Permalink
Commits on Jan 15, 2017
  1. Releasing 1.0.31.

    committed Jan 15, 2017
Commits on Oct 31, 2016
  1. Remove ExecStop in tinc@.service

    This avoid tinc to receive SIGTERM twice (through ExecStop and through systemd
    directly) which prevented tinc-down script to be executed.
    bouttier committed Oct 31, 2016
Commits on Oct 30, 2016
  1. Releasing 1.0.30.

    committed Oct 30, 2016
Commits on Oct 29, 2016
  1. Use AES in CTR mode instead of OFB mode for meta-connections.

    This gives a very nice speedup while preserving the stream characteristics.
    committed Oct 29, 2016
  2. Really fix byte budget calculation.

    We want to use the underlying cipher's block length, but if it's a stream
    mode this will be 1. In that case, use the IV length. Ensure we never get
    a budget that cannot be stored in a 64 bits integer.
    
    Thanks to Wessel Dankers for helping getting this right.
    committed Oct 29, 2016
  3. Enforce maximum amount of bytes sent/received on meta-connections.

    This is sqrt(2^{block_length_in_bits}).
    committed Oct 29, 2016
  4. Use AES256 and SHA256 by default, also for the meta-connections.

    At the start of the decade, there were still distributions that shipped
    with versions of OpenSSL that did not support these algorithms. By now
    everyone should support them. The old defaults were Blowfish and SHA1,
    both of which are not considered secure anymore.
    
    The meta-protocol now always uses AES in OFB mode, but the key length
    will adapt to the one specified by the Cipher option. The digest for the
    meta-protocol is hardcoded to SHA256.
    committed Oct 29, 2016
Commits on Oct 14, 2016
Commits on Oct 13, 2016
Commits on Oct 9, 2016
  1. Releasing 1.0.29.

    committed Oct 9, 2016
  2. Add ax_require_defined.m4.

    committed Oct 9, 2016
Commits on Sep 27, 2016
  1. Add a copy of ax_append_flag.m4.

    This is a dependency of ax_cflags_warn_all.m4.
    committed Sep 27, 2016
Commits on Jul 26, 2016
Commits on Jun 23, 2016
  1. Force nul-termination of strings after vsnprintf().

    Apparently, on Windows this function might not always be properly
    terminated.
    committed Jun 23, 2016
Commits on Jun 22, 2016
  1. Add -Wall to CFLAGS.

    committed Jun 22, 2016
Commits on Jun 15, 2016
Commits on Jun 5, 2016
  1. Preserve IPv6 scope_id in edges.

    When creating an edge after authenticating a peer, we copy the address
    used for the TCP connection, but change the port to that used for UDP.
    But the way we did it discarded the scope_id for IPv6 addresses. This
    prevented UDP communication from working correctly when connecting to a
    peer on the same LAN using an IPv6 link-local address.
    
    Thanks to Rafał Leśniak for pointing out this issue.
    committed Jun 5, 2016
Commits on Apr 10, 2016
  1. Releasing 1.0.28.

    committed Apr 10, 2016
  2. Update .gitignore.

    committed Apr 10, 2016
  3. Add systemd service files.

    committed Apr 10, 2016
Commits on Apr 9, 2016
  1. Releasing 1.0.27.

    committed Apr 9, 2016
  2. Enable silent builds by default.

    Cleaner build messages make it easier to spot compiler warnings and errors.
    Use make V=1 to get the verbose output back.
    committed Apr 9, 2016