Main tinc authors:
-
Guus Sliepen <guus@tinc-vpn.org>
-Ivo Timmermans <ivo@tinc-vpn.org>
-
-Also some of the macro files in the directory m4 were taken from GNU fileutils.
+Ivo Timmermans (inactive)
-Please see the file THANKS for more information on contributions from users.
+Please see the file THANKS for more information on contributions from
+users.
+version 1.0.5 Nov 14 2006
+
+ * Lots of small fixes.
+
+ * Broadcast packets no longer grow in size with each hop. This should
+ fix switch mode (again).
+
+ * Generic host-up and host-down scripts.
+
+ * Optionally dump graph in graphviz format to a file or a script.
+
+ * Support LZO 2.0 and later.
+
+version 1.0.4 May 4 2005
+
+ * Fix switch and hub modes.
+
+ * Optionally start scripts when a Subnet becomes (un)reachable.
+
+version 1.0.3 Nov 11 2004
+
+* Show error message when failing to write a PID file.
+
+* Ignore spaces at end of lines in config files.
+
+* Fix handling of late packets.
+
+* Unify BSD tun/tap device handling. This allows IPv6 on tun devices and
+ anything on tap devices as long as the underlying OS supports it.
+
+* Handle IPv6 on Solaris tun devices.
+
+* Allow tinc to work properly under Windows XP SP2.
+
+* Allow VLAN tagged Ethernet frames in switch and hub mode.
+
+* Experimental PMTUDiscovery, TunnelServer and BlockingTCP options.
+
version 1.0.2 Nov 8 2003
* Fix address and hostname resolving under Windows.
-This is the README file for tinc version 2.0. Installation
-instructions may be found in the INSTALL file.
+This is the README file for tinc version 2.0. Installation instructions may be
+found in the INSTALL file.
-tinc is Copyright (C) 1998-2004 by:
+tinc is Copyright (C) 1998-2006 by:
-Ivo Timmermans <ivo@tinc-vpn.org>,
+Ivo Timmermans,
Guus Sliepen <guus@tinc-vpn.org>,
and others.
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version. See the file COPYING for more details.
-Security statement
-------------------
-Revamped.
+About tinc 2.0
+--------------
+Compared to older versions of tinc, the security will be improved. This version
+will use the TLS protocol to set up connections between tinc daemons. Not only
+is this more secure than our own protocol we used in former versions of tinc,
+it also allows, thanks to the GNUTLS library, different ways to authenticate:
-Compatibility
--------------
+- X.509 certificates allow trust to be governed by a certificate authority,
+ ideal when trust is to be managed centrally.
-Version 2.0 is not compatible with older version.
+- OpenPGP certificates allow trust to be done in a peer-to-peer way, ideal when
+ there is no central authority.
+- SRP allows a tinc daemon to authenticate itself with a username and password.
+ Ideal for a client/server setup.
+
+Furthermore, tinc will be split into a few components. The "tincd" from 1.0
+will remain, but will purely be a daemon that runs in the backgrounds and that
+manages a peer-to-peer VPN. A "tinc" binary will be used to set up, configure,
+start/stop and monitor a running tincd. A tinc client daemon will be created
+that will only be able to connect to one other tincd, thereby greatly
+simplifying it, but will have features added that are interesting for clients,
+for example pulling configuration from a tincd. There will also be one or more
+GUI versions of the tinc binary.
+
+Tinc 2.0 will not be compatible with older versions.
Requirements
------------
-Gnutls, gcrypt, zlib, lzo.
+- GNUTLS 1.6.0 or later.
+- Gcrypt 1.4.0 or later.
+- LZO 2.0 or later.
+- Libevent 1.1 or later.
In order to compile tinc, you will need a GNU C compiler environment.
-
-
-Features
---------
-
-Kitchen sink and LRF support.
-
--- /dev/null
+Before you can start compiling tinc from a clean Subversion checkout, you have
+to install the very latest versions of the following packages:
+
+- GNUTLS
+- Gcrypt
+- LZO
+- libevent
+- GCC
+- automake
+- autoconf
+- gettext
+
+Then you have to let the autotools create all the autogenerated files, using
+this command:
+
+autoreconf -f -s -i
+
+If you change configure.ac or any Makefile.am file, you will have to rerun
+autoreconf. After this, you can run configure and make as usual. To create a
+tarball suitable for release, run:
+
+make dist
+
+To clean up your working copy so that no autogenerated files remain, run:
+
+make svn-clean
-We would like to thank
+We would like to thank the following people for their contributions to tinc:
- * Hans Bayle (for making some useful coding suggestions and fixing a
- bug or two)
- * Lubomír Bulej (for the Redhat system init script)
- * Wessel Dankers (for the name `tinc' and various suggestions)
- * Mads Kiilerich (for finding some bugs and some errors in the
- documentation, and for making several suggestions to make it all
- more userfriendly, and the Redhat package)
- * James MacLean (for fixing several mission critical bugs, and for
- giving me a few good ideas, and, most of all, for the wonderful
- testing and debugging)
- * Robert van der Meulen (early configuration code)
- * Cris van Pelt (small fixes)
- * Enrique Zanardi (for the Spanish translation)
- * Matias Carrasco (for the Spanish translation of the manual)
- * Jamie Briggs (for finding a lot of socket leaks)
- * Armijn Hemel (for being our very own PR manager)
- * Jerome Etienne (for a thorough security analysis of tinc)
- * Mark Glines (for his compression patch)
- * Nick Patavalis (RedHat package)
- * Alessandro Gatti (for helping us support Darwin)
- * Ivo van Dong (for help during the early versions of tinc)
- * Jeroen Ubbink (for help testing tinc on Free- and NetBSD)
- * LarstiQ (for help testing tinc on MacOS/X)
- * Marc A. Lehmann (for criticism)
- * Teemu Kiviniemi (for his lzo compression patch)
- * Flynn Marquardt (for help testing tinc on Solaris 2.6)
+* Alexander Reil and Gemeinde Berg
+* Allesandro Gatti
+* Andreas van Cranenburgh
+* Armijn Hemel
+* Cris van Pelt
+* Enrique Zanardi
+* Flynn Marquardt
+* Hans Bayle
+* Ivo van Dong
+* James MacLean
+* Jamie Briggs
+* Jason Harper
+* Jeroen Ubbink
+* Jerome Etienne
+* Lubomír Bulej
+* Mads Kiilerich
+* Marc A. Lehmann
+* Mark Glines
+* Markus Goetz
+* Martin Kihlgren
+* Matias Carrasco
+* Miles Nordin
+* Nick Patavalis
+* Paul Littlefield
+* Robert van der Meulen
+* Scott Lamb
+* Sven-Haegar Koch
+* Teemu Kiviniemi
+* Tonnerre Lombard
+* Wessel Dankers
+* Wouter van Heyst
-for their help, support and ideas. Thank you guys!
+And everyone we forgot. Thank you!
Ivo Timmermans
Guus Sliepen
+++ /dev/null
-TODO LIST
-
-* Finish tnl part
- - Support 1.0's way of authentication (presence of key or certificate)
- - Support signed certificates
- - Support PGP keys
- - Support SRP authentication
- - Support UDP
- - Secure PMTU detection (either 1.0's way or from a suitable RFC)
- - Support TLS resume capability
-
-* Finish rt part
- - Finish connection management
- - Finish/redo graph algorithms
- - Keep per-node statistics
- - Support multicast routing (and snooping in switch mode)
-
-* Recreate documentation
-
-* Add management interface
projects / tinc / commitdiff