Commit graph

359 commits

Author SHA1 Message Date
Guus Sliepen
61e71ab74a Terminate a connection on any error. Furthermore, disallow del_host,
add_host and other important requests until remote host has properly
authenticated itself.
2000-05-27 20:23:01 +00:00
Guus Sliepen
cc01b18bc6 Made tinc persistent. If no outgoing connection can be established right
after the start of the daemon, it won't quit anymore but will retry in 5
minutes. Also, 5 minutes is now the maximum time to wait for a retry.
2000-05-27 19:44:04 +00:00
Guus Sliepen
028659bfbf Fixed typos. When terminating a connection, it's status is not only set to
remove=1 but also active=0.
2000-05-27 19:23:20 +00:00
Guus Sliepen
e4ff969a98 Fix for a DoS attack:
A remote user could telnet to the tinc daemon and type only this line:
 61 6 00000000/00000000:28f
 This would deny any packets to be sent to other tinc networks (except
 for to the hosts that run tincd's themselves). Solution is to skip
 hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
 If a new connection is accepted but a connection with the same subnet
 would already exist in the connection list, the OLD connection is
 terminated.
2000-05-27 19:04:12 +00:00
Guus Sliepen
85963f4c85 Stub for VpnMask config directive. 2000-05-16 13:09:15 +00:00
Ivo Timmermans
7e817fcf0f Unlimited length in the config file, thanks to Cris van Pelt. 2000-05-15 18:28:45 +00:00
Ivo Timmermans
803f908078 Give IP address instead of hex number when connecting tcp socket failed. 2000-05-14 21:07:16 +00:00
Ivo Timmermans
de09916ead Only print an error with send_termreq if debug_lvl is 2 or more. 2000-05-14 13:50:10 +00:00
Guus Sliepen
9d023b1f2e Fixed typos. 2000-05-14 13:06:52 +00:00
Guus Sliepen
e20e143f1e Changed ping behaviour (backwards compatible). If we don't have any data
to send, we don't need to check if the connection is still alive.
Furthermore, if we receive any kind of data from the other end, we know
it's alive, so we don't need to check it either. So, PING requests are
only sent if we send packets but there is no response.
2000-05-14 13:02:20 +00:00
Guus Sliepen
ee96ccabbb Cleanups. 2000-05-14 12:22:42 +00:00
Guus Sliepen
8caa1b9d75 Proxymode removed. 2000-05-14 11:39:18 +00:00
Guus Sliepen
d0ba34ccae Added new config variable "ProxyMode". If enabled, all outgoing packets
are sent to the uplink (ConnectTo), which will have to forward them for
us (kernel should do that). This is for people behind firewalls.
2000-05-08 18:44:15 +00:00
Ivo Timmermans
74b0cbecce Include sys/types.h. 2000-05-04 23:17:02 +00:00
Ivo Timmermans
2f7e532d70 Don't link in libdl. 2000-05-04 23:16:43 +00:00
Guus Sliepen
a083b1cf30 Squashed gcc warning. 2000-05-03 18:02:15 +00:00
Guus Sliepen
7853247523 Fixes typo and UDP network byte order. 2000-05-03 17:59:07 +00:00
Guus Sliepen
505b5ec2cd Outgoing packets now use network byte order in header. 2000-05-03 15:37:32 +00:00
Guus Sliepen
89610e3fba Replaced sprintf() by safer snprintf(), removed possible buffer overflow
by one byte.
2000-05-02 10:16:50 +00:00
Guus Sliepen
aeccaca829 Previous fix fixed. Meta protocol should be really flawless from now on! 2000-05-02 09:55:34 +00:00
Guus Sliepen
989d7edc07 Fixed small mistake that would prevent forwarding requests. 2000-05-02 09:10:33 +00:00
Ivo Timmermans
a9247e6f2c Fixed meta protocol. 2000-05-01 21:31:59 +00:00
Guus Sliepen
ca6abd41ea Meta protocol overhaul. Tinc is now incompatible with previous versions,
furthermore this version does NOT work yet because of a problem with
sending keys (these should be converted to base36 or something like that).
It is possible to telnet to the tinc daemon now and type some commands
by hand though :).
2000-05-01 18:07:12 +00:00
Ivo Timmermans
33cfdf43f4 Key forwarding, write one byte extra. 2000-04-30 20:48:48 +00:00
Ivo Timmermans
75d351eaf1 Protocol fix (ANS_KEY). This breaks 0.3.3 protocol compatibility. 2000-04-30 19:49:49 +00:00
Ivo Timmermans
b4290c3f43 Send one less byte from an ANS_KEY request. 2000-04-30 19:03:00 +00:00
Ivo Timmermans
d878230ebe Read one less byte from an ANS_KEY request. 2000-04-30 18:57:16 +00:00
Ivo Timmermans
789a4c4f40 Removed debug messages. 2000-04-30 16:34:31 +00:00
Ivo Timmermans
eb1c9814e6 Read public keys the right way (tm). 2000-04-30 16:31:23 +00:00
Ivo Timmermans
ca73b722cb New way of handling the meta protocol. 2000-04-30 16:11:05 +00:00
Ivo Timmermans
cd12345032 Replaced check for status.active by status.dataopen in check_network_activity. 2000-04-30 13:23:53 +00:00
Ivo Timmermans
4b076ee87f Initially, the vpn_mask of a connection is 255.255.255.255 to avoid confusion with lookup_conn. 2000-04-30 01:16:51 +00:00
Ivo Timmermans
1c007c0627 Got rid of the nasty hacks... and replaced it by another one. 2000-04-30 01:15:47 +00:00
Ivo Timmermans
c027459914 Filled up the protocol structs with unused bytes. 2000-04-29 20:39:36 +00:00
Guus Sliepen
2371551014 Oops! Reference to write_n() removed and changed into neat write() call. 2000-04-28 11:33:25 +00:00
Guus Sliepen
bb8fff92e1 Removed write_n() function. 2000-04-27 20:57:18 +00:00
Ivo Timmermans
4fec0cc457 Default config file name is tinc.conf, and pidfile is tinc.pid. 2000-04-27 13:47:51 +00:00
Guus Sliepen
44f9449888 Cleanups:
- Changed recv/send calls into read/write calls for streams
- Made all sizeof() functions use a variable name instead of type
2000-04-26 17:42:55 +00:00
Guus Sliepen
8efe4874da Converted every &variable[0] to variable. 2000-04-25 22:15:28 +00:00
Ivo Timmermans
643d8712eb Debug level tweaking. 2000-04-25 22:00:49 +00:00
Guus Sliepen
468f1d2efc When trying to talk to a host that is in the netmask of a tinc server but
not the tinc server itself, and no keys have been exchanged yet, the key
request would be directed to the host instead of the server. Fixed.
2000-04-25 20:50:59 +00:00
Guus Sliepen
dad90e82d3 Fixed typo and removed some unnecessary variables. 2000-04-25 20:17:44 +00:00
Guus Sliepen
5b72422857 Packet queues fixed. They caused the trouble when resending keys. 2000-04-25 20:10:37 +00:00
Guus Sliepen
3a33568652 Added checkpoints to beginning and ending of every function. 2000-04-25 18:57:23 +00:00
Ivo Timmermans
e1e590fe9a Propagate CFLAGS from configure to gcc. 2000-04-25 15:08:10 +00:00
Guus Sliepen
16d581be68 Bug found! Wrong pointer was used for handling multiple ADD_HOST requests
at once. (See line 606.)
2000-04-24 09:39:50 +00:00
Guus Sliepen
f6802d349d Added extra checks for desynchronized connection lists. Hopefully this will
fix those strange segmentation faults.
2000-04-24 08:32:57 +00:00
Ivo Timmermans
0b02ebc4d9 Address for bugreports changed to tinc@nl.linux.org. 2000-04-18 16:04:10 +00:00
Ivo Timmermans
93287d2b2c Default passphrase length of 1024, added -h/--help options. 2000-04-17 17:04:33 +00:00
Ivo Timmermans
9c2ac77594 Check if stdout is a terminal, if so, print a verbose message. 2000-04-17 16:59:42 +00:00
Ivo Timmermans
c924689690 Check for an illegal length of passphrase in read_passphrase(). 2000-04-17 16:52:58 +00:00
Ivo Timmermans
baebae2749 Pass the requested size from xmalloc() and xrealloc() on to xalloc_fail_func() 2000-04-17 16:23:29 +00:00
Ivo Timmermans
210a92cae9 Only one round of reading bits out of urandom;
Reading `bytes' bytes out of it;
Print a newline after completion.
2000-04-17 15:38:47 +00:00
Ivo Timmermans
18e044bde3 New option -D, don't detach. 2000-04-06 18:28:29 +00:00
Ivo Timmermans
523c80c4e3 Ignore SIGCHLD. 2000-03-28 19:16:27 +00:00
Ivo Timmermans
f2076e3e70 Kill the parent after any error conditions in detach(). 2000-03-28 19:09:52 +00:00
Ivo Timmermans
98de35c742 Upon regeneration, free the old encryption key `securely\' by overwriting it. 2000-03-27 22:59:16 +00:00
Ivo Timmermans
b50523dc44 Get rid of the message `zxnrbl\'. 2000-03-27 22:30:27 +00:00
Ivo Timmermans
1243156a5e Initial revision 2000-03-26 00:33:07 +00:00