Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738) The authentication protocol allows an oracle attack that could potentially be exploited. This commit contains several mitigations: - Connections are no longer closed immediately on error, but put in a "tarpit". - The authentication protocol now requires a valid CHAL_REPLY from the initiator of a connection before sending a CHAL_REPLY of its own. - Only a limited amount of connections per second are accepted. - Null ciphers or digests are no longer allowed in METAKEYs. - Connections that claim to have the same name as the local node are rejected.
Reformat all code using astyle.
Update copyright notices.
Fix forwarding of edge updates. Commit e4670fc accidentily prevented ADD_EDGE messages from propagating in some cases.
Improve performance of edge updates.
Update copyright notices.
Rename connection_t *broadcast to everyone.
Detect and prevent two nodes with the same Name being on the VPN simultaneously. In this situation, the two nodes will start fighting over the edges they announced. When we have to contradict both ADD_EDGE and DEL_EDGE messages, we log a warning, and with 25% chance per PingTimeout we quit.
Use uint32_t instead of long int for connection options. Options should have a fixed width anyway, but this also fixes a possible MinGW compiler bug where %lx tries to print a 64 bit value, even though a long int is only 32 bits.
Remove code duplication when checking ADD_EDGE/DEL_EDGE messages.
Drop support for localisation. Localised messages don't make much sense for a daemon, and there is only the Dutch translation which costs time to maintain.
Remove checkpoint tracing. This feature is not necessary anymore since we have tools like valgrind today that can catch stack overflow errors before they make a backtrace in gdb impossible.
K&R style braces. This is essentially commit f02d3ed3e135b5326003e7f69f8331ff6a3cc219 from the 1.1 branch, making it easier to merge between master and 1.1.
Update the address of the Free Software Foundation in all copyright headers.
Remove all occurences of $Id$.
Update copyright information. - Update year numbers in copyright headers. - Add copyright information for Michael Tokarev and Florian Forster to the copyright headers of files to which they have contributed significantly. - Mention Michael and Florian in AUTHORS. - Mention that tinc is GPLv3 or later if compiled with the --enable-tunemu flag.
Use only rand(), not random(). We used both rand() and random() in our code. Since it returns an int, we have to use %x in our format strings instead of %lx. This fixes a crash under Windows when cross-compiling tinc with a recent version of MinGW.
ignore indirect edge registrations in tunnelserver mode In tunnelserver mode we're not interested to hear about our client edges, just like in case of subnets. Just ignore all requests which are not about our node or the client node. The fix is very similar to what was done for subnets. Note that we don't need to add the "unknown" nodes to the list in tunnelserver mode too, so move allocation of new nodes down the line.
Update copyright notices, remove Ivo's email address.
Update copyright notices.