tinc
3 years agoAdd tests to cover some of the fixed leaks.
Kirill Isakov [Fri, 23 Jul 2021 12:41:51 +0000 (18:41 +0600)]
Add tests to cover some of the fixed leaks.

3 years agoFix memory leaks triggered by integration tests.
Kirill Isakov [Fri, 23 Jul 2021 12:11:27 +0000 (18:11 +0600)]
Fix memory leaks triggered by integration tests.

Found by AddressSanitizer and Valgrind.

3 years agoFix a few memory leaks at exit time.
Guus Sliepen [Wed, 21 Jul 2021 10:35:09 +0000 (12:35 +0200)]
Fix a few memory leaks at exit time.

Found by Valgrind.

3 years agoAvoid unhelpful warnings about UDP buffer sizes.
Guus Sliepen [Wed, 21 Jul 2021 10:15:59 +0000 (12:15 +0200)]
Avoid unhelpful warnings about UDP buffer sizes.

Don't log a warning if we never explicitly configured the
SO_RCVBUF/SO_SNDBUF sizes, and don't warn if the system allocates a
larger buffer than the one requested, as at least on Linux, it will
always double the requested size unless you hit the maximum. With this
change, we only warn when we explicitly request a buffer size and the
system allocated a smaller one.

3 years agoDon't call OPENSSL_cleanup().
Guus Sliepen [Wed, 21 Jul 2021 09:54:34 +0000 (11:54 +0200)]
Don't call OPENSSL_cleanup().

Some versions of LibreSSL don't have this function, even if they support
the rest of the OpenSSL 1.1 API. It also doesn't seem to affect the
output of Valgrind, so it looks like it's not necessary at all.

3 years agoCall ENGINE_load_builtin_engines().
Guus Sliepen [Tue, 20 Jul 2021 22:04:08 +0000 (00:04 +0200)]
Call ENGINE_load_builtin_engines().

As suggested by Rosen Penev, use ENGINE_load_builtin_engines() to ensure
the AFALG engines get loaded as well. We apparently also don't need to
call OPENSSL_init_crypto() ourself.

3 years agoCI: Fix installation of OpenSSL on CentOS and AlmaLinux.
Guus Sliepen [Tue, 20 Jul 2021 22:01:06 +0000 (00:01 +0200)]
CI: Fix installation of OpenSSL on CentOS and AlmaLinux.

3 years agoCI: Install and use OpenSSL 1.1 on CentOS 7.
Guus Sliepen [Tue, 20 Jul 2021 21:55:35 +0000 (23:55 +0200)]
CI: Install and use OpenSSL 1.1 on CentOS 7.

3 years agoInstall OpenSSL 1.1 in the CentOS 7 test environment.
Guus Sliepen [Tue, 20 Jul 2021 20:55:56 +0000 (22:55 +0200)]
Install OpenSSL 1.1 in the CentOS 7 test environment.

3 years agoMake tinc --batch --force join enable the tinc-up script.
Guus Sliepen [Tue, 20 Jul 2021 20:23:52 +0000 (22:23 +0200)]
Make tinc --batch --force join enable the tinc-up script.

The expected behavior of --batch --force is that all parameters in the
invitation are accepted, whether unsafe or not. Unsafe variables were
already accepted with --force in commit 061362d2f, this commit ensures
the generated tinc-up script is enabled as well.

Fixes #196 on GitHub.

3 years agoRequire OpenSSL 1.1.0 or later.
Guus Sliepen [Tue, 20 Jul 2021 20:10:56 +0000 (22:10 +0200)]
Require OpenSSL 1.1.0 or later.

This gets rid of some backwards compatibility code, and avoids calling
deprecated OpenSSL functions.

Fixes #244 on GitHub.

3 years agoAvoid trying to send an ANS_KEY request to unreachable nodes.
Guus Sliepen [Tue, 20 Jul 2021 19:14:23 +0000 (21:14 +0200)]
Avoid trying to send an ANS_KEY request to unreachable nodes.

We could have a REQ_KEY coming from a node that is not reachable; either
because DEL_EDGEs have overtaken the REQ_KEY, or perhaps if TunnelServer
is used and some nodes have a different view of reachability.

This might fix GitHub issue #247.

3 years agoSlightly better RNG seed for tincctl.
Guus Sliepen [Tue, 20 Jul 2021 18:31:49 +0000 (20:31 +0200)]
Slightly better RNG seed for tincctl.

This prevents the Port from being the same when initializing multiple
instances of tinc in a short timespan.

3 years agoAdd compression.test
Kirill Isakov [Tue, 20 Jul 2021 12:00:49 +0000 (18:00 +0600)]
Add compression.test

3 years agoAdd cleanup hook for integration tests
Kirill Isakov [Tue, 20 Jul 2021 12:00:05 +0000 (18:00 +0600)]
Add cleanup hook for integration tests

3 years agoList supported features in tinc/tincd --version
Kirill Isakov [Tue, 20 Jul 2021 08:49:46 +0000 (14:49 +0600)]
List supported features in tinc/tincd --version

3 years agoLZ4: try system library first, fallback to builtin
Kirill Isakov [Tue, 20 Jul 2021 07:29:31 +0000 (13:29 +0600)]
LZ4: try system library first, fallback to builtin

3 years agoAdd LZ4 compression support
Darik Horn [Tue, 20 Jul 2021 04:29:39 +0000 (10:29 +0600)]
Add LZ4 compression support

3 years agoVendor LZ4 source
Kirill Isakov [Sat, 17 Jul 2021 16:50:10 +0000 (22:50 +0600)]
Vendor LZ4 source

3 years ago.gitignore temporary files (configure~, etc)
Kirill Isakov [Tue, 20 Jul 2021 07:23:54 +0000 (13:23 +0600)]
.gitignore temporary files (configure~, etc)

3 years agosr.ht CI: add liblz4
Kirill Isakov [Tue, 20 Jul 2021 15:21:13 +0000 (21:21 +0600)]
sr.ht CI: add liblz4

Needed for testing LZ4 compression support when using the system
library.

3 years agoSome cleanups in GitHub Actions CI
Kirill Isakov [Mon, 19 Jul 2021 19:03:06 +0000 (01:03 +0600)]
Some cleanups in GitHub Actions CI

  - run tests on more Linux distributions
  - add test runs with clang sanitizers (TSAN / UBSAN for now)
  - check code formatting only once
  - check test scripts formatting (shfmt)
  - static analysis for test scripts (shellcheck)
  - save more test logs and other debug info
  - add missing pieces to Ubuntu packages
  - test .debs on clean machine before publishing
  - git clone full history for changelog generation
  - support old versions of git on Linux
  - rename some steps

3 years agotest/splice.c: reformat with astyle
Kirill Isakov [Sat, 3 Jul 2021 15:22:39 +0000 (21:22 +0600)]
test/splice.c: reformat with astyle

3 years agoCheck that UNIX socket filenames are not too long.
Guus Sliepen [Tue, 20 Jul 2021 13:57:37 +0000 (15:57 +0200)]
Check that UNIX socket filenames are not too long.

UNIX socket filenames must fit in a struct sockaddr_un, and typically this
only has about 100 bytes of storage. This is perfectly fine for normal use
of tinc, but this caused failures when running make distcheck, which ends
up creating a rather deep directory structure. With this commit, at least
a proper error message is printed instead of silently truncating the
filename.

3 years agoFix running the test suite in out-of-tree builds.
Guus Sliepen [Tue, 20 Jul 2021 12:15:41 +0000 (14:15 +0200)]
Fix running the test suite in out-of-tree builds.

3 years agoRewrite the test suite for better compat and stability
Kirill Isakov [Mon, 19 Jul 2021 08:32:13 +0000 (14:32 +0600)]
Rewrite the test suite for better compat and stability

Keeps all of the previous checks, but uses tinc scripts
instead of sleep(1) delays.

Improves and/or adds compatibility with:
  - Windows (Msys2);
  - FreeBSD;
  - NetBSD;
  - OpenBSD.

3 years agoAllow running sptps_test on Windows
Kirill Isakov [Sat, 17 Jul 2021 12:17:11 +0000 (18:17 +0600)]
Allow running sptps_test on Windows

On Windows, you're not supposed to call select() on anything except
proper BSD sockets, so we can't reuse the same select() loop that's been
working fine on every other operating system.

This is a hack which reads stdin in a separate thread and pushes data to
the main through a TCP socket, which can then be used with select() instead
of reading stdin directly.

3 years agoBail out of logging early.
Mathew Heard [Tue, 29 Jun 2021 00:24:00 +0000 (10:24 +1000)]
Bail out of logging early.

Low hanging fruit, 2% of perf trace.

3 years agoci: run for all branches
Mathew Heard [Mon, 12 Jul 2021 01:39:31 +0000 (11:39 +1000)]
ci: run for all branches

(cherry picked from commit 5666f0d99e3698bf4b50d243151cb1a445bb81ea)

3 years agosrc/getopt.h: add missing header guard
Kirill Isakov [Mon, 12 Jul 2021 10:48:58 +0000 (16:48 +0600)]
src/getopt.h: add missing header guard

(cherry picked from commit c97370e5714389ef44cd5682c0916fcc8daddeff)

3 years agoFix overrun in prf() if hmac size not divisible into key size
Mathew Heard [Mon, 12 Jul 2021 02:53:45 +0000 (12:53 +1000)]
Fix overrun in prf() if hmac size not divisible into key size

Not seen only due to chacha having a 64byte key and a 64byte HMAC (SHA512) being used

3 years agoCI: add support for FreeBSD/NetBSD/OpenBSD through sourcehut
Kirill Isakov [Sat, 10 Jul 2021 15:11:27 +0000 (21:11 +0600)]
CI: add support for FreeBSD/NetBSD/OpenBSD through sourcehut

3 years agosrc/tincctl.c: inverse exit code for 'tinc stop' on Windows
Kirill Isakov [Sat, 10 Jul 2021 11:13:34 +0000 (17:13 +0600)]
src/tincctl.c: inverse exit code for 'tinc stop' on Windows

On Windows, the `tinc stop` command returned 1 on success and 0 on
failure, which is the opposite of what happens everywhere else.

3 years agoinvitation.c: fix socket error checking on Windows
Kirill Isakov [Mon, 5 Jul 2021 04:37:04 +0000 (10:37 +0600)]
invitation.c: fix socket error checking on Windows

3 years agoUpdate THANKS.
Guus Sliepen [Fri, 2 Jul 2021 14:55:52 +0000 (16:55 +0200)]
Update THANKS.

3 years agoAdd a SECURITY.md file describing our security policy.
Guus Sliepen [Fri, 2 Jul 2021 14:55:43 +0000 (16:55 +0200)]
Add a SECURITY.md file describing our security policy.

3 years agoRun tests on pushes and pull requests
Kirill Isakov [Fri, 2 Jul 2021 13:38:07 +0000 (19:38 +0600)]
Run tests on pushes and pull requests

3 years agotest/legacy-protocol.test: fix intermittent "Cannot read greeting from control socket"
Kirill Isakov [Thu, 1 Jul 2021 18:10:02 +0000 (00:10 +0600)]
test/legacy-protocol.test: fix intermittent "Cannot read greeting from control socket"

3 years agoAllow running tests on macOS
Kirill Isakov [Thu, 1 Jul 2021 13:35:08 +0000 (19:35 +0600)]
Allow running tests on macOS

3 years agoWarn if system capped requested socket buffer sizes.
Niklas Hambüchen [Sun, 12 Apr 2020 18:21:02 +0000 (20:21 +0200)]
Warn if system capped requested socket buffer sizes.

3 years agoFail early in send_udp_probe_packet().
Mathew Heard [Tue, 29 Jun 2021 05:03:50 +0000 (15:03 +1000)]
Fail early in send_udp_probe_packet().

3 years agoCheck interval bounds for UDP probe size.
Mathew Heard [Tue, 29 Jun 2021 04:55:14 +0000 (14:55 +1000)]
Check interval bounds for UDP probe size.

3 years agoEnsure send_udp_probe_packet len is valid for the buffer size.
Mathew Heard [Tue, 29 Jun 2021 04:48:04 +0000 (14:48 +1000)]
Ensure send_udp_probe_packet len is valid for the buffer size.

3 years agoperform cheap checks first
Mathew Heard [Tue, 29 Jun 2021 00:49:01 +0000 (10:49 +1000)]
perform cheap checks first

minor optimization

3 years agoReleasing 1.1pre18. release-1.1pre18
Guus Sliepen [Sun, 27 Jun 2021 17:29:16 +0000 (19:29 +0200)]
Releasing 1.1pre18.

3 years agoUpdate THANKS.
Guus Sliepen [Sun, 27 Jun 2021 17:16:53 +0000 (19:16 +0200)]
Update THANKS.

3 years agoUpdate copyright notices.
Guus Sliepen [Sun, 27 Jun 2021 15:23:30 +0000 (17:23 +0200)]
Update copyright notices.

3 years agoFix usage of @code and @samp commands.
Guus Sliepen [Sun, 27 Jun 2021 15:12:06 +0000 (17:12 +0200)]
Fix usage of @code and @samp commands.

3 years agoFix spelling errors.
Guus Sliepen [Sun, 27 Jun 2021 14:52:03 +0000 (16:52 +0200)]
Fix spelling errors.

Found by codespell.

3 years agotincctl: restrict umask argument for FORTIFY
pacien [Tue, 8 Sep 2020 23:24:28 +0000 (01:24 +0200)]
tincctl: restrict umask argument for FORTIFY

`umask(mode)` calls that do not verify `(mode & 0777) == mode` are
rejected when the libc FORTIFY checks are enabled [1].

The unrestricted `~perms` was indeed making this assertion fail.

[1]: https://android.googlesource.com/platform/bionic/+/refs/tags/android-11.0.0_r3/libc/bionic/fortify.cpp#404

3 years agoDon't try to forward packets to a node we don't have a key for.
Guus Sliepen [Sun, 27 Jun 2021 14:19:37 +0000 (16:19 +0200)]
Don't try to forward packets to a node we don't have a key for.

If we got a packet that's meant to be relayed, don't call
sptps_send_data() if we don't have a valid key yet for the desination
node, but do keep trying to get a working connection to that node. Based
on a patch from thorkill.

3 years agoFix for the event loop on Windows.
Guus Sliepen [Sun, 27 Jun 2021 14:06:58 +0000 (16:06 +0200)]
Fix for the event loop on Windows.

The code did not take into account that the return value of
WSAWaitForMultipleEvents() is the offset into the event array plus
WSA_WAIT_EVENT_0.

Based on a patch from arsh0r.

3 years agoLog errors when add_edge() fails to insert into the edge trees.
Guus Sliepen [Sun, 27 Jun 2021 14:01:52 +0000 (16:01 +0200)]
Log errors when add_edge() fails to insert into the edge trees.

This should never happen, but if it does we want to have it at least
logged instead of causing issues later on.

Based on a patch from arsh0r.

3 years agoFix the check for sys/un.h.
Guus Sliepen [Sun, 27 Jun 2021 13:36:44 +0000 (15:36 +0200)]
Fix the check for sys/un.h.

3 years agoDon't compile support for Device=fd on platforms that do not support UNIX sockets.
Guus Sliepen [Sun, 27 Jun 2021 13:31:49 +0000 (15:31 +0200)]
Don't compile support for Device=fd on platforms that do not support UNIX sockets.

3 years agoFix compiler warnings.
Guus Sliepen [Sun, 27 Jun 2021 13:02:13 +0000 (15:02 +0200)]
Fix compiler warnings.

3 years agoFix warnings from autoconf.
Guus Sliepen [Sun, 27 Jun 2021 12:55:23 +0000 (14:55 +0200)]
Fix warnings from autoconf.

Bump the minimum required version of autoconf to 2.69, and avoid using
macros it warns are obsolete.

3 years agoFix warnings from GCC about VLAs.
Guus Sliepen [Tue, 22 Jun 2021 20:36:13 +0000 (22:36 +0200)]
Fix warnings from GCC about VLAs.

3 years agoReformat the code using astyle.
Guus Sliepen [Tue, 22 Jun 2021 20:35:50 +0000 (22:35 +0200)]
Reformat the code using astyle.

3 years agoAdd Subnet checking to tinc cli
Ilia Pavlikhin [Tue, 24 Sep 2019 15:34:12 +0000 (15:34 +0000)]
Add Subnet checking to tinc cli

3 years ago Fix infinity loop when network address and
Ilia Pavlikhin [Tue, 24 Sep 2019 11:26:52 +0000 (11:26 +0000)]
 Fix infinity loop when network address and
 prefix do not match

3 years agoUse auto-clone device /dev/{tun,tap} as default on FreeBSD/DragonFly
Aaron LI [Sun, 5 Apr 2020 11:07:42 +0000 (19:07 +0800)]
Use auto-clone device /dev/{tun,tap} as default on FreeBSD/DragonFly

DragonFly BSD doesn't pre-create `/dev/tunX` or `/dev/tapX` devices
anymore since 2019-Jul-31 [0].  So it's better to use the auto-clone
device `/dev/tun` or `/dev/tap` as the default TUN or TAP device.
The TUN/TAP device has the same behavior on DragonFly BSD and FreeBSD.

See also pull request: https://github.com/DragonFlyBSD/DeltaPorts/pull/925

[0] https://github.com/DragonFlyBSD/DragonFlyBSD/commit/f1e9a4fff5aaac2be3a291dbfea94f94755991b8

3 years agofix compilation without deprecated OpenSSL APIs
Rosen Penev [Fri, 2 Apr 2021 21:36:39 +0000 (14:36 -0700)]
fix compilation without deprecated OpenSSL APIs

This was fixed for 1.0 but missing for 1.1.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoFix segfault when failing to read random numbers.
Guus Sliepen [Mon, 21 Sep 2020 21:22:18 +0000 (23:22 +0200)]
Fix segfault when failing to read random numbers.

Because the result of read() was incorrectly stored in an unsigned
variable, an error reading from the random number generator device would
result in an infinite loop that would start writing out of bounds and
eventually corrupt the stack.

4 years agofix macos build
leptonyu [Sun, 15 Mar 2020 01:39:42 +0000 (01:39 +0000)]
fix macos build

4 years agoInclude stddef.h if available.
Guus Sliepen [Mon, 20 Jan 2020 20:12:17 +0000 (21:12 +0100)]
Include stddef.h if available.

This is necessary to compile fd_device.c.

4 years agofd_device: allow fd to be passed through a unix socket
pacien [Mon, 20 Jan 2020 12:58:13 +0000 (13:58 +0100)]
fd_device: allow fd to be passed through a unix socket

New restrictions on the Android OS forbid direct leaking of file descriptors.
This patch allows the tinc daemon to have an fd and the associated
permissions transferred to it through a Unix domain socket.

5 years agoTry harder to connect to unreachable nodes.
Guus Sliepen [Wed, 17 Jul 2019 23:49:48 +0000 (01:49 +0200)]
Try harder to connect to unreachable nodes.

5 years agoDon't keep an address cache in an outgoing_t.
Guus Sliepen [Wed, 17 Jul 2019 23:33:38 +0000 (01:33 +0200)]
Don't keep an address cache in an outgoing_t.

Address caches are associated with nodes, so just use the address cache
in the node_t struct. Also ensure we always have opened an address cache in
setup_outgoing_connection().

Thanks to admincheg for finding this issue.

5 years agoDisable AutoConnect in the ns-ping test.
Guus Sliepen [Wed, 17 Jul 2019 22:31:54 +0000 (00:31 +0200)]
Disable AutoConnect in the ns-ping test.

5 years agoAvoid void pointer arithmetic.
Guus Sliepen [Wed, 17 Jul 2019 22:31:11 +0000 (00:31 +0200)]
Avoid void pointer arithmetic.

5 years agoFix strict aliasing violation in inet_checksum()
Maciej S. Szmigiero [Tue, 16 Apr 2019 13:00:50 +0000 (15:00 +0200)]
Fix strict aliasing violation in inet_checksum()

inet_checksum() accesses packet data as an array of uint16_t, but the
packet data can be for example of "anonymous struct pseudo" type from
route_ipv6_unreachable().
This type isn't a compatible type with uint16_t so a strict aliasing
violation occurs and causes the checksum to be computed incorrectly.

Fix this by using the memcpy() idiom to read the packet data as an array of
uint16_t in inet_checksum() (this should be understood by compilers and
optimized accordingly, so no actual copy occurs).

5 years agoRevert "Work around a GCC bug that causes inet_checksum() to give wrong results."
Maciej S. Szmigiero [Tue, 16 Apr 2019 12:19:48 +0000 (14:19 +0200)]
Revert "Work around a GCC bug that causes inet_checksum() to give wrong results."

This reverts commit 7c73cb3ace6659df58ec2382b8d47bb521dad886.

5 years agofix: use EVP_DecryptUpdate while decrypting
Andreas Rammhold [Thu, 28 Feb 2019 19:38:14 +0000 (20:38 +0100)]
fix: use EVP_DecryptUpdate while decrypting

With OpenSSL versions 1.0.2r & 1.1.1b there were changes in regards to
how OpenSSL treats misuse of Encrypt/Decrypt EVP methods in the opposite
case. E.g. using the encrypt methods in a decrypt context. OpenSSL now
returns an error in these situations. [1]
Since tinc used the EVP_EncryptUpdate function in the cipher_decrypt
function the new sanity check was triggered causing tinc to be unusable
with said OpenSSL versions.

[1] https://github.com/openssl/openssl/pull/7852

5 years agoPrevent large amounts of UDP probes being sent consecutively.
Guus Sliepen [Tue, 18 Dec 2018 16:44:08 +0000 (17:44 +0100)]
Prevent large amounts of UDP probes being sent consecutively.

We cannot reset udp_ping_sent to zero when we receive a valid reply to
an UDP probe, because that would cause a new one to be sent immediately
in try_udp(). Instead, add a bit to node_status_t to keep track of whether we
have a UDP probe that's waiting for a reply.

Thanks to Ronny Nilsson for spotting the source of the problem.

5 years agoFix the scripts test.
Guus Sliepen [Fri, 30 Nov 2018 13:47:52 +0000 (14:47 +0100)]
Fix the scripts test.

This was broken because of the changes in commit 44f3023.

5 years agoDouble-quote node names in dump graph output.
Guus Sliepen [Fri, 30 Nov 2018 13:41:55 +0000 (14:41 +0100)]
Double-quote node names in dump graph output.

This is needed for all nodes with a name starting with a digit,
otherwise the ID would be interpreted as a numeral.

Based on the patch from Quentin Rameau for tinc 1.0.

5 years agoGenerate tinc-up.bat on windows
Fabian Maurer [Mon, 19 Nov 2018 21:11:10 +0000 (22:11 +0100)]
Generate tinc-up.bat on windows

6 years agoFix interface spelling
Fabian Maurer [Mon, 19 Nov 2018 21:05:13 +0000 (22:05 +0100)]
Fix interface spelling

6 years agoHandle DOS line endings in invitation files.
Guus Sliepen [Mon, 22 Oct 2018 18:34:19 +0000 (20:34 +0200)]
Handle DOS line endings in invitation files.

6 years agoAttempt to make the test suite work with Windows executables.
Guus Sliepen [Mon, 22 Oct 2018 18:31:37 +0000 (20:31 +0200)]
Attempt to make the test suite work with Windows executables.

The test suite still assumes a POSIX shell to run the tests, but now handles
the case when the executables themselves are (cross-)compiled for Windows,
with a .exe extension. Also, DOS line endings must be converted to UNIX
line endings in some cases.

Some tests now pass on Linux+Wine, but others do not, mainly due to Wine
not handling services very well.

6 years agoPrevent sptps_test from sending overly large UDP packets.
Guus Sliepen [Mon, 22 Oct 2018 15:20:30 +0000 (17:20 +0200)]
Prevent sptps_test from sending overly large UDP packets.

This fixes the test suite on macOS, which has a lo0 interface with an MTU
of 16384, which is smaller than the maximum packet size we could send.

6 years agoMake sure the stop command works on Windows if tincd is running in the foreground.
Guus Sliepen [Mon, 22 Oct 2018 15:01:08 +0000 (17:01 +0200)]
Make sure the stop command works on Windows if tincd is running in the foreground.

6 years agoDrop support for Cygwin.
Guus Sliepen [Mon, 22 Oct 2018 14:53:12 +0000 (16:53 +0200)]
Drop support for Cygwin.

Tinc can be built as a native Windows binary using MinGW, and should support
all of the features that the Cygwin version did.

6 years agoFix compiling test binaries on Windows.
Guus Sliepen [Sun, 21 Oct 2018 14:24:10 +0000 (16:24 +0200)]
Fix compiling test binaries on Windows.

6 years agoFix warnings when compiling for Windows.
Guus Sliepen [Sun, 21 Oct 2018 14:23:45 +0000 (16:23 +0200)]
Fix warnings when compiling for Windows.

6 years agoSkip the legacy protocol test if that protocol is disabled.
Guus Sliepen [Thu, 18 Oct 2018 19:41:52 +0000 (21:41 +0200)]
Skip the legacy protocol test if that protocol is disabled.

6 years agoAllow "tinc --force join" to accept all variables sent in an invitaiton.
Guus Sliepen [Thu, 18 Oct 2018 15:19:47 +0000 (17:19 +0200)]
Allow "tinc --force join" to accept all variables sent in an invitaiton.

6 years agoMake more variables safe for use in invitations.
Guus Sliepen [Thu, 18 Oct 2018 15:17:20 +0000 (17:17 +0200)]
Make more variables safe for use in invitations.

When writing one's own invitation files, more variables are now accepted
by the invitee. The goal is to allow anything that doesn't interfere
with the existing network configuration of the invitee and that doesn't
cause any unexpected behaviour, such as starting running commands.

6 years agoFix segfault when dest->mtu is 0.
Werner Schreiber [Wed, 10 Oct 2018 17:16:59 +0000 (19:16 +0200)]
Fix segfault when dest->mtu is 0.

6 years agoFix building with --disable-legacy-protocol.
Guus Sliepen [Thu, 18 Oct 2018 14:42:18 +0000 (16:42 +0200)]
Fix building with --disable-legacy-protocol.

6 years agoReformat the code using astyle.
Guus Sliepen [Thu, 18 Oct 2018 14:15:19 +0000 (16:15 +0200)]
Reformat the code using astyle.

6 years agoCheck all Address statements when making outgoing connections.
Guus Sliepen [Thu, 18 Oct 2018 13:59:24 +0000 (15:59 +0200)]
Check all Address statements when making outgoing connections.

The logic in get_recent_address() caused tinc to only consider the first
Address statement that could be resolved to one or more IP addresses.

6 years agoUse the onlink flag when adding routes on Linux.
Guus Sliepen [Thu, 18 Oct 2018 14:10:32 +0000 (16:10 +0200)]
Use the onlink flag when adding routes on Linux.

As reported by iczero, adding gateway routes on Linux can fail if the
gateway address is not reachable yet, either because the interface is
down, or if the gateway address is not inside any route that already is
added or is being added to that interface. By adding the onlink flag,
iproute2 will just add the route without questions.

6 years agoFix tinc-up generation on windows
iczero [Wed, 17 Oct 2018 05:58:52 +0000 (22:58 -0700)]
Fix tinc-up generation on windows

- use `%INTERFACE%` instead of `$INTERFACE` on windows
- correct typo in `netsh interface` (was `netsh inetface`)
- remove `static` when setting ipv6 address

6 years agoFix manpage mdoc syntax
Shengjing Zhu [Wed, 10 Oct 2018 07:00:47 +0000 (15:00 +0800)]
Fix manpage mdoc syntax

6 years agoInstall the bash completion file when running make install.
Guus Sliepen [Mon, 8 Oct 2018 20:12:23 +0000 (22:12 +0200)]
Install the bash completion file when running make install.

Closes #209 on GitHub.

6 years agoFix the compiler attribute test to work with Clang.
Guus Sliepen [Mon, 8 Oct 2018 19:27:08 +0000 (21:27 +0200)]
Fix the compiler attribute test to work with Clang.

Clang doesn't like the __nonnull__ attribute being applied to functions
that don't take pointer arguments, and this causes errors when running
the configure script.

6 years agoReleasing 1.1pre17. release-1.1pre17
Guus Sliepen [Mon, 8 Oct 2018 09:00:01 +0000 (11:00 +0200)]
Releasing 1.1pre17.

6 years agoUpdate THANKS.
Guus Sliepen [Sun, 7 Oct 2018 16:05:50 +0000 (18:05 +0200)]
Update THANKS.