_tree, "Device"), &device))
|
||||
|
@ -106,6 +106,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
switch(device_type) {
|
||||
default:
|
||||
device_type = DEVICE_TYPE_TUN;
|
||||
|
@ -175,7 +179,7 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
switch(device_type) {
|
||||
#ifdef HAVE_TUNEMU
|
||||
case DEVICE_TYPE_TUNEMU:
|
||||
|
@ -190,7 +194,7 @@ void close_device(void) {
|
|||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
switch(device_type) {
|
||||
|
@ -282,7 +286,7 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
|
||||
packet->len, device_info);
|
||||
|
||||
|
@ -351,8 +355,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t os_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
|
108
src/conf.c
108
src/conf.c
|
@ -2,7 +2,7 @@
|
|||
conf.c -- configuration code
|
||||
Copyright (C) 1998 Robert van der Meulen
|
||||
1998-2005 Ivo Timmermans
|
||||
2000-2010 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2010-2011 Julien Muchembled <jm@jmuchemb.eu>
|
||||
2000 Cris van Pelt
|
||||
|
||||
|
@ -400,6 +400,70 @@ bool read_connection_config(connection_t *c) {
|
|||
return x;
|
||||
}
|
||||
|
||||
static void disable_old_keys(const char *filename) {
|
||||
char tmpfile[PATH_MAX] = "";
|
||||
char buf[1024];
|
||||
bool disabled = false;
|
||||
FILE *r, *w;
|
||||
|
||||
r = fopen(filename, "r");
|
||||
if(!r)
|
||||
return;
|
||||
|
||||
snprintf(tmpfile, sizeof tmpfile, "%s.tmp", filename);
|
||||
|
||||
w = fopen(tmpfile, "w");
|
||||
|
||||
while(fgets(buf, sizeof buf, r)) {
|
||||
if(!strncmp(buf, "-----BEGIN RSA", 14)) {
|
||||
buf[11] = 'O';
|
||||
buf[12] = 'L';
|
||||
buf[13] = 'D';
|
||||
disabled = true;
|
||||
}
|
||||
else if(!strncmp(buf, "-----END RSA", 12)) {
|
||||
buf[ 9] = 'O';
|
||||
buf[10] = 'L';
|
||||
buf[11] = 'D';
|
||||
disabled = true;
|
||||
}
|
||||
if(w && fputs(buf, w) < 0) {
|
||||
disabled = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if(w)
|
||||
fclose(w);
|
||||
fclose(r);
|
||||
|
||||
if(!w && disabled) {
|
||||
fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
|
||||
return;
|
||||
}
|
||||
|
||||
if(disabled) {
|
||||
#ifdef HAVE_MINGW
|
||||
// We cannot atomically replace files on Windows.
|
||||
char bakfile[PATH_MAX] = "";
|
||||
snprintf(bakfile, sizeof bakfile, "%s.bak", filename);
|
||||
if(rename(filename, bakfile) || rename(tmpfile, filename)) {
|
||||
rename(bakfile, filename);
|
||||
#else
|
||||
if(rename(tmpfile, filename)) {
|
||||
#endif
|
||||
fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
|
||||
} else {
|
||||
#ifdef HAVE_MINGW
|
||||
unlink(bakfile);
|
||||
#endif
|
||||
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
|
||||
}
|
||||
}
|
||||
|
||||
unlink(tmpfile);
|
||||
}
|
||||
|
||||
FILE *ask_and_open(const char *filename, const char *what) {
|
||||
FILE *r;
|
||||
char *directory;
|
||||
|
@ -447,9 +511,11 @@ FILE *ask_and_open(const char *filename, const char *what) {
|
|||
|
||||
umask(0077); /* Disallow everything for group and other */
|
||||
|
||||
disable_old_keys(fn);
|
||||
|
||||
/* Open it first to keep the inode busy */
|
||||
|
||||
r = fopen(fn, "r+") ?: fopen(fn, "w+");
|
||||
r = fopen(fn, "a");
|
||||
|
||||
if(!r) {
|
||||
fprintf(stderr, "Error opening file `%s': %s\n",
|
||||
|
@ -460,42 +526,4 @@ FILE *ask_and_open(const char *filename, const char *what) {
|
|||
return r;
|
||||
}
|
||||
|
||||
bool disable_old_keys(FILE *f) {
|
||||
char buf[100];
|
||||
long pos;
|
||||
bool disabled = false;
|
||||
|
||||
rewind(f);
|
||||
pos = ftell(f);
|
||||
|
||||
if(pos < 0)
|
||||
return false;
|
||||
|
||||
while(fgets(buf, sizeof buf, f)) {
|
||||
if(!strncmp(buf, "-----BEGIN RSA", 14)) {
|
||||
buf[11] = 'O';
|
||||
buf[12] = 'L';
|
||||
buf[13] = 'D';
|
||||
if(fseek(f, pos, SEEK_SET))
|
||||
break;
|
||||
if(fputs(buf, f) <= 0)
|
||||
break;
|
||||
disabled = true;
|
||||
}
|
||||
else if(!strncmp(buf, "-----END RSA", 12)) {
|
||||
buf[ 9] = 'O';
|
||||
buf[10] = 'L';
|
||||
buf[11] = 'D';
|
||||
if(fseek(f, pos, SEEK_SET))
|
||||
break;
|
||||
if(fputs(buf, f) <= 0)
|
||||
break;
|
||||
disabled = true;
|
||||
}
|
||||
pos = ftell(f);
|
||||
if(pos < 0)
|
||||
break;
|
||||
}
|
||||
|
||||
return disabled;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
conf.h -- header for conf.c
|
||||
Copyright (C) 1998-2005 Ivo Timmermans
|
||||
2000-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -63,6 +63,5 @@ extern bool read_server_config(void);
|
|||
extern bool read_connection_config(struct connection_t *);
|
||||
extern FILE *ask_and_open(const char *, const char *);
|
||||
extern bool is_safe_path(const char *);
|
||||
extern bool disable_old_keys(FILE *);
|
||||
|
||||
#endif /* __TINC_CONF_H__ */
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
connection.c -- connection list management
|
||||
Copyright (C) 2000-2009 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
2000-2005 Ivo Timmermans
|
||||
2008 Max Rijevski <maksuf@gmail.com>
|
||||
|
||||
|
@ -29,7 +29,7 @@
|
|||
#include "xalloc.h"
|
||||
|
||||
avl_tree_t *connection_tree; /* Meta connections */
|
||||
connection_t *broadcast;
|
||||
connection_t *everyone;
|
||||
|
||||
static int connection_compare(const connection_t *a, const connection_t *b) {
|
||||
return a < b ? -1 : a == b ? 0 : 1;
|
||||
|
@ -37,14 +37,14 @@ static int connection_compare(const connection_t *a, const connection_t *b) {
|
|||
|
||||
void init_connections(void) {
|
||||
connection_tree = avl_alloc_tree((avl_compare_t) connection_compare, (avl_action_t) free_connection);
|
||||
broadcast = new_connection();
|
||||
broadcast->name = xstrdup("everyone");
|
||||
broadcast->hostname = xstrdup("BROADCAST");
|
||||
everyone = new_connection();
|
||||
everyone->name = xstrdup("everyone");
|
||||
everyone->hostname = xstrdup("BROADCAST");
|
||||
}
|
||||
|
||||
void exit_connections(void) {
|
||||
avl_delete_tree(connection_tree);
|
||||
free_connection(broadcast);
|
||||
free_connection(everyone);
|
||||
}
|
||||
|
||||
connection_t *new_connection(void) {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
connection.h -- header for connection.c
|
||||
Copyright (C) 2000-2010 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
2000-2005 Ivo Timmermans
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
@ -101,7 +101,7 @@ typedef struct connection_t {
|
|||
} connection_t;
|
||||
|
||||
extern avl_tree_t *connection_tree;
|
||||
extern connection_t *broadcast;
|
||||
extern connection_t *everyone;
|
||||
|
||||
extern void init_connections(void);
|
||||
extern void exit_connections(void);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- Interaction with Windows tap driver in a Cygwin environment
|
||||
Copyright (C) 2002-2005 Ivo Timmermans,
|
||||
2002-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2002-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -45,7 +45,7 @@ static uint64_t device_total_out = 0;
|
|||
static pid_t reader_pid;
|
||||
static int sp[2];
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
HKEY key, key2;
|
||||
int i, err;
|
||||
|
||||
|
@ -214,7 +214,7 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
close(sp[0]);
|
||||
close(sp[1]);
|
||||
CloseHandle(device_handle);
|
||||
|
@ -225,7 +225,7 @@ void close_device(void) {
|
|||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
if((lenin = read(sp[0], packet->data, MTU)) <= 0) {
|
||||
|
@ -244,7 +244,7 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
long lenout;
|
||||
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
|
||||
|
@ -260,8 +260,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t os_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
|
23
src/device.h
23
src/device.h
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net.h -- generic header for device.c
|
||||
device.h -- generic header for device.c
|
||||
Copyright (C) 2001-2005 Ivo Timmermans
|
||||
2001-2006 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2001-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -28,10 +28,19 @@ extern char *device;
|
|||
|
||||
extern char *iface;
|
||||
|
||||
extern bool setup_device(void);
|
||||
extern void close_device(void);
|
||||
extern bool read_packet(struct vpn_packet_t *);
|
||||
extern bool write_packet(struct vpn_packet_t *);
|
||||
extern void dump_device_stats(void);
|
||||
typedef struct devops_t {
|
||||
bool (*setup)(void);
|
||||
void (*close)(void);
|
||||
bool (*read)(struct vpn_packet_t *);
|
||||
bool (*write)(struct vpn_packet_t *);
|
||||
void (*dump_stats)(void);
|
||||
} devops_t;
|
||||
|
||||
extern const devops_t os_devops;
|
||||
extern const devops_t dummy_devops;
|
||||
extern const devops_t raw_socket_devops;
|
||||
extern const devops_t uml_devops;
|
||||
extern const devops_t vde_devops;
|
||||
extern devops_t devops;
|
||||
|
||||
#endif /* __TINC_DEVICE_H__ */
|
||||
|
|
62
src/dummy_device.c
Normal file
62
src/dummy_device.c
Normal file
|
@ -0,0 +1,62 @@
|
|||
/*
|
||||
device.c -- Dummy device
|
||||
Copyright (C) 2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "system.h"
|
||||
|
||||
#include "device.h"
|
||||
#include "logger.h"
|
||||
#include "net.h"
|
||||
|
||||
static char *device_info = "dummy device";
|
||||
|
||||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
||||
static bool setup_device(void) {
|
||||
device = "dummy";
|
||||
iface = "dummy";
|
||||
logger(LOG_INFO, "%s (%s) is a %s", device, iface, device_info);
|
||||
return true;
|
||||
}
|
||||
|
||||
static void close_device(void) {
|
||||
}
|
||||
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
return false;
|
||||
}
|
||||
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
device_total_out += packet->len;
|
||||
return true;
|
||||
}
|
||||
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t dummy_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
graph.c -- graph algorithms
|
||||
Copyright (C) 2001-2011 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
2001-2005 Ivo Timmermans
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
@ -174,6 +174,7 @@ static void sssp_bfs(void) {
|
|||
myself->status.visited = true;
|
||||
myself->status.indirect = false;
|
||||
myself->nexthop = myself;
|
||||
myself->prevedge = NULL;
|
||||
myself->via = myself;
|
||||
list_insert_head(todo_list, myself);
|
||||
|
||||
|
@ -214,6 +215,7 @@ static void sssp_bfs(void) {
|
|||
e->to->status.visited = true;
|
||||
e->to->status.indirect = indirect;
|
||||
e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop;
|
||||
e->to->prevedge = e;
|
||||
e->to->via = indirect ? n->via : e->to;
|
||||
e->to->options = e->options;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
graph.h -- header for graph.c
|
||||
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
2001-2005 Ivo Timmermans
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- Interaction with Linux ethertap and tun/tap device
|
||||
Copyright (C) 2001-2005 Ivo Timmermans,
|
||||
2001-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2001-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -45,13 +45,14 @@ int device_fd = -1;
|
|||
static device_type_t device_type;
|
||||
char *device = NULL;
|
||||
char *iface = NULL;
|
||||
static char *type = NULL;
|
||||
static char ifrname[IFNAMSIZ];
|
||||
static char *device_info;
|
||||
|
||||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
struct ifreq ifr;
|
||||
bool t1q = false;
|
||||
|
||||
|
@ -72,11 +73,23 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_LINUX_IF_TUN_H
|
||||
/* Ok now check if this is an old ethertap or a new tun/tap thingie */
|
||||
|
||||
memset(&ifr, 0, sizeof(ifr));
|
||||
if(routing_mode == RMODE_ROUTER) {
|
||||
|
||||
get_config_string(lookup_config(config_tree, "DeviceType"), &type);
|
||||
|
||||
if(type && strcasecmp(type, "tun") && strcasecmp(type, "tap")) {
|
||||
logger(LOG_ERR, "Unknown device type %s!", type);
|
||||
return false;
|
||||
}
|
||||
|
||||
if((type && !strcasecmp(type, "tun")) || (!type && routing_mode == RMODE_ROUTER)) {
|
||||
ifr.ifr_flags = IFF_TUN;
|
||||
device_type = DEVICE_TYPE_TUN;
|
||||
device_info = "Linux tun/tap device (tun mode)";
|
||||
|
@ -121,14 +134,15 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
close(device_fd);
|
||||
|
||||
free(type);
|
||||
free(device);
|
||||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
switch(device_type) {
|
||||
|
@ -175,7 +189,7 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
|
||||
packet->len, device_info);
|
||||
|
||||
|
@ -211,8 +225,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t os_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
|
|
@ -83,7 +83,7 @@ static DWORD WINAPI tapreader(void *bla) {
|
|||
}
|
||||
}
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
HKEY key, key2;
|
||||
int i;
|
||||
|
||||
|
@ -210,18 +210,18 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
CloseHandle(device_handle);
|
||||
|
||||
free(device);
|
||||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
long lenout;
|
||||
OVERLAPPED overlapped = {0};
|
||||
|
||||
|
@ -238,8 +238,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t os_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
|
18
src/net.c
18
src/net.c
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net.c -- most of the network code
|
||||
Copyright (C) 1998-2005 Ivo Timmermans,
|
||||
2000-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2006 Scott Lamb <slamb@slamb.org>
|
||||
2011 Loïc Grenié <loic.grenie@gmail.com>
|
||||
|
||||
|
@ -75,7 +75,7 @@ static void purge(void) {
|
|||
for(snode = n->subnet_tree->head; snode; snode = snext) {
|
||||
snext = snode->next;
|
||||
s = snode->data;
|
||||
send_del_subnet(broadcast, s);
|
||||
send_del_subnet(everyone, s);
|
||||
if(!strictsubnets)
|
||||
subnet_del(n, s);
|
||||
}
|
||||
|
@ -84,7 +84,7 @@ static void purge(void) {
|
|||
enext = enode->next;
|
||||
e = enode->data;
|
||||
if(!tunnelserver)
|
||||
send_del_edge(broadcast, e);
|
||||
send_del_edge(everyone, e);
|
||||
edge_del(e);
|
||||
}
|
||||
}
|
||||
|
@ -183,7 +183,7 @@ void terminate_connection(connection_t *c, bool report) {
|
|||
|
||||
if(c->edge) {
|
||||
if(report && !tunnelserver)
|
||||
send_del_edge(broadcast, c->edge);
|
||||
send_del_edge(everyone, c->edge);
|
||||
|
||||
edge_del(c->edge);
|
||||
|
||||
|
@ -198,7 +198,7 @@ void terminate_connection(connection_t *c, bool report) {
|
|||
e = lookup_edge(c->node, myself);
|
||||
if(e) {
|
||||
if(!tunnelserver)
|
||||
send_del_edge(broadcast, e);
|
||||
send_del_edge(everyone, e);
|
||||
edge_del(e);
|
||||
}
|
||||
}
|
||||
|
@ -289,7 +289,7 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) {
|
|||
|
||||
/* check input from kernel */
|
||||
if(device_fd >= 0 && FD_ISSET(device_fd, readset)) {
|
||||
if(read_packet(&packet)) {
|
||||
if(devops.read(&packet)) {
|
||||
errors = 0;
|
||||
packet.priority = 0;
|
||||
route(myself, &packet);
|
||||
|
@ -343,7 +343,7 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) {
|
|||
|
||||
for(i = 0; i < listen_sockets; i++) {
|
||||
if(FD_ISSET(listen_socket[i].udp, readset))
|
||||
handle_incoming_vpn_data(listen_socket[i].udp);
|
||||
handle_incoming_vpn_data(i);
|
||||
|
||||
if(FD_ISSET(listen_socket[i].tcp, readset))
|
||||
handle_new_meta_connection(listen_socket[i].tcp);
|
||||
|
@ -576,14 +576,14 @@ int main_loop(void) {
|
|||
next = node->next;
|
||||
subnet = node->data;
|
||||
if(subnet->expires == 1) {
|
||||
send_del_subnet(broadcast, subnet);
|
||||
send_del_subnet(everyone, subnet);
|
||||
if(subnet->owner->status.reachable)
|
||||
subnet_update(subnet->owner, subnet, false);
|
||||
subnet_del(subnet->owner, subnet);
|
||||
} else if(subnet->expires == -1) {
|
||||
subnet->expires = 0;
|
||||
} else {
|
||||
send_add_subnet(broadcast, subnet);
|
||||
send_add_subnet(everyone, subnet);
|
||||
if(subnet->owner->status.reachable)
|
||||
subnet_update(subnet->owner, subnet, true);
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net.h -- header for net.c
|
||||
Copyright (C) 1998-2005 Ivo Timmermans
|
||||
2000-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -107,6 +107,7 @@ extern int maxoutbufsize;
|
|||
extern int seconds_till_retry;
|
||||
extern int addressfamily;
|
||||
extern unsigned replaywin;
|
||||
extern bool localdiscovery;
|
||||
|
||||
extern listen_socket_t listen_socket[MAXSOCKETS];
|
||||
extern int listen_sockets;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net_packet.c -- Handles in- and outgoing VPN packets
|
||||
Copyright (C) 1998-2005 Ivo Timmermans,
|
||||
2000-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2010 Timothy Redaelli <timothy@redaelli.eu>
|
||||
2010 Brandon Black <blblack@gmail.com>
|
||||
|
||||
|
@ -61,13 +61,21 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999
|
|||
static void send_udppacket(node_t *, vpn_packet_t *);
|
||||
|
||||
unsigned replaywin = 16;
|
||||
bool localdiscovery = false;
|
||||
|
||||
#define MAX_SEQNO 1073741824
|
||||
|
||||
// mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
|
||||
// mtuprobes == 31: sleep pinginterval seconds
|
||||
// mtuprobes == 32: send 1 burst, sleep pingtimeout second
|
||||
// mtuprobes == 33: no response from other side, restart PMTU discovery process
|
||||
/* mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
|
||||
mtuprobes == 31: sleep pinginterval seconds
|
||||
mtuprobes == 32: send 1 burst, sleep pingtimeout second
|
||||
mtuprobes == 33: no response from other side, restart PMTU discovery process
|
||||
|
||||
Probes are sent in batches of three, with random sizes between the lower and
|
||||
upper boundaries for the MTU thus far discovered.
|
||||
|
||||
In case local discovery is enabled, a fourth packet is added to each batch,
|
||||
which will be broadcast to the local network.
|
||||
*/
|
||||
|
||||
void send_mtu_probe(node_t *n) {
|
||||
vpn_packet_t packet;
|
||||
|
@ -118,7 +126,7 @@ void send_mtu_probe(node_t *n) {
|
|||
timeout = pingtimeout;
|
||||
}
|
||||
|
||||
for(i = 0; i < 3; i++) {
|
||||
for(i = 0; i < 3 + localdiscovery; i++) {
|
||||
if(n->maxmtu <= n->minmtu)
|
||||
len = n->maxmtu;
|
||||
else
|
||||
|
@ -130,7 +138,10 @@ void send_mtu_probe(node_t *n) {
|
|||
memset(packet.data, 0, 14);
|
||||
RAND_pseudo_bytes(packet.data + 14, len - 14);
|
||||
packet.len = len;
|
||||
packet.priority = 0;
|
||||
if(i >= 3 && n->mtuprobes <= 10)
|
||||
packet.priority = -1;
|
||||
else
|
||||
packet.priority = 0;
|
||||
|
||||
ifdebug(TRAFFIC) logger(LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname);
|
||||
|
||||
|
@ -389,7 +400,6 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
|||
static int priority = 0;
|
||||
#endif
|
||||
int origpriority;
|
||||
int sock;
|
||||
|
||||
if(!n->status.reachable) {
|
||||
ifdebug(TRAFFIC) logger(LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname);
|
||||
|
@ -476,33 +486,58 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
|||
|
||||
/* Determine which socket we have to use */
|
||||
|
||||
for(sock = 0; sock < listen_sockets; sock++)
|
||||
if(n->address.sa.sa_family == listen_socket[sock].sa.sa.sa_family)
|
||||
break;
|
||||
|
||||
if(sock >= listen_sockets)
|
||||
sock = 0; /* If none is available, just use the first and hope for the best. */
|
||||
if(n->address.sa.sa_family != listen_socket[n->sock].sa.sa.sa_family) {
|
||||
for(int sock = 0; sock < listen_sockets; sock++) {
|
||||
if(n->address.sa.sa_family == listen_socket[sock].sa.sa.sa_family) {
|
||||
n->sock = sock;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Send the packet */
|
||||
|
||||
struct sockaddr *sa;
|
||||
socklen_t sl;
|
||||
int sock;
|
||||
|
||||
/* Overloaded use of priority field: -1 means local broadcast */
|
||||
|
||||
if(origpriority == -1 && n->prevedge) {
|
||||
struct sockaddr_in in;
|
||||
in.sin_family = AF_INET;
|
||||
in.sin_addr.s_addr = -1;
|
||||
in.sin_port = n->prevedge->address.in.sin_port;
|
||||
sa = (struct sockaddr *)∈
|
||||
sl = sizeof in;
|
||||
sock = 0;
|
||||
} else {
|
||||
if(origpriority == -1)
|
||||
origpriority = 0;
|
||||
|
||||
sa = &(n->address.sa);
|
||||
sl = SALEN(n->address.sa);
|
||||
sock = n->sock;
|
||||
}
|
||||
|
||||
#if defined(SOL_IP) && defined(IP_TOS)
|
||||
if(priorityinheritance && origpriority != priority
|
||||
&& listen_socket[sock].sa.sa.sa_family == AF_INET) {
|
||||
&& listen_socket[n->sock].sa.sa.sa_family == AF_INET) {
|
||||
priority = origpriority;
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Setting outgoing packet priority to %d", priority);
|
||||
if(setsockopt(listen_socket[sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */
|
||||
if(setsockopt(listen_socket[n->sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */
|
||||
logger(LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno));
|
||||
}
|
||||
#endif
|
||||
|
||||
if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, &(n->address.sa), SALEN(n->address.sa)) < 0 && !sockwouldblock(sockerrno)) {
|
||||
if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, sa, sl) < 0 && !sockwouldblock(sockerrno)) {
|
||||
if(sockmsgsize(sockerrno)) {
|
||||
if(n->maxmtu >= origlen)
|
||||
n->maxmtu = origlen - 1;
|
||||
if(n->mtu >= origlen)
|
||||
n->mtu = origlen - 1;
|
||||
} else
|
||||
logger(LOG_ERR, "Error sending packet to %s (%s): %s", n->name, n->hostname, sockstrerror(sockerrno));
|
||||
ifdebug(TRAFFIC) logger(LOG_WARNING, "Error sending packet to %s (%s): %s", n->name, n->hostname, sockstrerror(sockerrno));
|
||||
}
|
||||
|
||||
end:
|
||||
|
@ -518,7 +553,7 @@ void send_packet(const node_t *n, vpn_packet_t *packet) {
|
|||
if(n == myself) {
|
||||
if(overwrite_mac)
|
||||
memcpy(packet->data, mymac.x, ETH_ALEN);
|
||||
write_packet(packet);
|
||||
devops.write(packet);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -599,6 +634,7 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
|
|||
if(hard)
|
||||
last_hard_try = now;
|
||||
|
||||
last_hard_try = now;
|
||||
return n;
|
||||
}
|
||||
|
||||
|
@ -609,7 +645,7 @@ void handle_incoming_vpn_data(int sock) {
|
|||
socklen_t fromlen = sizeof(from);
|
||||
node_t *n;
|
||||
|
||||
pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
|
||||
pkt.len = recvfrom(listen_socket[sock].udp, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
|
||||
|
||||
if(pkt.len < 0) {
|
||||
if(!sockwouldblock(sockerrno))
|
||||
|
@ -635,5 +671,7 @@ void handle_incoming_vpn_data(int sock) {
|
|||
return;
|
||||
}
|
||||
|
||||
n->sock = sock;
|
||||
|
||||
receive_udppacket(n, &pkt);
|
||||
}
|
||||
|
|
132
src/net_setup.c
132
src/net_setup.c
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net_setup.c -- Setup.
|
||||
Copyright (C) 1998-2005 Ivo Timmermans,
|
||||
2000-2010 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2006 Scott Lamb <slamb@slamb.org>
|
||||
2010 Brandon Black <blblack@gmail.com>
|
||||
|
||||
|
@ -45,6 +45,7 @@
|
|||
#include "xalloc.h"
|
||||
|
||||
char *myport;
|
||||
devops_t devops;
|
||||
|
||||
bool read_rsa_public_key(connection_t *c) {
|
||||
FILE *fp;
|
||||
|
@ -113,11 +114,14 @@ bool read_rsa_public_key(connection_t *c) {
|
|||
xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
|
||||
fp = fopen(fname, "r");
|
||||
|
||||
if(fp) {
|
||||
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
|
||||
fclose(fp);
|
||||
if(!fp) {
|
||||
logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
|
||||
free(fname);
|
||||
return false;
|
||||
}
|
||||
|
||||
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
|
||||
fclose(fp);
|
||||
free(fname);
|
||||
|
||||
if(c->rsa_key)
|
||||
|
@ -128,12 +132,15 @@ bool read_rsa_public_key(connection_t *c) {
|
|||
xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
|
||||
fp = fopen(fname, "r");
|
||||
|
||||
if(fp) {
|
||||
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
|
||||
// RSA_blinding_on(c->rsa_key, NULL);
|
||||
fclose(fp);
|
||||
if(!fp) {
|
||||
logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
|
||||
free(fname);
|
||||
return false;
|
||||
}
|
||||
|
||||
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
|
||||
// RSA_blinding_on(c->rsa_key, NULL);
|
||||
fclose(fp);
|
||||
free(fname);
|
||||
|
||||
if(c->rsa_key)
|
||||
|
@ -214,7 +221,6 @@ void load_all_subnets(void) {
|
|||
config_t *cfg;
|
||||
subnet_t *s, *s2;
|
||||
node_t *n;
|
||||
bool result;
|
||||
|
||||
xasprintf(&dname, "%s/hosts", confbase);
|
||||
dir = opendir(dname);
|
||||
|
@ -236,10 +242,9 @@ void load_all_subnets(void) {
|
|||
|
||||
xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
|
||||
init_configuration(&config_tree);
|
||||
result = read_config_file(config_tree, fname);
|
||||
read_config_options(config_tree, ent->d_name);
|
||||
read_config_file(config_tree, fname);
|
||||
free(fname);
|
||||
if(!result)
|
||||
continue;
|
||||
|
||||
if(!n) {
|
||||
n = new_node();
|
||||
|
@ -270,7 +275,7 @@ void load_all_subnets(void) {
|
|||
static bool setup_myself(void) {
|
||||
config_t *cfg;
|
||||
subnet_t *subnet;
|
||||
char *name, *hostname, *mode, *afname, *cipher, *digest;
|
||||
char *name, *hostname, *mode, *afname, *cipher, *digest, *type;
|
||||
char *fname = NULL;
|
||||
char *address = NULL;
|
||||
char *envp[5];
|
||||
|
@ -349,6 +354,7 @@ static bool setup_myself(void) {
|
|||
get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
|
||||
get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
|
||||
get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
|
||||
get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
|
||||
strictsubnets |= tunnelserver;
|
||||
|
||||
if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
|
||||
|
@ -390,6 +396,8 @@ static bool setup_myself(void) {
|
|||
myself->options |= OPTION_CLAMP_MSS;
|
||||
|
||||
get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
|
||||
get_config_bool(lookup_config(config_tree, "DecrementTTL"), &decrement_ttl);
|
||||
get_config_bool(lookup_config(config_tree, "Broadcast"), &broadcast);
|
||||
|
||||
#if !defined(SOL_IP) || !defined(IP_TOS)
|
||||
if(priorityinheritance)
|
||||
|
@ -533,7 +541,24 @@ static bool setup_myself(void) {
|
|||
|
||||
/* Open device */
|
||||
|
||||
if(!setup_device())
|
||||
devops = os_devops;
|
||||
|
||||
if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
|
||||
if(!strcasecmp(type, "dummy"))
|
||||
devops = dummy_devops;
|
||||
else if(!strcasecmp(type, "raw_socket"))
|
||||
devops = raw_socket_devops;
|
||||
#ifdef ENABLE_UML
|
||||
else if(!strcasecmp(type, "uml"))
|
||||
devops = uml_devops;
|
||||
#endif
|
||||
#ifdef ENABLE_VDE
|
||||
else if(!strcasecmp(type, "vde"))
|
||||
devops = vde_devops;
|
||||
#endif
|
||||
}
|
||||
|
||||
if(!devops.setup())
|
||||
return false;
|
||||
|
||||
/* Run tinc-up script to further initialize the tap interface */
|
||||
|
@ -554,47 +579,58 @@ static bool setup_myself(void) {
|
|||
|
||||
/* Open sockets */
|
||||
|
||||
get_config_string(lookup_config(config_tree, "BindToAddress"), &address);
|
||||
|
||||
hint.ai_family = addressfamily;
|
||||
hint.ai_socktype = SOCK_STREAM;
|
||||
hint.ai_protocol = IPPROTO_TCP;
|
||||
hint.ai_flags = AI_PASSIVE;
|
||||
|
||||
err = getaddrinfo(address, myport, &hint, &ai);
|
||||
|
||||
if(err || !ai) {
|
||||
logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
|
||||
gai_strerror(err));
|
||||
return false;
|
||||
}
|
||||
|
||||
listen_sockets = 0;
|
||||
cfg = lookup_config(config_tree, "BindToAddress");
|
||||
|
||||
for(aip = ai; aip; aip = aip->ai_next) {
|
||||
listen_socket[listen_sockets].tcp =
|
||||
setup_listen_socket((sockaddr_t *) aip->ai_addr);
|
||||
do {
|
||||
get_config_string(cfg, &address);
|
||||
if(cfg)
|
||||
cfg = lookup_config_next(config_tree, cfg);
|
||||
|
||||
if(listen_socket[listen_sockets].tcp < 0)
|
||||
continue;
|
||||
hint.ai_family = addressfamily;
|
||||
hint.ai_socktype = SOCK_STREAM;
|
||||
hint.ai_protocol = IPPROTO_TCP;
|
||||
hint.ai_flags = AI_PASSIVE;
|
||||
|
||||
listen_socket[listen_sockets].udp =
|
||||
setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
|
||||
err = getaddrinfo(address, myport, &hint, &ai);
|
||||
free(address);
|
||||
|
||||
if(listen_socket[listen_sockets].udp < 0)
|
||||
continue;
|
||||
|
||||
ifdebug(CONNECTIONS) {
|
||||
hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
|
||||
logger(LOG_NOTICE, "Listening on %s", hostname);
|
||||
free(hostname);
|
||||
if(err || !ai) {
|
||||
logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
|
||||
gai_strerror(err));
|
||||
return false;
|
||||
}
|
||||
|
||||
memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
|
||||
listen_sockets++;
|
||||
}
|
||||
for(aip = ai; aip; aip = aip->ai_next) {
|
||||
if(listen_sockets >= MAXSOCKETS) {
|
||||
logger(LOG_ERR, "Too many listening sockets");
|
||||
return false;
|
||||
}
|
||||
|
||||
freeaddrinfo(ai);
|
||||
listen_socket[listen_sockets].tcp =
|
||||
setup_listen_socket((sockaddr_t *) aip->ai_addr);
|
||||
|
||||
if(listen_socket[listen_sockets].tcp < 0)
|
||||
continue;
|
||||
|
||||
listen_socket[listen_sockets].udp =
|
||||
setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
|
||||
|
||||
if(listen_socket[listen_sockets].udp < 0)
|
||||
continue;
|
||||
|
||||
ifdebug(CONNECTIONS) {
|
||||
hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
|
||||
logger(LOG_NOTICE, "Listening on %s", hostname);
|
||||
free(hostname);
|
||||
}
|
||||
|
||||
memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
|
||||
listen_sockets++;
|
||||
}
|
||||
|
||||
freeaddrinfo(ai);
|
||||
} while(cfg);
|
||||
|
||||
if(listen_sockets)
|
||||
logger(LOG_NOTICE, "Ready");
|
||||
|
@ -696,7 +732,7 @@ void close_network_connections(void) {
|
|||
for(i = 0; i < 4; i++)
|
||||
free(envp[i]);
|
||||
|
||||
close_device();
|
||||
devops.close();
|
||||
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
net_socket.c -- Handle various kinds of sockets.
|
||||
Copyright (C) 1998-2005 Ivo Timmermans,
|
||||
2000-2010 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2006 Scott Lamb <slamb@slamb.org>
|
||||
2009 Florian Forster <octo@verplant.org>
|
||||
|
||||
|
@ -34,8 +34,6 @@
|
|||
#include "utils.h"
|
||||
#include "xalloc.h"
|
||||
|
||||
#include <assert.h>
|
||||
|
||||
/* Needed on Mac OS/X */
|
||||
#ifndef SOL_TCP
|
||||
#define SOL_TCP IPPROTO_TCP
|
||||
|
@ -110,63 +108,6 @@ static bool bind_to_interface(int sd) {
|
|||
return true;
|
||||
}
|
||||
|
||||
static bool bind_to_address(connection_t *c) {
|
||||
char *node;
|
||||
struct addrinfo *ai_list;
|
||||
struct addrinfo *ai_ptr;
|
||||
struct addrinfo ai_hints;
|
||||
int status;
|
||||
|
||||
assert(c != NULL);
|
||||
assert(c->socket >= 0);
|
||||
|
||||
node = NULL;
|
||||
if(!get_config_string(lookup_config(config_tree, "BindToAddress"),
|
||||
&node))
|
||||
return true;
|
||||
|
||||
assert(node != NULL);
|
||||
|
||||
memset(&ai_hints, 0, sizeof(ai_hints));
|
||||
ai_hints.ai_family = c->address.sa.sa_family;
|
||||
/* We're called from `do_outgoing_connection' only. */
|
||||
ai_hints.ai_socktype = SOCK_STREAM;
|
||||
ai_hints.ai_protocol = IPPROTO_TCP;
|
||||
|
||||
ai_list = NULL;
|
||||
|
||||
status = getaddrinfo(node, /* service = */ NULL,
|
||||
&ai_hints, &ai_list);
|
||||
if(status) {
|
||||
free(node);
|
||||
logger(LOG_WARNING, "Error looking up %s port %s: %s",
|
||||
node, "any", gai_strerror(status));
|
||||
return false;
|
||||
}
|
||||
assert(ai_list != NULL);
|
||||
|
||||
status = -1;
|
||||
for(ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next) {
|
||||
status = bind(c->socket,
|
||||
ai_list->ai_addr, ai_list->ai_addrlen);
|
||||
if(!status)
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
if(status) {
|
||||
logger(LOG_ERR, "Can't bind to %s/tcp: %s", node, sockstrerror(sockerrno));
|
||||
} else ifdebug(CONNECTIONS) {
|
||||
logger(LOG_DEBUG, "Successfully bound outgoing "
|
||||
"TCP socket to %s", node);
|
||||
}
|
||||
|
||||
free(node);
|
||||
freeaddrinfo(ai_list);
|
||||
|
||||
return status ? false : true;
|
||||
}
|
||||
|
||||
int setup_listen_socket(const sockaddr_t *sa) {
|
||||
int nfd;
|
||||
char *addrstr;
|
||||
|
@ -180,6 +121,10 @@ int setup_listen_socket(const sockaddr_t *sa) {
|
|||
return -1;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(nfd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
/* Optimize TCP settings */
|
||||
|
||||
option = 1;
|
||||
|
@ -238,6 +183,10 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
|
|||
return -1;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(nfd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
#ifdef O_NONBLOCK
|
||||
{
|
||||
int flags = fcntl(nfd, F_GETFL);
|
||||
|
@ -262,6 +211,7 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
|
|||
|
||||
option = 1;
|
||||
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option));
|
||||
setsockopt(nfd, SOL_SOCKET, SO_BROADCAST, (void *)&option, sizeof(option));
|
||||
|
||||
if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf)))
|
||||
logger(LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno));
|
||||
|
@ -410,6 +360,10 @@ begin:
|
|||
|
||||
c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(c->socket, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
if(c->socket == -1) {
|
||||
ifdebug(CONNECTIONS) logger(LOG_ERR, "Creating socket for %s failed: %s", c->hostname, sockstrerror(sockerrno));
|
||||
goto begin;
|
||||
|
@ -422,7 +376,6 @@ begin:
|
|||
#endif
|
||||
|
||||
bind_to_interface(c->socket);
|
||||
bind_to_address(c);
|
||||
|
||||
/* Optimize TCP settings */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
node.h -- header for node.c
|
||||
Copyright (C) 2001-2010 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
|
||||
2001-2005 Ivo Timmermans
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
@ -40,6 +40,7 @@ typedef struct node_t {
|
|||
char *name; /* name of this node */
|
||||
uint32_t options; /* options turned on for this node */
|
||||
|
||||
int sock; /* Socket to use for outgoing UDP packets */
|
||||
sockaddr_t address; /* his real (internet) ip to send UDP packets to */
|
||||
char *hostname; /* the hostname of its real ip */
|
||||
|
||||
|
@ -66,6 +67,7 @@ typedef struct node_t {
|
|||
int outcompression; /* Compressionlevel, 0 = no compression */
|
||||
|
||||
struct node_t *nexthop; /* nearest node from us to him */
|
||||
struct edge_t *prevedge; /* nearest node from him to us */
|
||||
struct node_t *via; /* next hop for UDP packets */
|
||||
|
||||
avl_tree_t *subnet_tree; /* Pointer to a tree of subnets belonging to this node */
|
||||
|
|
|
@ -511,7 +511,7 @@ static RETSIGTYPE sigusr1_handler(int a) {
|
|||
}
|
||||
|
||||
static RETSIGTYPE sigusr2_handler(int a) {
|
||||
dump_device_stats();
|
||||
devops.dump_stats();
|
||||
dump_nodes();
|
||||
dump_edges();
|
||||
dump_subnets();
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
protocol.c -- handle the meta-protocol, basic functions
|
||||
Copyright (C) 1999-2005 Ivo Timmermans,
|
||||
2000-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -96,7 +96,7 @@ bool send_request(connection_t *c, const char *format, ...) {
|
|||
|
||||
buffer[len++] = '\n';
|
||||
|
||||
if(c == broadcast) {
|
||||
if(c == everyone) {
|
||||
broadcast_meta(NULL, buffer, len);
|
||||
return true;
|
||||
} else
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
protocol_auth.c -- handle the meta-protocol, authentication
|
||||
Copyright (C) 1999-2005 Ivo Timmermans,
|
||||
2000-2010 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -575,7 +575,7 @@ bool ack_h(connection_t *c) {
|
|||
if(tunnelserver)
|
||||
send_add_edge(c, c->edge);
|
||||
else
|
||||
send_add_edge(broadcast, c->edge);
|
||||
send_add_edge(everyone, c->edge);
|
||||
|
||||
/* Run MST and SSSP algorithms */
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
protocol_edge.c -- handle the meta-protocol, edges
|
||||
Copyright (C) 1999-2005 Ivo Timmermans,
|
||||
2000-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2009 Michael Tokarev <mjt@corpit.ru>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
|
@ -254,7 +254,7 @@ bool del_edge_h(connection_t *c) {
|
|||
e = lookup_edge(to, myself);
|
||||
if(e) {
|
||||
if(!tunnelserver)
|
||||
send_del_edge(broadcast, e);
|
||||
send_del_edge(everyone, e);
|
||||
edge_del(e);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
protocol_key.c -- handle the meta-protocol, key exchange
|
||||
Copyright (C) 1999-2005 Ivo Timmermans,
|
||||
2000-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -40,7 +40,7 @@ void send_key_changed(void) {
|
|||
avl_node_t *node;
|
||||
connection_t *c;
|
||||
|
||||
send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name);
|
||||
send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
|
||||
|
||||
/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
|
||||
|
||||
|
@ -242,8 +242,6 @@ bool ans_key_h(connection_t *c) {
|
|||
|
||||
/* Update our copy of the origin's packet key */
|
||||
from->outkey = xrealloc(from->outkey, strlen(key) / 2);
|
||||
|
||||
from->outkey = xstrdup(key);
|
||||
from->outkeylength = strlen(key) / 2;
|
||||
hex2bin(key, from->outkey, from->outkeylength);
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- raw socket
|
||||
Copyright (C) 2002-2005 Ivo Timmermans,
|
||||
2002-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2002-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -20,7 +20,9 @@
|
|||
|
||||
#include "system.h"
|
||||
|
||||
#ifdef HAVE_NETPACKET_PACKET_H
|
||||
#include <netpacket/packet.h>
|
||||
#endif
|
||||
|
||||
#include "conf.h"
|
||||
#include "device.h"
|
||||
|
@ -30,16 +32,13 @@
|
|||
#include "route.h"
|
||||
#include "xalloc.h"
|
||||
|
||||
int device_fd = -1;
|
||||
char *device = NULL;
|
||||
char *iface = NULL;
|
||||
static char ifrname[IFNAMSIZ];
|
||||
#if defined(PF_PACKET) && defined(ETH_P_ALL) && defined(AF_PACKET)
|
||||
static char *device_info;
|
||||
|
||||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
struct ifreq ifr;
|
||||
struct sockaddr_ll sa;
|
||||
|
||||
|
@ -57,6 +56,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
memset(&ifr, 0, sizeof(ifr));
|
||||
strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ);
|
||||
if(ioctl(device_fd, SIOCGIFINDEX, &ifr)) {
|
||||
|
@ -81,14 +84,14 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
close(device_fd);
|
||||
|
||||
free(device);
|
||||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
if((lenin = read(device_fd, packet->data, MTU)) <= 0) {
|
||||
|
@ -107,7 +110,7 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
|
||||
packet->len, device_info);
|
||||
|
||||
|
@ -122,8 +125,32 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t raw_socket_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
||||
#else
|
||||
|
||||
static bool not_supported(void) {
|
||||
logger(LOG_ERR, "Raw socket device not supported on this platform");
|
||||
return false;
|
||||
}
|
||||
|
||||
const devops_t raw_socket_devops = {
|
||||
.setup = not_supported,
|
||||
.close = NULL,
|
||||
.read = NULL,
|
||||
.write = NULL,
|
||||
.dump_stats = NULL,
|
||||
};
|
||||
#endif
|
76
src/route.c
76
src/route.c
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
route.c -- routing
|
||||
Copyright (C) 2000-2005 Ivo Timmermans,
|
||||
2000-2010 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -34,10 +34,12 @@
|
|||
|
||||
rmode_t routing_mode = RMODE_ROUTER;
|
||||
fmode_t forwarding_mode = FMODE_INTERNAL;
|
||||
bool decrement_ttl = true;
|
||||
bool directonly = false;
|
||||
bool priorityinheritance = false;
|
||||
int macexpire = 600;
|
||||
bool overwrite_mac = false;
|
||||
bool broadcast = true;
|
||||
mac_t mymac = {{0xFE, 0xFD, 0, 0, 0, 0}};
|
||||
|
||||
/* Sizes of various headers */
|
||||
|
@ -80,13 +82,14 @@ static bool ratelimit(int frequency) {
|
|||
static int count = 0;
|
||||
|
||||
if(lasttime == now) {
|
||||
if(++count > frequency)
|
||||
if(count >= frequency)
|
||||
return true;
|
||||
} else {
|
||||
lasttime = now;
|
||||
count = 0;
|
||||
}
|
||||
|
||||
count++;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -397,6 +400,11 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) {
|
|||
packet->priority = packet->data[15];
|
||||
|
||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||
|
||||
if(via == source) {
|
||||
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
|
||||
return;
|
||||
}
|
||||
|
||||
if(directonly && subnet->owner != via)
|
||||
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
|
||||
|
@ -422,11 +430,11 @@ static void route_ipv4(node_t *source, vpn_packet_t *packet) {
|
|||
if(!checklength(source, packet, ether_size + ip_size))
|
||||
return;
|
||||
|
||||
if(((packet->data[30] & 0xf0) == 0xe0) || (
|
||||
if(broadcast && (((packet->data[30] & 0xf0) == 0xe0) || (
|
||||
packet->data[30] == 255 &&
|
||||
packet->data[31] == 255 &&
|
||||
packet->data[32] == 255 &&
|
||||
packet->data[33] == 255))
|
||||
packet->data[33] == 255)))
|
||||
broadcast_packet(source, packet);
|
||||
else
|
||||
route_ipv4_unicast(source, packet);
|
||||
|
@ -549,6 +557,11 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) {
|
|||
|
||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||
|
||||
if(via == source) {
|
||||
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
|
||||
return;
|
||||
}
|
||||
|
||||
if(directonly && subnet->owner != via)
|
||||
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
|
||||
|
||||
|
@ -714,7 +727,7 @@ static void route_ipv6(node_t *source, vpn_packet_t *packet) {
|
|||
return;
|
||||
}
|
||||
|
||||
if(packet->data[38] == 255)
|
||||
if(broadcast && packet->data[38] == 255)
|
||||
broadcast_packet(source, packet);
|
||||
else
|
||||
route_ipv6_unicast(source, packet);
|
||||
|
@ -804,7 +817,8 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
|
|||
subnet = lookup_subnet_mac(NULL, &dest);
|
||||
|
||||
if(!subnet) {
|
||||
broadcast_packet(source, packet);
|
||||
if(broadcast)
|
||||
broadcast_packet(source, packet);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -846,6 +860,52 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
|
|||
send_packet(subnet->owner, packet);
|
||||
}
|
||||
|
||||
static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
|
||||
uint16_t type = packet->data[12] << 8 | packet->data[13];
|
||||
|
||||
switch (type) {
|
||||
case ETH_P_IP:
|
||||
if(!checklength(source, packet, 14 + 32))
|
||||
return false;
|
||||
|
||||
if(packet->data[22] < 1) {
|
||||
if(packet->data[25] != IPPROTO_ICMP || packet->data[46] != ICMP_TIME_EXCEEDED)
|
||||
route_ipv4_unreachable(source, packet, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL);
|
||||
return false;
|
||||
}
|
||||
|
||||
uint16_t old = packet->data[22] << 8 | packet->data[23];
|
||||
packet->data[22]--;
|
||||
uint16_t new = packet->data[22] << 8 | packet->data[23];
|
||||
|
||||
uint32_t checksum = packet->data[24] << 8 | packet->data[25];
|
||||
checksum += old + (~new & 0xFFFF);
|
||||
while(checksum >> 16)
|
||||
checksum = (checksum & 0xFFFF) + (checksum >> 16);
|
||||
packet->data[24] = checksum >> 8;
|
||||
packet->data[25] = checksum & 0xff;
|
||||
|
||||
return true;
|
||||
|
||||
case ETH_P_IPV6:
|
||||
if(!checklength(source, packet, 14 + 40))
|
||||
return false;
|
||||
|
||||
if(packet->data[21] < 1) {
|
||||
if(packet->data[20] != IPPROTO_ICMPV6 || packet->data[54] != ICMP6_TIME_EXCEEDED)
|
||||
route_ipv6_unreachable(source, packet, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT);
|
||||
return false;
|
||||
}
|
||||
|
||||
packet->data[21]--;
|
||||
|
||||
return true;
|
||||
|
||||
default:
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
void route(node_t *source, vpn_packet_t *packet) {
|
||||
if(forwarding_mode == FMODE_KERNEL && source != myself) {
|
||||
send_packet(myself, packet);
|
||||
|
@ -855,6 +915,10 @@ void route(node_t *source, vpn_packet_t *packet) {
|
|||
if(!checklength(source, packet, ether_size))
|
||||
return;
|
||||
|
||||
if(decrement_ttl && source != myself)
|
||||
if(!do_decrement_ttl(source, packet))
|
||||
return;
|
||||
|
||||
switch (routing_mode) {
|
||||
case RMODE_ROUTER:
|
||||
{
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
route.h -- header file for route.c
|
||||
Copyright (C) 2000-2005 Ivo Timmermans
|
||||
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -38,8 +38,10 @@ typedef enum fmode_t {
|
|||
|
||||
extern rmode_t routing_mode;
|
||||
extern fmode_t forwarding_mode;
|
||||
extern bool decrement_ttl;
|
||||
extern bool directonly;
|
||||
extern bool overwrite_mac;
|
||||
extern bool broadcast;
|
||||
extern bool priorityinheritance;
|
||||
extern int macexpire;
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- Interaction with Solaris tun device
|
||||
Copyright (C) 2001-2005 Ivo Timmermans,
|
||||
2001-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2001-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -35,7 +35,7 @@
|
|||
#define DEFAULT_DEVICE "/dev/tun"
|
||||
|
||||
int device_fd = -1;
|
||||
int ip_fd = -1, if_fd = -1;
|
||||
static int ip_fd = -1, if_fd = -1;
|
||||
char *device = NULL;
|
||||
char *iface = NULL;
|
||||
static char *device_info = NULL;
|
||||
|
@ -43,7 +43,7 @@ static char *device_info = NULL;
|
|||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
int ppa;
|
||||
char *ptr;
|
||||
|
||||
|
@ -55,6 +55,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
ppa = 0;
|
||||
|
||||
ptr = device;
|
||||
|
@ -67,6 +71,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(ip_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
/* Assign a new PPA and get its unit number. */
|
||||
if((ppa = ioctl(device_fd, TUNNEWPPA, ppa)) < 0) {
|
||||
logger(LOG_ERR, "Can't assign new interface: %s", strerror(errno));
|
||||
|
@ -79,6 +87,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(if_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
if(ioctl(if_fd, I_PUSH, "ip") < 0) {
|
||||
logger(LOG_ERR, "Can't push IP module: %s", strerror(errno));
|
||||
return false;
|
||||
|
@ -105,7 +117,7 @@ bool setup_device(void) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void close_device(void) {
|
||||
static void close_device(void) {
|
||||
close(if_fd);
|
||||
close(ip_fd);
|
||||
close(device_fd);
|
||||
|
@ -114,7 +126,7 @@ void close_device(void) {
|
|||
free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
if((lenin = read(device_fd, packet->data + 14, MTU - 14)) <= 0) {
|
||||
|
@ -149,7 +161,7 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
|
||||
packet->len, device_info);
|
||||
|
||||
|
@ -164,8 +176,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t os_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
||||
|
|
|
@ -468,6 +468,8 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) {
|
|||
// 4 and 5 are reserved for SUBNET and WEIGHT
|
||||
xasprintf(&envp[6], "REMOTEADDRESS=%s", address);
|
||||
xasprintf(&envp[7], "REMOTEPORT=%s", port);
|
||||
free(port);
|
||||
free(address);
|
||||
}
|
||||
|
||||
name = up ? "subnet-up" : "subnet-down";
|
||||
|
|
47
src/tincd.c
47
src/tincd.c
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
tincd.c -- the main file for tincd
|
||||
Copyright (C) 1998-2005 Ivo Timmermans
|
||||
2000-2011 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2000-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2008 Max Rijevski <maksuf@gmail.com>
|
||||
2009 Michael Tokarev <mjt@tls.msk.ru>
|
||||
2010 Julien Muchembled <jm@jmuchemb.eu>
|
||||
|
@ -114,6 +114,7 @@ static struct option const long_options[] = {
|
|||
{"user", required_argument, NULL, 'U'},
|
||||
{"logfile", optional_argument, NULL, 4},
|
||||
{"pidfile", required_argument, NULL, 5},
|
||||
{"option", required_argument, NULL, 'o'},
|
||||
{NULL, 0, NULL, 0}
|
||||
};
|
||||
|
||||
|
@ -129,20 +130,20 @@ static void usage(bool status) {
|
|||
program_name);
|
||||
else {
|
||||
printf("Usage: %s [option]...\n\n", program_name);
|
||||
printf(" -c, --config=DIR Read configuration options from DIR.\n"
|
||||
" -D, --no-detach Don't fork and detach.\n"
|
||||
" -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
|
||||
" -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n"
|
||||
" -n, --net=NETNAME Connect to net NETNAME.\n"
|
||||
" -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
|
||||
" -L, --mlock Lock tinc into main memory.\n"
|
||||
" --logfile[=FILENAME] Write log entries to a logfile.\n"
|
||||
" --pidfile=FILENAME Write PID to FILENAME.\n"
|
||||
" -o [HOST.]KEY=VALUE Set global/host configuration value.\n"
|
||||
" -R, --chroot chroot to NET dir at startup.\n"
|
||||
" -U, --user=USER setuid to given USER at startup.\n"
|
||||
" --help Display this help and exit.\n"
|
||||
" --version Output version information and exit.\n\n");
|
||||
printf(" -c, --config=DIR Read configuration options from DIR.\n"
|
||||
" -D, --no-detach Don't fork and detach.\n"
|
||||
" -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
|
||||
" -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n"
|
||||
" -n, --net=NETNAME Connect to net NETNAME.\n"
|
||||
" -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
|
||||
" -L, --mlock Lock tinc into main memory.\n"
|
||||
" --logfile[=FILENAME] Write log entries to a logfile.\n"
|
||||
" --pidfile=FILENAME Write PID to FILENAME.\n"
|
||||
" -o, --option=[HOST.]KEY=VALUE Set global/host configuration value.\n"
|
||||
" -R, --chroot chroot to NET dir at startup.\n"
|
||||
" -U, --user=USER setuid to given USER at startup.\n"
|
||||
" --help Display this help and exit.\n"
|
||||
" --version Output version information and exit.\n\n");
|
||||
printf("Report bugs to tinc@tinc-vpn.org.\n");
|
||||
}
|
||||
}
|
||||
|
@ -361,9 +362,6 @@ static bool keygen(int bits) {
|
|||
if(!f)
|
||||
return false;
|
||||
|
||||
if(disable_old_keys(f))
|
||||
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
|
||||
|
||||
#ifdef HAVE_FCHMOD
|
||||
/* Make it unreadable for others. */
|
||||
fchmod(fileno(f), 0600);
|
||||
|
@ -384,9 +382,6 @@ static bool keygen(int bits) {
|
|||
if(!f)
|
||||
return false;
|
||||
|
||||
if(disable_old_keys(f))
|
||||
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
|
||||
|
||||
fputc('\n', f);
|
||||
PEM_write_RSAPublicKey(f, rsa_key);
|
||||
fclose(f);
|
||||
|
@ -523,7 +518,7 @@ int main(int argc, char **argv) {
|
|||
if(show_version) {
|
||||
printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE,
|
||||
VERSION, __DATE__, __TIME__, PROT_CURRENT);
|
||||
printf("Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen and others.\n"
|
||||
printf("Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.\n"
|
||||
"See the AUTHORS file for a complete list.\n\n"
|
||||
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
|
||||
"and you are welcome to redistribute it under certain conditions;\n"
|
||||
|
@ -586,6 +581,7 @@ int main2(int argc, char **argv) {
|
|||
InitializeCriticalSection(&mutex);
|
||||
EnterCriticalSection(&mutex);
|
||||
#endif
|
||||
char *priority = NULL;
|
||||
|
||||
if(!detach())
|
||||
return 1;
|
||||
|
@ -612,8 +608,6 @@ int main2(int argc, char **argv) {
|
|||
|
||||
/* Change process priority */
|
||||
|
||||
char *priority = 0;
|
||||
|
||||
if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) {
|
||||
if(!strcasecmp(priority, "Normal")) {
|
||||
if (setpriority(NORMAL_PRIORITY_CLASS) != 0) {
|
||||
|
@ -650,7 +644,7 @@ int main2(int argc, char **argv) {
|
|||
/* Shutdown properly. */
|
||||
|
||||
ifdebug(CONNECTIONS)
|
||||
dump_device_stats();
|
||||
devops.dump_stats();
|
||||
|
||||
close_network_connections();
|
||||
|
||||
|
@ -661,6 +655,8 @@ end:
|
|||
remove_pid(pidfilename);
|
||||
#endif
|
||||
|
||||
free(priority);
|
||||
|
||||
EVP_cleanup();
|
||||
ENGINE_cleanup();
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
|
@ -668,6 +664,7 @@ end:
|
|||
ERR_free_strings();
|
||||
|
||||
exit_configuration(&config_tree);
|
||||
list_free(cmdline_conf);
|
||||
free_names();
|
||||
|
||||
return status;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/*
|
||||
device.c -- UML network socket
|
||||
Copyright (C) 2002-2005 Ivo Timmermans,
|
||||
2002-2009 Guus Sliepen <guus@tinc-vpn.org>
|
||||
2002-2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -28,19 +28,17 @@
|
|||
#include "logger.h"
|
||||
#include "utils.h"
|
||||
#include "route.h"
|
||||
#include "xalloc.h"
|
||||
|
||||
int device_fd = -1;
|
||||
static int listen_fd = -1;
|
||||
static int request_fd = -1;
|
||||
static int data_fd = -1;
|
||||
static int write_fd = -1;
|
||||
static int state = 0;
|
||||
char *device = NULL;
|
||||
char *iface = NULL;
|
||||
static char *device_info;
|
||||
|
||||
extern char *identname;
|
||||
extern bool running;
|
||||
extern volatile bool running;
|
||||
|
||||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
@ -56,7 +54,7 @@ static struct request {
|
|||
|
||||
static struct sockaddr_un data_sun;
|
||||
|
||||
bool setup_device(void) {
|
||||
static bool setup_device(void) {
|
||||
struct sockaddr_un listen_sun;
|
||||
static const int one = 1;
|
||||
struct {
|
||||
|
@ -79,6 +77,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(write_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
setsockopt(write_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
|
||||
|
||||
if(fcntl(write_fd, F_SETFL, O_NONBLOCK) < 0) {
|
||||
|
@ -93,6 +95,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(data_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
setsockopt(data_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
|
||||
|
||||
if(fcntl(data_fd, F_SETFL, O_NONBLOCK) < 0) {
|
||||
|
@ -120,6 +126,10 @@ bool setup_device(void) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
setsockopt(listen_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
|
||||
|
||||
if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) {
|
||||
|
@ -169,13 +179,13 @@ void close_device(void) {
|
|||
if(iface) free(iface);
|
||||
}
|
||||
|
||||
bool read_packet(vpn_packet_t *packet) {
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin;
|
||||
|
||||
switch(state) {
|
||||
case 0: {
|
||||
struct sockaddr sa;
|
||||
int salen = sizeof sa;
|
||||
socklen_t salen = sizeof sa;
|
||||
|
||||
request_fd = accept(listen_fd, &sa, &salen);
|
||||
if(request_fd < 0) {
|
||||
|
@ -183,6 +193,10 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
return false;
|
||||
}
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(request_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) {
|
||||
logger(LOG_ERR, "System call `%s' failed: %s", "fcntl", strerror(errno));
|
||||
running = false;
|
||||
|
@ -244,10 +258,14 @@ bool read_packet(vpn_packet_t *packet) {
|
|||
|
||||
return true;
|
||||
}
|
||||
|
||||
default:
|
||||
logger(LOG_ERR, "Invalid value for state variable in " __FILE__);
|
||||
abort();
|
||||
}
|
||||
}
|
||||
|
||||
bool write_packet(vpn_packet_t *packet) {
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
if(state != 2) {
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Dropping packet of %d bytes to %s: not connected to UML yet",
|
||||
packet->len, device_info);
|
||||
|
@ -271,8 +289,16 @@ bool write_packet(vpn_packet_t *packet) {
|
|||
return true;
|
||||
}
|
||||
|
||||
void dump_device_stats(void) {
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t uml_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
143
src/vde_device.c
Normal file
143
src/vde_device.c
Normal file
|
@ -0,0 +1,143 @@
|
|||
/*
|
||||
device.c -- VDE plug
|
||||
Copyright (C) 2012 Guus Sliepen <guus@tinc-vpn.org>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "system.h"
|
||||
|
||||
#include <libvdeplug_dyn.h>
|
||||
|
||||
#include "conf.h"
|
||||
#include "device.h"
|
||||
#include "net.h"
|
||||
#include "logger.h"
|
||||
#include "utils.h"
|
||||
#include "route.h"
|
||||
#include "xalloc.h"
|
||||
|
||||
static struct vdepluglib plug;
|
||||
static struct vdeconn *conn = NULL;
|
||||
static int port = 0;
|
||||
static char *group = NULL;
|
||||
static char *device_info;
|
||||
|
||||
extern char *identname;
|
||||
extern volatile bool running;
|
||||
|
||||
static uint64_t device_total_in = 0;
|
||||
static uint64_t device_total_out = 0;
|
||||
|
||||
static bool setup_device(void) {
|
||||
libvdeplug_dynopen(plug);
|
||||
|
||||
if(!plug.dl_handle) {
|
||||
logger(LOG_ERR, "Could not open libvdeplug library!");
|
||||
return false;
|
||||
}
|
||||
|
||||
if(!get_config_string(lookup_config(config_tree, "Device"), &device))
|
||||
xasprintf(&device, LOCALSTATEDIR "/run/vde.ctl");
|
||||
|
||||
get_config_string(lookup_config(config_tree, "Interface"), &iface);
|
||||
|
||||
get_config_int(lookup_config(config_tree, "VDEPort"), &port);
|
||||
|
||||
get_config_string(lookup_config(config_tree, "VDEGroup"), &group);
|
||||
|
||||
device_info = "VDE socket";
|
||||
|
||||
struct vde_open_args args = {
|
||||
.port = port,
|
||||
.group = group,
|
||||
.mode = 0700,
|
||||
};
|
||||
|
||||
conn = plug.vde_open(device, identname, &args);
|
||||
if(!conn) {
|
||||
logger(LOG_ERR, "Could not open VDE socket %s", device);
|
||||
return false;
|
||||
}
|
||||
|
||||
device_fd = plug.vde_datafd(conn);
|
||||
|
||||
#ifdef FD_CLOEXEC
|
||||
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
|
||||
#endif
|
||||
|
||||
logger(LOG_INFO, "%s is a %s", device, device_info);
|
||||
|
||||
if(routing_mode == RMODE_ROUTER)
|
||||
overwrite_mac = true;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
static void close_device(void) {
|
||||
if(conn)
|
||||
plug.vde_close(conn);
|
||||
|
||||
if(plug.dl_handle)
|
||||
libvdeplug_dynclose(plug);
|
||||
|
||||
free(device);
|
||||
|
||||
free(iface);
|
||||
}
|
||||
|
||||
static bool read_packet(vpn_packet_t *packet) {
|
||||
int lenin = plug.vde_recv(conn, packet->data, MTU, 0);
|
||||
if(lenin <= 0) {
|
||||
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno));
|
||||
running = false;
|
||||
return false;
|
||||
}
|
||||
|
||||
packet->len = lenin;
|
||||
device_total_in += packet->len;
|
||||
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
static bool write_packet(vpn_packet_t *packet) {
|
||||
if(plug.vde_send(conn, packet->data, packet->len, 0) < 0) {
|
||||
if(errno != EINTR && errno != EAGAIN) {
|
||||
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno));
|
||||
running = false;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
device_total_out += packet->len;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
static void dump_device_stats(void) {
|
||||
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
|
||||
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
|
||||
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
|
||||
}
|
||||
|
||||
const devops_t vde_devops = {
|
||||
.setup = setup_device,
|
||||
.close = close_device,
|
||||
.read = read_packet,
|
||||
.write = write_packet,
|
||||
.dump_stats = dump_device_stats,
|
||||
};
|
Loading…
Reference in a new issue