Guus Sliepen
4fda4560bb
Cleanups, spelling fixes, allow symbol names for signals (-k option),
...
don't remove pidfile if other tincd is still running.
2002-03-11 11:23:04 +00:00
Guus Sliepen
ab90fa9bd1
Document and clean up MAC address expiry.
2002-03-01 14:25:10 +00:00
Guus Sliepen
14979f835d
- Global time_t now, so that we don't have to call time() too often.
...
- MAC addresses expire after a time configurable by MACExpire (default 600
seconds)
2002-03-01 14:09:31 +00:00
Guus Sliepen
f93b1334e0
Create/bind TCP and UDP listening sockets in pairs.
2002-03-01 13:18:54 +00:00
Guus Sliepen
50403909b6
Allow multiple listening sockets.
2002-02-26 23:26:41 +00:00
Guus Sliepen
76f01453df
Fix segfault when receiving HUP signal.
2002-02-20 16:04:07 +00:00
Guus Sliepen
c2b9c06062
- Non-blocking connect()s.
...
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
2002-02-18 16:25:19 +00:00
Guus Sliepen
f64b41a73b
Get rid of sys/signal.h.
2002-02-12 14:36:45 +00:00
Guus Sliepen
d9a62c6354
Added support for packet compression, thanks to Mark Glines.
...
Add "Compression = <level>" to the host config files, where level can be
0 (off), or any integer between 1 (fast) and 9 (best).
2002-02-11 15:59:18 +00:00
Guus Sliepen
1708997bc8
- If no PrivateKeyFile is specified, /etc/tinc/netname/rsa_key.priv is assumed.
...
- Check RSA key before using it.
2002-02-11 14:20:21 +00:00
Guus Sliepen
f0aa9641e8
Merging of the entire pre5 branch.
2002-02-10 21:57:54 +00:00
Ivo Timmermans
c2752b961c
Conversion to struct addrinfo is almost complete for this file.
2001-11-16 22:41:38 +00:00
Ivo Timmermans
836766d4c5
First part of rewriting things to use struct addrinfo.
2001-11-16 17:38:39 +00:00
Ivo Timmermans
6cf744e4b2
Don't include netutl.h.
2001-11-16 12:22:02 +00:00
Guus Sliepen
e06415e3d9
More fixes for Solaris.
2001-11-05 19:09:08 +00:00
Guus Sliepen
cf0e133e19
*** empty log message ***
2001-11-03 22:53:02 +00:00
Guus Sliepen
8910cbd67e
Use PEM functions as suggested by OpenSSL docs.
2001-11-03 21:21:04 +00:00
Guus Sliepen
ffb88ff641
Avoid connecting to another node twice, and check name of outgoing connections.
2001-10-31 20:22:52 +00:00
Guus Sliepen
c0a3f67a5d
- Small fixes to graph algorithms
...
- More control over tap device, ability to set interface name to something
other than the netname.
- Export NETNAME, DEVICE and INTERFACE environment variables to scripts.
2001-10-31 12:50:24 +00:00
Guus Sliepen
2165931c62
More updates to protocol handlers and reimplemented terminate_connection().
2001-10-30 16:34:32 +00:00
Guus Sliepen
87ad5c97a9
Various fixes, tinc is now somewhat capable of actually working again.
2001-10-30 12:59:12 +00:00
Guus Sliepen
66067cc9c1
- More s/vertex/edge/g
...
- Implementation of Kruskal's minimum spanning tree algorithm.
2001-10-28 10:16:18 +00:00
Guus Sliepen
94497336ef
What was I thinking? s/vertex/edge/g.
2001-10-28 08:41:19 +00:00
Guus Sliepen
b98d9787fd
Various small fixes to make tinc runnable again.
2001-10-27 15:19:13 +00:00
Guus Sliepen
ac066bb057
Make sure everything links.
2001-10-27 13:13:35 +00:00
Guus Sliepen
82e3837109
Big bad commit:
...
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c
It compiles, but it won't link.
2001-10-27 12:13:17 +00:00
Guus Sliepen
1ef90a87fd
- Use ping timeout mechanism to close connections that don't authenticate
...
in time.
- Fix potential segmentation fault in check_dead_connections().
2001-10-08 13:37:30 +00:00
Guus Sliepen
ce9fd32c04
Fix bug where tinc would crash because of a portscan or a connection from a
...
tinc daemon with a different version.
2001-10-08 11:59:08 +00:00
Guus Sliepen
21027b1d57
- Renamed lastbutonehop to prevhop.
...
- Added connection_t *via to connection_t, this keeps record of where
to send UDP packets to.
2001-10-08 11:47:55 +00:00
Guus Sliepen
18d1233c40
Fill in next- and lastbutonehop for myself.
2001-09-25 13:39:11 +00:00
Guus Sliepen
ec100a58b4
Try next connectto instead of the same over and over.
2001-09-25 13:35:45 +00:00
Guus Sliepen
24a2c7e51a
Not only keep track of nexthop, but also of lastbutonehop. If destination cl
...
wants indirectdata, send it to the lastbutonehop instead, unless it too has
requested so, and so on.
2001-09-24 14:12:00 +00:00
Guus Sliepen
154733927a
- Try old TUN/TAP ioctl() request if the one from if_tun.h fails.
...
- Be more verbose about the kind of tap device used.
2001-09-24 13:31:15 +00:00
Guus Sliepen
8ed27d40f3
Revised reconnection mechanism, always try out all ConnectTo lines.
2001-09-01 12:36:06 +00:00
Guus Sliepen
e1184ad15d
Don't send DEL_HOSTs when !status.meta
2001-08-17 18:14:04 +00:00
Guus Sliepen
30d22474cc
Explicitly log which type of tunnel device is used.
2001-07-24 20:14:30 +00:00
Guus Sliepen
fcbe215d64
Woohoo! tinc now compiles, runs and actually *works* on Solaris!
...
Tested on a SparcStation 20MP running Solaris 7. (Thanks, jiggel!)
2001-07-21 20:21:25 +00:00
Guus Sliepen
533ee1206f
Always close all sockets in terminate_connection().
2001-07-21 15:46:34 +00:00
Guus Sliepen
acb853205d
Updated terminate_connection() so you can choose if DEL_HOSTs should be
...
sent or not.
2001-07-21 15:34:18 +00:00
Guus Sliepen
12f6b80429
Added purge_tree for connection_t's which are no longer in the connection,
...
active or id trees, but which may still be referenced. This tree is flushed
when it is safe, this replaces purge_connection_tree().
Also lots of bugfixes related to the new trees.
2001-07-20 20:25:10 +00:00
Guus Sliepen
37ed4265fa
Remove all unnecessary status.meta and status.active checks.
2001-07-20 13:54:19 +00:00
Guus Sliepen
5e2ded68bf
Correctly use the active_tree.
2001-07-19 12:29:40 +00:00
Guus Sliepen
319e0cb48e
Split connection list into two lists:
...
- one list to handle all incoming/outgoing TCP connections
- another list to handle all UDP connections
This will prevent race conditions.
2001-07-15 18:07:31 +00:00
Guus Sliepen
b3074590b1
Correct inclusion of standard if_tun.h header file.
2001-07-15 14:21:12 +00:00
Guus Sliepen
1e2bdc2b6d
- Always use <openssl/include.h> instead of just <include.h>
...
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
2001-07-04 08:41:36 +00:00
Guus Sliepen
5d34503574
Execute tinc-down BEFORE tap device is closed. This is a. more symmetric
...
(tinc-up is started after tap device is opened) and b. is needed for
tun/tap device, where the interface does not exist anymore after the
device file is closed.
2001-06-29 10:30:18 +00:00
Guus Sliepen
9e96840da8
Remove #warnings I used for debugging stuff.
2001-06-21 16:37:47 +00:00
Guus Sliepen
04ec0b82ab
- Solaris compile fixes
...
- Set mymac to broadcast MAC so that ifconfig hw ether <...> is really not
needed anymore.
- Forwarding of indirect packets when in switch mode (because the kernel
will not do it for us then).
2001-06-21 16:16:32 +00:00
Guus Sliepen
ba918dce28
Only reset seconds_till_retry when we activate the outgoing connection.
2001-06-08 18:02:10 +00:00
Guus Sliepen
9cd9b03923
Add missing? counting of total_socket_in.
2001-06-05 19:45:47 +00:00
Guus Sliepen
7bd7f5b436
You can now put an option "Mode" in tinc.conf, and choose from:
...
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub (work like a hub, broadcasting everything)
2001-06-05 19:39:54 +00:00
Guus Sliepen
4f9dad0972
- tinc can now act as a switch or a hub too (as opposed to a router only)
...
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
2001-06-05 16:09:55 +00:00
Guus Sliepen
7db1b999c8
Make sure Solaris is happy too.
2001-05-28 08:56:57 +00:00
Guus Sliepen
65247c063b
Small fixes to allow correct compilation under FreeBSD (tested with 4.3)
2001-05-28 08:21:43 +00:00
Guus Sliepen
fcf869cd42
TCPonly now works (in a relatively clean way too).
2001-05-25 11:54:28 +00:00
Guus Sliepen
a5e2ae6b2b
With recent kernels the tun device file is located in /dev/net.
2001-05-25 10:08:11 +00:00
Guus Sliepen
4dee76522e
Small fixes:
...
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
2001-05-25 08:36:11 +00:00
Guus Sliepen
e4f3d93ec6
- s/ip_t/ipv4_t/g
...
- Add "salt" to the beginning of UDP packets. Replaces length field which
is not useful anyway.
2001-05-07 19:08:46 +00:00
Guus Sliepen
a26081467c
Correctly cycle through ConnectTo variables.
2001-05-04 18:45:02 +00:00
Guus Sliepen
c426e981ee
Ignore alarm signals if we do not need to respond to them.
2001-03-13 21:32:24 +00:00
Guus Sliepen
34f9e6cf2d
- route.c is now used to determine destination
...
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
2001-03-04 13:59:32 +00:00
Guus Sliepen
125c497881
Various small fixes.
2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d
Removed lots of compiler warnings.
2001-02-27 16:37:31 +00:00
Guus Sliepen
173d606514
- Fixed Interface option (untested)
...
- Removed error handling for non-critical socket options
- Added TCP_NODELAY and IPTOS_LOWDELAY options for meta sockets.
2001-02-27 16:17:04 +00:00
Guus Sliepen
24fa685859
Don't forget to reconnect if outgoing connection fails during
...
authentication.
2001-02-27 15:33:39 +00:00
Guus Sliepen
82455be966
Implemented new authentication scheme from doc/SECURITY2.
2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f
Encrypt network packets in CBC mode instead of CFB mode.
...
(This breaks compatibility with all previous versions!)
2001-02-25 16:34:19 +00:00
Guus Sliepen
9de5787574
Copy packets before putting them in the queue.
2001-02-25 16:04:00 +00:00
Guus Sliepen
a56df1e06b
- Allow ASN1 style keys to be in the config files.
...
Note: tinc ignores private key in the main config file, tinc.conf,
because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
the public key to the host configuration file (otherwise rsa_key.pub).
2001-01-13 16:36:23 +00:00
Guus Sliepen
d646f4e094
- Only send out DEL_HOSTs for hosts with a meta connection
2001-01-11 11:19:08 +00:00
Guus Sliepen
447a43d639
- Added indirectdata and tcponly functionality.
2001-01-07 20:19:35 +00:00
Guus Sliepen
d3f889c807
- It's 2001, all copyright notices are updated.
2001-01-07 17:09:07 +00:00
Guus Sliepen
07a08f5539
- Reinstated a queue for outgoing packets.
2001-01-07 15:25:49 +00:00
Guus Sliepen
e924096f62
- Let user choose whether keys are in the config files or separate
...
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739
- Don't even think about using sscanf with %as anymore
...
- Allow keys to be inside the config files or in a seperate file
- Small fixes
2000-12-22 21:34:24 +00:00
Ivo Timmermans
6327f32f43
Tiny bits of code beautifying
2000-12-05 08:59:30 +00:00
Ivo Timmermans
a0f7af3ed7
New function read_rsa_public_key();
...
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
2000-11-30 23:18:21 +00:00
Ivo Timmermans
28deaeac14
Avoid printing duplicate messages from read_rsa_keys
2000-11-30 22:48:48 +00:00
Ivo Timmermans
2293304748
Better error checking when reading the RSA private key.
2000-11-30 22:33:16 +00:00
Ivo Timmermans
09260b43d1
Read the PEM file pointed to by the configuration directive
...
PrivateKey. This means thatt he meaning of this variable has changed,
it no longer should contain the private key directly.
WARNING: This code is untested.
2000-11-30 20:08:41 +00:00
Guus Sliepen
1eedf54681
- Use only one socket for all UDP traffic (for compatibility)
...
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
2000-11-25 13:33:33 +00:00
Guus Sliepen
cf49b2c064
Another big & bad commit:
...
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
anyway something MIGHT just be configured which is necessary for further
execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
2000-11-24 23:13:07 +00:00
Guus Sliepen
da9a1e8084
- More fixes.
2000-11-20 23:29:47 +00:00
Guus Sliepen
3a6200c1e3
- Various small fixes.
2000-11-20 22:13:14 +00:00
Guus Sliepen
1857b3c97c
- Proper initialization of rbltree structures.
2000-11-20 19:41:13 +00:00
Guus Sliepen
408ca91766
- Integrate rbl trees into tinc.
2000-11-20 19:12:17 +00:00
Ivo Timmermans
485f7a5043
Delete struct ifr
2000-11-16 22:11:40 +00:00
Ivo Timmermans
2764532ea7
Move all process-related functions into process.c.
2000-11-16 17:54:29 +00:00
Ivo Timmermans
7f87c3d913
Keep a list of running children, and in each loop in main_loop(),
...
check if one has exited.
2000-11-15 22:07:36 +00:00
Guus Sliepen
e118ba0a64
Porting to FreeBSD:
...
- Reorganized and added some #includes
2000-11-15 13:33:27 +00:00
Ivo Timmermans
596e248bc5
Let the output from an executed script in execute_script() go to
...
syslog, with proper error detection.
2000-11-15 01:28:21 +00:00
Ivo Timmermans
bb2495e569
Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during
...
configure.
2000-11-15 01:06:13 +00:00
Guus Sliepen
5055e1dedc
- Applied Jamie Brigg's patch (close sockets after error)
2000-11-08 17:56:34 +00:00
Guus Sliepen
f8f1007bf4
Porting to SunOS 5.8:
...
- More #includes Linux doesn't seem to need
- Don't do unsetenv() on SunOS
- Use a replacement asprintf() in case the OS doesn't support it
It now compiles properly under SunOS.
2000-11-08 00:10:50 +00:00
Guus Sliepen
f95cc86d0c
Changed execution of tinc-up:
...
- Do not free() strings that have been putenv()d, see man page of the
latter.
- Do not set IFNAME anymore, it appears that the ioctl to get the name of
the interface does not work at all. Since it is set to NETNAME in case
of tun/tap and it is known beforehand in case of ethertap, there is no
need for it anyway... (though it would've simplified things).
2000-11-07 21:43:28 +00:00
Guus Sliepen
698191fd2f
- Prepended config_ to all configuration option names, because it confused
...
everything (including myself).
- Use connection oriented UDP sockets for both incoming and outgoing
packets.
2000-11-04 22:57:33 +00:00
Guus Sliepen
afc0579707
- Simplified ping mechanism.
2000-11-04 20:44:28 +00:00
Guus Sliepen
5019dd8791
- Check for packets that are looping back.
2000-11-04 17:09:10 +00:00
Ivo Timmermans
15246df85d
In execute_script:
...
- add an environment variable NETNAME.
- chdir to the configuration directory before execing the script.
2000-11-04 15:32:05 +00:00
Guus Sliepen
3d7189a444
- Resolve scriptname after fork()
2000-11-04 14:52:40 +00:00