oweals/tinc.git
11 years agoAdd the tincctl exchange and exchange-all commands.
Guus Sliepen [Tue, 15 Jan 2013 12:31:51 +0000 (13:31 +0100)]
Add the tincctl exchange and exchange-all commands.

These are identical to an export/export-all followed by an import, and make
it simpler to exchange host config files with other nodes.

11 years agoCheck HMAC before sequence number.
Guus Sliepen [Mon, 14 Jan 2013 12:08:35 +0000 (13:08 +0100)]
Check HMAC before sequence number.

11 years agoAlways complain if too many arguments are given for tincctl commands.
Guus Sliepen [Mon, 14 Jan 2013 12:02:39 +0000 (13:02 +0100)]
Always complain if too many arguments are given for tincctl commands.

11 years agoBetter error messages when using -L, -R or -U on platforms that do not support it.
Guus Sliepen [Mon, 14 Jan 2013 12:01:47 +0000 (13:01 +0100)]
Better error messages when using -L, -R or -U on platforms that do not support it.

11 years agoDon't complain about garbage if we skipped importing a host file.
Guus Sliepen [Mon, 14 Jan 2013 11:59:17 +0000 (12:59 +0100)]
Don't complain about garbage if we skipped importing a host file.

11 years agoMention that the -L, -R and -U options are not supported on all platforms.
Guus Sliepen [Mon, 14 Jan 2013 11:58:24 +0000 (12:58 +0100)]
Mention that the -L, -R and -U options are not supported on all platforms.

11 years agoNote that tincctl import is only meant to work with data from tincctl export.
Guus Sliepen [Mon, 14 Jan 2013 11:57:33 +0000 (12:57 +0100)]
Note that tincctl import is only meant to work with data from tincctl export.

11 years agoNote that node Names are case sensitive.
Guus Sliepen [Mon, 14 Jan 2013 11:56:54 +0000 (12:56 +0100)]
Note that node Names are case sensitive.

11 years agoFix a typo.
Guus Sliepen [Mon, 14 Jan 2013 11:56:14 +0000 (12:56 +0100)]
Fix a typo.

11 years agoFix support for tunemu on iOS devices.
Guus Sliepen [Sun, 16 Dec 2012 14:36:06 +0000 (15:36 +0100)]
Fix support for tunemu on iOS devices.

The actual code was fine but the #ifdefs tested for the wrong preprocessor
variable.

Conflicts:
src/bsd/device.c
src/process.c

11 years agoFix infinite loop in timeout handling on Windows.
Guus Sliepen [Fri, 7 Dec 2012 14:49:21 +0000 (15:49 +0100)]
Fix infinite loop in timeout handling on Windows.

11 years agoFix display of cumulative packet counters.
Guus Sliepen [Thu, 6 Dec 2012 15:57:57 +0000 (16:57 +0100)]
Fix display of cumulative packet counters.

11 years agoClarify the description of IndirectData and Mode = router.
Guus Sliepen [Thu, 6 Dec 2012 15:55:28 +0000 (16:55 +0100)]
Clarify the description of IndirectData and Mode = router.

11 years agoReleasing 1.1pre4. release-1.1pre4
Guus Sliepen [Wed, 5 Dec 2012 21:32:10 +0000 (22:32 +0100)]
Releasing 1.1pre4.

11 years agoFix whitespace.
Guus Sliepen [Wed, 5 Dec 2012 20:42:43 +0000 (21:42 +0100)]
Fix whitespace.

11 years agoScale packet counters similar to byte counters.
Guus Sliepen [Wed, 5 Dec 2012 20:40:49 +0000 (21:40 +0100)]
Scale packet counters similar to byte counters.

11 years agoDon't use nested functions.
Guus Sliepen [Wed, 5 Dec 2012 20:33:01 +0000 (21:33 +0100)]
Don't use nested functions.

This allows tinc to be compiled with Clang.

11 years agoFix compiler warnings on OpenBSD.
Guus Sliepen [Wed, 5 Dec 2012 13:42:21 +0000 (14:42 +0100)]
Fix compiler warnings on OpenBSD.

11 years agoRemove GraphDumpFile from the manual and manpages.
Guus Sliepen [Mon, 3 Dec 2012 12:09:40 +0000 (13:09 +0100)]
Remove GraphDumpFile from the manual and manpages.

This option is not supported in tinc 1.1, "tincctl dump graph" can be used
instead.

11 years agoAdd option to dump only a list of reachable nodes.
Guus Sliepen [Mon, 3 Dec 2012 12:08:03 +0000 (13:08 +0100)]
Add option to dump only a list of reachable nodes.

11 years agoMore fixes for Windows.
Guus Sliepen [Mon, 3 Dec 2012 09:41:28 +0000 (10:41 +0100)]
More fixes for Windows.

In particular, Windows does support many of the timer* macros, except timeradd
and timersub.

11 years agoFix compiler error on Windows.
Guus Sliepen [Mon, 3 Dec 2012 08:08:21 +0000 (09:08 +0100)]
Fix compiler error on Windows.

11 years agoFix crash in timeout handling.
Guus Sliepen [Mon, 3 Dec 2012 08:07:23 +0000 (09:07 +0100)]
Fix crash in timeout handling.

11 years agoSet a node's pointers to zero before trying to insert it into a tree.
Guus Sliepen [Mon, 3 Dec 2012 08:02:08 +0000 (09:02 +0100)]
Set a node's pointers to zero before trying to insert it into a tree.

11 years agoFix use of unitialised values in hash tables.
Guus Sliepen [Thu, 29 Nov 2012 13:35:08 +0000 (14:35 +0100)]
Fix use of unitialised values in hash tables.

Not only was Valgrind unhappy about it, it could also result in cache misses.

11 years agoFix check for expired events.
Guus Sliepen [Thu, 29 Nov 2012 13:32:12 +0000 (14:32 +0100)]
Fix check for expired events.

This would trigger a infinite loop if a timeout expired and the next timeout
was not expired yet, but less than 1 second from being expired.

11 years agoAllow multiple timeouts to expire at the exact same time.
Guus Sliepen [Thu, 29 Nov 2012 11:37:04 +0000 (12:37 +0100)]
Allow multiple timeouts to expire at the exact same time.

11 years agoDrop libevent and use our own event handling again.
Guus Sliepen [Thu, 29 Nov 2012 11:28:23 +0000 (12:28 +0100)]
Drop libevent and use our own event handling again.

There are several reasons for this:

- MacOS/X doesn't support polling the tap device using kqueue, requiring a
  workaround to fall back to select().
- On Windows only sockets are properly handled, therefore tinc uses a second
  thread that does a blocking ReadFile() on the TAP-Win32/64 device. However,
  this does not mix well with libevent.
- Libevent, event just the core, is quite large, and although it is easy to get
  and install on many platforms, it can be a burden.
- Libev is more lightweight and seems technically superior, but it doesn't
  abstract away all the platform differences (for example, async events are not
  supported on Windows).

11 years agoEnsure MTU probe replies are sent back the same way they came in.
Guus Sliepen [Mon, 19 Nov 2012 13:20:50 +0000 (14:20 +0100)]
Ensure MTU probe replies are sent back the same way they came in.

Also sprinkle some comments over mtu_probe_h().

11 years agoImprove UDP address selection.
Guus Sliepen [Mon, 19 Nov 2012 12:50:17 +0000 (13:50 +0100)]
Improve UDP address selection.

We don't need to search the whole edge tree, we can use the node's own edge
tree since each edge has a pointer to its reverse. Also, we do need to make
sure we try the reflexive address often.

11 years agoTry all known addresses of node during PMTU discovery, now also for SPTPS.
Guus Sliepen [Sat, 17 Nov 2012 21:48:06 +0000 (22:48 +0100)]
Try all known addresses of node during PMTU discovery, now also for SPTPS.

11 years agoChoose a suitable socket when updating a node's UDP address.
Guus Sliepen [Sat, 17 Nov 2012 21:14:52 +0000 (22:14 +0100)]
Choose a suitable socket when updating a node's UDP address.

11 years agoAlso don't use poll() on MacOS/X.
Guus Sliepen [Thu, 15 Nov 2012 10:24:18 +0000 (11:24 +0100)]
Also don't use poll() on MacOS/X.

11 years agoDisable support for kqueue on MacOS/X.
Guus Sliepen [Thu, 15 Nov 2012 10:13:40 +0000 (11:13 +0100)]
Disable support for kqueue on MacOS/X.

Apparently MacOS/X doesn't support kqueue events on character devices.

11 years agoRemove text saying you must have one of PrivateKey or PrivateKeyFile in tinc.conf.
Guus Sliepen [Wed, 14 Nov 2012 09:44:35 +0000 (10:44 +0100)]
Remove text saying you must have one of PrivateKey or PrivateKeyFile in tinc.conf.

12 years agoSend broadcast packets using a random socket, and properly support IPv6.
Guus Sliepen [Tue, 13 Nov 2012 14:05:41 +0000 (15:05 +0100)]
Send broadcast packets using a random socket, and properly support IPv6.

Before it would always use the first socket, and always send an IPv4 broadcast packet. That
works fine in a lot of situations, but it is better to try all sockets, and to send IPv6 packets
on IPv6 sockets. This is especially important for users that are on IPv6-only networks or that
have multiple physical network interfaces, although in the latter case it probably requires
them to use the ListenAddress variable to create a separate socket for each interface.

12 years agoDon't take the address of a variable whose scope is about to disappear.
Guus Sliepen [Tue, 13 Nov 2012 14:01:43 +0000 (15:01 +0100)]
Don't take the address of a variable whose scope is about to disappear.

12 years agoFix configure script help text for --enable options.
Guus Sliepen [Sun, 11 Nov 2012 18:01:28 +0000 (19:01 +0100)]
Fix configure script help text for --enable options.

12 years agoFix index entry for section about readline library.
Guus Sliepen [Sun, 11 Nov 2012 18:01:02 +0000 (19:01 +0100)]
Fix index entry for section about readline library.

12 years agoMention in the manual that support for LZO and zlib can be disabled.
Guus Sliepen [Sun, 11 Nov 2012 17:53:23 +0000 (18:53 +0100)]
Mention in the manual that support for LZO and zlib can be disabled.

12 years agoMention libcurses and libreadline in the manual.
Guus Sliepen [Sun, 11 Nov 2012 17:45:40 +0000 (18:45 +0100)]
Mention libcurses and libreadline in the manual.

12 years agoMake sure PMTU discovery works in switch mode with VLAN tags.
Guus Sliepen [Sat, 10 Nov 2012 22:45:22 +0000 (23:45 +0100)]
Make sure PMTU discovery works in switch mode with VLAN tags.

Before, when tinc saw a packet larger than the PMTU with a VLAN tag, it would
not know what to do with it, and would just forward it via TCP. Now, tinc
handles 802.1q packets correctly, as long as there is only one tag.

12 years agoUsing alloca() for a constant sized buffer is very silly.
Guus Sliepen [Sat, 10 Nov 2012 22:13:05 +0000 (23:13 +0100)]
Using alloca() for a constant sized buffer is very silly.

Cppcheck said using alloca() in the 21st century is silly anyway.

12 years agoFix potential buffer overflow reading the PID file.
Guus Sliepen [Sat, 10 Nov 2012 22:09:31 +0000 (23:09 +0100)]
Fix potential buffer overflow reading the PID file.

Found by cppcheck.

12 years agoSlightly randomize all timeouts.
Guus Sliepen [Sun, 21 Oct 2012 15:45:16 +0000 (17:45 +0200)]
Slightly randomize all timeouts.

12 years agoAdd the AutoConnect option.
Guus Sliepen [Sun, 21 Oct 2012 15:35:13 +0000 (17:35 +0200)]
Add the AutoConnect option.

When set to a non-zero value, tinc will try to maintain exactly that number of
meta connections to other nodes.  If there are not enough connections, it will
periodically try to set up an outgoing connection to a random node.  If there
are too many connections, it will periodically try to remove an outgoing
connection.

12 years agoKeep track of the number of nodes in a tree.
Guus Sliepen [Sun, 21 Oct 2012 15:34:53 +0000 (17:34 +0200)]
Keep track of the number of nodes in a tree.

12 years agoFix warnings from groff.
Guus Sliepen [Wed, 17 Oct 2012 11:51:02 +0000 (13:51 +0200)]
Fix warnings from groff.

12 years agoReleasing 1.1pre3. release-1.1pre3
Guus Sliepen [Sun, 14 Oct 2012 17:22:30 +0000 (19:22 +0200)]
Releasing 1.1pre3.

12 years agoFix a few compiler errors/warnings.
Guus Sliepen [Sun, 14 Oct 2012 17:21:13 +0000 (19:21 +0200)]
Fix a few compiler errors/warnings.

12 years agoUpdate copyright notices.
Guus Sliepen [Sun, 14 Oct 2012 15:42:49 +0000 (17:42 +0200)]
Update copyright notices.

12 years agoFix compile error on Windows.
Guus Sliepen [Sun, 14 Oct 2012 14:39:16 +0000 (16:39 +0200)]
Fix compile error on Windows.

12 years agotincctl: add node colors and edge weight to graph dump.
Guus Sliepen [Sun, 14 Oct 2012 14:07:35 +0000 (16:07 +0200)]
tincctl: add node colors and edge weight to graph dump.

12 years agoLog more messages using logger().
Guus Sliepen [Sun, 14 Oct 2012 13:37:24 +0000 (15:37 +0200)]
Log more messages using logger().

12 years agoMake sure the ReplayWindow option works for SPTPS as well.
Guus Sliepen [Sun, 14 Oct 2012 12:48:35 +0000 (14:48 +0200)]
Make sure the ReplayWindow option works for SPTPS as well.

12 years agoOnly log success of initial datagram SPTPS handshake.
Guus Sliepen [Sun, 14 Oct 2012 12:45:27 +0000 (14:45 +0200)]
Only log success of initial datagram SPTPS handshake.

12 years agoFix handling of initial datagram SPTPS packet.
Guus Sliepen [Sun, 14 Oct 2012 12:33:54 +0000 (14:33 +0200)]
Fix handling of initial datagram SPTPS packet.

Only the very first packet of an SPTPS session should be send with REQ_KEY,
this signals the peer to abort any previous session and start a new one as
well.

12 years agosptps.c: Add missing newline to log message.
Sven-Haegar Koch [Fri, 12 Oct 2012 15:08:01 +0000 (17:08 +0200)]
sptps.c: Add missing newline to log message.

12 years agoStrip newline from incoming SPTPS requests.
Guus Sliepen [Thu, 11 Oct 2012 20:47:13 +0000 (22:47 +0200)]
Strip newline from incoming SPTPS requests.

Most of the code doesn't care whether requests are terminated with a newline or
not, except that when requests are forwarded, it is assumed they do not have
one and a newline is added.  When a node using SPTPS receives a request from
another SPTPS-using node, and forwards it to a non-SPTPS-using node, this will
result in two consecutive newlines, which the latter node will see as an empty,
and thus invalid, request.

12 years agoClear status and options fields of unreachable nodes.
Guus Sliepen [Thu, 11 Oct 2012 20:21:30 +0000 (22:21 +0200)]
Clear status and options fields of unreachable nodes.

12 years agoFix whitespace.
Guus Sliepen [Wed, 10 Oct 2012 15:17:49 +0000 (17:17 +0200)]
Fix whitespace.

12 years agoTry all known addresses of node during the PMTU discovery phase.
Guus Sliepen [Wed, 10 Oct 2012 12:46:22 +0000 (14:46 +0200)]
Try all known addresses of node during the PMTU discovery phase.

This helps in situations where some nodes have IPv6 and others have not.

12 years agoFix hash functions for keys whose size is not divisible by 4.
Guus Sliepen [Tue, 9 Oct 2012 15:49:09 +0000 (17:49 +0200)]
Fix hash functions for keys whose size is not divisible by 4.

12 years agoFix memory leaks found by valgrind.
Guus Sliepen [Tue, 9 Oct 2012 14:27:28 +0000 (16:27 +0200)]
Fix memory leaks found by valgrind.

12 years agoClear Ethernet header when reading packets from a tun device.
Guus Sliepen [Tue, 9 Oct 2012 13:52:58 +0000 (15:52 +0200)]
Clear Ethernet header when reading packets from a tun device.

This fixes a warning from valgrind about uninitialized bytes, which were being
sent to other nodes.

12 years agoRemove unused variables, fix some #includes.
Guus Sliepen [Tue, 9 Oct 2012 11:28:09 +0000 (13:28 +0200)]
Remove unused variables, fix some #includes.

12 years agoFix deleting connections from the connection list.
Guus Sliepen [Tue, 9 Oct 2012 11:23:12 +0000 (13:23 +0200)]
Fix deleting connections from the connection list.

12 years agoC99 extravaganza.
Guus Sliepen [Sun, 7 Oct 2012 22:35:38 +0000 (00:35 +0200)]
C99 extravaganza.

12 years agoReplace the connection_tree with a connection_list.
Guus Sliepen [Sun, 7 Oct 2012 19:59:53 +0000 (21:59 +0200)]
Replace the connection_tree with a connection_list.

The tree functions were never used on the connection_tree, a list is more appropriate.
Also be more paranoid about connections disappearing while traversing the list.

12 years agoRefactor outgoing connection handling.
Guus Sliepen [Sun, 7 Oct 2012 19:02:40 +0000 (21:02 +0200)]
Refactor outgoing connection handling.

Struct outgoing_ts and connection_ts were depending too much on each other,
causing lots of problems, especially the reuse of a connection_t. Now, whenever
a connection is closed it is immediately removed from the list of connections
and destroyed.

12 years agoFix warnings from cppcheck.
Guus Sliepen [Sun, 7 Oct 2012 15:53:23 +0000 (17:53 +0200)]
Fix warnings from cppcheck.

12 years agoRemove a debug message.
Guus Sliepen [Sun, 7 Oct 2012 12:06:47 +0000 (14:06 +0200)]
Remove a debug message.

12 years agoHandle packets encrypted via SPTPS that need to be forwarded via TCP.
Guus Sliepen [Sun, 7 Oct 2012 12:03:50 +0000 (14:03 +0200)]
Handle packets encrypted via SPTPS that need to be forwarded via TCP.

12 years agoMake datagram SPTPS key exchange more robust.
Guus Sliepen [Sun, 7 Oct 2012 11:31:19 +0000 (13:31 +0200)]
Make datagram SPTPS key exchange more robust.

Similar to old style key exchange requests, keep track of whether a key
exchange is already in progress and how long it took. If no key is known yet
or if key exchange takes too long, (re)start a new key exchange.

12 years agoUseful error messages when writing to a meta connection fails.
Guus Sliepen [Sun, 7 Oct 2012 09:45:54 +0000 (11:45 +0200)]
Useful error messages when writing to a meta connection fails.

12 years agoWhen terminating, keep control connections open until the end.
Guus Sliepen [Sat, 6 Oct 2012 19:16:17 +0000 (21:16 +0200)]
When terminating, keep control connections open until the end.

This ensures all device files and listening sockets have been closed before
tincctl gets notified of tincd's termination.

12 years agoClear connection options and status fields in free_connection_partially().
Guus Sliepen [Sat, 6 Oct 2012 19:15:19 +0000 (21:15 +0200)]
Clear connection options and status fields in free_connection_partially().

Most fields should be zero when reusing a connection. In particular, when an
outgoing connection to a node which is reachable on more than one address is
made, the second connection to that node will have status.encryptout set but
outctx will be NULL, causing a NULL pointer dereference when
EVP_EncryptUpdate() is called in send_meta() when it shouldn't.

12 years agoImprove starting/stopping tincd using tincctl.
Guus Sliepen [Sat, 6 Oct 2012 15:45:03 +0000 (17:45 +0200)]
Improve starting/stopping tincd using tincctl.

When starting tincd, tincctl now strips non-options from the command line, and
sets argv[0] to the name of the tincd command instead of copying its own
command name.

When stopping a running tincd, tincctl now waits for it to terminate.

12 years agoFix off-by-one error.
Guus Sliepen [Sat, 6 Oct 2012 14:53:43 +0000 (16:53 +0200)]
Fix off-by-one error.

Apart from writing 1 byte beyond an array allocated on the stack, this slipped
an unitialized byte in the seed used for key generation.

12 years agoLibreadline might depend on libcurses.
Guus Sliepen [Mon, 1 Oct 2012 08:42:13 +0000 (10:42 +0200)]
Libreadline might depend on libcurses.

12 years agoRemove abort() call that accidentily sneaked into commit dd1b69e.
Guus Sliepen [Mon, 1 Oct 2012 08:39:15 +0000 (10:39 +0200)]
Remove abort() call that accidentily sneaked into commit dd1b69e.

12 years agoMake sure sptps_test compiles without -flto.
Guus Sliepen [Mon, 1 Oct 2012 08:36:23 +0000 (10:36 +0200)]
Make sure sptps_test compiles without -flto.

12 years agoRemove unused function declaration.
Guus Sliepen [Sun, 30 Sep 2012 21:12:43 +0000 (23:12 +0200)]
Remove unused function declaration.

12 years agoFix not reading Port statement from host config file.
Guus Sliepen [Sun, 30 Sep 2012 20:43:48 +0000 (22:43 +0200)]
Fix not reading Port statement from host config file.

12 years agoMerge branch 'master' into 1.1
Guus Sliepen [Sun, 30 Sep 2012 13:00:47 +0000 (15:00 +0200)]
Merge branch 'master' into 1.1

Conflicts:
lib/utils.c
src/net_setup.c
src/process.c
src/protocol_auth.c
src/protocol_key.c
src/utils.h

12 years agoAdd strict checks to hex to binary conversions.
Guus Sliepen [Sun, 30 Sep 2012 11:45:47 +0000 (13:45 +0200)]
Add strict checks to hex to binary conversions.

The main goal is to catch misuse of the obsolete PrivateKey and PublicKey
statements.

12 years agoAttribution for Martin Schürrer.
Guus Sliepen [Sun, 30 Sep 2012 11:45:39 +0000 (13:45 +0200)]
Attribution for Martin Schürrer.

12 years agoOutput details of encryption errors
Martin Schürrer [Sun, 30 Sep 2012 00:04:55 +0000 (02:04 +0200)]
Output details of encryption errors

12 years agoRemove some debugging messages.
Guus Sliepen [Fri, 28 Sep 2012 15:51:48 +0000 (17:51 +0200)]
Remove some debugging messages.

12 years agoMake tincctl robust against dropped control connections.
Guus Sliepen [Fri, 28 Sep 2012 15:36:25 +0000 (17:36 +0200)]
Make tincctl robust against dropped control connections.

12 years agoCorrectly add/remove outgoing connections when reloading configuration.
Guus Sliepen [Fri, 28 Sep 2012 15:05:01 +0000 (17:05 +0200)]
Correctly add/remove outgoing connections when reloading configuration.

12 years agoFix column sorting, make all lists sortable.
Guus Sliepen [Fri, 28 Sep 2012 15:03:14 +0000 (17:03 +0200)]
Fix column sorting, make all lists sortable.

12 years agoLet the GUI handle the new dump format.
Guus Sliepen [Thu, 27 Sep 2012 20:12:15 +0000 (22:12 +0200)]
Let the GUI handle the new dump format.

12 years agoFix links in documenation.
Guus Sliepen [Thu, 27 Sep 2012 15:19:02 +0000 (17:19 +0200)]
Fix links in documenation.

12 years agoFix links in documentation.
Guus Sliepen [Thu, 27 Sep 2012 15:18:49 +0000 (17:18 +0200)]
Fix links in documentation.

12 years agoComment out old public/private keys when generating new ones.
Guus Sliepen [Thu, 27 Sep 2012 13:45:02 +0000 (15:45 +0200)]
Comment out old public/private keys when generating new ones.

12 years agoUpdate documentation of the "dump graph" command.
Guus Sliepen [Wed, 26 Sep 2012 21:56:21 +0000 (23:56 +0200)]
Update documentation of the "dump graph" command.

12 years agoAllow dumping either directed or undirected graphs.
Guus Sliepen [Wed, 26 Sep 2012 21:52:36 +0000 (23:52 +0200)]
Allow dumping either directed or undirected graphs.

Internally, tinc maintains a directed graph of the meta connections between
nodes. However, this causes graphviz to draw two lines between nodes, which is
not always desirable. The "dump graph" command now defaults to dumping an
undirected graph, the "dump digraph" command will dump a directed graph.

12 years agoLet tincctl parse and format dumps.
Guus Sliepen [Wed, 26 Sep 2012 21:18:32 +0000 (23:18 +0200)]
Let tincctl parse and format dumps.

At the moment it just reproduces the old format.

12 years agoKeep last known address and time since reachability changed.
Guus Sliepen [Wed, 26 Sep 2012 20:20:43 +0000 (22:20 +0200)]
Keep last known address and time since reachability changed.

This allows tincctl info to show since when a node is online or offline.