projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add a new --syslog option for tincd.
[tinc]
/
README
diff --git
a/README
b/README
index
1566af9
..
03b74b1
100644
(file)
--- a/
README
+++ b/
README
@@
-1,7
+1,7
@@
-This is the README file for tinc version 1.1pre
3
. Installation
+This is the README file for tinc version 1.1pre
10
. Installation
instructions may be found in the INSTALL file.
instructions may be found in the INSTALL file.
-tinc is Copyright (C) 1998-201
2
by:
+tinc is Copyright (C) 1998-201
4
by:
Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>,
Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>,
@@
-22,7
+22,7
@@
Please note that this is NOT a stable release. Until version 1.1.0 is released,
please use one of the 1.0.x versions if you need a stable version of tinc.
Although tinc 1.1 will be protocol compatible with tinc 1.0.x, the
please use one of the 1.0.x versions if you need a stable version of tinc.
Although tinc 1.1 will be protocol compatible with tinc 1.0.x, the
-functionality of the tinc
ctl
program may still change, and the control socket
+functionality of the tinc program may still change, and the control socket
protocol is not fixed yet.
protocol is not fixed yet.
@@
-36,11
+36,11
@@
at your own risk.
Compatibility
-------------
Compatibility
-------------
-Version 1.1pre
3
is compatible with 1.0pre8, 1.0 and later, but not with older
+Version 1.1pre
10
is compatible with 1.0pre8, 1.0 and later, but not with older
versions of tinc.
When the ExperimentalProtocol option is used, tinc is still compatible with
versions of tinc.
When the ExperimentalProtocol option is used, tinc is still compatible with
-1.0.X and 1.1pre
3
itself, but not with any other 1.1preX version.
+1.0.X and 1.1pre
10
itself, but not with any other 1.1preX version.
Requirements
Requirements
@@
-49,7
+49,8
@@
Requirements
In order to compile tinc, you will need a GNU C compiler environment. Please
ensure you have the latest stable versions of all the required libraries:
In order to compile tinc, you will need a GNU C compiler environment. Please
ensure you have the latest stable versions of all the required libraries:
-- OpenSSL (http://www.openssl.org/) version 1.0.0 or later.
+- OpenSSL (http://www.openssl.org/) version 1.0.0 or later, with support for
+ elliptic curve cryptography (ECC) and Galois counter mode (GCM) enabled.
The following libraries are used by default, but can be disabled if necessary:
The following libraries are used by default, but can be disabled if necessary:
@@
-71,8
+72,8
@@
be forwarded by intermediate nodes.
By default, nodes authenticate each other using 2048 bit RSA (or 521 bit
ECDSA*) keys. Traffic is encrypted using Blowfish in CBC mode (or AES-256 in
By default, nodes authenticate each other using 2048 bit RSA (or 521 bit
ECDSA*) keys. Traffic is encrypted using Blowfish in CBC mode (or AES-256 in
-CTR mode*), authenticated using HMAC-SHA1 (or HMAC-SHA-256*), and is protected
-
against
replay attacks.
+GCM mode*), authenticated using HMAC-SHA1 (or GCM*), and is protected against
+replay attacks.
*) When using the ExperimentalProtocol option.
*) When using the ExperimentalProtocol option.
@@
-88,6
+89,6
@@
Windows environment this means tinc will intall itself as a service, which will
restart after reboots. To prevent tinc from detaching or running as a service,
use the -D option.
restart after reboots. To prevent tinc from detaching or running as a service,
use the -D option.
-The status of the VPN can be queried using the "tinc
ctl" tool
, which connects
+The status of the VPN can be queried using the "tinc
" command
, which connects
to a running tinc daemon via a control connection. The same tool also makes it
easy to start and stop tinc, and to change its configuration.
to a running tinc daemon via a control connection. The same tool also makes it
easy to start and stop tinc, and to change its configuration.