Commit graph

145 commits

Author SHA1 Message Date
Etienne Dechamps
ea12a0fb06 Improve subprocess behavior in tinc start command.
When invoking tincd, tinc start currently uses the execvp() function,
which doesn't behave well in a console as the console displays a new
prompt before the subprocess finishes (which makes me suspect the exit
value is not handled at all). This new code uses spawnvp() instead,
which seems like a better fit.
2014-07-12 18:57:20 +01:00
Etienne Dechamps
b22499668a Fix "tinc start" on Windows when the path contains spaces.
When invoking "tinc start" with spaces in the path, the following
happens:

    > "c:\Program Files (x86)\tinc\tinc.exe" start
    c:\Program: unrecognized argument 'Files'
    Try `c:\Program --help' for more information.

This is caused by inconsistent handling of command line strings between
execvp() and the spawned process' CRT, as documented on MSDN:
http://msdn.microsoft.com/library/431x4c1w.aspx
2014-07-12 18:41:51 +01:00
Etienne Dechamps
e024b7a2c5 Use git description as the tinc version.
Instead of using a hardcoded version number in configure.ac, this makes
tinc use the live version reported by "git describe", queried on-the-fly
during the build process and regenerated for every build.

This provides several advantages:
 - Less redundancy: git is now the source of truth for version
   information, no need to store it in the repository itself.
 - Simpler release process: just creating a git tag automatically
   updates the version. No need to change files.
 - More useful version information: tinc will now display the number of
   commits since the last tag as well as the commit the binary is built
   from, following the format described in git-describe(1).

Here's an example of tincd --version output:

  tinc version release-1.1pre10-48-gc149315 (built Jun 29 2014 15:21:10, protocol 17.3)

When building directly from a release tag, this would like the following:

  tinc version release-1.1pre10 (built Jun 29 2014 15:21:10, protocol 17.3)

(Note that the format is slightly different - because of the way the
tags are named, it says "release-1.1pre10" instead of just "1.1pre10")
2014-06-29 16:57:19 +01:00
Etienne Dechamps
aec82bb1c9 Regenerate build date and time every time tinc is built.
This prevents the date and time shown in version information from
getting stale because of partial builds. With these changes, date and
time information is written to a dedicated object file that gets rebuilt
every time make is run, even if there are no changes.
2014-06-29 16:48:57 +01:00
Etienne Dechamps
bfce56d473 Add local address information to edges.
In addition to the remote address, each edge now stores the local address from
the point of view of the "from" node. This information is then made available
to other nodes through a backwards-compatible extension to ADD_EDGE messages.

This information can be used in future code to improve packet routing.
2014-06-29 11:23:14 +01:00
Etienne Dechamps
0c026f3c6d Fix errno references when handling socket errors.
When using socket functions, "sockerrno" is supposed to be used to
retrieve the error code as opposed to "errno", so that it is translated
to the correct call on Windows (WSAGetLastError() - Windows does not
update errno on socket errors). Unfortunately, the use of sockerrno is
inconsistent throughout the tinc codebase, as errno is often used
incorrectly on socket-related calls.

This commit fixes these oversights, which improves socket error
handling on Windows.
2014-06-26 20:42:40 +01:00
Guus Sliepen
31c6899398 Unconditionally return non-zero exit code when "tinc del" does not find the requested variable. 2014-06-15 12:19:10 +02:00
Guus Sliepen
1ce0f76139 Return non-zero exit code when "tinc get" does not find the requested variable. 2014-06-15 12:14:01 +02:00
Guus Sliepen
666718998e Implement a PEM-like format for Ed25519 keys.
We don't require compatibility with any other software, but we do want Ed25519 keys to work
the same as RSA keys for now.
2014-05-18 20:49:35 +02:00
Guus Sliepen
f0e7e6b03e Rename ECDSA to Ed25519. 2014-05-18 20:47:04 +02:00
Guus Sliepen
35437a50e2 Add sanity checks when generating new RSA keys.
The key size should be a multiple of 8 bits, and it should be between 1024 and
8192 bits.
2014-05-13 20:33:20 +02:00
Guus Sliepen
c32fcdfc1d Add missing closedir(). 2014-05-12 14:35:56 +02:00
Guus Sliepen
f134bd0c9c Handle a disconnecting tincd better.
- Try to prevent SIGPIPE from being sent for errors sending to the control
  socket. We don't outright block the SIGPIPE signal because we still want the
  tinc CLI to exit when its output is actually sent to a real (broken) pipe.

- Don't call exit() from top(), and properly detect when the control socket is
  closed by the tincd.
2014-03-09 15:32:10 +01:00
Guus Sliepen
44c7f554c7 Add "network" command to list or switch networks. 2014-02-26 11:04:42 +01:00
Guus Sliepen
06a4a8c153 Update copyright notices. 2014-02-07 20:38:48 +01:00
Guus Sliepen
2e318f3799 Don't ask questions if we are not running interactively.
When creating invitations or using them to join a VPN, and the tinc command is
not run interactively (ie, when stdin and stdout are not connected or
redirected to/from a file), don't ask questions. If normally tinc would ask for
a confirmation, just assume the default answer instead. If tinc really needs
some input, just print an error message instead.

In case an invitation is used for a VPN which uses a netname that is already in
use on the local host, tinc will store the configuration in a temporary
directory. Normally it asks for an alternative netname and then renames the
temporary directory, but when not run interactively, it now just prints the
location of the unchanged temporary directory.
2014-01-29 17:17:59 +01:00
Guus Sliepen
38adc8bf54 Add the ListenAddress option.
ListenAddress works the same as BindToAddress, except that from now on,
explicitly binding outgoing packets to the address of a socket is only done for
sockets specified with BindToAddress.
2014-01-20 21:19:13 +01:00
Guus Sliepen
c151cfa2e9 Give full path to unconfigured tinc-up script. 2013-12-08 21:31:50 +01:00
Guus Sliepen
e11daa2646 Don't try to mkdir(CONFDIR) if --config is used. 2013-09-08 15:03:06 +02:00
Guus Sliepen
09b5a3c020 Exit value 1 instead of a random non-zero value. 2013-09-05 14:50:10 +02:00
Guus Sliepen
f0e11cd2c5 Call WSAStartup() in main().
The tinc utility defered calling WSAStartup() until it tried to connect to a
running tinc daemon. However, socket functions are now also used for other
things (like joining another VPN using an invitation). Now we just
unconditionally call WSAStartup() early in main().
2013-08-27 21:19:50 +02:00
Guus Sliepen
57991e2642 Use PATHEXT when checking for the presence of scripts on Windows.
It seems like a lot of overhead to call access() for every possible extension
defined in PATHEXT, but apparently this is what Windows does itself too. At
least this avoids calling system() when the script one is looking for does not
exist at all.

Since the tinc utility also needs to call scripts, execute_script() is now
split off into its own source file.
2013-08-23 21:23:46 +02:00
Guus Sliepen
8f84244458 Don't force a .bat extension for scripts under Windows. 2013-08-18 18:20:41 +02:00
Guus Sliepen
a38e0d6213 Use umask() to set file and UNIX socket permissions without race conditions.
As mentioned by Erik Tews, calling fchmod() after fopen() leaves a small window
for exploits. As long as tinc is single-threaded, we can use umask() instead to
reduce file permissions. This also works when creating the AF_UNIX control socket.

The umask of the user running tinc(d) is used for most files, except for the
private keys, invitation files, PID file and control socket.
2013-08-02 19:28:34 +02:00
Guus Sliepen
a1f4f14c6c Defer handling netname conflicts when accepting an invitation.
In case no explicit netname of configuration directory is specified when
accepting an invitation, the netname specified in the invitation data is
used. However, this new netname is only known after making the connection
to the server. If the new netname conflicts with an existing one at the
client, we ask the user for a netname that doesn't conflict. However, we
should first finish accepting the invitation, so we don't run into the
problem that the server times out and cancels the invitation. So, we create
a random netname and store the files there, and only after we finish
accepting the invitation we ask the user for a better netname, and then
just rename the temporary directory to the final name.
2013-07-26 15:48:52 +02:00
Guus Sliepen
37cca72e6c Choose a different Port when 655 isn't available when doing "tinc join". 2013-07-26 14:53:36 +02:00
Guus Sliepen
8f2db4afdd Choose a different Port when 655 isn't available when doing "tinc init".
If port 655 cannot be bound to when using the init command, tinc will try to
find a random port number that can be bound to, and will add the appropriate
Port variable to its host config file. A warning will be printed as well.
2013-07-26 14:17:15 +02:00
Guus Sliepen
d1e01bc880 Allow control-C to stop tincd without stopping the tinc shell. 2013-07-25 17:30:47 +02:00
Guus Sliepen
d219fe2c09 Warn when incorrect use of add or set causes variables to be removed. 2013-07-25 17:30:47 +02:00
Guus Sliepen
5fca595b80 Honour umask, let temporary key files inherit original's permissions.
During the init command, tinc changed the umask to 077 when writing the public
and private key files, to prevent the temporary copies from being world
readable. However, subsequently created files would therefore also be
unreadable for others. Now we don't change the umask anymore, therefore
allowing the user to choose whether the files are world readable or not by
setting the umask as desired. The private key files are still made unreadable
for others of course. Temporary files now inherit the permissions of the
original, and the tinc-up script's permissions now also honour the umask.
2013-07-22 23:05:07 +02:00
Guus Sliepen
b03bbaa385 Allow extra options to be passed to "tinc restart" again. 2013-07-21 00:20:54 +02:00
Guus Sliepen
fb1e69072e Add missing definitions on Windows. 2013-07-17 18:00:40 +02:00
Guus Sliepen
24e3ec863e Add connection rate limiting.
Tinc now strictly limits incoming connections from the same host to 1 per
second. For incoming connections from multiple hosts short bursts of incoming
connections are allowed (by default 100), but on average also only 1 connection
per second is allowed.

When an incoming connection exceeds the limit, tinc will keep the connection in
a tarpit; the connection will be kept open but it is ignored completely. Only
one connection is in a tarpit at a time to limit the number of useless open
connections.
2013-07-11 23:38:38 +02:00
Guus Sliepen
ce5e0f6557 Allow the log output to be stopped with control-C in tinc's shell. 2013-05-30 17:38:48 +02:00
Guus Sliepen
6bf3595a91 Better optional argument handling.
Some options can take an optional argument. However, in this case GNU getopt
requires that the optional argument is right next to the option without
whitespace inbetween. If there is whitespace, getopt will treat it as a
non-option argument, but tincd ignored those without a warning. Now tincd will
allow optional arguments with whitespace inbetween, and will give an error when
it encounters any other non-option arguments.

The tinc binary now requires that all options for itself are given before the
command.
2013-05-30 16:53:16 +02:00
Guus Sliepen
ced4c1a327 Add an invitation protocol.
Using the tinc command, an administrator of an existing VPN can generate
invitations for new nodes. The invitation is a small URL that can easily
be copy&pasted into email or live chat. Another person can have tinc
automatically setup the necessary configuration files and exchange keys
with the server, by only using the invitation URL.

The invitation protocol uses temporary ECDSA keys. The invitation URL
consists of the hostname and port of the server, a hash of the server's
temporary ECDSA key and a cookie. When the client wants to accept an
invitation, it also creates a temporary ECDSA key, connects to the server
and says it wants to accept an invitation. Both sides exchange their
temporary keys. The client verifies that the server's key matches the hash
in the invitation URL. After setting up an SPTPS connection using the
temporary keys, the client gives the cookie to the server. If the cookie
is valid, the server sends the client an invitation file containing the
client's new name and a copy of the server's host config file. If everything
is ok, the client will generate a long-term ECDSA key and send it to the
server, which will add it to a new host config file for the client.

The invitation protocol currently allows multiple host config files to be
send from the server to the client. However, the client filters out
most configuration variables for its own host configuration file. In
particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and
AutoConnect. Also, at the moment no tinc-up script is generated.

When an invitation has succesfully been accepted, the client needs to start
the tinc daemon manually.
2013-05-29 18:31:10 +02:00
Guus Sliepen
5b07039b07 Rename xmalloc_and_zero() to xzalloc().
The former name is more or less only used by tinc, the latter is used by other
projects as well, and shorter as well.
2013-05-01 17:31:33 +02:00
Guus Sliepen
9b9230a0a7 Use conditional compilation for cryptographic functions.
This gets rid of the rest of the symbolic links. However, as a consequence, the
crypto header files have now moved to src/, and can no longer contain
library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t
and rsa_t are now all opaque types, and only pointers to those types can be
used.
2013-05-01 17:17:22 +02:00
Guus Sliepen
43c72093ad Don't try to create tinc.conf when using set or add commands.
It is almost certainly an error. If one really wants to create a new tinc.conf
file, one should use the init command.
2013-04-28 19:33:04 +02:00
Guus Sliepen
9e2ae03d1d Fix completion of add/del/get/set commands. 2013-03-12 11:28:40 +01:00
Guus Sliepen
23a634becf Rename tincctl to tinc. 2013-03-08 16:22:56 +01:00
Guus Sliepen
af77e5d475 Allow changing configuration with tincctl without the "config" keyword.
This saves typing some characters, and forces one to be more explicit about the
desired command (get, set).
2013-03-08 11:40:40 +01:00
Guus Sliepen
1d226977a4 Better default output file for generated public keys. 2013-03-08 11:24:37 +01:00
Guus Sliepen
1bb969c930 Fix a tiny memory leak.
Found by cppcheck.
2013-02-20 13:59:50 +01:00
Guus Sliepen
d21f63d5b3 Don't expect a response from tincd after sending REQ_STOP. 2013-02-08 16:44:50 +01:00
Guus Sliepen
cc3c69c892 Releasing 1.1pre5. 2013-01-20 21:03:22 +01:00
Guus Sliepen
94587264bd Allow connections via UNIX sockets.
This is mainly useful for control connections. The client must still present
the control cookie from the PID file.
2013-01-17 18:12:55 +01:00
Guus Sliepen
f5bb64b36a Move make_names() and related variables to its own source file. 2013-01-17 16:39:02 +01:00
Guus Sliepen
b50a92d0c3 Add the tincctl exchange and exchange-all commands.
These are identical to an export/export-all followed by an import, and make
it simpler to exchange host config files with other nodes.
2013-01-15 13:31:51 +01:00
Guus Sliepen
83a94ab08f Always complain if too many arguments are given for tincctl commands. 2013-01-14 13:02:39 +01:00