Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
48 files changed:
Adrien Béraud, Guillaume Jacquenot, SunDwarf - python basE91 library
Joey Hess - some elements of the Debian packaging
Miquel van Smoorenburg, Ian Murdock - original init script example
Adrien Béraud, Guillaume Jacquenot, SunDwarf - python basE91 library
Joey Hess - some elements of the Debian packaging
Miquel van Smoorenburg, Ian Murdock - original init script example
+
+
+--
+This file is part of secnet.
+See LICENCE and this file CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
networks 192.168.73.0/24 192.168.1.0/24 172.19.71.0/24
address sinister.dynamic.greenend.org.uk 51396
pubkey 1024 35 142982503......[lots more].....0611 steve@sinister
networks 192.168.73.0/24 192.168.1.0/24 172.19.71.0/24
address sinister.dynamic.greenend.org.uk 51396
pubkey 1024 35 142982503......[lots more].....0611 steve@sinister
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
interrupted by a restart is limited to the key exchange total
retransmission timeout, rather than also including the key exchange
retry timeout.
interrupted by a restart is limited to the key exchange total
retransmission timeout, rather than also including the key exchange
retry timeout.
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
each other in the effects specified in POSIX.1-2017 when they
operate on regular files or symbolic links:
... rename ... open ...
each other in the effects specified in POSIX.1-2017 when they
operate on regular files or symbolic links:
... rename ... open ...
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
Make explicit in the documentation that -n causes all log output to go
to stderr. Provide an option that is _really_ just "don't fork()" for
people who want to run secnet from init.
Make explicit in the documentation that -n causes all log output to go
to stderr. Provide an option that is _really_ just "don't fork()" for
people who want to run secnet from init.
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
complains about 'reverse skew' - replays of packets that are too
old. 'Forward skew' (gaps in the sequence numbers of received packets)
is now tolerated silently, to cope with large amounts of packet loss.
complains about 'reverse skew' - replays of packets that are too
old. 'Forward skew' (gaps in the sequence numbers of received packets)
is now tolerated silently, to cope with large amounts of packet loss.
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
map:
applies the closure specified as arg1 to each of the elements in the list.
Returns a list made up of the outputs of the closure.
map:
applies the closure specified as arg1 to each of the elements in the list.
Returns a list made up of the outputs of the closure.
+
+
+* Legal
+
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
using ⌘B.
Richard Kettlewell 2011-07-23
using ⌘B.
Richard Kettlewell 2011-07-23
+
+
+--
+This file is part of secnet.
+See LICENCE and this file CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
named `netlink' used to set the `link' key in each site
definition. Usually, this will be constructed by a partial
application of the built-in `userv-ipif' or `tun' closures.
named `netlink' used to set the `link' key in each site
definition. Usually, this will be constructed by a partial
application of the built-in `userv-ipif' or `tun' closures.
+
+
+
+
+--
+This file is part of secnet.
+See LICENCE and this file CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
&TARGETS_check +=
&TARGETS_fullcheck +=
&TARGETS_check +=
&TARGETS_fullcheck +=
global:
consider using liboop for the event loop
global:
consider using liboop for the event loop
+
+
+--
+This file is part of secnet.
+See LICENCE and this file CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
+/*
+ * This file is part of secnet.
+ * See LICENCE and this file CREDITS for full list of copyright holders.
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ * There is NO WARRANTY.
+ */
+
%token TOK_STRING
%token TOK_NUMBER
%token TOK_KEY
%token TOK_STRING
%token TOK_NUMBER
%token TOK_KEY
+/*
+ * This file is part of secnet.
+ * See LICENCE and this file CREDITS for full list of copyright holders.
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ * There is NO WARRANTY.
+ */
+
#include "eax-test.h"
#include "serpent.h"
/* multiple-inclusion protection means that serpent.h's inclusion
#include "eax-test.h"
#include "serpent.h"
/* multiple-inclusion protection means that serpent.h's inclusion
# secnet example configuration file
# secnet example configuration file
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
# Log facility
# If you use this unaltered you should consider providing automatic log
# rotation for /var/log/secnet. secnet will close and re-open its logfiles
# Log facility
# If you use this unaltered you should consider providing automatic log
# rotation for /var/log/secnet. secnet will close and re-open its logfiles
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
&DEPS += &~/make-secnet-sites
&DEPS += &~/ipaddrset.py
&DEPS += &~/make-secnet-sites
&DEPS += &~/ipaddrset.py
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
vpn test-example
location inside root
site inside
vpn test-example
location inside root
site inside
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
vpn test-example
location outside root
site outside
vpn test-example
location outside root
site outside
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
source test-common.tcl
proc mss-program {} {
source test-common.tcl
proc mss-program {} {
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
location outside Goutside
restrict-nets 172.18.232.0/29
location outside Goutside
restrict-nets 172.18.232.0/29
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
vpn test-example
contact header@example.com
dh 8db5f2c15ac96d9f3382d1ef4688fba14dc7908ae7dfd71a9cfe7f479a75d506dc53f159aeaf488bde073fe544bc91c099f101fcf60074f30c06e36263c03ca9e07931ce3fc235fe1171dc6d9316fb097bd4362891e2c36e234e7c16b038fd97b1f165c710e90537de66ee4f54001f5712b050d4e07de3fba07607b19b64f6c3 2
vpn test-example
contact header@example.com
dh 8db5f2c15ac96d9f3382d1ef4688fba14dc7908ae7dfd71a9cfe7f479a75d506dc53f159aeaf488bde073fe544bc91c099f101fcf60074f30c06e36263c03ca9e07931ce3fc235fe1171dc6d9316fb097bd4362891e2c36e234e7c16b038fd97b1f165c710e90537de66ee4f54001f5712b050d4e07de3fba07607b19b64f6c3 2
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
# usage
# ../parallel-bisect.sh
# usage
# ../parallel-bisect.sh
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
# usage
# ../parallel-bisect.sh
#
# usage
# ../parallel-bisect.sh
#
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
# best to run this in a git-worktree
# example runes in main tree:
# git-branch -f pretest && git-branch -f tested `git-merge-base HEAD tested` && git-checkout wip
# best to run this in a git-worktree
# example runes in main tree:
# git-branch -f pretest && git-branch -f tested `git-merge-base HEAD tested` && git-checkout wip
+/*
+ * This file is part of secnet.
+ * See LICENCE and this file CREDITS for full list of copyright holders.
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ * There is NO WARRANTY.
+ */
+
#ifndef serpent_h
#define serpent_h
#ifndef serpent_h
#define serpent_h
+/*
+ * This file is part of secnet.
+ * See LICENCE and this file CREDITS for full list of copyright holders.
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ * There is NO WARRANTY.
+ */
+
#define SERPENT_BIGENDIAN
#include "serpent.c"
#define SERPENT_BIGENDIAN
#include "serpent.c"
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
&TARGETS += & udp-preload.so
&TARGETS += & udp-preload.so
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
source test-common.tcl
package require Tclx
source test-common.tcl
package require Tclx
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
set oldsecnet(inside) 1
source stest/t-nonnego-on
set oldsecnet(inside) 1
source stest/t-nonnego-on
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
set oldsecnet(inside) 1
set initiator outside
source stest/t-nonnego-on
set oldsecnet(inside) 1
set initiator outside
source stest/t-nonnego-on
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
proc prefix_some_path {pathvar entry} {
global env
proc prefix_some_path {pathvar entry} {
global env
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
&TARGETS += & sites.conf sites-nonego.conf
include common.make
&TARGETS += & sites.conf sites-nonego.conf
include common.make
+/*
+ * This file is part of secnet.
+ * See LICENCE and this file CREDITS for full list of copyright holders.
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ * There is NO WARRANTY.
+ */
+
/*
test-example/bogus-setup-request 127.0.0.1 19098 test-example/inside/inside 127.0.0.1 16096 test-example/outside/outside
*/
/*
test-example/bogus-setup-request 127.0.0.1 19098 test-example/inside/inside 127.0.0.1 16096 test-example/outside/outside
*/
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
log logfile {
filename "/dev/tty";
class "info","notice","warning","error","security","fatal";
log logfile {
filename "/dev/tty";
class "info","notice","warning","error","security","fatal";
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
set -e
echo >&2 "$0: invoked as $0 $*"
shift
set -e
echo >&2 "$0: invoked as $0 $*"
shift
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
comm polypath {
buffer sysbuffer(4096);
monitor-command "./polypath-interface-monitor-linux";
comm polypath {
buffer sysbuffer(4096);
monitor-command "./polypath-interface-monitor-linux";
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
netlink userv-ipif {
name "netlink-ipif"; # Printed in log messages from this netlink
local-address "172.18.232.1";
netlink userv-ipif {
name "netlink-ipif"; # Printed in log messages from this netlink
local-address "172.18.232.1";
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
netlink userv-ipif {
name "netlink-ipif"; # Printed in log messages from this netlink
local-address "172.18.232.1";
netlink userv-ipif {
name "netlink-ipif"; # Printed in log messages from this netlink
local-address "172.18.232.1";
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
netlink tun {
name "netlink-tun"; # Printed in log messages from this netlink
local-address "172.18.232.1";
netlink tun {
name "netlink-tun"; # Printed in log messages from this netlink
local-address "172.18.232.1";
+# This file is part of secnet.
+# See LICENCE and this file CREDITS for full list of copyright holders.
+# SPDX-License-Identifier: GPL-3.0-or-later
+# There is NO WARRANTY.
+
vpn test-example
contact devnull@example.com
dh 8db5f2c15ac96d9f3382d1ef4688fba14dc7908ae7dfd71a9cfe7f479a75d506dc53f159aeaf488bde073fe544bc91c099f101fcf60074f30c06e36263c03ca9e07931ce3fc235fe1171dc6d9316fb097bd4362891e2c36e234e7c16b038fd97b1f165c710e90537de66ee4f54001f5712b050d4e07de3fba07607b19b64f6c3 2
vpn test-example
contact devnull@example.com
dh 8db5f2c15ac96d9f3382d1ef4688fba14dc7908ae7dfd71a9cfe7f479a75d506dc53f159aeaf488bde073fe544bc91c099f101fcf60074f30c06e36263c03ca9e07931ce3fc235fe1171dc6d9316fb097bd4362891e2c36e234e7c16b038fd97b1f165c710e90537de66ee4f54001f5712b050d4e07de3fba07607b19b64f6c3 2