Subject: CVS commit: pkgsrc/net/tinc
From: Tonnerre Lombard
Date: 2013-10-14 20:27:54
Message id: 20131014182754.B773096@cvs.netbsd.org

Log Message:
Update tinc to version 1.0.22.

Changes since version 1.0.13:
 * Better optional argument handling.
 * Set $NAME when calling host-up/down and subnet-up/down scripts.
 * Don't echo broadcast packets back when Broadcast = direct.
 * Update copyright notices.
 * Fix combination of Mode = router and DeviceType = tap on Linux.
 * Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
 * Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch.
 * Document how to load the tap driver on FreeBSD.
 * Update THANKS file.
 * Also clarify hostnames=[yes|no] in tinc.conf(5).
 * Attribution for Vil Brekin and some code style cleanups.
 * Don't ignore Makefile.am.
 * Fix links in documenation.
 * Attribution for Martin Schürrer.
 * Add strict checks to hex to binary conversions.
 * Clear connection options and status fields in free_connection_partially().
 * Fix warnings from cppcheck.
 * Clear Ethernet header when reading packets from a tun device.
 * Clear status and options fields of unreachable nodes.
 * Fix warnings from groff.
 * Using alloca() for a constant sized buffer is very silly.
 * Make sure PMTU discovery works in switch mode with VLAN tags.
 * Mention in the manual that support for LZO and zlib can be disabled.
 * Fix configure script help text for --enable options.
 * Don't take the address of a variable whose scope is about to disappear.
 * Send broadcast packets using a random socket, and properly support IPv6.
 * Remove text saying you must have one of PrivateKey or PrivateKeyFile in tinc.conf.
 * Fix support for tunemu on iOS devices.
 * Make sure PriorityInheritance also works in switch mode.
 * Detect increases in PMTU.
 * Fix a compiler warning.
 * Fix segmentation fault when trying to connect via a SOCKS5 proxy.
 * Don't send proxy requests for incoming connections.
 * Fix compiler warnings on Windows.
 * Fix detection of rejected SOCKS5 proxy requests.
 * Basic patch for android cross-compilation.
 * Replace hard-code with new ScriptsInterpreter configuration property.
 * Add basic .gitignore file, cleaning (most) files generated by autotools.
 * Use __ANDROID__ define rather than dirty hard-code to allow android NDK \ 
cross-compilation.
 * Android cross-compilation instructions.
 * Output details of encryption errors
 * Minor clarification, tinc.conf hostnames=[yes|no] variable only resolves \ 
names for logging purposes.
 * Support :: in IPv6 Subnets.
 * Remove newline from log message.
 * Add support for systemd style socket activation.
 * Allow environment variables to be used for Name.
 * Allow broadcast packets to be sent directly instead of via the MST.
 * Add basic support for SOCKS 4 and HTTP CONNECT proxies.
 * Add support for SOCKS 5 proxies.
 * Add support for proxying through an external command.
 * Document new proxy types.
 * Small fixes in proxy code.
 * Fix compiler warnings.
 * Fix crash when using Broadcast = direct.
 * configure.in: fix AC_ARG_ENABLE and AC_ARG_WITH
 * add (errnum) in front of windows error messages
 * Always try next Address when an outgoing connection fails to authenticate.
 * Allow a port to be specified in BindToAddress statements.
 * Add support for multicast communication with UML/QEMU/KVM.
 * Set default value of DecrementTTL to "no".
 * Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast.
 * Allow scoped addresses to be used for IPv6 multicast socket.
 * Fix compiler warnings.
 * Fix return value type of vde_send().
 * Fix some more compiler warnings.
 * Document OpenBSD "ifconfig link0" and Linux "ip tuntap" \ 
commands.
 * Fix return type of vde_recv() as well.
 * Mark DecrementTTL option experimental.
 * Prevent read_rsa_public_key() from returning an uninitialized RSA structure.
 * Return false instead of void when there is an error.
 * Fix compilation of VDE and UML interfaces.
 * Add vde/device.c to the tarball.
 * Fix a few small memory leaks.
 * Allow linking with multiple device drivers.
 * Set FD_CLOEXEC flag on all sockets.
 * Allow multiple BindToAddress statements.
 * Merge branch 'master' of black:tinc
 * Send packets back using the same socket as they were received on.
 * Allow setting DeviceType to tun or tap on Linux.
 * Merge branch 'master' of black:tinc
 * Only compile raw socket code when it is supported on that platform.
 * Decrement TTL of incoming packets.
 * Don't bind outgoing TCP sockets anymore.
 * Rename connection_t *broadcast to everyone.
 * Allow disabling of broadcast packets.
 * Move initialization of char *priority up to prevent freeing an uninitialized \ 
pointer.
 * Document the command line flag -o and provide --option as well.
 * Fix a bug that caused tinc to ignore all but the last listening socket.
 * Fix check for raw socket support.
 * Pass index into listen_socket[] to handle_incoming_vpn_data().
 * Add LocalDiscovery option which tries to detect peers on the local network.
 * Don't send ICMP Time Exceeded messages for other Time Exceeded messages.
 * Stricter checks against routing loops.
 * Only use broadcast at the start of the PMTU discovery phase.
 * Only log errors sending UDP packets when debug level >= 5.
 * Accept Subnets passed with the -o option when StrictSubnets = yes.
 * Add missing ICMP6 message type definitions.
 * Make sure disabling old RSA keys works on Windows.
 * Update copyright notices.
 * Add missing ICMP message type definitions.
 * Make code to detect two nodes with the same Name less triggerhappy.
 * Flush output buffer in send_tcppacket().
 * Use usleep() instead of sleep(), MinGW complained.
 * Reorder checks for libraries to allow ./configure LDFLAGS=-static.
 * Make return value of SetPriorityClass() behave the same as setpriority().
 * Fix sparse warnings and add an extra sprinkling of const.
 * Remove newlines from log messages.
 * Remove a few unnecessary #includes.
 * Attribution for Loïc Grenié.
 * Improved --logfile option.
 * Remove redundant @CFLAGS@ from AM_CFLAGS.
 * Nearly tickless tinc.
 * Fix reading configuration files that do not end with a newline. Again.
 * Define WINVER before including any other header file on Windows.
 * Use intptr_t instead of long to store a pointer.
 * OpenSSL 1.0.0 compiled for 64 bit Windows requires linking with -lcrypt32.
 * Fix all warnings when compiling with mingw64.
 * Use strrchr() insteaad of rindex().
 * Detect and prevent two nodes with the same Name being on the VPN simultaneously.
 * Use 64 bit counters to keep track of bytes sent/received from the virtual \ 
network interface.
 * Do not append an address to ANS_KEY messages if we don't know any address.
 * Merge local host configuration with server configuration.
 * Remove duplicate command-line option parsing.
 * Attribution for Julien Muchembled.
 * Attribution for Timothy Redaelli.
 * Ensure there is a newline character before a PEM key is written.
 * Abort disabling old PEM keys on I/O errors.
 * Remove unused variables.
 * Quit when there are too many consecutive errors on the tun/tap device.
 * Read error counter must be static.
 * Add short options -R and -U to the tincd(8) manpage.
 * Don't use strlen() on a NULL pointer.
 * Provide usleep() for Windows.
 * Use variable length arrays instead of alloca().
 * Fix warning message when setting SO_RCVBUF or SO_SNDBUF fails.
 * Free replay window when freeing a node_t.
 * Fix variable length array declaration.
 * Attribution for Brandon Black.
 * Use setpriority() instead of nice() on UNIX-like systems.
 * Always send MTU probes at least once every PingInterval.
 * Close all filedescriptors in Solaris close_device().
 * Limit field width when scanning PID file.
 * Replace bogus #else with #endif.
 * Remove unused variables.
 * Document the behavior of "-n."
 * Update the manual.
 * Update the NEWS.
 * Proper check and dropin replacement for usleep().
 * Fix typo spotted by Andrew Scheller.
 * Add support for VDE through libvdeplug.
 * Fix spurious misidentification of incoming UDP packets.
 * Prevent anything from updating our own UDP address.
 * Do not set indirect flag on edges from nodes with multiple addresses.
 * Increase threshold for detecting two nodes with the same Name.
 * Always use the default signal handler for ABRT signals.
 * Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL.
 * Update THANKS and copyright information.
 * Ensure proper linking with OpenSSL with recent versions of MinGW.
 * Include <inttypes.h> when using intptr_t.
 * Experimental IFF_ONE_QUEUE support for Linux
 * Configurable SO_RCVBUF/SO_SNDBUF for the UDP socket
 * Configurable ReplayWindow size, zero disables
 * Improved handling of queue-jumping packets on receive
 * New '-o' option to configure server or hosts from command line
 * Fix command-line '-o' option for host configuration
 * Fix warnings showed using -D_FORTIFY_SOURCE=2
 * Fix warnings under BSD
 * Treat netname="." in a special way.
 * DragonFlyBSD support

Files:
RevisionActionfile
1.21modifypkgsrc/net/tinc/Makefile
1.10modifypkgsrc/net/tinc/distinfo
1.6modifypkgsrc/net/tinc/patches/patch-aa
1.5modifypkgsrc/net/tinc/patches/patch-ab
1.1removepkgsrc/net/tinc/patches/patch-ad