Commit Graph

169 Commits

Author SHA1 Message Date
Erik Ekman
e5370ad95b #36, basic raw mode tunnel works 2012-02-04 20:34:02 +01:00
Erik Ekman
58d9615160 #36, upstream traffic now sent in raw mode 2012-02-04 20:34:02 +01:00
Erik Ekman
a62ae8e562 Allow bind port and listen port to be the same if listenip doesnt include localhost. Also remove newlines from warnx 2012-02-04 20:34:02 +01:00
Sebastien Raveau
d5acb508bc Add support for applying SELinux context 2012-02-04 20:34:02 +01:00
Erik Ekman
196b37c402 return 1 if opening tun fails and args are correct 2012-02-04 20:34:02 +01:00
Erik Ekman
f20b3c9511 Remove a global variable and some warnings 2012-02-04 20:34:02 +01:00
Erik Ekman
1235cb3e4a #36 server now responds to raw login, quite a hack 2012-02-04 20:34:02 +01:00
Erik Ekman
c92ed9bad8 #36 send raw login packet directly to server 2012-02-04 20:34:02 +01:00
Erik Ekman
950c0870b2 Added CMC to I and S packet types 2012-02-04 20:34:02 +01:00
Erik Ekman
27fc039700 #36, add way to request ip address from server 2012-02-04 20:34:02 +01:00
Erik Ekman
addd798712 Set interface MTU to 1200.
1188 is the uncompressed DNS reply payload size that gets through
unfragmented on Ethernet.
2012-02-04 20:34:01 +01:00
Erik Ekman
54195968c7 Use winsock2.h, use ws2tcpip.h for socklen_t 2012-02-04 20:34:01 +01:00
Erik Ekman
84f5965825 Increase default mtu to 1500 2012-02-04 20:34:01 +01:00
Erik Ekman
3e07afd13b change all printf to fprintf on stderr for #49 2012-02-04 20:34:01 +01:00
Erik Ekman
4ae304a9b7 Use winsock2.2 2012-02-04 20:34:01 +01:00
Erik Ekman
bf46666fe8 #50 added syslog logging for version and login packets. no-op on windows 2012-02-04 20:34:00 +01:00
Erik Ekman
b6fc3fc0ef Made dns_get_id return unsigned short, added test cases 2012-02-04 20:34:00 +01:00
Erik Ekman
10fd388bb7 use socklen_t 2012-02-04 20:34:00 +01:00
Erik Ekman
80ae712a6f Add WSAStartup to iodined 2012-02-04 20:34:00 +01:00
Erik Ekman
94f412a8d8 Dont need plibc 2012-02-04 20:34:00 +01:00
Erik Ekman
155f0c6f37 Merged branch with mingw port. Compiles now, tun work to do 2012-02-04 20:34:00 +01:00
Erik Ekman
0836ad0a5b revert cygwin stuff 2012-02-04 20:34:00 +01:00
Erik Ekman
97bf71e944 Make it build and fix tests in cygwin 2012-02-04 20:33:59 +01:00
Erik Ekman
352d75131f Move superuser check to common.c 2012-02-04 20:33:59 +01:00
Erik Ekman
78d324a6b4 Enhanced checks on incoming queries, check user exists and is active 2012-02-04 20:33:59 +01:00
Erik Ekman
df93da00c6 #7, add probe fragsize support for server. documented 2012-02-04 20:33:59 +01:00
Erik Ekman
9ababcaa96 #7, set max fragsize with -m in the client 2012-02-04 20:33:59 +01:00
Erik Ekman
d4e077aff4 downstream fragsize is now per user 2012-02-04 20:33:59 +01:00
Erik Ekman
23fad5b628 Downstream fragmentation now working. Currently fragment size is hardcoded to 1200. More tweaking left, as well as fragsize auto detection. (#7) 2012-02-04 20:33:59 +01:00
Erik Ekman
cc17083222 add downstream data header and basic parsing in client, for #7 2012-02-04 20:33:59 +01:00
Erik Ekman
3ed5f7e674 Create send_chunk() on server 2012-02-04 20:33:59 +01:00
Erik Ekman
43c438971b Allow setting netmask in iodined, fixes #27. The same netmask will be given to clients as well. Updated docs. 2012-02-04 20:33:59 +01:00
Erik Ekman
c7fa4ddde2 Assign client IPs within the network (fixes #28), also limit number of users depending on netmask (for #27) 2012-02-04 20:33:59 +01:00
Erik Ekman
a5031ee9dd Happy new year 2012-02-04 20:33:59 +01:00
Erik Ekman
09c904f0c1 make OUT debug look more like IN debug 2012-02-04 20:33:58 +01:00
Erik Ekman
85e75cadea make iodined build on opensolaris 2012-02-04 20:33:58 +01:00
Erik Ekman
cc075124fa Detect duplicates in upstream data, start frag at zero 2012-02-04 20:33:58 +01:00
Erik Ekman
8d27febc7d Implemented new protocol for upstream data 2012-02-04 20:33:58 +01:00
Erik Ekman
b36ed27117 Added -n to set NS ip, updated docs, added checks 2012-02-04 20:33:58 +01:00
Erik Ekman
e7fdb0a5f5 Reverted [686], [689] and [692]. SSH login now works again. Increased version. 2012-02-04 20:33:58 +01:00
Erik Ekman
d7f2d60d56 Use base64 is case is preserved and plus sign is allowed 2012-02-04 20:33:58 +01:00
Erik Ekman
b5cdb09011 Added debugging 2012-02-04 20:33:58 +01:00
Erik Ekman
9d3f87ddcc Fix issue #33, respond to NS requests 2012-02-04 20:33:57 +01:00
Erik Ekman
f4cd876ace shorten some lines 2012-02-04 20:33:57 +01:00
Erik Ekman
bd45e6ccb2 formatting 2012-02-04 20:33:57 +01:00
Erik Ekman
49695a4cb4 Updated year 2012-02-04 20:33:57 +01:00
Erik Ekman
26cc53e3fa added include for iovec 2012-02-04 20:33:57 +01:00
Erik Ekman
35a8ffe46d Now fetches destination address from udp packets 2012-02-04 20:33:57 +01:00
Erik Ekman
02d40c1a7b Forward non-tunnel requests to another udp port (fixes #31) 2012-02-04 20:33:57 +01:00
Erik Ekman
d24dae882a Implemented filtering based on topdomain 2012-02-04 20:33:57 +01:00
Erik Ekman
166fb4b6c7 Fixed segfault when sending version rejects: VNAK/VFUL 2012-02-04 20:33:57 +01:00
Erik Ekman
3fc9eaeaa3 Improved latency for traffic initiated from server 2012-02-04 20:33:57 +01:00
Erik Ekman
21ad2ef5ae added -D to usage() and help() 2012-02-04 20:33:57 +01:00
Erik Ekman
025fb1bf1f Added debug capability on server 2012-02-04 20:33:57 +01:00
Erik Ekman
539ebb27d9 Changes to allow handling of queries of type A, NS etc 2012-02-04 20:33:57 +01:00
Erik Ekman
f06b208f3e Reworked fix for #21 2012-02-04 20:33:57 +01:00
Erik Ekman
0d3494ae78 Added -c flag to disable IP/port checking in each request 2012-02-04 20:33:57 +01:00
Albert Lee
cd91d675ae Applied Open/Solaris patch 2012-02-04 20:33:57 +01:00
Erik Ekman
03a0ccbca0 Add include for setgroups() on Linux 2012-02-04 20:33:57 +01:00
Andrew Griffiths
00c910e247 applied security patch from Andrew Griffiths, limit user groups 2012-02-04 20:33:56 +01:00
Vincent Bernat
a36ce9eaaf Applied patch for not configuring the tun interface, debian bug 477692 2012-02-04 20:33:56 +01:00
Erik Ekman
791c3de84c reapplied maxims patches 2012-02-04 20:33:56 +01:00
Erik Ekman
07e98f181c reverting the code after 0.4.1, except for some patches 2012-02-04 20:33:56 +01:00
Maxim Bourmistrov
ccdee286ad Added port range check, based on patch from Maxim Bourmistrov 2012-02-04 20:33:56 +01:00
Maxim Bourmistrov
7565a2d554 Added checks on topdomain name based on patch from Maxim Bourmistrov 2012-02-04 20:33:56 +01:00
Maxim Bourmistrov
db58f8de20 Applied patch from Maxim Bourmistrov 2012-02-04 20:33:56 +01:00
Erik Ekman
924f4b3759 Add two chars from client to server for verification of data delivery 2012-02-04 20:33:56 +01:00
Erik Ekman
8613f815c9 Use packet functions for packet handling. Prepare for sending fragmented ( #7 ) 2012-02-04 20:33:56 +01:00
Erik Ekman
b67819ac81 use packet functions for empty check and fill 2012-02-04 20:33:56 +01:00
Erik Ekman
a114ab3ff9 revert [607], [608] and parts of [611] 2012-02-04 20:33:56 +01:00
Erik Ekman
3c644e9a88 Renamed packet_sending to packet_empty 2012-02-04 20:33:56 +01:00
Erik Ekman
3c7d3c6a35 Extract login handling to function 2012-02-04 20:33:56 +01:00
Erik Ekman
998b944225 Extract version checking to function 2012-02-04 20:33:56 +01:00
Erik Ekman
5ebc9ee668 Add notreached comments 2012-02-04 20:33:56 +01:00
Matthew William Solloway Bell
fcec74b3dc apply patch to detach before chroot/privdrop 2012-02-04 20:33:55 +01:00
Matus Harvan
4a16503ea5 buffer overflow in dns.c pointed out by Matus Harvan, also strncpy cleanups 2012-02-04 20:33:55 +01:00
Bjorn Andersson
63fa76e182 local stuff in iodine made static 2012-02-04 20:33:55 +01:00
Bjorn Andersson
879e73a4c2 stdin-echo fix in server too 2012-02-04 20:33:55 +01:00
Erik Ekman
71973f13ef #21: Reverted [538], reopening 2012-02-04 20:33:55 +01:00
Bjorn Andersson
89232bcaa6 some cleanup 2012-02-04 20:33:55 +01:00
Bjorn Andersson
1965b0af32 cleaning commandline on server too 2012-02-04 20:33:55 +01:00
Bjorn Andersson
49ad0dbc86 nasty hack hides password on commandline 2012-02-04 20:33:55 +01:00
Bjorn Andersson
e16a852fa4 /etc/resolv.conf is used if no nameserver is given on commandline 2012-02-04 20:33:55 +01:00
Erik Ekman
f932e57ce6 #25 Fixed crash on query with bad top domain 2012-02-04 20:33:55 +01:00
Erik Ekman
285a412563 #16 Do case preservation check after login 2012-02-04 20:33:55 +01:00
Erik Ekman
861da5d022 #24: Add length check on topdomain, <= 128 chars 2012-02-04 20:33:55 +01:00
Erik Ekman
fe4f24a729 Store only in_addr, not whole sockaddr, fixes #21 2012-02-04 20:33:55 +01:00
decker
2146575090 add sys/time.h for old osx 2012-02-04 20:33:27 +01:00
Erik Ekman
f099a77743 move unpack_data to encoding.c 2007-06-09 16:38:31 +00:00
Erik Ekman
dbfecb5be6 #6 reworked encoding 2007-06-09 16:18:59 +00:00
Erik Ekman
15a83534a8 new year 2007-03-21 00:00:27 +00:00
Erik Ekman
6a4dfb8cbd do detaching after user switch 2007-03-01 21:41:17 +00:00
Erik Ekman
264a5227de move daemonizing to common.c 2007-03-01 21:19:01 +00:00
Erik Ekman
baf1ab4201 move chrooting to common.c 2007-03-01 21:14:51 +00:00
Erik Ekman
76ec4ab895 #11 routing between clients implemented. clients need to poll more often to get reasonable packetloss due to no queue 2007-02-11 16:39:09 +00:00
Erik Ekman
92a791f430 always send replys to P packets 2007-02-11 13:39:32 +00:00
Erik Ekman
08ecccc7fe #11 only read from tun if any active user is not sending 2007-02-11 11:51:30 +00:00
Erik Ekman
23ad29522b #11 moved user code to user.c 2007-02-11 11:21:18 +00:00
Erik Ekman
265332f39b Add header file for bsd 2007-02-11 10:47:31 +00:00
Erik Ekman
c6a67d340e Use bsd ip.h header instead 2007-02-11 10:42:57 +00:00