Commit graph

128 commits

Author SHA1 Message Date
Guus Sliepen
5e2ded68bf Correctly use the active_tree. 2001-07-19 12:29:40 +00:00
Guus Sliepen
319e0cb48e Split connection list into two lists:
- one list to handle all incoming/outgoing TCP connections
 - another list to handle all UDP connections

This will prevent race conditions.
2001-07-15 18:07:31 +00:00
Guus Sliepen
1e2bdc2b6d - Always use <openssl/include.h> instead of just <include.h>
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
2001-07-04 08:41:36 +00:00
Guus Sliepen
6bd93e4c06 Check for all potential duplicate entries in the id tree. 2001-07-01 21:42:13 +00:00
Guus Sliepen
6365d0627b Fix printf format bug. 2001-07-01 09:21:01 +00:00
Guus Sliepen
402b85c482 Log error if two hosts connect with same IP/port tuple. 2001-06-29 13:09:32 +00:00
Guus Sliepen
9a0a50cd3c Woops - big bug in send_key_changed fixed. 2001-06-09 10:00:34 +00:00
Guus Sliepen
ba918dce28 Only reset seconds_till_retry when we activate the outgoing connection. 2001-06-08 18:02:10 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only)
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
2001-06-05 16:09:55 +00:00
Guus Sliepen
fcf869cd42 TCPonly now works (in a relatively clean way too). 2001-05-25 11:54:28 +00:00
Guus Sliepen
4dee76522e Small fixes:
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
2001-05-25 08:36:11 +00:00
Guus Sliepen
bfc5d6014e Only send key_changed if it was previously requested. 2001-05-24 21:52:26 +00:00
Guus Sliepen
d1b597758e Add randomness to PING/PONG packets to prevent crypto attacks on quiet
tunnels.
2001-05-24 21:29:09 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
2001-05-07 19:08:46 +00:00
Guus Sliepen
156ec67652 Check indirectdata option before forwarding certain requests. 2001-03-13 21:33:31 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
2001-03-04 13:59:32 +00:00
Guus Sliepen
d2a54597e0 Added explaination of our key exchange using RSA encryption. 2001-03-02 11:25:56 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
34b7a876c3 - Make sure METAKEY is smaller than the modulus of the RSA key
- Get symmetric key from the least significant bytes of the RSA message
2001-02-26 11:37:20 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode.
(This breaks compatibility with all previous versions!)
2001-02-25 16:34:19 +00:00
Guus Sliepen
153fc35e57 Corrected check for errors after read() calls. 2001-02-25 11:09:29 +00:00
Guus Sliepen
f1cb3d8fa5 Removed another local definition of the variable "errno" 2001-02-06 10:42:27 +00:00
Guus Sliepen
f777c1807d FreeBSD compile fixes (thanks to XeF4) 2001-02-06 10:12:51 +00:00
Guus Sliepen
11f3e9d138 - Squashed another nasty bug. 2001-01-08 20:35:30 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path
- By default write keys to tinc config directory
- Small fix in protocol.c
2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore
- Allow keys to be inside the config files or in a seperate file
- Small fixes
2000-12-22 21:34:24 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key();
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
2000-11-30 23:18:21 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility)
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
2000-11-25 13:33:33 +00:00
Guus Sliepen
6f373e6902 - More porting to FreeBSD and Solaris. 2000-11-22 22:05:37 +00:00
Guus Sliepen
5971e352da - Work with the correct key buffer in ans_key_h 2000-11-22 20:25:27 +00:00
Guus Sliepen
a07602c4fd - No more %as. 2000-11-22 19:55:53 +00:00
Guus Sliepen
f8b4a000d0 - Cleaned up and checked for some more NULL pointers in rbl.c
- Two connection lists: one for incoming connections, sorted on ip/port,
  one for connections whose identity we know, sorted on id ofcourse...
2000-11-22 18:54:08 +00:00
Guus Sliepen
408ca91766 - Integrate rbl trees into tinc. 2000-11-20 19:12:17 +00:00
Guus Sliepen
e118ba0a64 Porting to FreeBSD:
- Reorganized and added some #includes
2000-11-15 13:33:27 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during
configure.
2000-11-15 01:06:13 +00:00
Guus Sliepen
7d0f82bd4b - Open UDP connection for all known hosts. Comments please. 2000-11-07 22:02:14 +00:00
Guus Sliepen
698191fd2f - Prepended config_ to all configuration option names, because it confused
everything (including myself).
- Use connection oriented UDP sockets for both incoming and outgoing
  packets.
2000-11-04 22:57:33 +00:00
Guus Sliepen
afc0579707 - Simplified ping mechanism. 2000-11-04 20:44:28 +00:00
Guus Sliepen
ac47586552 - Forward keys in hex notation, not as binary data. 2000-11-04 16:54:21 +00:00
Guus Sliepen
3f8f067e8b - Don't forget to set packet cipher for added hosts. 2000-11-04 16:39:19 +00:00
Ivo Timmermans
5065ea32c3 Warnings removal pass: always include config.h first; add a few
prototypes in the header files.

This also fixes a few lint errors/warnings.
2000-11-03 22:35:12 +00:00
Guus Sliepen
b7d4d4c177 - Finishing touch: encrypt the meta connections 2000-10-29 22:55:15 +00:00
Guus Sliepen
ec12269355 - Use CFB mode for encrypting packets: it works and we don't need padding. 2000-10-29 22:10:44 +00:00
Guus Sliepen
cea3d8f305 - Small fixes
- Do proper key exchange
- Encrypt packets - it works, but there is something wrong with the MAC
  header after decryption...
2000-10-29 10:39:08 +00:00