Compare commits

..

No commits in common. "bd839534e01f40189ed0739c2a19b4ebe3ae2f87" and "0e764df560dfcb13de9096ae4020f806b10cb6e0" have entirely different histories.

4 changed files with 4 additions and 19 deletions

View File

@ -2,10 +2,6 @@
This project follows [semantic versioning](http://semver.org). This project follows [semantic versioning](http://semver.org).
### UNRELEASED
- [changed] Changed documentation
### v2.0.0 (2020-10-30) ### v2.0.0 (2020-10-30)
- [added] **Add strong crypto, complete rewrite of crypto system** - [added] **Add strong crypto, complete rewrite of crypto system**

View File

@ -9,15 +9,7 @@ establishes an encrypted fully-meshed VPN network in a peer-to-peer manner.
It can work on TUN devices (IP based) and TAP devices (Ethernet based). It can work on TUN devices (IP based) and TAP devices (Ethernet based).
Tunneling traffic between two nodes can be as easy as: Tunneling traffic between two nodes can be as easy as:
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24 $> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
or as config file:
crypto:
password: mysecret
ip: 10.0.0.1
peers:
- REMOTE_HOST:PORT
For more information, please see the [Website](https://vpncloud.ddswd.de) or the [Forum](https://groups.google.com/forum/#!forum/vpncloud). For more information, please see the [Website](https://vpncloud.ddswd.de) or the [Forum](https://groups.google.com/forum/#!forum/vpncloud).

View File

@ -80,7 +80,7 @@ mode: normal
# MAC address. The prefix length is the number of significant front bits that # MAC address. The prefix length is the number of significant front bits that
# distinguish the subnet from other subnets. Example: `10.1.1.0/24`. # distinguish the subnet from other subnets. Example: `10.1.1.0/24`.
# Note: Several entries can be separated by spaces. # Note: Several entries can be separated by spaces.
#claims: #claims
# - 10.1.1.0/24 # - 10.1.1.0/24
# Whether to automatically claim the configured IP on tun devices # Whether to automatically claim the configured IP on tun devices

View File

@ -156,7 +156,7 @@ fn setup_device(config: &Config) -> TunTapDevice {
} }
if let Ok(val) = device.get_rp_filter() { if let Ok(val) = device.get_rp_filter() {
if val != 1 { if val != 1 {
warn!("Your networking configuration might be affected by a vulnerability (https://vpncloud.ddswd.de/docs/security/cve-2019-14899/), please change your rp_filter setting to 1 (currently {}).", val); warn!("Your networking configuration might be affected by a vulnerability (https://seclists.org/oss-sec/2019/q4/122), please change your rp_filter setting to 1 (currently {}).", val);
} }
} }
device device
@ -256,10 +256,7 @@ fn main() {
try_fail!(fs::rename(&file, format!("{}.orig", file)), "Failed to rename original file: {:?}"); try_fail!(fs::rename(&file, format!("{}.orig", file)), "Failed to rename original file: {:?}");
info!("Writing new config back into {}", file); info!("Writing new config back into {}", file);
let f = try_fail!(File::create(&file), "Failed to open config file: {:?}"); let f = try_fail!(File::create(&file), "Failed to open config file: {:?}");
try_fail!( try_fail!(fs::set_permissions(&file, fs::Permissions::from_mode(0o600)), "Failed to set permissions on file: {:?}");
fs::set_permissions(&file, fs::Permissions::from_mode(0o600)),
"Failed to set permissions on file: {:?}"
);
try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}"); try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}");
return return
} }