j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
1797 commits 2 branches 0 tags 10 MiB
Commit graph

181 commits

Author SHA1 Message Date
Michael Tokarev
6698f7c390 Rename setup_network_connections() and split out try_outgoing_connections() 
In preparation of chroot/setuid operations, split out call to
try_outgoing_connections() from setup_network_connections()
(which was the last call in setup_network_connections()).
This is because dropping privileges should be done in-between
setup_network_connections() and try_outgoing_connections().

This patch renames setup_network_connections() to setup_network()
and moves call to try_outgoing_connections() into main routine.

No functional changes.
 2009-05-18 14:34:24 +02:00
Guus Sliepen
08aabbf931 Merge branch 'master' into 1.1 
Conflicts:
	NEWS
	README
	doc/tinc.conf.5.in
	doc/tinc.texi
	po/nl.po
	src/conf.c
	src/connection.c
	src/event.c
	src/graph.c
	src/net.c
	src/net_packet.c
	src/net_socket.c
	src/node.c
	src/node.h
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
	src/protocol_misc.c
	src/subnet.c
	src/subnet.h
	src/tincd.c
 2009-03-09 19:02:24 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
23730375f2 Disable old RSA keys when generating new ones. 
When generating an RSA keypair, the new public and private keys are appended to
files. However, when OpenSSL reads keys it only reads the first in a file, not
the last. Instead of printing an easily ignored warning, tinc now disables old
keys when appending new ones.
 2009-02-03 14:54:45 +01:00
Guus Sliepen
0d0dfd0852 Validate Name before using it in a filename when generating a keypair. 2009-01-20 14:21:50 +01:00
Guus Sliepen
a39a9506cd Move free()s at the end om main() to the proper destructor functions. 2009-01-09 12:36:06 +01:00
Guus Sliepen
67df7fb7e1 Only send packets via UDP if UDP communication is possible. 
When no session key is known for a node, or when it is doing PMTU discovery but
no MTU probes have returned yet, packets are sent via TCP. Some logic is added
to make sure intermediate nodes continue forwarding via TCP.  The per-node
packet queue is now no longer necessary and has been removed.
 2009-01-03 22:33:55 +01:00
Guus Sliepen
099bc56f53 Apply patch from Max Rijevski fixing a memory leak when closing connections. 
It also cleans up more when stopping tinc, helping tools like valgrind.
 2008-12-23 23:14:37 +00:00
Guus Sliepen
e9576632dc Update copyright information. 2008-12-22 20:27:52 +00:00
Guus Sliepen
636200d1a2 Remove unnecessary parentheses from sizeof, apply sizeof to variables instead of types whereever possible. 2008-12-11 15:56:18 +00:00
Guus Sliepen
046158a216 Use the crypto wrappers again instead of calling OpenSSL directly. 
This theoretically allows other cryptographic libraries to be used,
and it improves the readability of the code.
 2008-12-11 14:44:44 +00:00
Scott Lamb
fe2f1fceb5 Use a control socket directory to restrict access 
This provides reasonable security even on Solaris. The sysadmin is
responsible for securing the control socket's ancestors from the
grandparent on.

We could add a cryptographic handshake later if desired.
 2007-11-08 19:18:44 +00:00
Scott Lamb
40731d030f Temporarily revert to old crypto code 
(The new code is still segfaulting for me, and I'd like to proceed with other
work.)

This largely rolls back to the revision 1545 state of the existing code
(new crypto layer is still there with no callers), though I reintroduced
the segfault fix of revision 1562.
 2007-11-07 02:47:05 +00:00
Guus Sliepen
6c453769fd Apply patch from Scott Lamb: Update documentation to match tincctl changes 2007-09-04 15:06:35 +00:00
Guus Sliepen
f8733d1935 Fix formatting of --help output. 2007-09-04 14:58:11 +00:00
Guus Sliepen
1b8f891836 Finish crypto wrapping. Also provide wrappers for OpenSSL. 
Disable libgcrypt by default. Since it doesn't support the OFB cipher mode,
we can't use it in a backwards compatible way.
 2007-05-23 13:45:49 +00:00
Guus Sliepen
e9043e17c7 Move key generation to tincctl. 2007-05-19 14:55:35 +00:00
Guus Sliepen
bf8e3ce13d Remove pidfile in favour of control socket. 2007-05-19 14:13:21 +00:00
Guus Sliepen
ce976717ea We can safely delete a connection_t in terminate_connection() now. 2007-05-19 12:07:30 +00:00
Guus Sliepen
01f47c46af Start of control socket implementation. 2007-05-18 16:52:34 +00:00
Guus Sliepen
3909b8e51b Remove the last bits of the legacy main_loop(). 2007-05-18 09:43:52 +00:00
Scott Lamb
38c25d62c2 Convert to libevent. 
This is a quick initial conversion that doesn't yet show much advantage:
- We roll our own timeouts.
- We roll our own signal handling.
- We build up the meta connection fd events on each loop rather than
  on state changes.
 2007-02-27 01:57:01 +00:00
Guus Sliepen
a1e72f84d0 Update copyright notices. 2007-01-05 13:18:36 +00:00
Guus Sliepen
47d916ec5e Search for lzo/lzo1x.h, lzo2/lzo1x.h and lzo1x.h. 2006-11-29 17:18:39 +00:00
Guus Sliepen
8d393b30a9 Support and autodetect LZO version 2.0 and later. 2006-11-11 20:10:46 +00:00
Guus Sliepen
de78d79db8 Update copyright notices, remove Ivo's email address. 2006-04-26 13:52:58 +00:00
Guus Sliepen
e02f13cdb3 EVP_Cleanup() when quitting. 2006-01-13 11:09:19 +00:00
Guus Sliepen
0912260755 Enable OpenSSL ENGINE, so crypto hardware gets used. Thanks to Andreas van Cranenburgh. 2005-11-16 10:45:11 +00:00
Guus Sliepen
df3220a154 Update copyright notices. 2005-05-04 18:09:30 +00:00
Guus Sliepen
b0a80007e8 Fix several #includes. 2004-10-01 18:23:08 +00:00
Guus Sliepen
7926a156e5 Update copyrights, links, email addresses and let Subversion update $Id$ keywords. 2004-03-21 14:21:22 +00:00
Guus Sliepen
331cef948d Don't retry if configuration is wrong from the beginning. 2003-12-07 14:31:09 +00:00
Guus Sliepen
5900c07fab PIDs are of type pid_t, and use %ld when reading/writing them to the pidfile. 2003-10-06 16:13:08 +00:00
Guus Sliepen
eeb97e3ef4 Generate keys with 0x10001 as public exponent, which has less prime factors 
than 0xFFFF.
 2003-09-25 10:34:16 +00:00
Guus Sliepen
cbf5a741aa Remove pidfile when exitting. 2003-09-08 21:52:47 +00:00
Guus Sliepen
5e7c52610f Fix --logfile under Windows. 2003-08-17 09:03:30 +00:00
Guus Sliepen
9bde92ce97 Simpler checking of permissions on private RSA key and other fixes. 2003-08-08 22:11:54 +00:00
Guus Sliepen
bb2f18a3fc Under Windows, the installation directory can be found in the registry. 2003-08-08 19:45:21 +00:00
Guus Sliepen
fa9c00733e Old gcc compilers don't like declarations in the middle of a function. 2003-08-03 09:55:20 +00:00
Guus Sliepen
a65011b3c5 Clean up last part of main(). 2003-08-03 09:08:52 +00:00
Guus Sliepen
e6e3281458 Missing include. 2003-08-02 21:33:52 +00:00
Guus Sliepen
f08fc359a0 Install tinc as a service under Windows (MinGW). Remove cleanup_and_exit(), 
either exit() directly on errors or let main_loop() shutdown gracefully.
 2003-08-02 20:50:38 +00:00
Guus Sliepen
fcbe29bc4c No C99 initialisers, gcc 2.95.3 doesn't like it. 
Also make sure getopt.h is included.
 2003-07-30 11:50:45 +00:00
Guus Sliepen
721e4caee0 Native Windows support. 2003-07-29 22:59:01 +00:00
Guus Sliepen
0e94541331 More checks for missing functions. 2003-07-28 22:06:09 +00:00
Guus Sliepen
eefa28059a Use bools and enums where appropriate. 2003-07-22 20:55:21 +00:00
Guus Sliepen
471308e163 Option to specify pidfile location. 2003-07-22 12:58:34 +00:00
Guus Sliepen
2f2defc452 Check for sys/mman.h. 2003-07-21 13:18:44 +00:00
Guus Sliepen
e449d94cae Big header file cleanup: everything that has to do with standard system 
libraries is moved to system.h.
 2003-07-17 15:06:27 +00:00
Guus Sliepen
5db596c684 Simplify logging, update copyrights and some minor cleanups. 2003-07-12 17:41:48 +00:00
Guus Sliepen
1401faf608 Sprinkling the source with static and attributes. 2003-07-06 23:16:29 +00:00
Guus Sliepen
0b9175e998 Define logger(), cleans up source code and allows us to write log entries 
to a separate file.
 2003-07-06 22:11:37 +00:00
Guus Sliepen
81f5713ab7 - simplify configure.in 
- drop support for OpenSSL < 0.9.7
- add some missing definitions/includes
 2003-07-06 17:15:25 +00:00
Guus Sliepen
9e02a3d563 Call make_names() before doing anything else. 2003-06-11 19:07:56 +00:00
Guus Sliepen
6ba4e2da55 Small fixes to make LZO compression work. 2003-05-06 23:14:45 +00:00
Guus Sliepen
1783a3aaa9 Various fixes for autoconf and OpenSSL 0.9.7 and a missing header. 2003-01-17 00:43:58 +00:00
Guus Sliepen
5eca9520d9 Small fixes so tinc compiles out of the box on SunOS 5.8 2002-09-15 14:55:54 +00:00
Guus Sliepen
38c80bdd46 MacOS/X needs #define _P1003_1B_VISIBLE in order to use mlockall(). 2002-09-15 12:26:04 +00:00
Guus Sliepen
f75dcef72a Switch to K&R style indentation. 2002-09-09 21:25:28 +00:00
Guus Sliepen
5fc1ed17f4 Cleanups: 
- Convert cp to cp(); so that automatic indenters work.
 - Convert constructions like if(x == NULL) to if(!x).
 - Move all assignments out of conditions.
 2002-09-09 19:40:12 +00:00
Guus Sliepen
227ccd3a8a Allow tincd to be locked into main memory. 2002-07-16 13:12:49 +00:00
Guus Sliepen
627f7c22b4 s/sliepen.warande.net/sliepen.eu.org/g 
s/itimmermans@bigfoot.com/ivo@o2w.nl/g
 2002-06-21 10:11:37 +00:00
Guus Sliepen
116ba3b3da Cleanup: 
- Remove checks for specific OS's, instead check for #defines/#includes.
 - Use uint??_t where appropriate.
 - Mask handling functions use void pointers to get rid of silly casts.
 2002-06-08 12:57:10 +00:00
Guus Sliepen
4fda4560bb Cleanups, spelling fixes, allow symbol names for signals (-k option), 
don't remove pidfile if other tincd is still running.
 2002-03-11 11:23:04 +00:00
Guus Sliepen
f0aa9641e8 Merging of the entire pre5 branch. 2002-02-10 21:57:54 +00:00
Ivo Timmermans
4f47da5b87 Don't include netutl.h. 2001-11-16 22:40:26 +00:00
Guus Sliepen
94497336ef What was I thinking? s/vertex/edge/g. 2001-10-28 08:41:19 +00:00
Guus Sliepen
b98d9787fd Various small fixes to make tinc runnable again. 2001-10-27 15:19:13 +00:00
Guus Sliepen
82e3837109 Big bad commit: 
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c

It compiles, but it won't link.
 2001-10-27 12:13:17 +00:00
Guus Sliepen
68e23b1c9e Optional signal number for -k option. 2001-09-01 12:36:53 +00:00
Guus Sliepen
43923d2b10 Write public key to rsa_key.pub instead of rsa_key.priv (if not host 
configuration file is found).
 2001-07-24 20:04:22 +00:00
Guus Sliepen
37ed4265fa Remove all unnecessary status.meta and status.active checks. 2001-07-20 13:54:19 +00:00
Guus Sliepen
5dc4ade0b9 Don't load table of verbose OpenSSL errormessages. 2001-07-04 08:43:32 +00:00
Guus Sliepen
1e2bdc2b6d - Always use <openssl/include.h> instead of just <include.h> 
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
 2001-07-04 08:41:36 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only) 
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
 2001-06-05 16:09:55 +00:00
Guus Sliepen
7db1b999c8 Make sure Solaris is happy too. 2001-05-28 08:56:57 +00:00
Guus Sliepen
125c497881 Various small fixes. 2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
e250d64300 Add missing \n. 2001-02-25 14:51:42 +00:00
Guus Sliepen
a56df1e06b - Allow ASN1 style keys to be in the config files. 
Note: tinc ignores private key in the main config file, tinc.conf,
  because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
  the public key to the host configuration file (otherwise rsa_key.pub).
 2001-01-13 16:36:23 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path 
- By default write keys to tinc config directory
- Small fix in protocol.c
 2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate 
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
 2001-01-05 23:53:53 +00:00
Ivo Timmermans
bc22ee16e6 Option -d accepts an argument to set the debug level immediately. 2000-12-03 12:23:06 +00:00
Ivo Timmermans
54ef13bf75 Implemented a readline() function that will read an entire line into a 
dynamically allocated buffer;

Ask for a file name in ask_and_safe_open().
 2000-11-29 14:24:40 +00:00
Ivo Timmermans
3ff76eb10a Save RSA public and private keys to a separate file, instead of 
wanting to copy them into a configuration file.
 2000-11-28 23:12:57 +00:00
Guus Sliepen
cf49b2c064 Another big & bad commit: 
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
  anyway something MIGHT just be configured which is necessary for further
  execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
 2000-11-24 23:13:07 +00:00
Guus Sliepen
394ed3fb17 - Write pidfile AFTER detaching... 
- Minor cleanups
 2000-11-22 19:14:09 +00:00
Ivo Timmermans
2ed6813404 Honor the --localstatedir option to configure, instead of hardcoded /var. 2000-11-22 16:19:07 +00:00
Guus Sliepen
3a6200c1e3 - Various small fixes. 2000-11-20 22:13:14 +00:00
Ivo Timmermans
9024e01ce6 Also include process.h 2000-11-20 18:06:17 +00:00
Ivo Timmermans
5d1145f2c4 Move more functions from tincd.c into process.c. 2000-11-16 22:12:23 +00:00
Ivo Timmermans
2764532ea7 Move all process-related functions into process.c. 2000-11-16 17:54:29 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during 
configure.
 2000-11-15 01:06:13 +00:00
Guus Sliepen
16847ea255 - Make checkpoint tracing a compile time option (off by default) 2000-11-08 20:52:37 +00:00
Guus Sliepen
74326df7ad - Fixed --config 
- Show warning when both netname and config directory are given.
 2000-11-08 00:20:06 +00:00
Guus Sliepen
f8f1007bf4 Porting to SunOS 5.8: 
- More #includes Linux doesn't seem to need
- Don't do unsetenv() on SunOS
- Use a replacement asprintf() in case the OS doesn't support it
It now compiles properly under SunOS.
 2000-11-08 00:10:50 +00:00
Ivo Timmermans
4ad1e382d6 Save the environment on startup. 2000-11-03 22:31:55 +00:00
Guus Sliepen
b4c1d4e2d3 - Fixed some spelling mistakes and terminology here and there. 2000-10-30 10:19:06 +00:00
Guus Sliepen
4811afa073 - Small cleanups 
- Updated dutch translation
- Updated man pages
 2000-10-30 00:22:54 +00:00