summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/afclient.17
-rw-r--r--doc/afclient.conf.57
-rw-r--r--doc/afclient_example.conf1
-rw-r--r--doc/afserver.112
-rw-r--r--doc/afserver.conf.512
-rw-r--r--doc/afserver_example.conf5
-rw-r--r--doc/en/README12
7 files changed, 43 insertions, 13 deletions
diff --git a/doc/afclient.1 b/doc/afclient.1
index 3e3bebf..677ec7a 100644
--- a/doc/afclient.1
+++ b/doc/afclient.1
@@ -1,4 +1,4 @@
-.TH afclient 1 "apf 0.8.3" Jeremian
+.TH afclient 1 "apf 0.8.4" Jeremian
.SH NAME
afclient \- active port forwarder client
.SH SYNOPSIS
@@ -72,6 +72,9 @@ is running (required)
.B -k, --keyfile FILE
the name of the file with RSA key (default: client.rsa)
+.B -c, --cerfile
+ the name of the file with certificate (default: no certificate used)
+
.B -f, --cfgfile FILE
the name of the file with the configuration for the
.I afclient
@@ -334,7 +337,7 @@ Jeremian <jeremian [at] poczta.fm>
.SH CONTRIBUTIONS
-Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> and Marco Solari <marco.solari [at] koinesistemi.it>
+Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru>, Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>
.SH LICENSE
diff --git a/doc/afclient.conf.5 b/doc/afclient.conf.5
index a343d11..4f8a5c6 100644
--- a/doc/afclient.conf.5
+++ b/doc/afclient.conf.5
@@ -1,4 +1,4 @@
-.TH afclient.conf 5 "apf 0.8.3" Jeremian
+.TH afclient.conf 5 "apf 0.8.4" Jeremian
.SH NAME
afclient.conf \- Configuration File for afclient
.SH INTRODUCTION
@@ -67,6 +67,9 @@ is running
.B keyfile FILE
the name of the file with RSA key (default: client.rsa)
+.B cerfile FILE
+ the name of the file with certificate (default: no certificate used)
+
.B storefile FILE
the name of the file with stored public keys (default: known_hosts)
@@ -142,7 +145,7 @@ Jeremian <jeremian [at] poczta.fm>
.SH CONTRIBUTIONS
-Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> and Marco Solari <marco.solari [at] koinesistemi.it>
+Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru>, Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>
.SH LICENSE
diff --git a/doc/afclient_example.conf b/doc/afclient_example.conf
index 45b2556..d336ce3 100644
--- a/doc/afclient_example.conf
+++ b/doc/afclient_example.conf
@@ -15,6 +15,7 @@
#ignorepkeys #ignore invalid server's public keys
#keyfile client.rsa #the name of the file with RSA key (default: client.rsa)
+#cerfile filename #the name of the file with certificate (default: no certificate used)
#storefile known_hosts #the name of the file with stored public keys (default: known_hosts)
#dateformat %Y-%m-%d %H:%M:%S #format of the date printed in logs (default: %Y-%m-%d %H:%M:%S)
#keep-alive 15 #send keepalive packets every N seconds (default: not send keepalive packets)
diff --git a/doc/afserver.1 b/doc/afserver.1
index 3e41af3..887d79b 100644
--- a/doc/afserver.1
+++ b/doc/afserver.1
@@ -1,4 +1,4 @@
-.TH afserver 1 "apf 0.8.3" Jeremian
+.TH afserver 1 "apf 0.8.4" Jeremian
.SH NAME
afserver \- active port forwarder server
.SH SYNOPSIS
@@ -51,7 +51,13 @@ connects to it (default: 50126)
.I Configuration
.B -c, --cerfile FILE
- the name of the file with certificate (default: cacert.pem)
+ the name of the file with certificate (default: server-cert.pem)
+
+.B -A, --cacerfile FILE
+ the name of the file with CA certificates (if used, require clients to have valid certificates)
+
+.B -d, --cerdepth
+ the maximum depth of valid certificate-chains
.B -k, --keyfile FILE
the name of the file with RSA key (default: server.rsa)
@@ -236,7 +242,7 @@ Jeremian <jeremian [at] poczta.fm>
.SH CONTRIBUTIONS
-Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> and Marco Solari <marco.solari [at] koinesistemi.it>
+Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>
.SH LICENSE
diff --git a/doc/afserver.conf.5 b/doc/afserver.conf.5
index 36f8fca..c62e105 100644
--- a/doc/afserver.conf.5
+++ b/doc/afserver.conf.5
@@ -1,4 +1,4 @@
-.TH afserver.conf 5 "apf 0.8.3" Jeremian
+.TH afserver.conf 5 "apf 0.8.4" Jeremian
.SH NAME
afserver.conf \- Configuration File for afserver
.SH INTRODUCTION
@@ -35,7 +35,13 @@ commands.
.SH "GLOBAL OPTIONS"
.B cerfile FILE
- the name of the file with certificate (default: cacert.pem)
+ the name of the file with certificate (default: server-cert.pem)
+
+.B cacerfile FILE
+ the name of the file with CA certificates (if used, require clients to have valid certificates)
+
+.B cerdepth N
+ the maximum depth of valid certificate-chains
.B keyfile FILE
the name of the file with RSA key (default: server.rsa)
@@ -125,7 +131,7 @@ Jeremian <jeremian [at] poczta.fm>
.SH CONTRIBUTIONS
-Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> and Marco Solari <marco.solari [at] koinesistemi.it>
+Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru>, Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>
.SH LICENSE
diff --git a/doc/afserver_example.conf b/doc/afserver_example.conf
index a11f5c1..8bdafa6 100644
--- a/doc/afserver_example.conf
+++ b/doc/afserver_example.conf
@@ -1,7 +1,7 @@
# This is an example configuration file for active port forwarder (server)
# Firstly, we have to declare our files with key and certificate
-cerfile cacert.pem
+cerfile server-cert.pem
# Please note, that we can place only blank characters between words
@@ -47,6 +47,9 @@ manageport 50126 #portnumber on which server is listening for afclient
#ipv4 #use ipv4 only
#ipv6 #use ipv6 only
#enableproxy #enable http proxy mode
+#cacerfile filename #the name of the file with CA certificates
+ # (if used, require clients to have valid certificates)
+#cerdepth #the maximum depth of valid certificate-chains
# and now the second realm
diff --git a/doc/en/README b/doc/en/README
index 11b080e..e9f5b20 100644
--- a/doc/en/README
+++ b/doc/en/README
@@ -1,4 +1,4 @@
-AF - Active Port Forwarder 0.8.3 - README
+AF - Active Port Forwarder 0.8.4 - README
Copyright (C) 2003-2007 jeremian - <jeremian [at] poczta.fm>
=================================================================
@@ -130,7 +130,10 @@ Multiple clients allow to create more sophisticated tunneling scheme.
Configuration:
-c, --cerfile - the name of the file with certificate
- (default: cacert.pem)
+ (default: server-cert.pem)
+ -A, --cacerfile - the name of the file with CA certificates
+ (if used, require clients to have valid certificates)
+ -d, --cerdepth - the maximum depth of valid certificate-chains
-k, --keyfile - the name of the file with RSA key (default: server.rsa)
-f, --cfgfile - the name of the file with the configuration for the
active forwarder (server)
@@ -211,6 +214,8 @@ Multiple clients allow to create more sophisticated tunneling scheme.
Configuration:
-k, --keyfile - the name of the file with RSA key (default: client.rsa)
+ -c, --cerfile - the name of the file with certificate
+ (default: no certificate used)
-f, --cfgfile - the name of the file with the configuration for the
active forwarder (client)
-s, --storefile - the name of the file with stored public keys
@@ -662,6 +667,9 @@ README file.
Thanks to Marco Solari <marco.solari [at] koinesistemi.it> for a lot of
requests, suggestions and ideas.
+ Thanks to Joshua Judson Rosen <rozzin [at] geekspace.com> for the patch adding
+certificate-based authentication to the APF.
+
And thanks for using this software!
LICENSE