Import release 0.1.3

[secnet.git] / INSTALL

diff --git a/INSTALL b/INSTALL
index 81292a15d202a6060bf27daf43210a6a273c2924..8ad676f3766d0174b6aace6e19b30831c9a43090 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -7,6 +7,8 @@ VERSIONS.
 PROTOCOL COMPATIBILITY WAS BROKEN BETWEEN secnet-0.06, secnet-0.07 AND
 secnet-0.08 FOR ENDIANNESS FIXES.
 
+THERE WILL BE ANOTHER CHANGE IN PROTOCOL IN THE secnet-0.1.x SERIES
+
 * Preparation
 
 ** System software support
@@ -59,15 +61,29 @@ http://www.ucam.org/cam-grin/ may be useful.
 
 * Installation
 
+If you installed the Debian package of secnet, skip to "If installing
+for the first time", below, and note that example.conf can be found in
+/usr/share/doc/secnet/examples.
+
 To install secnet do
 
 $ ./configure
 $ make
 # make install
+# mkdir /etc/secnet
+
+(Note: you may see the following warning while compiling
+conffile.tab.c; I believe this is a bison bug:
+/usr/share/bison/bison.simple: In function `yyparse':
+/usr/share/bison/bison.simple:285: warning: `yyval' might be used
+ uninitialized in this function
+)
+
+Any other warnings or errors should be reported to
+steve@greenend.org.uk.
 
 If installing for the first time, do
 
-# mkdir /etc/secnet
 # cp example.conf /etc/secnet/secnet.conf
 # cd /etc/secnet
 # ssh-keygen -f key -N ""
@@ -78,8 +94,8 @@ $ gmake CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib"
 XXX this should eventually be worked out automatically by 'configure'.]
 
 Generate a site file fragment for your site (see below), and submit it
-for inclusion in the vpn-sites file.  Download the vpn-sites file to
-/etc/secnet/sites - MAKE SURE YOU GET AN AUTHENTIC COPY because the
+for inclusion in your VPN's 'sites' file.  Download the vpn-sites file
+to /etc/secnet/sites - MAKE SURE YOU GET AN AUTHENTIC COPY because the
 sites file contains public keys for all the sites in the VPN.
 
 * Configuration
@@ -93,7 +109,7 @@ is described in the README file at the moment.
 
 You need the following information:
 
-1. a short name for your site, eg.  "greenend".  This is used to
+1. a short name for your site, eg. "greenend".  This is used to
 identify your site in the vpn-sites file.
 
 2. the name your site will use in the key setup protocol,
@@ -101,7 +117,7 @@ eg. "greenend" (these two will usually be similar or the same).
 
 3. the DNS name of the machine that will be the "front-end" for your
 secnet installation.  This will typically be the name of the gateway
-machine for your network, eg.  sinister.dynamic.greenend.org.uk
+machine for your network, eg. sinister.dynamic.greenend.org.uk
 
 secnet does not actually have to run on this machine, as long as the
 machine can be configured to forward UDP packets to the machine that
@@ -116,9 +132,9 @@ match the port number on the machine running secnet.
 6. the public part of the RSA key you generated during installation
 (in /etc/secnet/key.pub if you followed the installation
 instructions).  This file contains three numbers and a comment on one
-line.  The first number is the key length in bits, and can be ignored.
-The second number (typically small) is the encryption key 'e', and the
-third number (large) is the modulus 'n'.
+line.  The first number is the key length in bits, and should be
+ignored.  The second number (typically small) is the encryption key
+'e', and the third number (large) is the modulus 'n'.
 
 If you are running secnet on a particularly slow machine, you may like
 to specify a larger value for the key setup retry timeout than the