04cd3761f1
Fix typo in --machine-readable help message
2012-07-02 20:06:37 +02:00
10758956f5
Remove unneeded include
2012-07-02 17:41:45 +02:00
19c765db7b
Require whitespace after keywords and strings etc. in config files
2012-07-02 15:43:21 +02:00
1fdfde1951
Version increment
2012-07-01 18:19:47 +02:00
87c28ed8bb
Add missing _GNU_SOURCE definition
2012-07-01 18:19:15 +02:00
1a86ef3c5c
Version increment
2012-07-01 17:04:26 +02:00
a0be6d31b4
Add support for multiple crypto methods without reconfiguration
2012-07-01 17:01:13 +02:00
cb74214fff
Fix invalid print on handshake failure with an unknown code.
2012-07-01 16:18:33 +02:00
c8620dbeef
Remove unneeded size bytes from GCM to suppress warnings
2012-06-27 18:26:21 +02:00
4bda71ac39
Implement GCM with lookup table
2012-06-27 15:01:33 +02:00
8b4da71374
Fix critical memory corruption bug in core
2012-06-27 14:49:02 +02:00
ddd868d44f
Optimized GCM implementation
2012-06-27 09:12:29 +02:00
5e451533dd
Primitive aes128-gcm implementation
2012-06-27 02:28:49 +02:00
0ec1eb3d4c
Release 0.4
2012-06-24 22:33:13 +02:00
c4955de2ec
Don't re-resolve dynamic-floating peers on key refresh
2012-06-19 05:28:20 +02:00
caaba5ea19
Version increment
2012-06-15 04:15:16 +02:00
e930fc0f76
Allow setting dynamic peers to flaoting
2012-06-15 04:13:49 +02:00
bffe80f3d2
Avoid using the same handshake key to establish more than one session
...
This fix prevents a potential attack using intentional packet reordering to
initialize more than one session with using the same handshake keys, leading
to more that one session to be initialized with the same key data altogether,
allowing to decrypt some packets in the worst case.
2012-06-15 03:28:42 +02:00
b0a169a146
Limit handshake frequency where possible
2012-06-07 00:56:47 +02:00
25bf4f4901
Fix memory leak
2012-06-07 00:56:39 +02:00
33ec563983
Limit resolve frequency
2012-06-06 22:38:36 +02:00
7297dd73d5
Improve some log levels
2012-06-06 13:14:54 +02:00
b3d678c5f2
Increase reorder count
2012-06-05 22:32:29 +02:00
bd02e790f9
Increment rc version
2012-06-05 18:17:20 +02:00
0f14f55629
Fix possible duplicate session establishment
...
This is causing duplicate nonces in the worst case.
2012-06-05 18:10:11 +02:00
227af67a3c
printf: add %p pattern
2012-06-05 18:08:26 +02:00
450bbeb8a0
Add support for receiving reordered packets
2012-06-05 00:44:05 +02:00
b6b6e059d7
Increment rc version
2012-06-04 21:08:24 +02:00
163469f1ad
Make sure refresh handshakes aren't cleaned
2012-06-04 20:17:08 +02:00
210a447124
Fix key invalidation order on key refresh
2012-06-04 19:55:57 +02:00
f2bb9fd6d4
Add version string to handshake
2012-06-04 17:21:32 +02:00
a157804e7b
Decreate keepalive interval
2012-06-04 15:53:41 +02:00
33a2de703d
Add pidfile support
2012-06-04 14:54:50 +02:00
813535cfe4
Improve handshake logging
2012-06-04 09:42:23 +02:00
7df8f9002e
Fix warning message
2012-06-02 20:20:15 +02:00
60b7732c3e
Fix a possible crash involving strange resolve returns
...
fastd has been seen crashing on some hosts under strange circumstances. As the
bug seems to involve invalid address families, try to assure no unsupported
address families are returned from resolver.
2012-06-01 00:55:27 +02:00
10496d2dc9
Increase rc version
2012-05-24 21:13:02 +02:00
b51dc590a1
Fix segfault on logging during config
2012-05-24 21:12:15 +02:00
e3ba3e8f66
Uninline pr_log
2012-05-18 08:48:24 +02:00
6c6398d355
Increment rc version
2012-05-18 03:10:02 +02:00
4429f145e6
Don't consider enable state on peer config change detection
2012-05-18 03:08:58 +02:00
b34b3e2817
New logging facilities
2012-05-18 03:08:40 +02:00
a2b9f2c732
Add daemon mode
2012-05-17 22:24:31 +02:00
d8a3a034a1
Close inherited file handles
2012-05-17 21:30:10 +02:00
f863ed2c2d
Fix handling of unsuccessful resolve
2012-05-17 11:55:22 +02:00
e9536fe57e
Free eth_addr list on exit
2012-05-04 03:47:01 +02:00
7c0b4a23b1
Zero out resolve return to silence valgrind warning
2012-05-04 03:44:53 +02:00
6e39dfe325
Use pipe to transmit resolved addresses to main thread
2012-05-03 20:00:20 +02:00
1519fd2734
Fix critical error introduced by copy-and-pasting, another possible NULL dereference
2012-05-03 19:59:03 +02:00
a3459bc678
Critical fix: ignore disabled peers when searching peer key to avoid NULL dereference
2012-05-03 00:01:36 +02:00
