Commit graph

95 commits

Author SHA1 Message Date
Erik Ekman
b715be5cf3 Fix authentication bypass bug
The client could bypass the password check by continuing after getting error
from the server and guessing the network parameters. The server would still
accept the rest of the setup and also network traffic.

Add checks for normal and raw mode that user has authenticated before allowing
any other communication.

Problem found by Oscar Reparaz.
2014-06-16 21:43:22 +02:00
Erik Ekman
3ebcd29b13 Add support for using an unspecified RR type
Add PRIVATE query type with id 65399 (private use range).
According to RFC3597 the reply data in a query with unspecified RR type must be handled
as unstructured binary data, which means it can contain raw packet data just like the NULL type.
Since the reply format is optimal it is ordered just after NULL in the priority order.
2014-06-09 20:06:36 +02:00
Erik Ekman
3fadbfb580 Do not let sockets be inherited by sub-processes
Set FD_CLOEXEC flag on tunnel and UDP file descriptors.
Fixes ticket #99, "should not allow UDP socket to be inherited by ifconfig"
2014-06-04 17:48:43 +09:00
Erik Ekman
c1b24abf3a Update changelog 2014-05-29 19:08:20 +02:00
Erik Ekman
5079d8bf5e Fix up changelog 2014-04-08 21:04:17 +02:00
Erik Ekman
a737d6ea7f Update documentation 2014-02-05 23:18:42 +01:00
Erik Ekman
0f7c3782b8 Update changelog 2014-01-29 19:53:13 +01:00
Erik Ekman
abb2d6cb87 Update changelog 2014-01-29 18:31:21 +01:00
Erik Ekman
43e4fb5448 Add automatic external IP lookup via '-n auto'
Leonard Lausen proposed iodined should use externalip.net api
to find external ip. Use -n auto to trigger a lookup.
2012-09-03 10:34:27 +02:00
Erik Ekman
9443f3bbe9 Update changelog 2012-09-03 10:29:54 +02:00
Erik Ekman
24241666fa Update changelog 2012-02-05 08:46:16 +01:00
Erik Ekman
423cbec41d Added android specific readme file, along with new make targets
Also updated changelog.
2012-02-05 00:36:15 +01:00
Laurent Ghigonis
d4849a5dbf Add support for openbsd routing domain, #95 2012-02-04 20:34:05 +01:00
Håkan Kvist
9c3343e6ac Allow spaces in passwords, #93 2012-02-04 20:34:05 +01:00
Erik Ekman
0a968a5144 Initialize 'inside_topdomain'. Fixes #94 2012-02-04 20:34:05 +01:00
jsbid1
7ae8d04955 Fix #86, patch from jsbid1 gmail.com 2012-02-04 20:34:04 +01:00
Erik Ekman
1a26a91db3 #82, switch to gethostbyname() for win32 support 2012-02-04 20:34:04 +01:00
Erik Ekman
c5bdf07070 #82 update docs 2012-02-04 20:34:04 +01:00
Erik Ekman
8daba65a03 #76 Update changelog 2012-02-04 20:34:04 +01:00
Erik Ekman
342b5787be Update changelog after #75 2012-02-04 20:34:04 +01:00
Erik Ekman
7e9ce2716b Updated changelog after #79 2012-02-04 20:34:03 +01:00
Erik Ekman
0cdd537819 #78, print server tunnel ip 2012-02-04 20:34:03 +01:00
Erik Ekman
01e558022e #77, get password from env variable 2012-02-04 20:34:03 +01:00
Erik Ekman
a3757a07aa Updated changelog 2012-02-04 20:34:03 +01:00
Erik Ekman
1137ac6ac9 Updated docs 2012-02-04 20:34:03 +01:00
Erik Ekman
0e81cd78bc Update changelog and proto docs 2012-02-04 20:34:03 +01:00
Erik Ekman
3a2f66fb44 Update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
23dc3f0844 Update changelog 2012-02-04 20:34:02 +01:00
Sebastien Raveau
d5acb508bc Add support for applying SELinux context 2012-02-04 20:34:02 +01:00
Erik Ekman
17105a26db update changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
8fc8ce587c Any number of TAP32 interfaces supported, use -d to choose. #46 2012-02-04 20:34:02 +01:00
Erik Ekman
e59aaa523e Fixed #47, support any TAP device name 2012-02-04 20:34:02 +01:00
Erik Ekman
6ac35cfedc Updated changelog 2012-02-04 20:34:02 +01:00
Erik Ekman
e51af14bcc new release 2012-02-04 20:34:01 +01:00
Erik Ekman
5addc77102 updated changelog 2012-02-04 20:34:01 +01:00
Erik Ekman
3c38a9a307 Update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman
b6c8ea50e5 Update changelog after release 2012-02-04 20:34:01 +01:00
Erik Ekman
a3a20a2b09 #53 Support TAP32 version 0901 as well 2012-02-04 20:34:01 +01:00
Erik Ekman
addd798712 Set interface MTU to 1200.
1188 is the uncompressed DNS reply payload size that gets through
unfragmented on Ethernet.
2012-02-04 20:34:01 +01:00
Erik Ekman
84f5965825 Increase default mtu to 1500 2012-02-04 20:34:01 +01:00
Erik Ekman
a5b3c6d63e #44 add note about -P argument, update changelog 2012-02-04 20:34:01 +01:00
Erik Ekman
af1380f29d #45: Use IpHelper to get DNS server on win32 2012-02-04 20:34:01 +01:00
Erik Ekman
c7b21b7d84 updated changelog with #51 2012-02-04 20:34:00 +01:00
Erik Ekman
bf46666fe8 #50 added syslog logging for version and login packets. no-op on windows 2012-02-04 20:34:00 +01:00
Erik Ekman
4734bd0ee0 Added win32 specific readme 2012-02-04 20:34:00 +01:00
Erik Ekman
03f4fb11d2 update changelog after release 2012-02-04 20:33:59 +01:00
Erik Ekman
b1bf20d3c8 Updated changelog 2012-02-04 20:33:59 +01:00
Erik Ekman
78d324a6b4 Enhanced checks on incoming queries, check user exists and is active 2012-02-04 20:33:59 +01:00
Erik Ekman
bd1a8443d1 #7 finally done\! Added autoprobing of max downstream fragsize. 2012-02-04 20:33:59 +01:00
Erik Ekman
43c438971b Allow setting netmask in iodined, fixes #27. The same netmask will be given to clients as well. Updated docs. 2012-02-04 20:33:59 +01:00