Commit graph

2460 commits

Author SHA1 Message Date
Guus Sliepen
e82bec6670 Forbid protocol version rollback.
When we know a node's ECDSA key, we only allow communication via the SPTPS
protocol.
2013-07-21 00:13:38 +02:00
Guus Sliepen
fab2965d38 Attribution for Etienne Dechamps. 2013-07-20 23:41:01 +02:00
Etienne Dechamps
51c1639884 Fix hash_function().
The hashing function that tinc uses is currently broken as it only looks
at the first 4 bytes of data.

This leads to interesting bugs, like the node UDP address cache being
subtly broken because two addresses with the same protocol and port (but
not the same IP address) will override each other. This is because
the first four bytes of sockaddr_in contains the IP protocol and port,
while the IP address itself is contained in the four remaining bytes
that are never used when the hash is computed.
2013-07-20 23:31:19 +02:00
Guus Sliepen
1828908148 Don't use vasprintf() anymore on Windows.
Windows doesn't actually support it, but MinGW provides it. However, with some versions of
MinGW it doesn't work correctly. Instead, we vsnprintf() to a local buffer and xstrdup() the
results.
2013-07-17 18:06:56 +02:00
Guus Sliepen
54127996ca Don't search in local directories for include files.
Tinc's source code doesn't rely on this anymore, and this gets rid of potential conflicts with
system headers.
2013-07-17 18:02:07 +02:00
Guus Sliepen
fb1e69072e Add missing definitions on Windows. 2013-07-17 18:00:40 +02:00
Guus Sliepen
918067f117 Fix warning "Both netname and configuration directory given" on Windows. 2013-07-15 14:48:43 +02:00
Etienne Dechamps
633b7cbb45 Fix combination of Mode = router and DeviceType = tap on Linux.
I believe I have found a bug in tinc on Linux when it is used with
Mode = router and DeviceType = tap. This combination is useful because
it allows global broadcast packets to be used in router mode. However,
when tinc receives a packet in this situation, it needs to make sure its
destination MAC address matches the address of the TAP adapter, which is
typically not the case since the sending node doesn't know the MAC
address of the recipient. Unfortunately, this is not the case on Linux,
which breaks connectivity.
2013-07-15 00:28:35 +02:00
Guus Sliepen
24e3ec863e Add connection rate limiting.
Tinc now strictly limits incoming connections from the same host to 1 per
second. For incoming connections from multiple hosts short bursts of incoming
connections are allowed (by default 100), but on average also only 1 connection
per second is allowed.

When an incoming connection exceeds the limit, tinc will keep the connection in
a tarpit; the connection will be kept open but it is ignored completely. Only
one connection is in a tarpit at a time to limit the number of useless open
connections.
2013-07-11 23:38:38 +02:00
Guus Sliepen
2eba793305 Set $NAME when calling host-up/down and subnet-up/down scripts. 2013-07-05 21:36:51 +02:00
Guus Sliepen
b811e980e3 Add the LocalDiscoveryAddress option.
When LocalDiscovery is enabled, tinc normally sends broadcast packets during
PMTU discovery to the broadcast address (255.255.255.255 or ff02::1). This
option lets tinc use a different address.

At the moment only one LocalDiscoveryAddress can be specified.
2013-05-31 18:50:34 +02:00
Guus Sliepen
e92b2004e2 Use strerror() instead of gai_strerror() when err == EAI_SYSTEM. 2013-05-31 17:23:00 +02:00
Guus Sliepen
ce5e0f6557 Allow the log output to be stopped with control-C in tinc's shell. 2013-05-30 17:38:48 +02:00
Guus Sliepen
6bf3595a91 Better optional argument handling.
Some options can take an optional argument. However, in this case GNU getopt
requires that the optional argument is right next to the option without
whitespace inbetween. If there is whitespace, getopt will treat it as a
non-option argument, but tincd ignored those without a warning. Now tincd will
allow optional arguments with whitespace inbetween, and will give an error when
it encounters any other non-option arguments.

The tinc binary now requires that all options for itself are given before the
command.
2013-05-30 16:53:16 +02:00
Guus Sliepen
ced4c1a327 Add an invitation protocol.
Using the tinc command, an administrator of an existing VPN can generate
invitations for new nodes. The invitation is a small URL that can easily
be copy&pasted into email or live chat. Another person can have tinc
automatically setup the necessary configuration files and exchange keys
with the server, by only using the invitation URL.

The invitation protocol uses temporary ECDSA keys. The invitation URL
consists of the hostname and port of the server, a hash of the server's
temporary ECDSA key and a cookie. When the client wants to accept an
invitation, it also creates a temporary ECDSA key, connects to the server
and says it wants to accept an invitation. Both sides exchange their
temporary keys. The client verifies that the server's key matches the hash
in the invitation URL. After setting up an SPTPS connection using the
temporary keys, the client gives the cookie to the server. If the cookie
is valid, the server sends the client an invitation file containing the
client's new name and a copy of the server's host config file. If everything
is ok, the client will generate a long-term ECDSA key and send it to the
server, which will add it to a new host config file for the client.

The invitation protocol currently allows multiple host config files to be
send from the server to the client. However, the client filters out
most configuration variables for its own host configuration file. In
particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and
AutoConnect. Also, at the moment no tinc-up script is generated.

When an invitation has succesfully been accepted, the client needs to start
the tinc daemon manually.
2013-05-29 18:31:10 +02:00
Guus Sliepen
12e68b95e6 Fix port number in pidfile. 2013-05-28 13:41:53 +02:00
Guus Sliepen
cbe03b0932 Add a newline when logging to stderr in the tinc binary. 2013-05-28 13:40:32 +02:00
Guus Sliepen
c3d357af6c Improve base64 encoding/decoding, add URL-safe variant.
b64decode() now returns length 0 when an invalid character was encountered.
2013-05-28 13:39:15 +02:00
Guus Sliepen
ad93dc3a4b Annotate the xalloc functions.
Most important is the annotation of xasprintf() with the format attribute,
which allows the compiler to give warnings about the format string and
arguments.
2013-05-28 13:36:26 +02:00
Guus Sliepen
bc87b45003 Send a new key when we receive packets from a node we don't have a valid key for. 2013-05-18 16:11:30 +02:00
Guus Sliepen
a9b80226e1 Enable and fix warnings from automake. 2013-05-15 13:55:06 +02:00
Sven-Haegar Koch
a518f82af7 Modified some error messages in src/sptps.c. 2013-05-15 13:53:13 +02:00
Guus Sliepen
fa20cfceec Don't try to handle incoming data if sptps_start() has not been called yet. 2013-05-12 13:39:22 +02:00
Guus Sliepen
52f64cdf95 Fix potential NULL pointer dereferences. 2013-05-11 16:54:50 +02:00
Guus Sliepen
d03dc91e27 Don't free ephemeral ECDH keys twice.
ecdh_compute_shared() was changed to immediately delete the ephemeral key after
the shared secret was computed.  Therefore, the pointer to the ecdh_t struct
should be zeroed so it won't be freed again when a struct sptps_t is freed.
2013-05-11 14:14:20 +02:00
Guus Sliepen
fc119fb009 Use read_host_config() where appropriate. 2013-05-11 14:05:28 +02:00
Guus Sliepen
3c163a3796 Fix check for presence of ECDSA public key for outgoing connections.
At this point, c->config_tree may or may not be NULL, but this does not tell us whether it is an
outgoing connection or not. For incoming connections, we do not know the peer's name yet,
so we always have to claim ECDSA support. For outgoing connections, we always need to check
whether we have the peer's ECDSA public key, so that if we don't, we correctly tell the peer that
we want to upgrade.
2013-05-11 14:04:39 +02:00
Guus Sliepen
c83c2d080f Enable the SPTPS protocol by default. 2013-05-10 21:18:32 +02:00
Guus Sliepen
ee34ac3d61 Add a few more checks and warnings in the crypto functions. 2013-05-10 20:55:52 +02:00
Guus Sliepen
214060ef20 Fix warnings for functions marked __attribute((warn_unused_result)). 2013-05-10 20:30:47 +02:00
Guus Sliepen
7b949262c4 Add __attribute__((warn_unused_result)) to crypto functions. 2013-05-10 20:23:01 +02:00
Guus Sliepen
45063953fd Add more __attribute__((malloc)) where appropriate. 2013-05-10 20:15:27 +02:00
Guus Sliepen
0acdce222f Add generic crypto headers.
They should have been included in commit 9b9230a.
2013-05-01 17:58:30 +02:00
Guus Sliepen
5b07039b07 Rename xmalloc_and_zero() to xzalloc().
The former name is more or less only used by tinc, the latter is used by other
projects as well, and shorter as well.
2013-05-01 17:31:33 +02:00
Guus Sliepen
9b9230a0a7 Use conditional compilation for cryptographic functions.
This gets rid of the rest of the symbolic links. However, as a consequence, the
crypto header files have now moved to src/, and can no longer contain
library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t
and rsa_t are now all opaque types, and only pointers to those types can be
used.
2013-05-01 17:17:22 +02:00
Guus Sliepen
e70b5b5bd7 Use conditional compilation for device.c.
This requires the automake option "subdir-objects" to be enabled, and it
becomes more critical to specify the exact path to local header files.
2013-05-01 12:20:06 +02:00
Guus Sliepen
9f8020a09c Modernize the configure script a bit. 2013-05-01 11:46:40 +02:00
Guus Sliepen
43c72093ad Don't try to create tinc.conf when using set or add commands.
It is almost certainly an error. If one really wants to create a new tinc.conf
file, one should use the init command.
2013-04-28 19:33:04 +02:00
Guus Sliepen
8e732fcbbb Releasing 1.1pre7. 2013-04-22 15:54:05 +02:00
Guus Sliepen
258bf7ea0f Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
Normally all requests sent via the meta connections are checked so that they
cannot be larger than the input buffer. However, when packets are forwarded via
meta connections, they are copied into a packet buffer without checking whether
it fits into it. Since the packet buffer is allocated on the stack, this in
effect allows an authenticated remote node to cause a stack overflow.

This issue was found by Martin Schobert.
2013-04-22 15:53:45 +02:00
Guus Sliepen
9e2ae03d1d Fix completion of add/del/get/set commands. 2013-03-12 11:28:40 +01:00
Guus Sliepen
f8f250ca12 Describe the SPTPS protocol in the manual.
Also mention that Cipher, Digest and MACLength have no influence on the SPTPS protocol,
since that uses a fixed ciphersuite.
2013-03-12 10:49:45 +01:00
Guus Sliepen
40666a5f5b Remove references to the config keyword. 2013-03-08 16:26:21 +01:00
Guus Sliepen
23a634becf Rename tincctl to tinc. 2013-03-08 16:22:56 +01:00
Guus Sliepen
3793cf10da Include README.android in the tarballs. 2013-03-08 14:12:48 +01:00
Guus Sliepen
4c30004cb6 Avoid calling time(NULL).
In most cases we can use the cached time.
2013-03-08 14:11:15 +01:00
Guus Sliepen
af77e5d475 Allow changing configuration with tincctl without the "config" keyword.
This saves typing some characters, and forces one to be more explicit about the
desired command (get, set).
2013-03-08 11:40:40 +01:00
Guus Sliepen
1d226977a4 Better default output file for generated public keys. 2013-03-08 11:24:37 +01:00
Guus Sliepen
f9ab8e266b Flush output buffers in the tap reader thread on Windows.
This is basically a port of commit 50fcfea1 to 1.1.
2013-03-01 17:37:56 +01:00
Guus Sliepen
4d05e695ab Use UDP when using sptps_test in datagram mode. 2013-02-22 15:37:48 +01:00