j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
1927 commits 2 branches 0 tags 10 MiB
Commit graph

1302 commits

Author SHA1 Message Date
Guus Sliepen
50403909b6 Allow multiple listening sockets. 2002-02-26 23:26:41 +00:00
Guus Sliepen
2ac7be0d51 Tweaking IPv6 support. 2002-02-26 22:47:51 +00:00
Guus Sliepen
23fda5688e - Change SA_LEN to SALEN, former one is already defined on some platforms. 
- Use SALEN everywhere appropriate.
 2002-02-20 22:37:38 +00:00
Guus Sliepen
dbc5b5bb5e - Use gai_strerror() where appropriate 
- Clear hints before using them with getaddrinfo()
- Use sa_len on platforms that support them
 2002-02-20 22:15:32 +00:00
Guus Sliepen
28cc9a6488 Preserve inpkt->len, needed for broadcasts. 2002-02-20 19:31:15 +00:00
Guus Sliepen
c6d0158831 Protocol now also exchanges cipher/digest/maclength/compression for the 
meta connection.
 2002-02-20 19:25:09 +00:00
Guus Sliepen
626d5956d2 Cache results of lookup_subnet_...(). 2002-02-20 17:16:15 +00:00
Guus Sliepen
e8e69460a7 Fix maskcmp() and maskcpy(). 2002-02-20 17:15:33 +00:00
Guus Sliepen
ed50931290 Forward packets in router mode. 2002-02-20 16:04:59 +00:00
Guus Sliepen
8c91fac315 Use AF_UNSPEC for listening sockets if AddressFamily = any. 2002-02-20 16:04:39 +00:00
Guus Sliepen
76f01453df Fix segfault when receiving HUP signal. 2002-02-20 16:04:07 +00:00
Guus Sliepen
c2b9c06062 - Non-blocking connect()s. 
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
  Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
 2002-02-18 16:25:19 +00:00
Guus Sliepen
2fb8a62ede Added device.c for NetBSD, actually a copy of the OpenBSD one. 2002-02-12 14:40:12 +00:00
Guus Sliepen
f64b41a73b Get rid of sys/signal.h. 2002-02-12 14:36:45 +00:00
Guus Sliepen
dd611fb4f9 Don't use sa_sigaction (which NetBSD doesn't like) at all if we don't use siginfo. 2002-02-12 14:29:00 +00:00
Guus Sliepen
d9a62c6354 Added support for packet compression, thanks to Mark Glines. 
Add "Compression = <level>" to the host config files, where level can be
0 (off), or any integer between 1 (fast) and 9 (best).
 2002-02-11 15:59:18 +00:00
Guus Sliepen
94b171b305 Small fix. 2002-02-11 14:20:46 +00:00
Guus Sliepen
1708997bc8 - If no PrivateKeyFile is specified, /etc/tinc/netname/rsa_key.priv is assumed. 
- Check RSA key before using it.
 2002-02-11 14:20:21 +00:00
Guus Sliepen
1c34ba7fb8 Sensible defaults for $INTERFACE. 2002-02-11 12:33:01 +00:00
Guus Sliepen
24cc2a9065 Last bits of the merger. 2002-02-11 10:16:18 +00:00
Guus Sliepen
5bf4b88666 Forgot to merge new files from pre5. 2002-02-11 10:05:58 +00:00
Guus Sliepen
f0aa9641e8 Merging of the entire pre5 branch. 2002-02-10 21:57:54 +00:00
Ivo Timmermans
c2752b961c Conversion to struct addrinfo is almost complete for this file. 2001-11-16 22:41:38 +00:00
Ivo Timmermans
4f47da5b87 Don't include netutl.h. 2001-11-16 22:40:26 +00:00
Ivo Timmermans
a59bbc7231 Fixed silly typo: "np" instead of "no" 2001-11-16 22:31:41 +00:00
Ivo Timmermans
bf664c054f get_config_subnet needs to be fixed. 2001-11-16 22:31:15 +00:00
Ivo Timmermans
9b2b374734 route_ipv4 and route_ipv6 replaced by route_ip. 2001-11-16 17:40:50 +00:00
Ivo Timmermans
a4938b22e7 Don't include netutl.h. 2001-11-16 17:39:59 +00:00
Ivo Timmermans
ccda709f82 lookup_node_udp changed. 2001-11-16 17:39:38 +00:00
Ivo Timmermans
836766d4c5 First part of rewriting things to use struct addrinfo. 2001-11-16 17:38:39 +00:00
Ivo Timmermans
251f87c842 (re)added port to struct node_t 2001-11-16 15:56:44 +00:00
Ivo Timmermans
6cf744e4b2 Don't include netutl.h. 2001-11-16 12:22:02 +00:00
Ivo Timmermans
a79252af43 Obsoleted. 2001-11-16 12:21:22 +00:00
Ivo Timmermans
331d9402e8 Don't compile/link netutl.c. 2001-11-16 12:16:28 +00:00
Ivo Timmermans
f95e6ca8f6 get_config_{ip,port} removed. 2001-11-16 12:14:20 +00:00
Ivo Timmermans
31db57bb4a Changed to use struct addrinfo where needed. 2001-11-16 12:13:34 +00:00
Ivo Timmermans
f1b20b3ded Obsoleted all IP<x> types in favor of struct addrinfo 2001-11-16 12:10:54 +00:00
Ivo Timmermans
fb6dc0b089 Removed definitions of ipv4_t, ipv6_t, port_t 2001-11-16 12:08:38 +00:00
Ivo Timmermans
3ef15f2554 Changed lookup_connection to use struct addrinfo 2001-11-16 12:02:17 +00:00
Ivo Timmermans
74e1299fb5 Changed prototype for lookup_connection to use struct addrinfo 2001-11-16 12:01:48 +00:00
Ivo Timmermans
51b72b75f2 Use struct addrinfo in connection_t to hold all host data such as IP 
address and port
 2001-11-16 00:23:28 +00:00
Ivo Timmermans
72395f989c Deprecated get_config_ip and get_config_port 2001-11-16 00:13:08 +00:00
Guus Sliepen
e06415e3d9 More fixes for Solaris. 2001-11-05 19:09:08 +00:00
Guus Sliepen
25a804c94e Various fixes needed for Solaris. 2001-11-05 19:06:07 +00:00
Guus Sliepen
b2d5002ff1 Correctly check if subnet owner exists. 2001-11-04 23:48:27 +00:00
Guus Sliepen
ede6671c13 Be liberal in what you accept: allow unknown edges to be deleted. 2001-11-04 23:29:50 +00:00
Guus Sliepen
cf0e133e19 *** empty log message *** 2001-11-03 22:53:02 +00:00
Guus Sliepen
e5047d2835 Several bugfixes. 2001-11-03 21:22:02 +00:00
Guus Sliepen
8910cbd67e Use PEM functions as suggested by OpenSSL docs. 2001-11-03 21:21:04 +00:00
Guus Sliepen
8e74c5bee4 Some very small fixes 2001-10-31 20:37:54 +00:00
Guus Sliepen
ffb88ff641 Avoid connecting to another node twice, and check name of outgoing connections. 2001-10-31 20:22:52 +00:00
Guus Sliepen
6d333ad680 Show cfg->variable instead of cfg->value when complaining about wrong type. 2001-10-31 20:07:17 +00:00
Guus Sliepen
54b756f7df Don't forget to read public RSA key when making an outgoing connection. 2001-10-31 20:02:06 +00:00
Guus Sliepen
c0a3f67a5d - Small fixes to graph algorithms 
- More control over tap device, ability to set interface name to something
  other than the netname.
- Export NETNAME, DEVICE and INTERFACE environment variables to scripts.
 2001-10-31 12:50:24 +00:00
Guus Sliepen
2165931c62 More updates to protocol handlers and reimplemented terminate_connection(). 2001-10-30 16:34:32 +00:00
Guus Sliepen
87ad5c97a9 Various fixes, tinc is now somewhat capable of actually working again. 2001-10-30 12:59:12 +00:00
Guus Sliepen
cc9473d8c6 Working version of Kruskal's algorithm. The running time is very bad though. 2001-10-29 13:14:57 +00:00
Guus Sliepen
b6298e2c08 - More changes needed for Kruskal's algorithm 
- Implemented a breadth-first search algorithm as a cheap substitution for a
  single-source shortest path algorithm.
 2001-10-28 22:42:49 +00:00
Guus Sliepen
66067cc9c1 - More s/vertex/edge/g 
- Implementation of Kruskal's minimum spanning tree algorithm.
 2001-10-28 10:16:18 +00:00
Guus Sliepen
94497336ef What was I thinking? s/vertex/edge/g. 2001-10-28 08:41:19 +00:00
Guus Sliepen
b98d9787fd Various small fixes to make tinc runnable again. 2001-10-27 15:19:13 +00:00
Guus Sliepen
ac066bb057 Make sure everything links. 2001-10-27 13:13:35 +00:00
Guus Sliepen
82e3837109 Big bad commit: 
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c

It compiles, but it won't link.
 2001-10-27 12:13:17 +00:00
Guus Sliepen
1935c44a1e Support new files (node/vertex/device.[ch]) and OpenBSD. 2001-10-13 13:53:07 +00:00
Guus Sliepen
26e517dd37 Forgot the tun specific stuff. 2001-10-12 15:52:03 +00:00
Guus Sliepen
ad61c20f42 Added OpenBSD tun device handling. Untested though. 2001-10-12 15:49:11 +00:00
Guus Sliepen
0c6321a67f Forgot to remove some old #ifdef stuff. 2001-10-12 15:38:35 +00:00
Guus Sliepen
6014c7e637 Solaris tun device handling cleaned up a bit and added. 2001-10-12 15:33:21 +00:00
Guus Sliepen
623c7ee030 Added FreeBSD tap device handling. 2001-10-12 15:22:59 +00:00
Guus Sliepen
ec34f25228 - Split tap device stuff out of net.[ch] 
- Each OS gets it's own device.c to get rid of evil #ifdefs.
- Cleaned up Linux ethertap and tun/tap handling.
 2001-10-12 15:16:03 +00:00
Guus Sliepen
0bbace18e9 More updates to new node/vertex/connection combo. 2001-10-10 20:35:10 +00:00
Guus Sliepen
ea607d2d92 Revamp configuration handling: 
- Store everything in AVL trees (fast lookup)
- No need for hazahaza anymore
- Parse values when needed
- This simplifies a lot of config variable lookups.
 2001-10-10 20:34:27 +00:00
Guus Sliepen
5904806dc8 Removed everything from connection.c that has already been moved to node.c and 
vertex.c.
 2001-10-10 09:42:29 +00:00
Guus Sliepen
ec0c16b9b6 Further implementation of doc/CONNECTIVITY. connection.[ch] is now split into a 
node, vertex and connection part.
 2001-10-10 08:49:47 +00:00
Guus Sliepen
f22b941751 Small corrections. 2001-10-09 19:37:10 +00:00
Guus Sliepen
49a2cd806c Started implementing doc/CONNECTIVITY. 2001-10-09 19:30:30 +00:00
Guus Sliepen
fcc3ded75f Fix bug when dropping an old connection in favour of a new one from the 
same host.
 2001-10-08 15:37:14 +00:00
Guus Sliepen
1ef90a87fd - Use ping timeout mechanism to close connections that don't authenticate 
in time.
- Fix potential segmentation fault in check_dead_connections().
 2001-10-08 13:37:30 +00:00
Guus Sliepen
ce9fd32c04 Fix bug where tinc would crash because of a portscan or a connection from a 
tinc daemon with a different version.
 2001-10-08 11:59:08 +00:00
Guus Sliepen
21027b1d57 - Renamed lastbutonehop to prevhop. 
- Added connection_t *via to connection_t, this keeps record of where
  to send UDP packets to.
 2001-10-08 11:47:55 +00:00
Guus Sliepen
18d1233c40 Fill in next- and lastbutonehop for myself. 2001-09-25 13:39:11 +00:00
Guus Sliepen
ec100a58b4 Try next connectto instead of the same over and over. 2001-09-25 13:35:45 +00:00
Guus Sliepen
4d3de3b6a9 Show next- and lastbutonehop when dumping connectionlist to syslog. 2001-09-24 14:16:29 +00:00
Guus Sliepen
24a2c7e51a Not only keep track of nexthop, but also of lastbutonehop. If destination cl 
wants indirectdata, send it to the lastbutonehop instead, unless it too has
requested so, and so on.
 2001-09-24 14:12:00 +00:00
Guus Sliepen
154733927a - Try old TUN/TAP ioctl() request if the one from if_tun.h fails. 
- Be more verbose about the kind of tap device used.
 2001-09-24 13:31:15 +00:00
Ivo Timmermans
950c934e0b Killing tincd with SIGINT causes it to toggle between the current 
debug level and level 5.  Useful to debug a running tincd.
 2001-09-05 18:38:09 +00:00
Guus Sliepen
a54ec980e0 config_t* is a const parameter in get_config_val(). 2001-09-01 12:46:49 +00:00
Guus Sliepen
68e23b1c9e Optional signal number for -k option. 2001-09-01 12:36:53 +00:00
Guus Sliepen
8ed27d40f3 Revised reconnection mechanism, always try out all ConnectTo lines. 2001-09-01 12:36:06 +00:00
Guus Sliepen
ef1facc607 Remove IndirectData support for now, new implementation will be added 
later.
 2001-09-01 12:02:39 +00:00
Guus Sliepen
8b5e421130 Fix signed comparison bug in lookup_subnet_ipv4(). 2001-08-28 20:52:39 +00:00
Guus Sliepen
e1184ad15d Don't send DEL_HOSTs when !status.meta 2001-08-17 18:14:04 +00:00
Guus Sliepen
30d22474cc Explicitly log which type of tunnel device is used. 2001-07-24 20:14:30 +00:00
Guus Sliepen
7e86cf91e3 The val variable in a config_t is never used as a long. 2001-07-24 20:13:42 +00:00
Guus Sliepen
43923d2b10 Write public key to rsa_key.pub instead of rsa_key.priv (if not host 
configuration file is found).
 2001-07-24 20:04:22 +00:00
Guus Sliepen
44e9d6a287 Don't use %m in fprintf(). 2001-07-24 20:03:40 +00:00
Guus Sliepen
fcbe215d64 Woohoo! tinc now compiles, runs and actually *works* on Solaris! 
Tested on a SparcStation 20MP running Solaris 7. (Thanks, jiggel!)
 2001-07-21 20:21:25 +00:00
Guus Sliepen
533ee1206f Always close all sockets in terminate_connection(). 2001-07-21 15:46:34 +00:00
Guus Sliepen
acb853205d Updated terminate_connection() so you can choose if DEL_HOSTs should be 
sent or not.
 2001-07-21 15:34:18 +00:00
Guus Sliepen
12f6b80429 Added purge_tree for connection_t's which are no longer in the connection, 
active or id trees, but which may still be referenced. This tree is flushed
when it is safe, this replaces purge_connection_tree().

Also lots of bugfixes related to the new trees.
 2001-07-20 20:25:10 +00:00
Guus Sliepen
37ed4265fa Remove all unnecessary status.meta and status.active checks. 2001-07-20 13:54:19 +00:00
Guus Sliepen
5e2ded68bf Correctly use the active_tree. 2001-07-19 12:29:40 +00:00
Guus Sliepen
319e0cb48e Split connection list into two lists: 
- one list to handle all incoming/outgoing TCP connections
 - another list to handle all UDP connections

This will prevent race conditions.
 2001-07-15 18:07:31 +00:00
Guus Sliepen
b3074590b1 Correct inclusion of standard if_tun.h header file. 2001-07-15 14:21:12 +00:00
Guus Sliepen
5dc4ade0b9 Don't load table of verbose OpenSSL errormessages. 2001-07-04 08:43:32 +00:00
Guus Sliepen
1e2bdc2b6d - Always use <openssl/include.h> instead of just <include.h> 
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
 2001-07-04 08:41:36 +00:00
Guus Sliepen
6bd93e4c06 Check for all potential duplicate entries in the id tree. 2001-07-01 21:42:13 +00:00
Guus Sliepen
9645cabc8e Fix compiler warning. 2001-07-01 09:21:14 +00:00
Guus Sliepen
6365d0627b Fix printf format bug. 2001-07-01 09:21:01 +00:00
Guus Sliepen
c9591bd1de Fix gcc 3.0 warnings. 2001-06-29 13:09:55 +00:00
Guus Sliepen
402b85c482 Log error if two hosts connect with same IP/port tuple. 2001-06-29 13:09:32 +00:00
Guus Sliepen
5d34503574 Execute tinc-down BEFORE tap device is closed. This is a. more symmetric 
(tinc-up is started after tap device is opened) and b. is needed for
tun/tap device, where the interface does not exist anymore after the
device file is closed.
 2001-06-29 10:30:18 +00:00
Guus Sliepen
9e96840da8 Remove #warnings I used for debugging stuff. 2001-06-21 16:37:47 +00:00
Guus Sliepen
04ec0b82ab - Solaris compile fixes 
- Set mymac to broadcast MAC so that ifconfig hw ether <...> is really not
  needed anymore.
- Forwarding of indirect packets when in switch mode (because the kernel
  will not do it for us then).
 2001-06-21 16:16:32 +00:00
Guus Sliepen
9a0a50cd3c Woops - big bug in send_key_changed fixed. 2001-06-09 10:00:34 +00:00
Guus Sliepen
ba918dce28 Only reset seconds_till_retry when we activate the outgoing connection. 2001-06-08 18:02:10 +00:00
Guus Sliepen
96ef7becdd Fixes to make switching work between hosts that have no meta-connection. 2001-06-06 19:12:38 +00:00
Guus Sliepen
ce6c8e6d08 Log and warn about duplicate subnet_add()'s for the same subnet. 2001-06-06 19:11:16 +00:00
Guus Sliepen
9cd9b03923 Add missing? counting of total_socket_in. 2001-06-05 19:45:47 +00:00
Guus Sliepen
7bd7f5b436 You can now put an option "Mode" in tinc.conf, and choose from: 
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub    (work like a hub, broadcasting everything)
 2001-06-05 19:39:54 +00:00
Guus Sliepen
edd6734faa Fix bug where lookup_subnet_ipv4() could go into an infinite loop. 2001-06-05 18:07:14 +00:00
Guus Sliepen
fa376fbd4e - This oneliner removes the need for ifconfig tap? hw ether fe:fd:0:0:0:0 2001-06-05 16:31:59 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only) 
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
 2001-06-05 16:09:55 +00:00
Guus Sliepen
428482d86f Added proxy-arp support. No more ifconfig -arp needed. Works like a charm 
under FreeBSD now :).
 2001-06-04 11:14:35 +00:00
Guus Sliepen
0a3c8cefd4 Fix subnet_lookup() for overlapping subnets. Needs rethinking. 2001-06-01 08:02:09 +00:00
Guus Sliepen
7db1b999c8 Make sure Solaris is happy too. 2001-05-28 08:56:57 +00:00
Guus Sliepen
65247c063b Small fixes to allow correct compilation under FreeBSD (tested with 4.3) 2001-05-28 08:21:43 +00:00
Guus Sliepen
fcf869cd42 TCPonly now works (in a relatively clean way too). 2001-05-25 11:54:28 +00:00
Guus Sliepen
a5e2ae6b2b With recent kernels the tun device file is located in /dev/net. 2001-05-25 10:08:11 +00:00
Guus Sliepen
4dee76522e Small fixes: 
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
 2001-05-25 08:36:11 +00:00
Guus Sliepen
bfc5d6014e Only send key_changed if it was previously requested. 2001-05-24 21:52:26 +00:00
Guus Sliepen
58893f0875 Since this is incompatible with some earlier versions, PROT_CURRENT is 
increased.
 2001-05-24 21:30:36 +00:00
Guus Sliepen
d1b597758e Add randomness to PING/PONG packets to prevent crypto attacks on quiet 
tunnels.
 2001-05-24 21:29:09 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g 
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
 2001-05-07 19:08:46 +00:00
Guus Sliepen
a26081467c Correctly cycle through ConnectTo variables. 2001-05-04 18:45:02 +00:00
Guus Sliepen
156ec67652 Check indirectdata option before forwarding certain requests. 2001-03-13 21:33:31 +00:00
Guus Sliepen
c426e981ee Ignore alarm signals if we do not need to respond to them. 2001-03-13 21:32:24 +00:00
Guus Sliepen
b413257e10 Fixed bug in setup_signals() that would make tinc die when unexpected 
signals were caught.
 2001-03-13 09:55:14 +00:00
Guus Sliepen
f1a082823c Fixed a race condition triggered by receive_meta() and the new 
authentication scheme.
 2001-03-12 23:58:19 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination 
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
 2001-03-04 13:59:32 +00:00
Guus Sliepen
d2a54597e0 Added explaination of our key exchange using RSA encryption. 2001-03-02 11:25:56 +00:00
Guus Sliepen
125c497881 Various small fixes. 2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
173d606514 - Fixed Interface option (untested) 
- Removed error handling for non-critical socket options
- Added TCP_NODELAY and IPTOS_LOWDELAY options for meta sockets.
 2001-02-27 16:17:04 +00:00
Guus Sliepen
24fa685859 Don't forget to reconnect if outgoing connection fails during 
authentication.
 2001-02-27 15:33:39 +00:00
Guus Sliepen
34b7a876c3 - Make sure METAKEY is smaller than the modulus of the RSA key 
- Get symmetric key from the least significant bytes of the RSA message
 2001-02-26 11:37:20 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode. 
(This breaks compatibility with all previous versions!)
 2001-02-25 16:34:19 +00:00
Guus Sliepen
9de5787574 Copy packets before putting them in the queue. 2001-02-25 16:04:00 +00:00
Guus Sliepen
e250d64300 Add missing \n. 2001-02-25 14:51:42 +00:00
Guus Sliepen
153fc35e57 Corrected check for errors after read() calls. 2001-02-25 11:09:29 +00:00
Ivo Timmermans
cebb6efeb0 More files to ignore in CVS 2001-02-11 11:55:28 +00:00
Guus Sliepen
603781831f - Updated CVS_CREATED to remove intl/ directory and some other 
autogenerated files.
- Checked if all INCLUDES/LIBS/etc directives inherit the global variables.
 2001-02-11 11:50:09 +00:00
Guus Sliepen
88dfdc9dba Ignore file for src/ 2001-02-11 11:46:14 +00:00
Guus Sliepen
f1cb3d8fa5 Removed another local definition of the variable "errno" 2001-02-06 10:42:27 +00:00
Guus Sliepen
f777c1807d FreeBSD compile fixes (thanks to XeF4) 2001-02-06 10:12:51 +00:00
Ivo Timmermans
54e19d3466 Fix error reporting of read_config 2001-01-17 01:30:05 +00:00
Guus Sliepen
a56df1e06b - Allow ASN1 style keys to be in the config files. 
Note: tinc ignores private key in the main config file, tinc.conf,
  because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
  the public key to the host configuration file (otherwise rsa_key.pub).
 2001-01-13 16:36:23 +00:00
Guus Sliepen
d646f4e094 - Only send out DEL_HOSTs for hosts with a meta connection 2001-01-11 11:19:08 +00:00
Guus Sliepen
c8beaf35ee - Cleaned up subnet_t 2001-01-08 21:32:30 +00:00
Guus Sliepen
11f3e9d138 - Squashed another nasty bug. 2001-01-08 20:35:30 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
7cd2baedc6 - Fixed IPv6 subnet lookup routine. 2001-01-07 20:19:08 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
7109526c67 - Added header file for route.c. The routing routines in it are not used 
yet, but have a look at the source for the ideas behind it.
 2001-01-07 15:27:30 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path 
- By default write keys to tinc config directory
- Small fix in protocol.c
 2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate 
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
 2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore 
- Allow keys to be inside the config files or in a seperate file
- Small fixes
 2000-12-22 21:34:24 +00:00
Ivo Timmermans
ecae72de94 Added lint target, requires lclint. 2000-12-22 17:15:26 +00:00
Ivo Timmermans
e469fca4d7 Re-introduced MyVirtualIP and VpnMask, as dummy options. 2000-12-06 13:33:49 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
9267bed9f5 Oops. I did some VERY wrong things with readline(). Fixed now. 2000-12-05 08:56:44 +00:00
Ivo Timmermans
bc22ee16e6 Option -d accepts an argument to set the debug level immediately. 2000-12-03 12:23:06 +00:00
Ivo Timmermans
01d23601a2 Sort configuration directives 2000-12-03 12:22:19 +00:00
Ivo Timmermans
52575a573c Use buffer instead of line in read_config_file(), line may be assigned 
NULL, so buffer always holds the pointer to the allocated space.
 2000-12-01 12:38:42 +00:00
Ivo Timmermans
ab33c1aa60 readline() accepts two extra parameters, buf and buflen, to avoid 
mallocing and freeing for every line that is read.
 2000-12-01 12:36:36 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key(); 
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
 2000-11-30 23:18:21 +00:00
Ivo Timmermans
28deaeac14 Avoid printing duplicate messages from read_rsa_keys 2000-11-30 22:48:48 +00:00
Ivo Timmermans
2293304748 Better error checking when reading the RSA private key. 2000-11-30 22:33:16 +00:00
Ivo Timmermans
bf4e969899 In readline(): initialise the line to zero length; 
In read_config_file(): Test for EOF, and print the variable name that
caused an error.
 2000-11-30 22:32:14 +00:00
Ivo Timmermans
113198d9c0 The file is safe if it doesn't exist. 2000-11-30 21:11:03 +00:00
Ivo Timmermans
09260b43d1 Read the PEM file pointed to by the configuration directive 
PrivateKey.  This means thatt he meaning of this variable has changed,
it no longer should contain the private key directly.

WARNING: This code is untested.
 2000-11-30 20:08:41 +00:00
Ivo Timmermans
8ccb1ede92 Implemented is_safe_path, and extended ask_and_safe_open. 
is_safe_path needs more work before it is useable.
 2000-11-30 00:24:13 +00:00
Ivo Timmermans
d36da1948a Also free the pointer returned by readline(). 2000-11-29 14:30:07 +00:00
Ivo Timmermans
9e55426d72 Use readline() in read_config_file() instead of fgets. 2000-11-29 14:27:24 +00:00
Ivo Timmermans
54ef13bf75 Implemented a readline() function that will read an entire line into a 
dynamically allocated buffer;

Ask for a file name in ask_and_safe_open().
 2000-11-29 14:24:40 +00:00
Ivo Timmermans
3ff76eb10a Save RSA public and private keys to a separate file, instead of 
wanting to copy them into a configuration file.
 2000-11-28 23:12:57 +00:00
Ivo Timmermans
4c502b005b Use sigaction to set signal handlers, the previous commit (1.1.2.16) 
already contained a large portion of what should have gone in this
one.
 2000-11-28 08:59:27 +00:00
Ivo Timmermans
67a4abda70 Give an error message if daemon() failed. 2000-11-26 22:42:34 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility) 
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
 2000-11-25 13:33:33 +00:00
Guus Sliepen
cf49b2c064 Another big & bad commit: 
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
  anyway something MIGHT just be configured which is necessary for further
  execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
 2000-11-24 23:13:07 +00:00
Ivo Timmermans
b0ff879e7c Do not use the C library's daemon() call. 2000-11-24 12:44:39 +00:00
Guus Sliepen
dac256505e - Fixed all (except 2) compiler warnings gcc -Wall gave. 2000-11-22 22:18:03 +00:00
Guus Sliepen
6f373e6902 - More porting to FreeBSD and Solaris. 2000-11-22 22:05:37 +00:00
Guus Sliepen
5971e352da - Work with the correct key buffer in ans_key_h 2000-11-22 20:25:27 +00:00
Guus Sliepen
a07602c4fd - No more %as. 2000-11-22 19:55:53 +00:00
Guus Sliepen
394ed3fb17 - Write pidfile AFTER detaching... 
- Minor cleanups
 2000-11-22 19:14:09 +00:00
Guus Sliepen
f8b4a000d0 - Cleaned up and checked for some more NULL pointers in rbl.c 
- Two connection lists: one for incoming connections, sorted on ip/port,
  one for connections whose identity we know, sorted on id ofcourse...
 2000-11-22 18:54:08 +00:00
Ivo Timmermans
785684f0ec Declare fd. 2000-11-22 17:49:16 +00:00
Ivo Timmermans
e42255ae13 Add more checks to ensure that filedescriptors are right in 
_execute_script().
 2000-11-22 17:48:15 +00:00
Ivo Timmermans
2ed6813404 Honor the --localstatedir option to configure, instead of hardcoded /var. 2000-11-22 16:19:07 +00:00
Guus Sliepen
da9a1e8084 - More fixes. 2000-11-20 23:29:47 +00:00
Guus Sliepen
3a6200c1e3 - Various small fixes. 2000-11-20 22:13:14 +00:00
Guus Sliepen
1857b3c97c - Proper initialization of rbltree structures. 2000-11-20 19:41:13 +00:00
Guus Sliepen
408ca91766 - Integrate rbl trees into tinc. 2000-11-20 19:12:17 +00:00
Ivo Timmermans
9024e01ce6 Also include process.h 2000-11-20 18:06:17 +00:00
Guus Sliepen
7fcc0c6415 - Removed stray @INCLUDE@ (how did that get there?) 
- Use 0 instead of FALSE
 2000-11-17 10:03:02 +00:00
Guus Sliepen
44cbd13e52 - Simplified do_detach 2000-11-17 00:56:49 +00:00
Ivo Timmermans
5d1145f2c4 Move more functions from tincd.c into process.c. 2000-11-16 22:12:23 +00:00
Ivo Timmermans
485f7a5043 Delete struct ifr 2000-11-16 22:11:40 +00:00
Ivo Timmermans
2764532ea7 Move all process-related functions into process.c. 2000-11-16 17:54:29 +00:00
Ivo Timmermans
7f87c3d913 Keep a list of running children, and in each loop in main_loop(), 
check if one has exited.
 2000-11-15 22:07:36 +00:00
Guus Sliepen
e118ba0a64 Porting to FreeBSD: 
- Reorganized and added some #includes
 2000-11-15 13:33:27 +00:00
Ivo Timmermans
596e248bc5 Let the output from an executed script in execute_script() go to 
syslog, with proper error detection.
 2000-11-15 01:28:21 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during 
configure.
 2000-11-15 01:06:13 +00:00
Ivo Timmermans
5b74909ea0 Add prototype for destroy_queue 2000-11-09 21:33:18 +00:00
Guus Sliepen
16847ea255 - Make checkpoint tracing a compile time option (off by default) 2000-11-08 20:52:37 +00:00
Guus Sliepen
5055e1dedc - Applied Jamie Brigg's patch (close sockets after error) 2000-11-08 17:56:34 +00:00
Guus Sliepen
74326df7ad - Fixed --config 
- Show warning when both netname and config directory are given.
 2000-11-08 00:20:06 +00:00
Guus Sliepen
f8f1007bf4 Porting to SunOS 5.8: 
- More #includes Linux doesn't seem to need
- Don't do unsetenv() on SunOS
- Use a replacement asprintf() in case the OS doesn't support it
It now compiles properly under SunOS.
 2000-11-08 00:10:50 +00:00
Guus Sliepen
7d0f82bd4b - Open UDP connection for all known hosts. Comments please. 2000-11-07 22:02:14 +00:00
Guus Sliepen
f95cc86d0c Changed execution of tinc-up: 
- Do not free() strings that have been putenv()d, see man page of the
  latter.
- Do not set IFNAME anymore, it appears that the ioctl to get the name of
  the interface does not work at all. Since it is set to NETNAME in case
  of tun/tap and it is known beforehand in case of ethertap, there is no
  need for it anyway... (though it would've simplified things).
 2000-11-07 21:43:28 +00:00
Guus Sliepen
698191fd2f - Prepended config_ to all configuration option names, because it confused 
everything (including myself).
- Use connection oriented UDP sockets for both incoming and outgoing
  packets.
 2000-11-04 22:57:33 +00:00
Guus Sliepen
afc0579707 - Simplified ping mechanism. 2000-11-04 20:44:28 +00:00
Guus Sliepen
5019dd8791 - Check for packets that are looping back. 2000-11-04 17:09:10 +00:00
Guus Sliepen
ac47586552 - Forward keys in hex notation, not as binary data. 2000-11-04 16:54:21 +00:00
Guus Sliepen
3f8f067e8b - Don't forget to set packet cipher for added hosts. 2000-11-04 16:39:19 +00:00
Guus Sliepen
433858d410 - connlist.c added to translation 2000-11-04 15:34:07 +00:00
Ivo Timmermans
15246df85d In execute_script: 
- add an environment variable NETNAME.
- chdir to the configuration directory before execing the script.
 2000-11-04 15:32:05 +00:00
Guus Sliepen
3d7189a444 - Resolve scriptname after fork() 2000-11-04 14:52:40 +00:00
Ivo Timmermans
d38772ebc4 Use putenv() instead of clumsy do-it-yourself in execute_script. 2000-11-04 14:16:46 +00:00
Ivo Timmermans
f83803c1bf Small change to the way the environment is copied. 2000-11-04 13:25:15 +00:00
Guus Sliepen
ed0bf283e3 - Removed even more warnings. 2000-11-04 11:49:58 +00:00
Guus Sliepen
dc699f8b12 - Removed unused MAC strip/add functions. 2000-11-04 10:37:27 +00:00
Ivo Timmermans
5065ea32c3 Warnings removal pass: always include config.h first; add a few 
prototypes in the header files.

This also fixes a few lint errors/warnings.
 2000-11-03 22:35:12 +00:00
Ivo Timmermans
73aa7fbf7e Run the scripts tinc-up and tinc-down from a separate function, which 
sets the environment as it should be and checks for errors.
 2000-11-03 22:33:16 +00:00
Ivo Timmermans
4ad1e382d6 Save the environment on startup. 2000-11-03 22:31:55 +00:00
Ivo Timmermans
013fcb0e9f Changed a few messages wrt. system calls; updated and changed the Dutch translation a bit. 2000-11-02 22:05:36 +00:00
Ivo Timmermans
cadf81fe67 Do not include $(top_srcdir)/cipher, it does no longer exist. 2000-11-02 21:26:51 +00:00
Guus Sliepen
b4c1d4e2d3 - Fixed some spelling mistakes and terminology here and there. 2000-10-30 10:19:06 +00:00
Guus Sliepen
4811afa073 - Small cleanups 
- Updated dutch translation
- Updated man pages
 2000-10-30 00:22:54 +00:00
Guus Sliepen
b7d4d4c177 - Finishing touch: encrypt the meta connections 2000-10-29 22:55:15 +00:00
Guus Sliepen
ec12269355 - Use CFB mode for encrypting packets: it works and we don't need padding. 2000-10-29 22:10:44 +00:00
Guus Sliepen
cea3d8f305 - Small fixes 
- Do proper key exchange
- Encrypt packets - it works, but there is something wrong with the MAC
  header after decryption...
 2000-10-29 10:39:08 +00:00
Guus Sliepen
8fa9bc017d - Removed old encr stuff 2000-10-29 09:19:27 +00:00
Guus Sliepen
a26d371d0d - Updated dutch translation. 
- Shutdown properly.
 2000-10-29 02:07:41 +00:00
Guus Sliepen
e8391bd499 - Moved connlist stuff to the proper header file. 2000-10-29 01:27:23 +00:00
Guus Sliepen
2689690dc3 - Enforce correct order of authentication requests 2000-10-29 01:08:09 +00:00
Guus Sliepen
3b9802a542 - Hit people who can't figure out subnet address/mask pairs with a 
(clue)bat.
 2000-10-29 00:46:43 +00:00
Guus Sliepen
7398002ade - Fixed ans_key_h 
- Removed tapsubnet configuration option.
 2000-10-29 00:24:31 +00:00
Guus Sliepen
35932fe6c8 - Very big cleanup. 2000-10-29 00:02:20 +00:00
Guus Sliepen
db21f01516 - Override destination ethernet address on incoming packets with 
FE:FD:00:00:00:00
 2000-10-28 21:52:22 +00:00
Guus Sliepen
8738c007b1 - Fixed offsets when reading/writing from/to tap device 2000-10-28 21:25:21 +00:00
Guus Sliepen
f25868fd2b - Lots of small fixes 
- Exchange subnets on acknowledgement of connection
- Do proper lookup when incoming packets from tap
- off-by-a small number-error when reading/sending tap packets
 2000-10-28 21:05:20 +00:00
Guus Sliepen
d47d5932a3 - Updated subnet list handling. Subnets are added to two lists now, the 
owner's list and a global list. It is all fucked up but it probably
  works anyway, good enough for pre3 :).
 2000-10-28 16:41:40 +00:00
Guus Sliepen
9c2f805255 - Lots of little stuff modified 
- Succesfully reads in subnets from host config file now and adds them to
  the list.
 2000-10-24 15:46:18 +00:00
Guus Sliepen
c46e84837d - route.c will contain the routing logic. 2000-10-23 13:52:54 +00:00
Ivo Timmermans
76d794eaf7 read_server_config: Check for result of read_config_file. 2000-10-22 13:47:41 +00:00
Ivo Timmermans
56d8e86240 Include linux/sockios.h and net/if.h anyway, regardless of the value of HAVE_TUNTAP. 2000-10-22 13:37:15 +00:00
Guus Sliepen
52b842f807 - Fixed all debug levels. 
- Seed PRNG before generating a challenge
- Strange thing in challenge decryption: it fails if first bit is set!?
 2000-10-21 11:52:08 +00:00
Guus Sliepen
73f7efddd7 - Removed last reference to genauth from Makefile.am 
- Tinc spawns tinc-up and tinc-down scripts which can be used to configure
  the network device. The environment variable IFNAME is set to the name
  of the interface.
 2000-10-20 19:46:58 +00:00
Guus Sliepen
fba19c30c9 - Made Makefile.am stub for doc/es/ 
- Merged genauth into tincd
- Updated dutch translation
 2000-10-20 16:49:20 +00:00
Guus Sliepen
9f64499e40 - tinc now really does public/private key encryption! It even works, whee! 2000-10-20 15:34:38 +00:00
Guus Sliepen
d5fd1344e6 - Seed the PRNG using /dev/random before generating the keys. 2000-10-19 14:42:00 +00:00
Guus Sliepen
20301888b7 - More fixing. Tinc daemons can now even create activated connections. 2000-10-16 19:04:47 +00:00
Guus Sliepen
bb3d18d56f - Fixing little things 
- Two tinc daemons can connect to eachother now (but they disconnect right
  after the ACKs).
 2000-10-16 16:33:30 +00:00
Guus Sliepen
baeac83bf4 Corrected #ifdefs for tun/tap support. 2000-10-15 20:30:39 +00:00
Ivo Timmermans
e5130495d7 Wrap the tun/tap code in #ifdef HAVE_TUNTAP 2000-10-15 19:53:15 +00:00
Guus Sliepen
85adeef212 - The daemon actually runs now (somewhat) 
- Added support for tun/tap driver (autodetect!)
- More sophisticated checkpoint functionality
- Updated dutch translation
 2000-10-15 00:59:37 +00:00
Guus Sliepen
e9635ae38e - Second fixing-things pass: it even links now. 
- Lots of FIXME comments added to the source code.
 2000-10-14 17:04:16 +00:00
Guus Sliepen
183a8edd22 - Fixing-things pass: every source file compiles into an object file now, 
but linking tincd does not work yet (must link with openssl libs and
  define some missing functions).
 2000-10-11 22:01:02 +00:00
Guus Sliepen
6e39481d8f - Generalized config file parsing to support multiple configuration trees. 2000-10-11 13:42:52 +00:00
Guus Sliepen
451e9e3e7a - Changed genauth to produce rsa keypairs instead of random passphrases. 2000-10-11 12:07:27 +00:00
Guus Sliepen
950fb8e916 Big and bad commit of my current tree... 
- Added seperate file for connection list handling
- Updating everything to use connlist, meta and subnet files
- Removed dependency on libgmp
- Lots of other stuff...
 2000-10-11 10:35:17 +00:00
Guus Sliepen
2228b16159 - Added subnet handling code 
- Other small changes to header files
 2000-10-01 03:21:49 +00:00
Guus Sliepen
c78a204f06 - Added meta.c which contains functions to send, receive and broadcast 
metadata. It will also handle encryption and decryption, and possibly
  compression and checksumming.
- Moved request dispatcher to protocol.c.
 2000-09-26 14:06:11 +00:00
Guus Sliepen
361690b18c - Removed options "string" stuff. It was a bad idea... 
- free() everything that is allocated.
 2000-09-22 16:20:07 +00:00
Guus Sliepen
5afc1e98f4 - Severe code reduction and simplification of challenge requests 
- "Finished" [add|del]_subnet_h
- Added lots of sanity checks to [add|del]_host_h
 2000-09-22 15:06:28 +00:00
Guus Sliepen
5d0b3516d5 - Updated authentication scheme. 
- Removed all trailing spaces from all lines.
- Added things to add_ and del_subnet_h.
 2000-09-17 21:42:05 +00:00
Ivo Timmermans
7f3ab38c22 Second round of fixes 2000-09-15 12:58:40 +00:00
Ivo Timmermans
ed397b6ac6 First round of needed fixes after the overhaul 2000-09-14 21:51:21 +00:00
Ivo Timmermans
296171d115 New directive: Name. 2000-09-14 14:34:38 +00:00
Ivo Timmermans
d335c6d0d7 Added some structures and types that are needed for the overhaul. 2000-09-14 14:32:34 +00:00
Guus Sliepen
c04c84c980 - Lots of small changes. 2000-09-14 11:54:51 +00:00
Guus Sliepen
9c75350ac6 - Fixed modulo in keylength check 
- Updated header file to reflect new protocol code
 2000-09-11 10:05:35 +00:00
Guus Sliepen
76b5f255c6 - Some key exchange stuff. (Last commit before going to bed.) 2000-09-10 23:11:37 +00:00
Guus Sliepen
675ed08a71 - Lots of functions added for the new protocol. 2000-09-10 22:49:46 +00:00
Ivo Timmermans
9926dae464 Add Guus' name and shift out old protocol requests 2000-09-10 21:57:11 +00:00
Guus Sliepen
6b9ec9ed1e - Added more function skeletons for the new protocol. 2000-09-10 16:15:35 +00:00
Guus Sliepen
28cc301595 - New protocol. Will break everything else for now. 2000-09-10 15:18:03 +00:00
Guus Sliepen
4dde583bc9 - Use strerror() instead of sys_errlist[] for increased portability 
(Needed for SunOS)
 2000-09-06 11:49:05 +00:00
Guus Sliepen
5c78e158d4 Commented on some size calculations. 2000-08-18 11:17:09 +00:00
Guus Sliepen
3831f51a53 Fixed all sprintf() spl01ts. 2000-08-17 16:51:08 +00:00
Guus Sliepen
9acd4379f7 - Added two extra configuration options, Interface and InterfaceIP, to 
bind the listen socket to a network device or a specific IP.
 2000-08-09 14:02:16 +00:00
Guus Sliepen
f6d79366b3 - Reinstated O_NONBLOCK for meta socket 
- Set SO_KEEPALIVE on meta socket
 2000-08-09 09:34:21 +00:00
Guus Sliepen
3cfc9424f2 - Moved TCP packet reception to meta handler: less kludgy and less buggy! 2000-08-08 17:07:48 +00:00
Guus Sliepen
e092d15be1 - Added date/time of build and protocol number to --version output. 2000-08-08 14:54:57 +00:00
Guus Sliepen
ff87f385c3 Removed calling add_queue for tcponly packets. 2000-08-08 13:47:57 +00:00
Guus Sliepen
ac73c72488 Fixed PACKET read loop. 2000-08-08 08:48:50 +00:00
Guus Sliepen
b6997b0050 - Lots o' buglets fixed (-Wall helps) 
- Made TCPonly work :)
 2000-08-07 16:27:29 +00:00
Guus Sliepen
fdc6a2f106 - Added experimental hackish tunneling-over-TCP support. 
Just use TCPonly = true in the configuration file.
 2000-08-07 14:52:16 +00:00
Guus Sliepen
42455e97a0 - Fixed typo. 2000-07-02 13:40:57 +00:00
Guus Sliepen
b1ecbf9777 - Delayed address resolving for ConnectTo lines in configuration file to 
allow DynDNS to work without restarting tincd.
 2000-07-02 13:36:18 +00:00
Guus Sliepen
1b28f88808 - Removed a single unused bit from status_bits_t. 2000-07-01 07:49:21 +00:00
Guus Sliepen
1a1ebefd57 - Made tinc even more silent if no -d flag is given at all. 2000-06-30 21:03:51 +00:00
Guus Sliepen
c5737583c8 - Instead of logging an error when remote end closes the connection, 
we print a nice message if appropiate debug level is set.
- If we get ADD_HOSTs or DEL_HOSTs for ourself, then connection lists
  are really messed up. We restart, and hope our problems go away.
 2000-06-30 12:41:06 +00:00
Guus Sliepen
24874d0806 - Removed segfault bug in conf.c (must have been there for ages!) 
- Made main_loop() signal proof
- #defined MAXTIMEOUT (15 minutes)
- If something really really bad happens, close all connections, wait
  for MAXTIMEOUT seconds, and then restart tinc
 2000-06-30 11:45:16 +00:00
Guus Sliepen
0f9ad1f047 - Fixed memory leak. 
- Implemented SIGHUP configuration file reloading.
- Other small changes.
 2000-06-29 19:47:04 +00:00
Guus Sliepen
18c85caac3 - New semantics for BASIC_INFO, ADD_HOST and DEL_HOST requests. This will 
improve connection list consistency, ensures the tree property, and
  allows for recovery from situations where track of connections is lost.
 2000-06-29 17:09:08 +00:00
Guus Sliepen
e8e7379311 - Removed all IP_ADDR_S macros, because gettext doesn't like them. Each 
connection now has two hostnames: real_hostname (replacing the old),
  and vpn_hostname. In those places where hostnames really aren't usefull
  IP_ADDR_S has been replaced by %d.%d.%d.%d.
 2000-06-29 13:04:15 +00:00
Guus Sliepen
3df9b89204 - Added log message when SIGCHLD is received ("thanks" to Ivo van Dong) 2000-06-28 14:34:40 +00:00
Guus Sliepen
8c6c60adf3 - Fixed a message in nl.po 
- Woops, we forgot to send our connection list to our uplink when we
  connect to it... Fixed.
 2000-06-28 13:41:02 +00:00
Guus Sliepen
ea40d3f1a0 - Fixed some spelling errors. 
- Paar zpelvautjes gerepareerd, en de Nederlandse vertaling weer bij de
  tijd gebracht.
 2000-06-28 11:38:01 +00:00
Guus Sliepen
dba2995db7 - Extra check op EINTR bij inlezen requests 2000-06-28 10:11:10 +00:00
Guus Sliepen
4ee53e7dac - Fixes a silly little insignificant buglet. 2000-06-27 21:05:07 +00:00
Guus Sliepen
070ad08118 - Purge old connections that are ADD_HOSTed. 2000-06-27 20:55:12 +00:00
Guus Sliepen
4aeaea5e59 - Improved handling of errors on connection attempts. 2000-06-27 20:10:48 +00:00
Guus Sliepen
45a28b1e89 - Fixed indirectdata=no problem 
- Added support for multiple ConnectTo lines in tinc.conf.
 2000-06-27 15:08:58 +00:00
Guus Sliepen
4faed1b854 - Fixed KEY_CHANGED notification. A lot of notify_others() calls were 
wrong (first two arguments swapped). Should probably be doublechecked.
- Don't retry to connect to hosts with different protocol versions.
 2000-06-27 12:58:04 +00:00
Guus Sliepen
04cb206298 - Moved all connection messages to debug level 1, without -d's only the 
startup message will be logged.
- Fixed DEL_HOST rebound.
 2000-06-26 20:30:21 +00:00
Guus Sliepen
783c829861 - Indirectdata finally REALLY REALLY works now! 
- More precise debug messages
 2000-06-26 19:39:34 +00:00
Guus Sliepen
b3681ebf6c Fixes some hostlookups. Fixes indirectdata for real now (hopefully). 2000-06-26 17:20:58 +00:00
Guus Sliepen
a473ece8a0 - More verbose connection list 
- Added "myself" as hostname when logging indirect ADD_HOSTs
 2000-06-25 16:39:17 +00:00
Guus Sliepen
f1f901112e Hostlookup() is actually being called now. 2000-06-25 16:20:27 +00:00
Guus Sliepen
54079bdf03 Hostnames are back! 2000-06-25 16:01:12 +00:00
Guus Sliepen
e4b586ed07 - Log possible spoofing attacks. 
- Don't broadcast DEL_HOSTs for hosts that haven't been activated yet.
- If a host sends a TERMREQ, deactivate them.
 2000-06-25 15:45:09 +00:00
Guus Sliepen
7648bc6065 Added CVS Id tags to header files. 2000-06-25 15:22:16 +00:00
Guus Sliepen
7f7e158aae Large cleanup: 
- Removed hostname lookup (it blocks, and you can always do it yourself)
- Reorganized debug levels (after hints from Axel M�ller):
  0	Startup message and errors
  1	Connection logging
  2	Meta protocol information
  3	Verbose meta protocol (includes copy of transmitted requests)
  4	Packet information (logs transmission/errors of UDP packets)
  5	Verbose packet information (every single byte, not implemented yet
	to protect ourselves from filling up /var/log directories)
- Made log messages more consistent
 2000-06-25 15:16:12 +00:00
Guus Sliepen
3c54a513b0 If we have "indirectdata" flag set, we only send data to our uplink. 2000-06-24 12:35:42 +00:00
Guus Sliepen
d8e2f7104c First step for implementation of the "indirectdata" directive. This should 
allow _leaf_ tincds to be behind firewalls.
The protocol has changed and is INCOMPATIBLE with previous versions. The
PROT_CURRENT value has been incremented.
 2000-06-23 19:27:03 +00:00
Ivo Timmermans
33c3a25a66 Configuration directive `IndirectData'. 2000-06-17 20:55:54 +00:00
Ivo Timmermans
ef294a6967 Include ../intl in the include path, and add @INTLLIBS@ to the list of libraries. 2000-06-06 10:24:33 +00:00
Ivo Timmermans
77be52422d Miscellaneous copyright updates. 2000-05-31 18:23:06 +00:00
Ivo Timmermans
8cb4bb619d Handle locale settings. 2000-05-31 18:21:27 +00:00
Ivo Timmermans
17fa07510a Only accept an ADD_HOST request for a host that already exists in our conn_list if the nexthop field matches the sender. This is a workaround for older clients. 2000-05-30 21:36:16 +00:00
Ivo Timmermans
e7f22d2f5f In terminate_connection, only send a notification to hosts that are directly connected to us. (DEL_HOST gets forwarded automatically.) 2000-05-30 12:38:15 +00:00
Ivo Timmermans
2fdda8e4fa When a connection is terminated, all hosts that are still connected get notified of the lost connections. 2000-05-30 12:31:41 +00:00
Ivo Timmermans
f826301889 Added new configuration directive `Hostnames', which controls the resolving of IP addresses to hostnames. 2000-05-30 11:18:12 +00:00
Guus Sliepen
a7ad161d2b Only activate a connection upon receiving it's public key if it's an 
incoming connection. When it's outgoing, we need to receive an ack first.
 2000-05-29 23:40:05 +00:00
Ivo Timmermans
a822c7466a Bounds check for request id (between 0 and 255). 2000-05-29 22:20:04 +00:00
Ivo Timmermans
386a62ff57 Define LOCALEDIR in CFLAGS. 2000-05-29 21:40:51 +00:00
Ivo Timmermans
9fd02ffcb0 Internationalization of tinc. 2000-05-29 21:01:26 +00:00
Guus Sliepen
61e71ab74a Terminate a connection on any error. Furthermore, disallow del_host, 
add_host and other important requests until remote host has properly
authenticated itself.
 2000-05-27 20:23:01 +00:00
Guus Sliepen
cc01b18bc6 Made tinc persistent. If no outgoing connection can be established right 
after the start of the daemon, it won't quit anymore but will retry in 5
minutes. Also, 5 minutes is now the maximum time to wait for a retry.
 2000-05-27 19:44:04 +00:00
Guus Sliepen
028659bfbf Fixed typos. When terminating a connection, it's status is not only set to 
remove=1 but also active=0.
 2000-05-27 19:23:20 +00:00
Guus Sliepen
e4ff969a98 Fix for a DoS attack: 
A remote user could telnet to the tinc daemon and type only this line:
 61 6 00000000/00000000:28f
 This would deny any packets to be sent to other tinc networks (except
 for to the hosts that run tincd's themselves). Solution is to skip
 hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
 If a new connection is accepted but a connection with the same subnet
 would already exist in the connection list, the OLD connection is
 terminated.
 2000-05-27 19:04:12 +00:00
Guus Sliepen
85963f4c85 Stub for VpnMask config directive. 2000-05-16 13:09:15 +00:00
Ivo Timmermans
7e817fcf0f Unlimited length in the config file, thanks to Cris van Pelt. 2000-05-15 18:28:45 +00:00
Ivo Timmermans
803f908078 Give IP address instead of hex number when connecting tcp socket failed. 2000-05-14 21:07:16 +00:00
Ivo Timmermans
de09916ead Only print an error with send_termreq if debug_lvl is 2 or more. 2000-05-14 13:50:10 +00:00
Guus Sliepen
9d023b1f2e Fixed typos. 2000-05-14 13:06:52 +00:00
Guus Sliepen
e20e143f1e Changed ping behaviour (backwards compatible). If we don't have any data 
to send, we don't need to check if the connection is still alive.
Furthermore, if we receive any kind of data from the other end, we know
it's alive, so we don't need to check it either. So, PING requests are
only sent if we send packets but there is no response.
 2000-05-14 13:02:20 +00:00
Guus Sliepen
ee96ccabbb Cleanups. 2000-05-14 12:22:42 +00:00
Guus Sliepen
8caa1b9d75 Proxymode removed. 2000-05-14 11:39:18 +00:00
Guus Sliepen
d0ba34ccae Added new config variable "ProxyMode". If enabled, all outgoing packets 
are sent to the uplink (ConnectTo), which will have to forward them for
us (kernel should do that). This is for people behind firewalls.
 2000-05-08 18:44:15 +00:00
Ivo Timmermans
74b0cbecce Include sys/types.h. 2000-05-04 23:17:02 +00:00
Ivo Timmermans
2f7e532d70 Don't link in libdl. 2000-05-04 23:16:43 +00:00
Guus Sliepen
a083b1cf30 Squashed gcc warning. 2000-05-03 18:02:15 +00:00
Guus Sliepen
7853247523 Fixes typo and UDP network byte order. 2000-05-03 17:59:07 +00:00
Guus Sliepen
505b5ec2cd Outgoing packets now use network byte order in header. 2000-05-03 15:37:32 +00:00
Guus Sliepen
89610e3fba Replaced sprintf() by safer snprintf(), removed possible buffer overflow 
by one byte.
 2000-05-02 10:16:50 +00:00
Guus Sliepen
aeccaca829 Previous fix fixed. Meta protocol should be really flawless from now on! 2000-05-02 09:55:34 +00:00
Guus Sliepen
989d7edc07 Fixed small mistake that would prevent forwarding requests. 2000-05-02 09:10:33 +00:00
Ivo Timmermans
a9247e6f2c Fixed meta protocol. 2000-05-01 21:31:59 +00:00
Guus Sliepen
ca6abd41ea Meta protocol overhaul. Tinc is now incompatible with previous versions, 
furthermore this version does NOT work yet because of a problem with
sending keys (these should be converted to base36 or something like that).
It is possible to telnet to the tinc daemon now and type some commands
by hand though :).
 2000-05-01 18:07:12 +00:00
Ivo Timmermans
33cfdf43f4 Key forwarding, write one byte extra. 2000-04-30 20:48:48 +00:00
Ivo Timmermans
75d351eaf1 Protocol fix (ANS_KEY). This breaks 0.3.3 protocol compatibility. 2000-04-30 19:49:49 +00:00
Ivo Timmermans
b4290c3f43 Send one less byte from an ANS_KEY request. 2000-04-30 19:03:00 +00:00
Ivo Timmermans
d878230ebe Read one less byte from an ANS_KEY request. 2000-04-30 18:57:16 +00:00
Ivo Timmermans
789a4c4f40 Removed debug messages. 2000-04-30 16:34:31 +00:00
Ivo Timmermans
eb1c9814e6 Read public keys the right way (tm). 2000-04-30 16:31:23 +00:00
Ivo Timmermans
ca73b722cb New way of handling the meta protocol. 2000-04-30 16:11:05 +00:00
Ivo Timmermans
cd12345032 Replaced check for status.active by status.dataopen in check_network_activity. 2000-04-30 13:23:53 +00:00
Ivo Timmermans
4b076ee87f Initially, the vpn_mask of a connection is 255.255.255.255 to avoid confusion with lookup_conn. 2000-04-30 01:16:51 +00:00
Ivo Timmermans
1c007c0627 Got rid of the nasty hacks... and replaced it by another one. 2000-04-30 01:15:47 +00:00
Ivo Timmermans
c027459914 Filled up the protocol structs with unused bytes. 2000-04-29 20:39:36 +00:00
Guus Sliepen
2371551014 Oops! Reference to write_n() removed and changed into neat write() call. 2000-04-28 11:33:25 +00:00
Guus Sliepen
bb8fff92e1 Removed write_n() function. 2000-04-27 20:57:18 +00:00
Ivo Timmermans
4fec0cc457 Default config file name is tinc.conf, and pidfile is tinc.pid. 2000-04-27 13:47:51 +00:00
Guus Sliepen
44f9449888 Cleanups: 
- Changed recv/send calls into read/write calls for streams
- Made all sizeof() functions use a variable name instead of type
 2000-04-26 17:42:55 +00:00
Guus Sliepen
8efe4874da Converted every &variable[0] to variable. 2000-04-25 22:15:28 +00:00
Ivo Timmermans
643d8712eb Debug level tweaking. 2000-04-25 22:00:49 +00:00
Guus Sliepen
468f1d2efc When trying to talk to a host that is in the netmask of a tinc server but 
not the tinc server itself, and no keys have been exchanged yet, the key
request would be directed to the host instead of the server. Fixed.
 2000-04-25 20:50:59 +00:00
Guus Sliepen
dad90e82d3 Fixed typo and removed some unnecessary variables. 2000-04-25 20:17:44 +00:00
Guus Sliepen
5b72422857 Packet queues fixed. They caused the trouble when resending keys. 2000-04-25 20:10:37 +00:00
Guus Sliepen
3a33568652 Added checkpoints to beginning and ending of every function. 2000-04-25 18:57:23 +00:00
Ivo Timmermans
e1e590fe9a Propagate CFLAGS from configure to gcc. 2000-04-25 15:08:10 +00:00
Guus Sliepen
16d581be68 Bug found! Wrong pointer was used for handling multiple ADD_HOST requests 
at once. (See line 606.)
 2000-04-24 09:39:50 +00:00
Guus Sliepen
f6802d349d Added extra checks for desynchronized connection lists. Hopefully this will 
fix those strange segmentation faults.
 2000-04-24 08:32:57 +00:00
Ivo Timmermans
0b02ebc4d9 Address for bugreports changed to tinc@nl.linux.org. 2000-04-18 16:04:10 +00:00
Ivo Timmermans
93287d2b2c Default passphrase length of 1024, added -h/--help options. 2000-04-17 17:04:33 +00:00
Ivo Timmermans
9c2ac77594 Check if stdout is a terminal, if so, print a verbose message. 2000-04-17 16:59:42 +00:00
Ivo Timmermans
c924689690 Check for an illegal length of passphrase in read_passphrase(). 2000-04-17 16:52:58 +00:00
Ivo Timmermans
baebae2749 Pass the requested size from xmalloc() and xrealloc() on to xalloc_fail_func() 2000-04-17 16:23:29 +00:00
Ivo Timmermans
210a92cae9 Only one round of reading bits out of urandom; 
Reading `bytes' bytes out of it;
Print a newline after completion.
 2000-04-17 15:38:47 +00:00
Ivo Timmermans
18e044bde3 New option -D, don't detach. 2000-04-06 18:28:29 +00:00
Ivo Timmermans
523c80c4e3 Ignore SIGCHLD. 2000-03-28 19:16:27 +00:00
Ivo Timmermans
f2076e3e70 Kill the parent after any error conditions in detach(). 2000-03-28 19:09:52 +00:00
Ivo Timmermans
98de35c742 Upon regeneration, free the old encryption key `securely\' by overwriting it. 2000-03-27 22:59:16 +00:00
Ivo Timmermans
b50523dc44 Get rid of the message `zxnrbl\'. 2000-03-27 22:30:27 +00:00
Ivo Timmermans
1243156a5e Initial revision 2000-03-26 00:33:07 +00:00