summaryrefslogtreecommitdiffstats
path: root/package/tinc
Commit message (Collapse)AuthorAgeFilesLines
* tinc: security bump to version 1.0.35Peter Korsgaard2018-10-092-2/+2
| | | | | | | | | | | | | | | | | | | | | Fixes the following security issues: CVE-2018-16758: Michael Yonli discovered that tinc 1.0.34 and earlier allow a man-in-the-middle attack that, even if the MITM cannot decrypt the traffic sent between the two endpoints, when the MITM can correctly predict when an ephemeral key exchange message is sent in a TCP connection between two nodes, allows the MITM to force one node to send UDP packets in plaintext. The tinc 1.1pre versions are not affected by this. CVE-2018-16738: Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34 allow an oracle attack, similar to CVE-2018-16737, but due to the mitigations put in place for the Sweet32 attack in tinc 1.0.30, it now requires a timing attack that has only a limited time to complete. Tinc 1.1pre16 and earlier are also affected if there are nodes on the same VPN that still use the legacy protocol from tinc version 1.0.x. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* package/tinc: bump version to 1.0.34Bernd Kuhls2018-08-052-3/+3
| | | | | | | | Updated license hash after upstream commit: http://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff;h=54b18a85f68652f94ac5ecffbd9d100879ed06ea Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* package/tinc: upgrade to 1.0.33, install upstream's systemd filesZoltan Gyarmati2018-01-272-2/+9
| | | | | Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/t*/Config.in: fix ordering of statementsAdam Duskett2017-05-021-2/+2
| | | | | | | | | | | | | The check-package script when ran gives warnings on ordering issues on all of these Config files. This patch cleans up all warnings related to the ordering in the Config files for packages starting with the letter t in the package directory. The appropriate ordering is: type, default, depends on, select, help See http://nightly.buildroot.org/#_config_files for more information. Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+Rahul Bedarkar2017-04-011-1/+1
| | | | | | | | | | | We want to use SPDX identifier for license strings as much as possible. SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+. This change is done by using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/tinc: upgrade to upstream version 1.0.30Zoltan Gyarmati2016-12-022-2/+2
| | | | | Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* toolchain: add hidden symbol for PIE supportWaldemar Brodkorb2016-07-241-1/+1
| | | | | | | | | | | | | uClibc-ng does not support PIE for some architectures as arc and m68k. It isn't implemented in the static linking case, too. With musl toolchains you might have static PIE support with little patching of gcc. Static linking for GNU libc isn't enabled in buildroot. Fixup any package using special treatment of PIE. (grep -ir pie package/*/*.mk) Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> [Thomas: use positive logic.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/tinc: bump version to 1.0.28Bernd Kuhls2016-06-013-34/+2
| | | | | | | | | This patch can be applied after the release of buildroot 2016.05. Removed 0001-musl.patch, applied upstream. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/tinc: optionally include linux/if_tun.h to fix musl buildBernd Kuhls2016-05-251-0/+32
| | | | | | | | Fixes http://autobuild.buildroot.net/results/5b1/5b1d0c8c1bd75f7e228c313cb21b1638301568ae/ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/tinc: needs libdl for OpenSSL supportBernd Kuhls2016-05-251-0/+4
| | | | | | | | Fixes http://autobuild.buildroot.net/results/d5b/d5b2f905d8da79cebda1408ffceac6d4c99f9e7b/ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tinc: disable PIE on ARCAlexey Brodkin2015-08-101-0/+6
| | | | | | | | | | | | | | | | Even though ARC gcc understands "-pie" option and attempts to generate PIE binaries as of today PIE is not really supported for user-space applications. So we disable PIE detection if building for ARC. That fixes http://autobuild.buildroot.net/results/2b1/2b1aa474fc432f3f79b03c4577d68642bb7e0f9c and also prevents execution of non-supported PIE binary in runtime. [Thomas: fix indentation.] Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tinc: add hash fileGustavo Zacarias2015-07-281-0/+2
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* tinc: new packageZoltan Gyarmati2014-12-212-0/+26
[Thomas: - fix license from GPLv2 to 'GPLv2+ with OpenSSL exception' - add -std=c99 to CFLAGS, otherwise it doesn't build with a minimal toolchain configuration - add BR2_USE_MMU dependency since fork() is used.] Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
OpenPOWER on IntegriCloud