Guus Sliepen
bb6b97ce34
Make datagram SPTPS key exchange more robust.
...
Similar to old style key exchange requests, keep track of whether a key
exchange is already in progress and how long it took. If no key is known yet
or if key exchange takes too long, (re)start a new key exchange.
2012-10-07 13:31:19 +02:00
Guus Sliepen
9ade39b7d5
Keep last known address and time since reachability changed.
...
This allows tincctl info to show since when a node is online or offline.
2012-09-26 22:20:43 +02:00
Guus Sliepen
90f1cba1fd
Replace node_udp_tree with a hash table.
2012-09-05 13:05:48 +02:00
Guus Sliepen
742f7bb04e
Properly handle SPTPS packets with stripped Ethernet headers.
2012-08-30 14:21:23 +02:00
Guus Sliepen
8af2f3f5a4
Optionally compress and/or strip Ethernet header from SPTPS packets.
2012-08-02 17:44:59 +02:00
Guus Sliepen
7a71d48009
Use a status bit to track which nodes use SPTPS.
2012-07-31 21:43:49 +02:00
Guus Sliepen
5ede437307
Handle SPTPS datagrams in try_mac().
2012-07-31 20:36:35 +02:00
Guus Sliepen
153abaa4d9
Use datagram SPTPS for packet exchange between nodes.
...
When two nodes which support SPTPS want to send packets to each other, they now
always use SPTPS. The node initiating the SPTPS session send the first SPTPS
packet via an extended REQ_KEY messages. All other handshake messages are sent
using ANS_KEY messages. This ensures that intermediate nodes using an older
version of tinc can still help with NAT traversal. After the authentication
phase is over, SPTPS packets are sent via UDP, or are encapsulated in extended
REQ_KEY messages instead of PACKET messages.
2012-07-30 18:36:59 +02:00
Guus Sliepen
5eeed38b8e
Make sure tinc compiles on Windows.
2012-07-21 12:51:53 +02:00
Guus Sliepen
19be9cf715
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
NEWS
README
configure.in
lib/utils.c
src/linux/device.c
src/meta.c
src/net.h
src/net_setup.c
src/net_socket.c
src/protocol.c
src/protocol_auth.c
src/tincd.c
2012-06-26 13:24:20 +02:00
Guus Sliepen
236b0ba4eb
Fix crash when using Broadcast = direct.
2012-06-25 19:03:54 +02:00
Guus Sliepen
84531fb6e6
Allow broadcast packets to be sent directly instead of via the MST.
...
When the "Broadcast = direct" option is used, broadcast packets are not sent
and forwarded via the Minimum Spanning Tree to all nodes, but are sent directly
to all nodes that can be reached in one hop.
One use for this is to allow running ad-hoc routing protocols, such as OLSR, on
top of tinc.
2012-04-16 01:57:25 +02:00
Guus Sliepen
86c2990327
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
NEWS
README
configure.in
src/Makefile.am
src/conf.c
src/conf.h
src/connection.c
src/net.c
src/tincd.c
2012-03-25 23:35:31 +01:00
Guus Sliepen
4712d8f92e
Update copyright notices.
2012-03-10 13:23:08 +01:00
Guus Sliepen
40c2858932
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
src/net_packet.c
2012-03-08 21:15:08 +01:00
Guus Sliepen
63f8303a5d
Only log errors sending UDP packets when debug level >= 5.
...
Since tinc will fall back to TCP or route via another node, it is not necessary
to log such errors unconditionally.
2012-03-02 16:09:58 +01:00
Guus Sliepen
8ac096b5bf
Allow log messages to be captured by tincctl.
...
This allows tincctl to receive log messages from a running tincd,
independent of what is logged to syslog or to file. Tincctl can receive
debug messages with an arbitrary level.
2012-02-26 18:37:36 +01:00
Guus Sliepen
483c5dcfb4
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
2012-02-26 16:27:13 +01:00
Guus Sliepen
ae52496109
Only use broadcast at the start of the PMTU discovery phase.
...
For local peer discovery, only a handful of packets are necessary for
peers to detect each other.
2012-02-26 16:23:02 +01:00
Guus Sliepen
f5dc136cfd
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
src/net.c
src/net_packet.c
src/net_socket.c
2012-02-23 13:26:01 +01:00
Guus Sliepen
5a28aa7b8b
Add LocalDiscovery option which tries to detect peers on the local network.
...
Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.
2012-02-22 23:17:43 +01:00
Guus Sliepen
8e717ddb60
Pass index into listen_socket[] to handle_incoming_vpn_data().
2012-02-22 14:37:56 +01:00
Guus Sliepen
3fba80174d
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
NEWS
README
configure.in
doc/tincd.8.in
src/Makefile.am
src/bsd/device.c
src/connection.c
src/connection.h
src/cygwin/device.c
src/device.h
src/dropin.h
src/linux/device.c
src/mingw/device.c
src/net.c
src/net_packet.c
src/net_setup.c
src/net_socket.c
src/process.c
src/protocol.c
src/protocol_key.c
src/raw_socket_device.c
src/route.c
src/solaris/device.c
src/tincd.c
src/uml_device.c
2012-02-22 14:23:59 +01:00
Guus Sliepen
6455654d26
Send packets back using the same socket as they were received on.
2012-02-18 11:48:21 +01:00
Guus Sliepen
178e52f76e
Allow linking with multiple device drivers.
...
Apart from the platform specific tun/tap driver, link with the dummy and
raw_socket devices, and optionally with support for UML and VDE devices.
At runtime, the DeviceType option can be used to select which driver to
use.
2011-12-04 01:20:59 +01:00
Guus Sliepen
5d4336e542
Handle UDP packets with unknown source addresses properly.
...
Probably due to a merge, the try_harder() function had duplicated the
rate-limiting code for detecting the sender node based on the HMAC of the
packet. This prevented this detection from running at all. The function is now
identical again to that in the 1.0 branch.
2011-08-10 17:04:17 +02:00
Guus Sliepen
365f60f3f8
Don't call event_del() from the mtuevent handler, always send_mtu_probe() in ans_key_h().
2011-06-24 22:49:18 +02:00
Guus Sliepen
1fe8ba2f06
Delete mtuevent if it is not used.
...
Keeping it around prevents ans_key_h() from restarting PMTU discovery.
2011-06-24 22:10:03 +02:00
Guus Sliepen
33f241d978
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
NEWS
configure.in
doc/tincd.8.in
lib/pidfile.c
lib/pidfile.h
lib/xalloc.h
lib/xmalloc.c
src/conf.c
src/conf.h
src/connection.c
src/connection.h
src/event.c
src/graph.c
src/graph.h
src/net.c
src/net.h
src/node.h
src/openssl/crypto.c
src/process.c
src/protocol.c
src/protocol_key.c
src/route.c
2011-06-06 20:42:15 +02:00
Loïc Grenié
50af33d01f
Nearly tickless tinc.
...
Use pselect instead of select in main_loop (if available). This lets
tincd sleeps as long as there is nothing to do.
2011-06-04 11:19:46 +02:00
Guus Sliepen
2bda2aa885
Fix some compiler and cppcheck warnings.
2011-06-02 18:22:26 +02:00
Guus Sliepen
d29bfc9a45
Initialise priority field to zero for packets read from the VPN interface.
2011-05-29 22:14:35 +02:00
Guus Sliepen
64771f73eb
Remove a few unnecessary #includes.
...
Some spotted by Michael Tokarev.
2011-05-28 23:46:56 +02:00
Guus Sliepen
6d08eb1614
Fix sparse warnings and add an extra sprinkling of const.
...
This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1
branch.
2011-05-28 23:36:52 +02:00
Sven-Haegar Koch
d772289f6d
sparse fixup: warning: symbol '...' was not declared. Should it be static?
2011-05-28 15:24:39 +02:00
Guus Sliepen
f5843e7d64
Add per-node traffic counters.
2011-05-15 00:42:29 +02:00
Guus Sliepen
ce8775000a
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
...
Conflicts:
NEWS
README
configure.in
doc/tincd.8.in
lib/pidfile.c
src/bsd/device.c
src/dropin.h
src/net.c
src/net_packet.c
src/node.c
src/process.c
src/tincd.c
2011-05-09 21:35:14 +02:00
Guus Sliepen
67766d65f0
Update THANKS and copyright information.
2011-05-08 21:22:20 +02:00
Guus Sliepen
7cf68b5e35
Prevent anything from updating our own UDP address.
...
Because we don't want to keep track of that, and this will cause the node
structure from being relinked into the node tree, which results in myself
pointing to an invalid address.
2011-02-18 23:11:43 +01:00
Guus Sliepen
cdbbbfabea
Fix spurious misidentification of incoming UDP packets.
...
When a UDP packet was received with an unknown source address/port, and if it
failed a HMAC check against known keys, it could still incorrectly assign that
UDP address to another node. This would temporarily cause outgoing UDP packets
to go to the wrong destination address, until packets from the correct address
were received again.
2011-02-18 23:02:11 +01:00
Guus Sliepen
f99661a4ca
Always send MTU probes at least once every PingInterval.
...
Before, if MTU probes failed, tinc would stop sending probes until the next
time keys were regenerated (by default, once every hour). Now it continues to
send them every PingInterval, so it recovers faster from temporary failures.
2011-01-02 15:02:23 +01:00
Guus Sliepen
886a6f61a1
Merge branch 'master' into 1.1
...
Conflicts:
src/net_packet.c
src/openssl/rsagen.h
src/protocol_auth.c
src/protocol_key.c
2010-11-19 12:22:48 +00:00
Guus Sliepen
d91903ef3c
Attribution for Brandon Black.
2010-11-16 17:28:41 +01:00
Brandon L Black
0d61d4ae13
Improved handling of queue-jumping packets on receive
2010-11-13 21:25:48 +01:00
Brandon L Black
23acc19bc0
Configurable ReplayWindow size, zero disables
2010-11-13 21:25:46 +01:00
Guus Sliepen
a22041922f
Merge branch 'master' into 1.1
...
Conflicts:
doc/tincd.8.in
lib/pidfile.c
src/graph.c
src/net.c
src/net.h
src/net_packet.c
src/net_setup.c
src/net_socket.c
src/netutl.c
src/node.c
src/node.h
src/protocol_auth.c
src/protocol_key.c
src/tincd.c
2010-11-12 16:15:29 +01:00
Guus Sliepen
c6ccbadfcf
Attribution for Timothy Redaelli.
2010-10-22 13:40:04 +02:00
Timothy Redaelli
eda7179874
Fix warnings under BSD
2010-05-06 21:19:49 +02:00
Sven-Haegar Koch
ffa1dc73dc
Fixed 1.0 miss-merges
2010-03-31 05:01:39 +02:00
Sven-Haegar Koch
103543aa2c
Merge branch 'master' into 1.1
...
Conflicts:
NEWS
README
configure.in
have.h
src/conf.c
src/conf.h
src/net.c
src/net_packet.c
src/protocol_key.c
src/protocol_subnet.c
src/route.c
src/tincd.c
2010-03-26 16:51:03 +01:00