With pleasure we announce the release of tinc versions 1.0.34. Here is a
summary of the changes in tinc 1.0.34:
* Fix a potential segmentation fault when connecting to an IPv6 peer via a
proxy.
* Minor improvements to the build system.
* Make the systemd service file identical to the one from the 1.1 branch.
* Fix a potential problem causing IPv4 sockets to not work on macOS.
Thanks to Maximilian Stein and Wang Liu Shuai for their contributions to
this version of tinc.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20180612/0d4053a3/attachment.sig>
Hello, OpenWrt packages upgraded for 1.0.34 Cheers, Saverio 2018-06-12 17:00 GMT+02:00 Guus Sliepen <guus at tinc-vpn.org>:> With pleasure we announce the release of tinc versions 1.0.34. Here is a > summary of the changes in tinc 1.0.34: > > * Fix a potential segmentation fault when connecting to an IPv6 peer via a > proxy. > * Minor improvements to the build system. > * Make the systemd service file identical to the one from the 1.1 branch. > * Fix a potential problem causing IPv4 sockets to not work on macOS. > > Thanks to Maximilian Stein and Wang Liu Shuai for their contributions to > this version of tinc. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus at tinc-vpn.org> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
On Tue, Jun 12, 2018 at 4:00 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:> * Fix a potential segmentation fault when connecting to an IPv6 peer via aproxy.> * Make the systemd service file identical to the one from the 1.1 branch.The default in the package (and as packaged by Debian) is to run tinc as root. It's quite easy to run tinc as a normal user by doing: ExecStart=/usr/sbin/tincd --user=tinc -n %i -D and then having /etc/tinc be owned by the tinc user. Why isn't this the recommended default? Tinc listens on public interfaces to be useful and can have potentially exploitable bugs (as can also be seen in this version). Cheers, Pedro
Hi I need to add a "Port=" command to my host file as I need to use different UDP and TCP ports when connecting to the host because of a firewall in the middle. When I do this in Linux, it correctly identifies and uses different ports for TCP and UDP when connecting to the remote host. However with the version in pfSense, it seems to ignore the "Port = xxx" line - I don't see any traffic being tried on the specified port (using tcpdump on the pfSense command line). I can confirm it is added to the hosts file. Anyone else tried this or know what's happening? Thanks Peter -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180911/88f13a88/attachment.html>