Commit graph

2267 commits

Author SHA1 Message Date
Guus Sliepen
ea415ccc16 Rename connection_t *broadcast to everyone. 2012-02-20 17:12:48 +01:00
Guus Sliepen
cff5a844a3 Don't bind outgoing TCP sockets anymore.
The code introduced in commit 41a05f59ba is not
needed anymore, since tinc has been able to handle UDP packets from a different
source address than those of the TCP packets since 1.0.10.  When using multiple
BindToAddress statements, this code does not make sense anymore, we do want the
kernel to choose the source address on its own.
2012-02-20 16:52:53 +01:00
Guus Sliepen
0233b1d710 Decrement TTL of incoming packets.
Tinc will now, by default, decrement the TTL field of incoming IPv4 and IPv6
packets, before forwarding them to the virtual network device or to another
node. Packets with a TTL value of zero will be dropped, and an ICMP Time
Exceeded message will be sent back.

This behaviour can be disabled using the DecrementTTL option.
2012-02-20 16:34:02 +01:00
Guus Sliepen
6289859ab3 Only compile raw socket code when it is supported on that platform. 2012-02-20 15:44:52 +01:00
Guus Sliepen
d1dcdf8eb6 Merge branch 'master' of black:tinc 2012-02-18 14:31:08 +01:00
Guus Sliepen
3b1fad04de Allow setting DeviceType to tun or tap on Linux. 2012-02-18 14:37:52 +01:00
Guus Sliepen
6455654d26 Send packets back using the same socket as they were received on. 2012-02-18 11:48:21 +01:00
Guus Sliepen
1b2846d907 Merge branch 'master' of black:tinc 2012-02-18 11:43:00 +01:00
Guus Sliepen
9f6a96af39 Allow multiple BindToAddress statements. 2012-02-17 16:25:00 +01:00
Guus Sliepen
708314df2f Set FD_CLOEXEC flag on all sockets.
Scripts called by tinc would inherit its open filedescriptors. This could
be a problem if other long-running daemons are started from those scripts,
if those daemons would not close all filedescriptors before going into the
background.

Problem found and solution suggested by Nick Hibma.
2012-02-17 16:13:38 +01:00
Guus Sliepen
1f00111e94 Fix a few small memory leaks. 2011-12-26 23:11:27 +01:00
Guus Sliepen
b50d6a7f2a Fix compiler warnings. 2011-12-26 23:04:40 +01:00
Guus Sliepen
178e52f76e Allow linking with multiple device drivers.
Apart from the platform specific tun/tap driver, link with the dummy and
raw_socket devices, and optionally with support for UML and VDE devices.
At runtime, the DeviceType option can be used to select which driver to
use.
2011-12-04 01:20:59 +01:00
Guus Sliepen
5672863e59 Fix a few small memory leaks. 2011-12-03 21:59:47 +01:00
Guus Sliepen
52ded09d17 Add vde/device.c to the tarball. 2011-11-27 12:13:16 +01:00
Guus Sliepen
2c7c87ec75 Fix compilation of VDE and UML interfaces. 2011-11-27 12:12:34 +01:00
Guus Sliepen
2a9060bba6 Exchange ACK records to indicate switch to new keys.
This allow application records to be sent while key renegotiation is still
happening.
2011-10-06 15:32:12 +02:00
Guus Sliepen
3b5898078a Use counter mode encryption. 2011-10-06 09:34:34 +02:00
Guus Sliepen
a0f795ff5b Add counter mode encryption. 2011-10-06 09:33:09 +02:00
Guus Sliepen
67ff81ec16 Test corner cases in the SPTPS protocol.
* Test zero-byte messages.
* Test maximum size (65535 byte) messages.
* Test different message types.
* Test key renegotiation.
2011-10-05 22:05:13 +02:00
Guus Sliepen
3001351150 Update SPTPS protocol.
* Exchange nonce and ECDH public key first, calculate the ECDSA signature
  over the complete key exchange.
* Make an explicit distinction between client and server in the signatures.
* Add more comments and replace some magic numbers by #defines.

Thanks to Erik Tews for very helpful hints and comments!
2011-10-05 22:00:51 +02:00
Guus Sliepen
810847248a Fix compiler warning. 2011-10-05 21:59:33 +02:00
Guus Sliepen
ddea7a23a6 Return false instead of void when there is an error. 2011-08-30 20:49:48 +02:00
Guus Sliepen
e838289683 Prevent read_rsa_public_key() from returning an uninitialized RSA structure.
In case the config file could not be opened a new but unitialized RSA structure
would be returned, causing a segmentation fault later on. This would only
happen in the case that the config file could be opened before, but not when
read_rsa_public_key() was called. This situation could occur when the --user
option was used, and the config files were not readable by the specified user.
2011-08-30 20:04:18 +02:00
Guus Sliepen
5d4336e542 Handle UDP packets with unknown source addresses properly.
Probably due to a merge, the try_harder() function had duplicated the
rate-limiting code for detecting the sender node based on the HMAC of the
packet. This prevented this detection from running at all. The function is now
identical again to that in the 1.0 branch.
2011-08-10 17:04:17 +02:00
Michael Tokarev
bbc0ba9e87 use execvp() not execve() in tincctl start
sometimes argv[0] will have directory-less name (when the
command is started by shell searching in $PATH for example).
For tincctl start we want the same rules to run tincd as for
tincctl itself (having full path is better but if shell does
not provide one we've no other choice).  Previous code tried
to run ./tincd in this case, which is obviously wrong.

This is a fix for the previous commit.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2011-08-07 10:51:21 +02:00
Michael Tokarev
a7556a9d2c run tincd from the same directory as tincctl and pass all options to it
For tincctl start, run tincd from dirname($0) not SBINDIR -
this allows painless alternative directory installation and
running from build directory too.

Also while at it, pass the rest of command line to tincd, not
only options before "start" argument.  This way it's possible
to pass options to tincd like this:
  tincctl -n net start -- -d 1 -R -U tincuser ...

And also add missing newline at the end of error message there.

Signed-Off-By: Michael Tokarev <mjt@tls.msk.ru>
2011-08-07 10:12:43 +02:00
Michael Tokarev
2696ad2cca don't mention reload twice in tincctl help
Signed-Off-By: Michael Tokarev <mjt@tls.msk.ru>
2011-08-07 10:12:38 +02:00
Guus Sliepen
3d75dbc088 Start of "Simple Peer-To-Peer Security" protocol.
Encryption and authentication of the meta connection is spread out over
meta.c and protocol_auth.c. The new protocol was added there as well,
leading to spaghetti code. To improve things, the new protocol will now
be implemented in sptps.[ch].

The goal is to have a very simplified version of TLS. There is a record
layer, and there are only two record types: application data and
handshake messages. The handshake message contains a random nonce, an
ephemeral ECDH public key, and an ECDSA signature over the former. After
the ECDH public keys are exchanged, a shared secret is calculated, and a
TLS style PRF is used to generate the key material for the cipher and
HMAC algorithm, and further communication is encrypted and authenticated.

A lot of the simplicity comes from the fact that both sides must have
each other's public keys in advance, and there are no options to choose.
There will be one fixed cipher suite, and both peers always authenticate
each other. (Inspiration taken from Ian Grigg's hypotheses[0].)
There might be some compromise in the future, to enable or disable
encryption, authentication and compression, but there will be no choice
of algorithms. This will allow SPTPS to be built with a few embedded
crypto algorithms instead of linking with huge crypto libraries.

The API is also kept simple. There is a start and a stop function. All
data necessary to make the connection work is passed in the start
function. Instead having both send- and receive-record functions, there
is a send-record function and a receive-data function. The latter will
pass protocol data received from the peer to the SPTPS implementation,
which will in turn call a receive-record callback function when
necessary. This hides all the handshaking from the application, and is
completely independent from any event loop or socket characteristics.

[0] http://iang.org/ssl/hn_hypotheses_in_secure_protocol_design.html
2011-07-24 15:44:51 +02:00
Guus Sliepen
0f2aa4bd8b Releasing 1.0.16. 2011-07-23 14:12:23 +02:00
Guus Sliepen
e16ead8dd9 Use usleep() instead of sleep(), MinGW complained. 2011-07-23 14:11:44 +02:00
Guus Sliepen
ff751903aa Don't abort() on low-level crypto errors, just return false.
The abort() calls were accidentily left in for debugging.
2011-07-20 08:19:18 +02:00
Guus Sliepen
2f4ccfe247 Fix tinc 1.0.x daemons connecting when ExperimentalProtocol = yes. 2011-07-19 21:11:11 +02:00
Guus Sliepen
f8d94f34fc Releasing 1.1pre2. 2011-07-17 20:09:08 +02:00
Guus Sliepen
c259d552fa Add missing newline. 2011-07-17 20:06:06 +02:00
Guus Sliepen
f6020a5224 Write loopback address instead of "any" address in pidfile. 2011-07-17 20:01:24 +02:00
Guus Sliepen
50fcfea127 Flush output buffer in send_tcppacket().
This is mainly important for Windows, where the select() call in the
main thread is not being woken up when the tapreader thread calls
route(), causing a delay of up to 1 second before the output buffer is
flushed. This would cause bad performance when UDP communication is not
possible.
2011-07-17 19:34:01 +02:00
Guus Sliepen
25091454da "tincctl stop" now removes the tinc service on Windows. 2011-07-17 19:23:52 +02:00
Guus Sliepen
c6c989cfa1 Fix declaration of usleep(). 2011-07-17 18:02:56 +02:00
Guus Sliepen
18e9839dc8 Ensure symlinked files do not end up in the tarball. 2011-07-17 10:59:54 +02:00
Guus Sliepen
fa4a01e4a2 Use const pointer to source in base64 and hex routines. 2011-07-16 22:38:50 +02:00
Guus Sliepen
574b380dfc Use usleep() instead of sleep(), MinGW complained. 2011-07-16 22:38:22 +02:00
Guus Sliepen
8efc8dc961 Update info manual. 2011-07-16 21:44:17 +02:00
Guus Sliepen
cff27a258f Use ECDSA to sign ECDH key exchange for UDP session keys.
The ECDSA public keys will also be included in the ANS_KEY requests,
but are only used when no ECDSA public key is known yet.
2011-07-16 20:21:44 +02:00
Guus Sliepen
03ac48ea19 Use the same logic as tinc 1.0.x for detecting two nodes with the same Name. 2011-07-16 15:21:37 +02:00
Guus Sliepen
2ba61742d4 Use the correct direction flag when setting cipher keys.
The flag was set incorrectly, but for most ciphers this does not have
any effect. AES in any of the block modes is picky about it though.
2011-07-16 15:15:29 +02:00
Guus Sliepen
be2fc8b045 Make code to detect two nodes with the same Name less triggerhappy.
First of all, if there really are two nodes with the same name, much
more than 10 contradicting ADD_EDGE and DEL_EDGE messages will be sent.
Also, we forgot to reset the counters when nothing happened.

In case there is a ADD_EDGE/DEL_EDGE storm, we do not shut down, but
sleep an increasing amount of time, allowing tinc to recover gracefully
from temporary failures.
2011-07-16 10:47:35 +02:00
Guus Sliepen
303dd1e702 Fix compiler warnings. 2011-07-13 22:52:52 +02:00
Guus Sliepen
791c1898ea Remove unnecessary variables and functions. 2011-07-13 22:31:53 +02:00
Guus Sliepen
fec279a9c5 Make use of the improved hex and base64 functions.
Also, use base64 for all EC related data, it is shorter and easy to
distinguish from the legacy protocol.
2011-07-12 23:43:12 +02:00