j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
1952 commits 2 branches 0 tags 10 MiB
Commit graph

1952 commits

This branch
This branch
All branches
Author SHA1 Message Date
Guus Sliepen
80b81c00b1 Have tincctl generate ECDSA keys. 
The generate-keys command now generates both an RSA and an ECDSA keypair,
but one can generate-rsa-keys or generate-ecdsa-keys to just generate one type.
 2011-07-03 22:25:29 +02:00
Guus Sliepen
8ace7f3e57 Add ECDSA key generation. 2011-07-03 22:15:00 +02:00
Guus Sliepen
1d92dd62a7 Base64 encoding and decoding functions. 2011-07-03 22:13:58 +02:00
Guus Sliepen
c385d11533 Cleanups in ECDH code. 2011-07-03 22:13:34 +02:00
Guus Sliepen
895f868714 No need to keep around pointers to EC_GROUP. 2011-07-03 21:21:37 +02:00
Guus Sliepen
ac163120d7 Proper use of PRF. 2011-07-03 16:30:49 +02:00
Guus Sliepen
82f00ea07b Use PRF. 2011-07-03 15:59:49 +02:00
Guus Sliepen
feb3f22fff Add PRF to derive key material from the ECDH shared secret. 
It is modelled after the pseudorandom function from RFC4346 (TLS 1.1), the only
significant change is the use of SHA512 and Whirlpool instead of MD5 and SHA1.
 2011-07-03 15:26:58 +02:00
Guus Sliepen
8dfa072733 Support ECDH key exchange. 
REQ_KEY requests have an extra field indicating key exchange version.
If it is present and > 0, the sender supports ECDH. If the receiver also
does, then it will generate a new keypair and sends the public key in a
ANS_KEY request with "ECDH:" prefixed. The ans_key_h() function will
compute the shared secret, which, at the moment,is used as is to set the
cipher and HMAC keys. However, this must be changed to use a proper KDF.
In the future, the ECDH key exchange must also be signed.
 2011-07-03 13:17:28 +02:00
Guus Sliepen
ee8a214318 Preliminary implementation of Elliptic Curve Diffie-Hellman Ephemeral key exchange. 2011-06-27 21:52:23 +02:00
Guus Sliepen
6c21b5716b Add manpage for tinc-gui. 2011-06-26 13:17:50 +02:00
Guus Sliepen
4c934d0903 Remove debug messages that were printed to stdout. 2011-06-26 13:14:48 +02:00
Guus Sliepen
e73052b054 Update documentation to mention pidfiles instead of controlcookies. 2011-06-26 12:59:11 +02:00
Guus Sliepen
8c953b1bfe Don't react to escape character in tincctl top. 
Not only the ESC key generates an escape character, but many other keys
do as well, such as arrow keys.
 2011-06-26 12:58:50 +02:00
Guus Sliepen
27e6a89b15 Use pidfile in tinc-gui as well. 2011-06-26 12:53:41 +02:00
Guus Sliepen
660f530a6f Really stable sorting of tincctl top output. 2011-06-25 22:20:39 +02:00
Guus Sliepen
810766e139 Add +git to the version string. 2011-06-25 21:38:59 +02:00
Guus Sliepen
ab4d289faf Make pid files backwards compatible and add address of listening socket. 
The pid is now written first, so that a version 1.0.x tincd can be used to stop
a running version 1.1 tincd.  Getsockname() is used to determine the address of
the first listening socket, so that tincctl can connect to the local tincd even
if AddressFamily = ipv6, or if BindToAddress or BindToInterface is used.
 2011-06-25 21:35:27 +02:00
Guus Sliepen
a05fa7f882 Rename controlcookie file to pidfile. 2011-06-25 21:21:36 +02:00
Guus Sliepen
c64f64b875 Don't call exit_control() if we didn't do init_control(). 2011-06-25 21:16:13 +02:00
Guus Sliepen
3b237afbda Re-add support for SIGALRM. 2011-06-25 20:20:07 +02:00
Guus Sliepen
386c1aff08 Merge Tinc.py into tinc-gui to simplify make install. 
Autoconf/automake's Python support is strange.
 2011-06-25 17:39:02 +02:00
Guus Sliepen
c4c32f4059 Thank Scott Lamb, Sven-Haegar Koch and Loïc Grenié in the NEWS file. 2011-06-25 17:11:05 +02:00
Guus Sliepen
8733110dec Ensure the right files end up in the tarball after make dist. 2011-06-25 17:08:40 +02:00
Guus Sliepen
e4f65db897 Releasing 1.1pre1. 2011-06-25 15:28:54 +02:00
Guus Sliepen
2c5ded6520 Ensure that the texinfo manual can be converted to HTML. 
Somehow commit 2c30af6c90 was not properly
merged.
 2011-06-25 15:28:13 +02:00
Guus Sliepen
e8deda0b23 Update manpages and info manual. 2011-06-25 14:52:47 +02:00
Guus Sliepen
47393b5de4 Add Makefile.am in gui/. 
This ensures the gui source will be included in the tarball with make dist,
and will be installed with make install.
 2011-06-25 00:35:58 +02:00
Guus Sliepen
7944cce19e Don't use AM_CONDITIONAL for CURSES. 
For some reason, this doesn't work when cross-compiling for Windows.
 2011-06-25 00:06:06 +02:00
Guus Sliepen
365f60f3f8 Don't call event_del() from the mtuevent handler, always send_mtu_probe() in ans_key_h(). 2011-06-24 22:49:18 +02:00
Guus Sliepen
1fe8ba2f06 Delete mtuevent if it is not used. 
Keeping it around prevents ans_key_h() from restarting PMTU discovery.
 2011-06-24 22:10:03 +02:00
Guus Sliepen
79e9a4f743 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	src/Makefile.am
 2011-06-24 21:40:55 +02:00
Guus Sliepen
05260f941c Releasing 1.0.15. 2011-06-24 14:50:20 +02:00
Guus Sliepen
3c0511984f Remove redundant @CFLAGS@ from AM_CFLAGS. 2011-06-24 12:27:04 +02:00
Guus Sliepen
fb5b260190 No need to check for pselect() in tinc 1.1. 2011-06-21 23:08:05 +02:00
Guus Sliepen
532557beea Only log UDP address changes at the appropriate debug levels. 2011-06-21 23:06:53 +02:00
Guus Sliepen
60ed7fe598 Reopen log file after SIGHUP. 
This was missed by the previous merge.
 2011-06-06 21:19:30 +02:00
Guus Sliepen
33f241d978 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	lib/pidfile.h
	lib/xalloc.h
	lib/xmalloc.c
	src/conf.c
	src/conf.h
	src/connection.c
	src/connection.h
	src/event.c
	src/graph.c
	src/graph.h
	src/net.c
	src/net.h
	src/node.h
	src/openssl/crypto.c
	src/process.c
	src/protocol.c
	src/protocol_key.c
	src/route.c
 2011-06-06 20:42:15 +02:00
Guus Sliepen
601f3b2dd7 Clean up digests when freeing a connection_t. 2011-06-06 20:12:33 +02:00
Guus Sliepen
4b3fd94b1c Improved --logfile option. 
Instead of UNIX time, the log messages now start with the time in RFC3339
format, which human-readable and still easy for the computer to parse and sort.
The HUP signal will also cause the log file to be closed and reopened, which is
useful when log rotation is used. If there is an error while opening the log
file, this is logged to stderr.
 2011-06-06 16:26:11 +02:00
Guus Sliepen
b3bbeab6e6 Attribution for Loïc Grenié. 2011-06-04 11:27:54 +02:00
Loïc Grenié
50af33d01f Nearly tickless tinc. 
Use pselect instead of select in main_loop (if available). This lets
tincd sleeps as long as there is nothing to do.
 2011-06-04 11:19:46 +02:00
Guus Sliepen
8b3cc695b5 Don't ignore SIGCHLD, system() needs it. 
But we do ignore SIGPIPE, and tinc 1.0.x signals that are no longer used
(SIGUSR1 and SIGUSR2), since the default handler of these signals is to
terminate tincd immediately.
 2011-06-03 15:50:20 +02:00
Guus Sliepen
5989a29d7b Fix format strings for Windows. 
Windows doesn't like %zd, so cast (s)size_t to int. Also, some shorts were
incorrectly printed with %d instead of %hd.
 2011-06-03 00:46:56 +02:00
Guus Sliepen
3ade33bfac Use send() when writing to sockets, and the return type is ssize_t. 2011-06-03 00:34:30 +02:00
Guus Sliepen
5f4d57e846 Small fixes for Windows. 2011-06-02 23:40:27 +02:00
Guus Sliepen
2adc789401 Even simpler signal handling. 2011-06-02 22:14:53 +02:00
Guus Sliepen
2f42896789 Remove debugging message that was accidentily left in. 2011-06-02 21:29:11 +02:00
Guus Sliepen
c6b0e102ad Don't treat packets coming in via TCP as having zero length. 2011-06-02 21:16:57 +02:00
Guus Sliepen
80ca91769d Fix nodes joining the VPN after tincctl top started. 2011-06-02 21:14:50 +02:00