frekky
41ec2ae79c
Added statistics printout and command line option
2015-10-04 22:13:47 +08:00
frekky
2be624c9a6
Fixed window_sending + made debug output nicer
2015-10-03 22:15:30 +08:00
frekky
4403e950a9
Added timeval <-> millisecond util functions
2015-10-03 22:14:30 +08:00
frekky
9ee23992c0
Added user ping flag, all_users_waiting_to_send now makes sense
2015-10-03 22:13:15 +08:00
frekky
faf7d277a8
Server-side query-answer logic now handled by qmem_max_wait
2015-10-03 22:11:58 +08:00
frekky
51bf36c863
Adjusted new command line options for case consistency
2015-10-03 22:10:12 +08:00
frekky
1b85d23087
Fixed option handshake and query tracking (now works)
2015-10-03 22:09:34 +08:00
frekky
e454a7edb5
Modified options packet to change more than 1 option at a time
2015-09-28 20:06:23 +08:00
frekky
4f16dd10e6
Merge remote-tracking branch 'h44z/iodine/master'
...
Conflicts:
src/window.h
2015-09-28 16:39:08 +08:00
frekky
ad48dc8e10
Updated qmem as lazy mode query buffer, other fixes/adjustments and
...
support for more client-controlled options
2015-09-28 13:09:49 +08:00
frekky
6eb2e4d251
Added fine tuning command-line options
2015-09-28 13:07:29 +08:00
frekky
c7cff96055
More connection stats, timeout control + compression flags, client-side
...
query tracking; lazy mode is now possible with windowing protocol.
2015-09-28 13:07:00 +08:00
frekky
c903203a24
Fixed issues with difftime and removed unused parts of query struct.
2015-09-28 13:02:34 +08:00
frekky
555a3cbfe2
Modified qmem for lazy mode handling; fixed some user management issues
2015-09-28 13:01:18 +08:00
frekky
bd9966836e
Added clear, reset and number of fragments to be sent; better debugging
2015-09-28 12:57:33 +08:00
frekky
33525e5086
Added windows gettimeofday function and timeval macros
2015-09-28 12:26:41 +08:00
frekky
c48822dfbe
Added debug / default build options (make debug)
2015-09-28 12:24:15 +08:00
Christoph Haas
b7f0da1493
Fixed C99 Compiler warning
2015-09-11 17:33:04 +02:00
frekky
0449c465e7
Re-implemented working DNS tunnelling (with windows!)
2015-08-29 20:11:46 +08:00
frekky
9f6033c4b8
Added client debug output option
2015-08-29 20:10:53 +08:00
frekky
c83a52c771
Now starts when no non-loopback interfaces configured
2015-08-29 20:10:25 +08:00
frekky
98da57ba74
More unsignedness and working DNS tunnelling
2015-08-29 20:08:46 +08:00
frekky
51a59bed24
Added more debug output and deprecated qmem
2015-08-29 20:07:44 +08:00
frekky
b6162241e6
Fixed some windowing issues + made debug output optional (WINDOW_DEBUG)
2015-08-29 20:06:53 +08:00
frekky
02c2763c26
Unsigned types for encoding data
2015-08-29 13:03:08 +08:00
frekky
4c8ce94be7
Minor readability adjustments + more debug output
2015-08-23 22:15:51 +08:00
frekky
8e08c007c5
Window buffer max_fragsize adjusted according to MAX_HOSTNAME and
...
current upstream codec
2015-08-23 22:14:27 +08:00
frekky
391bf5224a
Added window_buffer_resize function
2015-08-23 22:11:28 +08:00
frekky
5df91ed775
Added encoder length calculation functions
2015-08-23 22:10:50 +08:00
frekky
96f9270b7f
Removed unhelpful coding errors.
2015-08-21 23:24:53 +08:00
frekky
d8c08191cc
Server-side sliding window implementation mostly finished. Requires
...
testing.
2015-08-21 23:23:24 +08:00
frekky
844abefcf8
A little bit of refactoring - separated iodined.c into separate files
...
Fixed up client side compile issues
Removed old packet handling code - TODO: use sliding window buffer
instead
2015-08-21 16:57:54 +08:00
frekky
83f70608fc
Client side sliding window implementation (requires further testing)
2015-08-21 11:08:47 +08:00
frekky
0fcd8d337d
Updated docs + protocol description (800)
2015-08-21 11:07:48 +08:00
frekky
92f3963790
Created sliding window buffer implementation and handling code
2015-08-21 11:05:50 +08:00
frekky
3e7cf55fe4
Added option for multiple nameservers, used in round-robin
2015-08-14 22:07:48 +08:00
Erik Ekman
a8a5fbbf0d
Second attempt at PIE binary for new android
...
Github PR #14
2015-08-05 20:04:03 +02:00
Erik Ekman
c269a00344
Add support for Android L
...
Build position-indepent executables, required for Android L (5.0+)
They also work with kitkat.
Add new maketarget "cross-android-old" that builds without PIE
for older versions.
Include both new and old versions in latest-android.zip. Add arm64.
Hopefully solves github PR #14 .
2015-08-05 19:36:28 +02:00
Erik Ekman
f61ed01a3c
Remove unused method users_waiting_on_reply()
2015-07-19 09:48:36 +02:00
Erik Ekman
fc1611fc40
Only accept IPv6 in server IPv6 socket
...
Set IPV6_V6ONLY flag on server socket. Not all operating systems
support mixing v4/v6 in one socket, so separate them all the time.
2015-06-30 21:58:16 +02:00
Erik Ekman
4d03ee7786
Allow choosing only IPv4 or IPv6 in server
...
IPv6 might still allow IPv4 since V6_ONLY is not set by the server.
2015-06-30 21:32:21 +02:00
Erik Ekman
e7d253b1c1
Fix compile on Darwin (hopefully)
2015-06-28 22:52:33 +02:00
Erik Ekman
b4e9148df8
Support raw mode for both IPv4 and IPv6
...
Read destination address of IP request packet and return it.
Check length in client and use it as IPv4 or v6 depending on length.
2015-06-28 22:41:54 +02:00
Erik Ekman
7a51b22909
Simplify cleanup code
2015-06-28 21:05:23 +02:00
Erik Ekman
ec0e3f2e51
Change sockaddr lengths back to signed
...
They are used to check negative return values.
2015-06-28 20:25:22 +02:00
Erik Ekman
7a117bd71e
IPv6 support for DNS traffic in server
...
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.
Use -L to only listen on a specific v6 address.
IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.
Tunnel data is still IPv4.
2015-06-28 20:01:48 +02:00
Erik Ekman
07c2fd4068
Prepare server code for IPv6 listening socket
...
Add a struct with multiple dns file descriptors (for IPv4 and IPv6)
and pass this to required areas. Choose which descriptor to use when
sending by looking at the destination address family.
2015-06-28 13:05:17 +02:00
Erik Ekman
582a818f2a
Switch external IP service to api.ipify.org
...
externalip.net seems to have gone away
2015-06-27 12:11:43 +02:00
Erik Ekman
778d29825d
Switch to IPv6-ready storage of user IP address
2015-06-27 11:57:39 +02:00
Erik Ekman
9e105d21d4
Add explanation for tun packet headers
2015-04-08 08:42:05 +02:00
Catalin Patulea
b38b2ca7c5
Clarify that header is for both OPENBSD and DARWIN(utun).
2015-04-08 01:40:19 -04:00
Catalin Patulea
33abc0ca26
Support utun devices on Mac OS X.
...
As of 10.6, OS X has native tunnel devices. They are implemented as
sockets rather than character devices, but otherwise they appear to
behave the same as Free/OpenBSD tunnels.
'-d utunX' will tell iodine to use a utun device. For backward
compatibility, we'll continue to default to the old tuntap devices for
now.
This is a port of Peter Sagerson <psagers.github@ignorare.net>'s openvpn
commit 43e5016a.
2015-03-14 17:02:08 -04:00
gregor herrmann
1160649794
fix compilation error on kFreeBSD and Hurd
2015-01-23 09:50:41 +01:00
Ryan Welton
434a023afe
Fix warning for comparing enum
...
CC user.c
user.c:202:15: warning: comparison of unsigned
enum expression < 0 is always false
[-Wtautological-compare]
if (c < 0 || c >= CONN_MAX)
~ ^ ~
2014-10-25 10:27:01 +02:00
Erik Ekman
9a45c4aa66
Change license wording to follow ISC license exactly
...
"Permission to use, copy, modify, and distribute this software" is now
"Permission to use, copy, modify, and/or distribute this software".
Add license header to source files missing one.
2014-08-07 21:18:33 +02:00
Erik Ekman
7433423836
Remove redundant strerror() in warn() calls
2014-08-07 20:03:46 +02:00
Barak A. Pearlmutter
46532539c2
Rename VERSION define
...
prep for autotools: autoconf defines VERSION so s/VERSION/PROTOCOL_VERSION/
2014-08-07 12:55:59 +02:00
Jason A. Donenfeld
cc4bc22447
osflags: use pkg-config for systemd support
...
Recent versions of systemd don't ship with libsystemd-daemon.so anymore,
but instead use libsystemd.so for everything. This is obviously
problematic for using the same LDFLAGS on old systemd and new systemd.
So, they also ship compatability pkgconfig files, which use the old
names but return the new library. So, the most portable way to support
both old and new systemd is to use pkgconfig. It's not a problem either,
since systems that use systemd are bound to also have pkgconfig
installed.
2014-07-25 02:02:48 +02:00
Erik Ekman
eec0a868d9
Set correct sockaddr length when sending
...
Fix EINVAL error on NetBSD
2014-06-16 22:28:04 +02:00
Erik Ekman
b715be5cf3
Fix authentication bypass bug
...
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.
Add checks for normal and raw mode that user has authenticated before allowing
any other communication.
Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman
bf658b0c59
Misc cleanup of tun.c
...
- Make variables static
- open_tun(): First Linux code, then Windows, then BSDs
- write_tun()/read_tun(): Split Windows and normal code
2014-06-11 21:04:22 +02:00
Erik Ekman
3ebcd29b13
Add support for using an unspecified RR type
...
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman
2466cd184a
Change readshort() to work with unsigned values
2014-06-09 19:47:44 +02:00
Erik Ekman
1f4b9250cf
Check that supplied query type is valid
2014-06-09 18:56:32 +02:00
Erik Ekman
4d7678dc5b
Prefix exported functions from client.c
2014-06-09 18:11:16 +02:00
Erik Ekman
fbb5a49cf3
Fix windows build
2014-06-05 02:19:57 +02:00
Erik Ekman
3fadbfb580
Do not let sockets be inherited by sub-processes
...
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99 , "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman
a23899513d
Remove trailing whitespace
2014-06-01 08:46:54 +02:00
Erik Ekman
388afe3845
Update copyright
2014-06-01 08:46:54 +02:00
Erik Ekman
95dedf51db
Simplify opening UDP socket in win32 tun reader
2014-05-31 21:22:03 +02:00
Erik Ekman
d0fb85e8cf
Do not use 53 as source port for DNS/raw traffic.
...
For some reason this makes raw traffic get dropped.
2014-05-31 21:20:04 +02:00
Erik Ekman
5b71224def
Fix segfault in windows tun reader thread
...
The arguments to open_dns() needs to be updated after API change.
Called with 0, INADDR_ANY used to mean port, IP address but now means
pointer to sockadddr and its length. Thanks to C for not giving any
warnings or errors..
2014-05-31 19:33:25 +02:00
Erik Ekman
00268bc160
Fix two unused variables for windows build
2014-05-31 10:19:46 +02:00
Erik Ekman
3914d37c99
Move error message generation into topdomain check method
...
Change isalpha() to a-z check to avoid locale issues
2014-05-31 10:07:36 +02:00
Erik Ekman
9bb2323f84
Improve check of topdomain to use
...
Add more checks and unit tests
2014-05-30 00:18:45 +02:00
Erik Ekman
bacb69e4f0
Mark usage() method as noreturn to avoid warning on BSD
...
Warning from OpenBSD/NetBSD:
CC iodine.c
iodine.c: In function 'main':
iodine.c:141:6: warning: 'nameservaddr_len' may be used uninitialized in this function
2014-05-29 23:21:55 +02:00
Erik Ekman
d6c3426b84
Set C standard to C99
...
Also include strings.h where strcasecmp() is used
2014-05-29 18:38:43 +02:00
Erik Ekman
b079b0eda5
Fix build error and a warning on OpenBSD
2014-05-29 16:18:59 +02:00
Barak A. Pearlmutter
88590bcaaf
Mixing signed and unsigned quantities in MIN() upset GCC's tender soul.
2014-04-06 13:41:31 +02:00
Barak A. Pearlmutter
f73fb9f8d0
rewrite comparison to avoid negative unsigned numbers
...
Note that GCC -O2 is happy to optimize away (x<0) when x is an
unsigned quantity. This was actually occurring in CHECKLEN(0),
causing the compiler to issue a warning.
2014-04-06 13:41:17 +02:00
Erik Ekman
acd6c37ac1
Fix build after rtable patch
2014-04-06 13:35:09 +02:00
Erik Ekman
eca80f769b
Merge branch 'master' of https://github.com/jedisct1/iodine
2014-04-06 13:31:34 +02:00
Erik Ekman
619ede5da8
Add options to force IP version for client DNS traffic
2014-02-10 22:52:31 +01:00
Erik Ekman
540d3795a9
Switch from inet_pton() to getnameinfo() for portability
...
Windows XP is supported again
2014-02-06 22:50:23 +01:00
Erik Ekman
f02339b3b2
IPv6: Create single way to format IP addresses
2014-02-06 19:44:26 +01:00
Erik Ekman
400f45c793
Do not use AI_ADDRCONFIG on Windows
...
It was not available on my MinGW crosscompiler,
and it may be harmful:
https://code.google.com/p/chromium/issues/detail?id=5234
Also, remove old conflicting WINVER in osflags.
It is set in src/windows.h now.
2014-02-05 22:55:35 +01:00
Erik Ekman
a1d88c4f0a
IPv6 support for client ( #107 )
...
The iodine client now supports both IPv4 and IPv6 nameservers for
sending DNS queries to an IPv4 iodined. The nameserver will
transparently handle translation between IP protocols.
Windows port needs Vista or later to support IPv6.
2014-02-05 22:36:53 +01:00
Erik Ekman
8baad91156
Make sure buffer is zero-terminated when getting external ip
...
Also switch to HTTP 1.0 to avoid chunked transfer coding.
2014-01-29 23:12:22 +01:00
Erik Ekman
967276f3ba
Fix git revision for android
2014-01-29 20:34:00 +01:00
Erik Ekman
fb9e930fee
Print git revision as version
2014-01-29 20:25:45 +01:00
Erik Ekman
97b5e688ef
Fix warning, unused variable 'accepted_fragsize'
2014-01-29 19:33:54 +01:00
Erik Ekman
a7f491f808
Fix warning, unused variable 'rtable'
2014-01-29 19:12:46 +01:00
Erik Ekman
4f02f7d0aa
Fix warning, unused variable 'encsize'
2014-01-29 19:12:42 +01:00
Erik Ekman
900647fa0c
Merge pull request #4 from mscherer/systemd
...
Add socket activation for systemd, with a option to stop on idle
2014-01-29 09:25:00 -08:00
Michael Scherer
abd276ed9e
Add idle option, so we can stop iodine and start it on demand with systemd
2013-12-23 22:57:50 +01:00
Michael Scherer
27fb4c75cd
Add support to have on demand socket activation of iodine
2013-12-23 22:57:40 +01:00
Michael Scherer
64ff684754
Fix gcc warning -Wsizeof-pointer-memaccess
...
iodined.c: In function ‘write_dns_nameenc’:
iodined.c:2030:23: attention : argument to ‘sizeof’ in ‘memset’ call is the same
expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
memset(buf, 0, sizeof(buf));
sizeof buf will just give the size of the pointer, while buflen will clean the whole
memory.
2013-12-23 18:04:06 +01:00
Frank Denis
28ceecba37
size_t values can't be negative.
2013-05-20 10:40:44 -07:00
Frank Denis
1523a4f035
snprintf() is a macro on some operating systems
...
and having #ifdef statements in macro parameters has undefined behavior.
2013-05-20 10:39:05 -07:00
Frank Denis
b31e66343a
-R only works on OpenBSD.
2013-05-20 10:31:39 -07:00