Commit graph

106 commits

Author SHA1 Message Date
Erik Ekman df49fd6f3d Update changelog 2022-07-18 23:36:07 +02:00
Erik Ekman 853d5f3764 Update CHANGELOG 2021-08-25 22:00:11 +02:00
Erik Ekman 2032b44949 Look up external IP via DNS instead of HTTP
Use myip.opendns.com via their resolver.

The code is now TCP free again :)
2020-05-24 16:06:41 +02:00
Erik Ekman 27e5d6fadd code.kryo.se is now served over HTTPS 2018-03-24 15:00:37 +01:00
Erik Ekman a8a5fbbf0d Second attempt at PIE binary for new android
Github PR #14
2015-08-05 20:04:03 +02:00
Erik Ekman b4e9148df8 Support raw mode for both IPv4 and IPv6
Read destination address of IP request packet and return it.
Check length in client and use it as IPv4 or v6 depending on length.
2015-06-28 22:41:54 +02:00
Erik Ekman 7a117bd71e IPv6 support for DNS traffic in server
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.

Use -L to only listen on a specific v6 address.

IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.

Tunnel data is still IPv4.
2015-06-28 20:01:48 +02:00
Erik Ekman 3069665646 Speling 2015-06-28 10:36:49 +02:00
Erik Ekman 69a91d5421 Update changelog 2015-06-27 12:14:34 +02:00
Erik Ekman 1f51bab2a3 Update changelog 2015-04-08 08:50:07 +02:00
Erik Ekman b4c3656c3c Update changelog after release 2014-06-16 23:43:20 +02:00
Erik Ekman b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman 3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman 3fadbfb580 Do not let sockets be inherited by sub-processes
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman c1b24abf3a Update changelog 2014-05-29 19:08:20 +02:00
Erik Ekman 5079d8bf5e Fix up changelog 2014-04-08 21:04:17 +02:00
Erik Ekman a737d6ea7f Update documentation 2014-02-05 23:18:42 +01:00
Erik Ekman 0f7c3782b8 Update changelog 2014-01-29 19:53:13 +01:00
Erik Ekman abb2d6cb87 Update changelog 2014-01-29 18:31:21 +01:00
Erik Ekman 43e4fb5448 Add automatic external IP lookup via '-n auto'
Leonard Lausen proposed iodined should use externalip.net api
to find external ip. Use -n auto to trigger a lookup.
2012-09-03 10:34:27 +02:00
Erik Ekman 9443f3bbe9 Update changelog 2012-09-03 10:29:54 +02:00
Erik Ekman 24241666fa Update changelog 2012-02-05 08:46:16 +01:00
Erik Ekman 423cbec41d Added android specific readme file, along with new make targets
Also updated changelog.
2012-02-05 00:36:15 +01:00
Laurent Ghigonis d4849a5dbf Add support for openbsd routing domain, #95 2012-02-04 20:34:05 +01:00
Håkan Kvist 9c3343e6ac Allow spaces in passwords, #93 2012-02-04 20:34:05 +01:00
Erik Ekman 0a968a5144 Initialize 'inside_topdomain'. Fixes #94 2012-02-04 20:34:05 +01:00
jsbid1 7ae8d04955 Fix #86, patch from jsbid1 gmail.com 2012-02-04 20:34:04 +01:00
Erik Ekman 1a26a91db3 #82, switch to gethostbyname() for win32 support 2012-02-04 20:34:04 +01:00
Erik Ekman c5bdf07070 #82 update docs 2012-02-04 20:34:04 +01:00
Erik Ekman 8daba65a03 #76 Update changelog 2012-02-04 20:34:04 +01:00
Erik Ekman 342b5787be Update changelog after #75 2012-02-04 20:34:04 +01:00
Erik Ekman 7e9ce2716b Updated changelog after #79 2012-02-04 20:34:03 +01:00
Erik Ekman 0cdd537819 #78, print server tunnel ip 2012-02-04 20:34:03 +01:00
Erik Ekman 01e558022e #77, get password from env variable 2012-02-04 20:34:03 +01:00
Erik Ekman a3757a07aa Updated changelog 2012-02-04 20:34:03 +01:00
Erik Ekman 1137ac6ac9 Updated docs 2012-02-04 20:34:03 +01:00
Erik Ekman 0e81cd78bc Update changelog and proto docs 2012-02-04 20:34:03 +01:00
Erik Ekman 3a2f66fb44 Update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman 23dc3f0844 Update changelog 2012-02-04 20:34:02 +01:00
Sebastien Raveau d5acb508bc Add support for applying SELinux context 2012-02-04 20:34:02 +01:00
Erik Ekman 17105a26db update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman 8fc8ce587c Any number of TAP32 interfaces supported, use -d to choose. #46 2012-02-04 20:34:02 +01:00
Erik Ekman e59aaa523e Fixed #47, support any TAP device name 2012-02-04 20:34:02 +01:00
Erik Ekman 6ac35cfedc Updated changelog 2012-02-04 20:34:02 +01:00
Erik Ekman e51af14bcc new release 2012-02-04 20:34:01 +01:00
Erik Ekman 5addc77102 updated changelog 2012-02-04 20:34:01 +01:00
Erik Ekman 3c38a9a307 Update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman b6c8ea50e5 Update changelog after release 2012-02-04 20:34:01 +01:00
Erik Ekman a3a20a2b09 #53 Support TAP32 version 0901 as well 2012-02-04 20:34:01 +01:00
Erik Ekman addd798712 Set interface MTU to 1200.
1188 is the uncompressed DNS reply payload size that gets through
unfragmented on Ethernet.
2012-02-04 20:34:01 +01:00