j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
1840 commits 2 branches 0 tags 10 MiB
Commit graph

148 commits

Author SHA1 Message Date
Guus Sliepen
483c5dcfb4 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 2012-02-26 16:27:13 +01:00
Guus Sliepen
ae52496109 Only use broadcast at the start of the PMTU discovery phase. 
For local peer discovery, only a handful of packets are necessary for
peers to detect each other.
 2012-02-26 16:23:02 +01:00
Guus Sliepen
f5dc136cfd Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	src/net.c
	src/net_packet.c
	src/net_socket.c
 2012-02-23 13:26:01 +01:00
Guus Sliepen
5a28aa7b8b Add LocalDiscovery option which tries to detect peers on the local network. 
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
 2012-02-22 23:17:43 +01:00
Guus Sliepen
8e717ddb60 Pass index into listen_socket[] to handle_incoming_vpn_data(). 2012-02-22 14:37:56 +01:00
Guus Sliepen
3fba80174d Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	doc/tincd.8.in
	src/Makefile.am
	src/bsd/device.c
	src/connection.c
	src/connection.h
	src/cygwin/device.c
	src/device.h
	src/dropin.h
	src/linux/device.c
	src/mingw/device.c
	src/net.c
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/process.c
	src/protocol.c
	src/protocol_key.c
	src/raw_socket_device.c
	src/route.c
	src/solaris/device.c
	src/tincd.c
	src/uml_device.c
 2012-02-22 14:23:59 +01:00
Guus Sliepen
6455654d26 Send packets back using the same socket as they were received on. 2012-02-18 11:48:21 +01:00
Guus Sliepen
178e52f76e Allow linking with multiple device drivers. 
Apart from the platform specific tun/tap driver, link with the dummy and
raw_socket devices, and optionally with support for UML and VDE devices.
At runtime, the DeviceType option can be used to select which driver to
use.
 2011-12-04 01:20:59 +01:00
Guus Sliepen
5d4336e542 Handle UDP packets with unknown source addresses properly. 
Probably due to a merge, the try_harder() function had duplicated the
rate-limiting code for detecting the sender node based on the HMAC of the
packet. This prevented this detection from running at all. The function is now
identical again to that in the 1.0 branch.
 2011-08-10 17:04:17 +02:00
Guus Sliepen
365f60f3f8 Don't call event_del() from the mtuevent handler, always send_mtu_probe() in ans_key_h(). 2011-06-24 22:49:18 +02:00
Guus Sliepen
1fe8ba2f06 Delete mtuevent if it is not used. 
Keeping it around prevents ans_key_h() from restarting PMTU discovery.
 2011-06-24 22:10:03 +02:00
Guus Sliepen
33f241d978 Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	lib/pidfile.h
	lib/xalloc.h
	lib/xmalloc.c
	src/conf.c
	src/conf.h
	src/connection.c
	src/connection.h
	src/event.c
	src/graph.c
	src/graph.h
	src/net.c
	src/net.h
	src/node.h
	src/openssl/crypto.c
	src/process.c
	src/protocol.c
	src/protocol_key.c
	src/route.c
 2011-06-06 20:42:15 +02:00
Loïc Grenié
50af33d01f Nearly tickless tinc. 
Use pselect instead of select in main_loop (if available). This lets
tincd sleeps as long as there is nothing to do.
 2011-06-04 11:19:46 +02:00
Guus Sliepen
2bda2aa885 Fix some compiler and cppcheck warnings. 2011-06-02 18:22:26 +02:00
Guus Sliepen
d29bfc9a45 Initialise priority field to zero for packets read from the VPN interface. 2011-05-29 22:14:35 +02:00
Guus Sliepen
64771f73eb Remove a few unnecessary #includes. 
Some spotted by Michael Tokarev.
 2011-05-28 23:46:56 +02:00
Guus Sliepen
6d08eb1614 Fix sparse warnings and add an extra sprinkling of const. 
This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1
branch.
 2011-05-28 23:36:52 +02:00
Sven-Haegar Koch
d772289f6d sparse fixup: warning: symbol '...' was not declared. Should it be static? 2011-05-28 15:24:39 +02:00
Guus Sliepen
f5843e7d64 Add per-node traffic counters. 2011-05-15 00:42:29 +02:00
Guus Sliepen
ce8775000a Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	doc/tincd.8.in
	lib/pidfile.c
	src/bsd/device.c
	src/dropin.h
	src/net.c
	src/net_packet.c
	src/node.c
	src/process.c
	src/tincd.c
 2011-05-09 21:35:14 +02:00
Guus Sliepen
67766d65f0 Update THANKS and copyright information. 2011-05-08 21:22:20 +02:00
Guus Sliepen
7cf68b5e35 Prevent anything from updating our own UDP address. 
Because we don't want to keep track of that, and this will cause the node
structure from being relinked into the node tree, which results in myself
pointing to an invalid address.
 2011-02-18 23:11:43 +01:00
Guus Sliepen
cdbbbfabea Fix spurious misidentification of incoming UDP packets. 
When a UDP packet was received with an unknown source address/port, and if it
failed a HMAC check against known keys, it could still incorrectly assign that
UDP address to another node. This would temporarily cause outgoing UDP packets
to go to the wrong destination address, until packets from the correct address
were received again.
 2011-02-18 23:02:11 +01:00
Guus Sliepen
f99661a4ca Always send MTU probes at least once every PingInterval. 
Before, if MTU probes failed, tinc would stop sending probes until the next
time keys were regenerated (by default, once every hour).  Now it continues to
send them every PingInterval, so it recovers faster from temporary failures.
 2011-01-02 15:02:23 +01:00
Guus Sliepen
886a6f61a1 Merge branch 'master' into 1.1 
Conflicts:
	src/net_packet.c
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
 2010-11-19 12:22:48 +00:00
Guus Sliepen
d91903ef3c Attribution for Brandon Black. 2010-11-16 17:28:41 +01:00
Brandon L Black
0d61d4ae13 Improved handling of queue-jumping packets on receive 2010-11-13 21:25:48 +01:00
Brandon L Black
23acc19bc0 Configurable ReplayWindow size, zero disables 2010-11-13 21:25:46 +01:00
Guus Sliepen
a22041922f Merge branch 'master' into 1.1 
Conflicts:
	doc/tincd.8.in
	lib/pidfile.c
	src/graph.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/node.h
	src/protocol_auth.c
	src/protocol_key.c
	src/tincd.c
 2010-11-12 16:15:29 +01:00
Guus Sliepen
c6ccbadfcf Attribution for Timothy Redaelli. 2010-10-22 13:40:04 +02:00
Timothy Redaelli
eda7179874 Fix warnings under BSD 2010-05-06 21:19:49 +02:00
Sven-Haegar Koch
ffa1dc73dc Fixed 1.0 miss-merges 2010-03-31 05:01:39 +02:00
Sven-Haegar Koch
103543aa2c Merge branch 'master' into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	have.h
	src/conf.c
	src/conf.h
	src/net.c
	src/net_packet.c
	src/protocol_key.c
	src/protocol_subnet.c
	src/route.c
	src/tincd.c
 2010-03-26 16:51:03 +01:00
Timothy Redaelli
ddb8cb0779 Add --disable-zlib configure option 2010-02-10 16:47:52 +01:00
Timothy Redaelli
eeb505af36 Add --disable-lzo configure option 2010-02-10 16:47:52 +01:00
Guus Sliepen
40d91ff619 Update copyright notices. 2010-02-02 22:49:21 +01:00
Guus Sliepen
d15099e002 Be liberal in accepting KEY_CHANGED/REQ_KEY/ANS_KEY requests. 
When we got a key request for or from a node we don't know, we disconnected the
node that forwarded us that request.  However, especially in TunnelServer mode,
disconnecting does not help. We now ignore such requests, but since there is no
way of telling the original sender that the request was dropped, we now retry
sending REQ_KEY requests when we don't get an ANS_KEY back.
 2010-01-23 18:48:01 +01:00
Guus Sliepen
4c68a8cb60 Do not consider unreachable nodes when trying to determine packet origin. 2009-12-19 20:53:48 +01:00
Guus Sliepen
74e50d52e0 recv() and recvfrom() return int, do not prematurely cast the return value. 2009-12-19 20:52:19 +01:00
Guus Sliepen
c845bc109c Fix packet authentication. 
This wasn't working at all, since we didn't do HMAC but just a plain hash.
Also, verification of packets failed because it was checking the whole packet,
not the packet minus the HMAC.
 2009-12-18 01:15:25 +01:00
Guus Sliepen
108b238915 Merge branch 'master' into 1.1 
Conflicts:
	NEWS
	README
	configure.in
	doc/tinc.texi
	doc/tincd.8.in
	src/Makefile.am
	src/connection.c
	src/edge.c
	src/meta.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/node.c
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_edge.c
	src/subnet.c
 2009-11-02 14:24:27 +01:00
Guus Sliepen
e00b44cb98 Move socket error interpretation to utils.h. 2009-10-25 01:40:07 +02:00
Guus Sliepen
c11dc8079b Use WSAGetLastError() to determine cause of network errors on Windows. 
This reduces log spam and lets path MTU discovery work faster.
 2009-10-25 00:50:09 +02:00
Guus Sliepen
242c4e2ca6 Forward packets to not directly reachable hosts via UDP if possible. 
If MTU probing discovered a node was not reachable via UDP, packets for it were
forwarded to the next hop, but always via TCP, even if the next hop was
reachable via UDP. This is now fixed by retrying to send the packet using
send_packet() if the destination is not the same as the nexthop.
 2009-10-24 21:53:01 +02:00
Guus Sliepen
d922db253c Make maxmtu equal to minmtu when fixing the path MTU to a node. 
This ensures MTU probes used to ping nodes are not too large, and prevents
restarting MTU probing unnecessarily.
 2009-10-24 21:35:40 +02:00
Guus Sliepen
a8f7fccbc2 Always reply to MTU probes via UDP. 
It could sometime happen that a node would return MTU probes via TCP, which
does not make a lot of sense.
 2009-10-24 21:32:06 +02:00
Guus Sliepen
cddcdc9af3 Allow UDP packets with an address different from the corresponding TCP connection. 2009-10-24 20:54:44 +02:00
Guus Sliepen
b6543af762 Clarify and increase level of log message about MTU probes to unreachable nodes. 2009-10-20 22:39:07 +02:00
Guus Sliepen
92b8abc921 Use MTU probes to regularly ping other nodes over UDP. 
This keeps NAT mappings for UDP alive, and will also detect when a node is not
reachable via UDP anymore or if the path MTU is decreasing. Tinc will fall back
to TCP if the node has become unreachable.

If UDP communication is impossible, we stop sending probes, but we retry if it
changes its keys.

We also decouple the UDP and TCP ping mechanisms completely, to ensure tinc
properly detects failure of either method.
 2009-10-11 18:57:58 +02:00
Guus Sliepen
7ea85043ac Merge branch 'master' into 1.1 
Conflicts:
	NEWS
	configure.in
	lib/Makefile.am
	lib/pidfile.c
	lib/pidfile.h
	lib/utils.c
	po/POTFILES.in
	po/nl.po
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/cygwin/device.c
	src/edge.c
	src/event.c
	src/graph.c
	src/linux/device.c
	src/meta.c
	src/mingw/device.c
	src/net.c
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/process.c
	src/protocol.c
	src/protocol_auth.c
	src/protocol_edge.c
	src/protocol_key.c
	src/protocol_misc.c
	src/protocol_subnet.c
	src/raw_socket/device.c
	src/route.c
	src/solaris/device.c
	src/subnet.c
	src/tincd.c
	src/uml_socket/device.c
 2009-09-29 14:55:29 +02:00