With pleasure we announce the release of tinc version 1.1pre10. Here is a
summary of the changes:
* Added a benchmark tool (sptps_speed) for the new protocol.
* Fixed a crash when using Name = $HOST while $HOST is not set.
* Use AES-256-GCM for the new protocol.
* Updated support for Solaris.
* Allow running tincd without a private ECDSA key present when
ExperimentalProtocol is not explicitly set.
* Enable various compiler hardening flags by default.
* Added support for a "conf.d" configuration directory.
* Fix tinc-gui on Windows, also allowing it to connect to a 32-bits tincd when
tinc-gui is run in a 64-bits Python environment.
* Added a "ListenAddress" option, which like BindToAddress adds more
listening
address/ports, but doesn't bind to them for outgoing sockets.
* Make invitations work better when the "invite" and "join"
commands are not
run interactively.
* When creating meta-connections to a node for which no Address statement is
specified, try to use addresses learned from other nodes.
Thanks to Dennis Joachimsthaler and Florent Clairambault for their contribution
to this version of tinc.
Please note that although tinc 1.1pre10 is backwards compatible with tinc 1.0.x,
it is NOT compatible with tinc 1.1pre1 through 1.1pre9.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20140207/c0d80c16/attachment.sig>
Does this means that when upgrading from 1.1pre9 vpn, all nodes have to be updated at once or will it fallback to old protocol for 1.1pre9 nodes? -rsd 2014-02-07 19:57 GMT-02:00 Guus Sliepen <guus at tinc-vpn.org>:> With pleasure we announce the release of tinc version 1.1pre10. Here is a > summary of the changes: > > * Added a benchmark tool (sptps_speed) for the new protocol. > > * Fixed a crash when using Name = $HOST while $HOST is not set. > > * Use AES-256-GCM for the new protocol. > > * Updated support for Solaris. > > * Allow running tincd without a private ECDSA key present when > ExperimentalProtocol is not explicitly set. > > * Enable various compiler hardening flags by default. > > * Added support for a "conf.d" configuration directory. > > * Fix tinc-gui on Windows, also allowing it to connect to a 32-bits tincd when > tinc-gui is run in a 64-bits Python environment. > > * Added a "ListenAddress" option, which like BindToAddress adds more listening > address/ports, but doesn't bind to them for outgoing sockets. > > * Make invitations work better when the "invite" and "join" commands are not > run interactively. > > * When creating meta-connections to a node for which no Address statement is > specified, try to use addresses learned from other nodes. > > Thanks to Dennis Joachimsthaler and Florent Clairambault for their contribution > to this version of tinc. > > Please note that although tinc 1.1pre10 is backwards compatible with tinc 1.0.x, > it is NOT compatible with tinc 1.1pre1 through 1.1pre9. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus at tinc-vpn.org> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
I'm having trouble compiling this. I typically create a static binary for mips devices for use in routers of different firmwares. Typically I create static libraries on which tinc is dependent (lzo zlib openssl ncurses readline) . In this release, tinc doesn't see the static libraries, just the development .h files when running ./configure. So I compiled static and shared libraries, so it will make it through the configure script. Then when I compile tinc I run make LIBS="-static -lcrypto -ldl -llzo2 -lz" and this typcically will give me static binaries. But with pre10 I get this. /opt/entware-toolchain/lib/gcc/mipsel-linux-uclibc/4.6.4/../../../../mipsel-linux-uclibc/bin/ld: /opt/entware-toolchain/lib/gcc/mipsel-linux-uclibc/4.6.4/crtbeginT.o: relocation R_MIPS_HI16 against `a local symbol' can not be used when making a shared object; recompile with -fPIC /opt/entware-toolchain/lib/gcc/mipsel-linux-uclibc/4.6.4/crtbeginT.o: could not read symbols: Bad value I think maybe it's trying to static link to libc. For some reason this release is hating anything I try to link statically. -Lance Fredrickson On 2/7/2014 2:57 PM, Guus Sliepen wrote:> With pleasure we announce the release of tinc version 1.1pre10. Here is a > summary of the changes: > > * Added a benchmark tool (sptps_speed) for the new protocol. > > * Fixed a crash when using Name = $HOST while $HOST is not set. > > * Use AES-256-GCM for the new protocol. > > * Updated support for Solaris. > > * Allow running tincd without a private ECDSA key present when > ExperimentalProtocol is not explicitly set. > > * Enable various compiler hardening flags by default. > > * Added support for a "conf.d" configuration directory. > > * Fix tinc-gui on Windows, also allowing it to connect to a 32-bits tincd when > tinc-gui is run in a 64-bits Python environment. > > * Added a "ListenAddress" option, which like BindToAddress adds more listening > address/ports, but doesn't bind to them for outgoing sockets. > > * Make invitations work better when the "invite" and "join" commands are not > run interactively. > > * When creating meta-connections to a node for which no Address statement is > specified, try to use addresses learned from other nodes. > > Thanks to Dennis Joachimsthaler and Florent Clairambault for their contribution > to this version of tinc. > > Please note that although tinc 1.1pre10 is backwards compatible with tinc 1.0.x, > it is NOT compatible with tinc 1.1pre1 through 1.1pre9. > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140210/0716c37c/attachment.html>