First of all, the idea behind the TunnelServer option is to hide all other
nodes from each other, so we shouldn't forward broadcast packets from them
anyway. The other reason is that since edges from other nodes are ignored, the
calculated minimum spanning tree might not be correct, which can result in
routing loops.
Since compression can either grow or shrink a packet, the size of an MTU probe
after decompression might not reflect the real path MTU. Now we use the size
before decompression, which is independent of the compression algorithm, and
substract a safety margin such that the calculated path MTU will be safe even
for packets which grow as much as possible after compression.
Instead of a single, global decryption context, each node has its own context.
However, in send_ans_key(), the global context was initialised. This commit
fixes that and removes the global context completely.
Also only set status.validkey after all checks have been evaluated.
Previously, tinc used a fixed address and port for each node for UDP packet
exchange. The port was the one advertised by that node as its listening port.
However, due to NAT the port might be different. Now, tinc sends a different
session key to each node. This way, the sending node can be determined from
incoming packets by checking the MAC against all session keys. If a match is
found, the address and port for that node are updated.
When no session key is known for a node, or when it is doing PMTU discovery but
no MTU probes have returned yet, packets are sent via TCP. Some logic is added
to make sure intermediate nodes continue forwarding via TCP. The per-node
packet queue is now no longer necessary and has been removed.
(The new code is still segfaulting for me, and I'd like to proceed with other
work.)
This largely rolls back to the revision 1545 state of the existing code
(new crypto layer is still there with no callers), though I reintroduced
the segfault fix of revision 1562.
This is a quick initial conversion that doesn't yet show much advantage:
- We roll our own timeouts.
- We roll our own signal handling.
- We build up the meta connection fd events on each loop rather than
on state changes.
This relieves some confusion and problems during the libevent transition.
In particular, "event_add" was defined by both.
(The 't' stands for 'timeout', 'tinc', 'temporary', or some such.)
