oweals/tinc.git
13 years agoHandle UDP packets with unknown source addresses properly.
Guus Sliepen [Wed, 10 Aug 2011 15:04:17 +0000 (17:04 +0200)]
Handle UDP packets with unknown source addresses properly.

Probably due to a merge, the try_harder() function had duplicated the
rate-limiting code for detecting the sender node based on the HMAC of the
packet. This prevented this detection from running at all. The function is now
identical again to that in the 1.0 branch.

13 years agouse execvp() not execve() in tincctl start
Michael Tokarev [Sun, 7 Aug 2011 08:18:20 +0000 (12:18 +0400)]
use execvp() not execve() in tincctl start

sometimes argv[0] will have directory-less name (when the
command is started by shell searching in $PATH for example).
For tincctl start we want the same rules to run tincd as for
tincctl itself (having full path is better but if shell does
not provide one we've no other choice).  Previous code tried
to run ./tincd in this case, which is obviously wrong.

This is a fix for the previous commit.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
13 years agorun tincd from the same directory as tincctl and pass all options to it
Michael Tokarev [Sun, 7 Aug 2011 08:05:07 +0000 (12:05 +0400)]
run tincd from the same directory as tincctl and pass all options to it

For tincctl start, run tincd from dirname($0) not SBINDIR -
this allows painless alternative directory installation and
running from build directory too.

Also while at it, pass the rest of command line to tincd, not
only options before "start" argument.  This way it's possible
to pass options to tincd like this:
  tincctl -n net start -- -d 1 -R -U tincuser ...

And also add missing newline at the end of error message there.

Signed-Off-By: Michael Tokarev <mjt@tls.msk.ru>
13 years agodon't mention reload twice in tincctl help
Michael Tokarev [Sun, 7 Aug 2011 07:25:03 +0000 (11:25 +0400)]
don't mention reload twice in tincctl help

Signed-Off-By: Michael Tokarev <mjt@tls.msk.ru>
13 years agoStart of "Simple Peer-To-Peer Security" protocol.
Guus Sliepen [Sun, 24 Jul 2011 13:44:51 +0000 (15:44 +0200)]
Start of "Simple Peer-To-Peer Security" protocol.

Encryption and authentication of the meta connection is spread out over
meta.c and protocol_auth.c. The new protocol was added there as well,
leading to spaghetti code. To improve things, the new protocol will now
be implemented in sptps.[ch].

The goal is to have a very simplified version of TLS. There is a record
layer, and there are only two record types: application data and
handshake messages. The handshake message contains a random nonce, an
ephemeral ECDH public key, and an ECDSA signature over the former. After
the ECDH public keys are exchanged, a shared secret is calculated, and a
TLS style PRF is used to generate the key material for the cipher and
HMAC algorithm, and further communication is encrypted and authenticated.

A lot of the simplicity comes from the fact that both sides must have
each other's public keys in advance, and there are no options to choose.
There will be one fixed cipher suite, and both peers always authenticate
each other. (Inspiration taken from Ian Grigg's hypotheses[0].)
There might be some compromise in the future, to enable or disable
encryption, authentication and compression, but there will be no choice
of algorithms. This will allow SPTPS to be built with a few embedded
crypto algorithms instead of linking with huge crypto libraries.

The API is also kept simple. There is a start and a stop function. All
data necessary to make the connection work is passed in the start
function. Instead having both send- and receive-record functions, there
is a send-record function and a receive-data function. The latter will
pass protocol data received from the peer to the SPTPS implementation,
which will in turn call a receive-record callback function when
necessary. This hides all the handshaking from the application, and is
completely independent from any event loop or socket characteristics.

[0] http://iang.org/ssl/hn_hypotheses_in_secure_protocol_design.html

13 years agoDon't abort() on low-level crypto errors, just return false.
Guus Sliepen [Wed, 20 Jul 2011 06:19:18 +0000 (08:19 +0200)]
Don't abort() on low-level crypto errors, just return false.

The abort() calls were accidentily left in for debugging.

13 years agoFix tinc 1.0.x daemons connecting when ExperimentalProtocol = yes.
Guus Sliepen [Tue, 19 Jul 2011 19:11:11 +0000 (21:11 +0200)]
Fix tinc 1.0.x daemons connecting when ExperimentalProtocol = yes.

13 years agoReleasing 1.1pre2. release-1.1pre2
Guus Sliepen [Sun, 17 Jul 2011 18:09:08 +0000 (20:09 +0200)]
Releasing 1.1pre2.

13 years agoAdd missing newline.
Guus Sliepen [Sun, 17 Jul 2011 18:06:06 +0000 (20:06 +0200)]
Add missing newline.

13 years agoWrite loopback address instead of "any" address in pidfile.
Guus Sliepen [Sun, 17 Jul 2011 18:01:24 +0000 (20:01 +0200)]
Write loopback address instead of "any" address in pidfile.

13 years ago"tincctl stop" now removes the tinc service on Windows.
Guus Sliepen [Sun, 17 Jul 2011 17:23:52 +0000 (19:23 +0200)]
"tincctl stop" now removes the tinc service on Windows.

13 years agoFix declaration of usleep().
Guus Sliepen [Sun, 17 Jul 2011 16:02:56 +0000 (18:02 +0200)]
Fix declaration of usleep().

13 years agoEnsure symlinked files do not end up in the tarball.
Guus Sliepen [Sun, 17 Jul 2011 08:59:54 +0000 (10:59 +0200)]
Ensure symlinked files do not end up in the tarball.

13 years agoUse const pointer to source in base64 and hex routines.
Guus Sliepen [Sat, 16 Jul 2011 20:38:50 +0000 (22:38 +0200)]
Use const pointer to source in base64 and hex routines.

13 years agoUse usleep() instead of sleep(), MinGW complained.
Guus Sliepen [Sat, 16 Jul 2011 20:38:22 +0000 (22:38 +0200)]
Use usleep() instead of sleep(), MinGW complained.

13 years agoUpdate info manual.
Guus Sliepen [Sat, 16 Jul 2011 19:44:17 +0000 (21:44 +0200)]
Update info manual.

13 years agoUse ECDSA to sign ECDH key exchange for UDP session keys.
Guus Sliepen [Sat, 16 Jul 2011 18:21:44 +0000 (20:21 +0200)]
Use ECDSA to sign ECDH key exchange for UDP session keys.

The ECDSA public keys will also be included in the ANS_KEY requests,
but are only used when no ECDSA public key is known yet.

13 years agoUse the same logic as tinc 1.0.x for detecting two nodes with the same Name.
Guus Sliepen [Sat, 16 Jul 2011 13:21:37 +0000 (15:21 +0200)]
Use the same logic as tinc 1.0.x for detecting two nodes with the same Name.

13 years agoUse the correct direction flag when setting cipher keys.
Guus Sliepen [Sat, 16 Jul 2011 13:15:29 +0000 (15:15 +0200)]
Use the correct direction flag when setting cipher keys.

The flag was set incorrectly, but for most ciphers this does not have
any effect. AES in any of the block modes is picky about it though.

13 years agoFix compiler warnings.
Guus Sliepen [Wed, 13 Jul 2011 20:52:52 +0000 (22:52 +0200)]
Fix compiler warnings.

13 years agoRemove unnecessary variables and functions.
Guus Sliepen [Wed, 13 Jul 2011 20:29:30 +0000 (22:29 +0200)]
Remove unnecessary variables and functions.

13 years agoMake use of the improved hex and base64 functions.
Guus Sliepen [Tue, 12 Jul 2011 21:43:12 +0000 (23:43 +0200)]
Make use of the improved hex and base64 functions.

Also, use base64 for all EC related data, it is shorter and easy to
distinguish from the legacy protocol.

13 years agoMake hexadecimal and base64 routines behave the same.
Guus Sliepen [Tue, 12 Jul 2011 20:54:49 +0000 (22:54 +0200)]
Make hexadecimal and base64 routines behave the same.

The length parameter for the encoding functions is the length of the
binary input, and for the decoding functions it is the maximum size of
the binary output.

The return value is always the length of the resulting output, excluding
the terminating NULL character for the encoding routines.

All functions can encode and decode in-place. The encoding functions
will always write a terminating NULL character, and the decoding
functions will stop at a NULL character.

13 years agoDon't use wildcards in filenames in configure.in.
Guus Sliepen [Mon, 11 Jul 2011 20:14:06 +0000 (22:14 +0200)]
Don't use wildcards in filenames in configure.in.

13 years agoRequire ExperimentalProtocol = yes for new features, update documentation.
Guus Sliepen [Mon, 11 Jul 2011 19:54:01 +0000 (21:54 +0200)]
Require ExperimentalProtocol = yes for new features, update documentation.

13 years agoClose meta connection socket after cleaning up event structures.
Guus Sliepen [Sun, 10 Jul 2011 20:46:43 +0000 (22:46 +0200)]
Close meta connection socket after cleaning up event structures.

Epoll doesn't like it when an already closed filedescriptor is being
removed, so we defer closing the socket until after all else is cleaned
up.

13 years agoAutomatically exchange ECDSA keys and upgrade to new authentication protocol.
Guus Sliepen [Sun, 10 Jul 2011 20:34:17 +0000 (22:34 +0200)]
Automatically exchange ECDSA keys and upgrade to new authentication protocol.

If we don't have ECDSA keys for the node we connect to, set protocol_minor
to 1, to indicate this to the other end. This will first complete the
old way of authentication with RSA keys, and will then exchange ECDSA keys.
The connection will be terminated right afterwards, and the next attempt
will use ECDSA keys.

13 years agoFree ECDSA and RSA structures when freeing a connection_t.
Guus Sliepen [Sun, 10 Jul 2011 19:02:34 +0000 (21:02 +0200)]
Free ECDSA and RSA structures when freeing a connection_t.

13 years agoHash input before signing it with ECDSA.
Guus Sliepen [Fri, 8 Jul 2011 16:17:34 +0000 (18:17 +0200)]
Hash input before signing it with ECDSA.

13 years agoVery primitive ECDSA signed ECDH key exchange for the meta protocol.
Guus Sliepen [Thu, 7 Jul 2011 20:30:55 +0000 (22:30 +0200)]
Very primitive ECDSA signed ECDH key exchange for the meta protocol.

Nonces and hash of the ID requests should be included in the seed for the PRF.

13 years agoRead ECDSA keys.
Guus Sliepen [Thu, 7 Jul 2011 20:28:25 +0000 (22:28 +0200)]
Read ECDSA keys.

13 years agoImplement ECDSA sign and verify operations.
Guus Sliepen [Thu, 7 Jul 2011 20:27:17 +0000 (22:27 +0200)]
Implement ECDSA sign and verify operations.

Very basic at the moment, doesn't hash the input first,
and uses OpenSSL's DER encoded signature as output.

13 years agoBump minor protocol to indicate ECDH capability for UDP session keys.
Guus Sliepen [Tue, 5 Jul 2011 19:29:31 +0000 (21:29 +0200)]
Bump minor protocol to indicate ECDH capability for UDP session keys.

13 years agoAdd a minor number to the protocol version.
Guus Sliepen [Tue, 5 Jul 2011 19:19:48 +0000 (21:19 +0200)]
Add a minor number to the protocol version.

13 years agoRound up the size of the secret parts after splitting it in two.
Guus Sliepen [Mon, 4 Jul 2011 05:51:47 +0000 (07:51 +0200)]
Round up the size of the secret parts after splitting it in two.

13 years agoAdd ECDSA key import.
Guus Sliepen [Sun, 3 Jul 2011 21:44:43 +0000 (23:44 +0200)]
Add ECDSA key import.

13 years agoFinish base64 decoding routine.
Guus Sliepen [Sun, 3 Jul 2011 21:33:56 +0000 (23:33 +0200)]
Finish base64 decoding routine.

13 years agoHave tincctl generate ECDSA keys.
Guus Sliepen [Sun, 3 Jul 2011 20:25:29 +0000 (22:25 +0200)]
Have tincctl generate ECDSA keys.

The generate-keys command now generates both an RSA and an ECDSA keypair,
but one can generate-rsa-keys or generate-ecdsa-keys to just generate one type.

13 years agoAdd ECDSA key generation.
Guus Sliepen [Sun, 3 Jul 2011 20:15:00 +0000 (22:15 +0200)]
Add ECDSA key generation.

13 years agoBase64 encoding and decoding functions.
Guus Sliepen [Sun, 3 Jul 2011 20:13:58 +0000 (22:13 +0200)]
Base64 encoding and decoding functions.

13 years agoCleanups in ECDH code.
Guus Sliepen [Sun, 3 Jul 2011 20:13:34 +0000 (22:13 +0200)]
Cleanups in ECDH code.

13 years agoNo need to keep around pointers to EC_GROUP.
Guus Sliepen [Sun, 3 Jul 2011 19:21:37 +0000 (21:21 +0200)]
No need to keep around pointers to EC_GROUP.

13 years agoProper use of PRF.
Guus Sliepen [Sun, 3 Jul 2011 14:30:49 +0000 (16:30 +0200)]
Proper use of PRF.

13 years agoUse PRF.
Guus Sliepen [Sun, 3 Jul 2011 13:59:49 +0000 (15:59 +0200)]
Use PRF.

13 years agoAdd PRF to derive key material from the ECDH shared secret.
Guus Sliepen [Sun, 3 Jul 2011 13:26:58 +0000 (15:26 +0200)]
Add PRF to derive key material from the ECDH shared secret.

It is modelled after the pseudorandom function from RFC4346 (TLS 1.1), the only
significant change is the use of SHA512 and Whirlpool instead of MD5 and SHA1.

13 years agoSupport ECDH key exchange.
Guus Sliepen [Sun, 3 Jul 2011 11:17:28 +0000 (13:17 +0200)]
Support ECDH key exchange.

REQ_KEY requests have an extra field indicating key exchange version.
If it is present and > 0, the sender supports ECDH. If the receiver also
does, then it will generate a new keypair and sends the public key in a
ANS_KEY request with "ECDH:" prefixed. The ans_key_h() function will
compute the shared secret, which, at the moment,is used as is to set the
cipher and HMAC keys. However, this must be changed to use a proper KDF.
In the future, the ECDH key exchange must also be signed.

13 years agoPreliminary implementation of Elliptic Curve Diffie-Hellman Ephemeral key exchange.
Guus Sliepen [Mon, 27 Jun 2011 19:52:23 +0000 (21:52 +0200)]
Preliminary implementation of Elliptic Curve Diffie-Hellman Ephemeral key exchange.

13 years agoAdd manpage for tinc-gui.
Guus Sliepen [Sun, 26 Jun 2011 11:15:44 +0000 (13:15 +0200)]
Add manpage for tinc-gui.

13 years agoRemove debug messages that were printed to stdout.
Guus Sliepen [Sun, 26 Jun 2011 11:14:48 +0000 (13:14 +0200)]
Remove debug messages that were printed to stdout.

13 years agoUpdate documentation to mention pidfiles instead of controlcookies.
Guus Sliepen [Sun, 26 Jun 2011 10:59:11 +0000 (12:59 +0200)]
Update documentation to mention pidfiles instead of controlcookies.

13 years agoDon't react to escape character in tincctl top.
Guus Sliepen [Sun, 26 Jun 2011 10:58:50 +0000 (12:58 +0200)]
Don't react to escape character in tincctl top.

Not only the ESC key generates an escape character, but many other keys
do as well, such as arrow keys.

13 years agoUse pidfile in tinc-gui as well.
Guus Sliepen [Sun, 26 Jun 2011 10:51:25 +0000 (12:51 +0200)]
Use pidfile in tinc-gui as well.

13 years agoReally stable sorting of tincctl top output.
Guus Sliepen [Sat, 25 Jun 2011 20:20:39 +0000 (22:20 +0200)]
Really stable sorting of tincctl top output.

13 years agoAdd +git to the version string.
Guus Sliepen [Sat, 25 Jun 2011 19:38:59 +0000 (21:38 +0200)]
Add +git to the version string.

13 years agoMake pid files backwards compatible and add address of listening socket.
Guus Sliepen [Sat, 25 Jun 2011 19:35:27 +0000 (21:35 +0200)]
Make pid files backwards compatible and add address of listening socket.

The pid is now written first, so that a version 1.0.x tincd can be used to stop
a running version 1.1 tincd.  Getsockname() is used to determine the address of
the first listening socket, so that tincctl can connect to the local tincd even
if AddressFamily = ipv6, or if BindToAddress or BindToInterface is used.

13 years agoRename controlcookie file to pidfile.
Guus Sliepen [Sat, 25 Jun 2011 19:21:36 +0000 (21:21 +0200)]
Rename controlcookie file to pidfile.

13 years agoDon't call exit_control() if we didn't do init_control().
Guus Sliepen [Sat, 25 Jun 2011 19:16:13 +0000 (21:16 +0200)]
Don't call exit_control() if we didn't do init_control().

13 years agoRe-add support for SIGALRM.
Guus Sliepen [Sat, 25 Jun 2011 18:20:07 +0000 (20:20 +0200)]
Re-add support for SIGALRM.

13 years agoMerge Tinc.py into tinc-gui to simplify make install.
Guus Sliepen [Sat, 25 Jun 2011 15:39:02 +0000 (17:39 +0200)]
Merge Tinc.py into tinc-gui to simplify make install.

Autoconf/automake's Python support is strange.

13 years agoThank Scott Lamb, Sven-Haegar Koch and Loïc Grenié in the NEWS file.
Guus Sliepen [Sat, 25 Jun 2011 15:11:05 +0000 (17:11 +0200)]
Thank Scott Lamb, Sven-Haegar Koch and Loïc Grenié in the NEWS file.

13 years agoEnsure the right files end up in the tarball after make dist.
Guus Sliepen [Sat, 25 Jun 2011 15:08:40 +0000 (17:08 +0200)]
Ensure the right files end up in the tarball after make dist.

13 years agoReleasing 1.1pre1. release-1.1pre1
Guus Sliepen [Sat, 25 Jun 2011 13:28:54 +0000 (15:28 +0200)]
Releasing 1.1pre1.

13 years agoEnsure that the texinfo manual can be converted to HTML.
Guus Sliepen [Sat, 25 Jun 2011 13:28:13 +0000 (15:28 +0200)]
Ensure that the texinfo manual can be converted to HTML.

Somehow commit 2c30af6c90926340a89748c63cc453b1c0b5a589 was not properly
merged.

13 years agoUpdate manpages and info manual.
Guus Sliepen [Sat, 25 Jun 2011 12:52:47 +0000 (14:52 +0200)]
Update manpages and info manual.

13 years agoAdd Makefile.am in gui/.
Guus Sliepen [Fri, 24 Jun 2011 22:32:45 +0000 (00:32 +0200)]
Add Makefile.am in gui/.

This ensures the gui source will be included in the tarball with make dist,
and will be installed with make install.

13 years agoDon't use AM_CONDITIONAL for CURSES.
Guus Sliepen [Fri, 24 Jun 2011 22:06:06 +0000 (00:06 +0200)]
Don't use AM_CONDITIONAL for CURSES.

For some reason, this doesn't work when cross-compiling for Windows.

13 years agoDon't call event_del() from the mtuevent handler, always send_mtu_probe() in ans_key_h().
Guus Sliepen [Fri, 24 Jun 2011 20:49:18 +0000 (22:49 +0200)]
Don't call event_del() from the mtuevent handler, always send_mtu_probe() in ans_key_h().

13 years agoDelete mtuevent if it is not used.
Guus Sliepen [Fri, 24 Jun 2011 20:10:03 +0000 (22:10 +0200)]
Delete mtuevent if it is not used.

Keeping it around prevents ans_key_h() from restarting PMTU discovery.

13 years agoMerge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Guus Sliepen [Fri, 24 Jun 2011 19:40:55 +0000 (21:40 +0200)]
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1

Conflicts:
NEWS
README
configure.in
src/Makefile.am

13 years agoReleasing 1.0.15. release-1.0.15
Guus Sliepen [Fri, 24 Jun 2011 12:50:20 +0000 (14:50 +0200)]
Releasing 1.0.15.

13 years agoRemove redundant @CFLAGS@ from AM_CFLAGS.
Guus Sliepen [Fri, 24 Jun 2011 10:27:04 +0000 (12:27 +0200)]
Remove redundant @CFLAGS@ from AM_CFLAGS.

13 years agoNo need to check for pselect() in tinc 1.1.
Guus Sliepen [Tue, 21 Jun 2011 21:08:05 +0000 (23:08 +0200)]
No need to check for pselect() in tinc 1.1.

13 years agoOnly log UDP address changes at the appropriate debug levels.
Guus Sliepen [Tue, 21 Jun 2011 21:06:53 +0000 (23:06 +0200)]
Only log UDP address changes at the appropriate debug levels.

13 years agoReopen log file after SIGHUP.
Guus Sliepen [Mon, 6 Jun 2011 19:19:30 +0000 (21:19 +0200)]
Reopen log file after SIGHUP.

This was missed by the previous merge.

13 years agoMerge branch 'master' of git://tinc-vpn.org/tinc into 1.1
Guus Sliepen [Mon, 6 Jun 2011 18:42:15 +0000 (20:42 +0200)]
Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1

Conflicts:
NEWS
configure.in
doc/tincd.8.in
lib/pidfile.c
lib/pidfile.h
lib/xalloc.h
lib/xmalloc.c
src/conf.c
src/conf.h
src/connection.c
src/connection.h
src/event.c
src/graph.c
src/graph.h
src/net.c
src/net.h
src/node.h
src/openssl/crypto.c
src/process.c
src/protocol.c
src/protocol_key.c
src/route.c

13 years agoClean up digests when freeing a connection_t.
Guus Sliepen [Mon, 6 Jun 2011 18:12:33 +0000 (20:12 +0200)]
Clean up digests when freeing a connection_t.

13 years agoImproved --logfile option.
Guus Sliepen [Mon, 6 Jun 2011 14:26:11 +0000 (16:26 +0200)]
Improved --logfile option.

Instead of UNIX time, the log messages now start with the time in RFC3339
format, which human-readable and still easy for the computer to parse and sort.
The HUP signal will also cause the log file to be closed and reopened, which is
useful when log rotation is used. If there is an error while opening the log
file, this is logged to stderr.

13 years agoAttribution for Loïc Grenié.
Guus Sliepen [Sat, 4 Jun 2011 09:27:54 +0000 (11:27 +0200)]
Attribution for Loïc Grenié.

13 years agoNearly tickless tinc.
Loïc Grenié [Sat, 4 Jun 2011 07:05:23 +0000 (09:05 +0200)]
Nearly tickless tinc.

Use pselect instead of select in main_loop (if available). This lets
tincd sleeps as long as there is nothing to do.

13 years agoDon't ignore SIGCHLD, system() needs it.
Guus Sliepen [Fri, 3 Jun 2011 13:50:20 +0000 (15:50 +0200)]
Don't ignore SIGCHLD, system() needs it.

But we do ignore SIGPIPE, and tinc 1.0.x signals that are no longer used
(SIGUSR1 and SIGUSR2), since the default handler of these signals is to
terminate tincd immediately.

13 years agoFix format strings for Windows.
Guus Sliepen [Thu, 2 Jun 2011 22:46:56 +0000 (00:46 +0200)]
Fix format strings for Windows.

Windows doesn't like %zd, so cast (s)size_t to int. Also, some shorts were
incorrectly printed with %d instead of %hd.

13 years agoUse send() when writing to sockets, and the return type is ssize_t.
Guus Sliepen [Thu, 2 Jun 2011 22:34:30 +0000 (00:34 +0200)]
Use send() when writing to sockets, and the return type is ssize_t.

13 years agoSmall fixes for Windows.
Guus Sliepen [Thu, 2 Jun 2011 21:40:27 +0000 (23:40 +0200)]
Small fixes for Windows.

13 years agoEven simpler signal handling.
Guus Sliepen [Thu, 2 Jun 2011 20:14:53 +0000 (22:14 +0200)]
Even simpler signal handling.

13 years agoRemove debugging message that was accidentily left in.
Guus Sliepen [Thu, 2 Jun 2011 19:29:11 +0000 (21:29 +0200)]
Remove debugging message that was accidentily left in.

13 years agoDon't treat packets coming in via TCP as having zero length.
Guus Sliepen [Thu, 2 Jun 2011 19:16:57 +0000 (21:16 +0200)]
Don't treat packets coming in via TCP as having zero length.

13 years agoFix nodes joining the VPN after tincctl top started.
Guus Sliepen [Thu, 2 Jun 2011 19:14:50 +0000 (21:14 +0200)]
Fix nodes joining the VPN after tincctl top started.

13 years agoMake traffic statistics more readable with configurable scaling.
Guus Sliepen [Thu, 2 Jun 2011 18:48:18 +0000 (20:48 +0200)]
Make traffic statistics more readable with configurable scaling.

13 years agoMore stable sorting in tincctl top.
Guus Sliepen [Thu, 2 Jun 2011 18:27:16 +0000 (20:27 +0200)]
More stable sorting in tincctl top.

Although we use qsort(), which is not guaranteed to be stable, resorting the
previously sorted array is more stable than recreating and resorting the array
each time.

13 years agoFix some compiler and cppcheck warnings.
Guus Sliepen [Thu, 2 Jun 2011 16:22:26 +0000 (18:22 +0200)]
Fix some compiler and cppcheck warnings.

13 years agoRemove support for the Ethertap device.
Guus Sliepen [Thu, 2 Jun 2011 16:07:50 +0000 (18:07 +0200)]
Remove support for the Ethertap device.

13 years agoRemove unused functions and variables.
Guus Sliepen [Thu, 2 Jun 2011 15:57:53 +0000 (17:57 +0200)]
Remove unused functions and variables.

13 years agoDon't #include <alloca.h> anymore.
Guus Sliepen [Thu, 2 Jun 2011 15:55:29 +0000 (17:55 +0200)]
Don't #include <alloca.h> anymore.

13 years agoDrop the GNU memcmp.c implementation.
Guus Sliepen [Thu, 2 Jun 2011 15:53:35 +0000 (17:53 +0200)]
Drop the GNU memcmp.c implementation.

13 years agoDrop the GNU malloc.c, realloc.c, and xmalloc.c.
Guus Sliepen [Thu, 2 Jun 2011 15:45:06 +0000 (17:45 +0200)]
Drop the GNU malloc.c, realloc.c, and xmalloc.c.

We live in the 21st century, and we require C99 semantics, so we do not need to
work around buggy libcs. The xmalloc() and related functions are now static
inline functions.

13 years agoSimplify signal handling.
Guus Sliepen [Thu, 2 Jun 2011 15:14:30 +0000 (17:14 +0200)]
Simplify signal handling.

We don't override any signal handlers anymore except those for SIGPIPE and
SIGCHLD. Fatal signals (SIGSEGV, SIGBUS etc.) will terminate tincd and
optionally dump core.  The previous behaviour was to terminate gracefully and
try to restart, but that usually failed and made any core dump useless.

13 years agoRemove outgoing event in free_connection().
Guus Sliepen [Sun, 29 May 2011 20:34:19 +0000 (22:34 +0200)]
Remove outgoing event in free_connection().

13 years agoInitialise priority field to zero for packets read from the VPN interface.
Guus Sliepen [Sun, 29 May 2011 20:14:35 +0000 (22:14 +0200)]
Initialise priority field to zero for packets read from the VPN interface.

13 years agoCosmetic fix when pressing 's' in tincctl top.
Guus Sliepen [Sun, 29 May 2011 20:12:37 +0000 (22:12 +0200)]
Cosmetic fix when pressing 's' in tincctl top.

13 years agoShow hostname and port in error message when connecting to a running tincd.
Guus Sliepen [Sun, 29 May 2011 20:10:54 +0000 (22:10 +0200)]
Show hostname and port in error message when connecting to a running tincd.