Path to this page:
Subject: CVS commit: pkgsrc/net/tinc
From: Tonnerre Lombard
Date: 2013-10-14 20:27:54
Message id: 20131014182754.B773096@cvs.netbsd.org
Log Message:
Update tinc to version 1.0.22.
Changes since version 1.0.13:
* Better optional argument handling.
* Set $NAME when calling host-up/down and subnet-up/down scripts.
* Don't echo broadcast packets back when Broadcast = direct.
* Update copyright notices.
* Fix combination of Mode = router and DeviceType = tap on Linux.
* Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
* Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch.
* Document how to load the tap driver on FreeBSD.
* Update THANKS file.
* Also clarify hostnames=[yes|no] in tinc.conf(5).
* Attribution for Vil Brekin and some code style cleanups.
* Don't ignore Makefile.am.
* Fix links in documenation.
* Attribution for Martin Schürrer.
* Add strict checks to hex to binary conversions.
* Clear connection options and status fields in free_connection_partially().
* Fix warnings from cppcheck.
* Clear Ethernet header when reading packets from a tun device.
* Clear status and options fields of unreachable nodes.
* Fix warnings from groff.
* Using alloca() for a constant sized buffer is very silly.
* Make sure PMTU discovery works in switch mode with VLAN tags.
* Mention in the manual that support for LZO and zlib can be disabled.
* Fix configure script help text for --enable options.
* Don't take the address of a variable whose scope is about to disappear.
* Send broadcast packets using a random socket, and properly support IPv6.
* Remove text saying you must have one of PrivateKey or PrivateKeyFile in tinc.conf.
* Fix support for tunemu on iOS devices.
* Make sure PriorityInheritance also works in switch mode.
* Detect increases in PMTU.
* Fix a compiler warning.
* Fix segmentation fault when trying to connect via a SOCKS5 proxy.
* Don't send proxy requests for incoming connections.
* Fix compiler warnings on Windows.
* Fix detection of rejected SOCKS5 proxy requests.
* Basic patch for android cross-compilation.
* Replace hard-code with new ScriptsInterpreter configuration property.
* Add basic .gitignore file, cleaning (most) files generated by autotools.
* Use __ANDROID__ define rather than dirty hard-code to allow android NDK \
cross-compilation.
* Android cross-compilation instructions.
* Output details of encryption errors
* Minor clarification, tinc.conf hostnames=[yes|no] variable only resolves \
names for logging purposes.
* Support :: in IPv6 Subnets.
* Remove newline from log message.
* Add support for systemd style socket activation.
* Allow environment variables to be used for Name.
* Allow broadcast packets to be sent directly instead of via the MST.
* Add basic support for SOCKS 4 and HTTP CONNECT proxies.
* Add support for SOCKS 5 proxies.
* Add support for proxying through an external command.
* Document new proxy types.
* Small fixes in proxy code.
* Fix compiler warnings.
* Fix crash when using Broadcast = direct.
* configure.in: fix AC_ARG_ENABLE and AC_ARG_WITH
* add (errnum) in front of windows error messages
* Always try next Address when an outgoing connection fails to authenticate.
* Allow a port to be specified in BindToAddress statements.
* Add support for multicast communication with UML/QEMU/KVM.
* Set default value of DecrementTTL to "no".
* Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast.
* Allow scoped addresses to be used for IPv6 multicast socket.
* Fix compiler warnings.
* Fix return value type of vde_send().
* Fix some more compiler warnings.
* Document OpenBSD "ifconfig link0" and Linux "ip tuntap" \
commands.
* Fix return type of vde_recv() as well.
* Mark DecrementTTL option experimental.
* Prevent read_rsa_public_key() from returning an uninitialized RSA structure.
* Return false instead of void when there is an error.
* Fix compilation of VDE and UML interfaces.
* Add vde/device.c to the tarball.
* Fix a few small memory leaks.
* Allow linking with multiple device drivers.
* Set FD_CLOEXEC flag on all sockets.
* Allow multiple BindToAddress statements.
* Merge branch 'master' of black:tinc
* Send packets back using the same socket as they were received on.
* Allow setting DeviceType to tun or tap on Linux.
* Merge branch 'master' of black:tinc
* Only compile raw socket code when it is supported on that platform.
* Decrement TTL of incoming packets.
* Don't bind outgoing TCP sockets anymore.
* Rename connection_t *broadcast to everyone.
* Allow disabling of broadcast packets.
* Move initialization of char *priority up to prevent freeing an uninitialized \
pointer.
* Document the command line flag -o and provide --option as well.
* Fix a bug that caused tinc to ignore all but the last listening socket.
* Fix check for raw socket support.
* Pass index into listen_socket[] to handle_incoming_vpn_data().
* Add LocalDiscovery option which tries to detect peers on the local network.
* Don't send ICMP Time Exceeded messages for other Time Exceeded messages.
* Stricter checks against routing loops.
* Only use broadcast at the start of the PMTU discovery phase.
* Only log errors sending UDP packets when debug level >= 5.
* Accept Subnets passed with the -o option when StrictSubnets = yes.
* Add missing ICMP6 message type definitions.
* Make sure disabling old RSA keys works on Windows.
* Update copyright notices.
* Add missing ICMP message type definitions.
* Make code to detect two nodes with the same Name less triggerhappy.
* Flush output buffer in send_tcppacket().
* Use usleep() instead of sleep(), MinGW complained.
* Reorder checks for libraries to allow ./configure LDFLAGS=-static.
* Make return value of SetPriorityClass() behave the same as setpriority().
* Fix sparse warnings and add an extra sprinkling of const.
* Remove newlines from log messages.
* Remove a few unnecessary #includes.
* Attribution for Loïc Grenié.
* Improved --logfile option.
* Remove redundant @CFLAGS@ from AM_CFLAGS.
* Nearly tickless tinc.
* Fix reading configuration files that do not end with a newline. Again.
* Define WINVER before including any other header file on Windows.
* Use intptr_t instead of long to store a pointer.
* OpenSSL 1.0.0 compiled for 64 bit Windows requires linking with -lcrypt32.
* Fix all warnings when compiling with mingw64.
* Use strrchr() insteaad of rindex().
* Detect and prevent two nodes with the same Name being on the VPN simultaneously.
* Use 64 bit counters to keep track of bytes sent/received from the virtual \
network interface.
* Do not append an address to ANS_KEY messages if we don't know any address.
* Merge local host configuration with server configuration.
* Remove duplicate command-line option parsing.
* Attribution for Julien Muchembled.
* Attribution for Timothy Redaelli.
* Ensure there is a newline character before a PEM key is written.
* Abort disabling old PEM keys on I/O errors.
* Remove unused variables.
* Quit when there are too many consecutive errors on the tun/tap device.
* Read error counter must be static.
* Add short options -R and -U to the tincd(8) manpage.
* Don't use strlen() on a NULL pointer.
* Provide usleep() for Windows.
* Use variable length arrays instead of alloca().
* Fix warning message when setting SO_RCVBUF or SO_SNDBUF fails.
* Free replay window when freeing a node_t.
* Fix variable length array declaration.
* Attribution for Brandon Black.
* Use setpriority() instead of nice() on UNIX-like systems.
* Always send MTU probes at least once every PingInterval.
* Close all filedescriptors in Solaris close_device().
* Limit field width when scanning PID file.
* Replace bogus #else with #endif.
* Remove unused variables.
* Document the behavior of "-n."
* Update the manual.
* Update the NEWS.
* Proper check and dropin replacement for usleep().
* Fix typo spotted by Andrew Scheller.
* Add support for VDE through libvdeplug.
* Fix spurious misidentification of incoming UDP packets.
* Prevent anything from updating our own UDP address.
* Do not set indirect flag on edges from nodes with multiple addresses.
* Increase threshold for detecting two nodes with the same Name.
* Always use the default signal handler for ABRT signals.
* Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL.
* Update THANKS and copyright information.
* Ensure proper linking with OpenSSL with recent versions of MinGW.
* Include <inttypes.h> when using intptr_t.
* Experimental IFF_ONE_QUEUE support for Linux
* Configurable SO_RCVBUF/SO_SNDBUF for the UDP socket
* Configurable ReplayWindow size, zero disables
* Improved handling of queue-jumping packets on receive
* New '-o' option to configure server or hosts from command line
* Fix command-line '-o' option for host configuration
* Fix warnings showed using -D_FORTIFY_SOURCE=2
* Fix warnings under BSD
* Treat netname="." in a special way.
* DragonFlyBSD support
Files: