Compare commits

...

86 commits

Author SHA1 Message Date
Guus Sliepen
c14863878e Release 1.0.36-2 for unstable 2020-11-22 10:40:54 +01:00
Guus Sliepen
72c0b016d0 Disable support for livdeplug.
Closes: #973233
2020-11-22 10:40:00 +01:00
Guus Sliepen
464df78ca9 Release 1.0.36-1 for unstable 2019-08-26 14:20:47 +02:00
Guus Sliepen
32e725a2c0 Bump Standards-Version. 2019-08-26 14:15:02 +02:00
Guus Sliepen
038933e7fc Add Vcs tags to debian/control. 2019-08-26 14:00:57 +02:00
Guus Sliepen
6932380624 Update upstream source from tag 'upstream/1.0.36'
Update to upstream version '1.0.36'
with Debian dir 1c07c6f457
2019-08-26 13:52:00 +02:00
Guus Sliepen
10b8518c22 New upstream version 1.0.36 2019-08-26 13:52:00 +02:00
Guus Sliepen
b511a112e6 Import Upstream version 1.1~pre17 2019-08-26 13:44:53 +02:00
Guus Sliepen
bc8ca65653 Import Upstream version 1.1~pre15 2019-08-26 13:44:52 +02:00
Guus Sliepen
87cef22421 Import Upstream version 1.1~pre14-16-g15b868e 2019-08-26 13:44:52 +02:00
Guus Sliepen
aa10d88732 Import Upstream version 1.1~pre12 2019-08-26 13:44:52 +02:00
Guus Sliepen
1813f3157e Import Upstream version 1.1~pre11 2019-08-26 13:44:51 +02:00
Guus Sliepen
60cff3039b Import Upstream version 1.1~pre9 2019-08-26 13:44:51 +02:00
Guus Sliepen
f5c641f5cc Import Upstream version 1.1~pre8 2019-08-26 13:44:51 +02:00
Guus Sliepen
2ebbac3278 Import Upstream version 1.1~pre7 2019-08-26 13:44:50 +02:00
Guus Sliepen
26033edb96 Import Upstream version 1.1~pre6 2019-08-26 13:44:50 +02:00
Guus Sliepen
ff64081061 Import Upstream version 1.1~pre4 2019-08-26 13:44:50 +02:00
Guus Sliepen
36f0d3c816 Import Debian changes 1.0.35-2
tinc (1.0.35-2) unstable; urgency=medium

  * Bump Standards-Version and Build-Depend on debhelper-compat (= 12).
  * Remove calls to dh_installinit and dh_systemd_start from debian/rules,
    compat level 12 does the right thing by default.
  * Ensure we clean up doc/tinc.info.
2019-08-26 13:44:49 +02:00
Guus Sliepen
34d5939212 Import Upstream version 1.1~pre3 2019-08-26 13:44:49 +02:00
Guus Sliepen
ecd1f6f67a Import Debian changes 1.0.35-1
tinc (1.0.35-1) unstable; urgency=medium

  * New upstream release.
    - Includes fixes for CVE-2018-16737, CVE-2018-16738, CVE-2018-16758.
2019-08-26 13:44:49 +02:00
Guus Sliepen
02de1cd2f1 Import Upstream version 1.1~pre2 2019-08-26 13:44:49 +02:00
Guus Sliepen
a04a7bcd67 Import Upstream version 1.0.35 2019-08-26 13:44:49 +02:00
Guus Sliepen
f8e1f5a528 Import Debian changes 1.0.34-1
tinc (1.0.34-1) unstable; urgency=medium

  [ Guus Sliepen ]
  * New upstream release.
    - Fixes a potential segmentation fault when connecting to an IPv6
      peer via a proxy. Closes: #887401
  * Add support for the $EXTRA variable in /etc/default/tinc when using
    systemd. Closes: #887116

  [ Benda Xu ]
  * Prevent possible incorrect IPv6 checksums due to function inlining.
    Closes: #891400
2019-08-26 13:44:48 +02:00
Guus Sliepen
b28bb7b29b Import Upstream version 1.0.34 2019-08-26 13:44:48 +02:00
Guus Sliepen
66e86a419b Import Debian changes 1.0.33-1
tinc (1.0.33-1) unstable; urgency=medium

  * New upstream release.
  * Test for /etc/default/tinc before trying to source it. Closes: #777262
  * Use --runstatedir=/run.
2019-08-26 13:44:48 +02:00
Guus Sliepen
5969674c46 Import Upstream version 1.0.33 2019-08-26 13:44:48 +02:00
Guus Sliepen
ac78971aab Import Debian changes 1.0.32-1
tinc (1.0.32-1) unstable; urgency=medium

  * New upstream release.
  * Add a note to new nets.boot files that it is not used with systemd.
    Closes: #841052
  * In the post-down script, read the pid file only once. Closes: #832784
  * Explicitly use /bin/sleep from coreutils. Closes: #772379
  * Bump Standards-Version.
2019-08-26 13:44:48 +02:00
Guus Sliepen
e0e55285b8 Import Upstream version 1.0.32 2019-08-26 13:44:48 +02:00
Guus Sliepen
2989322746 Import Debian changes 1.0.31-1+deb9u1
tinc (1.0.31-1+deb9u1) stretch-security; urgency=high

  * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
  * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
2019-08-26 13:44:48 +02:00
Guus Sliepen
81ce06b6c9 Import Upstream version 1.0.31 2019-08-26 13:44:47 +02:00
Guus Sliepen
11d9efef1b Import Debian changes 1.0.31-1
tinc (1.0.31-1) unstable; urgency=medium

  * New upstream release.
  * Bump Standards-Version.
  * Bump debian/compat.
  * Add missing Depends: lsb-base.
2019-08-26 13:44:47 +02:00
Guus Sliepen
1077a20a8c Import Upstream version 1.0.29 2019-08-26 13:44:47 +02:00
Guus Sliepen
dcd38ec07d Import Debian changes 1.0.29-2
tinc (1.0.29-2) unstable; urgency=medium

  * Rebuild with libssl-dev from unstable.
2019-08-26 13:44:47 +02:00
Guus Sliepen
502cecde93 Import Debian changes 1.0.29-1
tinc (1.0.29-1) unstable; urgency=medium

  * New upstream release.
  * Bump debian/compat.
2019-08-26 13:44:47 +02:00
Guus Sliepen
e537caa7b1 Import Debian changes 1.0.28-1
tinc (1.0.28-1) unstable; urgency=medium

  * New upstream release.
    - Fixes FTBFS on kfreebsd.
  * Systemd service files are now provided by upstream.
2019-08-26 13:44:47 +02:00
Aron Xu
02fdd053f1 Import Debian changes 1.0.28-1~bpo8+1
tinc (1.0.28-1~bpo8+1) jessie-backports; urgency=medium

  * Rebuild for jessie-backports.

tinc (1.0.28-1) unstable; urgency=medium

  * New upstream release.
    - Fixes FTBFS on kfreebsd.
  * Systemd service files are now provided by upstream.
2019-08-26 13:44:47 +02:00
Guus Sliepen
d08a5d8f0b Import Upstream version 1.0.28 2019-08-26 13:44:46 +02:00
Guus Sliepen
a83439b023 Import Debian changes 1.0.27-2
tinc (1.0.27-2) unstable; urgency=medium

  * Fix tinc@.service.
2019-08-26 13:44:46 +02:00
Guus Sliepen
eed44cd331 Import Upstream version 1.0.27 2019-08-26 13:44:46 +02:00
Guus Sliepen
c167efd01b Import Debian changes 1.0.27-1
tinc (1.0.27-1) unstable; urgency=medium

  * New upstream release.
  * Bump Standards-Version.
  * Add native systemd unit files.
  * Automatically convert networks listed in nets.boot to systemd service
    instances on upgrade.
2019-08-26 13:44:46 +02:00
Guus Sliepen
088ed763df Import Debian changes 1.0.26-1
tinc (1.0.26-1) unstable; urgency=medium

  * New upstream release.
  * Use the contents, not the presence, of the pidfile to check that tincd is
    shut down properly. Closes: #774682
  * Bump Standards-Version.
2019-08-26 13:44:46 +02:00
Guus Sliepen
4d11e18342 Import Debian changes 1.0.24-2.1+deb8u1
tinc (1.0.24-2.1+deb8u1) jessie-security; urgency=medium

  * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
  * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
2019-08-26 13:44:46 +02:00
Micah Anderson
1e23c12b1d Import Debian changes 1.0.24-2.1
tinc (1.0.24-2.1) unstable; urgency=medium

  * NMU after getting go ahead from guus on #tinc
  * Add a -dbg package which contains the debugging symbols for tinc
    Thanks hark@puscii.nl (Closes: #752561)
2019-08-26 13:44:45 +02:00
Guus Sliepen
c0d04cc168 Import Debian changes 1.0.24-2
tinc (1.0.24-2) unstable; urgency=medium

  * Improve the init script: stopping tinc now waits for the process to
    terminate. If that doesn't happen in 5 seconds, it will send the TERM
    signal again (which helps if tinc is waiting for a script to finish
    executing). It now also detects whether the process mentioned in the PID
    file is actually running, and if not it will exit early and without
    warnings. Closes: #748107
2019-08-26 13:44:45 +02:00
Micah Anderson
a0bb9d443f Import Debian changes 1.0.24-2~bpo70+1
tinc (1.0.24-2~bpo70+1) wheezy-backports; urgency=medium

  * Backport to wheezy-backports.
  * Add myself to Uploaders.

tinc (1.0.24-2) unstable; urgency=medium

  * Improve the init script: stopping tinc now waits for the process to
    terminate. If that doesn't happen in 5 seconds, it will send the TERM
    signal again (which helps if tinc is waiting for a script to finish
    executing). It now also detects whether the process mentioned in the PID
    file is actually running, and if not it will exit early and without
    warnings. Closes: #748107
2019-08-26 13:44:45 +02:00
Guus Sliepen
cce24e0be4 Import Debian changes 1.0.24-1
tinc (1.0.24-1) unstable; urgency=medium

  [ Guus Sliepen ]
  * New upstream release
  * Add a debian/watch file.
  * Bump Standards-Version.

  [ Gian Piero Carrubba ]
  * Allow resource limits to be set in /etc/default/tinc.
    Closes: #690685, #704702
2019-08-26 13:44:45 +02:00
Guus Sliepen
e53cefdf85 Import Debian changes 1.0.23-2
tinc (1.0.23-2) unstable; urgency=low

  * Use if-statements instead of && in shell scripts. Closes: #731279
    The && operator does not clear the error status, and if the next statement
    in a shell script does not change the error status it would cause the
    script to prematurely exit. Thanks to Peter Reinholdtsen for spotting it.
  * Use absolute path to tincd in the if-post-down script.
2019-08-26 13:44:45 +02:00
Guus Sliepen
d7b49da4e6 Import Debian changes 1.0.23-1
tinc (1.0.23-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:44 +02:00
Guus Sliepen
c09679c3ba Import Debian changes 1.0.23-1~bpo70+1
tinc (1.0.23-1~bpo70+1) wheezy-backports; urgency=low

  * Rebuild for wheezy-backports.

tinc (1.0.23-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:44 +02:00
Guus Sliepen
854118c85f Import Debian changes 1.0.22-1
tinc (1.0.22-1) unstable; urgency=low

  * New upstream release.
    - Handles whitespace between command line flags and optional arguments.
      Closes: #710267
  * Bump Standards-Version.
  * Source /lib/lsb/init-functions in the init.d script.
  * Don't use texi2html anymore, use automake's install-html target which uses
    makeinfo.
2019-08-26 13:44:44 +02:00
Guus Sliepen
a7e5217cf7 Import Debian changes 1.0.22-1~bpo70+1
tinc (1.0.22-1~bpo70+1) wheezy-backports; urgency=low

  * Rebuilt for wheezy-backports.

tinc (1.0.22-1) unstable; urgency=low

  * New upstream release.
    - Handles whitespace between command line flags and optional arguments.
      Closes: #710267
  * Bump Standards-Version.
  * Source /lib/lsb/init-functions in the init.d script.
  * Don't use texi2html anymore, use automake's install-html target which uses
    makeinfo.
2019-08-26 13:44:44 +02:00
Guus Sliepen
e8daab5950 Import Debian changes 1.0.21-1
tinc (1.0.21-1) unstable; urgency=low

  * New upstream release.
    - Includes fix for CVE-2013-1428.
2019-08-26 13:44:43 +02:00
Guus Sliepen
6698135e07 Import Debian changes 1.0.19-3
tinc (1.0.19-3) unstable; urgency=high

  * Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
2019-08-26 13:44:43 +02:00
Michael Tokarev
4343b5a2fa Import Debian changes 1.0.19-3~bpo60+1
tinc (1.0.19-3~bpo60+1) squeeze-backports; urgency=high

  * Rebuild for squeeze-backports.
  * Build-depend on libvdeplug2-dev, not libvdeplug-dev,
    as it is how it is named in squeeze.

tinc (1.0.19-3) unstable; urgency=high

  * Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
2019-08-26 13:44:43 +02:00
Guus Sliepen
a797a94c81 Import Debian changes 1.0.19-2
tinc (1.0.19-2) unstable; urgency=low

  * Fix behaviour of tinc-pidfile. Closes: #679130
  * Enable parallel building in debian/rules.
2019-08-26 13:44:43 +02:00
Michael Tokarev
cc0493ea17 Import Debian changes 1.0.19-2~bpo60+1
tinc (1.0.19-2~bpo60+1) squeeze-backports; urgency=low

  * Rebuild for squeeze-backports.
  * Build-depend on libvdeplug2-dev, not libvdeplug-dev,
    as it is how it is named in squeeze.

tinc (1.0.19-2) unstable; urgency=low

  * Fix behaviour of tinc-pidfile. Closes: #679130
  * Enable parallel building in debian/rules.
2019-08-26 13:44:43 +02:00
Guus Sliepen
06acdce080 Import Debian changes 1.0.19-1
tinc (1.0.19-1) unstable; urgency=low

  * New upstream release.
  * Bump debian/compat so tinc gets built with hardening flags.
  * Allow tinc-pidfile in /etc/network/interfaces.
2019-08-26 13:44:42 +02:00
Guus Sliepen
8ce89f6ef0 Import Debian changes 1.0.18-1
tinc (1.0.18-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:42 +02:00
Michael Tokarev
c63e635d89 Import Debian changes 1.0.18-1~bpo60+1
tinc (1.0.18-1~bpo60+1) squeeze-backports; urgency=low

  * Rebuild for squeeze-backports.
  * Build-Depend on libvdeplug-dev | libvdeplug2-dev, to compensate
    for package rename in wheezy.

tinc (1.0.18-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:42 +02:00
Guus Sliepen
c078db2fd8 Import Debian changes 1.0.17-1
tinc (1.0.17-1) unstable; urgency=low

  * New upstream release.
  * Enable support for UML and VDE.
2019-08-26 13:44:42 +02:00
Guus Sliepen
94e6f906d5 Import Debian changes 1.0.16-1
tinc (1.0.16-1) unstable; urgency=low

  * New upstream release.
  * Mention alarm option in /etc/init.d/tinc's usage information.
    Closes: #631761
2019-08-26 13:44:41 +02:00
Michael Tokarev
5a84bb737c Import Debian changes 1.0.16-1~bpo60+1
tinc (1.0.16-1~bpo60+1) squeeze-backports; urgency=low

  * Rebuild for squeeze-backports, no changes.

tinc (1.0.16-1) unstable; urgency=low

  * New upstream release.
  * Mention alarm option in /etc/init.d/tinc's usage information.
    Closes: #631761
2019-08-26 13:44:41 +02:00
Guus Sliepen
2ad1dc3fd7 Import Debian changes 1.0.15-1
tinc (1.0.15-1) unstable; urgency=low

  * New upstream release.
  * Send SIGALRM to running tinc daemons whenever an interface is brought up
    with the ifupdown framework. Based on a patch from Joachim Breitner.
    Closes: #629880
  * Allow tinc daemons to be started using ifupdown.
2019-08-26 13:44:41 +02:00
Guus Sliepen
3f653aaa2d Import Debian changes 1.0.14-1
tinc (1.0.14-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version.
2019-08-26 13:44:41 +02:00
Guus Sliepen
f01c927470 Import Debian changes 1.0.14-1~bpo60+1
tinc (1.0.14-1~bpo60+1) squeeze-backports; urgency=low

  * Rebuild for squeeze-backports.

tinc (1.0.14-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version.
2019-08-26 13:44:40 +02:00
Guus Sliepen
dc781ea51d Import Debian changes 1.0.13-1+squeeze1
tinc (1.0.13-1+squeeze1) squeeze-security; urgency=high

  * Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
2019-08-26 13:44:40 +02:00
Guus Sliepen
0fd2ac248d Import Debian changes 1.0.13-1
tinc (1.0.13-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:40 +02:00
Guus Sliepen
2006358f32 Import Debian changes 1.0.13-1~bpo50
tinc (1.0.13-1~bpo50) lenny-backports; urgency=low

  * New upstream release.
2019-08-26 13:44:40 +02:00
Guus Sliepen
3cfe4d82fb Import Debian changes 1.0.12-2
tinc (1.0.12-2) unstable; urgency=low

  * Remove debconf questions. Closes: #572116
    Apparently debconf may not be used to ask a question at install time and
    use the answer at upgrade time. Instead of kludging around this
    restriction, no questions are asked anymore, and tinc will now always be
    restarted when upgrading.
  * Wait up to 5 seconds for tinc daemon to stop before restarting it.
2019-08-26 13:44:40 +02:00
Guus Sliepen
0dd8a42607 Import Debian changes 1.0.12-1
tinc (1.0.12-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version.
  * Migrate from CDBS to debhelper.
  * Convert source package to 3.0 (quilt) format.
  * Remove useless tinc.modules.
  * Use init.d script from Michael Tokarev, allowing per-network arguments to
    tincd.
  * Remove update-rc.d calls from postinst and postrm.
  * Let the init.d script depend on $remote_fs.
2019-08-26 13:44:39 +02:00
Guus Sliepen
08ed40f17e Import Debian changes 1.0.12-1~bpo50
tinc (1.0.12-1~bpo50) lenny-backports; urgency=low

  * New upstream release.
  * Keep debian/ from 1.0.11-1~bpo50.
  * Use init.d script from Michael Tokarev, allowing per-network arguments to
    tincd.
  * Let the init.d script depend on $remote_fs.

tinc (1.0.11-1~bpo50+1) lenny-backports; urgency=low

  * Rebuild for lenny-backports.
2019-08-26 13:44:39 +02:00
Guus Sliepen
7e336e415f Import Debian changes 1.0.11-1
tinc (1.0.11-1) unstable; urgency=low

  * New upstream release.
  * Cope with texi2html arbitrarily changing its output directory.
    Closes: #552927
  * Do not stop tinc when configuring a new version, just restart after
    the upgrade.
2019-08-26 13:44:39 +02:00
Guus Sliepen
b96e4c6b19 Import Debian changes 1.0.11-1~bpo50+1
tinc (1.0.11-1~bpo50+1) lenny-backports; urgency=low

  * Rebuild for lenny-backports.

tinc (1.0.11-1) unstable; urgency=low

  * New upstream release.
  * Cope with texi2html arbitrarily changing its output directory.
    Closes: #552927
  * Do not stop tinc when configuring a new version, just restart after
    the upgrade.
2019-08-26 13:44:39 +02:00
Guus Sliepen
445df16805 Import Debian changes 1.0.10-1
tinc (1.0.10-1) unstable; urgency=low

  * New upstream release.
  * Include Russian debconf translation. Closes: #548759
2019-08-26 13:44:38 +02:00
Guus Sliepen
4812d2eb3d Import Debian changes 1.0.9-1
tinc (1.0.9-1) unstable; urgency=low

  * New upstream release.
    - Binds IPv6 sockets only to IPv6. Closes: #440150
  * Update copyright file. Closes: #482566
2019-08-26 13:44:38 +02:00
Guus Sliepen
19f25e5e7d Import Debian changes 1.0.8-2
tinc (1.0.8-2) unstable; urgency=low

  * Include Portugese debconf translation. Closes: #434191
2019-08-26 13:44:38 +02:00
Guus Sliepen
74be525b2f Import Debian changes 1.0.8-1
tinc (1.0.8-1) unstable; urgency=low

  * New upstream release. Closes: #173987
  * Include german debconf translation. Closes: #412351
  * Build-Depend on texinfo. Closes: #424209
2019-08-26 13:44:38 +02:00
Guus Sliepen
be5fbb7e93 Import Debian changes 1.0.7-1
tinc (1.0.7-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:37 +02:00
Guus Sliepen
bcb4501d84 Import Debian changes 1.0.6-1
tinc (1.0.6-1) unstable; urgency=low

  * New upstream release.
2019-08-26 13:44:37 +02:00
Guus Sliepen
c473eb1653 Import Debian changes 1.0.5-1
tinc (1.0.5-1) unstable; urgency=low

  * New upstream release. Closes: #391610
  * Add an LSB section to the init script.
2019-08-26 13:44:37 +02:00
Guus Sliepen
2cb3185582 Import Debian changes 1.0.4-4
tinc (1.0.4-4) unstable; urgency=low

  * Include swedish debconf translation. Closes: #332963
  * Remove nets.boot on purge. Closes: #333303
2019-08-26 13:44:37 +02:00
Guus Sliepen
23459e1237 Import Debian changes 1.0.4-3
tinc (1.0.4-3) unstable; urgency=low

  * Depend on debconf | debconf-2.0.
  * Include vietnamese debconf translation. Closes: #322305
  * Include japanese debconf translation. Closes: #319591
2019-08-26 13:44:37 +02:00
Guus Sliepen
458d509a4f Import Debian changes 1.0.4-2
tinc (1.0.4-2) unstable; urgency=low

  * Compensate for change in texinfo's output directory. Closes: #318562
  * Include Czech translation of the debconf questions. Closes: #312982
2019-08-26 13:44:36 +02:00
Guus Sliepen
64f9c3df1b Import Debian changes 1.0.4-1
tinc (1.0.4-1) unstable; urgency=low

  * New upstream release. Closes: #294819
  * Update french translation of debconf template. Closes: #293371, #296148
  * Allow dashes in nets.boot. Closes: #296281
2019-08-26 13:44:36 +02:00
Guus Sliepen
6f5ff440c9 Import Debian changes 1.0.3-4
tinc (1.0.3-4) unstable; urgency=low

  * Call debconf early in postinst so it won't get confused by output
    from other commands in the postinst script. Closes: #292920
  * If MAKEDEV doesn't know about net/tun, fall back to tun.

tinc (1.0.3-3) unstable; urgency=low

  * Fix clean rule in debian/rules.

tinc (1.0.3-2) unstable; urgency=low

  * Don't check for /dev/tap* in postinst if we don't create them anyway.
  * MAKEDEV expects net/tun instead of tun.
  * Don't ask if /dev/net/tun should be created, just do it.
    Closes: #259489, #292450
  * Move $EXTRA from init.d/tinc to /etc/default/tinc. Closes: #281366

tinc (1.0.3-1) unstable; urgency=low

  * New upstream release.
  * Adopting the package from Ivo.
  * Use invoke-rc.d, and tell user to do so as well. Closes: #223276
  * Let force-reload do the same thing as reload. Closes: #230180

tinc (1.0.2-2) unstable; urgency=low

  * debian/control: Oops, really make that automake1.7.

tinc (1.0.2-1) unstable; urgency=low

  * New upstream release:
      * Fix broken replies to CHAL_RESP.  (Closes: #217646)
  * debian/control: Updated automake build dependency to automake1.7.
    (Closes: #219360)

tinc (1.0.1-2) unstable; urgency=low

  * debian/dirs: Removed, moved contents to tinc.dirs.
    (Closes: #208591)
  * debian/docs: Renamed to tinc.docs.
  * debian/rules: Install the contents of doc/sample-config.tar.gz in
    /usr/share/doc/tinc/examples instead of /etc/tinc.
  * debian/Makefile*: Removed.

tinc (1.0.1-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/001_openbsd_device.c.patch: Removed.

tinc (1.0release-1) unstable; urgency=low

  * New upstream version.  (Closes: #204639)
      * Fixes switching back to normal logging mode when killing with
        SIGINT twice.  (Closes: #175633)
      * Uses one SSL context struct for each connection, speeding up
        encrypting/decrypting data; don't throw away out of sequence
        packets.  (Closes: #188874)
      * Fixes handling of broadcast messages.  (Closes: #175632)
  * debian/rules: Use cdbs.
  * debian/control: Build-Depend on cdbs, liblzo-dev.
  * debian/patches/001_openbsd_device.c.patch: Sync openbsd/device.c to
    latest CVS version.

tinc (1.0pre8-6) unstable; urgency=low

  * debian/po/fr.po: Added French debconf translation.  (Closes: #201803)

tinc (1.0pre8-5) unstable; urgency=low

  * debian/*: Change to po-debconf, thanks to From: Michel Grentzinger
    <mic.grentz@online.fr> for the patch:
      - change debhelper dependency to 4.1.16 (according to man
        po-debconf),
      - manually add nl translation in old tinc.templates (master),
      - run debconf-gettextize debian/tinc.templates,
      - move old templates files (debian/tinc.templates.*),
      - change construction "If you say no" to "If you refuse",
  * debian/rules: Call po2debconf.
  * debian/rules: Don't copy COPYING.README to the package.
  * debian/control: Update Standards-Version.
  * debian/conffiles: Removed.
  * debian/postinst: No longer use mknod directly, use MAKEDEV.

tinc (1.0pre8-4) unstable; urgency=low

  * src/net.h, src/net_packet.c, src/net_setup.c: Apply fix from CVS
    for OpenSSL-related memory leaks.  (Closes: #189432)

tinc (1.0pre8-3) unstable; urgency=low

  * m4/openssl.m4: Updated to CVS version.  (Closes: #184400)

tinc (1.0pre8-2) unstable; urgency=low

  * debian/postinst: Create /dev/net/tun if it doesn't exist.
  * debian/tinc.modules: Add alias for /dev/net/tun.
  * debian/rules: Install tinc.modules.
  * These things together: (Closes: #151967, #153156)

tinc (1.0pre8-1) unstable; urgency=low

  * New upstream version.
  * debian/rules:
      - DEB_BUILD_OPTIONS support.
      - Enable --enable-tracing by default.

tinc (1.0pre7-3) unstable; urgency=low

  * Properly install _all_ info pages. (Closes: #144718)
2019-08-26 13:44:36 +02:00
Ivo Timmermans
0f3c45c5cc Import Debian changes 1.0pre7-2
tinc (1.0pre7-2) unstable; urgency=low

  * Dutch translation wasn't being installed.

tinc (1.0pre7-1) unstable; urgency=medium

  * New upstream release.

tinc (1.0pre6-3) unstable; urgency=medium

  * Synched with upstream CVS.
  * Added build dependency on zlib1g-dev. (Closes: #141705)

tinc (1.0pre6-2) unstable; urgency=low

  * The Section was non-US again, so changed it back to main/net.

tinc (1.0pre6-1) unstable; urgency=low

  * New upstream release.
  * Fixed text in debian/copyright

tinc (1.0pre5-4) unstable; urgency=low

  * Added a debconf question for restarting on upgrade.
  * Added reload option to init.d, start with EXTRA='-d' default.
  * Moved from non-US to main.
  * Install example configuration files.
  * The HTML documentation wasn't installed; fixed.

tinc (1.0pre5-3) unstable; urgency=low

  * Config variables are now treated case sentitivly again.
  * Added a forgotten xstrdup.

tinc (1.0pre5-2) unstable; urgency=low

  * MaxTimeout accidentally wasn't configurable. (Closes: #119653)

tinc (1.0pre5-1) unstable; urgency=low

  * New upstream version. (Closes: #119653)
  * Init script redone in sh.

tinc (1.0pre4-1.cvs010621.6) unstable; urgency=low

  * Somehow po-Makefile.in.in.diff got lost, readded. (Closes: #119157)

tinc (1.0pre4-1.cvs010621.5) unstable; urgency=low

  * Fix a typo in postinst that let it MAKEDEV even on devfs.
    (Closes: #116034)

tinc (1.0pre4-1.cvs010621.4) unstable; urgency=low

  * Ask before creating the device files. (Closes: #111099)
  * Add a section to the info file.

tinc (1.0pre4-1.cvs010621.3) unstable; urgency=low

  * Build and install html documentation. (Closes: #106843)
  * Remove build-time dependency on libc6-dev.

tinc (1.0pre4-1.cvs010621.2) unstable; urgency=low

  * Changed location of the pidfile. (Closes: #102798)

tinc (1.0pre4-1.cvs010621.1) unstable; urgency=low

  * New upstream version. (Closes: #98730)
  * Rebuilding automatically inserted new config.{sub|guess}.
    (Closes: #98165)
  * Updated Standards-Version.
  * Don't include a sample configuration file.

tinc (1.0pre3-5) unstable; urgency=low

  * Fixed an error in the init script that prevented tinc from
    starting correctly.

tinc (1.0pre3-4) unstable; urgency=low

  * Change build-depends for OpenSSL to libssl096-dev
    (Closes: #84197, #84873).

tinc (1.0pre3-3) unstable; urgency=low

  * Set architecture to any (really this time!) (Closes: #80451).
  * Section set to non-US

tinc (1.0pre3-2) unstable; urgency=low

  * Set architecture to any (Closes: #80451).
  * Added tinc.modules with some useful module aliases.

tinc (1.0pre3-1) unstable; urgency=low

  * New upstream version (1.0pre3) (Closes: #71274).
  * Better Depends and Build-Depends lines.
  * Dropped dependencies on libgmp, added libssl.
  * doc-base.tinc: New file.
  * Deleted the file shlibs, as there on longer is a libblowfish.
  * Patch po/Makefile.in.in from po-Makefile.in.in.diff if necessary.
  * Use dh_perl to get accurate perl dependencies.

tinc (1.0pre2-1.1) unstable; urgency=low

  * NMU at Ivo's request as his application is being processed, and his
    sponsor is based in the US.

tinc (1.0pre2-1) unstable; urgency=low

  * postinst creates a file /etc/tinc/nets.boot, containing all networks
    to be started upon system startup;
  * init.d script starts all networks from that list.
  * postinst script creates tap devices.

tinc (1.0pre1-0.4) unstable; urgency=low

  * postinst script.

tinc (1.0pre1-0.3) unstable; urgency=low

  * system startup script.

tinc (1.0pre1-0.2) unstable; urgency=low

  * Included the blowfish license.

tinc (1.0pre1-0.1) unstable; urgency=low

  * Initial Release.
2019-08-26 13:44:36 +02:00
149 changed files with 14656 additions and 9037 deletions

View file

@ -1,4 +1,4 @@
Copyright (C) 1998-2015 Ivo Timmermans, Guus Sliepen and others.
Copyright (C) 1998-2019 Ivo Timmermans, Guus Sliepen and others.
See the AUTHORS file for a complete list.
This program is free software; you can redistribute it and/or modify it under

234
ChangeLog
View file

@ -1,3 +1,237 @@
Version 1.0.36 August 26 2019
------------------------------------------------------------------------
Guus Sliepen (8):
Remove the call to RAND_load_file().
Update THANKS.
Backport tinc 1.1's str2net() function.
Update THANKS.
Fix spelling errors found by codespell.
Reformat all code using astyle.
Add a missing check for a pathname being too long.
Releasing 1.0.36.
Rosen Penev (2):
Fix compilation when OpenSSL has no ENGINE support
Fix compilation without deprecated OpenSSL APIs
Quentin Rameau (1):
Double-quote nodes in graphviz network file
Werner Schreiber (1):
Fix segfault when dest->mtu is 0.
Version 1.0.35 October 05 2018
------------------------------------------------------------------------
Guus Sliepen (12):
Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738)
Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758)
Check the return value from snprintf().
Check the return values from BN_hex2bn() and RAND_load_file().
Fix all warnings when compiling with -Wall -W -pedantic.
Fix two small memory leaks.
Don't check for NULL-pointers before calling free().
Update THANKS.
Fix checks for Cygwin-related macros.
Fix spelling errors.
Update README and links to required libraries.
Releasing 1.0.35.
AMRI Amine (1):
Fixing typo
Rafael Sadowski (1):
OpenBSD has a proper tap device.
Version 1.0.34 June 12 2018
------------------------------------------------------------------------
Guus Sliepen (10):
Add missing thanks to the NEWS message.
Fix building documentation when using OpenBSD's make.
Fix #ifdefs that were broken due to commit d178b58.
Don't use SOL_IP and SOL_IPV6.
Make systemd service file handling identical to tinc 1.1.
Rename distro/ to systemd/.
Document how to enable tinc at boot time using systemd.
Fix all spelling errors found by codespell.
Properly implement tinc.texi's dependency on tincinclude.texi.
Releasing 1.0.34.
Maximilian Stein (1):
Fix SEGFAULT when trying to connect to IPv6 peer in non-IPv6 environment
wangliushuai (1):
Remove redundant 'break'.
Version 1.0.33 November 04 2017
------------------------------------------------------------------------
Guus Sliepen (31):
Udpate THANKS.
Fix a potential memory leak.
Use AC_CONFIG_MACRO_DIR().
Give absolute path for #include to AC_CHECK_HEADERS().
Prepare for automatic code formatting using Artistic Style.
Never remove items from cmdline_conf.
Use stack-allocated strings for temporary filenames.
Fix a few minor memory leaks.
Remove unused/obsolete checks from configure.ac.
Use getcwd() instead of get_current_dir_name().
Remove xmalloc.c, backport xalloc.h from tinc 1.1.
Update all header guards.
Convert sizeof foo to sizeof(foo).
Reformat all code using astyle.
Don't call ERR_remove_state().
Unconditionally include stdbool.h and inttypes.h.
Remove more obsolete autoconf checks.
Remove obsolete m4/README.
Fix some "make distcheck" errors.
Add some information about the requirements of a chroot environment.
Handle tun/tap device returning EPERM or EBUSY.
Disable PMTU discovery when TCPOnly is used.
Fix all -Wall -W compiler warnings.
Realign comments.
Remove unused functions.
Ensure all parameters have names in header files.
Support autoconf's --runstatedir option.
Const correctness.
Fix compilation errors when --enable-uml is used.
Update THANKS.
Releasing 1.0.33.
Rafael Sadowski (1):
fix tinc.conf for OpenBSD
nemunaire (1):
Allow compilation from a build directory
Version 1.0.32 September 02 2017
------------------------------------------------------------------------
Guus Sliepen (13):
Don't dereference myself->incipher if it's NULL.
Merge remote-tracking branch 'VittGam/master'
Use /dev/udp instead of /dev/ip on Solaris.
Use getmsg()/putmsg() instead of read()/write() on Solaris.
Fix Solaris DeviceType = tap in router Mode.
Bind outgoing TCP sockets.
Move logging of "would block" messages to debug level 4.
Set KillMode=mixed in the systemd service file.
Don't forget about outgoing connections on host file read errors.
Fix Proxy = exec.
Set status.proxy_passed early for Proxy = exec.
Don't try to bind Proxy = exec sockets to an address.
Releasing 1.0.32.
Vittorio Gambaletta (VittGam) (1):
route: Support ToS/DiffServ priority inheritance when routing IPv6 packets.
Version 1.0.31 January 15 2017
------------------------------------------------------------------------
Guus Sliepen (1):
Releasing 1.0.31.
Élie Bouttier (1):
Remove ExecStop in tinc@.service
Version 1.0.30 October 30 2016
------------------------------------------------------------------------
Guus Sliepen (11):
Allow non-empty lines after status code from a HTTP proxy.
Fix proxy reply parsing broken by the previous commit.
Log only the first line of a proxy request rejection message.
Delay sending the real ID request until after a proxy request is granted.
Use AES256 and SHA256 by default, also for the meta-connections.
Enforce maximum amount of bytes sent/received on meta-connections.
Fix bit shifting arithmetic so the code actually does what the last commit message says.
Really fix byte budget calculation.
Use AES in CTR mode instead of OFB mode for meta-connections.
Use CFB mode for meta-connections to improve security.
Releasing 1.0.30.
Version 1.0.29 October 09 2016
------------------------------------------------------------------------
Guus Sliepen (11):
Preserve IPv6 scope_id in edges.
Ensure compatibility with OpenSSL 1.1.0.
Add -Wall to CFLAGS.
Check return value of RSA_generate_key_ex().
Force nul-termination of strings after vsnprintf().
Log warnings about dropped packets only with debug level 5 or higher.
Add a copy of ax_append_flag.m4.
Add ax_require_defined.m4.
Fix possibly unitialized variable.
Fix compiler warnings about format string errors on BSD.
Releasing 1.0.29.
Version 1.0.28 April 10 2016
------------------------------------------------------------------------
Guus Sliepen (8):
Fix compiling bsd/device.c on systems without utun.
Really remove use of __DATE__ and __TIME__ to facilitate reproducible builds.
Add systemd service files.
Update .gitignore.
Ensure the service files are in the tarball.
Explicitly mention that LibreSSL can be used as well.
Update links in the documentation.
Releasing 1.0.28.
Version 1.0.27 April 10 2016
------------------------------------------------------------------------
Guus Sliepen (26):
Add missing AM_PROG_CC_C_O to configure.ac.
Attribution for various contributors.
Update "now" after connect() when making outgoing connections.
Add ability to use proxies to connect to hostnames when there is no nameserver.
Only add a reflexive address when we're sure it's working.
Fix compatibility with TAP-Win32 9.0.0.21 and later.
Fix warnings from the Clang Static Analyzer.
Improve performance of edge updates.
Clarify that scripts are called synchronously.
Small fixes for the documentation.
Add warnings for bad combinations of Device and Interface.
Fix forwarding of edge updates.
Don't compile getopt*.c if the system provides getopt_long().
Update .gitignore.
Update THANKS.
Use iface instead of interface.
Update copyright notices.
Remove use of __DATE__ and __TIME__ to facilitate reproducible builds.
Cast 0xff to char before comparing it to another char.
Get rid of a warning when compiling tinc using MinGW.
Every BSD flavor has a tap device nowadays.
Use devname() if available to support devfs cloning on BSD.
Use SIOCGIFADDR on BSDs that support it.
Enable silent builds by default.
Add support for OS X utun interfaces.
Releasing 1.0.27.
Vittorio Gambaletta (VittGam) (6):
Fix DecrementTTL option.
Fix source IP address for ICMP unreachable packets generated by tinc.
Try to reply with node address only when decrementing the TTL.
Fix DecrementTTL option for packets destined to the local node.
s/broadcast_packet_helper/route_broadcast/
Remove forward declaration for do_decrement_ttl.
LunarShaddow (3):
fix typo
re-arrange include sequence to avoid a mingw introduced bug.
Proofing README.
Florian Weik (1):
Fix NAME variable in subnet-* scripts for local subnets.
Nathan Stratton Treadway (1):
Fix invalid checksum generation.
Version 1.0.26 July 05 2015
------------------------------------------------------------------------

316
INSTALL
View file

@ -1,8 +1,8 @@
Installation Instructions
*************************
Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation,
Inc.
Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software
Foundation, Inc.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
@ -12,97 +12,96 @@ without warranty of any kind.
Basic Installation
==================
Briefly, the shell command `./configure && make && make install'
Briefly, the shell command './configure && make && make install'
should configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
more-detailed instructions are generic; see the 'README' file for
instructions specific to this package. Some packages provide this
`INSTALL' file but do not implement all of the features documented
'INSTALL' file but do not implement all of the features documented
below. The lack of an optional feature in a given package is not
necessarily a bug. More recommendations for GNU packages can be found
in *note Makefile Conventions: (standards)Makefile Conventions.
The `configure' shell script attempts to guess correct values for
The 'configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
those values to create a 'Makefile' in each directory of the package.
It may also create one or more '.h' files containing system-dependent
definitions. Finally, it creates a shell script 'config.status' that
you can run in the future to recreate the current configuration, and a
file `config.log' containing compiler output (useful mainly for
debugging `configure').
file 'config.log' containing compiler output (useful mainly for
debugging 'configure').
It can also use an optional file (typically called `config.cache'
and enabled with `--cache-file=config.cache' or simply `-C') that saves
the results of its tests to speed up reconfiguring. Caching is
disabled by default to prevent problems with accidental use of stale
cache files.
It can also use an optional file (typically called 'config.cache' and
enabled with '--cache-file=config.cache' or simply '-C') that saves the
results of its tests to speed up reconfiguring. Caching is disabled by
default to prevent problems with accidental use of stale cache files.
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
to figure out how 'configure' could check whether to do them, and mail
diffs or instructions to the address given in the 'README' so they can
be considered for the next release. If you are using the cache, and at
some point `config.cache' contains results you don't want to keep, you
some point 'config.cache' contains results you don't want to keep, you
may remove or edit it.
The file `configure.ac' (or `configure.in') is used to create
`configure' by a program called `autoconf'. You need `configure.ac' if
you want to change it or regenerate `configure' using a newer version
of `autoconf'.
The file 'configure.ac' (or 'configure.in') is used to create
'configure' by a program called 'autoconf'. You need 'configure.ac' if
you want to change it or regenerate 'configure' using a newer version of
'autoconf'.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system.
1. 'cd' to the directory containing the package's source code and type
'./configure' to configure the package for your system.
Running `configure' might take a while. While running, it prints
Running 'configure' might take a while. While running, it prints
some messages telling which features it is checking for.
2. Type `make' to compile the package.
2. Type 'make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
3. Optionally, type 'make check' to run any self-tests that come with
the package, generally using the just-built uninstalled binaries.
4. Type `make install' to install the programs and any data files and
4. Type 'make install' to install the programs and any data files and
documentation. When installing into a prefix owned by root, it is
recommended that the package be configured and built as a regular
user, and only the `make install' phase executed with root
user, and only the 'make install' phase executed with root
privileges.
5. Optionally, type `make installcheck' to repeat any self-tests, but
5. Optionally, type 'make installcheck' to repeat any self-tests, but
this time using the binaries in their final installed location.
This target does not install anything. Running this target as a
regular user, particularly if the prior `make install' required
regular user, particularly if the prior 'make install' required
root privileges, verifies that the installation completed
correctly.
6. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly
source code directory by typing 'make clean'. To also remove the
files that 'configure' created (so you can compile the package for
a different kind of computer), type 'make distclean'. There is
also a 'make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
7. Often, you can also type `make uninstall' to remove the installed
7. Often, you can also type 'make uninstall' to remove the installed
files again. In practice, not all packages have tested that
uninstallation works correctly, even though it is required by the
GNU Coding Standards.
8. Some packages, particularly those that use Automake, provide `make
8. Some packages, particularly those that use Automake, provide 'make
distcheck', which can by used by developers to test that all other
targets like `make install' and `make uninstall' work correctly.
targets like 'make install' and 'make uninstall' work correctly.
This target is generally not run by end users.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. Run `./configure --help'
the 'configure' script does not know about. Run './configure --help'
for details on some of the pertinent environment variables.
You can give `configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here
is an example:
You can give 'configure' initial values for configuration parameters
by setting variables in the command line or in the environment. Here is
an example:
./configure CC=c99 CFLAGS=-g LIBS=-lposix
@ -113,21 +112,21 @@ Compiling For Multiple Architectures
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you can use GNU `make'. `cd' to the
own directory. To do this, you can use GNU 'make'. 'cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'. This
is known as a "VPATH" build.
the 'configure' script. 'configure' automatically checks for the source
code in the directory that 'configure' is in and in '..'. This is known
as a "VPATH" build.
With a non-GNU `make', it is safer to compile the package for one
With a non-GNU 'make', it is safer to compile the package for one
architecture at a time in the source code directory. After you have
installed the package for one architecture, use `make distclean' before
installed the package for one architecture, use 'make distclean' before
reconfiguring for another architecture.
On MacOS X 10.5 and later systems, you can create libraries and
executables that work on multiple system types--known as "fat" or
"universal" binaries--by specifying multiple `-arch' options to the
compiler but only a single `-arch' option to the preprocessor. Like
"universal" binaries--by specifying multiple '-arch' options to the
compiler but only a single '-arch' option to the preprocessor. Like
this:
./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
@ -136,105 +135,104 @@ this:
This is not guaranteed to produce working output in all cases, you
may have to build one architecture at a time and combine the results
using the `lipo' tool if you have problems.
using the 'lipo' tool if you have problems.
Installation Names
==================
By default, `make install' installs the package's commands under
`/usr/local/bin', include files under `/usr/local/include', etc. You
can specify an installation prefix other than `/usr/local' by giving
`configure' the option `--prefix=PREFIX', where PREFIX must be an
By default, 'make install' installs the package's commands under
'/usr/local/bin', include files under '/usr/local/include', etc. You
can specify an installation prefix other than '/usr/local' by giving
'configure' the option '--prefix=PREFIX', where PREFIX must be an
absolute file name.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
pass the option `--exec-prefix=PREFIX' to `configure', the package uses
pass the option '--exec-prefix=PREFIX' to 'configure', the package uses
PREFIX as the prefix for installing programs and libraries.
Documentation and other data files still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=DIR' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them. In general, the
default for these options is expressed in terms of `${prefix}', so that
specifying just `--prefix' will affect all of the other directory
options like '--bindir=DIR' to specify different values for particular
kinds of files. Run 'configure --help' for a list of the directories
you can set and what kinds of files go in them. In general, the default
for these options is expressed in terms of '${prefix}', so that
specifying just '--prefix' will affect all of the other directory
specifications that were not explicitly provided.
The most portable way to affect installation locations is to pass the
correct locations to `configure'; however, many packages provide one or
correct locations to 'configure'; however, many packages provide one or
both of the following shortcuts of passing variable assignments to the
`make install' command line to change installation locations without
'make install' command line to change installation locations without
having to reconfigure or recompile.
The first method involves providing an override variable for each
affected directory. For example, `make install
affected directory. For example, 'make install
prefix=/alternate/directory' will choose an alternate location for all
directory configuration variables that were expressed in terms of
`${prefix}'. Any directories that were specified during `configure',
but not in terms of `${prefix}', must each be overridden at install
time for the entire installation to be relocated. The approach of
makefile variable overrides for each directory variable is required by
the GNU Coding Standards, and ideally causes no recompilation.
However, some platforms have known limitations with the semantics of
shared libraries that end up requiring recompilation when using this
method, particularly noticeable in packages that use GNU Libtool.
'${prefix}'. Any directories that were specified during 'configure',
but not in terms of '${prefix}', must each be overridden at install time
for the entire installation to be relocated. The approach of makefile
variable overrides for each directory variable is required by the GNU
Coding Standards, and ideally causes no recompilation. However, some
platforms have known limitations with the semantics of shared libraries
that end up requiring recompilation when using this method, particularly
noticeable in packages that use GNU Libtool.
The second method involves providing the `DESTDIR' variable. For
example, `make install DESTDIR=/alternate/directory' will prepend
`/alternate/directory' before all installation names. The approach of
`DESTDIR' overrides is not required by the GNU Coding Standards, and
The second method involves providing the 'DESTDIR' variable. For
example, 'make install DESTDIR=/alternate/directory' will prepend
'/alternate/directory' before all installation names. The approach of
'DESTDIR' overrides is not required by the GNU Coding Standards, and
does not work on platforms that have drive letters. On the other hand,
it does better at avoiding recompilation issues, and works well even
when some directory options were not specified in terms of `${prefix}'
at `configure' time.
when some directory options were not specified in terms of '${prefix}'
at 'configure' time.
Optional Features
=================
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
with an extra prefix or suffix on their names by giving 'configure' the
option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'.
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
Some packages pay attention to '--enable-FEATURE' options to
'configure', where FEATURE indicates an optional part of the package.
They may also pay attention to '--with-PACKAGE' options, where PACKAGE
is something like 'gnu-as' or 'x' (for the X Window System). The
'README' should mention any '--enable-' and '--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
For packages that use the X Window System, 'configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
you can use the 'configure' options '--x-includes=DIR' and
'--x-libraries=DIR' to specify their locations.
Some packages offer the ability to configure how verbose the
execution of `make' will be. For these packages, running `./configure
execution of 'make' will be. For these packages, running './configure
--enable-silent-rules' sets the default to minimal output, which can be
overridden with `make V=1'; while running `./configure
overridden with 'make V=1'; while running './configure
--disable-silent-rules' sets the default to verbose, which can be
overridden with `make V=0'.
overridden with 'make V=0'.
Particular systems
==================
On HP-UX, the default C compiler is not ANSI C compatible. If GNU
CC is not installed, it is recommended to use the following options in
On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC
is not installed, it is recommended to use the following options in
order to use an ANSI C compiler:
./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
HP-UX `make' updates targets which have the same time stamps as
their prerequisites, which makes it generally unusable when shipped
generated files such as `configure' are involved. Use GNU `make'
instead.
HP-UX 'make' updates targets which have the same time stamps as their
prerequisites, which makes it generally unusable when shipped generated
files such as 'configure' are involved. Use GNU 'make' instead.
On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
parse its `<wchar.h>' header file. The option `-nodtk' can be used as
a workaround. If GNU CC is not installed, it is therefore recommended
to try
parse its '<wchar.h>' header file. The option '-nodtk' can be used as a
workaround. If GNU CC is not installed, it is therefore recommended to
try
./configure CC="cc"
@ -242,26 +240,26 @@ and if that doesn't work, try
./configure CC="cc -nodtk"
On Solaris, don't put `/usr/ucb' early in your `PATH'. This
On Solaris, don't put '/usr/ucb' early in your 'PATH'. This
directory contains several dysfunctional programs; working variants of
these programs are available in `/usr/bin'. So, if you need `/usr/ucb'
in your `PATH', put it _after_ `/usr/bin'.
these programs are available in '/usr/bin'. So, if you need '/usr/ucb'
in your 'PATH', put it _after_ '/usr/bin'.
On Haiku, software installed for all users goes in `/boot/common',
not `/usr/local'. It is recommended to use the following options:
On Haiku, software installed for all users goes in '/boot/common',
not '/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common
Specifying the System Type
==========================
There may be some features `configure' cannot figure out
There may be some features 'configure' cannot figure out
automatically, but needs to determine by the type of machine the package
will run on. Usually, assuming the package is built to be run on the
_same_ architectures, `configure' can figure that out, but if it prints
_same_ architectures, 'configure' can figure that out, but if it prints
a message saying it cannot guess the machine type, give it the
`--build=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name which has the form:
'--build=TYPE' option. TYPE can either be a short name for the system
type, such as 'sun4', or a canonical name which has the form:
CPU-COMPANY-SYSTEM
@ -270,101 +268,101 @@ where SYSTEM can have one of these forms:
OS
KERNEL-OS
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
See the file 'config.sub' for the possible values of each field. If
'config.sub' isn't included in this package, then this package doesn't
need to know the machine type.
If you are _building_ compiler tools for cross-compiling, you should
use the option `--target=TYPE' to select the type of system they will
use the option '--target=TYPE' to select the type of system they will
produce code for.
If you want to _use_ a cross compiler, that generates code for a
platform different from the build platform, you should specify the
"host" platform (i.e., that on which the generated programs will
eventually be run) with `--host=TYPE'.
eventually be run) with '--host=TYPE'.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
If you want to set default values for 'configure' scripts to share,
you can create a site shell script called 'config.site' that gives
default values for variables like 'CC', 'cache_file', and 'prefix'.
'configure' looks for 'PREFIX/share/config.site' if it exists, then
'PREFIX/etc/config.site' if it exists. Or, you can set the
'CONFIG_SITE' environment variable to the location of the site script.
A warning: not all 'configure' scripts look for a site script.
Defining Variables
==================
Variables not defined in a site shell script can be set in the
environment passed to `configure'. However, some packages may run
environment passed to 'configure'. However, some packages may run
configure again during the build, and the customized values of these
variables may be lost. In order to avoid this problem, you should set
them in the `configure' command line, using `VAR=value'. For example:
them in the 'configure' command line, using 'VAR=value'. For example:
./configure CC=/usr/local2/bin/gcc
causes the specified `gcc' to be used as the C compiler (unless it is
causes the specified 'gcc' to be used as the C compiler (unless it is
overridden in the site shell script).
Unfortunately, this technique does not work for `CONFIG_SHELL' due to
an Autoconf limitation. Until the limitation is lifted, you can use
this workaround:
Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an
Autoconf limitation. Until the limitation is lifted, you can use this
workaround:
CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
`configure' Invocation
'configure' Invocation
======================
`configure' recognizes the following options to control how it
'configure' recognizes the following options to control how it
operates.
`--help'
`-h'
Print a summary of all of the options to `configure', and exit.
'--help'
'-h'
Print a summary of all of the options to 'configure', and exit.
`--help=short'
`--help=recursive'
'--help=short'
'--help=recursive'
Print a summary of the options unique to this package's
`configure', and exit. The `short' variant lists options used
only in the top level, while the `recursive' variant lists options
also present in any nested packages.
'configure', and exit. The 'short' variant lists options used only
in the top level, while the 'recursive' variant lists options also
present in any nested packages.
`--version'
`-V'
Print the version of Autoconf used to generate the `configure'
'--version'
'-V'
Print the version of Autoconf used to generate the 'configure'
script, and exit.
`--cache-file=FILE'
'--cache-file=FILE'
Enable the cache: use and save the results of the tests in FILE,
traditionally `config.cache'. FILE defaults to `/dev/null' to
traditionally 'config.cache'. FILE defaults to '/dev/null' to
disable caching.
`--config-cache'
`-C'
Alias for `--cache-file=config.cache'.
'--config-cache'
'-C'
Alias for '--cache-file=config.cache'.
`--quiet'
`--silent'
`-q'
'--quiet'
'--silent'
'-q'
Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error
suppress all normal output, redirect it to '/dev/null' (any error
messages will still be shown).
`--srcdir=DIR'
'--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
'configure' can determine that directory automatically.
`--prefix=DIR'
Use DIR as the installation prefix. *note Installation Names::
for more details, including other options available for fine-tuning
the installation locations.
'--prefix=DIR'
Use DIR as the installation prefix. *note Installation Names:: for
more details, including other options available for fine-tuning the
installation locations.
`--no-create'
`-n'
'--no-create'
'-n'
Run the configure checks, but stop before creating any output
files.
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.
'configure' also accepts some other, not widely useful, options. Run
'configure --help' for more details.

View file

@ -2,7 +2,7 @@
AUTOMAKE_OPTIONS = gnu
SUBDIRS = m4 src doc
SUBDIRS = src doc systemd
ACLOCAL_AMFLAGS = -I m4
@ -10,3 +10,6 @@ EXTRA_DIST = COPYING.README README.android
ChangeLog:
git log > ChangeLog
astyle:
astyle --options=.astylerc -nQ src/*.[ch] src/*/*.[ch]

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.14.1 from Makefile.am.
# Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2013 Free Software Foundation, Inc.
# Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@ -78,19 +88,19 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = .
DIST_COMMON = INSTALL NEWS README AUTHORS ChangeLog \
$(srcdir)/Makefile.in $(srcdir)/Makefile.am \
$(top_srcdir)/configure $(am__configure_deps) \
$(srcdir)/config.h.in COPYING THANKS compile config.guess \
config.sub depcomp install-sh missing
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/ax_append_flag.m4 \
$(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_check_compile_flag.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/zlib.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \
$(am__configure_deps) $(am__DIST_COMMON)
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
configure.lineno config.status.lineno
mkinstalldirs = $(install_sh) -d
@ -131,9 +141,9 @@ am__recursive_targets = \
$(RECURSIVE_CLEAN_TARGETS) \
$(am__extra_recursive_targets)
AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \
cscope distdir dist dist-all distcheck
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \
$(LISP)config.h.in
cscope distdir distdir-am dist dist-all distcheck
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \
config.h.in
# Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is
# *not* preserved.
@ -154,6 +164,9 @@ ETAGS = etags
CTAGS = ctags
CSCOPE = cscope
DIST_SUBDIRS = $(SUBDIRS)
am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in AUTHORS \
COPYING ChangeLog INSTALL NEWS README THANKS compile \
config.guess config.sub depcomp install-sh missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir)
@ -226,7 +239,6 @@ LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
@ -284,16 +296,18 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
systemd_path = @systemd_path@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AUTOMAKE_OPTIONS = gnu
SUBDIRS = m4 src doc
SUBDIRS = src doc systemd
ACLOCAL_AMFLAGS = -I m4
EXTRA_DIST = COPYING.README README.android
all: config.h
@ -302,7 +316,7 @@ all: config.h
.SUFFIXES:
am--refresh: Makefile
@:
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@ -315,23 +329,22 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
echo ' $(SHELL) ./config.status'; \
$(SHELL) ./config.status;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
$(SHELL) ./config.status --recheck
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(top_srcdir)/configure: $(am__configure_deps)
$(am__cd) $(srcdir) && $(AUTOCONF)
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
$(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
$(am__aclocal_m4_deps):
@ -342,7 +355,7 @@ config.h: stamp-h1
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
@rm -f stamp-h1
cd $(top_builddir) && $(SHELL) ./config.status config.h
$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(srcdir)/config.h.in: $(am__configure_deps)
($(am__cd) $(top_srcdir) && $(AUTOHEADER))
rm -f stamp-h1
touch $@
@ -456,7 +469,10 @@ distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-rm -f cscope.out cscope.in.out cscope.po.out cscope.files
distdir: $(DISTFILES)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@case `sed 15q $(srcdir)/NEWS` in \
*"$(VERSION)"*) : ;; \
*) \
@ -527,7 +543,7 @@ distdir: $(DISTFILES)
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r "$(distdir)"
dist-gzip: distdir
tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
$(am__post_remove_distdir)
dist-bzip2: distdir
@ -542,18 +558,22 @@ dist-xz: distdir
tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
$(am__post_remove_distdir)
dist-zstd: distdir
tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst
$(am__post_remove_distdir)
dist-tarZ: distdir
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "Support for distribution archives compressed with" \
"legacy program 'compress' is deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
$(am__post_remove_distdir)
dist-shar: distdir
@echo WARNING: "Support for distribution archives compressed with" \
"legacy program 'compress' is deprecated." >&2
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
$(am__post_remove_distdir)
dist-zip: distdir
@ -571,7 +591,7 @@ dist dist-all:
distcheck: dist
case '$(DIST_ARCHIVES)' in \
*.tar.gz*) \
GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lz*) \
@ -581,23 +601,25 @@ distcheck: dist
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
*.tar.zst*) \
zstd -dc $(distdir).tar.zst | $(am__untar) ;;\
esac
chmod -R a-w $(distdir)
chmod u+w $(distdir)
mkdir $(distdir)/_build $(distdir)/_inst
mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst
chmod a-w $(distdir)
test -d $(distdir)/_build || exit 0; \
dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
&& dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
&& am__cwd=`pwd` \
&& $(am__cd) $(distdir)/_build \
&& ../configure \
&& $(am__cd) $(distdir)/_build/sub \
&& ../../configure \
$(AM_DISTCHECK_CONFIGURE_FLAGS) \
$(DISTCHECK_CONFIGURE_FLAGS) \
--srcdir=.. --prefix="$$dc_install_base" \
--srcdir=../.. --prefix="$$dc_install_base" \
&& $(MAKE) $(AM_MAKEFLAGS) \
&& $(MAKE) $(AM_MAKEFLAGS) dvi \
&& $(MAKE) $(AM_MAKEFLAGS) check \
@ -760,7 +782,7 @@ uninstall-am:
am--refresh check check-am clean clean-cscope clean-generic \
cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \
dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \
distcheck distclean distclean-generic distclean-hdr \
dist-zstd distcheck distclean distclean-generic distclean-hdr \
distclean-tags distcleancheck distdir distuninstallcheck dvi \
dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \
@ -772,10 +794,15 @@ uninstall-am:
mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am
.PRECIOUS: Makefile
ChangeLog:
git log > ChangeLog
astyle:
astyle --options=.astylerc -nQ src/*.[ch] src/*/*.[ch]
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

105
NEWS
View file

@ -1,3 +1,106 @@
Version 1.0.36 August 26 2019
* Fix compiling tinc with certain versions of the OpenSSL library.
* Fix parsing some IPv6 addresses with :: in them.
* Fix GraphDumpFile output to handle node names starting with a digit.
* Fix a potential segmentation fault when fragmenting packets.
Thanks to Rosen Penev, Quentin Rameau and Werner Schreiber for their
contributions to this version of tinc.
Version 1.0.35 October 5 2018
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
* Minor fixes in the documentation.
Thanks to Amine Amri and Rafael Sadowski for their contributions to this
version of tinc.
Version 1.0.34 June 12 2018
* Fix a potential segmentation fault when connecting to an IPv6 peer via a
proxy.
* Minor improvements to the build system.
* Make the systemd service file identical to the one from the 1.1 branch.
* Fix a potential problem causing IPv4 sockets to not work on macOS.
Thanks to Maximilian Stein and Wang Liu Shuai for their contributions to this
version of tinc.
Version 1.0.33 November 4 2017
* Allow compilation from a build directory.
* Source code cleanups.
* Fix some options specified on the command line not surviving a HUP signal.
* Handle tun/tap device returning EPERM or EBUSY.
* Disable PMTUDiscovery when TCPOnly is used.
* Support the --runstatedir option of the autoconf 2.70.
Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their contributions to
this version of tinc.
Version 1.0.32 September 2 2017
* Fix segmentation fault when using Cipher = none.
* Fix Proxy = exec.
* Support PriorityInheritance for IPv6 packets.
* Fixes for Solaris tun/tap support.
* Bind outgoing TCP sockets when ListenAddress is used.
Thanks to Vittorio Gambaletta for his contribution to this version of tinc.
Version 1.0.31 January 15 2017
* Remove ExecStop in tinc@.service.
Thanks to Élie Bouttier for his contribution to this version of tinc.
Version 1.0.30 October 30 2016
* Fix troubles connecting to some HTTP proxies.
* Add mitigations for the Sweet32 attack when using a 64-bit block cipher.
* Use AES256 and SHA256 as the default encryption and digest algorithms.
Version 1.0.29 October 9 2016
* Fix UDP communication with peers with link-local IPv6 addresses.
* Ensure compatibility with OpenSSL 1.1.0.
* Ensure autoreconf can be run without requiring autoconf-archive.
* Log warnings about dropped packets only at debug level 5.
Version 1.0.28 April 10 2016
* Fix compilation on BSD platforms.
* Add systemd service files.
Version 1.0.27 April 10 2016
* When using Proxy, let the proxy resolve hostnames if tinc can't.
* Fixes and improvements of the DecrementTTL option.
* Fixed the $NAME variable in subnet-up/down scripts for the local Subnets.
* Fixed potentially wrong checksum generation when clamping the MSS.
* Properly choose between the system's or our own copy of getopt.
* Fixed compiling tinc for Cygwin with MinGW installed.
* Added support for OS X utun interfaces.
* Documentation updates and minor fixes.
Thanks to Vittorio Gambaletta, LunarShaddow, Florian Weik and Nathan Stratton
Treadway for their contributions to this version of tinc.
Version 1.0.26 July 5 2015
* Tinc now forces glibc to reload /etc/resolv.conf for every hostname lookup.
@ -268,7 +371,7 @@ Version 1.0.9 Dec 26 2008
* Enable path MTU discovery by default.
* Fixed a memory leak that occured when connections were closed.
* Fixed a memory leak that occurred when connections were closed.
Thanks to Max Rijevski for his contributions to this version of tinc.

62
README
View file

@ -1,7 +1,7 @@
This is the README file for tinc version 1.0.26. Installation
This is the README file for tinc version 1.0.36. Installation
instructions may be found in the INSTALL file.
tinc is Copyright (C) 1998-2015 by:
tinc is Copyright (C) 1998-2019 by:
Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>,
@ -39,44 +39,50 @@ practice and that the default length of the HMAC for packets is too short in
his opinion. We do not know of a way to exploit these weaknesses, but these
issues are being addressed in the tinc 1.1 branch.
The Sweet32 attack affects versions of tinc prior to 1.0.30.
On September 6th, 2018, Michael Yonly contacted us and provided
proof-of-concept code that allowed a remote attacker to create an
authenticated, one-way connection with a node, and also that there was a
possibility for a man-in-the-middle to force UDP packets from a node to be sent
in plaintext. The first issue was trivial to exploit on tinc versions prior to
1.0.30, but the changes in 1.0.30 to mitigate the Sweet32 attack made this
weakness much harder to exploit. These issues have been fixed in tinc 1.0.35.
The new protocol in the tinc 1.1 branch is not susceptible to these issues.
Cryptography is a hard thing to get right. We cannot make any
guarantees. Time, review and feedback are the only things that can
prove the security of any cryptographic product. If you wish to review
tinc or give us feedback, you are stronly encouraged to do so.
tinc or give us feedback, you are strongly encouraged to do so.
Changes to configuration file format since 1.0pre5
--------------------------------------------------
Some configuration variables have different names now. Most notably "TapDevice"
should be changed into "Device", and "Device" should be changed into
"BindToDevice".
Compatibility
-------------
Version 1.0.26 is compatible with 1.0pre8, 1.0 and later, but not with older
versions of tinc.
Version 1.0.35 is compatible with 1.0pre8, 1.0 and later, but not with older
versions of tinc. Note that since version 1.0.30, tinc requires all nodes in
the VPN to be compiled with a version of LibreSSL or OpenSSL that supports the
AES256 and SHA256 algorithms.
Requirements
------------
Since 1.0pre3, we use OpenSSL for all cryptographic functions. So you
need to install this library first; grab it from
http://www.openssl.org/. You will need version 0.9.7 or later. If
this library is not installed on you system, configure will fail. The
manual in doc/tinc.texi contains more detailed information on how to
install this library.
The OpenSSL library is used for all cryptographic functions. You can find it at
https://www.openssl.org/. You will need version 1.0.1 or later with support for
AES256 and SHA256 enabled. If this library is not installed on your system, the
configure script will fail. The manual in doc/tinc.texi contains more detailed
information on how to install this library. Alternatively, you may also use the
LibreSSL library.
Since 1.0pre6, the zlib library is used for optional compression. You can
find it at http://www.gzip.org/zlib/. Because of a possible exploit in
The zlib library is used for optional compression. You can
find it at https://zlib.net/. Because of a possible exploit in
earlier versions we recommend that you download version 1.1.4 or later.
Since 1.0, the lzo library is also used for optional compression. You can
find it at http://www.oberhumer.com/opensource/lzo/.
The LZO library is also used for optional compression. You can
find it at https://www.oberhumer.com/opensource/lzo/.
In order to compile tinc, you will need a GNU C compiler environment.
In order to compile tinc, you will need a C99 compliant compiler.
Features
@ -106,14 +112,14 @@ Linux, FreeBSD and Windows.
The algorithms used for encryption and generating message authentication codes
can now be changed in the configuration files. All cipher and digest algorithms
supported by OpenSSL can be used. Useful ciphers are "blowfish" (default),
"bf-ofb", "des", "des3", etcetera. Useful digests are "sha1" (default), "md5",
etcetera.
"bf-ofb", "des", "des3", et cetera. Useful digests are "sha1" (default), "md5",
et cetera.
Support for routing IPv6 packets has been added. Just add Subnet lines with
IPv6 addresses (without using :: abbreviations) and use ifconfig or ip (from
the iproute package) to give the virtual network interface corresponding IPv6
addresses. tinc does not provide autoconfiguration for IPv6 hosts, if you need
it use radvd or zebra.
addresses. tinc does not provide autoconfiguration for IPv6 hosts. Consider
using radvd or zebra if you need it.
It is also possible to make tunnels to other tinc daemons over IPv6 networks,
if the operating system supports IPv6. tinc will automatically use both IPv6
@ -121,7 +127,7 @@ and IPv4 when available, but this can be changed by adding the option
"AddressFamily = ipv4" or "AddressFamily = ipv6" to the tinc.conf file.
Normally, when started tinc will detach and run in the background. In a native
Windows environment this means tinc will intall itself as a service, which will
Windows environment this means tinc will install itself as a service, which will
restart after reboots. To prevent tinc from detaching or running as a service,
use the -D option.

49
THANKS
View file

@ -1,32 +1,52 @@
We would like to thank the following people for their contributions to tinc:
* Alexander Reil and Gemeinde Berg
* Alexander Ried
* Alexis Hildebrandt
* Allesandro Gatti
* Andreas van Cranenburgh
* Andrew Hahn
* Anthony G. Basile
* Armin Fisslthaler
* Armijn Hemel
* Armin Fisslthaler
* Aron Cowan
* Ashish Bajaj
* Baptiste Jonglez
* Borg
* Brandon Black
* Cheng LI
* Cris van Pelt
* Darius Jahandarie
* Dato Simó
* David Pflug
* Delf Eldkraft
* Dennis Joachimsthaler
* dnk
* Егор Палкин
* Élie Bouttier
* Enrique Zanardi
* Erik Tews
* Etienne Dechamps
* Florent Clairambault
* Florian Forster
* Florian Klink
* Florian Weik
* Flynn Marquardt
* Franz Pletz
* Gary Kessler and Claudia Gonzalez
* Grzegorz Dymarek
* Gusariev Oleksandr
* Hans Bayle
* Harvest
* Ivo van Dong
* Ivo Smits
* James Cook
* James MacLean
* Jamie Briggs
* Jan Štembera
* Jason Harper
* Jason Livesay
* Jasper Krijgsman
* Jelle de Jong
* Jeroen Domburg
* Jeroen Ubbink
@ -38,6 +58,8 @@ We would like to thank the following people for their contributions to tinc:
* Loïc Dachary
* Loïc Grenié
* Lubomír Bulej
* luckyhacky
* LunarShaddow
* Mads Kiilerich
* Marc A. Lehmann
* Mark Glines
@ -46,22 +68,37 @@ We would like to thank the following people for their contributions to tinc:
* Martin Kihlgren
* Martin Schobert
* Martin Schürrer
* Martin Weinelt
* Matias Carrasco
* Max Rijevski
* Menno Smits
* Mesar Hameed
* Michael Taylor
* Michael Tokarev
* Michael Yonli
* Miles Nordin
* Nathan Stratton Treadway
* Murat Donmez
* Nick Hibma
* Nick Patavalis
* Paul Littlefield
* Philipp Babel
* Pierre Emeriaud
* Pierre-Olivier Mercier
* Rafael Wolf
* Rafael Sadowski
* Rafał Leśniak
* Rhosyn Celyn
* Robert van der Meulen
* Robert Waniek
* Rumko
* Ryan Miller
* Sam Bryan
* Samuel Thibault
* Saverio Proto
* Scott Lamb
* Steffan Karger
* Stig Fagrell
* Sven-Haegar Koch
* Teemu Kiviniemi
* Thomas Tsiakalakis
@ -70,14 +107,20 @@ We would like to thank the following people for their contributions to tinc:
* Tomislav Čohar
* Tommy Arnkværn
* Tonnerre Lombard
* Ulrich Seifert
* Vil Brekin
* Vincent Laurent
* Vittorio Gambaletta
* Wendy Willard
* Wessel Dankers
* William A. Kennington III
* William McArthur
* Wouter van Heyst
* xentec
* 戴 鸣
And everyone we forgot (if we did, please let us know). Thank you!
Ivo Timmermans
Guus Sliepen
---
Ivo Timmermans,
Guus Sliepen.

239
aclocal.m4 vendored
View file

@ -1,6 +1,6 @@
# generated automatically by aclocal 1.14.1 -*- Autoconf -*-
# generated automatically by aclocal 1.16.2 -*- Autoconf -*-
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Copyright (C) 1996-2020 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -20,7 +20,7 @@ You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically 'autoreconf'.])])
# Copyright (C) 2002-2013 Free Software Foundation, Inc.
# Copyright (C) 2002-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -32,10 +32,10 @@ To do so, use the procedure documented by the package, typically 'autoreconf'.])
# generated from the m4 files accompanying Automake X.Y.
# (This private macro should not be called outside this file.)
AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.14'
[am__api_version='1.16'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.14.1], [],
m4_if([$1], [1.16.2], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@ -51,14 +51,14 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.14.1])dnl
[AM_AUTOMAKE_VERSION([1.16.2])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -110,7 +110,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2013 Free Software Foundation, Inc.
# Copyright (C) 1997-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -141,7 +141,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]])
fi])])
# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -332,13 +332,12 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*-
# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# _AM_OUTPUT_DEPENDENCY_COMMANDS
# ------------------------------
AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
@ -346,49 +345,43 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
# Older Autoconf quotes --file arguments for eval, but not when files
# are listed without --file. Let's play safe and only enable the eval
# if we detect the quoting.
case $CONFIG_FILES in
*\'*) eval set x "$CONFIG_FILES" ;;
*) set x $CONFIG_FILES ;;
esac
# TODO: see whether this extra hack can be removed once we start
# requiring Autoconf 2.70 or later.
AS_CASE([$CONFIG_FILES],
[*\'*], [eval set x "$CONFIG_FILES"],
[*], [set x $CONFIG_FILES])
shift
for mf
# Used to flag and report bootstrapping failures.
am_rc=0
for am_mf
do
# Strip MF so we end up with the name of the file.
mf=`echo "$mf" | sed -e 's/:.*$//'`
# Check whether this is an Automake generated Makefile or not.
# We used to match only the files named 'Makefile.in', but
# some people rename them; so instead we look at the file content.
# Grep'ing the first line is not enough: some people post-process
# each Makefile.in and add a new line on top of each file to say so.
# Grep'ing the whole file is not good either: AIX grep has a line
am_mf=`AS_ECHO(["$am_mf"]) | sed -e 's/:.*$//'`
# Check whether this is an Automake generated Makefile which includes
# dependency-tracking related rules and includes.
# Grep'ing the whole file directly is not great: AIX grep has a line
# limit of 2048, but all sed's we know have understand at least 4000.
if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
dirpart=`AS_DIRNAME("$mf")`
else
continue
fi
# Extract the definition of DEPDIR, am__include, and am__quote
# from the Makefile without running 'make'.
DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
test -z "$DEPDIR" && continue
am__include=`sed -n 's/^am__include = //p' < "$mf"`
test -z "$am__include" && continue
am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
# Find all dependency output files, they are included files with
# $(DEPDIR) in their names. We invoke sed twice because it is the
# simplest approach to changing $(DEPDIR) to its actual value in the
# expansion.
for file in `sed -n "
s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
# Make sure the directory exists.
test -f "$dirpart/$file" && continue
fdir=`AS_DIRNAME(["$file"])`
AS_MKDIR_P([$dirpart/$fdir])
# echo "creating $dirpart/$file"
echo '# dummy' > "$dirpart/$file"
done
sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \
|| continue
am_dirpart=`AS_DIRNAME(["$am_mf"])`
am_filepart=`AS_BASENAME(["$am_mf"])`
AM_RUN_LOG([cd "$am_dirpart" \
&& sed -e '/# am--include-marker/d' "$am_filepart" \
| $MAKE -f - am--depfiles]) || am_rc=$?
done
if test $am_rc -ne 0; then
AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments
for automatic dependency tracking. If GNU make was not used, consider
re-running the configure script with MAKE="gmake" (or whatever is
necessary). You can also try re-running configure with the
'--disable-dependency-tracking' option to at least be able to build
the package (albeit without support for automatic dependency tracking).])
fi
AS_UNSET([am_dirpart])
AS_UNSET([am_filepart])
AS_UNSET([am_mf])
AS_UNSET([am_rc])
rm -f conftest-deps.mk
}
])# _AM_OUTPUT_DEPENDENCY_COMMANDS
@ -397,18 +390,17 @@ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
# -----------------------------
# This macro should only be invoked once -- use via AC_REQUIRE.
#
# This code is only required when automatic dependency tracking
# is enabled. FIXME. This creates each '.P' file that we will
# need in order to bootstrap the dependency handling code.
# This code is only required when automatic dependency tracking is enabled.
# This creates each '.Po' and '.Plo' makefile fragment that we'll need in
# order to bootstrap the dependency handling code.
AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
[AC_CONFIG_COMMANDS([depfiles],
[test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
[AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"])
])
[AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"])])
# Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Copyright (C) 1996-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -495,11 +487,11 @@ AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl
AC_REQUIRE([AC_PROG_MKDIR_P])dnl
# For better backward compatibility. To be removed once Automake 1.9.x
# dies out for good. For more background, see:
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
# <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
# <https://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
# <https://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
# We need awk for the "check" target. The system "awk" is bad on
# some platforms.
# We need awk for the "check" target (and possibly the TAP driver). The
# system "awk" is bad on some platforms.
AC_REQUIRE([AC_PROG_AWK])dnl
AC_REQUIRE([AC_PROG_MAKE_SET])dnl
AC_REQUIRE([AM_SET_LEADING_DOT])dnl
@ -563,7 +555,7 @@ END
Aborting the configuration process, to ensure you take notice of the issue.
You can download and install GNU coreutils to get an 'rm' implementation
that behaves properly: <http://www.gnu.org/software/coreutils/>.
that behaves properly: <https://www.gnu.org/software/coreutils/>.
If you want to complete the configuration process using your problematic
'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
@ -573,6 +565,9 @@ END
AC_MSG_ERROR([Your 'rm' program is bad, sorry.])
fi
fi
dnl The trailing newline in this macro's definition is deliberate, for
dnl backward compatibility and to allow trailing 'dnl'-style comments
dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841.
])
dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not
@ -602,7 +597,7 @@ for _am_header in $config_headers :; do
done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -613,7 +608,7 @@ echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_co
# Define $install_sh.
AC_DEFUN([AM_PROG_INSTALL_SH],
[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
if test x"${install_sh}" != xset; then
if test x"${install_sh+set}" != xset; then
case $am_aux_dir in
*\ * | *\ *)
install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
@ -623,7 +618,7 @@ if test x"${install_sh}" != xset; then
fi
AC_SUBST([install_sh])])
# Copyright (C) 2003-2013 Free Software Foundation, Inc.
# Copyright (C) 2003-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -642,45 +637,9 @@ fi
rmdir .tst 2>/dev/null
AC_SUBST([am__leading_dot])])
# Add --enable-maintainer-mode option to configure. -*- Autoconf -*-
# From Jim Meyering
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# AM_MAINTAINER_MODE([DEFAULT-MODE])
# ----------------------------------
# Control maintainer-specific portions of Makefiles.
# Default is to disable them, unless 'enable' is passed literally.
# For symmetry, 'disable' may be passed as well. Anyway, the user
# can override the default with the --enable/--disable switch.
AC_DEFUN([AM_MAINTAINER_MODE],
[m4_case(m4_default([$1], [disable]),
[enable], [m4_define([am_maintainer_other], [disable])],
[disable], [m4_define([am_maintainer_other], [enable])],
[m4_define([am_maintainer_other], [enable])
m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])])
AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
dnl maintainer-mode's default is 'disable' unless 'enable' is passed
AC_ARG_ENABLE([maintainer-mode],
[AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode],
am_maintainer_other[ make rules and dependencies not useful
(and sometimes confusing) to the casual installer])],
[USE_MAINTAINER_MODE=$enableval],
[USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes]))
AC_MSG_RESULT([$USE_MAINTAINER_MODE])
AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes])
MAINT=$MAINTAINER_MODE_TRUE
AC_SUBST([MAINT])dnl
]
)
# Check to see how 'make' treats includes. -*- Autoconf -*-
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -688,49 +647,42 @@ AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
# AM_MAKE_INCLUDE()
# -----------------
# Check to see how make treats includes.
# Check whether make has an 'include' directive that can support all
# the idioms we need for our automatic dependency tracking code.
AC_DEFUN([AM_MAKE_INCLUDE],
[am_make=${MAKE-make}
cat > confinc << 'END'
[AC_MSG_CHECKING([whether ${MAKE-make} supports the include directive])
cat > confinc.mk << 'END'
am__doit:
@echo this is the am__doit target
@echo this is the am__doit target >confinc.out
.PHONY: am__doit
END
# If we don't find an include directive, just comment out the code.
AC_MSG_CHECKING([for style of include used by $am_make])
am__include="#"
am__quote=
_am_result=none
# First try GNU make style include.
echo "include confinc" > confmf
# Ignore all kinds of additional output from 'make'.
case `$am_make -s -f confmf 2> /dev/null` in #(
*the\ am__doit\ target*)
am__include=include
am__quote=
_am_result=GNU
;;
esac
# Now try BSD make style include.
if test "$am__include" = "#"; then
echo '.include "confinc"' > confmf
case `$am_make -s -f confmf 2> /dev/null` in #(
*the\ am__doit\ target*)
am__include=.include
am__quote="\""
_am_result=BSD
;;
esac
fi
AC_SUBST([am__include])
AC_SUBST([am__quote])
AC_MSG_RESULT([$_am_result])
rm -f confinc confmf
])
# BSD make does it like this.
echo '.include "confinc.mk" # ignored' > confmf.BSD
# Other make implementations (GNU, Solaris 10, AIX) do it like this.
echo 'include confinc.mk # ignored' > confmf.GNU
_am_result=no
for s in GNU BSD; do
AM_RUN_LOG([${MAKE-make} -f confmf.$s && cat confinc.out])
AS_CASE([$?:`cat confinc.out 2>/dev/null`],
['0:this is the am__doit target'],
[AS_CASE([$s],
[BSD], [am__include='.include' am__quote='"'],
[am__include='include' am__quote=''])])
if test "$am__include" != "#"; then
_am_result="yes ($s style)"
break
fi
done
rm -f confinc.* confmf.*
AC_MSG_RESULT([${_am_result}])
AC_SUBST([am__include])])
AC_SUBST([am__quote])])
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
# Copyright (C) 1997-2013 Free Software Foundation, Inc.
# Copyright (C) 1997-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -769,7 +721,7 @@ fi
# Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -798,7 +750,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -845,7 +797,7 @@ AC_LANG_POP([C])])
# For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -864,7 +816,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*-
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Copyright (C) 1996-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -945,7 +897,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file
])
# Copyright (C) 2009-2013 Free Software Foundation, Inc.
# Copyright (C) 2009-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1005,7 +957,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
])
# Copyright (C) 2001-2013 Free Software Foundation, Inc.
# Copyright (C) 2001-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1033,7 +985,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006-2013 Free Software Foundation, Inc.
# Copyright (C) 2006-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1052,7 +1004,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004-2013 Free Software Foundation, Inc.
# Copyright (C) 2004-2020 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1184,8 +1136,11 @@ AC_SUBST([am__untar])
]) # _AM_PROG_TAR
m4_include([m4/attribute.m4])
m4_include([m4/ax_append_flag.m4])
m4_include([m4/ax_cflags_warn_all.m4])
m4_include([m4/ax_check_compile_flag.m4])
m4_include([m4/ax_check_link_flag.m4])
m4_include([m4/ax_require_defined.m4])
m4_include([m4/lzo.m4])
m4_include([m4/openssl.m4])
m4_include([m4/zlib.m4])

17
compile
View file

@ -1,9 +1,9 @@
#! /bin/sh
# Wrapper for compilers which do not understand '-c -o'.
scriptversion=2012-10-14.11; # UTC
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
@ -17,7 +17,7 @@ scriptversion=2012-10-14.11; # UTC
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -53,7 +53,7 @@ func_file_conv ()
MINGW*)
file_conv=mingw
;;
CYGWIN*)
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
@ -67,7 +67,7 @@ func_file_conv ()
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/*)
cygwin/* | msys/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)
@ -255,7 +255,8 @@ EOF
echo "compile $scriptversion"
exit $?
;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe )
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
func_cl_wrapper "$@" # Doesn't return...
;;
esac
@ -339,9 +340,9 @@ exit $ret
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp)
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

692
config.guess vendored

File diff suppressed because it is too large Load diff

View file

@ -21,6 +21,9 @@
/* Define to 1 if you have the `asprintf' function. */
#undef HAVE_ASPRINTF
/* Define to 1 if you have the `BN_GENCB_new' function. */
#undef HAVE_BN_GENCB_NEW
/* Unknown BSD variant */
#undef HAVE_BSD
@ -33,6 +36,10 @@
/* Darwin (MacOS/X) */
#undef HAVE_DARWIN
/* Define to 1 if you have the declaration of `EVP_aes_256_cfb', and to 0 if
you don't. */
#undef HAVE_DECL_EVP_AES_256_CFB
/* Define to 1 if you have the declaration of `freeaddrinfo', and to 0 if you
don't. */
#undef HAVE_DECL_FREEADDRINFO
@ -49,22 +56,35 @@
don't. */
#undef HAVE_DECL_GETNAMEINFO
/* Define to 1 if you have the declaration of `OpenSSL_add_all_algorithms',
and to 0 if you don't. */
#undef HAVE_DECL_OPENSSL_ADD_ALL_ALGORITHMS
/* Define to 1 if you have the declaration of `res_init', and to 0 if you
don't. */
#undef HAVE_DECL_RES_INIT
/* Define to 1 if you have the `devname' function. */
#undef HAVE_DEVNAME
/* Define to 1 if you have the <dirent.h> header file. */
#undef HAVE_DIRENT_H
/* DragonFly */
#undef HAVE_DRAGONFLY
/* Define to 1 if you have the `EVP_CIPHER_CTX_new' function. */
#undef HAVE_EVP_CIPHER_CTX_NEW
/* Define to 1 if you have the `EVP_EncryptInit_ex' function. */
#undef HAVE_EVP_ENCRYPTINIT_EX
/* Define to 1 if you have the `fchmod' function. */
#undef HAVE_FCHMOD
/* Define to 1 if you have the `fdevname' function. */
#undef HAVE_FDEVNAME
/* Define to 1 if you have the `flock' function. */
#undef HAVE_FLOCK
@ -74,15 +94,15 @@
/* FreeBSD */
#undef HAVE_FREEBSD
/* Define to 1 if you have the `ftime' function. */
#undef HAVE_FTIME
/* Define to 1 if you have the <getopt.h> header file. */
#undef HAVE_GETOPT_H
/* getopt_long() */
#undef HAVE_GETOPT_LONG
/* Define to 1 if you have the `gettimeofday' function. */
#undef HAVE_GETTIMEOFDAY
/* Define to 1 if you have the `get_current_dir_name' function. */
#undef HAVE_GET_CURRENT_DIR_NAME
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
@ -179,6 +199,9 @@
/* Define to 1 if you have the <net/if_types.h> header file. */
#undef HAVE_NET_IF_TYPES_H
/* Define to 1 if you have the <net/if_utun.h> header file. */
#undef HAVE_NET_IF_UTUN_H
/* Define to 1 if you have the <net/tap/if_tap.h> header file. */
#undef HAVE_NET_TAP_IF_TAP_H
@ -215,17 +238,14 @@
/* Define to 1 if you have the `putenv' function. */
#undef HAVE_PUTENV
/* Define to 1 if you have the `random' function. */
#undef HAVE_RANDOM
/* Define to 1 if you have the `RAND_pseudo_bytes' function. */
#undef HAVE_RAND_PSEUDO_BYTES
/* Define to 1 if you have the `RAND_bytes' function. */
#undef HAVE_RAND_BYTES
/* Define to 1 if you have the <resolv.h> header file. */
#undef HAVE_RESOLV_H
/* Define to 1 if you have the `select' function. */
#undef HAVE_SELECT
/* Define to 1 if you have the `RSA_set0_key' function. */
#undef HAVE_RSA_SET0_KEY
/* Define to 1 if the system has the type `socklen_t'. */
#undef HAVE_SOCKLEN_T
@ -233,21 +253,12 @@
/* Solaris/SunOS */
#undef HAVE_SOLARIS
/* Define to 1 if you have the <stdbool.h> header file. */
#undef HAVE_STDBOOL_H
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
/* Define to 1 if you have the `strdup' function. */
#undef HAVE_STRDUP
/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
@ -257,9 +268,6 @@
/* Define to 1 if you have the `strsignal' function. */
#undef HAVE_STRSIGNAL
/* Define to 1 if you have the `strtol' function. */
#undef HAVE_STRTOL
/* Define to 1 if the system has the type `struct addrinfo'. */
#undef HAVE_STRUCT_ADDRINFO
@ -338,9 +346,6 @@
/* Define to 1 if you have the <sys/wait.h> header file. */
#undef HAVE_SYS_WAIT_H
/* Define to 1 if you have the <time.h> header file. */
#undef HAVE_TIME_H
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
@ -353,9 +358,6 @@
/* Define to 1 if you have the `vsyslog' function. */
#undef HAVE_VSYSLOG
/* Define to 1 if you have the `writev' function. */
#undef HAVE_WRITEV
/* have zlib compression support */
#undef HAVE_ZLIB
@ -392,12 +394,6 @@
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
#undef TIME_WITH_SYS_TIME
/* Define to 1 if your <sys/time.h> declares `struct tm'. */
#undef TM_IN_SYS_TIME
/* Enable extensions on AIX 3, Interix. */
#ifndef _ALL_SOURCE
# undef _ALL_SOURCE
@ -442,15 +438,5 @@
/* Defined if the __malloc__ attribute is not supported. */
#undef __malloc__
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `int' if <sys/types.h> does not define. */
#undef pid_t
/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t
/* Define to empty if the keyword `volatile' does not work. Warning: valid
code using `volatile' can become incorrect without. Disable with care. */
#undef volatile

310
config.sub vendored
View file

@ -1,8 +1,8 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright 1992-2014 Free Software Foundation, Inc.
# Copyright 1992-2018 Free Software Foundation, Inc.
timestamp='2014-09-11'
timestamp='2018-02-22'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -15,7 +15,7 @@ timestamp='2014-09-11'
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
# along with this program; if not, see <https://www.gnu.org/licenses/>.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -25,7 +25,7 @@ timestamp='2014-09-11'
# of the GNU General Public License, version 3 ("GPLv3").
# Please send patches with a ChangeLog entry to config-patches@gnu.org.
# Please send patches to <config-patches@gnu.org>.
#
# Configuration subroutine to validate and canonicalize a configuration type.
# Supply the specified configuration type as an argument.
@ -33,7 +33,7 @@ timestamp='2014-09-11'
# Otherwise, we print the canonical config type on stdout and succeed.
# You can get the latest version of this script from:
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub
# This file is supposed to be the same for all GNU packages
# and recognize all the CPU types, system types and aliases
@ -53,12 +53,11 @@ timestamp='2014-09-11'
me=`echo "$0" | sed -e 's,.*/,,'`
usage="\
Usage: $0 [OPTION] CPU-MFR-OPSYS
$0 [OPTION] ALIAS
Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS
Canonicalize a configuration name.
Operation modes:
Options:
-h, --help print this help, then exit
-t, --time-stamp print date of last modification, then exit
-v, --version print version number, then exit
@ -68,7 +67,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright 1992-2014 Free Software Foundation, Inc.
Copyright 1992-2018 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -95,7 +94,7 @@ while test $# -gt 0 ; do
*local*)
# First pass through any local machine types.
echo $1
echo "$1"
exit ;;
* )
@ -113,24 +112,24 @@ esac
# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
maybe_os=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
knetbsd*-gnu* | netbsd*-gnu* | \
kopensolaris*-gnu* | \
knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \
kopensolaris*-gnu* | cloudabi*-eabi* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
android-linux)
os=-linux-android
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
;;
*)
basic_machine=`echo $1 | sed 's/-[^-]*$//'`
if [ $basic_machine != $1 ]
then os=`echo $1 | sed 's/.*-/-/'`
basic_machine=`echo "$1" | sed 's/-[^-]*$//'`
if [ "$basic_machine" != "$1" ]
then os=`echo "$1" | sed 's/.*-/-/'`
else os=; fi
;;
esac
@ -179,44 +178,44 @@ case $os in
;;
-sco6)
os=-sco5v6
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco5)
os=-sco3.2v5
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco4)
os=-sco3.2v4
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco3.2.[4-9]*)
os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco3.2v[4-9]*)
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco5v6*)
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-sco*)
os=-sco3.2v2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-udk*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-isc)
os=-isc2.2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-clix*)
basic_machine=clipper-intergraph
;;
-isc*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'`
;;
-lynx*178)
os=-lynxos178
@ -228,10 +227,7 @@ case $os in
os=-lynxos
;;
-ptx*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
;;
-windowsnt*)
os=`echo $os | sed -e 's/windowsnt/winnt/'`
basic_machine=`echo "$1" | sed -e 's/86-.*/86-sequent/'`
;;
-psos*)
os=-psos
@ -255,15 +251,16 @@ case $basic_machine in
| arc | arceb \
| arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \
| avr | avr32 \
| ba \
| be32 | be64 \
| bfin \
| c4x | c8051 | clipper \
| d10v | d30v | dlx | dsp16xx \
| epiphany \
| fido | fr30 | frv \
| e2k | epiphany \
| fido | fr30 | frv | ft32 \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| hexagon \
| i370 | i860 | i960 | ia64 \
| i370 | i860 | i960 | ia16 | ia64 \
| ip2k | iq2000 \
| k1om \
| le32 | le64 \
@ -299,13 +296,14 @@ case $basic_machine in
| nios | nios2 | nios2eb | nios2el \
| ns16k | ns32k \
| open8 | or1k | or1knd | or32 \
| pdp10 | pdp11 | pj | pjl \
| pdp10 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle \
| pru \
| pyramid \
| riscv32 | riscv64 \
| rl78 | rx \
| score \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
@ -313,7 +311,8 @@ case $basic_machine in
| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
| ubicom32 \
| v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
| we32k \
| visium \
| wasm32 \
| x86 | xc16x | xstormy16 | xtensa \
| z8k | z80)
basic_machine=$basic_machine-unknown
@ -327,11 +326,14 @@ case $basic_machine in
c6x)
basic_machine=tic6x-unknown
;;
leon|leon[3-9])
basic_machine=sparc-$basic_machine
;;
m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip)
basic_machine=$basic_machine-unknown
os=-none
;;
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65)
;;
ms1)
basic_machine=mt-unknown
@ -360,7 +362,7 @@ case $basic_machine in
;;
# Object if more than one company name word.
*-*-*)
echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2
exit 1
;;
# Recognize the basic CPU types with company name.
@ -372,17 +374,18 @@ case $basic_machine in
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* | avr32-* \
| ba-* \
| be32-* | be64-* \
| bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* \
| c8051-* | clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
| e2k-* | elxsi-* \
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| hexagon-* \
| i*86-* | i860-* | i960-* | ia64-* \
| i*86-* | i860-* | i960-* | ia16-* | ia64-* \
| ip2k-* | iq2000-* \
| k1om-* \
| le32-* | le64-* \
@ -423,13 +426,15 @@ case $basic_machine in
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
| pru-* \
| pyramid-* \
| riscv32-* | riscv64-* \
| rl78-* | romp-* | rs6000-* | rx-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \
| tahoe-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tile*-* \
@ -437,6 +442,8 @@ case $basic_machine in
| ubicom32-* \
| v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
| vax-* \
| visium-* \
| wasm32-* \
| we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* \
| xstormy16-* | xtensa*-* \
@ -450,7 +457,7 @@ case $basic_machine in
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
386bsd)
basic_machine=i386-unknown
basic_machine=i386-pc
os=-bsd
;;
3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
@ -484,7 +491,7 @@ case $basic_machine in
basic_machine=x86_64-pc
;;
amd64-*)
basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=x86_64-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
amdahl)
basic_machine=580-amdahl
@ -513,6 +520,9 @@ case $basic_machine in
basic_machine=i386-pc
os=-aros
;;
asmjs)
basic_machine=asmjs-unknown
;;
aux)
basic_machine=m68k-apple
os=-aux
@ -526,7 +536,7 @@ case $basic_machine in
os=-linux
;;
blackfin-*)
basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=bfin-`echo "$basic_machine" | sed 's/^[^-]*-//'`
os=-linux
;;
bluegene*)
@ -534,13 +544,13 @@ case $basic_machine in
os=-cnk
;;
c54x-*)
basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=tic54x-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
c55x-*)
basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=tic55x-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
c6x-*)
basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=tic6x-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
c90)
basic_machine=c90-cray
@ -629,10 +639,18 @@ case $basic_machine in
basic_machine=rs6000-bull
os=-bosx
;;
dpx2* | dpx2*-bull)
dpx2*)
basic_machine=m68k-bull
os=-sysv3
;;
e500v[12])
basic_machine=powerpc-unknown
os=$os"spe"
;;
e500v[12]-*)
basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'`
os=$os"spe"
;;
ebmon29k)
basic_machine=a29k-amd
os=-ebmon
@ -722,9 +740,6 @@ case $basic_machine in
hp9k8[0-9][0-9] | hp8[0-9][0-9])
basic_machine=hppa1.0-hp
;;
hppa-next)
os=-nextstep3
;;
hppaosf)
basic_machine=hppa1.1-hp
os=-osf
@ -737,26 +752,26 @@ case $basic_machine in
basic_machine=i370-ibm
;;
i*86v32)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'`
os=-sysv32
;;
i*86v4*)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'`
os=-sysv4
;;
i*86v)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'`
os=-sysv
;;
i*86sol2)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'`
os=-solaris2
;;
i386mach)
basic_machine=i386-mach
os=-mach
;;
i386-vsta | vsta)
vsta)
basic_machine=i386-unknown
os=-vsta
;;
@ -774,17 +789,17 @@ case $basic_machine in
basic_machine=m68k-isi
os=-sysv
;;
leon-*|leon[3-9]-*)
basic_machine=sparc-`echo "$basic_machine" | sed 's/-.*//'`
;;
m68knommu)
basic_machine=m68k-unknown
os=-linux
;;
m68knommu-*)
basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=m68k-`echo "$basic_machine" | sed 's/^[^-]*-//'`
os=-linux
;;
m88k-omron*)
basic_machine=m88k-omron
;;
magnum | m3230)
basic_machine=mips-mips
os=-sysv
@ -816,10 +831,10 @@ case $basic_machine in
os=-mint
;;
mips3*-*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`
;;
mips3*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`-unknown
;;
monitor)
basic_machine=m68k-rom68k
@ -838,7 +853,7 @@ case $basic_machine in
os=-msdos
;;
ms1-*)
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
basic_machine=`echo "$basic_machine" | sed -e 's/ms1-/mt-/'`
;;
msys)
basic_machine=i686-pc
@ -880,7 +895,7 @@ case $basic_machine in
basic_machine=v70-nec
os=-sysv
;;
next | m*-next )
next | m*-next)
basic_machine=m68k-next
case $os in
-nextstep* )
@ -925,6 +940,12 @@ case $basic_machine in
nsr-tandem)
basic_machine=nsr-tandem
;;
nsv-tandem)
basic_machine=nsv-tandem
;;
nsx-tandem)
basic_machine=nsx-tandem
;;
op50n-* | op60c-*)
basic_machine=hppa1.1-oki
os=-proelf
@ -957,7 +978,7 @@ case $basic_machine in
os=-linux
;;
parisc-*)
basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=hppa-`echo "$basic_machine" | sed 's/^[^-]*-//'`
os=-linux
;;
pbd)
@ -973,7 +994,7 @@ case $basic_machine in
basic_machine=i386-pc
;;
pc98-*)
basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=i386-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
@ -988,16 +1009,16 @@ case $basic_machine in
basic_machine=i786-pc
;;
pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=i586-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
pentiumpro-* | p6-* | 6x86-* | athlon-*)
basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
pentium4-*)
basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=i786-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
pn)
basic_machine=pn-gould
@ -1007,23 +1028,23 @@ case $basic_machine in
ppc | ppcbe) basic_machine=powerpc-unknown
;;
ppc-* | ppcbe-*)
basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
ppcle | powerpclittle | ppc-le | powerpc-little)
ppcle | powerpclittle)
basic_machine=powerpcle-unknown
;;
ppcle-* | powerpclittle-*)
basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=powerpcle-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
ppc64) basic_machine=powerpc64-unknown
;;
ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
ppc64-*) basic_machine=powerpc64-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
ppc64le | powerpc64little | ppc64-le | powerpc64-little)
ppc64le | powerpc64little)
basic_machine=powerpc64le-unknown
;;
ppc64le-* | powerpc64little-*)
basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=powerpc64le-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
ps2)
basic_machine=i386-ibm
@ -1077,17 +1098,10 @@ case $basic_machine in
sequent)
basic_machine=i386-sequent
;;
sh)
basic_machine=sh-hitachi
os=-hms
;;
sh5el)
basic_machine=sh5le-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparclite-wrs | simso-wrs)
simso-wrs)
basic_machine=sparclite-wrs
os=-vxworks
;;
@ -1106,7 +1120,7 @@ case $basic_machine in
os=-sysv4
;;
strongarm-* | thumb-*)
basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'`
basic_machine=arm-`echo "$basic_machine" | sed 's/^[^-]*-//'`
;;
sun2)
basic_machine=m68000-sun
@ -1228,6 +1242,9 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
x64)
basic_machine=x86_64-pc
;;
xbox)
basic_machine=i686-pc
os=-mingw32
@ -1236,20 +1253,12 @@ case $basic_machine in
basic_machine=xps100-honeywell
;;
xscale-* | xscalee[bl]-*)
basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'`
basic_machine=`echo "$basic_machine" | sed 's/^xscale/arm/'`
;;
ymp)
basic_machine=ymp-cray
os=-unicos
;;
z8k-*-coff)
basic_machine=z8k-unknown
os=-sim
;;
z80-*-coff)
basic_machine=z80-unknown
os=-sim
;;
none)
basic_machine=none-none
os=-none
@ -1278,10 +1287,6 @@ case $basic_machine in
vax)
basic_machine=vax-dec
;;
pdp10)
# there are many clones, so DEC is not a safe bet
basic_machine=pdp10-unknown
;;
pdp11)
basic_machine=pdp11-dec
;;
@ -1291,9 +1296,6 @@ case $basic_machine in
sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
basic_machine=sparc-sun
;;
cydra)
basic_machine=cydra-cydrome
;;
@ -1313,7 +1315,7 @@ case $basic_machine in
# Make sure to match an already-canonicalized machine name.
;;
*)
echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2
exit 1
;;
esac
@ -1321,10 +1323,10 @@ esac
# Here we canonicalize certain aliases for manufacturers.
case $basic_machine in
*-digital*)
basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
basic_machine=`echo "$basic_machine" | sed 's/digital.*/dec/'`
;;
*-commodore*)
basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
basic_machine=`echo "$basic_machine" | sed 's/commodore.*/cbm/'`
;;
*)
;;
@ -1335,8 +1337,8 @@ esac
if [ x"$os" != x"" ]
then
case $os in
# First match some system type aliases
# that might get confused with valid system types.
# First match some system type aliases that might get confused
# with valid system types.
# -solaris* is a basic system type, with this one exception.
-auroraux)
os=-auroraux
@ -1347,45 +1349,48 @@ case $os in
-solaris)
os=-solaris2
;;
-svr4*)
os=-sysv4
;;
-unixware*)
os=-sysv4.2uw
;;
-gnu/linux*)
os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
;;
# First accept the basic system types.
# es1800 is here to avoid being matched by es* (a different OS)
-es1800*)
os=-ose
;;
# Now accept the basic system types.
# The portable systems comes first.
# Each alternative MUST END IN A *, to match a version number.
# Each alternative MUST end in a * to match a version number.
# -sysv* is not here because it comes later, after sysvr4.
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
| -sym* | -kopensolaris* | -plan9* \
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
| -aos* | -aros* \
| -aos* | -aros* | -cloudabi* | -sortix* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
| -bitrig* | -openbsd* | -solidbsd* \
| -hiux* | -knetbsd* | -mirbsd* | -netbsd* \
| -bitrig* | -openbsd* | -solidbsd* | -libertybsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* | -cegcc* \
| -chorusos* | -chorusrdb* | -cegcc* | -glidix* \
| -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
| -midipix* | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
| -linux-newlib* | -linux-musl* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -morphos* | -superux* | -rtmk* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* | -tirtos*)
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* \
| -onefs* | -tirtos* | -phoenix* | -fuchsia* | -redox* | -bme* \
| -midnightbsd*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1402,12 +1407,12 @@ case $os in
-nto*)
os=`echo $os | sed -e 's|nto|nto-qnx|'`
;;
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
-sim | -xray | -os68k* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* \
| -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
;;
-mac*)
os=`echo $os | sed -e 's|mac|macos|'`
os=`echo "$os" | sed -e 's|mac|macos|'`
;;
-linux-dietlibc)
os=-linux-dietlibc
@ -1416,10 +1421,10 @@ case $os in
os=`echo $os | sed -e 's|linux|linux-gnu|'`
;;
-sunos5*)
os=`echo $os | sed -e 's|sunos5|solaris2|'`
os=`echo "$os" | sed -e 's|sunos5|solaris2|'`
;;
-sunos6*)
os=`echo $os | sed -e 's|sunos6|solaris3|'`
os=`echo "$os" | sed -e 's|sunos6|solaris3|'`
;;
-opened*)
os=-openedition
@ -1430,12 +1435,6 @@ case $os in
-wince*)
os=-wince
;;
-osfrose*)
os=-osfrose
;;
-osf*)
os=-osf
;;
-utek*)
os=-bsd
;;
@ -1460,7 +1459,7 @@ case $os in
-nova*)
os=-rtmk-nova
;;
-ns2 )
-ns2)
os=-nextstep2
;;
-nsk*)
@ -1482,7 +1481,7 @@ case $os in
-oss*)
os=-sysv3
;;
-svr4)
-svr4*)
os=-sysv4
;;
-svr3)
@ -1497,32 +1496,38 @@ case $os in
-ose*)
os=-ose
;;
-es1800*)
os=-ose
;;
-xenix)
os=-xenix
;;
-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
os=-mint
;;
-aros*)
os=-aros
;;
-zvmoe)
os=-zvmoe
;;
-dicos*)
os=-dicos
;;
-pikeos*)
# Until real need of OS specific support for
# particular features comes up, bare metal
# configurations are quite functional.
case $basic_machine in
arm*)
os=-eabi
;;
*)
os=-elf
;;
esac
;;
-nacl*)
;;
-ios)
;;
-none)
;;
*)
# Get rid of the `-' at the beginning of $os.
os=`echo $os | sed 's/[^-]*-//'`
echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
echo Invalid configuration \`"$1"\': system \`"$os"\' not recognized 1>&2
exit 1
;;
esac
@ -1612,12 +1617,12 @@ case $basic_machine in
sparc-* | *-sun)
os=-sunos4.1.1
;;
pru-*)
os=-elf
;;
*-be)
os=-beos
;;
*-haiku)
os=-haiku
;;
*-ibm)
os=-aix
;;
@ -1657,7 +1662,7 @@ case $basic_machine in
m88k-omron*)
os=-luna
;;
*-next )
*-next)
os=-nextstep
;;
*-sequent)
@ -1672,9 +1677,6 @@ case $basic_machine in
i370-*)
os=-mvs
;;
*-next)
os=-nextstep3
;;
*-gould)
os=-sysv
;;
@ -1784,15 +1786,15 @@ case $basic_machine in
vendor=stratus
;;
esac
basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
basic_machine=`echo "$basic_machine" | sed "s/unknown/$vendor/"`
;;
esac
echo $basic_machine$os
echo "$basic_machine$os"
exit
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# eval: (add-hook 'write-file-functions 'time-stamp)
# time-stamp-start: "timestamp='"
# time-stamp-format: "%:y-%02m-%02d"
# time-stamp-end: "'"

854
configure vendored

File diff suppressed because it is too large Load diff

View file

@ -1,11 +1,12 @@
dnl Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
AC_INIT([tinc], [1.0.26])
AC_INIT([tinc], [1.0.36])
AC_CONFIG_SRCDIR([src/tincd.c])
AM_INIT_AUTOMAKE([1.11 check-news std-options subdir-objects nostdinc -Wall])
AM_INIT_AUTOMAKE([1.11 check-news std-options subdir-objects nostdinc silent-rules -Wall])
AC_CONFIG_HEADERS([config.h])
AM_MAINTAINER_MODE
AC_CONFIG_MACRO_DIR([m4])
AM_SILENT_RULES([yes])
# Enable GNU extensions.
# Define this here, not in acconfig's @TOP@ section, since definitions
@ -18,6 +19,8 @@ AC_PROG_CC_C99
AC_PROG_CPP
AC_PROG_INSTALL
AM_PROG_CC_C_O
dnl Check and set OS
AC_CANONICAL_HOST
@ -111,6 +114,17 @@ AC_ARG_WITH(windows2000,
]
)
AC_ARG_WITH(systemd,
AS_HELP_STRING([--with-systemd@<:@=DIR@:>@], [install systemd service files @<:@to DIR if specified@:>@]),
[ systemd=true; systemd_path="$with_systemd" ],
[ systemd=false ]
)
AS_IF([test "x$with_systemd" = "xyes"], [systemd_path="\${libdir}/systemd/system"],
[AS_IF([test "x$with_systemd" = "xno"], [systemd=false])])
AC_SUBST(systemd_path, $systemd_path)
AM_CONDITIONAL(LINUX, test "$linux" = true)
AM_CONDITIONAL(BSD, test "$bsd" = true)
AM_CONDITIONAL(SOLARIS, test "$solaris" = true)
@ -119,6 +133,7 @@ AM_CONDITIONAL(CYGWIN, test "$cygwin" = true)
AM_CONDITIONAL(UML, test "$uml" = true)
AM_CONDITIONAL(VDE, test "$vde" = true)
AM_CONDITIONAL(TUNEMU, test "$tunemu" = true)
AM_CONDITIONAL(WITH_SYSTEMD, test "$systemd" = true)
AC_CACHE_SAVE
@ -132,6 +147,8 @@ fi
dnl Compiler hardening flags
dnl No -fstack-protector-all because it doesn't work on all platforms or architectures.
AX_CFLAGS_WARN_ALL(CFLAGS)
AC_ARG_ENABLE([hardening], AS_HELP_STRING([--disable-hardening], [disable compiler and linker hardening flags]))
AS_IF([test "x$enable_hardening" != "xno"],
[AX_CHECK_COMPILE_FLAG([-DFORTIFY_SOURCE=2], [CPPFLAGS="$CPPFLAGS -DFORTIFY_SOURCE=2"])
@ -157,38 +174,35 @@ dnl Checks for libraries.
dnl Checks for header files.
dnl We do this in multiple stages, because unlike Linux all the other operating systems really suck and don't include their own dependencies.
AC_HEADER_STDC
AC_CHECK_HEADERS([stdbool.h syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h arpa/nameser.h dirent.h])
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h],
[], [], [#include "src/have.h"]
AC_CHECK_HEADERS([syslog.h sys/file.h sys/ioctl.h sys/mman.h sys/param.h sys/resource.h sys/socket.h sys/time.h sys/uio.h sys/wait.h netdb.h arpa/inet.h arpa/nameser.h dirent.h getopt.h])
AC_CHECK_HEADERS([net/if.h net/if_types.h linux/if_tun.h net/if_tun.h net/if_utun.h net/tun/if_tun.h net/if_tap.h net/tap/if_tap.h net/ethernet.h net/if_arp.h netinet/in_systm.h netinet/in.h netinet/in6.h netpacket/packet.h],
[], [], [#include "$srcdir/src/have.h"]
)
AC_CHECK_HEADERS([netinet/if_ether.h netinet/ip.h netinet/ip6.h resolv.h],
[], [], [#include "src/have.h"]
[], [], [#include "$srcdir/src/have.h"]
)
AC_CHECK_HEADERS([netinet/tcp.h netinet/ip_icmp.h netinet/icmp6.h],
[], [], [#include "src/have.h"]
[], [], [#include "$srcdir/src/have.h"]
)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_VOLATILE
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_HEADER_TIME
AC_STRUCT_TM
tinc_ATTRIBUTE(__malloc__)
AC_CHECK_TYPES([socklen_t, struct ether_header, struct arphdr, struct ether_arp, struct in_addr, struct addrinfo, struct ip, struct icmp, struct in6_addr, struct sockaddr_in6, struct ip6_hdr, struct icmp6_hdr, struct nd_neighbor_solicit, struct nd_opt_hdr], , ,
[#include "src/have.h"]
[#include "$srcdir/src/have.h"]
)
dnl Checks for library functions.
AC_TYPE_SIGNAL
AC_CHECK_FUNCS([asprintf daemon fchmod flock ftime fork get_current_dir_name gettimeofday mlockall pselect putenv random select strdup strerror strsignal strtol system unsetenv usleep vsyslog writev],
[], [], [#include "src/have.h"]
AC_CHECK_FUNCS([asprintf daemon fchmod flock fork gettimeofday mlockall pselect putenv strsignal system unsetenv usleep vsyslog devname fdevname],
[], [], [#include "$srcdir/src/have.h"]
)
AC_CHECK_FUNC(getopt_long, [getopt=true; AC_DEFINE(HAVE_GETOPT_LONG, 1, [getopt_long()])], [getopt=false])
AM_CONDITIONAL(GETOPT, test "$getopt" = true)
dnl Support for SunOS
AC_CHECK_FUNC(socket, [], [
@ -199,7 +213,7 @@ AC_CHECK_FUNC(gethostbyname, [], [
])
AC_CHECK_DECLS([freeaddrinfo, gai_strerror, getaddrinfo, getnameinfo],
[], [], [#include "src/have.h"]
[], [], [#include "$srcdir/src/have.h"]
)
AC_CHECK_DECLS([res_init], [AC_CHECK_LIB(resolv, res_init)], [], [
@ -223,6 +237,11 @@ AC_ARG_ENABLE(jumbograms,
]
)
AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile m4/Makefile])
dnl Ensure runstatedir is set if we are using a version of autoconf that does not support it
if test "x$runstatedir" = "x"; then
AC_SUBST([runstatedir], ['${localstatedir}/run'])
fi
AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile systemd/Makefile])
AC_OUTPUT

14
debian/NEWS vendored Normal file
View file

@ -0,0 +1,14 @@
tinc (1.0.27-1) unstable; urgency=medium
This package now provides native systemd service files, allowing multiple
instances of tinc to be managed. Existing networks listed in
/etc/tinc/nets.boot will be converted to service instances once during this
upgrade. Afterwards, you can enable and disable networks using:
systemctl enable tinc@<netname>
systemctl disable tinc@<netname>
If you do not have systemd installed, the SysV init script will continue to
work as usual. For more information, see README.Debian.
-- Guus Sliepen <guus@debian.org> Sun, 10 Apr 2016 01:33:55 +0200

80
debian/README.Debian vendored Normal file
View file

@ -0,0 +1,80 @@
tinc for Debian
---------------
The manual for tinc is also available as info pages, type `info tinc'
to read it.
There are several ways in which tinc may be automatically started at boot:
Systemd
-------
Since 1.0.27-1, the tinc package comes with native systemd service files.
To enable and start a net, call:
systemctl enable tinc@<netname>
systemctl start tinc@<netname>
This will cause a tincd to be started which uses the configuration from
/etc/tinc/<netname>, and also makes sure that it will be started next time your
system boots.
Apart from controlling individual instances, you can also start/stop/reload all
enabled instances simultaneously by omitting @<netname>, for example:
systemctl reload tinc
Note that when you have systemd installed on your system, the file
/etc/tinc/nets.boot will not be used anymore to automatically start tinc
daemons. If the variable EXTRA is defined in /etc/default/tinc, it will be
passed on to tinc. The variable LIMITS is however not used.
The service files that come with this package start tinc unconditionally.
However, tinc does support socket activation. If you wish to write a socket
unit for tinc, use the ListenStream option to specify on which port(s) and
address(es) tinc should listen.
SysVinit
--------
The system startup script for tinc, /etc/init.d/tinc, uses the file
/etc/tinc/nets.boot to find out which networks have to be started. Use one
netname per line. Lines starting with a # are ignored.
/etc/network/interfaces
-----------------------
You can create a stanza in /etc/network/interfaces, and add a line with
"tinc-net <netname>". This will cause a tincd to be started which uses the
configuration from /etc/tinc/<netname>. You can use an inet static (with
address and netmask options) or inet dhcp stanza, in which case the ifup will
configure the VPN interface and you do not need to have a tinc-up script.
The following options are also recognized and map directly to the corresponding
command line options for tincd:
tinc-config <directory>
tinc-debug <level>
tinc-mlock yes
tinc-logfile <filename>
tinc-pidfile <filename>
tinc-chroot yes
tinc-user <username>
An example stanza:
iface vpn inet static
address 192.168.2.42
netmask 255.255.0.0
tinc-net myvpn
tinc-debug 1
tinc-mlock yes
tinc-user nobody
tinc-pidfile /tmp/tinc.pid
This will start a tinc daemon that reads its configuration from
/etc/tinc/myvpn, logs at debug level 1, locks itself in RAM, runs as user
nobody, and creates a network interface called "vpn". Ifup then sets the
address and netmask on that interface.
-- Guus Sliepen <guus@debian.org>, Sun, 10 April 2016, 01:38:08 +0200

685
debian/changelog vendored Normal file
View file

@ -0,0 +1,685 @@
tinc (1.0.36-2) unstable; urgency=medium
* Disable support for libvdeplug. Closes: #973233
-- Guus Sliepen <guus@debian.org> Sun, 22 Nov 2020 10:40:27 +0100
tinc (1.0.36-1) unstable; urgency=medium
* New upstream version 1.0.36
* Add Vcs tags to debian/control.
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Mon, 26 Aug 2019 14:17:21 +0200
tinc (1.0.35-2) unstable; urgency=medium
* Bump Standards-Version and Build-Depend on debhelper-compat (= 12).
* Remove calls to dh_installinit and dh_systemd_start from debian/rules,
compat level 12 does the right thing by default.
* Ensure we clean up doc/tinc.info.
-- Guus Sliepen <guus@debian.org> Mon, 28 Jan 2019 21:54:45 +0100
tinc (1.0.35-1) unstable; urgency=medium
* New upstream release.
- Includes fixes for CVE-2018-16737, CVE-2018-16738, CVE-2018-16758.
-- Guus Sliepen <guus@debian.org> Mon, 08 Oct 2018 16:09:06 +0200
tinc (1.0.34-1) unstable; urgency=medium
[ Guus Sliepen ]
* New upstream release.
- Fixes a potential segmentation fault when connecting to an IPv6
peer via a proxy. Closes: #887401
* Add support for the $EXTRA variable in /etc/default/tinc when using
systemd. Closes: #887116
[ Benda Xu ]
* Prevent possible incorrect IPv6 checksums due to function inlining.
Closes: #891400
-- Guus Sliepen <guus@debian.org> Tue, 12 Jun 2018 23:00:49 +0200
tinc (1.0.33-1) unstable; urgency=medium
* New upstream release.
* Test for /etc/default/tinc before trying to source it. Closes: #777262
* Use --runstatedir=/run.
-- Guus Sliepen <guus@debian.org> Sat, 04 Nov 2017 16:22:06 +0100
tinc (1.0.32-1) unstable; urgency=medium
* New upstream release.
* Add a note to new nets.boot files that it is not used with systemd.
Closes: #841052
* In the post-down script, read the pid file only once. Closes: #832784
* Explicitly use /bin/sleep from coreutils. Closes: #772379
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Tue, 05 Sep 2017 20:23:36 +0200
tinc (1.0.31-1) unstable; urgency=medium
* New upstream release.
* Bump Standards-Version.
* Bump debian/compat.
* Add missing Depends: lsb-base.
-- Guus Sliepen <guus@debian.org> Sun, 15 Jan 2017 16:20:40 +0100
tinc (1.0.29-2) unstable; urgency=medium
* Rebuild with libssl-dev from unstable.
-- Guus Sliepen <guus@debian.org> Thu, 27 Oct 2016 13:09:46 +0200
tinc (1.0.29-1) unstable; urgency=medium
* New upstream release.
* Bump debian/compat.
-- Guus Sliepen <guus@debian.org> Mon, 10 Oct 2016 22:30:25 +0200
tinc (1.0.28-1) unstable; urgency=medium
* New upstream release.
- Fixes FTBFS on kfreebsd.
* Systemd service files are now provided by upstream.
-- Guus Sliepen <guus@debian.org> Sun, 10 Apr 2016 15:44:28 +0200
tinc (1.0.27-2) unstable; urgency=medium
* Fix tinc@.service.
-- Guus Sliepen <guus@debian.org> Sun, 10 Apr 2016 12:45:33 +0200
tinc (1.0.27-1) unstable; urgency=medium
* New upstream release.
* Bump Standards-Version.
* Add native systemd unit files.
* Automatically convert networks listed in nets.boot to systemd service
instances on upgrade.
-- Guus Sliepen <guus@debian.org> Sun, 10 Apr 2016 01:39:16 +0200
tinc (1.0.26-1) unstable; urgency=medium
* New upstream release.
* Use the contents, not the presence, of the pidfile to check that tincd is
shut down properly. Closes: #774682
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Sun, 05 Jul 2015 17:23:08 +0200
tinc (1.0.24-2) unstable; urgency=medium
* Improve the init script: stopping tinc now waits for the process to
terminate. If that doesn't happen in 5 seconds, it will send the TERM
signal again (which helps if tinc is waiting for a script to finish
executing). It now also detects whether the process mentioned in the PID
file is actually running, and if not it will exit early and without
warnings. Closes: #748107
-- Guus Sliepen <guus@debian.org> Wed, 14 May 2014 21:44:16 +0200
tinc (1.0.24-1) unstable; urgency=medium
[ Guus Sliepen ]
* New upstream release
* Add a debian/watch file.
* Bump Standards-Version.
[ Gian Piero Carrubba ]
* Allow resource limits to be set in /etc/default/tinc.
Closes: #690685, #704702
-- Guus Sliepen <guus@debian.org> Sun, 11 May 2014 21:17:13 +0200
tinc (1.0.23-2) unstable; urgency=low
* Use if-statements instead of && in shell scripts. Closes: #731279
The && operator does not clear the error status, and if the next statement
in a shell script does not change the error status it would cause the
script to prematurely exit. Thanks to Peter Reinholdtsen for spotting it.
* Use absolute path to tincd in the if-post-down script.
-- Guus Sliepen <guus@debian.org> Thu, 05 Dec 2013 09:41:13 +0000
tinc (1.0.23-1) unstable; urgency=low
* New upstream release.
-- Guus Sliepen <guus@debian.org> Sat, 19 Oct 2013 21:06:05 +0200
tinc (1.0.22-1) unstable; urgency=low
* New upstream release.
- Handles whitespace between command line flags and optional arguments.
Closes: #710267
* Bump Standards-Version.
* Source /lib/lsb/init-functions in the init.d script.
* Don't use texi2html anymore, use automake's install-html target which uses
makeinfo.
-- Guus Sliepen <guus@debian.org> Wed, 14 Aug 2013 15:34:29 +0200
tinc (1.0.21-1) unstable; urgency=low
* New upstream release.
- Includes fix for CVE-2013-1428.
-- Guus Sliepen <guus@debian.org> Sun, 05 May 2013 10:42:33 +0200
tinc (1.0.19-3) unstable; urgency=high
* Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
-- Guus Sliepen <guus@debian.org> Fri, 12 Apr 2013 22:52:10 +0200
tinc (1.0.19-2) unstable; urgency=low
* Fix behaviour of tinc-pidfile. Closes: #679130
* Enable parallel building in debian/rules.
-- Guus Sliepen <guus@debian.org> Tue, 26 Jun 2012 18:28:34 +0200
tinc (1.0.19-1) unstable; urgency=low
* New upstream release.
* Bump debian/compat so tinc gets built with hardening flags.
* Allow tinc-pidfile in /etc/network/interfaces.
-- Guus Sliepen <guus@debian.org> Mon, 25 Jun 2012 20:29:22 +0200
tinc (1.0.18-1) unstable; urgency=low
* New upstream release.
-- Guus Sliepen <guus@debian.org> Sun, 25 Mar 2012 18:52:15 +0200
tinc (1.0.17-1) unstable; urgency=low
* New upstream release.
* Enable support for UML and VDE.
-- Guus Sliepen <guus@debian.org> Sat, 10 Mar 2012 14:50:00 +0100
tinc (1.0.16-1) unstable; urgency=low
* New upstream release.
* Mention alarm option in /etc/init.d/tinc's usage information.
Closes: #631761
-- Guus Sliepen <guus@debian.org> Sat, 23 Jul 2011 14:37:56 +0200
tinc (1.0.15-1) unstable; urgency=low
* New upstream release.
* Send SIGALRM to running tinc daemons whenever an interface is brought up
with the ifupdown framework. Based on a patch from Joachim Breitner.
Closes: #629880
* Allow tinc daemons to be started using ifupdown.
-- Guus Sliepen <guus@debian.org> Fri, 24 Jun 2011 18:21:51 +0200
tinc (1.0.14-1) unstable; urgency=low
* New upstream release.
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Mon, 09 May 2011 00:25:37 +0200
tinc (1.0.13-1) unstable; urgency=low
* New upstream release.
-- Guus Sliepen <guus@debian.org> Tue, 13 Apr 2010 12:06:36 +0200
tinc (1.0.12-2) unstable; urgency=low
* Remove debconf questions. Closes: #572116
Apparently debconf may not be used to ask a question at install time and
use the answer at upgrade time. Instead of kludging around this
restriction, no questions are asked anymore, and tinc will now always be
restarted when upgrading.
* Wait up to 5 seconds for tinc daemon to stop before restarting it.
-- Guus Sliepen <guus@debian.org> Tue, 02 Mar 2010 14:01:36 +0100
tinc (1.0.12-1) unstable; urgency=low
* New upstream release.
* Bump Standards-Version.
* Migrate from CDBS to debhelper.
* Convert source package to 3.0 (quilt) format.
* Remove useless tinc.modules.
* Use init.d script from Michael Tokarev, allowing per-network arguments to
tincd.
* Remove update-rc.d calls from postinst and postrm.
* Let the init.d script depend on $remote_fs.
-- Guus Sliepen <guus@debian.org> Thu, 04 Feb 2010 00:56:45 +0100
tinc (1.0.11-1) unstable; urgency=low
* New upstream release.
* Cope with texi2html arbitrarily changing its output directory.
Closes: #552927
* Do not stop tinc when configuring a new version, just restart after
the upgrade.
-- Guus Sliepen <guus@debian.org> Sun, 01 Nov 2009 20:37:16 +0100
tinc (1.0.10-1) unstable; urgency=low
* New upstream release.
* Include Russian debconf translation. Closes: #548759
-- Guus Sliepen <guus@debian.org> Sun, 18 Oct 2009 16:31:49 +0200
tinc (1.0.9-1) unstable; urgency=low
* New upstream release.
- Binds IPv6 sockets only to IPv6. Closes: #440150
* Update copyright file. Closes: #482566
-- Guus Sliepen <guus@debian.org> Fri, 26 Dec 2008 13:25:05 +0100
tinc (1.0.8-2) unstable; urgency=low
* Include Portugese debconf translation. Closes: #434191
-- Guus Sliepen <guus@debian.org> Tue, 14 Aug 2007 13:50:27 +0200
tinc (1.0.8-1) unstable; urgency=low
* New upstream release. Closes: #173987
* Include german debconf translation. Closes: #412351
* Build-Depend on texinfo. Closes: #424209
-- Guus Sliepen <guus@debian.org> Wed, 16 May 2007 17:59:16 +0200
tinc (1.0.7-1) unstable; urgency=low
* New upstream release.
-- Guus Sliepen <guus@debian.org> Fri, 5 Jan 2007 15:55:42 +0100
tinc (1.0.6-1) unstable; urgency=low
* New upstream release.
-- Guus Sliepen <guus@debian.org> Mon, 18 Dec 2006 15:41:03 +0100
tinc (1.0.5-1) unstable; urgency=low
* New upstream release. Closes: #391610
* Add an LSB section to the init script.
-- Guus Sliepen <guus@debian.org> Tue, 14 Nov 2006 16:32:20 +0100
tinc (1.0.4-4) unstable; urgency=low
* Include swedish debconf translation. Closes: #332963
* Remove nets.boot on purge. Closes: #333303
-- Guus Sliepen <guus@debian.org> Mon, 17 Oct 2005 12:34:32 +0200
tinc (1.0.4-3) unstable; urgency=low
* Depend on debconf | debconf-2.0.
* Include vietnamese debconf translation. Closes: #322305
* Include japanese debconf translation. Closes: #319591
-- Guus Sliepen <guus@debian.org> Thu, 29 Sep 2005 11:15:34 +0200
tinc (1.0.4-2) unstable; urgency=low
* Compensate for change in texinfo's output directory. Closes: #318562
* Include Czech translation of the debconf questions. Closes: #312982
-- Guus Sliepen <guus@debian.org> Sat, 16 Jul 2005 11:42:04 +0200
tinc (1.0.4-1) unstable; urgency=low
* New upstream release. Closes: #294819
* Update french translation of debconf template. Closes: #293371, #296148
* Allow dashes in nets.boot. Closes: #296281
-- Guus Sliepen <guus@debian.org> Wed, 4 May 2005 21:56:22 +0200
tinc (1.0.3-4) unstable; urgency=low
* Call debconf early in postinst so it won't get confused by output
from other commands in the postinst script. Closes: #292920
* If MAKEDEV doesn't know about net/tun, fall back to tun.
-- Guus Sliepen <guus@debian.org> Mon, 31 Jan 2005 13:27:16 +0100
tinc (1.0.3-3) unstable; urgency=low
* Fix clean rule in debian/rules.
-- Guus Sliepen <guus@debian.org> Thu, 27 Jan 2005 23:16:59 +0000
tinc (1.0.3-2) unstable; urgency=low
* Don't check for /dev/tap* in postinst if we don't create them anyway.
* MAKEDEV expects net/tun instead of tun.
* Don't ask if /dev/net/tun should be created, just do it.
Closes: #259489, #292450
* Move $EXTRA from init.d/tinc to /etc/default/tinc. Closes: #281366
-- Guus Sliepen <guus@debian.org> Thu, 27 Jan 2005 14:10:02 +0100
tinc (1.0.3-1) unstable; urgency=low
* New upstream release.
* Adopting the package from Ivo.
* Use invoke-rc.d, and tell user to do so as well. Closes: #223276
* Let force-reload do the same thing as reload. Closes: #230180
-- Guus Sliepen <guus@debian.org> Fri, 1 Oct 2004 21:04:14 +0200
tinc (1.0.2-2) unstable; urgency=low
* debian/control: Oops, really make that automake1.7.
-- Ivo Timmermans <ivo@debian.org> Sat, 8 Nov 2003 21:53:04 +0100
tinc (1.0.2-1) unstable; urgency=low
* New upstream release:
* Fix broken replies to CHAL_RESP. (Closes: #217646)
* debian/control: Updated automake build dependency to automake1.7.
(Closes: #219360)
-- Ivo Timmermans <ivo@debian.org> Sat, 8 Nov 2003 19:56:04 +0100
tinc (1.0.1-2) unstable; urgency=low
* debian/dirs: Removed, moved contents to tinc.dirs.
(Closes: #208591)
* debian/docs: Renamed to tinc.docs.
* debian/rules: Install the contents of doc/sample-config.tar.gz in
/usr/share/doc/tinc/examples instead of /etc/tinc.
* debian/Makefile*: Removed.
-- Ivo Timmermans <ivo@debian.org> Wed, 10 Sep 2003 12:19:32 +0200
tinc (1.0.1-1) unstable; urgency=low
* New upstream release.
* debian/patches/001_openbsd_device.c.patch: Removed.
-- Ivo Timmermans <ivo@debian.org> Thu, 14 Aug 2003 17:03:28 +0200
tinc (1.0release-1) unstable; urgency=low
* New upstream version. (Closes: #204639)
* Fixes switching back to normal logging mode when killing with
SIGINT twice. (Closes: #175633)
* Uses one SSL context struct for each connection, speeding up
encrypting/decrypting data; don't throw away out of sequence
packets. (Closes: #188874)
* Fixes handling of broadcast messages. (Closes: #175632)
* debian/rules: Use cdbs.
* debian/control: Build-Depend on cdbs, liblzo-dev.
* debian/patches/001_openbsd_device.c.patch: Sync openbsd/device.c to
latest CVS version.
-- Ivo Timmermans <ivo@debian.org> Sun, 10 Aug 2003 16:13:29 +0200
tinc (1.0pre8-6) unstable; urgency=low
* debian/po/fr.po: Added French debconf translation. (Closes: #201803)
-- Ivo Timmermans <ivo@debian.org> Fri, 18 Jul 2003 10:03:20 +0200
tinc (1.0pre8-5) unstable; urgency=low
* debian/*: Change to po-debconf, thanks to From: Michel Grentzinger
<mic.grentz@online.fr> for the patch:
- change debhelper dependency to 4.1.16 (according to man
po-debconf),
- manually add nl translation in old tinc.templates (master),
- run debconf-gettextize debian/tinc.templates,
- move old templates files (debian/tinc.templates.*),
- change construction "If you say no" to "If you refuse",
* debian/rules: Call po2debconf.
* debian/rules: Don't copy COPYING.README to the package.
* debian/control: Update Standards-Version.
* debian/conffiles: Removed.
* debian/postinst: No longer use mknod directly, use MAKEDEV.
-- Ivo Timmermans <ivo@debian.org> Tue, 15 Jul 2003 20:13:47 +0200
tinc (1.0pre8-4) unstable; urgency=low
* src/net.h, src/net_packet.c, src/net_setup.c: Apply fix from CVS
for OpenSSL-related memory leaks. (Closes: #189432)
-- Ivo Timmermans <ivo@debian.org> Mon, 5 May 2003 15:00:29 +0200
tinc (1.0pre8-3) unstable; urgency=low
* m4/openssl.m4: Updated to CVS version. (Closes: #184400)
-- Ivo Timmermans <ivo@debian.org> Thu, 13 Mar 2003 17:24:42 +0100
tinc (1.0pre8-2) unstable; urgency=low
* debian/postinst: Create /dev/net/tun if it doesn't exist.
* debian/tinc.modules: Add alias for /dev/net/tun.
* debian/rules: Install tinc.modules.
* These things together: (Closes: #151967, #153156)
-- Ivo Timmermans <ivo@debian.org> Wed, 13 Nov 2002 22:45:38 +0100
tinc (1.0pre8-1) unstable; urgency=low
* New upstream version.
* debian/rules:
- DEB_BUILD_OPTIONS support.
- Enable --enable-tracing by default.
-- Ivo Timmermans <ivo@debian.org> Tue, 17 Sep 2002 13:50:44 +0200
tinc (1.0pre7-3) unstable; urgency=low
* Properly install _all_ info pages. (Closes: #144718)
-- Ivo Timmermans <ivo@debian.org> Wed, 29 May 2002 14:01:21 +0200
tinc (1.0pre7-2) unstable; urgency=low
* Dutch translation wasn't being installed.
-- Ivo Timmermans <ivo@debian.org> Thu, 11 Apr 2002 09:26:14 +0200
tinc (1.0pre7-1) unstable; urgency=medium
* New upstream release.
-- Ivo Timmermans <ivo@debian.org> Tue, 9 Apr 2002 16:04:46 +0200
tinc (1.0pre6-3) unstable; urgency=medium
* Synched with upstream CVS.
* Added build dependency on zlib1g-dev. (Closes: #141705)
-- Ivo Timmermans <ivo@debian.org> Mon, 8 Apr 2002 21:19:31 +0200
tinc (1.0pre6-2) unstable; urgency=low
* The Section was non-US again, so changed it back to main/net.
-- Ivo Timmermans <ivo@debian.org> Thu, 28 Mar 2002 07:26:10 +0100
tinc (1.0pre6-1) unstable; urgency=low
* New upstream release.
* Fixed text in debian/copyright
-- Ivo Timmermans <ivo@debian.org> Wed, 27 Mar 2002 23:10:07 +0100
tinc (1.0pre5-4) unstable; urgency=low
* Added a debconf question for restarting on upgrade.
* Added reload option to init.d, start with EXTRA='-d' default.
* Moved from non-US to main.
* Install example configuration files.
* The HTML documentation wasn't installed; fixed.
-- Ivo Timmermans <ivo@debian.org> Tue, 26 Mar 2002 20:14:19 +0100
tinc (1.0pre5-3) unstable; urgency=low
* Config variables are now treated case sentitivly again.
* Added a forgotten xstrdup.
-- Ivo Timmermans <ivo@debian.org> Fri, 15 Feb 2002 12:35:17 +0100
tinc (1.0pre5-2) unstable; urgency=low
* MaxTimeout accidentally wasn't configurable. (Closes: #119653)
-- Ivo Timmermans <ivo@debian.org> Wed, 13 Feb 2002 13:36:54 +0100
tinc (1.0pre5-1) unstable; urgency=low
* New upstream version. (Closes: #119653)
* Init script redone in sh.
-- Ivo Timmermans <ivo@debian.org> Sun, 10 Feb 2002 16:39:53 +0100
tinc (1.0pre4-1.cvs010621.6) unstable; urgency=low
* Somehow po-Makefile.in.in.diff got lost, readded. (Closes: #119157)
-- Ivo Timmermans <ivo@debian.org> Thu, 15 Nov 2001 17:00:03 +0100
tinc (1.0pre4-1.cvs010621.5) unstable; urgency=low
* Fix a typo in postinst that let it MAKEDEV even on devfs.
(Closes: #116034)
-- Ivo Timmermans <ivo@debian.org> Thu, 18 Oct 2001 09:35:16 +0200
tinc (1.0pre4-1.cvs010621.4) unstable; urgency=low
* Ask before creating the device files. (Closes: #111099)
* Add a section to the info file.
-- Ivo Timmermans <ivo@debian.org> Fri, 12 Oct 2001 20:47:09 +0200
tinc (1.0pre4-1.cvs010621.3) unstable; urgency=low
* Build and install html documentation. (Closes: #106843)
* Remove build-time dependency on libc6-dev.
-- Ivo Timmermans <ivo@debian.org> Mon, 30 Jul 2001 22:03:52 +0200
tinc (1.0pre4-1.cvs010621.2) unstable; urgency=low
* Changed location of the pidfile. (Closes: #102798)
-- Ivo Timmermans <ivo@debian.org> Sun, 1 Jul 2001 01:57:43 +0200
tinc (1.0pre4-1.cvs010621.1) unstable; urgency=low
* New upstream version. (Closes: #98730)
* Rebuilding automatically inserted new config.{sub|guess}.
(Closes: #98165)
* Updated Standards-Version.
* Don't include a sample configuration file.
-- Ivo Timmermans <ivo@debian.org> Thu, 21 Jun 2001 14:08:49 +0200
tinc (1.0pre3-5) unstable; urgency=low
* Fixed an error in the init script that prevented tinc from
starting correctly.
-- Ivo Timmermans <ivo@debian.org> Thu, 8 Feb 2001 02:45:09 +0100
tinc (1.0pre3-4) unstable; urgency=low
* Change build-depends for OpenSSL to libssl096-dev
(Closes: #84197, #84873).
-- Ivo Timmermans <ivo@debian.org> Sun, 4 Feb 2001 22:43:22 +0100
tinc (1.0pre3-3) unstable; urgency=low
* Set architecture to any (really this time!) (Closes: #80451).
* Section set to non-US
-- Ivo Timmermans <ivo@debian.org> Tue, 23 Jan 2001 22:52:53 +0100
tinc (1.0pre3-2) unstable; urgency=low
* Set architecture to any (Closes: #80451).
* Added tinc.modules with some useful module aliases.
-- Ivo Timmermans <ivo@debian.org> Sat, 13 Jan 2001 16:10:57 +0100
tinc (1.0pre3-1) unstable; urgency=low
* New upstream version (1.0pre3) (Closes: #71274).
* Better Depends and Build-Depends lines.
* Dropped dependencies on libgmp, added libssl.
* doc-base.tinc: New file.
* Deleted the file shlibs, as there on longer is a libblowfish.
* Patch po/Makefile.in.in from po-Makefile.in.in.diff if necessary.
* Use dh_perl to get accurate perl dependencies.
-- Ivo Timmermans <ivo@debian.org> Thu, 9 Nov 2000 21:58:40 +0100
tinc (1.0pre2-1.1) unstable; urgency=low
* NMU at Ivo's request as his application is being processed, and his
sponsor is based in the US.
-- J.H.M. Dassen (Ray) <jdassen@debian.org> Wed, 28 Jun 2000 21:52:30 +0200
tinc (1.0pre2-1) unstable; urgency=low
* postinst creates a file /etc/tinc/nets.boot, containing all networks
to be started upon system startup;
* init.d script starts all networks from that list.
* postinst script creates tap devices.
-- Ivo Timmermans <itimmermans@bigfoot.com> Tue, 16 May 2000 00:06:25 +0200
tinc (1.0pre1-0.4) unstable; urgency=low
* postinst script.
-- Ivo Timmermans <itimmermans@bigfoot.com> Mon, 15 May 2000 19:22:05 +0200
tinc (1.0pre1-0.3) unstable; urgency=low
* system startup script.
-- Ivo Timmermans <itimmermans@bigfoot.com> Sun, 14 May 2000 22:58:02 +0200
tinc (1.0pre1-0.2) unstable; urgency=low
* Included the blowfish license.
-- Ivo Timmermans <itimmermans@bigfoot.com> Fri, 21 Apr 2000 17:07:50 +0200
tinc (1.0pre1-0.1) unstable; urgency=low
* Initial Release.
-- Ivo Timmermans <itimmermans@bigfoot.com> Fri, 21 Apr 2000 17:07:50 +0200

20
debian/control vendored Normal file
View file

@ -0,0 +1,20 @@
Source: tinc
Section: net
Priority: optional
Maintainer: Guus Sliepen <guus@debian.org>
Standards-Version: 4.4.0
Build-Depends: libssl-dev, debhelper-compat (= 12), gettext, texinfo, zlib1g-dev, liblzo2-dev
Homepage: http://www.tinc-vpn.org/
Vcs-Browser: https://salsa.debian.org/guus/tinc
Vcs-Git: https://salsa.debian.org/guus/tinc.git
Rules-Requires-Root: no
Package: tinc
Architecture: any
Pre-Depends: ${misc:Pre-Depends}
Depends: ${shlibs:Depends}, ${misc:Depends}, lsb-base (>= 3.0-6)
Description: Virtual Private Network daemon
tinc is a daemon with which you can create a virtual private network
(VPN). One daemon can handle multiple connections, so you can
create an entire (moderately sized) VPN with only one daemon per
participating computer.

34
debian/copyright vendored Normal file
View file

@ -0,0 +1,34 @@
This package was debianized by Ivo Timmermans <ivo@debian.org> on
Fri, 21 Apr 2000 17:07:50 +0200.
It was downloaded from http://www.tinc-vpn.org/
Upstream Authors:
Guus Sliepen <guus@tinc-vpn.org>
Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans
1998-2008 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
On Debian GNU/Linux systems, the complete text of the GNU General Public
License version 2 can be found in /usr/share/common-licenses/GPL-2.
The following applies to tinc:
This program is released under the GPL with the additional exemption
that compiling, linking, and/or using OpenSSL is allowed. You may
provide binary packages linked to the OpenSSL libraries, provided that
all other requirements of the GPL are met.
The following applies to the LZO library:
Hereby I grant a special exception to the tinc VPN project
(http://tinc.nl.linux.org/) to link the LZO library with the OpenSSL library
(http://www.openssl.org).
Markus F.X.J. Oberhumer

10
debian/doc-base.tinc vendored Normal file
View file

@ -0,0 +1,10 @@
Document: tinc
Title: tinc Manual
Author: Ivo Timmermans, Guus Sliepen
Abstract: This manual describes how to set up a Virtual Private
Network with tinc.
Section: System/Security
Format: HTML
Files: /usr/share/doc/tinc/tinc.html/*
Index: /usr/share/doc/tinc/tinc.html/index.html

1
debian/info vendored Normal file
View file

@ -0,0 +1 @@
doc/tinc.info

View file

@ -0,0 +1,65 @@
Package: tinc
Version: 1.0.33-1
Severity: important
Dear Guus,
I have been using tinc since 2009 and it is great!
When PMTUDiscovery=yes and Mode=switch, and if ipv6 is used inside
tinc, the ICMPv6 "Packet Too Big" packets have incorrect checksums.
It can be reproduced by `ping6 <host in tinc> -s 1800` and `tcpdump -i
<tinc interface>`. Consequently, the host ignores the tinc-generated
ICMPv6 packets, PMTUDiscovery does not work and the connections freeze
when data flows are big.
I find the bug is gone if the function "inet_checksum" in route.c is
not inlined, either by compiling tinc with "-O2
-fno-inline-functions", or apply a patch such as,
diff --git a/src/route.c b/src/route.c
index ff82c06e..cd55383a 100644
--- a/src/route.c
+++ b/src/route.c
@@ -60,7 +60,7 @@ static const size_t opt_size = sizeof(struct nd_opt_hdr);
/* RFC 1071 */
-static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
+__attribute__ ((noinline)) static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
uint16_t *p = data;
uint32_t checksum = prevsum ^ 0xFFFF;
I have tested with gcc-7.3.0 and gcc-5.4.0. They behaved the same. I
am not good at assembly to find out what really happened, but it is
for sure that inet_checksum does not work as expected if compiled
inline.
Thanks!
Yours,
Benda
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages tinc depends on:
ii libc6 2.26-2
ii liblzo2-2 2.08-1.2+b2
ii libssl1.1 1.1.0g-2
ii lsb-base 9.20170808
ii zlib1g 1:1.2.8.dfsg-5
tinc recommends no packages.
tinc suggests no packages.

2
debian/patches/series vendored Normal file
View file

@ -0,0 +1,2 @@
fix-incorrect-icmpv6-checksum
support-etc-defaults-tinc

View file

@ -0,0 +1,12 @@
--- a/systemd/tinc@.service.in
+++ b/systemd/tinc@.service.in
@@ -9,7 +9,8 @@
[Service]
Type=simple
WorkingDirectory=@sysconfdir@/tinc/%i
-ExecStart=@sbindir@/tincd -n %i -D
+EnvironmentFile=/etc/default/tinc
+ExecStart=@sbindir@/tincd -n %i -D $EXTRA
ExecReload=@sbindir@/tincd -n %i -kHUP
KillMode=mixed
Restart=on-failure

31
debian/postinst vendored Normal file
View file

@ -0,0 +1,31 @@
#! /bin/sh
NETSFILE="/etc/tinc/nets.boot"
set -e
case "$1" in
configure)
if [ ! -e /dev/.devfsd ] ; then if [ ! -e /dev/.devfs ] ; then
if [ ! -e /dev/net/tun ] ; then if [ ! -e /dev/tun ] ; then if [ -e /dev/MAKEDEV ]; then
echo "Creating tun device..."
cd /dev && ./MAKEDEV net/tun 2>/dev/null || ./MAKEDEV tun 2>/dev/null || echo "Failed to create tun device."
fi; fi; fi
fi; fi
if [ ! -e $NETSFILE ] ; then
echo "## This file contains all names of the networks to be started on system startup when using sysvinit." > $NETSFILE
echo "## If you are using systemd, use systemctl enable tinc@netname to enable individual networks." >> $NETSFILE
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 0
;;
esac
#DEBHELPER#

9
debian/postrm vendored Normal file
View file

@ -0,0 +1,9 @@
#!/bin/sh
set -e
if [ "$1" = purge ]; then
rm -f /etc/tinc/nets.boot
fi
#DEBHELPER#

28
debian/preinst vendored Normal file
View file

@ -0,0 +1,28 @@
#!/bin/sh
NETSFILE="/etc/tinc/nets.boot"
SYSTEM="/lib/systemd/system"
WANTS="/etc/systemd/system/multi-user.target.wants"
set -e
case "$1" in
upgrade)
if dpkg --compare-versions "$2" '<<' "1.0.27-1"; then
if [ -f "$NETSFILE" ]; then
echo -n "Creating systemd service instances from nets.boot:"
mkdir -p "$WANTS"
egrep '^[ ]*[a-zA-Z0-9_-]+' $NETSFILE | while read net args; do
echo -n " $net"
ln -s "$SYSTEM/tinc@.service" "$WANTS/tinc@$net.service" 2>/dev/null || true
done
echo "."
fi
fi
;;
*)
;;
esac
#DEBHELPER#

16
debian/rules vendored Executable file
View file

@ -0,0 +1,16 @@
#!/usr/bin/make -f
%:
dh $@
override_dh_clean:
dh_clean
rm -f doc/tinc.info
override_dh_auto_configure:
dh_auto_configure -- --enable-uml --with-systemd=/lib/systemd/system --runstatedir=/run
override_dh_auto_install:
dh_auto_install -- install-html
# Remove info dir file
rm -f debian/tinc/usr/share/info/dir

1
debian/source/format vendored Normal file
View file

@ -0,0 +1 @@
3.0 (quilt)

7
debian/tinc.default vendored Normal file
View file

@ -0,0 +1,7 @@
# Extra options to be passed to tincd.
# EXTRA="-d"
# Limits to be configured for the tincd process. Please read your shell
# (pointed by /bin/sh) documentation for ulimit. You probably want to raise the
# max locked memory value if using both --mlock and --user flags.
# LIMITS="-l 1024"

7
debian/tinc.dirs vendored Normal file
View file

@ -0,0 +1,7 @@
usr/sbin
usr/share
etc
etc/init.d
usr/share/locale
usr/share/doc/tinc
etc/tinc

3
debian/tinc.docs vendored Normal file
View file

@ -0,0 +1,3 @@
NEWS
README
AUTHORS

6
debian/tinc.files vendored Normal file
View file

@ -0,0 +1,6 @@
usr/sbin/tincd
usr/share/man
etc
usr/share/doc/tinc
usr/share/locale
usr/share/info

41
debian/tinc.if-post-down vendored Executable file
View file

@ -0,0 +1,41 @@
#!/bin/sh
set -e
if [ "$METHOD" = loopback -o -z "$IF_TINC_NET" ]; then
exit 0
fi
# Determine location of the PID file
EXTRA=""
if [ -n "$IF_TINC_PIDFILE" ]; then
EXTRA="--pidfile=$IF_TINC_PIDFILE"
else
IF_TINC_PIDFILE=/var/run/tinc.$IF_TINC_NET.pid
fi
# Stop the tinc daemon
read pid rest < $IF_TINC_PIDFILE 2>/dev/null
/usr/sbin/tincd -n "$IF_TINC_NET" -k $EXTRA
# Wait for it to shut down properly
/bin/sleep 0.1
i=0;
while [ -f $IF_TINC_PIDFILE ] ; do
if [ ! -e "/proc/$pid" ] ; then
exit 0
fi
if [ $i = '30' ] ; then
echo 'Failed to stop tinc daemon!'
exit 1
fi
/bin/sleep 0.1
i=$(($i+1))
done
exit 0

70
debian/tinc.if-pre-up vendored Executable file
View file

@ -0,0 +1,70 @@
#!/bin/sh
set -e
if [ "$METHOD" = loopback -o -z "$IF_TINC_NET" ]; then
exit 0
fi
# Read options from /etc/default
[ -r /etc/default/tinc ] && . /etc/default/tinc
# Set process limits
setlimits() {
while [ $# -gt 0 ]; do
parm=$1 ; shift
if [ -n "$1" -a "${1#-}" = "$1" ]; then
value=$1 ; shift
ulimit $parm $value
else
ulimit $parm
fi
done
}
test -n "$LIMITS" && setlimits $LIMITS
# Read options from /etc/network/interfaces
[ -n "$IF_TINC_CONFIG" ] && EXTRA="$EXTRA -c $IF_TINC_CONFIG"
[ -n "$IF_TINC_DEBUG" ] && EXTRA="$EXTRA -d$IF_TINC_DEBUG"
[ -n "$IF_TINC_MLOCK" ] && EXTRA="$EXTRA --mlock"
[ -n "$IF_TINC_LOGFILE" ] && EXTRA="$EXTRA --logfile=$IF_TINC_LOGFILE"
[ -n "$IF_TINC_PIDFILE" ] && EXTRA="$EXTRA --pidfile=$IF_TINC_PIDFILE" || IF_TINC_PIDFILE=/var/run/tinc.$IF_TINC_NET.pid
[ -n "$IF_TINC_CHROOT" ] && EXTRA="$EXTRA --chroot"
[ -n "$IF_TINC_USER" ] && EXTRA="$EXTRA --user=$IF_TINC_USER"
# Start tinc daemon
/usr/sbin/tincd -n "$IF_TINC_NET" -o "Interface=$IFACE" $EXTRA
# Wait for it to come up properly
/bin/sleep 0.1
i=0;
while [ ! -f $IF_TINC_PIDFILE ] ; do
if [ $i = '30' ] ; then
echo 'Failed to start tinc daemon!'
exit 1
fi
/bin/sleep 0.1
i=$(($i+1))
done
while read pid rest < $IF_TINC_PIDFILE ; do
if [ -e "/proc/$pid" ] ; then
exit 0
fi
if [ $i = '30' ] ; then
echo 'Failed to start tinc daemon!'
exit 1
fi
/bin/sleep 0.1
i=$(($i+1))
done
exit 0

9
debian/tinc.if-up vendored Executable file
View file

@ -0,0 +1,9 @@
#!/bin/sh
set -e
if [ "$METHOD" = loopback -o -n "$IF_TINC_NET" ]; then
exit 0
fi
invoke-rc.d tinc alarm || exit 0

140
debian/tinc.init vendored Normal file
View file

@ -0,0 +1,140 @@
#! /bin/sh
#
### BEGIN INIT INFO
# Provides: tinc
# Required-Start: $remote_fs $network
# Required-Stop: $remote_fs $network
# Should-Start: $syslog $named
# Should-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start tinc daemons
# Description: Create a file $NETSFILE (/etc/tinc/nets.boot),
# and put all the names of the networks in there.
# These names must be valid directory names under
# $TCONF (/etc/tinc). Lines starting with a # will be
# ignored in this file.
### END INIT INFO
#
# Based on Lubomir Bulej's Redhat init script.
. /lib/lsb/init-functions
DAEMON="/usr/sbin/tincd"
NAME="tinc"
DESC="tinc daemons"
TCONF="/etc/tinc"
NETSFILE="$TCONF/nets.boot"
NETS=""
test -f $DAEMON || exit 0
[ -r /etc/default/tinc ] && . /etc/default/tinc
# foreach_net "what-to-say" action [arguments...]
foreach_net() {
if [ ! -f $NETSFILE ] ; then
echo "Please create $NETSFILE."
exit 0
fi
echo -n "$1"
shift
egrep '^[ ]*[a-zA-Z0-9_-]+' $NETSFILE | while read net args; do
echo -n " $net"
"$@" $net $args
done
echo "."
}
signal_running() {
for i in /var/run/tinc.*pid; do
if [ -f "$i" ]; then
head -1 $i | while read pid; do
kill -$1 $pid
done
fi
done
}
setlimits() {
while [ $# -gt 0 ]; do
parm=$1 ; shift
if [ -n "$1" -a "${1#-}" = "$1" ]; then
value=$1 ; shift
ulimit $parm $value
else
ulimit $parm
fi
done
}
test -n "$LIMITS" && setlimits $LIMITS
start() {
$DAEMON $EXTRA -n "$@"
}
stop() {
[ -f /var/run/tinc.$1.pid ] || return
read pid rest </var/run/tinc.$1.pid || return
kill -0 "$pid" 2>/dev/null || return
$DAEMON -n $1 -k || return
i=0;
/bin/sleep 0.5
# Wait for the pidfile to disappear
while [ -f /var/run/tinc.$1.pid ]; do
# And check that there is an actual process running
kill -0 "$pid" 2>/dev/null || return
if [ $i = '10' ] ; then
# It's still alive, kill it again and give up
$DAEMON -n $1 -k && /bin/sleep 0.5
break
else
echo -n "."
i=$(($i+1))
fi
/bin/sleep 0.5
done
}
reload() {
$DAEMON -n $1 -kHUP
}
alarm() {
$DAEMON -n $1 -kALRM
}
restart() {
stop "$@"
start "$@"
}
case "$1" in
start)
foreach_net "Starting $DESC:" start
;;
stop)
foreach_net "Stopping $DESC:" stop
;;
reload|force-reload)
foreach_net "Reloading $DESC configuration:" reload
;;
restart)
foreach_net "Restarting $DESC:" restart
;;
alarm)
signal_running ALRM
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|reload|restart|force-reload|alarm}"
exit 1
;;
esac
exit 0

70
debian/upstream/signing-key.asc vendored Normal file
View file

@ -0,0 +1,70 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBEVZzTABEADawFv/ibQ48uA1eRhL07vdM36Pcq2HDyuyNA+vYEalNH4jLmha
nGPvDALWwX0DXIWDAG8zeTj8s8zliLIjuPS4WRI2YdKIvWeG9fEvpKSXVWa42ica
dpzn/H2aBd4Ax6rQaiTXKOvxANAp2Veb+73ssPV5AL00uGTpzhh98xQzfFQCZ9ZL
YSVPqbMed5oCt/4jM9FBO2CuBtkfiO0dVVYtW7FAVjcIlE2NaZol/KGvz7wsS+yA
dE42W0l5MdQueLmTF4AIUSSTyPFGMQoyqh+MPif73Y589IGcW6GdfKYWnVDo6Trh
HOhcEky+uTYKb6NL0vrJgUiYVMzAOXFDdJni1eQGO6EfZRNYtTga3alWq/jVelK7
BID5JyNbkrTAqdPnhJGivVyk8gGX3+Hng8rkXTfWhp6yAYau1QfBm0F2tIQmpL1C
+7DoLvFErboQf685jXJBjzyvsJxB2ZLH1OOw6mNL0hy2LFkIyGza/bktY2em4apo
KWV5AM5LpyW6THH1oDS7706xFNkf4IFhKE0hKPzBiRnMDjRtMI131lkc5+P8Lqf5
jLTCFUgbEhU6Dz2YjhHAumVm0NWJETUpFDtVvMrqk+mp5xldUOWRNlYQC5aQOyda
eHOlNzB/BFbPhKMWI/zWlEH6f0t6WjHb4iwpWO47511aVNHF59aPzbAHxwARAQAB
tC9UaW5jIERldmVsb3BtZW50IFRlYW0gPHRpbmMtZGV2ZWxAdGluYy12cG4ub3Jn
PokCNgQTAQIAIAUCRVnNMAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEEpg
hLnA1x9KxOAQAMPhO2WTXv9AaGQBQhyyoGseKoSfcRjtI9YEfE0OInQQ2E+SPYF/
dkfeLGAUqa4foTYQlMqfw70vBhTdVCb7HLTGn6/ICFUtDwakUQCgUQGlUVQiondA
8W6jj+QWrh5BQhHuXy2nCVaKnksu0/xQPsJotghxuYqaot3iJ4qVw9iT/Yeo9irH
Ffftqu0OVCdQ5zQuFNI9YCv/C83L59ecH7bOzYz2efTyobvxrhmgQtgOQwCWOE09
Kr3veM9KLG33YoXlqv8QN/3CwtsJvSwfhj+R2JowZC7RqHe/yznRzmRMsgbrolxi
uiJLonGxcNNkD7WhXi7/zL4A/JaC27XrFf1MPLv8aiTwnOIfrXd5jawpauUOZOXK
UjIZHlIqviB0r5s7A+AFeHW38Tp9VzNuQ7aEl5bHbSXV+s7DTAwGb279z0AVaJ3h
5hWFxupw7UoGdzROwCBYzeX3sioAL6QvkXua8X6zOH45VEiSwrRX3Hlx/MLo7Z4g
PWgFLf6WviHQXCG834To1XIwUk9RgNsL7OzGjtaCuRymADImKMNwierq2zTfoRFQ
v9onIadIMF1fsc70hiBG9yAi36MEuk4VxG8Jc3PQQfSFm4RWazv1k3E0AAIob2Ek
DLVjvLO62Navo/OQ6D7yyiX0qes5S7/k3F1h8+87eRn3yxZE2kbxPg8KuQENBEVZ
zYYBCACoYgExmMKEtABL3pir/IXI4exR/45hkP6txFIrkVQb8DGJ9H39kiDr4gtj
F+pvcgMpec35S3m4fJ7WhDNvbDB4ZvONc1NMKs9cqDXfB+TLWPm4W+SkcKUrs+nK
i8l7ieggTALJcvRoLTX2EFmUFrD6y870W3rK2SfC/0VJX8Ou5cPbwCeueExjo5x0
3gNfu0jWUS0cyA9y+1rVVekrLuJY/+SI4jv3gdzrYbxD0f6dpbpC37QHoJdd0KGF
acPtT2azjY+HxW10EA3Aw9oZWFXnb1nFg2RbDpkaGLmLbaXweltLyw154UmCXxym
PXPqi9bSfEkj0GiYrapk4mW114u9ABEBAAGJA0QEGAECAA8FAkVZzYcCGwIFCQHh
M4ABKQkQSmCEucDXH0rAXSAEGQECAAYFAkVZzYcACgkQ017duBDeLmmu3wf/TFZM
tLKxiyQPtGSTE3eULPdWCEMDZXdSPTY0QHM7Zvh+qn1ei+iFpD0549MYnBEAwDIV
4o62Nrcg8IPu0CEkZIAn2JiFFGYvMGk91awZGV1GS3umd7Dt349E1oKDPZVzRn+j
QIKarXxxabRmx2s/dZZgSs/eguWTboBFmvls9tVfe8x/xPvcHFmqHVUoGKEJy6Tm
no+s4yNjpc5wAaRml+GYf1tK9WMFuZn79qKxkYv4WI96dXR0FL59YbFRkkaI+1/b
G31MvWTqVjY1nJGslByFPUUB8Ca1djtp1gx6NXnOYr3V5MEDfdbjjPu79No+/y6M
tIua5yNtSRlk2nKhIqo3D/sGQ/uHijiMRAtoLhiyqYMc9W9vx/KOoCUHoMJqE39a
Eputvgwwo0rwgSmNfB1dzneFojBdJ47WBSHC8NKtkpJj6mzvvlaI9jmEpK54x3nl
OmBj3X/xaepoRGAtrmgTBP4A9hSjrTMGu/tUQjlX+Xcr6n3g7GSVe5FpUyIMPXEU
+JZDTiEUyn1OdzfNGmnWP+KJX5pQVq4czf5XK6otLZJELDVw/Hbjnjmdz5WOKgEH
jSof3WPeMBgPAcd/cMAZeiGtWM1UpJBHqEXTkthmrpmtRftJKDbooNM9d5OwKiT+
I3vNBv/plMSr8NDjhTWC+ihrN6RBj1vaqpDgGpucPhoO2hwNqWuI4q5WUKtCyw6J
An7ErNaH4c0nVaZq6kJ8Vxdt+LpKYmOsJ8y9xtl6StcrkKNn+6ZfCfee7DEo2bvb
scfpqJqqOqb5KOagTpYs8mo6yQ3leRvFtoeBOQHVQzct23EwOMxbDyeunT50a1eH
MZTEWuIiuCUudM81QXU46oIcaAtj8tpG0Tmnku9g27EjwxUt+8kVmhlPHMb2TdoF
k5d0ce+JuxIG5+i+t8sUCorMc8zfp4g1bxZeMOcPnfyO3bSW11EVcN7ZxHlFC+XE
YOByP50CM3P8lItPlQ+WpY9kYWjiwu9kVPaGQ16G47nspngJInU5dhka3KJGtIZe
q7kBDQRFWc3GAQgAz/JUs24niKsd0ZtOjUWd4R4y0gjS0kC/vvLL2gbXYkA9tcjG
5iEvVWJY34QsudX0v1ULsVnJ89X/gsk8hAhAia1TQm+0Qq+MSxEaQkMSaOO8N70U
XzgH1dielvpea20WO4MyWQuRIJ0K2nsGmEPnt6ZP7fK8HVHFNggP/mQ6LMu1reAF
gvb8cEtjb9B5QaCUEoLjsbsuo+vLW7AWy4GfIRNESHw2Qt08AUaGrihpu6zi7N2b
QkHHJtqa63GzYJ+kYzAVvrFJXdwL/TRXLBzv+6yyvYSIHi8uB6/o6CZN6hpjfpME
ph+oYPqXeNOyMd1E9Kg8ymcPrNyQKfE3WnCRXQARAQABiQIlBBgBAgAPBQJFWc3H
AhsMBQkB4TOAAAoJEEpghLnA1x9KXYMP/3D9JYti6C8DWuX2hWv+2SUbLcMa5u1e
ETewIo5S3mqGWSaxX4YLPVRkZ1lOLmFysOLimf0thYm7IsatLcWmBdYUpK92ilvr
Sk2sKlhrOoBXEX/79Kz+Aj5PjeyiQxgQ7Ba/afwhU6aTqs2Dp1T0YNu2eBvV+1QH
lZnW2Wh96zzwc0dJUuY9eBk5Fgpu08Wce7o6jxFPtVyAaQa0zcNAmw2TSY7wbunJ
WTl9OgATAyqVCuhWW7AnPcSqkH8lQigSc00wfqJKOD2Us0FqN6UKDCZTyQkdP6hx
G+3aUkkvGSOxy7u9bVWmrikuJMoiIY/CH/m+GcJJATVibI7t5MhhtBGySKc3PAwc
58sVe9AnbDvs84efrNP59j2KG2KKqcqjTGAmKyJnG3N50xJGakDIsqfneIRNWpEE
pOOPaOqR4qnPAS9OSt9A3hqBpWPjQcScd6AuO+J2PE5y23pTnb9PtLBQb5e4VFiv
N54u8j4bU2CO0SC2isZ3CR68dPHthWsxt4XbjhgktjbpQRQ8L2EDBQ8oE13GOrOw
P8x4Q0eC5uzkXNyRqzKOsxlZEuc+75aDDd3M2GDw08FG7GI1p/L+NgenwT+9TmFX
2hOKVrjgyx+fPut1t5DJJubDWXGOK33qvrL7HTCEv1zz7LNbbPwwNHK4lfMAWuJW
D9wc3Y9Se/P/
=5MAs
-----END PGP PUBLIC KEY BLOCK-----

2
debian/watch vendored Normal file
View file

@ -0,0 +1,2 @@
version=3
opts=pgpsigurlmangle=s/$/.sig/ http://www.tinc-vpn.org/packages/tinc-(1\.0\.\d+)\.tar\.gz

10
depcomp
View file

@ -1,9 +1,9 @@
#! /bin/sh
# depcomp - compile a program generating dependencies as side-effects
scriptversion=2013-05-30.07; # UTC
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2013 Free Software Foundation, Inc.
# Copyright (C) 1999-2020 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@ -16,7 +16,7 @@ scriptversion=2013-05-30.07; # UTC
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -783,9 +783,9 @@ exit 0
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp)
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

View file

@ -1,46 +1,35 @@
## Process this file with automake to get Makefile.in
info_TEXINFOS = tinc.texi
tinc_TEXINFOS = tincinclude.texi
man_MANS = tincd.8 tinc.conf.5
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config
CLEANFILES = *.html tincd.8 tinc.conf.5 tincinclude.texi
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; @program_transform_name@
# For additional rules usually of interest only to the maintainer,
# see GNUmakefile and Makefile.maint.
sample-config.tar.gz: sample-config
GZIP=$(GZIP_ENV) $(AMTAR) chozf sample-config.tar.gz --exclude .svn sample-config
texi2html: tinc.texi
texi2html -split=chapter tinc.texi
$(AM_V_GEN)texi2html -split=chapter $<
tincd.8.html: tincd.8
w3mman2html $< > $@
$(AM_V_GEN)w3mman2html $< > $@
tinc.conf.5.html: tinc.conf.5
w3mman2html $< > $@
$(AM_V_GEN)w3mman2html $< > $@
substitute = sed \
-e s,'@PACKAGE\@',"$(PACKAGE)",g \
-e s,'@VERSION\@',"$(VERSION)",g \
-e s,'@sysconfdir\@',"$(sysconfdir)",g \
-e s,'@runstatedir\@',"$(runstatedir)",g \
-e s,'@localstatedir\@',"$(localstatedir)",g
tincd.8: tincd.8.in
$(substitute) tincd.8.in > tincd.8
tincd.8: $(srcdir)/tincd.8.in
$(AM_V_GEN)$(substitute) $(srcdir)/tincd.8.in > $@
tinc.conf.5: tinc.conf.5.in
$(substitute) tinc.conf.5.in > tinc.conf.5
tinc.conf.5: $(srcdir)/tinc.conf.5.in
$(AM_V_GEN)$(substitute) $(srcdir)/tinc.conf.5.in > $@
tincinclude.texi: tincinclude.texi.in
$(substitute) tincinclude.texi.in > tincinclude.texi
tinc.texi: tincinclude.texi
tincinclude.texi: $(srcdir)/tincinclude.texi.in
$(AM_V_GEN)$(substitute) $(srcdir)/tincinclude.texi.in > $@

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.14.1 from Makefile.am.
# Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2013 Free Software Foundation, Inc.
# Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -14,7 +14,17 @@
@SET_MAKE@
VPATH = @srcdir@
am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@ -68,6 +78,7 @@ install_sh_DATA = $(install_sh) -c -m 644
install_sh_PROGRAM = $(install_sh) -c
install_sh_SCRIPT = $(install_sh) -c
INSTALL_HEADER = $(INSTALL_DATA)
transform = $(program_transform_name)
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
@ -77,15 +88,18 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = doc
DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am texinfo.tex
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/ax_append_flag.m4 \
$(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_check_compile_flag.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/zlib.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@ -183,12 +197,8 @@ man8dir = $(mandir)/man8
NROFF = nroff
MANS = $(man_MANS)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
am__DIST_COMMON = $(srcdir)/Makefile.in $(tinc_TEXINFOS) texinfo.tex
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
# to install before applying any user-specified name transformations.
transform = s/ginstall/install/; @program_transform_name@
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
@ -219,7 +229,6 @@ LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
@ -277,29 +286,33 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
systemd_path = @systemd_path@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
info_TEXINFOS = tinc.texi
tinc_TEXINFOS = tincinclude.texi
man_MANS = tincd.8 tinc.conf.5
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config
CLEANFILES = *.html tincd.8 tinc.conf.5 tincinclude.texi
substitute = sed \
-e s,'@PACKAGE\@',"$(PACKAGE)",g \
-e s,'@VERSION\@',"$(VERSION)",g \
-e s,'@sysconfdir\@',"$(sysconfdir)",g \
-e s,'@runstatedir\@',"$(runstatedir)",g \
-e s,'@localstatedir\@',"$(localstatedir)",g
all: all-am
.SUFFIXES:
.SUFFIXES: .dvi .html .info .pdf .ps .texi
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@ -311,22 +324,21 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu doc/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
@ -373,10 +385,10 @@ $(am__aclocal_m4_deps):
else \
rm -rf $(@:.html=.htp); exit 1; \
fi
$(srcdir)/tinc.info: tinc.texi
tinc.dvi: tinc.texi
tinc.pdf: tinc.texi
tinc.html: tinc.texi
$(srcdir)/tinc.info: tinc.texi $(tinc_TEXINFOS)
tinc.dvi: tinc.texi $(tinc_TEXINFOS)
tinc.pdf: tinc.texi $(tinc_TEXINFOS)
tinc.html: tinc.texi $(tinc_TEXINFOS)
.dvi.ps:
$(AM_V_DVIPS)TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \
$(DVIPS) $(AM_V_texinfo) -o $@ $<
@ -563,7 +575,10 @@ ctags CTAGS:
cscope cscopelist:
distdir: $(DISTFILES)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
@ -812,32 +827,26 @@ uninstall-man: uninstall-man5 uninstall-man8
uninstall-html-am uninstall-info-am uninstall-man \
uninstall-man5 uninstall-man8 uninstall-pdf-am uninstall-ps-am
.PRECIOUS: Makefile
# For additional rules usually of interest only to the maintainer,
# see GNUmakefile and Makefile.maint.
sample-config.tar.gz: sample-config
GZIP=$(GZIP_ENV) $(AMTAR) chozf sample-config.tar.gz --exclude .svn sample-config
texi2html: tinc.texi
texi2html -split=chapter tinc.texi
$(AM_V_GEN)texi2html -split=chapter $<
tincd.8.html: tincd.8
w3mman2html $< > $@
$(AM_V_GEN)w3mman2html $< > $@
tinc.conf.5.html: tinc.conf.5
w3mman2html $< > $@
$(AM_V_GEN)w3mman2html $< > $@
tincd.8: tincd.8.in
$(substitute) tincd.8.in > tincd.8
tincd.8: $(srcdir)/tincd.8.in
$(AM_V_GEN)$(substitute) $(srcdir)/tincd.8.in > $@
tinc.conf.5: tinc.conf.5.in
$(substitute) tinc.conf.5.in > tinc.conf.5
tinc.conf.5: $(srcdir)/tinc.conf.5.in
$(AM_V_GEN)$(substitute) $(srcdir)/tinc.conf.5.in > $@
tincinclude.texi: tincinclude.texi.in
$(substitute) tincinclude.texi.in > tincinclude.texi
tinc.texi: tincinclude.texi
tincinclude.texi: $(srcdir)/tincinclude.texi.in
$(AM_V_GEN)$(substitute) $(srcdir)/tincinclude.texi.in > $@
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.

Binary file not shown.

View file

@ -0,0 +1,15 @@
# Sample host configuration file
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.234.35.67
# Portnumber for incoming connections. Default is 655.
Port = 655
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.1.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

View file

@ -0,0 +1,16 @@
# Sample host configuration file
# This file was generated by host beta.
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.45.67.189
# Portnumber for incoming connections. Default is 655.
Port = 6500
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.2.0/24
# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----

View file

@ -0,0 +1 @@
# Generate this file with `tincd -n example -K`

View file

@ -0,0 +1,4 @@
#!/bin/sh
# This file closes down the tap device.
ifconfig $INTERFACE down

11
doc/sample-config/tinc-up Normal file
View file

@ -0,0 +1,11 @@
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# The environment variable $INTERFACE is set to the right name
# on most platforms, but if it doesn't work try to set it manually.
# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0

View file

@ -0,0 +1,22 @@
# Sample tinc configuration file
# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The name of this tinc host. Required.
Name = alpha
# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
ConnectTo = beta
# The tap device tinc will use.
# /dev/tap0 for ethertap, FreeBSD or OpenBSD
# /dev/tun0 for Solaris
# /dev/net/tun for Linux tun/tap
Device = /dev/net/tun

File diff suppressed because it is too large Load diff

View file

@ -1,4 +1,4 @@
.Dd 2014-05-11
.Dd 2016-10-29
.Dt TINC.CONF 5
.\" Manual page created by:
.\" Ivo Timmermans
@ -54,7 +54,7 @@ But it is highly recommended that you use this feature of
because it will be so much clearer whom your daemon talks to.
Hence, we will assume that you use it.
.Sh NAMES
Each tinc daemon should have a name that is unique in the network which it will be part of.
Each tinc daemon must have a name that is unique in the network which it will be part of.
The name will be used by other tinc daemons for identification.
The name has to be declared in the
.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc.conf
@ -222,7 +222,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
Create a UNIX socket with the filename specified by
.Va Device ,
or
.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
.Pa @runstatedir@/ Ns Ar NETNAME Ns Pa .umlsocket
if not specified.
.Nm tinc
will wait for a User Mode Linux instance to connect to this socket.
@ -231,7 +231,7 @@ Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
.Va Device ,
or
.Pa @localstatedir@/run/vde.ctl
.Pa @runstatedir@/vde.ctl
if not specified.
.El
Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
@ -250,6 +250,10 @@ Tinc will expect packets read from the virtual network device
to start with a four byte header containing the address family,
followed by an IP header.
This mode should support both IPv4 and IPv6 packets.
.It utun Pq OS X
Set type to utun.
This is only supported on OS X version 10.6.8 and higher, but doesn't require the tuntaposx module.
This mode should support both IPv4 and IPv6 packets.
.It tap Pq BSD and Linux
Set type to tap.
Tinc will expect packets read from the virtual network device
@ -362,7 +366,7 @@ If
.Va Name
is
.Li $HOST ,
but no such environment variable exist, the hostname will be read using the gethostnname() system call.
but no such environment variable exist, the hostname will be read using the gethostname() system call.
.It Va PingInterval Li = Ar seconds Pq 60
The number of seconds of inactivity that
.Nm tinc
@ -464,9 +468,9 @@ Multiple
.Va Address
variables can be specified, in which case each address will be tried until a working
connection has been established.
.It Va Cipher Li = Ar cipher Pq blowfish
.It Va Cipher Li = Ar cipher Pq aes-256-cbc
The symmetric cipher algorithm used to encrypt UDP packets.
Any cipher supported by OpenSSL is recognised.
Any cipher supported by LibreSSL or OpenSSL is recognised.
Furthermore, specifying
.Qq none
will turn off packet encryption.
@ -479,9 +483,9 @@ Fragmentation Needed or Packet too Big messages are dropped by firewalls.
This option sets the level of compression used for UDP packets.
Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib),
10 (fast lzo) and 11 (best lzo).
.It Va Digest Li = Ar digest Pq sha1
.It Va Digest Li = Ar digest Pq sha256
The digest algorithm used to authenticate UDP packets.
Any digest supported by OpenSSL is recognised.
Any digest supported by LibreSSL or OpenSSL is recognised.
Furthermore, specifying
.Qq none
will turn off packet authentication.
@ -556,7 +560,15 @@ UDP is possible or not.
.Sh SCRIPTS
Apart from reading the server and host configuration files,
tinc can also run scripts at certain moments.
Under Windows (not Cygwin), the scripts should have the extension
Below is a list of filenames of scripts and a description of when they are run.
A script is only run if it exists and if it is executable.
.Pp
Scripts are run synchronously;
this means that tinc will temporarily stop processing packets until the called script finishes executing.
This guarantees that scripts will execute in the exact same order as the events that trigger them.
If you need to run commands asynchronously, you have to ensure yourself that they are being run in the background.
.Pp
Under Windows (not Cygwin), the scripts must have the extension
.Pa .bat .
.Bl -tag -width indent
.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-up
@ -564,6 +576,7 @@ This is the most important script.
If it is present it will be executed right after the tinc daemon has been started and has connected to the virtual network device.
It should be used to set up the corresponding network interface,
but can also be used to start other things.
.Pp
Under Windows you can use the Network Connections control panel instead of creating this script.
.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-down
This script is started right before the tinc daemon quits.
@ -644,7 +657,7 @@ its connection to the virtual network device.
.El
.Sh SEE ALSO
.Xr tincd 8 ,
.Pa http://www.tinc-vpn.org/ ,
.Pa https://www.tinc-vpn.org/ ,
.Pa http://www.tldp.org/LDP/nag2/ .
.Pp
The full documentation for

View file

@ -1,14 +1,14 @@
This is tinc.info, produced by makeinfo version 5.2 from tinc.texi.
This is tinc.info, produced by makeinfo version 6.7 from tinc.texi.
INFO-DIR-SECTION Networking tools
START-INFO-DIR-ENTRY
* tinc: (tinc). The tinc Manual.
END-INFO-DIR-ENTRY
This is the info manual for tinc version 1.0.25, a Virtual Private
This is the info manual for tinc version 1.0.36, a Virtual Private
Network daemon.
Copyright (C) 1998-2014 Ivo Timmermans, Guus Sliepen
Copyright (C) 1998-2019 Ivo Timmermans, Guus Sliepen
<guus@tinc-vpn.org> and Wessel Dankers <wsl@tinc-vpn.org>.
Permission is granted to make and distribute verbatim copies of this
@ -117,10 +117,10 @@ for both the receiving and sending end, it has become largely
runtime-configurable--in short, it has become a full-fledged
professional package.
Tinc also allows more than two sites to connect to eachother and form
a single VPN. Traditionally VPNs are created by making tunnels, which
only have two endpoints. Larger VPNs with more sites are created by
adding more tunnels. Tinc takes another approach: only endpoints are
Tinc also allows more than two sites to connect to each other and
form a single VPN. Traditionally VPNs are created by making tunnels,
which only have two endpoints. Larger VPNs with more sites are created
by adding more tunnels. Tinc takes another approach: only endpoints are
specified, the software itself will take care of creating the tunnels.
This allows for easier configuration and improved scalability.
@ -147,7 +147,7 @@ will most likely compile and run, but it will not be able to send or
receive data packets.
For an up to date list of supported platforms, please check the list
on our website: <http://www.tinc-vpn.org/platforms/>.
on our website: <https://www.tinc-vpn.org/platforms/>.

File: tinc.info, Node: Preparations, Next: Installation, Prev: Introduction, Up: Top
@ -219,12 +219,8 @@ File: tinc.info, Node: Configuration of OpenBSD kernels, Next: Configuration o
2.1.3 Configuration of OpenBSD kernels
--------------------------------------
For OpenBSD version 2.9 and higher, the tun driver is included in the
default kernel configuration. There is also a kernel patch from
<http://diehard.n-r-g.com/stuff/openbsd/> which adds a tap device to
OpenBSD which should work with tinc, but with recent versions of
OpenBSD, a tun device can act as a tap device by setting the link0
option with ifconfig.
Recent versions of OpenBSD come with both tun and tap devices enabled in
the default kernel configuration.

File: tinc.info, Node: Configuration of NetBSD kernels, Next: Configuration of Solaris kernels, Prev: Configuration of OpenBSD kernels, Up: Configuring the kernel
@ -247,7 +243,7 @@ For Solaris 8 (SunOS 5.8) and higher, the tun driver may or may not be
included in the default kernel configuration. If it isn't, the source
can be downloaded from <http://vtun.sourceforge.net/tun/>. For x86 and
sparc64 architectures, precompiled versions can be found at
<http://www.monkey.org/~dugsong/fragroute/>. If the 'net/if_tun.h'
<https://www.monkey.org/~dugsong/fragroute/>. If the 'net/if_tun.h'
header file is missing, install it from the source package.

@ -257,10 +253,16 @@ File: tinc.info, Node: Configuration of Darwin (Mac OS X) kernels, Next: Confi
------------------------------------------------
Tinc on Darwin relies on a tunnel driver for its data acquisition from
the kernel. Tinc supports either the driver from
the kernel. OS X version 10.6.8 and later have a built-in tun driver
called "utun". Tinc also supports the driver from
<http://tuntaposx.sourceforge.net/>, which supports both tun and tap
style devices.
By default, tinc expects the tuntaposx driver to be installed. To
use the utun driver, set add 'Device = utunX' to 'tinc.conf', where X is
the desired number for the utun interface. You can also omit the
number, in which case the first free number will be chosen.

File: tinc.info, Node: Configuration of Windows, Prev: Configuration of Darwin (Mac OS X) kernels, Up: Configuring the kernel
@ -268,7 +270,8 @@ File: tinc.info, Node: Configuration of Windows, Prev: Configuration of Darwin
------------------------------
You will need to install the latest TAP-Win32 driver from OpenVPN. You
can download it from <http://openvpn.sourceforge.net>. Using the
can download it from
<https://openvpn.net/index.php/open-source/downloads.html>. Using the
Network Connections control panel, configure the TAP-Win32 network
interface in the same way as you would do from the tinc-up script, as
explained in the rest of the documentation.
@ -279,25 +282,25 @@ File: tinc.info, Node: Libraries, Prev: Configuring the kernel, Up: Preparati
2.2 Libraries
=============
Before you can configure or build tinc, you need to have the OpenSSL,
zlib and lzo libraries installed on your system. If you try to
Before you can configure or build tinc, you need to have the LibreSSL or
OpenSSL, zlib and lzo libraries installed on your system. If you try to
configure tinc without having them installed, configure will give you an
error message, and stop.
* Menu:
* OpenSSL::
* LibreSSL/OpenSSL::
* zlib::
* lzo::

File: tinc.info, Node: OpenSSL, Next: zlib, Up: Libraries
File: tinc.info, Node: LibreSSL/OpenSSL, Next: zlib, Up: Libraries
2.2.1 OpenSSL
-------------
2.2.1 LibreSSL/OpenSSL
----------------------
For all cryptography-related functions, tinc uses the functions provided
by the OpenSSL library.
by the LibreSSL or the OpenSSL library.
If this library is not installed, you will get an error when
configuring tinc for build. Support for running tinc with other
@ -307,19 +310,22 @@ cryptographic libraries installed _may_ be added in the future.
if available. Make sure you install the development AND runtime
versions of this package.
If you have to install OpenSSL manually, you can get the source code
from <http://www.openssl.org/>. Instructions on how to configure, build
and install this package are included within the package. Please make
sure you build development and runtime libraries (which is the default).
If your operating system comes neither with LibreSSL or OpenSSL, you
have to install one manually. It is recommended that you get the latest
version of LibreSSL from <http://www.libressl.org/>. Instructions on
how to configure, build and install this package are included within the
package. Please make sure you build development and runtime libraries
(which is the default).
If you installed the OpenSSL libraries from source, it may be
necessary to let configure know where they are, by passing configure one
of the -with-openssl-* parameters.
If you installed the LibreSSL or OpenSSL libraries from source, it
may be necessary to let configure know where they are, by passing
configure one of the -with-openssl-* parameters. Note that you even
have to use -with-openssl-* if you are using LibreSSL.
--with-openssl=DIR OpenSSL library and headers prefix
--with-openssl-include=DIR OpenSSL headers directory
--with-openssl=DIR LibreSSL/OpenSSL library and headers prefix
--with-openssl-include=DIR LibreSSL/OpenSSL headers directory
(Default is OPENSSL_DIR/include)
--with-openssl-lib=DIR OpenSSL library directory
--with-openssl-lib=DIR LibreSSL/OpenSSL library directory
(Default is OPENSSL_DIR/lib)
License
@ -328,7 +334,7 @@ License
The complete source code of tinc is covered by the GNU GPL version 2.
Since the license under which OpenSSL is distributed is not directly
compatible with the terms of the GNU GPL
<http://www.openssl.org/support/faq.html#LEGAL2>, we include an
<https://www.openssl.org/support/faq.html#LEGAL2>, we include an
exemption to the GPL (see also the file COPYING.README) to allow
everyone to create a statically or dynamically linked executable:
@ -341,13 +347,13 @@ everyone to create a statically or dynamically linked executable:
also present the following exemption:
Hereby I grant a special exception to the tinc VPN project
(http://www.tinc-vpn.org/) to link the LZO library with the OpenSSL
library (http://www.openssl.org).
(https://www.tinc-vpn.org/) to link the LZO library with the
OpenSSL library (https://www.openssl.org).
Markus F.X.J. Oberhumer

File: tinc.info, Node: zlib, Next: lzo, Prev: OpenSSL, Up: Libraries
File: tinc.info, Node: zlib, Next: lzo, Prev: LibreSSL/OpenSSL, Up: Libraries
2.2.2 zlib
----------
@ -367,10 +373,9 @@ if available. Make sure you install the development AND runtime
versions of this package.
If you have to install zlib manually, you can get the source code
from <http://www.gzip.org/zlib/>. Instructions on how to configure,
build and install this package are included within the package. Please
make sure you build development and runtime libraries (which is the
default).
from <https://zlib.net/>. Instructions on how to configure, build and
install this package are included within the package. Please make sure
you build development and runtime libraries (which is the default).

File: tinc.info, Node: lzo, Prev: zlib, Up: Libraries
@ -392,7 +397,7 @@ if available. Make sure you install the development AND runtime
versions of this package.
If you have to install lzo manually, you can get the source code from
<http://www.oberhumer.com/opensource/lzo/>. Instructions on how to
<https://www.oberhumer.com/opensource/lzo/>. Instructions on how to
configure, build and install this package are included within the
package. Please make sure you build development and runtime libraries
(which is the default).
@ -410,9 +415,7 @@ startup scripts and sample configurations.
If you cannot use one of the precompiled packages, or you want to
compile tinc for yourself, you can use the source. The source is
distributed under the GNU General Public License (GPL). Download the
source from the download page (http://www.tinc-vpn.org/download/), which
has the checksums of these files listed; you may wish to check these
with md5sum before continuing.
source from the download page (https://www.tinc-vpn.org/download/).
Tinc comes in a convenient autoconf/automake package, which you can
just treat the same as any other package. Which is just untar it, type
@ -450,13 +453,13 @@ File: tinc.info, Node: Darwin (Mac OS X) build environment, Next: Cygwin (Wind
3.1.1 Darwin (Mac OS X) build environment
-----------------------------------------
In order to build tinc on Darwin, you need to install the Mac OS X
Developer Tools from <http://developer.apple.com/tools/macosxtools.html>
and preferably a recent version of Fink from
<http://www.finkproject.org/>.
In order to build tinc on Darwin, you need to install Xcode from
<https://developer.apple.com/xcode/>. It might also help to install a
recent version of Fink from <http://www.finkproject.org/>.
After installation use fink to download and install the following
packages: autoconf25, automake, dlcompat, m4, openssl, zlib and lzo.
You need to download and install LibreSSL (or OpenSSL) and LZO,
either directly from their websites (see *note Libraries::) or using
Fink.

File: tinc.info, Node: Cygwin (Windows) build environment, Next: MinGW (Windows) build environment, Prev: Darwin (Mac OS X) build environment, Up: Building and installing tinc
@ -465,7 +468,7 @@ File: tinc.info, Node: Cygwin (Windows) build environment, Next: MinGW (Window
----------------------------------------
If Cygwin hasn't already been installed, install it directly from
<http://www.cygwin.com/>.
<https://www.cygwin.com/>.
When tinc is compiled in a Cygwin environment, it can only be run in
this environment, but all programs, including those started outside the
@ -479,7 +482,8 @@ File: tinc.info, Node: MinGW (Windows) build environment, Prev: Cygwin (Window
---------------------------------------
You will need to install the MinGW environment from
<http://www.mingw.org>.
<http://www.mingw.org>. You also need to download and install LibreSSL
(or OpenSSL) and LZO.
When tinc is compiled using MinGW it runs natively under Windows, it
is not necessary to keep MinGW installed.
@ -787,13 +791,13 @@ DeviceType = <TYPE> (platform dependent)
uml (not compiled in by default)
Create a UNIX socket with the filename specified by DEVICE, or
'/var/run/NETNAME.umlsocket' if not specified. Tinc will wait
for a User Mode Linux instance to connect to this socket.
'/run/NETNAME.umlsocket' if not specified. Tinc will wait for
a User Mode Linux instance to connect to this socket.
vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual
Distributed Ethernet switch, using the UNIX socket specified
by DEVICE, or '/var/run/vde.ctl' if not specified.
by DEVICE, or '/run/vde.ctl' if not specified.
Also, in case tinc does not seem to correctly interpret packets
received from the virtual network device, it can be used to change
@ -816,6 +820,11 @@ DeviceType = <TYPE> (platform dependent)
followed by an IP header. This mode should support both IPv4
and IPv6 packets.
utun (OS X)
Set type to utun. This is only supported on OS X version
10.6.8 and higher, but doesn't require the tuntaposx module.
This mode should support both IPv4 and IPv6 packets.
tap (BSD and Linux)
Set type to tap. Tinc will expect packets read from the
virtual network device to start with an Ethernet header.
@ -931,15 +940,15 @@ Mode = <router|switch|hub> (router)
routing table is managed.
Name = <NAME> [required]
This is a symbolic name for this connection. The name should
consist only of alphanumeric and underscore characters (a-z, A-Z,
0-9 and _).
This is a symbolic name for this connection. The name must consist
only of alphanumeric and underscore characters (a-z, A-Z, 0-9 and
_).
If Name starts with a $, then the contents of the environment
variable that follows will be used. In that case, invalid
characters will be converted to underscores. If Name is $HOST, but
no such environment variable exist, the hostname will be read using
the gethostnname() system call.
the gethostname() system call.
PingInterval = <SECONDS> (60)
The number of seconds of inactivity that tinc will wait before
@ -1044,11 +1053,11 @@ Address = <IP ADDRESS|HOSTNAME> [<port>] [recommended]
can be specified, in which case each address will be tried until a
working connection has been established.
Cipher = <CIPHER> (blowfish)
Cipher = <CIPHER> (aes-256-cbc)
The symmetric cipher algorithm used to encrypt UDP packets. Any
cipher supported by OpenSSL is recognized. Furthermore, specifying
"none" will turn off packet encryption. It is best to use only
those ciphers which support CBC mode.
cipher supported by LibreSSL or OpenSSL is recognized.
Furthermore, specifying "none" will turn off packet encryption. It
is best to use only those ciphers which support CBC mode.
ClampMSS = <yes|no> (yes)
This option specifies whether tinc should clamp the maximum segment
@ -1061,10 +1070,10 @@ Compression = <LEVEL> (0)
Possible values are 0 (off), 1 (fast zlib) and any integer up to 9
(best zlib), 10 (fast lzo) and 11 (best lzo).
Digest = <DIGEST> (sha1)
Digest = <DIGEST> (sha256)
The digest algorithm used to authenticate UDP packets. Any digest
supported by OpenSSL is recognized. Furthermore, specifying "none"
will turn off packet authentication.
supported by LibreSSL or OpenSSL is recognized. Furthermore,
specifying "none" will turn off packet authentication.
IndirectData = <yes|no> (no)
This option specifies whether other tinc daemons besides the one
@ -1126,7 +1135,7 @@ Subnet = <ADDRESS[/PREFIXLENGTH[#WEIGHT]]>
Prefixlength is the number of bits set to 1 in the netmask part;
for example: netmask 255.255.255.0 would become /24, 255.255.252.0
becomes /22. This conforms to standard CIDR notation as described
in RFC1519 (http://www.ietf.org/rfc/rfc1519.txt)
in RFC1519 (https://www.ietf.org/rfc/rfc1519.txt)
A Subnet can be given a weight to indicate its priority over
identical Subnets owned by different nodes. The default weight is
@ -1152,16 +1161,27 @@ File: tinc.info, Node: Scripts, Next: How to configure, Prev: Host configurat
-------------
Apart from reading the server and host configuration files, tinc can
also run scripts at certain moments. Under Windows (not Cygwin), the
scripts should have the extension .bat.
also run scripts at certain moments. Below is a list of filenames of
scripts and a description of when they are run. A script is only run if
it exists and if it is executable.
Scripts are run synchronously; this means that tinc will temporarily
stop processing packets until the called script finishes executing.
This guarantees that scripts will execute in the exact same order as the
events that trigger them. If you need to run commands asynchronously,
you have to ensure yourself that they are being run in the background.
Under Windows (not Cygwin), the scripts must have the extension .bat.
'/etc/tinc/NETNAME/tinc-up'
This is the most important script. If it is present it will be
executed right after the tinc daemon has been started and has
connected to the virtual network device. It should be used to set
up the corresponding network interface, but can also be used to
start other things. Under Windows you can use the Network
Connections control panel instead of creating this script.
start other things.
Under Windows you can use the Network Connections control panel
instead of creating this script.
'/etc/tinc/NETNAME/tinc-down'
This script is started right before the tinc daemon quits.
@ -1577,7 +1597,7 @@ command line options.
'/var/log/tinc.NETNAME.log'.
'--pidfile=FILE'
Write PID to FILE instead of '/var/run/tinc.NETNAME.pid'.
Write PID to FILE instead of '/run/tinc.NETNAME.pid'.
'--bypass-security'
Disables encryption and authentication. Only useful for debugging.
@ -1589,12 +1609,16 @@ command line options.
chroot is performed after all the initialization is done, after
writing pid files and opening network sockets.
Note that this option alone does not do any good without -U/-user,
below.
This option is best used in combination with the -U/-user option
described below.
Note also that tinc can't run scripts anymore (such as tinc-down or
host-up), unless it's setup to be runnable inside chroot
environment.
You will need to ensure the chroot environment contains all the
files necessary for tinc to run correctly. Most importantly, for
tinc to be able to resolve hostnames inside the chroot environment,
you must copy '/etc/resolv.conf' into the chroot directory. If you
want to be able to run scripts other than 'tinc-up' in the chroot,
you must ensure the appropriate shell is also installed in the
chroot, along with all its dependencies.
'-U, --user=USER'
Switch to the given USER after initialization, at the same time as
@ -1915,8 +1939,7 @@ correct destination MAC address. In those modes every interface should
have a unique MAC address, so make sure they are not the same. Because
switch and hub modes rely on MAC addresses to function correctly, these
modes cannot be used on the following operating systems which don't have
a 'tap' style virtual network device: OpenBSD, NetBSD, Darwin and
Solaris.
a 'tap' style virtual network device: NetBSD, Darwin and Solaris.

File: tinc.info, Node: The meta-connection, Prev: The UDP tunnel, Up: The connection
@ -2076,7 +2099,7 @@ intercept. The encryption algorithm and message authentication
algorithm can be changed in the configuration. The length of the
message authentication codes is also adjustable. The length of the key
for the encryption algorithm is always the default length used by
OpenSSL.
LibreSSL/OpenSSL.
* Menu:
@ -2234,8 +2257,8 @@ In August 2000, we discovered the existence of a security hole in all
versions of tinc up to and including 1.0pre2. This had to do with the
way we exchanged keys. Since then, we have been working on a new
authentication scheme to make tinc as secure as possible. The current
version uses the OpenSSL library and uses strong authentication with RSA
keys.
version uses the LibreSSL or OpenSSL library and uses strong
authentication with RSA keys.
On the 29th of December 2001, Jerome Etienne posted a security
analysis of tinc 1.0pre4. Due to a lack of sequence numbers and a
@ -2255,7 +2278,7 @@ address these issues in tinc 2.0.
Cryptography is a hard thing to get right. We cannot make any
guarantees. Time, review and feedback are the only things that can
prove the security of any cryptographic product. If you wish to review
tinc or give us feedback, you are stronly encouraged to do so.
tinc or give us feedback, you are strongly encouraged to do so.

File: tinc.info, Node: Platform specific information, Next: About us, Prev: Technical information, Up: Top
@ -2267,6 +2290,7 @@ File: tinc.info, Node: Platform specific information, Next: About us, Prev: T
* Interface configuration::
* Routes::
* Automatically starting tinc::

File: tinc.info, Node: Interface configuration, Next: Routes, Up: Platform specific information
@ -2305,11 +2329,6 @@ Solaris 'ifconfig' INTERFACE 'inet6 plumb up'
Darwin (Mac OS X) 'ifconfig' INTERFACE 'inet6' ADDRESS 'prefixlen' PREFIXLENGTH
Windows 'netsh interface ipv6 add address' INTERFACE 'static' ADDRESS/PREFIXLENGTH
On some platforms, when running tinc in switch mode, the VPN
interface must be set to tap mode with an ifconfig command:
OpenBSD 'ifconfig' INTERFACE 'link0'
On Linux, it is possible to create a persistent tun/tap interface
which will continue to exist even if tinc quit, although this is
normally not required. It can be useful to set up a tun/tap interface
@ -2319,7 +2338,7 @@ root privileges at all.
Linux 'ip tuntap add dev' INTERFACE 'mode' TUN|TAP 'user' USERNAME

File: tinc.info, Node: Routes, Prev: Interface configuration, Up: Platform specific information
File: tinc.info, Node: Routes, Next: Automatically starting tinc, Prev: Interface configuration, Up: Platform specific information
7.2 Routes
==========
@ -2354,6 +2373,72 @@ Solaris 'route add -inet6' NETWORK_ADDRESS'/'PREFIXLENGTH LOCAL_ADDR
Darwin (Mac OS X) 'route add -inet6' NETWORK_ADDRESS'/'PREFIXLENGTH '-interface' INTERFACE
Windows 'netsh interface ipv6 add route' NETWORK ADDRESS/PREFIXLENGTH INTERFACE

File: tinc.info, Node: Automatically starting tinc, Prev: Routes, Up: Platform specific information
7.3 Automatically starting tinc
===============================
* Menu:
* Linux::
* Windows::
* Other platforms::

File: tinc.info, Node: Linux, Next: Windows, Up: Automatically starting tinc
7.3.1 Linux
-----------
There are many Linux distributions, and historically, many of them had
their own way of starting programs at boot time. Today, a number of
major Linux distributions have chosen to use systemd as their init
system. Tinc ships with systemd service files that allow you to start
and stop tinc using systemd. There are two service files:
'tinc.service' is used to globally enable or disable all tinc daemons
managed by systemd, and 'tinc@NETNAME.service' is used to enable or
disable specific tinc daemons. So if one has created a tinc network
with netname 'foo', then you have to run the following two commands to
ensure it is started at boot time:
systemctl enable tinc
systemctl enable tinc@foo
To start the tinc daemon immediately if it wasn't already running,
use the following command:
systemctl start tinc@foo
You can also use 'systemctl start tinc', this will start all tinc
daemons that are enabled. You can stop and disable tinc networks in the
same way.
If your system is not using systemd, then you have to look up your
distribution's way of starting tinc at boot time.

File: tinc.info, Node: Windows, Next: Other platforms, Prev: Linux, Up: Automatically starting tinc
7.3.2 Windows
-------------
On Windows, if tinc is started without the '-D' or '--no-detach' option,
it will automatically register itself as a service that is started at
boot time. When tinc is stopped using the '-k' or '--kill', it will
also automatically unregister itself. Once tinc is registered as a
service, it is also possible to stop and start tinc using the Windows
Services Manager.

File: tinc.info, Node: Other platforms, Prev: Windows, Up: Automatically starting tinc
7.3.3 Other platforms
---------------------
On platforms other than the ones mentioned in the earlier sections, you
have to look up your platform's way of starting programs at boot time.

File: tinc.info, Node: About us, Next: Concept Index, Prev: Platform specific information, Up: Top
@ -2371,12 +2456,12 @@ File: tinc.info, Node: Contact information, Next: Authors, Up: About us
8.1 Contact information
=======================
Tinc's website is at <http://www.tinc-vpn.org/>, this server is located
Tinc's website is at <https://www.tinc-vpn.org/>, this server is located
in the Netherlands.
We have an IRC channel on the FreeNode and OFTC IRC networks.
Connect to irc.freenode.net (http://www.freenode.net/) or irc.oftc.net
(http://www.oftc.net/) and join channel #tinc.
Connect to irc.freenode.net (https://freenode.net/) or irc.oftc.net
(https://www.oftc.net/) and join channel #tinc.

File: tinc.info, Node: Authors, Prev: Contact information, Up: About us
@ -2449,86 +2534,87 @@ Concept Index
* DEL_SUBNET: The meta-protocol. (line 46)
* Device: Main configuration variables.
(line 73)
* DEVICE: Scripts. (line 53)
* DEVICE: Scripts. (line 64)
* device files: Device files. (line 6)
* DeviceType: Main configuration variables.
(line 79)
* Digest: Host configuration variables.
(line 31)
* DirectOnly: Main configuration variables.
(line 144)
(line 149)
* dummy: Main configuration variables.
(line 86)
* encapsulating: The UDP tunnel. (line 30)
* encryption: Encryption of network packets.
(line 6)
* environment variables: Scripts. (line 42)
* environment variables: Scripts. (line 53)
* example: Example configuration.
(line 6)
* exec: Main configuration variables.
(line 314)
(line 319)
* Forwarding: Main configuration variables.
(line 151)
(line 156)
* frame type: The UDP tunnel. (line 6)
* GraphDumpFile: Main configuration variables.
(line 171)
(line 176)
* Hostnames: Main configuration variables.
(line 179)
(line 184)
* http: Main configuration variables.
(line 311)
(line 316)
* hub: Main configuration variables.
(line 249)
(line 254)
* ID: Authentication protocol.
(line 10)
* IffOneQueue: Main configuration variables.
(line 190)
(line 195)
* IndirectData: Host configuration variables.
(line 36)
* Interface: Main configuration variables.
(line 193)
* INTERFACE: Scripts. (line 56)
(line 198)
* INTERFACE: Scripts. (line 67)
* IRC: Contact information. (line 9)
* key generation: Generating keypairs. (line 6)
* KeyExpire: Main configuration variables.
(line 201)
(line 206)
* KEY_CHANGED: The meta-protocol. (line 63)
* libraries: Libraries. (line 6)
* license: OpenSSL. (line 35)
* LibreSSL: LibreSSL/OpenSSL. (line 6)
* license: LibreSSL/OpenSSL. (line 38)
* LocalDiscovery: Main configuration variables.
(line 207)
(line 212)
* lzo: lzo. (line 6)
* MACExpire: Main configuration variables.
(line 218)
(line 223)
* MACLength: Host configuration variables.
(line 44)
* MaxTimeout: Main configuration variables.
(line 223)
(line 228)
* meta-protocol: The meta-connection. (line 18)
* META_KEY: Authentication protocol.
(line 10)
* Mode: Main configuration variables.
(line 227)
(line 232)
* multicast: Main configuration variables.
(line 98)
* multiple networks: Multiple networks. (line 6)
* Name: Main configuration variables.
(line 254)
* NAME: Scripts. (line 50)
(line 259)
* NAME: Scripts. (line 61)
* netmask: Network interfaces. (line 33)
* netname: Multiple networks. (line 6)
* NETNAME: Scripts. (line 47)
* NETNAME: Scripts. (line 58)
* Network Administrators Guide: Configuration introduction.
(line 15)
* NODE: Scripts. (line 60)
* OpenSSL: OpenSSL. (line 6)
* NODE: Scripts. (line 71)
* OpenSSL: LibreSSL/OpenSSL. (line 6)
* options: Runtime options. (line 9)
* PEM format: Host configuration variables.
(line 69)
* PING: The meta-protocol. (line 88)
* PingInterval: Main configuration variables.
(line 265)
(line 270)
* PingTimeout: Main configuration variables.
(line 269)
(line 274)
* platforms: Supported platforms. (line 6)
* PMTU: Host configuration variables.
(line 49)
@ -2539,17 +2625,17 @@ Concept Index
(line 57)
* port numbers: Other files. (line 17)
* PriorityInheritance: Main configuration variables.
(line 275)
(line 280)
* private: Virtual Private Networks.
(line 10)
* PrivateKey: Main configuration variables.
(line 280)
(line 285)
* PrivateKeyFile: Main configuration variables.
(line 286)
* ProcessPriority: Main configuration variables.
(line 291)
* Proxy: Main configuration variables.
* ProcessPriority: Main configuration variables.
(line 296)
* Proxy: Main configuration variables.
(line 301)
* PublicKey: Host configuration variables.
(line 61)
* PublicKeyFile: Host configuration variables.
@ -2557,14 +2643,14 @@ Concept Index
* raw_socket: Main configuration variables.
(line 91)
* release: Supported platforms. (line 14)
* REMOTEADDRESS: Scripts. (line 65)
* REMOTEPORT: Scripts. (line 68)
* REMOTEADDRESS: Scripts. (line 76)
* REMOTEPORT: Scripts. (line 79)
* ReplayWindow: Main configuration variables.
(line 319)
(line 324)
* requirements: Libraries. (line 6)
* REQ_KEY: The meta-protocol. (line 63)
* router: Main configuration variables.
(line 230)
(line 235)
* runtime options: Runtime options. (line 9)
* scalability: tinc. (line 19)
* scripts: Scripts. (line 6)
@ -2572,46 +2658,49 @@ Concept Index
(line 18)
* signals: Signals. (line 6)
* socks4: Main configuration variables.
(line 300)
* socks5: Main configuration variables.
(line 305)
* socks5: Main configuration variables.
(line 310)
* StrictSubnets: Main configuration variables.
(line 330)
(line 335)
* Subnet: Host configuration variables.
(line 76)
* SUBNET: Scripts. (line 72)
* SUBNET: Scripts. (line 83)
* Subnet weight: Host configuration variables.
(line 98)
* SVPN: Security. (line 11)
* switch: Main configuration variables.
(line 238)
(line 243)
* systemd: Linux. (line 6)
* TCP: The meta-connection. (line 10)
* TCPonly: Host configuration variables.
(line 105)
* tinc: Introduction. (line 6)
* TINC: Security. (line 6)
* tinc-down: Scripts. (line 18)
* tinc-up: Scripts. (line 10)
* tinc-down: Scripts. (line 29)
* tinc-up: Scripts. (line 19)
* tinc-up <1>: Network interfaces. (line 19)
* tincd: tinc. (line 14)
* traditional VPNs: tinc. (line 19)
* tunifhead: Main configuration variables.
(line 133)
* TunnelServer: Main configuration variables.
(line 337)
(line 342)
* tunnohead: Main configuration variables.
(line 127)
* UDP: The UDP tunnel. (line 30)
* UDP <1>: Encryption of network packets.
(line 12)
* UDPRcvBuf: Main configuration variables.
(line 344)
* UDPSndBuf: Main configuration variables.
(line 349)
* UDPSndBuf: Main configuration variables.
(line 354)
* UML: Main configuration variables.
(line 109)
* Universal tun/tap: Configuration of Linux kernels.
(line 6)
* utun: Main configuration variables.
(line 140)
* VDE: Main configuration variables.
(line 114)
* virtual: Virtual Private Networks.
@ -2621,7 +2710,7 @@ Concept Index
(line 6)
* vpnd: tinc. (line 6)
* website: Contact information. (line 6)
* WEIGHT: Scripts. (line 75)
* WEIGHT: Scripts. (line 86)
* zlib: zlib. (line 6)
@ -2631,62 +2720,71 @@ Node: Top806
Node: Introduction1105
Node: Virtual Private Networks1915
Node: tinc3639
Node: Supported platforms5166
Node: Preparations5866
Node: Configuring the kernel6122
Node: Configuration of Linux kernels6532
Node: Configuration of FreeBSD kernels7387
Node: Configuration of OpenBSD kernels7852
Node: Configuration of NetBSD kernels8460
Node: Configuration of Solaris kernels8865
Node: Configuration of Darwin (Mac OS X) kernels9527
Node: Configuration of Windows10005
Node: Libraries10519
Node: OpenSSL10907
Node: zlib13195
Node: lzo14223
Node: Installation15205
Node: Building and installing tinc16220
Node: Darwin (Mac OS X) build environment16880
Node: Cygwin (Windows) build environment17462
Node: MinGW (Windows) build environment18050
Node: System files18574
Node: Device files18839
Node: Other files19255
Node: Configuration19868
Node: Configuration introduction20179
Node: Multiple networks21447
Node: How connections work22873
Node: Configuration files24095
Node: Main configuration variables25589
Node: Host configuration variables41628
Node: Scripts47131
Node: How to configure49894
Node: Generating keypairs51152
Node: Network interfaces51651
Node: Example configuration53499
Node: Running tinc58824
Node: Runtime options59414
Node: Signals62716
Node: Debug levels63907
Node: Solving problems64843
Node: Error messages66395
Node: Sending bug reports70404
Node: Technical information71351
Node: The connection71582
Node: The UDP tunnel71894
Node: The meta-connection74955
Node: The meta-protocol76424
Node: Security81441
Node: Authentication protocol82574
Node: Encryption of network packets87619
Node: Security issues88995
Node: Platform specific information90622
Node: Interface configuration90850
Node: Routes93321
Node: About us95335
Node: Contact information95510
Node: Authors95914
Node: Concept Index96319
Node: Supported platforms5167
Node: Preparations5868
Node: Configuring the kernel6124
Node: Configuration of Linux kernels6534
Node: Configuration of FreeBSD kernels7389
Node: Configuration of OpenBSD kernels7854
Node: Configuration of NetBSD kernels8211
Node: Configuration of Solaris kernels8616
Node: Configuration of Darwin (Mac OS X) kernels9279
Node: Configuration of Windows10098
Node: Libraries10638
Node: LibreSSL/OpenSSL11047
Node: zlib13589
Node: lzo14618
Node: Installation15601
Node: Building and installing tinc16511
Node: Darwin (Mac OS X) build environment17171
Node: Cygwin (Windows) build environment17736
Node: MinGW (Windows) build environment18325
Node: System files18919
Node: Device files19184
Node: Other files19600
Node: Configuration20213
Node: Configuration introduction20524
Node: Multiple networks21792
Node: How connections work23218
Node: Configuration files24440
Node: Main configuration variables25934
Node: Host configuration variables42182
Node: Scripts47714
Node: How to configure50980
Node: Generating keypairs52238
Node: Network interfaces52737
Node: Example configuration54585
Node: Running tinc59910
Node: Runtime options60500
Node: Signals64125
Node: Debug levels65316
Node: Solving problems66252
Node: Error messages67804
Node: Sending bug reports71813
Node: Technical information72760
Node: The connection72991
Node: The UDP tunnel73303
Node: The meta-connection76355
Node: The meta-protocol77824
Node: Security82841
Node: Authentication protocol83983
Node: Encryption of network packets89028
Node: Security issues90404
Node: Platform specific information92044
Node: Interface configuration92304
Node: Routes94600
Node: Automatically starting tinc96650
Node: Linux96873
Node: Windows98094
Node: Other platforms98599
Node: About us98881
Node: Contact information99056
Node: Authors99459
Node: Concept Index99864

End Tag Table

Local Variables:
coding: utf-8
End:

View file

@ -15,7 +15,7 @@
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2014 Ivo Timmermans,
Copyright @copyright{} 1998-2019 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>.
@ -39,7 +39,7 @@ permission notice identical to this one.
@vskip 0pt plus 1filll
This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
Copyright @copyright{} 1998-2014 Ivo Timmermans,
Copyright @copyright{} 1998-2019 Ivo Timmermans,
Guus Sliepen <guus@@tinc-vpn.org> and
Wessel Dankers <wsl@@tinc-vpn.org>.
@ -155,7 +155,7 @@ professional package.
@cindex traditional VPNs
@cindex scalability
Tinc also allows more than two sites to connect to eachother and form a single VPN.
Tinc also allows more than two sites to connect to each other and form a single VPN.
Traditionally VPNs are created by making tunnels, which only have two endpoints.
Larger VPNs with more sites are created by adding more tunnels.
Tinc takes another approach: only endpoints are specified,
@ -186,7 +186,7 @@ packets.
@cindex release
For an up to date list of supported platforms, please check the list on
our website:
@uref{http://www.tinc-vpn.org/platforms/}.
@uref{https://www.tinc-vpn.org/platforms/}.
@c
@c
@ -268,12 +268,7 @@ The tap driver can be loaded with @code{kldload if_tap}, or by adding @code{if_t
@node Configuration of OpenBSD kernels
@subsection Configuration of OpenBSD kernels
For OpenBSD version 2.9 and higher,
the tun driver is included in the default kernel configuration.
There is also a kernel patch from @uref{http://diehard.n-r-g.com/stuff/openbsd/}
which adds a tap device to OpenBSD which should work with tinc,
but with recent versions of OpenBSD,
a tun device can act as a tap device by setting the link0 option with ifconfig.
Recent versions of OpenBSD come with both tun and tap devices enabled in the default kernel configuration.
@c ==================================================================
@ -293,7 +288,7 @@ Tunneling IPv6 may not work on NetBSD's tun device.
For Solaris 8 (SunOS 5.8) and higher,
the tun driver may or may not be included in the default kernel configuration.
If it isn't, the source can be downloaded from @uref{http://vtun.sourceforge.net/tun/}.
For x86 and sparc64 architectures, precompiled versions can be found at @uref{http://www.monkey.org/~dugsong/fragroute/}.
For x86 and sparc64 architectures, precompiled versions can be found at @uref{https://www.monkey.org/~dugsong/fragroute/}.
If the @file{net/if_tun.h} header file is missing, install it from the source package.
@ -302,16 +297,22 @@ If the @file{net/if_tun.h} header file is missing, install it from the source pa
@subsection Configuration of Darwin (Mac OS X) kernels
Tinc on Darwin relies on a tunnel driver for its data acquisition from the kernel.
Tinc supports either the driver from @uref{http://tuntaposx.sourceforge.net/},
OS X version 10.6.8 and later have a built-in tun driver called "utun".
Tinc also supports the driver from @uref{http://tuntaposx.sourceforge.net/},
which supports both tun and tap style devices.
By default, tinc expects the tuntaposx driver to be installed.
To use the utun driver, set add @code{Device = utunX} to @file{tinc.conf},
where X is the desired number for the utun interface.
You can also omit the number, in which case the first free number will be chosen.
@c ==================================================================
@node Configuration of Windows
@subsection Configuration of Windows
You will need to install the latest TAP-Win32 driver from OpenVPN.
You can download it from @uref{http://openvpn.sourceforge.net}.
You can download it from @uref{https://openvpn.net/index.php/open-source/downloads.html}.
Using the Network Connections control panel,
configure the TAP-Win32 network interface in the same way as you would do from the tinc-up script,
as explained in the rest of the documentation.
@ -323,24 +324,25 @@ as explained in the rest of the documentation.
@cindex requirements
@cindex libraries
Before you can configure or build tinc, you need to have the OpenSSL,
Before you can configure or build tinc, you need to have the LibreSSL or OpenSSL,
zlib and lzo libraries installed on your system. If you try to configure tinc without
having them installed, configure will give you an error message, and stop.
@menu
* OpenSSL::
* LibreSSL/OpenSSL::
* zlib::
* lzo::
@end menu
@c ==================================================================
@node OpenSSL
@subsection OpenSSL
@node LibreSSL/OpenSSL
@subsection LibreSSL/OpenSSL
@cindex LibreSSL
@cindex OpenSSL
For all cryptography-related functions, tinc uses the functions provided
by the OpenSSL library.
by the LibreSSL or the OpenSSL library.
If this library is not installed, you will get an error when configuring
tinc for build. Support for running tinc with other cryptographic libraries
@ -350,21 +352,23 @@ You can use your operating system's package manager to install this if
available. Make sure you install the development AND runtime versions
of this package.
If you have to install OpenSSL manually, you can get the source code
from @url{http://www.openssl.org/}. Instructions on how to configure,
build and install this package are included within the package. Please
make sure you build development and runtime libraries (which is the
If your operating system comes neither with LibreSSL or OpenSSL, you have to
install one manually. It is recommended that you get the latest version of
LibreSSL from @url{http://www.libressl.org/}. Instructions on how to
configure, build and install this package are included within the package.
Please make sure you build development and runtime libraries (which is the
default).
If you installed the OpenSSL libraries from source, it may be necessary
If you installed the LibreSSL or OpenSSL libraries from source, it may be necessary
to let configure know where they are, by passing configure one of the
--with-openssl-* parameters.
--with-openssl-* parameters. Note that you even have to use --with-openssl-* if you
are using LibreSSL.
@example
--with-openssl=DIR OpenSSL library and headers prefix
--with-openssl-include=DIR OpenSSL headers directory
--with-openssl=DIR LibreSSL/OpenSSL library and headers prefix
--with-openssl-include=DIR LibreSSL/OpenSSL headers directory
(Default is OPENSSL_DIR/include)
--with-openssl-lib=DIR OpenSSL library directory
--with-openssl-lib=DIR LibreSSL/OpenSSL library directory
(Default is OPENSSL_DIR/lib)
@end example
@ -375,7 +379,7 @@ to let configure know where they are, by passing configure one of the
The complete source code of tinc is covered by the GNU GPL version 2.
Since the license under which OpenSSL is distributed is not directly
compatible with the terms of the GNU GPL
@uref{http://www.openssl.org/support/faq.html#LEGAL2}, we
@uref{https://www.openssl.org/support/faq.html#LEGAL2}, we
include an exemption to the GPL (see also the file COPYING.README) to allow
everyone to create a statically or dynamically linked executable:
@ -391,8 +395,8 @@ we also present the following exemption:
@quotation
Hereby I grant a special exception to the tinc VPN project
(http://www.tinc-vpn.org/) to link the LZO library with the OpenSSL library
(http://www.openssl.org).
(https://www.tinc-vpn.org/) to link the LZO library with the OpenSSL library
(https://www.openssl.org).
Markus F.X.J. Oberhumer
@end quotation
@ -417,7 +421,7 @@ available. Make sure you install the development AND runtime versions
of this package.
If you have to install zlib manually, you can get the source code
from @url{http://www.gzip.org/zlib/}. Instructions on how to configure,
from @url{https://zlib.net/}. Instructions on how to configure,
build and install this package are included within the package. Please
make sure you build development and runtime libraries (which is the
default).
@ -441,7 +445,7 @@ available. Make sure you install the development AND runtime versions
of this package.
If you have to install lzo manually, you can get the source code
from @url{http://www.oberhumer.com/opensource/lzo/}. Instructions on how to configure,
from @url{https://www.oberhumer.com/opensource/lzo/}. Instructions on how to configure,
build and install this package are included within the package. Please
make sure you build development and runtime libraries (which is the
default).
@ -467,9 +471,7 @@ system startup scripts and sample configurations.
If you cannot use one of the precompiled packages, or you want to compile tinc
for yourself, you can use the source. The source is distributed under
the GNU General Public License (GPL). Download the source from the
@uref{http://www.tinc-vpn.org/download/, download page}, which has
the checksums of these files listed; you may wish to check these with
md5sum before continuing.
@uref{https://www.tinc-vpn.org/download/, download page}.
Tinc comes in a convenient autoconf/automake package, which you can just
treat the same as any other package. Which is just untar it, type
@ -506,19 +508,18 @@ The documentation that comes along with your distribution will tell you how to d
@node Darwin (Mac OS X) build environment
@subsection Darwin (Mac OS X) build environment
In order to build tinc on Darwin, you need to install the Mac OS X Developer Tools
from @uref{http://developer.apple.com/tools/macosxtools.html} and
preferably a recent version of Fink from @uref{http://www.finkproject.org/}.
In order to build tinc on Darwin, you need to install Xcode from @uref{https://developer.apple.com/xcode/}.
It might also help to install a recent version of Fink from @uref{http://www.finkproject.org/}.
After installation use fink to download and install the following packages:
autoconf25, automake, dlcompat, m4, openssl, zlib and lzo.
You need to download and install LibreSSL (or OpenSSL) and LZO,
either directly from their websites (see @ref{Libraries}) or using Fink.
@c ==================================================================
@node Cygwin (Windows) build environment
@subsection Cygwin (Windows) build environment
If Cygwin hasn't already been installed, install it directly from
@uref{http://www.cygwin.com/}.
@uref{https://www.cygwin.com/}.
When tinc is compiled in a Cygwin environment, it can only be run in this environment,
but all programs, including those started outside the Cygwin environment, will be able to use the VPN.
@ -529,6 +530,7 @@ It will also support all features.
@subsection MinGW (Windows) build environment
You will need to install the MinGW environment from @uref{http://www.mingw.org}.
You also need to download and install LibreSSL (or OpenSSL) and LZO.
When tinc is compiled using MinGW it runs natively under Windows,
it is not necessary to keep MinGW installed.
@ -858,7 +860,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
@cindex UML
@item uml (not compiled in by default)
Create a UNIX socket with the filename specified by
@var{Device}, or @file{@value{localstatedir}/run/@var{netname}.umlsocket}
@var{Device}, or @file{@value{runstatedir}/@var{netname}.umlsocket}
if not specified.
Tinc will wait for a User Mode Linux instance to connect to this socket.
@ -866,7 +868,7 @@ Tinc will wait for a User Mode Linux instance to connect to this socket.
@item vde (not compiled in by default)
Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
using the UNIX socket specified by
@var{Device}, or @file{@value{localstatedir}/run/vde.ctl}
@var{Device}, or @file{@value{runstatedir}/vde.ctl}
if not specified.
@end table
@ -892,6 +894,12 @@ to start with a four byte header containing the address family,
followed by an IP header.
This mode should support both IPv4 and IPv6 packets.
@cindex utun
@item utun (OS X)
Set type to utun.
This is only supported on OS X version 10.6.8 and higher, but doesn't require the tuntaposx module.
This mode should support both IPv4 and IPv6 packets.
@item tap (BSD and Linux)
Set type to tap.
Tinc will expect packets read from the virtual network device
@ -1014,12 +1022,12 @@ while no routing table is managed.
@cindex Name
@item Name = <@var{name}> [required]
This is a symbolic name for this connection.
The name should consist only of alphanumeric and underscore characters (a-z, A-Z, 0-9 and _).
The name must consist only of alphanumeric and underscore characters (a-z, A-Z, 0-9 and _).
If Name starts with a $, then the contents of the environment variable that follows will be used.
In that case, invalid characters will be converted to underscores.
If Name is $HOST, but no such environment variable exist,
the hostname will be read using the gethostnname() system call.
the hostname will be read using the gethostname() system call.
@cindex PingInterval
@item PingInterval = <@var{seconds}> (60)
@ -1135,9 +1143,9 @@ Multiple Address variables can be specified, in which case each address will be
tried until a working connection has been established.
@cindex Cipher
@item Cipher = <@var{cipher}> (blowfish)
@item Cipher = <@var{cipher}> (aes-256-cbc)
The symmetric cipher algorithm used to encrypt UDP packets.
Any cipher supported by OpenSSL is recognized.
Any cipher supported by LibreSSL or OpenSSL is recognized.
Furthermore, specifying "none" will turn off packet encryption.
It is best to use only those ciphers which support CBC mode.
@ -1154,9 +1162,9 @@ Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib),
10 (fast lzo) and 11 (best lzo).
@cindex Digest
@item Digest = <@var{digest}> (sha1)
@item Digest = <@var{digest}> (sha256)
The digest algorithm used to authenticate UDP packets.
Any digest supported by OpenSSL is recognized.
Any digest supported by LibreSSL or OpenSSL is recognized.
Furthermore, specifying "none" will turn off packet authentication.
@cindex IndirectData
@ -1227,7 +1235,7 @@ MAC addresses are notated like 0:1a:2b:3c:4d:5e.
Prefixlength is the number of bits set to 1 in the netmask part; for
example: netmask 255.255.255.0 would become /24, 255.255.252.0 becomes
/22. This conforms to standard CIDR notation as described in
@uref{http://www.ietf.org/rfc/rfc1519.txt, RFC1519}
@uref{https://www.ietf.org/rfc/rfc1519.txt, RFC1519}
@cindex Subnet weight
A Subnet can be given a weight to indicate its priority over identical Subnets
@ -1256,7 +1264,15 @@ UDP is possible or not.
@cindex scripts
Apart from reading the server and host configuration files,
tinc can also run scripts at certain moments.
Under Windows (not Cygwin), the scripts should have the extension .bat.
Below is a list of filenames of scripts and a description of when they are run.
A script is only run if it exists and if it is executable.
Scripts are run synchronously;
this means that tinc will temporarily stop processing packets until the called script finishes executing.
This guarantees that scripts will execute in the exact same order as the events that trigger them.
If you need to run commands asynchronously, you have to ensure yourself that they are being run in the background.
Under Windows (not Cygwin), the scripts must have the extension .bat.
@table @file
@cindex tinc-up
@ -1266,6 +1282,7 @@ If it is present it will be executed right after the tinc daemon has been
started and has connected to the virtual network device.
It should be used to set up the corresponding network interface,
but can also be used to start other things.
Under Windows you can use the Network Connections control panel instead of creating this script.
@cindex tinc-down
@ -1713,7 +1730,7 @@ Write log entries to a file instead of to the system logging facility.
If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}.
@item --pidfile=@var{file}
Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
Write PID to @var{file} instead of @file{@value{runstatedir}/tinc.@var{netname}.pid}.
@item --bypass-security
Disables encryption and authentication.
@ -1726,10 +1743,14 @@ located (@file{@value{sysconfdir}/tinc/@var{netname}/} as determined by
The chroot is performed after all the initialization is done, after
writing pid files and opening network sockets.
Note that this option alone does not do any good without -U/--user, below.
This option is best used in combination with the -U/--user option described below.
Note also that tinc can't run scripts anymore (such as tinc-down or host-up),
unless it's setup to be runnable inside chroot environment.
You will need to ensure the chroot environment contains all the files necessary
for tinc to run correctly.
Most importantly, for tinc to be able to resolve hostnames inside the chroot environment,
you must copy @file{/etc/resolv.conf} into the chroot directory.
If you want to be able to run scripts other than @file{tinc-up} in the chroot,
you must ensure the appropriate shell is also installed in the chroot, along with all its dependencies.
@item -U, --user=@var{user}
Switch to the given @var{user} after initialization, at the same time as
@ -2054,7 +2075,7 @@ In switch or hub modes ARP does work so the sender already knows the correct des
In those modes every interface should have a unique MAC address, so make sure they are not the same.
Because switch and hub modes rely on MAC addresses to function correctly,
these modes cannot be used on the following operating systems which don't have a `tap' style virtual network device:
OpenBSD, NetBSD, Darwin and Solaris.
NetBSD, Darwin and Solaris.
@c ==================================================================
@ -2233,7 +2254,7 @@ eavesdroppers cannot get and cannot change any information at all from the
packets they can intercept. The encryption algorithm and message authentication
algorithm can be changed in the configuration. The length of the message
authentication codes is also adjustable. The length of the key for the
encryption algorithm is always the default length used by OpenSSL.
encryption algorithm is always the default length used by LibreSSL/OpenSSL.
@menu
* Authentication protocol::
@ -2392,7 +2413,7 @@ the MACLength configuration variable.
In August 2000, we discovered the existence of a security hole in all versions
of tinc up to and including 1.0pre2. This had to do with the way we exchanged
keys. Since then, we have been working on a new authentication scheme to make
tinc as secure as possible. The current version uses the OpenSSL library and
tinc as secure as possible. The current version uses the LibreSSL or OpenSSL library and
uses strong authentication with RSA keys.
On the 29th of December 2001, Jerome Etienne posted a security analysis of tinc
@ -2412,7 +2433,7 @@ We will address these issues in tinc 2.0.
Cryptography is a hard thing to get right. We cannot make any
guarantees. Time, review and feedback are the only things that can
prove the security of any cryptographic product. If you wish to review
tinc or give us feedback, you are stronly encouraged to do so.
tinc or give us feedback, you are strongly encouraged to do so.
@c ==================================================================
@ -2422,6 +2443,7 @@ tinc or give us feedback, you are stronly encouraged to do so.
@menu
* Interface configuration::
* Routes::
* Automatically starting tinc::
@end menu
@c ==================================================================
@ -2478,13 +2500,6 @@ For IPv6 addresses:
@tab @code{netsh interface ipv6 add address} @var{interface} @code{static} @var{address}/@var{prefixlength}
@end multitable
On some platforms, when running tinc in switch mode, the VPN interface must be set to tap mode with an ifconfig command:
@multitable {Darwin (Mac OS X)} {ifconfig route add -bla network address netmask netmask prefixlength interface}
@item OpenBSD
@tab @code{ifconfig} @var{interface} @code{link0}
@end multitable
On Linux, it is possible to create a persistent tun/tap interface which will
continue to exist even if tinc quit, although this is normally not required.
It can be useful to set up a tun/tap interface owned by a non-root user, so
@ -2548,6 +2563,66 @@ Adding routes to IPv6 subnets:
@tab @code{netsh interface ipv6 add route} @var{network address}/@var{prefixlength} @var{interface}
@end multitable
@c ==================================================================
@node Automatically starting tinc
@section Automatically starting tinc
@menu
* Linux::
* Windows::
* Other platforms::
@end menu
@c ==================================================================
@node Linux
@subsection Linux
@cindex systemd
There are many Linux distributions, and historically, many of them had their
own way of starting programs at boot time. Today, a number of major Linux
distributions have chosen to use systemd as their init system. Tinc ships with
systemd service files that allow you to start and stop tinc using systemd.
There are two service files: @code{tinc.service} is used to globally enable or
disable all tinc daemons managed by systemd, and
@code{tinc@@@var{netname}.service} is used to enable or disable specific tinc
daemons. So if one has created a tinc network with netname @code{foo}, then
you have to run the following two commands to ensure it is started at boot
time:
@example
systemctl enable tinc
systemctl enable tinc@@foo
@end example
To start the tinc daemon immediately if it wasn't already running, use the
following command:
@example
systemctl start tinc@@foo
@end example
You can also use @samp{systemctl start tinc}, this will start all tinc daemons
that are enabled. You can stop and disable tinc networks in the same way.
If your system is not using systemd, then you have to look up your
distribution's way of starting tinc at boot time.
@c ==================================================================
@node Windows
@subsection Windows
On Windows, if tinc is started without the @code{-D} or @code{--no-detach}
option, it will automatically register itself as a service that is started at
boot time. When tinc is stopped using the @code{-k} or @code{--kill}, it will
also automatically unregister itself. Once tinc is registered as a service, it
is also possible to stop and start tinc using the Windows Services Manager.
@c ==================================================================
@node Other platforms
@subsection Other platforms
On platforms other than the ones mentioned in the earlier sections, you have to
look up your platform's way of starting programs at boot time.
@c ==================================================================
@node About us
@ -2565,14 +2640,14 @@ Adding routes to IPv6 subnets:
@section Contact information
@cindex website
Tinc's website is at @url{http://www.tinc-vpn.org/},
Tinc's website is at @url{https://www.tinc-vpn.org/},
this server is located in the Netherlands.
@cindex IRC
We have an IRC channel on the FreeNode and OFTC IRC networks. Connect to
@uref{http://www.freenode.net/, irc.freenode.net}
@uref{https://freenode.net/, irc.freenode.net}
or
@uref{http://www.oftc.net/, irc.oftc.net}
@uref{https://www.oftc.net/, irc.oftc.net}
and join channel #tinc.

View file

@ -109,7 +109,7 @@ is omitted, the default is
Write PID to
.Ar FILE
instead of
.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
.Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid.
Under Windows this option will be ignored.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
@ -190,7 +190,7 @@ This will log all network traffic over the virtual private network.
Directory containing the configuration files tinc uses.
For more information, see
.Xr tinc.conf 5 .
.It Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid
.It Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid
The PID of the currently running
.Nm
is stored in this file.
@ -207,7 +207,7 @@ If you find any bugs, report them to tinc@tinc-vpn.org.
A lot, especially security auditing.
.Sh SEE ALSO
.Xr tinc.conf 5 ,
.Pa http://www.tinc-vpn.org/ ,
.Pa https://www.tinc-vpn.org/ ,
.Pa http://www.cabal.org/ .
.Pp
The full documentation for tinc is maintained as a Texinfo manual.

5
doc/tincinclude.texi Normal file
View file

@ -0,0 +1,5 @@
@set VERSION 1.0.36
@set PACKAGE tinc
@set sysconfdir /etc
@set localstatedir /var
@set runstatedir /run

View file

@ -2,3 +2,4 @@
@set PACKAGE @PACKAGE@
@set sysconfdir @sysconfdir@
@set localstatedir @localstatedir@
@set runstatedir @runstatedir@

View file

@ -1,7 +1,7 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2011-11-20.07; # UTC
scriptversion=2018-03-11.20; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
@ -41,19 +41,15 @@ scriptversion=2011-11-20.07; # UTC
# This script is compatible with the BSD install script, but was written
# from scratch.
tab=' '
nl='
'
IFS=" "" $nl"
IFS=" $tab$nl"
# set DOITPROG to echo to test this script
# Set DOITPROG to "echo" to test this script.
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit=${DOITPROG-}
if test -z "$doit"; then
doit_exec=exec
else
doit_exec=$doit
fi
doit_exec=${doit:-exec}
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
@ -68,17 +64,6 @@ mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_glob='?'
initialize_posix_glob='
test "$posix_glob" != "?" || {
if (set -f) 2>/dev/null; then
posix_glob=
else
posix_glob=:
fi
}
'
posix_mkdir=
# Desired mode of installed file.
@ -97,7 +82,7 @@ dir_arg=
dst_arg=
copy_on_change=false
no_target_directory=
is_target_a_directory=possibly
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
@ -137,46 +122,57 @@ while test $# -ne 0; do
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *' '* | *'
'* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
case $mode in
*' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
shift;;
-s) stripcmd=$stripprog;;
-t) dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-t)
is_target_a_directory=always
dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) no_target_directory=true;;
-T) is_target_a_directory=never;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
# We allow the use of options -d and -T together, by making -d
# take the precedence; this is for compatibility with GNU install.
if test -n "$dir_arg"; then
if test -n "$dst_arg"; then
echo "$0: target directory not allowed when installing a directory." >&2
exit 1
fi
fi
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
@ -207,6 +203,15 @@ if test $# -eq 0; then
exit 0
fi
if test -z "$dir_arg"; then
if test $# -gt 1 || test "$is_target_a_directory" = always; then
if test ! -d "$dst_arg"; then
echo "$0: $dst_arg: Is not a directory." >&2
exit 1
fi
fi
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
@ -223,16 +228,16 @@ if test -z "$dir_arg"; then
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
u_plus_rw=
else
u_plus_rw='% 200'
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
u_plus_rw=
else
u_plus_rw=,u+rw
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
@ -266,122 +271,113 @@ do
fi
dst=$dst_arg
# If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored.
# If destination is a directory, append the input filename.
if test -d "$dst"; then
if test -n "$no_target_directory"; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
if test "$is_target_a_directory" = never; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dst=$dstdir/`basename "$src"`
dstbase=`basename "$src"`
case $dst in
*/) dst=$dst$dstbase;;
*) dst=$dst/$dstbase;;
esac
dstdir_status=0
else
# Prefer dirname, but fall back on a substitute if dirname fails.
dstdir=`
(dirname "$dst") 2>/dev/null ||
expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$dst" : 'X\(//\)[^/]' \| \
X"$dst" : 'X\(//\)$' \| \
X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$dst" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
s//\1/
q
}
/^X\(\/\/\)[^/].*/{
s//\1/
q
}
/^X\(\/\/\)$/{
s//\1/
q
}
/^X\(\/\).*/{
s//\1/
q
}
s/.*/./; q'
`
dstdir=`dirname "$dst"`
test -d "$dstdir"
dstdir_status=$?
fi
fi
case $dstdir in
*/) dstdirslash=$dstdir;;
*) dstdirslash=$dstdir/;;
esac
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
# Note that $RANDOM variable is not portable (e.g. dash); Use it
# here however when possible just to lower collision chance.
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
if (umask $mkdir_umask &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
ls_ld_tmpdir=`ls -ld "$tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/d" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
fi
trap '' 0;;
esac;;
trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0
# Because "mkdir -p" follows existing symlinks and we likely work
# directly in world-writeable /tmp, make sure that the '$tmpdir'
# directory is successfully created first before we actually test
# 'mkdir -p' feature.
if (umask $mkdir_umask &&
$mkdirprog $mkdir_mode "$tmpdir" &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
test_tmpdir="$tmpdir/a"
ls_ld_tmpdir=`ls -ld "$test_tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$test_tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null
fi
trap '' 0;;
esac;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
@ -391,53 +387,51 @@ do
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
eval "$initialize_posix_glob"
oIFS=$IFS
IFS=/
$posix_glob set -f
set -f
set fnord $dstdir
shift
$posix_glob set +f
set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
@ -450,14 +444,25 @@ do
else
# Make a couple of temp file names in the proper directory.
dsttmp=$dstdir/_inst.$$_
rmtmp=$dstdir/_rm.$$_
dsttmp=${dstdirslash}_inst.$$_
rmtmp=${dstdirslash}_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
(umask $cp_umask &&
{ test -z "$stripcmd" || {
# Create $dsttmp read-write so that cp doesn't create it read-only,
# which would cause strip to fail.
if test -z "$doit"; then
: >"$dsttmp" # No need to fork-exec 'touch'.
else
$doit touch "$dsttmp"
fi
}
} &&
$doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
@ -472,15 +477,12 @@ do
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
eval "$initialize_posix_glob" &&
$posix_glob set -f &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
$posix_glob set +f &&
set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
@ -493,24 +495,24 @@ do
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
@ -519,9 +521,9 @@ do
done
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

View file

@ -1,4 +0,0 @@
## Process this file with automake to produce Makefile.in -*-Makefile-*-
EXTRA_DIST = README *.m4

View file

@ -1,8 +0,0 @@
These files are used by a program called aclocal (part of the GNU automake
package). aclocal uses these files to create aclocal.m4 which is in turn
used by autoconf to create the configure script at the the top level in
this distribution.
The Makefile.am file in this directory is automatically generated
from the template file, Makefile.am.in. The generation will fail
if you don't have all the right tools.

69
m4/ax_append_flag.m4 Normal file
View file

@ -0,0 +1,69 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_append_flag.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_APPEND_FLAG(FLAG, [FLAGS-VARIABLE])
#
# DESCRIPTION
#
# FLAG is appended to the FLAGS-VARIABLE shell variable, with a space
# added in between.
#
# If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
# CFLAGS) is used. FLAGS-VARIABLE is not changed if it already contains
# FLAG. If FLAGS-VARIABLE is unset in the shell, it is set to exactly
# FLAG.
#
# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 2
AC_DEFUN([AX_APPEND_FLAG],
[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])dnl
AS_VAR_SET_IF(FLAGS,
[case " AS_VAR_GET(FLAGS) " in
*" $1 "*)
AC_RUN_LOG([: FLAGS already contains $1])
;;
*)
AC_RUN_LOG([: FLAGS="$FLAGS $1"])
AS_VAR_SET(FLAGS, ["AS_VAR_GET(FLAGS) $1"])
;;
esac],
[AS_VAR_SET(FLAGS,["$1"])])
AS_VAR_POPDEF([FLAGS])dnl
])dnl AX_APPEND_FLAG

122
m4/ax_cflags_warn_all.m4 Normal file
View file

@ -0,0 +1,122 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_cflags_warn_all.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_CFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
# AX_CXXFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
# AX_FCFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
#
# DESCRIPTION
#
# Try to find a compiler option that enables most reasonable warnings.
#
# For the GNU compiler it will be -Wall (and -ansi -pedantic) The result
# is added to the shellvar being CFLAGS, CXXFLAGS, or FCFLAGS by default.
#
# Currently this macro knows about the GCC, Solaris, Digital Unix, AIX,
# HP-UX, IRIX, NEC SX-5 (Super-UX 10), Cray J90 (Unicos 10.0.0.8), and
# Intel compilers. For a given compiler, the Fortran flags are much more
# experimental than their C equivalents.
#
# - $1 shell-variable-to-add-to : CFLAGS, CXXFLAGS, or FCFLAGS
# - $2 add-value-if-not-found : nothing
# - $3 action-if-found : add value to shellvariable
# - $4 action-if-not-found : nothing
#
# NOTE: These macros depend on AX_APPEND_FLAG.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2010 Rhys Ulerich <rhys.ulerich@gmail.com>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 15
AC_DEFUN([AX_FLAGS_WARN_ALL],[dnl
AS_VAR_PUSHDEF([FLAGS],[_AC_LANG_PREFIX[]FLAGS])dnl
AS_VAR_PUSHDEF([VAR],[ac_cv_[]_AC_LANG_ABBREV[]flags_warn_all])dnl
AC_CACHE_CHECK([m4_ifval($1,$1,FLAGS) for maximum warnings],
VAR,[VAR="no, unknown"
ac_save_[]FLAGS="$[]FLAGS"
for ac_arg dnl
in "-warn all % -warn all" dnl Intel
"-pedantic % -Wall" dnl GCC
"-xstrconst % -v" dnl Solaris C
"-std1 % -verbose -w0 -warnprotos" dnl Digital Unix
"-qlanglvl=ansi % -qsrcmsg -qinfo=all:noppt:noppc:noobs:nocnd" dnl AIX
"-ansi -ansiE % -fullwarn" dnl IRIX
"+ESlit % +w1" dnl HP-UX C
"-Xc % -pvctl[,]fullmsg" dnl NEC SX-5 (Super-UX 10)
"-h conform % -h msglevel 2" dnl Cray C (Unicos)
#
do FLAGS="$ac_save_[]FLAGS "`echo $ac_arg | sed -e 's,%%.*,,' -e 's,%,,'`
AC_COMPILE_IFELSE([AC_LANG_PROGRAM],
[VAR=`echo $ac_arg | sed -e 's,.*% *,,'` ; break])
done
FLAGS="$ac_save_[]FLAGS"
])
AS_VAR_POPDEF([FLAGS])dnl
AX_REQUIRE_DEFINED([AX_APPEND_FLAG])
case ".$VAR" in
.ok|.ok,*) m4_ifvaln($3,$3) ;;
.|.no|.no,*) m4_default($4,[m4_ifval($2,[AX_APPEND_FLAG([$2], [$1])])]) ;;
*) m4_default($3,[AX_APPEND_FLAG([$VAR], [$1])]) ;;
esac
AS_VAR_POPDEF([VAR])dnl
])dnl AX_FLAGS_WARN_ALL
dnl implementation tactics:
dnl the for-argument contains a list of options. The first part of
dnl these does only exist to detect the compiler - usually it is
dnl a global option to enable -ansi or -extrawarnings. All other
dnl compilers will fail about it. That was needed since a lot of
dnl compilers will give false positives for some option-syntax
dnl like -Woption or -Xoption as they think of it is a pass-through
dnl to later compile stages or something. The "%" is used as a
dnl delimiter. A non-option comment can be given after "%%" marks
dnl which will be shown but not added to the respective C/CXXFLAGS.
AC_DEFUN([AX_CFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([C])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C])
])
AC_DEFUN([AX_CXXFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([C++])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C++])
])
AC_DEFUN([AX_FCFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([Fortran])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([Fortran])
])

37
m4/ax_require_defined.m4 Normal file
View file

@ -0,0 +1,37 @@
# ===========================================================================
# http://www.gnu.org/software/autoconf-archive/ax_require_defined.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_REQUIRE_DEFINED(MACRO)
#
# DESCRIPTION
#
# AX_REQUIRE_DEFINED is a simple helper for making sure other macros have
# been defined and thus are available for use. This avoids random issues
# where a macro isn't expanded. Instead the configure script emits a
# non-fatal:
#
# ./configure: line 1673: AX_CFLAGS_WARN_ALL: command not found
#
# It's like AC_REQUIRE except it doesn't expand the required macro.
#
# Here's an example:
#
# AX_REQUIRE_DEFINED([AX_CHECK_LINK_FLAG])
#
# LICENSE
#
# Copyright (c) 2014 Mike Frysinger <vapier@gentoo.org>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 1
AC_DEFUN([AX_REQUIRE_DEFINED], [dnl
m4_ifndef([$1], [m4_fatal([macro ]$1[ is not defined; is a m4 file missing?])])
])dnl AX_REQUIRE_DEFINED

View file

@ -1,4 +1,4 @@
dnl Check to find the OpenSSL headers/libraries
dnl Check to find the LibreSSL/OpenSSL headers/libraries
AC_DEFUN([tinc_OPENSSL],
[
@ -10,47 +10,49 @@ AC_DEFUN([tinc_OPENSSL],
[],
[AC_CHECK_LIB(dl, dlopen,
[LIBS="$LIBS -ldl"],
[AC_MSG_ERROR([OpenSSL depends on libdl.]); break]
[AC_MSG_ERROR([LibreSSL/OpenSSL depends on libdl.]); break]
)]
)
;;
esac
AC_ARG_WITH(openssl,
AS_HELP_STRING([--with-openssl=DIR], [OpenSSL base directory, or:]),
AS_HELP_STRING([--with-openssl=DIR], [LibreSSL/OpenSSL base directory, or:]),
[openssl="$withval"
CPPFLAGS="$CPPFLAGS -I$withval/include"
LDFLAGS="$LDFLAGS -L$withval/lib"]
)
AC_ARG_WITH(openssl-include,
AS_HELP_STRING([--with-openssl-include=DIR], [OpenSSL headers directory (without trailing /openssl)]),
AS_HELP_STRING([--with-openssl-include=DIR], [LibreSSL/OpenSSL headers directory (without trailing /openssl)]),
[openssl_include="$withval"
CPPFLAGS="$CPPFLAGS -I$withval"]
)
AC_ARG_WITH(openssl-lib,
AS_HELP_STRING([--with-openssl-lib=DIR], [OpenSSL library directory]),
AS_HELP_STRING([--with-openssl-lib=DIR], [LibreSSL/OpenSSL library directory]),
[openssl_lib="$withval"
LDFLAGS="$LDFLAGS -L$withval"]
)
AC_CHECK_HEADERS(openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h openssl/engine.h,
[],
[AC_MSG_ERROR([OpenSSL header files not found.]); break]
[AC_MSG_ERROR([LibreSSL/OpenSSL header files not found.]); break]
)
AC_CHECK_LIB(crypto, EVP_EncryptInit_ex,
[LIBS="-lcrypto $LIBS"],
[AC_MSG_ERROR([OpenSSL libraries not found.])]
[AC_MSG_ERROR([LibreSSL/OpenSSL libraries not found.])]
)
AC_CHECK_FUNCS([RAND_pseudo_bytes EVP_EncryptInit_ex], ,
[AC_MSG_ERROR([Missing OpenSSL functionality, make sure you have installed the latest version.]); break],
AC_CHECK_FUNCS([RAND_bytes EVP_EncryptInit_ex EVP_CIPHER_CTX_new], ,
[AC_MSG_ERROR([Missing LibreSSL/OpenSSL functionality, make sure you have installed the latest version.]); break],
)
AC_CHECK_DECL([OpenSSL_add_all_algorithms], ,
[AC_MSG_ERROR([Missing OpenSSL functionality, make sure you have installed the latest version.]); break],
AC_CHECK_DECLS([OpenSSL_add_all_algorithms, EVP_aes_256_cfb], ,
[AC_MSG_ERROR([Missing LibreSSL/OpenSSL functionality, make sure you have installed the latest version.]); break],
[#include <openssl/evp.h>]
)
AC_CHECK_FUNCS([BN_GENCB_new RSA_set0_key], , , [#include <openssl/rsa.h>])
])

16
missing
View file

@ -1,9 +1,9 @@
#! /bin/sh
# Common wrapper for a few potentially missing GNU programs.
scriptversion=2013-10-28.13; # UTC
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2013 Free Software Foundation, Inc.
# Copyright (C) 1996-2020 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
@ -17,7 +17,7 @@ scriptversion=2013-10-28.13; # UTC
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -101,9 +101,9 @@ else
exit $st
fi
perl_URL=http://www.perl.org/
flex_URL=http://flex.sourceforge.net/
gnu_software_URL=http://www.gnu.org/software
perl_URL=https://www.perl.org/
flex_URL=https://github.com/westes/flex
gnu_software_URL=https://www.gnu.org/software
program_details ()
{
@ -207,9 +207,9 @@ give_advice "$1" | sed -e '1s/^/WARNING: /' \
exit $st
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

View file

@ -14,11 +14,8 @@ tincd_SOURCES = \
edge.c edge.h \
ethernet.h \
event.c event.h \
fake-gai-errnos.h \
fake-getaddrinfo.c fake-getaddrinfo.h \
fake-getnameinfo.c fake-getnameinfo.h \
getopt.c getopt.h \
getopt1.c \
graph.c graph.h \
ipv4.h \
ipv6.h \
@ -40,13 +37,19 @@ tincd_SOURCES = \
protocol_misc.c \
protocol_key.c \
protocol_subnet.c \
proxy.c proxy.h \
raw_socket_device.c \
route.c route.h \
subnet.c subnet.h \
tincd.c \
utils.c utils.h \
xalloc.h \
xmalloc.c
xalloc.h
if !GETOPT
tincd_SOURCES += \
getopt.c getopt.h \
getopt1.c
endif
if LINUX
tincd_SOURCES += linux/device.c
@ -83,4 +86,4 @@ if TUNEMU
LIBS += -lpcap
endif
AM_CPPFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DLOCALSTATEDIR=\"$(localstatedir)\"
AM_CPPFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DRUNSTATEDIR=\"$(runstatedir)\" -DLOCALSTATEDIR=\"$(localstatedir)\" -I $(abs_top_builddir)/

View file

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.14.1 from Makefile.am.
# Makefile.in generated by automake 1.16.2 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2013 Free Software Foundation, Inc.
# Copyright (C) 1994-2020 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -15,7 +15,17 @@
@SET_MAKE@
VPATH = @srcdir@
am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
am__is_gnu_make = { \
if test -z '$(MAKELEVEL)'; then \
false; \
elif test -n '$(MAKE_HOST)'; then \
true; \
elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
true; \
else \
false; \
fi; \
}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@ -79,26 +89,32 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
sbin_PROGRAMS = tincd$(EXEEXT)
@LINUX_TRUE@am__append_1 = linux/device.c
@BSD_TRUE@am__append_2 = bsd/device.c
@BSD_TRUE@@TUNEMU_TRUE@am__append_3 = bsd/tunemu.c bsd/tunemu.h
@SOLARIS_TRUE@am__append_4 = solaris/device.c
@MINGW_TRUE@am__append_5 = mingw/device.c mingw/common.h
@CYGWIN_TRUE@am__append_6 = cygwin/device.c
@UML_TRUE@am__append_7 = uml_device.c
@VDE_TRUE@am__append_8 = vde_device.c
@TUNEMU_TRUE@am__append_9 = -lpcap
@GETOPT_FALSE@am__append_1 = \
@GETOPT_FALSE@ getopt.c getopt.h \
@GETOPT_FALSE@ getopt1.c
@LINUX_TRUE@am__append_2 = linux/device.c
@BSD_TRUE@am__append_3 = bsd/device.c
@BSD_TRUE@@TUNEMU_TRUE@am__append_4 = bsd/tunemu.c bsd/tunemu.h
@SOLARIS_TRUE@am__append_5 = solaris/device.c
@MINGW_TRUE@am__append_6 = mingw/device.c mingw/common.h
@CYGWIN_TRUE@am__append_7 = cygwin/device.c
@UML_TRUE@am__append_8 = uml_device.c
@VDE_TRUE@am__append_9 = vde_device.c
@TUNEMU_TRUE@am__append_10 = -lpcap
subdir = src
DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
$(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
$(top_srcdir)/m4/ax_append_flag.m4 \
$(top_srcdir)/m4/ax_cflags_warn_all.m4 \
$(top_srcdir)/m4/ax_check_compile_flag.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/ax_check_link_flag.m4 \
$(top_srcdir)/m4/ax_require_defined.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/zlib.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@ -108,43 +124,44 @@ PROGRAMS = $(sbin_PROGRAMS)
am__tincd_SOURCES_DIST = have.h system.h avl_tree.c avl_tree.h conf.c \
conf.h connection.c connection.h device.h dropin.c dropin.h \
dummy_device.c edge.c edge.h ethernet.h event.c event.h \
fake-gai-errnos.h fake-getaddrinfo.c fake-getaddrinfo.h \
fake-getnameinfo.c fake-getnameinfo.h getopt.c getopt.h \
getopt1.c graph.c graph.h ipv4.h ipv6.h list.c list.h logger.c \
logger.h meta.c meta.h multicast_device.c net.c net.h \
fake-getaddrinfo.c fake-getaddrinfo.h fake-getnameinfo.c \
fake-getnameinfo.h graph.c graph.h ipv4.h ipv6.h list.c list.h \
logger.c logger.h meta.c meta.h multicast_device.c net.c net.h \
net_packet.c net_setup.c net_socket.c netutl.c netutl.h node.c \
node.h pidfile.c pidfile.h process.c process.h protocol.c \
protocol.h protocol_auth.c protocol_edge.c protocol_misc.c \
protocol_key.c protocol_subnet.c raw_socket_device.c route.c \
route.h subnet.c subnet.h tincd.c utils.c utils.h xalloc.h \
xmalloc.c linux/device.c bsd/device.c bsd/tunemu.c \
bsd/tunemu.h solaris/device.c mingw/device.c mingw/common.h \
cygwin/device.c uml_device.c vde_device.c
protocol_key.c protocol_subnet.c proxy.c proxy.h \
raw_socket_device.c route.c route.h subnet.c subnet.h tincd.c \
utils.c utils.h xalloc.h getopt.c getopt.h getopt1.c \
linux/device.c bsd/device.c bsd/tunemu.c bsd/tunemu.h \
solaris/device.c mingw/device.c mingw/common.h cygwin/device.c \
uml_device.c vde_device.c
@GETOPT_FALSE@am__objects_1 = getopt.$(OBJEXT) getopt1.$(OBJEXT)
am__dirstamp = $(am__leading_dot)dirstamp
@LINUX_TRUE@am__objects_1 = linux/device.$(OBJEXT)
@BSD_TRUE@am__objects_2 = bsd/device.$(OBJEXT)
@BSD_TRUE@@TUNEMU_TRUE@am__objects_3 = bsd/tunemu.$(OBJEXT)
@SOLARIS_TRUE@am__objects_4 = solaris/device.$(OBJEXT)
@MINGW_TRUE@am__objects_5 = mingw/device.$(OBJEXT)
@CYGWIN_TRUE@am__objects_6 = cygwin/device.$(OBJEXT)
@UML_TRUE@am__objects_7 = uml_device.$(OBJEXT)
@VDE_TRUE@am__objects_8 = vde_device.$(OBJEXT)
@LINUX_TRUE@am__objects_2 = linux/device.$(OBJEXT)
@BSD_TRUE@am__objects_3 = bsd/device.$(OBJEXT)
@BSD_TRUE@@TUNEMU_TRUE@am__objects_4 = bsd/tunemu.$(OBJEXT)
@SOLARIS_TRUE@am__objects_5 = solaris/device.$(OBJEXT)
@MINGW_TRUE@am__objects_6 = mingw/device.$(OBJEXT)
@CYGWIN_TRUE@am__objects_7 = cygwin/device.$(OBJEXT)
@UML_TRUE@am__objects_8 = uml_device.$(OBJEXT)
@VDE_TRUE@am__objects_9 = vde_device.$(OBJEXT)
am_tincd_OBJECTS = avl_tree.$(OBJEXT) conf.$(OBJEXT) \
connection.$(OBJEXT) dropin.$(OBJEXT) dummy_device.$(OBJEXT) \
edge.$(OBJEXT) event.$(OBJEXT) fake-getaddrinfo.$(OBJEXT) \
fake-getnameinfo.$(OBJEXT) getopt.$(OBJEXT) getopt1.$(OBJEXT) \
graph.$(OBJEXT) list.$(OBJEXT) logger.$(OBJEXT) meta.$(OBJEXT) \
multicast_device.$(OBJEXT) net.$(OBJEXT) net_packet.$(OBJEXT) \
net_setup.$(OBJEXT) net_socket.$(OBJEXT) netutl.$(OBJEXT) \
node.$(OBJEXT) pidfile.$(OBJEXT) process.$(OBJEXT) \
protocol.$(OBJEXT) protocol_auth.$(OBJEXT) \
protocol_edge.$(OBJEXT) protocol_misc.$(OBJEXT) \
protocol_key.$(OBJEXT) protocol_subnet.$(OBJEXT) \
fake-getnameinfo.$(OBJEXT) graph.$(OBJEXT) list.$(OBJEXT) \
logger.$(OBJEXT) meta.$(OBJEXT) multicast_device.$(OBJEXT) \
net.$(OBJEXT) net_packet.$(OBJEXT) net_setup.$(OBJEXT) \
net_socket.$(OBJEXT) netutl.$(OBJEXT) node.$(OBJEXT) \
pidfile.$(OBJEXT) process.$(OBJEXT) protocol.$(OBJEXT) \
protocol_auth.$(OBJEXT) protocol_edge.$(OBJEXT) \
protocol_misc.$(OBJEXT) protocol_key.$(OBJEXT) \
protocol_subnet.$(OBJEXT) proxy.$(OBJEXT) \
raw_socket_device.$(OBJEXT) route.$(OBJEXT) subnet.$(OBJEXT) \
tincd.$(OBJEXT) utils.$(OBJEXT) xmalloc.$(OBJEXT) \
$(am__objects_1) $(am__objects_2) $(am__objects_3) \
$(am__objects_4) $(am__objects_5) $(am__objects_6) \
$(am__objects_7) $(am__objects_8)
tincd.$(OBJEXT) utils.$(OBJEXT) $(am__objects_1) \
$(am__objects_2) $(am__objects_3) $(am__objects_4) \
$(am__objects_5) $(am__objects_6) $(am__objects_7) \
$(am__objects_8) $(am__objects_9)
tincd_OBJECTS = $(am_tincd_OBJECTS)
tincd_LDADD = $(LDADD)
AM_V_P = $(am__v_P_@AM_V@)
@ -161,7 +178,29 @@ am__v_at_0 = @
am__v_at_1 =
DEFAULT_INCLUDES =
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
am__maybe_remake_depfiles = depfiles
am__depfiles_remade = ./$(DEPDIR)/avl_tree.Po ./$(DEPDIR)/conf.Po \
./$(DEPDIR)/connection.Po ./$(DEPDIR)/dropin.Po \
./$(DEPDIR)/dummy_device.Po ./$(DEPDIR)/edge.Po \
./$(DEPDIR)/event.Po ./$(DEPDIR)/fake-getaddrinfo.Po \
./$(DEPDIR)/fake-getnameinfo.Po ./$(DEPDIR)/getopt.Po \
./$(DEPDIR)/getopt1.Po ./$(DEPDIR)/graph.Po \
./$(DEPDIR)/list.Po ./$(DEPDIR)/logger.Po ./$(DEPDIR)/meta.Po \
./$(DEPDIR)/multicast_device.Po ./$(DEPDIR)/net.Po \
./$(DEPDIR)/net_packet.Po ./$(DEPDIR)/net_setup.Po \
./$(DEPDIR)/net_socket.Po ./$(DEPDIR)/netutl.Po \
./$(DEPDIR)/node.Po ./$(DEPDIR)/pidfile.Po \
./$(DEPDIR)/process.Po ./$(DEPDIR)/protocol.Po \
./$(DEPDIR)/protocol_auth.Po ./$(DEPDIR)/protocol_edge.Po \
./$(DEPDIR)/protocol_key.Po ./$(DEPDIR)/protocol_misc.Po \
./$(DEPDIR)/protocol_subnet.Po ./$(DEPDIR)/proxy.Po \
./$(DEPDIR)/raw_socket_device.Po ./$(DEPDIR)/route.Po \
./$(DEPDIR)/subnet.Po ./$(DEPDIR)/tincd.Po \
./$(DEPDIR)/uml_device.Po ./$(DEPDIR)/utils.Po \
./$(DEPDIR)/vde_device.Po bsd/$(DEPDIR)/device.Po \
bsd/$(DEPDIR)/tunemu.Po cygwin/$(DEPDIR)/device.Po \
linux/$(DEPDIR)/device.Po mingw/$(DEPDIR)/device.Po \
solaris/$(DEPDIR)/device.Po
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@ -201,6 +240,7 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@ -230,9 +270,8 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@ $(am__append_9)
LIBS = @LIBS@ $(am__append_10)
LTLIBOBJS = @LTLIBOBJS@
MAINT = @MAINT@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
OBJEXT = @OBJEXT@
@ -290,10 +329,12 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
sysconfdir = @sysconfdir@
systemd_path = @systemd_path@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
@ -301,24 +342,24 @@ top_srcdir = @top_srcdir@
tincd_SOURCES = have.h system.h avl_tree.c avl_tree.h conf.c conf.h \
connection.c connection.h device.h dropin.c dropin.h \
dummy_device.c edge.c edge.h ethernet.h event.c event.h \
fake-gai-errnos.h fake-getaddrinfo.c fake-getaddrinfo.h \
fake-getnameinfo.c fake-getnameinfo.h getopt.c getopt.h \
getopt1.c graph.c graph.h ipv4.h ipv6.h list.c list.h logger.c \
logger.h meta.c meta.h multicast_device.c net.c net.h \
fake-getaddrinfo.c fake-getaddrinfo.h fake-getnameinfo.c \
fake-getnameinfo.h graph.c graph.h ipv4.h ipv6.h list.c list.h \
logger.c logger.h meta.c meta.h multicast_device.c net.c net.h \
net_packet.c net_setup.c net_socket.c netutl.c netutl.h node.c \
node.h pidfile.c pidfile.h process.c process.h protocol.c \
protocol.h protocol_auth.c protocol_edge.c protocol_misc.c \
protocol_key.c protocol_subnet.c raw_socket_device.c route.c \
route.h subnet.c subnet.h tincd.c utils.c utils.h xalloc.h \
xmalloc.c $(am__append_1) $(am__append_2) $(am__append_3) \
$(am__append_4) $(am__append_5) $(am__append_6) \
$(am__append_7) $(am__append_8)
AM_CPPFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DLOCALSTATEDIR=\"$(localstatedir)\"
protocol_key.c protocol_subnet.c proxy.c proxy.h \
raw_socket_device.c route.c route.h subnet.c subnet.h tincd.c \
utils.c utils.h xalloc.h $(am__append_1) $(am__append_2) \
$(am__append_3) $(am__append_4) $(am__append_5) \
$(am__append_6) $(am__append_7) $(am__append_8) \
$(am__append_9)
AM_CPPFLAGS = -DCONFDIR=\"$(sysconfdir)\" -DRUNSTATEDIR=\"$(runstatedir)\" -DLOCALSTATEDIR=\"$(localstatedir)\" -I $(abs_top_builddir)/
all: all-am
.SUFFIXES:
.SUFFIXES: .c .o .obj
$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
*$$dep*) \
@ -330,22 +371,21 @@ $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__confi
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu src/Makefile
.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
$(top_srcdir)/configure: $(am__configure_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
$(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
install-sbinPROGRAMS: $(sbin_PROGRAMS)
@ -464,50 +504,56 @@ mostlyclean-compile:
distclean-compile:
-rm -f *.tab.c
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/avl_tree.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dropin.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dummy_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fake-getaddrinfo.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fake-getnameinfo.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt1.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logger.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/meta.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/multicast_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_packet.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_setup.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_socket.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/netutl.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/node.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pidfile.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/process.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_auth.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_edge.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_key.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_misc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/raw_socket_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmalloc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/tunemu.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@cygwin/$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@linux/$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@mingw/$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@solaris/$(DEPDIR)/device.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/avl_tree.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/conf.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/connection.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dropin.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dummy_device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/edge.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fake-getaddrinfo.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fake-getnameinfo.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt1.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/graph.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logger.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/meta.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/multicast_device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_packet.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_setup.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_socket.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/netutl.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/node.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pidfile.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/process.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_auth.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_edge.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_key.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_misc.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/protocol_subnet.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/proxy.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/raw_socket_device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/route.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/subnet.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tincd.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uml_device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vde_device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@bsd/$(DEPDIR)/tunemu.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@cygwin/$(DEPDIR)/device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@linux/$(DEPDIR)/device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@mingw/$(DEPDIR)/device.Po@am__quote@ # am--include-marker
@AMDEP_TRUE@@am__include@ @am__quote@solaris/$(DEPDIR)/device.Po@am__quote@ # am--include-marker
$(am__depfiles_remade):
@$(MKDIR_P) $(@D)
@echo '# dummy' >$@-t && $(am__mv) $@-t $@
am--depfiles: $(am__depfiles_remade)
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@ -577,7 +623,10 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
distdir: $(DISTFILES)
distdir: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) distdir-am
distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
@ -659,7 +708,50 @@ clean: clean-am
clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am
distclean: distclean-am
-rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) solaris/$(DEPDIR)
-rm -f ./$(DEPDIR)/avl_tree.Po
-rm -f ./$(DEPDIR)/conf.Po
-rm -f ./$(DEPDIR)/connection.Po
-rm -f ./$(DEPDIR)/dropin.Po
-rm -f ./$(DEPDIR)/dummy_device.Po
-rm -f ./$(DEPDIR)/edge.Po
-rm -f ./$(DEPDIR)/event.Po
-rm -f ./$(DEPDIR)/fake-getaddrinfo.Po
-rm -f ./$(DEPDIR)/fake-getnameinfo.Po
-rm -f ./$(DEPDIR)/getopt.Po
-rm -f ./$(DEPDIR)/getopt1.Po
-rm -f ./$(DEPDIR)/graph.Po
-rm -f ./$(DEPDIR)/list.Po
-rm -f ./$(DEPDIR)/logger.Po
-rm -f ./$(DEPDIR)/meta.Po
-rm -f ./$(DEPDIR)/multicast_device.Po
-rm -f ./$(DEPDIR)/net.Po
-rm -f ./$(DEPDIR)/net_packet.Po
-rm -f ./$(DEPDIR)/net_setup.Po
-rm -f ./$(DEPDIR)/net_socket.Po
-rm -f ./$(DEPDIR)/netutl.Po
-rm -f ./$(DEPDIR)/node.Po
-rm -f ./$(DEPDIR)/pidfile.Po
-rm -f ./$(DEPDIR)/process.Po
-rm -f ./$(DEPDIR)/protocol.Po
-rm -f ./$(DEPDIR)/protocol_auth.Po
-rm -f ./$(DEPDIR)/protocol_edge.Po
-rm -f ./$(DEPDIR)/protocol_key.Po
-rm -f ./$(DEPDIR)/protocol_misc.Po
-rm -f ./$(DEPDIR)/protocol_subnet.Po
-rm -f ./$(DEPDIR)/proxy.Po
-rm -f ./$(DEPDIR)/raw_socket_device.Po
-rm -f ./$(DEPDIR)/route.Po
-rm -f ./$(DEPDIR)/subnet.Po
-rm -f ./$(DEPDIR)/tincd.Po
-rm -f ./$(DEPDIR)/uml_device.Po
-rm -f ./$(DEPDIR)/utils.Po
-rm -f ./$(DEPDIR)/vde_device.Po
-rm -f bsd/$(DEPDIR)/device.Po
-rm -f bsd/$(DEPDIR)/tunemu.Po
-rm -f cygwin/$(DEPDIR)/device.Po
-rm -f linux/$(DEPDIR)/device.Po
-rm -f mingw/$(DEPDIR)/device.Po
-rm -f solaris/$(DEPDIR)/device.Po
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@ -705,7 +797,50 @@ install-ps-am:
installcheck-am: installcheck-sbinPROGRAMS
maintainer-clean: maintainer-clean-am
-rm -rf ./$(DEPDIR) bsd/$(DEPDIR) cygwin/$(DEPDIR) linux/$(DEPDIR) mingw/$(DEPDIR) solaris/$(DEPDIR)
-rm -f ./$(DEPDIR)/avl_tree.Po
-rm -f ./$(DEPDIR)/conf.Po
-rm -f ./$(DEPDIR)/connection.Po
-rm -f ./$(DEPDIR)/dropin.Po
-rm -f ./$(DEPDIR)/dummy_device.Po
-rm -f ./$(DEPDIR)/edge.Po
-rm -f ./$(DEPDIR)/event.Po
-rm -f ./$(DEPDIR)/fake-getaddrinfo.Po
-rm -f ./$(DEPDIR)/fake-getnameinfo.Po
-rm -f ./$(DEPDIR)/getopt.Po
-rm -f ./$(DEPDIR)/getopt1.Po
-rm -f ./$(DEPDIR)/graph.Po
-rm -f ./$(DEPDIR)/list.Po
-rm -f ./$(DEPDIR)/logger.Po
-rm -f ./$(DEPDIR)/meta.Po
-rm -f ./$(DEPDIR)/multicast_device.Po
-rm -f ./$(DEPDIR)/net.Po
-rm -f ./$(DEPDIR)/net_packet.Po
-rm -f ./$(DEPDIR)/net_setup.Po
-rm -f ./$(DEPDIR)/net_socket.Po
-rm -f ./$(DEPDIR)/netutl.Po
-rm -f ./$(DEPDIR)/node.Po
-rm -f ./$(DEPDIR)/pidfile.Po
-rm -f ./$(DEPDIR)/process.Po
-rm -f ./$(DEPDIR)/protocol.Po
-rm -f ./$(DEPDIR)/protocol_auth.Po
-rm -f ./$(DEPDIR)/protocol_edge.Po
-rm -f ./$(DEPDIR)/protocol_key.Po
-rm -f ./$(DEPDIR)/protocol_misc.Po
-rm -f ./$(DEPDIR)/protocol_subnet.Po
-rm -f ./$(DEPDIR)/proxy.Po
-rm -f ./$(DEPDIR)/raw_socket_device.Po
-rm -f ./$(DEPDIR)/route.Po
-rm -f ./$(DEPDIR)/subnet.Po
-rm -f ./$(DEPDIR)/tincd.Po
-rm -f ./$(DEPDIR)/uml_device.Po
-rm -f ./$(DEPDIR)/utils.Po
-rm -f ./$(DEPDIR)/vde_device.Po
-rm -f bsd/$(DEPDIR)/device.Po
-rm -f bsd/$(DEPDIR)/tunemu.Po
-rm -f cygwin/$(DEPDIR)/device.Po
-rm -f linux/$(DEPDIR)/device.Po
-rm -f mingw/$(DEPDIR)/device.Po
-rm -f solaris/$(DEPDIR)/device.Po
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@ -725,19 +860,21 @@ uninstall-am: uninstall-sbinPROGRAMS
.MAKE: install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
clean-sbinPROGRAMS cscopelist-am ctags ctags-am distclean \
distclean-compile distclean-generic distclean-tags distdir dvi \
dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \
install-exec install-exec-am install-html install-html-am \
install-info install-info-am install-man install-pdf \
install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \
install-strip installcheck installcheck-am \
installcheck-sbinPROGRAMS installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am uninstall-sbinPROGRAMS
.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \
clean-generic clean-sbinPROGRAMS cscopelist-am ctags ctags-am \
distclean distclean-compile distclean-generic distclean-tags \
distdir dvi dvi-am html html-am info info-am install \
install-am install-data install-data-am install-dvi \
install-dvi-am install-exec install-exec-am install-html \
install-html-am install-info install-info-am install-man \
install-pdf install-pdf-am install-ps install-ps-am \
install-sbinPROGRAMS install-strip installcheck \
installcheck-am installcheck-sbinPROGRAMS installdirs \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-compile mostlyclean-generic pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-sbinPROGRAMS
.PRECIOUS: Makefile
# Tell versions [3.59,3.63) of GNU make to not export all variables.

View file

@ -2,7 +2,7 @@
avl_tree.c -- avl_ tree and linked list convenience
Copyright (C) 1998 Michael H. Buselli
2000-2005 Ivo Timmermans,
2000-2014 Guus Sliepen <guus@tinc-vpn.org>
2000-2015 Guus Sliepen <guus@tinc-vpn.org>
2000-2005 Wessel Dankers <wsl@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
@ -26,7 +26,7 @@
the code. Mail me if you found a bug.
Cleaned up and incorporated some of the ideas from the red-black tree
library for inclusion into tinc (http://www.tinc-vpn.org/) by
library for inclusion into tinc (https://www.tinc-vpn.org/) by
Guus Sliepen <guus@tinc-vpn.org>.
*/
@ -50,14 +50,14 @@
#endif
#ifndef AVL_DEPTH
static int lg(unsigned int u) __attribute__ ((__const__));
static int lg(unsigned int u) __attribute__((__const__));
static int lg(unsigned int u)
{
static int lg(unsigned int u) {
int r = 1;
if(!u)
if(!u) {
return 0;
}
if(u & 0xffff0000) {
u >>= 16;
@ -79,8 +79,9 @@ static int lg(unsigned int u)
r += 2;
}
if(u & 0x00000002)
if(u & 0x00000002) {
r++;
}
return r;
}
@ -88,8 +89,7 @@ static int lg(unsigned int u)
/* Internal helper functions */
static int avl_check_balance(const avl_node_t *node)
{
static int avl_check_balance(const avl_node_t *node) {
#ifdef AVL_DEPTH
int d;
@ -97,167 +97,185 @@ static int avl_check_balance(const avl_node_t *node)
return d < -1 ? -1 : d > 1 ? 1 : 0;
#else
/* int d;
* d = lg(AVL_R_COUNT(node)) - lg(AVL_L_COUNT(node));
* d = d<-1?-1:d>1?1:0;
*/
/* int d;
* d = lg(AVL_R_COUNT(node)) - lg(AVL_L_COUNT(node));
* d = d<-1?-1:d>1?1:0;
*/
int pl, r;
pl = lg(AVL_L_COUNT(node));
r = AVL_R_COUNT(node);
if(r >> pl + 1)
if(r >> pl + 1) {
return 1;
}
if(pl < 2 || r >> pl - 2)
if(pl < 2 || r >> pl - 2) {
return 0;
}
return -1;
#endif
}
static void avl_rebalance(avl_tree_t *tree, avl_node_t *node)
{
static void avl_rebalance(avl_tree_t *tree, avl_node_t *node) {
avl_node_t *child;
avl_node_t *gchild;
avl_node_t *parent;
avl_node_t **superparent;
parent = node;
while(node) {
parent = node->parent;
superparent =
parent ? node ==
parent->left ? &parent->left : &parent->right : &tree->root;
parent ? node ==
parent->left ? &parent->left : &parent->right : &tree->root;
switch (avl_check_balance(node)) {
case -1:
child = node->left;
switch(avl_check_balance(node)) {
case -1:
child = node->left;
#ifdef AVL_DEPTH
if(L_AVL_DEPTH(child) >= R_AVL_DEPTH(child)) {
if(L_AVL_DEPTH(child) >= R_AVL_DEPTH(child)) {
#else
if(AVL_L_COUNT(child) >= AVL_R_COUNT(child)) {
if(AVL_L_COUNT(child) >= AVL_R_COUNT(child)) {
#endif
node->left = child->right;
if(node->left)
node->left->parent = node;
node->left = child->right;
child->right = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else {
gchild = child->right;
node->left = gchild->right;
if(node->left)
node->left->parent = node;
child->right = gchild->left;
if(child->right)
child->right->parent = child;
gchild->right = node;
gchild->right->parent = gchild;
gchild->left = child;
gchild->left->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
if(node->left) {
node->left->parent = node;
}
break;
case 1:
child = node->right;
#ifdef AVL_DEPTH
if(R_AVL_DEPTH(child) >= L_AVL_DEPTH(child)) {
#else
if(AVL_R_COUNT(child) >= AVL_L_COUNT(child)) {
#endif
node->right = child->left;
if(node->right)
node->right->parent = node;
child->left = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else {
gchild = child->left;
node->right = gchild->left;
if(node->right)
node->right->parent = node;
child->left = gchild->right;
if(child->left)
child->left->parent = child;
gchild->left = node;
gchild->left->parent = gchild;
gchild->right = child;
gchild->right->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
}
break;
default:
child->right = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else {
gchild = child->right;
node->left = gchild->right;
if(node->left) {
node->left->parent = node;
}
child->right = gchild->left;
if(child->right) {
child->right->parent = child;
}
gchild->right = node;
gchild->right->parent = gchild;
gchild->left = child;
gchild->left->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
}
break;
case 1:
child = node->right;
#ifdef AVL_DEPTH
if(R_AVL_DEPTH(child) >= L_AVL_DEPTH(child)) {
#else
if(AVL_R_COUNT(child) >= AVL_L_COUNT(child)) {
#endif
node->right = child->left;
if(node->right) {
node->right->parent = node;
}
child->left = node;
node->parent = child;
*superparent = child;
child->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
#endif
} else {
gchild = child->left;
node->right = gchild->left;
if(node->right) {
node->right->parent = node;
}
child->left = gchild->right;
if(child->left) {
child->left->parent = child;
}
gchild->left = node;
gchild->left->parent = gchild;
gchild->right = child;
gchild->right->parent = gchild;
*superparent = gchild;
gchild->parent = parent;
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
child->count = AVL_CALC_COUNT(child);
gchild->count = AVL_CALC_COUNT(gchild);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
child->depth = AVL_CALC_DEPTH(child);
gchild->depth = AVL_CALC_DEPTH(gchild);
#endif
}
break;
default:
#ifdef AVL_COUNT
node->count = AVL_CALC_COUNT(node);
#endif
#ifdef AVL_DEPTH
node->depth = AVL_CALC_DEPTH(node);
#endif
}
node = parent;
}
}
/* (De)constructors */
avl_tree_t *avl_alloc_tree(avl_compare_t compare, avl_action_t delete)
{
avl_tree_t *avl_alloc_tree(avl_compare_t compare, avl_action_t delete) {
avl_tree_t *tree;
tree = xmalloc_and_zero(sizeof(avl_tree_t));
@ -267,28 +285,25 @@ avl_tree_t *avl_alloc_tree(avl_compare_t compare, avl_action_t delete)
return tree;
}
void avl_free_tree(avl_tree_t *tree)
{
void avl_free_tree(avl_tree_t *tree) {
free(tree);
}
avl_node_t *avl_alloc_node(void)
{
avl_node_t *avl_alloc_node(void) {
return xmalloc_and_zero(sizeof(avl_node_t));
}
void avl_free_node(avl_tree_t *tree, avl_node_t *node)
{
if(node->data && tree->delete)
void avl_free_node(avl_tree_t *tree, avl_node_t *node) {
if(node->data && tree->delete) {
tree->delete(node->data);
}
free(node);
}
/* Searching */
void *avl_search(const avl_tree_t *tree, const void *data)
{
void *avl_search(const avl_tree_t *tree, const void *data) {
avl_node_t *node;
node = avl_search_node(tree, data);
@ -296,8 +311,7 @@ void *avl_search(const avl_tree_t *tree, const void *data)
return node ? node->data : NULL;
}
void *avl_search_closest(const avl_tree_t *tree, const void *data, int *result)
{
void *avl_search_closest(const avl_tree_t *tree, const void *data, int *result) {
avl_node_t *node;
node = avl_search_closest_node(tree, data, result);
@ -305,8 +319,7 @@ void *avl_search_closest(const avl_tree_t *tree, const void *data, int *result)
return node ? node->data : NULL;
}
void *avl_search_closest_smaller(const avl_tree_t *tree, const void *data)
{
void *avl_search_closest_smaller(const avl_tree_t *tree, const void *data) {
avl_node_t *node;
node = avl_search_closest_smaller_node(tree, data);
@ -314,8 +327,7 @@ void *avl_search_closest_smaller(const avl_tree_t *tree, const void *data)
return node ? node->data : NULL;
}
void *avl_search_closest_greater(const avl_tree_t *tree, const void *data)
{
void *avl_search_closest_greater(const avl_tree_t *tree, const void *data) {
avl_node_t *node;
node = avl_search_closest_greater_node(tree, data);
@ -323,8 +335,7 @@ void *avl_search_closest_greater(const avl_tree_t *tree, const void *data)
return node ? node->data : NULL;
}
avl_node_t *avl_search_node(const avl_tree_t *tree, const void *data)
{
avl_node_t *avl_search_node(const avl_tree_t *tree, const void *data) {
avl_node_t *node;
int result;
@ -334,16 +345,17 @@ avl_node_t *avl_search_node(const avl_tree_t *tree, const void *data)
}
avl_node_t *avl_search_closest_node(const avl_tree_t *tree, const void *data,
int *result)
{
int *result) {
avl_node_t *node;
int c;
node = tree->root;
if(!node) {
if(result)
if(result) {
*result = 0;
}
return NULL;
}
@ -351,24 +363,30 @@ avl_node_t *avl_search_closest_node(const avl_tree_t *tree, const void *data,
c = tree->compare(data, node->data);
if(c < 0) {
if(node->left)
if(node->left) {
node = node->left;
else {
if(result)
} else {
if(result) {
*result = -1;
}
break;
}
} else if(c > 0) {
if(node->right)
if(node->right) {
node = node->right;
else {
if(result)
} else {
if(result) {
*result = 1;
}
break;
}
} else {
if(result)
if(result) {
*result = 0;
}
break;
}
}
@ -377,37 +395,36 @@ avl_node_t *avl_search_closest_node(const avl_tree_t *tree, const void *data,
}
avl_node_t *avl_search_closest_smaller_node(const avl_tree_t *tree,
const void *data)
{
const void *data) {
avl_node_t *node;
int result;
node = avl_search_closest_node(tree, data, &result);
if(result < 0)
if(result < 0) {
node = node->prev;
}
return node;
}
avl_node_t *avl_search_closest_greater_node(const avl_tree_t *tree,
const void *data)
{
const void *data) {
avl_node_t *node;
int result;
node = avl_search_closest_node(tree, data, &result);
if(result > 0)
if(result > 0) {
node = node->next;
}
return node;
}
/* Insertion and deletion */
avl_node_t *avl_insert(avl_tree_t *tree, void *data)
{
avl_node_t *avl_insert(avl_tree_t *tree, void *data) {
avl_node_t *closest, *new;
int result;
@ -418,21 +435,21 @@ avl_node_t *avl_insert(avl_tree_t *tree, void *data)
} else {
closest = avl_search_closest_node(tree, data, &result);
switch (result) {
case -1:
new = avl_alloc_node();
new->data = data;
avl_insert_before(tree, closest, new);
break;
switch(result) {
case -1:
new = avl_alloc_node();
new->data = data;
avl_insert_before(tree, closest, new);
break;
case 1:
new = avl_alloc_node();
new->data = data;
avl_insert_after(tree, closest, new);
break;
case 1:
new = avl_alloc_node();
new->data = data;
avl_insert_after(tree, closest, new);
break;
default:
return NULL;
default:
return NULL;
}
}
@ -446,27 +463,26 @@ avl_node_t *avl_insert(avl_tree_t *tree, void *data)
return new;
}
avl_node_t *avl_insert_node(avl_tree_t *tree, avl_node_t *node)
{
avl_node_t *avl_insert_node(avl_tree_t *tree, avl_node_t *node) {
avl_node_t *closest;
int result;
if(!tree->root)
if(!tree->root) {
avl_insert_top(tree, node);
else {
} else {
closest = avl_search_closest_node(tree, node->data, &result);
switch (result) {
case -1:
avl_insert_before(tree, closest, node);
break;
switch(result) {
case -1:
avl_insert_before(tree, closest, node);
break;
case 1:
avl_insert_after(tree, closest, node);
break;
case 1:
avl_insert_after(tree, closest, node);
break;
case 0:
return NULL;
case 0:
return NULL;
}
}
@ -480,20 +496,20 @@ avl_node_t *avl_insert_node(avl_tree_t *tree, avl_node_t *node)
return node;
}
void avl_insert_top(avl_tree_t *tree, avl_node_t *node)
{
void avl_insert_top(avl_tree_t *tree, avl_node_t *node) {
node->prev = node->next = node->parent = NULL;
tree->head = tree->tail = tree->root = node;
}
void avl_insert_before(avl_tree_t *tree, avl_node_t *before,
avl_node_t *node)
{
avl_node_t *node) {
if(!before) {
if(tree->tail)
if(tree->tail) {
avl_insert_after(tree, tree->tail, node);
else
} else {
avl_insert_top(tree, node);
}
return;
}
@ -506,10 +522,11 @@ void avl_insert_before(avl_tree_t *tree, avl_node_t *before,
return;
}
if(before->prev)
if(before->prev) {
before->prev->next = node;
else
} else {
tree->head = node;
}
before->prev = node;
before->left = node;
@ -517,13 +534,14 @@ void avl_insert_before(avl_tree_t *tree, avl_node_t *before,
avl_rebalance(tree, before);
}
void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node)
{
void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node) {
if(!after) {
if(tree->head)
if(tree->head) {
avl_insert_before(tree, tree->head, node);
else
} else {
avl_insert_top(tree, node);
}
return;
}
@ -536,10 +554,11 @@ void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node)
node->parent = after;
node->next = after->next;
if(after->next)
if(after->next) {
after->next->prev = node;
else
} else {
tree->tail = node;
}
after->next = node;
after->right = node;
@ -547,47 +566,51 @@ void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node)
avl_rebalance(tree, after);
}
avl_node_t *avl_unlink(avl_tree_t *tree, void *data)
{
avl_node_t *avl_unlink(avl_tree_t *tree, void *data) {
avl_node_t *node;
node = avl_search_node(tree, data);
if(node)
if(node) {
avl_unlink_node(tree, node);
}
return node;
}
void avl_unlink_node(avl_tree_t *tree, avl_node_t *node)
{
void avl_unlink_node(avl_tree_t *tree, avl_node_t *node) {
avl_node_t *parent;
avl_node_t **superparent;
avl_node_t *subst, *left, *right;
avl_node_t *balnode;
if(node->prev)
if(node->prev) {
node->prev->next = node->next;
else
} else {
tree->head = node->next;
if(node->next)
}
if(node->next) {
node->next->prev = node->prev;
else
} else {
tree->tail = node->prev;
}
parent = node->parent;
superparent =
parent ? node ==
parent->left ? &parent->left : &parent->right : &tree->root;
parent ? node ==
parent->left ? &parent->left : &parent->right : &tree->root;
left = node->left;
right = node->right;
if(!left) {
*superparent = right;
if(right)
if(right) {
right->parent = parent;
}
balnode = parent;
} else if(!right) {
@ -596,8 +619,10 @@ void avl_unlink_node(avl_tree_t *tree, avl_node_t *node)
balnode = parent;
} else {
subst = node->prev;
if(!subst) // This only happens if node is not actually in a tree at all.
if(!subst) { // This only happens if node is not actually in a tree at all.
abort();
}
if(subst == left) {
balnode = subst;
@ -605,8 +630,9 @@ void avl_unlink_node(avl_tree_t *tree, avl_node_t *node)
balnode = subst->parent;
balnode->right = subst->left;
if(balnode->right)
if(balnode->right) {
balnode->right->parent = balnode;
}
subst->left = left;
left->parent = subst;
@ -630,26 +656,24 @@ void avl_unlink_node(avl_tree_t *tree, avl_node_t *node)
#endif
}
void avl_delete_node(avl_tree_t *tree, avl_node_t *node)
{
void avl_delete_node(avl_tree_t *tree, avl_node_t *node) {
avl_unlink_node(tree, node);
avl_free_node(tree, node);
}
void avl_delete(avl_tree_t *tree, void *data)
{
void avl_delete(avl_tree_t *tree, void *data) {
avl_node_t *node;
node = avl_search_node(tree, data);
if(node)
if(node) {
avl_delete_node(tree, node);
}
}
/* Fast tree cleanup */
void avl_delete_tree(avl_tree_t *tree)
{
void avl_delete_tree(avl_tree_t *tree) {
avl_node_t *node, *next;
for(node = tree->head; node; node = next) {
@ -662,8 +686,7 @@ void avl_delete_tree(avl_tree_t *tree)
/* Tree walking */
void avl_foreach(const avl_tree_t *tree, avl_action_t action)
{
void avl_foreach(const avl_tree_t *tree, avl_action_t action) {
avl_node_t *node, *next;
for(node = tree->head; node; node = next) {
@ -672,8 +695,7 @@ void avl_foreach(const avl_tree_t *tree, avl_action_t action)
}
}
void avl_foreach_node(const avl_tree_t *tree, avl_action_t action)
{
void avl_foreach_node(const avl_tree_t *tree, avl_action_t action) {
avl_node_t *node, *next;
for(node = tree->head; node; node = next) {
@ -685,13 +707,11 @@ void avl_foreach_node(const avl_tree_t *tree, avl_action_t action)
/* Indexing */
#ifdef AVL_COUNT
unsigned int avl_count(const avl_tree_t *tree)
{
unsigned int avl_count(const avl_tree_t *tree) {
return AVL_NODE_COUNT(tree->root);
}
avl_node_t *avl_get_node(const avl_tree_t *tree, unsigned int index)
{
avl_node_t *avl_get_node(const avl_tree_t *tree, unsigned int index) {
avl_node_t *node;
unsigned int c;
@ -713,16 +733,17 @@ avl_node_t *avl_get_node(const avl_tree_t *tree, unsigned int index)
return NULL;
}
unsigned int avl_index(const avl_node_t *node)
{
unsigned int avl_index(const avl_node_t *node) {
avl_node_t *next;
unsigned int index;
index = AVL_L_COUNT(node);
while((next = node->parent)) {
if(node == next->right)
if(node == next->right) {
index += AVL_L_COUNT(next) + 1;
}
node = next;
}
@ -730,8 +751,7 @@ unsigned int avl_index(const avl_node_t *node)
}
#endif
#ifdef AVL_DEPTH
unsigned int avl_depth(const avl_tree_t *tree)
{
unsigned int avl_depth(const avl_tree_t *tree) {
return AVL_NODE_DEPTH(tree->root);
}
#endif

View file

@ -1,3 +1,6 @@
#ifndef TINC_AVL_TREE_H
#define TINC_AVL_TREE_H
/*
avl_tree.h -- header file for avl_tree.c
Copyright (C) 1998 Michael H. Buselli
@ -26,14 +29,10 @@
the code. Mail me if you found a bug.
Cleaned up and incorporated some of the ideas from the red-black tree
library for inclusion into tinc (http://www.tinc-vpn.org/) by
library for inclusion into tinc (https://www.tinc-vpn.org/) by
Guus Sliepen <guus@tinc-vpn.org>.
*/
#ifndef __AVL_TREE_H__
#define __AVL_TREE_H__
#ifndef AVL_DEPTH
#ifndef AVL_COUNT
#define AVL_DEPTH
@ -66,9 +65,9 @@ typedef struct avl_node_t {
} avl_node_t;
typedef int (*avl_compare_t)(const void *, const void *);
typedef void (*avl_action_t)(const void *);
typedef void (*avl_action_node_t)(const avl_node_t *);
typedef int (*avl_compare_t)(const void *data1, const void *data2);
typedef void (*avl_action_t)(const void *data);
typedef void (*avl_action_node_t)(const avl_node_t *node);
typedef struct avl_tree_t {
@ -88,56 +87,56 @@ typedef struct avl_tree_t {
/* (De)constructors */
extern avl_tree_t *avl_alloc_tree(avl_compare_t, avl_action_t);
extern void avl_free_tree(avl_tree_t *);
extern avl_tree_t *avl_alloc_tree(avl_compare_t compare, avl_action_t delete);
extern void avl_free_tree(avl_tree_t *tree);
extern avl_node_t *avl_alloc_node(void);
extern void avl_free_node(avl_tree_t *tree, avl_node_t *);
extern void avl_free_node(avl_tree_t *tree, avl_node_t *node);
/* Insertion and deletion */
extern avl_node_t *avl_insert(avl_tree_t *, void *);
extern avl_node_t *avl_insert_node(avl_tree_t *, avl_node_t *);
extern avl_node_t *avl_insert(avl_tree_t *tree, void *data);
extern avl_node_t *avl_insert_node(avl_tree_t *tree, avl_node_t *node);
extern void avl_insert_top(avl_tree_t *, avl_node_t *);
extern void avl_insert_before(avl_tree_t *, avl_node_t *, avl_node_t *);
extern void avl_insert_after(avl_tree_t *, avl_node_t *, avl_node_t *);
extern void avl_insert_top(avl_tree_t *tree, avl_node_t *node);
extern void avl_insert_before(avl_tree_t *tree, avl_node_t *before, avl_node_t *node);
extern void avl_insert_after(avl_tree_t *tree, avl_node_t *after, avl_node_t *node);
extern avl_node_t *avl_unlink(avl_tree_t *, void *);
extern void avl_unlink_node(avl_tree_t *tree, avl_node_t *);
extern void avl_delete(avl_tree_t *, void *);
extern void avl_delete_node(avl_tree_t *, avl_node_t *);
extern avl_node_t *avl_unlink(avl_tree_t *tree, void *data);
extern void avl_unlink_node(avl_tree_t *tree, avl_node_t *node);
extern void avl_delete(avl_tree_t *tree, void *data);
extern void avl_delete_node(avl_tree_t *tree, avl_node_t *node);
/* Fast tree cleanup */
extern void avl_delete_tree(avl_tree_t *);
extern void avl_delete_tree(avl_tree_t *tree);
/* Searching */
extern void *avl_search(const avl_tree_t *, const void *);
extern void *avl_search_closest(const avl_tree_t *, const void *, int *);
extern void *avl_search_closest_smaller(const avl_tree_t *, const void *);
extern void *avl_search_closest_greater(const avl_tree_t *, const void *);
extern void *avl_search(const avl_tree_t *tree, const void *data);
extern void *avl_search_closest(const avl_tree_t *tree, const void *data, int *result);
extern void *avl_search_closest_smaller(const avl_tree_t *tree, const void *data);
extern void *avl_search_closest_greater(const avl_tree_t *tree, const void *data);
extern avl_node_t *avl_search_node(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_closest_node(const avl_tree_t *, const void *, int *);
extern avl_node_t *avl_search_closest_smaller_node(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_closest_greater_node(const avl_tree_t *, const void *);
extern avl_node_t *avl_search_node(const avl_tree_t *tree, const void *data);
extern avl_node_t *avl_search_closest_node(const avl_tree_t *tree, const void *data, int *result);
extern avl_node_t *avl_search_closest_smaller_node(const avl_tree_t *tree, const void *data);
extern avl_node_t *avl_search_closest_greater_node(const avl_tree_t *tree, const void *data);
/* Tree walking */
extern void avl_foreach(const avl_tree_t *, avl_action_t);
extern void avl_foreach_node(const avl_tree_t *, avl_action_t);
extern void avl_foreach(const avl_tree_t *tree, avl_action_t action);
extern void avl_foreach_node(const avl_tree_t *tree, avl_action_t action);
/* Indexing */
#ifdef AVL_COUNT
extern unsigned int avl_count(const avl_tree_t *);
extern avl_node_t *avl_get_node(const avl_tree_t *, unsigned int);
extern unsigned int avl_index(const avl_node_t *);
extern unsigned int avl_count(const avl_tree_t *tree);
extern avl_node_t *avl_get_node(const avl_tree_t *tree, unsigned int index);
extern unsigned int avl_index(const avl_node_t *node);
#endif
#ifdef AVL_DEPTH
extern unsigned int avl_depth(const avl_tree_t *);
extern unsigned int avl_depth(const avl_tree_t *tree);
#endif
#endif /* __AVL_TREE_H__ */
#endif

View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction BSD tun/tap device
Copyright (C) 2001-2005 Ivo Timmermans,
2001-2014 Guus Sliepen <guus@tinc-vpn.org>
2001-2016 Guus Sliepen <guus@tinc-vpn.org>
2009 Grzegorz Dymarek <gregd72002@googlemail.com>
This program is free software; you can redistribute it and/or modify
@ -33,13 +33,15 @@
#include "tunemu.h"
#endif
#define DEFAULT_TUN_DEVICE "/dev/tun0"
#if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) || defined(HAVE_DARWIN)
#define DEFAULT_TAP_DEVICE "/dev/tap0"
#else
#define DEFAULT_TAP_DEVICE "/dev/tun0"
#ifdef HAVE_NET_IF_UTUN_H
#include <sys/sys_domain.h>
#include <sys/kern_control.h>
#include <net/if_utun.h>
#endif
#define DEFAULT_TUN_DEVICE "/dev/tun0"
#define DEFAULT_TAP_DEVICE "/dev/tap0"
typedef enum device_type {
DEVICE_TYPE_TUN,
DEVICE_TYPE_TUNIFHEAD,
@ -47,12 +49,13 @@ typedef enum device_type {
#ifdef ENABLE_TUNEMU
DEVICE_TYPE_TUNEMU,
#endif
DEVICE_TYPE_UTUN,
} device_type_t;
int device_fd = -1;
char *device = NULL;
char *iface = NULL;
static char *device_info = NULL;
static const char *device_info = "OS X utun device";
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
#if defined(ENABLE_TUNEMU)
@ -63,51 +66,140 @@ static device_type_t device_type = DEVICE_TYPE_TUNIFHEAD;
static device_type_t device_type = DEVICE_TYPE_TUN;
#endif
static bool setup_device(void) {
char *type;
#ifdef HAVE_NET_IF_UTUN_H
static bool setup_utun(void) {
device_fd = socket(PF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL);
if(!get_config_string(lookup_config(config_tree, "Device"), &device)) {
if(routing_mode == RMODE_ROUTER)
device = xstrdup(DEFAULT_TUN_DEVICE);
else
device = xstrdup(DEFAULT_TAP_DEVICE);
if(device_fd == -1) {
logger(LOG_ERR, "Could not open PF_SYSTEM socket: %s\n", strerror(errno));
return false;
}
if(!get_config_string(lookup_config(config_tree, "Interface"), &iface))
iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device);
struct ctl_info info = {};
strlcpy(info.ctl_name, UTUN_CONTROL_NAME, sizeof(info.ctl_name));
if(ioctl(device_fd, CTLIOCGINFO, &info) == -1) {
logger(LOG_ERR, "ioctl(CTLIOCGINFO) failed: %s", strerror(errno));
return false;
}
int unit = -1;
char *p = strstr(device, "utun"), *e = NULL;
if(p) {
unit = strtol(p + 4, &e, 10);
if(!e) {
unit = -1;
}
}
struct sockaddr_ctl sc = {
.sc_id = info.ctl_id,
.sc_len = sizeof(sc),
.sc_family = AF_SYSTEM,
.ss_sysaddr = AF_SYS_CONTROL,
.sc_unit = unit + 1,
};
if(connect(device_fd, (struct sockaddr *)&sc, sizeof(sc)) == -1) {
logger(LOG_ERR, "Could not connect utun socket: %s\n", strerror(errno));
return false;
}
char name[64] = "";
socklen_t len = sizeof(name);
if(getsockopt(device_fd, SYSPROTO_CONTROL, UTUN_OPT_IFNAME, name, &len)) {
iface = xstrdup(device);
} else {
iface = xstrdup(name);
}
logger(LOG_INFO, "%s is a %s", device, device_info);
return true;
}
#endif
static bool setup_device(void) {
// Find out which device file to open
if(!get_config_string(lookup_config(config_tree, "Device"), &device)) {
if(routing_mode == RMODE_ROUTER) {
device = xstrdup(DEFAULT_TUN_DEVICE);
} else {
device = xstrdup(DEFAULT_TAP_DEVICE);
}
}
// Find out if it's supposed to be a tun or a tap device
char *type;
if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
if(!strcasecmp(type, "tun"))
/* use default */;
#ifdef ENABLE_TUNEMU
else if(!strcasecmp(type, "tunemu"))
else if(!strcasecmp(type, "tunemu")) {
device_type = DEVICE_TYPE_TUNEMU;
}
#endif
else if(!strcasecmp(type, "tunnohead"))
#ifdef HAVE_NET_IF_UTUN_H
else if(!strcasecmp(type, "utun")) {
device_type = DEVICE_TYPE_UTUN;
}
#endif
else if(!strcasecmp(type, "tunnohead")) {
device_type = DEVICE_TYPE_TUN;
else if(!strcasecmp(type, "tunifhead"))
} else if(!strcasecmp(type, "tunifhead")) {
device_type = DEVICE_TYPE_TUNIFHEAD;
else if(!strcasecmp(type, "tap"))
} else if(!strcasecmp(type, "tap")) {
device_type = DEVICE_TYPE_TAP;
else {
} else {
logger(LOG_ERR, "Unknown device type %s!", type);
return false;
}
} else {
if(strstr(device, "tap") || routing_mode != RMODE_ROUTER)
device_type = DEVICE_TYPE_TAP;
#ifdef HAVE_NET_IF_UTUN_H
if(strncmp(device, "utun", 4) == 0 || strncmp(device, "/dev/utun", 9) == 0) {
device_type = DEVICE_TYPE_UTUN;
} else
#endif
if(strstr(device, "tap") || routing_mode != RMODE_ROUTER) {
device_type = DEVICE_TYPE_TAP;
}
}
if(routing_mode == RMODE_SWITCH && device_type != DEVICE_TYPE_TAP) {
logger(LOG_ERR, "Only tap devices support switch mode!");
return false;
}
// Open the device
switch(device_type) {
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU: {
char dynamic_name[256] = "";
device_fd = tunemu_open(dynamic_name);
}
break;
case DEVICE_TYPE_TUNEMU: {
char dynamic_name[256] = "";
device_fd = tunemu_open(dynamic_name);
}
break;
#endif
default:
device_fd = open(device, O_RDWR | O_NONBLOCK);
#ifdef HAVE_NET_IF_UTUN_H
case DEVICE_TYPE_UTUN:
return setup_utun();
#endif
default:
device_fd = open(device, O_RDWR | O_NONBLOCK);
}
if(device_fd < 0) {
@ -119,70 +211,118 @@ static bool setup_device(void) {
fcntl(device_fd, F_SETFD, FD_CLOEXEC);
#endif
// Guess what the corresponding interface is called
char *realname = NULL;
#if defined(HAVE_FDEVNAME)
realname = fdevname(device_fd);
#elif defined(HAVE_DEVNAME)
struct stat buf;
if(!fstat(device_fd, &buf)) {
realname = devname(buf.st_rdev, S_IFCHR);
}
#endif
if(!realname) {
realname = device;
}
if(!get_config_string(lookup_config(config_tree, "Interface"), &iface)) {
iface = xstrdup(strrchr(realname, '/') ? strrchr(realname, '/') + 1 : realname);
} else if(strcmp(iface, strrchr(realname, '/') ? strrchr(realname, '/') + 1 : realname)) {
logger(LOG_WARNING, "Warning: Interface does not match Device. $INTERFACE might be set incorrectly.");
}
// Configure the device as best as we can
switch(device_type) {
default:
device_type = DEVICE_TYPE_TUN;
case DEVICE_TYPE_TUN:
default:
device_type = DEVICE_TYPE_TUN;
case DEVICE_TYPE_TUN:
#ifdef TUNSIFHEAD
{
const int zero = 0;
if(ioctl(device_fd, TUNSIFHEAD, &zero, sizeof zero) == -1) {
if(ioctl(device_fd, TUNSIFHEAD, &zero, sizeof(zero)) == -1) {
logger(LOG_ERR, "System call `%s' failed: %s", "ioctl", strerror(errno));
return false;
}
}
#endif
#if defined(TUNSIFMODE) && defined(IFF_BROADCAST) && defined(IFF_MULTICAST)
{
const int mode = IFF_BROADCAST | IFF_MULTICAST;
ioctl(device_fd, TUNSIFMODE, &mode, sizeof mode);
ioctl(device_fd, TUNSIFMODE, &mode, sizeof(mode));
}
#endif
device_info = "Generic BSD tun device";
break;
case DEVICE_TYPE_TUNIFHEAD:
device_info = "Generic BSD tun device";
break;
case DEVICE_TYPE_TUNIFHEAD:
#ifdef TUNSIFHEAD
{
const int one = 1;
if(ioctl(device_fd, TUNSIFHEAD, &one, sizeof one) == -1) {
if(ioctl(device_fd, TUNSIFHEAD, &one, sizeof(one)) == -1) {
logger(LOG_ERR, "System call `%s' failed: %s", "ioctl", strerror(errno));
return false;
}
}
#endif
#if defined(TUNSIFMODE) && defined(IFF_BROADCAST) && defined(IFF_MULTICAST)
{
const int mode = IFF_BROADCAST | IFF_MULTICAST;
ioctl(device_fd, TUNSIFMODE, &mode, sizeof mode);
const int mode = IFF_BROADCAST | IFF_MULTICAST;
ioctl(device_fd, TUNSIFMODE, &mode, sizeof(mode));
}
#endif
device_info = "Generic BSD tun device";
break;
case DEVICE_TYPE_TAP:
if(routing_mode == RMODE_ROUTER)
overwrite_mac = true;
device_info = "Generic BSD tap device";
device_info = "Generic BSD tun device";
break;
case DEVICE_TYPE_TAP:
if(routing_mode == RMODE_ROUTER) {
overwrite_mac = true;
}
device_info = "Generic BSD tap device";
#ifdef TAPGIFNAME
{
struct ifreq ifr;
if(ioctl(device_fd, TAPGIFNAME, (void*)&ifr) == 0) {
if(iface)
free(iface);
iface = xstrdup(ifr.ifr_name);
{
struct ifreq ifr;
if(ioctl(device_fd, TAPGIFNAME, (void *)&ifr) == 0) {
if(iface) {
free(iface);
}
iface = xstrdup(ifr.ifr_name);
}
}
#endif
break;
break;
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU:
device_info = "BSD tunemu device";
break;
case DEVICE_TYPE_TUNEMU:
device_info = "BSD tunemu device";
break;
#endif
}
#ifdef SIOCGIFADDR
if(overwrite_mac) {
ioctl(device_fd, SIOCGIFADDR, mymac.x);
}
#endif
logger(LOG_INFO, "%s is a %s", device, device_info);
return true;
@ -191,12 +331,14 @@ static bool setup_device(void) {
static void close_device(void) {
switch(device_type) {
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU:
tunemu_close(device_fd);
break;
case DEVICE_TYPE_TUNEMU:
tunemu_close(device_fd);
break;
#endif
default:
close(device_fd);
default:
close(device_fd);
}
free(device);
@ -207,158 +349,165 @@ static bool read_packet(vpn_packet_t *packet) {
int lenin;
switch(device_type) {
case DEVICE_TYPE_TUN:
case DEVICE_TYPE_TUN:
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU:
if(device_type == DEVICE_TYPE_TUNEMU)
lenin = tunemu_read(device_fd, packet->data + 14, MTU - 14);
else
case DEVICE_TYPE_TUNEMU:
if(device_type == DEVICE_TYPE_TUNEMU) {
lenin = tunemu_read(device_fd, packet->data + 14, MTU - 14);
} else
#endif
lenin = read(device_fd, packet->data + 14, MTU - 14);
lenin = read(device_fd, packet->data + 14, MTU - 14);
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
switch(packet->data[14] >> 4) {
case 4:
packet->data[12] = 0x08;
packet->data[13] = 0x00;
break;
case 6:
packet->data[12] = 0x86;
packet->data[13] = 0xDD;
break;
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown IP version %d while reading packet from %s %s",
packet->data[14] >> 4, device_info, device);
return false;
}
memset(packet->data, 0, 12);
packet->len = lenin + 14;
break;
case DEVICE_TYPE_TUNIFHEAD: {
u_int32_t type;
struct iovec vector[2] = {{&type, sizeof(type)}, {packet->data + 14, MTU - 14}};
if((lenin = readv(device_fd, vector, 2)) <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
switch (ntohl(type)) {
case AF_INET:
packet->data[12] = 0x08;
packet->data[13] = 0x00;
break;
case AF_INET6:
packet->data[12] = 0x86;
packet->data[13] = 0xDD;
break;
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown address family %x while reading packet from %s %s",
ntohl(type), device_info, device);
return false;
}
memset(packet->data, 0, 12);
packet->len = lenin + 10;
break;
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
case DEVICE_TYPE_TAP:
if((lenin = read(device_fd, packet->data, MTU)) <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
switch(packet->data[14] >> 4) {
case 4:
packet->data[12] = 0x08;
packet->data[13] = 0x00;
break;
packet->len = lenin;
case 6:
packet->data[12] = 0x86;
packet->data[13] = 0xDD;
break;
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown IP version %d while reading packet from %s %s",
packet->data[14] >> 4, device_info, device);
return false;
}
memset(packet->data, 0, 12);
packet->len = lenin + 14;
break;
case DEVICE_TYPE_UTUN:
case DEVICE_TYPE_TUNIFHEAD: {
if((lenin = read(device_fd, packet->data + 10, MTU - 10)) <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
switch(packet->data[14] >> 4) {
case 4:
packet->data[12] = 0x08;
packet->data[13] = 0x00;
break;
case 6:
packet->data[12] = 0x86;
packet->data[13] = 0xDD;
break;
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown IP version %d while reading packet from %s %s",
packet->data[14] >> 4, device_info, device);
return false;
}
memset(packet->data, 0, 12);
packet->len = lenin + 10;
break;
}
case DEVICE_TYPE_TAP:
if((lenin = read(device_fd, packet->data, MTU)) <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
return false;
}
packet->len = lenin;
break;
default:
return false;
}
device_total_in += packet->len;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Read packet of %d bytes from %s",
packet->len, device_info);
packet->len, device_info);
return true;
}
static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info);
packet->len, device_info);
switch(device_type) {
case DEVICE_TYPE_TUN:
if(write(device_fd, packet->data + 14, packet->len - 14) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
break;
case DEVICE_TYPE_TUNIFHEAD: {
u_int32_t type;
struct iovec vector[2] = {{&type, sizeof(type)}, {packet->data + 14, packet->len - 14}};
int af;
af = (packet->data[12] << 8) + packet->data[13];
switch (af) {
case 0x0800:
type = htonl(AF_INET);
break;
case 0x86DD:
type = htonl(AF_INET6);
break;
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown address family %x while writing packet to %s %s",
af, device_info, device);
return false;
}
if(writev(device_fd, vector, 2) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
case DEVICE_TYPE_TUN:
if(write(device_fd, packet->data + 14, packet->len - 14) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
case DEVICE_TYPE_TAP:
if(write(device_fd, packet->data, packet->len) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
break;
case DEVICE_TYPE_UTUN:
case DEVICE_TYPE_TUNIFHEAD: {
int af = (packet->data[12] << 8) + packet->data[13];
uint32_t type;
switch(af) {
case 0x0800:
type = htonl(AF_INET);
break;
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU:
if(tunemu_write(device_fd, packet->data + 14, packet->len - 14) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
case 0x86DD:
type = htonl(AF_INET6);
break;
#endif
default:
ifdebug(TRAFFIC) logger(LOG_ERR,
"Unknown address family %x while writing packet to %s %s",
af, device_info, device);
return false;
}
memcpy(packet->data + 10, &type, sizeof(type));
if(write(device_fd, packet->data + 10, packet->len - 10) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
}
case DEVICE_TYPE_TAP:
if(write(device_fd, packet->data, packet->len) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
break;
#ifdef ENABLE_TUNEMU
case DEVICE_TYPE_TUNEMU:
if(tunemu_write(device_fd, packet->data + 14, packet->len - 14) < 0) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info,
device, strerror(errno));
return false;
}
break;
#endif
default:
return false;
}
device_total_out += packet->len;

View file

@ -36,37 +36,34 @@
#define PPPPROTO_CTL 1
#define PPP_IP 0x21
#define PPP_IPV6 0x57
#define PPP_IP 0x21
#define PPP_IPV6 0x57
#define SC_LOOP_TRAFFIC 0x00000200
#define PPPIOCNEWUNIT _IOWR('t', 62, int)
#define PPPIOCSFLAGS _IOW('t', 89, int)
#define PPPIOCSNPMODE _IOW('t', 75, struct npioctl)
#define PPPIOCATTCHAN _IOW('t', 56, int)
#define PPPIOCGCHAN _IOR('t', 55, int)
#define PPPIOCCONNECT _IOW('t', 58, int)
#define PPPIOCGUNIT _IOR('t', 86, int)
#define PPPIOCNEWUNIT _IOWR('t', 62, int)
#define PPPIOCSFLAGS _IOW('t', 89, int)
#define PPPIOCSNPMODE _IOW('t', 75, struct npioctl)
#define PPPIOCATTCHAN _IOW('t', 56, int)
#define PPPIOCGCHAN _IOR('t', 55, int)
#define PPPIOCCONNECT _IOW('t', 58, int)
#define PPPIOCGUNIT _IOR('t', 86, int)
struct sockaddr_ppp
{
struct sockaddr_ppp {
u_int8_t ppp_len;
u_int8_t ppp_family;
u_int16_t ppp_proto;
u_int32_t ppp_cookie;
};
enum NPmode
{
enum NPmode {
NPMODE_PASS,
NPMODE_DROP,
NPMODE_ERROR,
NPMODE_QUEUE
NPMODE_DROP,
NPMODE_ERROR,
NPMODE_QUEUE
};
struct npioctl
{
struct npioctl {
int protocol;
enum NPmode mode;
};
@ -83,58 +80,55 @@ static pcap_t *pcap = NULL;
static int data_buffer_length = 0;
static char *data_buffer = NULL;
static void tun_error(char *format, ...)
{
static void tun_error(char *format, ...) {
va_list vl;
va_start(vl, format);
vsnprintf(tunemu_error, ERROR_BUFFER_SIZE, format, vl);
va_end(vl);
}
static void tun_noerror()
{
static void tun_noerror() {
*tunemu_error = 0;
}
static void closeall()
{
int fd = getdtablesize();
while (fd--)
close(fd);
static void closeall() {
int fd = getdtablesize();
open("/dev/null", O_RDWR, 0);
dup(0);
dup(0);
while(fd--) {
close(fd);
}
open("/dev/null", O_RDWR, 0);
dup(0);
dup(0);
}
static int ppp_load_kext()
{
static int ppp_load_kext() {
int pid = fork();
if (pid < 0)
{
if(pid < 0) {
tun_error("fork for ppp kext: %s", strerror(errno));
return -1;
}
if (pid == 0)
{
if(pid == 0) {
closeall();
execle("/sbin/kextload", "kextload", PPP_KEXT_PATH, NULL, NULL);
exit(1);
}
int status;
while (waitpid(pid, &status, 0) < 0)
{
if (errno == EINTR)
while(waitpid(pid, &status, 0) < 0) {
if(errno == EINTR) {
continue;
}
tun_error("waitpid for ppp kext: %s", strerror(errno));
return -1;
}
if (WEXITSTATUS(status) != 0)
{
if(WEXITSTATUS(status) != 0) {
tun_error("could not load ppp kext \"%s\"", PPP_KEXT_PATH);
return -1;
}
@ -143,74 +137,73 @@ static int ppp_load_kext()
return 0;
}
static int ppp_new_instance()
{
static int ppp_new_instance() {
// create ppp socket
int ppp_sockfd = socket(PF_PPP, SOCK_RAW, PPPPROTO_CTL);
if (ppp_sockfd < 0)
{
if (ppp_load_kext() < 0)
int ppp_sockfd = socket(PF_PPP, SOCK_RAW, PPPPROTO_CTL);
if(ppp_sockfd < 0) {
if(ppp_load_kext() < 0) {
return -1;
}
ppp_sockfd = socket(PF_PPP, SOCK_RAW, PPPPROTO_CTL);
if (ppp_sockfd < 0)
{
if(ppp_sockfd < 0) {
tun_error("creating ppp socket: %s", strerror(errno));
return -1;
}
}
// connect to ppp procotol
struct sockaddr_ppp pppaddr;
pppaddr.ppp_len = sizeof(struct sockaddr_ppp);
pppaddr.ppp_family = AF_PPP;
pppaddr.ppp_proto = PPPPROTO_CTL;
pppaddr.ppp_cookie = 0;
if (connect(ppp_sockfd, (struct sockaddr *)&pppaddr, sizeof(struct sockaddr_ppp)) < 0)
{
struct sockaddr_ppp pppaddr;
pppaddr.ppp_len = sizeof(struct sockaddr_ppp);
pppaddr.ppp_family = AF_PPP;
pppaddr.ppp_proto = PPPPROTO_CTL;
pppaddr.ppp_cookie = 0;
if(connect(ppp_sockfd, (struct sockaddr *)&pppaddr, sizeof(struct sockaddr_ppp)) < 0) {
tun_error("connecting ppp socket: %s", strerror(errno));
close(ppp_sockfd);
return -1;
}
}
tun_noerror();
return ppp_sockfd;
}
static int ppp_new_unit(int *unit_number)
{
static int ppp_new_unit(int *unit_number) {
int fd = ppp_new_instance();
if (fd < 0)
if(fd < 0) {
return -1;
}
// create ppp unit
if (ioctl(fd, PPPIOCNEWUNIT, unit_number) < 0)
{
if(ioctl(fd, PPPIOCNEWUNIT, unit_number) < 0) {
tun_error("creating ppp unit: %s", strerror(errno));
close(fd);
return -1;
}
}
tun_noerror();
return fd;
}
static int ppp_setup_unit(int unit_fd)
{
static int ppp_setup_unit(int unit_fd) {
// send traffic to program
int flags = SC_LOOP_TRAFFIC;
if (ioctl(unit_fd, PPPIOCSFLAGS, &flags) < 0)
{
if(ioctl(unit_fd, PPPIOCSFLAGS, &flags) < 0) {
tun_error("setting ppp loopback mode: %s", strerror(errno));
return -1;
}
}
// allow packets
struct npioctl npi;
npi.protocol = PPP_IP;
npi.mode = NPMODE_PASS;
if (ioctl(unit_fd, PPPIOCSNPMODE, &npi) < 0)
{
if(ioctl(unit_fd, PPPIOCSNPMODE, &npi) < 0) {
tun_error("starting ppp unit: %s", strerror(errno));
return -1;
}
@ -219,10 +212,8 @@ static int ppp_setup_unit(int unit_fd)
return 0;
}
static int open_pcap()
{
if (pcap != NULL)
{
static int open_pcap() {
if(pcap != NULL) {
pcap_use_count++;
return 0;
}
@ -231,8 +222,7 @@ static int open_pcap()
pcap = pcap_open_live("lo0", BUFSIZ, 0, 1, errbuf);
pcap_use_count = 1;
if (pcap == NULL)
{
if(pcap == NULL) {
tun_error("opening pcap: %s", errbuf);
return -1;
}
@ -241,59 +231,57 @@ static int open_pcap()
return 0;
}
static void close_pcap()
{
if (pcap == NULL)
static void close_pcap() {
if(pcap == NULL) {
return;
}
pcap_use_count--;
if (pcap_use_count == 0)
{
if(pcap_use_count == 0) {
pcap_close(pcap);
pcap = NULL;
}
}
static void allocate_data_buffer(int size)
{
if (data_buffer_length < size)
{
static void allocate_data_buffer(int size) {
if(data_buffer_length < size) {
free(data_buffer);
data_buffer_length = size;
data_buffer = malloc(data_buffer_length);
}
}
static void make_device_name(tunemu_device device, int unit_number)
{
static void make_device_name(tunemu_device device, int unit_number) {
snprintf(device, sizeof(tunemu_device), "ppp%d", unit_number);
}
static int check_device_name(tunemu_device device)
{
if (strlen(device) < 4)
static int check_device_name(tunemu_device device) {
if(strlen(device) < 4) {
return -1;
}
int unit_number = atoi(device + 3);
if (unit_number < 0 || unit_number > 999)
if(unit_number < 0 || unit_number > 999) {
return -1;
}
tunemu_device compare;
make_device_name(compare, unit_number);
if (strcmp(device, compare) != 0)
if(strcmp(device, compare) != 0) {
return -1;
}
return 0;
}
int tunemu_open(tunemu_device device)
{
int tunemu_open(tunemu_device device) {
int ppp_unit_number = -1;
if (device[0] != 0)
{
if (check_device_name(device) < 0)
{
if(device[0] != 0) {
if(check_device_name(device) < 0) {
tun_error("invalid device name \"%s\"", device);
return -1;
}
@ -302,17 +290,17 @@ int tunemu_open(tunemu_device device)
}
int ppp_unit_fd = ppp_new_unit(&ppp_unit_number);
if (ppp_unit_fd < 0)
return -1;
if (ppp_setup_unit(ppp_unit_fd) < 0)
{
if(ppp_unit_fd < 0) {
return -1;
}
if(ppp_setup_unit(ppp_unit_fd) < 0) {
close(ppp_unit_fd);
return -1;
}
if (open_pcap() < 0)
{
if(open_pcap() < 0) {
close(ppp_unit_fd);
return -1;
}
@ -322,39 +310,40 @@ int tunemu_open(tunemu_device device)
return ppp_unit_fd;
}
int tunemu_close(int ppp_sockfd)
{
int tunemu_close(int ppp_sockfd) {
int ret = close(ppp_sockfd);
if (ret == 0)
if(ret == 0) {
close_pcap();
}
return ret;
}
int tunemu_read(int ppp_sockfd, char *buffer, int length)
{
int tunemu_read(int ppp_sockfd, char *buffer, int length) {
allocate_data_buffer(length + 2);
length = read(ppp_sockfd, data_buffer, length + 2);
if (length < 0)
{
if(length < 0) {
tun_error("reading packet: %s", strerror(errno));
return length;
}
tun_noerror();
length -= 2;
if (length < 0)
if(length < 0) {
return 0;
}
memcpy(buffer, data_buffer + 2, length);
return length;
}
int tunemu_write(int ppp_sockfd, char *buffer, int length)
{
int tunemu_write(int ppp_sockfd, char *buffer, int length) {
allocate_data_buffer(length + 4);
data_buffer[0] = 0x02;
@ -364,23 +353,25 @@ int tunemu_write(int ppp_sockfd, char *buffer, int length)
memcpy(data_buffer + 4, buffer, length);
if (pcap == NULL)
{
if(pcap == NULL) {
tun_error("pcap not open");
return -1;
}
length = pcap_inject(pcap, data_buffer, length + 4);
if (length < 0)
{
if(length < 0) {
tun_error("injecting packet: %s", pcap_geterr(pcap));
return length;
}
tun_noerror();
length -= 4;
if (length < 0)
if(length < 0) {
return 0;
}
return length;
}

View file

@ -4,7 +4,7 @@
1998-2005 Ivo Timmermans
2000-2014 Guus Sliepen <guus@tinc-vpn.org>
2010-2011 Julien Muchembled <jm@jmuchemb.eu>
2000 Cris van Pelt
2000 Cris van Pelt
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -28,18 +28,18 @@
#include "conf.h"
#include "list.h"
#include "logger.h"
#include "netutl.h" /* for str2address */
#include "netutl.h" /* for str2address */
#include "protocol.h"
#include "utils.h" /* for cp */
#include "utils.h" /* for cp */
#include "xalloc.h"
avl_tree_t *config_tree;
int pinginterval = 0; /* seconds between pings */
int pingtimeout = 0; /* seconds to wait for response */
char *confbase = NULL; /* directory in which all config files are */
char *netname = NULL; /* name of the vpn network */
list_t *cmdline_conf = NULL; /* global/host configuration values given at the command line */
int pinginterval = 0; /* seconds between pings */
int pingtimeout = 0; /* seconds to wait for response */
char *confbase = NULL; /* directory in which all config files are */
char *netname = NULL; /* name of the vpn network */
list_t *cmdline_conf = NULL; /* global/host configuration values given at the command line */
static int config_compare(const config_t *a, const config_t *b) {
@ -47,27 +47,31 @@ static int config_compare(const config_t *a, const config_t *b) {
result = strcasecmp(a->variable, b->variable);
if(result)
if(result) {
return result;
}
/* give priority to command line options */
result = !b->file - !a->file;
if (result)
if(result) {
return result;
}
result = a->line - b->line;
if(result)
if(result) {
return result;
else
} else {
return a->file ? strcmp(a->file, b->file) : 0;
}
}
void init_configuration(avl_tree_t ** config_tree) {
void init_configuration(avl_tree_t **config_tree) {
*config_tree = avl_alloc_tree((avl_compare_t) config_compare, (avl_action_t) free_config);
}
void exit_configuration(avl_tree_t ** config_tree) {
void exit_configuration(avl_tree_t **config_tree) {
avl_delete_tree(*config_tree);
*config_tree = NULL;
}
@ -77,15 +81,9 @@ config_t *new_config(void) {
}
void free_config(config_t *cfg) {
if(cfg->variable)
free(cfg->variable);
if(cfg->value)
free(cfg->value);
if(cfg->file)
free(cfg->file);
free(cfg->variable);
free(cfg->value);
free(cfg->file);
free(cfg);
}
@ -102,11 +100,13 @@ config_t *lookup_config(const avl_tree_t *config_tree, char *variable) {
found = avl_search_closest_greater(config_tree, &cfg);
if(!found)
if(!found) {
return NULL;
}
if(strcasecmp(found->variable, variable))
if(strcasecmp(found->variable, variable)) {
return NULL;
}
return found;
}
@ -121,8 +121,9 @@ config_t *lookup_config_next(const avl_tree_t *config_tree, const config_t *cfg)
if(node->next) {
found = node->next->data;
if(!strcasecmp(found->variable, cfg->variable))
if(!strcasecmp(found->variable, cfg->variable)) {
return found;
}
}
}
@ -130,8 +131,9 @@ config_t *lookup_config_next(const avl_tree_t *config_tree, const config_t *cfg)
}
bool get_config_bool(const config_t *cfg, bool *result) {
if(!cfg)
if(!cfg) {
return false;
}
if(!strcasecmp(cfg->value, "yes")) {
*result = true;
@ -142,27 +144,30 @@ bool get_config_bool(const config_t *cfg, bool *result) {
}
logger(LOG_ERR, "\"yes\" or \"no\" expected for configuration variable %s in %s line %d",
cfg->variable, cfg->file, cfg->line);
cfg->variable, cfg->file, cfg->line);
return false;
}
bool get_config_int(const config_t *cfg, int *result) {
if(!cfg)
if(!cfg) {
return false;
}
if(sscanf(cfg->value, "%d", result) == 1)
if(sscanf(cfg->value, "%d", result) == 1) {
return true;
}
logger(LOG_ERR, "Integer expected for configuration variable %s in %s line %d",
cfg->variable, cfg->file, cfg->line);
cfg->variable, cfg->file, cfg->line);
return false;
}
bool get_config_string(const config_t *cfg, char **result) {
if(!cfg)
if(!cfg) {
return false;
}
*result = xstrdup(cfg->value);
@ -172,8 +177,9 @@ bool get_config_string(const config_t *cfg, char **result) {
bool get_config_address(const config_t *cfg, struct addrinfo **result) {
struct addrinfo *ai;
if(!cfg)
if(!cfg) {
return false;
}
ai = str2addrinfo(cfg->value, NULL, 0);
@ -183,31 +189,32 @@ bool get_config_address(const config_t *cfg, struct addrinfo **result) {
}
logger(LOG_ERR, "Hostname or IP address expected for configuration variable %s in %s line %d",
cfg->variable, cfg->file, cfg->line);
cfg->variable, cfg->file, cfg->line);
return false;
}
bool get_config_subnet(const config_t *cfg, subnet_t ** result) {
subnet_t subnet = {NULL};
bool get_config_subnet(const config_t *cfg, subnet_t **result) {
subnet_t subnet = {0};
if(!cfg)
if(!cfg) {
return false;
}
if(!str2net(&subnet, cfg->value)) {
logger(LOG_ERR, "Subnet expected for configuration variable %s in %s line %d",
cfg->variable, cfg->file, cfg->line);
cfg->variable, cfg->file, cfg->line);
return false;
}
/* Teach newbies what subnets are... */
if(((subnet.type == SUBNET_IPV4)
&& !maskcheck(&subnet.net.ipv4.address, subnet.net.ipv4.prefixlength, sizeof(ipv4_t)))
|| ((subnet.type == SUBNET_IPV6)
&& !maskcheck(&subnet.net.ipv6.address, subnet.net.ipv6.prefixlength, sizeof(ipv6_t)))) {
&& !maskcheck(&subnet.net.ipv4.address, subnet.net.ipv4.prefixlength, sizeof(ipv4_t)))
|| ((subnet.type == SUBNET_IPV6)
&& !maskcheck(&subnet.net.ipv6.address, subnet.net.ipv6.prefixlength, sizeof(ipv6_t)))) {
logger(LOG_ERR, "Network address and prefix length do not match for configuration variable %s in %s line %d",
cfg->variable, cfg->file, cfg->line);
cfg->variable, cfg->file, cfg->line);
return false;
}
@ -219,26 +226,31 @@ bool get_config_subnet(const config_t *cfg, subnet_t ** result) {
/*
Read exactly one line and strip the trailing newline if any.
*/
static char *readline(FILE * fp, char *buf, size_t buflen) {
static char *readline(FILE *fp, char *buf, size_t buflen) {
char *newline = NULL;
char *p;
if(feof(fp))
if(feof(fp)) {
return NULL;
}
p = fgets(buf, buflen, fp);
if(!p)
if(!p) {
return NULL;
}
newline = strchr(p, '\n');
if(!newline)
if(!newline) {
return buf;
}
*newline = '\0'; /* kill newline */
if(newline > p && newline[-1] == '\r') /* and carriage return if necessary */
*newline = '\0'; /* kill newline */
if(newline > p && newline[-1] == '\r') { /* and carriage return if necessary */
newline[-1] = '\0';
}
return buf;
}
@ -250,26 +262,32 @@ config_t *parse_config_line(char *line, const char *fname, int lineno) {
variable = value = line;
eol = line + strlen(line);
while(strchr("\t ", *--eol))
while(strchr("\t ", *--eol)) {
*eol = '\0';
}
len = strcspn(value, "\t =");
value += len;
value += strspn(value, "\t ");
if(*value == '=') {
value++;
value += strspn(value, "\t ");
}
variable[len] = '\0';
if(!*value) {
const char err[] = "No value for variable";
if (fname)
if(fname)
logger(LOG_ERR, "%s `%s' on line %d while reading config file %s",
err, variable, lineno, fname);
err, variable, lineno, fname);
else
logger(LOG_ERR, "%s `%s' in command line option %d",
err, variable, lineno);
err, variable, lineno);
return NULL;
}
@ -303,22 +321,27 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) {
}
for(;;) {
line = readline(fp, buffer, sizeof buffer);
line = readline(fp, buffer, sizeof(buffer));
if(!line) {
if(feof(fp))
if(feof(fp)) {
result = true;
}
break;
}
lineno++;
if(!*line || *line == '#')
if(!*line || *line == '#') {
continue;
}
if(ignore) {
if(!strncmp(line, "-----END", 8))
if(!strncmp(line, "-----END", 8)) {
ignore = false;
}
continue;
}
@ -328,8 +351,11 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) {
}
cfg = parse_config_line(line, fname, lineno);
if (!cfg)
if(!cfg) {
break;
}
config_add(config_tree, cfg);
}
@ -339,86 +365,92 @@ bool read_config_file(avl_tree_t *config_tree, const char *fname) {
}
void read_config_options(avl_tree_t *config_tree, const char *prefix) {
list_node_t *node, *next;
size_t prefix_len = prefix ? strlen(prefix) : 0;
for(node = cmdline_conf->tail; node; node = next) {
config_t *orig_cfg, *cfg = (config_t *)node->data;
next = node->prev;
for(const list_node_t *node = cmdline_conf->tail; node; node = node->prev) {
const config_t *cfg = node->data;
if(!prefix) {
if(strchr(cfg->variable, '.'))
if(strchr(cfg->variable, '.')) {
continue;
node->data = NULL;
list_unlink_node(cmdline_conf, node);
}
} else {
if(strncmp(prefix, cfg->variable, prefix_len) ||
cfg->variable[prefix_len] != '.')
cfg->variable[prefix_len] != '.') {
continue;
/* Because host configuration is parsed again when
reconnecting, nodes must not be freed when a prefix
is given. */
orig_cfg = cfg;
cfg = new_config();
cfg->variable = xstrdup(orig_cfg->variable + prefix_len + 1);
cfg->value = xstrdup(orig_cfg->value);
cfg->file = NULL;
cfg->line = orig_cfg->line;
}
}
config_add(config_tree, cfg);
config_t *new = new_config();
if(prefix) {
new->variable = xstrdup(cfg->variable + prefix_len + 1);
} else {
new->variable = xstrdup(cfg->variable);
}
new->value = xstrdup(cfg->value);
new->file = NULL;
new->line = cfg->line;
config_add(config_tree, new);
}
}
bool read_server_config(void) {
char *fname;
char fname[PATH_MAX];
bool x;
read_config_options(config_tree, NULL);
xasprintf(&fname, "%s/tinc.conf", confbase);
snprintf(fname, sizeof(fname), "%s/tinc.conf", confbase);
errno = 0;
x = read_config_file(config_tree, fname);
// We will try to read the conf files in the "conf.d" dir
if (x) {
char * dname;
xasprintf(&dname, "%s/conf.d", confbase);
DIR *dir = opendir (dname);
if(x) {
char dname[PATH_MAX];
snprintf(dname, sizeof(dname), "%s/conf.d", confbase);
DIR *dir = opendir(dname);
// If we can find this dir
if (dir) {
if(dir) {
struct dirent *ep;
// We list all the files in it
while (x && (ep = readdir (dir))) {
while(x && (ep = readdir(dir))) {
size_t l = strlen(ep->d_name);
// And we try to read the ones that end with ".conf"
if (l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) {
free(fname);
xasprintf(&fname, "%s/%s", dname, ep->d_name);
if(l > 5 && !strcmp(".conf", & ep->d_name[ l - 5 ])) {
if((size_t)snprintf(fname, sizeof(fname), "%s/%s", dname, ep->d_name) >= sizeof(fname)) {
logger(LOG_ERR, "Pathname too long: %s/%s", dname, ep->d_name);
return false;
}
x = read_config_file(config_tree, fname);
}
}
closedir (dir);
closedir(dir);
}
free(dname);
}
if(!x) { /* System error: complain */
if(!x && errno) {
logger(LOG_ERR, "Failed to read `%s': %s", fname, strerror(errno));
}
free(fname);
return x;
}
bool read_connection_config(connection_t *c) {
char *fname;
char fname[PATH_MAX];
bool x;
read_config_options(c->config_tree, c->name);
xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
snprintf(fname, sizeof(fname), "%s/hosts/%s", confbase, c->name);
x = read_config_file(c->config_tree, fname);
free(fname);
return x;
}
@ -430,34 +462,43 @@ static void disable_old_keys(const char *filename) {
FILE *r, *w;
r = fopen(filename, "r");
if(!r)
if(!r) {
return;
}
snprintf(tmpfile, sizeof tmpfile, "%s.tmp", filename);
int len = snprintf(tmpfile, sizeof(tmpfile), "%s.tmp", filename);
w = fopen(tmpfile, "w");
if(len < 0 || len >= PATH_MAX) {
fprintf(stderr, "Pathname too long: %s.tmp\n", filename);
w = NULL;
} else {
w = fopen(tmpfile, "w");
}
while(fgets(buf, sizeof buf, r)) {
while(fgets(buf, sizeof(buf), r)) {
if(!strncmp(buf, "-----BEGIN RSA", 14)) {
buf[11] = 'O';
buf[12] = 'L';
buf[13] = 'D';
disabled = true;
}
else if(!strncmp(buf, "-----END RSA", 12)) {
} else if(!strncmp(buf, "-----END RSA", 12)) {
buf[ 9] = 'O';
buf[10] = 'L';
buf[11] = 'D';
disabled = true;
}
if(w && fputs(buf, w) < 0) {
disabled = false;
break;
}
}
if(w)
if(w) {
fclose(w);
}
fclose(r);
if(!w && disabled) {
@ -469,10 +510,12 @@ static void disable_old_keys(const char *filename) {
#ifdef HAVE_MINGW
// We cannot atomically replace files on Windows.
char bakfile[PATH_MAX] = "";
snprintf(bakfile, sizeof bakfile, "%s.bak", filename);
snprintf(bakfile, sizeof(bakfile), "%s.bak", filename);
if(rename(filename, bakfile) || rename(tmpfile, filename)) {
rename(bakfile, filename);
#else
if(rename(tmpfile, filename)) {
#endif
fprintf(stderr, "Warning: old key(s) found, remove them by hand!\n");
@ -489,8 +532,9 @@ static void disable_old_keys(const char *filename) {
FILE *ask_and_open(const char *filename, const char *what) {
FILE *r;
char *directory;
char directory[PATH_MAX];
char line[PATH_MAX];
char abspath[PATH_MAX];
const char *fn;
/* Check stdin and stdout */
@ -502,37 +546,43 @@ FILE *ask_and_open(const char *filename, const char *what) {
} else {
/* Ask for a file and/or directory name. */
fprintf(stdout, "Please enter a file to save %s to [%s]: ",
what, filename);
what, filename);
fflush(stdout);
fn = readline(stdin, line, sizeof line);
fn = readline(stdin, line, sizeof(line));
if(!fn) {
fprintf(stderr, "Error while reading stdin: %s\n",
strerror(errno));
strerror(errno));
return NULL;
}
if(!strlen(fn))
/* User just pressed enter. */
{
fn = filename;
}
}
#ifdef HAVE_MINGW
if(fn[0] != '\\' && fn[0] != '/' && !strchr(fn, ':')) {
#else
if(fn[0] != '/') {
#endif
/* The directory is a relative path or a filename. */
char *p;
getcwd(directory, sizeof(directory));
directory = get_current_dir_name();
xasprintf(&p, "%s/%s", directory, fn);
free(directory);
fn = p;
if((size_t)snprintf(abspath, sizeof(abspath), "%s/%s", directory, fn) >= sizeof(abspath)) {
fprintf(stderr, "Pathname too long: %s/%s\n", directory, fn);
return NULL;
}
fn = abspath;
}
umask(0077); /* Disallow everything for group and other */
umask(0077); /* Disallow everything for group and other */
disable_old_keys(fn);
@ -542,7 +592,7 @@ FILE *ask_and_open(const char *filename, const char *what) {
if(!r) {
fprintf(stderr, "Error opening file `%s': %s\n",
fn, strerror(errno));
fn, strerror(errno));
return NULL;
}

View file

@ -1,3 +1,6 @@
#ifndef TINC_CONF_H
#define TINC_CONF_H
/*
conf.h -- header for conf.c
Copyright (C) 1998-2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_CONF_H__
#define __TINC_CONF_H__
#include "avl_tree.h"
#include "list.h"
@ -44,25 +44,24 @@ extern char *confbase;
extern char *netname;
extern list_t *cmdline_conf;
extern void init_configuration(avl_tree_t **);
extern void exit_configuration(avl_tree_t **);
extern config_t *new_config(void) __attribute__ ((__malloc__));
extern void free_config(config_t *);
extern void config_add(avl_tree_t *, config_t *);
extern config_t *lookup_config(const avl_tree_t *, char *);
extern config_t *lookup_config_next(const avl_tree_t *, const config_t *);
extern bool get_config_bool(const config_t *, bool *);
extern bool get_config_int(const config_t *, int *);
extern bool get_config_string(const config_t *, char **);
extern bool get_config_address(const config_t *, struct addrinfo **);
extern bool get_config_subnet(const config_t *, struct subnet_t **);
extern void init_configuration(avl_tree_t **config_tree);
extern void exit_configuration(avl_tree_t **config_tree);
extern config_t *new_config(void) __attribute__((__malloc__));
extern void free_config(config_t *cfg);
extern void config_add(avl_tree_t *config_tree, config_t *cfg);
extern config_t *lookup_config(const avl_tree_t *config_tree, char *variable);
extern config_t *lookup_config_next(const avl_tree_t *config_tree, const config_t *cfg);
extern bool get_config_bool(const config_t *cfg, bool *result);
extern bool get_config_int(const config_t *cfg, int *result);
extern bool get_config_string(const config_t *cfg, char **result);
extern bool get_config_address(const config_t *cfg, struct addrinfo **result);
extern bool get_config_subnet(const config_t *cfg, struct subnet_t **result);
extern config_t *parse_config_line(char *, const char *, int);
extern bool read_config_file(avl_tree_t *, const char *);
extern void read_config_options(avl_tree_t *, const char *);
extern config_t *parse_config_line(char *line, const char *fname, int lineno);
extern bool read_config_file(avl_tree_t *config_tree, const char *fname);
extern void read_config_options(avl_tree_t *config_tree, const char *prefix);
extern bool read_server_config(void);
extern bool read_connection_config(struct connection_t *);
extern FILE *ask_and_open(const char *, const char *);
extern bool is_safe_path(const char *);
extern bool read_connection_config(struct connection_t *c);
extern FILE *ask_and_open(const char *fname, const char *what);
#endif /* __TINC_CONF_H__ */
#endif

View file

@ -1,6 +1,6 @@
/*
connection.c -- connection list management
Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
Copyright (C) 2000-2016 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
2008 Max Rijevski <maksuf@gmail.com>
@ -28,7 +28,7 @@
#include "utils.h"
#include "xalloc.h"
avl_tree_t *connection_tree; /* Meta connections */
avl_tree_t *connection_tree; /* Meta connections */
connection_t *everyone;
static int connection_compare(const connection_t *a, const connection_t *b) {
@ -52,8 +52,9 @@ connection_t *new_connection(void) {
c = xmalloc_and_zero(sizeof(connection_t));
if(!c)
if(!c) {
return NULL;
}
gettimeofday(&c->start, NULL);
@ -91,15 +92,17 @@ void free_connection_partially(connection_t *c) {
c->outbufstart = 0;
c->last_ping_time = 0;
c->last_flushed_time = 0;
c->inbudget = 0;
c->outbudget = 0;
if(c->inctx) {
EVP_CIPHER_CTX_cleanup(c->inctx);
EVP_CIPHER_CTX_reset(c->inctx);
free(c->inctx);
c->inctx = NULL;
}
if(c->outctx) {
EVP_CIPHER_CTX_cleanup(c->outctx);
EVP_CIPHER_CTX_reset(c->outctx);
free(c->outctx);
c->outctx = NULL;
}
@ -116,8 +119,9 @@ void free_connection(connection_t *c) {
free(c->name);
free(c->hostname);
if(c->config_tree)
if(c->config_tree) {
exit_configuration(&c->config_tree);
}
free(c);
}
@ -139,8 +143,8 @@ void dump_connections(void) {
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
logger(LOG_DEBUG, " %s at %s options %x socket %d status %04x outbuf %d/%d/%d",
c->name, c->hostname, c->options, c->socket, bitfield_to_int(&c->status, sizeof c->status),
c->outbufsize, c->outbufstart, c->outbuflen);
c->name, c->hostname, c->options, c->socket, bitfield_to_int(&c->status, sizeof(c->status)),
c->outbufsize, c->outbufstart, c->outbuflen);
}
logger(LOG_DEBUG, "End of connections.");

View file

@ -1,6 +1,9 @@
#ifndef TINC_CONNECTION_H
#define TINC_CONNECTION_H
/*
connection.h -- header for connection.c
Copyright (C) 2000-2012 Guus Sliepen <guus@tinc-vpn.org>,
Copyright (C) 2000-2016 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
@ -18,30 +21,33 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_CONNECTION_H__
#define __TINC_CONNECTION_H__
#include <openssl/rsa.h>
#include <openssl/evp.h>
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define EVP_CIPHER_CTX_reset(c) EVP_CIPHER_CTX_cleanup(c)
#endif
#include "avl_tree.h"
#define OPTION_INDIRECT 0x0001
#define OPTION_TCPONLY 0x0002
#define OPTION_PMTU_DISCOVERY 0x0004
#define OPTION_CLAMP_MSS 0x0008
#define OPTION_INDIRECT 0x0001
#define OPTION_TCPONLY 0x0002
#define OPTION_PMTU_DISCOVERY 0x0004
#define OPTION_CLAMP_MSS 0x0008
typedef struct connection_status_t {
unsigned int pinged:1; /* sent ping */
unsigned int active:1; /* 1 if active.. */
unsigned int connecting:1; /* 1 if we are waiting for a non-blocking connect() to finish */
unsigned int unused_termreq:1; /* the termination of this connection was requested */
unsigned int remove:1; /* Set to 1 if you want this connection removed */
unsigned int timeout:1; /* 1 if gotten timeout */
unsigned int encryptout:1; /* 1 if we can encrypt outgoing traffic */
unsigned int decryptin:1; /* 1 if we have to decrypt incoming traffic */
unsigned int mst:1; /* 1 if this connection is part of a minimum spanning tree */
unsigned int unused:23;
unsigned int pinged: 1; /* sent ping */
unsigned int active: 1; /* 1 if active.. */
unsigned int connecting: 1; /* 1 if we are waiting for a non-blocking connect() to finish */
unsigned int unused_termreq: 1; /* the termination of this connection was requested */
unsigned int remove: 1; /* Set to 1 if you want this connection removed */
unsigned int timeout: 1; /* 1 if gotten timeout */
unsigned int encryptout: 1; /* 1 if we can encrypt outgoing traffic */
unsigned int decryptin: 1; /* 1 if we have to decrypt incoming traffic */
unsigned int mst: 1; /* 1 if this connection is part of a minimum spanning tree */
unsigned int proxy_passed: 1; /* 1 if we are connecting via a proxy and we have finished talking with it */
unsigned int tarpit: 1; /* 1 if the connection should be added to the tarpit */
unsigned int unused: 21;
} connection_status_t;
#include "edge.h"
@ -49,55 +55,57 @@ typedef struct connection_status_t {
#include "node.h"
typedef struct connection_t {
char *name; /* name he claims to have */
char *name; /* name he claims to have */
union sockaddr_t address; /* his real (internet) ip */
char *hostname; /* the hostname of its real ip */
int protocol_version; /* used protocol */
union sockaddr_t address; /* his real (internet) ip */
char *hostname; /* the hostname of its real ip */
int protocol_version; /* used protocol */
int socket; /* socket used for this connection */
uint32_t options; /* options for this connection */
connection_status_t status; /* status info */
int estimated_weight; /* estimation for the weight of the edge for this connection */
struct timeval start; /* time this connection was started, used for above estimation */
struct outgoing_t *outgoing; /* used to keep track of outgoing connections */
int socket; /* socket used for this connection */
uint32_t options; /* options for this connection */
connection_status_t status; /* status info */
int estimated_weight; /* estimation for the weight of the edge for this connection */
struct timeval start; /* time this connection was started, used for above estimation */
struct outgoing_t *outgoing; /* used to keep track of outgoing connections */
struct node_t *node; /* node associated with the other end */
struct edge_t *edge; /* edge associated with this connection */
struct node_t *node; /* node associated with the other end */
struct edge_t *edge; /* edge associated with this connection */
RSA *rsa_key; /* his public/private key */
const EVP_CIPHER *incipher; /* Cipher he will use to send data to us */
const EVP_CIPHER *outcipher; /* Cipher we will use to send data to him */
EVP_CIPHER_CTX *inctx; /* Context of encrypted meta data that will come from him to us */
EVP_CIPHER_CTX *outctx; /* Context of encrypted meta data that will be sent from us to him */
char *inkey; /* His symmetric meta key + iv */
char *outkey; /* Our symmetric meta key + iv */
int inkeylength; /* Length of his key + iv */
int outkeylength; /* Length of our key + iv */
RSA *rsa_key; /* his public/private key */
const EVP_CIPHER *incipher; /* Cipher he will use to send data to us */
const EVP_CIPHER *outcipher; /* Cipher we will use to send data to him */
EVP_CIPHER_CTX *inctx; /* Context of encrypted meta data that will come from him to us */
EVP_CIPHER_CTX *outctx; /* Context of encrypted meta data that will be sent from us to him */
uint64_t inbudget; /* Encrypted bytes send budget */
uint64_t outbudget; /* Encrypted bytes receive budget */
char *inkey; /* His symmetric meta key + iv */
char *outkey; /* Our symmetric meta key + iv */
int inkeylength; /* Length of his key + iv */
int outkeylength; /* Length of our key + iv */
const EVP_MD *indigest;
const EVP_MD *outdigest;
int inmaclength;
int outmaclength;
int incompression;
int outcompression;
char *mychallenge; /* challenge we received from him */
char *hischallenge; /* challenge we sent to him */
char *mychallenge; /* challenge we received from him */
char *hischallenge; /* challenge we sent to him */
char buffer[MAXBUFSIZE]; /* metadata input buffer */
int buflen; /* bytes read into buffer */
int reqlen; /* length of incoming request */
int tcplen; /* length of incoming TCPpacket */
int allow_request; /* defined if there's only one request possible */
char buffer[MAXBUFSIZE]; /* metadata input buffer */
int buflen; /* bytes read into buffer */
int reqlen; /* length of incoming request */
length_t tcplen; /* length of incoming TCPpacket */
int allow_request; /* defined if there's only one request possible */
char *outbuf; /* metadata output buffer */
int outbufstart; /* index of first meaningful byte in output buffer */
int outbuflen; /* number of meaningful bytes in output buffer */
int outbufsize; /* number of bytes allocated to output buffer */
char *outbuf; /* metadata output buffer */
int outbufstart; /* index of first meaningful byte in output buffer */
int outbuflen; /* number of meaningful bytes in output buffer */
int outbufsize; /* number of bytes allocated to output buffer */
time_t last_ping_time; /* last time we saw some activity from the other end or pinged them */
time_t last_flushed_time; /* last time buffer was empty. Only meaningful if outbuflen > 0 */
time_t last_ping_time; /* last time we saw some activity from the other end or pinged them */
time_t last_flushed_time; /* last time buffer was empty. Only meaningful if outbuflen > 0 */
avl_tree_t *config_tree; /* Pointer to configuration tree belonging to him */
avl_tree_t *config_tree; /* Pointer to configuration tree belonging to him */
} connection_t;
extern avl_tree_t *connection_tree;
@ -105,11 +113,11 @@ extern connection_t *everyone;
extern void init_connections(void);
extern void exit_connections(void);
extern connection_t *new_connection(void) __attribute__ ((__malloc__));
extern void free_connection(connection_t *);
extern void free_connection_partially(connection_t *);
extern void connection_add(connection_t *);
extern void connection_del(connection_t *);
extern connection_t *new_connection(void) __attribute__((__malloc__));
extern void free_connection(connection_t *c);
extern void free_connection_partially(connection_t *c);
extern void connection_add(connection_t *c);
extern void connection_del(connection_t *c);
extern void dump_connections(void);
#endif /* __TINC_CONNECTION_H__ */
#endif

View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction with Windows tap driver in a Cygwin environment
Copyright (C) 2002-2005 Ivo Timmermans,
2002-2011 Guus Sliepen <guus@tinc-vpn.org>
2002-2016 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -19,6 +19,7 @@
*/
#include "../system.h"
#include "../net.h"
#include <w32api/windows.h>
#include <w32api/winioctl.h>
@ -26,7 +27,6 @@
#include "../conf.h"
#include "../device.h"
#include "../logger.h"
#include "../net.h"
#include "../route.h"
#include "../utils.h"
#include "../xalloc.h"
@ -37,7 +37,7 @@ int device_fd = -1;
static HANDLE device_handle = INVALID_HANDLE_VALUE;
char *device = NULL;
char *iface = NULL;
static char *device_info = NULL;
static const char *device_info = "Windows tap device";
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
@ -61,6 +61,10 @@ static bool setup_device(void) {
get_config_string(lookup_config(config_tree, "Device"), &device);
get_config_string(lookup_config(config_tree, "Interface"), &iface);
if(device && iface) {
logger(LOG_WARNING, "Warning: both Device and Interface specified, results may not be as expected");
}
/* Open registry and look for network adapters */
if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, NETWORK_CONNECTIONS_KEY, 0, KEY_READ, &key)) {
@ -68,44 +72,51 @@ static bool setup_device(void) {
return false;
}
for (i = 0; ; i++) {
for(i = 0; ; i++) {
len = sizeof(adapterid);
if(RegEnumKeyEx(key, i, adapterid, &len, 0, 0, 0, NULL))
if(RegEnumKeyEx(key, i, adapterid, &len, 0, 0, 0, NULL)) {
break;
}
/* Find out more about this adapter */
snprintf(regpath, sizeof(regpath), "%s\\%s\\Connection", NETWORK_CONNECTIONS_KEY, adapterid);
if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, regpath, 0, KEY_READ, &key2))
if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, regpath, 0, KEY_READ, &key2)) {
continue;
}
len = sizeof(adaptername);
err = RegQueryValueEx(key2, "Name", 0, 0, adaptername, &len);
RegCloseKey(key2);
if(err)
if(err) {
continue;
}
if(device) {
if(!strcmp(device, adapterid)) {
found = true;
break;
} else
} else {
continue;
}
}
if(iface) {
if(!strcmp(iface, adaptername)) {
found = true;
break;
} else
} else {
continue;
}
}
snprintf(tapname, sizeof(tapname), USERMODEDEVICEDIR "%s" TAPSUFFIX, adapterid);
device_handle = CreateFile(tapname, GENERIC_WRITE | GENERIC_READ, 0, 0, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM, 0);
if(device_handle != INVALID_HANDLE_VALUE) {
CloseHandle(device_handle);
found = true;
@ -120,11 +131,13 @@ static bool setup_device(void) {
return false;
}
if(!device)
if(!device) {
device = xstrdup(adapterid);
}
if(!iface)
if(!iface) {
iface = xstrdup(adaptername);
}
snprintf(tapname, sizeof(tapname), USERMODEDEVICEDIR "%s" TAPSUFFIX, device);
@ -139,7 +152,7 @@ static bool setup_device(void) {
/* The parent opens the tap device for writing. */
device_handle = CreateFile(tapname, GENERIC_WRITE, FILE_SHARE_READ, 0, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM , 0);
device_handle = CreateFile(tapname, GENERIC_WRITE, FILE_SHARE_READ, 0, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM, 0);
if(device_handle == INVALID_HANDLE_VALUE) {
logger(LOG_ERR, "Could not open Windows tap device %s (%s) for writing: %s", device, iface, winerror(GetLastError()));
@ -202,13 +215,12 @@ static bool setup_device(void) {
}
read(device_fd, &gelukt, 1);
if(gelukt != 1) {
logger(LOG_DEBUG, "Tap reader failed!");
return false;
}
device_info = "Windows tap device";
logger(LOG_INFO, "%s (%s) is a %s", device, iface, device_info);
return true;
@ -230,7 +242,7 @@ static bool read_packet(vpn_packet_t *packet) {
if((lenin = read(sp[0], packet->data, MTU)) <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s", device_info,
device, strerror(errno));
device, strerror(errno));
return false;
}
@ -239,7 +251,7 @@ static bool read_packet(vpn_packet_t *packet) {
device_total_in += packet->len;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Read packet of %d bytes from %s", packet->len,
device_info);
device_info);
return true;
}
@ -248,9 +260,9 @@ static bool write_packet(vpn_packet_t *packet) {
long lenout;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info);
packet->len, device_info);
if(!WriteFile (device_handle, packet->data, packet->len, &lenout, NULL)) {
if(!WriteFile(device_handle, packet->data, packet->len, &lenout, NULL)) {
logger(LOG_ERR, "Error while writing to %s %s: %s", device_info, device, winerror(GetLastError()));
return false;
}

View file

@ -1,3 +1,6 @@
#ifndef TINC_DEVICE_H
#define TINC_DEVICE_H
/*
device.h -- generic header for device.c
Copyright (C) 2001-2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_DEVICE_H__
#define __TINC_DEVICE_H__
#include "net.h"
extern int device_fd;
@ -31,8 +31,8 @@ extern char *iface;
typedef struct devops_t {
bool (*setup)(void);
void (*close)(void);
bool (*read)(struct vpn_packet_t *);
bool (*write)(struct vpn_packet_t *);
bool (*read)(struct vpn_packet_t *packet);
bool (*write)(struct vpn_packet_t *packet);
void (*dump_stats)(void);
} devops_t;
@ -44,4 +44,4 @@ extern const devops_t uml_devops;
extern const devops_t vde_devops;
extern devops_t devops;
#endif /* __TINC_DEVICE_H__ */
#endif

View file

@ -1,7 +1,7 @@
/*
dropin.c -- a set of drop-in replacements for libc functions
Copyright (C) 2000-2005 Ivo Timmermans,
2000-2011 Guus Sliepen <guus@tinc-vpn.org>
2000-2016 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -50,8 +50,9 @@ int daemon(int nochdir, int noclose) {
}
/* If we are the parent, terminate */
if(pid)
if(pid) {
exit(0);
}
/* Detach by becoming the new process group leader */
if(setsid() < 0) {
@ -86,40 +87,6 @@ int daemon(int nochdir, int noclose) {
}
#endif
#ifndef HAVE_GET_CURRENT_DIR_NAME
/*
Replacement for the GNU get_current_dir_name function:
get_current_dir_name will malloc(3) an array big enough to hold the
current directory name. If the environment variable PWD is set, and
its value is correct, then that value will be returned.
*/
char *get_current_dir_name(void) {
size_t size;
char *buf;
char *r;
/* Start with 100 bytes. If this turns out to be insufficient to
contain the working directory, double the size. */
size = 100;
buf = xmalloc(size);
errno = 0; /* Success */
r = getcwd(buf, size);
/* getcwd returns NULL and sets errno to ERANGE if the bufferspace
is insufficient to contain the entire working directory. */
while(r == NULL && errno == ERANGE) {
free(buf);
size <<= 1; /* double the size */
buf = xmalloc(size);
r = getcwd(buf, size);
}
return buf;
}
#endif
#ifndef HAVE_ASPRINTF
int asprintf(char **buf, const char *fmt, ...) {
int result;
@ -140,10 +107,12 @@ int vasprintf(char **buf, const char *fmt, va_list ap) {
va_copy(aq, ap);
status = vsnprintf(*buf, len, fmt, aq);
buf[len - 1] = 0;
va_end(aq);
if(status >= 0)
if(status >= 0) {
*buf = xrealloc(*buf, status + 1);
}
if(status > len - 1) {
len = status;

View file

@ -1,3 +1,6 @@
#ifndef TINC_DROPIN_H
#define TINC_DROPIN_H
/*
dropin.h -- header file for dropin.c
Copyright (C) 2000-2005 Ivo Timmermans,
@ -18,14 +21,11 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __DROPIN_H__
#define __DROPIN_H__
#include "fake-getaddrinfo.h"
#include "fake-getnameinfo.h"
#ifndef HAVE_DAEMON
extern int daemon(int, int);
extern int daemon(int nochdir, int noclose);
#endif
#ifndef HAVE_GET_CURRENT_DIR_NAME
@ -33,16 +33,16 @@ extern char *get_current_dir_name(void);
#endif
#ifndef HAVE_ASPRINTF
extern int asprintf(char **, const char *, ...);
extern int vasprintf(char **, const char *, va_list ap);
extern int asprintf(char **buf, const char *fmt, ...);
extern int vasprintf(char **buf, const char *fmt, va_list ap);
#endif
#ifndef HAVE_GETTIMEOFDAY
extern int gettimeofday(struct timeval *, void *);
extern int gettimeofday(struct timeval *tv, void *tz);
#endif
#ifndef HAVE_USLEEP
extern int usleep(long long);
extern int usleep(long long usec);
#endif
#endif /* __DROPIN_H__ */
#endif

View file

@ -22,23 +22,27 @@
#include "device.h"
#include "logger.h"
#include "net.h"
#include "xalloc.h"
static char *device_info = "dummy device";
static const char *device_info = "dummy device";
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
static bool setup_device(void) {
device = "dummy";
iface = "dummy";
device = xstrdup("dummy");
iface = xstrdup("dummy");
logger(LOG_INFO, "%s (%s) is a %s", device, iface, device_info);
return true;
}
static void close_device(void) {
free(device);
free(iface);
}
static bool read_packet(vpn_packet_t *packet) {
(void)packet;
return false;
}

View file

@ -28,7 +28,7 @@
#include "utils.h"
#include "xalloc.h"
avl_tree_t *edge_weight_tree; /* Tree with all edges, sorted on weight */
avl_tree_t *edge_weight_tree; /* Tree with all edges, sorted on weight */
static int edge_compare(const edge_t *a, const edge_t *b) {
return strcmp(a->to->name, b->to->name);
@ -39,13 +39,15 @@ static int edge_weight_compare(const edge_t *a, const edge_t *b) {
result = a->weight - b->weight;
if(result)
if(result) {
return result;
}
result = strcmp(a->from->name, b->from->name);
if(result)
if(result) {
return result;
}
return strcmp(a->to->name, b->to->name);
}
@ -84,13 +86,15 @@ void edge_add(edge_t *e) {
e->reverse = lookup_edge(e->to, e->from);
if(e->reverse)
if(e->reverse) {
e->reverse->reverse = e;
}
}
void edge_del(edge_t *e) {
if(e->reverse)
if(e->reverse) {
e->reverse->reverse = NULL;
}
avl_delete(edge_weight_tree, e);
avl_delete(e->from->edge_tree, e);
@ -115,11 +119,12 @@ void dump_edges(void) {
for(node = node_tree->head; node; node = node->next) {
n = node->data;
for(node2 = n->edge_tree->head; node2; node2 = node2->next) {
e = node2->data;
address = sockaddr2hostname(&e->address);
logger(LOG_DEBUG, " %s to %s at %s options %x weight %d",
e->from->name, e->to->name, address, e->options, e->weight);
e->from->name, e->to->name, address, e->options, e->weight);
free(address);
}
}

View file

@ -1,3 +1,6 @@
#ifndef TINC_EDGE_H
#define TINC_EDGE_H
/*
edge.h -- header for edge.c
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_EDGE_H__
#define __TINC_EDGE_H__
#include "avl_tree.h"
#include "connection.h"
#include "net.h"
@ -31,24 +31,24 @@ typedef struct edge_t {
struct node_t *to;
sockaddr_t address;
uint32_t options; /* options turned on for this edge */
int weight; /* weight of this edge */
uint32_t options; /* options turned on for this edge */
int weight; /* weight of this edge */
struct connection_t *connection; /* connection associated with this edge, if available */
struct edge_t *reverse; /* edge in the opposite direction, if available */
struct connection_t *connection; /* connection associated with this edge, if available */
struct edge_t *reverse; /* edge in the opposite direction, if available */
} edge_t;
extern avl_tree_t *edge_weight_tree; /* Tree with all known edges sorted on weight */
extern avl_tree_t *edge_weight_tree; /* Tree with all known edges sorted on weight */
extern void init_edges(void);
extern void exit_edges(void);
extern edge_t *new_edge(void) __attribute__ ((__malloc__));
extern void free_edge(edge_t *);
extern avl_tree_t *new_edge_tree(void) __attribute__ ((__malloc__));
extern void free_edge_tree(avl_tree_t *);
extern void edge_add(edge_t *);
extern void edge_del(edge_t *);
extern edge_t *lookup_edge(struct node_t *, struct node_t *);
extern edge_t *new_edge(void) __attribute__((__malloc__));
extern void free_edge(edge_t *e);
extern avl_tree_t *new_edge_tree(void) __attribute__((__malloc__));
extern void free_edge_tree(avl_tree_t *edge_tree);
extern void edge_add(edge_t *e);
extern void edge_del(edge_t *e);
extern edge_t *lookup_edge(struct node_t *from, struct node_t *to);
extern void dump_edges(void);
#endif /* __TINC_EDGE_H__ */
#endif

View file

@ -1,3 +1,6 @@
#ifndef TINC_ETHERNET_H
#define TINC_ETHERNET_H
/*
ethernet.h -- missing Ethernet related definitions
Copyright (C) 2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_ETHERNET_H__
#define __TINC_ETHERNET_H__
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
@ -50,7 +50,7 @@ struct ether_header {
uint8_t ether_dhost[ETH_ALEN];
uint8_t ether_shost[ETH_ALEN];
uint16_t ether_type;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#endif
#ifndef HAVE_STRUCT_ARPHDR
@ -60,7 +60,7 @@ struct arphdr {
uint8_t ar_hln;
uint8_t ar_pln;
uint16_t ar_op;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define ARPOP_REQUEST 1
#define ARPOP_REPLY 2
@ -78,7 +78,7 @@ struct ether_arp {
uint8_t arp_spa[4];
uint8_t arp_tha[ETH_ALEN];
uint8_t arp_tpa[4];
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define arp_hrd ea_hdr.ar_hrd
#define arp_pro ea_hdr.ar_pro
#define arp_hln ea_hdr.ar_hln
@ -86,4 +86,4 @@ struct ether_arp {
#define arp_op ea_hdr.ar_op
#endif
#endif /* __TINC_ETHERNET_H__ */
#endif

View file

@ -31,11 +31,13 @@ extern time_t now;
static int id;
static int event_compare(const event_t *a, const event_t *b) {
if(a->time > b->time)
if(a->time > b->time) {
return 1;
}
if(a->time < b->time)
if(a->time < b->time) {
return -1;
}
return a->id - b->id;
}
@ -54,16 +56,19 @@ void expire_events(void) {
time_t diff;
/*
* Make all events appear expired by substracting the difference between
* the expiration time of the last event and the current time.
* Make all events appear expired by subtracting the difference between
* the expiration time of the last event and the current time.
*/
if(!event_tree->tail)
if(!event_tree->tail) {
return;
}
event = event_tree->tail->data;
if(event->time <= now)
if(event->time <= now) {
return;
}
diff = event->time - now;
@ -108,7 +113,9 @@ event_t *get_expired_event(void) {
}
event_t *peek_next_event(void) {
if (event_tree->head)
if(event_tree->head) {
return event_tree->head->data;
}
return NULL;
}

View file

@ -1,3 +1,6 @@
#ifndef TINC_EVENT_H
#define TINC_EVENT_H
/*
event.h -- header for event.c
Copyright (C) 2002-2009 Guus Sliepen <guus@tinc-vpn.org>,
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_EVENT_H__
#define __TINC_EVENT_H__
#include "avl_tree.h"
extern avl_tree_t *event_tree;
@ -37,11 +37,11 @@ typedef struct event {
extern void init_events(void);
extern void exit_events(void);
extern void expire_events(void);
extern event_t *new_event(void) __attribute__ ((__malloc__));
extern void free_event(event_t *);
extern void event_add(event_t *);
extern void event_del(event_t *);
extern event_t *new_event(void) __attribute__((__malloc__));
extern void free_event(event_t *event);
extern void event_add(event_t *event);
extern void event_del(event_t *event);
extern event_t *get_expired_event(void);
extern event_t *peek_next_event(void);
#endif /* __TINC_EVENT_H__ */
#endif

View file

@ -1,19 +0,0 @@
/*
* fake library for ssh
*
* This file is included in getaddrinfo.c and getnameinfo.c.
* See getaddrinfo.c and getnameinfo.c.
*/
/* for old netdb.h */
#ifndef EAI_NODATA
#define EAI_NODATA 1
#endif
#ifndef EAI_MEMORY
#define EAI_MEMORY 2
#endif
#ifndef EAI_FAMILY
#define EAI_FAMILY 3
#endif

View file

@ -2,10 +2,10 @@
* fake library for ssh
*
* This file includes getaddrinfo(), freeaddrinfo() and gai_strerror().
* These funtions are defined in rfc2133.
* These functions are defined in rfc2133.
*
* But these functions are not implemented correctly. The minimum subset
* is implemented for ssh use only. For exapmle, this routine assumes
* is implemented for ssh use only. For example, this routine assumes
* that ai_family is AF_INET. Don't use it for another purpose.
*/
@ -17,24 +17,25 @@
#include "xalloc.h"
#if !HAVE_DECL_GAI_STRERROR
char *gai_strerror(int ecode)
{
switch (ecode) {
case EAI_NODATA:
return "No address associated with hostname";
case EAI_MEMORY:
return "Memory allocation failure";
case EAI_FAMILY:
return "Address family not supported";
default:
return "Unknown error";
char *gai_strerror(int ecode) {
switch(ecode) {
case EAI_NODATA:
return "No address associated with hostname";
case EAI_MEMORY:
return "Memory allocation failure";
case EAI_FAMILY:
return "Address family not supported";
default:
return "Unknown error";
}
}
#endif /* !HAVE_GAI_STRERROR */
#if !HAVE_DECL_FREEADDRINFO
void freeaddrinfo(struct addrinfo *ai)
{
void freeaddrinfo(struct addrinfo *ai) {
struct addrinfo *next;
while(ai) {
@ -46,8 +47,7 @@ void freeaddrinfo(struct addrinfo *ai)
#endif /* !HAVE_FREEADDRINFO */
#if !HAVE_DECL_GETADDRINFO
static struct addrinfo *malloc_ai(uint16_t port, uint32_t addr)
{
static struct addrinfo *malloc_ai(uint16_t port, uint32_t addr) {
struct addrinfo *ai;
ai = xmalloc_and_zero(sizeof(struct addrinfo) + sizeof(struct sockaddr_in));
@ -62,40 +62,43 @@ static struct addrinfo *malloc_ai(uint16_t port, uint32_t addr)
return ai;
}
int getaddrinfo(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res)
{
int getaddrinfo(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res) {
struct addrinfo *prev = NULL;
struct hostent *hp;
struct in_addr in = {0};
int i;
uint16_t port = 0;
if(hints && hints->ai_family != AF_INET && hints->ai_family != AF_UNSPEC)
if(hints && hints->ai_family != AF_INET && hints->ai_family != AF_UNSPEC) {
return EAI_FAMILY;
}
if (servname)
if(servname) {
port = htons(atoi(servname));
}
if (hints && hints->ai_flags & AI_PASSIVE) {
if(hints && hints->ai_flags & AI_PASSIVE) {
*res = malloc_ai(port, htonl(0x00000000));
return 0;
}
if (!hostname) {
if(!hostname) {
*res = malloc_ai(port, htonl(0x7f000001));
return 0;
}
hp = gethostbyname(hostname);
if(!hp || !hp->h_addr_list || !hp->h_addr_list[0])
if(!hp || !hp->h_addr_list || !hp->h_addr_list[0]) {
return EAI_NODATA;
}
for (i = 0; hp->h_addr_list[i]; i++) {
for(i = 0; hp->h_addr_list[i]; i++) {
*res = malloc_ai(port, ((struct in_addr *)hp->h_addr_list[i])->s_addr);
if(prev)
if(prev) {
prev->ai_next = *res;
}
prev = *res;
}

View file

@ -1,7 +1,17 @@
#ifndef _FAKE_GETADDRINFO_H
#define _FAKE_GETADDRINFO_H
#ifndef TINC_FAKE_GETADDRINFO_H
#define TINC_FAKE_GETADDRINFO_H
#include "fake-gai-errnos.h"
#ifndef EAI_NODATA
#define EAI_NODATA 1
#endif
#ifndef EAI_MEMORY
#define EAI_MEMORY 2
#endif
#ifndef EAI_FAMILY
#define EAI_FAMILY 3
#endif
#ifndef AI_PASSIVE
# define AI_PASSIVE 1
@ -20,14 +30,14 @@
#ifndef HAVE_STRUCT_ADDRINFO
struct addrinfo {
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
int ai_family; /* PF_xxx */
int ai_socktype; /* SOCK_xxx */
int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
size_t ai_addrlen; /* length of ai_addr */
char *ai_canonname; /* canonical name for hostname */
struct sockaddr *ai_addr; /* binary address */
struct addrinfo *ai_next; /* next structure in linked list */
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
int ai_family; /* PF_xxx */
int ai_socktype; /* SOCK_xxx */
int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
size_t ai_addrlen; /* length of ai_addr */
char *ai_canonname; /* canonical name for hostname */
struct sockaddr *ai_addr; /* binary address */
struct addrinfo *ai_next; /* next structure in linked list */
};
#endif /* !HAVE_STRUCT_ADDRINFO */
@ -44,4 +54,4 @@ char *gai_strerror(int ecode);
void freeaddrinfo(struct addrinfo *ai);
#endif /* !HAVE_FREEADDRINFO */
#endif /* _FAKE_GETADDRINFO_H */
#endif

View file

@ -2,10 +2,10 @@
* fake library for ssh
*
* This file includes getnameinfo().
* These funtions are defined in rfc2133.
* These functions are defined in rfc2133.
*
* But these functions are not implemented correctly. The minimum subset
* is implemented for ssh use only. For exapmle, this routine assumes
* is implemented for ssh use only. For example, this routine assumes
* that ai_family is AF_INET. Don't use it for another purpose.
*/
@ -16,39 +16,48 @@
#if !HAVE_DECL_GETNAMEINFO
int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags)
{
int getnameinfo(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags) {
struct sockaddr_in *sin = (struct sockaddr_in *)sa;
struct hostent *hp;
int len;
if(sa->sa_family != AF_INET)
if(sa->sa_family != AF_INET) {
return EAI_FAMILY;
}
if(serv && servlen) {
len = snprintf(serv, servlen, "%d", ntohs(sin->sin_port));
if(len < 0 || len >= servlen)
if(len < 0 || len >= servlen) {
return EAI_MEMORY;
}
}
if(!host || !hostlen)
if(!host || !hostlen) {
return 0;
}
if(flags & NI_NUMERICHOST) {
len = snprintf(host, hostlen, "%s", inet_ntoa(sin->sin_addr));
if(len < 0 || len >= hostlen)
if(len < 0 || len >= hostlen) {
return EAI_MEMORY;
}
return 0;
}
hp = gethostbyaddr((char *)&sin->sin_addr, sizeof(struct in_addr), AF_INET);
if(!hp || !hp->h_name || !hp->h_name[0])
if(!hp || !hp->h_name || !hp->h_name[0]) {
return EAI_NODATA;
}
len = snprintf(host, hostlen, "%s", hp->h_name);
if(len < 0 || len >= hostlen)
if(len < 0 || len >= hostlen) {
return EAI_MEMORY;
}
return 0;
}

View file

@ -1,5 +1,5 @@
#ifndef _FAKE_GETNAMEINFO_H
#define _FAKE_GETNAMEINFO_H
#ifndef TINC_FAKE_GETNAMEINFO_H
#define TINC_FAKE_GETNAMEINFO_H
#if !HAVE_DECL_GETNAMEINFO
int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
@ -13,4 +13,4 @@ int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
# define NI_MAXHOST 1025
#endif /* !NI_MAXHOST */
#endif /* _FAKE_GETNAMEINFO_H */
#endif

File diff suppressed because it is too large Load diff

View file

@ -1,3 +1,6 @@
#ifndef TINC_GETOPT_H
#define TINC_GETOPT_H
/* Declarations for getopt.
Copyright (C) 1989,90,91,92,93,94,96,97 Free Software Foundation, Inc.
@ -19,115 +22,111 @@ with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef _GETOPT_H
#define _GETOPT_H 1
#ifdef __cplusplus
#ifdef cplusplus
extern "C" {
#endif
/* For communication from `getopt' to the caller.
When `getopt' finds an option that takes an argument,
the argument value is returned here.
Also, when `ordering' is RETURN_IN_ORDER,
each non-option ARGV-element is returned here. */
/* For communication from `getopt' to the caller.
When `getopt' finds an option that takes an argument,
the argument value is returned here.
Also, when `ordering' is RETURN_IN_ORDER,
each non-option ARGV-element is returned here. */
extern char *optarg;
extern char *optarg;
/* Index in ARGV of the next element to be scanned.
This is used for communication to and from the caller
and for communication between successive calls to `getopt'.
/* Index in ARGV of the next element to be scanned.
This is used for communication to and from the caller
and for communication between successive calls to `getopt'.
On entry to `getopt', zero means this is the first call; initialize.
On entry to `getopt', zero means this is the first call; initialize.
When `getopt' returns -1, this is the index of the first of the
non-option elements that the caller should itself scan.
When `getopt' returns -1, this is the index of the first of the
non-option elements that the caller should itself scan.
Otherwise, `optind' communicates from one call to the next
how much of ARGV has been scanned so far. */
Otherwise, `optind' communicates from one call to the next
how much of ARGV has been scanned so far. */
extern int optind;
extern int optind;
/* Callers store zero here to inhibit the error message `getopt' prints
for unrecognized options. */
/* Callers store zero here to inhibit the error message `getopt' prints
for unrecognized options. */
extern int opterr;
extern int opterr;
/* Set to an option character which was unrecognized. */
/* Set to an option character which was unrecognized. */
extern int optopt;
extern int optopt;
/* Describe the long-named options requested by the application.
The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector
of `struct option' terminated by an element containing a name which is
zero.
/* Describe the long-named options requested by the application.
The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector
of `struct option' terminated by an element containing a name which is
zero.
The field `has_arg' is:
no_argument (or 0) if the option does not take an argument,
required_argument (or 1) if the option requires an argument,
optional_argument (or 2) if the option takes an optional argument.
The field `has_arg' is:
no_argument (or 0) if the option does not take an argument,
required_argument (or 1) if the option requires an argument,
optional_argument (or 2) if the option takes an optional argument.
If the field `flag' is not NULL, it points to a variable that is set
to the value given in the field `val' when the option is found, but
left unchanged if the option is not found.
If the field `flag' is not NULL, it points to a variable that is set
to the value given in the field `val' when the option is found, but
left unchanged if the option is not found.
To have a long-named option do something other than set an `int' to
a compiled-in constant, such as set a value from `optarg', set the
option's `flag' field to zero and its `val' field to a nonzero
value (the equivalent single-letter option character, if there is
one). For long options that have a zero `flag' field, `getopt'
returns the contents of the `val' field. */
To have a long-named option do something other than set an `int' to
a compiled-in constant, such as set a value from `optarg', set the
option's `flag' field to zero and its `val' field to a nonzero
value (the equivalent single-letter option character, if there is
one). For long options that have a zero `flag' field, `getopt'
returns the contents of the `val' field. */
struct option
{
struct option {
#if defined (__STDC__) && __STDC__
const char *name;
const char *name;
#else
char *name;
char *name;
#endif
/* has_arg can't be an enum because some compilers complain about
type mismatches in all the code that assumes it is an int. */
int has_arg;
int *flag;
int val;
};
/* has_arg can't be an enum because some compilers complain about
type mismatches in all the code that assumes it is an int. */
int has_arg;
int *flag;
int val;
};
/* Names for the values of the `has_arg' field of `struct option'. */
/* Names for the values of the `has_arg' field of `struct option'. */
#define no_argument 0
#define required_argument 1
#define optional_argument 2
#define no_argument 0
#define required_argument 1
#define optional_argument 2
#if defined (__STDC__) && __STDC__
#ifdef __GNU_LIBRARY__
/* Many other libraries have conflicting prototypes for getopt, with
differences in the consts, in stdlib.h. To avoid compilation
errors, only prototype getopt for the GNU C library. */
extern int getopt (int argc, char *const *argv, const char *shortopts);
/* Many other libraries have conflicting prototypes for getopt, with
differences in the consts, in stdlib.h. To avoid compilation
errors, only prototype getopt for the GNU C library. */
extern int getopt(int argc, char *const *argv, const char *shortopts);
#else /* not __GNU_LIBRARY__ */
extern int getopt ();
extern int getopt();
#endif /* __GNU_LIBRARY__ */
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
const struct option *longopts, int *longind);
extern int getopt_long_only (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind);
extern int getopt_long(int argc, char *const *argv, const char *shortopts,
const struct option *longopts, int *longind);
extern int getopt_long_only(int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind);
/* Internal only. Users should not call this directly. */
extern int _getopt_internal (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind,
int long_only);
/* Internal only. Users should not call this directly. */
extern int _getopt_internal(int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind,
int long_only);
#else /* not __STDC__ */
extern int getopt ();
extern int getopt_long ();
extern int getopt_long_only ();
extern int getopt();
extern int getopt_long();
extern int getopt_long_only();
extern int _getopt_internal ();
extern int _getopt_internal();
#endif /* __STDC__ */
#ifdef __cplusplus
#ifdef cplusplus
}
#endif
#endif /* _GETOPT_H */
#endif

View file

@ -60,19 +60,19 @@ with this program; if not, write to the Free Software Foundation, Inc.,
#include <stdlib.h>
#endif
#ifndef NULL
#ifndef NULL
#define NULL 0
#endif
int
getopt_long (argc, argv, options, long_options, opt_index)
int argc;
char *const *argv;
const char *options;
const struct option *long_options;
int *opt_index;
getopt_long(argc, argv, options, long_options, opt_index)
int argc;
char *const *argv;
const char *options;
const struct option *long_options;
int *opt_index;
{
return _getopt_internal (argc, argv, options, long_options, opt_index, 0);
return _getopt_internal(argc, argv, options, long_options, opt_index, 0);
}
/* Like getopt_long, but '-' as well as '--' can indicate a long option.
@ -81,109 +81,115 @@ getopt_long (argc, argv, options, long_options, opt_index)
instead. */
int
getopt_long_only (argc, argv, options, long_options, opt_index)
int argc;
char *const *argv;
const char *options;
const struct option *long_options;
int *opt_index;
getopt_long_only(argc, argv, options, long_options, opt_index)
int argc;
char *const *argv;
const char *options;
const struct option *long_options;
int *opt_index;
{
return _getopt_internal (argc, argv, options, long_options, opt_index, 1);
return _getopt_internal(argc, argv, options, long_options, opt_index, 1);
}
#endif /* Not ELIDE_CODE. */
#endif /* Not ELIDE_CODE. */
#ifdef TEST
#include <stdio.h>
int
main (argc, argv)
int argc;
char **argv;
main(argc, argv)
int argc;
char **argv;
{
int c;
int digit_optind = 0;
int c;
int digit_optind = 0;
while (1)
{
int this_option_optind = optind ? optind : 1;
int option_index = 0;
static struct option long_options[] =
{
{"add", 1, 0, 0},
{"append", 0, 0, 0},
{"delete", 1, 0, 0},
{"verbose", 0, 0, 0},
{"create", 0, 0, 0},
{"file", 1, 0, 0},
{0, 0, 0, 0}
};
while(1) {
int this_option_optind = optind ? optind : 1;
int option_index = 0;
static struct option long_options[] = {
{"add", 1, 0, 0},
{"append", 0, 0, 0},
{"delete", 1, 0, 0},
{"verbose", 0, 0, 0},
{"create", 0, 0, 0},
{"file", 1, 0, 0},
{0, 0, 0, 0}
};
c = getopt_long (argc, argv, "abc:d:0123456789",
long_options, &option_index);
if (c == -1)
break;
c = getopt_long(argc, argv, "abc:d:0123456789",
long_options, &option_index);
switch (c)
{
case 0:
printf ("option %s", long_options[option_index].name);
if (optarg)
printf (" with arg %s", optarg);
printf ("\n");
break;
if(c == -1) {
break;
}
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
if (digit_optind != 0 && digit_optind != this_option_optind)
printf ("digits occur in two different argv-elements.\n");
digit_optind = this_option_optind;
printf ("option %c\n", c);
break;
switch(c) {
case 0:
printf("option %s", long_options[option_index].name);
case 'a':
printf ("option a\n");
break;
if(optarg) {
printf(" with arg %s", optarg);
}
case 'b':
printf ("option b\n");
break;
printf("\n");
break;
case 'c':
printf ("option c with value `%s'\n", optarg);
break;
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
if(digit_optind != 0 && digit_optind != this_option_optind) {
printf("digits occur in two different argv-elements.\n");
}
case 'd':
printf ("option d with value `%s'\n", optarg);
break;
digit_optind = this_option_optind;
printf("option %c\n", c);
break;
case '?':
break;
case 'a':
printf("option a\n");
break;
default:
printf ("?? getopt returned character code 0%o ??\n", c);
case 'b':
printf("option b\n");
break;
case 'c':
printf("option c with value `%s'\n", optarg);
break;
case 'd':
printf("option d with value `%s'\n", optarg);
break;
case '?':
break;
default:
printf("?? getopt returned character code 0%o ??\n", c);
}
}
}
if (optind < argc)
{
printf ("non-option ARGV-elements: ");
while (optind < argc)
printf ("%s ", argv[optind++]);
printf ("\n");
}
if(optind < argc) {
printf("non-option ARGV-elements: ");
exit (0);
while(optind < argc) {
printf("%s ", argv[optind++]);
}
printf("\n");
}
exit(0);
}
#endif /* TEST */

View file

@ -84,8 +84,9 @@ static void mst_kruskal(void) {
/* Do we have something to do at all? */
if(!edge_weight_tree->head)
if(!edge_weight_tree->head) {
return;
}
ifdebug(SCARY_THINGS) logger(LOG_DEBUG, "Running Kruskal's algorithm:");
@ -101,6 +102,7 @@ static void mst_kruskal(void) {
for(node = edge_weight_tree->head; node; node = node->next) {
e = node->data;
if(e->from->status.reachable) {
e->from->status.visited = true;
break;
@ -121,16 +123,18 @@ static void mst_kruskal(void) {
e->from->status.visited = true;
e->to->status.visited = true;
if(e->connection)
if(e->connection) {
e->connection->status.mst = true;
}
if(e->reverse->connection)
if(e->reverse->connection) {
e->reverse->connection->status.mst = true;
}
safe_edges++;
ifdebug(SCARY_THINGS) logger(LOG_DEBUG, " Adding edge %s - %s weight %d", e->from->name,
e->to->name, e->weight);
e->to->name, e->weight);
if(skipped) {
skipped = false;
@ -140,7 +144,7 @@ static void mst_kruskal(void) {
}
ifdebug(SCARY_THINGS) logger(LOG_DEBUG, "Done, counted %d nodes and %d safe edges.", nodes,
safe_edges);
safe_edges);
}
/* Implementation of a simple breadth-first search algorithm.
@ -180,22 +184,23 @@ static void sssp_bfs(void) {
/* Loop while todo_list is filled */
for(from = todo_list->head; from; from = todonext) { /* "from" is the node from which we start */
for(from = todo_list->head; from; from = todonext) { /* "from" is the node from which we start */
n = from->data;
for(to = n->edge_tree->head; to; to = to->next) { /* "to" is the edge connected to "from" */
for(to = n->edge_tree->head; to; to = to->next) { /* "to" is the edge connected to "from" */
e = to->data;
if(!e->reverse)
if(!e->reverse) {
continue;
}
/* Situation:
/
/
/
/
----->(n)---e-->(e->to)
\
\
\
\
Where e is an edge, (n) and (e->to) are nodes.
n->address is set to the e->address of the edge left of n to n.
@ -209,13 +214,15 @@ static void sssp_bfs(void) {
indirect = n->status.indirect || e->options & OPTION_INDIRECT;
if(e->to->status.visited
&& (!e->to->status.indirect || indirect))
&& (!e->to->status.indirect || indirect)) {
continue;
}
// Only update nexthop the first time we visit this node.
if(!e->to->status.visited)
if(!e->to->status.visited) {
e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop;
}
e->to->status.visited = true;
e->to->status.indirect = indirect;
@ -223,8 +230,9 @@ static void sssp_bfs(void) {
e->to->via = indirect ? n->via : e->to;
e->to->options = e->options;
if(e->to->address.sa.sa_family == AF_UNSPEC && e->address.sa.sa_family != AF_UNKNOWN)
if(e->to->address.sa.sa_family == AF_UNSPEC && e->address.sa.sa_family != AF_UNKNOWN) {
update_node_udp(e->to, &e->address);
}
list_insert_tail(todo_list, e->to);
}
@ -246,10 +254,10 @@ static void sssp_bfs(void) {
if(n->status.reachable) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Node %s (%s) became reachable",
n->name, n->hostname);
n->name, n->hostname);
} else {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Node %s (%s) became unreachable",
n->name, n->hostname);
n->name, n->hostname);
}
/* TODO: only clear status.validkey if node is unreachable? */
@ -266,9 +274,9 @@ static void sssp_bfs(void) {
n->mtuevent = NULL;
}
xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
xasprintf(&envp[1], "DEVICE=%s", device ? : "");
xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
xasprintf(&envp[0], "NETNAME=%s", netname ? netname : "");
xasprintf(&envp[1], "DEVICE=%s", device ? device : "");
xasprintf(&envp[2], "INTERFACE=%s", iface ? iface : "");
xasprintf(&envp[3], "NODE=%s", n->name);
sockaddr2str(&n->address, &address, &port);
xasprintf(&envp[4], "REMOTEADDRESS=%s", address);
@ -278,22 +286,23 @@ static void sssp_bfs(void) {
execute_script(n->status.reachable ? "host-up" : "host-down", envp);
xasprintf(&name,
n->status.reachable ? "hosts/%s-up" : "hosts/%s-down",
n->name);
n->status.reachable ? "hosts/%s-up" : "hosts/%s-down",
n->name);
execute_script(name, envp);
free(name);
free(address);
free(port);
for(i = 0; i < 7; i++)
for(i = 0; i < 7; i++) {
free(envp[i]);
}
subnet_update(n, NULL, n->status.reachable);
if(!n->status.reachable) {
update_node_udp(n, NULL);
memset(&n->status, 0, sizeof n->status);
memset(&n->status, 0, sizeof(n->status));
n->options = 0;
} else if(n->connection) {
send_ans_key(n);
@ -324,8 +333,9 @@ void dump_graph(void) {
char *filename = NULL, *tmpname = NULL;
FILE *file, *pipe = NULL;
if(!graph_changed || !get_config_string(lookup_config(config_tree, "GraphDumpFile"), &filename))
if(!graph_changed || !get_config_string(lookup_config(config_tree, "GraphDumpFile"), &filename)) {
return;
}
graph_changed = false;
@ -350,13 +360,13 @@ void dump_graph(void) {
/* dump all nodes first */
for(node = node_tree->head; node; node = node->next) {
n = node->data;
fprintf(file, " %s [label = \"%s\"];\n", n->name, n->name);
fprintf(file, " \"%s\" [label = \"%s\"];\n", n->name, n->name);
}
/* now dump all edges */
for(node = edge_weight_tree->head; node; node = node->next) {
e = node->data;
fprintf(file, " %s -> %s;\n", e->from->name, e->to->name);
fprintf(file, " \"%s\" -> \"%s\";\n", e->from->name, e->to->name);
}
fprintf(file, "}\n");
@ -368,8 +378,11 @@ void dump_graph(void) {
#ifdef HAVE_MINGW
unlink(filename);
#endif
if(rename(tmpname, filename))
if(rename(tmpname, filename)) {
logger(LOG_ERR, "Could not rename %s to %s: %s\n", tmpname, filename, strerror(errno));
}
free(tmpname);
}

View file

@ -1,3 +1,6 @@
#ifndef TINC_GRAPH_H
#define TINC_GRAPH_H
/*
graph.h -- header for graph.c
Copyright (C) 2001-2012 Guus Sliepen <guus@tinc-vpn.org>,
@ -18,10 +21,7 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_GRAPH_H__
#define __TINC_GRAPH_H__
extern void graph(void);
extern void dump_graph(void);
#endif /* __TINC_GRAPH_H__ */
#endif

View file

@ -1,3 +1,6 @@
#ifndef TINC_HAVE_H
#define TINC_HAVE_H
/*
have.h -- include headers which are known to exist
Copyright (C) 1998-2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_HAVE_H__
#define __TINC_HAVE_H__
#ifdef HAVE_MINGW
#ifdef WITH_WINDOWS2000
#define WINVER Windows2000
@ -30,15 +30,19 @@
#endif
#include <stdio.h>
#include <stdbool.h>
#include <stdint.h>
#include <inttypes.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <ctype.h>
#include <signal.h>
#include <errno.h>
#include <limits.h>
#include <fcntl.h>
#include <unistd.h>
#include <limits.h>
#include <signal.h>
#ifdef HAVE_MINGW
#include <w32api.h>
@ -55,10 +59,6 @@
#include <termios.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#endif
#ifdef HAVE_ALLOCA_H
#include <alloca.h>
#endif
@ -211,4 +211,4 @@
#include <linux/if_tun.h>
#endif
#endif /* __TINC_SYSTEM_H__ */
#endif

View file

@ -1,3 +1,6 @@
#ifndef TINC_IPV4_H
#define TINC_IPV4_H
/*
ipv4.h -- missing IPv4 related definitions
Copyright (C) 2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_IPV4_H__
#define __TINC_IPV4_H__
#ifndef AF_INET
#define AF_INET 2
#endif
@ -64,11 +64,11 @@
#ifndef HAVE_STRUCT_IP
struct ip {
#if __BYTE_ORDER == __LITTLE_ENDIAN
unsigned int ip_hl:4;
unsigned int ip_v:4;
unsigned int ip_hl: 4;
unsigned int ip_v: 4;
#else
unsigned int ip_v:4;
unsigned int ip_hl:4;
unsigned int ip_v: 4;
unsigned int ip_hl: 4;
#endif
uint8_t ip_tos;
uint16_t ip_len;
@ -81,7 +81,7 @@ struct ip {
uint8_t ip_p;
uint16_t ip_sum;
struct in_addr ip_src, ip_dst;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#endif
#ifndef IP_OFFMASK
@ -143,7 +143,7 @@ struct icmp {
#define icmp_radv icmp_dun.id_radv
#define icmp_mask icmp_dun.id_mask
#define icmp_data icmp_dun.id_data
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#endif
#endif /* __TINC_IPV4_H__ */
#endif

View file

@ -1,3 +1,6 @@
#ifndef TINC_IPV6_H
#define TINC_IPV6_H
/*
ipv6.h -- missing IPv6 related definitions
Copyright (C) 2005 Ivo Timmermans
@ -18,9 +21,6 @@
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __TINC_IPV6_H__
#define __TINC_IPV6_H__
#ifndef AF_INET6
#define AF_INET6 10
#endif
@ -36,7 +36,7 @@ struct in6_addr {
uint16_t u6_addr16[8];
uint32_t u6_addr32[4];
} in6_u;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define s6_addr in6_u.u6_addr8
#define s6_addr16 in6_u.u6_addr16
#define s6_addr32 in6_u.u6_addr32
@ -49,14 +49,14 @@ struct sockaddr_in6 {
uint32_t sin6_flowinfo;
struct in6_addr sin6_addr;
uint32_t sin6_scope_id;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#endif
#ifndef IN6_IS_ADDR_V4MAPPED
#define IN6_IS_ADDR_V4MAPPED(a) \
((((__const uint32_t *) (a))[0] == 0) \
&& (((__const uint32_t *) (a))[1] == 0) \
&& (((__const uint32_t *) (a))[2] == htonl (0xffff)))
((((const uint32_t *) (a))[0] == 0) \
&& (((const uint32_t *) (a))[1] == 0) \
&& (((const uint32_t *) (a))[2] == htonl (0xffff)))
#endif
#ifndef HAVE_STRUCT_IP6_HDR
@ -72,7 +72,7 @@ struct ip6_hdr {
} ip6_ctlun;
struct in6_addr ip6_src;
struct in6_addr ip6_dst;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define ip6_vfc ip6_ctlun.ip6_un2_vfc
#define ip6_flow ip6_ctlun.ip6_un1.ip6_un1_flow
#define ip6_plen ip6_ctlun.ip6_un1.ip6_un1_plen
@ -91,7 +91,7 @@ struct icmp6_hdr {
uint16_t icmp6_un_data16[2];
uint8_t icmp6_un_data8[4];
} icmp6_dataun;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define ICMP6_DST_UNREACH_NOROUTE 0
#define ICMP6_DST_UNREACH 1
#define ICMP6_PACKET_TOO_BIG 2
@ -111,7 +111,7 @@ struct icmp6_hdr {
struct nd_neighbor_solicit {
struct icmp6_hdr nd_ns_hdr;
struct in6_addr nd_ns_target;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#define ND_OPT_SOURCE_LINKADDR 1
#define ND_OPT_TARGET_LINKADDR 2
#define nd_ns_type nd_ns_hdr.icmp6_type
@ -124,7 +124,7 @@ struct nd_neighbor_solicit {
struct nd_opt_hdr {
uint8_t nd_opt_type;
uint8_t nd_opt_len;
} __attribute__ ((__packed__));
} __attribute__((__packed__));
#endif
#endif /* __TINC_IPV6_H__ */
#endif

View file

@ -47,7 +47,7 @@ char *device = NULL;
char *iface = NULL;
static char *type = NULL;
static char ifrname[IFNAMSIZ];
static char *device_info;
static const char *device_info;
static uint64_t device_total_in = 0;
static uint64_t device_total_out = 0;
@ -56,13 +56,16 @@ static bool setup_device(void) {
struct ifreq ifr;
bool t1q = false;
if(!get_config_string(lookup_config(config_tree, "Device"), &device))
if(!get_config_string(lookup_config(config_tree, "Device"), &device)) {
device = xstrdup(DEFAULT_DEVICE);
}
if(!get_config_string(lookup_config(config_tree, "Interface"), &iface))
#ifdef HAVE_LINUX_IF_TUN_H
if (netname != NULL)
if(netname != NULL) {
iface = xstrdup(netname);
}
#else
iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device);
#endif
@ -94,17 +97,22 @@ static bool setup_device(void) {
device_type = DEVICE_TYPE_TUN;
device_info = "Linux tun/tap device (tun mode)";
} else {
if (routing_mode == RMODE_ROUTER)
if(routing_mode == RMODE_ROUTER) {
overwrite_mac = true;
}
ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
device_type = DEVICE_TYPE_TAP;
device_info = "Linux tun/tap device (tap mode)";
}
#ifdef IFF_ONE_QUEUE
/* Set IFF_ONE_QUEUE flag... */
if(get_config_bool(lookup_config(config_tree, "IffOneQueue"), &t1q) && t1q)
if(get_config_bool(lookup_config(config_tree, "IffOneQueue"), &t1q) && t1q) {
ifr.ifr_flags |= IFF_ONE_QUEUE;
}
#endif
if(iface) {
@ -117,6 +125,9 @@ static bool setup_device(void) {
ifrname[IFNAMSIZ - 1] = 0;
free(iface);
iface = xstrdup(ifrname);
} else if(errno == EPERM || errno == EBUSY) {
logger(LOG_ERR, "Error while trying to configure %s: %s", device, strerror(errno));
return false;
} else if(!ioctl(device_fd, (('T' << 8) | 202), &ifr)) {
logger(LOG_WARNING, "Old ioctl() request was needed for %s", device);
strncpy(ifrname, ifr.ifr_name, IFNAMSIZ);
@ -126,16 +137,19 @@ static bool setup_device(void) {
} else
#endif
{
if(routing_mode == RMODE_ROUTER)
if(routing_mode == RMODE_ROUTER) {
overwrite_mac = true;
}
device_info = "Linux ethertap device";
device_type = DEVICE_TYPE_ETHERTAP;
free(iface);
iface = xstrdup(strrchr(device, '/') ? strrchr(device, '/') + 1 : device);
}
if(overwrite_mac && !ioctl(device_fd, SIOCGIFHWADDR, &ifr))
if(overwrite_mac && !ioctl(device_fd, SIOCGIFHWADDR, &ifr)) {
memcpy(mymac.x, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
}
logger(LOG_INFO, "%s is a %s", device, device_info);
@ -154,79 +168,87 @@ static bool read_packet(vpn_packet_t *packet) {
int lenin;
switch(device_type) {
case DEVICE_TYPE_TUN:
lenin = read(device_fd, packet->data + 10, MTU - 10);
case DEVICE_TYPE_TUN:
lenin = read(device_fd, packet->data + 10, MTU - 10);
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
memset(packet->data, 0, 12);
packet->len = lenin + 10;
break;
case DEVICE_TYPE_TAP:
lenin = read(device_fd, packet->data, MTU);
memset(packet->data, 0, 12);
packet->len = lenin + 10;
break;
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
case DEVICE_TYPE_TAP:
lenin = read(device_fd, packet->data, MTU);
packet->len = lenin;
break;
case DEVICE_TYPE_ETHERTAP:
lenin = read(device_fd, packet->data - 2, MTU + 2);
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
packet->len = lenin;
break;
packet->len = lenin - 2;
break;
case DEVICE_TYPE_ETHERTAP:
lenin = read(device_fd, packet->data - 2, MTU + 2);
if(lenin <= 0) {
logger(LOG_ERR, "Error while reading from %s %s: %s",
device_info, device, strerror(errno));
return false;
}
packet->len = lenin - 2;
break;
}
device_total_in += packet->len;
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Read packet of %d bytes from %s", packet->len,
device_info);
device_info);
return true;
}
static bool write_packet(vpn_packet_t *packet) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, "Writing packet of %d bytes to %s",
packet->len, device_info);
packet->len, device_info);
switch(device_type) {
case DEVICE_TYPE_TUN:
packet->data[10] = packet->data[11] = 0;
if(write(device_fd, packet->data + 10, packet->len - 10) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
case DEVICE_TYPE_TAP:
if(write(device_fd, packet->data, packet->len) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
case DEVICE_TYPE_ETHERTAP:
memcpy(packet->data - 2, &packet->len, 2);
case DEVICE_TYPE_TUN:
packet->data[10] = packet->data[11] = 0;
if(write(device_fd, packet->data - 2, packet->len + 2) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
if(write(device_fd, packet->data + 10, packet->len - 10) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
case DEVICE_TYPE_TAP:
if(write(device_fd, packet->data, packet->len) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
case DEVICE_TYPE_ETHERTAP:
memcpy(packet->data - 2, &packet->len, 2);
if(write(device_fd, packet->data - 2, packet->len + 2) < 0) {
logger(LOG_ERR, "Can't write to %s %s: %s", device_info, device,
strerror(errno));
return false;
}
break;
}
device_total_out += packet->len;

View file

@ -43,8 +43,9 @@ list_node_t *list_alloc_node(void) {
}
void list_free_node(list_t *list, list_node_t *node) {
if(node->data && list->delete)
if(node->data && list->delete) {
list->delete(node->data);
}
free(node);
}
@ -61,10 +62,11 @@ list_node_t *list_insert_head(list_t *list, void *data) {
node->next = list->head;
list->head = node;
if(node->next)
if(node->next) {
node->next->prev = node;
else
} else {
list->tail = node;
}
list->count++;
@ -81,10 +83,11 @@ list_node_t *list_insert_tail(list_t *list, void *data) {
node->prev = list->tail;
list->tail = node;
if(node->prev)
if(node->prev) {
node->prev->next = node;
else
} else {
list->head = node;
}
list->count++;
@ -92,15 +95,17 @@ list_node_t *list_insert_tail(list_t *list, void *data) {
}
void list_unlink_node(list_t *list, list_node_t *node) {
if(node->prev)
if(node->prev) {
node->prev->next = node->next;
else
} else {
list->head = node->next;
}
if(node->next)
if(node->next) {
node->next->prev = node->prev;
else
} else {
list->tail = node->prev;
}
list->count--;
}
@ -121,17 +126,19 @@ void list_delete_tail(list_t *list) {
/* Head/tail lookup */
void *list_get_head(list_t *list) {
if(list->head)
if(list->head) {
return list->head->data;
else
} else {
return NULL;
}
}
void *list_get_tail(list_t *list) {
if(list->tail)
if(list->tail) {
return list->tail->data;
else
} else {
return NULL;
}
}
/* Fast list deletion */
@ -163,7 +170,9 @@ void list_foreach(list_t *list, list_action_t action) {
for(node = list->head; node; node = next) {
next = node->next;
if(node->data)
if(node->data) {
action(node->data);
}
}
}

Some files were not shown because too many files have changed in this diff Show more