tinc
2 years agoEnable hardening flags at the end of the configure script.
Guus Sliepen [Sat, 22 Jan 2022 21:56:55 +0000 (22:56 +0100)]
Enable hardening flags at the end of the configure script.

Unfortunately some of the autoconf checks themselver trigger compiler
warnings when hardening is enabled and if -Werror is also enabled. Avoid
this by only enabling the hardening flags at the end of the configure
script.

2 years agoCI: Install netcat-openbsd on Debian.
Guus Sliepen [Sat, 22 Jan 2022 21:31:16 +0000 (22:31 +0100)]
CI: Install netcat-openbsd on Debian.

2 years agoEnable and fix many extra warnings supported by GCC and Clang.
Guus Sliepen [Sun, 16 Jan 2022 22:02:09 +0000 (23:02 +0100)]
Enable and fix many extra warnings supported by GCC and Clang.

This enables many extra warning options when hardening is enabled, and
fixes the definition of _FORTITY_SOURCE. -Wshadow is not (yet) enabled,
as this generates quite some warnings that are less trivial to fix.

2 years agoFix potential crash during failing PMTU discovery.
Guus Sliepen [Sun, 16 Jan 2022 19:45:41 +0000 (20:45 +0100)]
Fix potential crash during failing PMTU discovery.

If we get PACKET_TOO_BIG responses when sending UDP packets, we lower the
maximum MTU we will probe accordingly. However, after enough of those
responses, maxmtu could drop below zero and wrap. Guard against that by
never dropping maxmtu below the minimum required MTU for UDP communication.

3 years agoSuppress UBSan warnings in the xoshiro implementation.
Guus Sliepen [Mon, 23 Aug 2021 16:42:09 +0000 (18:42 +0200)]
Suppress UBSan warnings in the xoshiro implementation.

Xoshiro relies on the well defined overflow behavior of unsigned
integer, but UBSan complains about it unless we force it to ignore it.

3 years agoUse xoshiro256** to generate pseudo-random numbers.
Guus Sliepen [Mon, 16 Aug 2021 21:26:24 +0000 (23:26 +0200)]
Use xoshiro256** to generate pseudo-random numbers.

Also seed it using /dev/random or whatever equivalent is available.

3 years agoCI: fix archive name for sanitizer results.
Kirill Isakov [Mon, 23 Aug 2021 07:00:44 +0000 (13:00 +0600)]
CI: fix archive name for sanitizer results.

3 years agoCI: improve sanitizer runs; minor cleanups.
Kirill Isakov [Thu, 19 Aug 2021 08:36:02 +0000 (14:36 +0600)]
CI: improve sanitizer runs; minor cleanups.

- sanitizers now do the full test run, as in every other job.
- run all test flavors even if one of them fails.
- change big-endian cross build to little-endian MIPS.

3 years agoRestore libgcrypt support.
Kirill Isakov [Wed, 18 Aug 2021 08:51:10 +0000 (14:51 +0600)]
Restore libgcrypt support.

3 years agoMove repeating MIN/MAX macros into dropin.h.
Kirill Isakov [Tue, 17 Aug 2021 18:36:30 +0000 (00:36 +0600)]
Move repeating MIN/MAX macros into dropin.h.

3 years agoRename base64 funcs to show they're not RFC-compliant.
Kirill Isakov [Tue, 17 Aug 2021 18:30:01 +0000 (00:30 +0600)]
Rename base64 funcs to show they're not RFC-compliant.

3 years agoCI: run tests with libgcrypt.
Kirill Isakov [Mon, 16 Aug 2021 13:24:13 +0000 (19:24 +0600)]
CI: run tests with libgcrypt.

3 years agoFix memcmp() reading out of bounds in the tinc info command.
Guus Sliepen [Tue, 17 Aug 2021 21:33:33 +0000 (23:33 +0200)]
Fix memcmp() reading out of bounds in the tinc info command.

3 years agoUse epoll() if available.
Mathew Heard [Mon, 16 Aug 2021 02:04:19 +0000 (12:04 +1000)]
Use epoll() if available.

3 years agoFix UBSAN warnings in linux/device.c.
Kirill Isakov [Tue, 17 Aug 2021 10:35:22 +0000 (16:35 +0600)]
Fix UBSAN warnings in linux/device.c.

linux/device.c:149:11: runtime error: implicit conversion from type 'ssize_t' (aka 'long') of value -1 (64-bit, signed) to type 'size_t' (aka 'unsigned long') changed the value to 18446744073709551615 (64-bit, unsigned)
    #0 0x55e3cb851f84 in read_packet /home/runner/work/tinc/tinc/src/linux/device.c:149:11
    #1 0x55e3cb7bb7fe in handle_device_data /home/runner/work/tinc/tinc/src/net_packet.c:1906:5
    #2 0x55e3cb78e6e0 in event_loop /home/runner/work/tinc/tinc/src/event.c:353:5
    #3 0x55e3cb7a6a90 in main_loop /home/runner/work/tinc/tinc/src/net.c:505:6
    #4 0x55e3cb83d241 in main /home/runner/work/tinc/tinc/src/tincd.c:614:11
    #5 0x7fec881950b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #6 0x55e3cb757dcd in _start (/home/runner/work/tinc/tinc/src/tincd+0x9adcd)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior linux/device.c:149:11 in
linux/device.c:163:23: runtime error: unsigned integer overflow: 18446744073709551615 + 10 cannot be represented in type 'unsigned long'
    #0 0x55e3cb852253 in read_packet /home/runner/work/tinc/tinc/src/linux/device.c:163:23
    #1 0x55e3cb7bb7fe in handle_device_data /home/runner/work/tinc/tinc/src/net_packet.c:1906:5
    #2 0x55e3cb78e6e0 in event_loop /home/runner/work/tinc/tinc/src/event.c:353:5
    #3 0x55e3cb7a6a90 in main_loop /home/runner/work/tinc/tinc/src/net.c:505:6
    #4 0x55e3cb83d241 in main /home/runner/work/tinc/tinc/src/tincd.c:614:11
    #5 0x7fec881950b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #6 0x55e3cb757dcd in _start (/home/runner/work/tinc/tinc/src/tincd+0x9adcd)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior linux/device.c:163:23 in

3 years agoFix invalid logger() calls in Solaris device code.
Kirill Isakov [Tue, 17 Aug 2021 08:04:19 +0000 (14:04 +0600)]
Fix invalid logger() calls in Solaris device code.

3 years agoFix more memory leaks and invalid free() in invitation.c.
Kirill Isakov [Mon, 16 Aug 2021 18:01:51 +0000 (00:01 +0600)]
Fix more memory leaks and invalid free() in invitation.c.

3 years agoReplace pointers to cipher_t/digest_t in connection_t with structs.
Kirill Isakov [Sun, 15 Aug 2021 18:57:05 +0000 (00:57 +0600)]
Replace pointers to cipher_t/digest_t in connection_t with structs.

Part of #294.

3 years agoCI: downgrade cross-compilation jobs to debian:buster
Kirill Isakov [Sun, 15 Aug 2021 18:56:58 +0000 (00:56 +0600)]
CI: downgrade cross-compilation jobs to debian:buster

3 years agoSimplify signal handling.
Mathew Heard [Sun, 15 Aug 2021 05:46:04 +0000 (15:46 +1000)]
Simplify signal handling.

Use an array instead of a splay tree.

3 years agoFix UBSAN warnings about conversions and overflows.
Kirill Isakov [Sun, 15 Aug 2021 17:25:04 +0000 (23:25 +0600)]
Fix UBSAN warnings about conversions and overflows.

3 years agoCI: use explicit Debian release names.
Guus Sliepen [Sun, 15 Aug 2021 18:05:24 +0000 (20:05 +0200)]
CI: use explicit Debian release names.

Currently debian:stable fails because the image on Docker Hub is still
buster, but bullseye is the new stable, and the sources.list URLs are
wrong.

3 years agotincd on Windows: call srand() after main2()
Kirill Isakov [Sun, 15 Aug 2021 12:43:14 +0000 (18:43 +0600)]
tincd on Windows: call srand() after main2()

On Windows, rand() was returning the same sequence on every service
execution, because srand() was initializing its state only for the
short-lived process.

3 years agoFreeBSD CI: unbreak clang-tidy.
Kirill Isakov [Sat, 14 Aug 2021 19:08:53 +0000 (01:08 +0600)]
FreeBSD CI: unbreak clang-tidy.

compiledb does not like the BSD make when running the -j flag.
-n (for some weird reason) also produces an empty file list.

3 years agoImprove failure detection in the test suite.
Kirill Isakov [Sat, 14 Aug 2021 18:58:55 +0000 (00:58 +0600)]
Improve failure detection in the test suite.

3 years agohash table fix
Mathew Heard [Sat, 14 Aug 2021 15:14:41 +0000 (01:14 +1000)]
hash table fix

3 years agoBump the timeout for the sanitizer tests.
Guus Sliepen [Fri, 13 Aug 2021 19:53:13 +0000 (21:53 +0200)]
Bump the timeout for the sanitizer tests.

3 years agoAvoid warnings from -fsanitize=integer in the hash functions.
Guus Sliepen [Fri, 13 Aug 2021 19:13:09 +0000 (21:13 +0200)]
Avoid warnings from -fsanitize=integer in the hash functions.

Hash functions rely heavily on unsigned integer overflow behavior, but
the sanitizer complains about them. Instead of disabling the sanitizer
(which might prevent us from getting warnings from real errors), silence
it by explicitly upcasting values to 64-bit integers before applying
operations, then explicitly downcasting to 32-bit again. The compiler
will optimize this out.

3 years agoSubnet Cache hashtable improvements
Mathew Heard [Tue, 29 Jun 2021 01:27:24 +0000 (11:27 +1000)]
Subnet Cache hashtable improvements

 - inline & staticly allocated hash table
 - increased hashtable size (32bit: 1024, 64bit: 65536)
 - re-arrange subnet members
 - Add key type
 - reduce clearing of hash table
 - cleanup key pointer operations
 - removed unused hash_search_or_insert
 - add open addressing to hash table
 - type specific hash functions & hash seeding
 - no collisions for 32bit os
 - implement cache flush by SUBNET_MAC

3 years agoUse splay trees inside node_t directly.
Kirill Isakov [Wed, 11 Aug 2021 14:56:21 +0000 (20:56 +0600)]
Use splay trees inside node_t directly.

3 years agoReplace pointers to global splay trees with structs.
Kirill Isakov [Wed, 11 Aug 2021 14:17:12 +0000 (20:17 +0600)]
Replace pointers to global splay trees with structs.

re #294

3 years agoMake apt stop asking questions when building deb package.
Kirill Isakov [Wed, 11 Aug 2021 04:31:11 +0000 (10:31 +0600)]
Make apt stop asking questions when building deb package.

3 years agoReduce pointer indirection for global list_t variables
Fufu Fang [Tue, 10 Aug 2021 00:53:00 +0000 (01:53 +0100)]
Reduce pointer indirection for global list_t variables

Converted cmdline_conf, connection_list, outgoing_list from
pointer-to-structs to structs.

Created list_empty_list for these structs. This is necessary,
because list_delete_list frees the supplied list_t pointer.

Part of https://github.com/gsliepen/tinc/issues/294

3 years agoFix -Wsign-compare error in keys.c
Fufu Fang [Mon, 9 Aug 2021 23:34:29 +0000 (00:34 +0100)]
Fix -Wsign-compare error in keys.c

Part of https://github.com/gsliepen/tinc/issues/288

3 years agoSymlink README to README.md when running make dist.
Guus Sliepen [Tue, 10 Aug 2021 18:10:29 +0000 (20:10 +0200)]
Symlink README to README.md when running make dist.

Since Markdown is perfectly human readable, just create a symlink from
README to README.md when make dist wants it. Also add it to .gitignore.

3 years agoRename README to make software forges properly render Markdown.
Kirill Isakov [Tue, 10 Aug 2021 06:00:09 +0000 (12:00 +0600)]
Rename README to make software forges properly render Markdown.

3 years agoCI: cross-compilation; build packages on every push.
Kirill Isakov [Sun, 8 Aug 2021 16:57:42 +0000 (22:57 +0600)]
CI: cross-compilation; build packages on every push.

Build tinc for two architectures frequently seen in cheap routers,
and run tests using qemu user virtualization.

Also build deb + rpm packages and a Windows installer on every push to
the main branch (currently it's 1.1), and publish them as a pre-release.

3 years agoUse libvdeplug.h instead of libvdeplug_dyn.h
Fufu Fang [Sun, 8 Aug 2021 22:39:03 +0000 (23:39 +0100)]
Use libvdeplug.h instead of libvdeplug_dyn.h

Fix https://github.com/gsliepen/tinc/issues/300

The libvdeplug.h from Debian Unstable is almost identical to the
one from Debian Buster. My making this change, the task of linking
the libvdeplug library is passed to the system dynamic linker at
tincd start time, instead of doing it manually with
libvdeplug_dynopen when vde functionality is actually needed.

This fixes the compilation issue in Ubuntu 21.04 and Debian
Unstable.

3 years agoImprove invite-join.test reliability on Alpine Linux.
Kirill Isakov [Sun, 1 Aug 2021 18:47:40 +0000 (00:47 +0600)]
Improve invite-join.test reliability on Alpine Linux.

3 years agoAssign more suitable types and fix narrowing conversion warns.
Kirill Isakov [Mon, 2 Aug 2021 09:55:05 +0000 (15:55 +0600)]
Assign more suitable types and fix narrowing conversion warns.

3 years agoGitHub CI: check project for warnings with clang/gcc.
Kirill Isakov [Mon, 2 Aug 2021 07:30:16 +0000 (13:30 +0600)]
GitHub CI: check project for warnings with clang/gcc.

3 years agoCI (GitHub & sourcehut): add clang-tidy checks.
Kirill Isakov [Sat, 31 Jul 2021 16:47:26 +0000 (22:47 +0600)]
CI (GitHub & sourcehut): add clang-tidy checks.

3 years agoUn-ignore .clang-tidy and enable conversion warnings.
Kirill Isakov [Fri, 30 Jul 2021 18:41:47 +0000 (00:41 +0600)]
Un-ignore .clang-tidy and enable conversion warnings.

... except for cryptographic functions, best leave that to the experts
that have written them. They produce a lot of warnings, so place a
couple of dummy .clang-tidy files there to ignore everything.

3 years agoSupport running tests on NetBSD 8.2.
Kirill Isakov [Fri, 30 Jul 2021 10:46:00 +0000 (16:46 +0600)]
Support running tests on NetBSD 8.2.

3 years agoRemove unused argument from tunemu_write.
Kirill Isakov [Fri, 30 Jul 2021 05:53:37 +0000 (11:53 +0600)]
Remove unused argument from tunemu_write.

3 years agoRemove unused function rsa_active.
Kirill Isakov [Thu, 29 Jul 2021 17:36:43 +0000 (23:36 +0600)]
Remove unused function rsa_active.

3 years agoRemove unused types.
Kirill Isakov [Thu, 29 Jul 2021 17:28:16 +0000 (23:28 +0600)]
Remove unused types.

3 years agoRemove unused declarations.
Kirill Isakov [Thu, 29 Jul 2021 17:26:09 +0000 (23:26 +0600)]
Remove unused declarations.

3 years agoRemove unused struct fields.
Kirill Isakov [Thu, 29 Jul 2021 17:18:32 +0000 (23:18 +0600)]
Remove unused struct fields.

3 years agoRemove unused global variables.
Kirill Isakov [Thu, 29 Jul 2021 17:14:12 +0000 (23:14 +0600)]
Remove unused global variables.

3 years agoRemove unused '#include's.
Kirill Isakov [Thu, 29 Jul 2021 17:02:09 +0000 (23:02 +0600)]
Remove unused '#include's.

3 years agoAdd tests for the fsck command.
Kirill Isakov [Thu, 29 Jul 2021 14:45:42 +0000 (20:45 +0600)]
Add tests for the fsck command.

Also, allow running tests as non-root and elevate as necessary. This
requires passwordless sudo and the CI envvar set to any non-empty value.

3 years agoCleanup and improve `tinc fsck`.
Kirill Isakov [Sun, 25 Jul 2021 07:23:27 +0000 (13:23 +0600)]
Cleanup and improve `tinc fsck`.

- implement TODOs
- fix an invalid warning:
WARNING: public and private RSA keys do not match
- use the same configuration reading & parsing logic as in tincd
- read keys from all supported variables
- auto fix a few more broken key configurations
- fix a couple of rare memory leaks
- add warnings for host variables in server config and vice versa
- check duplicates for all configuration variables (not the first 50)
- check_conffile had a stack-buffer-underflow with going before the start of the line

3 years agoAllow using key & configuration parser from tincd in tinc.
Kirill Isakov [Tue, 27 Jul 2021 16:01:25 +0000 (22:01 +0600)]
Allow using key & configuration parser from tincd in tinc.

3 years agoGitHub CI: run most tests as a non-privileged user.
Kirill Isakov [Mon, 26 Jul 2021 08:52:42 +0000 (14:52 +0600)]
GitHub CI: run most tests as a non-privileged user.

We don't really care about the throwaway container running in a throwaway
VM, but it's still better to run tests that do not require elevated
privileges as a normal user, at least to be sure that the ability to do
this is working.

Also, some tests (like the new command-fsck.test) can perform more checks
with a restricted user account.

3 years agoAdd timeouts to CI jobs.
Guus Sliepen [Wed, 28 Jul 2021 10:09:37 +0000 (12:09 +0200)]
Add timeouts to CI jobs.

3 years agoReally avoid trying to send an ANS_KEY request to unreachable nodes.
Guus Sliepen [Tue, 27 Jul 2021 12:57:18 +0000 (14:57 +0200)]
Really avoid trying to send an ANS_KEY request to unreachable nodes.

Commit ed070d754d1b5500b0ec3615ae342178cfd42efb only printed a warning,
but was missing a return statement.

3 years agoUse inet_pton() to parse Subnets.
Guus Sliepen [Tue, 27 Jul 2021 10:21:07 +0000 (12:21 +0200)]
Use inet_pton() to parse Subnets.

Nowadays all operating systems tinc runs on should support IPv6, so we
can rely on inet_pton() and inet_ntop() to convert IPv4 and IPv6
addresses. Use this instead of our own parsing code.

3 years agoFix ASAN warning.
Guus Sliepen [Mon, 26 Jul 2021 14:03:44 +0000 (16:03 +0200)]
Fix ASAN warning.

The commit fixing the stack overflow for malformed Subnets could compare
against a NULL pointer, which works fine in practice but is undefined
behavior.

3 years agoFix `tinc get Subnet` failing.
Guus Sliepen [Mon, 26 Jul 2021 13:46:48 +0000 (15:46 +0200)]
Fix `tinc get Subnet` failing.

3 years agoLet the CLI prevent adding incorrect Subnets.
Guus Sliepen [Mon, 26 Jul 2021 13:06:06 +0000 (15:06 +0200)]
Let the CLI prevent adding incorrect Subnets.

We did a sanitiy check when trying to add a Subnet, but we only printed
an error message, we still added the incorrect Subnet. This change
ensures we abort with a non-zero exit code.

3 years agoAvoid a stack overflow when presented with a malformed IPv6 Subnet.
Guus Sliepen [Mon, 26 Jul 2021 13:01:12 +0000 (15:01 +0200)]
Avoid a stack overflow when presented with a malformed IPv6 Subnet.

Found by Kirill Isakov using AFL and AddressSanitizer.

3 years agoEnsure we delete removed BroadcastSubnets when reloading configuration.
Guus Sliepen [Sun, 25 Jul 2021 17:09:47 +0000 (19:09 +0200)]
Ensure we delete removed BroadcastSubnets when reloading configuration.

3 years agoGitHub CI: fail sanitizer job if any logs were created.
Kirill Isakov [Sun, 25 Jul 2021 14:55:00 +0000 (20:55 +0600)]
GitHub CI: fail sanitizer job if any logs were created.

3 years agoFix more memory leaks found by ASAN.
Kirill Isakov [Sun, 25 Jul 2021 11:15:24 +0000 (17:15 +0600)]
Fix more memory leaks found by ASAN.

3 years agoFix use-after-free in final log message on tincd exit.
Kirill Isakov [Sat, 24 Jul 2021 06:15:59 +0000 (12:15 +0600)]
Fix use-after-free in final log message on tincd exit.

Steps to reproduce:

0. build tincd with -fsanitize=address
1. start tincd:
./src/tincd -c . -D
2. capture log output in one tinc client
./src/tinc -c . log
3. this is optional, but seems to flush the bug more often: open another
   tinc client and issue the purge/retry commands:
    ./src/tinc -c .
tinc> purge
tinc> retry
4. stop tincd (using Ctrl+C or the stop command)

Repeat until it fails with a bunch of error messages as below.

------------

==1715850==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300001d950 at pc 0x55a3fdba1fa5 bp 0x7fffbd250470 sp 0x7fffbd250468
READ of size 8 at 0x60300001d950 thread T0
    0 0x55a3fdba1fa4 in real_logger tinc/src/logger.c:101:7
    1 0x55a3fdba188b in logger tinc/src/logger.c:140:2
    2 0x55a3fdc90c22 in main tinc/src/tincd.c:625:2
    3 0x7f826a3eab24 in __libc_start_main (/usr/lib/libc.so.6+0x27b24)
    4 0x55a3fda9087d in _start (tinc/src/tincd+0xd487d)

0x60300001d950 is located 0 bytes inside of 32-byte region [0x60300001d950,0x60300001d970)
freed by thread T0 here:
    0 0x55a3fdb377c9 in free (tinc/src/tincd+0x17b7c9)
    1 0x55a3fdb9e1b4 in list_free tinc/src/list.c:36:2
    2 0x55a3fdba0ed3 in list_delete_list tinc/src/list.c:192:2
    3 0x55a3fdb8385f in exit_connections tinc/src/connection.c:47:2
    4 0x55a3fdbf0427 in close_network_connections tinc/src/net_setup.c:1386:2
    5 0x55a3fdc90c0d in main tinc/src/tincd.c:623:2
    6 0x7f826a3eab24 in __libc_start_main (/usr/lib/libc.so.6+0x27b24)

previously allocated by thread T0 here:
    0 0x55a3fdb37c91 in calloc (tinc/src/tincd+0x17bc91)
    1 0x55a3fdb9e157 in xzalloc tinc/src/./xalloc.h:37:12
    2 0x55a3fdb9e065 in list_alloc tinc/src/list.c:29:17
    3 0x55a3fdb82a43 in init_connections tinc/src/connection.c:40:20
    4 0x55a3fdbea58c in setup_network tinc/src/net_setup.c:1304:2
    5 0x55a3fdc90535 in main tinc/src/tincd.c:573:6
    6 0x7f826a3eab24 in __libc_start_main (/usr/lib/libc.so.6+0x27b24)

3 years agoMore strict failure code checks in integration tests.
Kirill Isakov [Fri, 23 Jul 2021 17:14:18 +0000 (23:14 +0600)]
More strict failure code checks in integration tests.

3 years agoFix all UBSAN warnings triggered by tests.
Kirill Isakov [Fri, 23 Jul 2021 16:37:49 +0000 (22:37 +0600)]
Fix all UBSAN warnings triggered by tests.

3 years agoGitHub CI: enable AddressSanitizer.
Kirill Isakov [Fri, 23 Jul 2021 12:46:24 +0000 (18:46 +0600)]
GitHub CI: enable AddressSanitizer.

3 years agoAdd tests to cover some of the fixed leaks.
Kirill Isakov [Fri, 23 Jul 2021 12:41:51 +0000 (18:41 +0600)]
Add tests to cover some of the fixed leaks.

3 years agoFix memory leaks triggered by integration tests.
Kirill Isakov [Fri, 23 Jul 2021 12:11:27 +0000 (18:11 +0600)]
Fix memory leaks triggered by integration tests.

Found by AddressSanitizer and Valgrind.

3 years agoFix a few memory leaks at exit time.
Guus Sliepen [Wed, 21 Jul 2021 10:35:09 +0000 (12:35 +0200)]
Fix a few memory leaks at exit time.

Found by Valgrind.

3 years agoAvoid unhelpful warnings about UDP buffer sizes.
Guus Sliepen [Wed, 21 Jul 2021 10:15:59 +0000 (12:15 +0200)]
Avoid unhelpful warnings about UDP buffer sizes.

Don't log a warning if we never explicitly configured the
SO_RCVBUF/SO_SNDBUF sizes, and don't warn if the system allocates a
larger buffer than the one requested, as at least on Linux, it will
always double the requested size unless you hit the maximum. With this
change, we only warn when we explicitly request a buffer size and the
system allocated a smaller one.

3 years agoDon't call OPENSSL_cleanup().
Guus Sliepen [Wed, 21 Jul 2021 09:54:34 +0000 (11:54 +0200)]
Don't call OPENSSL_cleanup().

Some versions of LibreSSL don't have this function, even if they support
the rest of the OpenSSL 1.1 API. It also doesn't seem to affect the
output of Valgrind, so it looks like it's not necessary at all.

3 years agoCall ENGINE_load_builtin_engines().
Guus Sliepen [Tue, 20 Jul 2021 22:04:08 +0000 (00:04 +0200)]
Call ENGINE_load_builtin_engines().

As suggested by Rosen Penev, use ENGINE_load_builtin_engines() to ensure
the AFALG engines get loaded as well. We apparently also don't need to
call OPENSSL_init_crypto() ourself.

3 years agoCI: Fix installation of OpenSSL on CentOS and AlmaLinux.
Guus Sliepen [Tue, 20 Jul 2021 22:01:06 +0000 (00:01 +0200)]
CI: Fix installation of OpenSSL on CentOS and AlmaLinux.

3 years agoCI: Install and use OpenSSL 1.1 on CentOS 7.
Guus Sliepen [Tue, 20 Jul 2021 21:55:35 +0000 (23:55 +0200)]
CI: Install and use OpenSSL 1.1 on CentOS 7.

3 years agoInstall OpenSSL 1.1 in the CentOS 7 test environment.
Guus Sliepen [Tue, 20 Jul 2021 20:55:56 +0000 (22:55 +0200)]
Install OpenSSL 1.1 in the CentOS 7 test environment.

3 years agoMake tinc --batch --force join enable the tinc-up script.
Guus Sliepen [Tue, 20 Jul 2021 20:23:52 +0000 (22:23 +0200)]
Make tinc --batch --force join enable the tinc-up script.

The expected behavior of --batch --force is that all parameters in the
invitation are accepted, whether unsafe or not. Unsafe variables were
already accepted with --force in commit 061362d2f, this commit ensures
the generated tinc-up script is enabled as well.

Fixes #196 on GitHub.

3 years agoRequire OpenSSL 1.1.0 or later.
Guus Sliepen [Tue, 20 Jul 2021 20:10:56 +0000 (22:10 +0200)]
Require OpenSSL 1.1.0 or later.

This gets rid of some backwards compatibility code, and avoids calling
deprecated OpenSSL functions.

Fixes #244 on GitHub.

3 years agoAvoid trying to send an ANS_KEY request to unreachable nodes.
Guus Sliepen [Tue, 20 Jul 2021 19:14:23 +0000 (21:14 +0200)]
Avoid trying to send an ANS_KEY request to unreachable nodes.

We could have a REQ_KEY coming from a node that is not reachable; either
because DEL_EDGEs have overtaken the REQ_KEY, or perhaps if TunnelServer
is used and some nodes have a different view of reachability.

This might fix GitHub issue #247.

3 years agoSlightly better RNG seed for tincctl.
Guus Sliepen [Tue, 20 Jul 2021 18:31:49 +0000 (20:31 +0200)]
Slightly better RNG seed for tincctl.

This prevents the Port from being the same when initializing multiple
instances of tinc in a short timespan.

3 years agoAdd compression.test
Kirill Isakov [Tue, 20 Jul 2021 12:00:49 +0000 (18:00 +0600)]
Add compression.test

3 years agoAdd cleanup hook for integration tests
Kirill Isakov [Tue, 20 Jul 2021 12:00:05 +0000 (18:00 +0600)]
Add cleanup hook for integration tests

3 years agoList supported features in tinc/tincd --version
Kirill Isakov [Tue, 20 Jul 2021 08:49:46 +0000 (14:49 +0600)]
List supported features in tinc/tincd --version

3 years agoLZ4: try system library first, fallback to builtin
Kirill Isakov [Tue, 20 Jul 2021 07:29:31 +0000 (13:29 +0600)]
LZ4: try system library first, fallback to builtin

3 years agoAdd LZ4 compression support
Darik Horn [Tue, 20 Jul 2021 04:29:39 +0000 (10:29 +0600)]
Add LZ4 compression support

3 years agoVendor LZ4 source
Kirill Isakov [Sat, 17 Jul 2021 16:50:10 +0000 (22:50 +0600)]
Vendor LZ4 source

3 years ago.gitignore temporary files (configure~, etc)
Kirill Isakov [Tue, 20 Jul 2021 07:23:54 +0000 (13:23 +0600)]
.gitignore temporary files (configure~, etc)

3 years agosr.ht CI: add liblz4
Kirill Isakov [Tue, 20 Jul 2021 15:21:13 +0000 (21:21 +0600)]
sr.ht CI: add liblz4

Needed for testing LZ4 compression support when using the system
library.

3 years agoSome cleanups in GitHub Actions CI
Kirill Isakov [Mon, 19 Jul 2021 19:03:06 +0000 (01:03 +0600)]
Some cleanups in GitHub Actions CI

  - run tests on more Linux distributions
  - add test runs with clang sanitizers (TSAN / UBSAN for now)
  - check code formatting only once
  - check test scripts formatting (shfmt)
  - static analysis for test scripts (shellcheck)
  - save more test logs and other debug info
  - add missing pieces to Ubuntu packages
  - test .debs on clean machine before publishing
  - git clone full history for changelog generation
  - support old versions of git on Linux
  - rename some steps

3 years agotest/splice.c: reformat with astyle
Kirill Isakov [Sat, 3 Jul 2021 15:22:39 +0000 (21:22 +0600)]
test/splice.c: reformat with astyle

3 years agoCheck that UNIX socket filenames are not too long.
Guus Sliepen [Tue, 20 Jul 2021 13:57:37 +0000 (15:57 +0200)]
Check that UNIX socket filenames are not too long.

UNIX socket filenames must fit in a struct sockaddr_un, and typically this
only has about 100 bytes of storage. This is perfectly fine for normal use
of tinc, but this caused failures when running make distcheck, which ends
up creating a rather deep directory structure. With this commit, at least
a proper error message is printed instead of silently truncating the
filename.

3 years agoFix running the test suite in out-of-tree builds.
Guus Sliepen [Tue, 20 Jul 2021 12:15:41 +0000 (14:15 +0200)]
Fix running the test suite in out-of-tree builds.

3 years agoRewrite the test suite for better compat and stability
Kirill Isakov [Mon, 19 Jul 2021 08:32:13 +0000 (14:32 +0600)]
Rewrite the test suite for better compat and stability

Keeps all of the previous checks, but uses tinc scripts
instead of sleep(1) delays.

Improves and/or adds compatibility with:
  - Windows (Msys2);
  - FreeBSD;
  - NetBSD;
  - OpenBSD.

3 years agoAllow running sptps_test on Windows
Kirill Isakov [Sat, 17 Jul 2021 12:17:11 +0000 (18:17 +0600)]
Allow running sptps_test on Windows

On Windows, you're not supposed to call select() on anything except
proper BSD sockets, so we can't reuse the same select() loop that's been
working fine on every other operating system.

This is a hack which reads stdin in a separate thread and pushes data to
the main through a TCP socket, which can then be used with select() instead
of reading stdin directly.

3 years agoBail out of logging early.
Mathew Heard [Tue, 29 Jun 2021 00:24:00 +0000 (10:24 +1000)]
Bail out of logging early.

Low hanging fruit, 2% of perf trace.

3 years agoci: run for all branches
Mathew Heard [Mon, 12 Jul 2021 01:39:31 +0000 (11:39 +1000)]
ci: run for all branches

(cherry picked from commit 5666f0d99e3698bf4b50d243151cb1a445bb81ea)

3 years agosrc/getopt.h: add missing header guard
Kirill Isakov [Mon, 12 Jul 2021 10:48:58 +0000 (16:48 +0600)]
src/getopt.h: add missing header guard

(cherry picked from commit c97370e5714389ef44cd5682c0916fcc8daddeff)

3 years agoFix overrun in prf() if hmac size not divisible into key size
Mathew Heard [Mon, 12 Jul 2021 02:53:45 +0000 (12:53 +1000)]
Fix overrun in prf() if hmac size not divisible into key size

Not seen only due to chacha having a 64byte key and a 64byte HMAC (SHA512) being used