Commit graph

94 commits

Author SHA1 Message Date
Guus Sliepen
7a71d48009 Use a status bit to track which nodes use SPTPS. 2012-07-31 21:43:49 +02:00
Guus Sliepen
153abaa4d9 Use datagram SPTPS for packet exchange between nodes.
When two nodes which support SPTPS want to send packets to each other, they now
always use SPTPS. The node initiating the SPTPS session send the first SPTPS
packet via an extended REQ_KEY messages. All other handshake messages are sent
using ANS_KEY messages. This ensures that intermediate nodes using an older
version of tinc can still help with NAT traversal. After the authentication
phase is over, SPTPS packets are sent via UDP, or are encapsulated in extended
REQ_KEY messages instead of PACKET messages.
2012-07-30 18:36:59 +02:00
Guus Sliepen
4e0fc52197 Fix various compiler warnings. 2012-07-21 13:53:22 +02:00
Guus Sliepen
1d4590ca5c Prefer routes with lower weight as long as they do not increase the number of hops.
This should improve traffic to nodes that are not directly reachable somewhat.
2012-07-20 20:35:07 +02:00
Guus Sliepen
86c2990327 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Conflicts:
	NEWS
	README
	configure.in
	src/Makefile.am
	src/conf.c
	src/conf.h
	src/connection.c
	src/net.c
	src/tincd.c
2012-03-25 23:35:31 +01:00
Guus Sliepen
4712d8f92e Update copyright notices. 2012-03-10 13:23:08 +01:00
Guus Sliepen
8ac096b5bf Allow log messages to be captured by tincctl.
This allows tincctl to receive log messages from a running tincd,
independent of what is logged to syslog or to file. Tincctl can receive
debug messages with an arbitrary level.
2012-02-26 18:37:36 +01:00
Guus Sliepen
8b1ad6f76f Go back to breadth first search for path finding.
If 1.1.x nodes using Dijkstra's algorithm are mixed with 1.0.x nodes using BFS,
then routing loops can occur.
2012-02-25 23:03:09 +01:00
Guus Sliepen
f5dc136cfd Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Conflicts:
	src/net.c
	src/net_packet.c
	src/net_socket.c
2012-02-23 13:26:01 +01:00
Guus Sliepen
5a28aa7b8b Add LocalDiscovery option which tries to detect peers on the local network.
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
2012-02-22 23:17:43 +01:00
Guus Sliepen
33f241d978 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Conflicts:
	NEWS
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	lib/pidfile.h
	lib/xalloc.h
	lib/xmalloc.c
	src/conf.c
	src/conf.h
	src/connection.c
	src/connection.h
	src/event.c
	src/graph.c
	src/graph.h
	src/net.c
	src/net.h
	src/node.h
	src/openssl/crypto.c
	src/process.c
	src/protocol.c
	src/protocol_key.c
	src/route.c
2011-06-06 20:42:15 +02:00
Guus Sliepen
6d08eb1614 Fix sparse warnings and add an extra sprinkling of const.
This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1
branch.
2011-05-28 23:36:52 +02:00
Sven-Haegar Koch
f4010694b3 sparse fixup: warning: non-ANSI function declaration of function '...' 2011-05-28 15:24:39 +02:00
Sven-Haegar Koch
d772289f6d sparse fixup: warning: symbol '...' was not declared. Should it be static? 2011-05-28 15:24:39 +02:00
Guus Sliepen
8ddcad5fa1 Check if an event is initialized before calling event_del().
Libevent prints a warning to stderr if we do that.
2011-05-22 13:24:01 +02:00
Guus Sliepen
ce8775000a Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Conflicts:
	NEWS
	README
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	src/bsd/device.c
	src/dropin.h
	src/net.c
	src/net_packet.c
	src/node.c
	src/process.c
	src/tincd.c
2011-05-09 21:35:14 +02:00
Guus Sliepen
67766d65f0 Update THANKS and copyright information. 2011-05-08 21:22:20 +02:00
Guus Sliepen
0aa86d4b8b Do not set indirect flag on edges from nodes with multiple addresses.
Since tinc now handles UDP packets with a different source address and port
than used for TCP connections, the heuristic to treat edges as indirect when
tinc could detect that multiple addresses were used does not make sense
anymore, and can actually reduce performance.
2011-03-09 09:34:56 +01:00
Sven-Haegar Koch
103543aa2c Merge branch 'master' into 1.1
Conflicts:
	NEWS
	README
	configure.in
	have.h
	src/conf.c
	src/conf.h
	src/net.c
	src/net_packet.c
	src/protocol_key.c
	src/protocol_subnet.c
	src/route.c
	src/tincd.c
2010-03-26 16:51:03 +01:00
Guus Sliepen
40d91ff619 Update copyright notices. 2010-02-02 22:49:21 +01:00
Guus Sliepen
ed14ef93b4 Immediately exchange keys when establishing a meta connection.
This in turn will trigger PMTU discovery, and ensures nodes know each others
reflexive UDP address and port.
2010-02-02 01:02:40 +01:00
Guus Sliepen
d15099e002 Be liberal in accepting KEY_CHANGED/REQ_KEY/ANS_KEY requests.
When we got a key request for or from a node we don't know, we disconnected the
node that forwarded us that request.  However, especially in TunnelServer mode,
disconnecting does not help. We now ignore such requests, but since there is no
way of telling the original sender that the request was dropped, we now retry
sending REQ_KEY requests when we don't get an ANS_KEY back.
2010-01-23 18:48:01 +01:00
Guus Sliepen
d6c50eb73a Merge branch 'master' into 1.1
Conflicts:
	src/subnet.c
2009-12-11 22:31:27 +01:00
Guus Sliepen
369fe1ab1c Forget addresses of unreachable nodes.
We clear the cached address used for UDP connections when a node becomes
unreachable. This also prevents host-up scripts from passing the old, cached
address from when the host becomes reachable again from a different address.
2009-12-08 22:18:37 +00:00
Guus Sliepen
edebf579f2 Use the TCP socket infrastructure for control sockets.
The control socket code was completely different from how meta connections are
handled, resulting in lots of extra code to handle requests.  Also, not every
operating system has UNIX sockets, so we have to resort to another type of
sockets or pipes for those anyway.  To reduce code duplication and make control
sockets work the same on all platforms, we now just connect to the TCP port
where tincd is already listening on.

To authenticate, the program that wants to control a running tinc daemon must
send the contents of a cookie file. The cookie is a random 256 bits number that
is regenerated every time tincd starts. The cookie file should only be readable
by the same user that can start a tincd.

Instead of the binary-ish protocol previously used, we now use an ASCII
protocol similar to that of the meta connections, but this can still change.
2009-11-07 23:43:25 +01:00
Guus Sliepen
7ea85043ac Merge branch 'master' into 1.1
Conflicts:
	NEWS
	configure.in
	lib/Makefile.am
	lib/pidfile.c
	lib/pidfile.h
	lib/utils.c
	po/POTFILES.in
	po/nl.po
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/cygwin/device.c
	src/edge.c
	src/event.c
	src/graph.c
	src/linux/device.c
	src/meta.c
	src/mingw/device.c
	src/net.c
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/process.c
	src/protocol.c
	src/protocol_auth.c
	src/protocol_edge.c
	src/protocol_key.c
	src/protocol_misc.c
	src/protocol_subnet.c
	src/raw_socket/device.c
	src/route.c
	src/solaris/device.c
	src/subnet.c
	src/tincd.c
	src/uml_socket/device.c
2009-09-29 14:55:29 +02:00
Guus Sliepen
4c85542894 Drop support for localisation.
Localised messages don't make much sense for a daemon, and there is only the
Dutch translation which costs time to maintain.
2009-09-25 00:54:07 +02:00
Guus Sliepen
a227843b73 Remove checkpoint tracing.
This feature is not necessary anymore since we have tools like valgrind today
that can catch stack overflow errors before they make a backtrace in gdb
impossible.
2009-09-25 00:33:04 +02:00
Guus Sliepen
5dde6461a3 K&R style braces.
This is essentially commit f02d3ed3e1 from the
1.1 branch, making it easier to merge between master and 1.1.
2009-09-25 00:14:03 +02:00
Guus Sliepen
ab7c61b06f Update the address of the Free Software Foundation in all copyright headers. 2009-09-25 00:01:00 +02:00
Guus Sliepen
c217d214f4 Remove all occurences of $Id$. 2009-09-24 23:39:16 +02:00
Guus Sliepen
075e6828a7 Merge branch 'master' into 1.1
Conflicts:
	have.h
	lib/dropin.c
	lib/fake-getaddrinfo.c
	lib/pidfile.c
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/connection.h
	src/graph.c
	src/mingw/device.c
	src/net.c
	src/net_setup.c
	src/node.c
	src/protocol_key.c
	src/protocol_misc.c
	src/tincd.c
2009-09-16 19:55:47 +02:00
Guus Sliepen
73d77dd416 Replace asprintf() by xasprintf(). 2009-09-08 18:18:36 +02:00
Guus Sliepen
df4add94a4 Remove pending MTU probe events when a node's reachability status changes. 2009-06-11 19:07:54 +02:00
Guus Sliepen
5a132550de Merge branch 'master' into 1.1
Conflicts:
	doc/tincd.8.in
	lib/pidfile.c
	src/graph.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/node.h
	src/protocol_auth.c
	src/protocol_key.c
	src/tincd.c
2009-06-05 23:14:13 +02:00
Guus Sliepen
3308d13e7e Handle UDP packets from different and ports than advertised.
Previously, tinc used a fixed address and port for each node for UDP packet
exchange.  The port was the one advertised by that node as its listening port.
However, due to NAT the port might be different.  Now, tinc sends a different
session key to each node. This way, the sending node can be determined from
incoming packets by checking the MAC against all session keys. If a match is
found, the address and port for that node are updated.
2009-04-03 01:05:23 +02:00
Guus Sliepen
08aabbf931 Merge branch 'master' into 1.1
Conflicts:
	NEWS
	README
	doc/tinc.conf.5.in
	doc/tinc.texi
	po/nl.po
	src/conf.c
	src/connection.c
	src/event.c
	src/graph.c
	src/net.c
	src/net_packet.c
	src/net_socket.c
	src/node.c
	src/node.h
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
	src/protocol_misc.c
	src/subnet.c
	src/subnet.h
	src/tincd.c
2009-03-09 19:02:24 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
5674bba5c5 Allow weight to be assigned to Subnets.
Tinc allows multiple nodes to own the same Subnet, but did not have a sensible
way to decide which one to send packets to. Tinc also did not check the
reachability of nodes when deciding where to route packets to, so it would not
automatically fail over to a reachable node.

Tinc now assigns a weight to each Subnet. The default weight is 10, with lower
weights having higher priority.  The Subnets are now internally sorted in the
same way as the kernel's routing table, and the Subnets are search linearly,
skipping those of unreachable nodes. A small cache of recently used addresses
is used to speed up the lookup functions.
2009-03-05 13:34:13 +01:00
Guus Sliepen
e9576632dc Update copyright information. 2008-12-22 20:27:52 +00:00
Guus Sliepen
6e80da3370 Use Dijkstra's algorithm. Based on patches from Max Rijevskiy. 2008-12-11 18:07:26 +00:00
Scott Lamb
6eaefb4dbc Dump through control socket
Note this removes SIGUSR1, SIGUSR2, and the graph dumping config option.
It seems cleaner to do everything through the control socket.
2007-11-07 02:49:25 +00:00
Guus Sliepen
fb0cfccf7d Use splay trees instead of AVL trees. 2007-05-18 10:05:26 +00:00
Guus Sliepen
f02d3ed3e1 K&R style braces 2007-05-18 10:00:00 +00:00
Guus Sliepen
531d5a904a Properly use the timeout_initialized() macro. 2007-05-17 22:17:24 +00:00
Guus Sliepen
4d0621b1f3 Use libevent to dump graphs when necessary.
event_add() can be called repeatedly, the second and later calls are ignored if
the event hasn't been removed yet.
2007-05-17 21:14:30 +00:00
Guus Sliepen
d80cc7a5cc rename() cannot replace existing files on Windows. 2007-01-05 05:44:01 +00:00
Guus Sliepen
b834d67d7c Use the correct next pointer. 2006-12-12 14:54:39 +00:00
Guus Sliepen
8b55dfacb1 When building the minimum spanning tree, make sure we start from a reachable node. 2006-12-12 14:49:09 +00:00
Guus Sliepen
0d1ac68c59 popen() requires pclose(). 2006-11-11 14:37:03 +00:00