diff options
| -rw-r--r-- | bash_completion.d/tinc | 2 | ||||
| -rw-r--r-- | doc/tinc.conf.5.in | 4 | ||||
| -rw-r--r-- | src/conf.c | 4 | ||||
| -rw-r--r-- | src/tincctl.c | 1 |
4 files changed, 10 insertions, 1 deletions
diff --git a/bash_completion.d/tinc b/bash_completion.d/tinc index 575f412a..6be0dccb 100644 --- a/bash_completion.d/tinc +++ b/bash_completion.d/tinc @@ -4,7 +4,7 @@ _tinc() { cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" opts="-c -d -D -K -n -o -L -R -U --config --no-detach --debug --net --option --mlock --logfile --pidfile --chroot --user --help --version" - confvars="Address AddressFamily BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding FWMark GraphDumpFile Hostnames IffOneQueue IndirectData Interface InvitationExpire KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode MTUInfoInterval Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryKeepaliveInterval UDPDiscoveryInterval UDPDiscoveryTimeout UDPInfoInterval UDPRcvBuf UDPSndBuf UPnP UPnPDiscoverWait UPnPRefreshPeriod VDEGroup VDEPort Weight" + confvars="Address AddressFamily AppendHostFile BindToAddress BindToInterface Broadcast BroadcastSubnet Cipher ClampMSS Compression ConnectTo DecrementTTL Device DeviceStandby DeviceType Digest DirectOnly Ed25519PrivateKeyFile Ed25519PublicKey Ed25519PublicKeyFile ExperimentalProtocol Forwarding FWMark GraphDumpFile Hostnames IffOneQueue IndirectData Interface InvitationExpire KeyExpire ListenAddress LocalDiscovery MACExpire MACLength MaxOutputBufferSize MaxTimeout Mode MTUInfoInterval Name PMTU PMTUDiscovery PingInterval PingTimeout Port PriorityInheritance PrivateKeyFile ProcessPriority Proxy PublicKeyFile ReplayWindow StrictSubnets Subnet TCPOnly TunnelServer UDPDiscovery UDPDiscoveryKeepaliveInterval UDPDiscoveryInterval UDPDiscoveryTimeout UDPInfoInterval UDPRcvBuf UDPSndBuf UPnP UPnPDiscoverWait UPnPRefreshPeriod VDEGroup VDEPort Weight" commands="add connect debug del disconnect dump edit export export-all generate-ed25519-keys generate-keys generate-rsa-keys get help import info init invite join list log network pcap pid purge reload restart retry set sign start stop top verify version" case ${prev} in diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in index a907e5fc..9c9a158a 100644 --- a/doc/tinc.conf.5.in +++ b/doc/tinc.conf.5.in @@ -114,6 +114,10 @@ If .Qq any is selected, then depending on the operating system both IPv4 and IPv6 or just IPv6 listening sockets will be created. +.It Va AppendHostFile Li = yes | no Po no Pc Bq custom +If set to no, +.Nm tinc +will not append learned node keys to host files. .It Va AutoConnect Li = yes | no Pq yes If set to yes, .Nm tinc @@ -454,7 +454,11 @@ bool read_host_config(splay_tree_t *config_tree, const char *name, bool verbose) bool append_config_file(const char *name, const char *key, const char *value) { char fname[PATH_MAX]; + bool append; snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, name); + if (get_config_bool(lookup_config(config_tree, "AppendHostFile"), &append) && !append) { + return false; + } FILE *fp = fopen(fname, "a"); diff --git a/src/tincctl.c b/src/tincctl.c index 08f30189..eec7332c 100644 --- a/src/tincctl.c +++ b/src/tincctl.c @@ -1724,6 +1724,7 @@ ecdsa_t *get_pubkey(FILE *f) { const var_t variables[] = { /* Server configuration */ {"AddressFamily", VAR_SERVER | VAR_SAFE}, + {"AppendHostFile", VAR_SERVER | VAR_SAFE}, {"AutoConnect", VAR_SERVER | VAR_SAFE}, {"BindToAddress", VAR_SERVER | VAR_MULTIPLE}, {"BindToInterface", VAR_SERVER}, |