similar to: exact insecurity of --bypass-security ?

I'm using Tinc 1.1pre14 and I'm trying to connect a node that is behind a firewall that blocks all non-standard ports. I set up a rule in the server to redirect port 25 (that is not used in the server right now) to port 655, both in tcp and udp protocols, and set up the port 25 in the server host configuration file. The client can reach the server, but after the initial sync and key

Hello! We are synching some server data (websites, logfiles, ...) with rsync via ssh and are detecting a weird problem: Certain files and directories, apparently those who are regulary rsynced over the WAN, tend to use far too many blocks, e.g.: stat from file on server: File: `bilder.html' Size: 2009 Blocks: 288 IO Block: 4096 regular file [...] The same file (a fresh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hello! i would like to use tinc with public keys which are extracted from x509 certificates. the only public key format i was able to extract from certificates with openssl commands looked like this: - -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwXDZs8EBb/JyZ9daB3Zk9WHxD

Hello. I found that anonymous structures does not work on gcc-2.95. If you guys want to support a bit older platforms I suggest fixing it. You can check out patch I created to fix this issue. I just added 2 extra structures to remove anonymous structs inside connection_status_t and node_status_t. Patch is here: ftp://borg.uu3.net/pub/unix/tinc/tinc.patch Attaching it as well. Regards, Borg

Dear tinc stuff I tried to install the tinc. In the Fist Step, I install the OpenSSL-0.9.7b. 1, Go to OpenSSL-0.9.7 directory 2, ./Configure 3, make 4, make test 5, make install 2nd step, Install the tinc-1.0.1 Type "./configre" in the /usr/src/tinc-1.0.1/. Consle showed "checking EVP_EncryptInit_ex... no" and configure error. Error Message: configure:

Hi, I've got the following error when tried to compile tinc-1.0.24: gcc -g -O2 -pie -L/opt/local/lib -o tincd avl_tree.o conf.o connection.o dropin.o dummy_device.o edge.o event.o fake-getaddrinfo.o fake-getnameinfo.o getopt.o getopt1.o graph.o list.o logger.o meta.o multicast_device.o net.o net_packet.o net_setup.o net_socket.o netutl.o node.o pidfile.o process.o protocol.o

Hello, this does not seems to work on winXP, does it? Axel Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/

Hi together! We use dovecot under Debian wheezy amd64, using the repository ... deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2 main Yesterday's routine upgrade to version 2:2.2.13-1~auto+130 (or some other upgrade that came along from Debian?) introduced a problem with mail delivery, which I was able to track down to a crash of dovecot-lda. Whenever I do something like ...

Hello folks. We are trying to interconnect an asterisk installation with a gnugk 2.0.5 installation to become able to use some H323 hardware that needs a gatekeeper (particulary an Ericsson WebSwitch 100). We have managed asterisk to dial H323 endpoints successfully (although calls are interrupted immediately after connection with "spawn extension exited non-zero"), but we could not

Hello, should the cvs trunk compile? a configure first gave me errors. I had to replace any appearance of "[config.h]" to config.h in the Makefile. Then a make did not finish: make[2]: Entering directory `/usr/src/tinc/lib' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/usr/src/tinc/lib' Making all in src make[2]: Entering directory

On Mon, Feb 23, 2004 at 03:58:13PM +0000, Karl Heyes wrote: > On Mon, 2004-02-23 at 15:35, Jerome Alet wrote: > > > The only solution I can think of is to manually modify the > > automatically generated makefiles, which is IMHO completely stupid. > > Assuming gcc is used (the default many cases) and provided you have the > static libs installed, you should be able to

Here's someone that felt the need to put something better together. ---------- Forwarded message ---------- Date: Mon, 13 Jul 1998 04:22:15 -0400 From: Richard Thomas <rthomas@sy.net> To: BUGTRAQ@NETSPACE.ORG Subject: Slackware Shadow Insecurity Discovered by Ted Hickman: Recently I noticed something rather "insecure" about the slackware 3.4 /bin/login (and probably other

I checked and I do have the openssl-devel rpm installed SuSE 8.2 openssl-devel-0.9.6i-12 openssl-0.9.61-19 dovecot 0.99.10 ./configure --with-ssl-openssl At the end of the configuration it says ssl support == 'no' :(... I was able to get pam support by picking up the pam-devel modules as suggested. But I got stuck here. After reading up a bit on imap, it seems reasonable to have

I got the file that was sent to me the other day. Unfortunitly it did not solve my problems. After a lot of hacking I have been able to get release 1.0 to almost compile. I have finally gotten all of the dependancies worked out under OpenBSD 3.2. This next error has me stumped. I can tell that it is looking for a file but have no idea how to create the file. This is the output of the the

Hi, I'm using tinc for ~ 2 years now and I'm very happy with it (thanks to the makers - this is very good program to use). Anyway everytime I build I have this odd problem and until now I always found a way to solve it but now I'm really stuck. I'm trying to build tinc-pre7 and I always reach to this error on configure: --------------------- checking for RAND_pseudo_bytes... no

I believe the reason why you're experiencing this problem is because tinc does not use the connection TCP port to determine which port to send UDP packets to. Instead, it uses the port that is *advertised* by the other node. https://github.com/gsliepen/tinc/blob/06b820133285f83f7e1a839cccbed13358b84081/src/protocol_auth.c#L886 That means that if node A is configured with UDP port 655,

Dear developers, I am interested in understanding in more details how tinc's metaprotocol works. I apologize in advance if this was already described somewhere, I could not find it in the mailing list archive. So let's say machine A has a Address= ip.b.example and manages to contact server B via the meta connection. 1) Then B's tinc daemon will send to A edge and subnet

Hi, I have macosx 10.5.8 and Tunnelblick (openvpn) installed before. I have installed tinc using port and got version 1.0.11 (Jun 29 2010 15:10:51) now I have 2 problems: 1) the interface variable from the tinc.conf is not used, instead I have a tun0 interface (or tap0). 2) the tinc-up script seems to be fired too early as I get an error: ifconfig: interface /dev/tap0 does not exist when I run

Hi, So my Debian machines are all using the follow cipher + digest: Cipher = chacha20-poly1305 Digest = blake2b512 However my OpenWRT router does not have chacha20-poly1305 and blake2b512 in its SSL library, so it uses the following: Cipher = aes-128-cbc Digest = sha512 I am a bit surprised that the router's tinc manages to talk to Debian's tinc, when I set a cipher suite that the