Commit Graph

483 Commits

Author SHA1 Message Date
frekky
41ec2ae79c Added statistics printout and command line option 2015-10-04 22:13:47 +08:00
frekky
2be624c9a6 Fixed window_sending + made debug output nicer 2015-10-03 22:15:30 +08:00
frekky
4403e950a9 Added timeval <-> millisecond util functions 2015-10-03 22:14:30 +08:00
frekky
9ee23992c0 Added user ping flag, all_users_waiting_to_send now makes sense 2015-10-03 22:13:15 +08:00
frekky
faf7d277a8 Server-side query-answer logic now handled by qmem_max_wait 2015-10-03 22:11:58 +08:00
frekky
51bf36c863 Adjusted new command line options for case consistency 2015-10-03 22:10:12 +08:00
frekky
1b85d23087 Fixed option handshake and query tracking (now works) 2015-10-03 22:09:34 +08:00
frekky
e454a7edb5 Modified options packet to change more than 1 option at a time 2015-09-28 20:06:23 +08:00
frekky
4f16dd10e6 Merge remote-tracking branch 'h44z/iodine/master'
Conflicts:
	src/window.h
2015-09-28 16:39:08 +08:00
frekky
ad48dc8e10 Updated qmem as lazy mode query buffer, other fixes/adjustments and
support for more client-controlled options
2015-09-28 13:09:49 +08:00
frekky
6eb2e4d251 Added fine tuning command-line options 2015-09-28 13:07:29 +08:00
frekky
c7cff96055 More connection stats, timeout control + compression flags, client-side
query tracking; lazy mode is now possible with windowing protocol.
2015-09-28 13:07:00 +08:00
frekky
c903203a24 Fixed issues with difftime and removed unused parts of query struct. 2015-09-28 13:02:34 +08:00
frekky
555a3cbfe2 Modified qmem for lazy mode handling; fixed some user management issues 2015-09-28 13:01:18 +08:00
frekky
bd9966836e Added clear, reset and number of fragments to be sent; better debugging 2015-09-28 12:57:33 +08:00
frekky
33525e5086 Added windows gettimeofday function and timeval macros 2015-09-28 12:26:41 +08:00
frekky
c48822dfbe Added debug / default build options (make debug) 2015-09-28 12:24:15 +08:00
Christoph Haas
b7f0da1493 Fixed C99 Compiler warning 2015-09-11 17:33:04 +02:00
frekky
0449c465e7 Re-implemented working DNS tunnelling (with windows!) 2015-08-29 20:11:46 +08:00
frekky
9f6033c4b8 Added client debug output option 2015-08-29 20:10:53 +08:00
frekky
c83a52c771 Now starts when no non-loopback interfaces configured 2015-08-29 20:10:25 +08:00
frekky
98da57ba74 More unsignedness and working DNS tunnelling 2015-08-29 20:08:46 +08:00
frekky
51a59bed24 Added more debug output and deprecated qmem 2015-08-29 20:07:44 +08:00
frekky
b6162241e6 Fixed some windowing issues + made debug output optional (WINDOW_DEBUG) 2015-08-29 20:06:53 +08:00
frekky
02c2763c26 Unsigned types for encoding data 2015-08-29 13:03:08 +08:00
frekky
4c8ce94be7 Minor readability adjustments + more debug output 2015-08-23 22:15:51 +08:00
frekky
8e08c007c5 Window buffer max_fragsize adjusted according to MAX_HOSTNAME and
current upstream codec
2015-08-23 22:14:27 +08:00
frekky
391bf5224a Added window_buffer_resize function 2015-08-23 22:11:28 +08:00
frekky
5df91ed775 Added encoder length calculation functions 2015-08-23 22:10:50 +08:00
frekky
96f9270b7f Removed unhelpful coding errors. 2015-08-21 23:24:53 +08:00
frekky
d8c08191cc Server-side sliding window implementation mostly finished. Requires
testing.
2015-08-21 23:23:24 +08:00
frekky
844abefcf8 A little bit of refactoring - separated iodined.c into separate files
Fixed up client side compile issues
Removed old packet handling code - TODO: use sliding window buffer
instead
2015-08-21 16:57:54 +08:00
frekky
83f70608fc Client side sliding window implementation (requires further testing) 2015-08-21 11:08:47 +08:00
frekky
0fcd8d337d Updated docs + protocol description (800) 2015-08-21 11:07:48 +08:00
frekky
92f3963790 Created sliding window buffer implementation and handling code 2015-08-21 11:05:50 +08:00
frekky
3e7cf55fe4 Added option for multiple nameservers, used in round-robin 2015-08-14 22:07:48 +08:00
Erik Ekman
a8a5fbbf0d Second attempt at PIE binary for new android
Github PR #14
2015-08-05 20:04:03 +02:00
Erik Ekman
c269a00344 Add support for Android L
Build position-indepent executables, required for Android L (5.0+)
They also work with kitkat.

Add new maketarget "cross-android-old" that builds without PIE
for older versions.

Include both new and old versions in latest-android.zip. Add arm64.

Hopefully solves github PR #14.
2015-08-05 19:36:28 +02:00
Erik Ekman
f61ed01a3c Remove unused method users_waiting_on_reply() 2015-07-19 09:48:36 +02:00
Erik Ekman
fc1611fc40 Only accept IPv6 in server IPv6 socket
Set IPV6_V6ONLY flag on server socket. Not all operating systems
support mixing v4/v6 in one socket, so separate them all the time.
2015-06-30 21:58:16 +02:00
Erik Ekman
4d03ee7786 Allow choosing only IPv4 or IPv6 in server
IPv6 might still allow IPv4 since V6_ONLY is not set by the server.
2015-06-30 21:32:21 +02:00
Erik Ekman
e7d253b1c1 Fix compile on Darwin (hopefully) 2015-06-28 22:52:33 +02:00
Erik Ekman
b4e9148df8 Support raw mode for both IPv4 and IPv6
Read destination address of IP request packet and return it.
Check length in client and use it as IPv4 or v6 depending on length.
2015-06-28 22:41:54 +02:00
Erik Ekman
7a51b22909 Simplify cleanup code 2015-06-28 21:05:23 +02:00
Erik Ekman
ec0e3f2e51 Change sockaddr lengths back to signed
They are used to check negative return values.
2015-06-28 20:25:22 +02:00
Erik Ekman
7a117bd71e IPv6 support for DNS traffic in server
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.

Use -L to only listen on a specific v6 address.

IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.

Tunnel data is still IPv4.
2015-06-28 20:01:48 +02:00
Erik Ekman
07c2fd4068 Prepare server code for IPv6 listening socket
Add a struct with multiple dns file descriptors (for IPv4 and IPv6)
and pass this to required areas. Choose which descriptor to use when
sending by looking at the destination address family.
2015-06-28 13:05:17 +02:00
Erik Ekman
582a818f2a Switch external IP service to api.ipify.org
externalip.net seems to have gone away
2015-06-27 12:11:43 +02:00
Erik Ekman
778d29825d Switch to IPv6-ready storage of user IP address 2015-06-27 11:57:39 +02:00
Erik Ekman
9e105d21d4 Add explanation for tun packet headers 2015-04-08 08:42:05 +02:00
Catalin Patulea
b38b2ca7c5 Clarify that header is for both OPENBSD and DARWIN(utun). 2015-04-08 01:40:19 -04:00
Catalin Patulea
33abc0ca26 Support utun devices on Mac OS X.
As of 10.6, OS X has native tunnel devices. They are implemented as
sockets rather than character devices, but otherwise they appear to
behave the same as Free/OpenBSD tunnels.

'-d utunX' will tell iodine to use a utun device. For backward
compatibility, we'll continue to default to the old tuntap devices for
now.

This is a port of Peter Sagerson <psagers.github@ignorare.net>'s openvpn
commit 43e5016a.
2015-03-14 17:02:08 -04:00
gregor herrmann
1160649794 fix compilation error on kFreeBSD and Hurd 2015-01-23 09:50:41 +01:00
Ryan Welton
434a023afe Fix warning for comparing enum
CC user.c
user.c:202:15: warning: comparison of unsigned
      enum expression < 0 is always false
      [-Wtautological-compare]
        if (c < 0 || c >= CONN_MAX)
            ~ ^ ~
2014-10-25 10:27:01 +02:00
Erik Ekman
9a45c4aa66 Change license wording to follow ISC license exactly
"Permission to use, copy, modify, and distribute this software" is now
"Permission to use, copy, modify, and/or distribute this software".

Add license header to source files missing one.
2014-08-07 21:18:33 +02:00
Erik Ekman
7433423836 Remove redundant strerror() in warn() calls 2014-08-07 20:03:46 +02:00
Barak A. Pearlmutter
46532539c2 Rename VERSION define
prep for autotools: autoconf defines VERSION so s/VERSION/PROTOCOL_VERSION/
2014-08-07 12:55:59 +02:00
Jason A. Donenfeld
cc4bc22447 osflags: use pkg-config for systemd support
Recent versions of systemd don't ship with libsystemd-daemon.so anymore,
but instead use libsystemd.so for everything. This is obviously
problematic for using the same LDFLAGS on old systemd and new systemd.
So, they also ship compatability pkgconfig files, which use the old
names but return the new library. So, the most portable way to support
both old and new systemd is to use pkgconfig. It's not a problem either,
since systems that use systemd are bound to also have pkgconfig
installed.
2014-07-25 02:02:48 +02:00
Erik Ekman
eec0a868d9 Set correct sockaddr length when sending
Fix EINVAL error on NetBSD
2014-06-16 22:28:04 +02:00
Erik Ekman
b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman
bf658b0c59 Misc cleanup of tun.c
- Make variables static
- open_tun(): First Linux code, then Windows, then BSDs
- write_tun()/read_tun(): Split Windows and normal code
2014-06-11 21:04:22 +02:00
Erik Ekman
3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman
2466cd184a Change readshort() to work with unsigned values 2014-06-09 19:47:44 +02:00
Erik Ekman
1f4b9250cf Check that supplied query type is valid 2014-06-09 18:56:32 +02:00
Erik Ekman
4d7678dc5b Prefix exported functions from client.c 2014-06-09 18:11:16 +02:00
Erik Ekman
fbb5a49cf3 Fix windows build 2014-06-05 02:19:57 +02:00
Erik Ekman
3fadbfb580 Do not let sockets be inherited by sub-processes
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman
a23899513d Remove trailing whitespace 2014-06-01 08:46:54 +02:00
Erik Ekman
388afe3845 Update copyright 2014-06-01 08:46:54 +02:00
Erik Ekman
95dedf51db Simplify opening UDP socket in win32 tun reader 2014-05-31 21:22:03 +02:00
Erik Ekman
d0fb85e8cf Do not use 53 as source port for DNS/raw traffic.
For some reason this makes raw traffic get dropped.
2014-05-31 21:20:04 +02:00
Erik Ekman
5b71224def Fix segfault in windows tun reader thread
The arguments to open_dns() needs to be updated after API change.
Called with 0, INADDR_ANY used to mean port, IP address but now means
pointer to sockadddr and its length. Thanks to C for not giving any
warnings or errors..
2014-05-31 19:33:25 +02:00
Erik Ekman
00268bc160 Fix two unused variables for windows build 2014-05-31 10:19:46 +02:00
Erik Ekman
3914d37c99 Move error message generation into topdomain check method
Change isalpha() to a-z check to avoid locale issues
2014-05-31 10:07:36 +02:00
Erik Ekman
9bb2323f84 Improve check of topdomain to use
Add more checks and unit tests
2014-05-30 00:18:45 +02:00
Erik Ekman
bacb69e4f0 Mark usage() method as noreturn to avoid warning on BSD
Warning from OpenBSD/NetBSD:
  CC iodine.c
  iodine.c: In function 'main':
  iodine.c:141:6: warning: 'nameservaddr_len' may be used uninitialized in this function
2014-05-29 23:21:55 +02:00
Erik Ekman
d6c3426b84 Set C standard to C99
Also include strings.h where strcasecmp() is used
2014-05-29 18:38:43 +02:00
Erik Ekman
b079b0eda5 Fix build error and a warning on OpenBSD 2014-05-29 16:18:59 +02:00
Barak A. Pearlmutter
88590bcaaf Mixing signed and unsigned quantities in MIN() upset GCC's tender soul. 2014-04-06 13:41:31 +02:00
Barak A. Pearlmutter
f73fb9f8d0 rewrite comparison to avoid negative unsigned numbers
Note that GCC -O2 is happy to optimize away (x<0) when x is an
unsigned quantity.  This was actually occurring in CHECKLEN(0),
causing the compiler to issue a warning.
2014-04-06 13:41:17 +02:00
Erik Ekman
acd6c37ac1 Fix build after rtable patch 2014-04-06 13:35:09 +02:00
Erik Ekman
eca80f769b Merge branch 'master' of https://github.com/jedisct1/iodine 2014-04-06 13:31:34 +02:00
Erik Ekman
619ede5da8 Add options to force IP version for client DNS traffic 2014-02-10 22:52:31 +01:00
Erik Ekman
540d3795a9 Switch from inet_pton() to getnameinfo() for portability
Windows XP is supported again
2014-02-06 22:50:23 +01:00
Erik Ekman
f02339b3b2 IPv6: Create single way to format IP addresses 2014-02-06 19:44:26 +01:00
Erik Ekman
400f45c793 Do not use AI_ADDRCONFIG on Windows
It was not available on my MinGW crosscompiler,
and it may be harmful:
https://code.google.com/p/chromium/issues/detail?id=5234

Also, remove old conflicting WINVER in osflags.
It is set in src/windows.h now.
2014-02-05 22:55:35 +01:00
Erik Ekman
a1d88c4f0a IPv6 support for client (#107)
The iodine client now supports both IPv4 and IPv6 nameservers for
sending DNS queries to an IPv4 iodined. The nameserver will
transparently handle translation between IP protocols.

Windows port needs Vista or later to support IPv6.
2014-02-05 22:36:53 +01:00
Erik Ekman
8baad91156 Make sure buffer is zero-terminated when getting external ip
Also switch to HTTP 1.0 to avoid chunked transfer coding.
2014-01-29 23:12:22 +01:00
Erik Ekman
967276f3ba Fix git revision for android 2014-01-29 20:34:00 +01:00
Erik Ekman
fb9e930fee Print git revision as version 2014-01-29 20:25:45 +01:00
Erik Ekman
97b5e688ef Fix warning, unused variable 'accepted_fragsize' 2014-01-29 19:33:54 +01:00
Erik Ekman
a7f491f808 Fix warning, unused variable 'rtable' 2014-01-29 19:12:46 +01:00
Erik Ekman
4f02f7d0aa Fix warning, unused variable 'encsize' 2014-01-29 19:12:42 +01:00
Erik Ekman
900647fa0c Merge pull request #4 from mscherer/systemd
Add socket activation for systemd, with a option to stop on idle
2014-01-29 09:25:00 -08:00
Michael Scherer
abd276ed9e Add idle option, so we can stop iodine and start it on demand with systemd 2013-12-23 22:57:50 +01:00
Michael Scherer
27fb4c75cd Add support to have on demand socket activation of iodine 2013-12-23 22:57:40 +01:00
Michael Scherer
64ff684754 Fix gcc warning -Wsizeof-pointer-memaccess
iodined.c: In function ‘write_dns_nameenc’:
iodined.c:2030:23: attention : argument to ‘sizeof’ in ‘memset’ call is the same
expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
  memset(buf, 0, sizeof(buf));

sizeof buf will just give the size of the pointer, while buflen will clean the whole
memory.
2013-12-23 18:04:06 +01:00
Frank Denis
28ceecba37 size_t values can't be negative. 2013-05-20 10:40:44 -07:00
Frank Denis
1523a4f035 snprintf() is a macro on some operating systems
and having #ifdef statements in macro parameters has undefined behavior.
2013-05-20 10:39:05 -07:00
Frank Denis
b31e66343a -R only works on OpenBSD. 2013-05-20 10:31:39 -07:00