From: Michael Prokop Date: Fri, 29 Aug 2014 19:10:28 +0000 (-0700) Subject: Imported Upstream version 0.3.5 X-Git-Tag: upstream/0.3.5^0 X-Git-Url: https://git.syn-net.org/debian/?p=anytun.git;a=commitdiff_plain;h=65944fb7a518dc659bacaf80cf235a0352fc6a7e Imported Upstream version 0.3.5 --- diff --git a/AUTHORS b/AUTHORS index 6d7339f..7a38e49 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,3 +1,4 @@ +Markus Grüneis Othmar Gsenger Erwin Nindl Christian Pointner diff --git a/ChangeLog b/ChangeLog index f1fc68d..284ae2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2014.08.26 -- Version 0.3.5 + +* added an exception to the license which allows linking with OpenSSL +* added support for clang +* added libnettle as additional crypto library option +* fixed mutli-threading support for libgcrypt 1.6.0 and newer + 2011.12.30 -- Version 0.3.4 * Service Release: several build fixes for newer versions of diff --git a/LICENSE b/LICENSE index 44d9451..1ec6984 100644 --- a/LICENSE +++ b/LICENSE @@ -6,12 +6,12 @@ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel * mode and allows tunneling of every ETHER TYPE protocol (e.g. * ethernet, ip, arp ...). satp directly includes cryptography and - * message authentication based on the methodes used by SRTP. It is + * message authentication based on the methods used by SRTP. It is * intended to deliver a generic, scaleable and secure solution for * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl, * Christian Pointner * * This file is part of Anytun. @@ -27,8 +27,23 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with anytun. If not, see . + * along with Anytun. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. */ + + GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 diff --git a/LICENSE.OpenSSL b/LICENSE.OpenSSL new file mode 100644 index 0000000..9b5fe3c --- /dev/null +++ b/LICENSE.OpenSSL @@ -0,0 +1,182 @@ +/* + * anytun + * + * The secure anycast tunneling protocol (satp) defines a protocol used + * for communication between any combination of unicast and anycast + * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel + * mode and allows tunneling of every ETHER TYPE protocol (e.g. + * ethernet, ip, arp ...). satp directly includes cryptography and + * message authentication based on the methods used by SRTP. It is + * intended to deliver a generic, scaleable and secure solution for + * tunneling and relaying of packets of any protocol. + * + * + * Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl, + * Christian Pointner + * + * This file is part of Anytun. + * + * Anytun is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * any later version. + * + * Anytun is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Anytun. If not, see . + * + * In addition, as a special exception, the copyright holders give + * permission to link the code of portions of this program with the + * OpenSSL library under certain conditions as described in each + * individual source file, and distribute linked combinations + * including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you + * do not wish to do so, delete this exception statement from your + * version. If you delete this exception statement from all source + * files in the program, then also delete it here. + */ + +Certain source files in this program permit linking with the OpenSSL +library (http://www.openssl.org), which otherwise wouldn't be allowed +under the GPL. For purposes of identifying OpenSSL, most source files +giving this permission limit it to versions of OpenSSL having a license +identical to that listed in this file (LICENSE.OpenSSL). It is not +necessary for the copyright years to match between this file and the +OpenSSL version in question. However, note that because this file is +an extension of the license statements of these source files, this file +may not be changed except with permission from all copyright holders +of source files in this program which reference this file. + + + LICENSE ISSUES + ============== + + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ diff --git a/README b/README index 2ba23a5..09f1692 100644 --- a/README +++ b/README @@ -1,8 +1,8 @@ Dependencies ============ -Anytun can be built by using either libgcrypt or the openssl-crypto library. -The latter is more performant in most cases but there are some license +Anytun can be built by using either libgcrypt, libnettle or the openssl-crypto +library. The latter is more performant in most cases but there are some license issues when using this library. Linux @@ -12,15 +12,21 @@ Linux using libgcrypt: libgcrypt11-dev -using ssl crypto lib: +using ssl crypto library: libssl-dev +using nettle crypto library: + nettle-dev + common: build-essential - libboost-serialization1.35-dev - libboost-thread1.35-dev - libboost-system1.35-dev - libboost-regex1.35-dev + libboost-serialization-dev + libboost-thread-dev + libboost-system-dev + libboost-regex-dev + +if you want clang as compiler + clang if you want to rebuild the manpage: asciidoc @@ -44,33 +50,52 @@ if you want to rebuild the manpage: textproc/libxslt textproc/docbook-xsl sysutils/readlink - misc/getopt + misc/getopt Windows ------- -OpenSSL - Developer: - http://www.slproweb.com/download/Win32OpenSSL-0_9_8j.exe - Runtime Only: - http://www.slproweb.com/download/Win32OpenSSL_Light-0_9_8j.exe - -Boost 1.35: - http://www.boostpro.com/download/boost_1_35_0_setup.exe + Crosscompiling with MinGW under Debian/Ubuntu: + ---------------------------------------------- + + # sudo apt-get install mingw-w64 + # cd contrib/ + # ./build-boost-mingw-cross.sh + # ./build-openssl-mingw-cross.sh + # ./build-anytun-mingw-cross.sh + + The compiled binaries can be found in anytun-w32 and anytun-w64 (32 and 64Bit). + You can create a ZIP archive containing all needed files by calling: + + # ./make-mingw-release.sh + - As it can take some time to install everything from boost here is a - complete list of libraries which have to be installed in order to build anytun: - - * Serialization - * Thread - * date_time - * System - * regex + Using MS Visual C++: + -------------------- + OpenSSL + Developer: + http://www.slproweb.com/download/Win32OpenSSL-1_0_1h.exe + + Runtime Only: + http://www.slproweb.com/download/Win32OpenSSL_Light-1_0_1h.exe + + Boost + http://sourceforge.net/projects/boost/files/boost-binaries/ + + As it can take some time to install everything from boost here is a + complete list of libraries which have to be installed in order to build anytun: + + * Serialization + * Thread + * date_time + * System + * regex + + Microsoft Visual C++ 2008 Redistributable Package (x86): + http://www.microsoft.com/downloads/details.aspx?familyid=9B2DA534-3E03-4391-8A4D-074B9F2BC1BF -Microsoft Visual C++ 2008 Redistributable Package (x86): - http://www.microsoft.com/downloads/details.aspx?familyid=9B2DA534-3E03-4391-8A4D-074B9F2BC1BF @@ -79,6 +104,7 @@ Installation Getting the source via subversion: ---------------------------------- + svn co http://svn.anytun.org/anytun/trunk anytun cd anytun @@ -98,7 +124,7 @@ using ssl crypto library: # make -Notes: +Notes: - try './configure --help' for further information - if using openssl pre 0.9.8 you have to disable passphrase because openssl had no SHA256 implementation prior to this @@ -113,6 +139,7 @@ Installing This will install anytun under the --prefix defined with configure. + Uninstalling ------------ @@ -132,26 +159,26 @@ Usage: init.d script ------------- -The init.d script can be used to start anytun at boot time. It searches for +The init.d script can be used to start anytun at boot time. It searches for configuration files which reside at $CONFIG_DIR. For each instance of anytun which should be started there must be a directory containing at least a file named config. This file must contain all command line parameter which should be used when starting the daemon. One line for each parameter. Empty lines and lines starting with # are ignored. Besides the config file there may be a script -named post-up.sh which will be called when the tun/tap device comes up. -Furthermore there may be a directory called conf.d containing config files for -anytun-config. The syntax of this files is quite the same as those for anytun. -These files are used to configure a multi connection setup using anytun-config +named post-up.sh which will be called when the tun/tap device comes up. +Furthermore there may be a directory called conf.d containing config files for +anytun-config. The syntax of this files is quite the same as those for anytun. +These files are used to configure a multi connection setup using anytun-config and anytun-controld This is an example of how the script can be used to start anytun: # /etc/init.d/anytun start client1 p2p-a In this case the script will start 2 instances of anytun using the config files -$CONFIG_DIR/client1/config and $CONFIG_DIR/p2p-a/config. +$CONFIG_DIR/client1/config and $CONFIG_DIR/p2p-a/config. If no instance name is specified the script will use the file $CONFIG_DIR/autostart -to determine which instances to start or stop. This file must contain a list -of instance names which should be used when no names are specified at the command +to determine which instances to start or stop. This file must contain a list +of instance names which should be used when no names are specified at the command line. One line for each name. Empty lines and lines starting with # are ignored. diff --git a/contrib/anytun-example.bat b/contrib/anytun-example.bat new file mode 100644 index 0000000..f00e19a --- /dev/null +++ b/contrib/anytun-example.bat @@ -0,0 +1,5 @@ +@rem Point to point example +@rem please make sure to keep the remote-host parameter, even if it's wrong, to avoid problems with windows firewall +@rem anytun --interface 0.0.0.0 --passphrase lala --type tap --ifconfig 5.0.225.2/8 --remote-host 1.1.1.2 --remote-port 4444 +anytun --interface 0.0.0.0 --passphrase lala --type tap --ifconfig 5.0.225.1/8 --remote-host 1.1.1.1 --remote-port 4444 --role right +pause \ No newline at end of file diff --git a/contrib/boost_project-config.patch b/contrib/boost_project-config.patch new file mode 100644 index 0000000..5dd39c3 --- /dev/null +++ b/contrib/boost_project-config.patch @@ -0,0 +1,15 @@ +--- boost_1_48_0/project-config.jam 2012-01-05 22:25:47.000000000 +0100 ++++ project-config.jam 2012-01-05 22:14:39.000000000 +0100 +@@ -7,10 +7,8 @@ + # Compiler configuration. This definition will be used unless + # you already have defined some toolsets in your user-config.jam + # file. +-if ! gcc in [ feature.values ] +-{ +- using gcc ; +-} ++using gcc : w32 : i686-w64-mingw32-g++ ; ++using gcc : w64 : x86_64-w64-mingw32-g++ ; + + project : default-build gcc ; + diff --git a/contrib/build-anytun-mingw-cross.sh b/contrib/build-anytun-mingw-cross.sh new file mode 100755 index 0000000..54e09c5 --- /dev/null +++ b/contrib/build-anytun-mingw-cross.sh @@ -0,0 +1,23 @@ +#!/bin/sh +set -e +BASE=`pwd` + +cd ../src + +for target in w32 w64; do + if [ "$target" = "w32" ]; then + target_name=i686 + else + target_name=x86_64 + fi + make distclean + ./configure --target=mingw --use-ssl-crypto --with-boost=../contrib/boost-$target --with-openssl=../contrib/openssl-$target --cross-prefix=$target_name-w64-mingw32- + make + make strip + mkdir -p $BASE/anytun-$target + cp *.exe $BASE/anytun-$target +done + +cd ../contrib + +exit 0 diff --git a/contrib/build-boost-mingw-cross.sh b/contrib/build-boost-mingw-cross.sh new file mode 100755 index 0000000..5ca49e7 --- /dev/null +++ b/contrib/build-boost-mingw-cross.sh @@ -0,0 +1,21 @@ +#!/bin/sh +set -e +BOOST=1.55.0 + +BOOST_DASH=`echo $BOOST | perl -ne 's/\./_/g; print'` +echo $BOOST_DASH +wget http://downloads.sourceforge.net/project/boost/boost/$BOOST/boost_${BOOST_DASH}.tar.bz2 -O - | tar xj + +cd boost_${BOOST_DASH} +./bootstrap.sh + +patch -p1 < ../boost_project-config.patch + +for target in w32 w64; do + ./b2 --layout=system variant=release threading=multi link=shared runtime-link=shared toolset=gcc-$target target-os=windows threadapi=win32 stage || true + mkdir -p ../boost-$target/include + mv stage/lib ../boost-$target/ + cp -r boost ../boost-$target/include + ./b2 --layout=system variant=release threading=multi link=shared runtime-link=shared toolset=gcc-$target target-os=windows threadapi=win32 stage --clean || true +done +rm -rf ../boost_${BOOST_DASH} diff --git a/contrib/build-openssl-mingw-cross.sh b/contrib/build-openssl-mingw-cross.sh new file mode 100755 index 0000000..7e165b1 --- /dev/null +++ b/contrib/build-openssl-mingw-cross.sh @@ -0,0 +1,21 @@ +#!/bin/sh +set -e +OPENSSL=openssl-1.0.1h +BASE=`pwd` + +wget http://openssl.org/source/$OPENSSL.tar.gz -O - | tar xz + +cd $OPENSSL +if [ -e ../$OPENSSL\-configure.patch ]; then + patch -p1 < ../$OPENSSL\-configure.patch +fi +./config --cross-compile-prefix=x86_64-w64-mingw32- shared mingw64 --prefix=$BASE/openssl-w64/ +make +make install +make clean +./config --cross-compile-prefix=i686-w64-mingw32- shared mingw --prefix=$BASE/openssl-w32/ +make +make install +make clean +cd .. +rm -rf $OPENSSL diff --git a/contrib/make-mingw-release.sh b/contrib/make-mingw-release.sh new file mode 100755 index 0000000..5a1d29f --- /dev/null +++ b/contrib/make-mingw-release.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +VER=`cat ../version` + +for target in w32 w64; do + if [ "$target" = "w32" ]; then + LIBGCC_DLL=/usr/lib/gcc/i686-w64-mingw32/`i686-w64-mingw32-g++ -dumpversion`/libgcc_s_sjlj-1.dll + LIBSTDCPP_DLL=/usr/lib/gcc/i686-w64-mingw32/`i686-w64-mingw32-g++ -dumpversion`/libstdc++-6.dll + else + LIBGCC_DLL=/usr/lib/gcc/i686-w64-mingw32/`i686-w64-mingw32-g++ -dumpversion`/libgcc_s_sjlj-1.dll + LIBSTDCPP_DLL=/usr/lib/gcc/i686-w64-mingw32/`i686-w64-mingw32-g++ -dumpversion`/libstdc++-6.dll + fi + mkdir anytun-$VER-$target + cp anytun-$target/*.exe anytun-$VER-$target + cp $LIBGCC_DLL $LIBSTDCPP_DLL anytun-$VER-$target + cp boost-$target/lib/libboost_{date_time,serialization,system,thread_win32,chrono}.dll anytun-$VER-$target + cp openssl-$target/bin/libeay32.dll anytun-$VER-$target + cp anytun-example.bat anytun-$VER-$target + cp ../{AUTHORS,ChangeLog,LICENSE,README,version} anytun-$VER-$target + cp -r tap?? anytun-$VER-$target + rm -rf anytun-$VER-$target/tap*/.svn + + zip -r anytun-$VER-$target.zip anytun-$VER-$target + rm -rf anytun-$VER-$target +done + +exit 0 diff --git a/contrib/openssl-1.0.0f-configure.patch b/contrib/openssl-1.0.0f-configure.patch new file mode 100644 index 0000000..125f436 --- /dev/null +++ b/contrib/openssl-1.0.0f-configure.patch @@ -0,0 +1,46 @@ +diff -u openssl-1.0.0f.orig/config openssl-1.0.0f//config +--- openssl-1.0.0f.orig/config 2011-07-15 21:59:18.000000000 +0200 ++++ openssl-1.0.0f//config 2012-01-05 01:32:27.619235053 +0100 +@@ -825,9 +825,9 @@ + # options="$options -DATALLA" + #fi + +-($CC -Wa,--help -c -o /dev/null -x assembler /dev/null 2>&1 | \ +- grep \\--noexecstack) 2>&1 > /dev/null && \ +- options="$options -Wa,--noexecstack" ++#($CC -Wa,--help -c -o /dev/null -x assembler /dev/null 2>&1 | \ ++# grep \\--noexecstack) 2>&1 > /dev/null && \ ++# options="$options -Wa,--noexecstack" + + # gcc < 2.8 does not support -march=ultrasparc + if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ] +diff -u openssl-1.0.0f.orig/Configure openssl-1.0.0f//Configure +--- openssl-1.0.0f.orig/Configure 2011-12-19 18:04:38.000000000 +0100 ++++ openssl-1.0.0f//Configure 2012-01-05 01:21:18.723239740 +0100 +@@ -505,7 +505,7 @@ + "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", + + # MinGW +-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a", ++"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -Wl,--export-all -shared:.dll.a", + # As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll + # compiled with one compiler with application compiled with another + # compiler. It's possible to engage Applink support in mingw64 build, +@@ -513,7 +513,7 @@ + # handling, one can't seriously consider its binaries for using with + # non-mingw64 run-time environment. And as mingw64 is always consistent + # with itself, Applink is never engaged and can as well be omitted. +-"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a", ++"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin -Wl,--export-all -shared:.dll.a", + + # UWIN + "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", +@@ -869,7 +869,7 @@ + } + else + { +- die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); ++ #die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + $target=$_; + } + diff --git a/contrib/openssl-1.0.1c-configure.patch b/contrib/openssl-1.0.1c-configure.patch new file mode 100644 index 0000000..3684601 --- /dev/null +++ b/contrib/openssl-1.0.1c-configure.patch @@ -0,0 +1,50 @@ +diff -ur openssl-1.0.1c.orig/config openssl-1.0.1c/config +--- openssl-1.0.1c.orig/config 2011-11-14 22:12:53.000000000 +0100 ++++ openssl-1.0.1c/config 2012-07-18 00:29:49.145918677 +0200 +@@ -857,11 +857,11 @@ + # options="$options -DATALLA" + #fi + +-if expr "$options" : '.*no\-asm' > /dev/null; then :; else +- sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ +- grep \\--noexecstack >/dev/null && \ +- options="$options -Wa,--noexecstack" +-fi ++#if expr "$options" : '.*no\-asm' > /dev/null; then :; else ++# sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ ++# grep \\--noexecstack >/dev/null && \ ++# options="$options -Wa,--noexecstack" ++#fi + + # gcc < 2.8 does not support -march=ultrasparc + if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ] +diff -ur openssl-1.0.1c.orig/Configure openssl-1.0.1c/Configure +--- openssl-1.0.1c.orig/Configure 2012-03-14 23:20:40.000000000 +0100 ++++ openssl-1.0.1c/Configure 2012-07-18 00:25:25.278997860 +0200 +@@ -531,7 +531,7 @@ + "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", + + # MinGW +-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a", ++"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -Wl,--export-all -shared:.dll.a", + # As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll + # compiled with one compiler with application compiled with another + # compiler. It's possible to engage Applink support in mingw64 build, +@@ -539,7 +539,7 @@ + # handling, one can't seriously consider its binaries for using with + # non-mingw64 run-time environment. And as mingw64 is always consistent + # with itself, Applink is never engaged and can as well be omitted. +-"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a", ++"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin -Wl,--export-all -shared:.dll.a", + + # UWIN + "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", +@@ -931,7 +931,7 @@ + } + else + { +- die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); ++ #die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + $target=$_; + } + diff --git a/contrib/openssl-1.0.1h-configure.patch b/contrib/openssl-1.0.1h-configure.patch new file mode 100644 index 0000000..d50c999 --- /dev/null +++ b/contrib/openssl-1.0.1h-configure.patch @@ -0,0 +1,50 @@ +diff -Nur openssl-1.0.1h.orig/config openssl-1.0.1h/config +--- openssl-1.0.1h.orig/config 2014-06-05 11:44:33.000000000 +0200 ++++ openssl-1.0.1h/config 2014-06-29 03:58:01.297328864 +0200 +@@ -857,11 +857,11 @@ + # options="$options -DATALLA" + #fi + +-if expr "$options" : '.*no\-asm' > /dev/null; then :; else +- sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ +- grep \\--noexecstack >/dev/null && \ +- options="$options -Wa,--noexecstack" +-fi ++#if expr "$options" : '.*no\-asm' > /dev/null; then :; else ++# sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ ++# grep \\--noexecstack >/dev/null && \ ++# options="$options -Wa,--noexecstack" ++#fi + + # gcc < 2.8 does not support -march=ultrasparc + if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ] +diff -Nur openssl-1.0.1h.orig/Configure openssl-1.0.1h/Configure +--- openssl-1.0.1h.orig/Configure 2014-06-05 11:44:33.000000000 +0200 ++++ openssl-1.0.1h/Configure 2014-06-29 03:58:01.297328864 +0200 +@@ -533,7 +533,7 @@ + "BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32", + + # MinGW +-"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a", ++"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin -Wl,--export-all -shared:.dll.a", + # As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll + # compiled with one compiler with application compiled with another + # compiler. It's possible to engage Applink support in mingw64 build, +@@ -541,7 +541,7 @@ + # handling, one can't seriously consider its binaries for using with + # non-mingw64 run-time environment. And as mingw64 is always consistent + # with itself, Applink is never engaged and can as well be omitted. +-"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a", ++"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin -Wl,--export-all -shared:.dll.a", + + # UWIN + "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32", +@@ -933,7 +933,7 @@ + } + else + { +- die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); ++ #die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + $target=$_; + } + diff --git a/contrib/tap32/OemWin2k.inf b/contrib/tap32/OemWin2k.inf new file mode 100644 index 0000000..8089434 --- /dev/null +++ b/contrib/tap32/OemWin2k.inf @@ -0,0 +1,187 @@ +; **************************************************************************** +; * Copyright (C) 2002-2008 OpenVPN Technologies, Inc. * +; * This program is free software; you can redistribute it and/or modify * +; * it under the terms of the GNU General Public License version 2 * +; * as published by the Free Software Foundation. * +; **************************************************************************** + +; SYNTAX CHECKER +; cd \WINDDK\3790\tools\chkinf +; chkinf c:\src\openvpn\tap-win32\i386\oemwin2k.inf +; OUTPUT -> file:///c:/WINDDK/3790/tools/chkinf/htm/c%23+src+openvpn+tap-win32+i386+__OemWin2k.htm + +; INSTALL/REMOVE DRIVER +; tapinstall install OemWin2k.inf TAP0901 +; tapinstall update OemWin2k.inf TAP0901 +; tapinstall remove TAP0901 + +;********************************************************* +; Note to Developers: +; +; If you are bundling the TAP-Win32 driver with your app, +; you should try to rename it in such a way that it will +; not collide with other instances of TAP-Win32 defined +; by other apps. Multiple versions of the TAP-Win32 +; driver, each installed by different apps, can coexist +; on the same machine if you follow these guidelines. +; NOTE: these instructions assume you are editing the +; generated OemWin2k.inf file, not the source +; OemWin2k.inf.in file which is preprocessed by winconfig +; and uses macro definitions from settings.in. +; +; (1) Rename all tapXXXX instances in this file to +; something different (use at least 5 characters +; for this name!) +; (2) Change the "!define TAP" definition in openvpn.nsi +; to match what you changed tapXXXX to. +; (3) Change TARGETNAME in SOURCES to match what you +; changed tapXXXX to. +; (4) Change TAP_COMPONENT_ID in common.h to match what +; you changed tapXXXX to. +; (5) Change SZDEPENDENCIES in service.h to match what +; you changed tapXXXX to. +; (6) Change DeviceDescription and Provider strings. +; (7) Change PRODUCT_STRING in constants.h to what you +; set DeviceDescription to. +; +;********************************************************* + +[Version] + Signature = "$Windows NT$" + CatalogFile = tap0901.cat + ClassGUID = {4d36e972-e325-11ce-bfc1-08002be10318} + Provider = %Provider% + Class = Net + +; This version number should match the version +; number given in SOURCES. + DriverVer=01/22/2008,9.00.00.4 + +[Strings] + DeviceDescription = "TAP-Win32 Adapter V9" + Provider = "TAP-Win32 Provider V9" + +;---------------------------------------------------------------- +; Manufacturer + Product Section (Done) +;---------------------------------------------------------------- +[Manufacturer] + %Provider% = tap0901 + +[tap0901] + %DeviceDescription% = tap0901.ndi, tap0901 + +;--------------------------------------------------------------- +; Driver Section (Done) +;--------------------------------------------------------------- + +;----------------- Characteristics ------------ +; NCF_PHYSICAL = 0x04 +; NCF_VIRTUAL = 0x01 +; NCF_SOFTWARE_ENUMERATED = 0x02 +; NCF_HIDDEN = 0x08 +; NCF_NO_SERVICE = 0x10 +; NCF_HAS_UI = 0x80 +;----------------- Characteristics ------------ + +[tap0901.ndi] + CopyFiles = tap0901.driver, tap0901.files + AddReg = tap0901.reg + AddReg = tap0901.params.reg + Characteristics = 0x81 + +[tap0901.ndi.Services] + AddService = tap0901, 2, tap0901.service + +[tap0901.reg] + HKR, Ndi, Service, 0, "tap0901" + HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" + HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" + HKR, , Manufacturer, 0, "%Provider%" + HKR, , ProductName, 0, "%DeviceDescription%" + +[tap0901.params.reg] + HKR, Ndi\params\MTU, ParamDesc, 0, "MTU" + HKR, Ndi\params\MTU, Type, 0, "int" + HKR, Ndi\params\MTU, Default, 0, "1500" + HKR, Ndi\params\MTU, Optional, 0, "0" + HKR, Ndi\params\MTU, Min, 0, "100" + HKR, Ndi\params\MTU, Max, 0, "1500" + HKR, Ndi\params\MTU, Step, 0, "1" + HKR, Ndi\params\MediaStatus, ParamDesc, 0, "Media Status" + HKR, Ndi\params\MediaStatus, Type, 0, "enum" + HKR, Ndi\params\MediaStatus, Default, 0, "0" + HKR, Ndi\params\MediaStatus, Optional, 0, "0" + HKR, Ndi\params\MediaStatus\enum, "0", 0, "Application Controlled" + HKR, Ndi\params\MediaStatus\enum, "1", 0, "Always Connected" + HKR, Ndi\params\MAC, ParamDesc, 0, "MAC Address" + HKR, Ndi\params\MAC, Type, 0, "edit" + HKR, Ndi\params\MAC, Optional, 0, "1" + HKR, Ndi\params\AllowNonAdmin, ParamDesc, 0, "Non-Admin Access" + HKR, Ndi\params\AllowNonAdmin, Type, 0, "enum" + HKR, Ndi\params\AllowNonAdmin, Default, 0, "1" + HKR, Ndi\params\AllowNonAdmin, Optional, 0, "0" + HKR, Ndi\params\AllowNonAdmin\enum, "0", 0, "Not Allowed" + HKR, Ndi\params\AllowNonAdmin\enum, "1", 0, "Allowed" + +;---------------------------------------------------------------- +; Service Section +;---------------------------------------------------------------- + +;---------- Service Type ------------- +; SERVICE_KERNEL_DRIVER = 0x01 +; SERVICE_WIN32_OWN_PROCESS = 0x10 +;---------- Service Type ------------- + +;---------- Start Mode --------------- +; SERVICE_BOOT_START = 0x0 +; SERVICE_SYSTEM_START = 0x1 +; SERVICE_AUTO_START = 0x2 +; SERVICE_DEMAND_START = 0x3 +; SERVICE_DISABLED = 0x4 +;---------- Start Mode --------------- + +[tap0901.service] + DisplayName = %DeviceDescription% + ServiceType = 1 + StartType = 3 + ErrorControl = 1 + LoadOrderGroup = NDIS + ServiceBinary = %12%\tap0901.sys + +;----------------------------------------------------------------- +; File Installation +;----------------------------------------------------------------- + +;----------------- Copy Flags ------------ +; COPYFLG_NOSKIP = 0x02 +; COPYFLG_NOVERSIONCHECK = 0x04 +;----------------- Copy Flags ------------ + +; SourceDisksNames +; diskid = description[, [tagfile] [, , subdir]] +; 1 = "Intel Driver Disk 1",e100bex.sys,, + +[SourceDisksNames] + 1 = %DeviceDescription%, tap0901.sys + +; SourceDisksFiles +; filename_on_source = diskID[, [subdir][, size]] +; e100bex.sys = 1,, ; on distribution disk 1 + +[SourceDisksFiles] +tap0901.sys = 1 + +[DestinationDirs] + tap0901.files = 11 + tap0901.driver = 12 + +[tap0901.files] +; TapPanel.cpl,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK +; cipsrvr.exe,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK + +[tap0901.driver] + tap0901.sys,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK + +;--------------------------------------------------------------- +; End +;--------------------------------------------------------------- diff --git a/contrib/tap32/tap0901.cat b/contrib/tap32/tap0901.cat new file mode 100644 index 0000000..6ba3971 Binary files /dev/null and b/contrib/tap32/tap0901.cat differ diff --git a/contrib/tap32/tap0901.sys b/contrib/tap32/tap0901.sys new file mode 100644 index 0000000..0f93221 Binary files /dev/null and b/contrib/tap32/tap0901.sys differ diff --git a/contrib/tap32/tap_install.bat b/contrib/tap32/tap_install.bat new file mode 100644 index 0000000..06de8b9 --- /dev/null +++ b/contrib/tap32/tap_install.bat @@ -0,0 +1,2 @@ +tapinstall.exe install OemWin2k.inf TAP0901 +pause \ No newline at end of file diff --git a/contrib/tap32/tap_remove.bat b/contrib/tap32/tap_remove.bat new file mode 100644 index 0000000..dfde01e --- /dev/null +++ b/contrib/tap32/tap_remove.bat @@ -0,0 +1,2 @@ +tapinstall.exe remove OemWin2k.inf TAP0901 +pause \ No newline at end of file diff --git a/contrib/tap32/tapinstall.exe b/contrib/tap32/tapinstall.exe new file mode 100644 index 0000000..6d978cd Binary files /dev/null and b/contrib/tap32/tapinstall.exe differ diff --git a/contrib/tap64/OemWin2k.inf b/contrib/tap64/OemWin2k.inf new file mode 100644 index 0000000..3a0398c --- /dev/null +++ b/contrib/tap64/OemWin2k.inf @@ -0,0 +1,187 @@ +; **************************************************************************** +; * Copyright (C) 2002-2008 OpenVPN Technologies, Inc. * +; * This program is free software; you can redistribute it and/or modify * +; * it under the terms of the GNU General Public License version 2 * +; * as published by the Free Software Foundation. * +; **************************************************************************** + +; SYNTAX CHECKER +; cd \WINDDK\3790\tools\chkinf +; chkinf c:\src\openvpn\tap-win32\i386\oemwin2k.inf +; OUTPUT -> file:///c:/WINDDK/3790/tools/chkinf/htm/c%23+src+openvpn+tap-win32+i386+__OemWin2k.htm + +; INSTALL/REMOVE DRIVER +; tapinstall install OemWin2k.inf TAP0901 +; tapinstall update OemWin2k.inf TAP0901 +; tapinstall remove TAP0901 + +;********************************************************* +; Note to Developers: +; +; If you are bundling the TAP-Win32 driver with your app, +; you should try to rename it in such a way that it will +; not collide with other instances of TAP-Win32 defined +; by other apps. Multiple versions of the TAP-Win32 +; driver, each installed by different apps, can coexist +; on the same machine if you follow these guidelines. +; NOTE: these instructions assume you are editing the +; generated OemWin2k.inf file, not the source +; OemWin2k.inf.in file which is preprocessed by winconfig +; and uses macro definitions from settings.in. +; +; (1) Rename all tapXXXX instances in this file to +; something different (use at least 5 characters +; for this name!) +; (2) Change the "!define TAP" definition in openvpn.nsi +; to match what you changed tapXXXX to. +; (3) Change TARGETNAME in SOURCES to match what you +; changed tapXXXX to. +; (4) Change TAP_COMPONENT_ID in common.h to match what +; you changed tapXXXX to. +; (5) Change SZDEPENDENCIES in service.h to match what +; you changed tapXXXX to. +; (6) Change DeviceDescription and Provider strings. +; (7) Change PRODUCT_STRING in constants.h to what you +; set DeviceDescription to. +; +;********************************************************* + +[Version] + Signature = "$Windows NT$" + CatalogFile = tap0901.cat + ClassGUID = {4d36e972-e325-11ce-bfc1-08002be10318} + Provider = %Provider% + Class = Net + +; This version number should match the version +; number given in SOURCES. + DriverVer=01/22/2008,9.00.00.4 + +[Strings] + DeviceDescription = "TAP-Win32 Adapter V9" + Provider = "TAP-Win32 Provider V9" + +;---------------------------------------------------------------- +; Manufacturer + Product Section (Done) +;---------------------------------------------------------------- +[Manufacturer] + %Provider% = tap0901, NTamd64 + +[tap0901.NTamd64] + %DeviceDescription% = tap0901.ndi, tap0901 + +;--------------------------------------------------------------- +; Driver Section (Done) +;--------------------------------------------------------------- + +;----------------- Characteristics ------------ +; NCF_PHYSICAL = 0x04 +; NCF_VIRTUAL = 0x01 +; NCF_SOFTWARE_ENUMERATED = 0x02 +; NCF_HIDDEN = 0x08 +; NCF_NO_SERVICE = 0x10 +; NCF_HAS_UI = 0x80 +;----------------- Characteristics ------------ + +[tap0901.ndi] + CopyFiles = tap0901.driver, tap0901.files + AddReg = tap0901.reg + AddReg = tap0901.params.reg + Characteristics = 0x81 + +[tap0901.ndi.Services] + AddService = tap0901, 2, tap0901.service + +[tap0901.reg] + HKR, Ndi, Service, 0, "tap0901" + HKR, Ndi\Interfaces, UpperRange, 0, "ndis5" + HKR, Ndi\Interfaces, LowerRange, 0, "ethernet" + HKR, , Manufacturer, 0, "%Provider%" + HKR, , ProductName, 0, "%DeviceDescription%" + +[tap0901.params.reg] + HKR, Ndi\params\MTU, ParamDesc, 0, "MTU" + HKR, Ndi\params\MTU, Type, 0, "int" + HKR, Ndi\params\MTU, Default, 0, "1500" + HKR, Ndi\params\MTU, Optional, 0, "0" + HKR, Ndi\params\MTU, Min, 0, "100" + HKR, Ndi\params\MTU, Max, 0, "1500" + HKR, Ndi\params\MTU, Step, 0, "1" + HKR, Ndi\params\MediaStatus, ParamDesc, 0, "Media Status" + HKR, Ndi\params\MediaStatus, Type, 0, "enum" + HKR, Ndi\params\MediaStatus, Default, 0, "0" + HKR, Ndi\params\MediaStatus, Optional, 0, "0" + HKR, Ndi\params\MediaStatus\enum, "0", 0, "Application Controlled" + HKR, Ndi\params\MediaStatus\enum, "1", 0, "Always Connected" + HKR, Ndi\params\MAC, ParamDesc, 0, "MAC Address" + HKR, Ndi\params\MAC, Type, 0, "edit" + HKR, Ndi\params\MAC, Optional, 0, "1" + HKR, Ndi\params\AllowNonAdmin, ParamDesc, 0, "Non-Admin Access" + HKR, Ndi\params\AllowNonAdmin, Type, 0, "enum" + HKR, Ndi\params\AllowNonAdmin, Default, 0, "1" + HKR, Ndi\params\AllowNonAdmin, Optional, 0, "0" + HKR, Ndi\params\AllowNonAdmin\enum, "0", 0, "Not Allowed" + HKR, Ndi\params\AllowNonAdmin\enum, "1", 0, "Allowed" + +;---------------------------------------------------------------- +; Service Section +;---------------------------------------------------------------- + +;---------- Service Type ------------- +; SERVICE_KERNEL_DRIVER = 0x01 +; SERVICE_WIN32_OWN_PROCESS = 0x10 +;---------- Service Type ------------- + +;---------- Start Mode --------------- +; SERVICE_BOOT_START = 0x0 +; SERVICE_SYSTEM_START = 0x1 +; SERVICE_AUTO_START = 0x2 +; SERVICE_DEMAND_START = 0x3 +; SERVICE_DISABLED = 0x4 +;---------- Start Mode --------------- + +[tap0901.service] + DisplayName = %DeviceDescription% + ServiceType = 1 + StartType = 3 + ErrorControl = 1 + LoadOrderGroup = NDIS + ServiceBinary = %12%\tap0901.sys + +;----------------------------------------------------------------- +; File Installation +;----------------------------------------------------------------- + +;----------------- Copy Flags ------------ +; COPYFLG_NOSKIP = 0x02 +; COPYFLG_NOVERSIONCHECK = 0x04 +;----------------- Copy Flags ------------ + +; SourceDisksNames +; diskid = description[, [tagfile] [, , subdir]] +; 1 = "Intel Driver Disk 1",e100bex.sys,, + +[SourceDisksNames] + 1 = %DeviceDescription%, tap0901.sys + +; SourceDisksFiles +; filename_on_source = diskID[, [subdir][, size]] +; e100bex.sys = 1,, ; on distribution disk 1 + +[SourceDisksFiles] +tap0901.sys = 1 + +[DestinationDirs] + tap0901.files = 11 + tap0901.driver = 12 + +[tap0901.files] +; TapPanel.cpl,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK +; cipsrvr.exe,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK + +[tap0901.driver] + tap0901.sys,,,6 ; COPYFLG_NOSKIP | COPYFLG_NOVERSIONCHECK + +;--------------------------------------------------------------- +; End +;--------------------------------------------------------------- diff --git a/contrib/tap64/tap0901.cat b/contrib/tap64/tap0901.cat new file mode 100644 index 0000000..622a45e Binary files /dev/null and b/contrib/tap64/tap0901.cat differ diff --git a/contrib/tap64/tap0901.sys b/contrib/tap64/tap0901.sys new file mode 100644 index 0000000..14bf5bf Binary files /dev/null and b/contrib/tap64/tap0901.sys differ diff --git a/contrib/tap64/tap_install.bat b/contrib/tap64/tap_install.bat new file mode 100644 index 0000000..06de8b9 --- /dev/null +++ b/contrib/tap64/tap_install.bat @@ -0,0 +1,2 @@ +tapinstall.exe install OemWin2k.inf TAP0901 +pause \ No newline at end of file diff --git a/contrib/tap64/tap_remove.bat b/contrib/tap64/tap_remove.bat new file mode 100644 index 0000000..dfde01e --- /dev/null +++ b/contrib/tap64/tap_remove.bat @@ -0,0 +1,2 @@ +tapinstall.exe remove OemWin2k.inf TAP0901 +pause \ No newline at end of file diff --git a/contrib/tap64/tapinstall.exe b/contrib/tap64/tapinstall.exe new file mode 100644 index 0000000..852df83 Binary files /dev/null and b/contrib/tap64/tapinstall.exe differ diff --git a/contrib/tap64/tapinstall.exe.minifest.txt b/contrib/tap64/tapinstall.exe.minifest.txt new file mode 100644 index 0000000..9bdee88 --- /dev/null +++ b/contrib/tap64/tapinstall.exe.minifest.txt @@ -0,0 +1,16 @@ + + + + Installs or removes TAP devices + + + + + + + + + \ No newline at end of file diff --git a/doc/Makefile b/doc/Makefile index 4f8d8e8..4d5f9a2 100644 --- a/doc/Makefile +++ b/doc/Makefile @@ -6,12 +6,12 @@ ## tunnel endpoints. It has less protocol overhead than IPSec in Tunnel ## mode and allows tunneling of every ETHER TYPE protocol (e.g. ## ethernet, ip, arp ...). satp directly includes cryptography and -## message authentication based on the methodes used by SRTP. It is +## message authentication based on the methods used by SRTP. It is ## intended to deliver a generic, scaleable and secure solution for ## tunneling and relaying of packets of any protocol. ## ## -## Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, +## Copyright (C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl, ## Christian Pointner ## ## This file is part of Anytun. @@ -27,13 +27,26 @@ ## GNU General Public License for more details. ## ## You should have received a copy of the GNU General Public License -## along with anytun. If not, see . +## along with Anytun. If not, see . +## +## In addition, as a special exception, the copyright holders give +## permission to link the code of portions of this program with the +## OpenSSL library under certain conditions as described in each +## individual source file, and distribute linked combinations +## including the two. +## You must obey the GNU General Public License in all respects +## for all of the code used other than OpenSSL. If you modify +## file(s) with this exception, you may extend this exception to your +## version of the file(s), but you are not obligated to do so. If you +## do not wish to do so, delete this exception statement from your +## version. If you delete this exception statement from all source +## files in the program, then also delete it here. ## VERSION=$(shell cat ../version) MANPAGES := anytun.8 anytun-controld.8 anytun-config.8 anytun-showtables.8 #anyrtpproxy.8 -XML := $(MANPAGES:%.8=%.8.xml) +XML := $(MANPAGES:%.8=%.8.xml) .PHONY: clean realclean diff --git a/doc/anyrtpproxy.8.txt b/doc/anyrtpproxy.8.txt index a92d2e6..4f29906 100644 --- a/doc/anyrtpproxy.8.txt +++ b/doc/anyrtpproxy.8.txt @@ -31,7 +31,7 @@ DESCRIPTION *anyrtpproxy* is a rtpproxy which can be used in combination with anycast. It uses the same control protocol than rtpproxy though it can be controled through the nathelper -plugin of openser. *anyrtpproxy* uses the same synchronisation protocol than *Anytun* +plugin of openser. *anyrtpproxy* uses the same synchronisation protocol than *Anytun* to sync the session information among all anycast instances. @@ -61,16 +61,16 @@ OPTIONS The local address and port to listen on for control messages from openser *-p, --port-range *:: - A pool of ports which should be used by *anyrtpproxy* to relay RTP packets. + A pool of ports which should be used by *anyrtpproxy* to relay RTP packets. The range may not overlap between the anycast instances *-n, --nat*:: Allow to learn the remote address and port in order to handle clients behind nat. - This option should only be enabled if the source is authenticated (i.e. through - *anytun*) + This option should only be enabled if the source is authenticated (i.e. through + *anytun*) *-o, --no-nat-once*:: - Disable learning of remote address and port in case the first packet does not + Disable learning of remote address and port in case the first packet does not come from the client which is specified by openser during configuration. Invoking this parameter increases the security level of the system but in case of nat needs a working nat transversal such as stun. @@ -79,13 +79,13 @@ OPTIONS local unicast(sync) port to bind to + This port is used by anycast hosts to synchronize information about tunnel endpoints. No payload data is transmitted via this port. + - It is possible to obtain a list of active connections by telnetting into - this port. This port is read-only and unprotected by default. It is advised + It is possible to obtain a list of active connections by telnetting into + this port. This port is read-only and unprotected by default. It is advised to protect this port using firewall rules and, eventually, IPsec. *-M, --sync-hosts :,[:[...]]*:: remote hosts to sync with + - Here, one has to specify all unicast IP addresses of all + Here, one has to specify all unicast IP addresses of all other anycast hosts that comprise the anycast tunnel endpoint. EXAMPLES @@ -94,7 +94,7 @@ EXAMPLES Anycast Setup with 3 instances: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -On the host with unicast hostname unicast1.anycast.anytun.org and anycast +On the host with unicast hostname unicast1.anycast.anytun.org and anycast hostname anycast.anytun.org: -------------------------------------------------------------------------------------- # anyrtpproxy -i anycast.anytun.org -p 20000 25000 -S 2342 \ @@ -142,9 +142,8 @@ Main web site: http://www.anytun.org/ COPYING ------- -Copyright \(C) 2007-2009 Othmar Gsenger, Erwin Nindl and Christian -Pointner. This program is free software: you can redistribute it -and/or modify it under the terms of the GNU General Public License -as published by the Free Software Foundation, either version 3 of -the License, or any later version. - +Copyright \(C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl +and Christian Pointner. This program is free software: you can +redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either +version 3 of the License, or any later version. diff --git a/doc/anytun-config.8 b/doc/anytun-config.8 index 706e72c..57e3753 100644 --- a/doc/anytun-config.8 +++ b/doc/anytun-config.8 @@ -1,13 +1,13 @@ '\" t .\" Title: anytun-config .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.75.2 -.\" Date: 12/30/2011 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 08/26/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "ANYTUN\-CONFIG" "8" "12/30/2011" "\ \&" "\ \&" +.TH "ANYTUN\-CONFIG" "8" "08/26/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -237,4 +237,4 @@ Othmar Gsenger Erwin Nindl Christian Poi Main web site: http://www\&.anytun\&.org/ .SH "COPYING" .sp -Copyright (C) 2007\-2009 Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. +Copyright (C) 2007\-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. diff --git a/doc/anytun-config.8.txt b/doc/anytun-config.8.txt index 1aebf9a..1b27208 100644 --- a/doc/anytun-config.8.txt +++ b/doc/anytun-config.8.txt @@ -38,21 +38,21 @@ OPTIONS *-L, --log ':[,[,[..]]]'*:: add log target to logging system. This can be invoked several times - in order to log to different targets at the same time. Every target + in order to log to different targets at the same time. Every target hast its own log level which is a number between 0 and 5. Where 0 means disabling log and 5 means debug messages are enabled. + The file target can be used more the once with different levels. - If no target is provided at the command line a single target with the + If no target is provided at the command line a single target with the config 'syslog:3,anytun-config,daemon' is added. + The following targets are supported: 'syslog';; log to syslog daemon, parameters [,[,]] 'file';; log to file, parameters [,] 'stdout';; log to standard output, parameters - 'stderr';; log to standard error, parameters + 'stderr';; log to standard error, parameters *-U, --debug*:: - This option instructs *Anytun* to run in debug mode. It implicits *-D* + This option instructs *Anytun* to run in debug mode. It implicits *-D* (don't daemonize) and adds a log target with the configuration 'stdout:5' (logging with maximum level). In future releases there might be additional output when this option is supplied. @@ -100,7 +100,7 @@ OPTIONS *-k, --kd--prf ''*:: key derivation pseudo random function + - The pseudo random function which is used for calculating the + The pseudo random function which is used for calculating the session keys and session salt. + Possible values: @@ -113,16 +113,16 @@ OPTIONS *-e, --role ''*:: SATP uses different session keys for inbound and outbound traffic. The role parameter is used to determine which keys to use for outbound or - inbound packets. On both sides of a vpn connection different roles have - to be used. Possible values are *left* and *right*. You may also use - *alice* or *server* as a replacement for *left* and *bob* or *client* as + inbound packets. On both sides of a vpn connection different roles have + to be used. Possible values are *left* and *right*. You may also use + *alice* or *server* as a replacement for *left* and *bob* or *client* as a replacement for *right*. By default *left* is used. *-E, --passphrase ''*:: This passphrase is used to generate the master key and master salt. - For the master key the last n bits of the SHA256 digest of the - passphrase (where n is the length of the master key in bits) is used. - The master salt gets generated with the SHA1 digest. + For the master key the last n bits of the SHA256 digest of the + passphrase (where n is the length of the master key in bits) is used. + The master salt gets generated with the SHA1 digest. You may force a specific key and or salt by using *--key* and *--salt*. *-K, --key ''*:: @@ -143,10 +143,10 @@ EXAMPLES Add a client with Connection ID (Mux) 12 and add 2 Routes to this client ------------------------------------------------------------------------------------------------- +------------------------------------------------------------------------------------------------ # anytun-config -w 0 -m 12 -K 0123456789ABCDEFFEDCBA9876543210 -A 0123456789ABCDDCBA9876543210 \ -R 192.0.2.0/24 -R 192.168.1.1/32 -e server >> routingtable ------------------------------------------------------------------------------------------------- +------------------------------------------------------------------------------------------------ BUGS ---- @@ -174,8 +174,8 @@ Main web site: http://www.anytun.org/ COPYING ------- -Copyright \(C) 2007-2009 Othmar Gsenger, Erwin Nindl and Christian -Pointner. This program is free software: you can redistribute it -and/or modify it under the terms of the GNU General Public License -as published by the Free Software Foundation, either version 3 of -the License, or any later version. +Copyright \(C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl +and Christian Pointner. This program is free software: you can +redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either +version 3 of the License, or any later version. diff --git a/doc/anytun-controld.8 b/doc/anytun-controld.8 index 36b8585..9fbc11c 100644 --- a/doc/anytun-controld.8 +++ b/doc/anytun-controld.8 @@ -1,13 +1,13 @@ '\" t .\" Title: anytun-controld .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.75.2 -.\" Date: 12/30/2011 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 08/26/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "ANYTUN\-CONTROLD" "8" "12/30/2011" "\ \&" "\ \&" +.TH "ANYTUN\-CONTROLD" "8" "08/26/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -145,4 +145,4 @@ Othmar Gsenger Erwin Nindl Christian Poi Main web site: http://www\&.anytun\&.org/ .SH "COPYING" .sp -Copyright (C) 2007\-2009 Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. +Copyright (C) 2007\-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. diff --git a/doc/anytun-controld.8.txt b/doc/anytun-controld.8.txt index 6c7a3d8..96ac3e3 100644 --- a/doc/anytun-controld.8.txt +++ b/doc/anytun-controld.8.txt @@ -36,7 +36,7 @@ OPTIONS instead of becoming a daemon which is the default. *-u, --username ''*:: - run as this user. If no group is specified (*-g*) the default group of + run as this user. If no group is specified (*-g*) the default group of the user is used. The default is to not drop privileges. *-g, --groupname ''*:: @@ -44,30 +44,30 @@ OPTIONS The default is to not drop privileges. *-C, --chroot ''*:: - Instruct *anytun-controld* to run in a chroot jail. The default is + Instruct *anytun-controld* to run in a chroot jail. The default is to not run in chroot. *-P, --write-pid ''*:: - Instruct *anytun-controld* to write it's pid to this file. The default is + Instruct *anytun-controld* to write it's pid to this file. The default is to not create a pid file. *-L, --log ':[,[,[..]]]'*:: add log target to logging system. This can be invoked several times - in order to log to different targets at the same time. Every target + in order to log to different targets at the same time. Every target hast its own log level which is a number between 0 and 5. Where 0 means disabling log and 5 means debug messages are enabled. + The file target can be used more the once with different levels. - If no target is provided at the command line a single target with the + If no target is provided at the command line a single target with the config 'syslog:3,anytun-controld,daemon' is added. + The following targets are supported: 'syslog';; log to syslog daemon, parameters [,[,]] 'file';; log to file, parameters [,] 'stdout';; log to standard output, parameters - 'stderr';; log to standard error, parameters + 'stderr';; log to standard error, parameters *-U, --debug*:: - This option instructs *Anytun* to run in debug mode. It implicits *-D* + This option instructs *Anytun* to run in debug mode. It implicits *-D* (don't daemonize) and adds a log target with the configuration 'stdout:5' (logging with maximum level). In future releases there might be additional output when this option is supplied. @@ -77,10 +77,10 @@ OPTIONS *-X, --control-host '[:]'*:: fetch the config from this host. The default is not to use a control - host and therefore this is empty. Mind that the port can be omitted + host and therefore this is empty. Mind that the port can be omitted in which case port 2323 is used. If you want to specify an ipv6 address and a port you have to use [ and ] to separate the address - from the port, eg.: [::1]:1234. If you want to use the default port + from the port, eg.: [::1]:1234. If you want to use the default port [ and ] can be omitted. @@ -110,9 +110,8 @@ Main web site: http://www.anytun.org/ COPYING ------- -Copyright \(C) 2007-2009 Othmar Gsenger, Erwin Nindl and Christian -Pointner. This program is free software: you can redistribute it -and/or modify it under the terms of the GNU General Public License -as published by the Free Software Foundation, either version 3 of -the License, or any later version. - +Copyright \(C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl +and Christian Pointner. This program is free software: you can +redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either +version 3 of the License, or any later version. diff --git a/doc/anytun-showtables.8 b/doc/anytun-showtables.8 index 39346be..0558d9b 100644 --- a/doc/anytun-showtables.8 +++ b/doc/anytun-showtables.8 @@ -1,13 +1,13 @@ '\" t .\" Title: anytun-showtables .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.75.2 -.\" Date: 12/30/2011 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 08/26/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "ANYTUN\-SHOWTABLES" "8" "12/30/2011" "\ \&" "\ \&" +.TH "ANYTUN\-SHOWTABLES" "8" "08/26/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -79,4 +79,4 @@ Othmar Gsenger Erwin Nindl Christian Poi Main web site: http://www\&.anytun\&.org/ .SH "COPYING" .sp -Copyright (C) 2007\-2009 Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. +Copyright (C) 2007\-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. diff --git a/doc/anytun-showtables.8.txt b/doc/anytun-showtables.8.txt index 13070a4..ea74998 100644 --- a/doc/anytun-showtables.8.txt +++ b/doc/anytun-showtables.8.txt @@ -65,8 +65,8 @@ Main web site: http://www.anytun.org/ COPYING ------- -Copyright \(C) 2007-2009 Othmar Gsenger, Erwin Nindl and Christian -Pointner. This program is free software: you can redistribute it -and/or modify it under the terms of the GNU General Public License -as published by the Free Software Foundation, either version 3 of -the License, or any later version. +Copyright \(C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl +and Christian Pointner. This program is free software: you can +redistribute it and/or modify it under the terms of the GNU General +Public License as published by the Free Software Foundation, either +version 3 of the License, or any later version. diff --git a/doc/anytun.8 b/doc/anytun.8 index 964392a..93e61c3 100644 --- a/doc/anytun.8 +++ b/doc/anytun.8 @@ -1,13 +1,13 @@ '\" t .\" Title: anytun .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.75.2 -.\" Date: 12/30/2011 +.\" Generator: DocBook XSL Stylesheets v1.78.1 +.\" Date: 08/26/2014 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "ANYTUN" "8" "12/30/2011" "\ \&" "\ \&" +.TH "ANYTUN" "8" "08/26/2014" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -505,4 +505,4 @@ Othmar Gsenger Erwin Nindl Christian Poi Main web site: http://www\&.anytun\&.org/ .SH "COPYING" .sp -Copyright (C) 2007\-2009 Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. +Copyright (C) 2007\-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl and Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&. diff --git a/doc/anytun.8.txt b/doc/anytun.8.txt index 00d3e91..7896dcd 100644 --- a/doc/anytun.8.txt +++ b/doc/anytun.8.txt @@ -68,7 +68,7 @@ passed to the daemon: instead of becoming a daemon which is the default. *-u, --username ''*:: - run as this user. If no group is specified (*-g*) the default group of + run as this user. If no group is specified (*-g*) the default group of the user is used. The default is to not drop privileges. *-g, --groupname ''*:: @@ -76,30 +76,30 @@ passed to the daemon: The default is to not drop privileges. *-C, --chroot ''*:: - Instruct *Anytun* to run in a chroot jail. The default is + Instruct *Anytun* to run in a chroot jail. The default is to not run in chroot. *-P, --write-pid ''*:: - Instruct *Anytun* to write it's pid to this file. The default is + Instruct *Anytun* to write it's pid to this file. The default is to not create a pid file. *-L, --log ':[,[,[..]]]'*:: add log target to logging system. This can be invoked several times - in order to log to different targets at the same time. Every target + in order to log to different targets at the same time. Every target hast its own log level which is a number between 0 and 5. Where 0 means disabling log and 5 means debug messages are enabled. + The file target can be used more the once with different levels. - If no target is provided at the command line a single target with the + If no target is provided at the command line a single target with the config 'syslog:3,anytun,daemon' is added. + The following targets are supported: 'syslog';; log to syslog daemon, parameters [,[,]] 'file';; log to file, parameters [,] 'stdout';; log to standard output, parameters - 'stderr';; log to standard error, parameters + 'stderr';; log to standard error, parameters *-U, --debug*:: - This option instructs *Anytun* to run in debug mode. It implicits *-D* + This option instructs *Anytun* to run in debug mode. It implicits *-D* (don't daemonize) and adds a log target with the configuration 'stdout:5' (logging with maximum level). In future releases there might be additional output when this option is supplied. @@ -144,7 +144,7 @@ passed to the daemon: This option is only needed for tunnel endpoints consisting of multiple anycast hosts. The unicast IP address of the anycast host can be used here. This is needed for - communication with the other anycast hosts. The default is to + communication with the other anycast hosts. The default is to not use a special inteface and just bind on all interfaces. However this is only the case if synchronisation is active see *--sync-port*. @@ -170,15 +170,15 @@ passed to the daemon: disabled and therefore this is empty. Mind that the port can be omitted in which case port 2323 is used. If you want to specify an ipv6 address and a port you have to use [ and ] to separate the address - from the port, eg.: [::1]:1234. If you want to use the default port + from the port, eg.: [::1]:1234. If you want to use the default port [ and ] can be omitted. *-X, --control-host '[:]'*:: fetch the config from this host. The default is not to use a control - host and therefore this is empty. Mind that the port can be omitted + host and therefore this is empty. Mind that the port can be omitted in which case port 2323 is used. If you want to specify an ipv6 address and a port you have to use [ and ] to separate the address - from the port, eg.: [::1]:1234. If you want to use the default port + from the port, eg.: [::1]:1234. If you want to use the default port [ and ] can be omitted. *-d, --dev ''*:: @@ -200,7 +200,7 @@ passed to the daemon: '';; the prefix length of the network *-x, --post-up-script '