Commit graph

2743 commits

Author SHA1 Message Date
Guus Sliepen
e4b586ed07 - Log possible spoofing attacks.
- Don't broadcast DEL_HOSTs for hosts that haven't been activated yet.
- If a host sends a TERMREQ, deactivate them.
2000-06-25 15:45:09 +00:00
Ivo Timmermans
9a1103a7be Changed version number to 1.0pre3. 2000-06-25 15:42:40 +00:00
Ivo Timmermans
d8d2b83350 Changed version number to 1.0pre3. 2000-06-25 15:42:40 +00:00
Guus Sliepen
7648bc6065 Added CVS Id tags to header files. 2000-06-25 15:22:16 +00:00
Guus Sliepen
7f7e158aae Large cleanup:
- Removed hostname lookup (it blocks, and you can always do it yourself)
- Reorganized debug levels (after hints from Axel M�ller):
  0	Startup message and errors
  1	Connection logging
  2	Meta protocol information
  3	Verbose meta protocol (includes copy of transmitted requests)
  4	Packet information (logs transmission/errors of UDP packets)
  5	Verbose packet information (every single byte, not implemented yet
	to protect ourselves from filling up /var/log directories)
- Made log messages more consistent
2000-06-25 15:16:12 +00:00
Guus Sliepen
3c54a513b0 If we have "indirectdata" flag set, we only send data to our uplink. 2000-06-24 12:35:42 +00:00
Guus Sliepen
d8e2f7104c First step for implementation of the "indirectdata" directive. This should
allow _leaf_ tincds to be behind firewalls.
The protocol has changed and is INCOMPATIBLE with previous versions. The
PROT_CURRENT value has been incremented.
2000-06-23 19:27:03 +00:00
Ivo Timmermans
33c3a25a66 Configuration directive `IndirectData'. 2000-06-17 20:55:54 +00:00
Ivo Timmermans
1c8adb5e1f Merge changes from 1.6-1.8. 2000-06-17 20:30:44 +00:00
Guus Sliepen
0d167e1f5d Added another semicolon for bash2 compliance (thanks to Jamie Briggs) 2000-06-17 08:30:45 +00:00
Guus Sliepen
00f316810a Applied patch from Jamie Briggs for bash2 conformance. 2000-06-16 05:44:26 +00:00
Ivo Timmermans
ef294a6967 Include ../intl in the include path, and add @INTLLIBS@ to the list of libraries. 2000-06-06 10:24:33 +00:00
Ivo Timmermans
66e9806805 These files are created by gettextize (run by autogen.sh) (should have known that). 2000-06-04 12:14:31 +00:00
Ivo Timmermans
d1d4a524de Check for __gmpz_powm for libgmp3. 2000-06-04 11:50:46 +00:00
Ivo Timmermans
377c4df245 Don't touch VPNMASK if it's defined, otherwise use $MSK. 2000-06-03 23:32:03 +00:00
Guus Sliepen
9193aee815 Removed items in TODO list that are already implemented. Only two items
left.
2000-06-03 08:27:16 +00:00
Ivo Timmermans
5796d2f5b7 Alphabetized the list, added Lubom�r Bulej, removed Sander Smeenk and Tijs van Bakel, put merits after all names. 2000-06-02 17:30:33 +00:00
Guus Sliepen
18b3084d25 Debian init.d script automatically sets tap device's MTU to 1448 now. 2000-06-01 20:21:27 +00:00
Ivo Timmermans
77be52422d Miscellaneous copyright updates. 2000-05-31 18:23:06 +00:00
Ivo Timmermans
8cb4bb619d Handle locale settings. 2000-05-31 18:21:27 +00:00
Ivo Timmermans
f20df109a6 Version 1.0pre2-1. 2000-05-31 18:19:33 +00:00
Ivo Timmermans
4ae74c50b7 Updated Dutch translation. 2000-05-31 18:18:21 +00:00
Ivo Timmermans
7037286586 Tell about /etc/tinc/nets.boot. 2000-05-31 18:17:45 +00:00
Ivo Timmermans
65a9eedb05 Include news for 1.0pre2. 2000-05-31 18:17:27 +00:00
Ivo Timmermans
17fa07510a Only accept an ADD_HOST request for a host that already exists in our conn_list if the nexthop field matches the sender. This is a workaround for older clients. 2000-05-30 21:36:16 +00:00
Ivo Timmermans
e7f22d2f5f In terminate_connection, only send a notification to hosts that are directly connected to us. (DEL_HOST gets forwarded automatically.) 2000-05-30 12:38:15 +00:00
Ivo Timmermans
2fdda8e4fa When a connection is terminated, all hosts that are still connected get notified of the lost connections. 2000-05-30 12:31:41 +00:00
Ivo Timmermans
f826301889 Added new configuration directive `Hostnames', which controls the resolving of IP addresses to hostnames. 2000-05-30 11:18:12 +00:00
Guus Sliepen
a7ad161d2b Only activate a connection upon receiving it's public key if it's an
incoming connection. When it's outgoing, we need to receive an ack first.
2000-05-29 23:40:05 +00:00
Ivo Timmermans
5654e156a3 Updated changes list for version 1.0pre2. 2000-05-29 22:27:15 +00:00
Ivo Timmermans
a822c7466a Bounds check for request id (between 0 and 255). 2000-05-29 22:20:04 +00:00
Ivo Timmermans
0f2cf48d30 Dutch translation of tinc. 2000-05-29 22:15:38 +00:00
Ivo Timmermans
386a62ff57 Define LOCALEDIR in CFLAGS. 2000-05-29 21:40:51 +00:00
Ivo Timmermans
4cd009f774 Include GNU gettext checks. 2000-05-29 21:40:20 +00:00
Ivo Timmermans
5814939c9d Update acconfig.h to include values for gettext inclusion. 2000-05-29 21:38:02 +00:00
Ivo Timmermans
b200b0d812 Include system.h and ABOUT-NLS. 2000-05-29 21:36:28 +00:00
Ivo Timmermans
b9ea0633c7 Include intl/ directory in the list of subdirs. 2000-05-29 21:04:55 +00:00
Ivo Timmermans
9fd02ffcb0 Internationalization of tinc. 2000-05-29 21:01:26 +00:00
Guus Sliepen
61e71ab74a Terminate a connection on any error. Furthermore, disallow del_host,
add_host and other important requests until remote host has properly
authenticated itself.
2000-05-27 20:23:01 +00:00
Guus Sliepen
cc01b18bc6 Made tinc persistent. If no outgoing connection can be established right
after the start of the daemon, it won't quit anymore but will retry in 5
minutes. Also, 5 minutes is now the maximum time to wait for a retry.
2000-05-27 19:44:04 +00:00
Guus Sliepen
028659bfbf Fixed typos. When terminating a connection, it's status is not only set to
remove=1 but also active=0.
2000-05-27 19:23:20 +00:00
Guus Sliepen
e4ff969a98 Fix for a DoS attack:
A remote user could telnet to the tinc daemon and type only this line:
 61 6 00000000/00000000:28f
 This would deny any packets to be sent to other tinc networks (except
 for to the hosts that run tincd's themselves). Solution is to skip
 hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
 If a new connection is accepted but a connection with the same subnet
 would already exist in the connection list, the OLD connection is
 terminated.
2000-05-27 19:04:12 +00:00
Guus Sliepen
4d71de15e8 Documentation updates. Removed all references to configuration variable
"AllowConnect", since it is NOT used in tinc. Added information about
"VpnMask". Elaborated a bit about "private" and "virtual" networks.
2000-05-27 13:21:20 +00:00
Ivo Timmermans
85e3c1f271 Updated by Lubomir Bulej and Mads Kiilerich: it uses /etc/tinc/nets.boot and the VpnMask directive in the config files. 2000-05-26 11:25:59 +00:00
Ivo Timmermans
3a6ffe6895 Create an empty /etc/tinc/nets.boot. 2000-05-21 23:01:28 +00:00
Ivo Timmermans
b9a86ec70e Use /etc/tinc/example as a base directory for an example. /etc/tinc/example/README points to /usr/share/doc/tinc/README.Debian. 2000-05-21 22:40:41 +00:00
Ivo Timmermans
63847abdfd Add an example of using VpnMask. 2000-05-21 22:38:01 +00:00
Ivo Timmermans
2469acc090 When VpnMask is not present in the config file, silently use $MSK as vpnmask. 2000-05-21 22:27:31 +00:00
Guus Sliepen
73b3e7ce03 Fixed last typo. Init.d now uses ifconfig command to set both the tap's IP
address as well as the correct route. Furthermore, if no VpnMask is given,
a default of 255.255.0.0 is chosen and a warning issued.
2000-05-21 22:21:38 +00:00
Guus Sliepen
2ad4f1cc5b Typo. 2000-05-21 22:08:21 +00:00