chiark / gitweb /
6 years agosvc/ Monitor class for ConnMan.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
svc/ Monitor class for ConnMan.

As used in Sailfish.

6 years agoserver/ Don't run strace(1) unconditionally.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
server/ Don't run strace(1) unconditionally.

It slows things down, might not be available, and doesn't work in
Scratchbox (because QEmu doesn't implement ptrace(2)).

6 years agosvc/ Update NetworkManager protocol handling.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
svc/ Update NetworkManager protocol handling.

All of the state codes have changed because XDG.

6 years agosvc/ (straddr): Handle `None' as a packed address.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
svc/ (straddr): Handle `None' as a packed address.

6 years agomon/ Add per-peer key selection and mobile options.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ Add per-peer key selection and mobile options.

6 years agomon/ Show per-peer crypto details in peer info sheet.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ Show per-peer crypto details in peer info sheet.

6 years agomon/ New `TrivialWindow' class: dismiss with Escape.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ New `TrivialWindow' class: dismiss with Escape.

Now it's easier to dismiss all of those random little dialogues.

6 years agomon/ Support the new-style bindings for Gtk and friends.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ Support the new-style bindings for Gtk and friends.

This is a fair amount of tedious work, especially if we want to keep
compatibility with the old versions of things.


  * There are separate modules now for GLib and GObject, as in the
    underlying C libraries; the old Python bindings merged the two

  * Gtk enumerations and flags now live in their own classes, so we dig
    them out for compatibility.

  * Because the new bindings are dynamically generated from
    introspection data, they don't make allowances for (say) `raise'
    being a Python reserved word.

  * Some functions which used to have default arguments no longer do, so
    we have to call them the hard way.

6 years agomon/ Highlight entry background when contents are invalid.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ Highlight entry background when contents are invalid.

This shows up much better than the foreground.

6 years agomon/ Remove spurious argument.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ Remove spurious argument.

Not sure how this passed even cursory testing.

6 years agomon/ `connect' service's `list' command is now `list-active'.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
mon/ `connect' service's `list' command is now `list-active'.

6 years agomon/ Whitespace fixing.
Mark Wooding [Sat, 19 Jul 2014 00:59:26 +0000 (01:59 +0100)]
mon/ Whitespace fixing.

6 years agoserver/: New `implicit-IV' transform (`iiv').
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
server/: New `implicit-IV' transform (`iiv').

The new transform has two advantages over the existing `v0' transform:

  * it doesn't need to transmit an explicit IV, so it adds less overhead
    to messages being sent; and

  * it's entirely deterministic, getting variation from the input
    sequence number rather than randomness, which (a) improves
    performance a bit by not exercising the cryptographic random number
    generator, and (b) eliminates a kleptographic channel.

This change triggers a bug in mLib 2.2.1 and earlier: `dstr_putf'
doesn't handle `%.*s' correctly.

6 years agoserver/: Prepare an interface for multiple bulk-crypto transforms.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
server/: Prepare an interface for multiple bulk-crypto transforms.

The current bulk-crypto transform is rather old-fashioned (though in
most formal senses secure).  It is neither as efficient as it could
be (in terms of overhead); nor does it provide privacy properties which
are as good as I'd like.  So it would be good to be able to replace it
with something better.

There's now a table of named transforms.  It only has one entry, `v0',
which is compatible with previous versions, but we now have all of the
machinery necessary to add new transforms later.

There are also some minor improvements to the tracing of cryptographic
details (notably: reporting the types of messages being encrypted and
decrypted); and an interface change for @ks_encrypt@ and @ks_decrypt@,
which are now allowed to corrupt @buf_u@ in the course of their

6 years agoserver/ Remove spurious punctuation.
Mark Wooding [Sat, 24 May 2014 13:00:03 +0000 (14:00 +0100)]
server/ Remove spurious punctuation.

6 years ago.gitattributes: New file; highlight bad whitespace properly in Python.
Mark Wooding [Sun, 20 Jul 2014 00:37:54 +0000 (01:37 +0100)]
.gitattributes: New file; highlight bad whitespace properly in Python.

6 years agopeerdb/ Don't start duplicate resolver queries.
Mark Wooding [Sat, 19 Jul 2014 16:22:37 +0000 (17:22 +0100)]
peerdb/ Don't start duplicate resolver queries.

Resolver queries are indexed by query domain name.  Previously, if we
find another place which wants the same name resolved, we'd overwrite
the existing query with the new one, which causes the old one to be
cancelled (despite it possibly having made progress).

(This also avoids tickling a bug in mLib's handling of aborted queries,
fixed separately.)

6 years agoserver/tun-*.c: Factor out the (very similar) TUN-like drivers.
Mark Wooding [Mon, 2 Jun 2014 21:55:32 +0000 (22:55 +0100)]
server/tun-*.c: Factor out the (very similar) TUN-like drivers.

6 years agopathmtu/pathmtu.c: Use IP_PMTUDISC_PROBE for sending the lookups.
Mark Wooding [Sat, 3 May 2014 19:04:44 +0000 (20:04 +0100)]
pathmtu/pathmtu.c: Use IP_PMTUDISC_PROBE for sending the lookups.

Linux's behaviour is very strange if you set IP_PMTUDISC_DO.  Suppose we
have this situation:

host A <-1500-> router B <-1432-> ... <-1500-> host Z

We send a 1500-byte probe from A.  Router B sends back `fragmentation
needed' with maximum size 1432.  Linux reports EMSGSIZE back to us, but
when we read IP_MTU, we get 1500 again.  OK: we send another probe with
1500, for old times' sake, but the write(2) fails with EMSGSIZE.  At
this point we give up and try binary search.  The next size we try is
1038, but write(2) fails again, inexplicably.  Subsequent binary search
succeeds, so we end up with an MTU of 1037.  This is too small for IPv6.

Using IP_PMTUDISC_PROBE instead seems to prevent Linux from being
hopeless at write(2) time.

6 years agoRelease 1.0.0pre15. 1.0.0pre15
Mark Wooding [Sat, 19 Apr 2014 13:35:06 +0000 (14:35 +0100)]
Release 1.0.0pre15.

6 years agosvc/ Allow netmasks on local and remote inside addresses.
Mark Wooding [Sat, 19 Apr 2014 13:28:58 +0000 (14:28 +0100)]
svc/ Allow netmasks on local and remote inside addresses.

This is necessary to allow IPv6 hosts to be in little subnets of their
own, which in turn lets us work around a stupid bug in Linux's IPv6
route caching and path-MTU handling.

6 years agoserver/{admin,peer}.c: Fix build failures when tracing is disabled.
Mark Wooding [Tue, 11 Mar 2014 14:32:44 +0000 (14:32 +0000)]
server/{admin,peer}.c: Fix build failures when tracing is disabled.

I don't check this often enough.

6 years agoserver/chal.c: Don't load sequence number twice.
Mark Wooding [Tue, 11 Mar 2014 14:32:12 +0000 (14:32 +0000)]
server/chal.c: Don't load sequence number twice.

This is especially embarrassing because the only other reason the
sequence number is loaded is for a trace message.  This was discovered
from compiler warning about `seq' being unused when tracing is disabled.

6 years agoRelease 1.0.0pre14. 1.0.0pre14
Mark Wooding [Tue, 28 Jan 2014 15:39:33 +0000 (15:39 +0000)]
Release 1.0.0pre14.

6 years agoMerge branch 'mdw/svc-merge'
Mark Wooding [Tue, 28 Jan 2014 15:27:27 +0000 (15:27 +0000)]
Merge branch 'mdw/svc-merge'

* mdw/svc-merge:
  debian/tripe-peer-services.postinst: Retire the old `watch' service.
  Merge the `connect' and `watch' services.
  svc/ Rename some of the functions.
  svc/ Use the `Peer' object from `connect' to carry information.

6 years agodebian/tripe-peer-services.postinst: Retire the old `watch' service.
Mark Wooding [Sat, 13 Jul 2013 15:34:40 +0000 (16:34 +0100)]
debian/tripe-peer-services.postinst: Retire the old `watch' service.

Stop the service, if necessary, and clear away its symbolic link.

6 years agoMerge the `connect' and `watch' services.
Mark Wooding [Sat, 13 Jul 2013 15:34:40 +0000 (16:34 +0100)]
Merge the `connect' and `watch' services.

The result is called `connect', because that's the one which provided
scripted external interface.  But it's best looked at as a merge of
pieces of `connect' into `watch', followed by a rename.

6 years agosvc/ Rename some of the functions.
Mark Wooding [Sat, 13 Jul 2013 15:34:40 +0000 (16:34 +0100)]
svc/ Rename some of the functions.

Functions which run commands are now called `run_...'.  The `addpeer'
and `delpeer' functions are now `adoptpeer' and `disownpeer', to make
way for like-named methods from `connect'.

6 years agosvc/ Use the `Peer' object from `connect' to carry information.
Mark Wooding [Sat, 13 Jul 2013 15:34:40 +0000 (16:34 +0100)]
svc/ Use the `Peer' object from `connect' to carry information.

The `get' method is slightly improved to do type conversions.

This replaces the ad-hoc use of dictionaries.  The code is somewhat
cleaner as a result, and very slightly longer.  But most importantly it
paves the way for a merge of these two services.

6 years agodebian/tripe-peer-services.postinst: Fix stupid typo.
Mark Wooding [Sat, 13 Jul 2013 15:34:40 +0000 (16:34 +0100)]
debian/tripe-peer-services.postinst: Fix stupid typo.

6 years agokeys/ Improve reporting of usage errors.
Mark Wooding [Thu, 9 Jan 2014 08:53:12 +0000 (08:53 +0000)]
keys/ Improve reporting of usage errors.

  * Report a readable error for a mis-typed command name, rather than a
    Python exception backtrace.

  * Diagnose arguments to a command which expects none correctly.

  * Remove the `UsageError' exception, which was never caught and is now

7 years agodebian/tripe-peer-services.postinst: New script to restart services.
Mark Wooding [Fri, 12 Jul 2013 23:49:00 +0000 (00:49 +0100)]
debian/tripe-peer-services.postinst: New script to restart services.

When the TrIPE suite is upgraded, the service package isn't usually in a
fit state when the server is restarted, so the services don't start
properly.  The answer is to have the services restarted explicitly by
their own `postinst' script.

7 years agokeys/ Only warn if all master keys are expired.
Mark Wooding [Fri, 12 Jul 2013 09:32:11 +0000 (10:32 +0100)]
keys/ Only warn if all master keys are expired.

Otherwise you get pestered throughout the rollover period.

7 years agoUse the new mLib macros for discarding uninteresting error codes.
Mark Wooding [Sat, 22 Jun 2013 16:09:05 +0000 (17:09 +0100)]
Use the new mLib macros for discarding uninteresting error codes.

7 years agoclient/tripectl.c: Fix stupid format-string bugs.
Mark Wooding [Sat, 22 Jun 2013 16:08:15 +0000 (17:08 +0100)]
client/tripectl.c: Fix stupid format-string bugs.

Possibly exploitable, but tripe's admin interface isn't usually a
security boundary.

7 years agodebian/control: Fix `pkstream' dependency on `fwd'.
Mark Wooding [Sat, 22 Jun 2013 14:55:06 +0000 (15:55 +0100)]
debian/control: Fix `pkstream' dependency on `fwd'.

It hasn't been called `fw' for many years.

7 years agoUse the new `mLib' annotations on varargs functions.
Mark Wooding [Sat, 22 Jun 2013 14:37:36 +0000 (15:37 +0100)]
Use the new `mLib' annotations on varargs functions.

This caught a couple of bugs just fixed.

7 years agoUpdate dependencies on mLib.
Mark Wooding [Sat, 22 Jun 2013 14:49:32 +0000 (15:49 +0100)]
Update dependencies on mLib.

7 years agoFix some format and other varargs errors.
Mark Wooding [Sat, 22 Jun 2013 14:33:03 +0000 (15:33 +0100)]
Fix some format and other varargs errors.

7 years agodebian: Drop CDBS in favour of plain Debhelper.
Mark Wooding [Fri, 14 Jun 2013 19:43:15 +0000 (20:43 +0100)]
debian: Drop CDBS in favour of plain Debhelper.

7 years Some random formatting tweaks.
Mark Wooding [Sun, 2 Jun 2013 14:49:39 +0000 (15:49 +0100)] Some random formatting tweaks.

7 years `Better' broken attempt to find Wireshark plugin dir.
Mark Wooding [Fri, 14 Jun 2013 19:43:15 +0000 (20:43 +0100)] `Better' broken attempt to find Wireshark plugin dir.

In that it actually succeeds on at least one system.

7 years agoserver/ Awk string indexing starts at 1.
Mark Wooding [Wed, 19 Jun 2013 18:58:17 +0000 (19:58 +0100)]
server/ Awk string indexing starts at 1.

Mawk returns a string of length n - 1 if you ask for `substr(s, 0, n)'.
This causes mismatches in the filter which is supposed to remove
spurious warnings, resulting in spurious test failures.

7 years agoserver/tun-slip.c: Fix signed/unsigned char mismatch.
Mark Wooding [Wed, 19 Jun 2013 09:31:20 +0000 (10:31 +0100)]
server/tun-slip.c: Fix signed/unsigned char mismatch.

7 years agoinit/tripe.conf: Fix erroneous variable `mode' instead of `sockmode.'
Mark Wooding [Fri, 14 Jun 2013 19:43:15 +0000 (20:43 +0100)]
init/tripe.conf: Fix erroneous variable `mode' instead of `sockmode.'

7 years agoserver: Compare MAC tags in constant time. 1.0.0pre13
Mark Wooding [Mon, 27 May 2013 21:59:19 +0000 (22:59 +0100)]
server: Compare MAC tags in constant time.

This fixes a timing attack.  If an adversary can watch the timestamp on
the server's log, then it might be possible to determine how much of a
forged packet's MAC is invalid, and thereby figure out one byte at a

This requires the new constant-time comparison function in Catacomb, so
update the dependencies.

This is release 1.0.0pre13.

7 years agopy/ Sort out the `SelIOWatcher.iterate' commentary.
Mark Wooding [Sun, 19 May 2013 18:36:52 +0000 (19:36 +0100)]
py/ Sort out the `SelIOWatcher.iterate' commentary.

It's not strictly true that `SelIOWatcher.iterate' isn't used by
`TripeCommandDispatcher', because the latter's `mainloop' method calls
it; but that's not something you need to care about unless you're also
using the service implementation framework.

7 years agopy/ More-or-less consistent quoting in docstrings.
Mark Wooding [Sun, 19 May 2013 18:25:18 +0000 (19:25 +0100)]
py/ More-or-less consistent quoting in docstrings.

7 years agopy/ Complete the docstring for `TripeCommandDispatcher'.
Mark Wooding [Sun, 19 May 2013 18:24:34 +0000 (19:24 +0100)]
py/ Complete the docstring for `TripeCommandDispatcher'.

7 years agoMerge branch 'master' of
Mark Wooding [Sat, 4 May 2013 21:47:33 +0000 (22:47 +0100)]
Merge branch 'master' of

* 'master' of
  server/keymgmt.c: Refactor key loading.

7 years agoserver/keymgmt.c: Refactor key loading.
Mark Wooding [Wed, 17 Apr 2013 19:51:01 +0000 (20:51 +0100)]
server/keymgmt.c: Refactor key loading.

The old code was rather formulaic and ripe for some abstraction.  The
new version is built out of some slightly hairy macros; the prototype is
in `udpkey'.  There is a small reduction in the raw size of the code,
but the main benefit is the better factoring.

Setting up of the public key slot `kd->kpub' is now done by the
individual methods rather than in `loadpriv'.  This makes it possible to
keep the on-error-cleanup code common between the private and public
key-loading methods, so we only need a single copy of the boilerplate.
There's still only one copy of this code in the source.

7 years agokeys/: New `check' command to remind about keys about to expire. 1.0.0pre12.2
Mark Wooding [Thu, 7 Feb 2013 10:27:51 +0000 (10:27 +0000)]
keys/: New `check' command to remind about keys about to expire.

This is version 1.0.0pre12.2.

7 years agodebian: Get Wireshark version from the right place. 1.0.0pre12.1
Mark Wooding [Sat, 12 Jan 2013 22:32:29 +0000 (22:32 +0000)]
debian: Get Wireshark version from the right place.

This is version 1.0.0pre12.1.

7 years agoExplicit close-down notifications. 1.0.0pre12
Mark Wooding [Sat, 5 Jan 2013 07:52:43 +0000 (07:52 +0000)]
Explicit close-down notifications.

Suppose I have a mobile device, and I roam from one peer to another in
the same organization.  The old peer will continue to believe that I'm
connected through it until it notices, some time later, that pings
aren't getting through to me; it will therefore be sending packets to me
through its broken tunnel.  Suppose further that the organization is
using some dynamic routing protocol in order to propagate information
about how packets to me ought to be routed: then, this old peer will be
continuing to advertise its broken route to me, and all hosts closer to
the old peer than the new one will use the wrong route, until the
connection gets pinged out.

We can fix this by having the mobile peer send some explicit
notification.  It doesn't have to be completely reliable, fortunately.
This change touches a fair few pieces of the code, but in simple ways.

  * `connect' grows a new command to map a user name to a peer name.

  * `watch' grows the ability to issue a `disconnect' command.

  * The default `' file passes an explicit argument in its
    `connect' SSH rune, and adds a `disconnect' rune with a different
    action argument.

  * The contributed `knock' script knows about these new actions, and
    how to pass them about.  This is pretty much a rewrite, but it was a
    very simple program before.

7 years agosvc/conntrack{,.8}.in: Better diagnostics.
Mark Wooding [Sat, 15 Dec 2012 19:16:22 +0000 (19:16 +0000)]
svc/conntrack{,.8}.in: Better diagnostics.

Add some debugging output, and improve the notifications.  I recently
had a problem which I thought might have been conntrack misbehaving, but
I couldn't tell.  It turns out that conntrack was innocent, but this
will help in future cases.

7 years agosvc/ Insert missing dedent in notification list.
Mark Wooding [Sat, 15 Dec 2012 19:15:57 +0000 (19:15 +0000)]
svc/ Insert missing dedent in notification list.

7 years agoRelease 1.0.0pre11.1. 1.0.0pre11.1
Mark Wooding [Sat, 15 Dec 2012 14:14:47 +0000 (14:14 +0000)]
Release 1.0.0pre11.1.

7 years agoserver/admin.c, server/ Fix PEERINFO segfault.
Mark Wooding [Sat, 15 Dec 2012 13:40:57 +0000 (13:40 +0000)]
server/admin.c, server/ Fix PEERINFO segfault.

It's allowed for p_privtag to return null, so just trying to print it is
a bad idea.  This introduces a protocol change, since there is no single
tag chosen in the absence of `-priv' or `-t' options -- instead, there's
a search list; this is represented with the special tag `(default)'.

7 years agoserver/keymgmt.c: Fix warning message to match documentation.
Mark Wooding [Sat, 15 Dec 2012 14:10:42 +0000 (14:10 +0000)]
server/keymgmt.c: Fix warning message to match documentation.

7 years agoserver/ Document `-priv' option to ADD command.
Mark Wooding [Sat, 15 Dec 2012 14:11:41 +0000 (14:11 +0000)]
server/ Document `-priv' option to ADD command.

This should have been added as part of fe2a5dcf...

8 years Fix include path tweaking.
Mark Wooding [Tue, 16 Oct 2012 19:08:37 +0000 (20:08 +0100)] Fix include path tweaking.

For some reason, the include directories were set in CPPFLAGS rather
than AM_CPPFLAGS, which is just a mistake.

Also, astonishingly, the makefile botched adding $(top_builddir)/config
to the include path.  This obviously never worked.  Fortunately,
Automake magically included the correct path by itself, so just remove
the embarrassing mistake and pretend it never happened.

8 years, Build pathmtu unconditionally.
Mark Wooding [Tue, 16 Oct 2012 00:35:41 +0000 (01:35 +0100)], Build pathmtu unconditionally.

It's notionally portable nowadays, so shouldn't be restricted to Linux

8 years agodebian/changelog: Prepare for release. 1.0.0pre11
Mark Wooding [Wed, 21 Mar 2012 16:25:08 +0000 (16:25 +0000)]
debian/changelog: Prepare for release.

8 years agoMerge branch 'mdw/multi-priv'
Mark Wooding [Tue, 18 Sep 2012 02:32:53 +0000 (03:32 +0100)]
Merge branch 'mdw/multi-priv'

* mdw/multi-priv:
  server/, t/keyring-*: New tests for key management.
  Allow different peer associations to use different private keys.
  server: Use the new kdata system.
  server/{keymgmt.c,tripe.h}: Unify public and private key handling.
  server/keyexch.c: Prefix crypto-details trace messages correctly.
  server/{keymgmt.c,}: Improve key-management errors.
  admin.c (a_format): New function formats token sequences to strings.


8 years agoMerge branch 'mdw/backoff'
Mark Wooding [Tue, 18 Sep 2012 02:30:28 +0000 (03:30 +0100)]
Merge branch 'mdw/backoff'

* mdw/backoff:
  server/ Test key exchange and retransmit with a flaky network.
  server/ Add a retry loop in `COMMS_EPING'.
  proxy: Add a `drop' filter to randomly discard packets.
  server/keyexch.c: Randomized exponential retransmit backoff.
  server/keyexch.c: Use high-resolution `struct timeval' timers.
  server/{keyexch.c,keyset.c}: Eliminate `ks_tregen'.
  server/{keyexch.c,keyset.c}: Move timing parameters to tripe.h.


8 years agopathmtu/pathmtu.c: Fix search algorithm.
Mark Wooding [Mon, 17 Sep 2012 13:31:08 +0000 (14:31 +0100)]
pathmtu/pathmtu.c: Fix search algorithm.

Turns out I can't write a binary search algorithm.  Fiddle with it so
that it doesn't get stuck sometimes.  Some of the bounds management is a
little tricky, so add some documentation and assertions to make sure
that everything is as expected.

8 years agoserver/, t/keyring-*: New tests for key management.
Mark Wooding [Thu, 26 Jan 2012 00:09:25 +0000 (00:09 +0000)]
server/, t/keyring-*: New tests for key management.

Ensure that everything works when different peer associations use
different private keys, and when the keys, algorithms and groups change
under our feet.

This involves adding a new peer to the keyrings, and inventing a new
keyring.  More interestingly, it also involves plumbing together a
network of three peers, which is where the earlier refactoring of the
test communications machinery pays off.

8 years agoAllow different peer associations to use different private keys.
Mark Wooding [Wed, 25 Jan 2012 23:49:47 +0000 (23:49 +0000)]
Allow different peer associations to use different private keys.

Add a `peertag' slot to the `peerspec' structure stating which private
key to use; a null pointer means to use the default `tag_priv'.  Add a
`p_privtag' function to retrieve the private key tag to use.

The ADD command now has a `-priv' option which sets this slot
appropriately.  The `connect' service fetches a `priv' key. from the
database to set this option.

8 years agoserver: Use the new kdata system.
Mark Wooding [Wed, 25 Jan 2012 23:18:20 +0000 (23:18 +0000)]
server: Use the new kdata system.

Challenges use the algorithms associated with the master key.  This will
continue to be the case, since there isn't a specific private or public
key to associate with the challenge.

It looks like the keyexch subsystem has been turned upside-down, but
apart from the initialization and key refresh it's all just a matter of
adding the necessary indirections into group and algorithm lookups.

Since algorithms are now (logically, at least) distinct for different
peer associations, allow a `peer' argument to the ALGS command, and pass
the correct information to the ifup script so that it can calculate the
MTU properly.

At this point, we no longer need the compatibility interface in keymgmt,
so remove it, and the molly-guard preventing updates to the master key.

8 years agoserver/{keymgmt.c,tripe.h}: Unify public and private key handling.
Mark Wooding [Wed, 25 Jan 2012 10:30:11 +0000 (10:30 +0000)]
server/{keymgmt.c,tripe.h}: Unify public and private key handling.

We introduce a new `kdata' object which represents a particular instance
of a key and remembers all sorts of useful things about it including its
name, associated algorithms, and so on.  It can represent either a
public or private key, since the only difference is whether it has a
private scalar.  These kdata objects are reference counted and exposed
to callers, though the old interface is, for now, retained for

Internally, the private/public split is pushed quite far down using a
`keyhalf' structure to keep track of the differences between the two

There's a layer of caching and continuity management.  Each key tag maps
to a `knode' object which represents all the versions (i.e., different
kdata representations) of that key, and allows you to find the current
version.  A kdata object has a reference back to its home knode.

Since private keys are handled (mostly) in the same way as public keys,
there can also be multiple versions of private keys, and multiple
different private keys.  The code maintains a `preferred' private key,
and exports a pointer to its kdata as `master'.

As mentioned, there are some compatibility interfaces in place at the
moment, which maintain the old global key information and prevent
inconsistencies.  For example, currently the `master' kdata is only
allowed to advance if its group matches the previous one.  The plan is
to remove this global information, and allow peers to use different
versions of different private keys; peers will be responsible for
ensuring the consistency of the keys they use, and will be able to do
this without interfering with each other.

8 years agoserver/keyexch.c: Prefix crypto-details trace messages correctly.
Mark Wooding [Wed, 25 Jan 2012 00:43:14 +0000 (00:43 +0000)]
server/keyexch.c: Prefix crypto-details trace messages correctly.

8 years agoserver/{keymgmt.c,}: Improve key-management errors.
Mark Wooding [Wed, 25 Jan 2012 00:31:28 +0000 (00:31 +0000)]
server/{keymgmt.c,}: Improve key-management errors.

Many of the errors are rather vague and not well documented.  Overhaul
the way that errors are reported and propagated in the keymgmt subsystem
and document all of the various error conditions in detail.

8 years agoadmin.c (a_format): New function formats token sequences to strings.
Mark Wooding [Tue, 24 Jan 2012 02:00:38 +0000 (02:00 +0000)]
admin.c (a_format): New function formats token sequences to strings.

This will be useful for building fragments of messages to be assembled
by higher-level functions.

8 years agoserver/peer.c, server/ Handle NAT swapping over peer addresses.
Mark Wooding [Mon, 7 May 2012 13:37:05 +0000 (14:37 +0100)]
server/peer.c, server/ Handle NAT swapping over peer addresses.

Previously, we'd notice when a mobile peer switched address (e.g., due
to NAT) to one that wasn't currently known; but it seems that some
particularly awful NAT boxes will actually swap over the addresses
assigned to two peers on the wrong side of it.  The static hub peer will
see this as a bunch of decryption failures but not do anything about
it.  Eventually the mobile peers will notice a ping timeout and
reconnect, but this can take a while.

So, when we get a decryption failure from a mobile peer, see whether any
other mobile peers are interested in it.

8 years agopkstream/pkstream.c: Have `-b' affect the listening mode too.
Mark Wooding [Mon, 7 May 2012 12:31:44 +0000 (13:31 +0100)]
pkstream/pkstream.c: Have `-b' affect the listening mode too.

8 years agoserver/, t/keyring-*: Handle three-party tests.
Mark Wooding [Mon, 7 May 2012 11:42:12 +0000 (12:42 +0100)]
server/, t/keyring-*: Handle three-party tests.

This involves a new Autotest macro WITH_3TRIPES and a new party in each
of the keyrings.

8 years agoserver/, t/keyring-*: Rename test keyrings.
Mark Wooding [Thu, 26 Jan 2012 00:04:09 +0000 (00:04 +0000)]
server/, t/keyring-*: Rename test keyrings.

We're going to be playing games with these which will change which
groups they use, so naming them after the groups is silly.

Also switch the prime group to use a smaller field (catacomb-ll-160-1024
specifically) because the primality checking takes ages and we don't
actually need any security.

8 years agoserver/peer.c: Handle mobile peers switching addresses.
Mark Wooding [Mon, 7 May 2012 11:29:33 +0000 (12:29 +0100)]
server/peer.c: Handle mobile peers switching addresses.

Previously, we would track a mobile peer if it changed its address to
one that wasn't currently in use by any peer; but it seems that some
benighted NAT boxes will actually mix up the addresses assigned to
active peers, so we must spot the decryption errors and try to match
them up again.

8 years agoserver/peer.c: Delay updating peer stats.
Mark Wooding [Sun, 6 May 2012 23:31:03 +0000 (00:31 +0100)]
server/peer.c: Delay updating peer stats.

Previously we'd update as soon as we'd found a peer, but that's not
quite right.  We're going to have p_decrypt change our mind about which
peer this if we get a decryption error, so it'd be bad if we'd
prematurely updated the wrong peer.

8 years agoserver/peer.c: Only scan mobile peers when source address is unknown.
Mark Wooding [Sun, 6 May 2012 23:27:20 +0000 (00:27 +0100)]
server/peer.c: Only scan mobile peers when source address is unknown.

8 years agocontrib/ Login script for establishing dynamic associations.
Mark Wooding [Wed, 25 Apr 2012 20:14:16 +0000 (21:14 +0100)]
contrib/ Login script for establishing dynamic associations.

8 years agocontrib/README: Fix missing description of the `greet' tool.
Mark Wooding [Wed, 25 Apr 2012 20:10:50 +0000 (21:10 +0100)]
contrib/README: Fix missing description of the `greet' tool.

8 years agoinit/ Look for the socket in the correct place.
Mark Wooding [Wed, 25 Apr 2012 20:09:38 +0000 (21:09 +0100)]
init/ Look for the socket in the correct place.

If TRIPESOCK is a relative name then the script would look for it
relative to the current directory rather than the correct TRIPEDIR

8 years agocontrib/ Grotty script to send a TrIPE greeting packet.
Mark Wooding [Mon, 23 Apr 2012 17:11:11 +0000 (18:11 +0100)]
contrib/ Grotty script to send a TrIPE greeting packet.

Useful for testing.

8 years agoinit/ Install `tripe.conf' as data, not executable.
Mark Wooding [Mon, 23 Apr 2012 17:07:01 +0000 (18:07 +0100)]
init/ Install `tripe.conf' as data, not executable.

8 years agoserver/peer.c: Fix `unknown-category' message.
Mark Wooding [Mon, 23 Apr 2012 17:06:12 +0000 (18:06 +0100)]
server/peer.c: Fix `unknown-category' message.

A missing comma caused adjacent-string-literal pasting.

8 years agosvc/ Fix startup scan to initialize unwatched connections.
Mark Wooding [Mon, 23 Apr 2012 16:49:30 +0000 (17:49 +0100)]
svc/ Fix startup scan to initialize unwatched connections.

There's no point defining connection parameters for a peer unless
something's going to act on them, and that something is watch(8).  On
startup (the `--startup' switch), we're meant to notice existing peers
(probably established by connect(8)) and ensure that they're set up
properly.  This initial pass over the peer list is done by
Pinger.rescan, which /usually/ is interested only in watched peers that
need pinging.  It therefore ignores unwatched peers, with the result
that pre-existing unwatched peers are left unconfigured.  Subsequent
peers are detected through the notification mechanism and processed by
the addpeers function which works correctly.

Now, if startup is set, Pinger.rescan tracks all peers and invokes
addpeer on them.

The code relies on the fact that a startup scan is done only once, when
the peer list is empty.  Otherwise it'll reconfigure existing peers,
which is probably a mistake.

8 years agosvc/ Add some debugging output to the `rescan' function.
Mark Wooding [Mon, 23 Apr 2012 16:45:48 +0000 (17:45 +0100)]
svc/ Add some debugging output to the `rescan' function.

Slightly easier to keep track of what's going on.

8 years agodebian/rules: Throw the contrib scripts into `examples'.
Mark Wooding [Fri, 16 Mar 2012 09:47:50 +0000 (09:47 +0000)]
debian/rules: Throw the contrib scripts into `examples'.

8 years agosvc/ Explicitly tag routes as `static'.
Mark Wooding [Thu, 22 Mar 2012 00:28:59 +0000 (00:28 +0000)]
svc/ Explicitly tag routes as `static'.

Otherwise BIRD, in particular, ignores the routes, which is a shame
because we'd ideally like it to propagate them.

8 years agopeerdb/ Set passive peers as mobile by default.
Mark Wooding [Wed, 21 Mar 2012 21:41:11 +0000 (21:41 +0000)]
peerdb/ Set passive peers as mobile by default.

8 years agosvc/ Bring up the interface before adding routes.
Mark Wooding [Wed, 21 Mar 2012 19:04:27 +0000 (19:04 +0000)]
svc/ Bring up the interface before adding routes.

It doesn't work the other way around.  Except when I was testing it, for
some reason.

8 years agoserver/ Test key exchange and retransmit with a flaky network.
Mark Wooding [Wed, 1 Feb 2012 22:56:55 +0000 (22:56 +0000)]
server/ Test key exchange and retransmit with a flaky network.

Aha!  A use for `tripe-mitm'!

8 years agoserver/ Add a retry loop in `COMMS_EPING'.
Mark Wooding [Wed, 1 Feb 2012 22:55:57 +0000 (22:55 +0000)]
server/ Add a retry loop in `COMMS_EPING'.

We will want to test this in the context of an unreliable network later.

8 years agoproxy: Add a `drop' filter to randomly discard packets.
Mark Wooding [Wed, 1 Feb 2012 21:29:56 +0000 (21:29 +0000)]
proxy: Add a `drop' filter to randomly discard packets.

I'm surprised there wasn't one of these already.

8 years agoserver/keyexch.c: Randomized exponential retransmit backoff.
Mark Wooding [Wed, 1 Feb 2012 21:13:01 +0000 (21:13 +0000)]
server/keyexch.c: Randomized exponential retransmit backoff.

Rather than retrying after a constant delay, increase the delay by a
constant factor.  We now start with a smaller retransmit interval, and
cap at a fairly long wait.  Also introduce a random `wobble'
proportional to the delay in order to prevent a server being hammered by
a swarm of clients acting in unison if it comes back after an outage.

8 years agoserver/keyexch.c: Use high-resolution `struct timeval' timers.
Mark Wooding [Wed, 1 Feb 2012 21:10:56 +0000 (21:10 +0000)]
server/keyexch.c: Use high-resolution `struct timeval' timers.

8 years agoserver/{keyexch.c,keyset.c}: Eliminate `ks_tregen'.
Mark Wooding [Wed, 1 Feb 2012 21:04:30 +0000 (21:04 +0000)]
server/{keyexch.c,keyset.c}: Eliminate `ks_tregen'.

Instead, compute the regeneration time directly.

8 years agoserver/{keyexch.c,keyset.c}: Move timing parameters to tripe.h.
Mark Wooding [Wed, 1 Feb 2012 20:59:31 +0000 (20:59 +0000)]
server/{keyexch.c,keyset.c}: Move timing parameters to tripe.h.

Now everyone can use them.

8 years agopathmtu/pathmtu.{c,}: New algorithms for path-MTU discovery.
Mark Wooding [Wed, 21 Mar 2012 16:05:00 +0000 (16:05 +0000)]
pathmtu/pathmtu.{c,}: New algorithms for path-MTU discovery.

Implement path-MTU discovery using raw sockets rather than Linux's fancy
socket options.  This should improve portability to other systems.

This involves splitting the logic which chooses probe sizes and
determines the resulting MTU from the underlying machinery which
manufactures packets and collects results.