Commit graph

1599 commits

Author SHA1 Message Date
Vilbrekin
8a6f278fd2 Basic patch for android cross-compilation.
Commented non-existing functions in android NDK.
Prefix scripts execution with shell binary to allow execution on no-exec mount points.
Everyything is currently hard coded, while it should use pre-compiler variables...
2012-09-24 13:53:11 +02:00
Guus Sliepen
3391018efb Also clarify hostnames=[yes|no] in tinc.conf(5). 2012-07-27 22:44:02 +02:00
Mesar Hameed
e895b358db Minor clarification, tinc.conf hostnames=[yes|no] variable only resolves names for logging purposes. 2012-07-24 07:20:04 +01:00
Guus Sliepen
f13fd8c350 Update THANKS file. 2012-07-12 11:32:08 +02:00
Guus Sliepen
2eb0043e13 Document how to load the tap driver on FreeBSD. 2012-07-12 11:30:56 +02:00
Guus Sliepen
ae8c0b65d8 Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch. 2012-07-12 11:25:11 +02:00
Guus Sliepen
00e71ece25 Releasing 1.0.19. 2012-06-25 19:45:51 +02:00
Guus Sliepen
236b0ba4eb Fix crash when using Broadcast = direct. 2012-06-25 19:03:54 +02:00
Guus Sliepen
0a84f9cb8f Fix compiler warnings. 2012-06-25 19:01:51 +02:00
Guus Sliepen
62ee9b776d #include <winsock2.h> on Windows.
MinGW complained about it not being included.
2012-06-25 15:01:42 +02:00
Guus Sliepen
c0af4c37d2 Small fixes in proxy code. 2012-06-25 15:00:24 +02:00
Michael Tokarev
42a8158b1d add (errnum) in front of windows error messages
On localized, non-English versions of windows, it is
common to have two active charsets -- for console applications
and for GUI applications, together with localized error messages
returned by windows.  But two charsets are rarely compatible,
so sending the same byte sequence to console and to windows
event log makes one or another to be unreadable.  So at least
include the error number, this way it will be possible to
lookup the actual error test using external ways.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2012-05-08 16:56:34 +02:00
Guus Sliepen
5c0dd104f9 Document new proxy types. 2012-04-19 15:56:08 +02:00
Guus Sliepen
5ae19cb0bb Add support for proxying through an external command.
Proxy type "exec" can be used to have an external script or binary set
up an outgoing connection. Standard input and output will be used to
exchange data with the external command. The variables REMOTEADDRESS and
REMOTEPORT are set to the intended destination address and port.
2012-04-19 15:18:31 +02:00
Guus Sliepen
fb5588856f Add support for SOCKS 5 proxies.
This only covers outgoing TCP connections, and supports only
username/password authentication or no authentication.
2012-04-19 14:10:54 +02:00
Guus Sliepen
b58d95eb29 Add basic support for SOCKS 4 and HTTP CONNECT proxies.
When the Proxy option is used, outgoing connections will be made via the
specified proxy. There is no support for authentication methods or for having
the proxy forward incoming connections, and there is no attempt to proxy UDP.
2012-04-18 23:19:40 +02:00
Guus Sliepen
84531fb6e6 Allow broadcast packets to be sent directly instead of via the MST.
When the "Broadcast = direct" option is used, broadcast packets are not sent
and forwarded via the Minimum Spanning Tree to all nodes, but are sent directly
to all nodes that can be reached in one hop.

One use for this is to allow running ad-hoc routing protocols, such as OLSR, on
top of tinc.
2012-04-16 01:57:25 +02:00
Guus Sliepen
535a55100b Allow environment variables to be used for Name.
When the Name starts with a $, the rest will be interpreted as the name of an
environment variable containing the real Name. When Name is $HOST, but this
environment variable does not exist, gethostname() will be used to set the
Name. In both cases, illegal characters will be converted to underscores.
2012-03-29 16:45:25 +01:00
Guus Sliepen
89f4574e0b Add support for systemd style socket activation.
If the LISTEN_FDS environment variable is set and tinc is run in the
foreground, tinc will use filedescriptors 3 to 3 + LISTEN_FDS for its listening
TCP sockets. For now, tinc will create matching listening UDP sockets itself.

There is no dependency on systemd or on libsystemd-daemon.
2012-03-26 14:46:09 +01:00
Guus Sliepen
cc6aee7846 Remove newline from log message. 2012-03-26 14:45:20 +01:00
Anthony G. Basile
16e6769fee configure.in: fix AC_ARG_ENABLE and AC_ARG_WITH
The current configure.in file does not correctly make use of these
macros.  The resulting configure file will therefore enable an item
even if --disable-FEATURE is given.  This patch restores the intended
behavior.
2012-03-26 13:25:05 +02:00
Guus Sliepen
b23681dddb Support :: in IPv6 Subnets. 2012-03-25 22:54:36 +01:00
Guus Sliepen
482c6119a7 Releasing 1.0.18. 2012-03-25 15:32:26 +01:00
Guus Sliepen
64c657b32d Mark DecrementTTL option experimental. 2012-03-25 15:30:58 +01:00
Guus Sliepen
f71ce34180 Fix return type of vde_recv() as well.
In this case it is not really necessary as the conversion to int will already
take care of ensuring the return value is treated as signed.
2012-03-25 15:17:50 +01:00
Guus Sliepen
6225b1884a Document OpenBSD "ifconfig link0" and Linux "ip tuntap" commands. 2012-03-25 14:55:56 +01:00
Guus Sliepen
3998353853 Fix some more compiler warnings. 2012-03-25 14:46:50 +01:00
Guus Sliepen
cfe6558d4b Fix return value type of vde_send().
The libvdeplug_dyn.h header file incorrectly declares the return type of
vde_send() to size_t, while in reality it is ssize_t.
2012-03-25 14:00:21 +01:00
Guus Sliepen
95968c67f9 Fix compiler warnings. 2012-03-25 13:58:14 +01:00
Guus Sliepen
e2d1b0b899 Allow scoped addresses to be used for IPv6 multicast socket. 2012-03-25 13:42:10 +01:00
Guus Sliepen
2512040632 Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast. 2012-03-25 13:40:55 +01:00
Guus Sliepen
b5e3bf1a85 Set default value of DecrementTTL to "no".
Decrementing the TTL causes IPv6 to fail when Mode = switch, and there may be
other unforeseen side-effects.
2012-03-23 13:18:36 +01:00
Guus Sliepen
c373de2e98 Add support for multicast communication with UML/QEMU/KVM.
DeviceType = multicast allows one to specify a multicast address and port with
a Device statement. Tinc will then read/send packets to that multicast group
instead of to a tun/tap device. This allows interaction with UML, QEMU and KVM
instances that are listening on the same group.
2012-03-21 17:00:53 +01:00
Guus Sliepen
a7dbb50c23 Allow a port to be specified in BindToAddress statements.
This can be used to let tinc listen on multiple ports for incoming connections.
2012-03-21 13:20:15 +01:00
Guus Sliepen
80e15d8b96 Always try next Address when an outgoing connection fails to authenticate.
When making outgoing connections, tinc goes through the list of Addresses and
tries all of them until one succeeds. However, before it would consider
establishing a TCP connection a success, even when the authentication failed.
This would be a problem if the first Address would point to a hostname and port
combination that belongs to the wrong tinc node, or perhaps even to a non-tinc
service, causing tinc to endlessly try this Address instead of moving to the
next one.

Problem found by Delf Eldkraft.
2012-03-20 23:49:16 +01:00
Guus Sliepen
28a1501b9a Releasing 1.0.17. 2012-03-10 13:45:53 +01:00
Guus Sliepen
4712d8f92e Update copyright notices. 2012-03-10 13:23:08 +01:00
Guus Sliepen
5b0f5ad958 Make sure disabling old RSA keys works on Windows.
Seeking in files and rewriting parts of them does not seem to work properly on
Windows. Instead, when old RSA keys are found when generating new ones, the
file containing the old keys is copied to a temporary file where the changes
are made, and that file is renamed back to the original filename. On Windows,
we cannot atomically replace files with a rename(), so we need to move the
original file out of the way first. If anything fails, the new code will warn
that the user has to solve the problem by hand.
2012-03-08 23:23:39 +01:00
Guus Sliepen
2f1c337c54 Add missing ICMP6 message type definitions. 2012-03-08 22:19:20 +01:00
Guus Sliepen
9dea33f530 Accept Subnets passed with the -o option when StrictSubnets = yes. 2012-03-07 10:40:06 +01:00
Guus Sliepen
63f8303a5d Only log errors sending UDP packets when debug level >= 5.
Since tinc will fall back to TCP or route via another node, it is not necessary
to log such errors unconditionally.
2012-03-02 16:09:58 +01:00
Guus Sliepen
ae52496109 Only use broadcast at the start of the PMTU discovery phase.
For local peer discovery, only a handful of packets are necessary for
peers to detect each other.
2012-02-26 16:23:02 +01:00
Guus Sliepen
5140656de6 Stricter checks against routing loops.
If a packet that had to be sent via an intermediate hop, and that intermediate
hop was the one that sent the packet, we drop it.
2012-02-25 22:11:30 +01:00
Guus Sliepen
f1d5eae643 Don't send ICMP Time Exceeded messages for other Time Exceeded messages.
That would be silly.
2012-02-25 21:46:18 +01:00
Guus Sliepen
5a28aa7b8b Add LocalDiscovery option which tries to detect peers on the local network.
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
2012-02-22 23:17:43 +01:00
Guus Sliepen
8e717ddb60 Pass index into listen_socket[] to handle_incoming_vpn_data(). 2012-02-22 14:37:56 +01:00
Nick Hibma
65e8e06c6d Add missing ICMP message type definitions. 2012-02-21 17:16:21 +01:00
Guus Sliepen
ac48c4ee8c Fix check for raw socket support.
Also, move some variables so there are no compiler warnings about unused
variables when there is no support for raw sockets.
2012-02-21 14:06:55 +01:00
Guus Sliepen
d9ad3d313d Fix a bug that caused tinc to ignore all but the last listening socket. 2012-02-21 13:31:21 +01:00
Guus Sliepen
46506b7aaf Document the command line flag -o and provide --option as well. 2012-02-21 13:13:40 +01:00