Ensure all parameters have names in header files.
Realign comments.
Reformat all code using astyle.
Update all header guards. Don't start with underscores, as those are reserved for system libraries. Make sure all start with TINC_, and that they appear at the top of the file.
Releasing 1.0.29.
Ensure compatibility with OpenSSL 1.1.0.
Update copyright notices.
Add LocalDiscovery option which tries to detect peers on the local network. Currently, this is implemented by sending IPv4 broadcast packets to the LAN during path MTU discovery.
Send packets back using the same socket as they were received on.
Remove a few unnecessary #includes. Some spotted by Michael Tokarev.
Fix sparse warnings and add an extra sprinkling of const. This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1 branch.
Improved handling of queue-jumping packets on receive
Configurable ReplayWindow size, zero disables
Update copyright notices.
Be liberal in accepting KEY_CHANGED/REQ_KEY/ANS_KEY requests. When we got a key request for or from a node we don't know, we disconnected the node that forwarded us that request. However, especially in TunnelServer mode, disconnecting does not help. We now ignore such requests, but since there is no way of telling the original sender that the request was dropped, we now retry sending REQ_KEY requests when we don't get an ANS_KEY back.
Use uint32_t instead of long int for connection options. Options should have a fixed width anyway, but this also fixes a possible MinGW compiler bug where %lx tries to print a 64 bit value, even though a long int is only 32 bits.
Update the address of the Free Software Foundation in all copyright headers.
Remove all occurences of $Id$.
Ensure tinc compiles with gcc -std=c99. We use a lot of C99 features already, but also some extensions which are not in the standard.
Handle UDP packets from different and ports than advertised. Previously, tinc used a fixed address and port for each node for UDP packet exchange. The port was the one advertised by that node as its listening port. However, due to NAT the port might be different. Now, tinc sends a different session key to each node. This way, the sending node can be determined from incoming packets by checking the MAC against all session keys. If a match is found, the address and port for that node are updated.