]> git.meshlink.io Git - meshlink/log
meshlink
11 years agoFix combination of Mode = router and DeviceType = tap on Linux.
Etienne Dechamps [Sat, 13 Jul 2013 22:34:42 +0000 (23:34 +0100)]
Fix combination of Mode = router and DeviceType = tap on Linux.

I believe I have found a bug in tinc on Linux when it is used with
Mode = router and DeviceType = tap. This combination is useful because
it allows global broadcast packets to be used in router mode. However,
when tinc receives a packet in this situation, it needs to make sure its
destination MAC address matches the address of the TAP adapter, which is
typically not the case since the sending node doesn't know the MAC
address of the recipient. Unfortunately, this is not the case on Linux,
which breaks connectivity.

11 years agoAdd connection rate limiting.
Guus Sliepen [Thu, 11 Jul 2013 21:38:38 +0000 (23:38 +0200)]
Add connection rate limiting.

Tinc now strictly limits incoming connections from the same host to 1 per
second. For incoming connections from multiple hosts short bursts of incoming
connections are allowed (by default 100), but on average also only 1 connection
per second is allowed.

When an incoming connection exceeds the limit, tinc will keep the connection in
a tarpit; the connection will be kept open but it is ignored completely. Only
one connection is in a tarpit at a time to limit the number of useless open
connections.

11 years agoSet $NAME when calling host-up/down and subnet-up/down scripts.
Guus Sliepen [Fri, 5 Jul 2013 19:36:51 +0000 (21:36 +0200)]
Set $NAME when calling host-up/down and subnet-up/down scripts.

11 years agoAdd the LocalDiscoveryAddress option.
Guus Sliepen [Fri, 31 May 2013 16:50:34 +0000 (18:50 +0200)]
Add the LocalDiscoveryAddress option.

When LocalDiscovery is enabled, tinc normally sends broadcast packets during
PMTU discovery to the broadcast address (255.255.255.255 or ff02::1). This
option lets tinc use a different address.

At the moment only one LocalDiscoveryAddress can be specified.

11 years agoUse strerror() instead of gai_strerror() when err == EAI_SYSTEM.
Guus Sliepen [Fri, 31 May 2013 15:23:00 +0000 (17:23 +0200)]
Use strerror() instead of gai_strerror() when err == EAI_SYSTEM.

11 years agoAllow the log output to be stopped with control-C in tinc's shell.
Guus Sliepen [Thu, 30 May 2013 15:38:48 +0000 (17:38 +0200)]
Allow the log output to be stopped with control-C in tinc's shell.

11 years agoBetter optional argument handling.
Guus Sliepen [Thu, 30 May 2013 14:53:16 +0000 (16:53 +0200)]
Better optional argument handling.

Some options can take an optional argument. However, in this case GNU getopt
requires that the optional argument is right next to the option without
whitespace inbetween. If there is whitespace, getopt will treat it as a
non-option argument, but tincd ignored those without a warning. Now tincd will
allow optional arguments with whitespace inbetween, and will give an error when
it encounters any other non-option arguments.

The tinc binary now requires that all options for itself are given before the
command.

11 years agoAdd an invitation protocol.
Guus Sliepen [Wed, 29 May 2013 16:31:10 +0000 (18:31 +0200)]
Add an invitation protocol.

Using the tinc command, an administrator of an existing VPN can generate
invitations for new nodes. The invitation is a small URL that can easily
be copy&pasted into email or live chat. Another person can have tinc
automatically setup the necessary configuration files and exchange keys
with the server, by only using the invitation URL.

The invitation protocol uses temporary ECDSA keys. The invitation URL
consists of the hostname and port of the server, a hash of the server's
temporary ECDSA key and a cookie. When the client wants to accept an
invitation, it also creates a temporary ECDSA key, connects to the server
and says it wants to accept an invitation. Both sides exchange their
temporary keys. The client verifies that the server's key matches the hash
in the invitation URL. After setting up an SPTPS connection using the
temporary keys, the client gives the cookie to the server. If the cookie
is valid, the server sends the client an invitation file containing the
client's new name and a copy of the server's host config file. If everything
is ok, the client will generate a long-term ECDSA key and send it to the
server, which will add it to a new host config file for the client.

The invitation protocol currently allows multiple host config files to be
send from the server to the client. However, the client filters out
most configuration variables for its own host configuration file. In
particular, it only accepts Name, Mode, Broadcast, ConnectTo, Subnet and
AutoConnect. Also, at the moment no tinc-up script is generated.

When an invitation has succesfully been accepted, the client needs to start
the tinc daemon manually.

11 years agoFix port number in pidfile.
Guus Sliepen [Tue, 28 May 2013 11:41:53 +0000 (13:41 +0200)]
Fix port number in pidfile.

11 years agoAdd a newline when logging to stderr in the tinc binary.
Guus Sliepen [Tue, 28 May 2013 11:40:32 +0000 (13:40 +0200)]
Add a newline when logging to stderr in the tinc binary.

11 years agoImprove base64 encoding/decoding, add URL-safe variant.
Guus Sliepen [Tue, 28 May 2013 11:39:15 +0000 (13:39 +0200)]
Improve base64 encoding/decoding, add URL-safe variant.

b64decode() now returns length 0 when an invalid character was encountered.

11 years agoAnnotate the xalloc functions.
Guus Sliepen [Tue, 28 May 2013 11:36:26 +0000 (13:36 +0200)]
Annotate the xalloc functions.

Most important is the annotation of xasprintf() with the format attribute,
which allows the compiler to give warnings about the format string and
arguments.

11 years agoSend a new key when we receive packets from a node we don't have a valid key for.
Guus Sliepen [Sat, 18 May 2013 14:11:30 +0000 (16:11 +0200)]
Send a new key when we receive packets from a node we don't have a valid key for.

11 years agoEnable and fix warnings from automake.
Guus Sliepen [Wed, 15 May 2013 11:55:06 +0000 (13:55 +0200)]
Enable and fix warnings from automake.

11 years agoModified some error messages in src/sptps.c.
Sven-Haegar Koch [Tue, 14 May 2013 00:57:35 +0000 (02:57 +0200)]
Modified some error messages in src/sptps.c.

11 years agoDon't try to handle incoming data if sptps_start() has not been called yet.
Guus Sliepen [Sun, 12 May 2013 11:39:22 +0000 (13:39 +0200)]
Don't try to handle incoming data if sptps_start() has not been called yet.

11 years agoFix potential NULL pointer dereferences.
Guus Sliepen [Sat, 11 May 2013 14:54:50 +0000 (16:54 +0200)]
Fix potential NULL pointer dereferences.

11 years agoDon't free ephemeral ECDH keys twice.
Guus Sliepen [Sat, 11 May 2013 12:13:23 +0000 (14:13 +0200)]
Don't free ephemeral ECDH keys twice.

ecdh_compute_shared() was changed to immediately delete the ephemeral key after
the shared secret was computed.  Therefore, the pointer to the ecdh_t struct
should be zeroed so it won't be freed again when a struct sptps_t is freed.

11 years agoUse read_host_config() where appropriate.
Guus Sliepen [Sat, 11 May 2013 12:05:28 +0000 (14:05 +0200)]
Use read_host_config() where appropriate.

11 years agoFix check for presence of ECDSA public key for outgoing connections.
Guus Sliepen [Sat, 11 May 2013 12:04:39 +0000 (14:04 +0200)]
Fix check for presence of ECDSA public key for outgoing connections.

At this point, c->config_tree may or may not be NULL, but this does not tell us whether it is an
outgoing connection or not. For incoming connections, we do not know the peer's name yet,
so we always have to claim ECDSA support. For outgoing connections, we always need to check
whether we have the peer's ECDSA public key, so that if we don't, we correctly tell the peer that
we want to upgrade.

11 years agoEnable the SPTPS protocol by default.
Guus Sliepen [Fri, 10 May 2013 19:11:45 +0000 (21:11 +0200)]
Enable the SPTPS protocol by default.

11 years agoAdd a few more checks and warnings in the crypto functions.
Guus Sliepen [Fri, 10 May 2013 18:55:52 +0000 (20:55 +0200)]
Add a few more checks and warnings in the crypto functions.

11 years agoFix warnings for functions marked __attribute((warn_unused_result)).
Guus Sliepen [Fri, 10 May 2013 18:30:47 +0000 (20:30 +0200)]
Fix warnings for functions marked __attribute((warn_unused_result)).

11 years agoAdd __attribute__((warn_unused_result)) to crypto functions.
Guus Sliepen [Fri, 10 May 2013 18:23:01 +0000 (20:23 +0200)]
Add __attribute__((warn_unused_result)) to crypto functions.

11 years agoAdd more __attribute__((malloc)) where appropriate.
Guus Sliepen [Fri, 10 May 2013 18:15:27 +0000 (20:15 +0200)]
Add more __attribute__((malloc)) where appropriate.

11 years agoAdd generic crypto headers.
Guus Sliepen [Wed, 1 May 2013 15:45:38 +0000 (17:45 +0200)]
Add generic crypto headers.

They should have been included in commit 9b9230a.

11 years agoRename xmalloc_and_zero() to xzalloc().
Guus Sliepen [Wed, 1 May 2013 15:31:33 +0000 (17:31 +0200)]
Rename xmalloc_and_zero() to xzalloc().

The former name is more or less only used by tinc, the latter is used by other
projects as well, and shorter as well.

11 years agoUse conditional compilation for cryptographic functions.
Guus Sliepen [Wed, 1 May 2013 15:17:22 +0000 (17:17 +0200)]
Use conditional compilation for cryptographic functions.

This gets rid of the rest of the symbolic links. However, as a consequence, the
crypto header files have now moved to src/, and can no longer contain
library-specific declarations. Therefore, cipher_t, digest_t, ecdh_t, ecdsa_t
and rsa_t are now all opaque types, and only pointers to those types can be
used.

11 years agoUse conditional compilation for device.c.
Guus Sliepen [Wed, 1 May 2013 10:20:06 +0000 (12:20 +0200)]
Use conditional compilation for device.c.

This requires the automake option "subdir-objects" to be enabled, and it
becomes more critical to specify the exact path to local header files.

11 years agoModernize the configure script a bit.
Guus Sliepen [Wed, 1 May 2013 09:46:40 +0000 (11:46 +0200)]
Modernize the configure script a bit.

11 years agoDon't try to create tinc.conf when using set or add commands.
Guus Sliepen [Sun, 28 Apr 2013 17:33:04 +0000 (19:33 +0200)]
Don't try to create tinc.conf when using set or add commands.

It is almost certainly an error. If one really wants to create a new tinc.conf
file, one should use the init command.

11 years agoReleasing 1.1pre7.
Guus Sliepen [Mon, 22 Apr 2013 13:54:05 +0000 (15:54 +0200)]
Releasing 1.1pre7.

11 years agoDrop packets forwarded via TCP if they are too big (CVE-2013-1428).
Guus Sliepen [Fri, 12 Apr 2013 15:15:05 +0000 (17:15 +0200)]
Drop packets forwarded via TCP if they are too big (CVE-2013-1428).

Normally all requests sent via the meta connections are checked so that they
cannot be larger than the input buffer. However, when packets are forwarded via
meta connections, they are copied into a packet buffer without checking whether
it fits into it. Since the packet buffer is allocated on the stack, this in
effect allows an authenticated remote node to cause a stack overflow.

This issue was found by Martin Schobert.

11 years agoFix completion of add/del/get/set commands.
Guus Sliepen [Tue, 12 Mar 2013 10:28:40 +0000 (11:28 +0100)]
Fix completion of add/del/get/set commands.

11 years agoDescribe the SPTPS protocol in the manual.
Guus Sliepen [Tue, 12 Mar 2013 09:49:45 +0000 (10:49 +0100)]
Describe the SPTPS protocol in the manual.

Also mention that Cipher, Digest and MACLength have no influence on the SPTPS protocol,
since that uses a fixed ciphersuite.

11 years agoRemove references to the config keyword.
Guus Sliepen [Fri, 8 Mar 2013 15:26:21 +0000 (16:26 +0100)]
Remove references to the config keyword.

11 years agoRename tincctl to tinc.
Guus Sliepen [Fri, 8 Mar 2013 15:22:56 +0000 (16:22 +0100)]
Rename tincctl to tinc.

11 years agoInclude README.android in the tarballs.
Guus Sliepen [Fri, 8 Mar 2013 13:12:48 +0000 (14:12 +0100)]
Include README.android in the tarballs.

11 years agoAvoid calling time(NULL).
Guus Sliepen [Fri, 8 Mar 2013 13:11:15 +0000 (14:11 +0100)]
Avoid calling time(NULL).

In most cases we can use the cached time.

11 years agoAllow changing configuration with tincctl without the "config" keyword.
Guus Sliepen [Fri, 8 Mar 2013 10:40:40 +0000 (11:40 +0100)]
Allow changing configuration with tincctl without the "config" keyword.

This saves typing some characters, and forces one to be more explicit about the
desired command (get, set).

11 years agoBetter default output file for generated public keys.
Guus Sliepen [Fri, 8 Mar 2013 10:24:37 +0000 (11:24 +0100)]
Better default output file for generated public keys.

11 years agoFlush output buffers in the tap reader thread on Windows.
Guus Sliepen [Fri, 1 Mar 2013 16:15:26 +0000 (17:15 +0100)]
Flush output buffers in the tap reader thread on Windows.

This is basically a port of commit 50fcfea1 to 1.1.

11 years agoUse UDP when using sptps_test in datagram mode.
Guus Sliepen [Fri, 22 Feb 2013 14:37:48 +0000 (15:37 +0100)]
Use UDP when using sptps_test in datagram mode.

11 years agoReleasing 1.1pre6.
Guus Sliepen [Wed, 20 Feb 2013 14:35:19 +0000 (15:35 +0100)]
Releasing 1.1pre6.

11 years agoFix compiler warnings on some BSD variants.
Guus Sliepen [Wed, 20 Feb 2013 14:35:08 +0000 (15:35 +0100)]
Fix compiler warnings on some BSD variants.

11 years agoFix compiler warnings on Windows.
Guus Sliepen [Wed, 20 Feb 2013 13:39:24 +0000 (14:39 +0100)]
Fix compiler warnings on Windows.

11 years agoFix a tiny memory leak.
Guus Sliepen [Wed, 20 Feb 2013 12:59:50 +0000 (13:59 +0100)]
Fix a tiny memory leak.

Found by cppcheck.

11 years agoDon't expect a response from tincd after sending REQ_STOP.
Guus Sliepen [Fri, 8 Feb 2013 15:44:50 +0000 (16:44 +0100)]
Don't expect a response from tincd after sending REQ_STOP.

11 years agoLet the GUI use UNIX sockets if available.
Guus Sliepen [Thu, 7 Feb 2013 14:27:16 +0000 (15:27 +0100)]
Let the GUI use UNIX sockets if available.

11 years agoDerive UNIX socket filename from PID filename.
Guus Sliepen [Thu, 7 Feb 2013 14:26:56 +0000 (15:26 +0100)]
Derive UNIX socket filename from PID filename.

11 years agoDon't send proxy requests for incoming connections.
Guus Sliepen [Thu, 7 Feb 2013 13:22:28 +0000 (14:22 +0100)]
Don't send proxy requests for incoming connections.

11 years agoFix segmentation fault when trying to connect via a SOCKS5 proxy.
Guus Sliepen [Wed, 6 Feb 2013 14:24:02 +0000 (15:24 +0100)]
Fix segmentation fault when trying to connect via a SOCKS5 proxy.

11 years agoCheck for writability when waiting for a socket to finish connecting.
Guus Sliepen [Wed, 6 Feb 2013 14:12:53 +0000 (15:12 +0100)]
Check for writability when waiting for a socket to finish connecting.

We were checking only for readability, which is not a problem for normal
connections, since the server side of a connection will always send an ID
request. But when using a proxy, the proxy server doesn't send anything before
the client, so tinc would not see that its connection to the proxy had already
been established.

11 years agoFix tincd terminating immediately on Windows.
Guus Sliepen [Wed, 6 Feb 2013 10:30:35 +0000 (11:30 +0100)]
Fix tincd terminating immediately on Windows.

11 years agoRemove direct inclusion of OpenSSL headers in net_packet.c and tincd.c.
Guus Sliepen [Thu, 31 Jan 2013 15:12:56 +0000 (16:12 +0100)]
Remove direct inclusion of OpenSSL headers in net_packet.c and tincd.c.

11 years agoDetect increases in PMTU.
Guus Sliepen [Thu, 31 Jan 2013 14:58:33 +0000 (15:58 +0100)]
Detect increases in PMTU.

Tinc never restarts PMTU discovery unless a node becomes unreachable. However,
it can be that the PMTU was very low during the initial discovery, but has
increased later. To detect this, tinc now tries to send an extra packet every
PingInterval, with a size slightly higher than the currently known PMTU. If
this packet is succesfully received back, we partially restart PMTU discovery
to find out the new maximum.

Conflicts:
src/net_packet.c

11 years agoGet microsecond time resolution on Windows.
Guus Sliepen [Mon, 21 Jan 2013 15:12:18 +0000 (16:12 +0100)]
Get microsecond time resolution on Windows.

11 years agoFix a typo.
Guus Sliepen [Mon, 21 Jan 2013 12:59:52 +0000 (13:59 +0100)]
Fix a typo.

11 years agoFix datagram SPTPS.
Guus Sliepen [Mon, 21 Jan 2013 12:47:46 +0000 (13:47 +0100)]
Fix datagram SPTPS.

Commit dd07c9fc1f37bed8d1f67ffe7b203f61e7914edf broke the reception of datagram
SPTPS packets, by undoing the conversion of the sequence number to host byte
order before comparison. This caused error messages like "Packet is 16777215
seqs in the future, dropped (1)".

11 years agoReleasing 1.1pre5.
Guus Sliepen [Sun, 20 Jan 2013 20:03:22 +0000 (21:03 +0100)]
Releasing 1.1pre5.

11 years agoFix tincctl init when /etc/tinc does not yet exist.
Guus Sliepen [Sun, 20 Jan 2013 20:02:58 +0000 (21:02 +0100)]
Fix tincctl init when /etc/tinc does not yet exist.

11 years agoRemove possible definition of timersub(), which is also in dropin.h.
Guus Sliepen [Sun, 20 Jan 2013 19:19:08 +0000 (20:19 +0100)]
Remove possible definition of timersub(), which is also in dropin.h.

11 years agoMake sure PriorityInheritance also works in switch mode.
Guus Sliepen [Sun, 20 Jan 2013 14:16:13 +0000 (15:16 +0100)]
Make sure PriorityInheritance also works in switch mode.

Conflicts:
src/route.c

11 years agoAllow connections via UNIX sockets.
Guus Sliepen [Thu, 17 Jan 2013 17:12:55 +0000 (18:12 +0100)]
Allow connections via UNIX sockets.

This is mainly useful for control connections. The client must still present
the control cookie from the PID file.

11 years agoFix compilation of UML and VDE device support.
Guus Sliepen [Thu, 17 Jan 2013 15:39:41 +0000 (16:39 +0100)]
Fix compilation of UML and VDE device support.

11 years agoMove make_names() and related variables to its own source file.
Guus Sliepen [Thu, 17 Jan 2013 15:39:02 +0000 (16:39 +0100)]
Move make_names() and related variables to its own source file.

11 years agoHandle SIGINT gracefully.
Guus Sliepen [Thu, 17 Jan 2013 13:14:17 +0000 (14:14 +0100)]
Handle SIGINT gracefully.

11 years agoFix the minimum spanning tree algorithm.
Guus Sliepen [Thu, 17 Jan 2013 10:21:18 +0000 (11:21 +0100)]
Fix the minimum spanning tree algorithm.

Tinc uses Kruskal's algorithm to calculate a MST. However, this was broken in
commit 6e80da3370249caa1082c23c3ef55f338d1e9e74. Revert back to the working
algorithm from tinc 1.0.

Thanks to Cheng LI for spotting the problem.

11 years agoEstimate RTT, bandwidth and packet loss between nodes.
Guus Sliepen [Wed, 16 Jan 2013 15:31:56 +0000 (16:31 +0100)]
Estimate RTT, bandwidth and packet loss between nodes.

Without adding any extra traffic, we can measure round trip times, estimate the
bandwidth and packet loss between nodes. The RTT and bandwidth can be measured
by timing the MTU probe packets. The RTT is the difference between the time a
burst of MTU probes was sent and when the first reply is received. The
bandwidth can be estimated by multiplying the size of the probe packets by the
time between succesive received probe replies of the same burst. The packet
loss can be estimated for incoming traffic by comparing how many packets have
actually been received to the increase in the sequence numbers.

The estimates are not perfect. Especially bandwidth is difficult to measure,
the only accurate way is to continuously send as much data as possible, but
that is obviously not desirable. The packet loss rate is also almost always
a few percent when sending a lot of data over the VPN via TCP, since TCP
*needs* packet loss to work properly.

11 years agoCount the number of correctly received UDP packets.
Guus Sliepen [Tue, 15 Jan 2013 12:33:16 +0000 (13:33 +0100)]
Count the number of correctly received UDP packets.

Keep track of the number of correct, non-replayed UDP packets that have been
received, regardless of their content. This can be compared to the sequence
number to determine the real packet loss.

11 years agoAdd the tincctl exchange and exchange-all commands.
Guus Sliepen [Tue, 15 Jan 2013 12:31:51 +0000 (13:31 +0100)]
Add the tincctl exchange and exchange-all commands.

These are identical to an export/export-all followed by an import, and make
it simpler to exchange host config files with other nodes.

11 years agoCheck HMAC before sequence number.
Guus Sliepen [Mon, 14 Jan 2013 12:08:35 +0000 (13:08 +0100)]
Check HMAC before sequence number.

11 years agoAlways complain if too many arguments are given for tincctl commands.
Guus Sliepen [Mon, 14 Jan 2013 12:02:39 +0000 (13:02 +0100)]
Always complain if too many arguments are given for tincctl commands.

11 years agoBetter error messages when using -L, -R or -U on platforms that do not support it.
Guus Sliepen [Mon, 14 Jan 2013 12:01:47 +0000 (13:01 +0100)]
Better error messages when using -L, -R or -U on platforms that do not support it.

11 years agoDon't complain about garbage if we skipped importing a host file.
Guus Sliepen [Mon, 14 Jan 2013 11:59:17 +0000 (12:59 +0100)]
Don't complain about garbage if we skipped importing a host file.

11 years agoMention that the -L, -R and -U options are not supported on all platforms.
Guus Sliepen [Mon, 14 Jan 2013 11:58:24 +0000 (12:58 +0100)]
Mention that the -L, -R and -U options are not supported on all platforms.

11 years agoNote that tincctl import is only meant to work with data from tincctl export.
Guus Sliepen [Mon, 14 Jan 2013 11:57:33 +0000 (12:57 +0100)]
Note that tincctl import is only meant to work with data from tincctl export.

11 years agoNote that node Names are case sensitive.
Guus Sliepen [Mon, 14 Jan 2013 11:56:54 +0000 (12:56 +0100)]
Note that node Names are case sensitive.

11 years agoFix a typo.
Guus Sliepen [Mon, 14 Jan 2013 11:56:14 +0000 (12:56 +0100)]
Fix a typo.

11 years agoFix support for tunemu on iOS devices.
Guus Sliepen [Sun, 16 Dec 2012 14:36:06 +0000 (15:36 +0100)]
Fix support for tunemu on iOS devices.

The actual code was fine but the #ifdefs tested for the wrong preprocessor
variable.

Conflicts:
src/bsd/device.c
src/process.c

11 years agoFix infinite loop in timeout handling on Windows.
Guus Sliepen [Fri, 7 Dec 2012 14:49:21 +0000 (15:49 +0100)]
Fix infinite loop in timeout handling on Windows.

11 years agoFix display of cumulative packet counters.
Guus Sliepen [Thu, 6 Dec 2012 15:57:57 +0000 (16:57 +0100)]
Fix display of cumulative packet counters.

11 years agoClarify the description of IndirectData and Mode = router.
Guus Sliepen [Thu, 6 Dec 2012 15:55:28 +0000 (16:55 +0100)]
Clarify the description of IndirectData and Mode = router.

11 years agoReleasing 1.1pre4.
Guus Sliepen [Wed, 5 Dec 2012 21:32:10 +0000 (22:32 +0100)]
Releasing 1.1pre4.

11 years agoFix whitespace.
Guus Sliepen [Wed, 5 Dec 2012 20:42:43 +0000 (21:42 +0100)]
Fix whitespace.

11 years agoScale packet counters similar to byte counters.
Guus Sliepen [Wed, 5 Dec 2012 20:40:49 +0000 (21:40 +0100)]
Scale packet counters similar to byte counters.

11 years agoDon't use nested functions.
Guus Sliepen [Wed, 5 Dec 2012 20:33:01 +0000 (21:33 +0100)]
Don't use nested functions.

This allows tinc to be compiled with Clang.

11 years agoFix compiler warnings on OpenBSD.
Guus Sliepen [Wed, 5 Dec 2012 13:42:21 +0000 (14:42 +0100)]
Fix compiler warnings on OpenBSD.

11 years agoRemove GraphDumpFile from the manual and manpages.
Guus Sliepen [Mon, 3 Dec 2012 12:09:40 +0000 (13:09 +0100)]
Remove GraphDumpFile from the manual and manpages.

This option is not supported in tinc 1.1, "tincctl dump graph" can be used
instead.

11 years agoAdd option to dump only a list of reachable nodes.
Guus Sliepen [Mon, 3 Dec 2012 12:08:03 +0000 (13:08 +0100)]
Add option to dump only a list of reachable nodes.

11 years agoMore fixes for Windows.
Guus Sliepen [Mon, 3 Dec 2012 09:41:28 +0000 (10:41 +0100)]
More fixes for Windows.

In particular, Windows does support many of the timer* macros, except timeradd
and timersub.

11 years agoFix compiler error on Windows.
Guus Sliepen [Mon, 3 Dec 2012 08:08:21 +0000 (09:08 +0100)]
Fix compiler error on Windows.

11 years agoFix crash in timeout handling.
Guus Sliepen [Mon, 3 Dec 2012 08:07:23 +0000 (09:07 +0100)]
Fix crash in timeout handling.

11 years agoSet a node's pointers to zero before trying to insert it into a tree.
Guus Sliepen [Mon, 3 Dec 2012 08:02:08 +0000 (09:02 +0100)]
Set a node's pointers to zero before trying to insert it into a tree.

11 years agoFix use of unitialised values in hash tables.
Guus Sliepen [Thu, 29 Nov 2012 13:35:08 +0000 (14:35 +0100)]
Fix use of unitialised values in hash tables.

Not only was Valgrind unhappy about it, it could also result in cache misses.

11 years agoFix check for expired events.
Guus Sliepen [Thu, 29 Nov 2012 13:32:12 +0000 (14:32 +0100)]
Fix check for expired events.

This would trigger a infinite loop if a timeout expired and the next timeout
was not expired yet, but less than 1 second from being expired.

11 years agoAllow multiple timeouts to expire at the exact same time.
Guus Sliepen [Thu, 29 Nov 2012 11:37:04 +0000 (12:37 +0100)]
Allow multiple timeouts to expire at the exact same time.

11 years agoDrop libevent and use our own event handling again.
Guus Sliepen [Thu, 29 Nov 2012 11:28:23 +0000 (12:28 +0100)]
Drop libevent and use our own event handling again.

There are several reasons for this:

- MacOS/X doesn't support polling the tap device using kqueue, requiring a
  workaround to fall back to select().
- On Windows only sockets are properly handled, therefore tinc uses a second
  thread that does a blocking ReadFile() on the TAP-Win32/64 device. However,
  this does not mix well with libevent.
- Libevent, event just the core, is quite large, and although it is easy to get
  and install on many platforms, it can be a burden.
- Libev is more lightweight and seems technically superior, but it doesn't
  abstract away all the platform differences (for example, async events are not
  supported on Windows).

12 years agoEnsure MTU probe replies are sent back the same way they came in.
Guus Sliepen [Mon, 19 Nov 2012 13:20:50 +0000 (14:20 +0100)]
Ensure MTU probe replies are sent back the same way they came in.

Also sprinkle some comments over mtu_probe_h().

12 years agoImprove UDP address selection.
Guus Sliepen [Mon, 19 Nov 2012 12:50:17 +0000 (13:50 +0100)]
Improve UDP address selection.

We don't need to search the whole edge tree, we can use the node's own edge
tree since each edge has a pointer to its reverse. Also, we do need to make
sure we try the reflexive address often.