Commit graph

95 commits

Author SHA1 Message Date
Erik Ekman b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman 3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman 3fadbfb580 Do not let sockets be inherited by sub-processes
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman c1b24abf3a Update changelog 2014-05-29 19:08:20 +02:00
Erik Ekman 5079d8bf5e Fix up changelog 2014-04-08 21:04:17 +02:00
Erik Ekman a737d6ea7f Update documentation 2014-02-05 23:18:42 +01:00
Erik Ekman 0f7c3782b8 Update changelog 2014-01-29 19:53:13 +01:00
Erik Ekman abb2d6cb87 Update changelog 2014-01-29 18:31:21 +01:00
Erik Ekman 43e4fb5448 Add automatic external IP lookup via '-n auto'
Leonard Lausen proposed iodined should use externalip.net api
to find external ip. Use -n auto to trigger a lookup.
2012-09-03 10:34:27 +02:00
Erik Ekman 9443f3bbe9 Update changelog 2012-09-03 10:29:54 +02:00
Erik Ekman 24241666fa Update changelog 2012-02-05 08:46:16 +01:00
Erik Ekman 423cbec41d Added android specific readme file, along with new make targets
Also updated changelog.
2012-02-05 00:36:15 +01:00
Laurent Ghigonis d4849a5dbf Add support for openbsd routing domain, #95 2012-02-04 20:34:05 +01:00
Håkan Kvist 9c3343e6ac Allow spaces in passwords, #93 2012-02-04 20:34:05 +01:00
Erik Ekman 0a968a5144 Initialize 'inside_topdomain'. Fixes #94 2012-02-04 20:34:05 +01:00
jsbid1 7ae8d04955 Fix #86, patch from jsbid1 gmail.com 2012-02-04 20:34:04 +01:00
Erik Ekman 1a26a91db3 #82, switch to gethostbyname() for win32 support 2012-02-04 20:34:04 +01:00
Erik Ekman c5bdf07070 #82 update docs 2012-02-04 20:34:04 +01:00
Erik Ekman 8daba65a03 #76 Update changelog 2012-02-04 20:34:04 +01:00
Erik Ekman 342b5787be Update changelog after #75 2012-02-04 20:34:04 +01:00
Erik Ekman 7e9ce2716b Updated changelog after #79 2012-02-04 20:34:03 +01:00
Erik Ekman 0cdd537819 #78, print server tunnel ip 2012-02-04 20:34:03 +01:00
Erik Ekman 01e558022e #77, get password from env variable 2012-02-04 20:34:03 +01:00
Erik Ekman a3757a07aa Updated changelog 2012-02-04 20:34:03 +01:00
Erik Ekman 1137ac6ac9 Updated docs 2012-02-04 20:34:03 +01:00
Erik Ekman 0e81cd78bc Update changelog and proto docs 2012-02-04 20:34:03 +01:00
Erik Ekman 3a2f66fb44 Update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman 23dc3f0844 Update changelog 2012-02-04 20:34:02 +01:00
Sebastien Raveau d5acb508bc Add support for applying SELinux context 2012-02-04 20:34:02 +01:00
Erik Ekman 17105a26db update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman 8fc8ce587c Any number of TAP32 interfaces supported, use -d to choose. #46 2012-02-04 20:34:02 +01:00
Erik Ekman e59aaa523e Fixed #47, support any TAP device name 2012-02-04 20:34:02 +01:00
Erik Ekman 6ac35cfedc Updated changelog 2012-02-04 20:34:02 +01:00
Erik Ekman e51af14bcc new release 2012-02-04 20:34:01 +01:00
Erik Ekman 5addc77102 updated changelog 2012-02-04 20:34:01 +01:00
Erik Ekman 3c38a9a307 Update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman b6c8ea50e5 Update changelog after release 2012-02-04 20:34:01 +01:00
Erik Ekman a3a20a2b09 #53 Support TAP32 version 0901 as well 2012-02-04 20:34:01 +01:00
Erik Ekman addd798712 Set interface MTU to 1200.
1188 is the uncompressed DNS reply payload size that gets through
unfragmented on Ethernet.
2012-02-04 20:34:01 +01:00
Erik Ekman 84f5965825 Increase default mtu to 1500 2012-02-04 20:34:01 +01:00
Erik Ekman a5b3c6d63e #44 add note about -P argument, update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman af1380f29d #45: Use IpHelper to get DNS server on win32 2012-02-04 20:34:01 +01:00
Erik Ekman c7b21b7d84 updated changelog with #51 2012-02-04 20:34:00 +01:00
Erik Ekman bf46666fe8 #50 added syslog logging for version and login packets. no-op on windows 2012-02-04 20:34:00 +01:00
Erik Ekman 4734bd0ee0 Added win32 specific readme 2012-02-04 20:34:00 +01:00
Erik Ekman 03f4fb11d2 update changelog after release 2012-02-04 20:33:59 +01:00
Erik Ekman b1bf20d3c8 Updated changelog 2012-02-04 20:33:59 +01:00
Erik Ekman 78d324a6b4 Enhanced checks on incoming queries, check user exists and is active 2012-02-04 20:33:59 +01:00
Erik Ekman bd1a8443d1 #7 finally done\! Added autoprobing of max downstream fragsize. 2012-02-04 20:33:59 +01:00
Erik Ekman 43c438971b Allow setting netmask in iodined, fixes #27. The same netmask will be given to clients as well. Updated docs. 2012-02-04 20:33:59 +01:00