Compare commits

..

No commits in common. "bd839534e01f40189ed0739c2a19b4ebe3ae2f87" and "0e764df560dfcb13de9096ae4020f806b10cb6e0" have entirely different histories.

4 changed files with 4 additions and 19 deletions

View File

@ -2,10 +2,6 @@
This project follows [semantic versioning](http://semver.org).
### UNRELEASED
- [changed] Changed documentation
### v2.0.0 (2020-10-30)
- [added] **Add strong crypto, complete rewrite of crypto system**

View File

@ -9,15 +9,7 @@ establishes an encrypted fully-meshed VPN network in a peer-to-peer manner.
It can work on TUN devices (IP based) and TAP devices (Ethernet based).
Tunneling traffic between two nodes can be as easy as:
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
or as config file:
crypto:
password: mysecret
ip: 10.0.0.1
peers:
- REMOTE_HOST:PORT
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
For more information, please see the [Website](https://vpncloud.ddswd.de) or the [Forum](https://groups.google.com/forum/#!forum/vpncloud).

View File

@ -80,7 +80,7 @@ mode: normal
# MAC address. The prefix length is the number of significant front bits that
# distinguish the subnet from other subnets. Example: `10.1.1.0/24`.
# Note: Several entries can be separated by spaces.
#claims:
#claims
# - 10.1.1.0/24
# Whether to automatically claim the configured IP on tun devices

View File

@ -156,7 +156,7 @@ fn setup_device(config: &Config) -> TunTapDevice {
}
if let Ok(val) = device.get_rp_filter() {
if val != 1 {
warn!("Your networking configuration might be affected by a vulnerability (https://vpncloud.ddswd.de/docs/security/cve-2019-14899/), please change your rp_filter setting to 1 (currently {}).", val);
warn!("Your networking configuration might be affected by a vulnerability (https://seclists.org/oss-sec/2019/q4/122), please change your rp_filter setting to 1 (currently {}).", val);
}
}
device
@ -256,10 +256,7 @@ fn main() {
try_fail!(fs::rename(&file, format!("{}.orig", file)), "Failed to rename original file: {:?}");
info!("Writing new config back into {}", file);
let f = try_fail!(File::create(&file), "Failed to open config file: {:?}");
try_fail!(
fs::set_permissions(&file, fs::Permissions::from_mode(0o600)),
"Failed to set permissions on file: {:?}"
);
try_fail!(fs::set_permissions(&file, fs::Permissions::from_mode(0o600)), "Failed to set permissions on file: {:?}");
try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}");
return
}