Import Debian changes 1.0.17-1

tinc (1.0.17-1) unstable; urgency=low

  * New upstream release.
  * Enable support for UML and VDE.
This commit is contained in:
Guus Sliepen 2012-03-10 14:50:00 +01:00
commit c078db2fd8
64 changed files with 3250 additions and 1257 deletions

View file

@ -1,4 +1,4 @@
Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen and others. Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.
See the AUTHORS file for a complete list. See the AUTHORS file for a complete list.
This program is free software; you can redistribute it and/or modify it under This program is free software; you can redistribute it and/or modify it under

260
ChangeLog
View file

@ -1,3 +1,263 @@
commit 28a1501b9a8b4c730f7f965d6b2e8fc50feba261
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Mar 10 13:31:36 2012 +0100
Releasing 1.0.17.
commit 4712d8f92e63e86e835ffb624d6399343ee568ea
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Mar 10 13:23:08 2012 +0100
Update copyright notices.
commit 5b0f5ad958d6db4e73aebc5ee6c608cdae81b7b5
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Thu Mar 8 23:23:39 2012 +0100
Make sure disabling old RSA keys works on Windows.
Seeking in files and rewriting parts of them does not seem to work properly on
Windows. Instead, when old RSA keys are found when generating new ones, the
file containing the old keys is copied to a temporary file where the changes
are made, and that file is renamed back to the original filename. On Windows,
we cannot atomically replace files with a rename(), so we need to move the
original file out of the way first. If anything fails, the new code will warn
that the user has to solve the problem by hand.
commit 2f1c337c541fcb7e2c62aeeab245ff7a43eb51a5
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Thu Mar 8 22:19:20 2012 +0100
Add missing ICMP6 message type definitions.
commit 9dea33f5301119dd4423eb962956cf2d246af3f3
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Wed Mar 7 10:40:06 2012 +0100
Accept Subnets passed with the -o option when StrictSubnets = yes.
commit 63f8303a5dc1758876451a580a8317dbc3d295d6
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Fri Mar 2 16:09:58 2012 +0100
Only log errors sending UDP packets when debug level >= 5.
Since tinc will fall back to TCP or route via another node, it is not necessary
to log such errors unconditionally.
commit ae5249610954af17c68c547bb1b45ad286ad647e
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun Feb 26 16:23:02 2012 +0100
Only use broadcast at the start of the PMTU discovery phase.
For local peer discovery, only a handful of packets are necessary for
peers to detect each other.
commit 5140656de6bcfda72951a7827b05414ce306e3ca
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 25 22:11:30 2012 +0100
Stricter checks against routing loops.
If a packet that had to be sent via an intermediate hop, and that intermediate
hop was the one that sent the packet, we drop it.
commit f1d5eae643cdf537ef357f10f2da8ff83bdf32b4
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 25 21:46:18 2012 +0100
Don't send ICMP Time Exceeded messages for other Time Exceeded messages.
That would be silly.
commit 5a28aa7b8b0ab6237c2eab5f8b11253ea3ec5a05
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Wed Feb 22 23:17:43 2012 +0100
Add LocalDiscovery option which tries to detect peers on the local network.
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
commit 8e717ddb602f01f656369106ec0398efbe9ca4a4
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Wed Feb 22 14:37:56 2012 +0100
Pass index into listen_socket[] to handle_incoming_vpn_data().
commit 65e8e06c6dc7349b11c3c1e8f4071b51e2994c65
Author: Nick Hibma <nick@van-laarhoven.org>
Date: Tue Feb 21 15:26:58 2012 +0100
Add missing ICMP message type definitions.
commit ac48c4ee8c09c8144f830cb66386b9dbe7298440
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Feb 21 14:06:55 2012 +0100
Fix check for raw socket support.
Also, move some variables so there are no compiler warnings about unused
variables when there is no support for raw sockets.
commit d9ad3d313d96d30ef45cd53367dff9a855a396d4
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Feb 21 13:31:21 2012 +0100
Fix a bug that caused tinc to ignore all but the last listening socket.
commit 46506b7aaf6c6a8a85561c38fdb9c95eae21aa75
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Feb 21 13:13:40 2012 +0100
Document the command line flag -o and provide --option as well.
commit 7d76e287598c8c18cadfb5818046d9dd1b0ad881
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Feb 21 11:39:21 2012 +0100
Move initialization of char *priority up to prevent freeing an uninitialized pointer.
commit 8420a0c8bde1781db04dd2436eb9d5dca5a1732a
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Mon Feb 20 17:19:00 2012 +0100
Allow disabling of broadcast packets.
The Broadcast option can be used to cause tinc to drop all broadcast and
multicast packets. This option might be expanded in the future to selectively
allow only some broadcast packet types.
commit ea415ccc1690d6e5864a7500977b181e5c8faafe
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Mon Feb 20 17:12:48 2012 +0100
Rename connection_t *broadcast to everyone.
commit cff5a844a3e6b494f4a4f6eb5b48a84780f2d0e5
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Mon Feb 20 16:52:53 2012 +0100
Don't bind outgoing TCP sockets anymore.
The code introduced in commit 41a05f59ba2c3eb5caab555f096ed1b9fbe69ee3 is not
needed anymore, since tinc has been able to handle UDP packets from a different
source address than those of the TCP packets since 1.0.10. When using multiple
BindToAddress statements, this code does not make sense anymore, we do want the
kernel to choose the source address on its own.
commit 0233b1d710222cb09be0cbd08c1297e3ece38a9f
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Mon Feb 20 16:34:02 2012 +0100
Decrement TTL of incoming packets.
Tinc will now, by default, decrement the TTL field of incoming IPv4 and IPv6
packets, before forwarding them to the virtual network device or to another
node. Packets with a TTL value of zero will be dropped, and an ICMP Time
Exceeded message will be sent back.
This behaviour can be disabled using the DecrementTTL option.
commit 6289859ab365dc1c0d420323174418b316b14502
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Mon Feb 20 15:44:52 2012 +0100
Only compile raw socket code when it is supported on that platform.
commit d1dcdf8eb6f800704be426b1ce6f6c1a8e65ba0d
Merge: 1b2846d 3b1fad0
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 18 14:31:08 2012 +0100
Merge branch 'master' of black:tinc
commit 3b1fad04de6bed2f284fdf3d5b27d4162aeebc8c
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 18 14:37:52 2012 +0100
Allow setting DeviceType to tun or tap on Linux.
commit 6455654d26d204cea4bbc102e5bd6550b7fff7a7
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 18 11:48:21 2012 +0100
Send packets back using the same socket as they were received on.
commit 1b2846d907adfc8472fc9da0c951c3243c7ee143
Merge: 9f6a96a 6455654
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Feb 18 11:43:00 2012 +0100
Merge branch 'master' of black:tinc
commit 9f6a96af3939bd2de410ce346a8c8fbcf93e7c9b
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Fri Feb 17 16:25:00 2012 +0100
Allow multiple BindToAddress statements.
commit 708314df2f61675d0f54e541c9fff62ac1f433b5
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Fri Feb 17 16:13:38 2012 +0100
Set FD_CLOEXEC flag on all sockets.
Scripts called by tinc would inherit its open filedescriptors. This could
be a problem if other long-running daemons are started from those scripts,
if those daemons would not close all filedescriptors before going into the
background.
Problem found and solution suggested by Nick Hibma.
commit 178e52f76ef4ba40748c13ea7e518837394d6dbc
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun Dec 4 01:20:59 2011 +0100
Allow linking with multiple device drivers.
Apart from the platform specific tun/tap driver, link with the dummy and
raw_socket devices, and optionally with support for UML and VDE devices.
At runtime, the DeviceType option can be used to select which driver to
use.
commit 5672863e59e6a114ac6b66de98254b14266c0e61
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Dec 3 21:59:47 2011 +0100
Fix a few small memory leaks.
commit 52ded09d1713b83222b56db7d29ff061aefb95e3
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun Nov 27 12:13:16 2011 +0100
Add vde/device.c to the tarball.
commit 2c7c87ec75c94d0b3cca9f7a5aeba34384f77cc1
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sun Nov 27 12:12:34 2011 +0100
Fix compilation of VDE and UML interfaces.
commit ddea7a23a66b8fee4942f2ce237dcabe02e17270
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Aug 30 20:49:48 2011 +0200
Return false instead of void when there is an error.
commit e838289683c0039fac0ae6172d40b4177c17911b
Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue Aug 30 19:56:56 2011 +0200
Prevent read_rsa_public_key() from returning an uninitialized RSA structure.
In case the config file could not be opened a new but unitialized RSA structure
would be returned, causing a segmentation fault later on. This would only
happen in the case that the config file could be opened before, but not when
read_rsa_public_key() was called. This situation could occur when the --user
option was used, and the config files were not readable by the specified user.
commit 0f2aa4bd8b698608876bec141c5aef1aa619730b commit 0f2aa4bd8b698608876bec141c5aef1aa619730b
Author: Guus Sliepen <guus@tinc-vpn.org> Author: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat Jul 23 14:12:23 2011 +0200 Date: Sat Jul 23 14:12:23 2011 +0200

View file

@ -1,8 +1,8 @@
Installation Instructions Installation Instructions
************************* *************************
Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005, Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
2006, 2007, 2008, 2009 Free Software Foundation, Inc. Inc.
Copying and distribution of this file, with or without modification, Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright are permitted in any medium without royalty provided the copyright
@ -226,6 +226,11 @@ order to use an ANSI C compiler:
and if that doesn't work, install pre-built binaries of GCC for HP-UX. and if that doesn't work, install pre-built binaries of GCC for HP-UX.
HP-UX `make' updates targets which have the same time stamps as
their prerequisites, which makes it generally unusable when shipped
generated files such as `configure' are involved. Use GNU `make'
instead.
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
parse its `<wchar.h>' header file. The option `-nodtk' can be used as parse its `<wchar.h>' header file. The option `-nodtk' can be used as
a workaround. If GNU CC is not installed, it is therefore recommended a workaround. If GNU CC is not installed, it is therefore recommended

View file

@ -1,9 +1,9 @@
# Makefile.in generated by automake 1.11.1 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
# Inc. # Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -37,7 +37,8 @@ subdir = .
DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
$(srcdir)/Makefile.in $(srcdir)/config.h.in \ $(srcdir)/Makefile.in $(srcdir)/config.h.in \
$(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \ $(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \
THANKS config.guess config.sub depcomp install-sh missing THANKS config.guess config.sub depcomp install-sh missing \
mkinstalldirs
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \
@ -46,7 +47,7 @@ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4) $(ACLOCAL_M4)
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
configure.lineno config.status.lineno configure.lineno config.status.lineno
mkinstalldirs = $(install_sh) -d mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = config.h CONFIG_HEADER = config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES = CONFIG_CLEAN_VPATH_FILES =
@ -71,9 +72,11 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION) distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir) top_distdir = $(distdir)
am__remove_distdir = \ am__remove_distdir = \
{ test ! -d "$(distdir)" \ if test -d "$(distdir)"; then \
|| { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
&& rm -fr "$(distdir)"; }; } && rm -rf "$(distdir)" \
|| { sleep 5 && rm -rf "$(distdir)"; }; \
else :; fi
am__relativize = \ am__relativize = \
dir0=`pwd`; \ dir0=`pwd`; \
sed_first='s,^\([^/]*\)/.*$$,\1,'; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
@ -102,6 +105,8 @@ am__relativize = \
DIST_ARCHIVES = $(distdir).tar.gz DIST_ARCHIVES = $(distdir).tar.gz
GZIP_ENV = --best GZIP_ENV = --best
distuninstallcheck_listfiles = find . -type f -print distuninstallcheck_listfiles = find . -type f -print
am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
| sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
distcleancheck_listfiles = find . -type f -print distcleancheck_listfiles = find . -type f -print
ACLOCAL = @ACLOCAL@ ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@ ALLOCA = @ALLOCA@
@ -210,7 +215,7 @@ all: config.h
$(MAKE) $(AM_MAKEFLAGS) all-recursive $(MAKE) $(AM_MAKEFLAGS) all-recursive
.SUFFIXES: .SUFFIXES:
am--refresh: am--refresh: Makefile
@: @:
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \ @for dep in $?; do \
@ -246,10 +251,8 @@ $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
$(am__aclocal_m4_deps): $(am__aclocal_m4_deps):
config.h: stamp-h1 config.h: stamp-h1
@if test ! -f $@; then \ @if test ! -f $@; then rm -f stamp-h1; else :; fi
rm -f stamp-h1; \ @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) stamp-h1; else :; fi
$(MAKE) $(AM_MAKEFLAGS) stamp-h1; \
else :; fi
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
@rm -f stamp-h1 @rm -f stamp-h1
@ -469,7 +472,11 @@ dist-gzip: distdir
$(am__remove_distdir) $(am__remove_distdir)
dist-bzip2: distdir dist-bzip2: distdir
tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
$(am__remove_distdir)
dist-lzip: distdir
tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
$(am__remove_distdir) $(am__remove_distdir)
dist-lzma: distdir dist-lzma: distdir
@ -477,7 +484,7 @@ dist-lzma: distdir
$(am__remove_distdir) $(am__remove_distdir)
dist-xz: distdir dist-xz: distdir
tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
$(am__remove_distdir) $(am__remove_distdir)
dist-tarZ: distdir dist-tarZ: distdir
@ -508,6 +515,8 @@ distcheck: dist
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lzma*) \ *.tar.lzma*) \
lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
*.tar.lz*) \
lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
*.tar.xz*) \ *.tar.xz*) \
xz -dc $(distdir).tar.xz | $(am__untar) ;;\ xz -dc $(distdir).tar.xz | $(am__untar) ;;\
*.tar.Z*) \ *.tar.Z*) \
@ -527,6 +536,7 @@ distcheck: dist
&& am__cwd=`pwd` \ && am__cwd=`pwd` \
&& $(am__cd) $(distdir)/_build \ && $(am__cd) $(distdir)/_build \
&& ../configure --srcdir=.. --prefix="$$dc_install_base" \ && ../configure --srcdir=.. --prefix="$$dc_install_base" \
$(AM_DISTCHECK_CONFIGURE_FLAGS) \
$(DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \
&& $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) \
&& $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) dvi \
@ -555,8 +565,16 @@ distcheck: dist
list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
distuninstallcheck: distuninstallcheck:
@$(am__cd) '$(distuninstallcheck_dir)' \ @test -n '$(distuninstallcheck_dir)' || { \
&& test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ echo 'ERROR: trying to run $@ with an empty' \
'$$(distuninstallcheck_dir)' >&2; \
exit 1; \
}; \
$(am__cd) '$(distuninstallcheck_dir)' || { \
echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
exit 1; \
}; \
test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
|| { echo "ERROR: files left after uninstall:" ; \ || { echo "ERROR: files left after uninstall:" ; \
if test -n "$(DESTDIR)"; then \ if test -n "$(DESTDIR)"; then \
echo " (check DESTDIR support)"; \ echo " (check DESTDIR support)"; \
@ -587,10 +605,15 @@ install-am: all-am
installcheck: installcheck-recursive installcheck: installcheck-recursive
install-strip: install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ if test -z '$(STRIP)'; then \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
`test -z '$(STRIP)' || \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic: mostlyclean-generic:
clean-generic: clean-generic:
@ -677,17 +700,18 @@ uninstall-am:
.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
all all-am am--refresh check check-am clean clean-generic \ all all-am am--refresh check check-am clean clean-generic \
ctags ctags-recursive dist dist-all dist-bzip2 dist-gzip \ ctags ctags-recursive dist dist-all dist-bzip2 dist-gzip \
dist-lzma dist-shar dist-tarZ dist-xz dist-zip distcheck \ dist-lzip dist-lzma dist-shar dist-tarZ dist-xz dist-zip \
distclean distclean-generic distclean-hdr distclean-tags \ distcheck distclean distclean-generic distclean-hdr \
distcleancheck distdir distuninstallcheck dvi dvi-am html \ distclean-tags distcleancheck distdir distuninstallcheck dvi \
html-am info info-am install install-am install-data \ dvi-am html html-am info info-am install install-am \
install-data-am install-dvi install-dvi-am install-exec \ install-data install-data-am install-dvi install-dvi-am \
install-exec-am install-html install-html-am install-info \ install-exec install-exec-am install-html install-html-am \
install-info-am install-man install-pdf install-pdf-am \ install-info install-info-am install-man install-pdf \
install-ps install-ps-am install-strip installcheck \ install-pdf-am install-ps install-ps-am install-strip \
installcheck-am installdirs installdirs-am maintainer-clean \ installcheck installcheck-am installdirs installdirs-am \
maintainer-clean-generic mostlyclean mostlyclean-generic pdf \ maintainer-clean maintainer-clean-generic mostlyclean \
pdf-am ps ps-am tags tags-recursive uninstall uninstall-am mostlyclean-generic pdf pdf-am ps ps-am tags tags-recursive \
uninstall uninstall-am
ChangeLog: ChangeLog:

17
NEWS
View file

@ -1,3 +1,20 @@
Version 1.0.17 March 10 2012
* The DeviceType option can now be used to select dummy, raw socket, UML and
VDE devices without needing to recompile tinc.
* Allow multiple BindToAddress statements.
* Decrement TTL value of IPv4 and IPv6 packets.
* Add LocalDiscovery option allowing tinc to detect peers that are behind the
same NAT.
* Accept Subnets passed with the -o option when StrictSubnets = yes.
* Disabling old RSA keys when generating new ones now also works properly on
Windows.
Version 1.0.16 July 23 2011 Version 1.0.16 July 23 2011
* Fixed a performance issue with TCP communication under Windows. * Fixed a performance issue with TCP communication under Windows.

6
README
View file

@ -1,7 +1,7 @@
This is the README file for tinc version 1.0.16. Installation This is the README file for tinc version 1.0.17. Installation
instructions may be found in the INSTALL file. instructions may be found in the INSTALL file.
tinc is Copyright (C) 1998-2011 by: tinc is Copyright (C) 1998-2012 by:
Ivo Timmermans, Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>, Guus Sliepen <guus@tinc-vpn.org>,
@ -55,7 +55,7 @@ should be changed into "Device", and "Device" should be changed into
Compatibility Compatibility
------------- -------------
Version 1.0.16 is compatible with 1.0pre8, 1.0 and later, but not with older Version 1.0.17 is compatible with 1.0pre8, 1.0 and later, but not with older
versions of tinc. versions of tinc.

1
THANKS
View file

@ -31,6 +31,7 @@ We would like to thank the following people for their contributions to tinc:
* Menno Smits * Menno Smits
* Michael Tokarev * Michael Tokarev
* Miles Nordin * Miles Nordin
* Nick Hibma
* Nick Patavalis * Nick Patavalis
* Paul Littlefield * Paul Littlefield
* Robert van der Meulen * Robert van der Meulen

74
aclocal.m4 vendored
View file

@ -1,7 +1,8 @@
# generated automatically by aclocal 1.11.1 -*- Autoconf -*- # generated automatically by aclocal 1.11.3 -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
# 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc. # 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,
# Inc.
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -19,12 +20,15 @@ You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely. If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically `autoreconf'.])]) To do so, use the procedure documented by the package, typically `autoreconf'.])])
# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. # Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008, 2011 Free Software
# Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 1
# AM_AUTOMAKE_VERSION(VERSION) # AM_AUTOMAKE_VERSION(VERSION)
# ---------------------------- # ----------------------------
# Automake X.Y traces this macro to ensure aclocal.m4 has been # Automake X.Y traces this macro to ensure aclocal.m4 has been
@ -34,7 +38,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.11' [am__api_version='1.11'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro. dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.11.1], [], m4_if([$1], [1.11.3], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
]) ])
@ -50,19 +54,21 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.11.1])dnl [AM_AUTOMAKE_VERSION([1.11.3])dnl
m4_ifndef([AC_AUTOCONF_VERSION], m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*- # AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. # Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 1
# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to # $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to
# `$srcdir', `$srcdir/..', or `$srcdir/../..'. # `$srcdir', `$srcdir/..', or `$srcdir/../..'.
@ -144,14 +150,14 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]]) Usually this means the macro was only invoked conditionally.]])
fi])]) fi])])
# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009 # Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009,
# Free Software Foundation, Inc. # 2010, 2011 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 10 # serial 12
# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be # There are a few dirty hacks below to avoid letting `AC_PROG_CC' be
# written in clear, in which case automake, when reading aclocal.m4, # written in clear, in which case automake, when reading aclocal.m4,
@ -191,6 +197,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
# instance it was reported that on HP-UX the gcc test will end up # instance it was reported that on HP-UX the gcc test will end up
# making a dummy file named `D' -- because `-MD' means `put the output # making a dummy file named `D' -- because `-MD' means `put the output
# in D'. # in D'.
rm -rf conftest.dir
mkdir conftest.dir mkdir conftest.dir
# Copy depcomp to subdir because otherwise we won't find it if we're # Copy depcomp to subdir because otherwise we won't find it if we're
# using a relative directory. # using a relative directory.
@ -255,7 +262,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
break break
fi fi
;; ;;
msvisualcpp | msvcmsys) msvc7 | msvc7msys | msvisualcpp | msvcmsys)
# This compiler won't grok `-c -o', but also, the minuso test has # This compiler won't grok `-c -o', but also, the minuso test has
# not run yet. These depmodes are late enough in the game, and # not run yet. These depmodes are late enough in the game, and
# so weak that their functioning should not be impacted. # so weak that their functioning should not be impacted.
@ -320,10 +327,13 @@ AC_DEFUN([AM_DEP_TRACK],
if test "x$enable_dependency_tracking" != xno; then if test "x$enable_dependency_tracking" != xno; then
am_depcomp="$ac_aux_dir/depcomp" am_depcomp="$ac_aux_dir/depcomp"
AMDEPBACKSLASH='\' AMDEPBACKSLASH='\'
am__nodep='_no'
fi fi
AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
AC_SUBST([AMDEPBACKSLASH])dnl AC_SUBST([AMDEPBACKSLASH])dnl
_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
AC_SUBST([am__nodep])dnl
_AM_SUBST_NOTMAKE([am__nodep])dnl
]) ])
# Generate code to set up dependency tracking. -*- Autoconf -*- # Generate code to set up dependency tracking. -*- Autoconf -*-
@ -545,12 +555,15 @@ for _am_header in $config_headers :; do
done done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001, 2003, 2005, 2008 Free Software Foundation, Inc. # Copyright (C) 2001, 2003, 2005, 2008, 2011 Free Software Foundation,
# Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 1
# AM_PROG_INSTALL_SH # AM_PROG_INSTALL_SH
# ------------------ # ------------------
# Define $install_sh. # Define $install_sh.
@ -590,8 +603,8 @@ AC_SUBST([am__leading_dot])])
# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- # Add --enable-maintainer-mode option to configure. -*- Autoconf -*-
# From Jim Meyering # From Jim Meyering
# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008 # Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008,
# Free Software Foundation, Inc. # 2011 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -611,7 +624,7 @@ AC_DEFUN([AM_MAINTAINER_MODE],
[disable], [m4_define([am_maintainer_other], [enable])], [disable], [m4_define([am_maintainer_other], [enable])],
[m4_define([am_maintainer_other], [enable]) [m4_define([am_maintainer_other], [enable])
m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])])
AC_MSG_CHECKING([whether to am_maintainer_other maintainer-specific portions of Makefiles]) AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
dnl maintainer-mode's default is 'disable' unless 'enable' is passed dnl maintainer-mode's default is 'disable' unless 'enable' is passed
AC_ARG_ENABLE([maintainer-mode], AC_ARG_ENABLE([maintainer-mode],
[ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful [ --][am_maintainer_other][-maintainer-mode am_maintainer_other make rules and dependencies not useful
@ -722,12 +735,15 @@ else
fi fi
]) ])
# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # Copyright (C) 2003, 2004, 2005, 2006, 2011 Free Software Foundation,
# Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 1
# AM_PROG_MKDIR_P # AM_PROG_MKDIR_P
# --------------- # ---------------
# Check for `mkdir -p'. # Check for `mkdir -p'.
@ -750,13 +766,14 @@ esac
# Helper functions for option handling. -*- Autoconf -*- # Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001, 2002, 2003, 2005, 2008 Free Software Foundation, Inc. # Copyright (C) 2001, 2002, 2003, 2005, 2008, 2010 Free Software
# Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 4 # serial 5
# _AM_MANGLE_OPTION(NAME) # _AM_MANGLE_OPTION(NAME)
# ----------------------- # -----------------------
@ -764,13 +781,13 @@ AC_DEFUN([_AM_MANGLE_OPTION],
[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
# _AM_SET_OPTION(NAME) # _AM_SET_OPTION(NAME)
# ------------------------------ # --------------------
# Set option NAME. Presently that only means defining a flag for this option. # Set option NAME. Presently that only means defining a flag for this option.
AC_DEFUN([_AM_SET_OPTION], AC_DEFUN([_AM_SET_OPTION],
[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) [m4_define(_AM_MANGLE_OPTION([$1]), 1)])
# _AM_SET_OPTIONS(OPTIONS) # _AM_SET_OPTIONS(OPTIONS)
# ---------------------------------- # ------------------------
# OPTIONS is a space-separated list of Automake options. # OPTIONS is a space-separated list of Automake options.
AC_DEFUN([_AM_SET_OPTIONS], AC_DEFUN([_AM_SET_OPTIONS],
[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) [m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
@ -846,12 +863,14 @@ Check your system clock])
fi fi
AC_MSG_RESULT(yes)]) AC_MSG_RESULT(yes)])
# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. # Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 1
# AM_PROG_INSTALL_STRIP # AM_PROG_INSTALL_STRIP
# --------------------- # ---------------------
# One issue with vendor `install' (even GNU) is that you can't # One issue with vendor `install' (even GNU) is that you can't
@ -874,13 +893,13 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])]) AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006, 2008 Free Software Foundation, Inc. # Copyright (C) 2006, 2008, 2010 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
# serial 2 # serial 3
# _AM_SUBST_NOTMAKE(VARIABLE) # _AM_SUBST_NOTMAKE(VARIABLE)
# --------------------------- # ---------------------------
@ -889,13 +908,13 @@ AC_SUBST([INSTALL_STRIP_PROGRAM])])
AC_DEFUN([_AM_SUBST_NOTMAKE]) AC_DEFUN([_AM_SUBST_NOTMAKE])
# AM_SUBST_NOTMAKE(VARIABLE) # AM_SUBST_NOTMAKE(VARIABLE)
# --------------------------- # --------------------------
# Public sister of _AM_SUBST_NOTMAKE. # Public sister of _AM_SUBST_NOTMAKE.
AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*- # Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004, 2005 Free Software Foundation, Inc. # Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -917,10 +936,11 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# a tarball read from stdin. # a tarball read from stdin.
# $(am__untar) < result.tar # $(am__untar) < result.tar
AC_DEFUN([_AM_PROG_TAR], AC_DEFUN([_AM_PROG_TAR],
[# Always define AMTAR for backward compatibility. [# Always define AMTAR for backward compatibility. Yes, it's still used
AM_MISSING_PROG([AMTAR], [tar]) # in the wild :-( We should find a proper way to deprecate it ...
AC_SUBST([AMTAR], ['$${TAR-tar}'])
m4_if([$1], [v7], m4_if([$1], [v7],
[am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
[m4_case([$1], [ustar],, [pax],, [m4_case([$1], [ustar],, [pax],,
[m4_fatal([Unknown tar format])]) [m4_fatal([Unknown tar format])])
AC_MSG_CHECKING([how to create a $1 tar archive]) AC_MSG_CHECKING([how to create a $1 tar archive])

49
config.guess vendored
View file

@ -2,9 +2,9 @@
# Attempt to guess a canonical system name. # Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011 Free Software Foundation, Inc. # 2011, 2012 Free Software Foundation, Inc.
timestamp='2011-05-11' timestamp='2012-02-10'
# This file is free software; you can redistribute it and/or modify it # This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by # under the terms of the GNU General Public License as published by
@ -17,9 +17,7 @@ timestamp='2011-05-11'
# General Public License for more details. # General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software # along with this program; if not, see <http://www.gnu.org/licenses/>.
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
# #
# As a special exception to the GNU General Public License, if you # As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a # distribute this file as part of a program that contains a
@ -57,8 +55,8 @@ GNU config.guess ($timestamp)
Originally written by Per Bothner. Originally written by Per Bothner.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
Software Foundation, Inc. Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -145,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
*:NetBSD:*:*) *:NetBSD:*:*)
# NetBSD (nbsd) targets should (where applicable) match one or # NetBSD (nbsd) targets should (where applicable) match one or
# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
# *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
# switched to ELF, *-*-netbsd* would select the old # switched to ELF, *-*-netbsd* would select the old
# object file format. This provides both forward # object file format. This provides both forward
@ -792,13 +790,12 @@ EOF
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
exit ;; exit ;;
*:FreeBSD:*:*) *:FreeBSD:*:*)
case ${UNAME_MACHINE} in UNAME_PROCESSOR=`/usr/bin/uname -p`
pc98) case ${UNAME_PROCESSOR} in
echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
amd64) amd64)
echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
*) *)
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
esac esac
exit ;; exit ;;
i*:CYGWIN*:*) i*:CYGWIN*:*)
@ -807,6 +804,9 @@ EOF
*:MINGW*:*) *:MINGW*:*)
echo ${UNAME_MACHINE}-pc-mingw32 echo ${UNAME_MACHINE}-pc-mingw32
exit ;; exit ;;
i*:MSYS*:*)
echo ${UNAME_MACHINE}-pc-msys
exit ;;
i*:windows32*:*) i*:windows32*:*)
# uname -m includes "-pc" on this system. # uname -m includes "-pc" on this system.
echo ${UNAME_MACHINE}-mingw32 echo ${UNAME_MACHINE}-mingw32
@ -861,6 +861,13 @@ EOF
i*86:Minix:*:*) i*86:Minix:*:*)
echo ${UNAME_MACHINE}-pc-minix echo ${UNAME_MACHINE}-pc-minix
exit ;; exit ;;
aarch64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
aarch64_be:Linux:*:*)
UNAME_MACHINE=aarch64_be
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
alpha:Linux:*:*) alpha:Linux:*:*)
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
EV5) UNAME_MACHINE=alphaev5 ;; EV5) UNAME_MACHINE=alphaev5 ;;
@ -895,13 +902,16 @@ EOF
echo ${UNAME_MACHINE}-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
cris:Linux:*:*) cris:Linux:*:*)
echo cris-axis-linux-gnu echo ${UNAME_MACHINE}-axis-linux-gnu
exit ;; exit ;;
crisv32:Linux:*:*) crisv32:Linux:*:*)
echo crisv32-axis-linux-gnu echo ${UNAME_MACHINE}-axis-linux-gnu
exit ;; exit ;;
frv:Linux:*:*) frv:Linux:*:*)
echo frv-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
hexagon:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
i*86:Linux:*:*) i*86:Linux:*:*)
LIBC=gnu LIBC=gnu
@ -943,7 +953,7 @@ EOF
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;; ;;
or32:Linux:*:*) or32:Linux:*:*)
echo or32-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
padre:Linux:*:*) padre:Linux:*:*)
echo sparc-unknown-linux-gnu echo sparc-unknown-linux-gnu
@ -978,13 +988,13 @@ EOF
echo ${UNAME_MACHINE}-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
tile*:Linux:*:*) tile*:Linux:*:*)
echo ${UNAME_MACHINE}-tilera-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
vax:Linux:*:*) vax:Linux:*:*)
echo ${UNAME_MACHINE}-dec-linux-gnu echo ${UNAME_MACHINE}-dec-linux-gnu
exit ;; exit ;;
x86_64:Linux:*:*) x86_64:Linux:*:*)
echo x86_64-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;; exit ;;
xtensa*:Linux:*:*) xtensa*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu echo ${UNAME_MACHINE}-unknown-linux-gnu
@ -1315,6 +1325,9 @@ EOF
i*86:AROS:*:*) i*86:AROS:*:*)
echo ${UNAME_MACHINE}-pc-aros echo ${UNAME_MACHINE}-pc-aros
exit ;; exit ;;
x86_64:VMkernel:*:*)
echo ${UNAME_MACHINE}-unknown-esx
exit ;;
esac esac
#echo '(No uname command or uname output not recognized.)' 1>&2 #echo '(No uname command or uname output not recognized.)' 1>&2

View file

@ -14,6 +14,12 @@
/* Support for tunemu */ /* Support for tunemu */
#undef ENABLE_TUNEMU #undef ENABLE_TUNEMU
/* Support for UML */
#undef ENABLE_UML
/* Support for VDE */
#undef ENABLE_VDE
/* Define to 1 if you have `alloca', as a function or macro. */ /* Define to 1 if you have `alloca', as a function or macro. */
#undef HAVE_ALLOCA #undef HAVE_ALLOCA
@ -94,6 +100,9 @@
/* Define to 1 if you have the `socket' library (-lsocket). */ /* Define to 1 if you have the `socket' library (-lsocket). */
#undef HAVE_LIBSOCKET #undef HAVE_LIBSOCKET
/* Define to 1 if you have the <libvdeplug_dyn.h> header file. */
#undef HAVE_LIBVDEPLUG_DYN_H
/* Linux */ /* Linux */
#undef HAVE_LINUX #undef HAVE_LINUX
@ -158,6 +167,9 @@
/* Define to 1 if you have the <netinet/tcp.h> header file. */ /* Define to 1 if you have the <netinet/tcp.h> header file. */
#undef HAVE_NETINET_TCP_H #undef HAVE_NETINET_TCP_H
/* Define to 1 if you have the <netpacket/packet.h> header file. */
#undef HAVE_NETPACKET_PACKET_H
/* Define to 1 if you have the <net/ethernet.h> header file. */ /* Define to 1 if you have the <net/ethernet.h> header file. */
#undef HAVE_NET_ETHERNET_H #undef HAVE_NET_ETHERNET_H

65
config.sub vendored
View file

@ -2,9 +2,9 @@
# Configuration validation subroutine script. # Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011 Free Software Foundation, Inc. # 2011, 2012 Free Software Foundation, Inc.
timestamp='2011-03-23' timestamp='2012-02-10'
# This file is (in principle) common to ALL GNU software. # This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software # The presence of a machine in this file suggests that SOME GNU software
@ -21,9 +21,7 @@ timestamp='2011-03-23'
# GNU General Public License for more details. # GNU General Public License for more details.
# #
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software # along with this program; if not, see <http://www.gnu.org/licenses/>.
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
# #
# As a special exception to the GNU General Public License, if you # As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a # distribute this file as part of a program that contains a
@ -76,8 +74,8 @@ version="\
GNU config.sub ($timestamp) GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
Software Foundation, Inc. Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -132,6 +130,10 @@ case $maybe_os in
os=-$maybe_os os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;; ;;
android-linux)
os=-linux-android
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
;;
*) *)
basic_machine=`echo $1 | sed 's/-[^-]*$//'` basic_machine=`echo $1 | sed 's/-[^-]*$//'`
if [ $basic_machine != $1 ] if [ $basic_machine != $1 ]
@ -247,17 +249,22 @@ case $basic_machine in
# Some are omitted here because they have special meanings below. # Some are omitted here because they have special meanings below.
1750a | 580 \ 1750a | 580 \
| a29k \ | a29k \
| aarch64 | aarch64_be \
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| am33_2.0 \ | am33_2.0 \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
| be32 | be64 \
| bfin \ | bfin \
| c4x | clipper \ | c4x | clipper \
| d10v | d30v | dlx | dsp16xx \ | d10v | d30v | dlx | dsp16xx \
| epiphany \
| fido | fr30 | frv \ | fido | fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| hexagon \
| i370 | i860 | i960 | ia64 \ | i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \ | ip2k | iq2000 \
| le32 | le64 \
| lm32 \ | lm32 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \ | m32c | m32r | m32rle | m68000 | m68k | m88k \
| maxq | mb | microblaze | mcore | mep | metag \ | maxq | mb | microblaze | mcore | mep | metag \
@ -291,7 +298,7 @@ case $basic_machine in
| pdp10 | pdp11 | pj | pjl \ | pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle \ | powerpc | powerpc64 | powerpc64le | powerpcle \
| pyramid \ | pyramid \
| rx \ | rl78 | rx \
| score \ | score \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \ | sh64 | sh64le \
@ -300,7 +307,7 @@ case $basic_machine in
| spu \ | spu \
| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
| ubicom32 \ | ubicom32 \
| v850 | v850e \ | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
| we32k \ | we32k \
| x86 | xc16x | xstormy16 | xtensa \ | x86 | xc16x | xstormy16 | xtensa \
| z8k | z80) | z8k | z80)
@ -315,8 +322,7 @@ case $basic_machine in
c6x) c6x)
basic_machine=tic6x-unknown basic_machine=tic6x-unknown
;; ;;
m6811 | m68hc11 | m6812 | m68hc12 | picochip) m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip)
# Motorola 68HC11/12.
basic_machine=$basic_machine-unknown basic_machine=$basic_machine-unknown
os=-none os=-none
;; ;;
@ -329,7 +335,10 @@ case $basic_machine in
strongarm | thumb | xscale) strongarm | thumb | xscale)
basic_machine=arm-unknown basic_machine=arm-unknown
;; ;;
xgate)
basic_machine=$basic_machine-unknown
os=-none
;;
xscaleeb) xscaleeb)
basic_machine=armeb-unknown basic_machine=armeb-unknown
;; ;;
@ -352,11 +361,13 @@ case $basic_machine in
# Recognize the basic CPU types with company name. # Recognize the basic CPU types with company name.
580-* \ 580-* \
| a29k-* \ | a29k-* \
| aarch64-* | aarch64_be-* \
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* | avr32-* \ | avr-* | avr32-* \
| be32-* | be64-* \
| bfin-* | bs2000-* \ | bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \
| clipper-* | craynv-* | cydra-* \ | clipper-* | craynv-* | cydra-* \
@ -365,8 +376,10 @@ case $basic_machine in
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \ | h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| hexagon-* \
| i*86-* | i860-* | i960-* | ia64-* \ | i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \ | ip2k-* | iq2000-* \
| le32-* | le64-* \
| lm32-* \ | lm32-* \
| m32c-* | m32r-* | m32rle-* \ | m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
@ -400,7 +413,7 @@ case $basic_machine in
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
| pyramid-* \ | pyramid-* \
| romp-* | rs6000-* | rx-* \ | rl78-* | romp-* | rs6000-* | rx-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
@ -408,10 +421,11 @@ case $basic_machine in
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
| tahoe-* \ | tahoe-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tile-* | tilegx-* \ | tile*-* \
| tron-* \ | tron-* \
| ubicom32-* \ | ubicom32-* \
| v850-* | v850e-* | vax-* \ | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
| vax-* \
| we32k-* \ | we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* \ | x86-* | x86_64-* | xc16x-* | xps100-* \
| xstormy16-* | xtensa*-* \ | xstormy16-* | xtensa*-* \
@ -711,7 +725,6 @@ case $basic_machine in
i370-ibm* | ibm*) i370-ibm* | ibm*)
basic_machine=i370-ibm basic_machine=i370-ibm
;; ;;
# I'm not sure what "Sysv32" means. Should this be sysv3.2?
i*86v32) i*86v32)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-sysv32 os=-sysv32
@ -808,10 +821,18 @@ case $basic_machine in
ms1-*) ms1-*)
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
;; ;;
msys)
basic_machine=i386-pc
os=-msys
;;
mvs) mvs)
basic_machine=i370-ibm basic_machine=i370-ibm
os=-mvs os=-mvs
;; ;;
nacl)
basic_machine=le32-unknown
os=-nacl
;;
ncr3000) ncr3000)
basic_machine=i486-ncr basic_machine=i486-ncr
os=-sysv4 os=-sysv4
@ -1120,13 +1141,8 @@ case $basic_machine in
basic_machine=t90-cray basic_machine=t90-cray
os=-unicos os=-unicos
;; ;;
# This must be matched before tile*.
tilegx*)
basic_machine=tilegx-unknown
os=-linux-gnu
;;
tile*) tile*)
basic_machine=tile-unknown basic_machine=$basic_machine-unknown
os=-linux-gnu os=-linux-gnu
;; ;;
tx39) tx39)
@ -1336,7 +1352,7 @@ case $os in
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* | -cegcc* \ | -chorusos* | -chorusrdb* | -cegcc* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -linux-android* \ | -mingw32* | -linux-gnu* | -linux-android* \
| -linux-newlib* | -linux-uclibc* \ | -linux-newlib* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* \ | -uxpv* | -beos* | -mpeix* | -udk* \
@ -1548,9 +1564,6 @@ case $basic_machine in
;; ;;
m68000-sun) m68000-sun)
os=-sunos3 os=-sunos3
# This also exists in the configure program, but was not the
# default.
# os=-sunos4
;; ;;
m68*-cisco) m68*-cisco)
os=-aout os=-aout

85
configure vendored
View file

@ -607,6 +607,10 @@ ALLOCA
LIBOBJS LIBOBJS
TUNEMU_FALSE TUNEMU_FALSE
TUNEMU_TRUE TUNEMU_TRUE
VDE_FALSE
VDE_TRUE
UML_FALSE
UML_TRUE
host_os host_os
host_vendor host_vendor
host_cpu host_cpu
@ -623,6 +627,7 @@ CPP
am__fastdepCC_FALSE am__fastdepCC_FALSE
am__fastdepCC_TRUE am__fastdepCC_TRUE
CCDEPMODE CCDEPMODE
am__nodep
AMDEPBACKSLASH AMDEPBACKSLASH
AMDEP_FALSE AMDEP_FALSE
AMDEP_TRUE AMDEP_TRUE
@ -705,6 +710,8 @@ ac_user_opts='
enable_option_checking enable_option_checking
enable_maintainer_mode enable_maintainer_mode
enable_dependency_tracking enable_dependency_tracking
enable_uml
enable_vde
enable_tunemu enable_tunemu
with_windows2000 with_windows2000
enable_zlib enable_zlib
@ -1351,6 +1358,8 @@ Optional Features:
(and sometimes confusing) to the casual installer (and sometimes confusing) to the casual installer
--disable-dependency-tracking speeds up one-time build --disable-dependency-tracking speeds up one-time build
--enable-dependency-tracking do not reject slow dependency extractors --enable-dependency-tracking do not reject slow dependency extractors
--enable-uml enable support for User Mode Linux
--enable-vde enable support for Virtual Distributed Ethernet
--enable-tunemu enable support for the tunemu driver --enable-tunemu enable support for the tunemu driver
--disable-zlib disable zlib compression support --disable-zlib disable zlib compression support
--disable-lzo disable lzo compression support --disable-lzo disable lzo compression support
@ -2731,7 +2740,7 @@ fi
# Define the identity of the package. # Define the identity of the package.
PACKAGE=tinc PACKAGE=tinc
VERSION=1.0.16 VERSION=1.0.17
cat >>confdefs.h <<_ACEOF cat >>confdefs.h <<_ACEOF
@ -2761,11 +2770,11 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
# We need awk for the "check" target. The system "awk" is bad on # We need awk for the "check" target. The system "awk" is bad on
# some platforms. # some platforms.
# Always define AMTAR for backward compatibility. # Always define AMTAR for backward compatibility. Yes, it's still used
# in the wild :-( We should find a proper way to deprecate it ...
AMTAR='$${TAR-tar}'
AMTAR=${AMTAR-"${am_missing_run}tar"} am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'
am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'
@ -2852,6 +2861,7 @@ fi
if test "x$enable_dependency_tracking" != xno; then if test "x$enable_dependency_tracking" != xno; then
am_depcomp="$ac_aux_dir/depcomp" am_depcomp="$ac_aux_dir/depcomp"
AMDEPBACKSLASH='\' AMDEPBACKSLASH='\'
am__nodep='_no'
fi fi
if test "x$enable_dependency_tracking" != xno; then if test "x$enable_dependency_tracking" != xno; then
AMDEP_TRUE= AMDEP_TRUE=
@ -3665,6 +3675,7 @@ else
# instance it was reported that on HP-UX the gcc test will end up # instance it was reported that on HP-UX the gcc test will end up
# making a dummy file named `D' -- because `-MD' means `put the output # making a dummy file named `D' -- because `-MD' means `put the output
# in D'. # in D'.
rm -rf conftest.dir
mkdir conftest.dir mkdir conftest.dir
# Copy depcomp to subdir because otherwise we won't find it if we're # Copy depcomp to subdir because otherwise we won't find it if we're
# using a relative directory. # using a relative directory.
@ -3724,7 +3735,7 @@ else
break break
fi fi
;; ;;
msvisualcpp | msvcmsys) msvc7 | msvc7msys | msvisualcpp | msvcmsys)
# This compiler won't grok `-c -o', but also, the minuso test has # This compiler won't grok `-c -o', but also, the minuso test has
# not run yet. These depmodes are late enough in the game, and # not run yet. These depmodes are late enough in the game, and
# so weak that their functioning should not be impacted. # so weak that their functioning should not be impacted.
@ -4804,6 +4815,42 @@ $as_echo "#define HAVE_MINGW 1" >>confdefs.h
;; ;;
esac esac
# Check whether --enable-uml was given.
if test "${enable_uml+set}" = set; then :
enableval=$enable_uml;
$as_echo "#define ENABLE_UML 1" >>confdefs.h
uml=true
fi
# Check whether --enable-vde was given.
if test "${enable_vde+set}" = set; then :
enableval=$enable_vde; for ac_header in libvdeplug_dyn.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "libvdeplug_dyn.h" "ac_cv_header_libvdeplug_dyn_h" "$ac_includes_default"
if test "x$ac_cv_header_libvdeplug_dyn_h" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_LIBVDEPLUG_DYN_H 1
_ACEOF
else
as_fn_error $? "VDE plug header files not found." "$LINENO" 5; break
fi
done
$as_echo "#define ENABLE_VDE 1" >>confdefs.h
vde=true
fi
# Check whether --enable-tunemu was given. # Check whether --enable-tunemu was given.
if test "${enable_tunemu+set}" = set; then : if test "${enable_tunemu+set}" = set; then :
enableval=$enable_tunemu; enableval=$enable_tunemu;
@ -4825,6 +4872,22 @@ $as_echo "#define WITH_WINDOWS2000 1" >>confdefs.h
fi fi
if test "$uml" = true; then
UML_TRUE=
UML_FALSE='#'
else
UML_TRUE='#'
UML_FALSE=
fi
if test "$vde" = true; then
VDE_TRUE=
VDE_FALSE='#'
else
VDE_TRUE='#'
VDE_FALSE=
fi
if test "$tunemu" = true; then if test "$tunemu" = true; then
TUNEMU_TRUE= TUNEMU_TRUE=
TUNEMU_FALSE='#' TUNEMU_FALSE='#'
@ -5054,7 +5117,7 @@ fi
done done
for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h
do : do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\"
@ -6768,6 +6831,14 @@ if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
as_fn_error $? "conditional \"am__fastdepCC\" was never defined. as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5 Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi fi
if test -z "${UML_TRUE}" && test -z "${UML_FALSE}"; then
as_fn_error $? "conditional \"UML\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
if test -z "${VDE_TRUE}" && test -z "${VDE_FALSE}"; then
as_fn_error $? "conditional \"VDE\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
if test -z "${TUNEMU_TRUE}" && test -z "${TUNEMU_FALSE}"; then if test -z "${TUNEMU_TRUE}" && test -z "${TUNEMU_FALSE}"; then
as_fn_error $? "conditional \"TUNEMU\" was never defined. as_fn_error $? "conditional \"TUNEMU\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5 Usually this means the macro was only invoked conditionally." "$LINENO" 5

View file

@ -3,7 +3,7 @@ dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61) AC_PREREQ(2.61)
AC_INIT AC_INIT
AC_CONFIG_SRCDIR([src/tincd.c]) AC_CONFIG_SRCDIR([src/tincd.c])
AM_INIT_AUTOMAKE(tinc, 1.0.16) AM_INIT_AUTOMAKE(tinc, 1.0.17)
AC_CONFIG_HEADERS([config.h]) AC_CONFIG_HEADERS([config.h])
AM_MAINTAINER_MODE AM_MAINTAINER_MODE
@ -72,6 +72,21 @@ case $host_os in
;; ;;
esac esac
AC_ARG_ENABLE(uml,
AS_HELP_STRING([--enable-uml], [enable support for User Mode Linux]),
[ AC_DEFINE(ENABLE_UML, 1, [Support for UML])
uml=true
]
)
AC_ARG_ENABLE(vde,
AS_HELP_STRING([--enable-vde], [enable support for Virtual Distributed Ethernet]),
[ AC_CHECK_HEADERS(libvdeplug_dyn.h, [], [AC_MSG_ERROR([VDE plug header files not found.]); break])
AC_DEFINE(ENABLE_VDE, 1, [Support for VDE])
vde=true
]
)
AC_ARG_ENABLE(tunemu, AC_ARG_ENABLE(tunemu,
AS_HELP_STRING([--enable-tunemu], [enable support for the tunemu driver]), AS_HELP_STRING([--enable-tunemu], [enable support for the tunemu driver]),
[ AC_DEFINE(ENABLE_TUNEMU, 1, [Support for tunemu]) [ AC_DEFINE(ENABLE_TUNEMU, 1, [Support for tunemu])
@ -84,6 +99,8 @@ AC_ARG_WITH(windows2000,
[AC_DEFINE(WITH_WINDOWS2000, 1, [Compile with support for Windows 2000])] [AC_DEFINE(WITH_WINDOWS2000, 1, [Compile with support for Windows 2000])]
) )
AM_CONDITIONAL(UML, test "$uml" = true)
AM_CONDITIONAL(VDE, test "$vde" = true)
AM_CONDITIONAL(TUNEMU, test "$tunemu" = true) AM_CONDITIONAL(TUNEMU, test "$tunemu" = true)
AC_CACHE_SAVE AC_CACHE_SAVE
@ -102,7 +119,7 @@ dnl We do this in multiple stages, because unlike Linux all the other operating
AC_HEADER_STDC AC_HEADER_STDC
AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h]) AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h])
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h], AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h],
[], [], [#include "have.h"] [], [], [#include "have.h"]
) )
AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h], AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h],

7
debian/changelog vendored
View file

@ -1,3 +1,10 @@
tinc (1.0.17-1) unstable; urgency=low
* New upstream release.
* Enable support for UML and VDE.
-- Guus Sliepen <guus@debian.org> Sat, 10 Mar 2012 14:50:00 +0100
tinc (1.0.16-1) unstable; urgency=low tinc (1.0.16-1) unstable; urgency=low
* New upstream release. * New upstream release.

4
debian/control vendored
View file

@ -2,8 +2,8 @@ Source: tinc
Section: net Section: net
Priority: optional Priority: optional
Maintainer: Guus Sliepen <guus@debian.org> Maintainer: Guus Sliepen <guus@debian.org>
Standards-Version: 3.9.2 Standards-Version: 3.9.3
Build-Depends: libssl-dev, debhelper (>= 7.0.50~), gettext, texi2html, texinfo, zlib1g-dev, liblzo2-dev Build-Depends: libssl-dev, debhelper (>= 7.0.50~), gettext, texi2html, texinfo, zlib1g-dev, liblzo2-dev, libvdeplug-dev
Homepage: http://www.tinc-vpn.org/ Homepage: http://www.tinc-vpn.org/
Package: tinc Package: tinc

3
debian/rules vendored
View file

@ -12,6 +12,9 @@
%: %:
dh $@ dh $@
override_dh_auto_configure:
dh_auto_configure -- --enable-uml --enable-vde
override_dh_auto_build: override_dh_auto_build:
dh_auto_build dh_auto_build
cd doc && $(MAKE) texi2html cd doc && $(MAKE) texi2html

74
depcomp
View file

@ -1,10 +1,10 @@
#! /bin/sh #! /bin/sh
# depcomp - compile a program generating dependencies as side-effects # depcomp - compile a program generating dependencies as side-effects
scriptversion=2009-04-28.21; # UTC scriptversion=2011-12-04.11; # UTC
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free # Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009, 2010,
# Software Foundation, Inc. # 2011 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@ -44,7 +44,7 @@ Environment variables:
object Object file output by `PROGRAMS ARGS'. object Object file output by `PROGRAMS ARGS'.
DEPDIR directory where to store dependencies. DEPDIR directory where to store dependencies.
depfile Dependency file to output. depfile Dependency file to output.
tmpdepfile Temporary file to use when outputing dependencies. tmpdepfile Temporary file to use when outputting dependencies.
libtool Whether libtool is used (yes/no). libtool Whether libtool is used (yes/no).
Report bugs to <bug-automake@gnu.org>. Report bugs to <bug-automake@gnu.org>.
@ -90,10 +90,18 @@ if test "$depmode" = msvcmsys; then
# This is just like msvisualcpp but w/o cygpath translation. # This is just like msvisualcpp but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward # Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4 # slashes to satisfy depend.m4
cygpath_u="sed s,\\\\\\\\,/,g" cygpath_u='sed s,\\\\,/,g'
depmode=msvisualcpp depmode=msvisualcpp
fi fi
if test "$depmode" = msvc7msys; then
# This is just like msvc7 but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u='sed s,\\\\,/,g'
depmode=msvc7
fi
case "$depmode" in case "$depmode" in
gcc3) gcc3)
## gcc 3 implements dependency tracking that does exactly what ## gcc 3 implements dependency tracking that does exactly what
@ -158,10 +166,12 @@ gcc)
' < "$tmpdepfile" | ' < "$tmpdepfile" |
## Some versions of gcc put a space before the `:'. On the theory ## Some versions of gcc put a space before the `:'. On the theory
## that the space means something, we add a space to the output as ## that the space means something, we add a space to the output as
## well. ## well. hp depmode also adds that space, but also prefixes the VPATH
## to the object. Take care to not repeat it in the output.
## Some versions of the HPUX 10.20 sed can't process this invocation ## Some versions of the HPUX 10.20 sed can't process this invocation
## correctly. Breaking it into two sed invocations is a workaround. ## correctly. Breaking it into two sed invocations is a workaround.
sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile" rm -f "$tmpdepfile"
;; ;;
@ -405,6 +415,52 @@ tru64)
rm -f "$tmpdepfile" rm -f "$tmpdepfile"
;; ;;
msvc7)
if test "$libtool" = yes; then
showIncludes=-Wc,-showIncludes
else
showIncludes=-showIncludes
fi
"$@" $showIncludes > "$tmpdepfile"
stat=$?
grep -v '^Note: including file: ' "$tmpdepfile"
if test "$stat" = 0; then :
else
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
echo "$object : \\" > "$depfile"
# The first sed program below extracts the file names and escapes
# backslashes for cygpath. The second sed program outputs the file
# name when reading, but also accumulates all include files in the
# hold buffer in order to output them again at the end. This only
# works with sed implementations that can handle large buffers.
sed < "$tmpdepfile" -n '
/^Note: including file: *\(.*\)/ {
s//\1/
s/\\/\\\\/g
p
}' | $cygpath_u | sort -u | sed -n '
s/ /\\ /g
s/\(.*\)/ \1 \\/p
s/.\(.*\) \\/\1:/
H
$ {
s/.*/ /
G
p
}' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvc7msys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
#nosideeffect) #nosideeffect)
# This comment above is used by automake to tell side-effect # This comment above is used by automake to tell side-effect
# dependency tracking mechanisms from slower ones. # dependency tracking mechanisms from slower ones.
@ -503,7 +559,9 @@ makedepend)
touch "$tmpdepfile" touch "$tmpdepfile"
${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
rm -f "$depfile" rm -f "$depfile"
cat < "$tmpdepfile" > "$depfile" # makedepend may prepend the VPATH from the source file name to the object.
# No need to regex-escape $object, excess matching of '.' is harmless.
sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
sed '1,2d' "$tmpdepfile" | tr ' ' ' sed '1,2d' "$tmpdepfile" | tr ' ' '
' | \ ' | \
## Some versions of the HPUX 10.20 sed can't process this invocation ## Some versions of the HPUX 10.20 sed can't process this invocation

View file

@ -1,9 +1,9 @@
# Makefile.in generated by automake 1.11.1 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
# Inc. # Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -40,7 +40,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4) $(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = $(top_builddir)/config.h CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES = CONFIG_CLEAN_VPATH_FILES =
@ -81,6 +81,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__uninstall_files_from_dir = { \
test -z "$$files" \
|| { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
|| { echo " ( cd '$$dir' && rm -f" $$files ")"; \
$(am__cd) "$$dir" && rm -f $$files; }; \
}
man5dir = $(mandir)/man5 man5dir = $(mandir)/man5
man8dir = $(mandir)/man8 man8dir = $(mandir)/man8
NROFF = nroff NROFF = nroff
@ -408,9 +414,7 @@ uninstall-man5:
sed -n '/\.5[a-z]*$$/p'; \ sed -n '/\.5[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
test -z "$$files" || { \ dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir)
echo " ( cd '$(DESTDIR)$(man5dir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(man5dir)" && rm -f $$files; }
install-man8: $(man_MANS) install-man8: $(man_MANS)
@$(NORMAL_INSTALL) @$(NORMAL_INSTALL)
test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)"
@ -446,9 +450,7 @@ uninstall-man8:
sed -n '/\.8[a-z]*$$/p'; \ sed -n '/\.8[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
test -z "$$files" || { \ dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir)
echo " ( cd '$(DESTDIR)$(man8dir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(man8dir)" && rm -f $$files; }
tags: TAGS tags: TAGS
TAGS: TAGS:
@ -519,10 +521,15 @@ install-am: all-am
installcheck: installcheck-am installcheck: installcheck-am
install-strip: install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ if test -z '$(STRIP)'; then \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
`test -z '$(STRIP)' || \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic: mostlyclean-generic:
clean-generic: clean-generic:
@ -582,13 +589,14 @@ install-html-am: $(HTMLS)
for p in $$list; do \ for p in $$list; do \
if test -f "$$p" || test -d "$$p"; then d=; else d="$(srcdir)/"; fi; \ if test -f "$$p" || test -d "$$p"; then d=; else d="$(srcdir)/"; fi; \
$(am__strip_dir) \ $(am__strip_dir) \
if test -d "$$d$$p"; then \ d2=$$d$$p; \
if test -d "$$d2"; then \
echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)/$$f'"; \ echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)/$$f'"; \
$(MKDIR_P) "$(DESTDIR)$(htmldir)/$$f" || exit 1; \ $(MKDIR_P) "$(DESTDIR)$(htmldir)/$$f" || exit 1; \
echo " $(INSTALL_DATA) '$$d$$p'/* '$(DESTDIR)$(htmldir)/$$f'"; \ echo " $(INSTALL_DATA) '$$d2'/* '$(DESTDIR)$(htmldir)/$$f'"; \
$(INSTALL_DATA) "$$d$$p"/* "$(DESTDIR)$(htmldir)/$$f" || exit $$?; \ $(INSTALL_DATA) "$$d2"/* "$(DESTDIR)$(htmldir)/$$f" || exit $$?; \
else \ else \
list2="$$list2 $$d$$p"; \ list2="$$list2 $$d2"; \
fi; \ fi; \
done; \ done; \
test -z "$$list2" || { echo "$$list2" | $(am__base_list) | \ test -z "$$list2" || { echo "$$list2" | $(am__base_list) | \
@ -620,8 +628,13 @@ install-info-am: $(INFO_DEPS)
echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(infodir)'"; \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(infodir)'"; \
$(INSTALL_DATA) $$files "$(DESTDIR)$(infodir)" || exit $$?; done $(INSTALL_DATA) $$files "$(DESTDIR)$(infodir)" || exit $$?; done
@$(POST_INSTALL) @$(POST_INSTALL)
@if (install-info --version && \ @am__run_installinfo=yes; \
install-info --version 2>&1 | sed 1q | grep -i -v debian) >/dev/null 2>&1; then \ case $$AM_UPDATE_INFO_DIR in \
n|no|NO) am__run_installinfo=no;; \
*) (install-info --version) >/dev/null 2>&1 \
|| am__run_installinfo=no;; \
esac; \
if test $$am__run_installinfo = yes; then \
list='$(INFO_DEPS)'; test -n "$(infodir)" || list=; \ list='$(INFO_DEPS)'; test -n "$(infodir)" || list=; \
for file in $$list; do \ for file in $$list; do \
relfile=`echo "$$file" | sed 's|^.*/||'`; \ relfile=`echo "$$file" | sed 's|^.*/||'`; \

Binary file not shown.

File diff suppressed because it is too large Load diff

View file

@ -133,7 +133,10 @@ IPv6 listening sockets will be created.
If your computer has more than one IPv4 or IPv6 address, If your computer has more than one IPv4 or IPv6 address,
.Nm tinc .Nm tinc
will by default listen on all of them for incoming connections. will by default listen on all of them for incoming connections.
It is possible to bind only to a single address with this variable. Multiple
.Va BindToAddress
variables may be specified,
in which case listening sockets for each specified address are made.
.Pp .Pp
This option may not work on all platforms. This option may not work on all platforms.
@ -147,6 +150,9 @@ It is possible to bind only to a single interface with this variable.
.Pp .Pp
This option may not work on all platforms. This option may not work on all platforms.
.It Va Broadcast Li = yes | no Po yes Pc Bq experimental
When disabled, tinc will drop all broadcast and multicast packets, in both router and switch mode.
.It Va ConnectTo Li = Ar name .It Va ConnectTo Li = Ar name
Specifies which other tinc daemon to connect to on startup. Specifies which other tinc daemon to connect to on startup.
Multiple Multiple
@ -165,6 +171,14 @@ If you don't specify a host with
won't try to connect to other daemons at all, won't try to connect to other daemons at all,
and will instead just listen for incoming connections. and will instead just listen for incoming connections.
.It Va DecrementTTL Li = yes | no Po yes Pc
When enabled,
.Nm tinc
will decrement the Time To Live field in IPv4 packets, or the Hop Limit field in IPv6 packets,
before forwarding a received packet to the virtual network device or to another node,
and will drop packets that have a TTL value of zero,
in which case it will send an ICMP Time Exceeded packet back.
.It Va Device Li = Ar device Po Pa /dev/tap0 , Pa /dev/net/tun No or other depending on platform Pc .It Va Device Li = Ar device Po Pa /dev/tap0 , Pa /dev/net/tun No or other depending on platform Pc
The virtual network device to use. The virtual network device to use.
.Nm tinc .Nm tinc
@ -177,30 +191,65 @@ instead of
The info pages of the tinc package contain more information The info pages of the tinc package contain more information
about configuring the virtual network device. about configuring the virtual network device.
.It Va DeviceType Li = tun | tunnohead | tunifhead | tap Po only supported on BSD platforms Pc .It Va DeviceType Li = Ar type Pq platform dependent
The type of the virtual network device. The type of the virtual network device.
Tinc will normally automatically select the right type, and this option should not be used. Tinc will normally automatically select the right type of tun/tap interface, and this option should not be used.
However, in case tinc does not seem to correctly interpret packets received from the virtual network device, However, this option can be used to select one of the special interface types, if support for them is compiled in.
using this option might help.
.Bl -tag -width indent .Bl -tag -width indent
.It tun .It dummy
Use a dummy interface.
No packets are ever read or written to a virtual network device.
Useful for testing, or when setting up a node that only forwards packets for other nodes.
.It raw_socket
Open a raw socket, and bind it to a pre-existing
.Va Interface
(eth0 by default).
All packets are read from this interface.
Packets received for the local node are written to the raw socket.
However, at least on Linux, the operating system does not process IP packets destined for the local host.
.It uml Pq not compiled in by default
Create a UNIX socket with the filename specified by
.Va Device ,
or
.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
if not specified.
.Nm tinc
will wait for a User Mode Linux instance to connect to this socket.
.It vde Pq not compiled in by default
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
.Va Device ,
or
.Pa @localstatedir@/run/vde.ctl
if not specified.
.El
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
it can be used to change the way packets are interpreted:
.Bl -tag -width indent
.It tun Pq BSD and Linux
Set type to tun. Set type to tun.
Depending on the platform, this can either be with or without an address family header (see below). Depending on the platform, this can either be with or without an address family header (see below).
.It tunnohead .It tunnohead Pq BSD
Set type to tun without an address family header. Set type to tun without an address family header.
Tinc will expect packets read from the virtual network device to start with an IP header. Tinc will expect packets read from the virtual network device to start with an IP header.
On some platforms IPv6 packets cannot be read from or written to the device in this mode. On some platforms IPv6 packets cannot be read from or written to the device in this mode.
.It tunifhead .It tunifhead Pq BSD
Set type to tun with an address family header. Set type to tun with an address family header.
Tinc will expect packets read from the virtual network device Tinc will expect packets read from the virtual network device
to start with a four byte header containing the address family, to start with a four byte header containing the address family,
followed by an IP header. followed by an IP header.
This mode should support both IPv4 and IPv6 packets. This mode should support both IPv4 and IPv6 packets.
.It tap .It tap Pq BSD and Linux
Set type to tap. Set type to tap.
Tinc will expect packets read from the virtual network device Tinc will expect packets read from the virtual network device
to start with an Ethernet header. to start with an Ethernet header.
@ -271,6 +320,18 @@ This option controls the period the encryption keys used to encrypt the data are
It is common practice to change keys at regular intervals to make it even harder for crackers, It is common practice to change keys at regular intervals to make it even harder for crackers,
even though it is thought to be nearly impossible to crack a single key. even though it is thought to be nearly impossible to crack a single key.
.It Va LocalDiscovery Li = yes | no Po no Pc Bq experimental
When enabled,
.Nm tinc
will try to detect peers that are on the same local network.
This will allow direct communication using LAN addresses, even if both peers are behind a NAT
and they only ConnectTo a third node outside the NAT,
which normally would prevent the peers from learning each other's LAN address.
.Pp
Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
This feature may not work in all possible situations.
.It Va MACExpire Li = Ar seconds Pq 600 .It Va MACExpire Li = Ar seconds Pq 600
This option controls the amount of time MAC addresses are kept before they are removed. This option controls the amount of time MAC addresses are kept before they are removed.
This only has effect when This only has effect when

View file

@ -5,10 +5,10 @@ START-INFO-DIR-ENTRY
* tinc: (tinc). The tinc Manual. * tinc: (tinc). The tinc Manual.
END-INFO-DIR-ENTRY END-INFO-DIR-ENTRY
This is the info manual for tinc version 1.0.15, a Virtual Private This is the info manual for tinc version 1.0.17, a Virtual Private
Network daemon. Network daemon.
Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen
<guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>. <guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>.
Permission is granted to make and distribute verbatim copies of this Permission is granted to make and distribute verbatim copies of this
@ -686,8 +686,9 @@ AddressFamily = <ipv4|ipv6|any> (any)
BindToAddress = <ADDRESS> [experimental] BindToAddress = <ADDRESS> [experimental]
If your computer has more than one IPv4 or IPv6 address, tinc will If your computer has more than one IPv4 or IPv6 address, tinc will
by default listen on all of them for incoming connections. It is by default listen on all of them for incoming connections.
possible to bind only to a single address with this variable. Multiple BindToAddress variables may be specified, in which case
listening sockets for each specified address are made.
This option may not work on all platforms. This option may not work on all platforms.
@ -699,6 +700,10 @@ BindToInterface = <INTERFACE> [experimental]
This option may not work on all platforms. This option may not work on all platforms.
Broadcast = <yes | no> (yes) [experimental]
When disabled, tinc will drop all broadcast and multicast packets,
in both router and switch mode.
ConnectTo = <NAME> ConnectTo = <NAME>
Specifies which other tinc daemon to connect to on startup. Specifies which other tinc daemon to connect to on startup.
Multiple ConnectTo variables may be specified, in which case Multiple ConnectTo variables may be specified, in which case
@ -710,6 +715,13 @@ ConnectTo = <NAME>
connect to other daemons at all, and will instead just listen for connect to other daemons at all, and will instead just listen for
incoming connections. incoming connections.
DecrementTTL = <yes | no> (yes)
When enabled, tinc will decrement the Time To Live field in IPv4
packets, or the Hop Limit field in IPv6 packets, before forwarding
a received packet to the virtual network device or to another node,
and will drop packets that have a TTL value of zero, in which case
it will send an ICMP Time Exceeded packet back.
Device = <DEVICE> (`/dev/tap0', `/dev/net/tun' or other depending on platform) Device = <DEVICE> (`/dev/tap0', `/dev/net/tun' or other depending on platform)
The virtual network device to use. Tinc will automatically detect The virtual network device to use. Tinc will automatically detect
what kind of device it is. Note that you can only use one device what kind of device it is. Note that you can only use one device
@ -717,31 +729,57 @@ Device = <DEVICE> (`/dev/tap0', `/dev/net/tun' or other depending on platform)
that you can only use one device per daemon. See also *note that you can only use one device per daemon. See also *note
Device files::. Device files::.
DeviceType = <tun|tunnohead|tunifhead|tap> (only supported on BSD platforms) DeviceType = <TYPE> (platform dependent)
The type of the virtual network device. Tinc will normally The type of the virtual network device. Tinc will normally
automatically select the right type, and this option should not be automatically select the right type of tun/tap interface, and this
used. However, in case tinc does not seem to correctly interpret option should not be used. However, this option can be used to
packets received from the virtual network device, using this select one of the special interface types, if support for them is
option might help. compiled in.
tun dummy
Use a dummy interface. No packets are ever read or written
to a virtual network device. Useful for testing, or when
setting up a node that only forwards packets for other nodes.
raw_socket
Open a raw socket, and bind it to a pre-existing INTERFACE
(eth0 by default). All packets are read from this interface.
Packets received for the local node are written to the raw
socket. However, at least on Linux, the operating system
does not process IP packets destined for the local host.
uml (not compiled in by default)
Create a UNIX socket with the filename specified by DEVICE,
or `/var/run/NETNAME.umlsocket' if not specified. Tinc will
wait for a User Mode Linux instance to connect to this socket.
vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual
Distributed Ethernet switch, using the UNIX socket specified
by DEVICE, or `/var/run/vde.ctl' if not specified.
Also, in case tinc does not seem to correctly interpret packets
received from the virtual network device, it can be used to change
the way packets are interpreted:
tun (BSD and Linux)
Set type to tun. Depending on the platform, this can either Set type to tun. Depending on the platform, this can either
be with or without an address family header (see below). be with or without an address family header (see below).
tunnohead tunnohead (BSD)
Set type to tun without an address family header. Tinc will Set type to tun without an address family header. Tinc will
expect packets read from the virtual network device to start expect packets read from the virtual network device to start
with an IP header. On some platforms IPv6 packets cannot be with an IP header. On some platforms IPv6 packets cannot be
read from or written to the device in this mode. read from or written to the device in this mode.
tunifhead tunifhead (BSD)
Set type to tun with an address family header. Tinc will Set type to tun with an address family header. Tinc will
expect packets read from the virtual network device to start expect packets read from the virtual network device to start
with a four byte header containing the address family, with a four byte header containing the address family,
followed by an IP header. This mode should support both IPv4 followed by an IP header. This mode should support both IPv4
and IPv6 packets. and IPv6 packets.
tap tap (BSD and Linux)
Set type to tap. Tinc will expect packets read from the Set type to tap. Tinc will expect packets read from the
virtual network device to start with an Ethernet header. virtual network device to start with an Ethernet header.
@ -798,6 +836,17 @@ Interface = <INTERFACE>
interface will be used. If you specified a Device, this variable interface will be used. If you specified a Device, this variable
is almost always already correctly set. is almost always already correctly set.
LocalDiscovery = <yes | no> (no) [experimental]
When enabled, tinc will try to detect peers that are on the same
local network. This will allow direct communication using LAN
addresses, even if both peers are behind a NAT and they only
ConnectTo a third node outside the NAT, which normally would
prevent the peers from learning each other's LAN address.
Currently, local discovery is implemented by sending broadcast
packets to the LAN during path MTU discovery. This feature may
not work in all possible situations.
Mode = <router|switch|hub> (router) Mode = <router|switch|hub> (router)
This option selects the way packets are routed to other daemons. This option selects the way packets are routed to other daemons.
@ -1443,6 +1492,13 @@ command line options.
(you can use the -c or -n option in combination with -K). After (you can use the -c or -n option in combination with -K). After
that, tinc will quit. that, tinc will quit.
`-o, --option=[HOST.]KEY=VALUE'
Without specifying a HOST, this will set server configuration
variable KEY to VALUE. If specified as HOST.KEY=VALUE, this will
set the host configuration variable KEY of the host named HOST to
VALUE. This option can be used more than once to specify multiple
configuration variables.
`-L, --mlock' `-L, --mlock'
Lock tinc into main memory. This will prevent sensitive data like Lock tinc into main memory. This will prevent sensitive data like
shared private keys to be written to the system swap shared private keys to be written to the system swap
@ -2290,7 +2346,9 @@ Concept Index
* BindToAddress: Main configuration variables. * BindToAddress: Main configuration variables.
(line 12) (line 12)
* BindToInterface: Main configuration variables. * BindToInterface: Main configuration variables.
(line 19) (line 20)
* Broadcast: Main configuration variables.
(line 28)
* Cabal: Security. (line 6) * Cabal: Security. (line 6)
* CHAL_REPLY: Authentication protocol. * CHAL_REPLY: Authentication protocol.
(line 10) (line 10)
@ -2309,23 +2367,27 @@ Concept Index
(line 24) (line 24)
* connection: The connection. (line 6) * connection: The connection. (line 6)
* ConnectTo: Main configuration variables. * ConnectTo: Main configuration variables.
(line 27) (line 32)
* daemon: Running tinc. (line 11) * daemon: Running tinc. (line 11)
* data-protocol: The meta-connection. (line 18) * data-protocol: The meta-connection. (line 18)
* debug level: Runtime options. (line 17) * debug level: Runtime options. (line 17)
* debug levels: Debug levels. (line 6) * debug levels: Debug levels. (line 6)
* DecrementTTL: Main configuration variables.
(line 43)
* DEL_EDGE: The meta-protocol. (line 47) * DEL_EDGE: The meta-protocol. (line 47)
* DEL_SUBNET: The meta-protocol. (line 47) * DEL_SUBNET: The meta-protocol. (line 47)
* DEVICE: Scripts. (line 55) * DEVICE: Scripts. (line 55)
* Device: Main configuration variables. * Device: Main configuration variables.
(line 38) (line 50)
* device files: Device files. (line 6) * device files: Device files. (line 6)
* DeviceType: Main configuration variables. * DeviceType: Main configuration variables.
(line 45) (line 57)
* Digest: Host configuration variables. * Digest: Host configuration variables.
(line 29) (line 29)
* DirectOnly: Main configuration variables. * DirectOnly: Main configuration variables.
(line 73) (line 111)
* dummy: Main configuration variables.
(line 64)
* encapsulating: The UDP tunnel. (line 30) * encapsulating: The UDP tunnel. (line 30)
* encryption: Encryption of network packets. * encryption: Encryption of network packets.
(line 6) (line 6)
@ -2333,42 +2395,44 @@ Concept Index
* example: Example configuration. * example: Example configuration.
(line 6) (line 6)
* Forwarding: Main configuration variables. * Forwarding: Main configuration variables.
(line 80) (line 118)
* frame type: The UDP tunnel. (line 6) * frame type: The UDP tunnel. (line 6)
* GraphDumpFile: Main configuration variables. * GraphDumpFile: Main configuration variables.
(line 100) (line 138)
* Hostnames: Main configuration variables. * Hostnames: Main configuration variables.
(line 108) (line 146)
* hub: Main configuration variables. * hub: Main configuration variables.
(line 149) (line 198)
* ID: Authentication protocol. * ID: Authentication protocol.
(line 10) (line 10)
* IndirectData: Host configuration variables. * IndirectData: Host configuration variables.
(line 34) (line 34)
* INTERFACE: Scripts. (line 58) * INTERFACE: Scripts. (line 58)
* Interface: Main configuration variables. * Interface: Main configuration variables.
(line 118) (line 156)
* IRC: Contact information. (line 9) * IRC: Contact information. (line 9)
* key generation: Generating keypairs. (line 6) * key generation: Generating keypairs. (line 6)
* KEY_CHANGED: The meta-protocol. (line 64) * KEY_CHANGED: The meta-protocol. (line 64)
* KeyExpire: Main configuration variables. * KeyExpire: Main configuration variables.
(line 154) (line 203)
* libraries: Libraries. (line 6) * libraries: Libraries. (line 6)
* license: OpenSSL. (line 36) * license: OpenSSL. (line 36)
* LocalDiscovery: Main configuration variables.
(line 164)
* lzo: lzo. (line 6) * lzo: lzo. (line 6)
* MACExpire: Main configuration variables. * MACExpire: Main configuration variables.
(line 160) (line 209)
* MACLength: Host configuration variables. * MACLength: Host configuration variables.
(line 42) (line 42)
* meta-protocol: The meta-connection. (line 18) * meta-protocol: The meta-connection. (line 18)
* META_KEY: Authentication protocol. * META_KEY: Authentication protocol.
(line 10) (line 10)
* Mode: Main configuration variables. * Mode: Main configuration variables.
(line 126) (line 175)
* multiple networks: Multiple networks. (line 6) * multiple networks: Multiple networks. (line 6)
* NAME: Scripts. (line 52) * NAME: Scripts. (line 52)
* Name: Main configuration variables. * Name: Main configuration variables.
(line 165) (line 214)
* netmask: Network interfaces. (line 34) * netmask: Network interfaces. (line 34)
* NETNAME: Scripts. (line 49) * NETNAME: Scripts. (line 49)
* netname: Multiple networks. (line 6) * netname: Multiple networks. (line 6)
@ -2381,9 +2445,9 @@ Concept Index
(line 67) (line 67)
* PING: The meta-protocol. (line 89) * PING: The meta-protocol. (line 89)
* PingInterval: Main configuration variables. * PingInterval: Main configuration variables.
(line 170) (line 219)
* PingTimeout: Main configuration variables. * PingTimeout: Main configuration variables.
(line 174) (line 223)
* platforms: Supported platforms. (line 6) * platforms: Supported platforms. (line 6)
* PMTU: Host configuration variables. * PMTU: Host configuration variables.
(line 47) (line 47)
@ -2394,28 +2458,30 @@ Concept Index
(line 55) (line 55)
* port numbers: Other files. (line 17) * port numbers: Other files. (line 17)
* PriorityInheritance: Main configuration variables. * PriorityInheritance: Main configuration variables.
(line 180) (line 229)
* private: Virtual Private Networks. * private: Virtual Private Networks.
(line 10) (line 10)
* PrivateKey: Main configuration variables. * PrivateKey: Main configuration variables.
(line 185) (line 234)
* PrivateKeyFile: Main configuration variables. * PrivateKeyFile: Main configuration variables.
(line 191) (line 240)
* ProcessPriority: Main configuration variables. * ProcessPriority: Main configuration variables.
(line 199) (line 248)
* PublicKey: Host configuration variables. * PublicKey: Host configuration variables.
(line 59) (line 59)
* PublicKeyFile: Host configuration variables. * PublicKeyFile: Host configuration variables.
(line 62) (line 62)
* raw_socket: Main configuration variables.
(line 69)
* release: Supported platforms. (line 14) * release: Supported platforms. (line 14)
* REMOTEADDRESS: Scripts. (line 67) * REMOTEADDRESS: Scripts. (line 67)
* REMOTEPORT: Scripts. (line 70) * REMOTEPORT: Scripts. (line 70)
* ReplayWindow: Main configuration variables. * ReplayWindow: Main configuration variables.
(line 204) (line 253)
* REQ_KEY: The meta-protocol. (line 64) * REQ_KEY: The meta-protocol. (line 64)
* requirements: Libraries. (line 6) * requirements: Libraries. (line 6)
* router: Main configuration variables. * router: Main configuration variables.
(line 129) (line 178)
* runtime options: Runtime options. (line 9) * runtime options: Runtime options. (line 9)
* scalability: tinc. (line 19) * scalability: tinc. (line 19)
* scripts: Scripts. (line 6) * scripts: Scripts. (line 6)
@ -2423,7 +2489,7 @@ Concept Index
(line 18) (line 18)
* signals: Signals. (line 6) * signals: Signals. (line 6)
* StrictSubnets: Main configuration variables. * StrictSubnets: Main configuration variables.
(line 215) (line 264)
* SUBNET: Scripts. (line 74) * SUBNET: Scripts. (line 74)
* Subnet: Host configuration variables. * Subnet: Host configuration variables.
(line 74) (line 74)
@ -2431,7 +2497,7 @@ Concept Index
(line 97) (line 97)
* SVPN: Security. (line 11) * SVPN: Security. (line 11)
* switch: Main configuration variables. * switch: Main configuration variables.
(line 138) (line 187)
* TCP: The meta-connection. (line 10) * TCP: The meta-connection. (line 10)
* TCPonly: Host configuration variables. * TCPonly: Host configuration variables.
(line 104) (line 104)
@ -2443,20 +2509,24 @@ Concept Index
* tincd: tinc. (line 14) * tincd: tinc. (line 14)
* traditional VPNs: tinc. (line 19) * traditional VPNs: tinc. (line 19)
* tunifhead: Main configuration variables. * tunifhead: Main configuration variables.
(line 62) (line 100)
* TunnelServer: Main configuration variables. * TunnelServer: Main configuration variables.
(line 220) (line 269)
* tunnohead: Main configuration variables. * tunnohead: Main configuration variables.
(line 56) (line 94)
* UDP <1>: Encryption of network packets. * UDP <1>: Encryption of network packets.
(line 12) (line 12)
* UDP: The UDP tunnel. (line 30) * UDP: The UDP tunnel. (line 30)
* UDPRcvBuf: Main configuration variables. * UDPRcvBuf: Main configuration variables.
(line 227) (line 276)
* UDPSndBuf: Main configuration variables. * UDPSndBuf: Main configuration variables.
(line 232) (line 281)
* UML: Main configuration variables.
(line 76)
* Universal tun/tap: Configuration of Linux kernels. * Universal tun/tap: Configuration of Linux kernels.
(line 6) (line 6)
* VDE: Main configuration variables.
(line 81)
* virtual: Virtual Private Networks. * virtual: Virtual Private Networks.
(line 18) (line 18)
* virtual network device: The UDP tunnel. (line 6) * virtual network device: The UDP tunnel. (line 6)
@ -2502,34 +2572,34 @@ Node: Multiple networks21169
Node: How connections work22595 Node: How connections work22595
Node: Configuration files23817 Node: Configuration files23817
Node: Main configuration variables25204 Node: Main configuration variables25204
Node: Host configuration variables35709 Node: Host configuration variables38105
Node: Scripts41120 Node: Scripts43516
Node: How to configure43890 Node: How to configure46286
Node: Generating keypairs45153 Node: Generating keypairs47549
Node: Network interfaces45652 Node: Network interfaces48048
Node: Example configuration47500 Node: Example configuration49896
Node: Running tinc52823 Node: Running tinc55219
Node: Runtime options53413 Node: Runtime options55809
Node: Signals56369 Node: Signals59109
Node: Debug levels57561 Node: Debug levels60301
Node: Solving problems58497 Node: Solving problems61237
Node: Error messages60049 Node: Error messages62789
Node: Sending bug reports64062 Node: Sending bug reports66802
Node: Technical information65014 Node: Technical information67754
Node: The connection65245 Node: The connection67985
Node: The UDP tunnel65557 Node: The UDP tunnel68297
Node: The meta-connection68618 Node: The meta-connection71358
Node: The meta-protocol70087 Node: The meta-protocol72827
Node: Security75096 Node: Security77836
Node: Authentication protocol76226 Node: Authentication protocol78966
Node: Encryption of network packets81230 Node: Encryption of network packets83970
Node: Security issues82603 Node: Security issues85343
Node: Platform specific information84220 Node: Platform specific information86960
Node: Interface configuration84448 Node: Interface configuration87188
Node: Routes86347 Node: Routes89087
Node: About us88263 Node: About us91003
Node: Contact information88438 Node: Contact information91178
Node: Authors88842 Node: Authors91582
Node: Concept Index89247 Node: Concept Index91987
 
End Tag Table End Tag Table

View file

@ -15,7 +15,7 @@
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2011 Ivo Timmermans, Copyright @copyright{} 1998-2012 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>. Wessel Dankers <wsl@@tinc-vpn.org>.
@ -39,7 +39,7 @@ permission notice identical to this one.
@vskip 0pt plus 1filll @vskip 0pt plus 1filll
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2011 Ivo Timmermans, Copyright @copyright{} 1998-2012 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>. Wessel Dankers <wsl@@tinc-vpn.org>.
@ -759,7 +759,8 @@ both IPv4 and IPv6 or just IPv6 listening sockets will be created.
@item BindToAddress = <@var{address}> [experimental] @item BindToAddress = <@var{address}> [experimental]
If your computer has more than one IPv4 or IPv6 address, tinc If your computer has more than one IPv4 or IPv6 address, tinc
will by default listen on all of them for incoming connections. will by default listen on all of them for incoming connections.
It is possible to bind only to a single address with this variable. Multiple BindToAddress variables may be specified,
in which case listening sockets for each specified address are made.
This option may not work on all platforms. This option may not work on all platforms.
@ -772,6 +773,10 @@ variable.
This option may not work on all platforms. This option may not work on all platforms.
@cindex Broadcast
@item Broadcast = <yes | no> (yes) [experimental]
When disabled, tinc will drop all broadcast and multicast packets, in both router and switch mode.
@cindex ConnectTo @cindex ConnectTo
@item ConnectTo = <@var{name}> @item ConnectTo = <@var{name}>
Specifies which other tinc daemon to connect to on startup. Specifies which other tinc daemon to connect to on startup.
@ -784,6 +789,13 @@ If you don't specify a host with ConnectTo,
tinc won't try to connect to other daemons at all, tinc won't try to connect to other daemons at all,
and will instead just listen for incoming connections. and will instead just listen for incoming connections.
@cindex DecrementTTL
@item DecrementTTL = <yes | no> (yes)
When enabled, tinc will decrement the Time To Live field in IPv4 packets, or the Hop Limit field in IPv6 packets,
before forwarding a received packet to the virtual network device or to another node,
and will drop packets that have a TTL value of zero,
in which case it will send an ICMP Time Exceeded packet back.
@cindex Device @cindex Device
@item Device = <@var{device}> (@file{/dev/tap0}, @file{/dev/net/tun} or other depending on platform) @item Device = <@var{device}> (@file{/dev/tap0}, @file{/dev/net/tun} or other depending on platform)
The virtual network device to use. The virtual network device to use.
@ -794,32 +806,64 @@ Note that you can only use one device per daemon.
See also @ref{Device files}. See also @ref{Device files}.
@cindex DeviceType @cindex DeviceType
@item DeviceType = <tun|tunnohead|tunifhead|tap> (only supported on BSD platforms) @item DeviceType = <@var{type}> (platform dependent)
The type of the virtual network device. The type of the virtual network device.
Tinc will normally automatically select the right type, and this option should not be used. Tinc will normally automatically select the right type of tun/tap interface, and this option should not be used.
However, in case tinc does not seem to correctly interpret packets received from the virtual network device, However, this option can be used to select one of the special interface types, if support for them is compiled in.
using this option might help.
@table @asis @table @asis
@item tun @cindex dummy
@item dummy
Use a dummy interface.
No packets are ever read or written to a virtual network device.
Useful for testing, or when setting up a node that only forwards packets for other nodes.
@cindex raw_socket
@item raw_socket
Open a raw socket, and bind it to a pre-existing
@var{Interface} (eth0 by default).
All packets are read from this interface.
Packets received for the local node are written to the raw socket.
However, at least on Linux, the operating system does not process IP packets destined for the local host.
@cindex UML
@item uml (not compiled in by default)
Create a UNIX socket with the filename specified by
@var{Device}, or @file{@value{localstatedir}/run/@var{netname}.umlsocket}
if not specified.
Tinc will wait for a User Mode Linux instance to connect to this socket.
@cindex VDE
@item vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
@var{Device}, or @file{@value{localstatedir}/run/vde.ctl}
if not specified.
@end table
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
it can be used to change the way packets are interpreted:
@table @asis
@item tun (BSD and Linux)
Set type to tun. Set type to tun.
Depending on the platform, this can either be with or without an address family header (see below). Depending on the platform, this can either be with or without an address family header (see below).
@cindex tunnohead @cindex tunnohead
@item tunnohead @item tunnohead (BSD)
Set type to tun without an address family header. Set type to tun without an address family header.
Tinc will expect packets read from the virtual network device to start with an IP header. Tinc will expect packets read from the virtual network device to start with an IP header.
On some platforms IPv6 packets cannot be read from or written to the device in this mode. On some platforms IPv6 packets cannot be read from or written to the device in this mode.
@cindex tunifhead @cindex tunifhead
@item tunifhead @item tunifhead (BSD)
Set type to tun with an address family header. Set type to tun with an address family header.
Tinc will expect packets read from the virtual network device Tinc will expect packets read from the virtual network device
to start with a four byte header containing the address family, to start with a four byte header containing the address family,
followed by an IP header. followed by an IP header.
This mode should support both IPv4 and IPv6 packets. This mode should support both IPv4 and IPv6 packets.
@item tap @item tap (BSD and Linux)
Set type to tap. Set type to tap.
Tinc will expect packets read from the virtual network device Tinc will expect packets read from the virtual network device
to start with an Ethernet header. to start with an Ethernet header.
@ -879,6 +923,16 @@ Depending on the operating system and the type of device this may or may not act
Under Windows, this variable is used to select which network interface will be used. Under Windows, this variable is used to select which network interface will be used.
If you specified a Device, this variable is almost always already correctly set. If you specified a Device, this variable is almost always already correctly set.
@cindex LocalDiscovery
@item LocalDiscovery = <yes | no> (no) [experimental]
When enabled, tinc will try to detect peers that are on the same local network.
This will allow direct communication using LAN addresses, even if both peers are behind a NAT
and they only ConnectTo a third node outside the NAT,
which normally would prevent the peers from learning each other's LAN address.
Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
This feature may not work in all possible situations.
@cindex Mode @cindex Mode
@item Mode = <router|switch|hub> (router) @item Mode = <router|switch|hub> (router)
This option selects the way packets are routed to other daemons. This option selects the way packets are routed to other daemons.
@ -1577,6 +1631,12 @@ Generate public/private keypair of @var{bits} length. If @var{bits} is not speci
but will default to the configuration directory (you can use the -c or -n option but will default to the configuration directory (you can use the -c or -n option
in combination with -K). After that, tinc will quit. in combination with -K). After that, tinc will quit.
@item -o, --option=[@var{HOST}.]@var{KEY}=@var{VALUE}
Without specifying a @var{HOST}, this will set server configuration variable @var{KEY} to @var{VALUE}.
If specified as @var{HOST}.@var{KEY}=@var{VALUE},
this will set the host configuration variable @var{KEY} of the host named @var{HOST} to @var{VALUE}.
This option can be used more than once to specify multiple configuration variables.
@item -L, --mlock @item -L, --mlock
Lock tinc into main memory. Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.

View file

@ -8,13 +8,14 @@
.Nd tinc VPN daemon .Nd tinc VPN daemon
.Sh SYNOPSIS .Sh SYNOPSIS
.Nm .Nm
.Op Fl cdDkKnLRU .Op Fl cdDkKnoLRU
.Op Fl -config Ns = Ns Ar DIR .Op Fl -config Ns = Ns Ar DIR
.Op Fl -no-detach .Op Fl -no-detach
.Op Fl -debug Ns Op = Ns Ar LEVEL .Op Fl -debug Ns Op = Ns Ar LEVEL
.Op Fl -kill Ns Op = Ns Ar SIGNAL .Op Fl -kill Ns Op = Ns Ar SIGNAL
.Op Fl -net Ns = Ns Ar NETNAME .Op Fl -net Ns = Ns Ar NETNAME
.Op Fl -generate-keys Ns Op = Ns Ar BITS .Op Fl -generate-keys Ns Op = Ns Ar BITS
.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE
.Op Fl -mlock .Op Fl -mlock
.Op Fl -logfile Ns Op = Ns Ar FILE .Op Fl -logfile Ns Op = Ns Ar FILE
.Op Fl -pidfile Ns = Ns Ar FILE .Op Fl -pidfile Ns = Ns Ar FILE
@ -79,6 +80,22 @@ If
is omitted, the default length will be 2048 bits. is omitted, the default length will be 2048 bits.
When saving keys to existing files, tinc will not delete the old keys, When saving keys to existing files, tinc will not delete the old keys,
you have to remove them manually. you have to remove them manually.
.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE
Without specifying a
.Ar HOST ,
this will set server configuration variable
.Ar KEY
to
.Ar VALUE .
If specified as
.Ar HOST.KEY=VALUE ,
this will set the host configuration variable
.Ar KEY
of the host named
.Ar HOST
to
.Ar VALUE .
This option can be used more than once to specify multiple configuration variables.
.It Fl L, -mlock .It Fl L, -mlock
Lock tinc into main memory. Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.

View file

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# install - install a program, script, or datafile # install - install a program, script, or datafile
scriptversion=2009-04-28.21; # UTC scriptversion=2011-01-19.21; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was # This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the # later released in X11R6 (xc/config/util/install.sh) with the
@ -156,6 +156,10 @@ while test $# -ne 0; do
-s) stripcmd=$stripprog;; -s) stripcmd=$stripprog;;
-t) dst_arg=$2 -t) dst_arg=$2
# Protect names problematic for `test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;; shift;;
-T) no_target_directory=true;; -T) no_target_directory=true;;
@ -186,6 +190,10 @@ if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
fi fi
shift # arg shift # arg
dst_arg=$arg dst_arg=$arg
# Protect names problematic for `test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done done
fi fi
@ -200,7 +208,11 @@ if test $# -eq 0; then
fi fi
if test -z "$dir_arg"; then if test -z "$dir_arg"; then
trap '(exit $?); exit' 1 2 13 15 do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes. # Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps. # However, 'strip' requires both read and write access to temps.
@ -228,9 +240,9 @@ fi
for src for src
do do
# Protect names starting with `-'. # Protect names problematic for `test' and other utilities.
case $src in case $src in
-*) src=./$src;; -* | [=\(\)!]) src=./$src;;
esac esac
if test -n "$dir_arg"; then if test -n "$dir_arg"; then
@ -252,12 +264,7 @@ do
echo "$0: no destination specified." >&2 echo "$0: no destination specified." >&2
exit 1 exit 1
fi fi
dst=$dst_arg dst=$dst_arg
# Protect names starting with `-'.
case $dst in
-*) dst=./$dst;;
esac
# If destination is a directory, append the input filename; won't work # If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored. # if double slashes aren't ignored.
@ -385,7 +392,7 @@ do
case $dstdir in case $dstdir in
/*) prefix='/';; /*) prefix='/';;
-*) prefix='./';; [-=\(\)!]*) prefix='./';;
*) prefix='';; *) prefix='';;
esac esac
@ -403,7 +410,7 @@ do
for d for d
do do
test -z "$d" && continue test X"$d" = X && continue
prefix=$prefix$d prefix=$prefix$d
if test -d "$prefix"; then if test -d "$prefix"; then

View file

@ -1,9 +1,9 @@
# Makefile.in generated by automake 1.11.1 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
# Inc. # Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -44,7 +44,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4) $(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = $(top_builddir)/config.h CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES = CONFIG_CLEAN_VPATH_FILES =
@ -213,7 +213,7 @@ $(am__aclocal_m4_deps):
clean-noinstLIBRARIES: clean-noinstLIBRARIES:
-test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES)
libvpn.a: $(libvpn_a_OBJECTS) $(libvpn_a_DEPENDENCIES) libvpn.a: $(libvpn_a_OBJECTS) $(libvpn_a_DEPENDENCIES) $(EXTRA_libvpn_a_DEPENDENCIES)
-rm -f libvpn.a -rm -f libvpn.a
$(libvpn_a_AR) libvpn.a $(libvpn_a_OBJECTS) $(libvpn_a_LIBADD) $(libvpn_a_AR) libvpn.a $(libvpn_a_OBJECTS) $(libvpn_a_LIBADD)
$(RANLIB) libvpn.a $(RANLIB) libvpn.a
@ -349,10 +349,15 @@ install-am: all-am
installcheck: installcheck-am installcheck: installcheck-am
install-strip: install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ if test -z '$(STRIP)'; then \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
`test -z '$(STRIP)' || \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic: mostlyclean-generic:
clean-generic: clean-generic:

View file

@ -1,7 +1,7 @@
/* /*
ipv4.h -- missing IPv4 related definitions ipv4.h -- missing IPv4 related definitions
Copyright (C) 2005 Ivo Timmermans Copyright (C) 2005 Ivo Timmermans
2006 Guus Sliepen <guus@tinc-vpn.org> 2006-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -41,6 +41,14 @@
#define ICMP_NET_UNKNOWN 6 #define ICMP_NET_UNKNOWN 6
#endif #endif
#ifndef ICMP_TIME_EXCEEDED
#define ICMP_TIME_EXCEEDED 11
#endif
#ifndef ICMP_EXC_TTL
#define ICMP_EXC_TTL 0
#endif
#ifndef ICMP_NET_UNREACH #ifndef ICMP_NET_UNREACH
#define ICMP_NET_UNREACH 0 #define ICMP_NET_UNREACH 0
#endif #endif

View file

@ -1,7 +1,7 @@
/* /*
ipv6.h -- missing IPv6 related definitions ipv6.h -- missing IPv6 related definitions
Copyright (C) 2005 Ivo Timmermans Copyright (C) 2005 Ivo Timmermans
2006 Guus Sliepen <guus@tinc-vpn.org> 2006-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -95,8 +95,10 @@ struct icmp6_hdr {
#define ICMP6_DST_UNREACH_NOROUTE 0 #define ICMP6_DST_UNREACH_NOROUTE 0
#define ICMP6_DST_UNREACH 1 #define ICMP6_DST_UNREACH 1
#define ICMP6_PACKET_TOO_BIG 2 #define ICMP6_PACKET_TOO_BIG 2
#define ICMP6_TIME_EXCEEDED 3
#define ICMP6_DST_UNREACH_ADMIN 1 #define ICMP6_DST_UNREACH_ADMIN 1
#define ICMP6_DST_UNREACH_ADDR 3 #define ICMP6_DST_UNREACH_ADDR 3
#define ICMP6_TIME_EXCEED_TRANSIT 0
#define ND_NEIGHBOR_SOLICIT 135 #define ND_NEIGHBOR_SOLICIT 135
#define ND_NEIGHBOR_ADVERT 136 #define ND_NEIGHBOR_ADVERT 136
#define icmp6_data32 icmp6_dataun.icmp6_un_data32 #define icmp6_data32 icmp6_dataun.icmp6_un_data32

View file

@ -1,9 +1,9 @@
# Makefile.in generated by automake 1.11.1 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
# Inc. # Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -41,7 +41,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4) $(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = $(top_builddir)/config.h CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES = CONFIG_CLEAN_VPATH_FILES =
@ -232,10 +232,15 @@ install-am: all-am
installcheck: installcheck-am installcheck: installcheck-am
install-strip: install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ if test -z '$(STRIP)'; then \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
`test -z '$(STRIP)' || \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic: mostlyclean-generic:
clean-generic: clean-generic:

53
missing
View file

@ -1,10 +1,10 @@
#! /bin/sh #! /bin/sh
# Common stub for a few missing GNU programs while installing. # Common stub for a few missing GNU programs while installing.
scriptversion=2009-04-28.21; # UTC scriptversion=2012-01-06.13; # UTC
# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, # Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
# 2008, 2009 Free Software Foundation, Inc. # 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. # Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@ -84,7 +84,6 @@ Supported PROGRAM values:
help2man touch the output file help2man touch the output file
lex create \`lex.yy.c', if possible, from existing .c lex create \`lex.yy.c', if possible, from existing .c
makeinfo touch the output file makeinfo touch the output file
tar try tar, gnutar, gtar, then tar without non-portable flags
yacc create \`y.tab.[ch]', if possible, from existing .[ch] yacc create \`y.tab.[ch]', if possible, from existing .[ch]
Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
@ -122,15 +121,6 @@ case $1 in
# Not GNU programs, they don't have --version. # Not GNU programs, they don't have --version.
;; ;;
tar*)
if test -n "$run"; then
echo 1>&2 "ERROR: \`tar' requires --run"
exit 1
elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
exit 1
fi
;;
*) *)
if test -z "$run" && ($1 --version) > /dev/null 2>&1; then if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
# We have it, but it failed. # We have it, but it failed.
@ -226,7 +216,7 @@ WARNING: \`$1' $msg. You should only need it if
\`Bison' from any GNU archive site." \`Bison' from any GNU archive site."
rm -f y.tab.c y.tab.h rm -f y.tab.c y.tab.h
if test $# -ne 1; then if test $# -ne 1; then
eval LASTARG="\${$#}" eval LASTARG=\${$#}
case $LASTARG in case $LASTARG in
*.y) *.y)
SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
@ -256,7 +246,7 @@ WARNING: \`$1' is $msg. You should only need it if
\`Flex' from any GNU archive site." \`Flex' from any GNU archive site."
rm -f lex.yy.c rm -f lex.yy.c
if test $# -ne 1; then if test $# -ne 1; then
eval LASTARG="\${$#}" eval LASTARG=\${$#}
case $LASTARG in case $LASTARG in
*.l) *.l)
SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
@ -318,41 +308,6 @@ WARNING: \`$1' is $msg. You should only need it if
touch $file touch $file
;; ;;
tar*)
shift
# We have already tried tar in the generic part.
# Look for gnutar/gtar before invocation to avoid ugly error
# messages.
if (gnutar --version > /dev/null 2>&1); then
gnutar "$@" && exit 0
fi
if (gtar --version > /dev/null 2>&1); then
gtar "$@" && exit 0
fi
firstarg="$1"
if shift; then
case $firstarg in
*o*)
firstarg=`echo "$firstarg" | sed s/o//`
tar "$firstarg" "$@" && exit 0
;;
esac
case $firstarg in
*h*)
firstarg=`echo "$firstarg" | sed s/h//`
tar "$firstarg" "$@" && exit 0
;;
esac
fi
echo 1>&2 "\
WARNING: I can't seem to be able to run \`tar' with the given arguments.
You may want to install GNU tar or Free paxutils, or check the
command line arguments."
exit 1
;;
*) *)
echo 1>&2 "\ echo 1>&2 "\
WARNING: \`$1' is needed, and is $msg. WARNING: \`$1' is needed, and is $msg.

162
mkinstalldirs Executable file
View file

@ -0,0 +1,162 @@
#! /bin/sh
# mkinstalldirs --- make directory hierarchy
scriptversion=2009-04-28.21; # UTC
# Original author: Noah Friedman <friedman@prep.ai.mit.edu>
# Created: 1993-05-16
# Public domain.
#
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
nl='
'
IFS=" "" $nl"
errstatus=0
dirmode=
usage="\
Usage: mkinstalldirs [-h] [--help] [--version] [-m MODE] DIR ...
Create each directory DIR (with mode MODE, if specified), including all
leading file name components.
Report bugs to <bug-automake@gnu.org>."
# process command line arguments
while test $# -gt 0 ; do
case $1 in
-h | --help | --h*) # -h for help
echo "$usage"
exit $?
;;
-m) # -m PERM arg
shift
test $# -eq 0 && { echo "$usage" 1>&2; exit 1; }
dirmode=$1
shift
;;
--version)
echo "$0 $scriptversion"
exit $?
;;
--) # stop option processing
shift
break
;;
-*) # unknown option
echo "$usage" 1>&2
exit 1
;;
*) # first non-opt arg
break
;;
esac
done
for file
do
if test -d "$file"; then
shift
else
break
fi
done
case $# in
0) exit 0 ;;
esac
# Solaris 8's mkdir -p isn't thread-safe. If you mkdir -p a/b and
# mkdir -p a/c at the same time, both will detect that a is missing,
# one will create a, then the other will try to create a and die with
# a "File exists" error. This is a problem when calling mkinstalldirs
# from a parallel make. We use --version in the probe to restrict
# ourselves to GNU mkdir, which is thread-safe.
case $dirmode in
'')
if mkdir -p --version . >/dev/null 2>&1 && test ! -d ./--version; then
echo "mkdir -p -- $*"
exec mkdir -p -- "$@"
else
# On NextStep and OpenStep, the `mkdir' command does not
# recognize any option. It will interpret all options as
# directories to create, and then abort because `.' already
# exists.
test -d ./-p && rmdir ./-p
test -d ./--version && rmdir ./--version
fi
;;
*)
if mkdir -m "$dirmode" -p --version . >/dev/null 2>&1 &&
test ! -d ./--version; then
echo "mkdir -m $dirmode -p -- $*"
exec mkdir -m "$dirmode" -p -- "$@"
else
# Clean up after NextStep and OpenStep mkdir.
for d in ./-m ./-p ./--version "./$dirmode";
do
test -d $d && rmdir $d
done
fi
;;
esac
for file
do
case $file in
/*) pathcomp=/ ;;
*) pathcomp= ;;
esac
oIFS=$IFS
IFS=/
set fnord $file
shift
IFS=$oIFS
for d
do
test "x$d" = x && continue
pathcomp=$pathcomp$d
case $pathcomp in
-*) pathcomp=./$pathcomp ;;
esac
if test ! -d "$pathcomp"; then
echo "mkdir $pathcomp"
mkdir "$pathcomp" || lasterr=$?
if test ! -d "$pathcomp"; then
errstatus=$lasterr
else
if test ! -z "$dirmode"; then
echo "chmod $dirmode $pathcomp"
lasterr=
chmod "$dirmode" "$pathcomp" || lasterr=$?
if test ! -z "$lasterr"; then
errstatus=$lasterr
fi
fi
fi
fi
pathcomp=$pathcomp/
done
done
exit $errstatus
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:

View file

@ -2,11 +2,20 @@
sbin_PROGRAMS = tincd sbin_PROGRAMS = tincd
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h raw_socket/device.c uml_socket/device.c EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h
tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c meta.c net.c net_packet.c net_setup.c \ tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c meta.c net.c net_packet.c net_setup.c \
net_socket.c netutl.c node.c process.c protocol.c protocol_auth.c protocol_edge.c protocol_misc.c \ net_socket.c netutl.c node.c process.c protocol.c protocol_auth.c protocol_edge.c protocol_misc.c \
protocol_key.c protocol_subnet.c route.c subnet.c tincd.c protocol_key.c protocol_subnet.c route.c subnet.c tincd.c \
dummy_device.c raw_socket_device.c
if UML
tincd_SOURCES += uml_device.c
endif
if VDE
tincd_SOURCES += vde_device.c
endif
if TUNEMU if TUNEMU
tincd_SOURCES += bsd/tunemu.c tincd_SOURCES += bsd/tunemu.c

View file

@ -1,9 +1,9 @@
# Makefile.in generated by automake 1.11.1 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, # 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
# Inc. # Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved. # with or without modifications, as long as this notice is preserved.
@ -36,8 +36,10 @@ POST_UNINSTALL = :
build_triplet = @build@ build_triplet = @build@
host_triplet = @host@ host_triplet = @host@
sbin_PROGRAMS = tincd$(EXEEXT) sbin_PROGRAMS = tincd$(EXEEXT)
@TUNEMU_TRUE@am__append_1 = bsd/tunemu.c @UML_TRUE@am__append_1 = uml_device.c
@TUNEMU_TRUE@am__append_2 = -lpcap @VDE_TRUE@am__append_2 = vde_device.c
@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c
@TUNEMU_TRUE@am__append_4 = -lpcap
subdir = src subdir = src
DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \
$(srcdir)/Makefile.in $(srcdir)/Makefile.in
@ -47,7 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in $(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4) $(ACLOCAL_M4)
mkinstalldirs = $(install_sh) -d mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = $(top_builddir)/config.h CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES = CONFIG_CLEAN_VPATH_FILES =
@ -57,8 +59,11 @@ am__tincd_SOURCES_DIST = conf.c connection.c edge.c event.c graph.c \
logger.c meta.c net.c net_packet.c net_setup.c net_socket.c \ logger.c meta.c net.c net_packet.c net_setup.c net_socket.c \
netutl.c node.c process.c protocol.c protocol_auth.c \ netutl.c node.c process.c protocol.c protocol_auth.c \
protocol_edge.c protocol_misc.c protocol_key.c \ protocol_edge.c protocol_misc.c protocol_key.c \
protocol_subnet.c route.c subnet.c tincd.c bsd/tunemu.c protocol_subnet.c route.c subnet.c tincd.c dummy_device.c \
@TUNEMU_TRUE@am__objects_1 = tunemu.$(OBJEXT) raw_socket_device.c uml_device.c vde_device.c bsd/tunemu.c
@UML_TRUE@am__objects_1 = uml_device.$(OBJEXT)
@VDE_TRUE@am__objects_2 = vde_device.$(OBJEXT)
@TUNEMU_TRUE@am__objects_3 = tunemu.$(OBJEXT)
am_tincd_OBJECTS = conf.$(OBJEXT) connection.$(OBJEXT) edge.$(OBJEXT) \ am_tincd_OBJECTS = conf.$(OBJEXT) connection.$(OBJEXT) edge.$(OBJEXT) \
event.$(OBJEXT) graph.$(OBJEXT) logger.$(OBJEXT) \ event.$(OBJEXT) graph.$(OBJEXT) logger.$(OBJEXT) \
meta.$(OBJEXT) net.$(OBJEXT) net_packet.$(OBJEXT) \ meta.$(OBJEXT) net.$(OBJEXT) net_packet.$(OBJEXT) \
@ -67,7 +72,9 @@ am_tincd_OBJECTS = conf.$(OBJEXT) connection.$(OBJEXT) edge.$(OBJEXT) \
protocol_auth.$(OBJEXT) protocol_edge.$(OBJEXT) \ protocol_auth.$(OBJEXT) protocol_edge.$(OBJEXT) \
protocol_misc.$(OBJEXT) protocol_key.$(OBJEXT) \ protocol_misc.$(OBJEXT) protocol_key.$(OBJEXT) \
protocol_subnet.$(OBJEXT) route.$(OBJEXT) subnet.$(OBJEXT) \ protocol_subnet.$(OBJEXT) route.$(OBJEXT) subnet.$(OBJEXT) \
tincd.$(OBJEXT) $(am__objects_1) tincd.$(OBJEXT) dummy_device.$(OBJEXT) \
raw_socket_device.$(OBJEXT) $(am__objects_1) $(am__objects_2) \
$(am__objects_3)
nodist_tincd_OBJECTS = device.$(OBJEXT) nodist_tincd_OBJECTS = device.$(OBJEXT)
tincd_OBJECTS = $(am_tincd_OBJECTS) $(nodist_tincd_OBJECTS) tincd_OBJECTS = $(am_tincd_OBJECTS) $(nodist_tincd_OBJECTS)
tincd_DEPENDENCIES = $(top_builddir)/lib/libvpn.a tincd_DEPENDENCIES = $(top_builddir)/lib/libvpn.a
@ -113,7 +120,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@ LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@ LIBOBJS = @LIBOBJS@
LIBS = @LIBS@ $(am__append_2) LIBS = @LIBS@ $(am__append_4)
LN_S = @LN_S@ LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@ LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@ MAINT = @MAINT@
@ -183,12 +190,13 @@ target_alias = @target_alias@
top_build_prefix = @top_build_prefix@ top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@ top_srcdir = @top_srcdir@
EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h raw_socket/device.c uml_socket/device.c EXTRA_DIST = linux/device.c bsd/device.c solaris/device.c cygwin/device.c mingw/device.c mingw/common.h
tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c \ tincd_SOURCES = conf.c connection.c edge.c event.c graph.c logger.c \
meta.c net.c net_packet.c net_setup.c net_socket.c netutl.c \ meta.c net.c net_packet.c net_setup.c net_socket.c netutl.c \
node.c process.c protocol.c protocol_auth.c protocol_edge.c \ node.c process.c protocol.c protocol_auth.c protocol_edge.c \
protocol_misc.c protocol_key.c protocol_subnet.c route.c \ protocol_misc.c protocol_key.c protocol_subnet.c route.c \
subnet.c tincd.c $(am__append_1) subnet.c tincd.c dummy_device.c raw_socket_device.c \
$(am__append_1) $(am__append_2) $(am__append_3)
nodist_tincd_SOURCES = device.c nodist_tincd_SOURCES = device.c
DEFAULT_INCLUDES = DEFAULT_INCLUDES =
noinst_HEADERS = conf.h connection.h device.h edge.h event.h graph.h logger.h meta.h net.h netutl.h node.h process.h \ noinst_HEADERS = conf.h connection.h device.h edge.h event.h graph.h logger.h meta.h net.h netutl.h node.h process.h \
@ -269,7 +277,7 @@ uninstall-sbinPROGRAMS:
clean-sbinPROGRAMS: clean-sbinPROGRAMS:
-test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS)
tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES) tincd$(EXEEXT): $(tincd_OBJECTS) $(tincd_DEPENDENCIES) $(EXTRA_tincd_DEPENDENCIES)
@rm -f tincd$(EXEEXT) @rm -f tincd$(EXEEXT)
$(LINK) $(tincd_OBJECTS) $(tincd_LDADD) $(LIBS) $(LINK) $(tincd_OBJECTS) $(tincd_LDADD) $(LIBS)
@ -282,6 +290,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/device.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dummy_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@
@ -300,10 +309,13 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_key.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_key.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_misc.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_misc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/raw_socket_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tunemu.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tunemu.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@
.c.o: .c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@ -435,10 +447,15 @@ install-am: all-am
installcheck: installcheck-am installcheck: installcheck-am
install-strip: install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ if test -z '$(STRIP)'; then \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
`test -z '$(STRIP)' || \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install install; \
else \
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic: mostlyclean-generic:
clean-generic: clean-generic:

View file

@ -1,7 +1,7 @@
/* /*
device.c -- Interaction BSD tun/tap device device.c -- Interaction BSD tun/tap device
Copyright (C) 2001-2005 Ivo Timmermans, Copyright (C) 2001-2005 Ivo Timmermans,
2001-2011 Guus Sliepen <guus@tinc-vpn.org> 2001-2012 Guus Sliepen <guus@tinc-vpn.org>
2009 Grzegorz Dymarek <gregd72002@googlemail.com> 2009 Grzegorz Dymarek <gregd72002@googlemail.com>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -58,7 +58,7 @@ static device_type_t device_type = DEVICE_TYPE_TUNIFHEAD;
static device_type_t device_type = DEVICE_TYPE_TUN; static device_type_t device_type = DEVICE_TYPE_TUN;
#endif #endif
bool setup_device(void) { static bool setup_device(void) {
char *type; char *type;
if(!get_config_string(lookup_config(config_tree, "Device"), &device)) if(!get_config_string(lookup_config(config_tree, "Device"), &device))
@ -106,6 +106,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
switch(device_type) { switch(device_type) {
default: default:
device_type = DEVICE_TYPE_TUN; device_type = DEVICE_TYPE_TUN;
@ -175,7 +179,7 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
switch(device_type) { switch(device_type) {
#ifdef HAVE_TUNEMU #ifdef HAVE_TUNEMU
case DEVICE_TYPE_TUNEMU: case DEVICE_TYPE_TUNEMU:
@ -190,7 +194,7 @@ void close_device(void) {
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
switch(device_type) { switch(device_type) {
@ -282,7 +286,7 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info); packet->len, device_info);
@ -351,8 +355,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t os_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -2,7 +2,7 @@
conf.c -- configuration code conf.c -- configuration code
Copyright (C) 1998 Robert van der Meulen Copyright (C) 1998 Robert van der Meulen
1998-2005 Ivo Timmermans 1998-2005 Ivo Timmermans
2000-2010 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2010-2011 Julien Muchembled <jm@jmuchemb.eu> 2010-2011 Julien Muchembled <jm@jmuchemb.eu>
2000 Cris van Pelt 2000 Cris van Pelt
@ -400,6 +400,70 @@ bool read_connection_config(connection_t *c) {
return x; return x;
} }
static void disable_old_keys(const char *filename) {
char tmpfile[PATH_MAX] = "";
char buf[1024];
bool disabled = false;
FILE *r, *w;
r = fopen(filename, "r");
if(!r)
return;
snprintf(tmpfile, sizeof tmpfile, "%s.tmp", filename);
w = fopen(tmpfile, "w");
while(fgets(buf, sizeof buf, r)) {
if(!strncmp(buf, "-----BEGIN RSA", 14)) {
buf[11] = 'O';
buf[12] = 'L';
buf[13] = 'D';
disabled = true;
}
else if(!strncmp(buf, "-----END RSA", 12)) {
buf[ 9] = 'O';
buf[10] = 'L';
buf[11] = 'D';
disabled = true;
}
if(w && fputs(buf, w) < 0) {
disabled = false;
break;
}
}
if(w)
fclose(w);
fclose(r);
if(!w && disabled) {
fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
return;
}
if(disabled) {
#ifdef HAVE_MINGW
// We cannot atomically replace files on Windows.
char bakfile[PATH_MAX] = "";
snprintf(bakfile, sizeof bakfile, "%s.bak", filename);
if(rename(filename, bakfile) || rename(tmpfile, filename)) {
rename(bakfile, filename);
#else
if(rename(tmpfile, filename)) {
#endif
fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
} else {
#ifdef HAVE_MINGW
unlink(bakfile);
#endif
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
}
}
unlink(tmpfile);
}
FILE *ask_and_open(const char *filename, const char *what) { FILE *ask_and_open(const char *filename, const char *what) {
FILE *r; FILE *r;
char *directory; char *directory;
@ -447,9 +511,11 @@ FILE *ask_and_open(const char *filename, const char *what) {
umask(0077); /* Disallow everything for group and other */ umask(0077); /* Disallow everything for group and other */
disable_old_keys(fn);
/* Open it first to keep the inode busy */ /* Open it first to keep the inode busy */
r = fopen(fn, "r+") ?: fopen(fn, "w+"); r = fopen(fn, "a");
if(!r) { if(!r) {
fprintf(stderr, "Error opening file `%s': %s\n", fprintf(stderr, "Error opening file `%s': %s\n",
@ -460,42 +526,4 @@ FILE *ask_and_open(const char *filename, const char *what) {
return r; return r;
} }
bool disable_old_keys(FILE *f) {
char buf[100];
long pos;
bool disabled = false;
rewind(f);
pos = ftell(f);
if(pos < 0)
return false;
while(fgets(buf, sizeof buf, f)) {
if(!strncmp(buf, "-----BEGIN RSA", 14)) {
buf[11] = 'O';
buf[12] = 'L';
buf[13] = 'D';
if(fseek(f, pos, SEEK_SET))
break;
if(fputs(buf, f) <= 0)
break;
disabled = true;
}
else if(!strncmp(buf, "-----END RSA", 12)) {
buf[ 9] = 'O';
buf[10] = 'L';
buf[11] = 'D';
if(fseek(f, pos, SEEK_SET))
break;
if(fputs(buf, f) <= 0)
break;
disabled = true;
}
pos = ftell(f);
if(pos < 0)
break;
}
return disabled;
}

View file

@ -1,7 +1,7 @@
/* /*
conf.h -- header for conf.c conf.h -- header for conf.c
Copyright (C) 1998-2005 Ivo Timmermans Copyright (C) 1998-2005 Ivo Timmermans
2000-2009 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -63,6 +63,5 @@ extern bool read_server_config(void);
extern bool read_connection_config(struct connection_t *); extern bool read_connection_config(struct connection_t *);
extern FILE *ask_and_open(const char *, const char *); extern FILE *ask_and_open(const char *, const char *);
extern bool is_safe_path(const char *); extern bool is_safe_path(const char *);
extern bool disable_old_keys(FILE *);
#endif /* __TINC_CONF_H__ */ #endif /* __TINC_CONF_H__ */

View file

@ -1,6 +1,6 @@
/* /*
connection.c -- connection list management connection.c -- connection list management
Copyright (C) 2000-2009 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans 2000-2005 Ivo Timmermans
2008 Max Rijevski <maksuf@gmail.com> 2008 Max Rijevski <maksuf@gmail.com>
@ -29,7 +29,7 @@
#include "xalloc.h" #include "xalloc.h"
avl_tree_t *connection_tree; /* Meta connections */ avl_tree_t *connection_tree; /* Meta connections */
connection_t *broadcast; connection_t *everyone;
static int connection_compare(const connection_t *a, const connection_t *b) { static int connection_compare(const connection_t *a, const connection_t *b) {
return a < b ? -1 : a == b ? 0 : 1; return a < b ? -1 : a == b ? 0 : 1;
@ -37,14 +37,14 @@ static int connection_compare(const connection_t *a, const connection_t *b) {
void init_connections(void) { void init_connections(void) {
connection_tree = avl_alloc_tree((avl_compare_t) connection_compare, (avl_action_t) free_connection); connection_tree = avl_alloc_tree((avl_compare_t) connection_compare, (avl_action_t) free_connection);
broadcast = new_connection(); everyone = new_connection();
broadcast->name = xstrdup("everyone"); everyone->name = xstrdup("everyone");
broadcast->hostname = xstrdup("BROADCAST"); everyone->hostname = xstrdup("BROADCAST");
} }
void exit_connections(void) { void exit_connections(void) {
avl_delete_tree(connection_tree); avl_delete_tree(connection_tree);
free_connection(broadcast); free_connection(everyone);
} }
connection_t *new_connection(void) { connection_t *new_connection(void) {

View file

@ -1,6 +1,6 @@
/* /*
connection.h -- header for connection.c connection.h -- header for connection.c
Copyright (C) 2000-2010 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans 2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -101,7 +101,7 @@ typedef struct connection_t {
} connection_t; } connection_t;
extern avl_tree_t *connection_tree; extern avl_tree_t *connection_tree;
extern connection_t *broadcast; extern connection_t *everyone;
extern void init_connections(void); extern void init_connections(void);
extern void exit_connections(void); extern void exit_connections(void);

View file

@ -1,7 +1,7 @@
/* /*
device.c -- Interaction with Windows tap driver in a Cygwin environment device.c -- Interaction with Windows tap driver in a Cygwin environment
Copyright (C) 2002-2005 Ivo Timmermans, Copyright (C) 2002-2005 Ivo Timmermans,
2002-2009 Guus Sliepen <guus@tinc-vpn.org> 2002-2011 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -45,7 +45,7 @@ static uint64_t device_total_out = 0;
static pid_t reader_pid; static pid_t reader_pid;
static int sp[2]; static int sp[2];
bool setup_device(void) { static bool setup_device(void) {
HKEY key, key2; HKEY key, key2;
int i, err; int i, err;
@ -214,7 +214,7 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
close(sp[0]); close(sp[0]);
close(sp[1]); close(sp[1]);
CloseHandle(device_handle); CloseHandle(device_handle);
@ -225,7 +225,7 @@ void close_device(void) {
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
if((lenin = read(sp[0], packet->data, MTU)) <= 0) { if((lenin = read(sp[0], packet->data, MTU)) <= 0) {
@ -244,7 +244,7 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
long lenout; long lenout;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
@ -260,8 +260,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t os_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -1,7 +1,7 @@
/* /*
net.h -- generic header for device.c device.h -- generic header for device.c
Copyright (C) 2001-2005 Ivo Timmermans Copyright (C) 2001-2005 Ivo Timmermans
2001-2006 Guus Sliepen <guus@tinc-vpn.org> 2001-2011 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -28,10 +28,19 @@ extern char *device;
extern char *iface; extern char *iface;
extern bool setup_device(void); typedef struct devops_t {
extern void close_device(void); bool (*setup)(void);
extern bool read_packet(struct vpn_packet_t *); void (*close)(void);
extern bool write_packet(struct vpn_packet_t *); bool (*read)(struct vpn_packet_t *);
extern void dump_device_stats(void); bool (*write)(struct vpn_packet_t *);
void (*dump_stats)(void);
} devops_t;
extern const devops_t os_devops;
extern const devops_t dummy_devops;
extern const devops_t raw_socket_devops;
extern const devops_t uml_devops;
extern const devops_t vde_devops;
extern devops_t devops;
#endif /* __TINC_DEVICE_H__ */ #endif /* __TINC_DEVICE_H__ */

62
src/dummy_device.c Normal file
View file

@ -0,0 +1,62 @@
/*
device.c -- Dummy device
Copyright (C) 2011 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "system.h"
#include "device.h"
#include "logger.h"
#include "net.h"
static char *device_info = "dummy device";
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
static bool setup_device(void) {
device = "dummy";
iface = "dummy";
logger(LOG_INFO, "%s (%s) is a %s", device, iface, device_info);
return true;
}
static void close_device(void) {
}
static bool read_packet(vpn_packet_t *packet) {
return false;
}
static bool write_packet(vpn_packet_t *packet) {
device_total_out += packet->len;
return true;
}
static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
}
const devops_t dummy_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -1,6 +1,6 @@
/* /*
graph.c -- graph algorithms graph.c -- graph algorithms
Copyright (C) 2001-2011 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans 2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -174,6 +174,7 @@ static void sssp_bfs(void) {
myself->status.visited = true; myself->status.visited = true;
myself->status.indirect = false; myself->status.indirect = false;
myself->nexthop = myself; myself->nexthop = myself;
myself->prevedge = NULL;
myself->via = myself; myself->via = myself;
list_insert_head(todo_list, myself); list_insert_head(todo_list, myself);
@ -214,6 +215,7 @@ static void sssp_bfs(void) {
e->to->status.visited = true; e->to->status.visited = true;
e->to->status.indirect = indirect; e->to->status.indirect = indirect;
e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop; e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop;
e->to->prevedge = e;
e->to->via = indirect ? n->via : e->to; e->to->via = indirect ? n->via : e->to;
e->to->options = e->options; e->to->options = e->options;

View file

@ -1,6 +1,6 @@
/* /*
graph.h -- header for graph.c graph.h -- header for graph.c
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans 2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify

View file

@ -1,7 +1,7 @@
/* /*
device.c -- Interaction with Linux ethertap and tun/tap device device.c -- Interaction with Linux ethertap and tun/tap device
Copyright (C) 2001-2005 Ivo Timmermans, Copyright (C) 2001-2005 Ivo Timmermans,
2001-2009 Guus Sliepen <guus@tinc-vpn.org> 2001-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -45,13 +45,14 @@ int device_fd = -1;
static device_type_t device_type; static device_type_t device_type;
char *device = NULL; char *device = NULL;
char *iface = NULL; char *iface = NULL;
static char *type = NULL;
static char ifrname[IFNAMSIZ]; static char ifrname[IFNAMSIZ];
static char *device_info; static char *device_info;
static uint64_t device_total_in = 0; static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0; static uint64_t device_total_out = 0;
bool setup_device(void) { static bool setup_device(void) {
struct ifreq ifr; struct ifreq ifr;
bool t1q = false; bool t1q = false;
@ -72,11 +73,23 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
#ifdef HAVE_LINUX_IF_TUN_H #ifdef HAVE_LINUX_IF_TUN_H
/* Ok now check if this is an old ethertap or a new tun/tap thingie */ /* Ok now check if this is an old ethertap or a new tun/tap thingie */
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
if(routing_mode == RMODE_ROUTER) {
get_config_string(lookup_config(config_tree, "DeviceType"), &type);
if(type && strcasecmp(type, "tun") && strcasecmp(type, "tap")) {
logger(LOG_ERR, "Unknown device type %s!", type);
return false;
}
if((type && !strcasecmp(type, "tun")) || (!type && routing_mode == RMODE_ROUTER)) {
ifr.ifr_flags = IFF_TUN; ifr.ifr_flags = IFF_TUN;
device_type = DEVICE_TYPE_TUN; device_type = DEVICE_TYPE_TUN;
device_info = "Linux tun/tap device (tun mode)"; device_info = "Linux tun/tap device (tun mode)";
@ -121,14 +134,15 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
close(device_fd); close(device_fd);
free(type);
free(device); free(device);
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
switch(device_type) { switch(device_type) {
@ -175,7 +189,7 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info); packet->len, device_info);
@ -211,8 +225,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t os_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -83,7 +83,7 @@ static DWORD WINAPI tapreader(void *bla) {
} }
} }
bool setup_device(void) { static bool setup_device(void) {
HKEY key, key2; HKEY key, key2;
int i; int i;
@ -210,18 +210,18 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
CloseHandle(device_handle); CloseHandle(device_handle);
free(device); free(device);
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
return false; return false;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
long lenout; long lenout;
OVERLAPPED overlapped = {0}; OVERLAPPED overlapped = {0};
@ -238,8 +238,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t os_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -1,7 +1,7 @@
/* /*
net.c -- most of the network code net.c -- most of the network code
Copyright (C) 1998-2005 Ivo Timmermans, Copyright (C) 1998-2005 Ivo Timmermans,
2000-2011 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2006 Scott Lamb <slamb@slamb.org> 2006 Scott Lamb <slamb@slamb.org>
2011 Loïc Grenié <loic.grenie@gmail.com> 2011 Loïc Grenié <loic.grenie@gmail.com>
@ -75,7 +75,7 @@ static void purge(void) {
for(snode = n->subnet_tree->head; snode; snode = snext) { for(snode = n->subnet_tree->head; snode; snode = snext) {
snext = snode->next; snext = snode->next;
s = snode->data; s = snode->data;
send_del_subnet(broadcast, s); send_del_subnet(everyone, s);
if(!strictsubnets) if(!strictsubnets)
subnet_del(n, s); subnet_del(n, s);
} }
@ -84,7 +84,7 @@ static void purge(void) {
enext = enode->next; enext = enode->next;
e = enode->data; e = enode->data;
if(!tunnelserver) if(!tunnelserver)
send_del_edge(broadcast, e); send_del_edge(everyone, e);
edge_del(e); edge_del(e);
} }
} }
@ -183,7 +183,7 @@ void terminate_connection(connection_t *c, bool report) {
if(c->edge) { if(c->edge) {
if(report && !tunnelserver) if(report && !tunnelserver)
send_del_edge(broadcast, c->edge); send_del_edge(everyone, c->edge);
edge_del(c->edge); edge_del(c->edge);
@ -198,7 +198,7 @@ void terminate_connection(connection_t *c, bool report) {
e = lookup_edge(c->node, myself); e = lookup_edge(c->node, myself);
if(e) { if(e) {
if(!tunnelserver) if(!tunnelserver)
send_del_edge(broadcast, e); send_del_edge(everyone, e);
edge_del(e); edge_del(e);
} }
} }
@ -289,7 +289,7 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) {
/* check input from kernel */ /* check input from kernel */
if(device_fd >= 0 && FD_ISSET(device_fd, readset)) { if(device_fd >= 0 && FD_ISSET(device_fd, readset)) {
if(read_packet(&packet)) { if(devops.read(&packet)) {
errors = 0; errors = 0;
packet.priority = 0; packet.priority = 0;
route(myself, &packet); route(myself, &packet);
@ -343,7 +343,7 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) {
for(i = 0; i < listen_sockets; i++) { for(i = 0; i < listen_sockets; i++) {
if(FD_ISSET(listen_socket[i].udp, readset)) if(FD_ISSET(listen_socket[i].udp, readset))
handle_incoming_vpn_data(listen_socket[i].udp); handle_incoming_vpn_data(i);
if(FD_ISSET(listen_socket[i].tcp, readset)) if(FD_ISSET(listen_socket[i].tcp, readset))
handle_new_meta_connection(listen_socket[i].tcp); handle_new_meta_connection(listen_socket[i].tcp);
@ -576,14 +576,14 @@ int main_loop(void) {
next = node->next; next = node->next;
subnet = node->data; subnet = node->data;
if(subnet->expires == 1) { if(subnet->expires == 1) {
send_del_subnet(broadcast, subnet); send_del_subnet(everyone, subnet);
if(subnet->owner->status.reachable) if(subnet->owner->status.reachable)
subnet_update(subnet->owner, subnet, false); subnet_update(subnet->owner, subnet, false);
subnet_del(subnet->owner, subnet); subnet_del(subnet->owner, subnet);
} else if(subnet->expires == -1) { } else if(subnet->expires == -1) {
subnet->expires = 0; subnet->expires = 0;
} else { } else {
send_add_subnet(broadcast, subnet); send_add_subnet(everyone, subnet);
if(subnet->owner->status.reachable) if(subnet->owner->status.reachable)
subnet_update(subnet->owner, subnet, true); subnet_update(subnet->owner, subnet, true);
} }

View file

@ -1,7 +1,7 @@
/* /*
net.h -- header for net.c net.h -- header for net.c
Copyright (C) 1998-2005 Ivo Timmermans Copyright (C) 1998-2005 Ivo Timmermans
2000-2009 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -107,6 +107,7 @@ extern int maxoutbufsize;
extern int seconds_till_retry; extern int seconds_till_retry;
extern int addressfamily; extern int addressfamily;
extern unsigned replaywin; extern unsigned replaywin;
extern bool localdiscovery;
extern listen_socket_t listen_socket[MAXSOCKETS]; extern listen_socket_t listen_socket[MAXSOCKETS];
extern int listen_sockets; extern int listen_sockets;

View file

@ -1,7 +1,7 @@
/* /*
net_packet.c -- Handles in- and outgoing VPN packets net_packet.c -- Handles in- and outgoing VPN packets
Copyright (C) 1998-2005 Ivo Timmermans, Copyright (C) 1998-2005 Ivo Timmermans,
2000-2011 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2010 Timothy Redaelli <timothy@redaelli.eu> 2010 Timothy Redaelli <timothy@redaelli.eu>
2010 Brandon Black <blblack@gmail.com> 2010 Brandon Black <blblack@gmail.com>
@ -61,13 +61,21 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999
static void send_udppacket(node_t *, vpn_packet_t *); static void send_udppacket(node_t *, vpn_packet_t *);
unsigned replaywin = 16; unsigned replaywin = 16;
bool localdiscovery = false;
#define MAX_SEQNO 1073741824 #define MAX_SEQNO 1073741824
// mtuprobes == 1..30: initial discovery, send bursts with 1 second interval /* mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
// mtuprobes == 31: sleep pinginterval seconds mtuprobes == 31: sleep pinginterval seconds
// mtuprobes == 32: send 1 burst, sleep pingtimeout second mtuprobes == 32: send 1 burst, sleep pingtimeout second
// mtuprobes == 33: no response from other side, restart PMTU discovery process mtuprobes == 33: no response from other side, restart PMTU discovery process
Probes are sent in batches of three, with random sizes between the lower and
upper boundaries for the MTU thus far discovered.
In case local discovery is enabled, a fourth packet is added to each batch,
which will be broadcast to the local network.
*/
void send_mtu_probe(node_t *n) { void send_mtu_probe(node_t *n) {
vpn_packet_t packet; vpn_packet_t packet;
@ -118,7 +126,7 @@ void send_mtu_probe(node_t *n) {
timeout = pingtimeout; timeout = pingtimeout;
} }
for(i = 0; i < 3; i++) { for(i = 0; i < 3 + localdiscovery; i++) {
if(n->maxmtu <= n->minmtu) if(n->maxmtu <= n->minmtu)
len = n->maxmtu; len = n->maxmtu;
else else
@ -130,7 +138,10 @@ void send_mtu_probe(node_t *n) {
memset(packet.data, 0, 14); memset(packet.data, 0, 14);
RAND_pseudo_bytes(packet.data + 14, len - 14); RAND_pseudo_bytes(packet.data + 14, len - 14);
packet.len = len; packet.len = len;
packet.priority = 0; if(i >= 3 && n->mtuprobes <= 10)
packet.priority = -1;
else
packet.priority = 0;
ifdebug(TRAFFIC) logger(LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname); ifdebug(TRAFFIC) logger(LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname);
@ -389,7 +400,6 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
static int priority = 0; static int priority = 0;
#endif #endif
int origpriority; int origpriority;
int sock;
if(!n->status.reachable) { if(!n->status.reachable) {
ifdebug(TRAFFIC) logger(LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname); ifdebug(TRAFFIC) logger(LOG_INFO, "Trying to send UDP packet to unreachable node %s (%s)", n->name, n->hostname);
@ -476,33 +486,58 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
/* Determine which socket we have to use */ /* Determine which socket we have to use */
for(sock = 0; sock < listen_sockets; sock++) if(n->address.sa.sa_family != listen_socket[n->sock].sa.sa.sa_family) {
if(n->address.sa.sa_family == listen_socket[sock].sa.sa.sa_family) for(int sock = 0; sock < listen_sockets; sock++) {
break; if(n->address.sa.sa_family == listen_socket[sock].sa.sa.sa_family) {
n->sock = sock;
if(sock >= listen_sockets) break;
sock = 0; /* If none is available, just use the first and hope for the best. */ }
}
}
/* Send the packet */ /* Send the packet */
struct sockaddr *sa;
socklen_t sl;
int sock;
/* Overloaded use of priority field: -1 means local broadcast */
if(origpriority == -1 && n->prevedge) {
struct sockaddr_in in;
in.sin_family = AF_INET;
in.sin_addr.s_addr = -1;
in.sin_port = n->prevedge->address.in.sin_port;
sa = (struct sockaddr *)&in;
sl = sizeof in;
sock = 0;
} else {
if(origpriority == -1)
origpriority = 0;
sa = &(n->address.sa);
sl = SALEN(n->address.sa);
sock = n->sock;
}
#if defined(SOL_IP) && defined(IP_TOS) #if defined(SOL_IP) && defined(IP_TOS)
if(priorityinheritance && origpriority != priority if(priorityinheritance && origpriority != priority
&& listen_socket[sock].sa.sa.sa_family == AF_INET) { && listen_socket[n->sock].sa.sa.sa_family == AF_INET) {
priority = origpriority; priority = origpriority;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Setting outgoing packet priority to %d", priority); ifdebug(TRAFFIC) logger(LOG_DEBUG, "Setting outgoing packet priority to %d", priority);
if(setsockopt(listen_socket[sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ if(setsockopt(listen_socket[n->sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */
logger(LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno)); logger(LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno));
} }
#endif #endif
if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, &(n->address.sa), SALEN(n->address.sa)) < 0 && !sockwouldblock(sockerrno)) { if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, sa, sl) < 0 && !sockwouldblock(sockerrno)) {
if(sockmsgsize(sockerrno)) { if(sockmsgsize(sockerrno)) {
if(n->maxmtu >= origlen) if(n->maxmtu >= origlen)
n->maxmtu = origlen - 1; n->maxmtu = origlen - 1;
if(n->mtu >= origlen) if(n->mtu >= origlen)
n->mtu = origlen - 1; n->mtu = origlen - 1;
} else } else
logger(LOG_ERR, "Error sending packet to %s (%s): %s", n->name, n->hostname, sockstrerror(sockerrno)); ifdebug(TRAFFIC) logger(LOG_WARNING, "Error sending packet to %s (%s): %s", n->name, n->hostname, sockstrerror(sockerrno));
} }
end: end:
@ -518,7 +553,7 @@ void send_packet(const node_t *n, vpn_packet_t *packet) {
if(n == myself) { if(n == myself) {
if(overwrite_mac) if(overwrite_mac)
memcpy(packet->data, mymac.x, ETH_ALEN); memcpy(packet->data, mymac.x, ETH_ALEN);
write_packet(packet); devops.write(packet);
return; return;
} }
@ -599,6 +634,7 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
if(hard) if(hard)
last_hard_try = now; last_hard_try = now;
last_hard_try = now;
return n; return n;
} }
@ -609,7 +645,7 @@ void handle_incoming_vpn_data(int sock) {
socklen_t fromlen = sizeof(from); socklen_t fromlen = sizeof(from);
node_t *n; node_t *n;
pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); pkt.len = recvfrom(listen_socket[sock].udp, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
if(pkt.len < 0) { if(pkt.len < 0) {
if(!sockwouldblock(sockerrno)) if(!sockwouldblock(sockerrno))
@ -635,5 +671,7 @@ void handle_incoming_vpn_data(int sock) {
return; return;
} }
n->sock = sock;
receive_udppacket(n, &pkt); receive_udppacket(n, &pkt);
} }

View file

@ -1,7 +1,7 @@
/* /*
net_setup.c -- Setup. net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans, Copyright (C) 1998-2005 Ivo Timmermans,
2000-2010 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2006 Scott Lamb <slamb@slamb.org> 2006 Scott Lamb <slamb@slamb.org>
2010 Brandon Black <blblack@gmail.com> 2010 Brandon Black <blblack@gmail.com>
@ -45,6 +45,7 @@
#include "xalloc.h" #include "xalloc.h"
char *myport; char *myport;
devops_t devops;
bool read_rsa_public_key(connection_t *c) { bool read_rsa_public_key(connection_t *c) {
FILE *fp; FILE *fp;
@ -113,11 +114,14 @@ bool read_rsa_public_key(connection_t *c) {
xasprintf(&fname, "%s/hosts/%s", confbase, c->name); xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
fp = fopen(fname, "r"); fp = fopen(fname, "r");
if(fp) { if(!fp) {
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL); logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
fclose(fp); free(fname);
return false;
} }
c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
fclose(fp);
free(fname); free(fname);
if(c->rsa_key) if(c->rsa_key)
@ -128,12 +132,15 @@ bool read_rsa_public_key(connection_t *c) {
xasprintf(&fname, "%s/hosts/%s", confbase, c->name); xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
fp = fopen(fname, "r"); fp = fopen(fname, "r");
if(fp) { if(!fp) {
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
// RSA_blinding_on(c->rsa_key, NULL); free(fname);
fclose(fp); return false;
} }
c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
// RSA_blinding_on(c->rsa_key, NULL);
fclose(fp);
free(fname); free(fname);
if(c->rsa_key) if(c->rsa_key)
@ -214,7 +221,6 @@ void load_all_subnets(void) {
config_t *cfg; config_t *cfg;
subnet_t *s, *s2; subnet_t *s, *s2;
node_t *n; node_t *n;
bool result;
xasprintf(&dname, "%s/hosts", confbase); xasprintf(&dname, "%s/hosts", confbase);
dir = opendir(dname); dir = opendir(dname);
@ -236,10 +242,9 @@ void load_all_subnets(void) {
xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name); xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
init_configuration(&config_tree); init_configuration(&config_tree);
result = read_config_file(config_tree, fname); read_config_options(config_tree, ent->d_name);
read_config_file(config_tree, fname);
free(fname); free(fname);
if(!result)
continue;
if(!n) { if(!n) {
n = new_node(); n = new_node();
@ -270,7 +275,7 @@ void load_all_subnets(void) {
static bool setup_myself(void) { static bool setup_myself(void) {
config_t *cfg; config_t *cfg;
subnet_t *subnet; subnet_t *subnet;
char *name, *hostname, *mode, *afname, *cipher, *digest; char *name, *hostname, *mode, *afname, *cipher, *digest, *type;
char *fname = NULL; char *fname = NULL;
char *address = NULL; char *address = NULL;
char *envp[5]; char *envp[5];
@ -349,6 +354,7 @@ static bool setup_myself(void) {
get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly); get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets); get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver); get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
strictsubnets |= tunnelserver; strictsubnets |= tunnelserver;
if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) { if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
@ -390,6 +396,8 @@ static bool setup_myself(void) {
myself->options |= OPTION_CLAMP_MSS; myself->options |= OPTION_CLAMP_MSS;
get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance); get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
get_config_bool(lookup_config(config_tree, "DecrementTTL"), &decrement_ttl);
get_config_bool(lookup_config(config_tree, "Broadcast"), &broadcast);
#if !defined(SOL_IP) || !defined(IP_TOS) #if !defined(SOL_IP) || !defined(IP_TOS)
if(priorityinheritance) if(priorityinheritance)
@ -533,7 +541,24 @@ static bool setup_myself(void) {
/* Open device */ /* Open device */
if(!setup_device()) devops = os_devops;
if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
if(!strcasecmp(type, "dummy"))
devops = dummy_devops;
else if(!strcasecmp(type, "raw_socket"))
devops = raw_socket_devops;
#ifdef ENABLE_UML
else if(!strcasecmp(type, "uml"))
devops = uml_devops;
#endif
#ifdef ENABLE_VDE
else if(!strcasecmp(type, "vde"))
devops = vde_devops;
#endif
}
if(!devops.setup())
return false; return false;
/* Run tinc-up script to further initialize the tap interface */ /* Run tinc-up script to further initialize the tap interface */
@ -554,47 +579,58 @@ static bool setup_myself(void) {
/* Open sockets */ /* Open sockets */
get_config_string(lookup_config(config_tree, "BindToAddress"), &address);
hint.ai_family = addressfamily;
hint.ai_socktype = SOCK_STREAM;
hint.ai_protocol = IPPROTO_TCP;
hint.ai_flags = AI_PASSIVE;
err = getaddrinfo(address, myport, &hint, &ai);
if(err || !ai) {
logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
gai_strerror(err));
return false;
}
listen_sockets = 0; listen_sockets = 0;
cfg = lookup_config(config_tree, "BindToAddress");
for(aip = ai; aip; aip = aip->ai_next) { do {
listen_socket[listen_sockets].tcp = get_config_string(cfg, &address);
setup_listen_socket((sockaddr_t *) aip->ai_addr); if(cfg)
cfg = lookup_config_next(config_tree, cfg);
if(listen_socket[listen_sockets].tcp < 0) hint.ai_family = addressfamily;
continue; hint.ai_socktype = SOCK_STREAM;
hint.ai_protocol = IPPROTO_TCP;
hint.ai_flags = AI_PASSIVE;
listen_socket[listen_sockets].udp = err = getaddrinfo(address, myport, &hint, &ai);
setup_vpn_in_socket((sockaddr_t *) aip->ai_addr); free(address);
if(listen_socket[listen_sockets].udp < 0) if(err || !ai) {
continue; logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
gai_strerror(err));
ifdebug(CONNECTIONS) { return false;
hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
logger(LOG_NOTICE, "Listening on %s", hostname);
free(hostname);
} }
memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen); for(aip = ai; aip; aip = aip->ai_next) {
listen_sockets++; if(listen_sockets >= MAXSOCKETS) {
} logger(LOG_ERR, "Too many listening sockets");
return false;
}
freeaddrinfo(ai); listen_socket[listen_sockets].tcp =
setup_listen_socket((sockaddr_t *) aip->ai_addr);
if(listen_socket[listen_sockets].tcp < 0)
continue;
listen_socket[listen_sockets].udp =
setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
if(listen_socket[listen_sockets].udp < 0)
continue;
ifdebug(CONNECTIONS) {
hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
logger(LOG_NOTICE, "Listening on %s", hostname);
free(hostname);
}
memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
listen_sockets++;
}
freeaddrinfo(ai);
} while(cfg);
if(listen_sockets) if(listen_sockets)
logger(LOG_NOTICE, "Ready"); logger(LOG_NOTICE, "Ready");
@ -696,7 +732,7 @@ void close_network_connections(void) {
for(i = 0; i < 4; i++) for(i = 0; i < 4; i++)
free(envp[i]); free(envp[i]);
close_device(); devops.close();
return; return;
} }

View file

@ -1,7 +1,7 @@
/* /*
net_socket.c -- Handle various kinds of sockets. net_socket.c -- Handle various kinds of sockets.
Copyright (C) 1998-2005 Ivo Timmermans, Copyright (C) 1998-2005 Ivo Timmermans,
2000-2010 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2006 Scott Lamb <slamb@slamb.org> 2006 Scott Lamb <slamb@slamb.org>
2009 Florian Forster <octo@verplant.org> 2009 Florian Forster <octo@verplant.org>
@ -34,8 +34,6 @@
#include "utils.h" #include "utils.h"
#include "xalloc.h" #include "xalloc.h"
#include <assert.h>
/* Needed on Mac OS/X */ /* Needed on Mac OS/X */
#ifndef SOL_TCP #ifndef SOL_TCP
#define SOL_TCP IPPROTO_TCP #define SOL_TCP IPPROTO_TCP
@ -110,63 +108,6 @@ static bool bind_to_interface(int sd) {
return true; return true;
} }
static bool bind_to_address(connection_t *c) {
char *node;
struct addrinfo *ai_list;
struct addrinfo *ai_ptr;
struct addrinfo ai_hints;
int status;
assert(c != NULL);
assert(c->socket >= 0);
node = NULL;
if(!get_config_string(lookup_config(config_tree, "BindToAddress"),
&node))
return true;
assert(node != NULL);
memset(&ai_hints, 0, sizeof(ai_hints));
ai_hints.ai_family = c->address.sa.sa_family;
/* We're called from `do_outgoing_connection' only. */
ai_hints.ai_socktype = SOCK_STREAM;
ai_hints.ai_protocol = IPPROTO_TCP;
ai_list = NULL;
status = getaddrinfo(node, /* service = */ NULL,
&ai_hints, &ai_list);
if(status) {
free(node);
logger(LOG_WARNING, "Error looking up %s port %s: %s",
node, "any", gai_strerror(status));
return false;
}
assert(ai_list != NULL);
status = -1;
for(ai_ptr = ai_list; ai_ptr != NULL; ai_ptr = ai_ptr->ai_next) {
status = bind(c->socket,
ai_list->ai_addr, ai_list->ai_addrlen);
if(!status)
break;
}
if(status) {
logger(LOG_ERR, "Can't bind to %s/tcp: %s", node, sockstrerror(sockerrno));
} else ifdebug(CONNECTIONS) {
logger(LOG_DEBUG, "Successfully bound outgoing "
"TCP socket to %s", node);
}
free(node);
freeaddrinfo(ai_list);
return status ? false : true;
}
int setup_listen_socket(const sockaddr_t *sa) { int setup_listen_socket(const sockaddr_t *sa) {
int nfd; int nfd;
char *addrstr; char *addrstr;
@ -180,6 +121,10 @@ int setup_listen_socket(const sockaddr_t *sa) {
return -1; return -1;
} }
#ifdef FD_CLOEXEC
fcntl(nfd, F_SETFD, FD_CLOEXEC);
#endif
/* Optimize TCP settings */ /* Optimize TCP settings */
option = 1; option = 1;
@ -238,6 +183,10 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
return -1; return -1;
} }
#ifdef FD_CLOEXEC
fcntl(nfd, F_SETFD, FD_CLOEXEC);
#endif
#ifdef O_NONBLOCK #ifdef O_NONBLOCK
{ {
int flags = fcntl(nfd, F_GETFL); int flags = fcntl(nfd, F_GETFL);
@ -262,6 +211,7 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
option = 1; option = 1;
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option)); setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option));
setsockopt(nfd, SOL_SOCKET, SO_BROADCAST, (void *)&option, sizeof(option));
if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf))) if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf)))
logger(LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno)); logger(LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno));
@ -410,6 +360,10 @@ begin:
c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP); c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
#ifdef FD_CLOEXEC
fcntl(c->socket, F_SETFD, FD_CLOEXEC);
#endif
if(c->socket == -1) { if(c->socket == -1) {
ifdebug(CONNECTIONS) logger(LOG_ERR, "Creating socket for %s failed: %s", c->hostname, sockstrerror(sockerrno)); ifdebug(CONNECTIONS) logger(LOG_ERR, "Creating socket for %s failed: %s", c->hostname, sockstrerror(sockerrno));
goto begin; goto begin;
@ -422,7 +376,6 @@ begin:
#endif #endif
bind_to_interface(c->socket); bind_to_interface(c->socket);
bind_to_address(c);
/* Optimize TCP settings */ /* Optimize TCP settings */

View file

@ -1,6 +1,6 @@
/* /*
node.h -- header for node.c node.h -- header for node.c
Copyright (C) 2001-2010 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans 2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -40,6 +40,7 @@ typedef struct node_t {
char *name; /* name of this node */ char *name; /* name of this node */
uint32_t options; /* options turned on for this node */ uint32_t options; /* options turned on for this node */
int sock; /* Socket to use for outgoing UDP packets */
sockaddr_t address; /* his real (internet) ip to send UDP packets to */ sockaddr_t address; /* his real (internet) ip to send UDP packets to */
char *hostname; /* the hostname of its real ip */ char *hostname; /* the hostname of its real ip */
@ -66,6 +67,7 @@ typedef struct node_t {
int outcompression; /* Compressionlevel, 0 = no compression */ int outcompression; /* Compressionlevel, 0 = no compression */
struct node_t *nexthop; /* nearest node from us to him */ struct node_t *nexthop; /* nearest node from us to him */
struct edge_t *prevedge; /* nearest node from him to us */
struct node_t *via; /* next hop for UDP packets */ struct node_t *via; /* next hop for UDP packets */
avl_tree_t *subnet_tree; /* Pointer to a tree of subnets belonging to this node */ avl_tree_t *subnet_tree; /* Pointer to a tree of subnets belonging to this node */

View file

@ -511,7 +511,7 @@ static RETSIGTYPE sigusr1_handler(int a) {
} }
static RETSIGTYPE sigusr2_handler(int a) { static RETSIGTYPE sigusr2_handler(int a) {
dump_device_stats(); devops.dump_stats();
dump_nodes(); dump_nodes();
dump_edges(); dump_edges();
dump_subnets(); dump_subnets();

View file

@ -1,7 +1,7 @@
/* /*
protocol.c -- handle the meta-protocol, basic functions protocol.c -- handle the meta-protocol, basic functions
Copyright (C) 1999-2005 Ivo Timmermans, Copyright (C) 1999-2005 Ivo Timmermans,
2000-2009 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -96,7 +96,7 @@ bool send_request(connection_t *c, const char *format, ...) {
buffer[len++] = '\n'; buffer[len++] = '\n';
if(c == broadcast) { if(c == everyone) {
broadcast_meta(NULL, buffer, len); broadcast_meta(NULL, buffer, len);
return true; return true;
} else } else

View file

@ -1,7 +1,7 @@
/* /*
protocol_auth.c -- handle the meta-protocol, authentication protocol_auth.c -- handle the meta-protocol, authentication
Copyright (C) 1999-2005 Ivo Timmermans, Copyright (C) 1999-2005 Ivo Timmermans,
2000-2010 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -575,7 +575,7 @@ bool ack_h(connection_t *c) {
if(tunnelserver) if(tunnelserver)
send_add_edge(c, c->edge); send_add_edge(c, c->edge);
else else
send_add_edge(broadcast, c->edge); send_add_edge(everyone, c->edge);
/* Run MST and SSSP algorithms */ /* Run MST and SSSP algorithms */

View file

@ -1,7 +1,7 @@
/* /*
protocol_edge.c -- handle the meta-protocol, edges protocol_edge.c -- handle the meta-protocol, edges
Copyright (C) 1999-2005 Ivo Timmermans, Copyright (C) 1999-2005 Ivo Timmermans,
2000-2009 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2009 Michael Tokarev <mjt@corpit.ru> 2009 Michael Tokarev <mjt@corpit.ru>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -254,7 +254,7 @@ bool del_edge_h(connection_t *c) {
e = lookup_edge(to, myself); e = lookup_edge(to, myself);
if(e) { if(e) {
if(!tunnelserver) if(!tunnelserver)
send_del_edge(broadcast, e); send_del_edge(everyone, e);
edge_del(e); edge_del(e);
} }
} }

View file

@ -1,7 +1,7 @@
/* /*
protocol_key.c -- handle the meta-protocol, key exchange protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2005 Ivo Timmermans, Copyright (C) 1999-2005 Ivo Timmermans,
2000-2011 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -40,7 +40,7 @@ void send_key_changed(void) {
avl_node_t *node; avl_node_t *node;
connection_t *c; connection_t *c;
send_request(broadcast, "%d %x %s", KEY_CHANGED, rand(), myself->name); send_request(everyone, "%d %x %s", KEY_CHANGED, rand(), myself->name);
/* Immediately send new keys to directly connected nodes to keep UDP mappings alive */ /* Immediately send new keys to directly connected nodes to keep UDP mappings alive */
@ -242,8 +242,6 @@ bool ans_key_h(connection_t *c) {
/* Update our copy of the origin's packet key */ /* Update our copy of the origin's packet key */
from->outkey = xrealloc(from->outkey, strlen(key) / 2); from->outkey = xrealloc(from->outkey, strlen(key) / 2);
from->outkey = xstrdup(key);
from->outkeylength = strlen(key) / 2; from->outkeylength = strlen(key) / 2;
hex2bin(key, from->outkey, from->outkeylength); hex2bin(key, from->outkey, from->outkeylength);

View file

@ -1,7 +1,7 @@
/* /*
device.c -- raw socket device.c -- raw socket
Copyright (C) 2002-2005 Ivo Timmermans, Copyright (C) 2002-2005 Ivo Timmermans,
2002-2009 Guus Sliepen <guus@tinc-vpn.org> 2002-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -20,7 +20,9 @@
#include "system.h" #include "system.h"
#ifdef HAVE_NETPACKET_PACKET_H
#include <netpacket/packet.h> #include <netpacket/packet.h>
#endif
#include "conf.h" #include "conf.h"
#include "device.h" #include "device.h"
@ -30,16 +32,13 @@
#include "route.h" #include "route.h"
#include "xalloc.h" #include "xalloc.h"
int device_fd = -1; #if defined(PF_PACKET) && defined(ETH_P_ALL) && defined(AF_PACKET)
char *device = NULL;
char *iface = NULL;
static char ifrname[IFNAMSIZ];
static char *device_info; static char *device_info;
static uint64_t device_total_in = 0; static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0; static uint64_t device_total_out = 0;
bool setup_device(void) { static bool setup_device(void) {
struct ifreq ifr; struct ifreq ifr;
struct sockaddr_ll sa; struct sockaddr_ll sa;
@ -57,6 +56,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
memset(&ifr, 0, sizeof(ifr)); memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ); strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ);
if(ioctl(device_fd, SIOCGIFINDEX, &ifr)) { if(ioctl(device_fd, SIOCGIFINDEX, &ifr)) {
@ -81,14 +84,14 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
close(device_fd); close(device_fd);
free(device); free(device);
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
if((lenin = read(device_fd, packet->data, MTU)) <= 0) { if((lenin = read(device_fd, packet->data, MTU)) <= 0) {
@ -107,7 +110,7 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info); packet->len, device_info);
@ -122,8 +125,32 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t raw_socket_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};
#else
static bool not_supported(void) {
logger(LOG_ERR, "Raw socket device not supported on this platform");
return false;
}
const devops_t raw_socket_devops = {
.setup = not_supported,
.close = NULL,
.read = NULL,
.write = NULL,
.dump_stats = NULL,
};
#endif

View file

@ -1,7 +1,7 @@
/* /*
route.c -- routing route.c -- routing
Copyright (C) 2000-2005 Ivo Timmermans, Copyright (C) 2000-2005 Ivo Timmermans,
2000-2010 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -34,10 +34,12 @@
rmode_t routing_mode = RMODE_ROUTER; rmode_t routing_mode = RMODE_ROUTER;
fmode_t forwarding_mode = FMODE_INTERNAL; fmode_t forwarding_mode = FMODE_INTERNAL;
bool decrement_ttl = true;
bool directonly = false; bool directonly = false;
bool priorityinheritance = false; bool priorityinheritance = false;
int macexpire = 600; int macexpire = 600;
bool overwrite_mac = false; bool overwrite_mac = false;
bool broadcast = true;
mac_t mymac = {{0xFE, 0xFD, 0, 0, 0, 0}}; mac_t mymac = {{0xFE, 0xFD, 0, 0, 0, 0}};
/* Sizes of various headers */ /* Sizes of various headers */
@ -80,13 +82,14 @@ static bool ratelimit(int frequency) {
static int count = 0; static int count = 0;
if(lasttime == now) { if(lasttime == now) {
if(++count > frequency) if(count >= frequency)
return true; return true;
} else { } else {
lasttime = now; lasttime = now;
count = 0; count = 0;
} }
count++;
return false; return false;
} }
@ -397,6 +400,11 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) {
packet->priority = packet->data[15]; packet->priority = packet->data[15];
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via; via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
if(via == source) {
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
return;
}
if(directonly && subnet->owner != via) if(directonly && subnet->owner != via)
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO); return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
@ -422,11 +430,11 @@ static void route_ipv4(node_t *source, vpn_packet_t *packet) {
if(!checklength(source, packet, ether_size + ip_size)) if(!checklength(source, packet, ether_size + ip_size))
return; return;
if(((packet->data[30] & 0xf0) == 0xe0) || ( if(broadcast && (((packet->data[30] & 0xf0) == 0xe0) || (
packet->data[30] == 255 && packet->data[30] == 255 &&
packet->data[31] == 255 && packet->data[31] == 255 &&
packet->data[32] == 255 && packet->data[32] == 255 &&
packet->data[33] == 255)) packet->data[33] == 255)))
broadcast_packet(source, packet); broadcast_packet(source, packet);
else else
route_ipv4_unicast(source, packet); route_ipv4_unicast(source, packet);
@ -549,6 +557,11 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) {
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via; via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
if(via == source) {
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
return;
}
if(directonly && subnet->owner != via) if(directonly && subnet->owner != via)
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN); return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
@ -714,7 +727,7 @@ static void route_ipv6(node_t *source, vpn_packet_t *packet) {
return; return;
} }
if(packet->data[38] == 255) if(broadcast && packet->data[38] == 255)
broadcast_packet(source, packet); broadcast_packet(source, packet);
else else
route_ipv6_unicast(source, packet); route_ipv6_unicast(source, packet);
@ -804,7 +817,8 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
subnet = lookup_subnet_mac(NULL, &dest); subnet = lookup_subnet_mac(NULL, &dest);
if(!subnet) { if(!subnet) {
broadcast_packet(source, packet); if(broadcast)
broadcast_packet(source, packet);
return; return;
} }
@ -846,6 +860,52 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
send_packet(subnet->owner, packet); send_packet(subnet->owner, packet);
} }
static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
uint16_t type = packet->data[12] << 8 | packet->data[13];
switch (type) {
case ETH_P_IP:
if(!checklength(source, packet, 14 + 32))
return false;
if(packet->data[22] < 1) {
if(packet->data[25] != IPPROTO_ICMP || packet->data[46] != ICMP_TIME_EXCEEDED)
route_ipv4_unreachable(source, packet, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL);
return false;
}
uint16_t old = packet->data[22] << 8 | packet->data[23];
packet->data[22]--;
uint16_t new = packet->data[22] << 8 | packet->data[23];
uint32_t checksum = packet->data[24] << 8 | packet->data[25];
checksum += old + (~new & 0xFFFF);
while(checksum >> 16)
checksum = (checksum & 0xFFFF) + (checksum >> 16);
packet->data[24] = checksum >> 8;
packet->data[25] = checksum & 0xff;
return true;
case ETH_P_IPV6:
if(!checklength(source, packet, 14 + 40))
return false;
if(packet->data[21] < 1) {
if(packet->data[20] != IPPROTO_ICMPV6 || packet->data[54] != ICMP6_TIME_EXCEEDED)
route_ipv6_unreachable(source, packet, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT);
return false;
}
packet->data[21]--;
return true;
default:
return true;
}
}
void route(node_t *source, vpn_packet_t *packet) { void route(node_t *source, vpn_packet_t *packet) {
if(forwarding_mode == FMODE_KERNEL && source != myself) { if(forwarding_mode == FMODE_KERNEL && source != myself) {
send_packet(myself, packet); send_packet(myself, packet);
@ -855,6 +915,10 @@ void route(node_t *source, vpn_packet_t *packet) {
if(!checklength(source, packet, ether_size)) if(!checklength(source, packet, ether_size))
return; return;
if(decrement_ttl && source != myself)
if(!do_decrement_ttl(source, packet))
return;
switch (routing_mode) { switch (routing_mode) {
case RMODE_ROUTER: case RMODE_ROUTER:
{ {

View file

@ -1,7 +1,7 @@
/* /*
route.h -- header file for route.c route.h -- header file for route.c
Copyright (C) 2000-2005 Ivo Timmermans Copyright (C) 2000-2005 Ivo Timmermans
2000-2006 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -38,8 +38,10 @@ typedef enum fmode_t {
extern rmode_t routing_mode; extern rmode_t routing_mode;
extern fmode_t forwarding_mode; extern fmode_t forwarding_mode;
extern bool decrement_ttl;
extern bool directonly; extern bool directonly;
extern bool overwrite_mac; extern bool overwrite_mac;
extern bool broadcast;
extern bool priorityinheritance; extern bool priorityinheritance;
extern int macexpire; extern int macexpire;

View file

@ -1,7 +1,7 @@
/* /*
device.c -- Interaction with Solaris tun device device.c -- Interaction with Solaris tun device
Copyright (C) 2001-2005 Ivo Timmermans, Copyright (C) 2001-2005 Ivo Timmermans,
2001-2011 Guus Sliepen <guus@tinc-vpn.org> 2001-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -35,7 +35,7 @@
#define DEFAULT_DEVICE "/dev/tun" #define DEFAULT_DEVICE "/dev/tun"
int device_fd = -1; int device_fd = -1;
int ip_fd = -1, if_fd = -1; static int ip_fd = -1, if_fd = -1;
char *device = NULL; char *device = NULL;
char *iface = NULL; char *iface = NULL;
static char *device_info = NULL; static char *device_info = NULL;
@ -43,7 +43,7 @@ static char *device_info = NULL;
static uint64_t device_total_in = 0; static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0; static uint64_t device_total_out = 0;
bool setup_device(void) { static bool setup_device(void) {
int ppa; int ppa;
char *ptr; char *ptr;
@ -55,6 +55,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
ppa = 0; ppa = 0;
ptr = device; ptr = device;
@ -67,6 +71,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(ip_fd, F_SETFD, FD_CLOEXEC);
#endif
/* Assign a new PPA and get its unit number. */ /* Assign a new PPA and get its unit number. */
if((ppa = ioctl(device_fd, TUNNEWPPA, ppa)) < 0) { if((ppa = ioctl(device_fd, TUNNEWPPA, ppa)) < 0) {
logger(LOG_ERR, "Can't assign new interface: %s", strerror(errno)); logger(LOG_ERR, "Can't assign new interface: %s", strerror(errno));
@ -79,6 +87,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(if_fd, F_SETFD, FD_CLOEXEC);
#endif
if(ioctl(if_fd, I_PUSH, "ip") < 0) { if(ioctl(if_fd, I_PUSH, "ip") < 0) {
logger(LOG_ERR, "Can't push IP module: %s", strerror(errno)); logger(LOG_ERR, "Can't push IP module: %s", strerror(errno));
return false; return false;
@ -105,7 +117,7 @@ bool setup_device(void) {
return true; return true;
} }
void close_device(void) { static void close_device(void) {
close(if_fd); close(if_fd);
close(ip_fd); close(ip_fd);
close(device_fd); close(device_fd);
@ -114,7 +126,7 @@ void close_device(void) {
free(iface); free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
if((lenin = read(device_fd, packet->data + 14, MTU - 14)) <= 0) { if((lenin = read(device_fd, packet->data + 14, MTU - 14)) <= 0) {
@ -149,7 +161,7 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info); packet->len, device_info);
@ -164,8 +176,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t os_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

View file

@ -468,6 +468,8 @@ void subnet_update(node_t *owner, subnet_t *subnet, bool up) {
// 4 and 5 are reserved for SUBNET and WEIGHT // 4 and 5 are reserved for SUBNET and WEIGHT
xasprintf(&envp[6], "REMOTEADDRESS=%s", address); xasprintf(&envp[6], "REMOTEADDRESS=%s", address);
xasprintf(&envp[7], "REMOTEPORT=%s", port); xasprintf(&envp[7], "REMOTEPORT=%s", port);
free(port);
free(address);
} }
name = up ? "subnet-up" : "subnet-down"; name = up ? "subnet-up" : "subnet-down";

View file

@ -1,7 +1,7 @@
/* /*
tincd.c -- the main file for tincd tincd.c -- the main file for tincd
Copyright (C) 1998-2005 Ivo Timmermans Copyright (C) 1998-2005 Ivo Timmermans
2000-2011 Guus Sliepen <guus@tinc-vpn.org> 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
2008 Max Rijevski <maksuf@gmail.com> 2008 Max Rijevski <maksuf@gmail.com>
2009 Michael Tokarev <mjt@tls.msk.ru> 2009 Michael Tokarev <mjt@tls.msk.ru>
2010 Julien Muchembled <jm@jmuchemb.eu> 2010 Julien Muchembled <jm@jmuchemb.eu>
@ -114,6 +114,7 @@ static struct option const long_options[] = {
{"user", required_argument, NULL, 'U'}, {"user", required_argument, NULL, 'U'},
{"logfile", optional_argument, NULL, 4}, {"logfile", optional_argument, NULL, 4},
{"pidfile", required_argument, NULL, 5}, {"pidfile", required_argument, NULL, 5},
{"option", required_argument, NULL, 'o'},
{NULL, 0, NULL, 0} {NULL, 0, NULL, 0}
}; };
@ -129,20 +130,20 @@ static void usage(bool status) {
program_name); program_name);
else { else {
printf("Usage: %s [option]...\n\n", program_name); printf("Usage: %s [option]...\n\n", program_name);
printf(" -c, --config=DIR Read configuration options from DIR.\n" printf(" -c, --config=DIR Read configuration options from DIR.\n"
" -D, --no-detach Don't fork and detach.\n" " -D, --no-detach Don't fork and detach.\n"
" -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n" " -d, --debug[=LEVEL] Increase debug level or set it to LEVEL.\n"
" -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n" " -k, --kill[=SIGNAL] Attempt to kill a running tincd and exit.\n"
" -n, --net=NETNAME Connect to net NETNAME.\n" " -n, --net=NETNAME Connect to net NETNAME.\n"
" -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n" " -K, --generate-keys[=BITS] Generate public/private RSA keypair.\n"
" -L, --mlock Lock tinc into main memory.\n" " -L, --mlock Lock tinc into main memory.\n"
" --logfile[=FILENAME] Write log entries to a logfile.\n" " --logfile[=FILENAME] Write log entries to a logfile.\n"
" --pidfile=FILENAME Write PID to FILENAME.\n" " --pidfile=FILENAME Write PID to FILENAME.\n"
" -o [HOST.]KEY=VALUE Set global/host configuration value.\n" " -o, --option=[HOST.]KEY=VALUE Set global/host configuration value.\n"
" -R, --chroot chroot to NET dir at startup.\n" " -R, --chroot chroot to NET dir at startup.\n"
" -U, --user=USER setuid to given USER at startup.\n" " -U, --user=USER setuid to given USER at startup.\n"
" --help Display this help and exit.\n" " --help Display this help and exit.\n"
" --version Output version information and exit.\n\n"); " --version Output version information and exit.\n\n");
printf("Report bugs to tinc@tinc-vpn.org.\n"); printf("Report bugs to tinc@tinc-vpn.org.\n");
} }
} }
@ -361,9 +362,6 @@ static bool keygen(int bits) {
if(!f) if(!f)
return false; return false;
if(disable_old_keys(f))
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
#ifdef HAVE_FCHMOD #ifdef HAVE_FCHMOD
/* Make it unreadable for others. */ /* Make it unreadable for others. */
fchmod(fileno(f), 0600); fchmod(fileno(f), 0600);
@ -384,9 +382,6 @@ static bool keygen(int bits) {
if(!f) if(!f)
return false; return false;
if(disable_old_keys(f))
fprintf(stderr, "Warning: old key(s) found and disabled.\n");
fputc('\n', f); fputc('\n', f);
PEM_write_RSAPublicKey(f, rsa_key); PEM_write_RSAPublicKey(f, rsa_key);
fclose(f); fclose(f);
@ -523,7 +518,7 @@ int main(int argc, char **argv) {
if(show_version) { if(show_version) {
printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE, printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE,
VERSION, __DATE__, __TIME__, PROT_CURRENT); VERSION, __DATE__, __TIME__, PROT_CURRENT);
printf("Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen and others.\n" printf("Copyright (C) 1998-2012 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n" "See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n" "and you are welcome to redistribute it under certain conditions;\n"
@ -586,6 +581,7 @@ int main2(int argc, char **argv) {
InitializeCriticalSection(&mutex); InitializeCriticalSection(&mutex);
EnterCriticalSection(&mutex); EnterCriticalSection(&mutex);
#endif #endif
char *priority = NULL;
if(!detach()) if(!detach())
return 1; return 1;
@ -612,8 +608,6 @@ int main2(int argc, char **argv) {
/* Change process priority */ /* Change process priority */
char *priority = 0;
if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) { if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) {
if(!strcasecmp(priority, "Normal")) { if(!strcasecmp(priority, "Normal")) {
if (setpriority(NORMAL_PRIORITY_CLASS) != 0) { if (setpriority(NORMAL_PRIORITY_CLASS) != 0) {
@ -650,7 +644,7 @@ int main2(int argc, char **argv) {
/* Shutdown properly. */ /* Shutdown properly. */
ifdebug(CONNECTIONS) ifdebug(CONNECTIONS)
dump_device_stats(); devops.dump_stats();
close_network_connections(); close_network_connections();
@ -661,6 +655,8 @@ end:
remove_pid(pidfilename); remove_pid(pidfilename);
#endif #endif
free(priority);
EVP_cleanup(); EVP_cleanup();
ENGINE_cleanup(); ENGINE_cleanup();
CRYPTO_cleanup_all_ex_data(); CRYPTO_cleanup_all_ex_data();
@ -668,6 +664,7 @@ end:
ERR_free_strings(); ERR_free_strings();
exit_configuration(&config_tree); exit_configuration(&config_tree);
list_free(cmdline_conf);
free_names(); free_names();
return status; return status;

View file

@ -1,7 +1,7 @@
/* /*
device.c -- UML network socket device.c -- UML network socket
Copyright (C) 2002-2005 Ivo Timmermans, Copyright (C) 2002-2005 Ivo Timmermans,
2002-2009 Guus Sliepen <guus@tinc-vpn.org> 2002-2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -28,19 +28,17 @@
#include "logger.h" #include "logger.h"
#include "utils.h" #include "utils.h"
#include "route.h" #include "route.h"
#include "xalloc.h"
int device_fd = -1;
static int listen_fd = -1; static int listen_fd = -1;
static int request_fd = -1; static int request_fd = -1;
static int data_fd = -1; static int data_fd = -1;
static int write_fd = -1; static int write_fd = -1;
static int state = 0; static int state = 0;
char *device = NULL;
char *iface = NULL;
static char *device_info; static char *device_info;
extern char *identname; extern char *identname;
extern bool running; extern volatile bool running;
static uint64_t device_total_in = 0; static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0; static uint64_t device_total_out = 0;
@ -56,7 +54,7 @@ static struct request {
static struct sockaddr_un data_sun; static struct sockaddr_un data_sun;
bool setup_device(void) { static bool setup_device(void) {
struct sockaddr_un listen_sun; struct sockaddr_un listen_sun;
static const int one = 1; static const int one = 1;
struct { struct {
@ -79,6 +77,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(write_fd, F_SETFD, FD_CLOEXEC);
#endif
setsockopt(write_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one); setsockopt(write_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
if(fcntl(write_fd, F_SETFL, O_NONBLOCK) < 0) { if(fcntl(write_fd, F_SETFL, O_NONBLOCK) < 0) {
@ -93,6 +95,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(data_fd, F_SETFD, FD_CLOEXEC);
#endif
setsockopt(data_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one); setsockopt(data_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
if(fcntl(data_fd, F_SETFL, O_NONBLOCK) < 0) { if(fcntl(data_fd, F_SETFL, O_NONBLOCK) < 0) {
@ -120,6 +126,10 @@ bool setup_device(void) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
setsockopt(listen_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one); setsockopt(listen_fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof one);
if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) { if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) {
@ -169,13 +179,13 @@ void close_device(void) {
if(iface) free(iface); if(iface) free(iface);
} }
bool read_packet(vpn_packet_t *packet) { static bool read_packet(vpn_packet_t *packet) {
int lenin; int lenin;
switch(state) { switch(state) {
case 0: { case 0: {
struct sockaddr sa; struct sockaddr sa;
int salen = sizeof sa; socklen_t salen = sizeof sa;
request_fd = accept(listen_fd, &sa, &salen); request_fd = accept(listen_fd, &sa, &salen);
if(request_fd < 0) { if(request_fd < 0) {
@ -183,6 +193,10 @@ bool read_packet(vpn_packet_t *packet) {
return false; return false;
} }
#ifdef FD_CLOEXEC
fcntl(request_fd, F_SETFD, FD_CLOEXEC);
#endif
if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) { if(fcntl(listen_fd, F_SETFL, O_NONBLOCK) < 0) {
logger(LOG_ERR, "System call `%s' failed: %s", "fcntl", strerror(errno)); logger(LOG_ERR, "System call `%s' failed: %s", "fcntl", strerror(errno));
running = false; running = false;
@ -244,10 +258,14 @@ bool read_packet(vpn_packet_t *packet) {
return true; return true;
} }
default:
logger(LOG_ERR, "Invalid value for state variable in " __FILE__);
abort();
} }
} }
bool write_packet(vpn_packet_t *packet) { static bool write_packet(vpn_packet_t *packet) {
if(state != 2) { if(state != 2) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Dropping packet of %d bytes to %s: not connected to UML yet", ifdebug(TRAFFIC) logger(LOG_DEBUG, "Dropping packet of %d bytes to %s: not connected to UML yet",
packet->len, device_info); packet->len, device_info);
@ -271,8 +289,16 @@ bool write_packet(vpn_packet_t *packet) {
return true; return true;
} }
void dump_device_stats(void) { static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
} }
const devops_t uml_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};

143
src/vde_device.c Normal file
View file

@ -0,0 +1,143 @@
/*
device.c -- VDE plug
Copyright (C) 2012 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "system.h"
#include <libvdeplug_dyn.h>
#include "conf.h"
#include "device.h"
#include "net.h"
#include "logger.h"
#include "utils.h"
#include "route.h"
#include "xalloc.h"
static struct vdepluglib plug;
static struct vdeconn *conn = NULL;
static int port = 0;
static char *group = NULL;
static char *device_info;
extern char *identname;
extern volatile bool running;
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
static bool setup_device(void) {
libvdeplug_dynopen(plug);
if(!plug.dl_handle) {
logger(LOG_ERR, "Could not open libvdeplug library!");
return false;
}
if(!get_config_string(lookup_config(config_tree, "Device"), &device))
xasprintf(&device, LOCALSTATEDIR "/run/vde.ctl");
get_config_string(lookup_config(config_tree, "Interface"), &iface);
get_config_int(lookup_config(config_tree, "VDEPort"), &port);
get_config_string(lookup_config(config_tree, "VDEGroup"), &group);
device_info = "VDE socket";
struct vde_open_args args = {
.port = port,
.group = group,
.mode = 0700,
};
conn = plug.vde_open(device, identname, &args);
if(!conn) {
logger(LOG_ERR, "Could not open VDE socket %s", device);
return false;
}
device_fd = plug.vde_datafd(conn);
#ifdef FD_CLOEXEC
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
logger(LOG_INFO, "%s is a %s", device, device_info);
if(routing_mode == RMODE_ROUTER)
overwrite_mac = true;
return true;
}
static void close_device(void) {
if(conn)
plug.vde_close(conn);
if(plug.dl_handle)
libvdeplug_dynclose(plug);
free(device);
free(iface);
}
static bool read_packet(vpn_packet_t *packet) {
int lenin = plug.vde_recv(conn, packet->data, MTU, 0);
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info, device, strerror(errno));
running = false;
return false;
}
packet->len = lenin;
device_total_in += packet->len;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Read packet of %d bytes from %s", packet->len, device_info);
return true;
}
static bool write_packet(vpn_packet_t *packet) {
if(plug.vde_send(conn, packet->data, packet->len, 0) < 0) {
if(errno != EINTR && errno != EAGAIN) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device, strerror(errno));
running = false;
}
return false;
}
device_total_out += packet->len;
return true;
}
static void dump_device_stats(void) {
logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device);
logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in);
logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out);
}
const devops_t vde_devops = {
.setup = setup_device,
.close = close_device,
.read = read_packet,
.write = write_packet,
.dump_stats = dump_device_stats,
};