Commit Graph

190 Commits

Author SHA1 Message Date
Erik Ekman a8a20f570e Formatting: spaces around operators 2020-07-24 19:15:02 +02:00
Erik Ekman aeacfbc2c0 Formatting: No spaces after '(' or before ')' 2020-07-24 19:02:41 +02:00
Erik Ekman 19d0d1be64 Formatting: Space between 'if' and parenthesis 2020-07-24 18:56:30 +02:00
Erik Ekman ec6a1ac308 Fix IPv4 address in replies to A or NS queries (github issue #38)
The destination field in struct query was changed from in_addr_t to
struct sockaddr_storage, wihtout updating the functions sending it
in src/dns.c.

Only add extra A answer for NS queries if destination refers to an
IPv4 address, and fail if trying to encode a reply to an A query
if destination is not IPv4.

This means NS requests received over IPv6 will not contain an address
and A requests will be ignored, unless the -n option is used, or the
www subdomain is requested which sets a fixed address (127.0.0.1).
2020-07-23 21:49:46 +02:00
Erik Ekman 2032b44949 Look up external IP via DNS instead of HTTP
Use myip.opendns.com via their resolver.

The code is now TCP free again :)
2020-05-24 16:06:41 +02:00
Erik Ekman 8379384d37 Improve usage/help text around finding external IP 2020-05-24 13:41:54 +02:00
Erik Ekman 72bdf7f20e Merge branch 'protect-options' of https://github.com/Masaq-/iodine into protect_opts 2017-10-22 11:59:38 +02:00
chengzhicn 122ac1a25d check error returned by dns_decode
before this commit, sending "GET / HTTP/1.1" to server will cause uninitialized variable access.
2017-10-13 03:08:12 +08:00
Ralf Ramsauer 8c5127b375 don't zero-initialise variable
For global variables, the C standard ensures that this variable will be
zeroed on startup.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:50 -08:00
Ralf Ramsauer 4591cafd27 encoding: simplify {places,eats}_dots
Why not using constant bools?

Much simpler than complex function calls, that eventually return
constant values.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:50 -08:00
Ralf Ramsauer 6b438e7517 encoder: further simplifications
Get rid of unique header files for each encoder, consolidate them to
where they are actually needed: encoding.h.

This also simplifies the generation of the base64u decoder, as its
header file does not need to be generated any longer.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:49 -08:00
Ralf Ramsauer b517121f1c base encoder: simplify structures
We don't need complex getters. Just expose basic operations as they are.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:49 -08:00
Ralf Ramsauer d05923d2b1 global: constify things
const everything, that should be const.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:49 -08:00
Ralf Ramsauer 52c4940523 Warn, warn warn.
iodine does not seem to follow any styling guidelines (mixture of
different function prototypes, ...).  So let's introduce some.  This
will improve overall code quality and readability.

Additionally, warnings will improve code quality as well. Let's turn on
very pedantic warnings, and fix everything where the compiler barks
back.

Introduce the following function definition scheme:
  type function_name(type name, type1 name1 ...)
  {
  }
This allows us to copy and paste the definition to the declaration by
selecting one single line.

Furthermore, limit line length to 80 characters.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 21:30:01 -08:00
Ralf Ramsauer ac6db12ddb iodine, iodined: print intentional help to stdout
Like other unix tools: don't print application output, if the user asks
intentionally for help.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 10:39:38 -08:00
Ralf Ramsauer b884bfecfb iodined: improve usage() readability
Best readability is at 80 characters maximum per line.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 02:17:27 -08:00
Ralf Ramsauer 829a822de3 iodined: improve help output format
Standardise output format:
  - remove redundant fprint calls
  - maximum character width: 80 characters (improved readability)
  - add additional newlines

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 02:17:27 -08:00
Ralf Ramsauer fe0dbccbc5 iodine/iodined: get rid of redundant local __progname definition
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 02:17:27 -08:00
Ralf Ramsauer 1c86bf347f iodine/iodined: do not print usage if no superuser
There is no value in printing the usage in this case, as the usage
doesn't give the user any hint on how to solve this issue.

Furthermore, replace the Windows implementation with an empty inline
function, which will result in no code.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
2017-03-11 02:17:27 -08:00
Will Szumski 1ad7c05b92 Do not validate the autodetected IPs of additional address families when using -4 (IPV4 only) and -6 (IPv6 only) flags 2016-11-23 01:00:11 +00:00
Masaq- a96e2e7a69 Refuse attempts to set options after option negotiation has completed. 2016-10-22 04:46:48 +00:00
Aleksei Fedotov 4987aa536d Add support for socket activation by ipv6 socket
iodined may accept ipv4 and ipv6 sockets via systemd socket activation,
we need to figure out type of sockets.
2016-05-10 14:09:21 +03:00
Erik Ekman fc1611fc40 Only accept IPv6 in server IPv6 socket
Set IPV6_V6ONLY flag on server socket. Not all operating systems
support mixing v4/v6 in one socket, so separate them all the time.
2015-06-30 21:58:16 +02:00
Erik Ekman 4d03ee7786 Allow choosing only IPv4 or IPv6 in server
IPv6 might still allow IPv4 since V6_ONLY is not set by the server.
2015-06-30 21:32:21 +02:00
Erik Ekman b4e9148df8 Support raw mode for both IPv4 and IPv6
Read destination address of IP request packet and return it.
Check length in client and use it as IPv4 or v6 depending on length.
2015-06-28 22:41:54 +02:00
Erik Ekman 7a51b22909 Simplify cleanup code 2015-06-28 21:05:23 +02:00
Erik Ekman ec0e3f2e51 Change sockaddr lengths back to signed
They are used to check negative return values.
2015-06-28 20:25:22 +02:00
Erik Ekman 7a117bd71e IPv6 support for DNS traffic in server
Server will by default listen on both IPv4 and IPv6.
No way to only listen on one protocol right now.

Use -L to only listen on a specific v6 address.

IP address to use for raw mode is still IPv4 only.
Use -n on server to make raw mode work from IPv6 clients,
then they will get an IPv4 address from the server for raw mode.

Tunnel data is still IPv4.
2015-06-28 20:01:48 +02:00
Erik Ekman 07c2fd4068 Prepare server code for IPv6 listening socket
Add a struct with multiple dns file descriptors (for IPv4 and IPv6)
and pass this to required areas. Choose which descriptor to use when
sending by looking at the destination address family.
2015-06-28 13:05:17 +02:00
Erik Ekman 582a818f2a Switch external IP service to api.ipify.org
externalip.net seems to have gone away
2015-06-27 12:11:43 +02:00
Erik Ekman 778d29825d Switch to IPv6-ready storage of user IP address 2015-06-27 11:57:39 +02:00
Erik Ekman 9a45c4aa66 Change license wording to follow ISC license exactly
"Permission to use, copy, modify, and distribute this software" is now
"Permission to use, copy, modify, and/or distribute this software".

Add license header to source files missing one.
2014-08-07 21:18:33 +02:00
Barak A. Pearlmutter 46532539c2 Rename VERSION define
prep for autotools: autoconf defines VERSION so s/VERSION/PROTOCOL_VERSION/
2014-08-07 12:55:59 +02:00
Erik Ekman b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman 3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman a23899513d Remove trailing whitespace 2014-06-01 08:46:54 +02:00
Erik Ekman 388afe3845 Update copyright 2014-06-01 08:46:54 +02:00
Erik Ekman 3914d37c99 Move error message generation into topdomain check method
Change isalpha() to a-z check to avoid locale issues
2014-05-31 10:07:36 +02:00
Erik Ekman d6c3426b84 Set C standard to C99
Also include strings.h where strcasecmp() is used
2014-05-29 18:38:43 +02:00
Erik Ekman eca80f769b Merge branch 'master' of https://github.com/jedisct1/iodine 2014-04-06 13:31:34 +02:00
Erik Ekman f02339b3b2 IPv6: Create single way to format IP addresses 2014-02-06 19:44:26 +01:00
Erik Ekman a1d88c4f0a IPv6 support for client (#107)
The iodine client now supports both IPv4 and IPv6 nameservers for
sending DNS queries to an IPv4 iodined. The nameserver will
transparently handle translation between IP protocols.

Windows port needs Vista or later to support IPv6.
2014-02-05 22:36:53 +01:00
Erik Ekman 8baad91156 Make sure buffer is zero-terminated when getting external ip
Also switch to HTTP 1.0 to avoid chunked transfer coding.
2014-01-29 23:12:22 +01:00
Erik Ekman fb9e930fee Print git revision as version 2014-01-29 20:25:45 +01:00
Erik Ekman 900647fa0c Merge pull request #4 from mscherer/systemd
Add socket activation for systemd, with a option to stop on idle
2014-01-29 09:25:00 -08:00
Michael Scherer abd276ed9e Add idle option, so we can stop iodine and start it on demand with systemd 2013-12-23 22:57:50 +01:00
Michael Scherer 27fb4c75cd Add support to have on demand socket activation of iodine 2013-12-23 22:57:40 +01:00
Michael Scherer 64ff684754 Fix gcc warning -Wsizeof-pointer-memaccess
iodined.c: In function ‘write_dns_nameenc’:
iodined.c:2030:23: attention : argument to ‘sizeof’ in ‘memset’ call is the same
expression as the destination; did you mean to provide an explicit length? [-Wsizeof-pointer-memaccess]
  memset(buf, 0, sizeof(buf));

sizeof buf will just give the size of the pointer, while buflen will clean the whole
memory.
2013-12-23 18:04:06 +01:00
Frank Denis 58dac78bd8 Fix NULL pointer deref 2013-05-20 10:30:43 -07:00
Frank Denis 2d90aaaf30 Wipe the whole buffer containing the DNS name, not the size of its pointer 2013-05-20 10:28:25 -07:00