Guus Sliepen [Sun, 7 Apr 2024 14:01:53 +0000 (16:01 +0200)]
sr.ht CI: update FreeBSD and OpenBSD image versions
Guus Sliepen [Sun, 7 Apr 2024 13:44:00 +0000 (15:44 +0200)]
Handle multicast being blocked in the test suite
If multicast is supported in principle, but multicast packets are blocked
by the firewall, then the multicast test will time out and reports an
error. Detect this case and don't fail.
Guus Sliepen [Sun, 7 Apr 2024 13:41:04 +0000 (15:41 +0200)]
Run ip link up before adding addresses and routes
On Linux, some iproute2 commands to set addresses and add routes don't work
or have no effect if the link is not up, so make sure we set the link up
first.
Jingrong Chen [Mon, 22 Jan 2024 23:13:01 +0000 (18:13 -0500)]
Fix bug in shortest path implementation
Jingrong Chen [Mon, 22 Jan 2024 23:09:25 +0000 (18:09 -0500)]
Add a unit test for sssp_bfs()
Marek Küthe [Tue, 12 Dec 2023 14:54:18 +0000 (14:54 +0000)]
Add distribution specific package installation instructions
Signed-off-by: Marek Küthe <m.k@mk16.de>
Marek Küthe [Tue, 12 Dec 2023 15:06:17 +0000 (15:06 +0000)]
Correct a type mismatch
In one place in the source code, the debug level of type `int` was used and in other places of type `debug_t`. This commit introduces a change so that the type `debug_t` is used in both places.
This also resolves a compiler warning.
Signed-off-by: Marek Küthe <m.k@mk16.de>
Kirill Isakov [Sun, 5 Jun 2022 11:06:05 +0000 (17:06 +0600)]
Add timeouts to 'tinc join'
Since server tarpits suspicious connections, `tinc join` doesn't have
the best UX (if anything is broken on server's side, `tinc join` just
hangs indefinitely).
Since we don't want to leak information to the client, add timeouts on
the client side and notify the user that something is amiss if timeout
is reached.
Kirill Isakov [Sun, 5 Jun 2022 09:56:01 +0000 (15:56 +0600)]
Update MaxConnectionBurst values in docs
Kirill Isakov [Sat, 4 Jun 2022 12:34:34 +0000 (18:34 +0600)]
version.py: fix support for Python < 3.9
Kirill Isakov [Sat, 4 Jun 2022 09:05:32 +0000 (15:05 +0600)]
Add tests for some device & address variables
Kirill Isakov [Sun, 29 May 2022 15:45:28 +0000 (21:45 +0600)]
Remove access checks in tests under root
Kirill Isakov [Thu, 2 Jun 2022 06:30:48 +0000 (12:30 +0600)]
CI: run sanitizers as root
The most interesting tests that actually exercise network
require root access for setup.
Kirill Isakov [Thu, 2 Jun 2022 12:47:18 +0000 (18:47 +0600)]
Silence clang-tidy warnings about atoi(getenv())
Kirill Isakov [Mon, 30 May 2022 17:06:39 +0000 (23:06 +0600)]
Fix listen_sockets overflow in close_network_connections()
==32610==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000f4f6a8 at pc 0x000000533bd6 bp 0x7ffeafc6f390 sp 0x7ffeafc6f388
READ of size 8 at 0x000000f4f6a8 thread T0
#0 0x533bd5 in io_del /home/runner/work/tinc/tinc/openssl3/../src/linux/event.c:104:9
#1 0x4f4808 in close_network_connections /home/runner/work/tinc/tinc/openssl3/../src/net_setup.c:1283:3
#2 0x4cea70 in main /home/runner/work/tinc/tinc/openssl3/../src/tincd.c:717:2
#3 0x7f493a1d3d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
#4 0x7f493a1d3e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
#5 0x421ac4 in _start (/home/runner/work/tinc/tinc/openssl3/src/tincd+0x421ac4)
0x000000f4f6a8 is located 8 bytes to the right of global variable 'listen_socket' defined in '../src/net_socket.c:48:17' (0xf4f0e0) of size 1472
SUMMARY: AddressSanitizer: global-buffer-overflow /home/runner/work/tinc/tinc/openssl3/../src/linux/event.c:104:9 in io_del
Kirill Isakov [Tue, 31 May 2022 19:30:58 +0000 (01:30 +0600)]
Shorter paths to PID files in integration tests
Tests were running into the 108-char limit on UNIX socket path length.
Since we don't care about saving PID files and sockets for further
analysis if anything does wrong with the test, just shove them into a
temporary directory (which is likely to have a very short name).
Kirill Isakov [Tue, 31 May 2022 14:20:13 +0000 (20:20 +0600)]
CI: add check for paths over the 108-char limit
Kirill Isakov [Fri, 20 May 2022 12:41:01 +0000 (18:41 +0600)]
Don't retry outgoing connections if node is connected
Kirill Isakov [Thu, 19 May 2022 10:16:51 +0000 (16:16 +0600)]
Extract filesystem-related functions into fs.c
… and add unit tests.
Kirill Isakov [Thu, 19 May 2022 07:04:20 +0000 (13:04 +0600)]
Improve recently seen address cache
- create cache directory on init
- only remember addresses for TCP connections
- update cache in more situations
- add tests
Kirill Isakov [Sun, 29 May 2022 05:24:04 +0000 (11:24 +0600)]
Add Markdown reformat to lint.py
Guus Sliepen [Sat, 28 May 2022 21:12:52 +0000 (23:12 +0200)]
Reflow all Markdown files.
Use MarkFlow to reflow the Markdown files so they can be read as a text
file in a 80-column terminal. Also convert all code blocks into fenced
code blocks with a language header, and remove the prompt character;
this allows viewers to do syntax highlighting, and allows a human
reading the files using a text viewer to simply copy&paste the commands.
Kirill Isakov [Sat, 28 May 2022 19:20:23 +0000 (01:20 +0600)]
CI: add checks for basic compatibility with muon
Kirill Isakov [Sat, 28 May 2022 12:27:09 +0000 (18:27 +0600)]
CI: add backwards compatibility checks
Kirill Isakov [Sat, 28 May 2022 13:13:44 +0000 (19:13 +0600)]
Make build files compatible with muon
Kirill Isakov [Thu, 26 May 2022 18:51:42 +0000 (00:51 +0600)]
Add tests for import/export errors
Kirill Isakov [Thu, 26 May 2022 08:20:34 +0000 (14:20 +0600)]
Add tests for join/invite errors
Kirill Isakov [Wed, 25 May 2022 13:09:10 +0000 (19:09 +0600)]
Add tests for key generation commands
Kirill Isakov [Wed, 25 May 2022 08:34:34 +0000 (14:34 +0600)]
Add tests for miscellaneous commands
Kirill Isakov [Wed, 25 May 2022 15:13:25 +0000 (21:13 +0600)]
Add tests for network commands
Kirill Isakov [Tue, 24 May 2022 16:29:46 +0000 (22:29 +0600)]
Add tests for dump commands
Kirill Isakov [Fri, 27 May 2022 11:22:05 +0000 (17:22 +0600)]
Add tests for sign/verify commands
Kirill Isakov [Wed, 25 May 2022 14:25:41 +0000 (20:25 +0600)]
CI: don't fail on chown error
Kirill Isakov [Wed, 25 May 2022 16:52:06 +0000 (22:52 +0600)]
Fix UB pointer comparison in event.c
==36472==ERROR: AddressSanitizer: invalid-pointer-pair: 0x000000e9de00 0x608000000db0
#0 0x4d0658 in timeout_compare /home/runner/work/tinc/tinc/openssl3/../src/event.c:97:7
#1 0x55a3af in splay_top_down /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:41:13
#2 0x559868 in splay_search_closest_node /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:378:9
#3 0x55cd54 in splay_insert_node /home/runner/work/tinc/tinc/openssl3/../src/splay_tree.c:446:13
#4 0x4cecfc in timeout_set /home/runner/work/tinc/tinc/openssl3/../src/event.c:267:6
#5 0x4d3c49 in retry /home/runner/work/tinc/tinc/openssl3/../src/net.c:477:2
#6 0x53f274 in control_h /home/runner/work/tinc/tinc/openssl3/../src/control.c:96:3
#7 0x500a44 in receive_request /home/runner/work/tinc/tinc/openssl3/../src/protocol.c:180:7
#8 0x5485b2 in receive_meta /home/runner/work/tinc/tinc/openssl3/../src/meta.c:308:19
#9 0x4d1c18 in handle_meta_connection_data /home/runner/work/tinc/tinc/openssl3/../src/net.c:305:6
#10 0x4fa3cc in handle_meta_io /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:560:3
#11 0x4cfbe3 in event_loop /home/runner/work/tinc/tinc/openssl3/../src/event.c:453:5
#12 0x4d4127 in main_loop /home/runner/work/tinc/tinc/openssl3/../src/net.c:508:6
#13 0x4cbe24 in main /home/runner/work/tinc/tinc/openssl3/../src/tincd.c:702:11
#14 0x7f1900c1e082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
#15 0x41eafd in _start (/home/runner/work/tinc/tinc/openssl3/src/tincd+0x41eafd)
0x000000e9de00 is located 0 bytes inside of global variable 'pingtimer' defined in '../src/net.c:44:18' (0xe9de00) of size 80
0x608000000db0 is located 16 bytes inside of 96-byte region [0x608000000da0,0x608000000e00)
allocated by thread T0 here:
#0 0x499ed2 in calloc (/home/runner/work/tinc/tinc/openssl3/src/tincd+0x499ed2)
#1 0x4fc6a9 in xzalloc /home/runner/work/tinc/tinc/openssl3/../src/xalloc.h:41:12
#2 0x4fbfb0 in try_outgoing_connections /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:855:27
#3 0x4d31ac in reload_configuration /home/runner/work/tinc/tinc/openssl3/../src/net.c:435:2
#4 0x53f2bd in control_h /home/runner/work/tinc/tinc/openssl3/../src/control.c:101:16
#5 0x500a44 in receive_request /home/runner/work/tinc/tinc/openssl3/../src/protocol.c:180:7
#6 0x5485b2 in receive_meta /home/runner/work/tinc/tinc/openssl3/../src/meta.c:308:19
#7 0x4d1c18 in handle_meta_connection_data /home/runner/work/tinc/tinc/openssl3/../src/net.c:305:6
#8 0x4fa3cc in handle_meta_io /home/runner/work/tinc/tinc/openssl3/../src/net_socket.c:560:3
#9 0x4cfbe3 in event_loop /home/runner/work/tinc/tinc/openssl3/../src/event.c:453:5
#10 0x4d4127 in main_loop /home/runner/work/tinc/tinc/openssl3/../src/net.c:508:6
#11 0x4cbe24 in main /home/runner/work/tinc/tinc/openssl3/../src/tincd.c:702:11
#12 0x7f1900c1e082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
Kirill Isakov [Wed, 25 May 2022 15:52:42 +0000 (21:52 +0600)]
Fix UBSAN failure in b64decode_tinc()
../src/utils.c:141:14: runtime error: implicit conversion from type 'int' of value -1 (32-bit, signed) to type 'unsigned int' changed the value to
4294967295 (32-bit, unsigned)
#0 0x478d06 in b64decode_tinc /home/runner/work/tinc/tinc/openssl3/../src/utils.c:141:14
#1 0x437f6c in dump_invitations /home/runner/work/tinc/tinc/openssl3/../src/tincctl.c:1116:6
#2 0x42ebf6 in cmd_dump /home/runner/work/tinc/tinc/openssl3/../src/tincctl.c:1190:10
#3 0x42b4c5 in run_command /home/runner/work/tinc/tinc/openssl3/../src/tincctl.c:3315:11
#4 0x42aa24 in main /home/runner/work/tinc/tinc/openssl3/../src/tincctl.c:3366:15
#5 0x7f6fb7a4c082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
#6 0x406e2d in _start (/home/runner/work/tinc/tinc/openssl3/src/tinc+0x406e2d)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/utils.c:141:14 in
Kirill Isakov [Fri, 27 May 2022 12:07:04 +0000 (18:07 +0600)]
Don't tarpit localhost connections
Kirill Isakov [Sun, 22 May 2022 07:28:03 +0000 (13:28 +0600)]
Split event.c into per-API files
Kirill Isakov [Sat, 21 May 2022 09:11:04 +0000 (15:11 +0600)]
BSD: add kqueue support
Kirill Isakov [Mon, 23 May 2022 13:54:41 +0000 (19:54 +0600)]
Add optional systemd integration
- startup & shutdown notifications
- optional watchdog with auto-restart on hang
Watchdog is enabled by using WatchdogSec in systemd unit file.
Kirill Isakov [Mon, 23 May 2022 19:22:38 +0000 (01:22 +0600)]
Enable more clang-tidy checks
Kirill Isakov [Mon, 23 May 2022 13:48:59 +0000 (19:48 +0600)]
CI: use compilation database for clang-tidy job
Kirill Isakov [Mon, 23 May 2022 09:48:50 +0000 (15:48 +0600)]
Fix weight comparison in edge BFS
… and add a test to reproduce the issue.
Noticed and reported by Jingrong Chen (@crazyboycjr)
https://github.com/gsliepen/tinc/issues/393
Kirill Isakov [Sat, 21 May 2022 11:55:28 +0000 (17:55 +0600)]
CI: remove OpenSSL 3 from Fedora; add RHEL 9 & Alpine Edge
Kirill Isakov [Sat, 7 May 2022 11:15:35 +0000 (17:15 +0600)]
Remove -Qunused-arguments
Kirill Isakov [Mon, 2 May 2022 09:41:03 +0000 (15:41 +0600)]
gcrypt: initialize secure memory on startup
Otherwise libgcrypt does it automatically, but only after we drop
privileges. This requires calling mlock(), which kills the sandboxed
process on OpenBSD.
If this is not enough, libgcrypt will resize the pool without calling
mlock().
Kirill Isakov [Mon, 2 May 2022 07:00:13 +0000 (13:00 +0600)]
Move macOS-specific code into a subdirectory
Kirill Isakov [Fri, 22 Apr 2022 15:40:54 +0000 (21:40 +0600)]
Add basic pledge/unveil sandbox on OpenBSD
Kirill Isakov [Mon, 2 May 2022 13:39:32 +0000 (19:39 +0600)]
mingw: fix static linking with recent ncurses
Kirill Isakov [Sun, 1 May 2022 17:09:06 +0000 (23:09 +0600)]
Replace getrandom() with getentropy()
Unlike getrandom(), this function is supported by most BSDs
(with the exception of NetBSD), and by various Illumos distributions.
Kirill Isakov [Sun, 1 May 2022 12:56:23 +0000 (18:56 +0600)]
CI: run all test flavors on BSDs
Kirill Isakov [Thu, 28 Apr 2022 12:40:54 +0000 (18:40 +0600)]
Use hardening option to add only hardening flags
Compiler flags that enable warnings were hidden behind the 'hardening'
option. This was a direct port of the previous autoconf config, but it
probably makes sense to always show them as they have no effect on
compiler's output (unlike hardening flags which distributors might want
to alter or disable completely).
Also remove -fwrapv (which is enabled by -fno-strict-overflow) and fix
all new warnings we've added (like VLAs in libgcrypt code, so it should
now be buildable with MSVC in case anyone wishes to do it).
Kirill Isakov [Tue, 26 Apr 2022 18:50:55 +0000 (00:50 +0600)]
Improve use of compiler attributes
Mark some constructor/destructor pairs, add format attributes where they
were missing, and fix new warnings.
Kirill Isakov [Thu, 28 Apr 2022 15:05:36 +0000 (21:05 +0600)]
Convert tincd path args to absolute paths
Since tincd chdirs to its own configuration directory and only then
resolves relative paths passed as command-line arguments (like --config
and --pidfile), statements like these:
$ tinc -c confdir init foo
…
$ tincd -c confdir -D
didn't work properly.
Now we resolve paths to absolute right when we receive them, and only
then do chdir.
Kirill Isakov [Wed, 27 Apr 2022 09:49:32 +0000 (15:49 +0600)]
Fix reading broken BER in gcrypt/rsa.c
Our hand-rolled BER parser was reading ASN.1 sequence length without
checking if there's a sequence tag (0x10) before it.
Kirill Isakov [Sun, 17 Apr 2022 19:37:38 +0000 (01:37 +0600)]
Fix resource leaks found by GCC -fanalyzer
Kirill Isakov [Tue, 26 Apr 2022 13:51:23 +0000 (19:51 +0600)]
Use enums for command-line options
to avoid repeating options in multiple places, get more descriptive
names, and have the compiler verify the exhaustiveness of reading
options for us.
Kirill Isakov [Tue, 26 Apr 2022 10:57:18 +0000 (16:57 +0600)]
Add colors to tincd logger
Kirill Isakov [Sun, 24 Apr 2022 19:38:50 +0000 (01:38 +0600)]
Improve proxy server support
- fix authentication with socks5 proxies
- fix crash in forked process with exec proxy and empty node name
- refactor byte fiddling into structs
- add unit and integration tests
Guus Sliepen [Sat, 23 Apr 2022 09:39:09 +0000 (11:39 +0200)]
Reoder the README and add a quickstart guide.
The README didn't really present the most relevant information to new
users at the start, it read more like a release notes file. This makes
it a more proper introduction to tinc.
Also add a quickstart guide as a Markdown file in the root of the source
tree, this will make it nicer on GitHub and GitLab, and might help users
that don't want to read the manual.
Kirill Isakov [Fri, 22 Apr 2022 12:33:52 +0000 (18:33 +0600)]
Wipe (some) secrets from memory after use
to lessen the amount of sensitive information ending up in swap, core
dumps, or in the hands of any remote attackers.
While there still remaings a lot interesting data in configuration trees,
connection_t structs, etc, this is considered a good practice nevertheless.
Some bedtime reading:
- http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
- http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
- https://github.com/jedisct1/libsodium/blob/
be58b2e6664389d9c7993b55291402934b43b3ca/src/libsodium/sodium/utils.c#L78:L101
Kirill Isakov [Wed, 20 Apr 2022 10:29:23 +0000 (16:29 +0600)]
CI: add libgcrypt to sanitizer run
Also disable check for unsigned integer overflow.
I couldn't find a way to reliably disable it for a single function:
https://github.com/google/sanitizers/issues/765
and warnings it produces do not seem to be of enough importance to
introduce ugly hacks like resetting the most significant byte here:
size_t result = 0;
// ...
for(; len; --len) {
result = (size_t)(result << 8);
// ^^^^
Kirill Isakov [Fri, 22 Apr 2022 19:53:37 +0000 (01:53 +0600)]
Add link to building docs to the top of README.md
plus a few minor improvements to INSTALL.md
Kirill Isakov [Fri, 22 Apr 2022 06:50:49 +0000 (12:50 +0600)]
CI: run all test flavors even on failure
Kirill Isakov [Fri, 22 Apr 2022 06:00:44 +0000 (12:00 +0600)]
CI package jobs: workaround for git security fix
https://github.blog/2022-04-12-git-security-vulnerability-announced/
We could chown the build directory to our own user, but that's
relatively slow. Since we fully control the environment (relatively
speaking, we're still running on other's machines), the vulnerability
doesn't affect this particular use case.
Kirill Isakov [Fri, 22 Apr 2022 04:08:04 +0000 (10:08 +0600)]
CI: ignore package job failures
Guus Sliepen [Thu, 21 Apr 2022 18:43:16 +0000 (20:43 +0200)]
Add __pycache__ directories to .gitignore.
Kirill Isakov [Thu, 21 Apr 2022 08:11:16 +0000 (14:11 +0600)]
connection_t: remove unused compression_level field
Kirill Isakov [Thu, 21 Apr 2022 07:12:47 +0000 (13:12 +0600)]
connection_t: split compression_level/log_level into two fields
compression_level is reused as a place to store log_level when piping
logs to tincctl. Since it was being compared directly with a log level,
it felt like a wrong field is being used by mistake.
Wrap it in union to avoid wasting additional memory.
Kirill Isakov [Thu, 21 Apr 2022 05:39:36 +0000 (11:39 +0600)]
Minor type improvements in legacy protocol code
Kirill Isakov [Thu, 14 Apr 2022 15:44:49 +0000 (21:44 +0600)]
connection_t: allocate legacy context on first use
Since the new protocol is preferred if available, if both sides of the
connection are running modern versions of tinc, the old protocol may not
be used at all.
Kirill Isakov [Thu, 21 Apr 2022 12:22:32 +0000 (18:22 +0600)]
Use actual port in tincd logs / tinc get Port / invitations
If Port 0 option is used (which makes tincd bind to a port chosen
by the operating system), tinc and tincd used to print that value as
it is instead of whatever port was actually allocated.
https://github.com/gsliepen/tinc/issues/363
Kirill Isakov [Sat, 16 Apr 2022 10:28:27 +0000 (16:28 +0600)]
cmd_config: replace action magic numbers with enum
Kirill Isakov [Tue, 12 Apr 2022 16:20:58 +0000 (22:20 +0600)]
Refactor crypto RNG; add getrandom() support
/dev/urandom and /dev/random are ubiquitous, but take an open
file descriptor, and may not actually be present inside badly
configured containers.
Kirill Isakov [Mon, 11 Apr 2022 18:41:29 +0000 (00:41 +0600)]
Reduce duplication in request handler tables
Request handlers and request names are now grouped together so there's
less chance of messing up the order (however unlikely it may have been).
Kirill Isakov [Sun, 10 Apr 2022 10:28:28 +0000 (16:28 +0600)]
CI: fix creation of Windows installer
After moving to meson, we've been using separate build directories
for each test flavor instead of running `git clean -dfx`, and the .nsi
used to create a Windows installer for the development release wasn't
updated to reflect this.
Kirill Isakov [Sun, 10 Apr 2022 07:53:25 +0000 (13:53 +0600)]
Rewrite integration test suite in Python
While the previous test suite ran fine in practice, it relied on
subtle differences in behavior of many UNIX tools, and thus needed GNU
Coreutils on many operating systems to work properly, and didn't work on
"pure" Windows at all.
A simple example would be how different versions of tail handle SIGPIPE
if you pipe its output into another process: GNU tail exits on SIGPIPE
since about 2017 (too lazy to look up the exact version, but this
changed recently), while most other tails continue reading the file and
piping the output into god knows where.
Since we need Python to run the new build system (meson) anyway, let's
use it for the test suite, and get rid of all other test dependencies.
It (currently) requires only the standard library of Python 3.6 or newer.
Unlike the original test suite, this one assigns node names and port
numbers randomly to support `meson test --repeat` (because meson can run
the same test multiple times in parallel, and this breaks with the old
approach).
Also remove old integration tests based on shell scripts.
Kirill Isakov [Sun, 3 Apr 2022 11:14:55 +0000 (17:14 +0600)]
Update old Python code
- reformat old Python scripts with black
- fix pylint warnings
- fix mypy warnings
- wrap all linters in lint.py
- replace reformat.py with lint.py --fix
- add new linting command: `ninja -C build lint`
Kirill Isakov [Thu, 31 Mar 2022 15:19:59 +0000 (21:19 +0600)]
Adjust CI to new integration tests
Kirill Isakov [Sat, 2 Apr 2022 11:41:50 +0000 (17:41 +0600)]
Correct close() function when building with MSVC
The original close() was throwing assertion errors from inside the
Windows libraries because we were trying to close OS handles as file
descriptors.
Kirill Isakov [Fri, 1 Apr 2022 18:26:51 +0000 (00:26 +0600)]
Allow building sptps_{test,keypair} with MSVC
Guus Sliepen [Mon, 4 Apr 2022 19:53:47 +0000 (21:53 +0200)]
Run shfmt as part of the reformat target.
Add a reformat.py script and call it from the reformat target. It will run
astyle and shfmt from the source directory.
Guus Sliepen [Sat, 2 Apr 2022 13:39:08 +0000 (15:39 +0200)]
Improve handling invitation read errors.
Fix a file descriptor leak when something goes wrong while reading an
invitation file. Also check that we read it in full before committing.
Found by cppcheck.
Guus Sliepen [Fri, 1 Apr 2022 14:00:09 +0000 (16:00 +0200)]
Speed up the authentication protocol security tests.
The security test took 70 seconds, mainly because it consisted of
several subtests that each had to wait for a timeout to pass. Split it
into three tests; two for testing a MITM splicing connections between
tinc daemons using the legacy and SPTPS protocols, the remaining tests
are in a single shell script but now run in parallel.
Guus Sliepen [Fri, 1 Apr 2022 13:16:40 +0000 (15:16 +0200)]
Reduce log level of SPTPS errors.
SPTPS error messages should not always be logged, they are mostly
low-level details, and serious errors like failing to connect to a node
due to SPTPS issues will be logged by higher layers anyway, so move it
down to log level 3.
Fixes #298 on GitHub.
Guus Sliepen [Fri, 1 Apr 2022 12:28:45 +0000 (14:28 +0200)]
Prevent underflow when sending UDP probes.
Make sure send_udp_probe_packet() never tries to send a packet smaller
than MIN_PROBE_SIZE, otherwise length calculation could potentially wrap.
Fixes #351 on GitHub.
Guus Sliepen [Fri, 1 Apr 2022 10:46:11 +0000 (12:46 +0200)]
Make sure version.py runs succesfully even if git is not installed.
Kirill Isakov [Thu, 31 Mar 2022 05:32:56 +0000 (11:32 +0600)]
Fall back to VERSION file if .git is not present
https://github.com/gsliepen/tinc/issues/358
Kirill Isakov [Mon, 28 Mar 2022 15:38:31 +0000 (21:38 +0600)]
Disable function attributes on unsupported compilers
Kirill Isakov [Mon, 28 Mar 2022 07:46:46 +0000 (13:46 +0600)]
Add __packed__ attribute on drop-in structs
Kirill Isakov [Mon, 28 Mar 2022 07:09:07 +0000 (13:09 +0600)]
Add check for __Static_assert() and asserts on struct sizes
Kirill Isakov [Sun, 27 Mar 2022 19:55:23 +0000 (01:55 +0600)]
meson: use Python script for version detection
Kirill Isakov [Fri, 25 Mar 2022 17:29:07 +0000 (23:29 +0600)]
Replace MinGW with Windows to avoid ambiguities
Kirill Isakov [Fri, 25 Mar 2022 14:09:36 +0000 (20:09 +0600)]
Add support for building tinc with MSVC
Tests are not supported because of their strong dependence on running
under Unix-like environment.
Kirill Isakov [Fri, 25 Mar 2022 12:16:17 +0000 (18:16 +0600)]
GitHub CI: add MSVC jobs
Kirill Isakov [Fri, 25 Mar 2022 12:44:39 +0000 (18:44 +0600)]
Mention Windows SDK compat in installation docs
Kirill Isakov [Fri, 25 Mar 2022 05:56:51 +0000 (22:56 -0700)]
Add dirent.h
readdir() / closedir() / etc for Windows by Toni Rönkkö.
Copied from https://github.com/tronkko/dirent
Guus Sliepen [Sun, 27 Mar 2022 18:58:44 +0000 (20:58 +0200)]
Don't put the --recursive option in .astylerc.
When calling astyle manually without wildcards in the filename(s),
astyle will refuse to work if the --recursive option is used. Remove it
from .astylerc and add the option to the command line when the "reformat"
build target is used.
Guus Sliepen [Sun, 27 Mar 2022 18:56:48 +0000 (20:56 +0200)]
Fix compiler warning.
Quash a compiler warning by checking the result of snprintf() and
handling truncation.
Kirill Isakov [Sun, 27 Mar 2022 18:08:35 +0000 (00:08 +0600)]
Fix building tinc and running tests on Solaris
Kirill Isakov [Wed, 23 Mar 2022 11:41:31 +0000 (17:41 +0600)]
Add unit tests suite using cmocka library