Commit graph

128 commits

Author SHA1 Message Date
Guus Sliepen
210b5ceeee Read ECDSA keys. 2011-07-07 22:28:25 +02:00
Guus Sliepen
33f241d978 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Conflicts:
	NEWS
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	lib/pidfile.h
	lib/xalloc.h
	lib/xmalloc.c
	src/conf.c
	src/conf.h
	src/connection.c
	src/connection.h
	src/event.c
	src/graph.c
	src/graph.h
	src/net.c
	src/net.h
	src/node.h
	src/openssl/crypto.c
	src/process.c
	src/protocol.c
	src/protocol_key.c
	src/route.c
2011-06-06 20:42:15 +02:00
Sven-Haegar Koch
04de15984f do_outgoing_connection() may delete a failed connection, and the structure
must not be accessed afterwards.
2011-05-29 22:05:14 +02:00
Guus Sliepen
6d08eb1614 Fix sparse warnings and add an extra sprinkling of const.
This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1
branch.
2011-05-28 23:36:52 +02:00
Guus Sliepen
f5843e7d64 Add per-node traffic counters. 2011-05-15 00:42:29 +02:00
Guus Sliepen
886a6f61a1 Merge branch 'master' into 1.1
Conflicts:
	src/net_packet.c
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
2010-11-19 12:22:48 +00:00
Brandon L Black
23acc19bc0 Configurable ReplayWindow size, zero disables 2010-11-13 21:25:46 +01:00
Brandon L Black
8dfe1b374e Configurable SO_RCVBUF/SO_SNDBUF for the UDP socket 2010-11-13 21:25:44 +01:00
Guus Sliepen
a22041922f Merge branch 'master' into 1.1
Conflicts:
	doc/tincd.8.in
	lib/pidfile.c
	src/graph.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/node.h
	src/protocol_auth.c
	src/protocol_key.c
	src/tincd.c
2010-11-12 16:15:29 +01:00
Guus Sliepen
4a21aabada Detect and prevent two nodes with the same Name being on the VPN simultaneously.
In this situation, the two nodes will start fighting over the edges they announced.
When we have to contradict both ADD_EDGE and DEL_EDGE messages, we log a warning,
and with 25% chance per PingTimeout we quit.
2010-06-04 14:53:52 +02:00
Guus Sliepen
79e46d08a4 Merge branch 'master' into 1.1
Conflicts:
	NEWS
	README
	configure.in
	src/net.c
	src/net.h
2010-04-17 12:21:53 +02:00
Guus Sliepen
9f53ab209d Reload Subnets when getting a HUP signal and StrictSubnets is used. 2010-04-11 00:50:42 +02:00
Guus Sliepen
5c5548fc71 Better integration of libevent in build system.
Since event.h is not part of tinc, we include it in have.h were all other
system header files are included.  We also ensure -levent comes before -lgdi32
when compiling with MinGW, apparently it doesn't work when the order is
reversed.
2009-11-07 14:35:48 +01:00
Guus Sliepen
35af4051c3 Fix a possible crash when sending the HUP signal.
When the HUP signal is sent while some outgoing connections have not been made
yet, or are being retried, a NULL pointer could be dereferenced resulting in
tinc crashing. We fix this by more careful handling of outgoing_ts, and by
deleting all connections that have not been fully activated yet at the HUP
signal is received.
2009-10-20 22:14:47 +02:00
Guus Sliepen
7ea85043ac Merge branch 'master' into 1.1
Conflicts:
	NEWS
	configure.in
	lib/Makefile.am
	lib/pidfile.c
	lib/pidfile.h
	lib/utils.c
	po/POTFILES.in
	po/nl.po
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/cygwin/device.c
	src/edge.c
	src/event.c
	src/graph.c
	src/linux/device.c
	src/meta.c
	src/mingw/device.c
	src/net.c
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/process.c
	src/protocol.c
	src/protocol_auth.c
	src/protocol_edge.c
	src/protocol_key.c
	src/protocol_misc.c
	src/protocol_subnet.c
	src/raw_socket/device.c
	src/route.c
	src/solaris/device.c
	src/subnet.c
	src/tincd.c
	src/uml_socket/device.c
2009-09-29 14:55:29 +02:00
Guus Sliepen
ab7c61b06f Update the address of the Free Software Foundation in all copyright headers. 2009-09-25 00:01:00 +02:00
Guus Sliepen
0e6856b137 Remove Ivo's old email addresses. 2009-09-24 23:42:30 +02:00
Guus Sliepen
c217d214f4 Remove all occurences of $Id$. 2009-09-24 23:39:16 +02:00
Guus Sliepen
2f97bdb46b Add missing #include. 2009-09-16 20:16:54 +02:00
Guus Sliepen
075e6828a7 Merge branch 'master' into 1.1
Conflicts:
	have.h
	lib/dropin.c
	lib/fake-getaddrinfo.c
	lib/pidfile.c
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/connection.h
	src/graph.c
	src/mingw/device.c
	src/net.c
	src/net_setup.c
	src/node.c
	src/protocol_key.c
	src/protocol_misc.c
	src/tincd.c
2009-09-16 19:55:47 +02:00
Guus Sliepen
b47c17bcde Use a mutex to allow the TAP reader to process packets faster on Windows.
The TAP-Win32 device is not a socket, and select() under Windows only works
with sockets.  Tinc used a separate thread to read from the TAP-Win32 device,
and passed this via a local socket to the main thread which could then select()
from it. We now use a global mutex, which is only unlocked when the main thread
is waiting for select(), to allow the TAP reader thread to process packets
directly.
2009-09-15 22:59:01 +02:00
Guus Sliepen
5a132550de Merge branch 'master' into 1.1
Conflicts:
	doc/tincd.8.in
	lib/pidfile.c
	src/graph.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/node.h
	src/protocol_auth.c
	src/protocol_key.c
	src/tincd.c
2009-06-05 23:14:13 +02:00
Guus Sliepen
e012e752f4 Fix initialisation of packet decryption context broken by commit 3308d13e7e.
Instead of a single, global decryption context, each node has its own context.
However, in send_ans_key(), the global context was initialised. This commit
fixes that and removes the global context completely.

Also only set status.validkey after all checks have been evaluated.
2009-05-24 19:31:31 +02:00
Michael Tokarev
6698f7c390 Rename setup_network_connections() and split out try_outgoing_connections()
In preparation of chroot/setuid operations, split out call to
try_outgoing_connections() from setup_network_connections()
(which was the last call in setup_network_connections()).
This is because dropping privileges should be done in-between
setup_network_connections() and try_outgoing_connections().

This patch renames setup_network_connections() to setup_network()
and moves call to try_outgoing_connections() into main routine.

No functional changes.
2009-05-18 14:34:24 +02:00
Guus Sliepen
08aabbf931 Merge branch 'master' into 1.1
Conflicts:
	NEWS
	README
	doc/tinc.conf.5.in
	doc/tinc.texi
	po/nl.po
	src/conf.c
	src/connection.c
	src/event.c
	src/graph.c
	src/net.c
	src/net_packet.c
	src/net_socket.c
	src/node.c
	src/node.h
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
	src/protocol_misc.c
	src/subnet.c
	src/subnet.h
	src/tincd.c
2009-03-09 19:02:24 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
d1910ac198 Remove unused definitions from net.h. 2009-01-20 13:19:31 +01:00
Guus Sliepen
503c32eb0e Use a global list to track outgoing connections.
Previously an outgoing_t was maintained for each outgoing connection,
but the pointer to it was either stored in a connection_t or in an event_t.
This made it very hard to keep track of and to clean up.

Now a list is created when tinc starts and reads all the ConnectTo variables,
and which is recreated when tinc receives a HUP signal.
2009-01-20 13:12:41 +01:00
Guus Sliepen
67df7fb7e1 Only send packets via UDP if UDP communication is possible.
When no session key is known for a node, or when it is doing PMTU discovery but
no MTU probes have returned yet, packets are sent via TCP. Some logic is added
to make sure intermediate nodes continue forwarding via TCP.  The per-node
packet queue is now no longer necessary and has been removed.
2009-01-03 22:33:55 +01:00
Guus Sliepen
551cd19406 Move RSA key generation into the wrappers. 2008-12-14 12:47:26 +00:00
Scott Lamb
d82fcc88f3 Reload configuration through control socket
I also kept the SIGHUP handler, which many people will expect to see.
The control socket is better, though - it will tell you if there is a
problem.
2007-11-07 02:51:24 +00:00
Scott Lamb
f0a57eab4c Retry connections through control socket 2007-11-07 02:50:58 +00:00
Scott Lamb
1065879c8c Purge through the control socket 2007-11-07 02:49:57 +00:00
Guus Sliepen
ddc6a81a85 Remove global variable "now". 2007-05-18 09:34:06 +00:00
Guus Sliepen
7e1117197c Move key regeneration handling to net_setup.c. 2007-05-17 23:57:48 +00:00
Guus Sliepen
a67ab277c9 Use libevent for retrying outgoing connections. 2007-05-17 22:09:55 +00:00
Guus Sliepen
17c8033029 128 listener sockets is way too much. 2007-05-17 19:52:12 +00:00
Scott Lamb
38c25d62c2 Convert to libevent.
This is a quick initial conversion that doesn't yet show much advantage:
- We roll our own timeouts.
- We roll our own signal handling.
- We build up the meta connection fd events on each loop rather than
  on state changes.
2007-02-27 01:57:01 +00:00
Guus Sliepen
de78d79db8 Update copyright notices, remove Ivo's email address. 2006-04-26 13:52:58 +00:00
Guus Sliepen
228e7a5c8f Apply patch from Scott Lamb adding an output buffer for the TCP sockets.
This helps coalescing multiple send_meta() commands into one TCP packet.
Also limit the size of the output buffer before dropping PACKETs.
2006-01-19 17:13:18 +00:00
Guus Sliepen
df3220a154 Update copyright notices. 2005-05-04 18:09:30 +00:00
Guus Sliepen
4fe7aff4d1 Add BlockingTCP option, useful when using TCPOnly on slow or congested links. 2004-11-10 21:56:31 +00:00
Guus Sliepen
9e44f116bf Increase MTU by 4 bytes to allow VLAN tagged Ethernet frames in hub and switch mode. 2004-04-15 14:09:56 +00:00
Guus Sliepen
7926a156e5 Update copyrights, links, email addresses and let Subversion update $Id$ keywords. 2004-03-21 14:21:22 +00:00
Guus Sliepen
af86a3226e Revert Martin Kihlgren's patch, it doesn't work the way it should. 2004-03-20 22:23:42 +00:00
Guus Sliepen
56aad1bb48 Applied Martin Kihlgren's IdentityGenerosity patch,
simplified and renamed to StrictSource.
2004-03-20 15:28:55 +00:00
Guus Sliepen
6b12bea62f Let tinc figure out the exact MTU of the link. 2003-12-20 19:47:53 +00:00
Guus Sliepen
98edfb14fc Some platforms don't know sa_family_t or define it other than uint16_t. 2003-10-08 12:09:37 +00:00
Guus Sliepen
ad39db95fe Make sure type of AF_UNKNOWN is sa_family_t. 2003-10-06 16:49:42 +00:00
Guus Sliepen
72bdc05cb7 Allow tinc to handle unknown type addresses from other tinc daemons. 2003-08-22 11:18:42 +00:00