j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
2120 commits 2 branches 0 tags 10 MiB
Commit graph

1458 commits

Author SHA1 Message Date
Michael Tokarev
ec316aa32e Implement privilege dropping 
Add two options, -R/--chroot and -U/--user=user, to chroot to the
config directory (where tinc.conf is located) and to perform
setuid to the user specified, after all the initialization is done.

What's left is handling of pid file since we can't remove it anymore.
 2009-05-18 14:34:24 +02:00
Michael Tokarev
6698f7c390 Rename setup_network_connections() and split out try_outgoing_connections() 
In preparation of chroot/setuid operations, split out call to
try_outgoing_connections() from setup_network_connections()
(which was the last call in setup_network_connections()).
This is because dropping privileges should be done in-between
setup_network_connections() and try_outgoing_connections().

This patch renames setup_network_connections() to setup_network()
and moves call to try_outgoing_connections() into main routine.

No functional changes.
 2009-05-18 14:34:24 +02:00
Guus Sliepen
3308d13e7e Handle UDP packets from different and ports than advertised. 
Previously, tinc used a fixed address and port for each node for UDP packet
exchange.  The port was the one advertised by that node as its listening port.
However, due to NAT the port might be different.  Now, tinc sends a different
session key to each node. This way, the sending node can be determined from
incoming packets by checking the MAC against all session keys. If a match is
found, the address and port for that node are updated.
 2009-04-03 01:05:23 +02:00
Guus Sliepen
08aabbf931 Merge branch 'master' into 1.1 
Conflicts:
	NEWS
	README
	doc/tinc.conf.5.in
	doc/tinc.texi
	po/nl.po
	src/conf.c
	src/connection.c
	src/event.c
	src/graph.c
	src/net.c
	src/net_packet.c
	src/net_socket.c
	src/node.c
	src/node.h
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
	src/protocol_misc.c
	src/subnet.c
	src/subnet.h
	src/tincd.c
 2009-03-09 19:02:24 +01:00
Guus Sliepen
43fa7283ac Use a simple Random Early Drop algorithm in send_tcppacket(). 2009-03-09 14:04:31 +01:00
Guus Sliepen
d5b56bbba5 Disable PMTUDiscovery in switch and hub modes. 
In switch and hub modes, tinc does not generate ICMP packets in response to
packets that are larger than the path MTU.  However, if PMTUDiscovery is
enabled, the IP_MTU_DISCOVER and IPV6_MTU_DISCOVER option is set on the UDP
sockets, which causes all UDP packets to be sent with the DF bit set, causing
large packets to be dropped, even if they would otherwise be routed fine.
 2009-03-09 13:48:54 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
5674bba5c5 Allow weight to be assigned to Subnets. 
Tinc allows multiple nodes to own the same Subnet, but did not have a sensible
way to decide which one to send packets to. Tinc also did not check the
reachability of nodes when deciding where to route packets to, so it would not
automatically fail over to a reachable node.

Tinc now assigns a weight to each Subnet. The default weight is 10, with lower
weights having higher priority.  The Subnets are now internally sorted in the
same way as the kernel's routing table, and the Subnets are search linearly,
skipping those of unreachable nodes. A small cache of recently used addresses
is used to speed up the lookup functions.
 2009-03-05 13:34:13 +01:00
Michael Tokarev
76a1bcaffc Enable PMTUDiscovery only if BOTH sides wants it. 
Don't enable PMTUDiscovery if at least one side does not support it.
Before it was enabled if at least one side supported it, now both are required.
 2009-03-04 21:12:20 +01:00
Guus Sliepen
1c1a67fd93 Handle neighbor solicitation requests without link layer addresses. 
Apparently FreeBSD likes to send out neighbor solicitation requests, even on a
tun interface where this is completely pointless. These requests do not have an
option header containing a link layer address, so the proxy-neighborsol code
was treating these requests as invalid. We now handle such requests, and send
back equally pointless replies, also without a link layer address. This seems
to satisfy FreeBSD.
 2009-02-17 14:43:05 +01:00
Michael Tokarev
2327d3f6eb Allow tunnelserver to work with clients that have other peers. 
In TunnelServer mode, tinc server disconnects any client if it announces
indirect subnets -- subnets that are not theirs (e.g. subnets for nodes
the CLIENT has connections now, even if those nodes are known to the server
too).  Fix that by ignoring such (indirect) announces instead.

While we're at it, move check for such indirect subnet registration to
before allocating new node structure, as in TunnelServer mode we don't
really need to know that other node.
 2009-02-09 23:51:10 +01:00
Guus Sliepen
23730375f2 Disable old RSA keys when generating new ones. 
When generating an RSA keypair, the new public and private keys are appended to
files. However, when OpenSSL reads keys it only reads the first in a file, not
the last. Instead of printing an easily ignored warning, tinc now disables old
keys when appending new ones.
 2009-02-03 14:54:45 +01:00
Guus Sliepen
0d0dfd0852 Validate Name before using it in a filename when generating a keypair. 2009-01-20 14:21:50 +01:00
Guus Sliepen
0966cca8ab Allow reading config files with CRLF endings on Unix systems. 2009-01-20 14:20:44 +01:00
Guus Sliepen
d1910ac198 Remove unused definitions from net.h. 2009-01-20 13:19:31 +01:00
Guus Sliepen
503c32eb0e Use a global list to track outgoing connections. 
Previously an outgoing_t was maintained for each outgoing connection,
but the pointer to it was either stored in a connection_t or in an event_t.
This made it very hard to keep track of and to clean up.

Now a list is created when tinc starts and reads all the ConnectTo variables,
and which is recreated when tinc receives a HUP signal.
 2009-01-20 13:12:41 +01:00
Guus Sliepen
a7e793c94e Add missing cleanup functions in close_network_connections(). 2009-01-19 23:17:28 +01:00
Guus Sliepen
116065afe3 Change flush_events() to expire_events(). 
The former function made a totally bogus shallow copy of the event_tree, called
the handler of each event and then deleted the whole tree.  This should've
caused tinc to crash when an ALARM signal was sent more than once, but for some
reason it didn't. It also behaved incorrectly when a handler added a new event.

The new function just moves the expiration time of all events to the past.
 2009-01-19 22:50:05 +01:00
Guus Sliepen
a39a9506cd Move free()s at the end om main() to the proper destructor functions. 2009-01-09 12:36:06 +01:00
Guus Sliepen
67df7fb7e1 Only send packets via UDP if UDP communication is possible. 
When no session key is known for a node, or when it is doing PMTU discovery but
no MTU probes have returned yet, packets are sent via TCP. Some logic is added
to make sure intermediate nodes continue forwarding via TCP.  The per-node
packet queue is now no longer necessary and has been removed.
 2009-01-03 22:33:55 +01:00
Guus Sliepen
b069da90d6 Consistently allocate device and iface variables on the heap. 
This fixes a segfault when no Device has been specified and tinc exits, and it
would try to free() a static string. Thanks to Borg for spottin.
 2009-01-03 22:06:10 +01:00
Guus Sliepen
a4d99ebf50 Add missing parentheses in check for IPv4 multicast addresses. 2008-12-26 12:46:45 +00:00
Guus Sliepen
099bc56f53 Apply patch from Max Rijevski fixing a memory leak when closing connections. 
It also cleans up more when stopping tinc, helping tools like valgrind.
 2008-12-23 23:14:37 +00:00
Guus Sliepen
de032054de Handle broadcast and multicast packets in router mode. 
Multicast packets are treated as broadcast packets.
Based on a patch from Max Rijevski.
 2008-12-23 22:31:38 +00:00
Guus Sliepen
0e4d419aae Enable PMTU discovery by default. 2008-12-22 20:35:45 +00:00
Guus Sliepen
e9576632dc Update copyright information. 2008-12-22 20:27:52 +00:00
Guus Sliepen
26b490e86b Make sure IPv6 sockets are IPv6 only. 
This will get rid of the "Can't bind to 0.0.0.0 port 655/tcp: Address already
in use" message on Linux.
 2008-12-22 19:40:40 +00:00
Guus Sliepen
c6830ba821 Use TUNIFHEAD by default on FreeBSD to make sure IPv6 works. 2008-12-22 19:33:37 +00:00
Guus Sliepen
a269ec4193 Treat virtual network device as tap if Mode = switch or hub. 
On OpenBSD, the link0 flag should still be set in tinc-up or by other means.
 2008-12-21 16:19:31 +00:00
Guus Sliepen
551cd19406 Move RSA key generation into the wrappers. 2008-12-14 12:47:26 +00:00
Guus Sliepen
911c05f873 Make sure IPv6 sockets are IPv6 only. 2008-12-11 20:49:14 +00:00
Guus Sliepen
6e80da3370 Use Dijkstra's algorithm. Based on patches from Max Rijevskiy. 2008-12-11 18:07:26 +00:00
Guus Sliepen
26a228e302 Remove wrong checks. 2008-12-11 18:05:59 +00:00
Guus Sliepen
636200d1a2 Remove unnecessary parentheses from sizeof, apply sizeof to variables instead of types whereever possible. 2008-12-11 15:56:18 +00:00
Guus Sliepen
a9bdfb424e Fix compiler warnings. 2008-12-11 15:42:46 +00:00
Guus Sliepen
76165488f8 Backport fixes from trunk since revision 1555. 2008-12-11 15:21:40 +00:00
Guus Sliepen
046158a216 Use the crypto wrappers again instead of calling OpenSSL directly. 
This theoretically allows other cryptographic libraries to be used,
and it improves the readability of the code.
 2008-12-11 14:44:44 +00:00
Guus Sliepen
8e8fe805c8 Only show meta connection related debug messages when debug level >= 4 2008-12-11 14:03:52 +00:00
Guus Sliepen
40bebbb19f Look in the configured sbin directory for the tincd binary. 2008-12-11 13:59:46 +00:00
Guus Sliepen
38c2d6c1da Correct debug message. 2008-12-05 14:17:39 +00:00
Guus Sliepen
a36259435c Prevent freeing a NULL pointer when a hostname is unresolvable. 2008-11-18 15:11:27 +00:00
Guus Sliepen
4a1740ede7 Do not try to send REQ_KEY or ANS_KEY requests to unreachable nodes. 2008-10-25 19:54:00 +00:00
Guus Sliepen
cb52aa0683 Fix reading configuration files that do not end with a newline. 2008-10-25 18:10:08 +00:00
Guus Sliepen
b2cee41b18 Make sure the prefixlength of subnets is sane. 
Thanks to Sven-Haegar Koch for spotting the bug and providing a fix.
 2007-12-14 21:17:08 +00:00
Scott Lamb
fe2f1fceb5 Use a control socket directory to restrict access 
This provides reasonable security even on Solaris. The sysadmin is
responsible for securing the control socket's ancestors from the
grandparent on.

We could add a cryptographic handshake later if desired.
 2007-11-08 19:18:44 +00:00
Scott Lamb
b1f8c65a2c Coding style corrections 2007-11-07 06:45:28 +00:00
Scott Lamb
d82fcc88f3 Reload configuration through control socket 
I also kept the SIGHUP handler, which many people will expect to see.
The control socket is better, though - it will tell you if there is a
problem.
 2007-11-07 02:51:24 +00:00
Scott Lamb
f0a57eab4c Retry connections through control socket 2007-11-07 02:50:58 +00:00
Scott Lamb
a62a6825a8 Alter debugging levels through control socket 2007-11-07 02:50:27 +00:00
Scott Lamb
1065879c8c Purge through the control socket 2007-11-07 02:49:57 +00:00
Scott Lamb
6eaefb4dbc Dump through control socket 
Note this removes SIGUSR1, SIGUSR2, and the graph dumping config option.
It seems cleaner to do everything through the control socket.
 2007-11-07 02:49:25 +00:00
Scott Lamb
50ad3f2a89 Fancier protocol for control socket 
* pass error status back
* pass message boundaries
 2007-11-07 02:48:33 +00:00
Scott Lamb
b0b5299184 Fix reload crash 
sighup_handler was expecting the connection_tree to stay the same across
terminate_connection(), which hasn't been true since r1539.
 2007-11-07 02:48:15 +00:00
Scott Lamb
40731d030f Temporarily revert to old crypto code 
(The new code is still segfaulting for me, and I'd like to proceed with other
work.)

This largely rolls back to the revision 1545 state of the existing code
(new crypto layer is still there with no callers), though I reintroduced
the segfault fix of revision 1562.
 2007-11-07 02:47:05 +00:00
Guus Sliepen
269892f70b Prevent double free() of a used challenge nonce. 2007-10-20 11:21:44 +00:00
Guus Sliepen
b0709d2649 Fix meta data segfault when receiving a partial command. 2007-10-19 19:07:30 +00:00
Guus Sliepen
67d9a72ea2 Use a dummy function as the read callback for connection bufferevents. Should not be triggered. 2007-10-19 18:54:43 +00:00
Guus Sliepen
54892b2e3e Fix connection weight estimation. 2007-10-19 18:53:48 +00:00
Guus Sliepen
6c453769fd Apply patch from Scott Lamb: Update documentation to match tincctl changes 2007-09-04 15:06:35 +00:00
Guus Sliepen
86358fabfe Small fixes to make gcrypt routines compile. 2007-09-04 14:58:52 +00:00
Guus Sliepen
f8733d1935 Fix formatting of --help output. 2007-09-04 14:58:11 +00:00
Guus Sliepen
d7ca0300a3 Handle SERVICE_CONTROL_INTERROGATE requests. Thanks to Carsten Ralle for noticing this. 2007-08-17 22:09:00 +00:00
Scott Lamb
1fd1d5bd93 const correctness 
cipher_encrypt and cipher_decrypt should take "const void *" data
 2007-07-20 20:10:46 +00:00
Guus Sliepen
1b8f891836 Finish crypto wrapping. Also provide wrappers for OpenSSL. 
Disable libgcrypt by default. Since it doesn't support the OFB cipher mode,
we can't use it in a backwards compatible way.
 2007-05-23 13:45:49 +00:00
Guus Sliepen
f42e57f663 Some more crypto wrapper functions are needed. 2007-05-22 23:41:22 +00:00
Guus Sliepen
19413a8048 Make sure the crypto wrapper functions can actually be compiled. 2007-05-22 21:44:17 +00:00
Guus Sliepen
e8689a4753 Create wrappers for the cryptographic operations used in tinc. 
Implement them using libgcrypt.
 2007-05-22 21:32:48 +00:00
Guus Sliepen
465837dd7f Parse PEM RSA keys ourself, and use libgcrypt to do RSA encryption and decryption. 2007-05-20 22:28:49 +00:00
Guus Sliepen
fbf305c09d Use libevent for meta socket input/output buffering. 2007-05-19 22:23:02 +00:00
Guus Sliepen
59108e4e4f Use bufferevents to handle control socket buffering. 2007-05-19 16:21:52 +00:00
Guus Sliepen
8c6131deda Implement "stop" command, and allow tincctl to retrieve a running tincd's PID. 2007-05-19 15:21:26 +00:00
Guus Sliepen
e9043e17c7 Move key generation to tincctl. 2007-05-19 14:55:35 +00:00
Guus Sliepen
bf8e3ce13d Remove pidfile in favour of control socket. 2007-05-19 14:13:21 +00:00
Guus Sliepen
bc0a24ec81 Fix retrying outgoing connections. 2007-05-19 13:34:32 +00:00
Guus Sliepen
ce976717ea We can safely delete a connection_t in terminate_connection() now. 2007-05-19 12:07:30 +00:00
Guus Sliepen
01f47c46af Start of control socket implementation. 2007-05-18 16:52:34 +00:00
Guus Sliepen
e37ef57a95 More consistent variable naming. 2007-05-18 11:19:31 +00:00
Guus Sliepen
29fbce4497 Detect duplicate outgoing connections. 2007-05-18 10:29:10 +00:00
Guus Sliepen
fb0cfccf7d Use splay trees instead of AVL trees. 2007-05-18 10:05:26 +00:00
Guus Sliepen
f02d3ed3e1 K&R style braces 2007-05-18 10:00:00 +00:00
Guus Sliepen
760dd966ef Remove last references to the global variable "running". 2007-05-18 09:51:54 +00:00
Guus Sliepen
3909b8e51b Remove the last bits of the legacy main_loop(). 2007-05-18 09:43:52 +00:00
Guus Sliepen
ddc6a81a85 Remove global variable "now". 2007-05-18 09:34:06 +00:00
Guus Sliepen
7e1117197c Move key regeneration handling to net_setup.c. 2007-05-17 23:57:48 +00:00
Guus Sliepen
563577a147 Use libevent to handle key expiration. 2007-05-17 23:33:07 +00:00
Guus Sliepen
8852d4407d Use libevent to age learned MAC addresses. 2007-05-17 23:24:40 +00:00
Guus Sliepen
a530f94e7c Use libevent to age past requests. 2007-05-17 23:14:42 +00:00
Guus Sliepen
aaf1851315 Redo SIGALRM handling. 2007-05-17 23:04:02 +00:00
Guus Sliepen
6d19ebd612 Use libevent to handle all non-fatal signals. 2007-05-17 22:41:34 +00:00
Guus Sliepen
531d5a904a Properly use the timeout_initialized() macro. 2007-05-17 22:17:24 +00:00
Guus Sliepen
bf6490825e Remove legacy event system. 2007-05-17 22:13:12 +00:00
Guus Sliepen
a67ab277c9 Use libevent for retrying outgoing connections. 2007-05-17 22:09:55 +00:00
Guus Sliepen
3321591d93 Use libevent to send MTU probes. 2007-05-17 22:01:07 +00:00
Guus Sliepen
ee7844905f Configure events after obtaining a socket. 2007-05-17 21:47:27 +00:00
Guus Sliepen
294ce72441 Use libevent to handle HUP signal. 2007-05-17 21:34:58 +00:00
Guus Sliepen
4d0621b1f3 Use libevent to dump graphs when necessary. 
event_add() can be called repeatedly, the second and later calls are ignored if
the event hasn't been removed yet.
 2007-05-17 21:14:30 +00:00
Guus Sliepen
0f6f54ff8a Use a separate event structure to handle meta data writes. 
Make meta socket events persistent.
 2007-05-17 20:20:10 +00:00
Guus Sliepen
17c8033029 128 listener sockets is way too much. 2007-05-17 19:52:12 +00:00
Guus Sliepen
d8dea8091f Properly delete listener socket events on shutdown. 2007-05-17 19:51:26 +00:00
Guus Sliepen
6ea1dfc995 Port fixes from release 1.0.8. 2007-05-17 19:15:48 +00:00
Guus Sliepen
6af8900f8e Don't free struct addrinfo too early. Spotted by Christian Cier-Zniewski. 2007-05-16 14:46:25 +00:00
Guus Sliepen
480dd127c8 Make sure connection->name is never NULL. 2007-05-16 14:42:08 +00:00
Guus Sliepen
f0cf4991e2 Apply patch from "dnk" making sockets non-blocking under Windows. 2007-05-14 09:21:09 +00:00
Guus Sliepen
3730156165 Only free members of connection_t that have been allocated. 2007-03-12 17:55:43 +00:00
Scott Lamb
38c25d62c2 Convert to libevent. 
This is a quick initial conversion that doesn't yet show much advantage:
- We roll our own timeouts.
- We roll our own signal handling.
- We build up the meta connection fd events on each loop rather than
  on state changes.
 2007-02-27 01:57:01 +00:00
Scott Lamb
834290b00f A couple missed tevent things. 
(Sorry; had a couple changes queued.)
 2007-02-27 01:30:57 +00:00
Scott Lamb
6362b12df7 Rename "event_t" to "tevent_t", along with associated functions. 
This relieves some confusion and problems during the libevent transition.
In particular, "event_add" was defined by both.
(The 't' stands for 'timeout', 'tinc', 'temporary', or some such.)
 2007-02-27 01:26:11 +00:00
Guus Sliepen
45fca3c723 Apply patch from Scott Lamb fixing some memory and resource leaks. 2007-02-14 09:21:34 +00:00
Guus Sliepen
6c6535a416 Apply patch from Scott Lamb preventing an infinite loop when sending SIGALRM. 2007-02-14 09:20:20 +00:00
Guus Sliepen
a1e72f84d0 Update copyright notices. 2007-01-05 13:18:36 +00:00
Guus Sliepen
d80cc7a5cc rename() cannot replace existing files on Windows. 2007-01-05 05:44:01 +00:00
Guus Sliepen
5214ece030 Fix generic BSD tun device to write only the actual packet length. 
Due to a copy&paste bug, it tried to write a packet with the maximum size.
This was not a problem until the maximum size was increased to support VLANs.
 2007-01-05 04:49:02 +00:00
Guus Sliepen
40f02ff8ee Tapreader socket should be bound to localhost only. 2007-01-04 15:28:36 +00:00
Guus Sliepen
03f3fc01e8 Use a ringbuffer in shared memory to transfer packets from the tapreader thread to the main thread. 
It's a wonder it ever worked before. The socket that is created is not of a
datagram type, therefore packet boundaries were not preserved, which becomes
a problem as soon as the TAP-Win32 device receives packets in fast succession.
 2007-01-03 18:18:54 +00:00
Guus Sliepen
855806b2f7 Do a simple test for linux/if_tun.h instead of no test at all. 2006-12-16 16:53:58 +00:00
Guus Sliepen
0322c0883b Remove the test for linux/if_tun.h. 
It has been available for years on any decent Linux distribution.
Although linux/if_tun.h is now required to compile tinc,
you can still run it on systems which only support Ethertap.
 2006-12-16 16:40:09 +00:00
Guus Sliepen
b834d67d7c Use the correct next pointer. 2006-12-12 14:54:39 +00:00
Guus Sliepen
8b55dfacb1 When building the minimum spanning tree, make sure we start from a reachable node. 2006-12-12 14:49:09 +00:00
Guus Sliepen
47d916ec5e Search for lzo/lzo1x.h, lzo2/lzo1x.h and lzo1x.h. 2006-11-29 17:18:39 +00:00
Guus Sliepen
1bb5a284fe Make sure resolved addressed for outgoing connections are freed, if there are any. 2006-11-29 16:57:46 +00:00
Guus Sliepen
e5b1b5cefb EWOULDBLOCK does not exist on platforms without O_NONBLOCK 2006-11-14 12:28:04 +00:00
Guus Sliepen
0714ac6c59 Nodes use events, so event system should be initialised first and destroyed last. 2006-11-11 22:44:15 +00:00
Guus Sliepen
8d393b30a9 Support and autodetect LZO version 2.0 and later. 2006-11-11 20:10:46 +00:00
Guus Sliepen
0d1ac68c59 popen() requires pclose(). 2006-11-11 14:37:03 +00:00
Guus Sliepen
0200d3cd5d Added graph dumping ability based on Markus Goetz's patch. 2006-11-11 14:11:16 +00:00
Guus Sliepen
1728d5b2c4 The "active" bit in node.status is not used. 2006-11-11 13:43:00 +00:00
Guus Sliepen
134dc8995b memcpy() addresses from packet headers before calling the lookup functions. 
This probably fixes a problem on the ARM architecture that causes tinc to fail to lookup IPv4 addresses.
 2006-08-09 22:31:10 +00:00
Guus Sliepen
64e0519cb5 Remove unused variable. 2006-08-08 13:50:58 +00:00
Guus Sliepen
ddcf079cad Remove unused parameter from maskcmp(). 2006-08-08 13:44:37 +00:00
Guus Sliepen
c620df3c15 Remove unused variables. 2006-08-08 13:44:19 +00:00
Guus Sliepen
9fa27097dd Fix format string warnings. 2006-08-08 13:29:17 +00:00
Guus Sliepen
eb391c52ee Do not break strict aliasing of status_t structs. 2006-08-08 13:21:08 +00:00
Guus Sliepen
2077451e07 Add generic host-up and host-down scripts. 
Thanks to Menno Smits for a patch.
 2006-06-12 21:45:39 +00:00
Guus Sliepen
f88c9942e1 Use memcpy() to copy sockaddrs returned by getaddrinfo(). 
Thanks to Miles Nordin for spotting this.
 2006-06-11 18:53:27 +00:00
Guus Sliepen
412f3fb510 Restore length of the original packet in send_udppacket(). 2006-04-26 16:29:47 +00:00
Guus Sliepen
de78d79db8 Update copyright notices, remove Ivo's email address. 2006-04-26 13:52:58 +00:00
Guus Sliepen
8ebb017a10 Fix a bug in handling prefixlengths that are not a multiple of 4. 
Thanks to Sven-Haegar Koch for spotting the bug and providing the fix.
 2006-04-12 08:38:35 +00:00
Guus Sliepen
af95368c0f Fix signedness compiler warnings. 2006-03-19 13:06:21 +00:00
Guus Sliepen
fb1cda2ca4 Export flush_meta(). 2006-03-19 12:43:45 +00:00
Guus Sliepen
098090468a Missing #include. 2006-03-19 12:43:28 +00:00
Guus Sliepen
a90f1b652c Make sure $NAME is set correctly when executing tinc-down script. 2006-02-06 12:30:51 +00:00
Guus Sliepen
228e7a5c8f Apply patch from Scott Lamb adding an output buffer for the TCP sockets. 
This helps coalescing multiple send_meta() commands into one TCP packet.
Also limit the size of the output buffer before dropping PACKETs.
 2006-01-19 17:13:18 +00:00
Guus Sliepen
a5a4d2b865 Apply patch from Scott Lamb unifying configuration of TCP socket options. 2006-01-13 11:21:59 +00:00
Guus Sliepen
e02f13cdb3 EVP_Cleanup() when quitting. 2006-01-13 11:09:19 +00:00
Guus Sliepen
0912260755 Enable OpenSSL ENGINE, so crypto hardware gets used. Thanks to Andreas van Cranenburgh. 2005-11-16 10:45:11 +00:00
Guus Sliepen
e810545dc2 Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys. 
Thanks to Tonnerre Lombard for noticing!
 2005-06-03 10:16:03 +00:00
Guus Sliepen
df3220a154 Update copyright notices. 2005-05-04 18:09:30 +00:00
Guus Sliepen
faaaa1ef38 Searching through splay trees may change the tree variable. 2005-05-04 15:52:55 +00:00
Guus Sliepen
dc09f6fe89 Be on the safe side with initialisation of c->name. 2005-05-04 15:51:45 +00:00
Guus Sliepen
92c4a28d7d Remove unused (and potentially segfaulting) net2str() call. 2005-04-06 20:43:37 +00:00
Guus Sliepen
6363ed4d9c Don't try to add a non-existing node back to the node_udp_tree. 2005-01-20 15:14:25 +00:00
Guus Sliepen
39fe3b445c Nodes should only be in the node_udp_tree if they are reachable. 2005-01-04 22:19:56 +00:00
Guus Sliepen
fe0bfa3e65 Correct size argument for strncat(). 2005-01-04 22:18:58 +00:00
Guus Sliepen
56c36a14d8 Use the proper free function. 2004-12-03 13:27:33 +00:00
Guus Sliepen
18c617ecf2 Free memory used by connection_t after it is deleted from the connection tree. 2004-12-03 13:22:18 +00:00
Guus Sliepen
672ad5634c Small fix. 2004-12-01 21:26:51 +00:00
Guus Sliepen
40b1692940 subnet-up/down hooks, use list_t for the todo list. 2004-12-01 20:06:39 +00:00
Guus Sliepen
c46f56a8b8 subnet-up/down hooks 2004-12-01 20:06:05 +00:00
Guus Sliepen
0077cfaae1 Make sure broadcast packet reach the local network interface. 2004-11-16 19:02:54 +00:00
Guus Sliepen
d8fe2ecdd8 Set BSD tuns to broadcast mode. On OpenBSD, this enables IPv6 on the tun device! 2004-11-10 23:20:59 +00:00
Guus Sliepen
4fe7aff4d1 Add BlockingTCP option, useful when using TCPOnly on slow or congested links. 2004-11-10 21:56:31 +00:00
Guus Sliepen
5bba3124c8 Support tunneling IPv6 on Solaris. 2004-11-10 21:14:08 +00:00
Guus Sliepen
d02d81ff9d Let compiler decide when to inline. 2004-11-10 19:36:02 +00:00
Guus Sliepen
923abcfa35 Use the generic BSD tun/tap code. 2004-11-10 18:11:44 +00:00
Guus Sliepen
e8b11b1cca Missing check for NULL-pointer. 2004-11-10 18:10:59 +00:00
Guus Sliepen
ca7948fc06 Hopefully this really fixes late packet handling. 2004-11-09 09:51:35 +00:00
Guus Sliepen
f7b9761000 Fixed another bug in late packet handling. 2004-11-08 22:30:13 +00:00
Guus Sliepen
14eab17829 Update to make it compile again. 2004-11-08 22:11:33 +00:00
Guus Sliepen
1f00810da3 static 2004-11-01 17:02:19 +00:00
Guus Sliepen
82b29e9a3b Generic device driver for *BSD and MacOS/X 2004-11-01 17:01:56 +00:00
Guus Sliepen
922e5b7bea Support alternative tun/tap driver from http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ 2004-11-01 15:18:53 +00:00
Guus Sliepen
faff649882 Don't let tinc service depend on NDIS component. 2004-11-01 15:18:22 +00:00
Guus Sliepen
396ac4be80 Correct return value. 2004-11-01 15:16:12 +00:00
Guus Sliepen
58153cca98 Allow tinc to work with the latest TAP-Win32 driver. 2004-10-01 18:26:15 +00:00
Guus Sliepen
6411e0d8bd strndupa() is too arcane for some environments. 2004-10-01 18:24:41 +00:00
Guus Sliepen
b0a80007e8 Fix several #includes. 2004-10-01 18:23:08 +00:00
Guus Sliepen
7717cb0c54 Remove duplicate #include "system.h" 2004-09-20 20:56:14 +00:00
Guus Sliepen
5373129344 Marking potential late packets was in the wrong place. 2004-09-20 20:55:49 +00:00
Guus Sliepen
c44f69a302 Don't set $INTERFACE automatically, don't quit on EINTR/EAGAIN. 2004-07-17 12:04:30 +00:00
Guus Sliepen
dcec713675 Added UML network socket handling. 
Now you can use tinc instead of uml_switch.
 2004-07-17 00:09:14 +00:00
Guus Sliepen
fe84fafcb6 Handle timeouts during connecting the same way as other errors. 2004-06-21 14:37:52 +00:00
Guus Sliepen
e5e0dd7534 Clean up environment after executing scripts. 2004-06-14 14:32:10 +00:00
Guus Sliepen
9e44f116bf Increase MTU by 4 bytes to allow VLAN tagged Ethernet frames in hub and switch mode. 2004-04-15 14:09:56 +00:00
Guus Sliepen
7926a156e5 Update copyrights, links, email addresses and let Subversion update $Id$ keywords. 2004-03-21 14:21:22 +00:00
Guus Sliepen
af86a3226e Revert Martin Kihlgren's patch, it doesn't work the way it should. 2004-03-20 22:23:42 +00:00
Guus Sliepen
8df2224829 Fix declaration of update_node_address(). 2004-03-20 15:33:07 +00:00
Guus Sliepen
56aad1bb48 Applied Martin Kihlgren's IdentityGenerosity patch, 
simplified and renamed to StrictSource.
 2004-03-20 15:28:55 +00:00
Guus Sliepen
a92c471a2b Only read our public key if it wasn't already in the private key file. 2004-03-15 18:15:02 +00:00
Guus Sliepen
a67a21ef3c Eat trailing whitespace in config files. 2004-03-15 18:05:41 +00:00
Guus Sliepen
4350704d65 Remove CVS related cruft. 2004-03-15 17:54:19 +00:00
Guus Sliepen
519d63bedb Don't forget to update destination MAC address. 2003-12-27 16:32:52 +00:00
Guus Sliepen
aebc97a77f Small fixes for PMTU discovery. 2003-12-24 10:48:15 +00:00
Guus Sliepen
35399784b6 Improvements for PMTU discovery and IPv4 packet fragmentation. 2003-12-22 11:04:17 +00:00
Guus Sliepen
6d41b429a2 Better name, show probed MTU in dump. 2003-12-20 21:25:17 +00:00
Guus Sliepen
9bab08e972 More sensible name, and try to set PMTU discovery on IPv6 sockets as well. 2003-12-20 21:09:33 +00:00
Guus Sliepen
6b12bea62f Let tinc figure out the exact MTU of the link. 2003-12-20 19:47:53 +00:00
Guus Sliepen
e8fbef5de6 Forget multicast. Always inline some function. 2003-12-13 21:50:26 +00:00
Guus Sliepen
5a1406adef Code beautification, start of multicast support. 2003-12-12 19:52:25 +00:00
Guus Sliepen
354b7ab20e Fix proxy-neighborsolicitation. 2003-12-08 12:00:40 +00:00
Guus Sliepen
331cef948d Don't retry if configuration is wrong from the beginning. 2003-12-07 14:31:09 +00:00
Guus Sliepen
a3cd273751 Missing space between words. 2003-12-07 14:29:02 +00:00
Guus Sliepen
25447b3841 Read MaxTimeout from tinc.conf like the manpage says. 2003-12-07 14:28:39 +00:00
Guus Sliepen
0b5e6cf04e Complain if pid file cannot be created. 2003-11-27 23:24:59 +00:00
Guus Sliepen
e3220cacb5 Replace Opaque and Strict options with a TunnelServer option. 2003-11-17 15:30:18 +00:00
Guus Sliepen
0e59fb022c Add Opaque option which prevent information from being forwarded to certain nodes. 2003-11-10 22:31:53 +00:00
Guus Sliepen
d35a510fff Fix another bug in meta.c. 2003-10-12 11:40:00 +00:00
Guus Sliepen
ffb7327c20 Fix bug that could lead to an assertion failure in libcrypto when multiple 
requests arrive and TCP packets are heavily fragmented.
 2003-10-11 14:18:52 +00:00
Guus Sliepen
258b7ce220 Parentheses in the wrong spots. 2003-10-11 12:28:48 +00:00
Guus Sliepen
a1ab57e275 Check all EVP_ function calls. 2003-10-11 12:16:13 +00:00
Guus Sliepen
b0dd705a26 Check return value of EVP_* functions, and check if length before en/decryption 
matches that after in meta.c.
 2003-10-10 16:24:24 +00:00
Guus Sliepen
9d2bf718f2 Fix ASCII art. 2003-10-10 16:23:30 +00:00
Guus Sliepen
98edfb14fc Some platforms don't know sa_family_t or define it other than uint16_t. 2003-10-08 12:09:37 +00:00
Guus Sliepen
f2ebdf7580 Set media status for newer TAP-Win32 driver. 2003-10-08 11:37:53 +00:00
Guus Sliepen
acf5f9c968 Missing declaration. 2003-10-08 11:37:20 +00:00
Guus Sliepen
ad39db95fe Make sure type of AF_UNKNOWN is sa_family_t. 2003-10-06 16:49:42 +00:00
Guus Sliepen
5900c07fab PIDs are of type pid_t, and use %ld when reading/writing them to the pidfile. 2003-10-06 16:13:08 +00:00
Guus Sliepen
6350334aa4 Don't confuse users with "Address family not supported" warnings. 2003-10-06 14:41:45 +00:00
Guus Sliepen
0842998c0b Unused variable in struct. 2003-10-06 14:33:04 +00:00
Guus Sliepen
c97b8827ed const 2003-10-06 13:57:12 +00:00
Guus Sliepen
60943122f7 Copy structs from packets to the stack before using them, to prevent 
alignment issues.
 2003-10-06 13:49:57 +00:00
Guus Sliepen
acbb9d6692 Better length checks. 2003-10-01 09:14:01 +00:00
Guus Sliepen
eeb97e3ef4 Generate keys with 0x10001 as public exponent, which has less prime factors 
than 0xFFFF.
 2003-09-25 10:34:16 +00:00
Guus Sliepen
288d956728 Check for short packets from the tun/tap device and from other tinc daemons. 2003-09-23 20:59:01 +00:00
Guus Sliepen
cbf5a741aa Remove pidfile when exitting. 2003-09-08 21:52:47 +00:00
Guus Sliepen
0dba26267c Prevent multiple inclusions. 2003-09-03 16:20:33 +00:00
Guus Sliepen
6c5f3d8b74 We don't have to tell GCC how to cast. 2003-08-28 21:05:11 +00:00
Guus Sliepen
762cc2d279 Remove old edges from unreachable nodes to us. This prevents the hosts/NAME-up 
script from being called twice in some situations.
 2003-08-28 15:27:12 +00:00
Guus Sliepen
3e0b28b0c4 Remove debug message. 2003-08-22 15:07:57 +00:00
Guus Sliepen
89c9f3ed8f When purging nodes, only delete them if nobody references them anymore. 2003-08-22 15:04:26 +00:00
Guus Sliepen
22dd23b650 Add checkpoints. 2003-08-22 15:03:59 +00:00
Guus Sliepen
570e7e9c61 Don't overwrite the first " when installing a service. 2003-08-22 15:05:01 +00:00
Guus Sliepen
72bdc05cb7 Allow tinc to handle unknown type addresses from other tinc daemons. 2003-08-22 11:18:42 +00:00
Guus Sliepen
5ac4179df6 If we're not in main_loop() and the service is stopped, exit immediately. 2003-08-17 12:05:08 +00:00
Guus Sliepen
46cfe61994 Do what the SDK documentation tells. 2003-08-17 12:04:35 +00:00
Guus Sliepen
3112e6a863 Use the event log under Windows. 2003-08-17 09:04:00 +00:00
Guus Sliepen
5e7c52610f Fix --logfile under Windows. 2003-08-17 09:03:30 +00:00
Guus Sliepen
f4e80cc5e0 Don't getsockopt() SO_ERROR. We get the error from send()/recv() anyway. 2003-08-16 12:40:01 +00:00
Guus Sliepen
fd40130eb6 stat() batch files under Windows. 2003-08-16 12:11:11 +00:00
Guus Sliepen
7ed2559025 Fix permissions check for rsa_key.priv. 2003-08-14 14:21:35 +00:00
Guus Sliepen
1f2670aab2 Small fixes. 2003-08-12 14:48:13 +00:00
Guus Sliepen
ae070b9170 Add a description for the Service control panel. 2003-08-10 13:35:05 +00:00
Guus Sliepen
7eed829d28 Only system() needs script name quoted. 2003-08-08 22:45:46 +00:00
Guus Sliepen
9bde92ce97 Simpler checking of permissions on private RSA key and other fixes. 2003-08-08 22:11:54 +00:00
Guus Sliepen
96f5d98fc2 Small things. 2003-08-08 19:56:11 +00:00
Guus Sliepen
ef65a64443 Better error checking and reporting. 2003-08-08 19:49:47 +00:00
Guus Sliepen
bb2f18a3fc Under Windows, the installation directory can be found in the registry. 2003-08-08 19:45:21 +00:00
Guus Sliepen
7f05445047 Quote when needed and don't try stuff that doesn't work under Windows. 2003-08-08 19:43:47 +00:00
Guus Sliepen
b4c913aaa9 Log error first, try to close later. 2003-08-08 19:42:35 +00:00
Guus Sliepen
6f30995955 Typo. 2003-08-08 17:20:12 +00:00
Guus Sliepen
691907caae Readd quotes. 2003-08-08 17:17:13 +00:00
Guus Sliepen
7e74e00d16 Allow empty lines in config files. 2003-08-08 14:59:27 +00:00
Guus Sliepen
863349638b Simplify execute_script(). It will probably work under Windows as well. 2003-08-08 14:48:33 +00:00
Guus Sliepen
deba3ed900 Correct error message when remote host closed connection. 2003-08-08 14:24:09 +00:00
Guus Sliepen
070aee3be1 Tell windows to be patient. 2003-08-08 12:55:05 +00:00
Guus Sliepen
adb68b9c2a Windows uses backslashes... 2003-08-08 12:24:52 +00:00
Guus Sliepen
ef091d1ddb Sync CABAL branch with release-1_0 branch. 2003-08-08 11:45:37 +00:00
Guus Sliepen
5193a14dde Use our own port when connecting to ourself. 2003-08-03 21:45:41 +00:00
Guus Sliepen
62a7fa9a7b Simplify translation 2003-08-03 21:45:13 +00:00
Guus Sliepen
e220187f48 Remove newlines from log messages. 2003-08-03 12:38:43 +00:00
Guus Sliepen
3671ed806d Keep Windows happy. 2003-08-03 12:38:18 +00:00
Guus Sliepen
fa9c00733e Old gcc compilers don't like declarations in the middle of a function. 2003-08-03 09:55:20 +00:00
Guus Sliepen
a65011b3c5 Clean up last part of main(). 2003-08-03 09:08:52 +00:00
Guus Sliepen
f605ec47be Oops. 2003-08-02 21:34:10 +00:00
Guus Sliepen
e6e3281458 Missing include. 2003-08-02 21:33:52 +00:00
Guus Sliepen
c044d12dfd Cleanups and error messages. 2003-08-02 21:33:19 +00:00
Guus Sliepen
3fd96ebec7 Error messages. 2003-08-02 21:01:50 +00:00
Guus Sliepen
f08fc359a0 Install tinc as a service under Windows (MinGW). Remove cleanup_and_exit(), 
either exit() directly on errors or let main_loop() shutdown gracefully.
 2003-08-02 20:50:38 +00:00
Guus Sliepen
9c2d5d9f92 Oops. 2003-08-02 15:29:06 +00:00
Guus Sliepen
c7bf64c794 Allow whitespace in values. 2003-08-02 15:27:24 +00:00
Guus Sliepen
b79e55b183 Prevent system headers from including our own headers. 2003-08-02 15:13:08 +00:00
Guus Sliepen
998ac634d4 Wrong function... 2003-08-01 08:18:22 +00:00
Guus Sliepen
2531ff59b7 Woops! 2003-07-31 14:24:19 +00:00
Guus Sliepen
1fe5663787 No easy way to properly detect header files... 2003-07-31 13:18:34 +00:00
Guus Sliepen
8eca27e863 Remove forgotten braces. 2003-07-31 11:31:51 +00:00
Guus Sliepen
5c29d06668 Wrong argument. 2003-07-31 11:20:32 +00:00
Guus Sliepen
d798b8b3d8 Prevent definitions from messing up attributes. 2003-07-30 21:52:41 +00:00
Guus Sliepen
fcbe29bc4c No C99 initialisers, gcc 2.95.3 doesn't like it. 
Also make sure getopt.h is included.
 2003-07-30 11:50:45 +00:00
Guus Sliepen
de223b51b9 Remove doc/es/ and src/device.c from the distribution. 2003-07-30 09:45:21 +00:00
Guus Sliepen
2ed154e731 Cleanups. 2003-07-29 23:21:01 +00:00
Guus Sliepen
721e4caee0 Native Windows support. 2003-07-29 22:59:01 +00:00
Guus Sliepen
586f15ed20 Make sure (at least) the MinGW device driver works. 2003-07-29 12:38:49 +00:00
Guus Sliepen
6f7cce6947 Make sure it works. 2003-07-29 12:18:35 +00:00
Guus Sliepen
ae50b0077e Update dutch translation and make sure all device drivers are included in 
the translation and distribution.
 2003-07-29 11:06:23 +00:00
Guus Sliepen
714fb32d03 Fix compile errors and warnings. 2003-07-29 10:50:15 +00:00
Guus Sliepen
0e94541331 More checks for missing functions. 2003-07-28 22:06:09 +00:00
Guus Sliepen
c15e8a96bf More generic handling of tap device under Windows. 2003-07-28 21:54:03 +00:00
Guus Sliepen
83263b7446 Sprinkle around a lot of const and some C99 initialisers. 2003-07-24 12:08:16 +00:00
Guus Sliepen
5cb1471351 Don't initialise a CIPHER_CTX if cipher == NULL. 2003-07-23 22:17:31 +00:00
Guus Sliepen
4aadb9500d Run setup_device() after parsing configuration but before claiming we're ready. 2003-07-22 21:13:23 +00:00
Guus Sliepen
eefa28059a Use bools and enums where appropriate. 2003-07-22 20:55:21 +00:00
Guus Sliepen
471308e163 Option to specify pidfile location. 2003-07-22 12:58:34 +00:00
Guus Sliepen
bad82522ec Copy cygwin driver to mingw directory. It doesn't work (yet). 2003-07-21 15:51:00 +00:00
Guus Sliepen
e169244e4b Use functions from logger.c 2003-07-21 14:47:43 +00:00
Guus Sliepen
2f2defc452 Check for sys/mman.h. 2003-07-21 13:18:44 +00:00
Guus Sliepen
b657f05194 No UNIX style permissions under Windows. 2003-07-18 14:10:27 +00:00
Guus Sliepen
123bb765d1 Use iface instead of interface because it might already be declared in 
system header files.
 2003-07-18 13:45:06 +00:00
Guus Sliepen
00ddbf5723 Update all device.c files. 2003-07-18 13:41:37 +00:00
Guus Sliepen
271d3537fe Remove all #ifndefs from route.c 2003-07-18 12:21:03 +00:00
Guus Sliepen
b0a4f7b555 Even more missing definitions. 2003-07-18 12:16:24 +00:00
Guus Sliepen
e449d94cae Big header file cleanup: everything that has to do with standard system 
libraries is moved to system.h.
 2003-07-17 15:06:27 +00:00
Guus Sliepen
47721be760 Windows headers declare a struct interface somewhere. 2003-07-15 16:38:18 +00:00
Guus Sliepen
4c52febc57 Make use of the CIPE driver. Woohoo, tinc for Windows! 2003-07-15 16:27:39 +00:00
Guus Sliepen
d26a4af456 Export mymac. 2003-07-15 16:26:18 +00:00
Guus Sliepen
784db4e70d Format string checking for logger(). 2003-07-12 20:24:04 +00:00
Guus Sliepen
5db596c684 Simplify logging, update copyrights and some minor cleanups. 2003-07-12 17:41:48 +00:00
Guus Sliepen
2a7f11c0e9 More missing IPv6 definitions and autoconf checks to make sure it compiles 
under Solaris 2.6.
 2003-07-11 16:13:00 +00:00
Guus Sliepen
30c0381d71 Provide all missing IPv6 definitions in lib/ipv6.h. 2003-07-07 11:11:33 +00:00
Guus Sliepen
1401faf608 Sprinkling the source with static and attributes. 2003-07-06 23:16:29 +00:00
Guus Sliepen
0b9175e998 Define logger(), cleans up source code and allows us to write log entries 
to a separate file.
 2003-07-06 22:11:37 +00:00
Guus Sliepen
8681047030 Check for IPv6 header files. 2003-07-06 17:49:49 +00:00
Guus Sliepen
81f5713ab7 - simplify configure.in 
- drop support for OpenSSL < 0.9.7
- add some missing definitions/includes
 2003-07-06 17:15:25 +00:00
Guus Sliepen
6c7172d694 This subtle pointer arithmetic thingy is (I'm very sure of it) the cause 
of the lingering connections problem. Hopefully it is fixed now...
 2003-06-25 20:55:05 +00:00
Guus Sliepen
9528a63c35 Really make tinc default to any addressfamily. 2003-06-25 20:52:59 +00:00
Guus Sliepen
0a9aef2da7 More braces to make gcc happy. 2003-06-11 19:40:43 +00:00
Guus Sliepen
12de5a8eed Remove mymac stuff from device.c. 2003-06-11 19:28:38 +00:00
Guus Sliepen
31f17d4334 AddressFamily is "any" by default. 2003-06-11 19:27:35 +00:00
Guus Sliepen
451800eda8 If we have a Linux tun/tap device and we are in router mode, open the device 
in tun mode.
 2003-06-11 19:09:52 +00:00
Guus Sliepen
9e02a3d563 Call make_names() before doing anything else. 2003-06-11 19:07:56 +00:00
Guus Sliepen
4b0e5a03fe Fix warning and add missing checks for LZO library. 2003-06-07 13:18:32 +00:00
Guus Sliepen
249933350b Small fixes. 2003-05-07 11:21:58 +00:00
Guus Sliepen
6ba4e2da55 Small fixes to make LZO compression work. 2003-05-06 23:14:45 +00:00
Guus Sliepen
c70f52087b - Per-node EVP_CIPHER_CTX to avoid initialisation overhead. 
- LZO compression, thanks to Teemu Kiviniemi.
- Updated dutch translation.
 2003-05-06 21:13:18 +00:00
Guus Sliepen
1ad2394b84 Make sure outgoing_t is completely freed. 2003-04-19 11:12:45 +00:00
Guus Sliepen
bc9e78250e Better handling of late packets. 2003-04-18 21:18:36 +00:00
Guus Sliepen
51a1bcf001 HUP signal now closes connections to hosts if their host config file is 
gone or changed. The tinc.conf file is reread for changes in the ConnectTo
lines.
 2003-04-03 11:43:17 +00:00
Guus Sliepen
8285827da1 Checksums must also work for uneven number of bytes. 2003-03-29 22:11:22 +00:00
Guus Sliepen
c3ad3731a8 Don't copy more than necessary. 2003-03-29 21:58:35 +00:00
Guus Sliepen
7d21a8d1c7 - Speed up checksumming 
- If a destination is not found in the subnet list or the destination node
  is unreachable, respond with an appropiate ICMP message.
 2003-03-29 21:51:21 +00:00
Guus Sliepen
9792ba2cac - Avoid memory leak caused by OpenSSL 0.9.7a. 
- Disable RSA_blinding_on() because it segfaults.
 2003-03-28 13:41:49 +00:00
Guus Sliepen
69158563e9 Typo. 2003-03-19 11:45:05 +00:00
Guus Sliepen
88ae2e9e0c Make sure send_meta() writes everything. 2003-03-19 11:43:42 +00:00
Ivo Timmermans
2fff0a91a7 Call RSA_blinding_on(), as advised in the paper on 
http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html
to offer some resistance against timing attacks.
 2003-03-14 09:43:10 +00:00
Guus Sliepen
1783a3aaa9 Various fixes for autoconf and OpenSSL 0.9.7 and a missing header. 2003-01-17 00:43:58 +00:00
Guus Sliepen
c08858baa9 - Fix indentation in some places. 
- Optimise select loop.
- Remove unused function setup_outgoing_socket().
- Clear EVP_CIPHER_CTX structures before using them.
 2003-01-17 00:37:20 +00:00
Guus Sliepen
38f562fdfc Add $NAME for tinc-up/down scripts. 2003-01-14 12:53:59 +00:00
Guus Sliepen
44b87ddb7a Run graph algorithm when replacing a second connection from the same host 
replaces an older one.
 2003-01-12 17:02:23 +00:00
Guus Sliepen
5b2a62ebb6 Fix PriorityInheritance. 2002-11-14 22:09:03 +00:00
Ivo Timmermans
e310cc82d3 Fix saving of debug level for startup level 0 2002-09-30 19:04:37 +00:00
Guus Sliepen
006591efe5 Run graph() after edge_del() when updating an edge. 2002-09-24 11:43:34 +00:00
Guus Sliepen
bf3a118988 Use /dev/net/tun as default for tun/tap device under Linux. 2002-09-15 22:19:19 +00:00
Guus Sliepen
5eca9520d9 Small fixes so tinc compiles out of the box on SunOS 5.8 2002-09-15 14:55:54 +00:00
Guus Sliepen
8d472a415e port_t isn't used anymore and conflicts with MacOS/X headers. 2002-09-15 12:26:24 +00:00
Guus Sliepen
38c80bdd46 MacOS/X needs #define _P1003_1B_VISIBLE in order to use mlockall(). 2002-09-15 12:26:04 +00:00
Guus Sliepen
3e3b4a3190 What was I thinking? 2002-09-11 22:25:58 +00:00
Guus Sliepen
eaf1208e9d Fix placement of #include "config.h" 2002-09-10 22:13:01 +00:00
Guus Sliepen
dd888ca685 Link with libintl if necessary. 2002-09-10 21:46:05 +00:00
Guus Sliepen
c01f78ed36 Clean up after indent. 2002-09-10 21:29:42 +00:00
Guus Sliepen
161f917dd0 Fix compiler warnings. 2002-09-10 09:40:25 +00:00
Guus Sliepen
3bc5543475 Let GCC check format string and arguments of send_request(). 2002-09-09 22:41:56 +00:00
Guus Sliepen
6f9f6779e6 Remove redundant spaces. 2002-09-09 22:33:31 +00:00
Guus Sliepen
f75dcef72a Switch to K&R style indentation. 2002-09-09 21:25:28 +00:00
Guus Sliepen
5fc1ed17f4 Cleanups: 
- Convert cp to cp(); so that automatic indenters work.
 - Convert constructions like if(x == NULL) to if(!x).
 - Move all assignments out of conditions.
 2002-09-09 19:40:12 +00:00
Guus Sliepen
5638b9830f Why don't these connection_t's get cleaned up? 2002-09-06 21:22:35 +00:00
Guus Sliepen
a8ddba42b9 Fix MST algorithm. 2002-09-06 21:02:36 +00:00
Guus Sliepen
66741978e1 Reset the *correct* seqnos. 2002-09-06 14:31:12 +00:00
Guus Sliepen
d5b61fc0cd edge_weight_compare() shouldn't rely on edge_compare(). 2002-09-06 12:19:16 +00:00
Guus Sliepen
fbf8a47879 Remove global edge_tree. 2002-09-06 10:23:52 +00:00
Guus Sliepen
641705df90 Only reset seqno's when a key is sent or received. 2002-09-06 09:48:39 +00:00
Guus Sliepen
6fdaa8e1ca Small updates. 2002-09-04 19:57:53 +00:00
Guus Sliepen
8b2b67e26c Generalized request broadcasting/forwarding. 2002-09-04 16:26:45 +00:00
Guus Sliepen
431fa10b37 Small fixes. 2002-09-04 14:17:28 +00:00
Guus Sliepen
82ebfc923d Revert to edge and graph stuff. This time, use a directed graph. 2002-09-04 13:48:52 +00:00
Guus Sliepen
973530db62 Just ignore wrong ADD_NODEs instead of replying with a DEL_NODE, in the 
hope other DEL_NODEs will catch up eventually.
 2002-09-04 08:48:03 +00:00
Guus Sliepen
2af0bcc8fd Don't forget to set prevhop to myself for new connections. 2002-09-04 08:36:34 +00:00
Guus Sliepen
698d6ddac6 Prevent looping DEL_NODE/ADD_NODE messages after a node disconnects. 2002-09-04 08:33:08 +00:00
Guus Sliepen
4a7c2026ae Reduce KEY_CHANGED traffic. 2002-09-04 08:02:33 +00:00
Guus Sliepen
ddb96301a3 Woops. 2002-09-03 22:49:55 +00:00
Guus Sliepen
b5bb06200e A reachable node is always more preferable to an unreachable one... 2002-09-03 22:37:49 +00:00
Guus Sliepen
d134c4542d Drop graph and edge stuff. Use new node stuff instead. 2002-09-03 20:43:26 +00:00
Guus Sliepen
2cb21f8810 Replacement for the current routing algorithm. 2002-09-02 22:40:42 +00:00
Guus Sliepen
912e7e968f Gettext 1.11.5 compatibility. 2002-08-24 12:11:40 +00:00
Guus Sliepen
18948c5784 Added support for raw sockets. This can be used instead of tun/tap devices. 2002-07-18 14:30:45 +00:00
Guus Sliepen
227ccd3a8a Allow tincd to be locked into main memory. 2002-07-16 13:12:49 +00:00
Guus Sliepen
afabbd6b90 Added stub device.c for Cygwin. 2002-07-11 12:57:06 +00:00
Guus Sliepen
8949404db0 Started port to Cygwin. 2002-07-11 12:55:58 +00:00
Guus Sliepen
c98db1b861 Clear subnets before using them. 2002-07-11 12:42:43 +00:00
Guus Sliepen
8dd09568f1 Allow identical subnets from different owners. 2002-07-10 11:32:33 +00:00
Guus Sliepen
36cbaa32f4 Allow list of environment variables to be passed to execute_script(). 
When executing host-up/down scripts, include the address and port of the
remote host.
 2002-07-10 11:27:06 +00:00
Guus Sliepen
a1bd878e11 Fix for prefixlengths of 32 (IPv4) and 128 (IPv6) bits. 2002-06-21 17:49:48 +00:00
Guus Sliepen
627f7c22b4 s/sliepen.warande.net/sliepen.eu.org/g 
s/itimmermans@bigfoot.com/ivo@o2w.nl/g
 2002-06-21 10:11:37 +00:00
Guus Sliepen
940fcb6701 Reset listen_sockets after SIGHUP. 2002-06-13 16:12:40 +00:00
Guus Sliepen
de6835a9dd Include darwin/device.c in distribution. 2002-06-10 15:08:23 +00:00
Guus Sliepen
69b758879e Added Darwin (MacOS/X) tun device handling. 2002-06-10 14:33:40 +00:00
Ivo Timmermans
944df3eeee Include netbsd's device.c in make dist 2002-06-09 16:19:20 +00:00
Guus Sliepen
78e8852184 - netinet/* include files depend on netinet/in_systm.h. 
- Squash bashism in configure.in.
 2002-06-08 14:08:57 +00:00
Guus Sliepen
e47e51e9d1 Use inttypes.h instead of stdint.h. 2002-06-08 13:46:43 +00:00
Guus Sliepen
116ba3b3da Cleanup: 
- Remove checks for specific OS's, instead check for #defines/#includes.
 - Use uint??_t where appropriate.
 - Mask handling functions use void pointers to get rid of silly casts.
 2002-06-08 12:57:10 +00:00
Wessel Dankers
d333fca4d6 This should work much better. 2002-06-07 11:14:05 +00:00
Guus Sliepen
14e570f5ee Use correct includes on NetBSD. 2002-06-05 00:25:55 +00:00
Guus Sliepen
5886b6a10d Make it work correctly with NetBSD tun device. 2002-06-05 00:20:40 +00:00
Guus Sliepen
4856d8e1f8 Support RSA_PUBKEYs (as opposed to RSAPublicKeys) so tinc accepts 
public keys generated by the OpenSSL command line tools.
 2002-06-02 16:06:33 +00:00
Guus Sliepen
2be8e69ca1 Only purge once when there are no more connections. 2002-05-01 09:15:58 +00:00
Guus Sliepen
7caa253df4 Fix very stupid bug in node_del(), which might have caused corruption of 
subnets.
 2002-04-29 20:05:07 +00:00
Guus Sliepen
67a6d7bcc4 Informative log message if execl() failed. 2002-04-27 11:40:45 +00:00
Ivo Timmermans
e6a67fc439 Typo 2002-04-26 18:13:00 +00:00
Guus Sliepen
b6ad4ce35a Add BindToAddress variable, similar to the late BindToIP. 2002-04-23 07:49:38 +00:00
Guus Sliepen
40c2e36a96 Support for MaxOS/X. 2002-04-19 14:06:40 +00:00
Ivo Timmermans
97d492d9e2 Put #ifndef checks for HAVE_RAND_PSEUDO_BYTES in the correct places. 2002-04-18 20:09:05 +00:00
Guus Sliepen
5df8a8cb3f masklength is better known as prefixlength. 2002-04-09 11:42:48 +00:00
Guus Sliepen
ad6b120349 Fix maskcheck() and maskcmp(). 2002-04-05 09:11:38 +00:00
Guus Sliepen
d8c249008a check_rsa() is broken, I don't know why, just remove it for now. 2002-04-01 21:28:39 +00:00
Guus Sliepen
438419734e Don't check_network_activity() if select() is interrupted by a signal. 2002-04-01 21:28:05 +00:00
Guus Sliepen
0fe3dc38ed Fix format strings. 2002-03-27 16:00:38 +00:00
Guus Sliepen
420f46acb0 Remove symlink to device.c when doing a make dist. 2002-03-27 15:47:06 +00:00
Guus Sliepen
c6d2f6c620 Remove cruft. 2002-03-27 15:26:44 +00:00
Guus Sliepen
5eba1e1f6f Limit the amount of packets in a queue to 8. 2002-03-27 15:01:37 +00:00
Guus Sliepen
0e7136027c Merge do_prune() with build_fdset(). Probably fixes the invalid filedescriptor error. 2002-03-27 14:02:36 +00:00
Guus Sliepen
7d07df71f9 Fix execute_script(). 2002-03-26 12:00:38 +00:00
Guus Sliepen
2de5e0eef9 Send REQ_KEY only once until ANS_KEY has arrived. 2002-03-25 15:51:58 +00:00
Guus Sliepen
33d8747021 Set myself->status.reachable. 2002-03-25 13:54:49 +00:00
Guus Sliepen
2749b997df Configuration variables were still handled case sensitively. 2002-03-24 17:14:01 +00:00
Guus Sliepen
c73bdd6bc8 OpenBSD tun device uses address family number instead of Ethernet type. 2002-03-24 17:08:38 +00:00
Guus Sliepen
8379c14b7f Respect type field. 2002-03-24 16:50:58 +00:00
Guus Sliepen
4252ae83a4 Set $INTERFACE correctly when using ethertap while compiled with tun/tap support. 2002-03-24 16:36:56 +00:00
Guus Sliepen
d699f3079c Execute hosts/name-up when a node becomes reachable, and hosts/name-down 
when it becomes unreachable.
 2002-03-24 16:28:27 +00:00
Guus Sliepen
6ad5dd1a9a Don't try to execute scripts unless they exist. 2002-03-24 16:22:59 +00:00
Guus Sliepen
594d5b5d15 Reset retry timeout when receiving the first PONG, not right after receiving the ACK. 2002-03-23 20:21:10 +00:00
Guus Sliepen
cbd8133ab4 Don't run graph algorithms if no edge is deleted in terminate_connection(). 2002-03-23 20:13:56 +00:00
Guus Sliepen
6aee1ad021 free() request strings when deleting past requests from the tree. 2002-03-23 20:12:29 +00:00
Guus Sliepen
ccea26e004 send_ack() was broken. 2002-03-23 20:01:05 +00:00
Guus Sliepen
3c5655f59e Fix compiler warnings, strictly use long int and %lx for options. 2002-03-22 13:31:18 +00:00
Guus Sliepen
d6b70ed6f8 Fix add_edge_h(). 2002-03-22 12:41:54 +00:00
Guus Sliepen
52e7699273 - Added support for jumbograms. 
- Remove tcpaddress from edges, it is not used at all.
- Last bits of code to prevent looping requests.
 2002-03-22 11:43:48 +00:00
Guus Sliepen
9da5390666 Put a break on requests that run around in circles. 2002-03-21 23:11:53 +00:00
Guus Sliepen
f48f8f4fed Updated SSSP algorithm to automatically detect indirect links (if a node uses 
different addresses for connections to other nodes).
 2002-03-19 22:48:25 +00:00
Guus Sliepen
5c2d74de86 Don't use s6_addr[16|32] anymore. 2002-03-19 00:08:23 +00:00
Guus Sliepen
9d99a789c3 Cleanup. 2002-03-19 00:07:09 +00:00
Guus Sliepen
305505f5ec Remember sockaddrs of listening sockets, use appropriate one when sending 
UDP packets.
 2002-03-18 22:47:20 +00:00
Guus Sliepen
106fc2b769 Fix #define s6_addr32. 2002-03-18 14:39:37 +00:00
Guus Sliepen
813c369a8f #define s6_addr32, needed for FreeBSD. 2002-03-18 14:19:02 +00:00
Guus Sliepen
b2579385de Only unmap IPv6 addresses. 2002-03-17 16:08:39 +00:00
Guus Sliepen
8b84c44175 Unmap v4mapped sockaddrs. 2002-03-17 15:59:29 +00:00
Guus Sliepen
07e37f8da0 Typo. 2002-03-15 15:50:14 +00:00
Guus Sliepen
e0dee53770 Different way of detecting neighbor solicitation requests. 2002-03-15 15:40:40 +00:00
Guus Sliepen
0e93f0aa02 Oops, don't forget to actually put the checksum in the response packet. 2002-03-15 15:08:21 +00:00
Guus Sliepen
e1de9ca990 Neighbor solicitation requests now work (I think). 2002-03-15 14:41:57 +00:00
Guus Sliepen
4b3aef9e69 Revert changes to Kruskal's algo. 2002-03-12 16:30:15 +00:00
Guus Sliepen
f219f156cf Put #ifdef NEIGHBORSOL around corresponding code. 2002-03-12 14:25:04 +00:00
Guus Sliepen
ecad9e9289 Remove silly cache thingy. 2002-03-12 14:20:44 +00:00
Guus Sliepen
d6c2c4f2b7 Packet sequence number/authentication warnings only if debug_lvl >= 5. 2002-03-12 14:19:51 +00:00
Guus Sliepen
2e7db2a693 Simplified implementation of Kruskal's minimum spanning tree algorithm. 2002-03-12 13:42:23 +00:00
Guus Sliepen
d2e0ed533c New strategy: forward icmp6 neighbor solicitations to intended target. 2002-03-11 13:56:00 +00:00
Guus Sliepen
46fa10cec7 Try to reply to neighbor solicitation requests. 2002-03-11 13:14:53 +00:00
Guus Sliepen
c2713ba7a5 prune_connections() before build_fdset(). 2002-03-11 11:45:12 +00:00
Guus Sliepen
4fda4560bb Cleanups, spelling fixes, allow symbol names for signals (-k option), 
don't remove pidfile if other tincd is still running.
 2002-03-11 11:23:04 +00:00
Guus Sliepen
5ffeb13d65 Don't retry to make outgoing connections when exitting. 2002-03-10 16:09:15 +00:00
Guus Sliepen
024ab44d98 Fix forwarding of IPv6 packets. 2002-03-10 14:04:48 +00:00
Guus Sliepen
0c16add71c Check if BindToDevice and PriorityInheritance are supported. 2002-03-01 15:14:29 +00:00
Guus Sliepen
7d5741859e Woops. 2002-03-01 14:33:48 +00:00
Guus Sliepen
ab90fa9bd1 Document and clean up MAC address expiry. 2002-03-01 14:25:10 +00:00
Guus Sliepen
14979f835d - Global time_t now, so that we don't have to call time() too often. 
- MAC addresses expire after a time configurable by MACExpire (default 600
  seconds)
 2002-03-01 14:09:31 +00:00
Guus Sliepen
f93b1334e0 Create/bind TCP and UDP listening sockets in pairs. 2002-03-01 13:18:54 +00:00
Guus Sliepen
c2b738e7b5 If "PriorityInheritance = yes" is specified in tinc.conf, the value of the 
TOS field of the tunneled packets will be passed on to the UDP packets tinc
sends out.
 2002-03-01 12:26:56 +00:00
Guus Sliepen
80ea653e8d Fix listening sockets. 2002-03-01 12:25:58 +00:00
Guus Sliepen
7f58ed7685 Make BindToInterface work. 2002-03-01 11:18:34 +00:00
Guus Sliepen
17bc5220c3 Fix send_request() bug. 2002-02-27 22:37:55 +00:00
Guus Sliepen
50403909b6 Allow multiple listening sockets. 2002-02-26 23:26:41 +00:00
Guus Sliepen
2ac7be0d51 Tweaking IPv6 support. 2002-02-26 22:47:51 +00:00
Guus Sliepen
23fda5688e - Change SA_LEN to SALEN, former one is already defined on some platforms. 
- Use SALEN everywhere appropriate.
 2002-02-20 22:37:38 +00:00
Guus Sliepen
dbc5b5bb5e - Use gai_strerror() where appropriate 
- Clear hints before using them with getaddrinfo()
- Use sa_len on platforms that support them
 2002-02-20 22:15:32 +00:00
Guus Sliepen
28cc9a6488 Preserve inpkt->len, needed for broadcasts. 2002-02-20 19:31:15 +00:00
Guus Sliepen
c6d0158831 Protocol now also exchanges cipher/digest/maclength/compression for the 
meta connection.
 2002-02-20 19:25:09 +00:00
Guus Sliepen
626d5956d2 Cache results of lookup_subnet_...(). 2002-02-20 17:16:15 +00:00
Guus Sliepen
e8e69460a7 Fix maskcmp() and maskcpy(). 2002-02-20 17:15:33 +00:00
Guus Sliepen
ed50931290 Forward packets in router mode. 2002-02-20 16:04:59 +00:00
Guus Sliepen
8c91fac315 Use AF_UNSPEC for listening sockets if AddressFamily = any. 2002-02-20 16:04:39 +00:00
Guus Sliepen
76f01453df Fix segfault when receiving HUP signal. 2002-02-20 16:04:07 +00:00
Guus Sliepen
c2b9c06062 - Non-blocking connect()s. 
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
  Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
 2002-02-18 16:25:19 +00:00
Guus Sliepen
2fb8a62ede Added device.c for NetBSD, actually a copy of the OpenBSD one. 2002-02-12 14:40:12 +00:00
Guus Sliepen
f64b41a73b Get rid of sys/signal.h. 2002-02-12 14:36:45 +00:00
Guus Sliepen
dd611fb4f9 Don't use sa_sigaction (which NetBSD doesn't like) at all if we don't use siginfo. 2002-02-12 14:29:00 +00:00
Guus Sliepen
d9a62c6354 Added support for packet compression, thanks to Mark Glines. 
Add "Compression = <level>" to the host config files, where level can be
0 (off), or any integer between 1 (fast) and 9 (best).
 2002-02-11 15:59:18 +00:00
Guus Sliepen
94b171b305 Small fix. 2002-02-11 14:20:46 +00:00
Guus Sliepen
1708997bc8 - If no PrivateKeyFile is specified, /etc/tinc/netname/rsa_key.priv is assumed. 
- Check RSA key before using it.
 2002-02-11 14:20:21 +00:00
Guus Sliepen
1c34ba7fb8 Sensible defaults for $INTERFACE. 2002-02-11 12:33:01 +00:00
Guus Sliepen
24cc2a9065 Last bits of the merger. 2002-02-11 10:16:18 +00:00
Guus Sliepen
5bf4b88666 Forgot to merge new files from pre5. 2002-02-11 10:05:58 +00:00
Guus Sliepen
f0aa9641e8 Merging of the entire pre5 branch. 2002-02-10 21:57:54 +00:00
Ivo Timmermans
c2752b961c Conversion to struct addrinfo is almost complete for this file. 2001-11-16 22:41:38 +00:00
Ivo Timmermans
4f47da5b87 Don't include netutl.h. 2001-11-16 22:40:26 +00:00
Ivo Timmermans
a59bbc7231 Fixed silly typo: "np" instead of "no" 2001-11-16 22:31:41 +00:00
Ivo Timmermans
bf664c054f get_config_subnet needs to be fixed. 2001-11-16 22:31:15 +00:00
Ivo Timmermans
9b2b374734 route_ipv4 and route_ipv6 replaced by route_ip. 2001-11-16 17:40:50 +00:00
Ivo Timmermans
a4938b22e7 Don't include netutl.h. 2001-11-16 17:39:59 +00:00
Ivo Timmermans
ccda709f82 lookup_node_udp changed. 2001-11-16 17:39:38 +00:00
Ivo Timmermans
836766d4c5 First part of rewriting things to use struct addrinfo. 2001-11-16 17:38:39 +00:00
Ivo Timmermans
251f87c842 (re)added port to struct node_t 2001-11-16 15:56:44 +00:00
Ivo Timmermans
6cf744e4b2 Don't include netutl.h. 2001-11-16 12:22:02 +00:00
Ivo Timmermans
a79252af43 Obsoleted. 2001-11-16 12:21:22 +00:00
Ivo Timmermans
331d9402e8 Don't compile/link netutl.c. 2001-11-16 12:16:28 +00:00
Ivo Timmermans
f95e6ca8f6 get_config_{ip,port} removed. 2001-11-16 12:14:20 +00:00
Ivo Timmermans
31db57bb4a Changed to use struct addrinfo where needed. 2001-11-16 12:13:34 +00:00
Ivo Timmermans
f1b20b3ded Obsoleted all IP<x> types in favor of struct addrinfo 2001-11-16 12:10:54 +00:00
Ivo Timmermans
fb6dc0b089 Removed definitions of ipv4_t, ipv6_t, port_t 2001-11-16 12:08:38 +00:00
Ivo Timmermans
3ef15f2554 Changed lookup_connection to use struct addrinfo 2001-11-16 12:02:17 +00:00
Ivo Timmermans
74e1299fb5 Changed prototype for lookup_connection to use struct addrinfo 2001-11-16 12:01:48 +00:00
Ivo Timmermans
51b72b75f2 Use struct addrinfo in connection_t to hold all host data such as IP 
address and port
 2001-11-16 00:23:28 +00:00
Ivo Timmermans
72395f989c Deprecated get_config_ip and get_config_port 2001-11-16 00:13:08 +00:00
Guus Sliepen
e06415e3d9 More fixes for Solaris. 2001-11-05 19:09:08 +00:00
Guus Sliepen
25a804c94e Various fixes needed for Solaris. 2001-11-05 19:06:07 +00:00
Guus Sliepen
b2d5002ff1 Correctly check if subnet owner exists. 2001-11-04 23:48:27 +00:00
Guus Sliepen
ede6671c13 Be liberal in what you accept: allow unknown edges to be deleted. 2001-11-04 23:29:50 +00:00
Guus Sliepen
cf0e133e19 *** empty log message *** 2001-11-03 22:53:02 +00:00
Guus Sliepen
e5047d2835 Several bugfixes. 2001-11-03 21:22:02 +00:00
Guus Sliepen
8910cbd67e Use PEM functions as suggested by OpenSSL docs. 2001-11-03 21:21:04 +00:00
Guus Sliepen
8e74c5bee4 Some very small fixes 2001-10-31 20:37:54 +00:00
Guus Sliepen
ffb88ff641 Avoid connecting to another node twice, and check name of outgoing connections. 2001-10-31 20:22:52 +00:00
Guus Sliepen
6d333ad680 Show cfg->variable instead of cfg->value when complaining about wrong type. 2001-10-31 20:07:17 +00:00
Guus Sliepen
54b756f7df Don't forget to read public RSA key when making an outgoing connection. 2001-10-31 20:02:06 +00:00
Guus Sliepen
c0a3f67a5d - Small fixes to graph algorithms 
- More control over tap device, ability to set interface name to something
  other than the netname.
- Export NETNAME, DEVICE and INTERFACE environment variables to scripts.
 2001-10-31 12:50:24 +00:00
Guus Sliepen
2165931c62 More updates to protocol handlers and reimplemented terminate_connection(). 2001-10-30 16:34:32 +00:00
Guus Sliepen
87ad5c97a9 Various fixes, tinc is now somewhat capable of actually working again. 2001-10-30 12:59:12 +00:00
Guus Sliepen
cc9473d8c6 Working version of Kruskal's algorithm. The running time is very bad though. 2001-10-29 13:14:57 +00:00
Guus Sliepen
b6298e2c08 - More changes needed for Kruskal's algorithm 
- Implemented a breadth-first search algorithm as a cheap substitution for a
  single-source shortest path algorithm.
 2001-10-28 22:42:49 +00:00
Guus Sliepen
66067cc9c1 - More s/vertex/edge/g 
- Implementation of Kruskal's minimum spanning tree algorithm.
 2001-10-28 10:16:18 +00:00
Guus Sliepen
94497336ef What was I thinking? s/vertex/edge/g. 2001-10-28 08:41:19 +00:00
Guus Sliepen
b98d9787fd Various small fixes to make tinc runnable again. 2001-10-27 15:19:13 +00:00
Guus Sliepen
ac066bb057 Make sure everything links. 2001-10-27 13:13:35 +00:00
Guus Sliepen
82e3837109 Big bad commit: 
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c

It compiles, but it won't link.
 2001-10-27 12:13:17 +00:00
Guus Sliepen
1935c44a1e Support new files (node/vertex/device.[ch]) and OpenBSD. 2001-10-13 13:53:07 +00:00
Guus Sliepen
26e517dd37 Forgot the tun specific stuff. 2001-10-12 15:52:03 +00:00
Guus Sliepen
ad61c20f42 Added OpenBSD tun device handling. Untested though. 2001-10-12 15:49:11 +00:00
Guus Sliepen
0c6321a67f Forgot to remove some old #ifdef stuff. 2001-10-12 15:38:35 +00:00
Guus Sliepen
6014c7e637 Solaris tun device handling cleaned up a bit and added. 2001-10-12 15:33:21 +00:00
Guus Sliepen
623c7ee030 Added FreeBSD tap device handling. 2001-10-12 15:22:59 +00:00
Guus Sliepen
ec34f25228 - Split tap device stuff out of net.[ch] 
- Each OS gets it's own device.c to get rid of evil #ifdefs.
- Cleaned up Linux ethertap and tun/tap handling.
 2001-10-12 15:16:03 +00:00
Guus Sliepen
0bbace18e9 More updates to new node/vertex/connection combo. 2001-10-10 20:35:10 +00:00
Guus Sliepen
ea607d2d92 Revamp configuration handling: 
- Store everything in AVL trees (fast lookup)
- No need for hazahaza anymore
- Parse values when needed
- This simplifies a lot of config variable lookups.
 2001-10-10 20:34:27 +00:00
Guus Sliepen
5904806dc8 Removed everything from connection.c that has already been moved to node.c and 
vertex.c.
 2001-10-10 09:42:29 +00:00
Guus Sliepen
ec0c16b9b6 Further implementation of doc/CONNECTIVITY. connection.[ch] is now split into a 
node, vertex and connection part.
 2001-10-10 08:49:47 +00:00
Guus Sliepen
f22b941751 Small corrections. 2001-10-09 19:37:10 +00:00
Guus Sliepen
49a2cd806c Started implementing doc/CONNECTIVITY. 2001-10-09 19:30:30 +00:00
Guus Sliepen
fcc3ded75f Fix bug when dropping an old connection in favour of a new one from the 
same host.
 2001-10-08 15:37:14 +00:00
Guus Sliepen
1ef90a87fd - Use ping timeout mechanism to close connections that don't authenticate 
in time.
- Fix potential segmentation fault in check_dead_connections().
 2001-10-08 13:37:30 +00:00
Guus Sliepen
ce9fd32c04 Fix bug where tinc would crash because of a portscan or a connection from a 
tinc daemon with a different version.
 2001-10-08 11:59:08 +00:00
Guus Sliepen
21027b1d57 - Renamed lastbutonehop to prevhop. 
- Added connection_t *via to connection_t, this keeps record of where
  to send UDP packets to.
 2001-10-08 11:47:55 +00:00
Guus Sliepen
18d1233c40 Fill in next- and lastbutonehop for myself. 2001-09-25 13:39:11 +00:00
Guus Sliepen
ec100a58b4 Try next connectto instead of the same over and over. 2001-09-25 13:35:45 +00:00
Guus Sliepen
4d3de3b6a9 Show next- and lastbutonehop when dumping connectionlist to syslog. 2001-09-24 14:16:29 +00:00
Guus Sliepen
24a2c7e51a Not only keep track of nexthop, but also of lastbutonehop. If destination cl 
wants indirectdata, send it to the lastbutonehop instead, unless it too has
requested so, and so on.
 2001-09-24 14:12:00 +00:00
Guus Sliepen
154733927a - Try old TUN/TAP ioctl() request if the one from if_tun.h fails. 
- Be more verbose about the kind of tap device used.
 2001-09-24 13:31:15 +00:00
Ivo Timmermans
950c934e0b Killing tincd with SIGINT causes it to toggle between the current 
debug level and level 5.  Useful to debug a running tincd.
 2001-09-05 18:38:09 +00:00
Guus Sliepen
a54ec980e0 config_t* is a const parameter in get_config_val(). 2001-09-01 12:46:49 +00:00
Guus Sliepen
68e23b1c9e Optional signal number for -k option. 2001-09-01 12:36:53 +00:00
Guus Sliepen
8ed27d40f3 Revised reconnection mechanism, always try out all ConnectTo lines. 2001-09-01 12:36:06 +00:00
Guus Sliepen
ef1facc607 Remove IndirectData support for now, new implementation will be added 
later.
 2001-09-01 12:02:39 +00:00
Guus Sliepen
8b5e421130 Fix signed comparison bug in lookup_subnet_ipv4(). 2001-08-28 20:52:39 +00:00
Guus Sliepen
e1184ad15d Don't send DEL_HOSTs when !status.meta 2001-08-17 18:14:04 +00:00
Guus Sliepen
30d22474cc Explicitly log which type of tunnel device is used. 2001-07-24 20:14:30 +00:00
Guus Sliepen
7e86cf91e3 The val variable in a config_t is never used as a long. 2001-07-24 20:13:42 +00:00
Guus Sliepen
43923d2b10 Write public key to rsa_key.pub instead of rsa_key.priv (if not host 
configuration file is found).
 2001-07-24 20:04:22 +00:00
Guus Sliepen
44e9d6a287 Don't use %m in fprintf(). 2001-07-24 20:03:40 +00:00
Guus Sliepen
fcbe215d64 Woohoo! tinc now compiles, runs and actually *works* on Solaris! 
Tested on a SparcStation 20MP running Solaris 7. (Thanks, jiggel!)
 2001-07-21 20:21:25 +00:00
Guus Sliepen
533ee1206f Always close all sockets in terminate_connection(). 2001-07-21 15:46:34 +00:00
Guus Sliepen
acb853205d Updated terminate_connection() so you can choose if DEL_HOSTs should be 
sent or not.
 2001-07-21 15:34:18 +00:00
Guus Sliepen
12f6b80429 Added purge_tree for connection_t's which are no longer in the connection, 
active or id trees, but which may still be referenced. This tree is flushed
when it is safe, this replaces purge_connection_tree().

Also lots of bugfixes related to the new trees.
 2001-07-20 20:25:10 +00:00
Guus Sliepen
37ed4265fa Remove all unnecessary status.meta and status.active checks. 2001-07-20 13:54:19 +00:00
Guus Sliepen
5e2ded68bf Correctly use the active_tree. 2001-07-19 12:29:40 +00:00
Guus Sliepen
319e0cb48e Split connection list into two lists: 
- one list to handle all incoming/outgoing TCP connections
 - another list to handle all UDP connections

This will prevent race conditions.
 2001-07-15 18:07:31 +00:00
Guus Sliepen
b3074590b1 Correct inclusion of standard if_tun.h header file. 2001-07-15 14:21:12 +00:00
Guus Sliepen
5dc4ade0b9 Don't load table of verbose OpenSSL errormessages. 2001-07-04 08:43:32 +00:00
Guus Sliepen
1e2bdc2b6d - Always use <openssl/include.h> instead of just <include.h> 
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
 2001-07-04 08:41:36 +00:00
Guus Sliepen
6bd93e4c06 Check for all potential duplicate entries in the id tree. 2001-07-01 21:42:13 +00:00
Guus Sliepen
9645cabc8e Fix compiler warning. 2001-07-01 09:21:14 +00:00
Guus Sliepen
6365d0627b Fix printf format bug. 2001-07-01 09:21:01 +00:00
Guus Sliepen
c9591bd1de Fix gcc 3.0 warnings. 2001-06-29 13:09:55 +00:00
Guus Sliepen
402b85c482 Log error if two hosts connect with same IP/port tuple. 2001-06-29 13:09:32 +00:00
Guus Sliepen
5d34503574 Execute tinc-down BEFORE tap device is closed. This is a. more symmetric 
(tinc-up is started after tap device is opened) and b. is needed for
tun/tap device, where the interface does not exist anymore after the
device file is closed.
 2001-06-29 10:30:18 +00:00
Guus Sliepen
9e96840da8 Remove #warnings I used for debugging stuff. 2001-06-21 16:37:47 +00:00
Guus Sliepen
04ec0b82ab - Solaris compile fixes 
- Set mymac to broadcast MAC so that ifconfig hw ether <...> is really not
  needed anymore.
- Forwarding of indirect packets when in switch mode (because the kernel
  will not do it for us then).
 2001-06-21 16:16:32 +00:00
Guus Sliepen
9a0a50cd3c Woops - big bug in send_key_changed fixed. 2001-06-09 10:00:34 +00:00
Guus Sliepen
ba918dce28 Only reset seconds_till_retry when we activate the outgoing connection. 2001-06-08 18:02:10 +00:00
Guus Sliepen
96ef7becdd Fixes to make switching work between hosts that have no meta-connection. 2001-06-06 19:12:38 +00:00
Guus Sliepen
ce6c8e6d08 Log and warn about duplicate subnet_add()'s for the same subnet. 2001-06-06 19:11:16 +00:00
Guus Sliepen
9cd9b03923 Add missing? counting of total_socket_in. 2001-06-05 19:45:47 +00:00
Guus Sliepen
7bd7f5b436 You can now put an option "Mode" in tinc.conf, and choose from: 
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub    (work like a hub, broadcasting everything)
 2001-06-05 19:39:54 +00:00
Guus Sliepen
edd6734faa Fix bug where lookup_subnet_ipv4() could go into an infinite loop. 2001-06-05 18:07:14 +00:00
Guus Sliepen
fa376fbd4e - This oneliner removes the need for ifconfig tap? hw ether fe:fd:0:0:0:0 2001-06-05 16:31:59 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only) 
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
 2001-06-05 16:09:55 +00:00
Guus Sliepen
428482d86f Added proxy-arp support. No more ifconfig -arp needed. Works like a charm 
under FreeBSD now :).
 2001-06-04 11:14:35 +00:00
Guus Sliepen
0a3c8cefd4 Fix subnet_lookup() for overlapping subnets. Needs rethinking. 2001-06-01 08:02:09 +00:00
Guus Sliepen
7db1b999c8 Make sure Solaris is happy too. 2001-05-28 08:56:57 +00:00
Guus Sliepen
65247c063b Small fixes to allow correct compilation under FreeBSD (tested with 4.3) 2001-05-28 08:21:43 +00:00
Guus Sliepen
fcf869cd42 TCPonly now works (in a relatively clean way too). 2001-05-25 11:54:28 +00:00
Guus Sliepen
a5e2ae6b2b With recent kernels the tun device file is located in /dev/net. 2001-05-25 10:08:11 +00:00
Guus Sliepen
4dee76522e Small fixes: 
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
 2001-05-25 08:36:11 +00:00
Guus Sliepen
bfc5d6014e Only send key_changed if it was previously requested. 2001-05-24 21:52:26 +00:00
Guus Sliepen
58893f0875 Since this is incompatible with some earlier versions, PROT_CURRENT is 
increased.
 2001-05-24 21:30:36 +00:00
Guus Sliepen
d1b597758e Add randomness to PING/PONG packets to prevent crypto attacks on quiet 
tunnels.
 2001-05-24 21:29:09 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g 
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
 2001-05-07 19:08:46 +00:00
Guus Sliepen
a26081467c Correctly cycle through ConnectTo variables. 2001-05-04 18:45:02 +00:00
Guus Sliepen
156ec67652 Check indirectdata option before forwarding certain requests. 2001-03-13 21:33:31 +00:00
Guus Sliepen
c426e981ee Ignore alarm signals if we do not need to respond to them. 2001-03-13 21:32:24 +00:00
Guus Sliepen
b413257e10 Fixed bug in setup_signals() that would make tinc die when unexpected 
signals were caught.
 2001-03-13 09:55:14 +00:00
Guus Sliepen
f1a082823c Fixed a race condition triggered by receive_meta() and the new 
authentication scheme.
 2001-03-12 23:58:19 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination 
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
 2001-03-04 13:59:32 +00:00
Guus Sliepen
d2a54597e0 Added explaination of our key exchange using RSA encryption. 2001-03-02 11:25:56 +00:00
Guus Sliepen
125c497881 Various small fixes. 2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
173d606514 - Fixed Interface option (untested) 
- Removed error handling for non-critical socket options
- Added TCP_NODELAY and IPTOS_LOWDELAY options for meta sockets.
 2001-02-27 16:17:04 +00:00
Guus Sliepen
24fa685859 Don't forget to reconnect if outgoing connection fails during 
authentication.
 2001-02-27 15:33:39 +00:00
Guus Sliepen
34b7a876c3 - Make sure METAKEY is smaller than the modulus of the RSA key 
- Get symmetric key from the least significant bytes of the RSA message
 2001-02-26 11:37:20 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode. 
(This breaks compatibility with all previous versions!)
 2001-02-25 16:34:19 +00:00
Guus Sliepen
9de5787574 Copy packets before putting them in the queue. 2001-02-25 16:04:00 +00:00
Guus Sliepen
e250d64300 Add missing \n. 2001-02-25 14:51:42 +00:00
Guus Sliepen
153fc35e57 Corrected check for errors after read() calls. 2001-02-25 11:09:29 +00:00
Ivo Timmermans
cebb6efeb0 More files to ignore in CVS 2001-02-11 11:55:28 +00:00
Guus Sliepen
603781831f - Updated CVS_CREATED to remove intl/ directory and some other 
autogenerated files.
- Checked if all INCLUDES/LIBS/etc directives inherit the global variables.
 2001-02-11 11:50:09 +00:00
Guus Sliepen
88dfdc9dba Ignore file for src/ 2001-02-11 11:46:14 +00:00
Guus Sliepen
f1cb3d8fa5 Removed another local definition of the variable "errno" 2001-02-06 10:42:27 +00:00
Guus Sliepen
f777c1807d FreeBSD compile fixes (thanks to XeF4) 2001-02-06 10:12:51 +00:00
Ivo Timmermans
54e19d3466 Fix error reporting of read_config 2001-01-17 01:30:05 +00:00
Guus Sliepen
a56df1e06b - Allow ASN1 style keys to be in the config files. 
Note: tinc ignores private key in the main config file, tinc.conf,
  because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
  the public key to the host configuration file (otherwise rsa_key.pub).
 2001-01-13 16:36:23 +00:00
Guus Sliepen
d646f4e094 - Only send out DEL_HOSTs for hosts with a meta connection 2001-01-11 11:19:08 +00:00
Guus Sliepen
c8beaf35ee - Cleaned up subnet_t 2001-01-08 21:32:30 +00:00
Guus Sliepen
11f3e9d138 - Squashed another nasty bug. 2001-01-08 20:35:30 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
7cd2baedc6 - Fixed IPv6 subnet lookup routine. 2001-01-07 20:19:08 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
7109526c67 - Added header file for route.c. The routing routines in it are not used 
yet, but have a look at the source for the ideas behind it.
 2001-01-07 15:27:30 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path 
- By default write keys to tinc config directory
- Small fix in protocol.c
 2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate 
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
 2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore 
- Allow keys to be inside the config files or in a seperate file
- Small fixes
 2000-12-22 21:34:24 +00:00
Ivo Timmermans
ecae72de94 Added lint target, requires lclint. 2000-12-22 17:15:26 +00:00
Ivo Timmermans
e469fca4d7 Re-introduced MyVirtualIP and VpnMask, as dummy options. 2000-12-06 13:33:49 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
9267bed9f5 Oops. I did some VERY wrong things with readline(). Fixed now. 2000-12-05 08:56:44 +00:00
Ivo Timmermans
bc22ee16e6 Option -d accepts an argument to set the debug level immediately. 2000-12-03 12:23:06 +00:00
Ivo Timmermans
01d23601a2 Sort configuration directives 2000-12-03 12:22:19 +00:00
Ivo Timmermans
52575a573c Use buffer instead of line in read_config_file(), line may be assigned 
NULL, so buffer always holds the pointer to the allocated space.
 2000-12-01 12:38:42 +00:00
Ivo Timmermans
ab33c1aa60 readline() accepts two extra parameters, buf and buflen, to avoid 
mallocing and freeing for every line that is read.
 2000-12-01 12:36:36 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key(); 
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
 2000-11-30 23:18:21 +00:00
Ivo Timmermans
28deaeac14 Avoid printing duplicate messages from read_rsa_keys 2000-11-30 22:48:48 +00:00
Ivo Timmermans
2293304748 Better error checking when reading the RSA private key. 2000-11-30 22:33:16 +00:00
Ivo Timmermans
bf4e969899 In readline(): initialise the line to zero length; 
In read_config_file(): Test for EOF, and print the variable name that
caused an error.
 2000-11-30 22:32:14 +00:00
Ivo Timmermans
113198d9c0 The file is safe if it doesn't exist. 2000-11-30 21:11:03 +00:00
Ivo Timmermans
09260b43d1 Read the PEM file pointed to by the configuration directive 
PrivateKey.  This means thatt he meaning of this variable has changed,
it no longer should contain the private key directly.

WARNING: This code is untested.
 2000-11-30 20:08:41 +00:00
Ivo Timmermans
8ccb1ede92 Implemented is_safe_path, and extended ask_and_safe_open. 
is_safe_path needs more work before it is useable.
 2000-11-30 00:24:13 +00:00
Ivo Timmermans
d36da1948a Also free the pointer returned by readline(). 2000-11-29 14:30:07 +00:00
Ivo Timmermans
9e55426d72 Use readline() in read_config_file() instead of fgets. 2000-11-29 14:27:24 +00:00
Ivo Timmermans
54ef13bf75 Implemented a readline() function that will read an entire line into a 
dynamically allocated buffer;

Ask for a file name in ask_and_safe_open().
 2000-11-29 14:24:40 +00:00
Ivo Timmermans
3ff76eb10a Save RSA public and private keys to a separate file, instead of 
wanting to copy them into a configuration file.
 2000-11-28 23:12:57 +00:00
Ivo Timmermans
4c502b005b Use sigaction to set signal handlers, the previous commit (1.1.2.16) 
already contained a large portion of what should have gone in this
one.
 2000-11-28 08:59:27 +00:00
Ivo Timmermans
67a4abda70 Give an error message if daemon() failed. 2000-11-26 22:42:34 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility) 
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
 2000-11-25 13:33:33 +00:00
Guus Sliepen
cf49b2c064 Another big & bad commit: 
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
  anyway something MIGHT just be configured which is necessary for further
  execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
 2000-11-24 23:13:07 +00:00
Ivo Timmermans
b0ff879e7c Do not use the C library's daemon() call. 2000-11-24 12:44:39 +00:00
Guus Sliepen
dac256505e - Fixed all (except 2) compiler warnings gcc -Wall gave. 2000-11-22 22:18:03 +00:00