j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
553 commits 2 branches 0 tags 10 MiB
Commit graph

117 commits

Author SHA1 Message Date
Guus Sliepen
bfc5d6014e Only send key_changed if it was previously requested. 2001-05-24 21:52:26 +00:00
Guus Sliepen
d1b597758e Add randomness to PING/PONG packets to prevent crypto attacks on quiet 
tunnels.
 2001-05-24 21:29:09 +00:00
Guus Sliepen
e4f3d93ec6 - s/ip_t/ipv4_t/g 
- Add "salt" to the beginning of UDP packets. Replaces length field which
  is not useful anyway.
 2001-05-07 19:08:46 +00:00
Guus Sliepen
156ec67652 Check indirectdata option before forwarding certain requests. 2001-03-13 21:33:31 +00:00
Guus Sliepen
34f9e6cf2d - route.c is now used to determine destination 
- flags are removed, since they were not used at all. Use options instead.
- indirectdata works now, tcponly almost...
- made functions that don't return useful information void
 2001-03-04 13:59:32 +00:00
Guus Sliepen
d2a54597e0 Added explaination of our key exchange using RSA encryption. 2001-03-02 11:25:56 +00:00
Guus Sliepen
4fa12eb85d Removed lots of compiler warnings. 2001-02-27 16:37:31 +00:00
Guus Sliepen
34b7a876c3 - Make sure METAKEY is smaller than the modulus of the RSA key 
- Get symmetric key from the least significant bytes of the RSA message
 2001-02-26 11:37:20 +00:00
Guus Sliepen
82455be966 Implemented new authentication scheme from doc/SECURITY2. 2001-02-25 19:09:45 +00:00
Guus Sliepen
54881faf6f Encrypt network packets in CBC mode instead of CFB mode. 
(This breaks compatibility with all previous versions!)
 2001-02-25 16:34:19 +00:00
Guus Sliepen
153fc35e57 Corrected check for errors after read() calls. 2001-02-25 11:09:29 +00:00
Guus Sliepen
f1cb3d8fa5 Removed another local definition of the variable "errno" 2001-02-06 10:42:27 +00:00
Guus Sliepen
f777c1807d FreeBSD compile fixes (thanks to XeF4) 2001-02-06 10:12:51 +00:00
Guus Sliepen
11f3e9d138 - Squashed another nasty bug. 2001-01-08 20:35:30 +00:00
Guus Sliepen
447a43d639 - Added indirectdata and tcponly functionality. 2001-01-07 20:19:35 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
07a08f5539 - Reinstated a queue for outgoing packets. 2001-01-07 15:25:49 +00:00
Guus Sliepen
f7bb205022 - Check and follow symlinks in is_safe_path 
- By default write keys to tinc config directory
- Small fix in protocol.c
 2001-01-06 18:03:41 +00:00
Guus Sliepen
e924096f62 - Let user choose whether keys are in the config files or separate 
- Use AVL trees instead of RBL trees
- Fixed a lot of annoying subtle bugs! Thanks to gdb...
 2001-01-05 23:53:53 +00:00
Guus Sliepen
e1707f7739 - Don't even think about using sscanf with %as anymore 
- Allow keys to be inside the config files or in a seperate file
- Small fixes
 2000-12-22 21:34:24 +00:00
Ivo Timmermans
6327f32f43 Tiny bits of code beautifying 2000-12-05 08:59:30 +00:00
Ivo Timmermans
a0f7af3ed7 New function read_rsa_public_key(); 
In net.c/setup_myself deleted old code to read the public key (which
is now implicitly read in together with the private key).
 2000-11-30 23:18:21 +00:00
Guus Sliepen
1eedf54681 - Use only one socket for all UDP traffic (for compatibility) 
- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
 2000-11-25 13:33:33 +00:00
Guus Sliepen
6f373e6902 - More porting to FreeBSD and Solaris. 2000-11-22 22:05:37 +00:00
Guus Sliepen
5971e352da - Work with the correct key buffer in ans_key_h 2000-11-22 20:25:27 +00:00
Guus Sliepen
a07602c4fd - No more %as. 2000-11-22 19:55:53 +00:00
Guus Sliepen
f8b4a000d0 - Cleaned up and checked for some more NULL pointers in rbl.c 
- Two connection lists: one for incoming connections, sorted on ip/port,
  one for connections whose identity we know, sorted on id ofcourse...
 2000-11-22 18:54:08 +00:00
Guus Sliepen
408ca91766 - Integrate rbl trees into tinc. 2000-11-20 19:12:17 +00:00
Guus Sliepen
e118ba0a64 Porting to FreeBSD: 
- Reorganized and added some #includes
 2000-11-15 13:33:27 +00:00
Ivo Timmermans
bb2495e569 Use the HAVE_OPENSSL_xxx_H defined from m4/openssl.m4 during 
configure.
 2000-11-15 01:06:13 +00:00
Guus Sliepen
7d0f82bd4b - Open UDP connection for all known hosts. Comments please. 2000-11-07 22:02:14 +00:00
Guus Sliepen
698191fd2f - Prepended config_ to all configuration option names, because it confused 
everything (including myself).
- Use connection oriented UDP sockets for both incoming and outgoing
  packets.
 2000-11-04 22:57:33 +00:00
Guus Sliepen
afc0579707 - Simplified ping mechanism. 2000-11-04 20:44:28 +00:00
Guus Sliepen
ac47586552 - Forward keys in hex notation, not as binary data. 2000-11-04 16:54:21 +00:00
Guus Sliepen
3f8f067e8b - Don't forget to set packet cipher for added hosts. 2000-11-04 16:39:19 +00:00
Ivo Timmermans
5065ea32c3 Warnings removal pass: always include config.h first; add a few 
prototypes in the header files.

This also fixes a few lint errors/warnings.
 2000-11-03 22:35:12 +00:00
Guus Sliepen
b7d4d4c177 - Finishing touch: encrypt the meta connections 2000-10-29 22:55:15 +00:00
Guus Sliepen
ec12269355 - Use CFB mode for encrypting packets: it works and we don't need padding. 2000-10-29 22:10:44 +00:00
Guus Sliepen
cea3d8f305 - Small fixes 
- Do proper key exchange
- Encrypt packets - it works, but there is something wrong with the MAC
  header after decryption...
 2000-10-29 10:39:08 +00:00
Guus Sliepen
8fa9bc017d - Removed old encr stuff 2000-10-29 09:19:27 +00:00
Guus Sliepen
2689690dc3 - Enforce correct order of authentication requests 2000-10-29 01:08:09 +00:00
Guus Sliepen
7398002ade - Fixed ans_key_h 
- Removed tapsubnet configuration option.
 2000-10-29 00:24:31 +00:00
Guus Sliepen
35932fe6c8 - Very big cleanup. 2000-10-29 00:02:20 +00:00
Guus Sliepen
f25868fd2b - Lots of small fixes 
- Exchange subnets on acknowledgement of connection
- Do proper lookup when incoming packets from tap
- off-by-a small number-error when reading/sending tap packets
 2000-10-28 21:05:20 +00:00
Guus Sliepen
9c2f805255 - Lots of little stuff modified 
- Succesfully reads in subnets from host config file now and adds them to
  the list.
 2000-10-24 15:46:18 +00:00
Guus Sliepen
52b842f807 - Fixed all debug levels. 
- Seed PRNG before generating a challenge
- Strange thing in challenge decryption: it fails if first bit is set!?
 2000-10-21 11:52:08 +00:00
Guus Sliepen
9f64499e40 - tinc now really does public/private key encryption! It even works, whee! 2000-10-20 15:34:38 +00:00
Guus Sliepen
20301888b7 - More fixing. Tinc daemons can now even create activated connections. 2000-10-16 19:04:47 +00:00
Guus Sliepen
bb3d18d56f - Fixing little things 
- Two tinc daemons can connect to eachother now (but they disconnect right
  after the ACKs).
 2000-10-16 16:33:30 +00:00
Guus Sliepen
85adeef212 - The daemon actually runs now (somewhat) 
- Added support for tun/tap driver (autodetect!)
- More sophisticated checkpoint functionality
- Updated dutch translation
 2000-10-15 00:59:37 +00:00