Like other unix tools: don't print application output, if the user asks
intentionally for help.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
Those arguments were introduced, but not documented.
Fixes: 619ede5d ("Add options to force IP version for client DNS traffic")
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
There is no value in printing the usage in this case, as the usage
doesn't give the user any hint on how to solve this issue.
Furthermore, replace the Windows implementation with an empty inline
function, which will result in no code.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
Build position-indepent executables, required for Android L (5.0+)
They also work with kitkat.
Add new maketarget "cross-android-old" that builds without PIE
for older versions.
Include both new and old versions in latest-android.zip. Add arm64.
Hopefully solves github PR #14.
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.
Use -L to only listen on a specific v6 address.
IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.
Tunnel data is still IPv4.
Add a struct with multiple dns file descriptors (for IPv4 and IPv6)
and pass this to required areas. Choose which descriptor to use when
sending by looking at the destination address family.
As of 10.6, OS X has native tunnel devices. They are implemented as
sockets rather than character devices, but otherwise they appear to
behave the same as Free/OpenBSD tunnels.
'-d utunX' will tell iodine to use a utun device. For backward
compatibility, we'll continue to default to the old tuntap devices for
now.
This is a port of Peter Sagerson <psagers.github@ignorare.net>'s openvpn
commit 43e5016a.
"Permission to use, copy, modify, and distribute this software" is now
"Permission to use, copy, modify, and/or distribute this software".
Add license header to source files missing one.
Recent versions of systemd don't ship with libsystemd-daemon.so anymore,
but instead use libsystemd.so for everything. This is obviously
problematic for using the same LDFLAGS on old systemd and new systemd.
So, they also ship compatability pkgconfig files, which use the old
names but return the new library. So, the most portable way to support
both old and new systemd is to use pkgconfig. It's not a problem either,
since systems that use systemd are bound to also have pkgconfig
installed.
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.
Add checks for normal and raw mode that user has authenticated before allowing
any other communication.
Problem found by Oscar Reparaz.
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
The arguments to open_dns() needs to be updated after API change.
Called with 0, INADDR_ANY used to mean port, IP address but now means
pointer to sockadddr and its length. Thanks to C for not giving any
warnings or errors..
Warning from OpenBSD/NetBSD:
CC iodine.c
iodine.c: In function 'main':
iodine.c:141:6: warning: 'nameservaddr_len' may be used uninitialized in this function
Note that GCC -O2 is happy to optimize away (x<0) when x is an
unsigned quantity. This was actually occurring in CHECKLEN(0),
causing the compiler to issue a warning.
The iodine client now supports both IPv4 and IPv6 nameservers for
sending DNS queries to an IPv4 iodined. The nameserver will
transparently handle translation between IP protocols.
Windows port needs Vista or later to support IPv6.
iodined.c: In function ‘write_dns_nameenc’:
iodined.c:2030:23: attention : argument to ‘sizeof’ in ‘memset’ call is the same
expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
memset(buf, 0, sizeof(buf));
sizeof buf will just give the size of the pointer, while buflen will clean the whole
memory.
