j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
650 commits 2 branches 0 tags 10 MiB
Commit graph

335 commits

Author SHA1 Message Date
Guus Sliepen
ce6c8e6d08 Log and warn about duplicate subnet_add()'s for the same subnet. 2001-06-06 19:11:16 +00:00
Guus Sliepen
9cd9b03923 Add missing? counting of total_socket_in. 2001-06-05 19:45:47 +00:00
Guus Sliepen
7bd7f5b436 You can now put an option "Mode" in tinc.conf, and choose from: 
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub    (work like a hub, broadcasting everything)
 2001-06-05 19:39:54 +00:00
Guus Sliepen
edd6734faa Fix bug where lookup_subnet_ipv4() could go into an infinite loop. 2001-06-05 18:07:14 +00:00
Guus Sliepen
fa376fbd4e - This oneliner removes the need for ifconfig tap? hw ether fe:fd:0:0:0:0 2001-06-05 16:31:59 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only) 
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
 2001-06-05 16:09:55 +00:00
Guus Sliepen
428482d86f Added proxy-arp support. No more ifconfig -arp needed. Works like a charm 
under FreeBSD now :).
 2001-06-04 11:14:35 +00:00
Guus Sliepen
0a3c8cefd4 Fix subnet_lookup() for overlapping subnets. Needs rethinking. 2001-06-01 08:02:09 +00:00
Guus Sliepen
7db1b999c8 Make sure Solaris is happy too. 2001-05-28 08:56:57 +00:00
Guus Sliepen
65247c063b Small fixes to allow correct compilation under FreeBSD (tested with 4.3) 2001-05-28 08:21:43 +00:00
Guus Sliepen
fcf869cd42 TCPonly now works (in a relatively clean way too). 2001-05-25 11:54:28 +00:00
Guus Sliepen
a5e2ae6b2b With recent kernels the tun device file is located in /dev/net. 2001-05-25 10:08:11 +00:00
Guus Sliepen
4dee76522e Small fixes: 
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
 2001-05-25 08:36:11 +00:00
Guus Sliepen
bfc5d6014e Only send key_changed if it was previously requested. 2001-05-24 21:52:26 +00:00
Guus Sliepen
58893f0875 Since this is incompatible with some earlier versions, PROT_CURRENT is 
increased.
 2001-05-24 21:30:36 +00:00
Guus Sliepen
d1b597758e Add randomness to PING/PONG packets to prevent crypto attacks on quiet 
tunnels.
 2001-05-24 21:29:09 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g 
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
 2001-05-07 19:08:46 +00:00
Guus Sliepen
a26081467c Correctly cycle through ConnectTo variables. 2001-05-04 18:45:02 +00:00
Guus Sliepen
156ec67652 Check indirectdata option before forwarding certain requests. 2001-03-13 21:33:31 +00:00
Guus Sliepen
c426e981ee Ignore alarm signals if we do not need to respond to them. 2001-03-13 21:32:24 +00:00
Guus Sliepen
b413257e10 Fixed bug in setup_signals() that would make tinc die when unexpected 
signals were caught.
 2001-03-13 09:55:14 +00:00
Guus Sliepen
f1a082823c Fixed a race condition triggered by receive_meta() and the new 
authentication scheme.
 2001-03-12 23:58:19 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination 
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
 2001-03-04 13:59:32 +00:00
Guus Sliepen
d2a54597e0 Added explaination of our key exchange using RSA encryption. 2001-03-02 11:25:56 +00:00
Guus Sliepen
125c497881 Various small fixes. 2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
173d606514 - Fixed Interface option (untested) 
- Removed error handling for non-critical socket options
- Added TCP_NODELAY and IPTOS_LOWDELAY options for meta sockets.
 2001-02-27 16:17:04 +00:00
Guus Sliepen
24fa685859 Don't forget to reconnect if outgoing connection fails during 
authentication.
 2001-02-27 15:33:39 +00:00
Guus Sliepen
34b7a876c3 - Make sure METAKEY is smaller than the modulus of the RSA key 
- Get symmetric key from the least significant bytes of the RSA message
 2001-02-26 11:37:20 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode. 
(This breaks compatibility with all previous versions!)
 2001-02-25 16:34:19 +00:00
Guus Sliepen
9de5787574 Copy packets before putting them in the queue. 2001-02-25 16:04:00 +00:00
Guus Sliepen
e250d64300 Add missing \n. 2001-02-25 14:51:42 +00:00
Guus Sliepen
153fc35e57 Corrected check for errors after read() calls. 2001-02-25 11:09:29 +00:00
Ivo Timmermans
cebb6efeb0 More files to ignore in CVS 2001-02-11 11:55:28 +00:00
Guus Sliepen
603781831f - Updated CVS_CREATED to remove intl/ directory and some other 
autogenerated files.
- Checked if all INCLUDES/LIBS/etc directives inherit the global variables.
 2001-02-11 11:50:09 +00:00
Guus Sliepen
88dfdc9dba Ignore file for src/ 2001-02-11 11:46:14 +00:00
Guus Sliepen
f1cb3d8fa5 Removed another local definition of the variable "errno" 2001-02-06 10:42:27 +00:00
Guus Sliepen
f777c1807d FreeBSD compile fixes (thanks to XeF4) 2001-02-06 10:12:51 +00:00
Ivo Timmermans
54e19d3466 Fix error reporting of read_config 2001-01-17 01:30:05 +00:00
Guus Sliepen
a56df1e06b - Allow ASN1 style keys to be in the config files. 
Note: tinc ignores private key in the main config file, tinc.conf,
  because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
  the public key to the host configuration file (otherwise rsa_key.pub).
 2001-01-13 16:36:23 +00:00
Guus Sliepen
d646f4e094 - Only send out DEL_HOSTs for hosts with a meta connection 2001-01-11 11:19:08 +00:00
Guus Sliepen
c8beaf35ee - Cleaned up subnet_t 2001-01-08 21:32:30 +00:00
Guus Sliepen
11f3e9d138 - Squashed another nasty bug. 2001-01-08 20:35:30 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
7cd2baedc6 - Fixed IPv6 subnet lookup routine. 2001-01-07 20:19:08 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
7109526c67 - Added header file for route.c. The routing routines in it are not used 
yet, but have a look at the source for the ideas behind it.
 2001-01-07 15:27:30 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path 
- By default write keys to tinc config directory
- Small fix in protocol.c
 2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate 
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
 2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore 
- Allow keys to be inside the config files or in a seperate file
- Small fixes
 2000-12-22 21:34:24 +00:00
Ivo Timmermans
ecae72de94 Added lint target, requires lclint. 2000-12-22 17:15:26 +00:00
Ivo Timmermans
e469fca4d7 Re-introduced MyVirtualIP and VpnMask, as dummy options. 2000-12-06 13:33:49 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
9267bed9f5 Oops. I did some VERY wrong things with readline(). Fixed now. 2000-12-05 08:56:44 +00:00
Ivo Timmermans
bc22ee16e6 Option -d accepts an argument to set the debug level immediately. 2000-12-03 12:23:06 +00:00
Ivo Timmermans
01d23601a2 Sort configuration directives 2000-12-03 12:22:19 +00:00
Ivo Timmermans
52575a573c Use buffer instead of line in read_config_file(), line may be assigned 
NULL, so buffer always holds the pointer to the allocated space.
 2000-12-01 12:38:42 +00:00
Ivo Timmermans
ab33c1aa60 readline() accepts two extra parameters, buf and buflen, to avoid 
mallocing and freeing for every line that is read.
 2000-12-01 12:36:36 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key(); 
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
 2000-11-30 23:18:21 +00:00
Ivo Timmermans
28deaeac14 Avoid printing duplicate messages from read_rsa_keys 2000-11-30 22:48:48 +00:00
Ivo Timmermans
2293304748 Better error checking when reading the RSA private key. 2000-11-30 22:33:16 +00:00
Ivo Timmermans
bf4e969899 In readline(): initialise the line to zero length; 
In read_config_file(): Test for EOF, and print the variable name that
caused an error.
 2000-11-30 22:32:14 +00:00
Ivo Timmermans
113198d9c0 The file is safe if it doesn't exist. 2000-11-30 21:11:03 +00:00
Ivo Timmermans
09260b43d1 Read the PEM file pointed to by the configuration directive 
PrivateKey.  This means thatt he meaning of this variable has changed,
it no longer should contain the private key directly.

WARNING: This code is untested.
 2000-11-30 20:08:41 +00:00
Ivo Timmermans
8ccb1ede92 Implemented is_safe_path, and extended ask_and_safe_open. 
is_safe_path needs more work before it is useable.
 2000-11-30 00:24:13 +00:00
Ivo Timmermans
d36da1948a Also free the pointer returned by readline(). 2000-11-29 14:30:07 +00:00
Ivo Timmermans
9e55426d72 Use readline() in read_config_file() instead of fgets. 2000-11-29 14:27:24 +00:00
Ivo Timmermans
54ef13bf75 Implemented a readline() function that will read an entire line into a 
dynamically allocated buffer;

Ask for a file name in ask_and_safe_open().
 2000-11-29 14:24:40 +00:00
Ivo Timmermans
3ff76eb10a Save RSA public and private keys to a separate file, instead of 
wanting to copy them into a configuration file.
 2000-11-28 23:12:57 +00:00
Ivo Timmermans
4c502b005b Use sigaction to set signal handlers, the previous commit (1.1.2.16) 
already contained a large portion of what should have gone in this
one.
 2000-11-28 08:59:27 +00:00
Ivo Timmermans
67a4abda70 Give an error message if daemon() failed. 2000-11-26 22:42:34 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility) 
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
 2000-11-25 13:33:33 +00:00
Guus Sliepen
cf49b2c064 Another big & bad commit: 
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
  anyway something MIGHT just be configured which is necessary for further
  execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
 2000-11-24 23:13:07 +00:00
Ivo Timmermans
b0ff879e7c Do not use the C library's daemon() call. 2000-11-24 12:44:39 +00:00
Guus Sliepen
dac256505e - Fixed all (except 2) compiler warnings gcc -Wall gave. 2000-11-22 22:18:03 +00:00
Guus Sliepen
6f373e6902 - More porting to FreeBSD and Solaris. 2000-11-22 22:05:37 +00:00
Guus Sliepen
5971e352da - Work with the correct key buffer in ans_key_h 2000-11-22 20:25:27 +00:00
Guus Sliepen
a07602c4fd - No more %as. 2000-11-22 19:55:53 +00:00
Guus Sliepen
394ed3fb17 - Write pidfile AFTER detaching... 
- Minor cleanups
 2000-11-22 19:14:09 +00:00
Guus Sliepen
f8b4a000d0 - Cleaned up and checked for some more NULL pointers in rbl.c 
- Two connection lists: one for incoming connections, sorted on ip/port,
  one for connections whose identity we know, sorted on id ofcourse...
 2000-11-22 18:54:08 +00:00
Ivo Timmermans
785684f0ec Declare fd. 2000-11-22 17:49:16 +00:00
Ivo Timmermans
e42255ae13 Add more checks to ensure that filedescriptors are right in 
_execute_script().
 2000-11-22 17:48:15 +00:00
Ivo Timmermans
2ed6813404 Honor the --localstatedir option to configure, instead of hardcoded /var. 2000-11-22 16:19:07 +00:00
Guus Sliepen
da9a1e8084 - More fixes. 2000-11-20 23:29:47 +00:00
Guus Sliepen
3a6200c1e3 - Various small fixes. 2000-11-20 22:13:14 +00:00
Guus Sliepen
1857b3c97c - Proper initialization of rbltree structures. 2000-11-20 19:41:13 +00:00
Guus Sliepen
408ca91766 - Integrate rbl trees into tinc. 2000-11-20 19:12:17 +00:00
Ivo Timmermans
9024e01ce6 Also include process.h 2000-11-20 18:06:17 +00:00
Guus Sliepen
7fcc0c6415 - Removed stray @INCLUDE@ (how did that get there?) 
- Use 0 instead of FALSE
 2000-11-17 10:03:02 +00:00
Guus Sliepen
44cbd13e52 - Simplified do_detach 2000-11-17 00:56:49 +00:00
Ivo Timmermans
5d1145f2c4 Move more functions from tincd.c into process.c. 2000-11-16 22:12:23 +00:00
Ivo Timmermans
485f7a5043 Delete struct ifr 2000-11-16 22:11:40 +00:00
Ivo Timmermans
2764532ea7 Move all process-related functions into process.c. 2000-11-16 17:54:29 +00:00
Ivo Timmermans
7f87c3d913 Keep a list of running children, and in each loop in main_loop(), 
check if one has exited.
 2000-11-15 22:07:36 +00:00
Guus Sliepen
e118ba0a64 Porting to FreeBSD: 
- Reorganized and added some #includes
 2000-11-15 13:33:27 +00:00
Ivo Timmermans
596e248bc5 Let the output from an executed script in execute_script() go to 
syslog, with proper error detection.
 2000-11-15 01:28:21 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during 
configure.
 2000-11-15 01:06:13 +00:00
Ivo Timmermans
5b74909ea0 Add prototype for destroy_queue 2000-11-09 21:33:18 +00:00