Compare commits

...

19 commits

Author SHA1 Message Date
Guus Sliepen
c14863878e Release 1.0.36-2 for unstable 2020-11-22 10:40:54 +01:00
Guus Sliepen
72c0b016d0 Disable support for livdeplug.
Closes: #973233
2020-11-22 10:40:00 +01:00
Guus Sliepen
464df78ca9 Release 1.0.36-1 for unstable 2019-08-26 14:20:47 +02:00
Guus Sliepen
32e725a2c0 Bump Standards-Version. 2019-08-26 14:15:02 +02:00
Guus Sliepen
038933e7fc Add Vcs tags to debian/control. 2019-08-26 14:00:57 +02:00
Guus Sliepen
6932380624 Update upstream source from tag 'upstream/1.0.36'
Update to upstream version '1.0.36'
with Debian dir 1c07c6f457
2019-08-26 13:52:00 +02:00
Guus Sliepen
10b8518c22 New upstream version 1.0.36 2019-08-26 13:52:00 +02:00
Guus Sliepen
b511a112e6 Import Upstream version 1.1~pre17 2019-08-26 13:44:53 +02:00
Guus Sliepen
bc8ca65653 Import Upstream version 1.1~pre15 2019-08-26 13:44:52 +02:00
Guus Sliepen
87cef22421 Import Upstream version 1.1~pre14-16-g15b868e 2019-08-26 13:44:52 +02:00
Guus Sliepen
aa10d88732 Import Upstream version 1.1~pre12 2019-08-26 13:44:52 +02:00
Guus Sliepen
1813f3157e Import Upstream version 1.1~pre11 2019-08-26 13:44:51 +02:00
Guus Sliepen
60cff3039b Import Upstream version 1.1~pre9 2019-08-26 13:44:51 +02:00
Guus Sliepen
f5c641f5cc Import Upstream version 1.1~pre8 2019-08-26 13:44:51 +02:00
Guus Sliepen
2ebbac3278 Import Upstream version 1.1~pre7 2019-08-26 13:44:50 +02:00
Guus Sliepen
26033edb96 Import Upstream version 1.1~pre6 2019-08-26 13:44:50 +02:00
Guus Sliepen
ff64081061 Import Upstream version 1.1~pre4 2019-08-26 13:44:50 +02:00
Guus Sliepen
34d5939212 Import Upstream version 1.1~pre3 2019-08-26 13:44:49 +02:00
Guus Sliepen
02de1cd2f1 Import Upstream version 1.1~pre2 2019-08-26 13:44:49 +02:00
31 changed files with 892 additions and 921 deletions

View file

@ -1,4 +1,4 @@
Copyright (C) 1998-2018 Ivo Timmermans, Guus Sliepen and others. Copyright (C) 1998-2019 Ivo Timmermans, Guus Sliepen and others.
See the AUTHORS file for a complete list. See the AUTHORS file for a complete list.
This program is free software; you can redistribute it and/or modify it under This program is free software; you can redistribute it and/or modify it under

View file

@ -1,3 +1,26 @@
Version 1.0.36 August 26 2019
------------------------------------------------------------------------
Guus Sliepen (8):
Remove the call to RAND_load_file().
Update THANKS.
Backport tinc 1.1's str2net() function.
Update THANKS.
Fix spelling errors found by codespell.
Reformat all code using astyle.
Add a missing check for a pathname being too long.
Releasing 1.0.36.
Rosen Penev (2):
Fix compilation when OpenSSL has no ENGINE support
Fix compilation without deprecated OpenSSL APIs
Quentin Rameau (1):
Double-quote nodes in graphviz network file
Werner Schreiber (1):
Fix segfault when dest->mtu is 0.
Version 1.0.35 October 05 2018 Version 1.0.35 October 05 2018
------------------------------------------------------------------------ ------------------------------------------------------------------------

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -142,8 +142,8 @@ am__recursive_targets = \
$(am__extra_recursive_targets) $(am__extra_recursive_targets)
AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
cscope distdir distdir-am dist dist-all distcheck cscope distdir distdir-am dist dist-all distcheck
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
$(LISP)config.h.in config.h.in
# Read a list of newline-separated strings from the standard input, # Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is # and print each of them once, without duplicates. Input order is
# *not* preserved. # *not* preserved.
@ -166,7 +166,7 @@ CSCOPE = cscope
DIST_SUBDIRS = $(SUBDIRS) DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in AUTHORS \ am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in AUTHORS \
COPYING ChangeLog INSTALL NEWS README THANKS compile \ COPYING ChangeLog INSTALL NEWS README THANKS compile \
config.guess config.sub install-sh missing config.guess config.sub depcomp install-sh missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION) distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir) top_distdir = $(distdir)
@ -558,6 +558,10 @@ dist-xz: distdir
tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
$(am__post_remove_distdir) $(am__post_remove_distdir)
dist-zstd: distdir
tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst
$(am__post_remove_distdir)
dist-tarZ: distdir dist-tarZ: distdir
@echo WARNING: "Support for distribution archives compressed with" \ @echo WARNING: "Support for distribution archives compressed with" \
"legacy program 'compress' is deprecated." >&2 "legacy program 'compress' is deprecated." >&2
@ -600,6 +604,8 @@ distcheck: dist
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \ *.zip*) \
unzip $(distdir).zip ;;\ unzip $(distdir).zip ;;\
*.tar.zst*) \
zstd -dc $(distdir).tar.zst | $(am__untar) ;;\
esac esac
chmod -R a-w $(distdir) chmod -R a-w $(distdir)
chmod u+w $(distdir) chmod u+w $(distdir)
@ -776,7 +782,7 @@ uninstall-am:
am--refresh check check-am clean clean-cscope clean-generic \ am--refresh check check-am clean clean-cscope clean-generic \
cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \
dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \
distcheck distclean distclean-generic distclean-hdr \ dist-zstd distcheck distclean distclean-generic distclean-hdr \
distclean-tags distcleancheck distdir distuninstallcheck dvi \ distclean-tags distcleancheck distdir distuninstallcheck dvi \
dvi-am html html-am info info-am install install-am \ dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \ install-data install-data-am install-dvi install-dvi-am \

14
NEWS
View file

@ -1,7 +1,21 @@
Version 1.0.36 August 26 2019
* Fix compiling tinc with certain versions of the OpenSSL library.
* Fix parsing some IPv6 addresses with :: in them.
* Fix GraphDumpFile output to handle node names starting with a digit.
* Fix a potential segmentation fault when fragmenting packets.
Thanks to Rosen Penev, Quentin Rameau and Werner Schreiber for their
contributions to this version of tinc.
Version 1.0.35 October 5 2018 Version 1.0.35 October 5 2018
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738). * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758). * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
* Minor fixes in the documentation.
Thanks to Amine Amri and Rafael Sadowski for their contributions to this
version of tinc.
Version 1.0.34 June 12 2018 Version 1.0.34 June 12 2018

4
README
View file

@ -1,7 +1,7 @@
This is the README file for tinc version 1.0.35. Installation This is the README file for tinc version 1.0.36. Installation
instructions may be found in the INSTALL file. instructions may be found in the INSTALL file.
tinc is Copyright (C) 1998-2018 by: tinc is Copyright (C) 1998-2019 by:
Ivo Timmermans, Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>, Guus Sliepen <guus@tinc-vpn.org>,

6
THANKS
View file

@ -22,6 +22,7 @@ We would like to thank the following people for their contributions to tinc:
* Delf Eldkraft * Delf Eldkraft
* Dennis Joachimsthaler * Dennis Joachimsthaler
* dnk * dnk
* Егор Палкин
* Élie Bouttier * Élie Bouttier
* Enrique Zanardi * Enrique Zanardi
* Erik Tews * Erik Tews
@ -42,6 +43,7 @@ We would like to thank the following people for their contributions to tinc:
* James Cook * James Cook
* James MacLean * James MacLean
* Jamie Briggs * Jamie Briggs
* Jan Štembera
* Jason Harper * Jason Harper
* Jason Livesay * Jason Livesay
* Jasper Krijgsman * Jasper Krijgsman
@ -71,6 +73,7 @@ We would like to thank the following people for their contributions to tinc:
* Max Rijevski * Max Rijevski
* Menno Smits * Menno Smits
* Mesar Hameed * Mesar Hameed
* Michael Taylor
* Michael Tokarev * Michael Tokarev
* Michael Yonli * Michael Yonli
* Miles Nordin * Miles Nordin
@ -82,10 +85,12 @@ We would like to thank the following people for their contributions to tinc:
* Philipp Babel * Philipp Babel
* Pierre Emeriaud * Pierre Emeriaud
* Pierre-Olivier Mercier * Pierre-Olivier Mercier
* Rafael Wolf
* Rafael Sadowski * Rafael Sadowski
* Rafał Leśniak * Rafał Leśniak
* Rhosyn Celyn * Rhosyn Celyn
* Robert van der Meulen * Robert van der Meulen
* Robert Waniek
* Rumko * Rumko
* Ryan Miller * Ryan Miller
* Sam Bryan * Sam Bryan
@ -104,6 +109,7 @@ We would like to thank the following people for their contributions to tinc:
* Tonnerre Lombard * Tonnerre Lombard
* Ulrich Seifert * Ulrich Seifert
* Vil Brekin * Vil Brekin
* Vincent Laurent
* Vittorio Gambaletta * Vittorio Gambaletta
* Wendy Willard * Wendy Willard
* Wessel Dankers * Wessel Dankers

48
aclocal.m4 vendored
View file

@ -1,6 +1,6 @@
# generated automatically by aclocal 1.16.1 -*- Autoconf -*- # generated automatically by aclocal 1.16.2 -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc. # Copyright (C) 1996-2020 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -20,7 +20,7 @@ You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely. If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically 'autoreconf'.])]) To do so, use the procedure documented by the package, typically 'autoreconf'.])])
# Copyright (C) 2002-2018 Free Software Foundation, Inc. # Copyright (C) 2002-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -35,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.16' [am__api_version='1.16'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro. dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.16.1], [], m4_if([$1], [1.16.2], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
]) ])
@ -51,14 +51,14 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.16.1])dnl [AM_AUTOMAKE_VERSION([1.16.2])dnl
m4_ifndef([AC_AUTOCONF_VERSION], m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*- # AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -110,7 +110,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*- # AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2018 Free Software Foundation, Inc. # Copyright (C) 1997-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -141,7 +141,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]]) Usually this means the macro was only invoked conditionally.]])
fi])]) fi])])
# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Copyright (C) 1999-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -332,7 +332,7 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*- # Generate code to set up dependency tracking. -*- Autoconf -*-
# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Copyright (C) 1999-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -371,7 +371,9 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
done done
if test $am_rc -ne 0; then if test $am_rc -ne 0; then
AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the for automatic dependency tracking. If GNU make was not used, consider
re-running the configure script with MAKE="gmake" (or whatever is
necessary). You can also try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build '--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).]) the package (albeit without support for automatic dependency tracking).])
fi fi
@ -398,7 +400,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
# Do all the work for Automake. -*- Autoconf -*- # Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc. # Copyright (C) 1996-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -595,7 +597,7 @@ for _am_header in $config_headers :; do
done done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -616,7 +618,7 @@ if test x"${install_sh+set}" != xset; then
fi fi
AC_SUBST([install_sh])]) AC_SUBST([install_sh])])
# Copyright (C) 2003-2018 Free Software Foundation, Inc. # Copyright (C) 2003-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -637,7 +639,7 @@ AC_SUBST([am__leading_dot])])
# Check to see how 'make' treats includes. -*- Autoconf -*- # Check to see how 'make' treats includes. -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -680,7 +682,7 @@ AC_SUBST([am__quote])])
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
# Copyright (C) 1997-2018 Free Software Foundation, Inc. # Copyright (C) 1997-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -719,7 +721,7 @@ fi
# Helper functions for option handling. -*- Autoconf -*- # Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -748,7 +750,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION], AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Copyright (C) 1999-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -795,7 +797,7 @@ AC_LANG_POP([C])])
# For backward compatibility. # For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -814,7 +816,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*- # Check to make sure that the build environment is sane. -*- Autoconf -*-
# Copyright (C) 1996-2018 Free Software Foundation, Inc. # Copyright (C) 1996-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -895,7 +897,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file rm -f conftest.file
]) ])
# Copyright (C) 2009-2018 Free Software Foundation, Inc. # Copyright (C) 2009-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -955,7 +957,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl _AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
]) ])
# Copyright (C) 2001-2018 Free Software Foundation, Inc. # Copyright (C) 2001-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -983,7 +985,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])]) AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006-2018 Free Software Foundation, Inc. # Copyright (C) 2006-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -1002,7 +1004,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*- # Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004-2018 Free Software Foundation, Inc. # Copyright (C) 2004-2020 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,

View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Copyright (C) 1999-2020 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>. # Written by Tom Tromey <tromey@cygnus.com>.
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
@ -53,7 +53,7 @@ func_file_conv ()
MINGW*) MINGW*)
file_conv=mingw file_conv=mingw
;; ;;
CYGWIN*) CYGWIN* | MSYS*)
file_conv=cygwin file_conv=cygwin
;; ;;
*) *)
@ -67,7 +67,7 @@ func_file_conv ()
mingw/*) mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;; ;;
cygwin/*) cygwin/* | msys/*)
file=`cygpath -m "$file" || echo "$file"` file=`cygpath -m "$file" || echo "$file"`
;; ;;
wine/*) wine/*)

24
configure vendored
View file

@ -1,6 +1,6 @@
#! /bin/sh #! /bin/sh
# Guess values for system-dependent variables and create Makefiles. # Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for tinc 1.0.35. # Generated by GNU Autoconf 2.69 for tinc 1.0.36.
# #
# #
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@ -577,8 +577,8 @@ MAKEFLAGS=
# Identity of this package. # Identity of this package.
PACKAGE_NAME='tinc' PACKAGE_NAME='tinc'
PACKAGE_TARNAME='tinc' PACKAGE_TARNAME='tinc'
PACKAGE_VERSION='1.0.35' PACKAGE_VERSION='1.0.36'
PACKAGE_STRING='tinc 1.0.35' PACKAGE_STRING='tinc 1.0.36'
PACKAGE_BUGREPORT='' PACKAGE_BUGREPORT=''
PACKAGE_URL='' PACKAGE_URL=''
@ -1321,7 +1321,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing. # Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh. # This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF cat <<_ACEOF
\`configure' configures tinc 1.0.35 to adapt to many kinds of systems. \`configure' configures tinc 1.0.36 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]... Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1392,7 +1392,7 @@ fi
if test -n "$ac_init_help"; then if test -n "$ac_init_help"; then
case $ac_init_help in case $ac_init_help in
short | recursive ) echo "Configuration of tinc 1.0.35:";; short | recursive ) echo "Configuration of tinc 1.0.36:";;
esac esac
cat <<\_ACEOF cat <<\_ACEOF
@ -1509,7 +1509,7 @@ fi
test -n "$ac_init_help" && exit $ac_status test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then if $ac_init_version; then
cat <<\_ACEOF cat <<\_ACEOF
tinc configure 1.0.35 tinc configure 1.0.36
generated by GNU Autoconf 2.69 generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc. Copyright (C) 2012 Free Software Foundation, Inc.
@ -1974,7 +1974,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake. running configure, to aid debugging if configure makes a mistake.
It was created by tinc $as_me 1.0.35, which was It was created by tinc $as_me 1.0.36, which was
generated by GNU Autoconf 2.69. Invocation command line was generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@ $ $0 $@
@ -2838,7 +2838,7 @@ fi
# Define the identity of the package. # Define the identity of the package.
PACKAGE='tinc' PACKAGE='tinc'
VERSION='1.0.35' VERSION='1.0.36'
cat >>confdefs.h <<_ACEOF cat >>confdefs.h <<_ACEOF
@ -7333,7 +7333,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their # report actual input values of CONFIG_FILES etc. instead of their
# values after options handling. # values after options handling.
ac_log=" ac_log="
This file was extended by tinc $as_me 1.0.35, which was This file was extended by tinc $as_me 1.0.36, which was
generated by GNU Autoconf 2.69. Invocation command line was generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES CONFIG_FILES = $CONFIG_FILES
@ -7399,7 +7399,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\ ac_cs_version="\\
tinc config.status 1.0.35 tinc config.status 1.0.36
configured by $0, generated by GNU Autoconf 2.69, configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\" with options \\"\$ac_cs_config\\"
@ -8211,7 +8211,9 @@ $as_echo X/"$am_mf" |
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
as_fn_error $? "Something went wrong bootstrapping makefile fragments as_fn_error $? "Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. Try re-running configure with the for automatic dependency tracking. If GNU make was not used, consider
re-running the configure script with MAKE=\"gmake\" (or whatever is
necessary). You can also try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build '--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking). the package (albeit without support for automatic dependency tracking).
See \`config.log' for more details" "$LINENO" 5; } See \`config.log' for more details" "$LINENO" 5; }

View file

@ -1,7 +1,7 @@
dnl Process this file with autoconf to produce a configure script. dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61) AC_PREREQ(2.61)
AC_INIT([tinc], [1.0.35]) AC_INIT([tinc], [1.0.36])
AC_CONFIG_SRCDIR([src/tincd.c]) AC_CONFIG_SRCDIR([src/tincd.c])
AM_INIT_AUTOMAKE([1.11 check-news std-options subdir-objects nostdinc silent-rules -Wall]) AM_INIT_AUTOMAKE([1.11 check-news std-options subdir-objects nostdinc silent-rules -Wall])
AC_CONFIG_HEADERS([config.h]) AC_CONFIG_HEADERS([config.h])
@ -237,7 +237,7 @@ AC_ARG_ENABLE(jumbograms,
] ]
) )
dnl Ensure runstatedir is set if we are using a version of autoconf that does not suppport it dnl Ensure runstatedir is set if we are using a version of autoconf that does not support it
if test "x$runstatedir" = "x"; then if test "x$runstatedir" = "x"; then
AC_SUBST([runstatedir], ['${localstatedir}/run']) AC_SUBST([runstatedir], ['${localstatedir}/run'])
fi fi

14
debian/changelog vendored
View file

@ -1,3 +1,17 @@
tinc (1.0.36-2) unstable; urgency=medium
* Disable support for libvdeplug. Closes: #973233
-- Guus Sliepen <guus@debian.org> Sun, 22 Nov 2020 10:40:27 +0100
tinc (1.0.36-1) unstable; urgency=medium
* New upstream version 1.0.36
* Add Vcs tags to debian/control.
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Mon, 26 Aug 2019 14:17:21 +0200
tinc (1.0.35-2) unstable; urgency=medium tinc (1.0.35-2) unstable; urgency=medium
* Bump Standards-Version and Build-Depend on debhelper-compat (= 12). * Bump Standards-Version and Build-Depend on debhelper-compat (= 12).

6
debian/control vendored
View file

@ -2,9 +2,11 @@ Source: tinc
Section: net Section: net
Priority: optional Priority: optional
Maintainer: Guus Sliepen <guus@debian.org> Maintainer: Guus Sliepen <guus@debian.org>
Standards-Version: 4.3.0 Standards-Version: 4.4.0
Build-Depends: libssl-dev, debhelper-compat (= 12), gettext, texinfo, zlib1g-dev, liblzo2-dev, libvdeplug-dev Build-Depends: libssl-dev, debhelper-compat (= 12), gettext, texinfo, zlib1g-dev, liblzo2-dev
Homepage: http://www.tinc-vpn.org/ Homepage: http://www.tinc-vpn.org/
Vcs-Browser: https://salsa.debian.org/guus/tinc
Vcs-Git: https://salsa.debian.org/guus/tinc.git
Rules-Requires-Root: no Rules-Requires-Root: no
Package: tinc Package: tinc

2
debian/rules vendored
View file

@ -8,7 +8,7 @@ override_dh_clean:
rm -f doc/tinc.info rm -f doc/tinc.info
override_dh_auto_configure: override_dh_auto_configure:
dh_auto_configure -- --enable-uml --enable-vde --with-systemd=/lib/systemd/system --runstatedir=/run dh_auto_configure -- --enable-uml --with-systemd=/lib/systemd/system --runstatedir=/run
override_dh_auto_install: override_dh_auto_install:
dh_auto_install -- install-html dh_auto_install -- install-html

View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Copyright (C) 1999-2020 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,

File diff suppressed because it is too large Load diff

View file

@ -1,14 +1,14 @@
This is tinc.info, produced by makeinfo version 6.5 from tinc.texi. This is tinc.info, produced by makeinfo version 6.7 from tinc.texi.
INFO-DIR-SECTION Networking tools INFO-DIR-SECTION Networking tools
START-INFO-DIR-ENTRY START-INFO-DIR-ENTRY
* tinc: (tinc). The tinc Manual. * tinc: (tinc). The tinc Manual.
END-INFO-DIR-ENTRY END-INFO-DIR-ENTRY
This is the info manual for tinc version 1.0.35, a Virtual Private This is the info manual for tinc version 1.0.36, a Virtual Private
Network daemon. Network daemon.
Copyright (C) 1998-2018 Ivo Timmermans, Guus Sliepen Copyright (C) 1998-2019 Ivo Timmermans, Guus Sliepen
<guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>. <guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>.
Permission is granted to make and distribute verbatim copies of this Permission is granted to make and distribute verbatim copies of this
@ -117,10 +117,10 @@ for both the receiving and sending end, it has become largely
runtime-configurable--in short, it has become a full-fledged runtime-configurable--in short, it has become a full-fledged
professional package. professional package.
Tinc also allows more than two sites to connect to eachother and form Tinc also allows more than two sites to connect to each other and
a single VPN. Traditionally VPNs are created by making tunnels, which form a single VPN. Traditionally VPNs are created by making tunnels,
only have two endpoints. Larger VPNs with more sites are created by which only have two endpoints. Larger VPNs with more sites are created
adding more tunnels. Tinc takes another approach: only endpoints are by adding more tunnels. Tinc takes another approach: only endpoints are
specified, the software itself will take care of creating the tunnels. specified, the software itself will take care of creating the tunnels.
This allows for easier configuration and improved scalability. This allows for easier configuration and improved scalability.
@ -791,13 +791,13 @@ DeviceType = <TYPE> (platform dependent)
uml (not compiled in by default) uml (not compiled in by default)
Create a UNIX socket with the filename specified by DEVICE, or Create a UNIX socket with the filename specified by DEVICE, or
'/var/run/NETNAME.umlsocket' if not specified. Tinc will wait '/run/NETNAME.umlsocket' if not specified. Tinc will wait for
for a User Mode Linux instance to connect to this socket. a User Mode Linux instance to connect to this socket.
vde (not compiled in by default) vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual Uses the libvdeplug library to connect to a Virtual
Distributed Ethernet switch, using the UNIX socket specified Distributed Ethernet switch, using the UNIX socket specified
by DEVICE, or '/var/run/vde.ctl' if not specified. by DEVICE, or '/run/vde.ctl' if not specified.
Also, in case tinc does not seem to correctly interpret packets Also, in case tinc does not seem to correctly interpret packets
received from the virtual network device, it can be used to change received from the virtual network device, it can be used to change
@ -1597,7 +1597,7 @@ command line options.
'/var/log/tinc.NETNAME.log'. '/var/log/tinc.NETNAME.log'.
'--pidfile=FILE' '--pidfile=FILE'
Write PID to FILE instead of '/var/run/tinc.NETNAME.pid'. Write PID to FILE instead of '/run/tinc.NETNAME.pid'.
'--bypass-security' '--bypass-security'
Disables encryption and authentication. Only useful for debugging. Disables encryption and authentication. Only useful for debugging.
@ -2278,7 +2278,7 @@ address these issues in tinc 2.0.
Cryptography is a hard thing to get right. We cannot make any Cryptography is a hard thing to get right. We cannot make any
guarantees. Time, review and feedback are the only things that can guarantees. Time, review and feedback are the only things that can
prove the security of any cryptographic product. If you wish to review prove the security of any cryptographic product. If you wish to review
tinc or give us feedback, you are stronly encouraged to do so. tinc or give us feedback, you are strongly encouraged to do so.
 
File: tinc.info, Node: Platform specific information, Next: About us, Prev: Technical information, Up: Top File: tinc.info, Node: Platform specific information, Next: About us, Prev: Technical information, Up: Top
@ -2720,66 +2720,71 @@ Node: Top806
Node: Introduction1105 Node: Introduction1105
Node: Virtual Private Networks1915 Node: Virtual Private Networks1915
Node: tinc3639 Node: tinc3639
Node: Supported platforms5166 Node: Supported platforms5167
Node: Preparations5867 Node: Preparations5868
Node: Configuring the kernel6123 Node: Configuring the kernel6124
Node: Configuration of Linux kernels6533 Node: Configuration of Linux kernels6534
Node: Configuration of FreeBSD kernels7388 Node: Configuration of FreeBSD kernels7389
Node: Configuration of OpenBSD kernels7853 Node: Configuration of OpenBSD kernels7854
Node: Configuration of NetBSD kernels8210 Node: Configuration of NetBSD kernels8211
Node: Configuration of Solaris kernels8615 Node: Configuration of Solaris kernels8616
Node: Configuration of Darwin (Mac OS X) kernels9278 Node: Configuration of Darwin (Mac OS X) kernels9279
Node: Configuration of Windows10097 Node: Configuration of Windows10098
Node: Libraries10637 Node: Libraries10638
Node: LibreSSL/OpenSSL11046 Node: LibreSSL/OpenSSL11047
Node: zlib13588 Node: zlib13589
Node: lzo14617 Node: lzo14618
Node: Installation15600 Node: Installation15601
Node: Building and installing tinc16510 Node: Building and installing tinc16511
Node: Darwin (Mac OS X) build environment17170 Node: Darwin (Mac OS X) build environment17171
Node: Cygwin (Windows) build environment17735 Node: Cygwin (Windows) build environment17736
Node: MinGW (Windows) build environment18324 Node: MinGW (Windows) build environment18325
Node: System files18918 Node: System files18919
Node: Device files19183 Node: Device files19184
Node: Other files19599 Node: Other files19600
Node: Configuration20212 Node: Configuration20213
Node: Configuration introduction20523 Node: Configuration introduction20524
Node: Multiple networks21791 Node: Multiple networks21792
Node: How connections work23217 Node: How connections work23218
Node: Configuration files24439 Node: Configuration files24440
Node: Main configuration variables25933 Node: Main configuration variables25934
Node: Host configuration variables42189 Node: Host configuration variables42182
Node: Scripts47721 Node: Scripts47714
Node: How to configure50987 Node: How to configure50980
Node: Generating keypairs52245 Node: Generating keypairs52238
Node: Network interfaces52744 Node: Network interfaces52737
Node: Example configuration54592 Node: Example configuration54585
Node: Running tinc59917 Node: Running tinc59910
Node: Runtime options60507 Node: Runtime options60500
Node: Signals64136 Node: Signals64125
Node: Debug levels65327 Node: Debug levels65316
Node: Solving problems66263 Node: Solving problems66252
Node: Error messages67815 Node: Error messages67804
Node: Sending bug reports71824 Node: Sending bug reports71813
Node: Technical information72771 Node: Technical information72760
Node: The connection73002 Node: The connection72991
Node: The UDP tunnel73314 Node: The UDP tunnel73303
Node: The meta-connection76366 Node: The meta-connection76355
Node: The meta-protocol77835 Node: The meta-protocol77824
Node: Security82852 Node: Security82841
Node: Authentication protocol83994 Node: Authentication protocol83983
Node: Encryption of network packets89039 Node: Encryption of network packets89028
Node: Security issues90415 Node: Security issues90404
Node: Platform specific information92054 Node: Platform specific information92044
Node: Interface configuration92314 Node: Interface configuration92304
Node: Routes94610 Node: Routes94600
Node: Automatically starting tinc96660 Node: Automatically starting tinc96650
Node: Linux96883 Node: Linux96873
Node: Windows98104 Node: Windows98094
Node: Other platforms98609 Node: Other platforms98599
Node: About us98891 Node: About us98881
Node: Contact information99066 Node: Contact information99056
Node: Authors99469 Node: Authors99459
Node: Concept Index99874 Node: Concept Index99864
 
End Tag Table End Tag Table

Local Variables:
coding: utf-8
End:

View file

@ -15,7 +15,7 @@
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2018 Ivo Timmermans, Copyright @copyright{} 1998-2019 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>. Wessel Dankers <wsl@@tinc-vpn.org>.
@ -39,7 +39,7 @@ permission notice identical to this one.
@vskip 0pt plus 1filll @vskip 0pt plus 1filll
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon. This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2018 Ivo Timmermans, Copyright @copyright{} 1998-2019 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>. Wessel Dankers <wsl@@tinc-vpn.org>.
@ -2433,7 +2433,7 @@ We will address these issues in tinc 2.0.
Cryptography is a hard thing to get right. We cannot make any Cryptography is a hard thing to get right. We cannot make any
guarantees. Time, review and feedback are the only things that can guarantees. Time, review and feedback are the only things that can
prove the security of any cryptographic product. If you wish to review prove the security of any cryptographic product. If you wish to review
tinc or give us feedback, you are stronly encouraged to do so. tinc or give us feedback, you are strongly encouraged to do so.
@c ================================================================== @c ==================================================================

View file

@ -1,5 +1,5 @@
@set VERSION 1.0.35 @set VERSION 1.0.36
@set PACKAGE tinc @set PACKAGE tinc
@set sysconfdir /etc @set sysconfdir /etc
@set localstatedir /var @set localstatedir /var
@set runstatedir /var/run @set runstatedir /run

View file

@ -451,7 +451,18 @@ do
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name. # Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && (umask $cp_umask &&
{ test -z "$stripcmd" || {
# Create $dsttmp read-write so that cp doesn't create it read-only,
# which would cause strip to fail.
if test -z "$doit"; then
: >"$dsttmp" # No need to fork-exec 'touch'.
else
$doit touch "$dsttmp"
fi
}
} &&
$doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits. # and set any options; do chmod last to preserve setuid bits.
# #

View file

@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2018 Free Software Foundation, Inc. # Copyright (C) 1996-2020 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. # Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,

View file

@ -467,9 +467,14 @@ static void disable_old_keys(const char *filename) {
return; return;
} }
snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename); int len = snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename);
if(len < 0 || len >= PATH_MAX) {
fprintf(stderr, "Pathname too long: %s.tmp\n", filename);
w = NULL;
} else {
w = fopen(tmpfile, "w"); w = fopen(tmpfile, "w");
}
while(fgets(buf, sizeof(buf), r)) { while(fgets(buf, sizeof(buf), r)) {
if(!strncmp(buf, "-----BEGIN RSA", 14)) { if(!strncmp(buf, "-----BEGIN RSA", 14)) {

View file

@ -96,13 +96,13 @@ void free_connection_partially(connection_t *c) {
c->outbudget = 0; c->outbudget = 0;
if(c->inctx) { if(c->inctx) {
EVP_CIPHER_CTX_cleanup(c->inctx); EVP_CIPHER_CTX_reset(c->inctx);
free(c->inctx); free(c->inctx);
c->inctx = NULL; c->inctx = NULL;
} }
if(c->outctx) { if(c->outctx) {
EVP_CIPHER_CTX_cleanup(c->outctx); EVP_CIPHER_CTX_reset(c->outctx);
free(c->outctx); free(c->outctx);
c->outctx = NULL; c->outctx = NULL;
} }

View file

@ -24,6 +24,10 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define EVP_CIPHER_CTX_reset(c) EVP_CIPHER_CTX_cleanup(c)
#endif
#include "avl_tree.h" #include "avl_tree.h"
#define OPTION_INDIRECT 0x0001 #define OPTION_INDIRECT 0x0001

View file

@ -360,13 +360,13 @@ void dump_graph(void) {
/* dump all nodes first */ /* dump all nodes first */
for(node = node_tree->head; node; node = node->next) { for(node = node_tree->head; node; node = node->next) {
n = node->data; n = node->data;
fprintf(file, " %s [label = \"%s\"];\n", n->name, n->name); fprintf(file, " \"%s\" [label = \"%s\"];\n", n->name, n->name);
} }
/* now dump all edges */ /* now dump all edges */
for(node = edge_weight_tree->head; node; node = node->next) { for(node = edge_weight_tree->head; node; node = node->next) {
e = node->data; e = node->data;
fprintf(file, " %s -> %s;\n", e->from->name, e->to->name); fprintf(file, " \"%s\" -> \"%s\";\n", e->from->name, e->to->name);
} }
fprintf(file, "}\n"); fprintf(file, "}\n");

View file

@ -27,6 +27,7 @@
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/bn.h>
#include "avl_tree.h" #include "avl_tree.h"
#include "conf.h" #include "conf.h"

View file

@ -581,7 +581,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et
ifdebug(TRAFFIC) logger(LOG_INFO, "Fragmenting packet of %d bytes to %s (%s)", packet->len, dest->name, dest->hostname); ifdebug(TRAFFIC) logger(LOG_INFO, "Fragmenting packet of %d bytes to %s (%s)", packet->len, dest->name, dest->hostname);
offset = packet->data + ether_size + ip_size; offset = packet->data + ether_size + ip_size;
maxlen = (dest->mtu - ether_size - ip_size) & ~0x7; maxlen = (MAX(dest->mtu, 590) - ether_size - ip_size) & ~0x7;
ip_off = ntohs(ip.ip_off); ip_off = ntohs(ip.ip_off);
origf = ip_off & ~IP_OFFMASK; origf = ip_off & ~IP_OFFMASK;
ip_off &= IP_OFFMASK; ip_off &= IP_OFFMASK;

View file

@ -1,6 +1,6 @@
/* /*
subnet.c -- handle subnet lookups and lists subnet.c -- handle subnet lookups and lists
Copyright (C) 2000-2014 Guus Sliepen <guus@tinc-vpn.org>, Copyright (C) 2000-2019 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans 2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
@ -205,177 +205,162 @@ void subnet_del(node_t *n, subnet_t *subnet) {
/* Ascii representation of subnets */ /* Ascii representation of subnets */
bool str2net(subnet_t *subnet, const char *subnetstr) { bool str2net(subnet_t *subnet, const char *subnetstr) {
int i, l; char str[1024];
uint16_t x[8]; strncpy(str, subnetstr, sizeof(str));
str[sizeof(str) - 1] = 0;
int consumed;
int weight = 10; int weight = 10;
char *weight_separator = strchr(str, '#');
if(sscanf(subnetstr, "%hu.%hu.%hu.%hu/%d#%d", if(weight_separator) {
&x[0], &x[1], &x[2], &x[3], &l, &weight) >= 5) { char *weight_str = weight_separator + 1;
if(l < 0 || l > 32) {
if(sscanf(weight_str, "%d%n", &weight, &consumed) < 1) {
return false; return false;
} }
subnet->type = SUBNET_IPV4; if(weight_str[consumed]) {
subnet->net.ipv4.prefixlength = l;
subnet->weight = weight;
for(i = 0; i < 4; i++) {
if(x[i] > 255) {
return false; return false;
} }
subnet->net.ipv4.address.x[i] = x[i]; *weight_separator = 0;
} }
return true; int prefixlength = -1;
} char *prefixlength_separator = strchr(str, '/');
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%d#%d", if(prefixlength_separator) {
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], char *prefixlength_str = prefixlength_separator + 1;
&l, &weight) >= 9) {
if(l < 0 || l > 128) { if(sscanf(prefixlength_str, "%d%n", &prefixlength, &consumed) < 1) {
return false; return false;
} }
subnet->type = SUBNET_IPV6; if(prefixlength_str[consumed]) {
subnet->net.ipv6.prefixlength = l;
subnet->weight = weight;
for(i = 0; i < 8; i++) {
subnet->net.ipv6.address.x[i] = htons(x[i]);
}
return true;
}
if(sscanf(subnetstr, "%hu.%hu.%hu.%hu#%d", &x[0], &x[1], &x[2], &x[3], &weight) >= 4) {
subnet->type = SUBNET_IPV4;
subnet->net.ipv4.prefixlength = 32;
subnet->weight = weight;
for(i = 0; i < 4; i++) {
if(x[i] > 255) {
return false; return false;
} }
subnet->net.ipv4.address.x[i] = x[i]; *prefixlength_separator = 0;
if(prefixlength < 0) {
return false;
}
} }
return true; uint16_t x[8];
if(sscanf(str, "%hx:%hx:%hx:%hx:%hx:%hx%n", &x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &consumed) >= 6 && !str[consumed]) {
/*
Normally we should check that each part has two digits to prevent ambiguities.
However, in old tinc versions net2str() will aggressively return MAC addresses with one-digit parts,
so we have to accept them otherwise we would be unable to parse ADD_SUBNET messages.
*/
if(prefixlength >= 0) {
return false;
} }
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx#%d",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], &weight) >= 8) {
subnet->type = SUBNET_IPV6;
subnet->net.ipv6.prefixlength = 128;
subnet->weight = weight;
for(i = 0; i < 8; i++) {
subnet->net.ipv6.address.x[i] = htons(x[i]);
}
return true;
}
if(sscanf(subnetstr, "%hx:%hx:%hx:%hx:%hx:%hx#%d",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &weight) >= 6) {
subnet->type = SUBNET_MAC; subnet->type = SUBNET_MAC;
subnet->weight = weight; subnet->weight = weight;
for(i = 0; i < 6; i++) { for(int i = 0; i < 6; i++) {
subnet->net.mac.address.x[i] = x[i]; subnet->net.mac.address.x[i] = x[i];
} }
return true; return true;
} }
// IPv6 short form if(sscanf(str, "%hu.%hu.%hu.%hu%n", &x[0], &x[1], &x[2], &x[3], &consumed) >= 4 && !str[consumed]) {
if(strstr(subnetstr, "::")) { if(prefixlength == -1) {
const char *p; prefixlength = 32;
char *q;
int colons = 0;
// Count number of colons
for(p = subnetstr; *p; p++)
if(*p == ':') {
colons++;
} }
if(colons > 7) { if(prefixlength > 32) {
return false; return false;
} }
// Scan numbers before the double colon subnet->type = SUBNET_IPV4;
p = subnetstr; subnet->net.ipv4.prefixlength = prefixlength;
subnet->weight = weight;
for(i = 0; i < colons; i++) { for(int i = 0; i < 4; i++) {
if(*p == ':') { if(x[i] > 255) {
break;
}
x[i] = strtoul(p, &q, 0x10);
if(!q || p == q || *q != ':') {
return false; return false;
} }
p = ++q; subnet->net.ipv4.address.x[i] = x[i];
} }
p++; return true;
colons -= i;
if(!i) {
p++;
colons--;
} }
if(!*p || *p == '/' || *p == '#') { /* IPv6 */
colons--;
}
// Fill in the blanks char *last_colon = strrchr(str, ':');
for(; i < 8 - colons; i++) {
x[i] = 0;
}
// Scan the remaining numbers if(last_colon && sscanf(last_colon, ":%hu.%hu.%hu.%hu%n", &x[0], &x[1], &x[2], &x[3], &consumed) >= 4 && !last_colon[consumed]) {
for(; i < 8; i++) { /* Dotted quad suffix notation, convert to standard IPv6 notation */
x[i] = strtoul(p, &q, 0x10); for(int i = 0; i < 4; i++)
if(x[i] > 255) {
if(!q || p == q) {
return false; return false;
} }
if(i == 7) { snprintf(last_colon, sizeof(str) - (last_colon - str), ":%02x%02x:%02x%02x", x[0], x[1], x[2], x[3]);
p = q;
break;
} }
if(*q != ':') { char *double_colon = strstr(str, "::");
if(double_colon) {
/* Figure out how many zero groups we need to expand */
int zero_group_count = 8;
for(const char *cur = str; *cur; cur++)
if(*cur != ':') {
zero_group_count--;
while(cur[1] && cur[1] != ':') {
cur++;
}
}
if(zero_group_count < 1) {
return false; return false;
} }
p = ++q; /* Split the double colon in the middle to make room for zero groups */
double_colon++;
memmove(double_colon + (zero_group_count * 2 - 1), double_colon, strlen(double_colon) + 1);
/* Write zero groups in the resulting gap, overwriting the second colon */
for(int i = 0; i < zero_group_count; i++) {
memcpy(&double_colon[i * 2], "0:", 2);
} }
l = 128; /* Remove any leading or trailing colons */
if(str[0] == ':') {
if(*p == '/') { memmove(&str[0], &str[1], strlen(&str[1]) + 1);
sscanf(p, "/%d#%d", &l, &weight);
} else if(*p == '#') {
sscanf(p, "#%d", &weight);
} }
if(l < 0 || l > 128) { if(str[strlen(str) - 1] == ':') {
str[strlen(str) - 1] = 0;
}
}
if(sscanf(str, "%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx%n",
&x[0], &x[1], &x[2], &x[3], &x[4], &x[5], &x[6], &x[7], &consumed) >= 8 && !str[consumed]) {
if(prefixlength == -1) {
prefixlength = 128;
}
if(prefixlength > 128) {
return false; return false;
} }
subnet->type = SUBNET_IPV6; subnet->type = SUBNET_IPV6;
subnet->net.ipv6.prefixlength = l; subnet->net.ipv6.prefixlength = prefixlength;
subnet->weight = weight; subnet->weight = weight;
for(i = 0; i < 8; i++) { for(int i = 0; i < 8; i++) {
subnet->net.ipv6.address.x[i] = htons(x[i]); subnet->net.ipv6.address.x[i] = htons(x[i]);
} }

View file

@ -1,7 +1,7 @@
/* /*
tincd.c -- the main file for tincd tincd.c -- the main file for tincd
Copyright (C) 1998-2005 Ivo Timmermans Copyright (C) 1998-2005 Ivo Timmermans
2000-2018 Guus Sliepen <guus@tinc-vpn.org> 2000-2019 Guus Sliepen <guus@tinc-vpn.org>
2008 Max Rijevski <maksuf@gmail.com> 2008 Max Rijevski <maksuf@gmail.com>
2009 Michael Tokarev <mjt@tls.msk.ru> 2009 Michael Tokarev <mjt@tls.msk.ru>
2010 Julien Muchembled <jm@jmuchemb.eu> 2010 Julien Muchembled <jm@jmuchemb.eu>
@ -37,7 +37,10 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h> #include <openssl/engine.h>
#endif
#include <openssl/bn.h>
#ifdef HAVE_LZO #ifdef HAVE_LZO
#include LZO1X_H #include LZO1X_H
@ -651,7 +654,7 @@ int main(int argc, char **argv) {
if(show_version) { if(show_version) {
printf("%s version %s\n", PACKAGE, VERSION); printf("%s version %s\n", PACKAGE, VERSION);
printf("Copyright (C) 1998-2018 Ivo Timmermans, Guus Sliepen and others.\n" printf("Copyright (C) 1998-2019 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n" "See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n" "tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n" "and you are welcome to redistribute it under certain conditions;\n"
@ -685,17 +688,14 @@ int main(int argc, char **argv) {
init_configuration(&config_tree); init_configuration(&config_tree);
/* Slllluuuuuuurrrrp! */ #ifndef OPENSSL_NO_ENGINE
if(RAND_load_file("/dev/urandom", 1024) != 1024) {
logger(LOG_ERR, "Error initializing RNG!");
return 1;
}
ENGINE_load_builtin_engines(); ENGINE_load_builtin_engines();
ENGINE_register_all_complete(); ENGINE_register_all_complete();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
#endif
if(generate_keys) { if(generate_keys) {
read_server_config(); read_server_config();
@ -814,9 +814,13 @@ end:
free(priority); free(priority);
#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_cleanup(); EVP_cleanup();
ERR_free_strings(); ERR_free_strings();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup(); ENGINE_cleanup();
#endif
#endif
exit_configuration(&config_tree); exit_configuration(&config_tree);
list_delete_list(cmdline_conf); list_delete_list(cmdline_conf);

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.16.1 from Makefile.am. # Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994-2018 Free Software Foundation, Inc. # Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation # This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,