Commit graph

2081 commits

Author SHA1 Message Date
Guus Sliepen
b069da90d6 Consistently allocate device and iface variables on the heap.
This fixes a segfault when no Device has been specified and tinc exits, and it
would try to free() a static string. Thanks to Borg for spottin.
2009-01-03 22:06:10 +01:00
Guus Sliepen
f81cea3bdc Update documentation for git. 2008-12-27 11:09:43 +01:00
Guus Sliepen
c81f90b91a Releasing 1.0.9. 2008-12-26 13:47:34 +00:00
Guus Sliepen
a4d99ebf50 Add missing parentheses in check for IPv4 multicast addresses. 2008-12-26 12:46:45 +00:00
Guus Sliepen
099bc56f53 Apply patch from Max Rijevski fixing a memory leak when closing connections.
It also cleans up more when stopping tinc, helping tools like valgrind.
2008-12-23 23:14:37 +00:00
Guus Sliepen
de032054de Handle broadcast and multicast packets in router mode.
Multicast packets are treated as broadcast packets.
Based on a patch from Max Rijevski.
2008-12-23 22:31:38 +00:00
Guus Sliepen
a5f899a979 Update the manpage as well, and some whitespace to make its source more legible. 2008-12-22 21:49:23 +00:00
Guus Sliepen
e8f08ced76 Update documentation.
- TCPOnly is not experimental.
- Do not mention old Linux kernels and Ethertap anymore.
- Document the DeviceType, PMTU and PMTUDiscovery options.
2008-12-22 21:29:21 +00:00
Guus Sliepen
0e4d419aae Enable PMTU discovery by default. 2008-12-22 20:35:45 +00:00
Guus Sliepen
e9576632dc Update copyright information. 2008-12-22 20:27:52 +00:00
Guus Sliepen
f50dc972cd Update Dutch translation. 2008-12-22 19:43:49 +00:00
Guus Sliepen
26b490e86b Make sure IPv6 sockets are IPv6 only.
This will get rid of the "Can't bind to 0.0.0.0 port 655/tcp: Address already
in use" message on Linux.
2008-12-22 19:40:40 +00:00
Guus Sliepen
c6830ba821 Use TUNIFHEAD by default on FreeBSD to make sure IPv6 works. 2008-12-22 19:33:37 +00:00
Guus Sliepen
a269ec4193 Treat virtual network device as tap if Mode = switch or hub.
On OpenBSD, the link0 flag should still be set in tinc-up or by other means.
2008-12-21 16:19:31 +00:00
Guus Sliepen
551cd19406 Move RSA key generation into the wrappers. 2008-12-14 12:47:26 +00:00
Guus Sliepen
911c05f873 Make sure IPv6 sockets are IPv6 only. 2008-12-11 20:49:14 +00:00
Guus Sliepen
6e80da3370 Use Dijkstra's algorithm. Based on patches from Max Rijevskiy. 2008-12-11 18:07:26 +00:00
Guus Sliepen
26a228e302 Remove wrong checks. 2008-12-11 18:05:59 +00:00
Guus Sliepen
636200d1a2 Remove unnecessary parentheses from sizeof, apply sizeof to variables instead of types whereever possible. 2008-12-11 15:56:18 +00:00
Guus Sliepen
a9bdfb424e Fix compiler warnings. 2008-12-11 15:42:46 +00:00
Guus Sliepen
76165488f8 Backport fixes from trunk since revision 1555. 2008-12-11 15:21:40 +00:00
Guus Sliepen
046158a216 Use the crypto wrappers again instead of calling OpenSSL directly.
This theoretically allows other cryptographic libraries to be used,
and it improves the readability of the code.
2008-12-11 14:44:44 +00:00
Guus Sliepen
8c69f42d7d Move AC_GNU_SOURCE up to make autoconf happy.
Also bump libgcrypt dependency to 1.4.0, because that version supports the OFB cipher mode.
2008-12-11 14:43:13 +00:00
Guus Sliepen
8e8fe805c8 Only show meta connection related debug messages when debug level >= 4 2008-12-11 14:03:52 +00:00
Guus Sliepen
40bebbb19f Look in the configured sbin directory for the tincd binary. 2008-12-11 13:59:46 +00:00
Guus Sliepen
38c2d6c1da Correct debug message. 2008-12-05 14:17:39 +00:00
Guus Sliepen
a36259435c Prevent freeing a NULL pointer when a hostname is unresolvable. 2008-11-18 15:11:27 +00:00
Guus Sliepen
4a1740ede7 Do not try to send REQ_KEY or ANS_KEY requests to unreachable nodes. 2008-10-25 19:54:00 +00:00
Guus Sliepen
cb52aa0683 Fix reading configuration files that do not end with a newline. 2008-10-25 18:10:08 +00:00
Guus Sliepen
b2cee41b18 Make sure the prefixlength of subnets is sane.
Thanks to Sven-Haegar Koch for spotting the bug and providing a fix.
2007-12-14 21:17:08 +00:00
Scott Lamb
fe2f1fceb5 Use a control socket directory to restrict access
This provides reasonable security even on Solaris. The sysadmin is
responsible for securing the control socket's ancestors from the
grandparent on.

We could add a cryptographic handshake later if desired.
2007-11-08 19:18:44 +00:00
Scott Lamb
b1f8c65a2c Coding style corrections 2007-11-07 06:45:28 +00:00
Scott Lamb
d82fcc88f3 Reload configuration through control socket
I also kept the SIGHUP handler, which many people will expect to see.
The control socket is better, though - it will tell you if there is a
problem.
2007-11-07 02:51:24 +00:00
Scott Lamb
f0a57eab4c Retry connections through control socket 2007-11-07 02:50:58 +00:00
Scott Lamb
a62a6825a8 Alter debugging levels through control socket 2007-11-07 02:50:27 +00:00
Scott Lamb
1065879c8c Purge through the control socket 2007-11-07 02:49:57 +00:00
Scott Lamb
6eaefb4dbc Dump through control socket
Note this removes SIGUSR1, SIGUSR2, and the graph dumping config option.
It seems cleaner to do everything through the control socket.
2007-11-07 02:49:25 +00:00
Scott Lamb
50ad3f2a89 Fancier protocol for control socket
* pass error status back
* pass message boundaries
2007-11-07 02:48:33 +00:00
Scott Lamb
b0b5299184 Fix reload crash
sighup_handler was expecting the connection_tree to stay the same across
terminate_connection(), which hasn't been true since r1539.
2007-11-07 02:48:15 +00:00
Scott Lamb
da81da064a Update documentation to match tincctl changes
(Most of this was done in r1559, but it looks like tincctl.8.in got missed.)
2007-11-07 02:48:00 +00:00
Scott Lamb
40731d030f Temporarily revert to old crypto code
(The new code is still segfaulting for me, and I'd like to proceed with other
work.)

This largely rolls back to the revision 1545 state of the existing code
(new crypto layer is still there with no callers), though I reintroduced
the segfault fix of revision 1562.
2007-11-07 02:47:05 +00:00
Guus Sliepen
269892f70b Prevent double free() of a used challenge nonce. 2007-10-20 11:21:44 +00:00
Guus Sliepen
b0709d2649 Fix meta data segfault when receiving a partial command. 2007-10-19 19:07:30 +00:00
Guus Sliepen
67d9a72ea2 Use a dummy function as the read callback for connection bufferevents. Should not be triggered. 2007-10-19 18:54:43 +00:00
Guus Sliepen
54892b2e3e Fix connection weight estimation. 2007-10-19 18:53:48 +00:00
Guus Sliepen
6c453769fd Apply patch from Scott Lamb: Update documentation to match tincctl changes 2007-09-04 15:06:35 +00:00
Guus Sliepen
86358fabfe Small fixes to make gcrypt routines compile. 2007-09-04 14:58:52 +00:00
Guus Sliepen
f8733d1935 Fix formatting of --help output. 2007-09-04 14:58:11 +00:00
Guus Sliepen
65375289df Only check for libgcrypt if --with-gcrypt is used. 2007-09-04 14:57:37 +00:00
Guus Sliepen
d7ca0300a3 Handle SERVICE_CONTROL_INTERROGATE requests. Thanks to Carsten Ralle for noticing this. 2007-08-17 22:09:00 +00:00