diff --git a/AUTHORS b/AUTHORS index 7c20a8d..e418996 100644 --- a/AUTHORS +++ b/AUTHORS @@ -8,6 +8,9 @@ Significant contributions from: - Grzegorz Dymarek - Max Rijevski - Scott Lamb +- Julien Muchembled +- Timothy Redaelli +- Brandon Black These files are from other sources: * lib/pidfile.h and lib/pidfile.c are by Martin Schulze, taken from diff --git a/ChangeLog b/ChangeLog index f2a5307..1a79275 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,444 @@ +commit f3f7ccfb2890576cb8992ec5e432310cec27627a +Author: Guus Sliepen +Date: Sun May 8 23:15:25 2011 +0200 + + Releasing 1.0.14. + +commit 0d906489f2ce9faf81dc230f7db6ab5378573554 +Author: Guus Sliepen +Date: Sun May 8 23:12:44 2011 +0200 + + Include when using intptr_t. + +commit dc887f5011834d5a9a6ec5deb8781c6bfd88c474 +Author: Guus Sliepen +Date: Sun May 8 23:12:06 2011 +0200 + + Ensure proper linking with OpenSSL with recent versions of MinGW. + +commit 67766d65f06854ee894d784f638c5c9cd2b50bca +Author: Guus Sliepen +Date: Sun May 8 21:22:20 2011 +0200 + + Update THANKS and copyright information. + +commit 6e6b037ef4fd9877aeb1d947da7364409fa8cbb7 +Author: Guus Sliepen +Date: Sun May 8 21:06:06 2011 +0200 + + Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL. + + The latter function disappeared, and wasn't actually used in tinc, so now we + check on a function that we do use. + +commit 257cb6ac60bb0924720de9e252cdf7f4759bf741 +Author: Guus Sliepen +Date: Sun May 8 12:40:44 2011 +0200 + + Always use the default signal handler for ABRT signals. + + This will allow coredumps to be generated when tinc is daemonized. + Also add the -kABRT option. + +commit eacb5a28fb4c1515633f2b8a206e7067bc7b8f0c +Author: Guus Sliepen +Date: Sun May 8 12:16:26 2011 +0200 + + Increase threshold for detecting two nodes with the same Name. + + In commit 4a21aabada23d1d2c8a10f54dd7248171c4ec82f, code was added to detect + contradicting ADD_EDGE and DEL_EDGE messages being sent, which is an indication + of two nodes with the same Name connected to the same VPN. However, these + contradictory messages can also happen when there is a network partitioning. In + the former case a loop happens which causes many contradictory message, while + in the latter case only a few of those messages will be sent. So, now we + increase the threshold to at least 10 of both ADD_EDGE and DEL_EDGE messages. + +commit f11c6101f30df645223920bef3eb7592de9bcb79 +Author: Julien Muchembled +Date: Thu Apr 28 13:21:55 2011 +0200 + + Fix command-line '-o' option for host configuration + + This fixes a regression introduced by commit 667b1ba while refactoring option + parsing code. + +commit 0aa86d4b8b3010522e6de8842f5bd29004ba3df6 +Author: Guus Sliepen +Date: Wed Mar 9 09:34:56 2011 +0100 + + Do not set indirect flag on edges from nodes with multiple addresses. + + Since tinc now handles UDP packets with a different source address and port + than used for TCP connections, the heuristic to treat edges as indirect when + tinc could detect that multiple addresses were used does not make sense + anymore, and can actually reduce performance. + +commit 7cf68b5e35c002511cc7468967de6a75934cc998 +Author: Guus Sliepen +Date: Fri Feb 18 23:11:43 2011 +0100 + + Prevent anything from updating our own UDP address. + + Because we don't want to keep track of that, and this will cause the node + structure from being relinked into the node tree, which results in myself + pointing to an invalid address. + +commit cdbbbfabea173894bd2fb5f28135a04ddc5e3fd7 +Author: Guus Sliepen +Date: Fri Feb 18 23:02:11 2011 +0100 + + Fix spurious misidentification of incoming UDP packets. + + When a UDP packet was received with an unknown source address/port, and if it + failed a HMAC check against known keys, it could still incorrectly assign that + UDP address to another node. This would temporarily cause outgoing UDP packets + to go to the wrong destination address, until packets from the correct address + were received again. + +commit 046d83bf91e01bc7a32e66a02758caf228bc4601 +Author: Rumko +Date: Sat Feb 12 18:22:14 2011 +0100 + + DragonFlyBSD support + + * added DragonFly BSD support + * added a check for sys/resource.h (needed on DragonFly) + +commit f017c7f98f8f68d6ca50ebe247f4115aadd93635 +Author: Guus Sliepen +Date: Mon Feb 7 18:34:55 2011 +0100 + + Add support for VDE through libvdeplug. + + When compiled with vde/device.c, tinc will connect to a vde_switch instance + instead of using a tun/tap device. + +commit 8d18cc6c4e625625a2437d26c587f9f382a0c589 +Author: Guus Sliepen +Date: Sat Jan 29 10:49:44 2011 +0100 + + Fix typo spotted by Andrew Scheller. + +commit b3731c04097e66a6b8908bb893c5da831d89c04d +Author: Guus Sliepen +Date: Wed Jan 12 20:57:14 2011 +0100 + + Proper check and dropin replacement for usleep(). + +commit 4b8a5993036fccc2108fcc2550649d9b78fb1ab7 +Author: Guus Sliepen +Date: Sun Jan 2 17:25:24 2011 +0100 + + Update the NEWS. + +commit c228da54d47657811dfb679e7f138cbba58a9f67 +Author: Guus Sliepen +Date: Sun Jan 2 17:25:03 2011 +0100 + + Update the manual. + +commit 4575c6c7dffe228ce302776022a2075b7ef37ab0 +Author: Guus Sliepen +Date: Sun Jan 2 17:24:23 2011 +0100 + + Document the behavior of "-n." + +commit 6c05bf082b1ce9acfc0ebb5c6f32c2ece41c7f80 +Author: Guus Sliepen +Date: Sun Jan 2 16:59:42 2011 +0100 + + Remove unused variables. + +commit 6a51d89cf706bcefce1861a1a66d40ef7d7db43b +Author: Guus Sliepen +Date: Sun Jan 2 16:55:42 2011 +0100 + + Replace bogus #else with #endif. + + Found by cppcheck, which complained about lenin not being initialized, but the + real problem is that reading packets would fail when using code compiled with + --tunemu on a normal tun device. + +commit d7636352ce359e807b392a6e5ac0a6aeff4a63d2 +Author: Guus Sliepen +Date: Sun Jan 2 16:52:36 2011 +0100 + + Limit field width when scanning PID file. + + Cppcheck warns that scanf() might otherwise crash when presented with a huge, + bogus PID file. + +commit 3ce5e292da8bab3a1316faf1ca18625f05074467 +Author: Guus Sliepen +Date: Sun Jan 2 16:50:24 2011 +0100 + + Close all filedescriptors in Solaris close_device(). + +commit f99661a4ca5bacff47239ce7978b9c9948917c54 +Author: Guus Sliepen +Date: Sun Jan 2 15:02:23 2011 +0100 + + Always send MTU probes at least once every PingInterval. + + Before, if MTU probes failed, tinc would stop sending probes until the next + time keys were regenerated (by default, once every hour). Now it continues to + send them every PingInterval, so it recovers faster from temporary failures. + +commit cac0a5c651535e8317839b0deff1ee98086a8184 +Author: Guus Sliepen +Date: Sat Nov 20 14:31:11 2010 +0000 + + Use setpriority() instead of nice() on UNIX-like systems. + + The return value of nice() can not reliably indicate errors. The return value + of the setpriority() call is well-defined. + +commit d91903ef3c2a1f4481ae8757bb2b14282f2b7e68 +Author: Guus Sliepen +Date: Tue Nov 16 17:28:41 2010 +0100 + + Attribution for Brandon Black. + +commit e764ff7be9949c91865aff72844357e76ae6dd78 +Author: Guus Sliepen +Date: Tue Nov 16 16:45:36 2010 +0100 + + Fix variable length array declaration. + +commit 5eb0440110f99f0a49838cc00a0686c7a7595663 +Author: Guus Sliepen +Date: Sat Nov 13 21:36:51 2010 +0100 + + Free replay window when freeing a node_t. + +commit a9445e38f25bd24eca289768fc46e44e36b842ac +Author: Guus Sliepen +Date: Sat Nov 13 21:34:59 2010 +0100 + + Fix warning message when setting SO_RCVBUF or SO_SNDBUF fails. + +commit 0d61d4ae1358553fc8dde350747542f137f5cb8b +Author: Brandon L Black +Date: Sat Nov 13 12:05:51 2010 -0600 + + Improved handling of queue-jumping packets on receive + +commit 23acc19bc090051156ad895caed61848f5afb144 +Author: Brandon L Black +Date: Sat Nov 13 12:05:50 2010 -0600 + + Configurable ReplayWindow size, zero disables + +commit 8dfe1b374e165ecba5d3ae324ee834d337476be8 +Author: Brandon L Black +Date: Sat Nov 13 12:05:49 2010 -0600 + + Configurable SO_RCVBUF/SO_SNDBUF for the UDP socket + +commit 3f410e2f8f7c365630f226adf4904935698f9e0d +Author: Brandon L Black +Date: Sat Nov 13 12:05:48 2010 -0600 + + Experimental IFF_ONE_QUEUE support for Linux + +commit 9e3ca397735077f85bbde48c36e1b3e0fa950988 +Author: Guus Sliepen +Date: Sat Nov 13 15:55:38 2010 +0100 + + Use variable length arrays instead of alloca(). + +commit e2e6ec8050274b0a8678d6fc263e7dc4ef66feae +Author: Guus Sliepen +Date: Sat Nov 13 15:50:39 2010 +0100 + + Provide usleep() for Windows. + +commit 930bf74fbe5ce8363b6cc2ae3a3e960e910e0996 +Author: Guus Sliepen +Date: Fri Nov 12 11:38:05 2010 +0100 + + Don't use strlen() on a NULL pointer. + + A bug introduced in commit 667b1bac77b134cf32c98d5dc25619e8c3303f52 caused tinc + to crash on startup. + +commit a07aa92176571eb7f063708640d0d486280808ef +Author: Guus Sliepen +Date: Fri Nov 12 11:33:01 2010 +0100 + + Add short options -R and -U to the tincd(8) manpage. + +commit 66b7aea294896a99df289231143a506b422b994c +Author: Guus Sliepen +Date: Tue Nov 2 14:23:43 2010 +0100 + + Read error counter must be static. + +commit a91bf2dfcd0f5857905e59da7d944654e0875503 +Author: Guus Sliepen +Date: Tue Nov 2 14:18:35 2010 +0100 + + Quit when there are too many consecutive errors on the tun/tap device. + + Although transient errors sometimes happen on the tun/tap device (for example, + if the kernel is temporarily out of buffer space), there are situations where + the tun/tap device becomes permanently broken. Instead of endlessly spamming + the syslog, we now sleep an increasing amount of time between consecutive read + errors, and if reads still fail after 10 attempts (approximately 3 seconds), + tinc will quit. + +commit aca70cd3c3fe787e62c618849e43f67b3870ac20 +Author: Michael Tokarev +Date: Sun Oct 24 15:23:10 2010 +0400 + + Treat netname="." in a special way. + + Treat netname "." in a special way as if there was no netname + specified. Before, f.e. tincd -n. -k didn't work as it tried + to open /var/run/tinc-.pid. Now -n. works as if there was no + -n option is specified. + + Signed-Off-By: Michael Tokarev + +commit 5f729f76f5a63114df582fc29f4189140c1e5ead +Author: Guus Sliepen +Date: Fri Oct 22 22:46:44 2010 +0200 + + Remove unused variables. + + These were caused by commit 667b1bac77b134cf32c98d5dc25619e8c3303f52. + +commit 20ae7dd8c12390f7360eb28cc17e1b8a8a706b06 +Author: Guus Sliepen +Date: Fri Oct 22 22:43:50 2010 +0200 + + Abort disabling old PEM keys on I/O errors. + +commit a08462bf845973016e061b8ca1233142d80416f6 +Author: Guus Sliepen +Date: Fri Oct 22 22:42:21 2010 +0200 + + Ensure there is a newline character before a PEM key is written. + +commit c6ccbadfcf93a7bd4a88dee8ff146b4db7f85e71 +Author: Guus Sliepen +Date: Fri Oct 22 13:40:04 2010 +0200 + + Attribution for Timothy Redaelli. + +commit 1c2cd7ed273ee1538ff8a13d036c68aa9992c4aa +Author: Guus Sliepen +Date: Fri Oct 22 13:17:42 2010 +0200 + + Attribution for Julien Muchembled. + +commit 667b1bac77b134cf32c98d5dc25619e8c3303f52 +Author: Guus Sliepen +Date: Fri Oct 22 13:06:06 2010 +0200 + + Remove duplicate command-line option parsing. + + Also fix parsing of command-line host configuration options for the local node. + +commit ff71f289022ccb91abc2726f16522d55b5ccf0f6 +Author: Guus Sliepen +Date: Fri Oct 22 12:47:12 2010 +0200 + + Merge local host configuration with server configuration. + + With some exceptions, tinc only accepted host configuration options for the + local node from the corresponding host configuration file. Although this is + documented, many people expect that they can also put those options in + tinc.conf. Tinc now internally merges the contents of both tinc.conf and the + local host configuration file. + +commit 8c3105283ac53f8cc9cc4dde25957ec1cf6b53a0 +Author: Julien Muchembled +Date: Fri Sep 3 13:34:22 2010 +0200 + + New '-o' option to configure server or hosts from command line + + Options given on the command line have precedence over configuration from files. + + This can be useful, for example, for a roaming node, for which 'ConnectTo' and + .Address depends on its location. + +commit 4b6a9f1c1f645ce5989692655337d9e23ca28648 +Author: Guus Sliepen +Date: Fri Jun 4 16:03:19 2010 +0200 + + Do not append an address to ANS_KEY messages if we don't know any address. + + This would let tinc raise an exception when an ANS_KEY request crossed a + DEL_EDGE request for the node sending the key. + +commit 798fa2f04c52b0639713f74b1195847bec40c16a +Author: Guus Sliepen +Date: Fri Jun 4 15:04:08 2010 +0200 + + Use 64 bit counters to keep track of bytes sent/received from the virtual network interface. + +commit 4a21aabada23d1d2c8a10f54dd7248171c4ec82f +Author: Guus Sliepen +Date: Fri Jun 4 14:53:52 2010 +0200 + + Detect and prevent two nodes with the same Name being on the VPN simultaneously. + + In this situation, the two nodes will start fighting over the edges they announced. + When we have to contradict both ADD_EDGE and DEL_EDGE messages, we log a warning, + and with 25% chance per PingTimeout we quit. + +commit dbf3d168b720045328d476f3b9e5f5e45b4ab6de +Author: Guus Sliepen +Date: Fri May 7 12:24:49 2010 +0200 + + Use strrchr() insteaad of rindex(). + + The latter function is deprecated, some build environments do not support. + +commit eda71798749e8b0abf5e8b3cbc11da82aa607f00 +Author: Timothy Redaelli +Date: Tue May 4 15:43:48 2010 +0200 + + Fix warnings under BSD + +commit df985256a766ee90f2fa4269b95fa0565c969dda +Author: Timothy Redaelli +Date: Tue May 4 00:27:44 2010 +0200 + + Fix warnings showed using -D_FORTIFY_SOURCE=2 + +commit f5122ccecee095b9185b2324dea7bcd9655462ee +Author: Guus Sliepen +Date: Sat May 1 15:39:59 2010 +0200 + + Fix all warnings when compiling with mingw64. + +commit ef92a5725c47c6e8e801e07190dd7dd3f9cb3a17 +Author: Guus Sliepen +Date: Sat May 1 15:39:03 2010 +0200 + + OpenSSL 1.0.0 compiled for 64 bit Windows requires linking with -lcrypt32. + +commit 0fdd7da52077d77a11a3646eb3e7d5b6ffa178e8 +Author: Guus Sliepen +Date: Sat May 1 15:38:04 2010 +0200 + + Use intptr_t instead of long to store a pointer. + +commit c94ede3b8708cdf105a3fecfc119a558e1583f27 +Author: Guus Sliepen +Date: Sat May 1 15:37:11 2010 +0200 + + Define WINVER before including any other header file on Windows. + +commit 4766359e1426bdf1383c898d6103d8760e5e296d +Author: Guus Sliepen +Date: Sat Apr 17 12:01:38 2010 +0200 + + Fix reading configuration files that do not end with a newline. Again. + commit 26b8cf8680ae68443dccac2adbc2361caafc3712 Author: Guus Sliepen Date: Sun Apr 11 20:40:20 2010 +0200 diff --git a/Makefile.in b/Makefile.in index 837e15d..3101701 100644 --- a/Makefile.in +++ b/Makefile.in @@ -37,7 +37,7 @@ subdir = . DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(srcdir)/config.h.in \ $(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \ - THANKS config.guess config.sub depcomp install-sh missing + THANKS TODO config.guess config.sub depcomp install-sh missing ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \ $(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/openssl.m4 \ diff --git a/NEWS b/NEWS index a753f1c..792a71f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,24 @@ +Version 1.0.14 May 8 2011 + + * Fixed reading configuration files that do not end with a newline. Again. + + * Allow arbitrary configuration options being specified on the command line. + + * Allow all options in both tinc.conf and the local host config file. + + * Configurable replay window, UDP send and receive buffers for performance tuning. + + * Try harder to get UDP communication back after falling back to TCP. + + * Initial support for attaching tinc to a VDE switch. + + * DragonFly BSD support. + + * Allow linking with OpenSSL 1.0.0. + + Thanks to Brandon Black, Julien Muchembled, Michael Tokarev, Rumko and Timothy + Redaelli for their contributions to this version of tinc. + Version 1.0.13 Apr 11 2010 * Allow building tinc without LZO and/or Zlib. diff --git a/README b/README index 80cf0a6..bc8bea0 100644 --- a/README +++ b/README @@ -1,7 +1,7 @@ -This is the README file for tinc version 1.0.13. Installation +This is the README file for tinc version 1.0.14. Installation instructions may be found in the INSTALL file. -tinc is Copyright (C) 1998-2010 by: +tinc is Copyright (C) 1998-2011 by: Ivo Timmermans, Guus Sliepen , @@ -55,7 +55,7 @@ should be changed into "Device", and "Device" should be changed into Compatibility ------------- -Version 1.0.13 is compatible with 1.0pre8, 1.0 and later, but not with older +Version 1.0.14 is compatible with 1.0pre8, 1.0 and later, but not with older versions of tinc. @@ -69,14 +69,12 @@ this library is not installed on you system, configure will fail. The manual in doc/tinc.texi contains more detailed information on how to install this library. -Since 1.0pre6, the zlib library is used for optional compression. You need this -library whether or not you plan to enable the compression. You can find it at -http://www.gzip.org/zlib/. Because of a possible exploit in earlier versions we -recommand that you download version 1.1.4 or later. +Since 1.0pre6, the zlib library is used for optional compression. You can +find it at http://www.gzip.org/zlib/. Because of a possible exploit in +earlier versions we recommend that you download version 1.1.4 or later. -Since 1.0, the lzo library is also used for optional compression. You need this -library whether or not you plan to enable compression. You can find it at -http://www.oberhumer.com/opensource/lzo/. +Since 1.0, the lzo library is also used for optional compression. You can +find it at http://www.oberhumer.com/opensource/lzo/. In order to compile tinc, you will need a GNU C compiler environment. diff --git a/THANKS b/THANKS index 08f17d5..dc1297b 100644 --- a/THANKS +++ b/THANKS @@ -4,6 +4,7 @@ We would like to thank the following people for their contributions to tinc: * Allesandro Gatti * Andreas van Cranenburgh * Armijn Hemel +* Brandon Black * Cris van Pelt * Delf Eldkraft * dnk @@ -17,6 +18,7 @@ We would like to thank the following people for their contributions to tinc: * Jason Harper * Jeroen Ubbink * Jerome Etienne +* Julien Muchembled * Lubomír Bulej * Mads Kiilerich * Marc A. Lehmann @@ -31,6 +33,7 @@ We would like to thank the following people for their contributions to tinc: * Nick Patavalis * Paul Littlefield * Robert van der Meulen +* Rumko * Scott Lamb * Sven-Haegar Koch * Teemu Kiviniemi diff --git a/TODO b/TODO new file mode 100644 index 0000000..de3fbfe --- /dev/null +++ b/TODO @@ -0,0 +1,7 @@ +* end-to-end encryption +* perfect forward secrecy, ECDH +* AES in counter mode +* Replay + Delay protection +* MPLS-like label +* Conflicting Subnets or key-name pairs: disable both, inform admin + diff --git a/aclocal.m4 b/aclocal.m4 index 912b927..5a7e88c 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -13,8 +13,8 @@ m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl -m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.65],, -[m4_warning([this file was generated for autoconf 2.65. +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.68],, +[m4_warning([this file was generated for autoconf 2.68. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically `autoreconf'.])]) diff --git a/config.h.in b/config.h.in index 3389e9b..bd0cc8a 100644 --- a/config.h.in +++ b/config.h.in @@ -58,6 +58,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_DIRENT_H +/* DragonFly */ +#undef HAVE_DRAGONFLY + /* Define to 1 if you have the `EVP_EncryptInit_ex' function. */ #undef HAVE_EVP_ENCRYPTINIT_EX @@ -173,6 +176,12 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_TYPES_H +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_TAP_IF_TAP_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_NET_TUN_IF_TUN_H + /* OpenBSD */ #undef HAVE_OPENBSD @@ -303,6 +312,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_PARAM_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_RESOURCE_H + /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKET_H @@ -327,6 +339,9 @@ /* Define to 1 if you have the `unsetenv' function. */ #undef HAVE_UNSETENV +/* Define to 1 if you have the `usleep' function. */ +#undef HAVE_USLEEP + /* Define to 1 if you have the `vsyslog' function. */ #undef HAVE_VSYSLOG diff --git a/configure b/configure index e1ce990..fac7ab7 100755 --- a/configure +++ b/configure @@ -1,11 +1,11 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65. +# Generated by GNU Autoconf 2.68. # # # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, -# Inc. +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -89,6 +89,7 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. +as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -214,11 +215,18 @@ IFS=$as_save_IFS # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. + # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV export CONFIG_SHELL - exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} + case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; + esac + exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} fi if test x$as_have_required = xno; then : @@ -316,7 +324,7 @@ $as_echo X"$as_dir" | test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p @@ -356,19 +364,19 @@ else fi # as_fn_arith -# as_fn_error ERROR [LINENO LOG_FD] -# --------------------------------- +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with status $?, using 1 if that was 0. +# script with STATUS, using 1 if that was 0. as_fn_error () { - as_status=$?; test $as_status -eq 0 && as_status=1 - if test "$3"; then - as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi - $as_echo "$as_me: error: $1" >&2 + $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error @@ -530,7 +538,7 @@ test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. -# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` @@ -783,8 +791,9 @@ do fi case $ac_option in - *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *) ac_optarg=yes ;; + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. @@ -829,7 +838,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error "invalid feature name: $ac_useropt" + as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -855,7 +864,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error "invalid feature name: $ac_useropt" + as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1059,7 +1068,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error "invalid package name: $ac_useropt" + as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1075,7 +1084,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error "invalid package name: $ac_useropt" + as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1105,8 +1114,8 @@ do | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; - -*) as_fn_error "unrecognized option: \`$ac_option' -Try \`$0 --help' for more information." + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" ;; *=*) @@ -1114,7 +1123,7 @@ Try \`$0 --help' for more information." # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) - as_fn_error "invalid variable name: \`$ac_envvar'" ;; + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; @@ -1124,7 +1133,7 @@ Try \`$0 --help' for more information." $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac @@ -1132,13 +1141,13 @@ done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` - as_fn_error "missing argument to $ac_option" + as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; - fatal) as_fn_error "unrecognized options: $ac_unrecognized_opts" ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi @@ -1161,7 +1170,7 @@ do [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac - as_fn_error "expected an absolute directory name for --$ac_var: $ac_val" + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' @@ -1175,8 +1184,8 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used." >&2 + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1191,9 +1200,9 @@ test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - as_fn_error "working directory cannot be determined" + as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - as_fn_error "pwd does not report name of working directory" + as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. @@ -1232,11 +1241,11 @@ else fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - as_fn_error "cannot find sources ($ac_unique_file) in $srcdir" + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error "$ac_msg" + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then @@ -1276,7 +1285,7 @@ Configuration: --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking...' messages + -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files @@ -1442,9 +1451,9 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF configure -generated by GNU Autoconf 2.65 +generated by GNU Autoconf 2.68 -Copyright (C) 2009 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1488,7 +1497,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile @@ -1514,7 +1523,7 @@ $as_echo "$ac_try_echo"; } >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } >/dev/null && { + test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : @@ -1525,7 +1534,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp @@ -1538,10 +1547,10 @@ fi ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 @@ -1577,7 +1586,7 @@ if ac_fn_c_try_cpp "$LINENO"; then : else ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } @@ -1604,7 +1613,7 @@ $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" @@ -1613,7 +1622,7 @@ eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel @@ -1654,7 +1663,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run @@ -1668,7 +1677,7 @@ ac_fn_c_check_header_compile () as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -1686,7 +1695,7 @@ fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile @@ -1699,7 +1708,7 @@ ac_fn_c_check_type () as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" @@ -1740,7 +1749,7 @@ fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type @@ -1785,7 +1794,7 @@ fi # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link @@ -1798,7 +1807,7 @@ ac_fn_c_check_func () as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -1853,19 +1862,22 @@ fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func -# ac_fn_c_check_decl LINENO SYMBOL VAR -# ------------------------------------ -# Tests whether SYMBOL is declared, setting cache variable VAR accordingly. +# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES +# --------------------------------------------- +# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR +# accordingly. ac_fn_c_check_decl () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $2 is declared" >&5 -$as_echo_n "checking whether $2 is declared... " >&6; } -if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then : + as_decl_name=`echo $2|sed 's/ *(.*//'` + as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 +$as_echo_n "checking whether $as_decl_name is declared... " >&6; } +if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -1874,8 +1886,12 @@ $4 int main () { -#ifndef $2 - (void) $2; +#ifndef $as_decl_name +#ifdef __cplusplus + (void) $as_decl_use; +#else + (void) $as_decl_name; +#endif #endif ; @@ -1892,7 +1908,7 @@ fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } - eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_decl cat >config.log <<_ACEOF @@ -1900,7 +1916,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was -generated by GNU Autoconf 2.65. Invocation command line was +generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2010,11 +2026,9 @@ trap 'exit_status=$? { echo - cat <<\_ASBOX -## ---------------- ## + $as_echo "## ---------------- ## ## Cache variables. ## -## ---------------- ## -_ASBOX +## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( @@ -2048,11 +2062,9 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; ) echo - cat <<\_ASBOX -## ----------------- ## + $as_echo "## ----------------- ## ## Output variables. ## -## ----------------- ## -_ASBOX +## ----------------- ##" echo for ac_var in $ac_subst_vars do @@ -2065,11 +2077,9 @@ _ASBOX echo if test -n "$ac_subst_files"; then - cat <<\_ASBOX -## ------------------- ## + $as_echo "## ------------------- ## ## File substitutions. ## -## ------------------- ## -_ASBOX +## ------------------- ##" echo for ac_var in $ac_subst_files do @@ -2083,11 +2093,9 @@ _ASBOX fi if test -s confdefs.h; then - cat <<\_ASBOX -## ----------- ## + $as_echo "## ----------- ## ## confdefs.h. ## -## ----------- ## -_ASBOX +## ----------- ##" echo cat confdefs.h echo @@ -2142,7 +2150,12 @@ _ACEOF ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then - ac_site_file1=$CONFIG_SITE + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site @@ -2157,7 +2170,11 @@ do { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } fi done @@ -2233,7 +2250,7 @@ if $ac_cache_corrupted; then $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} - as_fn_error "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## @@ -2251,16 +2268,22 @@ am__api_version='1.11' ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - for ac_t in install-sh install.sh shtool; do - if test -f "$ac_dir/$ac_t"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/$ac_t -c" - break 2 - fi - done + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi done if test -z "$ac_aux_dir"; then - as_fn_error "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 fi # These three variables are undocumented and unsupported, @@ -2289,7 +2312,7 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then : +if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -2376,11 +2399,11 @@ am_lf=' ' case `pwd` in *[\\\"\#\$\&\'\`$am_lf]*) - as_fn_error "unsafe absolute working directory name" "$LINENO" 5;; + as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; esac case $srcdir in *[\\\"\#\$\&\'\`$am_lf\ \ ]*) - as_fn_error "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; + as_fn_error $? "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;; esac # Do `set' in a subshell so we don't clobber the current shell's @@ -2402,7 +2425,7 @@ if ( # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". - as_fn_error "ls -t appears to fail. Make sure there is not a broken + as_fn_error $? "ls -t appears to fail. Make sure there is not a broken alias in your environment" "$LINENO" 5 fi @@ -2412,7 +2435,7 @@ then # Ok. : else - as_fn_error "newly created file is older than distributed files! + as_fn_error $? "newly created file is older than distributed files! Check your system clock" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 @@ -2466,7 +2489,7 @@ if test "$cross_compiling" != no; then set dummy ${ac_tool_prefix}strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then : +if ${ac_cv_prog_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$STRIP"; then @@ -2506,7 +2529,7 @@ if test -z "$ac_cv_prog_STRIP"; then set dummy strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then : +if ${ac_cv_prog_ac_ct_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_STRIP"; then @@ -2559,7 +2582,7 @@ INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 $as_echo_n "checking for a thread-safe mkdir -p... " >&6; } if test -z "$MKDIR_P"; then - if test "${ac_cv_path_mkdir+set}" = set; then : + if ${ac_cv_path_mkdir+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -2610,7 +2633,7 @@ do set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then : +if ${ac_cv_prog_AWK+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AWK"; then @@ -2650,7 +2673,7 @@ done $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then : +if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF @@ -2658,7 +2681,7 @@ SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; @@ -2692,7 +2715,7 @@ if test "`cd $srcdir && pwd`" != "`pwd`"; then am__isrc=' -I$(srcdir)' # test to see if srcdir already configured if test -f $srcdir/config.status; then - as_fn_error "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 + as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 fi fi @@ -2708,7 +2731,7 @@ fi # Define the identity of the package. PACKAGE=tinc - VERSION=1.0.13 + VERSION=1.0.14 cat >>confdefs.h <<_ACEOF @@ -2849,7 +2872,7 @@ if test -n "$ac_tool_prefix"; then set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_CC+set}" = set; then : +if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2889,7 +2912,7 @@ if test -z "$ac_cv_prog_CC"; then set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : +if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -2942,7 +2965,7 @@ if test -z "$CC"; then set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_CC+set}" = set; then : +if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2982,7 +3005,7 @@ if test -z "$CC"; then set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_CC+set}" = set; then : +if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -3041,7 +3064,7 @@ if test -z "$CC"; then set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_CC+set}" = set; then : +if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -3085,7 +3108,7 @@ do set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : +if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -3139,8 +3162,8 @@ fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "no acceptable C compiler found in \$PATH -See \`config.log' for more details." "$LINENO" 5; } +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 @@ -3254,9 +3277,8 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -{ as_fn_set_status 77 -as_fn_error "C compiler cannot create executables -See \`config.log' for more details." "$LINENO" 5; }; } +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -3298,8 +3320,8 @@ done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." "$LINENO" 5; } +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 @@ -3356,9 +3378,9 @@ $as_echo "$ac_try_echo"; } >&5 else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "cannot run C compiled programs. +as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. -See \`config.log' for more details." "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5; } fi fi fi @@ -3369,7 +3391,7 @@ rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } -if test "${ac_cv_objext+set}" = set; then : +if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -3409,8 +3431,8 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "cannot compute suffix of object files: cannot compile -See \`config.log' for more details." "$LINENO" 5; } +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi @@ -3420,7 +3442,7 @@ OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then : +if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -3457,7 +3479,7 @@ ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then : +if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag @@ -3535,7 +3557,7 @@ else fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then : +if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no @@ -3634,7 +3656,7 @@ depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 $as_echo_n "checking dependency style of $depcc... " >&6; } -if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then : +if ${am_cv_CC_dependencies_compiler_type+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then @@ -3770,7 +3792,7 @@ if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then : + if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded @@ -3800,7 +3822,7 @@ else # Broken: fails on valid input. continue fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. @@ -3816,11 +3838,11 @@ else ac_preproc_ok=: break fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext +rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi @@ -3859,7 +3881,7 @@ else # Broken: fails on valid input. continue fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. @@ -3875,18 +3897,18 @@ else ac_preproc_ok=: break fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext +rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." "$LINENO" 5; } +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c @@ -3898,7 +3920,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } -if test "${ac_cv_path_GREP+set}" = set; then : +if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then @@ -3947,7 +3969,7 @@ esac done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then - as_fn_error "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP @@ -3961,7 +3983,7 @@ $as_echo "$ac_cv_path_GREP" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } -if test "${ac_cv_path_EGREP+set}" = set; then : +if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 @@ -4013,7 +4035,7 @@ esac done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then - as_fn_error "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP @@ -4028,7 +4050,7 @@ $as_echo "$ac_cv_path_EGREP" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } -if test "${ac_cv_header_stdc+set}" = set; then : +if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -4145,8 +4167,7 @@ do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -4158,7 +4179,7 @@ done ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default" -if test "x$ac_cv_header_minix_config_h" = x""yes; then : +if test "x$ac_cv_header_minix_config_h" = xyes; then : MINIX=yes else MINIX= @@ -4180,7 +4201,7 @@ $as_echo "#define _MINIX 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5 $as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; } -if test "${ac_cv_safe_to_define___extensions__+set}" = set; then : +if ${ac_cv_safe_to_define___extensions__+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -4222,11 +4243,9 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } $as_echo "#define __USE_BSD 1" >>confdefs.h -ALL_LINGUAS="nl" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5 $as_echo_n "checking for $CC option to accept ISO C99... " >&6; } -if test "${ac_cv_prog_cc_c99+set}" = set; then : +if ${ac_cv_prog_cc_c99+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c99=no @@ -4413,7 +4432,7 @@ if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then : + if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded @@ -4443,7 +4462,7 @@ else # Broken: fails on valid input. continue fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. @@ -4459,11 +4478,11 @@ else ac_preproc_ok=: break fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext +rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi @@ -4502,7 +4521,7 @@ else # Broken: fails on valid input. continue fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. @@ -4518,18 +4537,18 @@ else ac_preproc_ok=: break fi -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext +rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." "$LINENO" 5; } +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c @@ -4555,7 +4574,7 @@ if test -n "$ac_tool_prefix"; then set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_RANLIB+set}" = set; then : +if ${ac_cv_prog_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RANLIB"; then @@ -4595,7 +4614,7 @@ if test -z "$ac_cv_prog_RANLIB"; then set dummy ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then : +if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_RANLIB"; then @@ -4646,27 +4665,27 @@ fi # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - as_fn_error "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 + as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 { $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 $as_echo_n "checking build system type... " >&6; } -if test "${ac_cv_build+set}" = set; then : +if ${ac_cv_build+:} false; then : $as_echo_n "(cached) " >&6 else ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` test "x$ac_build_alias" = x && - as_fn_error "cannot guess build type; you must specify one" "$LINENO" 5 + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - as_fn_error "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 $as_echo "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; -*) as_fn_error "invalid value of canonical build" "$LINENO" 5;; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; esac build=$ac_cv_build ac_save_IFS=$IFS; IFS='-' @@ -4684,14 +4703,14 @@ case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 $as_echo_n "checking host system type... " >&6; } -if test "${ac_cv_host+set}" = set; then : +if ${ac_cv_host+:} false; then : $as_echo_n "(cached) " >&6 else if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - as_fn_error "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 fi fi @@ -4699,7 +4718,7 @@ fi $as_echo "$ac_cv_host" >&6; } case $ac_cv_host in *-*-*) ;; -*) as_fn_error "invalid value of canonical host" "$LINENO" 5;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; esac host=$ac_cv_host ac_save_IFS=$IFS; IFS='-' @@ -4753,6 +4772,12 @@ $as_echo "#define HAVE_NETBSD 1" >>confdefs.h rm -f src/device.c; ln -sf bsd/device.c src/device.c ;; + *dragonfly*) + +$as_echo "#define HAVE_DRAGONFLY 1" >>confdefs.h + + rm -f src/device.c; ln -sf bsd/device.c src/device.c + ;; *bsd*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \"Unknown BSD variant" >&5 $as_echo "$as_me: WARNING: \"Unknown BSD variant" >&2;} @@ -4772,10 +4797,10 @@ $as_echo "#define HAVE_CYGWIN 1" >>confdefs.h $as_echo "#define HAVE_MINGW 1" >>confdefs.h rm -f src/device.c; cp -f src/mingw/device.c src/device.c - LIBS="$LIBS -lws2_32" + LIBS="$LIBS -lws2_32 -lgdi32 -lcrypt32" ;; *) - as_fn_error "\"Unknown operating system.\"" "$LINENO" 5 + as_fn_error $? "\"Unknown operating system.\"" "$LINENO" 5 ;; esac @@ -4873,10 +4898,21 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - test "x$cache_file" != "x/dev/null" && + if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} - cat confcache >$cache_file + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} @@ -4895,7 +4931,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } -if test "${ac_cv_header_stdc+set}" = set; then : +if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5005,12 +5041,11 @@ $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi -for ac_header in stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h +for ac_header in stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -5019,14 +5054,13 @@ fi done -for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h +for ac_header in net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" " -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -5041,8 +5075,7 @@ do : ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" " -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -5057,8 +5090,7 @@ do : ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include \"have.h\" " -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -5070,7 +5102,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 $as_echo_n "checking for an ANSI C-conforming const... " >&6; } -if test "${ac_cv_c_const+set}" = set; then : +if ${ac_cv_c_const+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5150,7 +5182,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working volatile" >&5 $as_echo_n "checking for working volatile... " >&6; } -if test "${ac_cv_c_volatile+set}" = set; then : +if ${ac_cv_c_volatile+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5183,7 +5215,7 @@ $as_echo "#define volatile /**/" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" -if test "x$ac_cv_type_pid_t" = x""yes; then : +if test "x$ac_cv_type_pid_t" = xyes; then : else @@ -5194,7 +5226,7 @@ _ACEOF fi ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" -if test "x$ac_cv_type_size_t" = x""yes; then : +if test "x$ac_cv_type_size_t" = xyes; then : else @@ -5206,7 +5238,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 $as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } -if test "${ac_cv_header_time+set}" = set; then : +if ${ac_cv_header_time+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5241,7 +5273,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5 $as_echo_n "checking whether struct tm is in sys/time.h or time.h... " >&6; } -if test "${ac_cv_struct_tm+set}" = set; then : +if ${ac_cv_struct_tm+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5278,7 +5310,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working __malloc__ attribute" >&5 $as_echo_n "checking for working __malloc__ attribute... " >&6; } -if test "${tinc_cv_attribute___malloc__+set}" = set; then : +if ${tinc_cv_attribute___malloc__+:} false; then : $as_echo_n "(cached) " >&6 else @@ -5313,7 +5345,7 @@ $as_echo "#define __malloc__ /**/" >>confdefs.h ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include \"have.h\" " -if test "x$ac_cv_type_socklen_t" = x""yes; then : +if test "x$ac_cv_type_socklen_t" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SOCKLEN_T 1 @@ -5324,7 +5356,7 @@ fi ac_fn_c_check_type "$LINENO" "struct ether_header" "ac_cv_type_struct_ether_header" "#include \"have.h\" " -if test "x$ac_cv_type_struct_ether_header" = x""yes; then : +if test "x$ac_cv_type_struct_ether_header" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ETHER_HEADER 1 @@ -5335,7 +5367,7 @@ fi ac_fn_c_check_type "$LINENO" "struct arphdr" "ac_cv_type_struct_arphdr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_arphdr" = x""yes; then : +if test "x$ac_cv_type_struct_arphdr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ARPHDR 1 @@ -5346,7 +5378,7 @@ fi ac_fn_c_check_type "$LINENO" "struct ether_arp" "ac_cv_type_struct_ether_arp" "#include \"have.h\" " -if test "x$ac_cv_type_struct_ether_arp" = x""yes; then : +if test "x$ac_cv_type_struct_ether_arp" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ETHER_ARP 1 @@ -5357,7 +5389,7 @@ fi ac_fn_c_check_type "$LINENO" "struct in_addr" "ac_cv_type_struct_in_addr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_in_addr" = x""yes; then : +if test "x$ac_cv_type_struct_in_addr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IN_ADDR 1 @@ -5368,7 +5400,7 @@ fi ac_fn_c_check_type "$LINENO" "struct addrinfo" "ac_cv_type_struct_addrinfo" "#include \"have.h\" " -if test "x$ac_cv_type_struct_addrinfo" = x""yes; then : +if test "x$ac_cv_type_struct_addrinfo" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ADDRINFO 1 @@ -5379,7 +5411,7 @@ fi ac_fn_c_check_type "$LINENO" "struct ip" "ac_cv_type_struct_ip" "#include \"have.h\" " -if test "x$ac_cv_type_struct_ip" = x""yes; then : +if test "x$ac_cv_type_struct_ip" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IP 1 @@ -5390,7 +5422,7 @@ fi ac_fn_c_check_type "$LINENO" "struct icmp" "ac_cv_type_struct_icmp" "#include \"have.h\" " -if test "x$ac_cv_type_struct_icmp" = x""yes; then : +if test "x$ac_cv_type_struct_icmp" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ICMP 1 @@ -5401,7 +5433,7 @@ fi ac_fn_c_check_type "$LINENO" "struct in6_addr" "ac_cv_type_struct_in6_addr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_in6_addr" = x""yes; then : +if test "x$ac_cv_type_struct_in6_addr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IN6_ADDR 1 @@ -5412,7 +5444,7 @@ fi ac_fn_c_check_type "$LINENO" "struct sockaddr_in6" "ac_cv_type_struct_sockaddr_in6" "#include \"have.h\" " -if test "x$ac_cv_type_struct_sockaddr_in6" = x""yes; then : +if test "x$ac_cv_type_struct_sockaddr_in6" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_SOCKADDR_IN6 1 @@ -5423,7 +5455,7 @@ fi ac_fn_c_check_type "$LINENO" "struct ip6_hdr" "ac_cv_type_struct_ip6_hdr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_ip6_hdr" = x""yes; then : +if test "x$ac_cv_type_struct_ip6_hdr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_IP6_HDR 1 @@ -5434,7 +5466,7 @@ fi ac_fn_c_check_type "$LINENO" "struct icmp6_hdr" "ac_cv_type_struct_icmp6_hdr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_icmp6_hdr" = x""yes; then : +if test "x$ac_cv_type_struct_icmp6_hdr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ICMP6_HDR 1 @@ -5445,7 +5477,7 @@ fi ac_fn_c_check_type "$LINENO" "struct nd_neighbor_solicit" "ac_cv_type_struct_nd_neighbor_solicit" "#include \"have.h\" " -if test "x$ac_cv_type_struct_nd_neighbor_solicit" = x""yes; then : +if test "x$ac_cv_type_struct_nd_neighbor_solicit" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ND_NEIGHBOR_SOLICIT 1 @@ -5456,7 +5488,7 @@ fi ac_fn_c_check_type "$LINENO" "struct nd_opt_hdr" "ac_cv_type_struct_nd_opt_hdr" "#include \"have.h\" " -if test "x$ac_cv_type_struct_nd_opt_hdr" = x""yes; then : +if test "x$ac_cv_type_struct_nd_opt_hdr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ND_OPT_HDR 1 @@ -5468,7 +5500,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working memcmp" >&5 $as_echo_n "checking for working memcmp... " >&6; } -if test "${ac_cv_func_memcmp_working+set}" = set; then : +if ${ac_cv_func_memcmp_working+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : @@ -5532,7 +5564,7 @@ esac # for constant arguments. Useless! { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working alloca.h" >&5 $as_echo_n "checking for working alloca.h... " >&6; } -if test "${ac_cv_working_alloca_h+set}" = set; then : +if ${ac_cv_working_alloca_h+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5565,7 +5597,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca" >&5 $as_echo_n "checking for alloca... " >&6; } -if test "${ac_cv_func_alloca_works+set}" = set; then : +if ${ac_cv_func_alloca_works+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5584,7 +5616,7 @@ else #pragma alloca # else # ifndef alloca /* predefined by HP cc +Olibcalls */ -char *alloca (); +void *alloca (size_t); # endif # endif # endif @@ -5628,7 +5660,7 @@ $as_echo "#define C_ALLOCA 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether \`alloca.c' needs Cray hooks" >&5 $as_echo_n "checking whether \`alloca.c' needs Cray hooks... " >&6; } -if test "${ac_cv_os_cray+set}" = set; then : +if ${ac_cv_os_cray+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5655,8 +5687,7 @@ if test $ac_cv_os_cray = yes; then for ac_func in _getb67 GETB67 getb67; do as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -eval as_val=\$$as_ac_var - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define CRAY_STACKSEG_END $ac_func @@ -5670,7 +5701,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking stack direction for C alloca" >&5 $as_echo_n "checking stack direction for C alloca... " >&6; } -if test "${ac_cv_c_stack_direction+set}" = set; then : +if ${ac_cv_c_stack_direction+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : @@ -5720,7 +5751,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 $as_echo_n "checking return type of signal handlers... " >&6; } -if test "${ac_cv_type_signal+set}" = set; then : +if ${ac_cv_type_signal+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -5751,12 +5782,11 @@ cat >>confdefs.h <<_ACEOF _ACEOF -for ac_func in asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall putenv random select strdup strerror strsignal strtol system unsetenv vsyslog writev +for ac_func in asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall putenv random select strdup strerror strsignal strtol system unsetenv usleep vsyslog writev do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -eval as_val=\$$as_ac_var - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF @@ -5767,7 +5797,7 @@ done for ac_header in stdlib.h do : ac_fn_c_check_header_mongrel "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default" -if test "x$ac_cv_header_stdlib_h" = x""yes; then : +if test "x$ac_cv_header_stdlib_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STDLIB_H 1 _ACEOF @@ -5778,7 +5808,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible malloc" >&5 $as_echo_n "checking for GNU libc compatible malloc... " >&6; } -if test "${ac_cv_func_malloc_0_nonnull+set}" = set; then : +if ${ac_cv_func_malloc_0_nonnull+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : @@ -5834,7 +5864,7 @@ fi for ac_header in stdlib.h do : ac_fn_c_check_header_mongrel "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default" -if test "x$ac_cv_header_stdlib_h" = x""yes; then : +if test "x$ac_cv_header_stdlib_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STDLIB_H 1 _ACEOF @@ -5845,7 +5875,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible realloc" >&5 $as_echo_n "checking for GNU libc compatible realloc... " >&6; } -if test "${ac_cv_func_realloc_0_nonnull+set}" = set; then : +if ${ac_cv_func_realloc_0_nonnull+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : @@ -5901,13 +5931,13 @@ fi ac_fn_c_check_func "$LINENO" "socket" "ac_cv_func_socket" -if test "x$ac_cv_func_socket" = x""yes; then : +if test "x$ac_cv_func_socket" = xyes; then : else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for connect in -lsocket" >&5 $as_echo_n "checking for connect in -lsocket... " >&6; } -if test "${ac_cv_lib_socket_connect+set}" = set; then : +if ${ac_cv_lib_socket_connect+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -5941,7 +5971,7 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_connect" >&5 $as_echo "$ac_cv_lib_socket_connect" >&6; } -if test "x$ac_cv_lib_socket_connect" = x""yes; then : +if test "x$ac_cv_lib_socket_connect" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBSOCKET 1 _ACEOF @@ -5954,13 +5984,13 @@ fi fi ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname" -if test "x$ac_cv_func_gethostbyname" = x""yes; then : +if test "x$ac_cv_func_gethostbyname" = xyes; then : else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5 $as_echo_n "checking for gethostbyname in -lnsl... " >&6; } -if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then : +if ${ac_cv_lib_nsl_gethostbyname+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -5994,7 +6024,7 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5 $as_echo "$ac_cv_lib_nsl_gethostbyname" >&6; } -if test "x$ac_cv_lib_nsl_gethostbyname" = x""yes; then : +if test "x$ac_cv_lib_nsl_gethostbyname" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBNSL 1 _ACEOF @@ -6010,7 +6040,7 @@ fi ac_fn_c_check_decl "$LINENO" "freeaddrinfo" "ac_cv_have_decl_freeaddrinfo" "#include \"have.h\" " -if test "x$ac_cv_have_decl_freeaddrinfo" = x""yes; then : +if test "x$ac_cv_have_decl_freeaddrinfo" = xyes; then : ac_have_decl=1 else ac_have_decl=0 @@ -6022,7 +6052,7 @@ _ACEOF ac_fn_c_check_decl "$LINENO" "gai_strerror" "ac_cv_have_decl_gai_strerror" "#include \"have.h\" " -if test "x$ac_cv_have_decl_gai_strerror" = x""yes; then : +if test "x$ac_cv_have_decl_gai_strerror" = xyes; then : ac_have_decl=1 else ac_have_decl=0 @@ -6034,7 +6064,7 @@ _ACEOF ac_fn_c_check_decl "$LINENO" "getaddrinfo" "ac_cv_have_decl_getaddrinfo" "#include \"have.h\" " -if test "x$ac_cv_have_decl_getaddrinfo" = x""yes; then : +if test "x$ac_cv_have_decl_getaddrinfo" = xyes; then : ac_have_decl=1 else ac_have_decl=0 @@ -6046,7 +6076,7 @@ _ACEOF ac_fn_c_check_decl "$LINENO" "getnameinfo" "ac_cv_have_decl_getnameinfo" "#include \"have.h\" " -if test "x$ac_cv_have_decl_getnameinfo" = x""yes; then : +if test "x$ac_cv_have_decl_getnameinfo" = xyes; then : ac_have_decl=1 else ac_have_decl=0 @@ -6121,10 +6151,21 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - test "x$cache_file" != "x/dev/null" && + if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} - cat confcache >$cache_file + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} @@ -6166,118 +6207,74 @@ fi do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -eval as_val=\$$as_ac_Header - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF else - as_fn_error "OpenSSL header files not found." "$LINENO" 5; break + as_fn_error $? "OpenSSL header files not found." "$LINENO" 5; break fi done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_EncryptInit_ex in -lcrypto" >&5 +$as_echo_n "checking for EVP_EncryptInit_ex in -lcrypto... " >&6; } +if ${ac_cv_lib_crypto_EVP_EncryptInit_ex+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcrypto $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char EVP_EncryptInit_ex (); +int +main () +{ +return EVP_EncryptInit_ex (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_crypto_EVP_EncryptInit_ex=yes +else + ac_cv_lib_crypto_EVP_EncryptInit_ex=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_EVP_EncryptInit_ex" >&5 +$as_echo "$ac_cv_lib_crypto_EVP_EncryptInit_ex" >&6; } +if test "x$ac_cv_lib_crypto_EVP_EncryptInit_ex" = xyes; then : + LIBS="-lcrypto $LIBS" +else + as_fn_error $? "OpenSSL libraries not found." "$LINENO" 5 + +fi + + case $host_os in *mingw*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SHA1_version in -lcrypto" >&5 -$as_echo_n "checking for SHA1_version in -lcrypto... " >&6; } -if test "${ac_cv_lib_crypto_SHA1_version+set}" = set; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypto $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char SHA1_version (); -int -main () -{ -return SHA1_version (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypto_SHA1_version=yes -else - ac_cv_lib_crypto_SHA1_version=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_SHA1_version" >&5 -$as_echo "$ac_cv_lib_crypto_SHA1_version" >&6; } -if test "x$ac_cv_lib_crypto_SHA1_version" = x""yes; then : - LIBS="$LIBS -lcrypto -lgdi32" -else - as_fn_error "OpenSSL libraries not found." "$LINENO" 5 - -fi - ;; *) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SHA1_version in -lcrypto" >&5 -$as_echo_n "checking for SHA1_version in -lcrypto... " >&6; } -if test "${ac_cv_lib_crypto_SHA1_version+set}" = set; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypto $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char SHA1_version (); -int -main () -{ -return SHA1_version (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_crypto_SHA1_version=yes -else - ac_cv_lib_crypto_SHA1_version=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_SHA1_version" >&5 -$as_echo "$ac_cv_lib_crypto_SHA1_version" >&6; } -if test "x$ac_cv_lib_crypto_SHA1_version" = x""yes; then : - LIBS="$LIBS -lcrypto" -else - as_fn_error "OpenSSL libraries not found." "$LINENO" 5 - -fi - - ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" -if test "x$ac_cv_func_dlopen" = x""yes; then : +if test "x$ac_cv_func_dlopen" = xyes; then : else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 $as_echo_n "checking for dlopen in -ldl... " >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then : +if ${ac_cv_lib_dl_dlopen+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -6311,10 +6308,10 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 $as_echo "$ac_cv_lib_dl_dlopen" >&6; } -if test "x$ac_cv_lib_dl_dlopen" = x""yes; then : +if test "x$ac_cv_lib_dl_dlopen" = xyes; then : LIBS="$LIBS -ldl" else - as_fn_error "OpenSSL depends on libdl." "$LINENO" 5; break + as_fn_error $? "OpenSSL depends on libdl." "$LINENO" 5; break fi @@ -6328,14 +6325,13 @@ esac do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -eval as_val=\$$as_ac_var - if test "x$as_val" = x""yes; then : +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF else - as_fn_error "Missing OpenSSL functionality, make sure you have installed the latest version." "$LINENO" 5; break + as_fn_error $? "Missing OpenSSL functionality, make sure you have installed the latest version." "$LINENO" 5; break fi done @@ -6343,10 +6339,10 @@ done ac_fn_c_check_decl "$LINENO" "OpenSSL_add_all_algorithms" "ac_cv_have_decl_OpenSSL_add_all_algorithms" "#include " -if test "x$ac_cv_have_decl_OpenSSL_add_all_algorithms" = x""yes; then : +if test "x$ac_cv_have_decl_OpenSSL_add_all_algorithms" = xyes; then : else - as_fn_error "Missing OpenSSL functionality, make sure you have installed the latest version." "$LINENO" 5; break + as_fn_error $? "Missing OpenSSL functionality, make sure you have installed the latest version." "$LINENO" 5; break fi @@ -6392,13 +6388,13 @@ fi for ac_header in zlib.h do : ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" -if test "x$ac_cv_header_zlib_h" = x""yes; then : +if test "x$ac_cv_header_zlib_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ZLIB_H 1 _ACEOF else - as_fn_error "\"zlib header files not found.\"" "$LINENO" 5; break + as_fn_error $? "\"zlib header files not found.\"" "$LINENO" 5; break fi @@ -6407,7 +6403,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress2 in -lz" >&5 $as_echo_n "checking for compress2 in -lz... " >&6; } -if test "${ac_cv_lib_z_compress2+set}" = set; then : +if ${ac_cv_lib_z_compress2+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -6441,10 +6437,10 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_compress2" >&5 $as_echo "$ac_cv_lib_z_compress2" >&6; } -if test "x$ac_cv_lib_z_compress2" = x""yes; then : +if test "x$ac_cv_lib_z_compress2" = xyes; then : LIBS="$LIBS -lz" else - as_fn_error "\"zlib libraries not found.\"" "$LINENO" 5 + as_fn_error $? "\"zlib libraries not found.\"" "$LINENO" 5 fi @@ -6492,7 +6488,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for lzo1x_1_compress in -llzo2" >&5 $as_echo_n "checking for lzo1x_1_compress in -llzo2... " >&6; } -if test "${ac_cv_lib_lzo2_lzo1x_1_compress+set}" = set; then : +if ${ac_cv_lib_lzo2_lzo1x_1_compress+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -6526,12 +6522,12 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_lzo2_lzo1x_1_compress" >&5 $as_echo "$ac_cv_lib_lzo2_lzo1x_1_compress" >&6; } -if test "x$ac_cv_lib_lzo2_lzo1x_1_compress" = x""yes; then : +if test "x$ac_cv_lib_lzo2_lzo1x_1_compress" = xyes; then : LIBS="$LIBS -llzo2" else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for lzo1x_1_compress in -llzo" >&5 $as_echo_n "checking for lzo1x_1_compress in -llzo... " >&6; } -if test "${ac_cv_lib_lzo_lzo1x_1_compress+set}" = set; then : +if ${ac_cv_lib_lzo_lzo1x_1_compress+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -6565,10 +6561,10 @@ LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_lzo_lzo1x_1_compress" >&5 $as_echo "$ac_cv_lib_lzo_lzo1x_1_compress" >&6; } -if test "x$ac_cv_lib_lzo_lzo1x_1_compress" = x""yes; then : +if test "x$ac_cv_lib_lzo_lzo1x_1_compress" = xyes; then : LIBS="$LIBS -llzo" else - as_fn_error "\"lzo libraries not found.\"" "$LINENO" 5; break + as_fn_error $? "\"lzo libraries not found.\"" "$LINENO" 5; break fi @@ -6579,7 +6575,7 @@ fi for ac_header in lzo/lzo1x.h do : ac_fn_c_check_header_mongrel "$LINENO" "lzo/lzo1x.h" "ac_cv_header_lzo_lzo1x_h" "$ac_includes_default" -if test "x$ac_cv_header_lzo_lzo1x_h" = x""yes; then : +if test "x$ac_cv_header_lzo_lzo1x_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LZO_LZO1X_H 1 _ACEOF @@ -6590,7 +6586,7 @@ else for ac_header in lzo2/lzo1x.h do : ac_fn_c_check_header_mongrel "$LINENO" "lzo2/lzo1x.h" "ac_cv_header_lzo2_lzo1x_h" "$ac_includes_default" -if test "x$ac_cv_header_lzo2_lzo1x_h" = x""yes; then : +if test "x$ac_cv_header_lzo2_lzo1x_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LZO2_LZO1X_H 1 _ACEOF @@ -6601,7 +6597,7 @@ else for ac_header in lzo1x.h do : ac_fn_c_check_header_mongrel "$LINENO" "lzo1x.h" "ac_cv_header_lzo1x_h" "$ac_includes_default" -if test "x$ac_cv_header_lzo1x_h" = x""yes; then : +if test "x$ac_cv_header_lzo1x_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LZO1X_H 1 _ACEOF @@ -6609,7 +6605,7 @@ _ACEOF $as_echo "#define LZO1X_H " >>confdefs.h else - as_fn_error "\"lzo header files not found.\"" "$LINENO" 5; break + as_fn_error $? "\"lzo header files not found.\"" "$LINENO" 5; break fi @@ -6707,10 +6703,21 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - test "x$cache_file" != "x/dev/null" && + if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} - cat confcache >$cache_file + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} @@ -6726,6 +6733,7 @@ DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= +U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' @@ -6749,23 +6757,23 @@ else fi if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then - as_fn_error "conditional \"MAINTAINER_MODE\" was never defined. + as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then - as_fn_error "conditional \"AMDEP\" was never defined. + as_fn_error $? "conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then - as_fn_error "conditional \"am__fastdepCC\" was never defined. + as_fn_error $? "conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${TUNEMU_TRUE}" && test -z "${TUNEMU_FALSE}"; then - as_fn_error "conditional \"TUNEMU\" was never defined. + as_fn_error $? "conditional \"TUNEMU\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -: ${CONFIG_STATUS=./config.status} +: "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" @@ -6866,6 +6874,7 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. +as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -6911,19 +6920,19 @@ export LANGUAGE (unset CDPATH) >/dev/null 2>&1 && unset CDPATH -# as_fn_error ERROR [LINENO LOG_FD] -# --------------------------------- +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the -# script with status $?, using 1 if that was 0. +# script with STATUS, using 1 if that was 0. as_fn_error () { - as_status=$?; test $as_status -eq 0 && as_status=1 - if test "$3"; then - as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3 + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi - $as_echo "$as_me: error: $1" >&2 + $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error @@ -7119,7 +7128,7 @@ $as_echo X"$as_dir" | test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p @@ -7173,7 +7182,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # values after options handling. ac_log=" This file was extended by $as_me, which was -generated by GNU Autoconf 2.65. Invocation command line was +generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -7239,10 +7248,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ config.status -configured by $0, generated by GNU Autoconf 2.65, +configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" -Copyright (C) 2009 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -7260,11 +7269,16 @@ ac_need_defaults=: while test $# != 0 do case $1 in - --*=*) + --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; *) ac_option=$1 ac_optarg=$2 @@ -7286,6 +7300,7 @@ do $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; @@ -7298,7 +7313,7 @@ do ac_need_defaults=false;; --he | --h) # Conflict between --help and --header - as_fn_error "ambiguous option: \`$1' + as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; @@ -7307,7 +7322,7 @@ Try \`$0 --help' for more information.";; ac_cs_silent=: ;; # This is an error. - -*) as_fn_error "unrecognized option: \`$1' + -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" @@ -7369,7 +7384,7 @@ do "lib/Makefile") CONFIG_FILES="$CONFIG_FILES lib/Makefile" ;; "m4/Makefile") CONFIG_FILES="$CONFIG_FILES m4/Makefile" ;; - *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done @@ -7392,9 +7407,10 @@ fi # after its creation but before its name has been assigned to `$tmp'. $debug || { - tmp= + tmp= ac_tmp= trap 'exit_status=$? - { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } @@ -7402,12 +7418,13 @@ $debug || { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -n "$tmp" && test -d "$tmp" + test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") -} || as_fn_error "cannot create a temporary directory in ." "$LINENO" 5 +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. @@ -7424,12 +7441,12 @@ if test "x$ac_cr" = x; then fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then - ac_cs_awk_cr='\r' + ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi -echo 'BEGIN {' >"$tmp/subs1.awk" && +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF @@ -7438,18 +7455,18 @@ _ACEOF echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || - as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 -ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'` + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || - as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then - as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5 + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi @@ -7457,7 +7474,7 @@ done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -cat >>"\$tmp/subs1.awk" <<\\_ACAWK && +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h @@ -7505,7 +7522,7 @@ t delim rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK -cat >>"\$tmp/subs1.awk" <<_ACAWK && +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" @@ -7537,21 +7554,29 @@ if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat -fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ - || as_fn_error "could not setup config files machinery" "$LINENO" 5 +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF -# VPATH may cause trouble with some makes, so we remove $(srcdir), -# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=/{ -s/:*\$(srcdir):*/:/ -s/:*\${srcdir}:*/:/ -s/:*@srcdir@:*/:/ -s/^\([^=]*=[ ]*\):*/\1/ + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// s/^[^=]*=[ ]*$// }' fi @@ -7563,7 +7588,7 @@ fi # test -n "$CONFIG_FILES" # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then -cat >"$tmp/defines.awk" <<\_ACAWK || +cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF @@ -7575,11 +7600,11 @@ _ACEOF # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do - ac_t=`sed -n "/$ac_delim/p" confdefs.h` - if test -z "$ac_t"; then + ac_tt=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_tt"; then break elif $ac_last_try; then - as_fn_error "could not make $CONFIG_HEADERS" "$LINENO" 5 + as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi @@ -7664,7 +7689,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 - as_fn_error "could not setup config headers machinery" "$LINENO" 5 + as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" @@ -7677,7 +7702,7 @@ do esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) as_fn_error "invalid tag \`$ac_tag'" "$LINENO" 5;; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -7696,7 +7721,7 @@ do for ac_f do case $ac_f in - -) ac_f="$tmp/stdin";; + -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. @@ -7705,7 +7730,7 @@ do [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - as_fn_error "cannot find input file: \`$ac_f'" "$LINENO" 5;; + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" @@ -7731,8 +7756,8 @@ $as_echo "$as_me: creating $ac_file" >&6;} esac case $ac_tag in - *:-:* | *:-) cat >"$tmp/stdin" \ - || as_fn_error "could not create $ac_file" "$LINENO" 5 ;; + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -7868,23 +7893,24 @@ s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack " -eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ - || as_fn_error "could not create $ac_file" "$LINENO" 5 +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&5 +which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&2;} +which seems to be undefined. Please make sure it is defined" >&2;} - rm -f "$tmp/stdin" + rm -f "$ac_tmp/stdin" case $ac_file in - -) cat "$tmp/out" && rm -f "$tmp/out";; - *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ - || as_fn_error "could not create $ac_file" "$LINENO" 5 + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # @@ -7893,21 +7919,21 @@ which seems to be undefined. Please make sure it is defined." >&2;} if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" - } >"$tmp/config.h" \ - || as_fn_error "could not create $ac_file" "$LINENO" 5 - if diff "$ac_file" "$tmp/config.h" >/dev/null 2>&1; then + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" + } >"$ac_tmp/config.h" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" - mv "$tmp/config.h" "$ac_file" \ - || as_fn_error "could not create $ac_file" "$LINENO" 5 + mv "$ac_tmp/config.h" "$ac_file" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ - && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" \ - || as_fn_error "could not create -" "$LINENO" 5 + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error $? "could not create -" "$LINENO" 5 fi # Compute "$ac_file"'s index in $config_headers. _am_arg="$ac_file" @@ -8057,7 +8083,7 @@ _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || - as_fn_error "write failure creating $CONFIG_STATUS" "$LINENO" 5 + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. @@ -8078,7 +8104,7 @@ if test "$no_create" != yes; then exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. - $ac_cs_success || as_fn_exit $? + $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 diff --git a/configure.in b/configure.in index 9a2b88d..a6dd6d6 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) AC_INIT AC_CONFIG_SRCDIR([src/tincd.c]) -AM_INIT_AUTOMAKE(tinc, 1.0.13) +AM_INIT_AUTOMAKE(tinc, 1.0.14) AC_CONFIG_HEADERS([config.h]) AM_MAINTAINER_MODE @@ -13,8 +13,6 @@ AM_MAINTAINER_MODE AC_GNU_SOURCE AC_DEFINE([__USE_BSD], 1, [Enable BSD extensions]) -ALL_LINGUAS="nl" - dnl Checks for programs. AC_PROG_CC_C99 AC_PROG_CPP @@ -51,6 +49,10 @@ case $host_os in AC_DEFINE(HAVE_NETBSD, 1, [NetBSD]) [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] ;; + *dragonfly*) + AC_DEFINE(HAVE_DRAGONFLY, 1, [DragonFly]) + [ rm -f src/device.c; ln -sf bsd/device.c src/device.c ] + ;; *bsd*) AC_MSG_WARN("Unknown BSD variant, tinc might not compile or work!") AC_DEFINE(HAVE_BSD, 1, [Unknown BSD variant]) @@ -63,7 +65,7 @@ case $host_os in *mingw*) AC_DEFINE(HAVE_MINGW, 1, [MinGW]) [ rm -f src/device.c; cp -f src/mingw/device.c src/device.c ] - LIBS="$LIBS -lws2_32" + LIBS="$LIBS -lws2_32 -lgdi32 -lcrypt32" ;; *) AC_MSG_ERROR("Unknown operating system.") @@ -99,8 +101,8 @@ dnl Checks for header files. dnl We do this in multiple stages, because unlike Linux all the other operating systems really suck and don't include their own dependencies. AC_HEADER_STDC -AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h]) -AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h], +AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h dirent.h]) +AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h], [], [], [#include "have.h"] ) AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h], @@ -128,7 +130,7 @@ dnl Checks for library functions. AC_FUNC_MEMCMP AC_FUNC_ALLOCA AC_TYPE_SIGNAL -AC_CHECK_FUNCS([asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall putenv random select strdup strerror strsignal strtol system unsetenv vsyslog writev], +AC_CHECK_FUNCS([asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall putenv random select strdup strerror strsignal strtol system unsetenv usleep vsyslog writev], [], [], [#include "have.h"] ) AC_FUNC_MALLOC diff --git a/debian/changelog b/debian/changelog index 39d8d07..5456088 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,15 @@ -tinc (1.0.13-1+squeeze1) squeeze-security; urgency=high +tinc (1.0.14-1~bpo60+1) squeeze-backports; urgency=low - * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). + * Rebuild for squeeze-backports. - -- Guus Sliepen Fri, 12 Apr 2013 20:40:15 +0000 + -- Guus Sliepen Tue, 07 Jun 2011 09:35:50 +0000 + +tinc (1.0.14-1) unstable; urgency=low + + * New upstream release. + * Bump Standards-Version. + + -- Guus Sliepen Mon, 09 May 2011 00:25:37 +0200 tinc (1.0.13-1) unstable; urgency=low diff --git a/debian/control b/debian/control index f812c0a..99e562a 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: tinc Section: net Priority: optional Maintainer: Guus Sliepen -Standards-Version: 3.8.4 +Standards-Version: 3.9.2 Build-Depends: libssl-dev, debhelper (>= 7.0.50~), gettext, texi2html, texinfo, zlib1g-dev, liblzo2-dev Homepage: http://www.tinc-vpn.org/ diff --git a/debian/patches/fix-CVE-2013-1428 b/debian/patches/fix-CVE-2013-1428 deleted file mode 100644 index 5849759..0000000 --- a/debian/patches/fix-CVE-2013-1428 +++ /dev/null @@ -1,31 +0,0 @@ -From 17a33dfd95b1a29e90db76414eb9622df9632320 Mon Sep 17 00:00:00 2001 -From: Guus Sliepen -Date: Fri, 12 Apr 2013 17:15:05 +0200 -Subject: [PATCH] Drop packets forwarded via TCP if they are too big - (CVE-2013-1428). - -Normally all requests sent via the meta connections are checked so that they -cannot be larger than the input buffer. However, when packets are forwarded via -meta connections, they are copied into a packet buffer without checking whether -it fits into it. Since the packet buffer is allocated on the stack, this in -effect allows an authenticated remote node to cause a stack overflow. - -This issue was found by Martin Schobert. ---- - src/net_packet.c | 3 +++ - 1 file changed, 3 insertions(+) - -Index: tinc-1.0.13/src/net_packet.c -=================================================================== ---- tinc-1.0.13.orig/src/net_packet.c 2010-03-13 17:53:33.000000000 +0000 -+++ tinc-1.0.13/src/net_packet.c 2013-04-12 20:34:17.395183282 +0000 -@@ -347,6 +347,9 @@ - void receive_tcppacket(connection_t *c, char *buffer, int len) { - vpn_packet_t outpkt; - -+ if(len > sizeof outpkt.data) -+ return; -+ - outpkt.len = len; - if(c->options & OPTION_TCPONLY) - outpkt.priority = 0; diff --git a/debian/patches/series b/debian/patches/series deleted file mode 100644 index f301124..0000000 --- a/debian/patches/series +++ /dev/null @@ -1 +0,0 @@ -fix-CVE-2013-1428 diff --git a/doc/sample-config.tar.gz b/doc/sample-config.tar.gz index 6202664..da56735 100644 Binary files a/doc/sample-config.tar.gz and b/doc/sample-config.tar.gz differ diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in index bc82b17..ce69030 100644 --- a/doc/tinc.conf.5.in +++ b/doc/tinc.conf.5.in @@ -110,6 +110,13 @@ Note: it is not required that you put in the sign, but doing so improves readability. If you leave it out, remember to replace it with at least one space character. +.Pp +The server configuration is complemented with host specific configuration (see the next section). +Although all configuration options for the local host listed in this document can also be put in +.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc.conf , +it is recommended to put host specific configuration options in the host configuration file, +as this makes it easy to exchange with other nodes. + .Pp Here are all valid variables, listed in alphabetical order. The default value is given between parentheses. @@ -248,6 +255,9 @@ a lookup if your DNS server is not responding. This does not affect resolving hostnames to IP addresses from the host configuration files. +.It Va IffOneQueue Li = yes | no Po no Pc Bq experimental +(Linux only) Set IFF_ONE_QUEUE flag on TUN/TAP devices. + .It Va Interface Li = Ar interface Defines the name of the interface corresponding to the virtual network device. Depending on the operating system and the type of device this may or may not actually set the name of the interface. @@ -334,6 +344,16 @@ specified in the configuration file. When this option is used the priority of the tincd process will be adjusted. Increasing the priority may help to reduce latency and packet loss on the VPN. +.It Va ReplayWindow Li = Ar bytes Pq 16 +This is the size of the replay tracking window for each remote node, in bytes. +The window is a bitfield which tracks 1 packet per bit, so for example +the default setting of 16 will track up to 128 packets in the window. In high +bandwidth scenarios, setting this to a higher value can reduce packet loss from +the interaction of replay tracking with underlying real packet loss and/or +reordering. Setting this to zero will disable replay tracking completely and +pass all traffic, but leaves tinc vulnerable to replay-based attacks on your +traffic. + .It Va StrictSubnets Li = yes | no Po no Pc Bq experimental When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local @@ -346,6 +366,14 @@ and will only allow connections with nodes for which host config files are prese .Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ directory. Setting this options also implicitly sets StrictSubnets. + +.It Va UDPRcvBuf Li = Ar bytes Pq OS default +Sets the socket receive buffer size for the UDP socket, in bytes. +If unset, the default buffer size will be used by the operating system. + +.It Va UDPSndBuf Li = Ar bytes Pq OS default +Sets the socket send buffer size for the UDP socket, in bytes. +If unset, the default buffer size will be used by the operating system. .El .Sh HOST CONFIGURATION FILES diff --git a/doc/tinc.info b/doc/tinc.info index 272a647..07244b9 100644 --- a/doc/tinc.info +++ b/doc/tinc.info @@ -5,10 +5,10 @@ START-INFO-DIR-ENTRY * tinc: (tinc). The tinc Manual. END-INFO-DIR-ENTRY - This is the info manual for tinc version 1.0.13, a Virtual Private + This is the info manual for tinc version 1.0.14, a Virtual Private Network daemon. - Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen + Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen and Wessel Dankers . Permission is granted to make and distribute verbatim copies of this @@ -84,7 +84,7 @@ trusted computers on the other end of the Internet. This problem can be solved by using _virtual_ networks. Virtual networks can live on top of other networks, but they use encapsulation to keep using their private address space so they do not interfere with -the Internet. Mostly, virtual networks appear like a singe LAN, even +the Internet. Mostly, virtual networks appear like a single LAN, even though they can span the entire world. But virtual networks can't be secured by using firewalls, because the traffic that flows through it has to go through the Internet, where other people can look at it. @@ -654,6 +654,13 @@ that you put in the `=' sign, but doing so improves readability. If you leave it out, remember to replace it with at least one space character. + The server configuration is complemented with host specific +configuration (see the next section). Although all host configuration +options for the local node listed in this document can also be put in +`/etc/tinc/NETNAME/tinc.conf', it is recommended to put host specific +configuration options in the host configuration file, as this makes it +easy to exchange with other nodes. + In this section all valid variables are listed in alphabetical order. The default value is given between parentheses, other comments are between square brackets. @@ -869,6 +876,17 @@ ProcessPriority = adjusted. Increasing the priority may help to reduce latency and packet loss on the VPN. +ReplayWindow = (16) + This is the size of the replay tracking window for each remote + node, in bytes. The window is a bitfield which tracks 1 packet + per bit, so for example the default setting of 16 will track up to + 128 packets in the window. In high bandwidth scenarios, setting + this to a higher value can reduce packet loss from the interaction + of replay tracking with underlying real packet loss and/or + reordering. Setting this to zero will disable replay tracking + completely and pass all traffic, but leaves tinc vulnerable to + replay-based attacks on your traffic. + StrictSubnets (no) [experimental] When this option is enabled tinc will only use Subnet statements which are present in the host config files in the local @@ -881,6 +899,16 @@ TunnelServer = (no) [experimental] the local `/etc/tinc/NETNAME/hosts/' directory. Setting this options also implicitly sets StrictSubnets. +UDPRcvBuf = (OS default) + Sets the socket receive buffer size for the UDP socket, in bytes. + If unset, the default buffer size will be used by the operating + system. + +UDPSndBuf = Pq OS default + Sets the socket send buffer size for the UDP socket, in bytes. If + unset, the default buffer size will be used by the operating + system. +  File: tinc.info, Node: Host configuration variables, Next: Scripts, Prev: Main configuration variables, Up: Configuration files @@ -1403,7 +1431,10 @@ command line options. always be stopped and removed. `-n, --net=NETNAME' - Use configuration for net NETNAME. *Note Multiple networks::. + Use configuration for net NETNAME. This will let tinc read all + configuration files from `/etc/tinc/NETNAME/'. Specifying . for + NETNAME is the same as not specifying any NETNAME. *Note Multiple + networks::. `-K, --generate-keys[=BITS]' Generate public/private keypair of BITS length. If BITS is not @@ -2377,6 +2408,8 @@ Concept Index * release: Supported platforms. (line 14) * REMOTEADDRESS: Scripts. (line 67) * REMOTEPORT: Scripts. (line 70) +* ReplayWindow: Main configuration variables. + (line 204) * REQ_KEY: The meta-protocol. (line 64) * requirements: Libraries. (line 6) * router: Main configuration variables. @@ -2388,7 +2421,7 @@ Concept Index (line 18) * signals: Signals. (line 6) * StrictSubnets: Main configuration variables. - (line 204) + (line 215) * SUBNET: Scripts. (line 74) * Subnet: Host configuration variables. (line 74) @@ -2410,12 +2443,16 @@ Concept Index * tunifhead: Main configuration variables. (line 62) * TunnelServer: Main configuration variables. - (line 209) + (line 220) * tunnohead: Main configuration variables. (line 56) * UDP <1>: Encryption of network packets. (line 12) * UDP: The UDP tunnel. (line 30) +* UDPRcvBuf: Main configuration variables. + (line 227) +* UDPSndBuf: Main configuration variables. + (line 232) * Universal tun/tap: Configuration of Linux kernels. (line 6) * virtual: Virtual Private Networks. @@ -2434,63 +2471,63 @@ Tag Table: Node: Top810 Node: Introduction1109 Node: Virtual Private Networks1919 -Node: tinc3644 -Node: Supported platforms5171 -Node: Preparations5869 -Node: Configuring the kernel6125 -Node: Configuration of Linux kernels6534 -Node: Configuration of FreeBSD kernels7389 -Node: Configuration of OpenBSD kernels7779 -Node: Configuration of NetBSD kernels8387 -Node: Configuration of Solaris kernels8792 -Node: Configuration of Darwin (MacOS/X) kernels9453 -Node: Configuration of Windows10142 -Node: Libraries10656 -Node: OpenSSL11044 -Node: zlib13320 -Node: lzo14149 -Node: Installation14936 -Node: Building and installing tinc15951 -Node: Darwin (MacOS/X) build environment16610 -Node: Cygwin (Windows) build environment17178 -Node: MinGW (Windows) build environment17766 -Node: System files18290 -Node: Device files18555 -Node: Other files18971 -Node: Configuration19584 -Node: Configuration introduction19895 -Node: Multiple networks21168 -Node: How connections work22594 -Node: Configuration files23816 -Node: Main configuration variables24823 -Node: Host configuration variables34334 -Node: Scripts39745 -Node: How to configure42515 -Node: Generating keypairs43778 -Node: Network interfaces44277 -Node: Example configuration46125 -Node: Running tinc51448 -Node: Runtime options52038 -Node: Signals54833 -Node: Debug levels55902 -Node: Solving problems56838 -Node: Error messages58390 -Node: Sending bug reports62403 -Node: Technical information63355 -Node: The connection63586 -Node: The UDP tunnel63898 -Node: The meta-connection66959 -Node: The meta-protocol68428 -Node: Security73437 -Node: Authentication protocol74567 -Node: Encryption of network packets79571 -Node: Security issues80944 -Node: Platform specific information82561 -Node: Interface configuration82789 -Node: Routes84688 -Node: About us86604 -Node: Contact information86779 -Node: Authors87183 -Node: Concept Index87588 +Node: tinc3645 +Node: Supported platforms5172 +Node: Preparations5870 +Node: Configuring the kernel6126 +Node: Configuration of Linux kernels6535 +Node: Configuration of FreeBSD kernels7390 +Node: Configuration of OpenBSD kernels7780 +Node: Configuration of NetBSD kernels8388 +Node: Configuration of Solaris kernels8793 +Node: Configuration of Darwin (MacOS/X) kernels9454 +Node: Configuration of Windows10143 +Node: Libraries10657 +Node: OpenSSL11045 +Node: zlib13321 +Node: lzo14150 +Node: Installation14937 +Node: Building and installing tinc15952 +Node: Darwin (MacOS/X) build environment16611 +Node: Cygwin (Windows) build environment17179 +Node: MinGW (Windows) build environment17767 +Node: System files18291 +Node: Device files18556 +Node: Other files18972 +Node: Configuration19585 +Node: Configuration introduction19896 +Node: Multiple networks21169 +Node: How connections work22595 +Node: Configuration files23817 +Node: Main configuration variables25204 +Node: Host configuration variables35709 +Node: Scripts41120 +Node: How to configure43890 +Node: Generating keypairs45153 +Node: Network interfaces45652 +Node: Example configuration47500 +Node: Running tinc52823 +Node: Runtime options53413 +Node: Signals56369 +Node: Debug levels57438 +Node: Solving problems58374 +Node: Error messages59926 +Node: Sending bug reports63939 +Node: Technical information64891 +Node: The connection65122 +Node: The UDP tunnel65434 +Node: The meta-connection68495 +Node: The meta-protocol69964 +Node: Security74973 +Node: Authentication protocol76103 +Node: Encryption of network packets81107 +Node: Security issues82480 +Node: Platform specific information84097 +Node: Interface configuration84325 +Node: Routes86224 +Node: About us88140 +Node: Contact information88315 +Node: Authors88719 +Node: Concept Index89124  End Tag Table diff --git a/doc/tinc.texi b/doc/tinc.texi index dd7bc62..6bbc2e2 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -15,7 +15,7 @@ This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. -Copyright @copyright{} 1998-2010 Ivo Timmermans, +Copyright @copyright{} 1998-2011 Ivo Timmermans, Guus Sliepen and Wessel Dankers . @@ -39,7 +39,7 @@ permission notice identical to this one. @vskip 0pt plus 1filll This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. -Copyright @copyright{} 1998-2010 Ivo Timmermans, +Copyright @copyright{} 1998-2011 Ivo Timmermans, Guus Sliepen and Wessel Dankers . @@ -119,7 +119,7 @@ computers on the other end of the Internet. This problem can be solved by using @emph{virtual} networks. Virtual networks can live on top of other networks, but they use encapsulation to keep using their private address space so they do not interfere with -the Internet. Mostly, virtual networks appear like a singe LAN, even though +the Internet. Mostly, virtual networks appear like a single LAN, even though they can span the entire world. But virtual networks can't be secured by using firewalls, because the traffic that flows through it has to go through the Internet, where other people can look at it. @@ -725,6 +725,13 @@ and carriage returns are ignored. Note: it is not required that you put in the `=' sign, but doing so improves readability. If you leave it out, remember to replace it with at least one space character. +The server configuration is complemented with host specific configuration (see +the next section). Although all host configuration options for the local node +listed in this document can also be put in +@file{@value{sysconfdir}/tinc/@var{netname}/tinc.conf}, it is recommended to +put host specific configuration options in the host configuration file, as this +makes it easy to exchange with other nodes. + In this section all valid variables are listed in alphabetical order. The default value is given between parentheses, other comments are between square brackets. @@ -955,6 +962,18 @@ specified in the configuration file. When this option is used the priority of the tincd process will be adjusted. Increasing the priority may help to reduce latency and packet loss on the VPN. +@cindex ReplayWindow +@item ReplayWindow = (16) +This is the size of the replay tracking window for each remote node, in bytes. +The window is a bitfield which tracks 1 packet per bit, so for example +the default setting of 16 will track up to 128 packets in the window. In high +bandwidth scenarios, setting this to a higher value can reduce packet loss from +the interaction of replay tracking with underlying real packet loss and/or +reordering. Setting this to zero will disable replay tracking completely and +pass all traffic, but leaves tinc vulnerable to replay-based attacks on your +traffic. + + @cindex StrictSubnets @item StrictSubnets (no) [experimental] When this option is enabled tinc will only use Subnet statements which are @@ -968,6 +987,16 @@ and will only allow connections with nodes for which host config files are prese @file{@value{sysconfdir}/tinc/@var{netname}/hosts/} directory. Setting this options also implicitly sets StrictSubnets. +@cindex UDPRcvBuf +@item UDPRcvBuf = (OS default) +Sets the socket receive buffer size for the UDP socket, in bytes. +If unset, the default buffer size will be used by the operating system. + +@cindex UDPSndBuf +@item UDPSndBuf = Pq OS default +Sets the socket send buffer size for the UDP socket, in bytes. +If unset, the default buffer size will be used by the operating system. + @end table @@ -1536,7 +1565,11 @@ Under native Windows the optional argument is ignored, the service will always be stopped and removed. @item -n, --net=@var{netname} -Use configuration for net @var{netname}. @xref{Multiple networks}. +Use configuration for net @var{netname}. +This will let tinc read all configuration files from +@file{@value{sysconfdir}/tinc/@var{netname}/}. +Specifying . for @var{netname} is the same as not specifying any @var{netname}. +@xref{Multiple networks}. @item -K, --generate-keys[=@var{bits}] Generate public/private keypair of @var{bits} length. If @var{bits} is not specified, diff --git a/doc/tincd.8.in b/doc/tincd.8.in index b852052..a8ef2fb 100644 --- a/doc/tincd.8.in +++ b/doc/tincd.8.in @@ -1,4 +1,4 @@ -.Dd 2009-05-18 +.Dd 2011-01-02 .Dt TINCD 8 .\" Manual page created by: .\" Ivo Timmermans @@ -64,6 +64,14 @@ the service will always be stopped and removed. .It Fl n, -net Ns = Ns Ar NETNAME Connect to net .Ar NETNAME . +This will let tinc read all configuration files from +.Pa @sysconfdir@/tinc/ Ar NETNAME . +Specifying +.Li . +for +.Ar NETNAME +is the same as not specifying any +.Ar NETNAME . .It Fl K, -generate-keys Ns Op = Ns Ar BITS Generate public/private RSA keypair and exit. If @@ -89,11 +97,11 @@ Under Windows this option will be ignored. .It Fl -bypass-security Disables encryption and authentication of the meta protocol. Only useful for debugging. -.It Fl -chroot +.It Fl R, -chroot With this option tinc chroots into the directory where network config is located (@sysconfdir@/tinc/NETNAME if -n option is used, or to the directory specified with -c option) after initialization. -.It Fl -user Ns = Ns Ar USER +.It Fl U, -user Ns = Ns Ar USER setuid to the specified .Ar USER after initialization. diff --git a/have.h b/have.h index cf5c173..073fbaa 100644 --- a/have.h +++ b/have.h @@ -1,7 +1,7 @@ /* have.h -- include headers which are known to exist Copyright (C) 1998-2005 Ivo Timmermans - 2003-2009 Guus Sliepen + 2003-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,6 +21,14 @@ #ifndef __TINC_HAVE_H__ #define __TINC_HAVE_H__ +#ifdef HAVE_MINGW +#ifdef WITH_WINDOWS2000 +#define WINVER Windows2000 +#else +#define WINVER WindowsXP +#endif +#endif + #include #include #include @@ -32,11 +40,6 @@ #include #ifdef HAVE_MINGW -#ifdef WITH_WINDOWS2000 -#define WINVER Windows2000 -#else -#define WINVER WindowsXP -#endif #include #include #include @@ -92,6 +95,10 @@ #include #endif +#ifdef HAVE_SYS_RESOURCE_H +#include +#endif + #ifdef HAVE_SYS_UIO_H #include #endif @@ -123,10 +130,18 @@ #include #endif +#ifdef HAVE_NET_TUN_IF_TUN_H +#include +#endif + #ifdef HAVE_NET_IF_TAP_H #include #endif +#ifdef HAVE_NET_TAP_IF_TAP_H +#include +#endif + #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif diff --git a/lib/dropin.c b/lib/dropin.c index 89039da..4aed74e 100644 --- a/lib/dropin.c +++ b/lib/dropin.c @@ -1,7 +1,7 @@ /* dropin.c -- a set of drop-in replacements for libc functions Copyright (C) 2000-2005 Ivo Timmermans, - 2000-2009 Guus Sliepen + 2000-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -163,3 +163,11 @@ int gettimeofday(struct timeval *tv, void *tz) { return 0; } #endif + +#ifndef HAVE_USLEEP +int usleep(long usec) { + struct timeval tv = {usec / 1000000, (usec / 1000) % 1000}; + select(0, NULL, NULL, NULL, &tv); + return 0; +} +#endif diff --git a/lib/dropin.h b/lib/dropin.h index e9d1353..22fe36d 100644 --- a/lib/dropin.h +++ b/lib/dropin.h @@ -1,7 +1,7 @@ /* dropin.h -- header file for dropin.c Copyright (C) 2000-2005 Ivo Timmermans, - 2000-2009 Guus Sliepen + 2000-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -41,4 +41,8 @@ extern int vasprintf(char **, const char *, va_list ap); extern int gettimeofday(struct timeval *, void *); #endif +#ifndef HAVE_USLEEP +extern int usleep(long); +#endif + #endif /* __DROPIN_H__ */ diff --git a/lib/getopt.c b/lib/getopt.c index b2f88b4..a6782ed 100644 --- a/lib/getopt.c +++ b/lib/getopt.c @@ -44,6 +44,10 @@ with this program; if not, write to the Free Software Foundation, Inc., #include +#ifdef HAVE_STRING_H +#include +#endif + /* Comment out all this code if we are using the GNU C Library, and are not actually compiling the library itself. This code is part of the GNU C Library, but also included in many other GNU distributions. Compiling @@ -688,16 +692,18 @@ _getopt_internal (argc, argv, optstring, longopts, longind, long_only) else { if (opterr) - if (argv[optind - 1][1] == '-') - /* --option */ - fprintf (stderr, - "%s: option `--%s' doesn't allow an argument\n", - argv[0], pfound->name); - else - /* +option or -option */ - fprintf (stderr, - "%s: option `%c%s' doesn't allow an argument\n", - argv[0], argv[optind - 1][0], pfound->name); + { + if (argv[optind - 1][1] == '-') + /* --option */ + fprintf (stderr, + "%s: option `--%s' doesn't allow an argument\n", + argv[0], pfound->name); + else + /* +option or -option */ + fprintf (stderr, + "%s: option `%c%s' doesn't allow an argument\n", + argv[0], argv[optind - 1][0], pfound->name); + } nextchar += strlen (nextchar); diff --git a/lib/memcmp.c b/lib/memcmp.c index 9d80833..9104994 100644 --- a/lib/memcmp.c +++ b/lib/memcmp.c @@ -23,6 +23,10 @@ # include "config.h" #endif +#ifdef HAVE_INTTYPES_H +#include +#endif + #undef __ptr_t #if defined __cplusplus || (defined __STDC__ && __STDC__) # define __ptr_t void * @@ -107,8 +111,8 @@ static int memcmp_bytes (a, b) op_t a, b; { - long int srcp1 = (long int) &a; - long int srcp2 = (long int) &b; + intptr_t srcp1 = (intptr_t) &a; + intptr_t srcp2 = (intptr_t) &b; op_t a0, b0; do @@ -123,7 +127,7 @@ memcmp_bytes (a, b) } #endif -static int memcmp_common_alignment __P((long, long, size_t)); +static int memcmp_common_alignment __P((intptr_t, intptr_t, size_t)); /* memcmp_common_alignment -- Compare blocks at SRCP1 and SRCP2 with LEN `op_t' objects (not LEN bytes!). Both SRCP1 and SRCP2 should be aligned for @@ -133,8 +137,8 @@ __inline #endif static int memcmp_common_alignment (srcp1, srcp2, len) - long int srcp1; - long int srcp2; + intptr_t srcp1; + intptr_t srcp2; size_t len; { op_t a0, a1; @@ -213,7 +217,7 @@ memcmp_common_alignment (srcp1, srcp2, len) return 0; } -static int memcmp_not_common_alignment __P((long, long, size_t)); +static int memcmp_not_common_alignment __P((intptr_t, intptr_t, size_t)); /* memcmp_not_common_alignment -- Compare blocks at SRCP1 and SRCP2 with LEN `op_t' objects (not LEN bytes!). SRCP2 should be aligned for memory @@ -223,8 +227,8 @@ __inline #endif static int memcmp_not_common_alignment (srcp1, srcp2, len) - long int srcp1; - long int srcp2; + intptr_t srcp1; + intptr_t srcp2; size_t len; { op_t a0, a1, a2, a3; @@ -332,8 +336,8 @@ rpl_memcmp (s1, s2, len) { op_t a0; op_t b0; - long int srcp1 = (long int) s1; - long int srcp2 = (long int) s2; + intptr_t srcp1 = (intptr_t) s1; + intptr_t srcp2 = (intptr_t) s2; op_t res; if (len >= OP_T_THRES) diff --git a/lib/pidfile.c b/lib/pidfile.c index 47f6359..425b304 100644 --- a/lib/pidfile.c +++ b/lib/pidfile.c @@ -41,7 +41,7 @@ pid_t read_pid (char *pidfile) if (!(f=fopen(pidfile,"r"))) return 0; - if(fscanf(f,"%ld", &pid) != 1) + if(fscanf(f,"%20ld", &pid) != 1) pid = 0; fclose(f); return pid; diff --git a/m4/openssl.m4 b/m4/openssl.m4 index a5cd039..59f0d45 100644 --- a/m4/openssl.m4 +++ b/m4/openssl.m4 @@ -26,19 +26,15 @@ AC_DEFUN([tinc_OPENSSL], [AC_MSG_ERROR([OpenSSL header files not found.]); break] ) + AC_CHECK_LIB(crypto, EVP_EncryptInit_ex, + [LIBS="-lcrypto $LIBS"], + [AC_MSG_ERROR([OpenSSL libraries not found.])] + ) + case $host_os in *mingw*) - AC_CHECK_LIB(crypto, SHA1_version, - [LIBS="$LIBS -lcrypto -lgdi32"], - [AC_MSG_ERROR([OpenSSL libraries not found.])] - ) ;; *) - AC_CHECK_LIB(crypto, SHA1_version, - [LIBS="$LIBS -lcrypto"], - [AC_MSG_ERROR([OpenSSL libraries not found.])] - ) - AC_CHECK_FUNC(dlopen, [], [AC_CHECK_LIB(dl, dlopen, diff --git a/src/bsd/device.c b/src/bsd/device.c index c2cd34c..d6ef0e8 100644 --- a/src/bsd/device.c +++ b/src/bsd/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction BSD tun/tap device Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2009 Guus Sliepen + 2001-2011 Guus Sliepen 2009 Grzegorz Dymarek This program is free software; you can redistribute it and/or modify @@ -47,11 +47,11 @@ int device_fd = -1; char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; #if defined(TUNEMU) static device_type_t device_type = DEVICE_TYPE_TUNEMU; -#elif defined(HAVE_OPENBSD) || defined(HAVE_FREEBSD) +#elif defined(HAVE_OPENBSD) || defined(HAVE_FREEBSD) || defined(HAVE_DRAGONFLY) static device_type_t device_type = DEVICE_TYPE_TUNIFHEAD; #else static device_type_t device_type = DEVICE_TYPE_TUN; @@ -64,7 +64,7 @@ bool setup_device(void) { device = xstrdup(DEFAULT_DEVICE); if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) - iface = xstrdup(rindex(device, '/') ? rindex(device, '/') + 1 : device); + iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) { if(!strcasecmp(type, "tun")) @@ -199,9 +199,8 @@ bool read_packet(vpn_packet_t *packet) { if(device_type == DEVICE_TYPE_TUNEMU) lenin = tunemu_read(device_fd, packet->data + 14, MTU - 14); else -#else - lenin = read(device_fd, packet->data + 14, MTU - 14); #endif + lenin = read(device_fd, packet->data + 14, MTU - 14); if(lenin <= 0) { logger(LOG_ERR, "Error while reading from %s %s: %s", device_info, @@ -353,6 +352,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/conf.c b/src/conf.c index f64fb22..5f8fdb1 100644 --- a/src/conf.c +++ b/src/conf.c @@ -2,7 +2,8 @@ conf.c -- configuration code Copyright (C) 1998 Robert van der Meulen 1998-2005 Ivo Timmermans - 2000-2009 Guus Sliepen + 2000-2010 Guus Sliepen + 2010-2011 Julien Muchembled 2000 Cris van Pelt This program is free software; you can redistribute it and/or modify @@ -23,6 +24,7 @@ #include "system.h" #include "avl_tree.h" +#include "connection.h" #include "conf.h" #include "logger.h" #include "netutl.h" /* for str2address */ @@ -36,6 +38,8 @@ int pinginterval = 0; /* seconds between pings */ int pingtimeout = 0; /* seconds to wait for response */ char *confbase = NULL; /* directory in which all config files are */ char *netname = NULL; /* name of the vpn network */ +list_t *cmdline_conf = NULL; /* global/host configuration values given at the command line */ + static int config_compare(const config_t *a, const config_t *b) { int result; @@ -45,12 +49,17 @@ static int config_compare(const config_t *a, const config_t *b) { if(result) return result; + /* give priority to command line options */ + result = !b->file - !a->file; + if (result) + return result; + result = a->line - b->line; if(result) return result; else - return strcmp(a->file, b->file); + return a->file ? strcmp(a->file, b->file) : 0; } void init_configuration(avl_tree_t ** config_tree) { @@ -87,7 +96,7 @@ config_t *lookup_config(avl_tree_t *config_tree, char *variable) { config_t cfg, *found; cfg.variable = variable; - cfg.file = ""; + cfg.file = NULL; cfg.line = 0; found = avl_search_closest_greater(config_tree, &cfg); @@ -224,7 +233,7 @@ static char *readline(FILE * fp, char *buf, size_t buflen) { newline = strchr(p, '\n'); if(!newline) - return NULL; + return buf; *newline = '\0'; /* kill newline */ if(newline > p && newline[-1] == '\r') /* and carriage return if necessary */ @@ -233,6 +242,45 @@ static char *readline(FILE * fp, char *buf, size_t buflen) { return buf; } +config_t *parse_config_line(char *line, const char *fname, int lineno) { + config_t *cfg; + int len; + char *variable, *value, *eol; + variable = value = line; + + eol = line + strlen(line); + while(strchr("\t ", *--eol)) + *eol = '\0'; + + len = strcspn(value, "\t ="); + value += len; + value += strspn(value, "\t "); + if(*value == '=') { + value++; + value += strspn(value, "\t "); + } + variable[len] = '\0'; + + if(!*value) { + const char err[] = "No value for variable"; + if (fname) + logger(LOG_ERR, "%s `%s' on line %d while reading config file %s", + err, variable, lineno, fname); + else + logger(LOG_ERR, "%s `%s' in command line option %d", + err, variable, lineno); + return NULL; + } + + cfg = new_config(); + cfg->variable = xstrdup(variable); + cfg->value = xstrdup(value); + cfg->file = fname ? xstrdup(fname) : NULL; + cfg->line = lineno; + + return cfg; +} + /* Parse a configuration file and put the results in the configuration tree starting at *base. @@ -241,9 +289,7 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) { FILE *fp; char buffer[MAX_STRING_SIZE]; char *line; - char *variable, *value, *eol; int lineno = 0; - int len; bool ignore = false; config_t *cfg; bool result = false; @@ -280,34 +326,9 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) { continue; } - variable = value = line; - - eol = line + strlen(line); - while(strchr("\t ", *--eol)) - *eol = '\0'; - - len = strcspn(value, "\t ="); - value += len; - value += strspn(value, "\t "); - if(*value == '=') { - value++; - value += strspn(value, "\t "); - } - variable[len] = '\0'; - - - if(!*value) { - logger(LOG_ERR, "No value for variable `%s' on line %d while reading config file %s", - variable, lineno, fname); + cfg = parse_config_line(line, fname, lineno); + if (!cfg) break; - } - - cfg = new_config(); - cfg->variable = xstrdup(variable); - cfg->value = xstrdup(value); - cfg->file = xstrdup(fname); - cfg->line = lineno; - config_add(config_tree, cfg); } @@ -316,10 +337,43 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) { return result; } +void read_config_options(avl_tree_t *config_tree, const char *prefix) { + list_node_t *node, *next; + size_t prefix_len = prefix ? strlen(prefix) : 0; + + for(node = cmdline_conf->tail; node; node = next) { + config_t *orig_cfg, *cfg = (config_t *)node->data; + next = node->prev; + + if(!prefix) { + if(strchr(cfg->variable, '.')) + continue; + node->data = NULL; + list_unlink_node(cmdline_conf, node); + } else { + if(strncmp(prefix, cfg->variable, prefix_len) || + cfg->variable[prefix_len] != '.') + continue; + /* Because host configuration is parsed again when + reconnecting, nodes must not be freed when a prefix + is given. */ + orig_cfg = cfg; + cfg = new_config(); + cfg->variable = xstrdup(orig_cfg->variable + prefix_len + 1); + cfg->value = xstrdup(orig_cfg->value); + cfg->file = NULL; + cfg->line = orig_cfg->line; + } + config_add(config_tree, cfg); + } +} + bool read_server_config() { char *fname; bool x; + read_config_options(config_tree, NULL); + xasprintf(&fname, "%s/tinc.conf", confbase); x = read_config_file(config_tree, fname); @@ -332,6 +386,19 @@ bool read_server_config() { return x; } +bool read_connection_config(connection_t *c) { + char *fname; + bool x; + + read_config_options(c->config_tree, c->name); + + xasprintf(&fname, "%s/hosts/%s", confbase, c->name); + x = read_config_file(c->config_tree, fname); + free(fname); + + return x; +} + FILE *ask_and_open(const char *filename, const char *what) { FILE *r; char *directory; @@ -400,24 +467,33 @@ bool disable_old_keys(FILE *f) { rewind(f); pos = ftell(f); + if(pos < 0) + return false; + while(fgets(buf, sizeof buf, f)) { if(!strncmp(buf, "-----BEGIN RSA", 14)) { buf[11] = 'O'; buf[12] = 'L'; buf[13] = 'D'; - fseek(f, pos, SEEK_SET); - fputs(buf, f); + if(fseek(f, pos, SEEK_SET)) + break; + if(fputs(buf, f) <= 0) + break; disabled = true; } else if(!strncmp(buf, "-----END RSA", 12)) { buf[ 9] = 'O'; buf[10] = 'L'; buf[11] = 'D'; - fseek(f, pos, SEEK_SET); - fputs(buf, f); + if(fseek(f, pos, SEEK_SET)) + break; + if(fputs(buf, f) <= 0) + break; disabled = true; } pos = ftell(f); + if(pos < 0) + break; } return disabled; diff --git a/src/conf.h b/src/conf.h index dae4eab..3eae4ad 100644 --- a/src/conf.h +++ b/src/conf.h @@ -22,6 +22,7 @@ #define __TINC_CONF_H__ #include "avl_tree.h" +#include "list.h" typedef struct config_t { char *variable; @@ -40,6 +41,7 @@ extern int maxtimeout; extern bool bypass_security; extern char *confbase; extern char *netname; +extern list_t *cmdline_conf; extern void init_configuration(avl_tree_t **); extern void exit_configuration(avl_tree_t **); @@ -54,8 +56,11 @@ extern bool get_config_string(const config_t *, char **); extern bool get_config_address(const config_t *, struct addrinfo **); extern bool get_config_subnet(const config_t *, struct subnet_t **); +extern config_t *parse_config_line(char *, const char *, int); extern bool read_config_file(avl_tree_t *, const char *); +extern void read_config_options(avl_tree_t *, const char *); extern bool read_server_config(void); +extern bool read_connection_config(struct connection_t *); extern FILE *ask_and_open(const char *, const char *); extern bool is_safe_path(const char *); extern bool disable_old_keys(FILE *); diff --git a/src/connection.c b/src/connection.c index 6229e79..ac946ab 100644 --- a/src/connection.c +++ b/src/connection.c @@ -127,14 +127,3 @@ void dump_connections(void) { logger(LOG_DEBUG, "End of connections."); } - -bool read_connection_config(connection_t *c) { - char *fname; - bool x; - - xasprintf(&fname, "%s/hosts/%s", confbase, c->name); - x = read_config_file(c->config_tree, fname); - free(fname); - - return x; -} diff --git a/src/connection.h b/src/connection.h index 5aac4a6..05e8b4b 100644 --- a/src/connection.h +++ b/src/connection.h @@ -111,6 +111,5 @@ extern void free_connection(connection_t *); extern void connection_add(connection_t *); extern void connection_del(connection_t *); extern void dump_connections(void); -extern bool read_connection_config(connection_t *); #endif /* __TINC_CONNECTION_H__ */ diff --git a/src/cygwin/device.c b/src/cygwin/device.c index 958184b..90966cd 100644 --- a/src/cygwin/device.c +++ b/src/cygwin/device.c @@ -38,8 +38,8 @@ char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; static pid_t reader_pid; static int sp[2]; @@ -261,6 +261,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/graph.c b/src/graph.c index 1e6043d..3495f23 100644 --- a/src/graph.c +++ b/src/graph.c @@ -1,6 +1,6 @@ /* graph.c -- graph algorithms - Copyright (C) 2001-2010 Guus Sliepen , + Copyright (C) 2001-2011 Guus Sliepen , 2001-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -199,16 +199,12 @@ void sssp_bfs(void) { n->address is set to the e->address of the edge left of n to n. We are currently examining the edge e right of n from n: - - If e->reverse->address != n->address, then e->to is probably - not reachable for the nodes left of n. We do as if the indirectdata - flag is set on edge e. - If edge e provides for better reachability of e->to, update e->to and (re)add it to the todo_list to (re)examine the reachability of nodes behind it. */ - indirect = n->status.indirect || e->options & OPTION_INDIRECT - || ((n != myself) && sockaddrcmp(&n->address, &e->reverse->address)); + indirect = n->status.indirect || e->options & OPTION_INDIRECT; if(e->to->status.visited && (!e->to->status.indirect || indirect)) diff --git a/src/linux/device.c b/src/linux/device.c index 35c66d5..0632d51 100644 --- a/src/linux/device.c +++ b/src/linux/device.c @@ -47,11 +47,12 @@ char *iface = NULL; static char ifrname[IFNAMSIZ]; static char *device_info; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; bool setup_device(void) { struct ifreq ifr; + bool t1q = false; if(!get_config_string(lookup_config(config_tree, "Device"), &device)) device = xstrdup(DEFAULT_DEVICE); @@ -61,7 +62,7 @@ bool setup_device(void) { if (netname != NULL) iface = xstrdup(netname); #else - iface = xstrdup(rindex(device, '/') ? rindex(device, '/') + 1 : device); + iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); #endif device_fd = open(device, O_RDWR | O_NONBLOCK); @@ -84,6 +85,12 @@ bool setup_device(void) { device_info = "Linux tun/tap device (tap mode)"; } +#ifdef IFF_ONE_QUEUE + /* Set IFF_ONE_QUEUE flag... */ + if(get_config_bool(lookup_config(config_tree, "IffOneQueue"), &t1q) && t1q) + ifr.ifr_flags |= IFF_ONE_QUEUE; +#endif + if(iface) strncpy(ifr.ifr_name, iface, IFNAMSIZ); @@ -105,7 +112,7 @@ bool setup_device(void) { device_type = DEVICE_TYPE_ETHERTAP; if(iface) free(iface); - iface = xstrdup(rindex(device, '/') ? rindex(device, '/') + 1 : device); + iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device); } logger(LOG_INFO, "%s is a %s", device, device_info); @@ -205,6 +212,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/logger.c b/src/logger.c index a1cc207..bc20438 100644 --- a/src/logger.c +++ b/src/logger.c @@ -85,7 +85,7 @@ void logger(int priority, const char *format, ...) { #ifdef HAVE_MINGW { char message[4096]; - char *messages[] = {message}; + const char *messages[] = {message}; vsnprintf(message, sizeof(message), format, ap); ReportEvent(loghandle, priority, 0, 0, NULL, 1, 0, messages, NULL); } diff --git a/src/mingw/device.c b/src/mingw/device.c index c0f5d29..fec53cf 100644 --- a/src/mingw/device.c +++ b/src/mingw/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction with Windows tap driver in a MinGW environment Copyright (C) 2002-2005 Ivo Timmermans, - 2002-2009 Guus Sliepen + 2002-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -38,8 +38,8 @@ char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; extern char *myport; @@ -95,17 +95,9 @@ bool setup_device(void) { bool found = false; - int sock, err; + int err; HANDLE thread; - struct addrinfo *ai; - struct addrinfo hint = { - .ai_family = AF_UNSPEC, - .ai_socktype = SOCK_STREAM, - .ai_protocol = IPPROTO_TCP, - .ai_flags = 0, - }; - get_config_string(lookup_config(config_tree, "Device"), &device); get_config_string(lookup_config(config_tree, "Interface"), &iface); @@ -247,6 +239,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/net.c b/src/net.c index a04ba00..e6a1166 100644 --- a/src/net.c +++ b/src/net.c @@ -1,7 +1,7 @@ /* net.c -- most of the network code Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2010 Guus Sliepen + 2000-2011 Guus Sliepen 2006 Scott Lamb This program is free software; you can redistribute it and/or modify @@ -44,6 +44,8 @@ bool do_purge = false; volatile bool running = false; time_t now = 0; +int contradicting_add_edge = 0; +int contradicting_del_edge = 0; /* Purge edges and subnets of unreachable nodes. Use carefully. */ @@ -278,12 +280,21 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) { int result, i; socklen_t len = sizeof(result); vpn_packet_t packet; + static int errors = 0; /* check input from kernel */ if(device_fd >= 0 && FD_ISSET(device_fd, readset)) { if(read_packet(&packet)) { + errors = 0; packet.priority = 0; route(myself, &packet); + } else { + usleep(errors * 50000); + errors++; + if(errors > 10) { + logger(LOG_ERR, "Too many errors from %s, exiting!", device); + running = false; + } } } @@ -297,7 +308,7 @@ static void check_network_activity(fd_set * readset, fd_set * writeset) { if(FD_ISSET(c->socket, readset)) { if(c->status.connecting) { c->status.connecting = false; - getsockopt(c->socket, SOL_SOCKET, SO_ERROR, &result, &len); + getsockopt(c->socket, SOL_SOCKET, SO_ERROR, (void *)&result, &len); if(!result) finish_connecting(c); @@ -415,6 +426,19 @@ int main_loop(void) { send_key_changed(broadcast, myself); keyexpires = now + keylifetime; } + + if(contradicting_del_edge > 10 && contradicting_add_edge > 10) { + logger(LOG_WARNING, "Possible node with same Name as us!"); + + if(rand() % 3 == 0) { + logger(LOG_ERR, "Shutting down, check configuration of all nodes for duplicate Names!"); + running = false; + break; + } + + contradicting_add_edge = 0; + contradicting_del_edge = 0; + } } if(sigalrm) { diff --git a/src/net.h b/src/net.h index a97759f..55856e2 100644 --- a/src/net.h +++ b/src/net.h @@ -106,15 +106,20 @@ extern list_t *outgoing_list; extern int maxoutbufsize; extern int seconds_till_retry; extern int addressfamily; +extern unsigned replaywin; extern listen_socket_t listen_socket[MAXSOCKETS]; extern int listen_sockets; extern int keyexpires; extern int keylifetime; +extern int udp_rcvbuf; +extern int udp_sndbuf; extern bool do_prune; extern bool do_purge; extern char *myport; extern time_t now; +extern int contradicting_add_edge; +extern int contradicting_del_edge; /* Yes, very strange placement indeed, but otherwise the typedefs get all tangled up */ #include "connection.h" diff --git a/src/net_packet.c b/src/net_packet.c index a438d3e..c7efa88 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -1,7 +1,9 @@ /* net_packet.c -- Handles in- and outgoing VPN packets Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2010 Guus Sliepen + 2000-2011 Guus Sliepen + 2010 Timothy Redaelli + 2010 Brandon Black This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -59,6 +61,8 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999 static void send_udppacket(node_t *, vpn_packet_t *); +unsigned replaywin = 16; + #define MAX_SEQNO 1073741824 // mtuprobes == 1..30: initial discovery, send bursts with 1 second interval @@ -81,16 +85,21 @@ void send_mtu_probe(node_t *n) { } if(n->mtuprobes > 32) { + if(!n->minmtu) { + n->mtuprobes = 31; + timeout = pinginterval; + goto end; + } + ifdebug(TRAFFIC) logger(LOG_INFO, "%s (%s) did not respond to UDP ping, restarting PMTU discovery", n->name, n->hostname); n->mtuprobes = 1; n->minmtu = 0; n->maxmtu = MTU; } - if(n->mtuprobes >= 10 && !n->minmtu) { + if(n->mtuprobes >= 10 && n->mtuprobes < 32 && !n->minmtu) { ifdebug(TRAFFIC) logger(LOG_INFO, "No response to MTU probes from %s (%s)", n->name, n->hostname); - n->mtuprobes = 0; - return; + n->mtuprobes = 31; } if(n->mtuprobes == 30 || (n->mtuprobes < 30 && n->minmtu >= n->maxmtu)) { @@ -144,12 +153,17 @@ void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { packet->data[0] = 1; send_udppacket(n, packet); } else { + if(n->mtuprobes > 30) { + if(n->minmtu) + n->mtuprobes = 30; + else + n->mtuprobes = 1; + } + if(len > n->maxmtu) len = n->maxmtu; if(n->minmtu < len) n->minmtu = len; - if(n->mtuprobes > 30) - n->mtuprobes = 30; } } @@ -292,25 +306,32 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { inpkt->len -= sizeof(inpkt->seqno); inpkt->seqno = ntohl(inpkt->seqno); - if(inpkt->seqno != n->received_seqno + 1) { - if(inpkt->seqno >= n->received_seqno + sizeof(n->late) * 8) { - logger(LOG_WARNING, "Lost %d packets from %s (%s)", - inpkt->seqno - n->received_seqno - 1, n->name, n->hostname); - - memset(n->late, 0, sizeof(n->late)); - } else if (inpkt->seqno <= n->received_seqno) { - if((n->received_seqno >= sizeof(n->late) * 8 && inpkt->seqno <= n->received_seqno - sizeof(n->late) * 8) || !(n->late[(inpkt->seqno / 8) % sizeof(n->late)] & (1 << inpkt->seqno % 8))) { - logger(LOG_WARNING, "Got late or replayed packet from %s (%s), seqno %d, last received %d", - n->name, n->hostname, inpkt->seqno, n->received_seqno); - return; + if(replaywin) { + if(inpkt->seqno != n->received_seqno + 1) { + if(inpkt->seqno >= n->received_seqno + replaywin * 8) { + if(n->farfuture++ < replaywin >> 2) { + logger(LOG_WARNING, "Packet from %s (%s) is %d seqs in the future, dropped (%u)", + n->name, n->hostname, inpkt->seqno - n->received_seqno - 1, n->farfuture); + return; + } + logger(LOG_WARNING, "Lost %d packets from %s (%s)", + inpkt->seqno - n->received_seqno - 1, n->name, n->hostname); + memset(n->late, 0, replaywin); + } else if (inpkt->seqno <= n->received_seqno) { + if((n->received_seqno >= replaywin * 8 && inpkt->seqno <= n->received_seqno - replaywin * 8) || !(n->late[(inpkt->seqno / 8) % replaywin] & (1 << inpkt->seqno % 8))) { + logger(LOG_WARNING, "Got late or replayed packet from %s (%s), seqno %d, last received %d", + n->name, n->hostname, inpkt->seqno, n->received_seqno); + return; + } + } else { + for(i = n->received_seqno + 1; i < inpkt->seqno; i++) + n->late[(i / 8) % replaywin] |= 1 << i % 8; } - } else { - for(i = n->received_seqno + 1; i < inpkt->seqno; i++) - n->late[(i / 8) % sizeof(n->late)] |= 1 << i % 8; } + + n->farfuture = 0; + n->late[(inpkt->seqno / 8) % replaywin] &= ~(1 << inpkt->seqno % 8); } - - n->late[(inpkt->seqno / 8) % sizeof(n->late)] &= ~(1 << inpkt->seqno % 8); if(inpkt->seqno > n->received_seqno) n->received_seqno = inpkt->seqno; @@ -365,7 +386,9 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { vpn_packet_t *outpkt; int origlen; int outlen, outpad; +#if defined(SOL_IP) && defined(IP_TOS) static int priority = 0; +#endif int origpriority; int sock; @@ -552,20 +575,21 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) { avl_node_t *node; edge_t *e; node_t *n = NULL; + bool hard = false; static time_t last_hard_try = 0; for(node = edge_weight_tree->head; node; node = node->next) { e = node->data; + if(e->to == myself) + continue; + if(sockaddrcmp_noport(from, &e->address)) { if(last_hard_try == now) continue; - last_hard_try = now; + hard = true; } - if(!n) - n = e->to; - if(!try_mac(e->to, pkt)) continue; @@ -573,6 +597,9 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) { break; } + if(hard) + last_hard_try = now; + return n; } diff --git a/src/net_setup.c b/src/net_setup.c index cb70926..cc6ef68 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -3,6 +3,7 @@ Copyright (C) 1998-2005 Ivo Timmermans, 2000-2010 Guus Sliepen 2006 Scott Lamb + 2010 Brandon Black This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -149,7 +150,7 @@ bool read_rsa_private_key(void) { struct stat s; if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) { - if(!get_config_string(lookup_config(myself->connection->config_tree, "PublicKey"), &pubkey)) { + if(!get_config_string(lookup_config(config_tree, "PublicKey"), &pubkey)) { logger(LOG_ERR, "PrivateKey used but no PublicKey found!"); return false; } @@ -270,15 +271,16 @@ bool setup_myself(void) { config_t *cfg; subnet_t *subnet; char *name, *hostname, *mode, *afname, *cipher, *digest; + char *fname = NULL; char *address = NULL; char *envp[5]; struct addrinfo *ai, *aip, hint = {0}; bool choice; int i, err; + int replaywin_int; myself = new_node(); myself->connection = new_connection(); - init_configuration(&myself->connection->config_tree); myself->hostname = xstrdup("MYSELF"); myself->connection->hostname = xstrdup("MYSELF"); @@ -299,17 +301,15 @@ bool setup_myself(void) { myself->name = name; myself->connection->name = xstrdup(name); - - if(!read_connection_config(myself->connection)) { - logger(LOG_ERR, "Cannot open host configuration file for myself!"); - return false; - } + xasprintf(&fname, "%s/hosts/%s", confbase, name); + read_config_options(config_tree, name); + read_config_file(config_tree, fname); + free(fname); if(!read_rsa_private_key()) return false; - if(!get_config_string(lookup_config(config_tree, "Port"), &myport) - && !get_config_string(lookup_config(myself->connection->config_tree, "Port"), &myport)) + if(!get_config_string(lookup_config(config_tree, "Port"), &myport)) myport = xstrdup("655"); if(!atoi(myport)) { @@ -324,7 +324,7 @@ bool setup_myself(void) { /* Read in all the subnets specified in the host configuration file */ - cfg = lookup_config(myself->connection->config_tree, "Subnet"); + cfg = lookup_config(config_tree, "Subnet"); while(cfg) { if(!get_config_subnet(cfg, &subnet)) @@ -332,7 +332,7 @@ bool setup_myself(void) { subnet_add(myself, subnet); - cfg = lookup_config_next(myself->connection->config_tree, cfg); + cfg = lookup_config_next(config_tree, cfg); } /* Check some options */ @@ -343,12 +343,6 @@ bool setup_myself(void) { if(get_config_bool(lookup_config(config_tree, "TCPOnly"), &choice) && choice) myself->options |= OPTION_TCPONLY; - if(get_config_bool(lookup_config(myself->connection->config_tree, "IndirectData"), &choice) && choice) - myself->options |= OPTION_INDIRECT; - - if(get_config_bool(lookup_config(myself->connection->config_tree, "TCPOnly"), &choice) && choice) - myself->options |= OPTION_TCPONLY; - if(myself->options & OPTION_TCPONLY) myself->options |= OPTION_INDIRECT; @@ -386,14 +380,12 @@ bool setup_myself(void) { } choice = true; - get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice); get_config_bool(lookup_config(config_tree, "PMTUDiscovery"), &choice); if(choice) myself->options |= OPTION_PMTU_DISCOVERY; choice = true; get_config_bool(lookup_config(config_tree, "ClampMSS"), &choice); - get_config_bool(lookup_config(myself->connection->config_tree, "ClampMSS"), &choice); if(choice) myself->options |= OPTION_CLAMP_MSS; @@ -415,6 +407,28 @@ bool setup_myself(void) { } else maxtimeout = 900; + if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) { + if(udp_rcvbuf <= 0) { + logger(LOG_ERR, "UDPRcvBuf cannot be negative!"); + return false; + } + } + + if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) { + if(udp_sndbuf <= 0) { + logger(LOG_ERR, "UDPSndBuf cannot be negative!"); + return false; + } + } + + if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) { + if(replaywin_int < 0) { + logger(LOG_ERR, "ReplayWindow cannot be negative!"); + return false; + } + replaywin = (unsigned)replaywin_int; + } + if(get_config_string(lookup_config(config_tree, "AddressFamily"), &afname)) { if(!strcasecmp(afname, "IPv4")) addressfamily = AF_INET; @@ -434,7 +448,7 @@ bool setup_myself(void) { /* Generate packet encryption key */ if(get_config_string - (lookup_config(myself->connection->config_tree, "Cipher"), &cipher)) { + (lookup_config(config_tree, "Cipher"), &cipher)) { if(!strcasecmp(cipher, "none")) { myself->incipher = NULL; } else { @@ -462,7 +476,7 @@ bool setup_myself(void) { /* Check if we want to use message authentication codes... */ - if(get_config_string(lookup_config(myself->connection->config_tree, "Digest"), &digest)) { + if(get_config_string(lookup_config(config_tree, "Digest"), &digest)) { if(!strcasecmp(digest, "none")) { myself->indigest = NULL; } else { @@ -478,7 +492,7 @@ bool setup_myself(void) { myself->connection->outdigest = EVP_sha1(); - if(get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength)) { + if(get_config_int(lookup_config(config_tree, "MACLength"), &myself->inmaclength)) { if(myself->indigest) { if(myself->inmaclength > myself->indigest->md_size) { logger(LOG_ERR, "MAC length exceeds size of digest!"); @@ -495,7 +509,7 @@ bool setup_myself(void) { /* Compression */ - if(get_config_int(lookup_config(myself->connection->config_tree, "Compression"), &myself->incompression)) { + if(get_config_int(lookup_config(config_tree, "Compression"), &myself->incompression)) { if(myself->incompression < 0 || myself->incompression > 11) { logger(LOG_ERR, "Bogus compression level!"); return false; diff --git a/src/net_socket.c b/src/net_socket.c index 96e268f..2e6b068 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -44,6 +44,8 @@ int addressfamily = AF_UNSPEC; int maxtimeout = 900; int seconds_till_retry = 5; +int udp_rcvbuf = 0; +int udp_sndbuf = 0; listen_socket_t listen_socket[MAXSOCKETS]; int listen_sockets; @@ -70,12 +72,12 @@ static void configure_tcp(connection_t *c) { #if defined(SOL_TCP) && defined(TCP_NODELAY) option = 1; - setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option)); + setsockopt(c->socket, SOL_TCP, TCP_NODELAY, (void *)&option, sizeof(option)); #endif #if defined(SOL_IP) && defined(IP_TOS) && defined(IPTOS_LOWDELAY) option = IPTOS_LOWDELAY; - setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option)); + setsockopt(c->socket, SOL_IP, IP_TOS, (void *)&option, sizeof(option)); #endif } @@ -95,7 +97,7 @@ static bool bind_to_interface(int sd) { strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ); ifr.ifr_ifrn.ifrn_name[IFNAMSIZ - 1] = 0; - status = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr)); + status = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr)); if(status) { logger(LOG_ERR, "Can't bind to interface %s: %s", iface, strerror(errno)); @@ -181,11 +183,11 @@ int setup_listen_socket(const sockaddr_t *sa) { /* Optimize TCP settings */ option = 1; - setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option)); + setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option)); #if defined(SOL_IPV6) && defined(IPV6_V6ONLY) if(sa->sa.sa_family == AF_INET6) - setsockopt(nfd, SOL_IPV6, IPV6_V6ONLY, &option, sizeof option); + setsockopt(nfd, SOL_IPV6, IPV6_V6ONLY, (void *)&option, sizeof option); #endif if(get_config_string @@ -196,7 +198,7 @@ int setup_listen_socket(const sockaddr_t *sa) { memset(&ifr, 0, sizeof(ifr)); strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ); - if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr))) { + if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr))) { closesocket(nfd); logger(LOG_ERR, "Can't bind to interface %s: %s", iface, strerror(sockerrno)); @@ -259,11 +261,17 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { #endif option = 1; - setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option)); + setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof(option)); + + if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf))) + logger(LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno)); + + if(udp_sndbuf && setsockopt(nfd, SOL_SOCKET, SO_SNDBUF, (void *)&udp_sndbuf, sizeof(udp_sndbuf))) + logger(LOG_WARNING, "Can't set UDP SO_SNDBUF to %i: %s", udp_sndbuf, strerror(errno)); #if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY) if(sa->sa.sa_family == AF_INET6) - setsockopt(nfd, IPPROTO_IPV6, IPV6_V6ONLY, &option, sizeof option); + setsockopt(nfd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&option, sizeof option); #endif #if defined(IP_DONTFRAG) && !defined(IP_DONTFRAGMENT) @@ -273,12 +281,12 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO) if(myself->options & OPTION_PMTU_DISCOVERY) { option = IP_PMTUDISC_DO; - setsockopt(nfd, SOL_IP, IP_MTU_DISCOVER, &option, sizeof(option)); + setsockopt(nfd, SOL_IP, IP_MTU_DISCOVER, (void *)&option, sizeof(option)); } #elif defined(IPPROTO_IP) && defined(IP_DONTFRAGMENT) if(myself->options & OPTION_PMTU_DISCOVERY) { option = 1; - setsockopt(nfd, IPPROTO_IP, IP_DONTFRAGMENT, &option, sizeof(option)); + setsockopt(nfd, IPPROTO_IP, IP_DONTFRAGMENT, (void *)&option, sizeof(option)); } #else #warning No way to disable IPv4 fragmentation @@ -287,12 +295,12 @@ int setup_vpn_in_socket(const sockaddr_t *sa) { #if defined(SOL_IPV6) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO) if(myself->options & OPTION_PMTU_DISCOVERY) { option = IPV6_PMTUDISC_DO; - setsockopt(nfd, SOL_IPV6, IPV6_MTU_DISCOVER, &option, sizeof(option)); + setsockopt(nfd, SOL_IPV6, IPV6_MTU_DISCOVER, (void *)&option, sizeof(option)); } #elif defined(IPPROTO_IPV6) && defined(IPV6_DONTFRAG) if(myself->options & OPTION_PMTU_DISCOVERY) { option = 1; - setsockopt(nfd, IPPROTO_IPV6, IPV6_DONTFRAG, &option, sizeof(option)); + setsockopt(nfd, IPPROTO_IPV6, IPV6_DONTFRAG, (void *)&option, sizeof(option)); } #else #warning No way to disable IPv6 fragmentation @@ -410,7 +418,7 @@ begin: #if defined(SOL_IPV6) && defined(IPV6_V6ONLY) int option = 1; if(c->address.sa.sa_family == AF_INET6) - setsockopt(c->socket, SOL_IPV6, IPV6_V6ONLY, &option, sizeof option); + setsockopt(c->socket, SOL_IPV6, IPV6_V6ONLY, (void *)&option, sizeof option); #endif bind_to_interface(c->socket); diff --git a/src/netutl.c b/src/netutl.c index 6acdffa..11a06ed 100644 --- a/src/netutl.c +++ b/src/netutl.c @@ -1,7 +1,7 @@ /* netutl.c -- some supporting network utility code Copyright (C) 1998-2005 Ivo Timmermans - 2000-2009 Guus Sliepen + 2000-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -93,8 +93,7 @@ void sockaddr2str(const sockaddr_t *sa, char **addrstr, char **portstr) { if(err) { logger(LOG_ERR, "Error while translating addresses: %s", gai_strerror(err)); - raise(SIGFPE); - exit(0); + abort(); } scopeid = strchr(address, '%'); @@ -155,8 +154,7 @@ int sockaddrcmp_noport(const sockaddr_t *a, const sockaddr_t *b) { default: logger(LOG_ERR, "sockaddrcmp() was called with unknown address family %d, exitting!", a->sa.sa_family); - raise(SIGFPE); - exit(0); + abort(); } } @@ -199,8 +197,7 @@ int sockaddrcmp(const sockaddr_t *a, const sockaddr_t *b) { default: logger(LOG_ERR, "sockaddrcmp() was called with unknown address family %d, exitting!", a->sa.sa_family); - raise(SIGFPE); - exit(0); + abort(); } } diff --git a/src/node.c b/src/node.c index b323dca..36979ef 100644 --- a/src/node.c +++ b/src/node.c @@ -1,6 +1,6 @@ /* node.c -- node tree management - Copyright (C) 2001-2009 Guus Sliepen , + Copyright (C) 2001-2011 Guus Sliepen , 2001-2005 Ivo Timmermans This program is free software; you can redistribute it and/or modify @@ -54,6 +54,7 @@ void exit_nodes(void) { node_t *new_node(void) { node_t *n = xmalloc_and_zero(sizeof(*n)); + if(replaywin) n->late = xmalloc_and_zero(replaywin); n->subnet_tree = new_subnet_tree(); n->edge_tree = new_edge_tree(); EVP_CIPHER_CTX_init(&n->inctx); @@ -91,6 +92,9 @@ void free_node(node_t *n) { if(n->name) free(n->name); + if(n->late) + free(n->late); + free(n); } @@ -137,6 +141,11 @@ node_t *lookup_node_udp(const sockaddr_t *sa) { } void update_node_udp(node_t *n, const sockaddr_t *sa) { + if(n == myself) { + logger(LOG_WARNING, "Trying to update UDP address of myself!\n"); + return; + } + avl_delete(node_udp_tree, n); if(n->hostname) diff --git a/src/node.h b/src/node.h index 83e89c7..7bac28e 100644 --- a/src/node.h +++ b/src/node.h @@ -77,7 +77,8 @@ typedef struct node_t { uint32_t sent_seqno; /* Sequence number last sent to this node */ uint32_t received_seqno; /* Sequence number last received from this node */ - unsigned char late[16]; /* Bitfield marking late packets */ + uint32_t farfuture; /* Packets in a row that have arrived from the far future */ + unsigned char* late; /* Bitfield marking late packets */ length_t mtu; /* Maximum size of packets to send to this node */ length_t minmtu; /* Probed minimum MTU */ diff --git a/src/process.c b/src/process.c index 6d0e499..e74c1d9 100644 --- a/src/process.c +++ b/src/process.c @@ -1,7 +1,7 @@ /* process.c -- process management functions Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2009 Guus Sliepen + 2000-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -43,7 +43,9 @@ extern char **g_argv; extern bool use_logfile; extern volatile bool running; +#ifndef HAVE_MINGW sigset_t emptysigset; +#endif static int saved_debug_level = -1; @@ -354,7 +356,7 @@ bool detach(void) { bool execute_script(const char *name, char **envp) { #ifdef HAVE_SYSTEM int status, len; - char *scriptname, *p; + char *scriptname; int i; #ifndef HAVE_MINGW @@ -395,7 +397,7 @@ bool execute_script(const char *name, char **envp) { for(i = 0; envp[i]; i++) { char *e = strchr(envp[i], '='); if(e) { - p = alloca(e - envp[i] + 1); + char p[e - envp[i] + 1]; strncpy(p, envp[i], e - envp[i]); p[e - envp[i]] = '\0'; putenv(p); @@ -544,6 +546,7 @@ static struct { {SIGCHLD, ignore_signal_handler}, {SIGALRM, sigalrm_handler}, {SIGWINCH, sigwinch_handler}, + {SIGABRT, SIG_DFL}, {0, NULL} }; #endif diff --git a/src/process.h b/src/process.h index bb42cd0..8d2d562 100644 --- a/src/process.h +++ b/src/process.h @@ -30,4 +30,8 @@ extern bool execute_script(const char *, char **); extern bool detach(void); extern bool kill_other(int); +#ifdef HAVE_MINGW +extern bool init_service(void); +#endif + #endif /* __TINC_PROCESS_H__ */ diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 98d5b61..cde7ead 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -109,15 +109,13 @@ bool id_h(connection_t *c) { } bool send_metakey(connection_t *c) { - char *buffer; - int len; bool x; - len = RSA_size(c->rsa_key); + int len = RSA_size(c->rsa_key); /* Allocate buffers for the meta key */ - buffer = alloca(2 * len + 1); + char buffer[2 * len + 1]; c->outkey = xrealloc(c->outkey, len); @@ -287,16 +285,13 @@ bool metakey_h(connection_t *c) { } bool send_challenge(connection_t *c) { - char *buffer; - int len; - /* CHECKME: what is most reasonable value for len? */ - len = RSA_size(c->rsa_key); + int len = RSA_size(c->rsa_key); /* Allocate buffers for the challenge */ - buffer = alloca(2 * len + 1); + char buffer[2 * len + 1]; c->hischallenge = xrealloc(c->hischallenge, len); @@ -539,7 +534,7 @@ bool ack_h(connection_t *c) { if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu) n->mtu = mtu; - if(get_config_int(lookup_config(myself->connection->config_tree, "PMTU"), &mtu) && mtu < n->mtu) + if(get_config_int(lookup_config(config_tree, "PMTU"), &mtu) && mtu < n->mtu) n->mtu = mtu; if(get_config_bool(lookup_config(c->config_tree, "ClampMSS"), &choice)) { diff --git a/src/protocol_edge.c b/src/protocol_edge.c index 300333b..32102d2 100644 --- a/src/protocol_edge.c +++ b/src/protocol_edge.c @@ -133,6 +133,7 @@ bool add_edge_h(connection_t *c) { } else if(from == myself) { ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself which does not exist", "ADD_EDGE", c->name, c->hostname); + contradicting_add_edge++; e = new_edge(); e->from = from; e->to = to; @@ -229,6 +230,7 @@ bool del_edge_h(connection_t *c) { if(e->from == myself) { ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself", "DEL_EDGE", c->name, c->hostname); + contradicting_del_edge++; send_add_edge(c, e); /* Send back a correction */ return true; } diff --git a/src/protocol_key.c b/src/protocol_key.c index 67f40af..6ff68d2 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -1,7 +1,7 @@ /* protocol_key.c -- handle the meta-protocol, key exchange Copyright (C) 1999-2005 Ivo Timmermans, - 2000-2010 Guus Sliepen + 2000-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -145,8 +145,6 @@ bool req_key_h(connection_t *c) { } bool send_ans_key(node_t *to) { - char *key; - // Set key parameters to->incipher = myself->incipher; to->inkeylength = myself->inkeylength; @@ -165,10 +163,10 @@ bool send_ans_key(node_t *to) { // Reset sequence number and late packet window mykeyused = true; to->received_seqno = 0; - memset(to->late, 0, sizeof(to->late)); + if(replaywin) memset(to->late, 0, replaywin); // Convert to hexadecimal and send - key = alloca(2 * to->inkeylength + 1); + char key[2 * to->inkeylength + 1]; bin2hex(to->inkey, key, to->inkeylength); key[to->inkeylength * 2] = '\0'; @@ -229,7 +227,7 @@ bool ans_key_h(connection_t *c) { return true; } - if(!*address) { + if(!*address && from->address.sa.sa_family != AF_UNSPEC) { char *address, *port; ifdebug(PROTOCOL) logger(LOG_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name); sockaddr2str(&from->address, &address, &port); @@ -312,7 +310,7 @@ bool ans_key_h(connection_t *c) { update_node_udp(from, &sa); } - if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes) + if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuevent) send_mtu_probe(from); return true; diff --git a/src/raw_socket/device.c b/src/raw_socket/device.c index 30bb184..f68e461 100644 --- a/src/raw_socket/device.c +++ b/src/raw_socket/device.c @@ -35,8 +35,8 @@ char *iface = NULL; static char ifrname[IFNAMSIZ]; static char *device_info; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; bool setup_device(void) { struct ifreq ifr; @@ -123,6 +123,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/solaris/device.c b/src/solaris/device.c index e26dc06..3a50b16 100644 --- a/src/solaris/device.c +++ b/src/solaris/device.c @@ -1,7 +1,7 @@ /* device.c -- Interaction with Solaris tun device Copyright (C) 2001-2005 Ivo Timmermans, - 2001-2009 Guus Sliepen + 2001-2011 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -34,15 +34,15 @@ #define DEFAULT_DEVICE "/dev/tun" int device_fd = -1; +int ip_fd = -1, if_fd = -1; char *device = NULL; char *iface = NULL; static char *device_info = NULL; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; bool setup_device(void) { - int ip_fd = -1, if_fd = -1; int ppa; char *ptr; @@ -105,6 +105,8 @@ bool setup_device(void) { } void close_device(void) { + close(if_fd); + close(ip_fd); close(device_fd); free(device); @@ -163,6 +165,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); } diff --git a/src/tincd.c b/src/tincd.c index 3debb3e..40ac038 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -1,9 +1,11 @@ /* tincd.c -- the main file for tincd Copyright (C) 1998-2005 Ivo Timmermans - 2000-2010 Guus Sliepen + 2000-2011 Guus Sliepen 2008 Max Rijevski 2009 Michael Tokarev + 2010 Julien Muchembled + 2010 Timothy Redaelli This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -118,6 +120,7 @@ static struct option const long_options[] = { #ifdef HAVE_MINGW static struct WSAData wsa_state; CRITICAL_SECTION mutex; +int main2(int argc, char **argv); #endif static void usage(bool status) { @@ -135,6 +138,7 @@ static void usage(bool status) { " -L, --mlock Lock tinc into main memory.\n" " --logfile[=FILENAME] Write log entries to a logfile.\n" " --pidfile=FILENAME Write PID to FILENAME.\n" + " -o [HOST.]KEY=VALUE Set global/host configuration value.\n" " -R, --chroot chroot to NET dir at startup.\n" " -U, --user=USER setuid to given USER at startup.\n" " --help Display this help and exit.\n" @@ -144,10 +148,14 @@ static void usage(bool status) { } static bool parse_options(int argc, char **argv) { + config_t *cfg; int r; int option_index = 0; + int lineno = 0; - while((r = getopt_long(argc, argv, "c:DLd::k::n:K::RU:", long_options, &option_index)) != EOF) { + cmdline_conf = list_alloc((list_action_t)free_config); + + while((r = getopt_long(argc, argv, "c:DLd::k::n:o:K::RU:", long_options, &option_index)) != EOF) { switch (r) { case 0: /* long option */ break; @@ -195,6 +203,8 @@ static bool parse_options(int argc, char **argv) { kill_tincd = SIGINT; else if(!strcasecmp(optarg, "ALRM")) kill_tincd = SIGALRM; + else if(!strcasecmp(optarg, "ABRT")) + kill_tincd = SIGABRT; else { kill_tincd = atoi(optarg); @@ -213,7 +223,16 @@ static bool parse_options(int argc, char **argv) { break; case 'n': /* net name given */ - netname = xstrdup(optarg); + /* netname "." is special: a "top-level name" */ + netname = strcmp(optarg, ".") != 0 ? + xstrdup(optarg) : NULL; + break; + + case 'o': /* option */ + cfg = parse_config_line(optarg, NULL, ++lineno); + if (!cfg) + return false; + list_insert_tail(cmdline_conf, cfg); break; case 'K': /* generate public/private keypair */ @@ -350,6 +369,7 @@ static bool keygen(int bits) { fchmod(fileno(f), 0600); #endif + fputc('\n', f); PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL); fclose(f); free(filename); @@ -367,6 +387,7 @@ static bool keygen(int bits) { if(disable_old_keys(f)) fprintf(stderr, "Warning: old key(s) found and disabled.\n"); + fputc('\n', f); PEM_write_RSAPublicKey(f, rsa_key); fclose(f); free(filename); @@ -483,12 +504,12 @@ static bool drop_privs() { } #ifdef HAVE_MINGW -# define setpriority(level) SetPriorityClass(GetCurrentProcess(), level) +# define setpriority(level) SetPriorityClass(GetCurrentProcess(), (level)) #else # define NORMAL_PRIORITY_CLASS 0 # define BELOW_NORMAL_PRIORITY_CLASS 10 # define HIGH_PRIORITY_CLASS -10 -# define setpriority(level) nice(level) +# define setpriority(level) (setpriority(PRIO_PROCESS, 0, (level))) #endif int main(int argc, char **argv) { @@ -502,7 +523,7 @@ int main(int argc, char **argv) { if(show_version) { printf("%s version %s (built %s %s, protocol %d)\n", PACKAGE, VERSION, __DATE__, __TIME__, PROT_CURRENT); - printf("Copyright (C) 1998-2010 Ivo Timmermans, Guus Sliepen and others.\n" + printf("Copyright (C) 1998-2011 Ivo Timmermans, Guus Sliepen and others.\n" "See the AUTHORS file for a complete list.\n\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "and you are welcome to redistribute it under certain conditions;\n" @@ -594,13 +615,25 @@ int main2(int argc, char **argv) { char *priority = 0; if(get_config_string(lookup_config(config_tree, "ProcessPriority"), &priority)) { - if(!strcasecmp(priority, "Normal")) - setpriority(NORMAL_PRIORITY_CLASS); - else if(!strcasecmp(priority, "Low")) - setpriority(BELOW_NORMAL_PRIORITY_CLASS); - else if(!strcasecmp(priority, "High")) - setpriority(HIGH_PRIORITY_CLASS); - else { + if(!strcasecmp(priority, "Normal")) { + if (setpriority(NORMAL_PRIORITY_CLASS) != 0) { + logger(LOG_ERR, "System call `%s' failed: %s", + "setpriority", strerror(errno)); + goto end; + } + } else if(!strcasecmp(priority, "Low")) { + if (setpriority(BELOW_NORMAL_PRIORITY_CLASS) != 0) { + logger(LOG_ERR, "System call `%s' failed: %s", + "setpriority", strerror(errno)); + goto end; + } + } else if(!strcasecmp(priority, "High")) { + if (setpriority(HIGH_PRIORITY_CLASS) != 0) { + logger(LOG_ERR, "System call `%s' failed: %s", + "setpriority", strerror(errno)); + goto end; + } + } else { logger(LOG_ERR, "Invalid priority `%s`!", priority); goto end; } diff --git a/src/uml_socket/device.c b/src/uml_socket/device.c index 3523f64..59551b4 100644 --- a/src/uml_socket/device.c +++ b/src/uml_socket/device.c @@ -41,8 +41,8 @@ static char *device_info; extern char *identname; extern bool running; -static int device_total_in = 0; -static int device_total_out = 0; +static uint64_t device_total_in = 0; +static uint64_t device_total_out = 0; enum request_type { REQ_NEW_CONTROL }; @@ -272,6 +272,6 @@ bool write_packet(vpn_packet_t *packet) { void dump_device_stats(void) { logger(LOG_DEBUG, "Statistics for %s %s:", device_info, device); - logger(LOG_DEBUG, " total bytes in: %10d", device_total_in); - logger(LOG_DEBUG, " total bytes out: %10d", device_total_out); + logger(LOG_DEBUG, " total bytes in: %10"PRIu64, device_total_in); + logger(LOG_DEBUG, " total bytes out: %10"PRIu64, device_total_out); }