This is a more complicated test with one tinc daemon using a tap interface
(therefore requiring root), and a second one using a multicast interface. A
separate program "pong" is listening on the same multicast address, and waits
for ARP and ICMP packets, responding to ICMP echo packets with replies.
This test doesn't require any configuration of the tap interface.
The restriction of accepting only 1 connection per second from a single address
is a bit too much, especially if one wants to join a VPN using an invitation,
which requires two connections.
When --with-openssl is used, $openssl is set to the specified path.
Unfortunately, that confuses the OPENSSL conditional which expects it to
be set to "true". The result is that the contents of the openssl/
directory are not built when --with-openssl is used, resulting in
undefined references and a broken build.
In addition, there is a typo in the GCRYPT conditional definition
("grypt" instead of "gcrypt") which means GCRYPT never gets set,
(presumably) breaking builds using libgcrypt.
These regressions were introduced in
9b9230a0a7.
It now defers reading from stdin until after the authentication phase is
completed. Furthermore, it supports the -q, -r, -w options similar to those of
Jürgen Nickelsen's socket.
The tinc utility defered calling WSAStartup() until it tried to connect to a
running tinc daemon. However, socket functions are now also used for other
things (like joining another VPN using an invitation). Now we just
unconditionally call WSAStartup() early in main().
It seems like a lot of overhead to call access() for every possible extension
defined in PATHEXT, but apparently this is what Windows does itself too. At
least this avoids calling system() when the script one is looking for does not
exist at all.
Since the tinc utility also needs to call scripts, execute_script() is now
split off into its own source file.
Since filenames could potentially leak to unprivileged users (for example,
because of locatedb), it should not contain the cookie used for invitations.
Instead, tinc now uses the hash of the cookie and the invitation key as the
filename to store pending invitations in.
Commit cff5a84 removed the feature of binding outgoing TCP sockets to a local
address. We now call bind() again, but only if there is exactly one listening
socket with the same address family as the destination address of the outgoing
socket.
The order in which tinc initialized things was not completely correct. Now, it
is done as follows:
- Load and parse configuration files.
- Create all TCP and UDP listening sockets.
- Create PID file and UNIX socket.
- Run the tinc-up script.
- Drop privileges.
- Start outgoing connections.
- Run the main loop.
The PID file can only be created correctly if the listening sockets have been
set up ,as it includes the address and port of the first listening socket. The
tinc-up script has to be run after the PID file and UNIX socket have been
created so it can change their permissions if necessary. Outgoing connections
should only be started right before the main loop, because this is not really
part of the initialization.
The PID file was created before tinc-up was called, but the UNIX socket was
created afterwards, which meant one could not change the UNIX socket's owner or
permissions from the tinc-up script.
According to Debian, texi2html is deprecated and makeinfo --html should be used
instead. Automake already provides a html target that invokes makeinfo.
Automake finds the files in the subdirectories of src/ now that they are
properly declared in the _SOURCES variables. Using EXTRA_DIST would now cause
.o files to be included in the tarball.
When reloading the configuration file via the tinc command, the user will get
an error message if reloading has failed. However, no such warning exists when
sending a HUP signal. Previously, tincd would exit in both cases, but with a
zero exit code. Now it will exit with code 1 when reloading fails after a
SIGHUP, but tincd will keep running if it is signaled via the tinc command.
Instead, the tinc command will exit with a non-zero exit code.
The retry() function would only abort connections that were in progress of
being made, it wouldn't reschedule the outgoing connections that had been
sleeping.
