tinc
12 years agoAttribution for Vil Brekin and some code style cleanups.
Guus Sliepen [Mon, 24 Sep 2012 12:02:07 +0000 (14:02 +0200)]
Attribution for Vil Brekin and some code style cleanups.

12 years agoAndroid cross-compilation instructions.
Vilbrekin [Sat, 25 Aug 2012 18:32:38 +0000 (20:32 +0200)]
Android cross-compilation instructions.

12 years agoUse __ANDROID__ define rather than dirty hard-code to allow android NDK cross-compila...
Vilbrekin [Sat, 25 Aug 2012 18:01:11 +0000 (20:01 +0200)]
Use __ANDROID__ define rather than dirty hard-code to allow android NDK cross-compilation.

12 years agoAdd basic .gitignore file, cleaning (most) files generated by autotools.
Vilbrekin [Sat, 25 Aug 2012 17:59:26 +0000 (19:59 +0200)]
Add basic .gitignore file, cleaning (most) files generated by autotools.

12 years agoReplace hard-code with new ScriptsInterpreter configuration property.
Vilbrekin [Sat, 25 Aug 2012 17:14:00 +0000 (19:14 +0200)]
Replace hard-code with new ScriptsInterpreter configuration property.

This new setting allows choosing a custom script interpreter used for the various tinc callbacks.
If none is specified, the script itself is called as executable (as before).
This is particularly useful when storing tinc configuration and script on a mount point with no-exec attribute.

12 years agoBasic patch for android cross-compilation.
Vilbrekin [Wed, 22 Aug 2012 08:46:24 +0000 (10:46 +0200)]
Basic patch for android cross-compilation.

Commented non-existing functions in android NDK.
Prefix scripts execution with shell binary to allow execution on no-exec mount points.
Everyything is currently hard coded, while it should use pre-compiler variables...

12 years agoAlso clarify hostnames=[yes|no] in tinc.conf(5).
Guus Sliepen [Fri, 27 Jul 2012 20:43:01 +0000 (22:43 +0200)]
Also clarify hostnames=[yes|no] in tinc.conf(5).

12 years agoMinor clarification, tinc.conf hostnames=[yes|no] variable only resolves names for...
Mesar Hameed [Tue, 24 Jul 2012 06:18:50 +0000 (07:18 +0100)]
Minor clarification, tinc.conf hostnames=[yes|no] variable only resolves names for logging purposes.

12 years agoUpdate THANKS file.
Guus Sliepen [Thu, 12 Jul 2012 09:32:08 +0000 (11:32 +0200)]
Update THANKS file.

12 years agoDocument how to load the tap driver on FreeBSD.
Guus Sliepen [Thu, 12 Jul 2012 09:30:56 +0000 (11:30 +0200)]
Document how to load the tap driver on FreeBSD.

12 years agoUse /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch.
Guus Sliepen [Thu, 12 Jul 2012 09:25:11 +0000 (11:25 +0200)]
Use /dev/tap0 by default on FreeBSD and NetBSD when using Mode = switch.

12 years agoReleasing 1.0.19. release-1.0.19
Guus Sliepen [Mon, 25 Jun 2012 17:45:51 +0000 (19:45 +0200)]
Releasing 1.0.19.

12 years agoFix crash when using Broadcast = direct.
Guus Sliepen [Mon, 25 Jun 2012 17:03:54 +0000 (19:03 +0200)]
Fix crash when using Broadcast = direct.

12 years agoFix compiler warnings.
Guus Sliepen [Mon, 25 Jun 2012 17:01:51 +0000 (19:01 +0200)]
Fix compiler warnings.

12 years ago#include <winsock2.h> on Windows.
Guus Sliepen [Mon, 25 Jun 2012 13:01:42 +0000 (15:01 +0200)]
#include <winsock2.h> on Windows.

MinGW complained about it not being included.

12 years agoSmall fixes in proxy code.
Guus Sliepen [Mon, 25 Jun 2012 13:00:24 +0000 (15:00 +0200)]
Small fixes in proxy code.

12 years agoadd (errnum) in front of windows error messages
Michael Tokarev [Fri, 4 May 2012 12:41:47 +0000 (16:41 +0400)]
add (errnum) in front of windows error messages

On localized, non-English versions of windows, it is
common to have two active charsets -- for console applications
and for GUI applications, together with localized error messages
returned by windows.  But two charsets are rarely compatible,
so sending the same byte sequence to console and to windows
event log makes one or another to be unreadable.  So at least
include the error number, this way it will be possible to
lookup the actual error test using external ways.

Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
12 years agoDocument new proxy types.
Guus Sliepen [Thu, 19 Apr 2012 13:56:08 +0000 (15:56 +0200)]
Document new proxy types.

12 years agoAdd support for proxying through an external command.
Guus Sliepen [Thu, 19 Apr 2012 13:18:31 +0000 (15:18 +0200)]
Add support for proxying through an external command.

Proxy type "exec" can be used to have an external script or binary set
up an outgoing connection. Standard input and output will be used to
exchange data with the external command. The variables REMOTEADDRESS and
REMOTEPORT are set to the intended destination address and port.

12 years agoAdd support for SOCKS 5 proxies.
Guus Sliepen [Thu, 19 Apr 2012 12:10:54 +0000 (14:10 +0200)]
Add support for SOCKS 5 proxies.

This only covers outgoing TCP connections, and supports only
username/password authentication or no authentication.

12 years agoAdd basic support for SOCKS 4 and HTTP CONNECT proxies.
Guus Sliepen [Wed, 18 Apr 2012 21:19:40 +0000 (23:19 +0200)]
Add basic support for SOCKS 4 and HTTP CONNECT proxies.

When the Proxy option is used, outgoing connections will be made via the
specified proxy. There is no support for authentication methods or for having
the proxy forward incoming connections, and there is no attempt to proxy UDP.

12 years agoAllow broadcast packets to be sent directly instead of via the MST.
Guus Sliepen [Sun, 15 Apr 2012 23:57:25 +0000 (01:57 +0200)]
Allow broadcast packets to be sent directly instead of via the MST.

When the "Broadcast = direct" option is used, broadcast packets are not sent
and forwarded via the Minimum Spanning Tree to all nodes, but are sent directly
to all nodes that can be reached in one hop.

One use for this is to allow running ad-hoc routing protocols, such as OLSR, on
top of tinc.

12 years agoAllow environment variables to be used for Name.
Guus Sliepen [Thu, 29 Mar 2012 15:45:25 +0000 (16:45 +0100)]
Allow environment variables to be used for Name.

When the Name starts with a $, the rest will be interpreted as the name of an
environment variable containing the real Name. When Name is $HOST, but this
environment variable does not exist, gethostname() will be used to set the
Name. In both cases, illegal characters will be converted to underscores.

12 years agoAdd support for systemd style socket activation.
Guus Sliepen [Mon, 26 Mar 2012 13:46:09 +0000 (14:46 +0100)]
Add support for systemd style socket activation.

If the LISTEN_FDS environment variable is set and tinc is run in the
foreground, tinc will use filedescriptors 3 to 3 + LISTEN_FDS for its listening
TCP sockets. For now, tinc will create matching listening UDP sockets itself.

There is no dependency on systemd or on libsystemd-daemon.

12 years agoRemove newline from log message.
Guus Sliepen [Mon, 26 Mar 2012 13:45:20 +0000 (14:45 +0100)]
Remove newline from log message.

12 years agoconfigure.in: fix AC_ARG_ENABLE and AC_ARG_WITH
Anthony G. Basile [Mon, 26 Mar 2012 10:29:40 +0000 (06:29 -0400)]
configure.in: fix AC_ARG_ENABLE and AC_ARG_WITH

The current configure.in file does not correctly make use of these
macros.  The resulting configure file will therefore enable an item
even if --disable-FEATURE is given.  This patch restores the intended
behavior.

12 years agoSupport :: in IPv6 Subnets.
Guus Sliepen [Sun, 25 Mar 2012 21:54:36 +0000 (22:54 +0100)]
Support :: in IPv6 Subnets.

12 years agoReleasing 1.0.18. release-1.0.18
Guus Sliepen [Sun, 25 Mar 2012 14:32:26 +0000 (15:32 +0100)]
Releasing 1.0.18.

12 years agoMark DecrementTTL option experimental.
Guus Sliepen [Sun, 25 Mar 2012 14:30:58 +0000 (15:30 +0100)]
Mark DecrementTTL option experimental.

12 years agoFix return type of vde_recv() as well.
Guus Sliepen [Sun, 25 Mar 2012 14:17:50 +0000 (15:17 +0100)]
Fix return type of vde_recv() as well.

In this case it is not really necessary as the conversion to int will already
take care of ensuring the return value is treated as signed.

12 years agoDocument OpenBSD "ifconfig link0" and Linux "ip tuntap" commands.
Guus Sliepen [Sun, 25 Mar 2012 13:55:56 +0000 (14:55 +0100)]
Document OpenBSD "ifconfig link0" and Linux "ip tuntap" commands.

12 years agoFix some more compiler warnings.
Guus Sliepen [Sun, 25 Mar 2012 13:46:50 +0000 (14:46 +0100)]
Fix some more compiler warnings.

12 years agoFix return value type of vde_send().
Guus Sliepen [Sun, 25 Mar 2012 13:00:21 +0000 (14:00 +0100)]
Fix return value type of vde_send().

The libvdeplug_dyn.h header file incorrectly declares the return type of
vde_send() to size_t, while in reality it is ssize_t.

12 years agoFix compiler warnings.
Guus Sliepen [Sun, 25 Mar 2012 12:58:14 +0000 (13:58 +0100)]
Fix compiler warnings.

12 years agoAllow scoped addresses to be used for IPv6 multicast socket.
Guus Sliepen [Sun, 25 Mar 2012 12:42:10 +0000 (13:42 +0100)]
Allow scoped addresses to be used for IPv6 multicast socket.

12 years agoAdd #ifdefs in case not all platforms support IPv4 and IPv6 multicast.
Guus Sliepen [Sun, 25 Mar 2012 12:40:55 +0000 (13:40 +0100)]
Add #ifdefs in case not all platforms support IPv4 and IPv6 multicast.

12 years agoSet default value of DecrementTTL to "no".
Guus Sliepen [Fri, 23 Mar 2012 12:18:36 +0000 (13:18 +0100)]
Set default value of DecrementTTL to "no".

Decrementing the TTL causes IPv6 to fail when Mode = switch, and there may be
other unforeseen side-effects.

12 years agoAdd support for multicast communication with UML/QEMU/KVM.
Guus Sliepen [Wed, 21 Mar 2012 16:00:53 +0000 (17:00 +0100)]
Add support for multicast communication with UML/QEMU/KVM.

DeviceType = multicast allows one to specify a multicast address and port with
a Device statement. Tinc will then read/send packets to that multicast group
instead of to a tun/tap device. This allows interaction with UML, QEMU and KVM
instances that are listening on the same group.

12 years agoAllow a port to be specified in BindToAddress statements.
Guus Sliepen [Wed, 21 Mar 2012 12:20:15 +0000 (13:20 +0100)]
Allow a port to be specified in BindToAddress statements.

This can be used to let tinc listen on multiple ports for incoming connections.

12 years agoAlways try next Address when an outgoing connection fails to authenticate.
Guus Sliepen [Tue, 20 Mar 2012 22:49:16 +0000 (23:49 +0100)]
Always try next Address when an outgoing connection fails to authenticate.

When making outgoing connections, tinc goes through the list of Addresses and
tries all of them until one succeeds. However, before it would consider
establishing a TCP connection a success, even when the authentication failed.
This would be a problem if the first Address would point to a hostname and port
combination that belongs to the wrong tinc node, or perhaps even to a non-tinc
service, causing tinc to endlessly try this Address instead of moving to the
next one.

Problem found by Delf Eldkraft.

12 years agoReleasing 1.0.17. release-1.0.17
Guus Sliepen [Sat, 10 Mar 2012 12:31:36 +0000 (13:31 +0100)]
Releasing 1.0.17.

12 years agoUpdate copyright notices.
Guus Sliepen [Sat, 10 Mar 2012 12:23:08 +0000 (13:23 +0100)]
Update copyright notices.

12 years agoMake sure disabling old RSA keys works on Windows.
Guus Sliepen [Thu, 8 Mar 2012 22:23:39 +0000 (23:23 +0100)]
Make sure disabling old RSA keys works on Windows.

Seeking in files and rewriting parts of them does not seem to work properly on
Windows. Instead, when old RSA keys are found when generating new ones, the
file containing the old keys is copied to a temporary file where the changes
are made, and that file is renamed back to the original filename. On Windows,
we cannot atomically replace files with a rename(), so we need to move the
original file out of the way first. If anything fails, the new code will warn
that the user has to solve the problem by hand.

12 years agoAdd missing ICMP6 message type definitions.
Guus Sliepen [Thu, 8 Mar 2012 21:19:20 +0000 (22:19 +0100)]
Add missing ICMP6 message type definitions.

12 years agoAccept Subnets passed with the -o option when StrictSubnets = yes.
Guus Sliepen [Wed, 7 Mar 2012 09:40:06 +0000 (10:40 +0100)]
Accept Subnets passed with the -o option when StrictSubnets = yes.

12 years agoOnly log errors sending UDP packets when debug level >= 5.
Guus Sliepen [Fri, 2 Mar 2012 15:09:58 +0000 (16:09 +0100)]
Only log errors sending UDP packets when debug level >= 5.

Since tinc will fall back to TCP or route via another node, it is not necessary
to log such errors unconditionally.

12 years agoOnly use broadcast at the start of the PMTU discovery phase.
Guus Sliepen [Sun, 26 Feb 2012 15:23:02 +0000 (16:23 +0100)]
Only use broadcast at the start of the PMTU discovery phase.

For local peer discovery, only a handful of packets are necessary for
peers to detect each other.

12 years agoStricter checks against routing loops.
Guus Sliepen [Sat, 25 Feb 2012 21:11:30 +0000 (22:11 +0100)]
Stricter checks against routing loops.

If a packet that had to be sent via an intermediate hop, and that intermediate
hop was the one that sent the packet, we drop it.

12 years agoDon't send ICMP Time Exceeded messages for other Time Exceeded messages.
Guus Sliepen [Sat, 25 Feb 2012 20:46:18 +0000 (21:46 +0100)]
Don't send ICMP Time Exceeded messages for other Time Exceeded messages.

That would be silly.

12 years agoAdd LocalDiscovery option which tries to detect peers on the local network.
Guus Sliepen [Wed, 22 Feb 2012 22:17:43 +0000 (23:17 +0100)]
Add LocalDiscovery option which tries to detect peers on the local network.

Currently, this is implemented by sending IPv4 broadcast packets to the
LAN during path MTU discovery.

12 years agoPass index into listen_socket[] to handle_incoming_vpn_data().
Guus Sliepen [Wed, 22 Feb 2012 13:37:56 +0000 (14:37 +0100)]
Pass index into listen_socket[] to handle_incoming_vpn_data().

12 years agoAdd missing ICMP message type definitions.
Nick Hibma [Tue, 21 Feb 2012 14:26:58 +0000 (15:26 +0100)]
Add missing ICMP message type definitions.

12 years agoFix check for raw socket support.
Guus Sliepen [Tue, 21 Feb 2012 13:06:55 +0000 (14:06 +0100)]
Fix check for raw socket support.

Also, move some variables so there are no compiler warnings about unused
variables when there is no support for raw sockets.

12 years agoFix a bug that caused tinc to ignore all but the last listening socket.
Guus Sliepen [Tue, 21 Feb 2012 12:31:21 +0000 (13:31 +0100)]
Fix a bug that caused tinc to ignore all but the last listening socket.

12 years agoDocument the command line flag -o and provide --option as well.
Guus Sliepen [Tue, 21 Feb 2012 12:13:40 +0000 (13:13 +0100)]
Document the command line flag -o and provide --option as well.

12 years agoMove initialization of char *priority up to prevent freeing an uninitialized pointer.
Guus Sliepen [Tue, 21 Feb 2012 10:39:21 +0000 (11:39 +0100)]
Move initialization of char *priority up to prevent freeing an uninitialized pointer.

12 years agoAllow disabling of broadcast packets.
Guus Sliepen [Mon, 20 Feb 2012 16:19:00 +0000 (17:19 +0100)]
Allow disabling of broadcast packets.

The Broadcast option can be used to cause tinc to drop all broadcast and
multicast packets. This option might be expanded in the future to selectively
allow only some broadcast packet types.

12 years agoRename connection_t *broadcast to everyone.
Guus Sliepen [Mon, 20 Feb 2012 16:12:48 +0000 (17:12 +0100)]
Rename connection_t *broadcast to everyone.

12 years agoDon't bind outgoing TCP sockets anymore.
Guus Sliepen [Mon, 20 Feb 2012 15:52:53 +0000 (16:52 +0100)]
Don't bind outgoing TCP sockets anymore.

The code introduced in commit 41a05f59ba2c3eb5caab555f096ed1b9fbe69ee3 is not
needed anymore, since tinc has been able to handle UDP packets from a different
source address than those of the TCP packets since 1.0.10.  When using multiple
BindToAddress statements, this code does not make sense anymore, we do want the
kernel to choose the source address on its own.

12 years agoDecrement TTL of incoming packets.
Guus Sliepen [Mon, 20 Feb 2012 15:34:02 +0000 (16:34 +0100)]
Decrement TTL of incoming packets.

Tinc will now, by default, decrement the TTL field of incoming IPv4 and IPv6
packets, before forwarding them to the virtual network device or to another
node. Packets with a TTL value of zero will be dropped, and an ICMP Time
Exceeded message will be sent back.

This behaviour can be disabled using the DecrementTTL option.

12 years agoOnly compile raw socket code when it is supported on that platform.
Guus Sliepen [Mon, 20 Feb 2012 14:44:52 +0000 (15:44 +0100)]
Only compile raw socket code when it is supported on that platform.

12 years agoMerge branch 'master' of black:tinc
Guus Sliepen [Sat, 18 Feb 2012 13:31:08 +0000 (14:31 +0100)]
Merge branch 'master' of black:tinc

12 years agoAllow setting DeviceType to tun or tap on Linux.
Guus Sliepen [Sat, 18 Feb 2012 13:37:52 +0000 (14:37 +0100)]
Allow setting DeviceType to tun or tap on Linux.

12 years agoSend packets back using the same socket as they were received on.
Guus Sliepen [Sat, 18 Feb 2012 10:48:21 +0000 (11:48 +0100)]
Send packets back using the same socket as they were received on.

12 years agoMerge branch 'master' of black:tinc
Guus Sliepen [Sat, 18 Feb 2012 10:43:00 +0000 (11:43 +0100)]
Merge branch 'master' of black:tinc

12 years agoAllow multiple BindToAddress statements.
Guus Sliepen [Fri, 17 Feb 2012 15:25:00 +0000 (16:25 +0100)]
Allow multiple BindToAddress statements.

12 years agoSet FD_CLOEXEC flag on all sockets.
Guus Sliepen [Fri, 17 Feb 2012 15:13:38 +0000 (16:13 +0100)]
Set FD_CLOEXEC flag on all sockets.

Scripts called by tinc would inherit its open filedescriptors. This could
be a problem if other long-running daemons are started from those scripts,
if those daemons would not close all filedescriptors before going into the
background.

Problem found and solution suggested by Nick Hibma.

12 years agoAllow linking with multiple device drivers.
Guus Sliepen [Sun, 4 Dec 2011 00:20:59 +0000 (01:20 +0100)]
Allow linking with multiple device drivers.

Apart from the platform specific tun/tap driver, link with the dummy and
raw_socket devices, and optionally with support for UML and VDE devices.
At runtime, the DeviceType option can be used to select which driver to
use.

12 years agoFix a few small memory leaks.
Guus Sliepen [Sat, 3 Dec 2011 20:59:47 +0000 (21:59 +0100)]
Fix a few small memory leaks.

13 years agoAdd vde/device.c to the tarball.
Guus Sliepen [Sun, 27 Nov 2011 11:13:16 +0000 (12:13 +0100)]
Add vde/device.c to the tarball.

13 years agoFix compilation of VDE and UML interfaces.
Guus Sliepen [Sun, 27 Nov 2011 11:12:34 +0000 (12:12 +0100)]
Fix compilation of VDE and UML interfaces.

13 years agoReturn false instead of void when there is an error.
Guus Sliepen [Tue, 30 Aug 2011 18:49:48 +0000 (20:49 +0200)]
Return false instead of void when there is an error.

13 years agoPrevent read_rsa_public_key() from returning an uninitialized RSA structure.
Guus Sliepen [Tue, 30 Aug 2011 17:56:56 +0000 (19:56 +0200)]
Prevent read_rsa_public_key() from returning an uninitialized RSA structure.

In case the config file could not be opened a new but unitialized RSA structure
would be returned, causing a segmentation fault later on. This would only
happen in the case that the config file could be opened before, but not when
read_rsa_public_key() was called. This situation could occur when the --user
option was used, and the config files were not readable by the specified user.

13 years agoReleasing 1.0.16. release-1.0.16
Guus Sliepen [Sat, 23 Jul 2011 12:12:23 +0000 (14:12 +0200)]
Releasing 1.0.16.

13 years agoUse usleep() instead of sleep(), MinGW complained.
Guus Sliepen [Sat, 23 Jul 2011 12:11:44 +0000 (14:11 +0200)]
Use usleep() instead of sleep(), MinGW complained.

13 years agoFlush output buffer in send_tcppacket().
Guus Sliepen [Sun, 17 Jul 2011 17:34:01 +0000 (19:34 +0200)]
Flush output buffer in send_tcppacket().

This is mainly important for Windows, where the select() call in the
main thread is not being woken up when the tapreader thread calls
route(), causing a delay of up to 1 second before the output buffer is
flushed. This would cause bad performance when UDP communication is not
possible.

13 years agoMake code to detect two nodes with the same Name less triggerhappy.
Guus Sliepen [Sat, 16 Jul 2011 08:47:35 +0000 (10:47 +0200)]
Make code to detect two nodes with the same Name less triggerhappy.

First of all, if there really are two nodes with the same name, much
more than 10 contradicting ADD_EDGE and DEL_EDGE messages will be sent.
Also, we forgot to reset the counters when nothing happened.

In case there is a ADD_EDGE/DEL_EDGE storm, we do not shut down, but
sleep an increasing amount of time, allowing tinc to recover gracefully
from temporary failures.

13 years agoReleasing 1.0.15. release-1.0.15
Guus Sliepen [Fri, 24 Jun 2011 12:50:20 +0000 (14:50 +0200)]
Releasing 1.0.15.

13 years agoRemove redundant @CFLAGS@ from AM_CFLAGS.
Guus Sliepen [Fri, 24 Jun 2011 10:27:04 +0000 (12:27 +0200)]
Remove redundant @CFLAGS@ from AM_CFLAGS.

13 years agoImproved --logfile option.
Guus Sliepen [Mon, 6 Jun 2011 14:26:11 +0000 (16:26 +0200)]
Improved --logfile option.

Instead of UNIX time, the log messages now start with the time in RFC3339
format, which human-readable and still easy for the computer to parse and sort.
The HUP signal will also cause the log file to be closed and reopened, which is
useful when log rotation is used. If there is an error while opening the log
file, this is logged to stderr.

13 years agoAttribution for Loïc Grenié.
Guus Sliepen [Sat, 4 Jun 2011 09:27:54 +0000 (11:27 +0200)]
Attribution for Loïc Grenié.

13 years agoNearly tickless tinc.
Loïc Grenié [Sat, 4 Jun 2011 07:05:23 +0000 (09:05 +0200)]
Nearly tickless tinc.

Use pselect instead of select in main_loop (if available). This lets
tincd sleeps as long as there is nothing to do.

13 years agoRemove a few unnecessary #includes.
Guus Sliepen [Sat, 28 May 2011 21:46:56 +0000 (23:46 +0200)]
Remove a few unnecessary #includes.

Some spotted by Michael Tokarev.

13 years agoRemove newlines from log messages.
Guus Sliepen [Sat, 28 May 2011 21:42:18 +0000 (23:42 +0200)]
Remove newlines from log messages.

13 years agoFix sparse warnings and add an extra sprinkling of const.
Guus Sliepen [Sat, 28 May 2011 21:36:52 +0000 (23:36 +0200)]
Fix sparse warnings and add an extra sprinkling of const.

This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1
branch.

13 years agoMake return value of SetPriorityClass() behave the same as setpriority().
Guus Sliepen [Sun, 22 May 2011 13:56:04 +0000 (15:56 +0200)]
Make return value of SetPriorityClass() behave the same as setpriority().

13 years agoReorder checks for libraries to allow ./configure LDFLAGS=-static.
Guus Sliepen [Fri, 13 May 2011 10:37:26 +0000 (12:37 +0200)]
Reorder checks for libraries to allow ./configure LDFLAGS=-static.

OpenSSL depends on libdl and libz. When linking dynamically, libcrypto will
automatically link with the other two libraries.  However, when linking
statically, these libraries need to be specified explicitly while linking.  By
moving the autoconf checks for libdl and libz before those for libcrypto, we
ensure the latter test will be done with the proper libraries.

13 years agoReleasing 1.0.14. release-1.0.14
Guus Sliepen [Sun, 8 May 2011 21:17:46 +0000 (23:17 +0200)]
Releasing 1.0.14.

13 years agoInclude <inttypes.h> when using intptr_t.
Guus Sliepen [Sun, 8 May 2011 21:12:44 +0000 (23:12 +0200)]
Include <inttypes.h> when using intptr_t.

13 years agoEnsure proper linking with OpenSSL with recent versions of MinGW.
Guus Sliepen [Sun, 8 May 2011 21:12:06 +0000 (23:12 +0200)]
Ensure proper linking with OpenSSL with recent versions of MinGW.

13 years agoUpdate THANKS and copyright information.
Guus Sliepen [Sun, 8 May 2011 19:22:20 +0000 (21:22 +0200)]
Update THANKS and copyright information.

13 years agoCheck for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL.
Guus Sliepen [Sun, 8 May 2011 19:06:06 +0000 (21:06 +0200)]
Check for EVP_EncryptInit_ex instead of SHA1_Version in OpenSSL.

The latter function disappeared, and wasn't actually used in tinc, so now we
check on a function that we do use.

13 years agoAlways use the default signal handler for ABRT signals.
Guus Sliepen [Sun, 8 May 2011 10:40:44 +0000 (12:40 +0200)]
Always use the default signal handler for ABRT signals.

This will allow coredumps to be generated when tinc is daemonized.
Also add the -kABRT option.

13 years agoIncrease threshold for detecting two nodes with the same Name.
Guus Sliepen [Sun, 8 May 2011 10:16:26 +0000 (12:16 +0200)]
Increase threshold for detecting two nodes with the same Name.

In commit 4a21aabada23d1d2c8a10f54dd7248171c4ec82f, code was added to detect
contradicting ADD_EDGE and DEL_EDGE messages being sent, which is an indication
of two nodes with the same Name connected to the same VPN.  However, these
contradictory messages can also happen when there is a network partitioning. In
the former case a loop happens which causes many contradictory message, while
in the latter case only a few of those messages will be sent. So, now we
increase the threshold to at least 10 of both ADD_EDGE and DEL_EDGE messages.

13 years agoFix command-line '-o' option for host configuration
Julien Muchembled [Thu, 28 Apr 2011 11:21:55 +0000 (13:21 +0200)]
Fix command-line '-o' option for host configuration

This fixes a regression introduced by commit 667b1ba while refactoring option
parsing code.

13 years agoDo not set indirect flag on edges from nodes with multiple addresses.
Guus Sliepen [Wed, 9 Mar 2011 08:34:56 +0000 (09:34 +0100)]
Do not set indirect flag on edges from nodes with multiple addresses.

Since tinc now handles UDP packets with a different source address and port
than used for TCP connections, the heuristic to treat edges as indirect when
tinc could detect that multiple addresses were used does not make sense
anymore, and can actually reduce performance.

13 years agoPrevent anything from updating our own UDP address.
Guus Sliepen [Fri, 18 Feb 2011 22:11:43 +0000 (23:11 +0100)]
Prevent anything from updating our own UDP address.

Because we don't want to keep track of that, and this will cause the node
structure from being relinked into the node tree, which results in myself
pointing to an invalid address.

13 years agoFix spurious misidentification of incoming UDP packets.
Guus Sliepen [Fri, 18 Feb 2011 22:02:11 +0000 (23:02 +0100)]
Fix spurious misidentification of incoming UDP packets.

When a UDP packet was received with an unknown source address/port, and if it
failed a HMAC check against known keys, it could still incorrectly assign that
UDP address to another node. This would temporarily cause outgoing UDP packets
to go to the wrong destination address, until packets from the correct address
were received again.

13 years agoDragonFlyBSD support
Rumko [Sat, 12 Feb 2011 17:22:14 +0000 (18:22 +0100)]
DragonFlyBSD support

* added DragonFly BSD support
* added a check for sys/resource.h (needed on DragonFly)

13 years agoAdd support for VDE through libvdeplug.
Guus Sliepen [Mon, 7 Feb 2011 17:34:55 +0000 (18:34 +0100)]
Add support for VDE through libvdeplug.

When compiled with vde/device.c, tinc will connect to a vde_switch instance
instead of using a tun/tap device.