fd_device: allow fd to be passed through a unix socket New restrictions on the Android OS forbid direct leaking of file descriptors. This patch allows the tinc daemon to have an fd and the associated permissions transferred to it through a Unix domain socket.
Don't keep an address cache in an outgoing_t. Address caches are associated with nodes, so just use the address cache in the node_t struct. Also ensure we always have opened an address cache in setup_outgoing_connection(). Thanks to admincheg for finding this issue.
Fix strict aliasing violation in inet_checksum() inet_checksum() accesses packet data as an array of uint16_t, but the packet data can be for example of "anonymous struct pseudo" type from route_ipv6_unreachable(). This type isn't a compatible type with uint16_t so a strict aliasing violation occurs and causes the checksum to be computed incorrectly. Fix this by using the memcpy() idiom to read the packet data as an array of uint16_t in inet_checksum() (this should be understood by compilers and optimized accordingly, so no actual copy occurs).
fix: use EVP_DecryptUpdate while decrypting With OpenSSL versions 1.0.2r & 1.1.1b there were changes in regards to how OpenSSL treats misuse of Encrypt/Decrypt EVP methods in the opposite case. E.g. using the encrypt methods in a decrypt context. OpenSSL now returns an error in these situations. [1] Since tinc used the EVP_EncryptUpdate function in the cipher_decrypt function the new sanity check was triggered causing tinc to be unusable with said OpenSSL versions. [1] https://github.com/openssl/openssl/pull/7852
Prevent large amounts of UDP probes being sent consecutively. We cannot reset udp_ping_sent to zero when we receive a valid reply to an UDP probe, because that would cause a new one to be sent immediately in try_udp(). Instead, add a bit to node_status_t to keep track of whether we have a UDP probe that's waiting for a reply. Thanks to Ronny Nilsson for spotting the source of the problem.
Attempt to make the test suite work with Windows executables. The test suite still assumes a POSIX shell to run the tests, but now handles the case when the executables themselves are (cross-)compiled for Windows, with a .exe extension. Also, DOS line endings must be converted to UNIX line endings in some cases. Some tests now pass on Linux+Wine, but others do not, mainly due to Wine not handling services very well.
Drop support for Cygwin. Tinc can be built as a native Windows binary using MinGW, and should support all of the features that the Cygwin version did.