Commit Graph

106 Commits

Author SHA1 Message Date
Erik Ekman
df49fd6f3d Update changelog 2022-07-18 23:36:07 +02:00
Erik Ekman
853d5f3764 Update CHANGELOG 2021-08-25 22:00:11 +02:00
Erik Ekman
2032b44949 Look up external IP via DNS instead of HTTP
Use myip.opendns.com via their resolver.

The code is now TCP free again :)
2020-05-24 16:06:41 +02:00
Erik Ekman
27e5d6fadd code.kryo.se is now served over HTTPS 2018-03-24 15:00:37 +01:00
Erik Ekman
a8a5fbbf0d Second attempt at PIE binary for new android
Github PR #14
2015-08-05 20:04:03 +02:00
Erik Ekman
b4e9148df8 Support raw mode for both IPv4 and IPv6
Read destination address of IP request packet and return it.
Check length in client and use it as IPv4 or v6 depending on length.
2015-06-28 22:41:54 +02:00
Erik Ekman
7a117bd71e IPv6 support for DNS traffic in server
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.

Use -L to only listen on a specific v6 address.

IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.

Tunnel data is still IPv4.
2015-06-28 20:01:48 +02:00
Erik Ekman
3069665646 Speling 2015-06-28 10:36:49 +02:00
Erik Ekman
69a91d5421 Update changelog 2015-06-27 12:14:34 +02:00
Erik Ekman
1f51bab2a3 Update changelog 2015-04-08 08:50:07 +02:00
Erik Ekman
b4c3656c3c Update changelog after release 2014-06-16 23:43:20 +02:00
Erik Ekman
b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman
3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman
3fadbfb580 Do not let sockets be inherited by sub-processes
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman
c1b24abf3a Update changelog 2014-05-29 19:08:20 +02:00
Erik Ekman
5079d8bf5e Fix up changelog 2014-04-08 21:04:17 +02:00
Erik Ekman
a737d6ea7f Update documentation 2014-02-05 23:18:42 +01:00
Erik Ekman
0f7c3782b8 Update changelog 2014-01-29 19:53:13 +01:00
Erik Ekman
abb2d6cb87 Update changelog 2014-01-29 18:31:21 +01:00
Erik Ekman
43e4fb5448 Add automatic external IP lookup via '-n auto'
Leonard Lausen proposed iodined should use externalip.net api
to find external ip. Use -n auto to trigger a lookup.
2012-09-03 10:34:27 +02:00
Erik Ekman
9443f3bbe9 Update changelog 2012-09-03 10:29:54 +02:00
Erik Ekman
24241666fa Update changelog 2012-02-05 08:46:16 +01:00
Erik Ekman
423cbec41d Added android specific readme file, along with new make targets
Also updated changelog.
2012-02-05 00:36:15 +01:00
Laurent Ghigonis
d4849a5dbf Add support for openbsd routing domain, #95 2012-02-04 20:34:05 +01:00
Håkan Kvist
9c3343e6ac Allow spaces in passwords, #93 2012-02-04 20:34:05 +01:00
Erik Ekman
0a968a5144 Initialize 'inside_topdomain'. Fixes #94 2012-02-04 20:34:05 +01:00
jsbid1
7ae8d04955 Fix #86, patch from jsbid1 gmail.com 2012-02-04 20:34:04 +01:00
Erik Ekman
1a26a91db3 #82, switch to gethostbyname() for win32 support 2012-02-04 20:34:04 +01:00
Erik Ekman
c5bdf07070 #82 update docs 2012-02-04 20:34:04 +01:00
Erik Ekman
8daba65a03 #76 Update changelog 2012-02-04 20:34:04 +01:00
Erik Ekman
342b5787be Update changelog after #75 2012-02-04 20:34:04 +01:00
Erik Ekman
7e9ce2716b Updated changelog after #79 2012-02-04 20:34:03 +01:00
Erik Ekman
0cdd537819 #78, print server tunnel ip 2012-02-04 20:34:03 +01:00
Erik Ekman
01e558022e #77, get password from env variable 2012-02-04 20:34:03 +01:00
Erik Ekman
a3757a07aa Updated changelog 2012-02-04 20:34:03 +01:00
Erik Ekman
1137ac6ac9 Updated docs 2012-02-04 20:34:03 +01:00
Erik Ekman
0e81cd78bc Update changelog and proto docs 2012-02-04 20:34:03 +01:00
Erik Ekman
3a2f66fb44 Update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
23dc3f0844 Update changelog 2012-02-04 20:34:02 +01:00
Sebastien Raveau
d5acb508bc Add support for applying SELinux context 2012-02-04 20:34:02 +01:00
Erik Ekman
17105a26db update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
8fc8ce587c Any number of TAP32 interfaces supported, use -d to choose. #46 2012-02-04 20:34:02 +01:00
Erik Ekman
e59aaa523e Fixed #47, support any TAP device name 2012-02-04 20:34:02 +01:00
Erik Ekman
6ac35cfedc Updated changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
e51af14bcc new release 2012-02-04 20:34:01 +01:00
Erik Ekman
5addc77102 updated changelog 2012-02-04 20:34:01 +01:00
Erik Ekman
3c38a9a307 Update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman
b6c8ea50e5 Update changelog after release 2012-02-04 20:34:01 +01:00
Erik Ekman
a3a20a2b09 #53 Support TAP32 version 0901 as well 2012-02-04 20:34:01 +01:00
Erik Ekman
addd798712 Set interface MTU to 1200.
1188 is the uncompressed DNS reply payload size that gets through
unfragmented on Ethernet.
2012-02-04 20:34:01 +01:00