chiark / gitweb /
10 years agouslip: Fix SLIP escape handling.
Mark Wooding [Sat, 20 Dec 2008 11:39:32 +0000 (11:39 +0000)]
uslip: Fix SLIP escape handling.

In particular, do_slip_in failed to leave ESC mode having handled the
escaped character.

10 years agoserver/admin: Fix client destruction some more.
Mark Wooding [Sun, 14 Dec 2008 22:03:21 +0000 (22:03 +0000)]
server/admin: Fix client destruction some more.

It's possible that finally destroying a client can kill others.  For
example, if the second client (a) has sent EOF, and (b) has a background
command outstanding with the first; then when the first sends EOF, the
second gets taken down too.

Unfortunately, what actually happens in this case is that the newly
defunct clients get put on the dead list -- and then ignored because the
dead list is silently killed at the end of a_destroypending.  Fix by
clearing the list at the top of a_destroypending, and doing the whole
job repeatedly until there are no more cascades.

The change is mostly indenting a loop: it looks less scary with -b.

10 years agoserver/keyexch: Store check-value key hash in the right place.
Mark Wooding [Sun, 14 Dec 2008 04:20:30 +0000 (04:20 +0000)]
server/keyexch: Store check-value key hash in the right place.

Another botch from de7bd20be1c41f8f70e98ab498ffb4a82800a9d8.  The
respond function stashes a hash of the peer's check value so we can
recognize it again without having to verify it fully.  Unfortunately, it
stashes it in the wrong slot, so (a) it gets overwritten immediately
afterwards, and (b) the code which actually tries to do the checking
finds some rubbish instead.

The most prominent symptom of this bug under normal circumstances is a
large number of bad-expected-reply-log warnings in the log file.  What
happens is that, after a successful key exchange, the two peers end up
quite precisely synchronized -- so much so, indeed, that they're very
likely to run the entire key exchange protocol truly simultaneously.  As
a result, we have to process both a full challenge and a reply, both of
which contain a check field.  The second time, this fails because of the
bug.  This continues until the two fall out of lock-step with each

10 years agoserver/keyexch: Fix message name table in trace output.
Mark Wooding [Sun, 14 Dec 2008 04:14:54 +0000 (04:14 +0000)]
server/keyexch: Fix message name table in trace output.

In de7bd20be1c41f8f70e98ab498ffb4a82800a9d8, I removed the pre-challenge
message in order to streamline the protocol.  Unfortunately, I forgot to
update the pkname table which maps message numbers to human-readable
name strings, which makes decoding trace messages rather difficult.

10 years agomaint-utils: Handy script to make the `bleeding' branch.
Mark Wooding [Sat, 13 Dec 2008 17:54:51 +0000 (17:54 +0000)]
maint-utils: Handy script to make the `bleeding' branch.

10 years agoserver/admin: Brown-paper-bag fix.
Mark Wooding [Mon, 8 Dec 2008 20:14:24 +0000 (20:14 +0000)]
server/admin: Brown-paper-bag fix.

Commit 165efde7 changed a_resolve to not require a port number.
Unfortunately, I botched it and wrote a test for av[i + 1] as
av[i + i].  Result with i = 0: very different.

While investigating this bug, I became nervous about the number of
is-av[i]-null tests going on when str_qsplit doesn't actually guarantee
to leave a null terminator behind if it uses all the array slots.  So
I've allocated an extra slot and zeroed it explicitly.

10 years agoinit/tripe-init: Pass correct options for setting the user and group.
Mark Wooding [Mon, 8 Dec 2008 13:56:19 +0000 (13:56 +0000)]
init/tripe-init: Pass correct options for setting the user and group.

They're capitals, -U and -G, not -u and -g.

10 years Actually apply PACKAGE and VERSION substitutions.
Mark Wooding [Mon, 8 Dec 2008 13:35:55 +0000 (13:35 +0000)] Actually apply PACKAGE and VERSION substitutions.

How embarrassing to have forgotten this!

10 years agoserver: Test script.
Mark Wooding [Mon, 8 Dec 2008 12:11:28 +0000 (12:11 +0000)]
server: Test script.

10 years agoserver: Option `-F' to run the server in the `foreground'.
Mark Wooding [Mon, 8 Dec 2008 12:11:28 +0000 (12:11 +0000)]
server: Option `-F' to run the server in the `foreground'.

This means that the server will quit when it sees EOF on standard
input.  Useful for testing, since it means that your processes aren't
going to continue running after you let them off the leash.

Also make tripectl pass `-F' to a tripe that it's starting up so that it
won't continue without (say) logging.

10 years agoserver: Actually recognize -n on the command line.
Mark Wooding [Mon, 8 Dec 2008 12:11:28 +0000 (12:11 +0000)]
server: Actually recognize -n on the command line.

For some reason this got missed out of the short-options list.  I've now
eyeballed the long- and short-options lists and checked that there
aren't any other missing entries.

10 years agoserver: Introduce another temporary buffer for debugging output.
Mark Wooding [Mon, 8 Dec 2008 12:11:28 +0000 (12:11 +0000)]
server: Introduce another temporary buffer for debugging output.

Debugging output trashed important things like hashes in buf_t.
Introduce a new buf_u and use that in functions like mpstr and gestr.

10 years agouslip: New program providing a fake SLIP interface.
Mark Wooding [Mon, 8 Dec 2008 12:11:20 +0000 (12:11 +0000)]
uslip: New program providing a fake SLIP interface.

This is useful for doing testing on a single machine.  We'll work out
how to test the system-specific tunnel drivers later, but that really
will need multiple machines.

10 years agoserver, common: New header slip.h contains definitions for SLIP.
Mark Wooding [Mon, 8 Dec 2008 12:10:40 +0000 (12:10 +0000)]
server, common: New header slip.h contains definitions for SLIP.

This will be needed by another program as well.

10 years agokeys: Add test script.
Mark Wooding [Mon, 8 Dec 2008 12:10:39 +0000 (12:10 +0000)]
keys: Add test script.

I've recently found a number of bugs in this area, so it's probably
worth writing a test script to make sure they stay dead.

This wouldn't be complete without some edits to the tripe-keys script,
so (a) make it executable in the build tree, and (b) flush output before
running subprocesses so that the output appears in the correct order
even when it's redirected to a file.

10 years agoAdd testing infrastructure.
Mark Wooding [Mon, 8 Dec 2008 12:10:39 +0000 (12:10 +0000)]
Add testing infrastructure.

10 years agoinfra: Ignore log files.
Mark Wooding [Mon, 8 Dec 2008 12:09:43 +0000 (12:09 +0000)]
infra: Ignore log files.

Debhelper seems to have started leaving these log files behind, which
may be useful but they certainly have no business upsetting Git.

10 years agoserver, common: Split more code into utilities.
Mark Wooding [Mon, 8 Dec 2008 12:00:14 +0000 (12:00 +0000)]
server, common: Split more code into utilities.

  * Move mystrieq to server/servutil.c where it belongs.

  * Move code to resolve user and group names, and to set user and
    group, into common/util.c where the client can get at it.  (This
    will eventually be useful for privilege separation.)

10 years agoVarious minor cleanups.
Mark Wooding [Mon, 8 Dec 2008 10:41:08 +0000 (10:41 +0000)]
Various minor cleanups.

  * Spacing fix in server/peer.c.

  * Minor reformatting in tunnel drivers and client.

  * Remove bogus declaration for long-dead u_daemon in common/util.h.

  * Reformatting of client/tripectl.c.

10 years agotripe.h: Make job index be unsigned int, not unsigned short.
Mark Wooding [Mon, 8 Dec 2008 10:41:08 +0000 (10:41 +0000)]
tripe.h: Make job index be unsigned int, not unsigned short.

This is mainly (a) because we don't actually save space by using a
short, and (b) because it shuts up a compiler warning.

The warning is annoying.  The compiler complains that it has proven that
an assertion is always true.  Of course, it's nice when it can prove my
assertions, but they're /meant/ to be provably true!

This particular instance is particularly annoying, since it's only
/trivially/ true in the sense the compiler is warning about as a result
of a coincidence of data-type ranges, which may not hold on other
architectures -- on which the assertion is nontrivial but still


10 years agoserver/peer: Use hash tables to find peer records.
Mark Wooding [Mon, 8 Dec 2008 10:11:57 +0000 (10:11 +0000)]
server/peer: Use hash tables to find peer records.

10 years Trivial whitespace fixes.
Mark Wooding [Mon, 8 Dec 2008 10:10:51 +0000 (10:10 +0000)] Trivial whitespace fixes.

Pesky spaces sneaking in before tabs.

10 years agopython: Replace sre by plain re.
Mark Wooding [Mon, 8 Dec 2008 02:22:23 +0000 (02:22 +0000)]
python: Replace sre by plain re.

Annoyingly, Python 2.4 documentation suggests that sre is the right
module to use.

10 years agodebian: Don't depend on sysvinit.
Mark Wooding [Mon, 8 Dec 2008 01:18:17 +0000 (01:18 +0000)]
debian: Don't depend on sysvinit.

It seems that this is bad form.  Nobody else does it, and it stops the
package working on Ubuntu.

11 years agokeys: Reformat in line with my newer commenting conventions.
Mark Wooding [Sat, 5 Apr 2008 12:27:13 +0000 (13:27 +0100)]
keys: Reformat in line with my newer commenting conventions.

11 years agoOverhaul manual pages.
Mark Wooding [Sat, 5 Apr 2008 12:26:24 +0000 (13:26 +0100)]
Overhaul manual pages.

Make the source code look prettier, and attach copyright notices to them

11 years agotripe-keys.conf.5: Description of sig-url shouldn't be circular!
Mark Wooding [Sat, 5 Apr 2008 12:25:14 +0000 (13:25 +0100)]
tripe-keys.conf.5: Description of sig-url shouldn't be circular!

Just a typo.

11 years agotripe-keys: Don't hard-code the `-l' flag when generating master keys.
Mark Wooding [Sat, 5 Apr 2008 12:24:40 +0000 (13:24 +0100)]
tripe-keys: Don't hard-code the `-l' flag when generating master keys.

It makes automated testing painful.  Instead, provide a configuration
parameter master-keygen-flags which defaults to -l but can be overridden
by people who know what they're doing.

11 years agotripe-keys: Provide upload-hook for more complicated publishing.
Mark Wooding [Sat, 5 Apr 2008 12:23:21 +0000 (13:23 +0100)]
tripe-keys: Provide upload-hook for more complicated publishing.

The existing arrangement of writing the updated files to a local directory
are satisfactory for simple situations, but it's not actually desirable
to handle sensitive cryptographic keys (e.g., the TrIPE master key!) on
the same machine as a public-facing web server.

The upload-hook can contain an arbitrary shell-command, though it'll
typically be an invocation of rsync or similar.

11 years agotripe-keys: Fix iteration over keyring.
Mark Wooding [Sat, 5 Apr 2008 12:19:35 +0000 (13:19 +0100)]
tripe-keys: Fix iteration over keyring.

In catacomb-python 426e898f..., KeyFile was changed to iterate over
key-ids rather than keys, for consistency with other mapping objects.
This means that we need to use itervalues explicitly now.

11 years agoBuild system overhaul to conform to new standards.
Mark Wooding [Wed, 19 Mar 2008 00:44:06 +0000 (00:44 +0000)]
Build system overhaul to conform to new standards.

  * Rename to, and rewrite using modern
    Autoconf macros.

  * Rewrite the Makefiles to be cleaner and more readable, using
    Automake conditionals and appending.

  * Move the manpages to live with their respective code components
    rather than languishing in their own subdirectory.

  * Switch the Debian build process over to using CDBS.

11 years agodoc/tripe.8: Fix layout of synopsis section.
Mark Wooding [Wed, 19 Mar 2008 12:56:40 +0000 (12:56 +0000)]
doc/tripe.8: Fix layout of synopsis section.

Something got upset by the whitespace stripping, I think.

11 years agoserver: Add a peer without sending key-exchange packets.
Mark Wooding [Tue, 18 Mar 2008 20:21:11 +0000 (20:21 +0000)]
server: Add a peer without sending key-exchange packets.

When contacting a passive peer, the initial pre-challenge will cause the
peer to complain about an unsolicited packet.  The -cork option to ADD
makes the new peer silent until contacted by the (presumably awoken)
passive peer.

11 years agoProvide a pkg-config file for use by separately compiled services.
Mark Wooding [Tue, 18 Mar 2008 20:21:02 +0000 (20:21 +0000)]
Provide a pkg-config file for use by separately compiled services.

11 years agodebian: Pre-emptive reorganization.
Mark Wooding [Tue, 18 Mar 2008 20:21:02 +0000 (20:21 +0000)]
debian: Pre-emptive reorganization.

Use dh_install to install things into the correct packages.  It's
getting too cumbersome to do all this by hand.

11 years agoRemove crufty old CVS $Id$ markers.
Mark Wooding [Tue, 18 Mar 2008 20:21:02 +0000 (20:21 +0000)]
Remove crufty old CVS $Id$ markers.

11 years agoInfrastructure: Get it building again, using pkg-config.
Mark Wooding [Tue, 18 Mar 2008 00:30:42 +0000 (00:30 +0000)]
Infrastructure: Get it building again, using pkg-config.

12 years agoUse the new official IANA-allocated port number 4070.
Mark Wooding [Wed, 11 Jul 2007 22:21:17 +0000 (23:21 +0100)]
Use the new official IANA-allocated port number 4070.

This is now the default port selected by the server (say -p0 for
explicit dynamic allocation).  Also let the ADDR command default to 4070
so that nobody needs to remember it.

12 years agoserver/tun-unet: Fix stupidity in t_create.
Mark Wooding [Thu, 5 Jul 2007 10:02:00 +0000 (11:02 +0100)]
server/tun-unet: Fix stupidity in t_create.

Obviously I never watched this build carefully enough.

12 years agocleanup: Whitespaces fixes, left right and centre.
Mark Wooding [Sun, 28 Jan 2007 23:10:31 +0000 (23:10 +0000)]
cleanup: Whitespaces fixes, left right and centre.

12 years agodoc: Fix distribution of generated manpages.
Mark Wooding [Thu, 11 Jan 2007 00:10:25 +0000 (00:10 +0000)]
doc: Fix distribution of generated manpages.

Oops, this is leftover from change 797cf76b...

Also fix the tripemon(8) manpage to use configured paths, and (cheekily)
fix tripemon itself to support TRIPESOCK.

12 years agoserver: Fix some bad warning messages.
Mark Wooding [Thu, 11 Jan 2007 00:06:46 +0000 (00:06 +0000)]
server: Fix some bad warning messages.

Oops, the arguments to some calls to a_warn are malformed and can cause
crashes.  Fix them.

12 years agoserver: Correct handling of interface names in tun interface.
Mark Wooding [Thu, 11 Jan 2007 00:04:39 +0000 (00:04 +0000)]
server: Correct handling of interface names in tun interface.

Now that interface names can be changed, we need to let the tunnel
driver know of changes so that it can produce the right messages when
things go weird.  It's better to let the peer edifice handle interface
names, so

  * let `create' return the interface name rather than have p_ifname ask
    the tunnel explicitly, and

  * replace the `ifname' query with an optional `setifname'
    notification, which is currently used only by the SLIP driver to
    maintain the correct name for its persistent interfaces.

12 years Reformat --with-logfile help text.
Mark Wooding [Sun, 7 Jan 2007 19:05:23 +0000 (19:05 +0000)] Reformat --with-logfile help text.

12 years agoUseful functions (u_daemon and versioncmp) moved to mLib.
Mark Wooding [Sun, 7 Jan 2007 19:02:15 +0000 (19:02 +0000)]
Useful functions (u_daemon and versioncmp) moved to mLib.

Remove the code here, and use the mLib versions.

12 years agodebian: Still making tripe-ethereal, so ignore directory
Mark Wooding [Sun, 7 Jan 2007 19:01:22 +0000 (19:01 +0000)]
debian: Still making tripe-ethereal, so ignore directory

12 years agoNew environment variable TRIPESOCK.
Mark Wooding [Thu, 4 Jan 2007 11:27:03 +0000 (11:27 +0000)]
New environment variable TRIPESOCK.

Provides a handy default for the `--admin-socket' option.  Added

Also fixed paths in documentation to reflect the configuration choices;
in particular, they were wrong in the Debian build.

12 years agoclient/tripectl: Flush output after each line.
Mark Wooding [Wed, 3 Jan 2007 18:44:09 +0000 (18:44 +0000)]
client/tripectl: Flush output after each line.

Otherwise script users can be left hanging for long periods of time.

12 years agoserver/admin: Fix core dump if ADD wasn't given enough arguments.
Mark Wooding [Wed, 3 Jan 2007 18:43:20 +0000 (18:43 +0000)]
server/admin: Fix core dump if ADD wasn't given enough arguments.

Just a stupid off-the-end-of-the-array error.

12 years agotripectl: Quotify the arguments rather than hoping for the best.
Mark Wooding [Mon, 1 Jan 2007 15:46:36 +0000 (15:46 +0000)]
tripectl: Quotify the arguments rather than hoping for the best.

To make this work, move quotify from admin to the shared utilities.

12 years agoMerge branches 'cleanup' and 'services'
Mark Wooding [Mon, 1 Jan 2007 15:30:39 +0000 (15:30 +0000)]
Merge branches 'cleanup' and 'services'

* cleanup:
  server/admin: Fix tokenization of statistics output.
  Fix typos in messages.
  doc: Various small cleanups to tripe-admin.5.
  cleanup: Various simple whitespace changes.
  cleanup: Rename a few badly-chosen variables.

* services:
  doc: Document the services messages.
  admin: Implement the main job commands.
  admin: Implement job table infrastructure.
  admin: Service ownership infrastructure and commands.
  servutil: Implement version number comparison.
  admin: New ?TOKENS formatting directive.
  admin: Rename the unknown-service error.
  admin: Improve handling of background jobs.
  admin: Option parser macros.
  admin: Put all command options at the start of the command-line.
  admin: Fix premature close in a_bgrelease.
  admin: Remove locking; new safe client destruction.



12 years agodoc: Document the services messages.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
doc: Document the services messages.

12 years agoadmin: Implement the main job commands.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
admin: Implement the main job commands.

That's SVCSUBMIT to submit new jobs, and SVCINFO, SVCOK and SVCFAIL for
responding to them.

12 years agoadmin: Implement job table infrastructure.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
admin: Implement job table infrastructure.

We'll want this to keep track of which jobs a service provider has

12 years agoadmin: Service ownership infrastructure and commands.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
admin: Service ownership infrastructure and commands.

  * Implement a table of named and versioned services.

  * Allow clients to claim and release services, and find out about
    claimed services.

  * Notify clients when services are claimed and released.

  * Notify a service provider when another client provides a later

12 years agoservutil: Implement version number comparison.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
servutil: Implement version number comparison.

We use an extended version of the dpkg version comparison algorithm.
See the code for a description.

12 years agoadmin: New ?TOKENS formatting directive.
Mark Wooding [Mon, 1 Jan 2007 12:52:33 +0000 (12:52 +0000)]
admin: New ?TOKENS formatting directive.

Format a vector of pretokenized strings.  This obviates the need for
a complicated @alertcmd@ and suchlike.  It also means we can, at last,
resurrect @a_alert@.

12 years agoadmin: Rename the unknown-service error.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Rename the unknown-service error.

We'll want that when we report errors about client-provided services.
Renamed to unknown-port.

12 years agoadmin: Improve handling of background jobs.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Improve handling of background jobs.

New commands BGCANCEL (cancel an outstanding job) and JOBS (list
outstanding jobs).

12 years agoadmin: Option parser macros.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Option parser macros.

There's too much clone and hack in options parsing.  Cover up the
repeated code with macros.

Also, sneak in a little fix: complain if there are too many arguments to
a PING or EPING command.

12 years agoadmin: Put all command options at the start of the command-line.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Put all command options at the start of the command-line.

This makes life much easier for client libraries, which can (for
example) put `-background TAG' in a standard place to obtain
background operation.

12 years agoadmin: Fix premature close in a_bgrelease.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Fix premature close in a_bgrelease.

The function incorrectly destroys the connection at the release of the
first background job after close; it should wait until they've all

12 years agoadmin: Remove locking; new safe client destruction.
Mark Wooding [Mon, 1 Jan 2007 12:52:32 +0000 (12:52 +0000)]
admin: Remove locking; new safe client destruction.

The locking stuff is fiddly, and prevents cleanup of pending background
operations during destruction.  Instead, we add `destroyed' clients to a
list which we clean up just before going back to select.  This ensures
that they get cleaned up at a safe place, when there aren't functions
threaded on the stack which will be upset by the admin block vanishing
under their feet.

12 years agoserver/admin: Fix tokenization of statistics output.
Mark Wooding [Mon, 1 Jan 2007 12:52:10 +0000 (12:52 +0000)]
server/admin: Fix tokenization of statistics output.

12 years agoFix typos in messages.
Mark Wooding [Mon, 1 Jan 2007 12:52:10 +0000 (12:52 +0000)]
Fix typos in messages.

  tripe-init: `want do die'.

12 years agodoc: Various small cleanups to tripe-admin.5.
Mark Wooding [Mon, 1 Jan 2007 12:52:09 +0000 (12:52 +0000)]
doc: Various small cleanups to tripe-admin.5.

  * Duplicate the timespec description for PING.

  * Put BGDETACH in the summary of responses.

  * Tag EPING as a command to include in the summary.

  * Fix the description of the INET address family now that we have
    background commands.

12 years agocleanup: Various simple whitespace changes.
Mark Wooding [Mon, 1 Jan 2007 12:52:09 +0000 (12:52 +0000)]
cleanup: Various simple whitespace changes.

12 years agocleanup: Rename a few badly-chosen variables.
Mark Wooding [Mon, 1 Jan 2007 12:52:09 +0000 (12:52 +0000)]
cleanup: Rename a few badly-chosen variables.

  * admin: A few old `tag' arguments renamed to `status'.

12 years agoadmin: New command SETIFNAME to change an interface's recorded name.
Mark Wooding [Mon, 1 Jan 2007 12:44:59 +0000 (12:44 +0000)]
admin: New command SETIFNAME to change an interface's recorded name.

Also the machinery in peer.c to make it work, and documentation for the
new command and matching notification.

12 years agoGreat reorganization.
Mark Wooding [Sat, 30 Dec 2006 22:43:42 +0000 (22:43 +0000)]
Great reorganization.

Split all the sources into subdirectories.  This will look rather more
sensible when we add the Python support stuff.

12 years agobuild: Distribute make-summary to fix distcheck.
Mark Wooding [Sat, 30 Dec 2006 22:57:32 +0000 (22:57 +0000)]
build: Distribute make-summary to fix distcheck.

I've been concentrating too much on Debian packaging and the standard
autoconf install has rotted a bit.  Oops.

12 years agogitignore: Track rename of Ethereal => Wireshark in debian subdirectory.
Mark Wooding [Thu, 21 Dec 2006 14:50:15 +0000 (14:50 +0000)]
gitignore: Track rename of Ethereal => Wireshark in debian subdirectory.

12 years agoconfigure: Fix formatting.
Mark Wooding [Wed, 20 Dec 2006 16:35:50 +0000 (16:35 +0000)]
configure: Fix formatting.

12 years agoRename ethereal -> wireshark.
Mark Wooding [Mon, 11 Dec 2006 13:15:02 +0000 (13:15 +0000)]
Rename ethereal -> wireshark.

Also make the plugin actually work.  Probably.  Involves messing with
the Debian packaging and search-and-replace on the build system mainly.

12 years agokeyexch: Simplify key-exchange protocol.
Mark Wooding [Wed, 1 Nov 2006 15:10:50 +0000 (15:10 +0000)]
keyexch: Simplify key-exchange protocol.

Remove pointless cookie message.  Only allocate challenge blocks on
receipt of a full challenge.

Also fix bugs introduced in previous changes.

12 years agokeyexch, keymgmt: Include the peer's public key in the check hash.
Mark Wooding [Fri, 27 Oct 2006 16:55:27 +0000 (17:55 +0100)]
keyexch, keymgmt: Include the peer's public key in the check hash.

This turns out to be necessary for security: otherwise an adversary can
cross over two sessions, which is probably undesirable.  This also
requires that we know our own public key, which was previously

Except for session-ids (we don't care if two `sessions' with the same
peer get crossed over, because we don't distinguish them anyway), the
protocol now matches the one described and proved secure in the crypto

12 years agokeyexch: Group element encodings must have constant length.
Mark Wooding [Tue, 19 Sep 2006 20:47:33 +0000 (21:47 +0100)]
keyexch: Group element encodings must have constant length.


Using the `buf' encodings of group elements leaks length information.
Use the `raw' encoding instead.  I suspect that this really is a bad
security property to have; certainly the security proof for the key
exchange protocol depends on all encodings having the same length.

13 years agotripe-admin manpage: Generate a command and message summary.
Mark Wooding [Wed, 22 Feb 2006 02:54:00 +0000 (02:54 +0000)]
tripe-admin manpage: Generate a command and message summary.

There's such a big pile of information it seems nice to provide a quick
index at the end.  An unpleasant awk script seems to do the job nicely.

13 years agoadmin, resolve ops bugfix: initialize tag in resop early.
Mark Wooding [Tue, 21 Feb 2006 15:23:21 +0000 (15:23 +0000)]
admin, resolve ops bugfix: initialize tag in resop early.

We can call the completion function before detachment, and it might try
to trace its job tag.  This initialization just makes sure that it
doesn't do something stupid here.

13 years agoadmin: Initialize reference counter for client blocks.
Mark Wooding [Mon, 20 Feb 2006 12:44:53 +0000 (12:44 +0000)]
admin: Initialize reference counter for client blocks.

Good ol' Valgrind!

13 years agoMerge branch 'tokens'
Mark Wooding [Tue, 21 Feb 2006 23:57:35 +0000 (23:57 +0000)]
Merge branch 'tokens'

* tokens:
  Correctly tokenize output to admin clients.

13 years agoCorrectly tokenize output to admin clients.
Mark Wooding [Sun, 19 Feb 2006 15:03:19 +0000 (15:03 +0000)]
Correctly tokenize output to admin clients.

This is a wide ranging change, and there may well be bugs in some of the
message reporting code.

13 years agotripe-keys: Use curl instead of wget.
Mark Wooding [Sun, 19 Feb 2006 14:33:17 +0000 (14:33 +0000)]
tripe-keys: Use curl instead of wget.

It's generally much better, and in particular, it can cope with file:
URLs, which wget chokes on, which is a nuisance for testing.

13 years agoinfra: Clean up project setup
Mark Wooding [Wed, 8 Feb 2006 19:00:33 +0000 (19:00 +0000)]
infra: Clean up project setup

13 years agoExtract Subversion ignore data.
Mark Wooding [Sat, 28 Jan 2006 12:32:52 +0000 (12:32 +0000)]
Extract Subversion ignore data.

13 years agoGreetings and challenges.
mdw [Fri, 7 Oct 2005 14:41:54 +0000 (14:41 +0000)]
Greetings and challenges.

13 years agoPacket loss percentages.
mdw [Wed, 5 Oct 2005 09:59:00 +0000 (09:59 +0000)]
Packet loss percentages.

13 years agoStupid bug.
mdw [Tue, 4 Oct 2005 22:23:32 +0000 (22:23 +0000)]
Stupid bug.

13 years agoVarious little fixes.
mdw [Tue, 4 Oct 2005 22:22:24 +0000 (22:22 +0000)]
Various little fixes.

13 years agoWeird. tripe-keys got backdates somewhere.
mdw [Tue, 4 Oct 2005 19:30:46 +0000 (19:30 +0000)]
Weird.  tripe-keys got backdates somewhere.

13 years agoOne that got away.
mdw [Tue, 4 Oct 2005 18:34:32 +0000 (18:34 +0000)]
One that got away.

13 years agoMore support scripts and other cool stuff.
mdw [Tue, 4 Oct 2005 18:25:28 +0000 (18:25 +0000)]
More support scripts and other cool stuff.

13 years agoBackgrounded commands and RELOAD.
mdw [Fri, 30 Sep 2005 14:41:12 +0000 (14:41 +0000)]
Backgrounded commands and RELOAD.

13 years agoFix uninitialized variable in p_create.
mdw [Thu, 29 Sep 2005 13:40:14 +0000 (13:40 +0000)]
Fix uninitialized variable in p_create.

13 years agoVarious fixes.
mdw [Thu, 29 Sep 2005 13:34:06 +0000 (13:34 +0000)]
Various fixes.

13 years agoFix for new key-data interface.
mdw [Thu, 29 Sep 2005 13:33:26 +0000 (13:33 +0000)]
Fix for new key-data interface.

14 years agoStupid labelling bug.
mdw [Fri, 16 Sep 2005 13:18:13 +0000 (13:18 +0000)]
Stupid labelling bug.

14 years agoKeepalives and pings.
mdw [Fri, 16 Sep 2005 13:08:42 +0000 (13:08 +0000)]
Keepalives and pings.

14 years agoFix segfault on failure to add peer specified by IP address.
mdw [Thu, 15 Sep 2005 15:27:55 +0000 (15:27 +0000)]
Fix segfault on failure to add peer specified by IP address.

14 years agoDon't build ethereal plugin if no ethereal headers found.
mdw [Thu, 15 Sep 2005 14:26:38 +0000 (14:26 +0000)]
Don't build ethereal plugin if no ethereal headers found.