1Version 1.0.36 August 26 2019 2------------------------------------------------------------------------ 3 4Guus Sliepen (8): 5 Remove the call to RAND_load_file(). 6 Update THANKS. 7 Backport tinc 1.1's str2net() function. 8 Update THANKS. 9 Fix spelling errors found by codespell. 10 Reformat all code using astyle. 11 Add a missing check for a pathname being too long. 12 Releasing 1.0.36. 13 14Rosen Penev (2): 15 Fix compilation when OpenSSL has no ENGINE support 16 Fix compilation without deprecated OpenSSL APIs 17 18Quentin Rameau (1): 19 Double-quote nodes in graphviz network file 20 21Werner Schreiber (1): 22 Fix segfault when dest->mtu is 0. 23 24Version 1.0.35 October 05 2018 25------------------------------------------------------------------------ 26 27Guus Sliepen (12): 28 Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738) 29 Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758) 30 Check the return value from snprintf(). 31 Check the return values from BN_hex2bn() and RAND_load_file(). 32 Fix all warnings when compiling with -Wall -W -pedantic. 33 Fix two small memory leaks. 34 Don't check for NULL-pointers before calling free(). 35 Update THANKS. 36 Fix checks for Cygwin-related macros. 37 Fix spelling errors. 38 Update README and links to required libraries. 39 Releasing 1.0.35. 40 41AMRI Amine (1): 42 Fixing typo 43 44Rafael Sadowski (1): 45 OpenBSD has a proper tap device. 46 47Version 1.0.34 June 12 2018 48------------------------------------------------------------------------ 49 50Guus Sliepen (10): 51 Add missing thanks to the NEWS message. 52 Fix building documentation when using OpenBSD's make. 53 Fix #ifdefs that were broken due to commit d178b58. 54 Don't use SOL_IP and SOL_IPV6. 55 Make systemd service file handling identical to tinc 1.1. 56 Rename distro/ to systemd/. 57 Document how to enable tinc at boot time using systemd. 58 Fix all spelling errors found by codespell. 59 Properly implement tinc.texi's dependency on tincinclude.texi. 60 Releasing 1.0.34. 61 62Maximilian Stein (1): 63 Fix SEGFAULT when trying to connect to IPv6 peer in non-IPv6 environment 64 65wangliushuai (1): 66 Remove redundant 'break'. 67 68Version 1.0.33 November 04 2017 69------------------------------------------------------------------------ 70 71Guus Sliepen (31): 72 Udpate THANKS. 73 Fix a potential memory leak. 74 Use AC_CONFIG_MACRO_DIR(). 75 Give absolute path for #include to AC_CHECK_HEADERS(). 76 Prepare for automatic code formatting using Artistic Style. 77 Never remove items from cmdline_conf. 78 Use stack-allocated strings for temporary filenames. 79 Fix a few minor memory leaks. 80 Remove unused/obsolete checks from configure.ac. 81 Use getcwd() instead of get_current_dir_name(). 82 Remove xmalloc.c, backport xalloc.h from tinc 1.1. 83 Update all header guards. 84 Convert sizeof foo to sizeof(foo). 85 Reformat all code using astyle. 86 Don't call ERR_remove_state(). 87 Unconditionally include stdbool.h and inttypes.h. 88 Remove more obsolete autoconf checks. 89 Remove obsolete m4/README. 90 Fix some "make distcheck" errors. 91 Add some information about the requirements of a chroot environment. 92 Handle tun/tap device returning EPERM or EBUSY. 93 Disable PMTU discovery when TCPOnly is used. 94 Fix all -Wall -W compiler warnings. 95 Realign comments. 96 Remove unused functions. 97 Ensure all parameters have names in header files. 98 Support autoconf's --runstatedir option. 99 Const correctness. 100 Fix compilation errors when --enable-uml is used. 101 Update THANKS. 102 Releasing 1.0.33. 103 104Rafael Sadowski (1): 105 fix tinc.conf for OpenBSD 106 107nemunaire (1): 108 Allow compilation from a build directory 109 110Version 1.0.32 September 02 2017 111------------------------------------------------------------------------ 112 113Guus Sliepen (13): 114 Don't dereference myself->incipher if it's NULL. 115 Merge remote-tracking branch 'VittGam/master' 116 Use /dev/udp instead of /dev/ip on Solaris. 117 Use getmsg()/putmsg() instead of read()/write() on Solaris. 118 Fix Solaris DeviceType = tap in router Mode. 119 Bind outgoing TCP sockets. 120 Move logging of "would block" messages to debug level 4. 121 Set KillMode=mixed in the systemd service file. 122 Don't forget about outgoing connections on host file read errors. 123 Fix Proxy = exec. 124 Set status.proxy_passed early for Proxy = exec. 125 Don't try to bind Proxy = exec sockets to an address. 126 Releasing 1.0.32. 127 128Vittorio Gambaletta (VittGam) (1): 129 route: Support ToS/DiffServ priority inheritance when routing IPv6 packets. 130 131Version 1.0.31 January 15 2017 132------------------------------------------------------------------------ 133 134Guus Sliepen (1): 135 Releasing 1.0.31. 136 137Élie Bouttier (1): 138 Remove ExecStop in tinc@.service 139 140Version 1.0.30 October 30 2016 141------------------------------------------------------------------------ 142 143Guus Sliepen (11): 144 Allow non-empty lines after status code from a HTTP proxy. 145 Fix proxy reply parsing broken by the previous commit. 146 Log only the first line of a proxy request rejection message. 147 Delay sending the real ID request until after a proxy request is granted. 148 Use AES256 and SHA256 by default, also for the meta-connections. 149 Enforce maximum amount of bytes sent/received on meta-connections. 150 Fix bit shifting arithmetic so the code actually does what the last commit message says. 151 Really fix byte budget calculation. 152 Use AES in CTR mode instead of OFB mode for meta-connections. 153 Use CFB mode for meta-connections to improve security. 154 Releasing 1.0.30. 155 156Version 1.0.29 October 09 2016 157------------------------------------------------------------------------ 158 159Guus Sliepen (11): 160 Preserve IPv6 scope_id in edges. 161 Ensure compatibility with OpenSSL 1.1.0. 162 Add -Wall to CFLAGS. 163 Check return value of RSA_generate_key_ex(). 164 Force nul-termination of strings after vsnprintf(). 165 Log warnings about dropped packets only with debug level 5 or higher. 166 Add a copy of ax_append_flag.m4. 167 Add ax_require_defined.m4. 168 Fix possibly unitialized variable. 169 Fix compiler warnings about format string errors on BSD. 170 Releasing 1.0.29. 171 172Version 1.0.28 April 10 2016 173------------------------------------------------------------------------ 174 175Guus Sliepen (8): 176 Fix compiling bsd/device.c on systems without utun. 177 Really remove use of __DATE__ and __TIME__ to facilitate reproducible builds. 178 Add systemd service files. 179 Update .gitignore. 180 Ensure the service files are in the tarball. 181 Explicitly mention that LibreSSL can be used as well. 182 Update links in the documentation. 183 Releasing 1.0.28. 184 185Version 1.0.27 April 10 2016 186------------------------------------------------------------------------ 187 188Guus Sliepen (26): 189 Add missing AM_PROG_CC_C_O to configure.ac. 190 Attribution for various contributors. 191 Update "now" after connect() when making outgoing connections. 192 Add ability to use proxies to connect to hostnames when there is no nameserver. 193 Only add a reflexive address when we're sure it's working. 194 Fix compatibility with TAP-Win32 9.0.0.21 and later. 195 Fix warnings from the Clang Static Analyzer. 196 Improve performance of edge updates. 197 Clarify that scripts are called synchronously. 198 Small fixes for the documentation. 199 Add warnings for bad combinations of Device and Interface. 200 Fix forwarding of edge updates. 201 Don't compile getopt*.c if the system provides getopt_long(). 202 Update .gitignore. 203 Update THANKS. 204 Use iface instead of interface. 205 Update copyright notices. 206 Remove use of __DATE__ and __TIME__ to facilitate reproducible builds. 207 Cast 0xff to char before comparing it to another char. 208 Get rid of a warning when compiling tinc using MinGW. 209 Every BSD flavor has a tap device nowadays. 210 Use devname() if available to support devfs cloning on BSD. 211 Use SIOCGIFADDR on BSDs that support it. 212 Enable silent builds by default. 213 Add support for OS X utun interfaces. 214 Releasing 1.0.27. 215 216Vittorio Gambaletta (VittGam) (6): 217 Fix DecrementTTL option. 218 Fix source IP address for ICMP unreachable packets generated by tinc. 219 Try to reply with node address only when decrementing the TTL. 220 Fix DecrementTTL option for packets destined to the local node. 221 s/broadcast_packet_helper/route_broadcast/ 222 Remove forward declaration for do_decrement_ttl. 223 224LunarShaddow (3): 225 fix typo 226 re-arrange include sequence to avoid a mingw introduced bug. 227 Proofing README. 228 229Florian Weik (1): 230 Fix NAME variable in subnet-* scripts for local subnets. 231 232Nathan Stratton Treadway (1): 233 Fix invalid checksum generation. 234 235Version 1.0.26 July 05 2015 236------------------------------------------------------------------------ 237 238Guus Sliepen (14): 239 Use VittGam's real name. 240 Attribution for Saverio Proto. 241 Always call res_init() before getaddrinfo(). 242 Fix --logfile without a filename on Windows. 243 Never call putenv() with data on the stack. 244 Return non-zero exit code when encountering configuration errors during startup. 245 Fix autoconf check for function attributes. 246 Fix spelling of FORTIFY_SOURCE. 247 Update copyright notices. 248 Attribution for various contributors. 249 Only check for -fno-strict-overflow if -fwrapv does not work. 250 Fix unputenv() on Windows. 251 Don't try to call res_init() if ./configure told us it doesn't exist. 252 Releasing 1.0.26. 253 254Jo-Philipp Wich (1): 255 fix musl compatibility 256 257Version 1.0.25 December 22 2014 258------------------------------------------------------------------------ 259 260Guus Sliepen (7): 261 Fix date of last NEWS entry. 262 Remember ToS/Diffserv priority for each socket individually. 263 Attribution for various contributors. 264 Automatically choose a tap device on Mac OS X when using switch Mode. 265 Update documentation for Mac OS X. 266 Check whether res_init() really lives in libresolv. 267 Releasing 1.0.25. 268 269Borg (3): 270 Fixed scripts calling under Win32. 271 Get MAC of TAP device. 272 Fixed tinc-up script calling on Win32. 273 274Alexis Hildebrandt (1): 275 Add support to link against libresolv Mac OS X 276 277Baptiste Jonglez (1): 278 Use the description from the 1.1 man page for the IndirectData option 279 280David Pflug (1): 281 Update README.android 282 283Jochen Voss (1): 284 Fix some typos in the manual. 285 286Tomislav Čohar (1): 287 Configure minimum reconnect timeouts. 288 289VittGam (1): 290 Support ToS/DiffServ priority handling for IPv6 meta and UDP connections. 291 292Version 1.0.24 May 11 2014 293------------------------------------------------------------------------ 294 295Guus Sliepen (13): 296 Remove useless variable 'hard' from try_harder(). 297 Merge pull request #14 from luckyhacky/master 298 Add an autoconf check for res_init(). 299 Nexthop calculation should always use the shortest path. 300 Fix issues found by Coverity. 301 Fix warnings found by GCC 4.9. 302 Fix a few more issues found by Coverity. 303 Fix a few more issues found by Coverity. 304 Drop h and hh length modifiers from printf format strings. 305 Fix a bug that could prevent tinc from starting correctly on Windows. 306 FIx the autoconf checks for res_init(). 307 Remove the warnings when IP_DONTFRAGMENT/IPV6-DONTFRAG is not supported. 308 Releasing 1.0.24. 309 310Steffan Karger (3): 311 Use constant time memcmp() when comparing packet HMACs. 312 Use cryptographically strong random when generating keys. 313 Check RAND_bytes() return value, fail when getting random fails. 314 315Armin Fisslthaler (1): 316 reload /etc/resolv.conf in SIGALRM handler 317 318Loic Dachary (1): 319 fix documentation typo 320 321luckyhacky (1): 322 update to openssl version 1.0.1g due to lack of heartbleed bug in prior version of openssl 323 324refs/tags/1.0.23-android-1 March 11 2014 325------------------------------------------------------------------------ 326 327Guus Sliepen (13): 328 Mention in the manual that multiple Address staments are allowed. 329 If no Port is specified, set myport to actual port of first listening socket. 330 Enable compiler hardening flags by default. 331 Update support for Solaris. 332 Include <limits.h> for PATH_MAX. 333 Stricter check for raw socket support. 334 Use hardcoded value for TUNNEWPPA if net/if_tun.h is missing on Solaris. 335 Fix incorrectly merged bits from 80cd2ff73071941a5356555b85a00ee90dfd0e16. 336 Don't enable -fstack-protector-all. 337 Remove or lower the priority of some debug messages. 338 Clarify StrictSubnets. 339 Attribution for various contributors. 340 Handle errors from TAP-Win32/64 adapter in a better way. 341 342Florent Clairambault (2): 343 Adding "conf.d" configuration dir support. 344 Adding some documentation around the /etc/tinc/$NET/conf.d directory. 345 346Vilbrekin (1): 347 Update android build instructions. Disable PIE as this is not supported on some devices. 348 349Version 1.0.23 October 19 2013 350------------------------------------------------------------------------ 351 352Guus Sliepen (9): 353 Check for writability when waiting for a socket to finish connecting. 354 Don't send PING requests on connections which are not active yet. 355 Fix segfault when Name = $HOST but $HOST is not set. 356 Fix typos in the documentation. 357 Modernize the build system. 358 Get rid of the splay tree implementation. 359 Add description of IffOneQueue and MaxTimeout to the info manual. 360 Clean up child processes from proxy type exec. 361 Releasing 1.0.23. 362 363Version 1.0.22 August 13 2013 364------------------------------------------------------------------------ 365 366Guus Sliepen (7): 367 Better optional argument handling. 368 Fix a typo. 369 Set $NAME when calling host-up/down and subnet-up/down scripts. 370 Don't use vasprintf() anymore on Windows. 371 Don't echo broadcast packets back when Broadcast = direct. 372 Update copyright notices. 373 Releasing 1.0.22. 374 375Etienne Dechamps (1): 376 Fix combination of Mode = router and DeviceType = tap on Linux. 377 378Version 1.0.21 April 22 2013 379------------------------------------------------------------------------ 380 381Guus Sliepen (2): 382 Drop packets forwarded via TCP if they are too big (CVE-2013-1428). 383 Releasing 1.0.21. 384 385Version 1.0.20 March 03 2013 386------------------------------------------------------------------------ 387 388Guus Sliepen (30): 389 Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch. 390 Document how to load the tap driver on FreeBSD. 391 Update THANKS file. 392 Also clarify hostnames=[yes|no] in tinc.conf(5). 393 Attribution for Vil Brekin and some code style cleanups. 394 Don't ignore Makefile.am. 395 Fix links in documenation. 396 Attribution for Martin Schürrer. 397 Add strict checks to hex to binary conversions. 398 Clear connection options and status fields in free_connection_partially(). 399 Fix warnings from cppcheck. 400 Clear Ethernet header when reading packets from a tun device. 401 Clear status and options fields of unreachable nodes. 402 Fix warnings from groff. 403 Using alloca() for a constant sized buffer is very silly. 404 Make sure PMTU discovery works in switch mode with VLAN tags. 405 Mention in the manual that support for LZO and zlib can be disabled. 406 Fix configure script help text for --enable options. 407 Don't take the address of a variable whose scope is about to disappear. 408 Send broadcast packets using a random socket, and properly support IPv6. 409 Remove text saying you must have one of PrivateKey or PrivateKeyFile in tinc.conf. 410 Fix support for tunemu on iOS devices. 411 Make sure PriorityInheritance also works in switch mode. 412 Detect increases in PMTU. 413 Fix a compiler warning. 414 Fix segmentation fault when trying to connect via a SOCKS5 proxy. 415 Don't send proxy requests for incoming connections. 416 Fix compiler warnings on Windows. 417 Fix detection of rejected SOCKS5 proxy requests. 418 Releasing 1.0.20. 419 420Vilbrekin (5): 421 Basic patch for android cross-compilation. 422 Replace hard-code with new ScriptsInterpreter configuration property. 423 Add basic .gitignore file, cleaning (most) files generated by autotools. 424 Use __ANDROID__ define rather than dirty hard-code to allow android NDK cross-compilation. 425 Android cross-compilation instructions. 426 427Martin Schürrer (1): 428 Output details of encryption errors 429 430Mesar Hameed (1): 431 Minor clarification, tinc.conf hostnames=[yes|no] variable only resolves names for logging purposes. 432 433Version 1.0.19 June 25 2012 434------------------------------------------------------------------------ 435 436Guus Sliepen (14): 437 Support :: in IPv6 Subnets. 438 Remove newline from log message. 439 Add support for systemd style socket activation. 440 Allow environment variables to be used for Name. 441 Allow broadcast packets to be sent directly instead of via the MST. 442 Add basic support for SOCKS 4 and HTTP CONNECT proxies. 443 Add support for SOCKS 5 proxies. 444 Add support for proxying through an external command. 445 Document new proxy types. 446 Small fixes in proxy code. 447 #include <winsock2.h> on Windows. 448 Fix compiler warnings. 449 Fix crash when using Broadcast = direct. 450 Releasing 1.0.19. 451 452Anthony G. Basile (1): 453 configure.in: fix AC_ARG_ENABLE and AC_ARG_WITH 454 455Michael Tokarev (1): 456 add (errnum) in front of windows error messages 457 458Version 1.0.18 March 25 2012 459------------------------------------------------------------------------ 460 461Guus Sliepen (13): 462 Always try next Address when an outgoing connection fails to authenticate. 463 Allow a port to be specified in BindToAddress statements. 464 Add support for multicast communication with UML/QEMU/KVM. 465 Set default value of DecrementTTL to "no". 466 Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast. 467 Allow scoped addresses to be used for IPv6 multicast socket. 468 Fix compiler warnings. 469 Fix return value type of vde_send(). 470 Fix some more compiler warnings. 471 Document OpenBSD "ifconfig link0" and Linux "ip tuntap" commands. 472 Fix return type of vde_recv() as well. 473 Mark DecrementTTL option experimental. 474 Releasing 1.0.18. 475 476Version 1.0.17 March 10 2012 477------------------------------------------------------------------------ 478 479Guus Sliepen (32): 480 Prevent read_rsa_public_key() from returning an uninitialized RSA structure. 481 Return false instead of void when there is an error. 482 Fix compilation of VDE and UML interfaces. 483 Add vde/device.c to the tarball. 484 Fix a few small memory leaks. 485 Allow linking with multiple device drivers. 486 Set FD_CLOEXEC flag on all sockets. 487 Allow multiple BindToAddress statements. 488 Merge branch 'master' of black:tinc 489 Send packets back using the same socket as they were received on. 490 Allow setting DeviceType to tun or tap on Linux. 491 Merge branch 'master' of black:tinc 492 Only compile raw socket code when it is supported on that platform. 493 Decrement TTL of incoming packets. 494 Don't bind outgoing TCP sockets anymore. 495 Rename connection_t *broadcast to everyone. 496 Allow disabling of broadcast packets. 497 Move initialization of char *priority up to prevent freeing an uninitialized pointer. 498 Document the command line flag -o and provide --option as well. 499 Fix a bug that caused tinc to ignore all but the last listening socket. 500 Fix check for raw socket support. 501 Pass index into listen_socket[] to handle_incoming_vpn_data(). 502 Add LocalDiscovery option which tries to detect peers on the local network. 503 Don't send ICMP Time Exceeded messages for other Time Exceeded messages. 504 Stricter checks against routing loops. 505 Only use broadcast at the start of the PMTU discovery phase. 506 Only log errors sending UDP packets when debug level >= 5. 507 Accept Subnets passed with the -o option when StrictSubnets = yes. 508 Add missing ICMP6 message type definitions. 509 Make sure disabling old RSA keys works on Windows. 510 Update copyright notices. 511 Releasing 1.0.17. 512 513Nick Hibma (1): 514 Add missing ICMP message type definitions. 515 516Version 1.0.16 July 23 2011 517------------------------------------------------------------------------ 518 519Guus Sliepen (4): 520 Make code to detect two nodes with the same Name less triggerhappy. 521 Flush output buffer in send_tcppacket(). 522 Use usleep() instead of sleep(), MinGW complained. 523 Releasing 1.0.16. 524 525Version 1.0.15 June 24 2011 526------------------------------------------------------------------------ 527 528Guus Sliepen (9): 529 Reorder checks for libraries to allow ./configure LDFLAGS=-static. 530 Make return value of SetPriorityClass() behave the same as setpriority(). 531 Fix sparse warnings and add an extra sprinkling of const. 532 Remove newlines from log messages. 533 Remove a few unnecessary #includes. 534 Attribution for Loïc Grenié. 535 Improved --logfile option. 536 Remove redundant @CFLAGS@ from AM_CFLAGS. 537 Releasing 1.0.15. 538 539Loïc Grenié (1): 540 Nearly tickless tinc. 541 542Version 1.0.14 May 08 2011 543------------------------------------------------------------------------ 544 545Guus Sliepen (48): 546 Fix reading configuration files that do not end with a newline. Again. 547 Define WINVER before including any other header file on Windows. 548 Use intptr_t instead of long to store a pointer. 549 OpenSSL 1.0.0 compiled for 64 bit Windows requires linking with -lcrypt32. 550 Fix all warnings when compiling with mingw64. 551 Use strrchr() insteaad of rindex(). 552 Detect and prevent two nodes with the same Name being on the VPN simultaneously. 553 Use 64 bit counters to keep track of bytes sent/received from the virtual network interface. 554 Do not append an address to ANS_KEY messages if we don't know any address. 555 Merge local host configuration with server configuration. 556 Remove duplicate command-line option parsing. 557 Attribution for Julien Muchembled. 558 Attribution for Timothy Redaelli. 559 Ensure there is a newline character before a PEM key is written. 560 Abort disabling old PEM keys on I/O errors. 561 Remove unused variables. 562 Quit when there are too many consecutive errors on the tun/tap device. 563 Read error counter must be static. 564 Add short options -R and -U to the tincd(8) manpage. 565 Don't use strlen() on a NULL pointer. 566 Provide usleep() for Windows. 567 Use variable length arrays instead of alloca(). 568 Fix warning message when setting SO_RCVBUF or SO_SNDBUF fails. 569 Free replay window when freeing a node_t. 570 Fix variable length array declaration. 571 Attribution for Brandon Black. 572 Use setpriority() instead of nice() on UNIX-like systems. 573 Always send MTU probes at least once every PingInterval. 574 Close all filedescriptors in Solaris close_device(). 575 Limit field width when scanning PID file. 576 Replace bogus #else with #endif. 577 Remove unused variables. 578 Document the behavior of "-n." 579 Update the manual. 580 Update the NEWS. 581 Proper check and dropin replacement for usleep(). 582 Fix typo spotted by Andrew Scheller. 583 Add support for VDE through libvdeplug. 584 Fix spurious misidentification of incoming UDP packets. 585 Prevent anything from updating our own UDP address. 586 Do not set indirect flag on edges from nodes with multiple addresses. 587 Increase threshold for detecting two nodes with the same Name. 588 Always use the default signal handler for ABRT signals. 589 Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL. 590 Update THANKS and copyright information. 591 Ensure proper linking with OpenSSL with recent versions of MinGW. 592 Include <inttypes.h> when using intptr_t. 593 Releasing 1.0.14. 594 595Brandon L Black (4): 596 Experimental IFF_ONE_QUEUE support for Linux 597 Configurable SO_RCVBUF/SO_SNDBUF for the UDP socket 598 Configurable ReplayWindow size, zero disables 599 Improved handling of queue-jumping packets on receive 600 601Julien Muchembled (2): 602 New '-o' option to configure server or hosts from command line 603 Fix command-line '-o' option for host configuration 604 605Timothy Redaelli (2): 606 Fix warnings showed using -D_FORTIFY_SOURCE=2 607 Fix warnings under BSD 608 609Michael Tokarev (1): 610 Treat netname="." in a special way. 611 612Rumko (1): 613 DragonFlyBSD support 614 615Version 1.0.13 April 11 2010 616------------------------------------------------------------------------ 617 618Guus Sliepen (20): 619 Clamp MSS to miminum MTU in both directions. 620 Simplify reading lines from configuration files. 621 Check for dirent.h. 622 Preload all Subnets in TunnelServer mode. 623 Add the StrictSubnets option. 624 Add the Forwarding option. 625 Add the DirectOnly option. 626 Fixes for the Forwarding option. 627 ConnectTo does not mean tinc does not listen for incoming connections anymore. 628 Log unauthorized Subnets when StrictSubnets is set. 629 Fix typo. 630 Convert Port to numeric form before sending it to other nodes. 631 Ensure ICMP_NET_ANO is defined. 632 Reload Subnets when getting a HUP signal and StrictSubnets is used. 633 Fix reloading Subnets when StrictSubnets is set. 634 Ensure subnet-up/down scripts are called after HUP when necessary. 635 Fixes for definitions under Windows. 636 Don't redefine MAX if it already exists. 637 Mark Forwarding and DirectOnly options as being experimental. 638 Releasing 1.0.13. 639 640Timothy Redaelli (2): 641 Add --disable-lzo configure option 642 Add --disable-zlib configure option 643 644Sven-Haegar Koch (1): 645 Never delete Subnets when StrictSubnets is set 646 647Version 1.0.12 February 03 2010 648------------------------------------------------------------------------ 649 650Guus Sliepen (21): 651 When learning MAC addresses, only check our own Subnets for previous entries. 652 Remove unused variable in lookup_subnet_*() functions. 653 Forget addresses of unreachable nodes. 654 Do not fragment packets smaller than RFC defined minimum MTUs. 655 Allow port to be specified in Address statements. 656 Use xstrdup() instead of xasprintf() to copy static strings. 657 Allow Port and PMTUDiscovery options in tinc.conf, always enable PMTUDiscovery by default. 658 Clamp MSS of IPv4 SYN packets. 659 Ping nodes immediately when receiving SIGALRM. 660 Optimise handling of select() returning <= 0. 661 Also clamp MSS of TCP over IPv6 packets. 662 Make MSS clamping configurable, but enabled by default. 663 Fix subnet-up/down scripts being called with an empty SUBNET. 664 Run subnet-up/down scripts for local MAC addresses as well. 665 Be liberal in accepting KEY_CHANGED/REQ_KEY/ANS_KEY requests. 666 Determine peer's reflexive address and port when exchanging keys. 667 Immediately exchange keys when establishing a meta connection. 668 Try to set DF bit on BSDs as well. 669 Update copyright notices. 670 Ensure peers with a meta connection always have our key. 671 Releasing 1.0.12. 672 673Version 1.0.11 November 01 2009 674------------------------------------------------------------------------ 675 676Guus Sliepen (16): 677 Fix a possible crash when sending the HUP signal. 678 Starting to work towards 1.0.11. 679 Handle weighted Subnets in switch and hub modes. 680 Clarify and increase level of log message about MTU probes to unreachable nodes. 681 Add dummy device. 682 Use uint32_t instead of long int for connection options. 683 Allow UDP packets with an address different from the corresponding TCP connection. 684 Always reply to MTU probes via UDP. 685 Make maxmtu equal to minmtu when fixing the path MTU to a node. 686 Forward packets to not directly reachable hosts via UDP if possible. 687 Use IP_DONTFRAGMENT instead of IP_MTU_DISCOVER on Windows. 688 Use WSAGetLastError() to determine cause of network errors on Windows. 689 Move socket error interpretation to utils.h. 690 Fast handoff of roaming MAC addresses. 691 Start a tinc service if it already exists. 692 Releasing 1.0.11. 693 694Michael Tokarev (1): 695 Remove localedir leftovers. 696 697Version 1.0.10 October 18 2009 698------------------------------------------------------------------------ 699 700Guus Sliepen (78): 701 Update documentation for git. 702 Consistently allocate device and iface variables on the heap. 703 Only send packets via UDP if UDP communication is possible. 704 Move free()s at the end om main() to the proper destructor functions. 705 Change flush_events() to expire_events(). 706 Add missing cleanup functions in close_network_connections(). 707 Use a global list to track outgoing connections. 708 Remove unused definitions from net.h. 709 Allow reading config files with CRLF endings on Unix systems. 710 Validate Name before using it in a filename when generating a keypair. 711 Disable old RSA keys when generating new ones. 712 Handle neighbor solicitation requests without link layer addresses. 713 Allow weight to be assigned to Subnets. 714 Update THANKS and copyright information. 715 Disable PMTUDiscovery in switch and hub modes. 716 Use a simple Random Early Drop algorithm in send_tcppacket(). 717 Handle UDP packets from different and ports than advertised. 718 If PMTUDiscovery is not set, do not forward packets via TCP unnecessarily. 719 Fix link to Mattias Nissler's tun/tap driver for MacOS/X. 720 Fix initialisation of packet decryption context broken by commit 3308d13e7e3bf20cfeaf6f2ab17228a9820cea66. 721 Use xrealloc instead of if(ptr) ptr = xmalloc(). 722 Add declaration for sockaddrcmp_noport(). 723 Use packet size before decompression to calculate path MTU. 724 Do not forward broadcast packets when TunnelServer is enabled. 725 Add ProcessPriority option. 726 Add some const where appropriate. 727 Properly set HMAC length for incoming packets. 728 Don't try to send MTU probes to unreachable nodes. 729 Remove pending MTU probe events when a node's reachability status changes. 730 Do not log errors when recvfrom() returns EAGAIN or EINTR. 731 Change level of some debug messages, zero pointer after freeing hostname. 732 Always remove a node from the UDP tree before freeing it. 733 Add xasprintf() and xvasprintf(). 734 Check the return value of fscanf() when reading a PID file. 735 Replace asprintf() by xasprintf(). 736 UNIX signal numbers start at 1. 737 Ensure tinc compiles with gcc -std=c99. 738 Convert bitfields to integers in a safe way. 739 Add the GPL license to the repository. 740 Another safe bitfield conversion. 741 Add support for iPhones and recent iPods. 742 Don't stat() on iPhone/iPod. 743 Put Subnet weight in a separate environment variable. 744 Allow PMTUDiscovery in switch and hub modes again. 745 Handle unicast packets larger than PMTU in switch mode. 746 Remove superfluous call to avl_delete(). 747 Apparently it's impolite to ask GCC to subtract two pointers. 748 Use only rand(), not random(). 749 Also do not use drand48(), it is not available on Windows. 750 Allow compiling for Windows XP and higher. 751 Remove dropin random() function, as it is not used anymore. 752 Use access() instead of stat() for checking whether scripts exist. 753 Raise default crypto algorithms to AES256 and SHA256. 754 Remove extra {. 755 Use a mutex to allow the TAP reader to process packets faster on Windows. 756 Raise default RSA key length to 2048 bits. 757 Send large packets we cannot handle properly via TCP. 758 Update copyright information. 759 Remove all occurences of $Id$. 760 Remove Ivo's old email addresses. 761 Update the address of the Free Software Foundation in all copyright headers. 762 K&R style braces. 763 Remove checkpoint tracing. 764 Drop support for localisation. 765 Add more authors to the copyright headers. 766 Update the NEWS. 767 Remove autogenerated files from EXTRA_DIST. 768 Don't disconnect clients in TunnelServer mode who send unauthorised ADD_SUBNETs. 769 Remove code duplication when checking ADD_EDGE/DEL_EDGE messages. 770 Revert "Raise default crypto algorithms to AES256 and SHA256." 771 Ensure that the texinfo manual can be converted to HTML. 772 Small updates to the documentation. 773 Use MTU probes to regularly ping other nodes over UDP. 774 Allow the cloning /dev/tap interface to be used on FreeBSD and NetBSD. 775 Remove debugging message when reading packets from a BSD device. 776 Include missing header. 777 Fix description of the WEIGHT environment variable. 778 Releasing 1.0.10. 779 780Michael Tokarev (17): 781 Allow tunnelserver to work with clients that have other peers. 782 Enable PMTUDiscovery only if BOTH sides wants it. 783 Rename setup_network_connections() and split out try_outgoing_connections() 784 Implement privilege dropping 785 bugfix: initialize pid (as read from pidfile) to zero 786 bugfix: move mlock to after detach() so it works for child, not parent 787 bugfix: chdir(/) after chroot 788 change error messages in droppriv code to match the rest 789 format 'not supported on this platform' error message 790 TunnelServer: Don't disconnect client on DEL_SUBNET too 791 ignore indirect edge registrations in tunnelserver mode 792 don't log every strange packet coming to the UDP port 793 Fix ans_key exchange in recent changes 794 tunnelserver: log which ADD_SUBNET was refused 795 cleanup setpriority thing to make it readable 796 try outgoing connections before chroot/drop_privs 797 Remove extra semicolon in my definition of setpriority() 798 799Florian Forster (2): 800 src/linux/device.c: Fix segfault when running without `--net'. 801 src/net_socket.c: Bind outgoing TCP sockets to `BindToAddress'. 802 803Borg (1): 804 Removed last gettext function. 805 806Version 1.0.9 December 26 2008 807------------------------------------------------------------------------ 808 809Guus Sliepen (18): 810 Handle SERVICE_CONTROL_INTERROGATE requests. Thanks to Carsten Ralle for noticing this. 811 Make sure the prefixlength of subnets is sane. 812 Fix reading configuration files that do not end with a newline. 813 Do not try to send REQ_KEY or ANS_KEY requests to unreachable nodes. 814 Prevent freeing a NULL pointer when a hostname is unresolvable. 815 Correct debug message. 816 Treat virtual network device as tap if Mode = switch or hub. 817 Use TUNIFHEAD by default on FreeBSD to make sure IPv6 works. 818 Make sure IPv6 sockets are IPv6 only. 819 Update Dutch translation. 820 Update copyright information. 821 Enable PMTU discovery by default. 822 Update documentation. 823 Update the manpage as well, and some whitespace to make its source more legible. 824 Handle broadcast and multicast packets in router mode. 825 Apply patch from Max Rijevski fixing a memory leak when closing connections. 826 Add missing parentheses in check for IPv4 multicast addresses. 827 Releasing 1.0.9. 828 829Version 1.0.8 May 16 2007 830------------------------------------------------------------------------ 831 832Guus Sliepen (8): 833 Apply patch from Scott Lamb preventing an infinite loop when sending SIGALRM. 834 Apply patch from Scott Lamb fixing some memory and resource leaks. 835 Close the proper filedescriptor (if it exists). 836 Apply patch from "dnk" making sockets non-blocking under Windows. 837 Make sure connection->name is never NULL. 838 Update dutch translation. 839 Don't free struct addrinfo too early. Spotted by Christian Cier-Zniewski. 840 Releasing 1.0.8. 841 842Version 1.0.7 January 05 2007 843------------------------------------------------------------------------ 844 845Guus Sliepen (7): 846 Use a ringbuffer in shared memory to transfer packets from the tapreader thread to the main thread. 847 Tapreader socket should be bound to localhost only. 848 Fix generic BSD tun device to write only the actual packet length. 849 rename() cannot replace existing files on Windows. 850 No things to do for the 1.0 branch except bugfixing. 851 Update copyright notices. 852 Releasing 1.0.7. 853 854Version 1.0.6 December 18 2006 855------------------------------------------------------------------------ 856 857Guus Sliepen (13): 858 Make sure resolved addressed for outgoing connections are freed, if there are any. 859 Search for lzo/lzo1x.h, lzo2/lzo1x.h and lzo1x.h. 860 When building the minimum spanning tree, make sure we start from a reachable node. 861 Use the correct next pointer. 862 Remove unnecessary stuff from configure.in. 863 Remove old Spanish translation. 864 Fix rule that creates html version of manpages. 865 Use standard autoconf macros instead of our own. 866 We do properly check for malloc and realloc. 867 Remove the test for linux/if_tun.h. 868 Do a simple test for linux/if_tun.h instead of no test at all. 869 Prevent compiler warnings about redefinition of EAI_FAMILY on FreeBSD 6.1. 870 Releasing 1.0.6. 871 872Version 1.0.5 November 14 2006 873------------------------------------------------------------------------ 874 875Guus Sliepen (32): 876 Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys. 877 Add alloca.h to the list of necessary header files. 878 Enable OpenSSL ENGINE, so crypto hardware gets used. Thanks to Andreas van Cranenburgh. 879 EVP_Cleanup() when quitting. 880 Apply patch from Scott Lamb unifying configuration of TCP socket options. 881 Apply patch from Scott Lamb adding an output buffer for the TCP sockets. 882 Make sure $NAME is set correctly when executing tinc-down script. 883 Missing #include. 884 Export flush_meta(). 885 Fix signedness compiler warnings. 886 Fix a bug in handling prefixlengths that are not a multiple of 4. 887 Update copyright notices, remove Ivo's email address. 888 Restore length of the original packet in send_udppacket(). 889 Use memcpy() to copy sockaddrs returned by getaddrinfo(). 890 Add generic host-up and host-down scripts. 891 Do not break strict aliasing of status_t structs. 892 Fix format string warnings. 893 Remove unused variables. 894 Remove unused parameter from maskcmp(). 895 Remove unused variable. 896 memcpy() addresses from packet headers before calling the lookup functions. 897 The "active" bit in node.status is not used. 898 Added graph dumping ability based on Markus Goetz's patch. 899 popen() requires pclose(). 900 Support and autodetect LZO version 2.0 and later. 901 Support and autodetect LZO version 2.0 and later. 902 Document GraphDumpFile option. 903 Update Dutch translation. 904 Nodes use events, so event system should be initialised first and destroyed last. 905 When deleting an entire tree, start at head, not at root. 906 EWOULDBLOCK does not exist on platforms without O_NONBLOCK 907 Releasing 1.0.5. 908 909Version 1.0.4 May 04 2005 910------------------------------------------------------------------------ 911 912Guus Sliepen (17): 913 Make sure broadcast packet reach the local network interface. 914 Fix splay tree code. 915 subnet-up/down hooks 916 subnet-up/down hooks, use list_t for the todo list. 917 Small fix. 918 Free memory used by connection_t after it is deleted from the connection tree. 919 Use the proper free function. 920 Correct size argument for strncat(). 921 Nodes should only be in the node_udp_tree if they are reachable. 922 Don't try to add a non-existing node back to the node_udp_tree. 923 Remove unused (and potentially segfaulting) net2str() call. 924 Be on the safe side with initialisation of c->name. 925 Searching through splay trees may change the tree variable. 926 Several splay tree fixes. 927 Describe subnet-up/down scripts in documentation. 928 Update copyright notices. 929 Releasing 1.0.4. 930 931Version 1.0.3 November 11 2004 932------------------------------------------------------------------------ 933 934Guus Sliepen (77): 935 Removed items in TODO list that are already implemented. Only two items 936 Applied patch from Jamie Briggs for bash2 conformance. 937 Added another semicolon for bash2 compliance (thanks to Jamie Briggs) 938 Adding even more stuff from the CABAL branch. 939 Synchronise HEAD with CABAL branch. 940 This will become 2.0. 941 Some device.c files weren't synchronised. 942 Makevars file was accidentily removed. 943 Forgot to synchronise po/ directory... 944 Add description of new authentication scheme. 945 Add Opaque option which prevent information from being forwarded to certain nodes. 946 Replace Opaque and Strict options with a TunnelServer option. 947 Complain if pid file cannot be created. 948 Read MaxTimeout from tinc.conf like the manpage says. 949 Missing space between words. 950 Don't retry if configuration is wrong from the beginning. 951 Fix proxy-neighborsolicitation. 952 Code beautification, start of multicast support. 953 Forget multicast. Always inline some function. 954 Let tinc figure out the exact MTU of the link. 955 More sensible name, and try to set PMTU discovery on IPv6 sockets as well. 956 Describe the TunnelServer and PMTUDiscovery options. 957 Better name, show probed MTU in dump. 958 Improvements for PMTU discovery and IPv4 packet fragmentation. 959 Missing definitions. 960 Small fixes for PMTU discovery. 961 Don't forget to update destination MAC address. 962 Small updates. 963 Remove autogen.sh, the autoreconf program does exactly that. 964 Replace cvs-clean with a much better svn-clean. 965 Remove CVS related cruft. 966 Eat trailing whitespace in config files. 967 Only read our public key if it wasn't already in the private key file. 968 Updating dutch translation. 969 Even better svn-clean command. 970 Applied Martin Kihlgren's IdentityGenerosity patch, 971 Fix declaration of update_node_address(). 972 Use Subversion to create ChangeLog, better svn-clean rule. 973 Revert Martin Kihlgren's patch, it doesn't work the way it should. 974 Move CABAL branch to its rightful place: the trunk. 975 Update copyrights, links, email addresses and let Subversion update $Id$ keywords. 976 Increase MTU by 4 bytes to allow VLAN tagged Ethernet frames in hub and switch mode. 977 Clean up environment after executing scripts. 978 Handle timeouts during connecting the same way as other errors. 979 Added UML network socket handling. 980 Don't set $INTERFACE automatically, don't quit on EINTR/EAGAIN. 981 Marking potential late packets was in the wrong place. 982 Remove duplicate #include "system.h" 983 Move all #ifdef HAVE_HEADER_H #include <header.h> to have.h, 984 Fix several #includes. 985 strndupa() is too arcane for some environments. 986 Allow tinc to work with the latest TAP-Win32 driver. 987 Correct return value. 988 Don't let tinc service depend on NDIS component. 989 Support alternative tun/tap driver from http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ 990 Generic device driver for *BSD and MacOS/X 991 static 992 Check for sys/uio.h, net/if_tun.h and net/if_tap.h 993 Don't include .svn directory in sample configuration. 994 Splay trees. 995 Hoopjumping to get the default directories in the manuals properly. 996 Update to make it compile again. 997 Fixed another bug in late packet handling. 998 Hopefully this really fixes late packet handling. 999 Missing check for NULL-pointer. 1000 Use the generic BSD tun/tap code. 1001 Fix order of arguments for tar. 1002 Let compiler decide when to inline. 1003 Support tunneling IPv6 on Solaris. 1004 Add BlockingTCP option, useful when using TCPOnly on slow or congested links. 1005 Update documentation. 1006 Set BSD tuns to broadcast mode. On OpenBSD, this enables IPv6 on the tun device! 1007 Remove duplication. 1008 Updated dutch translation. 1009 Short readme about how to compile tinc from a Subversion checkout. 1010 Add more people who have contributed to tinc. 1011 Releasing 1.0.3. 1012 1013Ivo Timmermans (52): 1014 Check for __gmpz_powm for libgmp3. 1015 Changed version number to 1.0pre3. 1016 Autogenerated by gettextize. 1017 Bring head revision up to date with cabal (try #3) 1018 Add check for the syslog function 1019 Generalized error handling functions 1020 Add all the new files to the sources list for the utility library 1021 New function: xalloc_and_zero() 1022 Generalized list and hash handling functions 1023 First try to create a graphical frontend for tinc configuration 1024 Updating HEAD branch #1; removing obsolete files. 1025 Updating HEAD branch #2; removing debian/ dir. 1026 Updating HEAD branch #3; more obsolete files removed. 1027 Updating HEAD branch #4; Merging CABAL -> HEAD. 1028 Updating HEAD branch #5; Last files from CABAL. 1029 Ok, I forgot these ;) 1030 More updates 1031 More... 1032 Last bits (hopefully) 1033 Main pokey interface files. 1034 Pokey interface definition 1035 Write src/pokey/Makefile 1036 Also compile in pokey/ 1037 Remove debug level declaration 1038 Update copyright info 1039 Remove debug_lvl 1040 New logging system to replace syslog() calls with a generic function. 1041 Rename log_message to log 1042 Add syslog() wrapper 1043 Add syslog wrapper 1044 Some magic 1045 Added priority definitions from syslog.h 1046 log_default_hook was renamed to log_default 1047 Added prototype for log_syslog 1048 Use logging.h instead of syslog.h 1049 Compile in logging.c 1050 Things to ignore... 1051 Use new logging system 1052 Include logging.h 1053 Renamed libvpn to libtinc 1054 Rename libvpn to libtinc 1055 ... 1056 Print newline when writing to stderr 1057 *** empty log message *** 1058 Moving files, first attempt at gcrypt compatibility, more interface 1059 Commit diff test 1060 Another file moved; random interface stuff. 1061 Callbacks 1062 Moved event.c/h 1063 test 1064 test 2 1065 Hm. 1066 1067Wessel Dankers (5): 1068 Initial revision. Lots of loose ends, not usable yet. 1069 added bit on config file, split up sections, added Id: tag 1070 Added extra bit about keys. 1071 More about keys 1072 This file is now only in the CABAL revision. 1073 1074cvs2svn (1): 1075 This commit was generated by cvs2svn to compensate for changes in r1352, 1076 1077Version 1.0.2 November 08 2003 1078------------------------------------------------------------------------ 1079 1080Guus Sliepen (47): 1081 Simplify fake getname/addrinfo() functions, possibly fixing freeing a NULL pointer. 1082 stat() batch files under Windows. 1083 Don't getsockopt() SO_ERROR. We get the error from send()/recv() anyway. 1084 Fix fake getnameinfo() and check more arguments. 1085 Fix --logfile under Windows. 1086 Use the event log under Windows. 1087 Compilation fix. 1088 Do what the SDK documentation tells. 1089 If we're not in main_loop() and the service is stopped, exit immediately. 1090 Allow tinc to handle unknown type addresses from other tinc daemons. 1091 Don't overwrite the first " when installing a service. 1092 Add checkpoints. 1093 When purging nodes, only delete them if nobody references them anymore. 1094 Remove debug message. 1095 Add license exception from Markus Oberhumer. 1096 Remove old edges from unreachable nodes to us. This prevents the hosts/NAME-up 1097 We don't have to tell GCC how to cast. 1098 Prevent multiple inclusions. 1099 Remove pidfile when exitting. 1100 Update translations. 1101 Check for short packets from the tun/tap device and from other tinc daemons. 1102 Generate keys with 0x10001 as public exponent, which has less prime factors 1103 Better length checks. 1104 Copy structs from packets to the stack before using them, to prevent 1105 const 1106 Ethernet protocol types. 1107 Unused variable in struct. 1108 Don't confuse users with "Address family not supported" warnings. 1109 Use CPPFLAGS, LDFLAGS and LIBS as appropiate. 1110 PIDs are of type pid_t, and use %ld when reading/writing them to the pidfile. 1111 Make sure type of AF_UNKNOWN is sa_family_t. 1112 Forgot to #include "xalloc.h" 1113 Update missing definitions, structs describing headers get __packed__ attribute. 1114 Missing declaration. 1115 Set media status for newer TAP-Win32 driver. 1116 Some platforms don't know sa_family_t or define it other than uint16_t. 1117 Update documentation. 1118 Fix ASCII art. 1119 Check return value of EVP_* functions, and check if length before en/decryption 1120 Check all EVP_ function calls. 1121 Parentheses in the wrong spots. 1122 Fix bug that could lead to an assertion failure in libcrypto when multiple 1123 Small fixes in documentation. 1124 Fix another bug in meta.c. 1125 Update dutch translation. 1126 Add missing definitions. 1127 Release notes for 1.0.2 1128 1129Version 1.0.1 August 14 2003 1130------------------------------------------------------------------------ 1131 1132Guus Sliepen (24): 1133 Windows uses backslashes... 1134 Tell windows to be patient. 1135 Remove unused stuff from doc/. 1136 Correct error message when remote host closed connection. 1137 Simplify execute_script(). It will probably work under Windows as well. 1138 Allow empty lines in config files. 1139 Make rule for sample-config.tar.gz. 1140 Readd quotes. 1141 Typo. 1142 Better error messages under Windows. 1143 Log error first, try to close later. 1144 Quote when needed and don't try stuff that doesn't work under Windows. 1145 Under Windows, the installation directory can be found in the registry. 1146 Better error checking and reporting. 1147 Small things. 1148 Simpler checking of permissions on private RSA key and other fixes. 1149 Check for fchmod(). 1150 Only system() needs script name quoted. 1151 Update documentation. 1152 Add a description for the Service control panel. 1153 Updated dutch translation. 1154 Small fixes. 1155 Fix permissions check for rsa_key.priv. 1156 Update. 1157 1158Version 1.0 August 08 2003 1159------------------------------------------------------------------------ 1160 1161Guus Sliepen (111): 1162 Thank some more people. 1163 Run graph() after edge_del() when updating an edge. 1164 Add documentation for BindToAddress. 1165 Fix PriorityInheritance. 1166 PrivateKeyFile instead of PrivateKey. 1167 Run graph algorithm when replacing a second connection from the same host 1168 Add $NAME for tinc-up/down scripts. 1169 - Fix indentation in some places. 1170 Various fixes for autoconf and OpenSSL 0.9.7 and a missing header. 1171 Make sure send_meta() writes everything. 1172 Typo. 1173 - Avoid memory leak caused by OpenSSL 0.9.7a. 1174 - Speed up checksumming 1175 Don't copy more than necessary. 1176 Checksums must also work for uneven number of bytes. 1177 HUP signal now closes connections to hosts if their host config file is 1178 Better handling of late packets. 1179 Make sure outgoing_t is completely freed. 1180 - Per-node EVP_CIPHER_CTX to avoid initialisation overhead. 1181 Small fixes to make LZO compression work. 1182 Small fixes. 1183 Fix links. 1184 Fix warning and add missing checks for LZO library. 1185 Call make_names() before doing anything else. 1186 If we have a Linux tun/tap device and we are in router mode, open the device 1187 AddressFamily is "any" by default. 1188 Remove mymac stuff from device.c. 1189 Fixes from Wessel Danker's libavl. 1190 More braces to make gcc happy. 1191 Update documentation. 1192 Update dutch translation. 1193 Typo and conversion to UTF-8. 1194 There are two lzo compression levels. 1195 Really make tinc default to any addressfamily. 1196 This subtle pointer arithmetic thingy is (I'm very sure of it) the cause 1197 - simplify configure.in 1198 Check for IPv6 header files. 1199 Define logger(), cleans up source code and allows us to write log entries 1200 Sprinkling the source with static and attributes. 1201 Provide all missing IPv6 definitions in lib/ipv6.h. 1202 Actually add ipv6.h. 1203 More missing definitions. 1204 More missing IPv6 definitions and autoconf checks to make sure it compiles 1205 Simplify logging, update copyrights and some minor cleanups. 1206 Update copyrights. 1207 Removing distribution specific files from CVS. 1208 Format string checking for logger(). 1209 Export mymac. 1210 Make use of the CIPE driver. Woohoo, tinc for Windows! 1211 Windows headers declare a struct interface somewhere. 1212 Big header file cleanup: everything that has to do with standard system 1213 Even more missing definitions. 1214 Remove all #ifndefs from route.c 1215 Update all device.c files. 1216 Check for ethernet/ipv4/ipv6 related structures. 1217 Use iface instead of interface because it might already be declared in 1218 Oops. 1219 No UNIX style permissions under Windows. 1220 Be consistent. 1221 Oops. 1222 Check for sys/mman.h. 1223 Use functions from logger.c 1224 Copy cygwin driver to mingw directory. It doesn't work (yet). 1225 Add section about configuring Cygwin and CIPE on Windows. 1226 Option to specify pidfile location. 1227 Use bools and enums where appropriate. 1228 Run setup_device() after parsing configuration but before claiming we're ready. 1229 Don't initialise a CIPHER_CTX if cipher == NULL. 1230 Sprinkle around a lot of const and some C99 initialisers. 1231 More generic handling of tap device under Windows. 1232 More checks for missing functions. 1233 Fix compile errors and warnings. 1234 Update dutch translation and make sure all device drivers are included in 1235 Update configure scripts. 1236 Make sure it works. 1237 Make sure (at least) the MinGW device driver works. 1238 Native Windows support. 1239 Cleanups. 1240 Update documentation and remove stuff that's too outdated. 1241 Remove doc/es/ and src/device.c from the distribution. 1242 No C99 initialisers, gcc 2.95.3 doesn't like it. 1243 Replacement for stdbool.h 1244 Prevent definitions from messing up attributes. 1245 Check if the compiler knows about the __malloc__ attribute. 1246 Wrong argument. 1247 Remove forgotten braces. 1248 No easy way to properly detect header files... 1249 Woops! 1250 Wrong function... 1251 Prevent system headers from including our own headers. 1252 Allow whitespace in values. 1253 Oops. 1254 Windows has no symbolic links as we know it. 1255 When compiling with MinGW, link with ws2_32. 1256 Install tinc as a service under Windows (MinGW). Remove cleanup_and_exit(), 1257 Error messages. 1258 Cleanups and error messages. 1259 Missing include. 1260 Oops. 1261 Updated dutch translation. 1262 Explain how tinc detaches and how it is "killed" under Windows. 1263 Typo and another thing to think about. 1264 Clean up last part of main(). 1265 Old gcc compilers don't like declarations in the middle of a function. 1266 Cygwin needs windows.h. 1267 Keep Windows happy. 1268 Remove newlines from log messages. 1269 Update dutch translation 1270 Simplify translation 1271 Use our own port when connecting to ourself. 1272 Sync CABAL branch with release-1_0 branch. 1273 1274Ivo Timmermans (2): 1275 Fix saving of debug level for startup level 0 1276 Call RSA_blinding_on(), as advised in the paper on 1277 1278Wessel Dankers (1): 1279 its: Engels voor "van het" - 3e persoon enkelvoud, genitief, onzijdig 1280 1281Version 1.0pre8 September 16 2002 1282------------------------------------------------------------------------ 1283 1284Guus Sliepen (73): 1285 Support for MaxOS/X. 1286 Add BindToAddress variable, similar to the late BindToIP. 1287 Added Nick Patavalis for his RedHat package. 1288 Informative log message if execl() failed. 1289 Fix very stupid bug in node_del(), which might have caused corruption of 1290 Only purge once when there are no more connections. 1291 Support RSA_PUBKEYs (as opposed to RSAPublicKeys) so tinc accepts 1292 Make it work correctly with NetBSD tun device. 1293 Use correct includes on NetBSD. 1294 Cleanup: 1295 Use inttypes.h instead of stdint.h. 1296 - netinet/* include files depend on netinet/in_systm.h. 1297 Added Darwin (MacOS/X) tun device handling. 1298 Use darwin/device.c when compiling on MacOS/X. 1299 Include darwin/device.c in distribution. 1300 Autoconf cleanup. Works for both 2.13 and 2.53, although running autoconf 1301 Add configuration details for NetBSD and Darwin (MacOS/X). 1302 Reset listen_sockets after SIGHUP. 1303 Update comments about IPv6 autoconfiguration. 1304 s/sliepen.warande.net/sliepen.eu.org/g 1305 Fix for prefixlengths of 32 (IPv4) and 128 (IPv6) bits. 1306 Allow list of environment variables to be passed to execute_script(). 1307 Allow identical subnets from different owners. 1308 Clear subnets before using them. 1309 Started port to Cygwin. 1310 Added stub device.c for Cygwin. 1311 Include complete fake-getname/addrinfo from OpenSSH. 1312 Allow tincd to be locked into main memory. 1313 Don't bother to chown, and correctly document ConnectTo. 1314 Added support for raw sockets. This can be used instead of tun/tap devices. 1315 Gettext 1.11.5 compatibility. 1316 Check for ranlib. 1317 Replacement for the current routing algorithm. 1318 Make sure setlocale() is available. 1319 Drop graph and edge stuff. Use new node stuff instead. 1320 A reachable node is always more preferable to an unreachable one... 1321 Woops. 1322 Reduce KEY_CHANGED traffic. 1323 Prevent looping DEL_NODE/ADD_NODE messages after a node disconnects. 1324 Don't forget to set prevhop to myself for new connections. 1325 Just ignore wrong ADD_NODEs instead of replying with a DEL_NODE, in the 1326 Revert to edge and graph stuff. This time, use a directed graph. 1327 Small fixes. 1328 Generalized request broadcasting/forwarding. 1329 Updated dutch translation. 1330 Small updates. 1331 Run autopoint and libtoolize before creating initial makefiles. 1332 Add missing headers. 1333 Typo. 1334 Only reset seqno's when a key is sent or received. 1335 Remove global edge_tree. 1336 edge_weight_compare() shouldn't rely on edge_compare(). 1337 Reset the *correct* seqnos. 1338 Fix MST algorithm. 1339 Why don't these connection_t's get cleaned up? 1340 Cleanups: 1341 Switch to K&R style indentation. 1342 Switch to K&R style indentation. 1343 Remove redundant spaces. 1344 Let GCC check format string and arguments of send_request(). 1345 Fix compiler warnings. 1346 Clean up after indent. 1347 Link with libintl if necessary. 1348 Fix placement of #include "config.h" 1349 Make sure malloc() is declared. 1350 What was I thinking? 1351 MacOS/X needs #define _P1003_1B_VISIBLE in order to use mlockall(). 1352 port_t isn't used anymore and conflicts with MacOS/X headers. 1353 Small fixes so tinc compiles out of the box on SunOS 5.8 1354 Updated dutch translation. 1355 Use /dev/net/tun as default for tun/tap device under Linux. 1356 Update documentation. 1357 Remarks about 1.0pre8 release. 1358 1359Ivo Timmermans (9): 1360 Put #ifndef checks for HAVE_RAND_PSEUDO_BYTES in the correct places. 1361 Typo 1362 OSX support 1363 getnameinfo fixes 1364 Add /sw/{include,lib} to search paths if they exist 1365 Include a few more header files 1366 Include netbsd's device.c in make dist 1367 Added Alessandro Gatti 1368 Added AM_MAINTAINER_MODE 1369 1370Wessel Dankers (1): 1371 This should work much better. 1372 1373Version 1.0pre7 April 09 2002 1374------------------------------------------------------------------------ 1375 1376Guus Sliepen (9): 1377 Make configure --help output look nicer. 1378 Don't check_network_activity() if select() is interrupted by a signal. 1379 check_rsa() is broken, I don't know why, just remove it for now. 1380 Fix maskcheck() and maskcmp(). 1381 Automake forgets about depcomp, remind it. 1382 masklength is better known as prefixlength. 1383 masklength is better known as prefixlength 1384 Updated dutch translation. 1385 Remarks about 1.0pre7 release. 1386 1387Version 1.0pre6 March 27 2002 1388------------------------------------------------------------------------ 1389 1390Guus Sliepen (91): 1391 Forgot to merge new files from pre5. 1392 Last bits of the merger. 1393 Sensible defaults for $INTERFACE. 1394 - If no PrivateKeyFile is specified, /etc/tinc/netname/rsa_key.priv is assumed. 1395 Small fix. 1396 Added support for packet compression, thanks to Mark Glines. 1397 Don't use sa_sigaction (which NetBSD doesn't like) at all if we don't use siginfo. 1398 Get rid of sys/signal.h. 1399 Added device.c for NetBSD, actually a copy of the OpenBSD one. 1400 Add check for NetBSD. 1401 - Non-blocking connect()s. 1402 Fix segfault when receiving HUP signal. 1403 Use AF_UNSPEC for listening sockets if AddressFamily = any. 1404 Forward packets in router mode. 1405 Fix maskcmp() and maskcpy(). 1406 Cache results of lookup_subnet_...(). 1407 Protocol now also exchanges cipher/digest/maclength/compression for the 1408 Preserve inpkt->len, needed for broadcasts. 1409 - Use gai_strerror() where appropriate 1410 - Change SA_LEN to SALEN, former one is already defined on some platforms. 1411 Tweaking IPv6 support. 1412 Allow multiple listening sockets. 1413 Fix send_request() bug. 1414 Make BindToInterface work. 1415 Fix listening sockets. 1416 If "PriorityInheritance = yes" is specified in tinc.conf, the value of the 1417 Create/bind TCP and UDP listening sockets in pairs. 1418 Updated documentation. 1419 Updated dutch translation. 1420 - Global time_t now, so that we don't have to call time() too often. 1421 Document and clean up MAC address expiry. 1422 Woops. 1423 Check if BindToDevice and PriorityInheritance are supported. 1424 Fix forwarding of IPv6 packets. 1425 po/POTFILES and po/Makefile should not be generated by configure. 1426 Autodetect $MAKE/gmake/make. 1427 Small fixes to improve portability. 1428 Don't retry to make outgoing connections when exitting. 1429 Cleanups, spelling fixes, allow symbol names for signals (-k option), 1430 prune_connections() before build_fdset(). 1431 Try to reply to neighbor solicitation requests. 1432 New strategy: forward icmp6 neighbor solicitations to intended target. 1433 Simplified implementation of Kruskal's minimum spanning tree algorithm. 1434 Packet sequence number/authentication warnings only if debug_lvl >= 5. 1435 Remove silly cache thingy. 1436 Put #ifdef NEIGHBORSOL around corresponding code. 1437 Revert changes to Kruskal's algo. 1438 Neighbor solicitation requests now work (I think). 1439 Oops, don't forget to actually put the checksum in the response packet. 1440 Different way of detecting neighbor solicitation requests. 1441 Typo. 1442 Unmap v4mapped sockaddrs. 1443 Only unmap IPv6 addresses. 1444 #define s6_addr32, needed for FreeBSD. 1445 Fix #define s6_addr32. 1446 Remember sockaddrs of listening sockets, use appropriate one when sending 1447 Cleanup. 1448 Don't use s6_addr[16|32] anymore. 1449 Updated dutch translation. 1450 Updated SSSP algorithm to automatically detect indirect links (if a node uses 1451 Put a break on requests that run around in circles. 1452 - Added support for jumbograms. 1453 Fix add_edge_h(). 1454 Fix compiler warnings, strictly use long int and %lx for options. 1455 send_ack() was broken. 1456 free() request strings when deleting past requests from the tree. 1457 Don't run graph algorithms if no edge is deleted in terminate_connection(). 1458 Reset retry timeout when receiving the first PONG, not right after receiving the ACK. 1459 Don't try to execute scripts unless they exist. 1460 Execute hosts/name-up when a node becomes reachable, and hosts/name-down 1461 Set $INTERFACE correctly when using ethertap while compiled with tun/tap support. 1462 Updated dutch translation. 1463 Respect type field. 1464 OpenBSD tun device uses address family number instead of Ethernet type. 1465 Configuration variables were still handled case sensitively. 1466 Set myself->status.reachable. 1467 Updated documentation. 1468 Tell a little bit more about security. 1469 Send REQ_KEY only once until ANS_KEY has arrived. 1470 Fix execute_script(). 1471 Small correction. 1472 Merge do_prune() with build_fdset(). Probably fixes the invalid filedescriptor error. 1473 Extend list_t with the number of elements in the list. 1474 Limit the amount of packets in a queue to 8. 1475 Small updates. 1476 Remove cruft. 1477 Recent automake uses $(AMTAR) instead of $(TAR) 1478 Remove symlink to device.c when doing a make dist. 1479 Fix format strings. 1480 Update dutch translation. 1481 Update with information about the pre6 release. 1482 1483Version 1.0pre5 February 10 2002 1484------------------------------------------------------------------------ 1485 1486Guus Sliepen (109): 1487 Small fixes to allow correct compilation under FreeBSD (tested with 4.3) 1488 Make sure Solaris is happy too. 1489 Fix subnet_lookup() for overlapping subnets. Needs rethinking. 1490 Added proxy-arp support. No more ifconfig -arp needed. Works like a charm 1491 - tinc can now act as a switch or a hub too (as opposed to a router only) 1492 Changed some stuff to allow correct generation of po/Makefile after a 1493 Updated dutch translation. 1494 - This oneliner removes the need for ifconfig tap? hw ether fe:fd:0:0:0:0 1495 Fix bug where lookup_subnet_ipv4() could go into an infinite loop. 1496 You can now put an option "Mode" in tinc.conf, and choose from: 1497 Add missing? counting of total_socket_in. 1498 Log and warn about duplicate subnet_add()'s for the same subnet. 1499 Fixes to make switching work between hosts that have no meta-connection. 1500 Save configure cache more often. 1501 Changed drastically because it didn't work correctly: 1502 Only reset seconds_till_retry when we activate the outgoing connection. 1503 Woops - big bug in send_key_changed fixed. 1504 - Solaris compile fixes 1505 Check for and add -ldl. 1506 Remove #warnings I used for debugging stuff. 1507 Reinstated search for if_tun.h in kernel source tree, because apparently 1508 Spanish translation removed. Nobody maintains it, and it is severely 1509 ABOUT-NLS is created by autogen.sh. 1510 Don't build Spanish translation. 1511 Execute tinc-down BEFORE tap device is closed. This is a. more symmetric 1512 es.po revived. 1513 Also remove po/Makefile.in.in, which is generated by autogen.sh. 1514 Log error if two hosts connect with same IP/port tuple. 1515 Fix gcc 3.0 warnings. 1516 Check for dlopen in standard libraries first (needed for DEC OSF). 1517 It appears that autogen.sh doesn't like es.po if it isn't mentioned in 1518 Update of RedHat build scripts. 1519 Dutch translation updated. 1520 More items marked as done. 1521 Fix printf format bug. 1522 Fix compiler warning. 1523 Check for all potential duplicate entries in the id tree. 1524 - Always use <openssl/include.h> instead of just <include.h> 1525 Don't load table of verbose OpenSSL errormessages. 1526 Correct inclusion of standard if_tun.h header file. 1527 Split connection list into two lists: 1528 Correctly use the active_tree. 1529 Remove all unnecessary status.meta and status.active checks. 1530 Added purge_tree for connection_t's which are no longer in the connection, 1531 Updated terminate_connection() so you can choose if DEL_HOSTs should be 1532 Always close all sockets in terminate_connection(). 1533 Woohoo! tinc now compiles, runs and actually *works* on Solaris! 1534 Started writing a document about how daemons connect to each other. 1535 Described problem in more detail. 1536 Small update. 1537 Correctie. 1538 Written down a possible solution. 1539 Discuss how sending ADD_EDGEs would be better than sending ADD_HOSTs. 1540 More on edges. 1541 Don't use %m in fprintf(). 1542 Write public key to rsa_key.pub instead of rsa_key.priv (if not host 1543 The val variable in a config_t is never used as a long. 1544 Explicitly log which type of tunnel device is used. 1545 Don't send DEL_HOSTs when !status.meta 1546 Fix signed comparison bug in lookup_subnet_ipv4(). 1547 Remove IndirectData support for now, new implementation will be added 1548 Revised reconnection mechanism, always try out all ConnectTo lines. 1549 Optional signal number for -k option. 1550 config_t* is a const parameter in get_config_val(). 1551 - Try old TUN/TAP ioctl() request if the one from if_tun.h fails. 1552 Not only keep track of nexthop, but also of lastbutonehop. If destination cl 1553 Show next- and lastbutonehop when dumping connectionlist to syslog. 1554 Try next connectto instead of the same over and over. 1555 Fill in next- and lastbutonehop for myself. 1556 - Renamed lastbutonehop to prevhop. 1557 Fix bug where tinc would crash because of a portscan or a connection from a 1558 - Use ping timeout mechanism to close connections that don't authenticate 1559 Fix bug when dropping an old connection in favour of a new one from the 1560 Updated dutch translation. 1561 Started implementing doc/CONNECTIVITY. 1562 Small corrections. 1563 Further implementation of doc/CONNECTIVITY. connection.[ch] is now split into a 1564 Removed everything from connection.c that has already been moved to node.c and 1565 Revamp configuration handling: 1566 More updates to new node/vertex/connection combo. 1567 - Split tap device stuff out of net.[ch] 1568 Added FreeBSD tap device handling. 1569 Solaris tun device handling cleaned up a bit and added. 1570 Forgot to remove some old #ifdef stuff. 1571 Added OpenBSD tun device handling. Untested though. 1572 Forgot the tun specific stuff. 1573 Support new files (node/vertex/device.[ch]) and OpenBSD. 1574 Big bad commit: 1575 Make sure everything links. 1576 Various small fixes to make tinc runnable again. 1577 What was I thinking? s/vertex/edge/g. 1578 - More s/vertex/edge/g 1579 - More changes needed for Kruskal's algorithm 1580 Working version of Kruskal's algorithm. The running time is very bad though. 1581 Various fixes, tinc is now somewhat capable of actually working again. 1582 More updates to protocol handlers and reimplemented terminate_connection(). 1583 - Small fixes to graph algorithms 1584 Don't forget to read public RSA key when making an outgoing connection. 1585 Show cfg->variable instead of cfg->value when complaining about wrong type. 1586 Avoid connecting to another node twice, and check name of outgoing connections. 1587 Some very small fixes 1588 Use PEM functions as suggested by OpenSSL docs. 1589 Several bugfixes. 1590 *** empty log message *** 1591 Be liberal in what you accept: allow unknown edges to be deleted. 1592 Correctly check if subnet owner exists. 1593 Various fixes needed for Solaris. 1594 More fixes for Solaris. 1595 Merging of the entire pre5 branch. 1596 1597Ivo Timmermans (32): 1598 New make target: `make release' 1599 Changed version number to 1.0-cvs 1600 Don't distribute autogen.sh in a release 1601 Don't include the debian/ dir in a release 1602 Small fix to make it compile again 1603 Killing tincd with SIGINT causes it to toggle between the current 1604 Check for getaddrinfo 1605 Check for getnameinfo, gai_strerror, freeaddrinfo 1606 Credit OpenSSH 1607 Check for struct addrinfo 1608 Deprecated get_config_ip and get_config_port 1609 Use struct addrinfo in connection_t to hold all host data such as IP 1610 Changed prototype for lookup_connection to use struct addrinfo 1611 Changed lookup_connection to use struct addrinfo 1612 Removed definitions of ipv4_t, ipv6_t, port_t 1613 Obsoleted all IP<x> types in favor of struct addrinfo 1614 Changed to use struct addrinfo where needed. 1615 get_config_{ip,port} removed. 1616 Don't compile/link netutl.c. 1617 Obsoleted. 1618 Don't include netutl.h. 1619 (re)added port to struct node_t 1620 Added HAVE_STRUCT_ADDRINFO 1621 Added dropin replacements for get*info and helper functions. 1622 First part of rewriting things to use struct addrinfo. 1623 lookup_node_udp changed. 1624 Don't include netutl.h. 1625 route_ipv4 and route_ipv6 replaced by route_ip. 1626 get_config_subnet needs to be fixed. 1627 Fixed silly typo: "np" instead of "no" 1628 Don't include netutl.h. 1629 Conversion to struct addrinfo is almost complete for this file. 1630 1631Wessel Dankers (1): 1632 make is not always GNU make. 1633 1634Version 1.0pre4 May 25 2001 1635------------------------------------------------------------------------ 1636 1637Guus Sliepen (97): 1638 Porting to FreeBSD: 1639 - Added balanced tree management stuff as well. (It is not finished yet.) 1640 - Simplified do_detach 1641 - Removed stray @INCLUDE@ (how did that get there?) 1642 - Fixed searching 1643 - Implemented deletions 1644 - Fix tree head/tail upon insertion 1645 - Fixed a lot of small things. Tested everything except deletions. 1646 - Deletion also works now. 1647 - Small fixes 1648 - Integrate rbl trees into tinc. 1649 - Proper initialization of rbltree structures. 1650 - Various small fixes. 1651 - More fixes. 1652 - Check for NULL tree->delete callback 1653 - Cleaned up and checked for some more NULL pointers in rbl.c 1654 - Write pidfile AFTER detaching... 1655 - No more %as. 1656 - Work with the correct key buffer in ans_key_h 1657 - More porting to FreeBSD and Solaris. 1658 - Fixed all (except 2) compiler warnings gcc -Wall gave. 1659 - #include <stdlib.h> instead of <malloc.h> 1660 - Don't link with -ldl anymore 1661 Another big & bad commit: 1662 - Added Armijn to the list 1663 - Added daemon() replacement. 1664 - Use only one socket for all UDP traffic (for compatibility) 1665 - Don't even think about using sscanf with %as anymore 1666 - AVL tree routines: faster than RBL, and also more stable. 1667 - Doubled size of trace buffer for easier debugging. 1668 - Let user choose whether keys are in the config files or separate 1669 - Updated dutch translation. 1670 - Check and follow symlinks in is_safe_path 1671 - Changed license of AVL tree library to GPL. 1672 - Updated manual pages. 1673 - Updated texinfo manual. 1674 - Typo. 1675 - Changed list routines to give it the same look'n'feel as the rbl and 1676 - Reinstated a queue for outgoing packets. 1677 - Added header file for route.c. The routing routines in it are not used 1678 - Description of protocol and authentication updated. 1679 - It's 2001, all copyright notices are updated. 1680 - Fixed IPv6 subnet lookup routine. 1681 - Added indirectdata and tcponly functionality. 1682 - Squashed another nasty bug. 1683 - Sign was wrong in search_closest_smaller/greater 1684 - Cleaned up subnet_t 1685 - Only send out DEL_HOSTs for hosts with a meta connection 1686 Added sample configuration directory. 1687 - Copy entire sample-config directory to /etc/tinc/example upon installing. 1688 - Allow ASN1 style keys to be in the config files. 1689 FreeBSD compile fixes (thanks to XeF4) 1690 Fix memory leak in avl_insert() if item was already inserted. 1691 Updated dutch translation. 1692 Removed another local definition of the variable "errno" 1693 Added .cvsignore files to get rid of warnings and prevent autogenerated 1694 Ignore file for src/ 1695 - Updated CVS_CREATED to remove intl/ directory and some other 1696 Added description of the proposed new authentication scheme. 1697 Corrected check for errors after read() calls. 1698 Add missing \n. 1699 Free node->data and node, not node->data twice. 1700 Copy packets before putting them in the queue. 1701 Encrypt network packets in CBC mode instead of CFB mode. 1702 Implemented new authentication scheme from doc/SECURITY2. 1703 Added process.c to the translated files. 1704 - Make sure METAKEY is smaller than the modulus of the RSA key 1705 Don't forget to reconnect if outgoing connection fails during 1706 - Fixed Interface option (untested) 1707 Removed lots of compiler warnings. 1708 Removed compiler warning. 1709 Various small fixes. 1710 Added explaination of our key exchange using RSA encryption. 1711 - route.c is now used to determine destination 1712 Updated translation. 1713 Added a description of what is going on in net.c and route.c, and how 1714 Fixed a race condition triggered by receive_meta() and the new 1715 Fixed bug in setup_signals() that would make tinc die when unexpected 1716 Ignore alarm signals if we do not need to respond to them. 1717 Check indirectdata option before forwarding certain requests. 1718 Depend on new ssl package and install alias for universal TUN/TAP module. 1719 Correctly cycle through ConnectTo variables. 1720 - s/ip_t/ipv4_t/g 1721 - Make sure correct information is supplied for both old kernels (with 1722 More revisions to the documentation: 1723 Changed URL from kernelnotes.org to linuxdoc.org. 1724 Add randomness to PING/PONG packets to prevent crypto attacks on quiet 1725 Since this is incompatible with some earlier versions, PROT_CURRENT is 1726 All features for 1.0 are implemented now, we just have to check the 1727 Only send key_changed if it was previously requested. 1728 Small fixes: 1729 Small corrections to the manuals. 1730 With recent kernels the tun device file is located in /dev/net. 1731 TCPonly now works (in a relatively clean way too). 1732 Merged PROTOCOL, NETWORK and SECURITY2 with the texinfo manual. 1733 Documents are merged. Now we only need to check the ports and the TCPonly 1734 Fix sample configuration to show keys in PEM format and correct tapdevice. 1735 1736Ivo Timmermans (88): 1737 Add a check for openssl that accepts explicit file locations. 1738 Identify version as 1.0pre4-cvs 1739 Better checks for OpenSSL. I think it can now detect almost all conceivable installations. 1740 Oops, small error. 1741 Get rid of the annoying empty line 1742 Also check for rand.h and err.h. If any of these files does not 1743 Also check for sha.h. 1744 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during 1745 Let the output from an executed script in execute_script() go to 1746 List management and manipulation routines. 1747 Keep a list of running children, and in each loop in main_loop(), 1748 Move all process-related functions into process.c. 1749 New function: xmalloc_and_zero, which initialises the allocated memory 1750 Delete struct ifr 1751 Move more functions from tincd.c into process.c. 1752 Use proper prototypes. 1753 Added this release 1754 More function and header checks 1755 Also include process.h 1756 Get rid of all libtool references at once. libtool was only used by 1757 Honor the --localstatedir option to configure, instead of hardcoded /var. 1758 Add more checks to ensure that filedescriptors are right in 1759 Declare fd. 1760 Do not use the C library's daemon() call. 1761 Do not check for the daemon() system call 1762 Do not attempt to retreive ChangeLog information only from the CABAL 1763 Set localstatedir to /var 1764 Use cvs2cl instead of rcs2log to generate the ChangeLog. 1765 Set CFLAGS to -O2 -Wall when running configure 1766 Alter CFLAGS, somehow INCLUDES doesn't propagate properly. Still 1767 Set errno to 0 before trying to kill the other process. 1768 Explain how to tell configure where OpenSSL lives. 1769 Call autogen.sh instead of configure alone; and make cvs-clean instead 1770 Add default tinc-up and tinc-down scripts for a Debian system. These 1771 Updated Spanish translation, provided by Enrique Zanardi. 1772 Give an error message if daemon() failed. 1773 Check for the function strsignal, and define it to "" if it is not 1774 Sort items to either 1.0 or future release goals. 1775 Use sigaction to set signal handlers, the previous commit (1.1.2.16) 1776 Save RSA public and private keys to a separate file, instead of 1777 dropin.c/h contain a set of drop-in replacements for non-standard C 1778 Check for get_current_dir_name. There is a replacement function in 1779 Added a check for a scanf that knows about %as. 1780 Implemented a readline() function that will read an entire line into a 1781 xstrdup now takes a const pointer as an argument. 1782 Use readline() in read_config_file() instead of fgets. 1783 Also free the pointer returned by readline(). 1784 Updated Dutch translation 1785 Implemented is_safe_path, and extended ask_and_safe_open. 1786 Read the PEM file pointed to by the configuration directive 1787 The file is safe if it doesn't exist. 1788 In readline(): initialise the line to zero length; 1789 Better error checking when reading the RSA private key. 1790 Avoid printing duplicate messages from read_rsa_keys 1791 New function read_rsa_public_key(); 1792 All full stops have two spaces after them. (Silly commit, I know.) 1793 Tagged `Storing private key in separate file' as done. 1794 readline() accepts two extra parameters, buf and buflen, to avoid 1795 Use buffer instead of line in read_config_file(), line may be assigned 1796 Stated that distributing executables linked with OpenSSL is permitted 1797 Include COPYING.README in the distribution. 1798 Added documentation merger 1799 Sort configuration directives 1800 Option -d accepts an argument to set the debug level immediately. 1801 Massive long awaited documentation update. It's not finished yet, 1802 Oops. I did some VERY wrong things with readline(). Fixed now. 1803 Tiny bits of code beautifying 1804 Install a file in /etc/modutils/tinc, containing all necessary aliases 1805 Ported it back to /bin/sh. 1806 Give a warning about having to re-create the keys 1807 Re-introduced MyVirtualIP and VpnMask, as dummy options. 1808 Various small changes. 1809 Include autogen.sh (needed for the Debian package). 1810 Forget router.c 1811 Added lint target, requires lclint. 1812 Fix error reporting of read_config 1813 Set Architecture to `any' 1814 Change version to 1.0pre4 1815 Second draft of the release notes 1816 Merged documentation with various updates I had lying around 1817 Get the Debian changelog up to date 1818 Get the PO files up to date with the current source 1819 Fixed some errors 1820 Distribute the sample config as a .tar.gz 1821 Unpack sample-config.tar.gz when installing 1822 More files to ignore in CVS 1823 tinc_TUNTAP now substitutes the values outside the AC_CACHE_CHECK 1824 Authentication done 1825 1826Wessel Dankers (1): 1827 Important bugfix in avl_insert_before() and avl_insert_after() 1828 1829Version 1.0pre3 November 09 2000 1830------------------------------------------------------------------------ 1831 1832Guus Sliepen (119): 1833 Debian init.d script automatically sets tap device's MTU to 1448 now. 1834 First step for implementation of the "indirectdata" directive. This should 1835 If we have "indirectdata" flag set, we only send data to our uplink. 1836 Large cleanup: 1837 Added CVS Id tags to header files. 1838 - Log possible spoofing attacks. 1839 Hostnames are back! 1840 Hostlookup() is actually being called now. 1841 - More verbose connection list 1842 Fixes some hostlookups. Fixes indirectdata for real now (hopefully). 1843 - Indirectdata finally REALLY REALLY works now! 1844 - Moved all connection messages to debug level 1, without -d's only the 1845 - Fixed KEY_CHANGED notification. A lot of notify_others() calls were 1846 - Fixed indirectdata=no problem 1847 - Improved handling of errors on connection attempts. 1848 - Purge old connections that are ADD_HOSTed. 1849 - Fixes a silly little insignificant buglet. 1850 - Extra check op EINTR bij inlezen requests 1851 - Fixed some spelling errors. 1852 - Fixed missing " in nl.po 1853 - Fixed a message in nl.po 1854 - Added log message when SIGCHLD is received ("thanks" to Ivo van Dong) 1855 - Updated Dutch translation. 1856 - Removed all IP_ADDR_S macros, because gettext doesn't like them. Each 1857 - New semantics for BASIC_INFO, ADD_HOST and DEL_HOST requests. This will 1858 - Fixed memory leak. 1859 - Removed segfault bug in conf.c (must have been there for ages!) 1860 - Instead of logging an error when remote end closes the connection, 1861 - Made tinc even more silent if no -d flag is given at all. 1862 - Added documentation for the protocols (most important the meta protocol) 1863 - Removed a single unused bit from status_bits_t. 1864 - Updated PROTOCOL (a bit) 1865 - Forgot to mention ourselves in the tincd manual page! :) 1866 - Added Spanish translation from Enrique Zanardi. 1867 - Updated THANKS file 1868 - Delayed address resolving for ConnectTo lines in configuration file to 1869 - Fixed typo. 1870 - Added experimental hackish tunneling-over-TCP support. 1871 - Lots o' buglets fixed (-Wall helps) 1872 Fixed PACKET read loop. 1873 Removed calling add_queue for tcponly packets. 1874 - Added date/time of build and protocol number to --version output. 1875 - Moved TCP packet reception to meta handler: less kludgy and less buggy! 1876 - Reinstated O_NONBLOCK for meta socket 1877 - Added two extra configuration options, Interface and InterfaceIP, to 1878 Fixed all sprintf() spl01ts. 1879 Ran update-po and updated dutch translation. 1880 Commented on some size calculations. 1881 Updated the manual: 1882 Updated tinc.conf manual. 1883 Fix rules (thanks to Laurence) 1884 - Use strerror() instead of sys_errlist[] for increased portability 1885 - New protocol. Will break everything else for now. 1886 - Added more function skeletons for the new protocol. 1887 - Lots of functions added for the new protocol. 1888 - Some key exchange stuff. (Last commit before going to bed.) 1889 - Fixed modulo in keylength check 1890 - Lots of small changes. 1891 Added document about the used cryptographic algorithms and the reasons 1892 - Included authentication scheme from protocol.c 1893 - Updated authentication scheme. 1894 - Severe code reduction and simplification of challenge requests 1895 - Removed options "string" stuff. It was a bad idea... 1896 - Very detailed example of the authentication phase. 1897 - Added meta.c which contains functions to send, receive and broadcast 1898 - Added subnet handling code 1899 Removing cipher directory (all will be covered by OpenSSL). 1900 Big and bad commit of my current tree... 1901 - Changed genauth to produce rsa keypairs instead of random passphrases. 1902 - Generalized config file parsing to support multiple configuration trees. 1903 - Fixing-things pass: every source file compiles into an object file now, 1904 - Second fixing-things pass: it even links now. 1905 - The daemon actually runs now (somewhat) 1906 Corrected #ifdefs for tun/tap support. 1907 - Fixing little things 1908 - More fixing. Tinc daemons can now even create activated connections. 1909 - Seed the PRNG using /dev/random before generating the keys. 1910 - tinc now really does public/private key encryption! It even works, whee! 1911 - Made Makefile.am stub for doc/es/ 1912 - Removed last reference to genauth from Makefile.am 1913 - Fixed all debug levels. 1914 - route.c will contain the routing logic. 1915 - Lots of little stuff modified 1916 - Updated subnet list handling. Subnets are added to two lists now, the 1917 - Lots of small fixes 1918 - Fixed offsets when reading/writing from/to tap device 1919 - Override destination ethernet address on incoming packets with 1920 - Very big cleanup. 1921 - Fixed ans_key_h 1922 - Hit people who can't figure out subnet address/mask pairs with a 1923 - Enforce correct order of authentication requests 1924 - Moved connlist stuff to the proper header file. 1925 - Updated dutch translation. 1926 - Removed old encr stuff 1927 - Small fixes 1928 - Use CFB mode for encrypting packets: it works and we don't need padding. 1929 - Finishing touch: encrypt the meta connections 1930 - Small cleanups 1931 - Fixed some spelling mistakes and terminology here and there. 1932 - Update. 1933 Removed config file parsing and interface setup. This will be handled by 1934 - Removed unused MAC strip/add functions. 1935 - Removed even more warnings. 1936 - Resolve scriptname after fork() 1937 - Removed manpage for no longer existing genauth. 1938 - connlist.c added to translation 1939 - Don't forget to set packet cipher for added hosts. 1940 - Forward keys in hex notation, not as binary data. 1941 - Check for packets that are looping back. 1942 - Simplified ping mechanism. 1943 - Prepended config_ to all configuration option names, because it confused 1944 Changed execution of tinc-up: 1945 - Open UDP connection for all known hosts. Comments please. 1946 Porting to SunOS 5.8: 1947 Porting to SunOS 5.8: 1948 - Fixed --config 1949 - Applied Jamie Brigg's patch (close sockets after error) 1950 - Add Jamie :) 1951 - Make checkpoint tracing a compile time option (off by default) 1952 1953Ivo Timmermans (77): 1954 Alphabetized the list, added Lubom�r Bulej, removed Sander Smeenk and Tijs van Bakel, put merits after all names. 1955 Don't touch VPNMASK if it's defined, otherwise use $MSK. 1956 These files are created by gettextize (run by autogen.sh) (should have known that). 1957 Include ../intl in the include path, and add @INTLLIBS@ to the list of libraries. 1958 Merge changes from 1.6-1.8. 1959 Configuration directive `IndirectData'. 1960 Changed version number to 1.0pre3. 1961 Version 1.0pre3. 1962 Removed Free Software Foundation copyright, because Guus Sliepen contributed significantly. 1963 Oops, and mention Guus too. 1964 Include the Spanish translation in the distribution/build process. 1965 (Quoting Laurence Lane:) 1966 Also chomp $VPNMASK 1967 Added a rule to create an rpm 1968 Changed CVSROOT path in `make ChangeLog' 1969 Link with OpenSSL crypto libraries instead of own blowfish library 1970 Updated text, removed protocol flowchart 1971 Include openssl/blowfish.h 1972 Support for -lsocket and -lnsl on SunOS 1973 Correct filenames for passphrases given in the example 1974 Add Guus' name and shift out old protocol requests 1975 Better checks for SunOS libraries 1976 Added some structures and types that are needed for the overhaul. 1977 New directive: Name. 1978 First round of needed fixes after the overhaul 1979 Second round of fixes 1980 Added Spanish translation of the docs by Matias Carrasco 1981 Many updates, parts rewritten, added, shuffled around. 1982 Link with OpenSSL, forget libGMP 1983 Updated new requirements, pointers to the manual 1984 Don't look for GMP header files 1985 Update Depends lines to reflect the dependencies on OpenSSL 1986 Fix `Requirements'-section for GMP and OpenSSL libraries. 1987 Add CVS id lines 1988 Add checks for the presence of the universal tun/tap device driver. 1989 Wrap the tun/tap code in #ifdef HAVE_TUNTAP 1990 Linearized checks for if_tun.h 1991 Really #include the if_tun.h files now 1992 Output doc/es/Makefile 1993 Process subdir es/ 1994 Don't declare cp_file and cp_line in xmalloc() 1995 Get the head revision up to date with cabal 1996 Changed changelog 1997 Include linux/sockios.h and net/if.h anyway, regardless of the value of HAVE_TUNTAP. 1998 read_server_config: Check for result of read_config_file. 1999 Oops, echelon change committed to cabal... :) 2000 Skip the check for Linux kernel sources 2001 This file is no longer needed. 2002 - Synchronized changelog with the package's changelog. 2003 Do not include $(top_srcdir)/cipher, it does no longer exist. 2004 Added a perl example to turn an IP address into a MAC address. 2005 Only check for linux/if_tun.h once 2006 Changed `I' to `We' - small change, lots of difference :) 2007 More exhaustive list of changes - perhaps it can be worded differently? 2008 Change wsl to Wessel's name and email address in the ChangeLog creation 2009 Mention fileutils, add a pointer to THANKS for more details 2010 Changed a few messages wrt. system calls; updated and changed the Dutch translation a bit. 2011 Don't include shlibs, as it no longer exists. 2012 Oops, and include doc-base.tinc (new file). 2013 - If necessary, patch po/Makefile.in from po-Makefile.in.in.diff to 2014 Minor cosmetic change. 2015 Save the environment on startup. 2016 Run the scripts tinc-up and tinc-down from a separate function, which 2017 Warnings removal pass: always include config.h first; add a few 2018 Small change to the way the environment is copied. 2019 Use putenv() instead of clumsy do-it-yourself in execute_script. 2020 Do not include the passphrases directory 2021 In execute_script: 2022 Add route.c to the list of source files. 2023 Updated Dutch translation 2024 Build-depends on libtool 2025 Build-Depends on gettext 2026 Final release notes added, also edited release notes for 1.0pre2 to what the announcement on the mailing list looked like. 2027 Wrapped text to 70 (72?) columns for easy reading 2028 Bop version number to 1.0pre3-1 2029 Updates, updates 2030 Add prototype for destroy_queue 2031 2032Wessel Dankers (3): 2033 File added to CABAL (hopefully) 2034 Grrr, recommit 2035 Added architecture section, made a start with the kernel section. 2036 2037Version 1.0pre2 May 31 2000 2038------------------------------------------------------------------------ 2039 2040Ivo Timmermans (56): 2041 Deleted the protocol description. 2042 Perl version of the system startup script. 2043 Only print an error with send_termreq if debug_lvl is 2 or more. 2044 Add check for mpz_powm in libgmp3. 2045 Version 1.0pre1-0.1. 2046 Changed version to 1.0pre2. 2047 Give IP address instead of hex number when connecting tcp socket failed. 2048 Add shlibs control file for the blowfish library. 2049 Inserted useful content. 2050 Add initscript, tincd->tinc. 2051 Add description, better dependancies. 2052 Mention both upstream authors. 2053 tincd->tinc 2054 .deb version number 1.0pre2-0.4. 2055 Updated to newer version. 2056 Exit with zero status if is empty. 2057 Unlimited length in the config file, thanks to Cris van Pelt. 2058 Depend on perl5. 2059 *** empty log message *** 2060 Look if the tap devices exist before bluntly remaking them. 2061 Use the new VpnMask directive to add a route to the rest of the VPN. 2062 This file is generated with dpkg-buildpackage. 2063 Read /etc/tinc/nets.boot to find the networks that have to be started. 2064 Create a default /etc/tinc/nets.boot after installation, containing all directories under /etc/tinc by default. 2065 Version 1.0pre2-0.3 2066 Don't distribute the file files. 2067 Find networks in instead of . 2068 Include postinst in the distribution. 2069 Errors will not terminate the script or result in a nonzero exit code. 2070 Updated copyright notice. 2071 Fixed typo. 2072 Mask the vpn net with the vpn netmask, route would give an error if the netmask didn't match the net. 2073 When VpnMask is not present in the config file, silently use $MSK as vpnmask. 2074 Add an example of using VpnMask. 2075 Use /etc/tinc/example as a base directory for an example. /etc/tinc/example/README points to /usr/share/doc/tinc/README.Debian. 2076 Create an empty /etc/tinc/nets.boot. 2077 Updated by Lubomir Bulej and Mads Kiilerich: it uses /etc/tinc/nets.boot and the VpnMask directive in the config files. 2078 Internationalization of tinc. 2079 Include intl/ directory in the list of subdirs. 2080 Include system.h and ABOUT-NLS. 2081 Update acconfig.h to include values for gettext inclusion. 2082 Include GNU gettext checks. 2083 Define LOCALEDIR in CFLAGS. 2084 Dutch translation of tinc. 2085 Bounds check for request id (between 0 and 255). 2086 Updated changes list for version 1.0pre2. 2087 Added new configuration directive `Hostnames', which controls the resolving of IP addresses to hostnames. 2088 When a connection is terminated, all hosts that are still connected get notified of the lost connections. 2089 In terminate_connection, only send a notification to hosts that are directly connected to us. (DEL_HOST gets forwarded automatically.) 2090 Only accept an ADD_HOST request for a host that already exists in our conn_list if the nexthop field matches the sender. This is a workaround for older clients. 2091 Include news for 1.0pre2. 2092 Tell about /etc/tinc/nets.boot. 2093 Updated Dutch translation. 2094 Version 1.0pre2-1. 2095 Handle locale settings. 2096 Miscellaneous copyright updates. 2097 2098Guus Sliepen (16): 2099 Proxymode removed. 2100 Cleanups. 2101 Changed ping behaviour (backwards compatible). If we don't have any data 2102 Fixed typos. 2103 Test for existence of configured tinc networks. This will also make 2104 Stub for VpnMask config directive. 2105 TODO file reinstated: 2106 VpnMask truely works now. 2107 Typo. 2108 Fixed last typo. Init.d now uses ifconfig command to set both the tap's IP 2109 Documentation updates. Removed all references to configuration variable 2110 Fix for a DoS attack: 2111 Fixed typos. When terminating a connection, it's status is not only set to 2112 Made tinc persistent. If no outgoing connection can be established right 2113 Terminate a connection on any error. Furthermore, disallow del_host, 2114 Only activate a connection upon receiving it's public key if it's an 2115 2116Version 1.0pre1 May 08 2000 2117------------------------------------------------------------------------ 2118 2119Ivo Timmermans (84): 2120 Get rid of the message `zxnrbl\'. 2121 Upon regeneration, free the old encryption key `securely\' by overwriting it. 2122 Kill the parent after any error conditions in detach(). 2123 Ignore SIGCHLD. 2124 New option -D, don't detach. 2125 Moved to version number 1.0. 2126 Only one round of reading bits out of urandom; 2127 Pass the requested size from xmalloc() and xrealloc() on to xalloc_fail_func() 2128 Check for an illegal length of passphrase in read_passphrase(). 2129 Check if stdout is a terminal, if so, print a verbose message. 2130 Default passphrase length of 1024, added -h/--help options. 2131 Submitted by Mads Kiilerich. 2132 New manpage for genauth. 2133 Updated manpages. 2134 Address for bugreports changed to tinc@nl.linux.org. 2135 Include the directory redhat in the build process. 2136 Include genauth.8 in the distribution. 2137 Submitted changes by Mads Kiilerich. 2138 A short notice from Mads Kiilerich. 2139 Keep make dist(dir) happy. 2140 Added cvs-clean. 2141 These files are not needed in release 1.0. 2142 Don't compile in `idea'. 2143 Don't include idea/idea.h. 2144 Don't try to create cipher/idea/Makefile. 2145 The shell script autogen.sh can create all these removed files, but be 2146 s/Gnome/tinc/g 2147 This file is obsolete, most of the ideas are already in echelon. 2148 Remove check for bigendianness. 2149 Don't define HAVE_NAMESPACES and HAVE_STL. 2150 Use `make ChangeLog' to create this file from the CVS logs. 2151 Remove test for GNOME. 2152 Changes largely from Mads Kiilerich. 2153 Added Mads Kiilerich, removed Guus Sliepen. 2154 *** empty log message *** 2155 Generate this Makefile.am from Makefile.am.in. 2156 Contributed by Mads Kiilerich. 2157 Spelling fixes. 2158 Delete all the files that are created by autogen.sh on a `make cvs-clean'. 2159 Propagate CFLAGS from configure to gcc. 2160 Don't include TODO in the dist. 2161 Remove ChangeLog with a `make cvs-clean'. 2162 Initial CVS. 2163 *** empty log message *** 2164 Create a ChangeLog file, automake requires it. 2165 *** empty log message *** 2166 Debug level tweaking. 2167 From Mads Kiilerich. 2168 The make command is in /usr/bin. 2169 Add an entry to dir. 2170 Omit TODO. 2171 Version to 1.0pre1; 2172 Filled in the details, license from libblowfish copied. 2173 Updated version number to 1.0. 2174 Default config file name is tinc.conf, and pidfile is tinc.pid. 2175 More updates wrt. the change from tincd->tinc. 2176 Added `deb' target. 2177 Filled up the protocol structs with unused bytes. 2178 Got rid of the nasty hacks... and replaced it by another one. 2179 Initially, the vpn_mask of a connection is 255.255.255.255 to avoid confusion with lookup_conn. 2180 Replaced check for status.active by status.dataopen in check_network_activity. 2181 New way of handling the meta protocol. 2182 Read public keys the right way (tm). 2183 Removed debug messages. 2184 Read one less byte from an ANS_KEY request. 2185 Send one less byte from an ANS_KEY request. 2186 Protocol fix (ANS_KEY). This breaks 0.3.3 protocol compatibility. 2187 Key forwarding, write one byte extra. 2188 Committed by Lubom�r Bulej. 2189 Updates by Mads Kiilerich. 2190 Committed by Mads Kiilerich. 2191 Fixed meta protocol. 2192 More tincd->tinc updates. 2193 Mentioned new metaprotocol. 2194 Fix a typo, better handling of the info document. (from Mads Kiilerich) 2195 Don't use error.h or error(), put #error in front of cpp errors. 2196 getopt_long() support for platforms that don't have it. 2197 Include stdio.h for fprintf. 2198 More for getopt support. 2199 Check for the existance of libdl. 2200 Don't link in libdl. 2201 Include sys/types.h. 2202 Copied most of the code from the redhat script. 2203 Added semicolons required by bash2 (Mads Kiilerich). 2204 2205Guus Sliepen (18): 2206 Added extra checks for desynchronized connection lists. Hopefully this will 2207 Bug found! Wrong pointer was used for handling multiple ADD_HOST requests 2208 Added checkpoints to beginning and ending of every function. 2209 Packet queues fixed. They caused the trouble when resending keys. 2210 Fixed typo and removed some unnecessary variables. 2211 When trying to talk to a host that is in the netmask of a tinc server but 2212 Converted every &variable[0] to variable. 2213 Cleanups: 2214 Removed write_n() function. 2215 Oops! Reference to write_n() removed and changed into neat write() call. 2216 Meta protocol overhaul. Tinc is now incompatible with previous versions, 2217 Fixed small mistake that would prevent forwarding requests. 2218 Previous fix fixed. Meta protocol should be really flawless from now on! 2219 Replaced sprintf() by safer snprintf(), removed possible buffer overflow 2220 Outgoing packets now use network byte order in header. 2221 Fixes typo and UDP network byte order. 2222 Squashed gcc warning. 2223 Added new config variable "ProxyMode". If enabled, all outgoing packets 2224 2225