fastd

mirror of https://github.com/neocturne/fastd.git synced 2025-05-31 18:55:08 +02:00

Author	SHA1	Message	Date
Matthias Schiffer	af40597e16	doc: releases/v20: add status socket unlink feature	2020-10-10 16:34:12 +02:00
Matthias Schiffer	15c317b04e	doc: add fastd v20 release notes	2020-10-10 16:30:35 +02:00
Matthias Schiffer	b162b4468a	doc: openwrt: switch to USE_PROCD	2020-10-10 14:43:05 +02:00
Matthias Schiffer	32faf8d809	doc: openwrt: remove 'up' and 'down' options The way these options work is incompatible with USE_PROCD. Use on_up and on_down instead, which are handled by fastd itself.	2020-10-10 14:19:06 +02:00
Matthias Schiffer	9cd08c1e34	doc: update build documentation	2020-10-10 12:57:05 +02:00
Matthias Schiffer	95bc966436	build: prevent git describe from finding unrelated repositories Set --git-dir and --work-tree explicitly to prevent Git from finding unrelated repositories for source directories without version information (for example in the OpenWrt build system, where version information of the OpenWrt repo was returned instead).	2020-10-10 12:17:39 +02:00
Matthias Schiffer	ba0f616acc	buffer: statically allocate buffers We need a total of 3 buffers: - Input buffer - Output buffer - Duplicated buffer for broadcast forward	2020-10-01 18:42:08 +02:00
Matthias Schiffer	755b7ab9dd	methods: reserve sufficient headroom to avoid realign By reserving encrypt_headroom bytes in the methods' decrypt functions, realignment can be avoided for all methods except for null. We must be careful to subtract what is pulled from the buffer afterwards, so no oversized buffer is allocated that might fail the max_buffer check.	2020-10-01 17:34:24 +02:00
Matthias Schiffer	216eaca291	buffer: consistently use term "headroom"	2020-09-30 23:24:01 +02:00
Matthias Schiffer	f9089a8a76	Improve buffer realignment, handle missing headroom A decrypted packet may be aligned correctly, but have too little headroom to be encrypted using a different method. This led to an assertion failure, crashing fastd. Also move the realignment to the receive path, so it is only checked for forwarded packets.	2020-09-30 22:54:12 +02:00
Matthias Schiffer	4b82401157	methods: to not pass peer to encrypt()/decrypt()	2020-09-30 21:06:52 +02:00
Matthias Schiffer	ec61d9871a	methods: pass peer to session_init()	2020-09-30 21:06:42 +02:00
Matthias Schiffer	c561365328	methods: make output buffer the return value	2020-09-30 21:06:39 +02:00
Matthias Schiffer	b89a0ec3d3	buffer: turn buffer descriptor into buffer header Preparation for const buffers.	2020-09-29 23:25:34 +02:00
Matthias Schiffer	987ef622c8	buffer: make base a uint8_t*	2020-09-29 22:31:27 +02:00
Matthias Schiffer	68265164a8	methods: avoid modifying the input buffer Many methods only need a movable view of the input buffer.	2020-09-29 22:30:58 +02:00
Matthias Schiffer	2b6de7eddf	buffer: introduce read-only views of buffers Prepare for read-only buffer descriptors by adding views with movable data pointer.	2020-09-29 21:58:48 +02:00
Matthias Schiffer	78387ad904	buffer: remove tail_space argument from fastd_buffer_{alloc,dup}()	2020-09-29 00:04:59 +02:00
Matthias Schiffer	bd63837ca4	Remove now unused tailroom fields	2020-09-28 23:48:06 +02:00
Matthias Schiffer	b9846a5f85	ghash: move addition of size block from method into MAC implementations	2020-09-28 23:43:42 +02:00
Matthias Schiffer	a5d8a00bfd	crypto: allow passing algorithm-specific flags to crypto init functions	2020-09-28 22:52:14 +02:00
Matthias Schiffer	a96a1a1a03	Extend clang-format to test directory	2020-09-28 22:34:47 +02:00
Matthias Schiffer	6bb0ea0566	send: realign buffers entering the transmit path Misaligned buffers come from the null method, as it uses a 1-byte header rather than (16*n+8)-byte like all other methods. When such a buffer enters the transmit path again through fastd's forward feature, it will violate the fastd_block128_t alignment (when there are other sessions that do not use the null method). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>	2020-09-27 17:29:08 +02:00
Matthias Schiffer	84850b5830	build: fix order of preference for crypto implementations Consider the optimized x86 implementations before the generic ones, so the optimized versions can actually get selected. Fixes: `c095ce9b4d` ("build: switch to Meson build system")	2020-09-27 13:16:21 +02:00
Matthias Schiffer	20c51eacf0	status: unlink stale status sockets, add lockfile By using the lock status instead of the existence of the status socket, restarting fastd after a crash will no longer fail.	2020-07-04 15:33:29 +02:00
Matthias Schiffer	c137199077	doc: fastd.1: update doc links	2020-06-18 21:17:26 +02:00
Matthias Schiffer	b0e96e71fa	Zero padding before passing buffers to methods	2020-06-16 22:29:04 +02:00
Matthias Schiffer	63a6d4305f	buffer: change fastd_buffer_zero_pad to align blocks relative to base, not data	2020-06-16 22:29:04 +02:00
Matthias Schiffer	3a639f810e	buffer: remove useless const	2020-06-16 22:24:39 +02:00
Matthias Schiffer	efb13f1d19	buffer: calculate maximum buffer size and check allocations against it	2020-06-16 20:45:09 +02:00
Matthias Schiffer	32e861ef68	buffer: move allocation function into separate compilation unit	2020-06-16 00:53:34 +02:00
Matthias Schiffer	5ab8c7c154	util: add missing string.h include	2020-06-16 00:52:39 +02:00
Matthias Schiffer	89c6444c3a	log: introduce %Z pattern to log size_t values	2020-06-16 00:40:59 +02:00
Matthias Schiffer	0550601d3f	handshake: remove support for unset tlv_len handshake field We already only support handshakes with fastd v11 or newer, so this can be removed as well.	2020-06-16 00:40:58 +02:00
Matthias Schiffer	0f450984e3	Rename decrypt_tailroom to tailroom The variable gains an additional meaning: In addition to the tailroom needed in the source buffer for decryption, is also refers to the tailroom in the destination buffer for encryption.	2020-06-14 15:50:07 +02:00
Matthias Schiffer	fc823bc82b	generic-poly1305: remove unneded tailroom in encrypt buffer	2020-06-14 15:50:07 +02:00
Matthias Schiffer	cc1f25d94d	composed-umac, generic-umac: remove unnecessary tailroom	2020-06-14 15:50:07 +02:00
Matthias Schiffer	16fc6245dd	uhash: reduce padding requirement from 32 to 16 bytes	2020-06-14 15:50:07 +02:00
Matthias Schiffer	f96eb7dcc6	methods: rely on automatic allocation round-up where possible	2020-06-14 15:50:07 +02:00
Matthias Schiffer	b11c8b1262	buffer: add helpers to zero the padding of a buffer	2020-06-14 15:50:06 +02:00
Matthias Schiffer	4036aaffa6	methods: unify and simplify control flow	2020-06-14 15:50:06 +02:00
Matthias Schiffer	719d0804c3	cipher-test: zero padding before calling crypt in decrypt	2020-06-14 15:50:06 +02:00
Matthias Schiffer	b64d7c821e	config: free conf.pid_file on exit Avoid valgrind leak warning.	2020-06-14 15:50:06 +02:00
Matthias Schiffer	9ddd40e5b6	methods: do not unnecessarily zero padding of input data We only support stream ciphers, so trailing garbage in the last block isn't an issue.	2020-06-14 15:50:06 +02:00
Matthias Schiffer	4d25d50366	methods: introduce COMMON_HEADROOM define	2020-06-14 15:50:06 +02:00
Matthias Schiffer	81c6ffdcf6	cipher-test: remove unneeded tailroom in encrypt buffer	2020-06-14 15:50:06 +02:00
Matthias Schiffer	ee3babd60d	receive: always allocate a reasonably sized receive buffer With a very small MTU and a great number of configured methods, the receive buffer may be too small for a handshake packet. Always allocate receive buffers of at least 1232 bytes, even with smaller MTU. We also check that we never allocate a buffer for a bigger handshakes and abort otherwise. This could be turned into a soft error in the future, but so far we have a nice marging until we hit that number (maximum handshake with all methods is ~640 bytes).	2020-06-14 15:50:06 +02:00
Matthias Schiffer	c1d4823851	Include packet type in send/receive buffer	2020-06-14 15:50:05 +02:00
Matthias Schiffer	df6b320d1f	handshake: introduce RECORD_LEN macro	2020-06-13 21:37:56 +02:00
Matthias Schiffer	a617f7fca3	test: add simple uhash benchmark	2020-06-13 21:37:55 +02:00

1 2 3 4 5 ...

1164 commits