Require OpenSSL 1.1.0 or later. This gets rid of some backwards compatibility code, and avoids calling deprecated OpenSSL functions.
Reformat all code using astyle.
Fix compilation without deprecated OpenSSL APIs This is an optional part of OpenWrt designed to save space.
Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738) The authentication protocol allows an oracle attack that could potentially be exploited. This commit contains several mitigations: - Connections are no longer closed immediately on error, but put in a "tarpit". - The authentication protocol now requires a valid CHAL_REPLY from the initiator of a connection before sending a CHAL_REPLY of its own. - Only a limited amount of connections per second are accepted. - Null ciphers or digests are no longer allowed in METAKEYs. - Connections that claim to have the same name as the local node are rejected.
Ensure all parameters have names in header files.
Fix all -Wall -W compiler warnings.
Reformat all code using astyle.
Update all header guards. Don't start with underscores, as those are reserved for system libraries. Make sure all start with TINC_, and that they appear at the top of the file.
Releasing 1.0.30.
Enforce maximum amount of bytes sent/received on meta-connections. This is sqrt(2^{block_length_in_bits}).
Delay sending the real ID request until after a proxy request is granted.
Clear connection options and status fields in free_connection_partially(). Most fields should be zero when reusing a connection. In particular, when an outgoing connection to a node which is reachable on more than one address is made, the second connection to that node will have status.encryptout set but outctx will be NULL, causing a NULL pointer dereference when EVP_EncryptUpdate() is called in send_meta() when it shouldn't.
Always try next Address when an outgoing connection fails to authenticate. When making outgoing connections, tinc goes through the list of Addresses and tries all of them until one succeeds. However, before it would consider establishing a TCP connection a success, even when the authentication failed. This would be a problem if the first Address would point to a hostname and port combination that belongs to the wrong tinc node, or perhaps even to a non-tinc service, causing tinc to endlessly try this Address instead of moving to the next one. Problem found by Delf Eldkraft.
Update copyright notices.
Rename connection_t *broadcast to everyone.
Remove a few unnecessary #includes. Some spotted by Michael Tokarev.
Fix sparse warnings and add an extra sprinkling of const. This is more or less the equivalent of Sven-Haegar Koch's fixes in the 1.1 branch.
Remove duplicate command-line option parsing. Also fix parsing of command-line host configuration options for the local node.
Update copyright notices.
Make MSS clamping configurable, but enabled by default. It can either be set globally in tinc.conf, or per-node in host config files.