diff --git a/.gitignore b/.gitignore index 26afb5a..835f56d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,7 @@ -bin/* +/bin/ *.o -src/base64u.c -src/base64u.h -tests/test +/src/base64u.c +/src/base64u.h +/tests/test +/src/iodine +/src/iodined diff --git a/Makefile b/Makefile index 2857b9d..b400422 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ MKDIR_FLAGS=-p RM=rm RM_FLAGS=-f -TARGETOS = `uname` +TARGETOS := $(shell uname) all: @(cd src; $(MAKE) TARGETOS=$(TARGETOS) all) @@ -66,7 +66,7 @@ uninstall: $(RM) $(RM_FLAGS) $(DESTDIR)$(sbindir)/iodine $(RM) $(RM_FLAGS) $(DESTDIR)$(sbindir)/iodined $(RM) $(RM_FLAGS) $(DESTDIR)$(mandir)/man8/iodine.8 - + test: all @echo "!! The check library is required for compiling and running the tests" @echo "!! Get it at http://check.sf.net" diff --git a/README b/README index 53eded6..ffdcb3a 100644 --- a/README +++ b/README @@ -251,6 +251,7 @@ quence, assuming at most one client will be connected at any time. A small DNSCACHE_LEN is still advised, preferably 2 or higher, however you can also undefine it to save a few more kilobytes. +For systemd support on Debian, compile with libsystemd-daemon-dev installed. PERFORMANCE: diff --git a/man/iodine.8 b/man/iodine.8 index 49ba7b7..ca2d72c 100644 --- a/man/iodine.8 +++ b/man/iodine.8 @@ -156,7 +156,7 @@ Usable range ca. 100 to 255. Use this option to scale back upstream bandwidth in favor of downstream bandwidth. Also useful for DNS servers that perform unreliably when using full-length -hostnames, noticable when fragment size autoprobe returns very +hostnames, noticeable when fragment size autoprobe returns very different results each time. .TP .B -T dnstype @@ -235,7 +235,7 @@ connection after 60 seconds of inactivity. .TP .B -c Disable checking the client IP address on all incoming requests. -By default, requests originating from non-matching IP adresses will be +By default, requests originating from non-matching IP addresses will be rejected, however this will cause problems when requests are routed via a cluster of DNS servers. .TP @@ -249,10 +249,10 @@ Increase debug level. Level 1 prints info about each RX/TX packet. Implies the .B -f option. -On level 2 (-DD) or higher, DNS queries will be printed literally. +On level 2 (\-DD) or higher, DNS queries will be printed literally. When using Base128 upstream encoding, this is best viewed as ISO Latin-1 text instead of (illegal) UTF-8. -This is easily done with : "LC_ALL=C luit iodined -DD ..." +This is easily done with : "LC_ALL=C luit iodined \-DD ..." (see luit(1)). .TP .B -m mtu @@ -312,7 +312,7 @@ must be the same on both the client and the server. .B tunnel_ip[/netmask] This is the server's ip address on the tun interface. The client will be given the next ip number in the range. It is recommended to use the -10.0.0.0 or 172.16.0.0 ranges. The default netmask is /27, can be overriden +10.0.0.0 or 172.16.0.0 ranges. The default netmask is /27, can be overridden by specifying it here. Using a smaller network will limit the number of concurrent users. .TP @@ -354,7 +354,6 @@ is set, iodined will use the value it is set to as password instead of asking for one. The .B -P option still has precedence. -.El .SH SEE ALSO The README file in the source distribution contains some more elaborate information. diff --git a/src/Makefile b/src/Makefile index 5fbfbbd..0e78ada 100644 --- a/src/Makefile +++ b/src/Makefile @@ -4,45 +4,40 @@ CLIENT = ../bin/iodine SERVEROBJS = iodined.o user.o fw_query.o SERVER = ../bin/iodined -OS = `echo $(TARGETOS) | tr "a-z" "A-Z"` -ARCH = `uname -m` -HEAD_COMMIT = `git rev-parse --short HEAD` +OS := $(shell echo $(TARGETOS) | tr "a-z" "A-Z") +ARCH := $(shell uname -m) +HEAD_COMMIT := $(shell git rev-parse --short HEAD) LIBPATH = -L. -LDFLAGS += -lz `sh osflags $(TARGETOS) link` $(LIBPATH) -CFLAGS += -c -g -Wall -D$(OS) -pedantic `sh osflags $(TARGETOS) cflags` -DGITREVISION=\"$(HEAD_COMMIT)\" +OS_CPPFLAGS := $(shell sh osflags $(TARGETOS) cppflags) +OS_CFLAGS := $(shell sh osflags $(TARGETOS) cflags) +OS_LDFLAGS := $(shell sh osflags $(TARGETOS) link) +CPPFLAGS = -D$(OS) -DGITREVISION=\"$(HEAD_COMMIT)\" $(OS_CPPFLAGS) +CFLAGS += -g -Wall -pedantic $(OS_CFLAGS) +LDFLAGS += -lz $(OS_LDFLAGS) $(LIBPATH) all: stateos $(CLIENT) $(SERVER) stateos: @echo OS is $(OS), arch is $(ARCH) -$(CLIENT): $(COMMONOBJS) $(CLIENTOBJS) - @echo LD $@ - @mkdir -p ../bin - @$(CC) $(COMMONOBJS) $(CLIENTOBJS) -o $(CLIENT) $(LDFLAGS) - -$(SERVER): $(COMMONOBJS) $(SERVEROBJS) - @echo LD $@ - @mkdir -p ../bin - @$(CC) $(COMMONOBJS) $(SERVEROBJS) -o $(SERVER) $(LDFLAGS) - -.c.o: - @echo CC $< - @$(CC) $(CFLAGS) $< -o $@ +iodine: $(COMMONOBJS) $(CLIENTOBJS) +iodined: $(COMMONOBJS) $(SERVEROBJS) +$(CLIENT): iodine; mkdir -p ../bin && cp -a $< $@ +$(SERVER): iodined; mkdir -p ../bin && cp -a $< $@ base64u.o client.o iodined.o: base64u.h base64u.c: base64.c @echo Making $@ - @echo '/* No use in editing, produced by Makefile! */' > $@ - @sed -e 's/\([Bb][Aa][Ss][Ee]64\)/\1u/g ; s/0123456789+/0123456789_/' < base64.c >> $@ + echo '/* No use in editing, produced by Makefile! */' > $@ + sed -e 's/\([Bb][Aa][Ss][Ee]64\)/\1u/g ; s/0123456789+/0123456789_/' < base64.c >> $@ base64u.h: base64.h @echo Making $@ - @echo '/* No use in editing, produced by Makefile! */' > $@ - @sed -e 's/\([Bb][Aa][Ss][Ee]64\)/\1u/g ; s/0123456789+/0123456789_/' < base64.h >> $@ + echo '/* No use in editing, produced by Makefile! */' > $@ + sed -e 's/\([Bb][Aa][Ss][Ee]64\)/\1u/g ; s/0123456789+/0123456789_/' < base64.h >> $@ clean: @echo "Cleaning src/" - @rm -f $(CLIENT){,.exe} $(SERVER){,.exe} *~ *.o *.core base64u.* - @rm -rf obj libs #android stuff - + rm -f iodine iodined + rm -f $(CLIENT){,.exe} $(SERVER){,.exe} *~ *.o *.core base64u.* + rm -rf obj libs #android stuff diff --git a/src/dns.c b/src/dns.c index fd3ce25..bd1257f 100644 --- a/src/dns.c +++ b/src/dns.c @@ -45,7 +45,7 @@ int dnsc_use_edns0 = 1; -#define CHECKLEN(x) if (buflen - (p-buf) < (x)) return 0 +#define CHECKLEN(x) if (buflen < (x) + (unsigned)(p-buf)) return 0 int dns_encode(char *buf, size_t buflen, struct query *q, qr_t qr, char *data, size_t datalen) @@ -391,7 +391,7 @@ dns_get_id(char *packet, size_t packetlen) return ntohs(header->id); } -#define CHECKLEN(x) if (packetlen - (data-packet) < (x)) return 0 +#define CHECKLEN(x) if (packetlen < (x) + (unsigned)(data-packet)) return 0 int dns_decode(char *buf, size_t buflen, struct query *q, qr_t qr, char *packet, size_t packetlen) diff --git a/src/encoding.c b/src/encoding.c index 773f08e..4b5fb08 100644 --- a/src/encoding.c +++ b/src/encoding.c @@ -26,7 +26,7 @@ build_hostname(char *buf, size_t buflen, size_t space; char *b; - space = MIN(maxlen, buflen) - strlen(topdomain) - 8; + space = MIN((size_t)maxlen, buflen) - strlen(topdomain) - 8; /* 8 = 5 max header length + 1 dot before topdomain + 2 safety */ if (!encoder->places_dots()) diff --git a/src/osflags b/src/osflags index 2d8a03b..b25da6a 100755 --- a/src/osflags +++ b/src/osflags @@ -25,6 +25,8 @@ link) esac ;; cflags) + ;; +cppflags) case $1 in windows32) echo '-DWINVER=0x0501'; diff --git a/src/user.c b/src/user.c index f5ad924..1da7344 100644 --- a/src/user.c +++ b/src/user.c @@ -33,7 +33,7 @@ #include "encoding.h" #include "user.h" -struct tun_user *users; +struct _user *users; unsigned usercount; int @@ -59,7 +59,7 @@ init_users(in_addr_t my_ip, int netbits) maxusers = (1 << (32-netbits)) - 3; /* 3: Net addr, broadcast addr, iodined addr */ usercount = MIN(maxusers, USERS); - users = calloc(usercount, sizeof(struct tun_user)); + users = calloc(usercount, sizeof(struct _user)); for (i = 0; i < usercount; i++) { in_addr_t ip; users[i].id = i; diff --git a/src/user.h b/src/user.h index 7d02b65..2787fad 100644 --- a/src/user.h +++ b/src/user.h @@ -33,7 +33,10 @@ #define QMEMDATA_LEN 15 /* Max advisable: 36/2 = 18. Total mem usage: QMEMDATA_LEN * USERS * 6 bytes */ -struct tun_user { +/* Renamed to struct _user to avoid naming conflict with struct user found in + * which gets included in some builds (armel) */ + +struct _user { char id; int active; int disabled; @@ -73,7 +76,7 @@ struct tun_user { #endif }; -extern struct tun_user *users; +extern struct _user *users; int init_users(in_addr_t, int); const char* users_get_first_ip();