Guus Sliepen [Sun, 30 Oct 2016 14:19:12 +0000 (15:19 +0100)]
Enforce maximum amount of bytes sent/received on meta-connections.
This is 2^{block_length_in_bits / 2 - 1}.
Guus Sliepen [Sun, 30 Oct 2016 14:17:52 +0000 (15:17 +0100)]
Use AES256 and SHA256 by default for the legacy protocol.
At the start of the decade, there were still distributions that shipped
with versions of OpenSSL that did not support these algorithms. By now
everyone should support them. The old defaults were Blowfish and SHA1,
both of which are not considered secure anymore.
The meta-protocol now always uses AES in CFB mode, but the key length
will adapt to the one specified by the Cipher option. The digest for the
meta-protocol is hardcoded to SHA256.
Dennis Lan [Wed, 12 Oct 2016 11:35:39 +0000 (13:35 +0200)]
Fix typo in src/upnp.c.
Vittorio G (VittGam) [Tue, 11 Oct 2016 18:30:41 +0000 (20:30 +0200)]
tincctl: Avoid falling back to 1024 bits RSA key generation when an invalid key size is specified.
Also warn the user if a key smaller than 2048 bits is being generated.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Vittorio G (VittGam) [Tue, 11 Oct 2016 11:30:05 +0000 (13:30 +0200)]
fsck: Fix
ed25519 public key reading, and fclose usage.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Guus Sliepen [Tue, 26 Jul 2016 14:47:45 +0000 (16:47 +0200)]
Log warnings about dropped packets only with debug level 5 or higher.
Etienne Dechamps [Thu, 14 Jul 2016 18:15:35 +0000 (19:15 +0100)]
Fix error handling when setting up the UDP socket.
Due to this typo, if tinc managed to set up the TCP socket but not the
UDP socket, it would continue anyway.
The regression was introduced in
6bc5d626a8726fc23365ee705761a3c666a08ad4.
Guus Sliepen [Fri, 24 Jun 2016 09:22:24 +0000 (11:22 +0200)]
Fix compiling with OpenSSL < 1.1.0.
Guus Sliepen [Fri, 24 Jun 2016 09:22:11 +0000 (11:22 +0200)]
Add missing m4 files.
ax_cflags_warn_all.m4 depends on them.
Guus Sliepen [Thu, 23 Jun 2016 13:59:43 +0000 (15:59 +0200)]
Fix potential memory leaks found by the Clang static analyzer.
Guus Sliepen [Thu, 23 Jun 2016 13:59:16 +0000 (15:59 +0200)]
Fix warnings from the Clang static analyzer.
These are all false positives or harmless dead stores.
Guus Sliepen [Thu, 23 Jun 2016 13:26:58 +0000 (15:26 +0200)]
Force nul-termination of strings after vsnprintf().
Apparently, on Windows this function might not always be properly
terminated.
Guus Sliepen [Wed, 22 Jun 2016 21:08:30 +0000 (23:08 +0200)]
Use EVP_MD_CTX_destroy() instead of _free().
Thanks to azrdev for pointing out the build failure on Fedora 23.
Guus Sliepen [Wed, 22 Jun 2016 15:42:25 +0000 (17:42 +0200)]
Check return value of RSA_generate_key_ex().
Guus Sliepen [Wed, 22 Jun 2016 15:35:12 +0000 (17:35 +0200)]
Add -Wall to CFLAGS.
Guus Sliepen [Wed, 22 Jun 2016 14:32:05 +0000 (16:32 +0200)]
Ensure compatibility with OpenSSL 1.1.0.
Guus Sliepen [Sun, 5 Jun 2016 13:20:57 +0000 (15:20 +0200)]
Fix the previous commit.
Guus Sliepen [Sun, 5 Jun 2016 12:47:21 +0000 (14:47 +0200)]
Preserve IPv6 scope_id in edges.
When creating an edge after authenticating a peer, we copy the
address used for the TCP connection, but change the port to that used
for UDP. But the way we did it discarded the scope_id for IPv6
addresses. This prevented UDP communication from working correctly when
connecting to a peer on the same LAN using an IPv6 link-local address.
Thanks to Rafał Leśniak for pointing out this issue.
Sean McVeigh [Sat, 21 May 2016 21:38:14 +0000 (17:38 -0400)]
fix check in cmd_pid() for failure to connect to tincd
Sean McVeigh [Sat, 21 May 2016 21:25:18 +0000 (17:25 -0400)]
check for daemon pid existence before trying to connect to the control socket, and clean up stale files otherwise.
lemoer [Thu, 19 May 2016 15:24:31 +0000 (17:24 +0200)]
Added comments and unfold deep "if"-construct in timeout_handler
thorkill [Thu, 19 May 2016 13:48:15 +0000 (15:48 +0200)]
Prevent tincd from sending packets to unexpecting nodes
Make tincd recognize when it was asleep and close connections to it's
peers. This happens when e.g. RoadWarrior has been suspended for
"longer" time period. After resume, it will start to communicate
with it's peers using the contextes it had before suspend.
On the other side, the nodes closed the connections since PingTimeout
and/or TCP connection went down.
Sending data to such unaware (sptps mostly) nodes will cause
havoc in the logs. Misleading the developers to wrong assumptions
that something is wrong with sptps.
# Conflicts:
# src/net.c
thorkill [Wed, 11 May 2016 17:27:05 +0000 (19:27 +0200)]
Send PKT_PROBE only when handshake has been done already.
Guus Sliepen [Sun, 1 May 2016 18:35:26 +0000 (20:35 +0200)]
Releasing 1.1pre14.
Guus Sliepen [Sun, 1 May 2016 10:07:44 +0000 (12:07 +0200)]
Revert "Remove tinc.service, it is not necessary."
This reverts commit
0b6f84f96eeed20a0d771fedb72c0e19941adb7e. Although
systemd does automatically provide a "tinc.slice" when there is only a
tinc@.service template, it doesn't quite work the same way as
tinc.service.
Guus Sliepen [Sat, 30 Apr 2016 18:55:12 +0000 (20:55 +0200)]
Releasing 1.1pre13.
Guus Sliepen [Sat, 30 Apr 2016 18:05:22 +0000 (20:05 +0200)]
AutoConnect now only chooses from nodes for which we know an address.
Based partially on work from Rafał Leśniak.
Guus Sliepen [Sat, 30 Apr 2016 16:08:31 +0000 (18:08 +0200)]
Remove tinc.service, it is not necessary.
Thanks to Alexander Ried for pointing out that if you have
tinc@.service template, systemd will provide a default slice containing
all instances of that template. So "systemctl start tinc" will still do
what we want it to do.
Guus Sliepen [Wed, 27 Apr 2016 18:30:36 +0000 (20:30 +0200)]
Fix BSD tun device support.
This was broken by a botched merge from the master branch in commit
d7f6737.
Guus Sliepen [Sun, 24 Apr 2016 11:23:06 +0000 (13:23 +0200)]
Releasing 1.1pre12.
Guus Sliepen [Sat, 23 Apr 2016 19:39:53 +0000 (21:39 +0200)]
Don't check file permissions on Windows during fsck.
Guus Sliepen [Sat, 23 Apr 2016 19:32:42 +0000 (21:32 +0200)]
Fix starting tinc as a service on Windows.
Don't assume tincd.exe is in the working directory, especially now that
chdir() is called very early. We use GetModuleFileName() instead.
Guus Sliepen [Sat, 23 Apr 2016 19:32:29 +0000 (21:32 +0200)]
Fix a compiler warning on Windows.
Guus Sliepen [Sat, 23 Apr 2016 15:28:30 +0000 (17:28 +0200)]
Fix possible read of freed memory when verifying the signature of a file.
Guus Sliepen [Sat, 23 Apr 2016 15:20:08 +0000 (17:20 +0200)]
Have "tinc fsck" recognize Ed25519PublicKey statements.
Guus Sliepen [Sat, 23 Apr 2016 14:05:41 +0000 (16:05 +0200)]
Move documentation of invitations to the manual.
Guus Sliepen [Sun, 17 Apr 2016 16:11:04 +0000 (18:11 +0200)]
Fix the "network" command in tinc shell.
Guus Sliepen [Sun, 17 Apr 2016 15:06:11 +0000 (17:06 +0200)]
Speed up AutoConnect at startup.
Call periodic_handler() immediately at startup. Also, don't try to
connect to ourself.
Guus Sliepen [Sun, 17 Apr 2016 14:23:31 +0000 (16:23 +0200)]
Don't call terminate_connection(myself->connection).
It doesn't do anything except give a confusing error message that we are
closing the connection to ourself. Replace it with connection_del().
This also fixes a double free.
Guus Sliepen [Sun, 17 Apr 2016 14:01:49 +0000 (16:01 +0200)]
Handle special characters in sptps_test only if the --special option is given.
sptps_test treats lines starting with #, ^ and $ specially, in order to
test the SPTPS protocol. However, this should only be done if explicitly
requested, otherwise it can unexpectedly fail.
Guus Sliepen [Sun, 17 Apr 2016 12:38:37 +0000 (14:38 +0200)]
Add stricter checks for netnames.
When passing a NetName via an invitation, we don't allow any characters
that are unsafe (either because they could cause shells to expand things,
or because they are not allowed on some filesystems).
Also, warn when tinc is started with unsafe netnames.
Guus Sliepen [Sun, 17 Apr 2016 12:36:29 +0000 (14:36 +0200)]
Use ifconfig_header().
Guus Sliepen [Sun, 17 Apr 2016 12:04:57 +0000 (14:04 +0200)]
Chdir() to the configuration directory instead of /.
Guus Sliepen [Sun, 17 Apr 2016 11:56:37 +0000 (13:56 +0200)]
Add a test for tinc-up creation from invitations.
Guus Sliepen [Sun, 17 Apr 2016 11:55:36 +0000 (13:55 +0200)]
Fix compiler warnings.
Guus Sliepen [Sun, 17 Apr 2016 11:55:18 +0000 (13:55 +0200)]
Fix gateway parsing in invitation files.
Guus Sliepen [Sun, 17 Apr 2016 11:23:01 +0000 (13:23 +0200)]
Allow gateways to be specified for routes.
Also improve the variable names, and ensure the % symbols in
%INTERFACE% are properly quoted.
Guus Sliepen [Sat, 16 Apr 2016 23:13:56 +0000 (01:13 +0200)]
Move some stray #includes.
Guus Sliepen [Sat, 16 Apr 2016 23:13:27 +0000 (01:13 +0200)]
Generate a tinc-up script from an invitation.
This adds the ability for an invitation to provision an invitee with a
tinc-up script. This is quite strictly controlled; only address configuration
and routes are supported by adding "Ifconfig" and "Route" statements to
the invitation file. The "tinc join" command will generate a tinc-up script
from those statements, and will ask before enabling the tinc-up script.
Guus Sliepen [Sat, 16 Apr 2016 20:06:47 +0000 (22:06 +0200)]
Document how invitation files work.
This should eventually be merged in to tinc.texi.
Guus Sliepen [Fri, 15 Apr 2016 14:56:56 +0000 (16:56 +0200)]
Stop using SOL_TCP, SOL_IP and SOL_IPV6.
Instead, use IPPROTO_TCP, _IP and _IPv6. This fixes an issue on OS X where
it didn't create an UDP socket that listened on IPv4.
Guus Sliepen [Fri, 15 Apr 2016 14:30:45 +0000 (16:30 +0200)]
Fix crash at startup when Device is not specified on OS X.
Guus Sliepen [Fri, 15 Apr 2016 12:27:52 +0000 (14:27 +0200)]
Fix conditional checking of tun/tap headers on DragonFly BSD.
Guus Sliepen [Fri, 15 Apr 2016 10:42:30 +0000 (12:42 +0200)]
Fix some compiler warnings from MinGW.
Guus Sliepen [Fri, 15 Apr 2016 10:30:01 +0000 (12:30 +0200)]
Fix generation of version_git.h for some versions of BSD make.
In order to support VPATH builds, we have to use ${srcdir}/version.c as
the target for the rule that depends on the generation of version_git.h.
When not doing a VPATH build, ${srcdir} expands to ".", so the target
will be "./version.c". However, on some BSDs, make does not understand
that "./version.c" is the same as "version.c", and therefore it doesn't
trigger generating version_git.h when trying to build version.o. (It
works fine if you do a VPATH build, and OpenBSD's make does the right
thing in all cases.)
The trick is to have version.c depend on ${srcdir}/version.c. Of course,
Linux's make knows this is nonsense and will complain about a circular
dependency, so add this rule only on BSD platforms.
Guus Sliepen [Fri, 15 Apr 2016 10:29:31 +0000 (12:29 +0200)]
Fix a non-working cast to get rid of a compiler warning.
Guus Sliepen [Fri, 15 Apr 2016 09:38:56 +0000 (11:38 +0200)]
Don't use HAVE_SYSTEM, the autoconf check was removed.
Guus Sliepen [Fri, 15 Apr 2016 09:25:18 +0000 (11:25 +0200)]
Remove use of strcpy() and sprintf().
Even though they were safe, compilers like to warn about them nowadays.
Guus Sliepen [Fri, 15 Apr 2016 09:10:50 +0000 (11:10 +0200)]
Don't assume sa.sa_family is a short int.
Because FreeBSD's compiler complained about it.
Guus Sliepen [Fri, 15 Apr 2016 09:00:14 +0000 (11:00 +0200)]
Add version_git.h and sample-config.tar.gz to CLEANFILES.
Guus Sliepen [Thu, 14 Apr 2016 21:51:18 +0000 (23:51 +0200)]
Make some platform-specific header checks conditional.
Don't check for linux/if_tun.h on BSD platforms for example.
Guus Sliepen [Thu, 14 Apr 2016 21:24:22 +0000 (23:24 +0200)]
Remove support for Windows 2000 and anything that doesn't support getaddrinfo().
Guus Sliepen [Thu, 14 Apr 2016 21:10:59 +0000 (23:10 +0200)]
Remove checks for non-C99 compliant compilers.
Guus Sliepen [Thu, 14 Apr 2016 21:01:18 +0000 (23:01 +0200)]
Fix version_get.h generation on BSD.
It doesn't like .PHONY rules that are actually doing stuff. So make a really
phony rule that does nothing and depend in it in the version_git.h rule.
Guus Sliepen [Thu, 14 Apr 2016 20:59:42 +0000 (22:59 +0200)]
Fix typo in Makefile.am.
Guus Sliepen [Thu, 14 Apr 2016 15:29:25 +0000 (17:29 +0200)]
Use getcwd() instead of get_current_dir_name().
Guus Sliepen [Thu, 14 Apr 2016 15:20:36 +0000 (17:20 +0200)]
Replace usleep() with nanosleep().
Guus Sliepen [Thu, 14 Apr 2016 15:05:10 +0000 (17:05 +0200)]
Fix compiling under MinGW.
Guus Sliepen [Thu, 14 Apr 2016 15:03:01 +0000 (17:03 +0200)]
Remove checks for headers and functions that are in C99.
Guus Sliepen [Wed, 13 Apr 2016 13:34:16 +0000 (15:34 +0200)]
Make text files Markdown-compatible.
Guus Sliepen [Mon, 11 Apr 2016 13:28:26 +0000 (15:28 +0200)]
Update .gitignore.
Guus Sliepen [Mon, 11 Apr 2016 13:27:08 +0000 (15:27 +0200)]
Remove elliptic curve stubs from gcrypt/, add PRF implementation.
Guus Sliepen [Fri, 8 Apr 2016 15:49:49 +0000 (17:49 +0200)]
Really don't compile getopt*.c if the system provides getopt_long().
Guus Sliepen [Sat, 9 Apr 2016 20:17:47 +0000 (22:17 +0200)]
Enable silent builds by default.
Cleaner build messages make it easier to spot compiler warnings and errors.
Use make V=1 to get the verbose output back.
# Conflicts:
# configure.ac
# doc/Makefile.am
Guus Sliepen [Sun, 10 Apr 2016 13:04:59 +0000 (15:04 +0200)]
Update links in the documentation.
# Conflicts:
# doc/tinc.conf.5.in
# doc/tinc.texi
# src/avl_tree.c
# src/avl_tree.h
Guus Sliepen [Sun, 10 Apr 2016 12:47:21 +0000 (14:47 +0200)]
Explicitly mention that LibreSSL can be used as well.
# Conflicts:
# doc/tinc.texi
# m4/openssl.m4
Guus Sliepen [Mon, 11 Apr 2016 12:49:51 +0000 (14:49 +0200)]
Update support for BSD tun/tap devices, add support for OS X utun interfaces.
Guus Sliepen [Sun, 1 Nov 2015 20:07:56 +0000 (21:07 +0100)]
Update "now" after connect() when making outgoing connections.
It could be that address resolution takes a long time, don't let that
count against a connection. This is especially important when using a
nameserver from the VPN.
# Conflicts:
# src/net_socket.c
Guus Sliepen [Sun, 3 May 2015 18:06:12 +0000 (20:06 +0200)]
Never call putenv() with data on the stack.
Even though we are using putenv() here to remove items from the
environment, there is no guarantee that putenv() doesn't add the
argument to the environment anyway. In that case, we have to make sure
that it doesn't go away. We also don't want a memory leak, so keep a
list of things we unputenv()ed around, so we can reuse things.
Thanks to Poul-Henning Kamp for pointing out this problem.
# Conflicts:
# src/process.c
Guus Sliepen [Tue, 14 Apr 2015 09:20:24 +0000 (11:20 +0200)]
Fix --logfile without a filename on Windows.
On Windows, the log filename now defaults to "tinc.log" in the same
directory as tinc.conf.
# Conflicts:
# src/tincd.c
Guus Sliepen [Sun, 10 Apr 2016 15:22:41 +0000 (17:22 +0200)]
Support ToS/DiffServ for IPv6 meta and UDP connections.
Also remember ToS/DiffServ priority for each socket individually. This
is a port of commits
c72e237 and
042a6c1.
Guus Sliepen [Fri, 8 Apr 2016 16:09:30 +0000 (18:09 +0200)]
Use iface instead of interface.
This was accidentally added in commit
2f03a5d.
Guus Sliepen [Sun, 10 Apr 2016 15:01:04 +0000 (17:01 +0200)]
Update THANKS.
Guus Sliepen [Sun, 10 Apr 2016 14:51:03 +0000 (16:51 +0200)]
Update .gitignore.
Guus Sliepen [Fri, 8 Apr 2016 15:49:49 +0000 (17:49 +0200)]
Don't compile getopt*.c if the system provides getopt_long().
# Conflicts:
# configure.ac
# src/Makefile.am
# src/tincd.c
Guus Sliepen [Sun, 10 Apr 2016 14:38:45 +0000 (16:38 +0200)]
Fix typo.
Found by LunarShaddow.
LunarShaddow [Mon, 7 Mar 2016 07:43:04 +0000 (15:43 +0800)]
re-arrange include sequence to avoid a mingw introduced bug.
refers: https://www.cygwin.com/ml/cygwin/2012-12/msg00194.html
# Conflicts:
# src/cygwin/device.c
LunarShaddow [Mon, 7 Mar 2016 07:42:34 +0000 (15:42 +0800)]
fix typo
Guus Sliepen [Sun, 28 Feb 2016 15:38:49 +0000 (16:38 +0100)]
Fix for botched cherry-pick commit
60fb230.
Guus Sliepen [Sat, 27 Feb 2016 13:46:01 +0000 (14:46 +0100)]
Add warnings for bad combinations of Device and Interface.
On Linux, the name of the tun/tap interface can be set freely. However,
on most other operating systems, tinc cannot change the name of the
interface. In those situations, it is possible to specify a Device and
an Interface that conflict with each other. On BSD, this can cause
$INTERFACE to be set incorrectly, on Windows, this results in a
potentially unreliable way in which a TAP-Win32 interface is selected.
# Conflicts:
# src/bsd/device.c
Guus Sliepen [Sat, 27 Feb 2016 13:22:36 +0000 (14:22 +0100)]
Small fixes for the documentation.
# Conflicts:
# doc/tinc.texi
Guus Sliepen [Sat, 27 Feb 2016 13:21:53 +0000 (14:21 +0100)]
Clarify that scripts are called synchronously.
# Conflicts:
# doc/tinc.conf.5.in
# doc/tinc.texi
Guus Sliepen [Sun, 28 Feb 2016 15:28:28 +0000 (16:28 +0100)]
Fix forwarding of edge updates.
Commit
e4670fc accidentily prevented ADD_EDGE messages from propagating
in some cases.
Guus Sliepen [Sat, 27 Feb 2016 13:18:20 +0000 (14:18 +0100)]
Improve performance of edge updates.
Vittorio Gambaletta (VittGam) [Fri, 25 Sep 2015 14:51:51 +0000 (16:51 +0200)]
Remove forward declaration for do_decrement_ttl.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
# Conflicts:
# src/route.c
Vittorio Gambaletta (VittGam) [Fri, 25 Sep 2015 13:35:28 +0000 (15:35 +0200)]
s/broadcast_packet_helper/route_broadcast/
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
# Conflicts:
# src/route.c
Vittorio Gambaletta (VittGam) [Fri, 25 Sep 2015 02:52:25 +0000 (04:52 +0200)]
Fix DecrementTTL option for packets destined to the local node.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
# Conflicts:
# src/route.c
Vittorio Gambaletta (VittGam) [Fri, 4 Sep 2015 15:04:03 +0000 (17:04 +0200)]
Try to reply with node address only when decrementing the TTL.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Vittorio Gambaletta (VittGam) [Fri, 4 Sep 2015 02:00:57 +0000 (04:00 +0200)]
Fix source IP address for ICMP unreachable packets generated by tinc.
Try to send ICMP unreachable replies from an address assigned to the
local machine, instead of the destination address of the original
packet.
The address is found by looking up the route towards the sender of
the packet that generated the error; in usual configurations, this
is the tinc interface.
This also fixes the traceroute display in mtr when using the
DecrementTTL option.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
# Conflicts:
# src/route.c
Vittorio Gambaletta (VittGam) [Thu, 3 Sep 2015 14:02:50 +0000 (16:02 +0200)]
Fix DecrementTTL option.
The option was not actually working, as it could be seen on traceroute or mtr.
The problem is that it was checking if the TTL was < 1 (so equal to 0) before decrementing it.
This meant that a packet with a TTL of 1 was being sent with a TTL of 0 on the VPN, instead of being discarded with the ICMP error message.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
# Conflicts:
# src/route.c