tinc
2 years agogcrypt: initialize secure memory on startup
Kirill Isakov [Mon, 2 May 2022 09:41:03 +0000 (15:41 +0600)]
gcrypt: initialize secure memory on startup

Otherwise libgcrypt does it automatically, but only after we drop
privileges. This requires calling mlock(), which kills the sandboxed
process on OpenBSD.

If this is not enough, libgcrypt will resize the pool without calling
mlock().

2 years agoMove macOS-specific code into a subdirectory
Kirill Isakov [Mon, 2 May 2022 07:00:13 +0000 (13:00 +0600)]
Move macOS-specific code into a subdirectory

2 years agoAdd basic pledge/unveil sandbox on OpenBSD
Kirill Isakov [Fri, 22 Apr 2022 15:40:54 +0000 (21:40 +0600)]
Add basic pledge/unveil sandbox on OpenBSD

2 years agomingw: fix static linking with recent ncurses
Kirill Isakov [Mon, 2 May 2022 13:39:32 +0000 (19:39 +0600)]
mingw: fix static linking with recent ncurses

2 years agoReplace getrandom() with getentropy()
Kirill Isakov [Sun, 1 May 2022 17:09:06 +0000 (23:09 +0600)]
Replace getrandom() with getentropy()

Unlike getrandom(), this function is supported by most BSDs
(with the exception of NetBSD), and by various Illumos distributions.

2 years agoCI: run all test flavors on BSDs
Kirill Isakov [Sun, 1 May 2022 12:56:23 +0000 (18:56 +0600)]
CI: run all test flavors on BSDs

2 years agoUse hardening option to add only hardening flags
Kirill Isakov [Thu, 28 Apr 2022 12:40:54 +0000 (18:40 +0600)]
Use hardening option to add only hardening flags

Compiler flags that enable warnings were hidden behind the 'hardening'
option. This was a direct port of the previous autoconf config, but it
probably makes sense to always show them as they have no effect on
compiler's output (unlike hardening flags which distributors might want
to alter or disable completely).

Also remove -fwrapv (which is enabled by -fno-strict-overflow) and fix
all new warnings we've added (like VLAs in libgcrypt code, so it should
now be buildable with MSVC in case anyone wishes to do it).

2 years agoImprove use of compiler attributes
Kirill Isakov [Tue, 26 Apr 2022 18:50:55 +0000 (00:50 +0600)]
Improve use of compiler attributes

Mark some constructor/destructor pairs, add format attributes where they
were missing, and fix new warnings.

2 years agoConvert tincd path args to absolute paths
Kirill Isakov [Thu, 28 Apr 2022 15:05:36 +0000 (21:05 +0600)]
Convert tincd path args to absolute paths

Since tincd chdirs to its own configuration directory and only then
resolves relative paths passed as command-line arguments (like --config
and --pidfile), statements like these:

$ tinc -c confdir init foo

$ tincd -c confdir -D

didn't work properly.

Now we resolve paths to absolute right when we receive them, and only
then do chdir.

2 years agoFix reading broken BER in gcrypt/rsa.c
Kirill Isakov [Wed, 27 Apr 2022 09:49:32 +0000 (15:49 +0600)]
Fix reading broken BER in gcrypt/rsa.c

Our hand-rolled BER parser was reading ASN.1 sequence length without
checking if there's a sequence tag (0x10) before it.

2 years agoFix resource leaks found by GCC -fanalyzer
Kirill Isakov [Sun, 17 Apr 2022 19:37:38 +0000 (01:37 +0600)]
Fix resource leaks found by GCC -fanalyzer

2 years agoUse enums for command-line options
Kirill Isakov [Tue, 26 Apr 2022 13:51:23 +0000 (19:51 +0600)]
Use enums for command-line options

to avoid repeating options in multiple places, get more descriptive
names, and have the compiler verify the exhaustiveness of reading
options for us.

2 years agoAdd colors to tincd logger
Kirill Isakov [Tue, 26 Apr 2022 10:57:18 +0000 (16:57 +0600)]
Add colors to tincd logger

2 years agoImprove proxy server support
Kirill Isakov [Sun, 24 Apr 2022 19:38:50 +0000 (01:38 +0600)]
Improve proxy server support

- fix authentication with socks5 proxies
- fix crash in forked process with exec proxy and empty node name
- refactor byte fiddling into structs
- add unit and integration tests

2 years agoReoder the README and add a quickstart guide.
Guus Sliepen [Sat, 23 Apr 2022 09:39:09 +0000 (11:39 +0200)]
Reoder the README and add a quickstart guide.

The README didn't really present the most relevant information to new
users at the start, it read more like a release notes file. This makes
it a more proper introduction to tinc.

Also add a quickstart guide as a Markdown file in the root of the source
tree, this will make it nicer on GitHub and GitLab, and might help users
that don't want to read the manual.

2 years agoWipe (some) secrets from memory after use
Kirill Isakov [Fri, 22 Apr 2022 12:33:52 +0000 (18:33 +0600)]
Wipe (some) secrets from memory after use

to lessen the amount of sensitive information ending up in swap, core
dumps, or in the hands of any remote attackers.

While there still remaings a lot interesting data in configuration trees,
connection_t structs, etc, this is considered a good practice nevertheless.

Some bedtime reading:

- http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
- http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
- https://github.com/jedisct1/libsodium/blob/be58b2e6664389d9c7993b55291402934b43b3ca/src/libsodium/sodium/utils.c#L78:L101

2 years agoCI: add libgcrypt to sanitizer run
Kirill Isakov [Wed, 20 Apr 2022 10:29:23 +0000 (16:29 +0600)]
CI: add libgcrypt to sanitizer run

Also disable check for unsigned integer overflow.

I couldn't find a way to reliably disable it for a single function:

https://github.com/google/sanitizers/issues/765

and warnings it produces do not seem to be of enough importance to
introduce ugly hacks like resetting the most significant byte here:

size_t result = 0;
// ...

for(; len; --len) {
result = (size_t)(result << 8);
//                      ^^^^

2 years agoAdd link to building docs to the top of README.md
Kirill Isakov [Fri, 22 Apr 2022 19:53:37 +0000 (01:53 +0600)]
Add link to building docs to the top of README.md

plus a few minor improvements to INSTALL.md

2 years agoCI: run all test flavors even on failure
Kirill Isakov [Fri, 22 Apr 2022 06:50:49 +0000 (12:50 +0600)]
CI: run all test flavors even on failure

2 years agoCI package jobs: workaround for git security fix
Kirill Isakov [Fri, 22 Apr 2022 06:00:44 +0000 (12:00 +0600)]
CI package jobs: workaround for git security fix

https://github.blog/2022-04-12-git-security-vulnerability-announced/

We could chown the build directory to our own user, but that's
relatively slow. Since we fully control the environment (relatively
speaking, we're still running on other's machines), the vulnerability
doesn't affect this particular use case.

2 years agoCI: ignore package job failures
Kirill Isakov [Fri, 22 Apr 2022 04:08:04 +0000 (10:08 +0600)]
CI: ignore package job failures

2 years agoAdd __pycache__ directories to .gitignore.
Guus Sliepen [Thu, 21 Apr 2022 18:43:16 +0000 (20:43 +0200)]
Add __pycache__ directories to .gitignore.

2 years agoconnection_t: remove unused compression_level field
Kirill Isakov [Thu, 21 Apr 2022 08:11:16 +0000 (14:11 +0600)]
connection_t: remove unused compression_level field

2 years agoconnection_t: split compression_level/log_level into two fields
Kirill Isakov [Thu, 21 Apr 2022 07:12:47 +0000 (13:12 +0600)]
connection_t: split compression_level/log_level into two fields

compression_level is reused as a place to store log_level when piping
logs to tincctl. Since it was being compared directly with a log level,
it felt like a wrong field is being used by mistake.

Wrap it in union to avoid wasting additional memory.

2 years agoMinor type improvements in legacy protocol code
Kirill Isakov [Thu, 21 Apr 2022 05:39:36 +0000 (11:39 +0600)]
Minor type improvements in legacy protocol code

2 years agoconnection_t: allocate legacy context on first use
Kirill Isakov [Thu, 14 Apr 2022 15:44:49 +0000 (21:44 +0600)]
connection_t: allocate legacy context on first use

Since the new protocol is preferred if available, if both sides of the
connection are running modern versions of tinc, the old protocol may not
be used at all.

2 years agoUse actual port in tincd logs / tinc get Port / invitations
Kirill Isakov [Thu, 21 Apr 2022 12:22:32 +0000 (18:22 +0600)]
Use actual port in tincd logs / tinc get Port / invitations

If Port 0 option is used (which makes tincd bind to a port chosen
by the operating system), tinc and tincd used to print that value as
it is instead of whatever port was actually allocated.

https://github.com/gsliepen/tinc/issues/363

2 years agocmd_config: replace action magic numbers with enum
Kirill Isakov [Sat, 16 Apr 2022 10:28:27 +0000 (16:28 +0600)]
cmd_config: replace action magic numbers with enum

2 years agoRefactor crypto RNG; add getrandom() support
Kirill Isakov [Tue, 12 Apr 2022 16:20:58 +0000 (22:20 +0600)]
Refactor crypto RNG; add getrandom() support

/dev/urandom and /dev/random are ubiquitous, but take an open
file descriptor, and may not actually be present inside badly
configured containers.

2 years agoReduce duplication in request handler tables
Kirill Isakov [Mon, 11 Apr 2022 18:41:29 +0000 (00:41 +0600)]
Reduce duplication in request handler tables

Request handlers and request names are now grouped together so there's
less chance of messing up the order (however unlikely it may have been).

2 years agoCI: fix creation of Windows installer
Kirill Isakov [Sun, 10 Apr 2022 10:28:28 +0000 (16:28 +0600)]
CI: fix creation of Windows installer

After moving to meson, we've been using separate build directories
for each test flavor instead of running `git clean -dfx`, and the .nsi
used to create a Windows installer for the development release wasn't
updated to reflect this.

2 years agoRewrite integration test suite in Python
Kirill Isakov [Sun, 10 Apr 2022 07:53:25 +0000 (13:53 +0600)]
Rewrite integration test suite in Python

While the previous test suite ran fine in practice, it relied on
subtle differences in behavior of many UNIX tools, and thus needed GNU
Coreutils on many operating systems to work properly, and didn't work on
"pure" Windows at all.

A simple example would be how different versions of tail handle SIGPIPE
if you pipe its output into another process: GNU tail exits on SIGPIPE
since about 2017 (too lazy to look up the exact version, but this
changed recently), while most other tails continue reading the file and
piping the output into god knows where.

Since we need Python to run the new build system (meson) anyway, let's
use it for the test suite, and get rid of all other test dependencies.

It (currently) requires only the standard library of Python 3.6 or newer.

Unlike the original test suite, this one assigns node names and port
numbers randomly to support `meson test --repeat` (because meson can run
the same test multiple times in parallel, and this breaks with the old
approach).

Also remove old integration tests based on shell scripts.

2 years agoUpdate old Python code
Kirill Isakov [Sun, 3 Apr 2022 11:14:55 +0000 (17:14 +0600)]
Update old Python code

- reformat old Python scripts with black
- fix pylint warnings
- fix mypy warnings
- wrap all linters in lint.py
- replace reformat.py with lint.py --fix
- add new linting command: `ninja -C build lint`

2 years agoAdjust CI to new integration tests
Kirill Isakov [Thu, 31 Mar 2022 15:19:59 +0000 (21:19 +0600)]
Adjust CI to new integration tests

2 years agoCorrect close() function when building with MSVC
Kirill Isakov [Sat, 2 Apr 2022 11:41:50 +0000 (17:41 +0600)]
Correct close() function when building with MSVC

The original close() was throwing assertion errors from inside the
Windows libraries because we were trying to close OS handles as file
descriptors.

2 years agoAllow building sptps_{test,keypair} with MSVC
Kirill Isakov [Fri, 1 Apr 2022 18:26:51 +0000 (00:26 +0600)]
Allow building sptps_{test,keypair} with MSVC

2 years agoRun shfmt as part of the reformat target.
Guus Sliepen [Mon, 4 Apr 2022 19:53:47 +0000 (21:53 +0200)]
Run shfmt as part of the reformat target.

Add a reformat.py script and call it from the reformat target. It will run
astyle and shfmt from the source directory.

2 years agoImprove handling invitation read errors.
Guus Sliepen [Sat, 2 Apr 2022 13:39:08 +0000 (15:39 +0200)]
Improve handling invitation read errors.

Fix a file descriptor leak when something goes wrong while reading an
invitation file. Also check that we read it in full before committing.

Found by cppcheck.

2 years agoSpeed up the authentication protocol security tests.
Guus Sliepen [Fri, 1 Apr 2022 14:00:09 +0000 (16:00 +0200)]
Speed up the authentication protocol security tests.

The security test took 70 seconds, mainly because it consisted of
several subtests that each had to wait for a timeout to pass. Split it
into three tests; two for testing a MITM splicing connections between
tinc daemons using the legacy and SPTPS protocols, the remaining tests
are in a single shell script but now run in parallel.

2 years agoReduce log level of SPTPS errors.
Guus Sliepen [Fri, 1 Apr 2022 13:16:40 +0000 (15:16 +0200)]
Reduce log level of SPTPS errors.

SPTPS error messages should not always be logged, they are mostly
low-level details, and serious errors like failing to connect to a node
due to SPTPS issues will be logged by higher layers anyway, so move it
down to log level 3.

Fixes #298 on GitHub.

2 years agoPrevent underflow when sending UDP probes.
Guus Sliepen [Fri, 1 Apr 2022 12:28:45 +0000 (14:28 +0200)]
Prevent underflow when sending UDP probes.

Make sure send_udp_probe_packet() never tries to send a packet smaller
than MIN_PROBE_SIZE, otherwise length calculation could potentially wrap.

Fixes #351 on GitHub.

2 years agoMake sure version.py runs succesfully even if git is not installed.
Guus Sliepen [Fri, 1 Apr 2022 10:46:11 +0000 (12:46 +0200)]
Make sure version.py runs succesfully even if git is not installed.

2 years agoFall back to VERSION file if .git is not present
Kirill Isakov [Thu, 31 Mar 2022 05:32:56 +0000 (11:32 +0600)]
Fall back to VERSION file if .git is not present

https://github.com/gsliepen/tinc/issues/358

2 years agoDisable function attributes on unsupported compilers
Kirill Isakov [Mon, 28 Mar 2022 15:38:31 +0000 (21:38 +0600)]
Disable function attributes on unsupported compilers

2 years agoAdd __packed__ attribute on drop-in structs
Kirill Isakov [Mon, 28 Mar 2022 07:46:46 +0000 (13:46 +0600)]
Add __packed__ attribute on drop-in structs

2 years agoAdd check for __Static_assert() and asserts on struct sizes
Kirill Isakov [Mon, 28 Mar 2022 07:09:07 +0000 (13:09 +0600)]
Add check for __Static_assert() and asserts on struct sizes

2 years agomeson: use Python script for version detection
Kirill Isakov [Sun, 27 Mar 2022 19:55:23 +0000 (01:55 +0600)]
meson: use Python script for version detection

2 years agoReplace MinGW with Windows to avoid ambiguities
Kirill Isakov [Fri, 25 Mar 2022 17:29:07 +0000 (23:29 +0600)]
Replace MinGW with Windows to avoid ambiguities

2 years agoAdd support for building tinc with MSVC
Kirill Isakov [Fri, 25 Mar 2022 14:09:36 +0000 (20:09 +0600)]
Add support for building tinc with MSVC

Tests are not supported because of their strong dependence on running
under Unix-like environment.

2 years agoGitHub CI: add MSVC jobs
Kirill Isakov [Fri, 25 Mar 2022 12:16:17 +0000 (18:16 +0600)]
GitHub CI: add MSVC jobs

2 years agoMention Windows SDK compat in installation docs
Kirill Isakov [Fri, 25 Mar 2022 12:44:39 +0000 (18:44 +0600)]
Mention Windows SDK compat in installation docs

2 years agoAdd dirent.h
Kirill Isakov [Fri, 25 Mar 2022 05:56:51 +0000 (22:56 -0700)]
Add dirent.h

readdir() / closedir() / etc for Windows by Toni Rönkkö.

Copied from https://github.com/tronkko/dirent

2 years agoDon't put the --recursive option in .astylerc.
Guus Sliepen [Sun, 27 Mar 2022 18:58:44 +0000 (20:58 +0200)]
Don't put the --recursive option in .astylerc.

When calling astyle manually without wildcards in the filename(s),
astyle will refuse to work if the --recursive option is used. Remove it
from .astylerc and add the option to the command line when the "reformat"
build target is used.

2 years agoFix compiler warning.
Guus Sliepen [Sun, 27 Mar 2022 18:56:48 +0000 (20:56 +0200)]
Fix compiler warning.

Quash a compiler warning by checking the result of snprintf() and
handling truncation.

2 years agoFix building tinc and running tests on Solaris
Kirill Isakov [Sun, 27 Mar 2022 18:08:35 +0000 (00:08 +0600)]
Fix building tinc and running tests on Solaris

2 years agoAdd unit tests suite using cmocka library
Kirill Isakov [Wed, 23 Mar 2022 11:41:31 +0000 (17:41 +0600)]
Add unit tests suite using cmocka library

2 years agoMove integration tests into a subdirectory
Kirill Isakov [Wed, 23 Mar 2022 06:49:09 +0000 (12:49 +0600)]
Move integration tests into a subdirectory

2 years agoAdd cmocka packages to CI jobs
Kirill Isakov [Wed, 23 Mar 2022 06:45:11 +0000 (12:45 +0600)]
Add cmocka packages to CI jobs

2 years agoRearrange conflicting tincd globals
Kirill Isakov [Wed, 23 Mar 2022 09:22:05 +0000 (15:22 +0600)]
Rearrange conflicting tincd globals

2 years agoAdd support for meson build system
Kirill Isakov [Wed, 23 Mar 2022 05:52:51 +0000 (11:52 +0600)]
Add support for meson build system

2 years agoGitHub CI: change build system to meson
Kirill Isakov [Fri, 18 Mar 2022 17:19:38 +0000 (23:19 +0600)]
GitHub CI: change build system to meson

2 years agosourcehut CI: change build system to meson
Kirill Isakov [Thu, 17 Mar 2022 19:26:20 +0000 (01:26 +0600)]
sourcehut CI: change build system to meson

2 years agoUpdate docs with instructions on building with meson
Kirill Isakov [Mon, 21 Mar 2022 09:41:26 +0000 (15:41 +0600)]
Update docs with instructions on building with meson

2 years agoMove sys/mman.h into have.h
Kirill Isakov [Sun, 20 Mar 2022 19:13:06 +0000 (01:13 +0600)]
Move sys/mman.h into have.h

2 years agoRemove vendored LZ4
Kirill Isakov [Mon, 21 Mar 2022 06:47:02 +0000 (12:47 +0600)]
Remove vendored LZ4

2 years agoRemove autotools configs
Kirill Isakov [Sun, 20 Mar 2022 19:13:41 +0000 (01:13 +0600)]
Remove autotools configs

2 years agoExtract common logic in OpenSSL-specific code
Kirill Isakov [Fri, 18 Mar 2022 13:39:28 +0000 (19:39 +0600)]
Extract common logic in OpenSSL-specific code

2 years agoAdd support for OpenSSL 3.0+
Kirill Isakov [Thu, 17 Mar 2022 14:49:29 +0000 (20:49 +0600)]
Add support for OpenSSL 3.0+

Also use centralized logging for OpenSSL errors.

https://github.com/gsliepen/tinc/issues/347

2 years agoCI: add tests with OpenSSL 3.0
Kirill Isakov [Wed, 16 Mar 2022 13:34:17 +0000 (19:34 +0600)]
CI: add tests with OpenSSL 3.0

2 years agoRemove unnecessary status bitfield conversions.
Guus Sliepen [Tue, 15 Mar 2022 07:39:35 +0000 (08:39 +0100)]
Remove unnecessary status bitfield conversions.

2 years agoReplace uint32_t bitfields with bool
Kirill Isakov [Tue, 15 Mar 2022 04:40:19 +0000 (10:40 +0600)]
Replace uint32_t bitfields with bool

This fixes a bunch of bugprone-narrowing-conversions from clang-tidy 12
or newer.

2 years agoCI: fix running clang-tidy on full sources
Kirill Isakov [Mon, 14 Mar 2022 17:01:57 +0000 (23:01 +0600)]
CI: fix running clang-tidy on full sources

2 years agoCI: run `make distcheck` instead of `make check`
Kirill Isakov [Sat, 12 Mar 2022 10:34:40 +0000 (16:34 +0600)]
CI: run `make distcheck` instead of `make check`

2 years agoFix `make distcheck`
Kirill Isakov [Sat, 12 Mar 2022 06:32:01 +0000 (12:32 +0600)]
Fix `make distcheck`

`make distcheck` builds and then calls both tinc and tincd with two options:

--version
--help

tincd behavior was changed by 28b7a53b6 to print usage information to
stderr, but automake expects to see a non-empty output from stdout, and
fails distcheck if it's empty.

2 years agoMove -lssp to LIBS.
Guus Sliepen [Mon, 24 Jan 2022 13:32:45 +0000 (14:32 +0100)]
Move -lssp to LIBS.

Append -lssp to LIBS to ensure the correct order of linking.

2 years agoCI: Ignore gcrypt sources when running clang-tidy.
Guus Sliepen [Sun, 23 Jan 2022 22:49:24 +0000 (23:49 +0100)]
CI: Ignore gcrypt sources when running clang-tidy.

2 years agoCI: Fix missing dependencies for macOS and Windows.
Guus Sliepen [Sat, 22 Jan 2022 22:26:50 +0000 (23:26 +0100)]
CI: Fix missing dependencies for macOS and Windows.

Clang-tidy doesn't like the latest OpenSSL libraries available in Brew,
so disable the clang-tidy test on macOS for now.

2 years agoEnable hardening flags at the end of the configure script.
Guus Sliepen [Sat, 22 Jan 2022 21:56:55 +0000 (22:56 +0100)]
Enable hardening flags at the end of the configure script.

Unfortunately some of the autoconf checks themselver trigger compiler
warnings when hardening is enabled and if -Werror is also enabled. Avoid
this by only enabling the hardening flags at the end of the configure
script.

2 years agoCI: Install netcat-openbsd on Debian.
Guus Sliepen [Sat, 22 Jan 2022 21:31:16 +0000 (22:31 +0100)]
CI: Install netcat-openbsd on Debian.

2 years agoEnable and fix many extra warnings supported by GCC and Clang.
Guus Sliepen [Sun, 16 Jan 2022 22:02:09 +0000 (23:02 +0100)]
Enable and fix many extra warnings supported by GCC and Clang.

This enables many extra warning options when hardening is enabled, and
fixes the definition of _FORTITY_SOURCE. -Wshadow is not (yet) enabled,
as this generates quite some warnings that are less trivial to fix.

2 years agoFix potential crash during failing PMTU discovery.
Guus Sliepen [Sun, 16 Jan 2022 19:45:41 +0000 (20:45 +0100)]
Fix potential crash during failing PMTU discovery.

If we get PACKET_TOO_BIG responses when sending UDP packets, we lower the
maximum MTU we will probe accordingly. However, after enough of those
responses, maxmtu could drop below zero and wrap. Guard against that by
never dropping maxmtu below the minimum required MTU for UDP communication.

3 years agoSuppress UBSan warnings in the xoshiro implementation.
Guus Sliepen [Mon, 23 Aug 2021 16:42:09 +0000 (18:42 +0200)]
Suppress UBSan warnings in the xoshiro implementation.

Xoshiro relies on the well defined overflow behavior of unsigned
integer, but UBSan complains about it unless we force it to ignore it.

3 years agoUse xoshiro256** to generate pseudo-random numbers.
Guus Sliepen [Mon, 16 Aug 2021 21:26:24 +0000 (23:26 +0200)]
Use xoshiro256** to generate pseudo-random numbers.

Also seed it using /dev/random or whatever equivalent is available.

3 years agoCI: fix archive name for sanitizer results.
Kirill Isakov [Mon, 23 Aug 2021 07:00:44 +0000 (13:00 +0600)]
CI: fix archive name for sanitizer results.

3 years agoCI: improve sanitizer runs; minor cleanups.
Kirill Isakov [Thu, 19 Aug 2021 08:36:02 +0000 (14:36 +0600)]
CI: improve sanitizer runs; minor cleanups.

- sanitizers now do the full test run, as in every other job.
- run all test flavors even if one of them fails.
- change big-endian cross build to little-endian MIPS.

3 years agoRestore libgcrypt support.
Kirill Isakov [Wed, 18 Aug 2021 08:51:10 +0000 (14:51 +0600)]
Restore libgcrypt support.

3 years agoMove repeating MIN/MAX macros into dropin.h.
Kirill Isakov [Tue, 17 Aug 2021 18:36:30 +0000 (00:36 +0600)]
Move repeating MIN/MAX macros into dropin.h.

3 years agoRename base64 funcs to show they're not RFC-compliant.
Kirill Isakov [Tue, 17 Aug 2021 18:30:01 +0000 (00:30 +0600)]
Rename base64 funcs to show they're not RFC-compliant.

3 years agoCI: run tests with libgcrypt.
Kirill Isakov [Mon, 16 Aug 2021 13:24:13 +0000 (19:24 +0600)]
CI: run tests with libgcrypt.

3 years agoFix memcmp() reading out of bounds in the tinc info command.
Guus Sliepen [Tue, 17 Aug 2021 21:33:33 +0000 (23:33 +0200)]
Fix memcmp() reading out of bounds in the tinc info command.

3 years agoUse epoll() if available.
Mathew Heard [Mon, 16 Aug 2021 02:04:19 +0000 (12:04 +1000)]
Use epoll() if available.

3 years agoFix UBSAN warnings in linux/device.c.
Kirill Isakov [Tue, 17 Aug 2021 10:35:22 +0000 (16:35 +0600)]
Fix UBSAN warnings in linux/device.c.

linux/device.c:149:11: runtime error: implicit conversion from type 'ssize_t' (aka 'long') of value -1 (64-bit, signed) to type 'size_t' (aka 'unsigned long') changed the value to 18446744073709551615 (64-bit, unsigned)
    #0 0x55e3cb851f84 in read_packet /home/runner/work/tinc/tinc/src/linux/device.c:149:11
    #1 0x55e3cb7bb7fe in handle_device_data /home/runner/work/tinc/tinc/src/net_packet.c:1906:5
    #2 0x55e3cb78e6e0 in event_loop /home/runner/work/tinc/tinc/src/event.c:353:5
    #3 0x55e3cb7a6a90 in main_loop /home/runner/work/tinc/tinc/src/net.c:505:6
    #4 0x55e3cb83d241 in main /home/runner/work/tinc/tinc/src/tincd.c:614:11
    #5 0x7fec881950b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #6 0x55e3cb757dcd in _start (/home/runner/work/tinc/tinc/src/tincd+0x9adcd)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior linux/device.c:149:11 in
linux/device.c:163:23: runtime error: unsigned integer overflow: 18446744073709551615 + 10 cannot be represented in type 'unsigned long'
    #0 0x55e3cb852253 in read_packet /home/runner/work/tinc/tinc/src/linux/device.c:163:23
    #1 0x55e3cb7bb7fe in handle_device_data /home/runner/work/tinc/tinc/src/net_packet.c:1906:5
    #2 0x55e3cb78e6e0 in event_loop /home/runner/work/tinc/tinc/src/event.c:353:5
    #3 0x55e3cb7a6a90 in main_loop /home/runner/work/tinc/tinc/src/net.c:505:6
    #4 0x55e3cb83d241 in main /home/runner/work/tinc/tinc/src/tincd.c:614:11
    #5 0x7fec881950b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #6 0x55e3cb757dcd in _start (/home/runner/work/tinc/tinc/src/tincd+0x9adcd)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior linux/device.c:163:23 in

3 years agoFix invalid logger() calls in Solaris device code.
Kirill Isakov [Tue, 17 Aug 2021 08:04:19 +0000 (14:04 +0600)]
Fix invalid logger() calls in Solaris device code.

3 years agoFix more memory leaks and invalid free() in invitation.c.
Kirill Isakov [Mon, 16 Aug 2021 18:01:51 +0000 (00:01 +0600)]
Fix more memory leaks and invalid free() in invitation.c.

3 years agoReplace pointers to cipher_t/digest_t in connection_t with structs.
Kirill Isakov [Sun, 15 Aug 2021 18:57:05 +0000 (00:57 +0600)]
Replace pointers to cipher_t/digest_t in connection_t with structs.

Part of #294.

3 years agoCI: downgrade cross-compilation jobs to debian:buster
Kirill Isakov [Sun, 15 Aug 2021 18:56:58 +0000 (00:56 +0600)]
CI: downgrade cross-compilation jobs to debian:buster

3 years agoSimplify signal handling.
Mathew Heard [Sun, 15 Aug 2021 05:46:04 +0000 (15:46 +1000)]
Simplify signal handling.

Use an array instead of a splay tree.

3 years agoFix UBSAN warnings about conversions and overflows.
Kirill Isakov [Sun, 15 Aug 2021 17:25:04 +0000 (23:25 +0600)]
Fix UBSAN warnings about conversions and overflows.

3 years agoCI: use explicit Debian release names.
Guus Sliepen [Sun, 15 Aug 2021 18:05:24 +0000 (20:05 +0200)]
CI: use explicit Debian release names.

Currently debian:stable fails because the image on Docker Hub is still
buster, but bullseye is the new stable, and the sources.list URLs are
wrong.

3 years agotincd on Windows: call srand() after main2()
Kirill Isakov [Sun, 15 Aug 2021 12:43:14 +0000 (18:43 +0600)]
tincd on Windows: call srand() after main2()

On Windows, rand() was returning the same sequence on every service
execution, because srand() was initializing its state only for the
short-lived process.