Commit graph

1560 commits

Author SHA1 Message Date
Guus Sliepen
4a5d42178c Add support for iPhones and recent iPods.
This is a slightly modified patch from Grzegorz Dymarek that allows tinc to use
the tunemu device, which allows tinc to be compiled for iPhones and recent
iPods. To enable support for tunemu, the --enable-tunemu option has to be used
when running the configure script.
2009-09-10 19:32:54 +02:00
Guus Sliepen
ff946d0423 Another safe bitfield conversion. 2009-09-09 14:51:36 +02:00
Guus Sliepen
dd6226062c Add the GPL license to the repository.
Tinc is licensed under the GPL version 2 or later. To ensure autoconf does not
install the wrong license if COPYING is missing, we have to put the right one
in place.
2009-09-09 13:23:16 +02:00
Guus Sliepen
81afa26e4a Convert bitfields to integers in a safe way.
This is commit eb391c52ee redone, but without the
non-standard anonymous union.
2009-09-09 12:04:08 +02:00
Guus Sliepen
9b394bc887 Ensure tinc compiles with gcc -std=c99.
We use a lot of C99 features already, but also some extensions which are not in
the standard.
2009-09-08 21:45:24 +02:00
Guus Sliepen
f52ea0a7eb UNIX signal numbers start at 1. 2009-09-08 18:21:52 +02:00
Guus Sliepen
73d77dd416 Replace asprintf() by xasprintf(). 2009-09-08 18:18:36 +02:00
Guus Sliepen
3e55dc77f4 Check the return value of fscanf() when reading a PID file. 2009-09-08 18:18:16 +02:00
Guus Sliepen
5e0efd53e7 Add xasprintf() and xvasprintf().
These functions wrap asprintf() and vasprintf(), and check the return value. If
the function failed, tinc will exit with an error message, similar to xmalloc()
and friends.
2009-09-08 18:16:58 +02:00
Michael Tokarev
63fe89e9eb Remove extra semicolon in my definition of setpriority() 2009-09-08 16:49:38 +02:00
Guus Sliepen
5a7fc58012 Always remove a node from the UDP tree before freeing it.
Valgrind caught tinc reading free'd memory during a purge(). This was caused by
first removing it from the main node tree, which will already call free_node(),
and then removing it from the UDP tree. This might cause spurious segmentation
faults.
2009-09-08 16:35:28 +02:00
Guus Sliepen
de029ce460 Change level of some debug messages, zero pointer after freeing hostname. 2009-06-11 19:39:25 +02:00
Guus Sliepen
66be914d35 Do not log errors when recvfrom() returns EAGAIN or EINTR.
Although we select() before we call recvfrom(), it sometimes happens that
select() tells us we can read but a subsequent read fails anyway. This is
harmless.
2009-06-11 19:26:34 +02:00
Guus Sliepen
df4add94a4 Remove pending MTU probe events when a node's reachability status changes. 2009-06-11 19:07:54 +02:00
Guus Sliepen
36f8e4da8b Don't try to send MTU probes to unreachable nodes.
If there is an outstanding MTU probe event for a node which is not reachable
anymore, a UDP packet would be sent to that node, which caused a key request to
be sent to that node, which triggered a NULL pointer dereference. Probes and
other UDP packets to unreachable nodes are now dropped.
2009-06-11 18:36:08 +02:00
Guus Sliepen
261d1eac1c Properly set HMAC length for incoming packets. 2009-06-05 16:14:31 +02:00
Michael Tokarev
591c38eb38 try outgoing connections before chroot/drop_privs
When chrooted, we either need to force-initialize resolver
and/or nsswitch somehow (no clean way) or resolve all the
names we want before entering chroot jail.  The latter
looks cleaner, easier and it is actually safe because
we still don't talk with the remote nodes there, only
initiating outgoing connections.
2009-06-05 11:40:08 +02:00
Michael Tokarev
a42a8dde45 cleanup setpriority thing to make it readable 2009-06-05 10:02:55 +02:00
Guus Sliepen
a5fb0d8c6c Add some const where appropriate. 2009-05-28 23:18:22 +02:00
Guus Sliepen
41c10c5a96 Add ProcessPriority option.
This option can be set to low, normal or high. On UNIX flavours, this changes
the nice value of the process by +10, 0 and -10 respectively. On Windows, it
sets the priority to BELOW_NORMAL_PRIORITY_CLASS, NORMAL_PRIORITY_CLASS and
HIGH_PRIORITY_CLASS respectively.

A high priority might help to reduce latency and packet loss on the VPN.
2009-05-28 22:51:30 +02:00
Florian Forster
41a05f59ba src/net_socket.c: Bind outgoing TCP sockets to `BindToAddress'.
If a host has multiple addresses on an interface, the source address of the TCP
connection(s) was picked by the operating system while the UDP packets used a
bound socket, i. e. the source address was the address specified by the user.
This caused problems because the receiving code requires the TCP connection and
the UDP connection to originate from the same IP address.

This patch adds support for the `BindToInterface' and `BindToAddress' options
to the setup of outgoing TCP connections.

Tested with Debian Etch on x86 and Debian Lenny on x86_64.

Signed-off-by: Florian Forster <octo@verplant.org>
2009-05-28 00:35:00 +02:00
Florian Forster
6b415a1a7f src/linux/device.c: Fix segfault when running without `--net'.
If running without `--net', the (global) variable `netname' is NULL. This
creates a segmentation fault because this NULL-pointer is passed to strdup:

 Program terminated with signal 11, Segmentation fault.
 #0  0xb7d30463 in strlen () from /lib/tls/i686/cmov/libc.so.6
 (gdb) bt
 #0  0xb7d30463 in strlen () from /lib/tls/i686/cmov/libc.so.6
 #1  0xb7d30175 in strdup () from /lib/tls/i686/cmov/libc.so.6
 #2  0x0805bf47 in xstrdup (s=0x0) at xmalloc.c:118  <---
 #3  0x0805be33 in setup_device () at device.c:66
 #4  0x0805072e in setup_myself () at net_setup.c:432
 #5  0x08050db2 in setup_network () at net_setup.c:536
 #6  0x0805b27f in main (argc=Cannot access memory at address 0x0) at tincd.c:580

This patch fixes this by checking `netname' in `setup_device'. An alternative
would be to check for NULL-pointers in `xstrdup' and return NULL in this case.

Signed-off-by: Florian Forster <octo@verplant.org>
2009-05-27 10:55:09 +02:00
Michael Tokarev
a8a65cee08 tunnelserver: log which ADD_SUBNET was refused
Add some logging about refused ADD_SUBNET
(it causes subsequent client disconnect so it's
important to know which subnet was at fault).

Maybe we should just ignore it completely.
2009-05-25 16:55:55 +02:00
Guus Sliepen
4e9e3ca89d Do not forward broadcast packets when TunnelServer is enabled.
First of all, the idea behind the TunnelServer option is to hide all other
nodes from each other, so we shouldn't forward broadcast packets from them
anyway. The other reason is that since edges from other nodes are ignored, the
calculated minimum spanning tree might not be correct, which can result in
routing loops.
2009-05-25 15:04:33 +02:00
Guus Sliepen
7fc69bc73b Use packet size before decompression to calculate path MTU.
Since compression can either grow or shrink a packet, the size of an MTU probe
after decompression might not reflect the real path MTU. Now we use the size
before decompression, which is independent of the compression algorithm, and
substract a safety margin such that the calculated path MTU will be safe even
for packets which grow as much as possible after compression.
2009-05-25 12:19:37 +02:00
Guus Sliepen
1b3add6c29 Add declaration for sockaddrcmp_noport(). 2009-05-25 12:19:08 +02:00
Michael Tokarev
ca5b67111e Fix ans_key exchange in recent changes
send_ans_key() was using the wrong in vs. outkeylength to
terminate the key being sent, so it was always empty.
2009-05-25 01:30:01 +02:00
Guus Sliepen
7034338bc3 Use xrealloc instead of if(ptr) ptr = xmalloc(). 2009-05-24 19:35:51 +02:00
Guus Sliepen
e012e752f4 Fix initialisation of packet decryption context broken by commit 3308d13e7e.
Instead of a single, global decryption context, each node has its own context.
However, in send_ans_key(), the global context was initialised. This commit
fixes that and removes the global context completely.

Also only set status.validkey after all checks have been evaluated.
2009-05-24 19:31:31 +02:00
Michael Tokarev
0246939ce1 don't log every strange packet coming to the UDP port
it's a sure way to fill up syslog.  Only log those if
debug level is up to PROTOCOL
2009-05-24 17:28:24 +02:00
Guus Sliepen
576899ef0d Fix link to Mattias Nissler's tun/tap driver for MacOS/X.
Thanks to Martin Christof Kindsmüller for spotting.
2009-05-24 17:13:00 +02:00
Guus Sliepen
2c67eafc6e If PMTUDiscovery is not set, do not forward packets via TCP unnecessarily. 2009-05-24 15:58:47 +02:00
Michael Tokarev
7e4d57adf5 ignore indirect edge registrations in tunnelserver mode
In tunnelserver mode we're not interested to hear about
our client edges, just like in case of subnets.  Just
ignore all requests which are not about our node or the
client node.

The fix is very similar to what was done for subnets.

Note that we don't need to add the "unknown" nodes to
the list in tunnelserver mode too, so move allocation
of new nodes down the line.
2009-05-22 00:43:48 +02:00
Michael Tokarev
3759aa5f77 TunnelServer: Don't disconnect client on DEL_SUBNET too
Similar changes as was in 2327d3f6eb
but for del_subnet_h().

Before, we vere returning false (and causing disconnect of the
client) in case of tunnelserver and the client sending DEL_SUBNET
for non-his subnet or for subnet which owner isn't in our connection
list.

After the mentioned change to add_subnet_h() that routine does not
add such indirect owners to the connection list anymore, so that
was ok (owner == NULL and we return true).

But if we too has a connection with the node about which the client
is sending DEL_SUBNET notification, say, because that client lost
connection with that other node, we'll disconnect this client from
us too, returning false for indirect DEL_SUBNET.

Fix that by allowing and ignoring indirect DEL_SUBNET in tunnelserver
mode.

Also rearranged the function a bit, to match add_subnet_h() (in
particular, syntax-check everything first, see if we've seen this
request before).

And also fix some comments.
2009-05-20 20:16:19 +02:00
Michael Tokarev
218adee785 format 'not supported on this platform' error message
Format it in a similar way in all places, to make translation happier.
No functional changes.
2009-05-18 15:35:52 +02:00
Michael Tokarev
54cb6b1aec change error messages in droppriv code to match the rest
Change formatting of error messages about failed syscalls
to be the same as in other places in tincd.

Also suggest a change in "$foo not supported on this platform"
message as it's now used more than once.
2009-05-18 15:05:43 +02:00
Michael Tokarev
d4f9863635 bugfix: chdir(/) after chroot
Fix the famous chdir(".") vs chdir("/") after chroot(something).
2009-05-18 15:05:43 +02:00
Michael Tokarev
6be5d4f5b6 bugfix: move mlock to after detach() so it works for child, not parent
mlock()/mlockall() are not persistent across fork(), and it's
done in parent process before daemon() which does fork().  So
basically, current --mlock does nothing useful.

Move mlock() to after detach() so it works for child process
instead of parent.

Also, check if the platform supports mlock right when processing
options (since else we'll have to die after startup, not at
startup, the error message will be in log only).
2009-05-18 15:03:56 +02:00
Michael Tokarev
cdf7f13c31 bugfix: initialize pid (as read from pidfile) to zero
If we didn't read any number from a pid file, we'll return
an unitialized variable to the caller, and it will treat
that garbage as a pid of a process (possible to kill).

Fix that.
2009-05-18 14:34:24 +02:00
Michael Tokarev
ec316aa32e Implement privilege dropping
Add two options, -R/--chroot and -U/--user=user, to chroot to the
config directory (where tinc.conf is located) and to perform
setuid to the user specified, after all the initialization is done.

What's left is handling of pid file since we can't remove it anymore.
2009-05-18 14:34:24 +02:00
Michael Tokarev
6698f7c390 Rename setup_network_connections() and split out try_outgoing_connections()
In preparation of chroot/setuid operations, split out call to
try_outgoing_connections() from setup_network_connections()
(which was the last call in setup_network_connections()).
This is because dropping privileges should be done in-between
setup_network_connections() and try_outgoing_connections().

This patch renames setup_network_connections() to setup_network()
and moves call to try_outgoing_connections() into main routine.

No functional changes.
2009-05-18 14:34:24 +02:00
Guus Sliepen
3308d13e7e Handle UDP packets from different and ports than advertised.
Previously, tinc used a fixed address and port for each node for UDP packet
exchange.  The port was the one advertised by that node as its listening port.
However, due to NAT the port might be different.  Now, tinc sends a different
session key to each node. This way, the sending node can be determined from
incoming packets by checking the MAC against all session keys. If a match is
found, the address and port for that node are updated.
2009-04-03 01:05:23 +02:00
Guus Sliepen
43fa7283ac Use a simple Random Early Drop algorithm in send_tcppacket(). 2009-03-09 14:04:31 +01:00
Guus Sliepen
d5b56bbba5 Disable PMTUDiscovery in switch and hub modes.
In switch and hub modes, tinc does not generate ICMP packets in response to
packets that are larger than the path MTU.  However, if PMTUDiscovery is
enabled, the IP_MTU_DISCOVER and IPV6_MTU_DISCOVER option is set on the UDP
sockets, which causes all UDP packets to be sent with the DF bit set, causing
large packets to be dropped, even if they would otherwise be routed fine.
2009-03-09 13:48:54 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
5674bba5c5 Allow weight to be assigned to Subnets.
Tinc allows multiple nodes to own the same Subnet, but did not have a sensible
way to decide which one to send packets to. Tinc also did not check the
reachability of nodes when deciding where to route packets to, so it would not
automatically fail over to a reachable node.

Tinc now assigns a weight to each Subnet. The default weight is 10, with lower
weights having higher priority.  The Subnets are now internally sorted in the
same way as the kernel's routing table, and the Subnets are search linearly,
skipping those of unreachable nodes. A small cache of recently used addresses
is used to speed up the lookup functions.
2009-03-05 13:34:13 +01:00
Michael Tokarev
76a1bcaffc Enable PMTUDiscovery only if BOTH sides wants it.
Don't enable PMTUDiscovery if at least one side does not support it.
Before it was enabled if at least one side supported it, now both are required.
2009-03-04 21:12:20 +01:00
Guus Sliepen
1c1a67fd93 Handle neighbor solicitation requests without link layer addresses.
Apparently FreeBSD likes to send out neighbor solicitation requests, even on a
tun interface where this is completely pointless. These requests do not have an
option header containing a link layer address, so the proxy-neighborsol code
was treating these requests as invalid. We now handle such requests, and send
back equally pointless replies, also without a link layer address. This seems
to satisfy FreeBSD.
2009-02-17 14:43:05 +01:00
Michael Tokarev
2327d3f6eb Allow tunnelserver to work with clients that have other peers.
In TunnelServer mode, tinc server disconnects any client if it announces
indirect subnets -- subnets that are not theirs (e.g. subnets for nodes
the CLIENT has connections now, even if those nodes are known to the server
too).  Fix that by ignoring such (indirect) announces instead.

While we're at it, move check for such indirect subnet registration to
before allocating new node structure, as in TunnelServer mode we don't
really need to know that other node.
2009-02-09 23:51:10 +01:00
Guus Sliepen
23730375f2 Disable old RSA keys when generating new ones.
When generating an RSA keypair, the new public and private keys are appended to
files. However, when OpenSSL reads keys it only reads the first in a file, not
the last. Instead of printing an easily ignored warning, tinc now disables old
keys when appending new ones.
2009-02-03 14:54:45 +01:00