Commit graph

247 commits

Author SHA1 Message Date
Guus Sliepen
4fda4560bb Cleanups, spelling fixes, allow symbol names for signals (-k option),
don't remove pidfile if other tincd is still running.
2002-03-11 11:23:04 +00:00
Guus Sliepen
ab90fa9bd1 Document and clean up MAC address expiry. 2002-03-01 14:25:10 +00:00
Guus Sliepen
14979f835d - Global time_t now, so that we don't have to call time() too often.
- MAC addresses expire after a time configurable by MACExpire (default 600
  seconds)
2002-03-01 14:09:31 +00:00
Guus Sliepen
f93b1334e0 Create/bind TCP and UDP listening sockets in pairs. 2002-03-01 13:18:54 +00:00
Guus Sliepen
50403909b6 Allow multiple listening sockets. 2002-02-26 23:26:41 +00:00
Guus Sliepen
76f01453df Fix segfault when receiving HUP signal. 2002-02-20 16:04:07 +00:00
Guus Sliepen
c2b9c06062 - Non-blocking connect()s.
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
  Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
2002-02-18 16:25:19 +00:00
Guus Sliepen
f64b41a73b Get rid of sys/signal.h. 2002-02-12 14:36:45 +00:00
Guus Sliepen
d9a62c6354 Added support for packet compression, thanks to Mark Glines.
Add "Compression = <level>" to the host config files, where level can be
0 (off), or any integer between 1 (fast) and 9 (best).
2002-02-11 15:59:18 +00:00
Guus Sliepen
1708997bc8 - If no PrivateKeyFile is specified, /etc/tinc/netname/rsa_key.priv is assumed.
- Check RSA key before using it.
2002-02-11 14:20:21 +00:00
Guus Sliepen
f0aa9641e8 Merging of the entire pre5 branch. 2002-02-10 21:57:54 +00:00
Ivo Timmermans
c2752b961c Conversion to struct addrinfo is almost complete for this file. 2001-11-16 22:41:38 +00:00
Ivo Timmermans
836766d4c5 First part of rewriting things to use struct addrinfo. 2001-11-16 17:38:39 +00:00
Ivo Timmermans
6cf744e4b2 Don't include netutl.h. 2001-11-16 12:22:02 +00:00
Guus Sliepen
e06415e3d9 More fixes for Solaris. 2001-11-05 19:09:08 +00:00
Guus Sliepen
cf0e133e19 *** empty log message *** 2001-11-03 22:53:02 +00:00
Guus Sliepen
8910cbd67e Use PEM functions as suggested by OpenSSL docs. 2001-11-03 21:21:04 +00:00
Guus Sliepen
ffb88ff641 Avoid connecting to another node twice, and check name of outgoing connections. 2001-10-31 20:22:52 +00:00
Guus Sliepen
c0a3f67a5d - Small fixes to graph algorithms
- More control over tap device, ability to set interface name to something
  other than the netname.
- Export NETNAME, DEVICE and INTERFACE environment variables to scripts.
2001-10-31 12:50:24 +00:00
Guus Sliepen
2165931c62 More updates to protocol handlers and reimplemented terminate_connection(). 2001-10-30 16:34:32 +00:00
Guus Sliepen
87ad5c97a9 Various fixes, tinc is now somewhat capable of actually working again. 2001-10-30 12:59:12 +00:00
Guus Sliepen
66067cc9c1 - More s/vertex/edge/g
- Implementation of Kruskal's minimum spanning tree algorithm.
2001-10-28 10:16:18 +00:00
Guus Sliepen
94497336ef What was I thinking? s/vertex/edge/g. 2001-10-28 08:41:19 +00:00
Guus Sliepen
b98d9787fd Various small fixes to make tinc runnable again. 2001-10-27 15:19:13 +00:00
Guus Sliepen
ac066bb057 Make sure everything links. 2001-10-27 13:13:35 +00:00
Guus Sliepen
82e3837109 Big bad commit:
- Transition to new node/vertex/connection structures
- Use new configuration handling everywhere
- Linux tun/tap device handling cleanup
- Start of IPv6 support in route.c

It compiles, but it won't link.
2001-10-27 12:13:17 +00:00
Guus Sliepen
1ef90a87fd - Use ping timeout mechanism to close connections that don't authenticate
in time.
- Fix potential segmentation fault in check_dead_connections().
2001-10-08 13:37:30 +00:00
Guus Sliepen
ce9fd32c04 Fix bug where tinc would crash because of a portscan or a connection from a
tinc daemon with a different version.
2001-10-08 11:59:08 +00:00
Guus Sliepen
21027b1d57 - Renamed lastbutonehop to prevhop.
- Added connection_t *via to connection_t, this keeps record of where
  to send UDP packets to.
2001-10-08 11:47:55 +00:00
Guus Sliepen
18d1233c40 Fill in next- and lastbutonehop for myself. 2001-09-25 13:39:11 +00:00
Guus Sliepen
ec100a58b4 Try next connectto instead of the same over and over. 2001-09-25 13:35:45 +00:00
Guus Sliepen
24a2c7e51a Not only keep track of nexthop, but also of lastbutonehop. If destination cl
wants indirectdata, send it to the lastbutonehop instead, unless it too has
requested so, and so on.
2001-09-24 14:12:00 +00:00
Guus Sliepen
154733927a - Try old TUN/TAP ioctl() request if the one from if_tun.h fails.
- Be more verbose about the kind of tap device used.
2001-09-24 13:31:15 +00:00
Guus Sliepen
8ed27d40f3 Revised reconnection mechanism, always try out all ConnectTo lines. 2001-09-01 12:36:06 +00:00
Guus Sliepen
e1184ad15d Don't send DEL_HOSTs when !status.meta 2001-08-17 18:14:04 +00:00
Guus Sliepen
30d22474cc Explicitly log which type of tunnel device is used. 2001-07-24 20:14:30 +00:00
Guus Sliepen
fcbe215d64 Woohoo! tinc now compiles, runs and actually *works* on Solaris!
Tested on a SparcStation 20MP running Solaris 7. (Thanks, jiggel!)
2001-07-21 20:21:25 +00:00
Guus Sliepen
533ee1206f Always close all sockets in terminate_connection(). 2001-07-21 15:46:34 +00:00
Guus Sliepen
acb853205d Updated terminate_connection() so you can choose if DEL_HOSTs should be
sent or not.
2001-07-21 15:34:18 +00:00
Guus Sliepen
12f6b80429 Added purge_tree for connection_t's which are no longer in the connection,
active or id trees, but which may still be referenced. This tree is flushed
when it is safe, this replaces purge_connection_tree().

Also lots of bugfixes related to the new trees.
2001-07-20 20:25:10 +00:00
Guus Sliepen
37ed4265fa Remove all unnecessary status.meta and status.active checks. 2001-07-20 13:54:19 +00:00
Guus Sliepen
5e2ded68bf Correctly use the active_tree. 2001-07-19 12:29:40 +00:00
Guus Sliepen
319e0cb48e Split connection list into two lists:
- one list to handle all incoming/outgoing TCP connections
 - another list to handle all UDP connections

This will prevent race conditions.
2001-07-15 18:07:31 +00:00
Guus Sliepen
b3074590b1 Correct inclusion of standard if_tun.h header file. 2001-07-15 14:21:12 +00:00
Guus Sliepen
1e2bdc2b6d - Always use <openssl/include.h> instead of just <include.h>
- Check if RAND_pseudo_bytes() exists, otherwise just use RAND_bytes()
2001-07-04 08:41:36 +00:00
Guus Sliepen
5d34503574 Execute tinc-down BEFORE tap device is closed. This is a. more symmetric
(tinc-up is started after tap device is opened) and b. is needed for
tun/tap device, where the interface does not exist anymore after the
device file is closed.
2001-06-29 10:30:18 +00:00
Guus Sliepen
9e96840da8 Remove #warnings I used for debugging stuff. 2001-06-21 16:37:47 +00:00
Guus Sliepen
04ec0b82ab - Solaris compile fixes
- Set mymac to broadcast MAC so that ifconfig hw ether <...> is really not
  needed anymore.
- Forwarding of indirect packets when in switch mode (because the kernel
  will not do it for us then).
2001-06-21 16:16:32 +00:00
Guus Sliepen
ba918dce28 Only reset seconds_till_retry when we activate the outgoing connection. 2001-06-08 18:02:10 +00:00
Guus Sliepen
9cd9b03923 Add missing? counting of total_socket_in. 2001-06-05 19:45:47 +00:00
Guus Sliepen
7bd7f5b436 You can now put an option "Mode" in tinc.conf, and choose from:
- Mode = router (default, work like tinc has always worked)
- Mode = switch (work like a switch)
- Mode = hub    (work like a hub, broadcasting everything)
2001-06-05 19:39:54 +00:00
Guus Sliepen
4f9dad0972 - tinc can now act as a switch or a hub too (as opposed to a router only)
- cleaner initialisation of "UNKNOWN" and "MYSELF" names
2001-06-05 16:09:55 +00:00
Guus Sliepen
7db1b999c8 Make sure Solaris is happy too. 2001-05-28 08:56:57 +00:00
Guus Sliepen
65247c063b Small fixes to allow correct compilation under FreeBSD (tested with 4.3) 2001-05-28 08:21:43 +00:00
Guus Sliepen
fcf869cd42 TCPonly now works (in a relatively clean way too). 2001-05-25 11:54:28 +00:00
Guus Sliepen
a5e2ae6b2b With recent kernels the tun device file is located in /dev/net. 2001-05-25 10:08:11 +00:00
Guus Sliepen
4dee76522e Small fixes:
- Fix compiler warnings (one was a real (but harmless) bug)
- Don't send PING packets if there is UDP traffic
- Correctly terminate strings containing salt for PING/PONG packets
2001-05-25 08:36:11 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
2001-05-07 19:08:46 +00:00
Guus Sliepen
a26081467c Correctly cycle through ConnectTo variables. 2001-05-04 18:45:02 +00:00
Guus Sliepen
c426e981ee Ignore alarm signals if we do not need to respond to them. 2001-03-13 21:32:24 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
2001-03-04 13:59:32 +00:00
Guus Sliepen
125c497881 Various small fixes. 2001-03-01 21:32:04 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
173d606514 - Fixed Interface option (untested)
- Removed error handling for non-critical socket options
- Added TCP_NODELAY and IPTOS_LOWDELAY options for meta sockets.
2001-02-27 16:17:04 +00:00
Guus Sliepen
24fa685859 Don't forget to reconnect if outgoing connection fails during
authentication.
2001-02-27 15:33:39 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode.
(This breaks compatibility with all previous versions!)
2001-02-25 16:34:19 +00:00
Guus Sliepen
9de5787574 Copy packets before putting them in the queue. 2001-02-25 16:04:00 +00:00
Guus Sliepen
a56df1e06b - Allow ASN1 style keys to be in the config files.
Note: tinc ignores private key in the main config file, tinc.conf,
  because it should really be in a separate file.
- When generating new keys, check if name is known and by default append
  the public key to the host configuration file (otherwise rsa_key.pub).
2001-01-13 16:36:23 +00:00
Guus Sliepen
d646f4e094 - Only send out DEL_HOSTs for hosts with a meta connection 2001-01-11 11:19:08 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore
- Allow keys to be inside the config files or in a seperate file
- Small fixes
2000-12-22 21:34:24 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key();
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
2000-11-30 23:18:21 +00:00
Ivo Timmermans
28deaeac14 Avoid printing duplicate messages from read_rsa_keys 2000-11-30 22:48:48 +00:00
Ivo Timmermans
2293304748 Better error checking when reading the RSA private key. 2000-11-30 22:33:16 +00:00
Ivo Timmermans
09260b43d1 Read the PEM file pointed to by the configuration directive
PrivateKey.  This means thatt he meaning of this variable has changed,
it no longer should contain the private key directly.

WARNING: This code is untested.
2000-11-30 20:08:41 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility)
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
2000-11-25 13:33:33 +00:00
Guus Sliepen
cf49b2c064 Another big & bad commit:
- Added some extra search functions to rbl routines
- Fix subnet_lookup()
- Reorder some syslog messages to make more sense
- daemon() is back
- Don't let scripts execute in parallel (gives race conditions, and
  anyway something MIGHT just be configured which is necessary for further
  execution of tinc itself)
- Accidently merged check_child() with execute_script().
- Small fixes
2000-11-24 23:13:07 +00:00
Guus Sliepen
da9a1e8084 - More fixes. 2000-11-20 23:29:47 +00:00
Guus Sliepen
3a6200c1e3 - Various small fixes. 2000-11-20 22:13:14 +00:00
Guus Sliepen
1857b3c97c - Proper initialization of rbltree structures. 2000-11-20 19:41:13 +00:00
Guus Sliepen
408ca91766 - Integrate rbl trees into tinc. 2000-11-20 19:12:17 +00:00
Ivo Timmermans
485f7a5043 Delete struct ifr 2000-11-16 22:11:40 +00:00
Ivo Timmermans
2764532ea7 Move all process-related functions into process.c. 2000-11-16 17:54:29 +00:00
Ivo Timmermans
7f87c3d913 Keep a list of running children, and in each loop in main_loop(),
check if one has exited.
2000-11-15 22:07:36 +00:00
Guus Sliepen
e118ba0a64 Porting to FreeBSD:
- Reorganized and added some #includes
2000-11-15 13:33:27 +00:00
Ivo Timmermans
596e248bc5 Let the output from an executed script in execute_script() go to
syslog, with proper error detection.
2000-11-15 01:28:21 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during
configure.
2000-11-15 01:06:13 +00:00
Guus Sliepen
5055e1dedc - Applied Jamie Brigg's patch (close sockets after error) 2000-11-08 17:56:34 +00:00
Guus Sliepen
f8f1007bf4 Porting to SunOS 5.8:
- More #includes Linux doesn't seem to need
- Don't do unsetenv() on SunOS
- Use a replacement asprintf() in case the OS doesn't support it
It now compiles properly under SunOS.
2000-11-08 00:10:50 +00:00
Guus Sliepen
f95cc86d0c Changed execution of tinc-up:
- Do not free() strings that have been putenv()d, see man page of the
  latter.
- Do not set IFNAME anymore, it appears that the ioctl to get the name of
  the interface does not work at all. Since it is set to NETNAME in case
  of tun/tap and it is known beforehand in case of ethertap, there is no
  need for it anyway... (though it would've simplified things).
2000-11-07 21:43:28 +00:00
Guus Sliepen
698191fd2f - Prepended config_ to all configuration option names, because it confused
everything (including myself).
- Use connection oriented UDP sockets for both incoming and outgoing
  packets.
2000-11-04 22:57:33 +00:00
Guus Sliepen
afc0579707 - Simplified ping mechanism. 2000-11-04 20:44:28 +00:00
Guus Sliepen
5019dd8791 - Check for packets that are looping back. 2000-11-04 17:09:10 +00:00
Ivo Timmermans
15246df85d In execute_script:
- add an environment variable NETNAME.
- chdir to the configuration directory before execing the script.
2000-11-04 15:32:05 +00:00
Guus Sliepen
3d7189a444 - Resolve scriptname after fork() 2000-11-04 14:52:40 +00:00