j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
2129 commits 2 branches 0 tags 10 MiB
Commit graph

1465 commits

Author SHA1 Message Date
Guus Sliepen
86116bb022 Clear connection options and status fields in free_connection_partially(). 
Most fields should be zero when reusing a connection. In particular, when an
outgoing connection to a node which is reachable on more than one address is
made, the second connection to that node will have status.encryptout set but
outctx will be NULL, causing a NULL pointer dereference when
EVP_EncryptUpdate() is called in send_meta() when it shouldn't.
 2012-10-06 21:15:19 +02:00
Guus Sliepen
ef9358c0d6 Improve starting/stopping tincd using tincctl. 
When starting tincd, tincctl now strips non-options from the command line, and
sets argv[0] to the name of the tincd command instead of copying its own
command name.

When stopping a running tincd, tincctl now waits for it to terminate.
 2012-10-06 17:45:03 +02:00
Guus Sliepen
47f33e07ff Fix off-by-one error. 
Apart from writing 1 byte beyond an array allocated on the stack, this slipped
an unitialized byte in the seed used for key generation.
 2012-10-06 16:53:43 +02:00
Guus Sliepen
20b441a6de Libreadline might depend on libcurses. 2012-10-01 10:42:13 +02:00
Guus Sliepen
3887e6dcb5 Remove abort() call that accidentily sneaked into commit dd1b69e. 2012-10-01 10:39:15 +02:00
Guus Sliepen
0b0949e5bb Make sure sptps_test compiles without -flto. 2012-10-01 10:36:23 +02:00
Guus Sliepen
b381acd60d Remove unused function declaration. 2012-09-30 23:12:43 +02:00
Guus Sliepen
dd1b69e31f Fix not reading Port statement from host config file. 2012-09-30 22:43:48 +02:00
Guus Sliepen
6dfdb32361 Merge branch 'master' into 1.1 
Conflicts:
	lib/utils.c
	src/net_setup.c
	src/process.c
	src/protocol_auth.c
	src/protocol_key.c
	src/utils.h
 2012-09-30 15:00:47 +02:00
Guus Sliepen
c4940a5c88 Add strict checks to hex to binary conversions. 
The main goal is to catch misuse of the obsolete PrivateKey and PublicKey
statements.
 2012-09-30 13:45:47 +02:00
Guus Sliepen
3bd810ea79 Attribution for Martin Schürrer. 2012-09-30 13:45:39 +02:00
Martin Schürrer
5a161e86cf Output details of encryption errors 2012-09-30 02:04:55 +02:00
Guus Sliepen
9e76c464b2 Remove some debugging messages. 2012-09-28 17:51:48 +02:00
Guus Sliepen
e971130b60 Make tincctl robust against dropped control connections. 2012-09-28 17:36:25 +02:00
Guus Sliepen
c5325ffdd1 Correctly add/remove outgoing connections when reloading configuration. 2012-09-28 17:05:01 +02:00
Guus Sliepen
f70cbc9d3e Comment out old public/private keys when generating new ones. 2012-09-27 15:45:02 +02:00
Guus Sliepen
1f312137d5 Allow dumping either directed or undirected graphs. 
Internally, tinc maintains a directed graph of the meta connections between
nodes. However, this causes graphviz to draw two lines between nodes, which is
not always desirable. The "dump graph" command now defaults to dumping an
undirected graph, the "dump digraph" command will dump a directed graph.
 2012-09-26 23:52:36 +02:00
Guus Sliepen
d6388d782e Let tincctl parse and format dumps. 
At the moment it just reproduces the old format.
 2012-09-26 23:18:32 +02:00
Guus Sliepen
9ade39b7d5 Keep last known address and time since reachability changed. 
This allows tincctl info to show since when a node is online or offline.
 2012-09-26 22:20:43 +02:00
Guus Sliepen
1e5deec973 Remove remnants of Ethertap and old TUNSETIFF ioctl(). 2012-09-25 22:28:08 +02:00
Guus Sliepen
66e702d90d Attribution for Vil Brekin and some code style cleanups. 2012-09-24 14:02:07 +02:00
Vilbrekin
afe4bf62ec Use __ANDROID__ define rather than dirty hard-code to allow android NDK cross-compilation. 2012-09-24 13:55:29 +02:00
Vilbrekin
f2570c1b7f Replace hard-code with new ScriptsInterpreter configuration property. 
This new setting allows choosing a custom script interpreter used for the various tinc callbacks.
If none is specified, the script itself is called as executable (as before).
This is particularly useful when storing tinc configuration and script on a mount point with no-exec attribute.
 2012-09-24 13:55:24 +02:00
Vilbrekin
8a6f278fd2 Basic patch for android cross-compilation. 
Commented non-existing functions in android NDK.
Prefix scripts execution with shell binary to allow execution on no-exec mount points.
Everyything is currently hard coded, while it should use pre-compiler variables...
 2012-09-24 13:53:11 +02:00
Guus Sliepen
2dc8deb104 Ensure sptps_test compiles with -flto. 2012-09-13 21:35:29 +02:00
Guus Sliepen
90f1cba1fd Replace node_udp_tree with a hash table. 2012-09-05 13:05:48 +02:00
Guus Sliepen
4c05afd19a Use hash tables to lookup owners of addresses. 2012-09-05 12:45:36 +02:00
Guus Sliepen
6b6a025488 Add a simple hash table implementation. 2012-09-05 12:44:41 +02:00
Guus Sliepen
e9de08be0d Remove newlines at end of log messages. 2012-09-04 14:21:50 +02:00
Guus Sliepen
05dac63dbc Remove some debug messages. 2012-09-04 14:16:05 +02:00
Guus Sliepen
742f7bb04e Properly handle SPTPS packets with stripped Ethernet headers. 2012-08-30 14:21:23 +02:00
Guus Sliepen
d74b81b61e Fix node name check for "connect" and "disconnect" commands. 2012-08-30 14:00:34 +02:00
Guus Sliepen
5567c0d410 Quit when "exit" or "quit" commands are used in tincctl's shell. 2012-08-05 17:25:31 +02:00
Guus Sliepen
d18519ae21 Fix segfault when using tincctl's shell without readline. 2012-08-05 17:03:57 +02:00
Guus Sliepen
e29e0fee88 Make sure the top command can be used more than once in tincctl's shell. 2012-08-03 14:17:02 +02:00
Guus Sliepen
a57db1dfe0 Fork when using the "start" command in tincctl. 
This allows the command to be given in its shell without immediatly exiting tincctl.
 2012-08-03 14:15:50 +02:00
Guus Sliepen
36c6afede3 Add readline completion for tincctl config and tincctl info. 2012-08-03 13:23:07 +02:00
Guus Sliepen
8af2f3f5a4 Optionally compress and/or strip Ethernet header from SPTPS packets. 2012-08-02 17:44:59 +02:00
Guus Sliepen
73348be58e Have tincctl act as a shell when no command is given. 
By default it uses readline to read commands. If the input and output are not a
tty, no prompt is shown.
 2012-08-02 17:24:42 +02:00
Guus Sliepen
91937812bd Clear struct sptps before reusing it. 2012-08-02 17:23:51 +02:00
Guus Sliepen
6396f42d74 Stricter checks for netname and node names. 
- Node names should not be empty.
- Net names should not contain slashes or start with a dot, because they are
  used in pathnames.
 2012-08-01 16:51:59 +02:00
Guus Sliepen
61006ced88 Add missing configuration variables. 2012-08-01 16:13:23 +02:00
Guus Sliepen
b0f3a76e9b Add the ability to query configuration variables to tincctl. 2012-08-01 15:53:20 +02:00
Guus Sliepen
a9caa2a6ea tincctl restart should work even if no tincd is running. 2012-08-01 15:15:37 +02:00
Guus Sliepen
07980b056c Try sending SIGTERM if we cannot connect to a tincd but we know its PID. 2012-08-01 15:14:48 +02:00
Guus Sliepen
7a71d48009 Use a status bit to track which nodes use SPTPS. 2012-07-31 21:43:49 +02:00
Guus Sliepen
6bc8df3e01 Add Brandon Black's replay window code to SPTPS. 2012-07-31 20:39:15 +02:00
Guus Sliepen
5ede437307 Handle SPTPS datagrams in try_mac(). 2012-07-31 20:36:35 +02:00
Guus Sliepen
aaff0ed089 Remove unused #include. 2012-07-31 20:29:13 +02:00
Guus Sliepen
153abaa4d9 Use datagram SPTPS for packet exchange between nodes. 
When two nodes which support SPTPS want to send packets to each other, they now
always use SPTPS. The node initiating the SPTPS session send the first SPTPS
packet via an extended REQ_KEY messages. All other handshake messages are sent
using ANS_KEY messages. This ensures that intermediate nodes using an older
version of tinc can still help with NAT traversal. After the authentication
phase is over, SPTPS packets are sent via UDP, or are encapsulated in extended
REQ_KEY messages instead of PACKET messages.
 2012-07-30 18:36:59 +02:00
Guus Sliepen
2b97a7d7cf tincctl init now also creates a template tinc-up script. 2012-07-22 12:52:31 +02:00
Guus Sliepen
eb430005c7 Fix exit code when installing tincd as a service on Windows. 2012-07-21 17:10:10 +02:00
Guus Sliepen
e5e96882c3 Windows doesn't like quotes around "edit" when calling it through system(). 
Even though that works fine on the command line.
 2012-07-21 16:33:09 +02:00
Guus Sliepen
18237e1f2d Use backslashes on Windows. 
Although Windows itself supports the forward slash, some programs may not.
 2012-07-21 16:26:55 +02:00
Guus Sliepen
09a8ff649c Don't try to mkdir(CONFDIR) on Windows when there is a registry key for tinc. 2012-07-21 15:58:16 +02:00
Guus Sliepen
ed8ce60845 Fix crash when no netname is specified. 2012-07-21 15:51:15 +02:00
Guus Sliepen
7303b512b0 Fix some compiler warnings. 2012-07-21 15:50:50 +02:00
Guus Sliepen
33521eabd4 Have tincd and tincctl use the same method of determining netname. 2012-07-21 15:15:04 +02:00
Guus Sliepen
1d322d2eda Add a newline to a configuration file if it is missing. 2012-07-21 15:02:44 +02:00
Guus Sliepen
dea722c4ac Add some checks when changing configuration. 2012-07-21 15:02:17 +02:00
Guus Sliepen
cc0c35267f Call event_init() after detaching. 
Otherwise, the call to daemon() could close filedescriptors in use by libevent
itself; for example if it uses kqueue or epoll instead of a select() or poll()
backend.
 2012-07-21 14:19:23 +02:00
Guus Sliepen
4e0fc52197 Fix various compiler warnings. 2012-07-21 13:53:22 +02:00
Guus Sliepen
98a72d6869 Make sure sptps.h and info.h are in the tarball. 2012-07-21 13:12:30 +02:00
Guus Sliepen
5eeed38b8e Make sure tinc compiles on Windows. 2012-07-21 12:51:53 +02:00
Guus Sliepen
1d4590ca5c Prefer routes with lower weight as long as they do not increase the number of hops. 
This should improve traffic to nodes that are not directly reachable somewhat.
 2012-07-20 20:35:07 +02:00
Guus Sliepen
4c8ead9874 Allow more configuration variables to be changed when reloading configuration. 
In particular, Subnets may be added or removed from the local node on the fly.
 2012-07-20 20:01:29 +02:00
Guus Sliepen
c678e7c4fb Split setup_myself() into two functions, one for reloading configuration. 2012-07-20 19:59:47 +02:00
Guus Sliepen
4591e96c76 Never remove items from cmdline_conf. 
We should treat cmdline_conf as const, so we can call read_config_options()
more than once with prefix = NULL.
 2012-07-20 17:29:16 +02:00
Guus Sliepen
68a20876d0 Use minor protocol version to determine whether to use ECDH key exchange between nodes. 2012-07-20 01:02:51 +02:00
Guus Sliepen
76a3ada4eb Put minor protocol version in connection options so other nodes can see it. 
This allows two nodes that do not have a meta-connection with each other see
which version they are.
 2012-07-17 18:05:55 +02:00
Guus Sliepen
68de7b481e When exporting configuration files, don't copy Name variables. 
These interfere with tincctl import. Besides, host configuration files should
not contain Name at all.
 2012-07-16 18:49:39 +02:00
Guus Sliepen
c52c46f871 Add an easy way to export and import host configuration files. 2012-07-16 16:48:24 +02:00
Guus Sliepen
6319dc9dde Strip default subnet weight from output. 2012-07-16 01:14:08 +02:00
Guus Sliepen
74646a4afa Give an error message when tincctl info cannot parse the given subnet or address. 2012-07-16 01:09:47 +02:00
Guus Sliepen
53735a9d96 "tincctl info" gives more human readable information about nodes or subnets. 2012-07-16 01:05:25 +02:00
Guus Sliepen
3c7003893f Move all functions related to subnet parsing to subnet_parse.c. 2012-07-16 00:52:50 +02:00
Guus Sliepen
e72e6febfe Fix tincctl dump. 2012-07-15 22:53:03 +02:00
Guus Sliepen
9be8980a2b Let tincctl ignore tincd options, so they will be passed on. 2012-07-15 21:17:10 +02:00
Guus Sliepen
36dee4c539 Fix tincctl start. 2012-07-15 21:15:35 +02:00
Guus Sliepen
439069bda6 Have tincctl notify a running tincd of configuration file changes. 2012-07-15 20:59:17 +02:00
Guus Sliepen
eb01fd9625 Add an easy way to edit a configuration file. 2012-07-15 20:37:38 +02:00
Guus Sliepen
cedfeccb24 Stricter checks for node names. 2012-07-15 20:22:21 +02:00
Guus Sliepen
03f72c6173 Allow configuration variables to be added/removed using tincctl. 2012-07-15 18:16:35 +02:00
Guus Sliepen
dd102efd24 Put every command in its own function. 2012-07-15 15:46:16 +02:00
Guus Sliepen
a444ec3964 "tincctl init" creates initial directory structure, tinc.conf and keypairs. 2012-07-15 14:49:36 +02:00
Guus Sliepen
268c8545aa Merge branch 'master' into 1.1 2012-07-14 15:13:21 +02:00
Guus Sliepen
ae8c0b65d8 Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch. 2012-07-12 11:25:11 +02:00
Guus Sliepen
bce177767d Fix crash when handling the ALRM signal. 
In retry() the function do_outgoing_connection() is called, which can delete
items from the connection_tree, so when walking the tree we must first save the
pointer to the next item.
 2012-06-26 14:22:57 +02:00
Guus Sliepen
19be9cf715 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	lib/utils.c
	src/linux/device.c
	src/meta.c
	src/net.h
	src/net_setup.c
	src/net_socket.c
	src/protocol.c
	src/protocol_auth.c
	src/tincd.c
 2012-06-26 13:24:20 +02:00
Guus Sliepen
236b0ba4eb Fix crash when using Broadcast = direct. 2012-06-25 19:03:54 +02:00
Guus Sliepen
0a84f9cb8f Fix compiler warnings. 2012-06-25 19:01:51 +02:00
Guus Sliepen
c0af4c37d2 Small fixes in proxy code. 2012-06-25 15:00:24 +02:00
Guus Sliepen
62b61a1b7c Don't forget to send a newline when forwarding requests. 2012-05-13 22:16:42 +02:00
Guus Sliepen
58007d7efa Always pass request strings to other functions as const char *. 2012-05-08 16:44:15 +02:00
Sven-Haegar Koch
291a59b5b7 free_connection_partially(): also reset remote protocol version infos 
The used remote protocol can change between two reconnects, aka if
the remote side has enabled/disabled for example their ExperimentalProtocols
setting.
 2012-05-08 16:20:21 +02:00
Sven-Haegar Koch
32e5c5bb7c Silence SPTPS log messages, reduce them from DEBUG_ALWAYS to DEBUG_META. 2012-05-08 16:19:20 +02:00
Sven-Haegar Koch
c78bb14303 terminate_connection(): delete non-outgoing (aka incoming) connections. 2012-05-08 16:19:04 +02:00
Sven-Haegar Koch
8b9e5af0d9 Label control connections for log output as "<control>", not "<unknown>". 2012-05-08 16:18:28 +02:00
Sven-Haegar Koch
d3f4cf59ca free_connection_partially(): Avoid possible use-after-free for c->hischallenge 2012-05-08 16:18:18 +02:00
Sven-Haegar Koch
7a6ca7a993 terminate_connection(): only kill c->node->connection if it is pointing 
to the same connection
 2012-05-08 16:17:55 +02:00
Sven-Haegar Koch
a96c4f016c terminate_connection(): Avoid use-after-free and double-free for 
already freed edge structure.
 2012-05-08 16:16:59 +02:00
Guus Sliepen
5ae19cb0bb Add support for proxying through an external command. 
Proxy type "exec" can be used to have an external script or binary set
up an outgoing connection. Standard input and output will be used to
exchange data with the external command. The variables REMOTEADDRESS and
REMOTEPORT are set to the intended destination address and port.
 2012-04-19 15:18:31 +02:00
Guus Sliepen
fb5588856f Add support for SOCKS 5 proxies. 
This only covers outgoing TCP connections, and supports only
username/password authentication or no authentication.
 2012-04-19 14:10:54 +02:00
Guus Sliepen
b58d95eb29 Add basic support for SOCKS 4 and HTTP CONNECT proxies. 
When the Proxy option is used, outgoing connections will be made via the
specified proxy. There is no support for authentication methods or for having
the proxy forward incoming connections, and there is no attempt to proxy UDP.
 2012-04-18 23:19:40 +02:00
Guus Sliepen
84531fb6e6 Allow broadcast packets to be sent directly instead of via the MST. 
When the "Broadcast = direct" option is used, broadcast packets are not sent
and forwarded via the Minimum Spanning Tree to all nodes, but are sent directly
to all nodes that can be reached in one hop.

One use for this is to allow running ad-hoc routing protocols, such as OLSR, on
top of tinc.
 2012-04-16 01:57:25 +02:00
Sven-Haegar Koch
f8e15dfe8d ecdh & ecdsa: avoid some possible memory leaks in error conditions. 2012-04-16 00:54:50 +02:00
Sven-Haegar Koch
8792b9a9f3 Remove confusing error message for failed reading in ECDSA keys. 
Most likeley the error is that there just is no valid key inside the used
host file, and in this case errno just contains a random value from the
last previously failed call.
 2012-04-16 00:54:43 +02:00
Sven-Haegar Koch
a5bb6d40fb sptps_stop(): clear pointers after free to avoid double free. 
sptps_stop() may get called twice on some failed connection setups.
 2012-04-15 01:10:49 +02:00
Guus Sliepen
535a55100b Allow environment variables to be used for Name. 
When the Name starts with a $, the rest will be interpreted as the name of an
environment variable containing the real Name. When Name is $HOST, but this
environment variable does not exist, gethostname() will be used to set the
Name. In both cases, illegal characters will be converted to underscores.
 2012-03-29 16:45:25 +01:00
Guus Sliepen
1d9dacb1f2 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	src/logger.c
	src/net_setup.c
 2012-03-26 19:06:39 +01:00
Guus Sliepen
89f4574e0b Add support for systemd style socket activation. 
If the LISTEN_FDS environment variable is set and tinc is run in the
foreground, tinc will use filedescriptors 3 to 3 + LISTEN_FDS for its listening
TCP sockets. For now, tinc will create matching listening UDP sockets itself.

There is no dependency on systemd or on libsystemd-daemon.
 2012-03-26 14:46:09 +01:00
Guus Sliepen
cc6aee7846 Remove newline from log message. 2012-03-26 14:45:20 +01:00
Guus Sliepen
86c2990327 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	src/Makefile.am
	src/conf.c
	src/conf.h
	src/connection.c
	src/net.c
	src/tincd.c
 2012-03-25 23:35:31 +01:00
Guus Sliepen
b23681dddb Support :: in IPv6 Subnets. 2012-03-25 22:54:36 +01:00
Guus Sliepen
482c6119a7 Releasing 1.0.18. 2012-03-25 15:32:26 +01:00
Guus Sliepen
f71ce34180 Fix return type of vde_recv() as well. 
In this case it is not really necessary as the conversion to int will already
take care of ensuring the return value is treated as signed.
 2012-03-25 15:17:50 +01:00
Guus Sliepen
3998353853 Fix some more compiler warnings. 2012-03-25 14:46:50 +01:00
Guus Sliepen
cfe6558d4b Fix return value type of vde_send(). 
The libvdeplug_dyn.h header file incorrectly declares the return type of
vde_send() to size_t, while in reality it is ssize_t.
 2012-03-25 14:00:21 +01:00
Guus Sliepen
95968c67f9 Fix compiler warnings. 2012-03-25 13:58:14 +01:00
Guus Sliepen
e2d1b0b899 Allow scoped addresses to be used for IPv6 multicast socket. 2012-03-25 13:42:10 +01:00
Guus Sliepen
2512040632 Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast. 2012-03-25 13:40:55 +01:00
Guus Sliepen
b5e3bf1a85 Set default value of DecrementTTL to "no". 
Decrementing the TTL causes IPv6 to fail when Mode = switch, and there may be
other unforeseen side-effects.
 2012-03-23 13:18:36 +01:00
Guus Sliepen
c373de2e98 Add support for multicast communication with UML/QEMU/KVM. 
DeviceType = multicast allows one to specify a multicast address and port with
a Device statement. Tinc will then read/send packets to that multicast group
instead of to a tun/tap device. This allows interaction with UML, QEMU and KVM
instances that are listening on the same group.
 2012-03-21 17:00:53 +01:00
Guus Sliepen
a7dbb50c23 Allow a port to be specified in BindToAddress statements. 
This can be used to let tinc listen on multiple ports for incoming connections.
 2012-03-21 13:20:15 +01:00
Guus Sliepen
80e15d8b96 Always try next Address when an outgoing connection fails to authenticate. 
When making outgoing connections, tinc goes through the list of Addresses and
tries all of them until one succeeds. However, before it would consider
establishing a TCP connection a success, even when the authentication failed.
This would be a problem if the first Address would point to a hostname and port
combination that belongs to the wrong tinc node, or perhaps even to a non-tinc
service, causing tinc to endlessly try this Address instead of moving to the
next one.

Problem found by Delf Eldkraft.
 2012-03-20 23:49:16 +01:00
Guus Sliepen
d7bf63c63a Make sure the signature also covers the session label. 2012-03-18 21:24:46 +01:00
Guus Sliepen
d756bb92ed Don't send an ACK message after the first key exchange in the SPTPS protocol. 2012-03-18 17:46:30 +01:00
Guus Sliepen
c970ecdd75 Test SPTPS messages sent while key renegotation is in progress. 2012-03-18 17:42:43 +01:00
Guus Sliepen
3a4fe104a0 Add datagram mode to the SPTPS protocol. 
* Everything is identical except the headers of the records.
* Instead of sending explicit message length and having an implicit sequence
  number, datagram mode has an implicit message length and an explicit sequence
  number.
* The sequence number is used to set the most significant bytes of the counter.
 2012-03-18 16:42:02 +01:00
Guus Sliepen
03e06fd43a Allow CTR mode counter to be set to a specific value. 2012-03-18 16:41:13 +01:00
Guus Sliepen
4712d8f92e Update copyright notices. 2012-03-10 13:23:08 +01:00
Guus Sliepen
5b0f5ad958 Make sure disabling old RSA keys works on Windows. 
Seeking in files and rewriting parts of them does not seem to work properly on
Windows. Instead, when old RSA keys are found when generating new ones, the
file containing the old keys is copied to a temporary file where the changes
are made, and that file is renamed back to the original filename. On Windows,
we cannot atomically replace files with a rename(), so we need to move the
original file out of the way first. If anything fails, the new code will warn
that the user has to solve the problem by hand.
 2012-03-08 23:23:39 +01:00
Guus Sliepen
40c2858932 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	src/net_packet.c
 2012-03-08 21:15:08 +01:00
Guus Sliepen
9dea33f530 Accept Subnets passed with the -o option when StrictSubnets = yes. 2012-03-07 10:40:06 +01:00
Guus Sliepen
63f8303a5d Only log errors sending UDP packets when debug level >= 5. 
Since tinc will fall back to TCP or route via another node, it is not necessary
to log such errors unconditionally.
 2012-03-02 16:09:58 +01:00
Guus Sliepen
8ac096b5bf Allow log messages to be captured by tincctl. 
This allows tincctl to receive log messages from a running tincd,
independent of what is logged to syslog or to file. Tincctl can receive
debug messages with an arbitrary level.
 2012-02-26 18:37:36 +01:00
Guus Sliepen
a1bd3a2913 Don't close control connections when handling a reload command. 
Because this would terminate the connection while the control message
handler was still running, it would lead to a segmentation fault later
on.
 2012-02-26 16:56:53 +01:00
Guus Sliepen
483c5dcfb4 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 2012-02-26 16:27:13 +01:00
Guus Sliepen
ae52496109 Only use broadcast at the start of the PMTU discovery phase. 
For local peer discovery, only a handful of packets are necessary for
peers to detect each other.
 2012-02-26 16:23:02 +01:00
Guus Sliepen
344d6b9ac3 Let tincctl use the NETNAME environment variable if no -n option is given. 
This allows administrators who frequently want to work with one tinc
network to omit the -n option. Since the NETNAME variable is set by
tincd when executing scripts, this makes it slightly easier to use
tincctl from within scripts.
 2012-02-26 13:08:34 +01:00
Guus Sliepen
84570275ac Ensure all SPTPS functions are prefixed with sptps_. 2012-02-26 12:33:16 +01:00
Guus Sliepen
8b1ad6f76f Go back to breadth first search for path finding. 
If 1.1.x nodes using Dijkstra's algorithm are mixed with 1.0.x nodes using BFS,
then routing loops can occur.
 2012-02-25 23:03:09 +01:00
Guus Sliepen
36623e15a1 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 2012-02-25 22:52:57 +01:00
Guus Sliepen
5140656de6 Stricter checks against routing loops. 
If a packet that had to be sent via an intermediate hop, and that intermediate
hop was the one that sent the packet, we drop it.
 2012-02-25 22:11:30 +01:00
Guus Sliepen
f1d5eae643 Don't send ICMP Time Exceeded messages for other Time Exceeded messages. 
That would be silly.
 2012-02-25 21:46:18 +01:00
Guus Sliepen
65d6f023c4 Use SPTPS when ExperimentalProtocol is enabled. 2012-02-25 18:25:21 +01:00
Guus Sliepen
efd21e232d Apply HMAC after encryption. 2012-02-25 15:18:15 +01:00
Guus Sliepen
f5dc136cfd Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	src/net.c
	src/net_packet.c
	src/net_socket.c
 2012-02-23 13:26:01 +01:00
Guus Sliepen
5a28aa7b8b Add LocalDiscovery option which tries to detect peers on the local network. 
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
 2012-02-22 23:17:43 +01:00
Guus Sliepen
8e717ddb60 Pass index into listen_socket[] to handle_incoming_vpn_data(). 2012-02-22 14:37:56 +01:00