46a82c570c
Add generic-umac and composed-umac methods based on UMAC
2014-08-28 18:46:02 +02:00
a681219a92
Add UHASH implementation
2014-08-28 16:34:10 +02:00
398f78c1ff
Revert "Experimental HMAC-SHA1 implementation"
...
We don't really want to support it, and it's slower than GHASH...
This reverts commit 9bf4982637
2014-08-28 15:42:56 +02:00
b4a53fddb8
Move some utility funtions to a new header
2014-08-25 17:23:05 +02:00
9bf4982637
Experimental HMAC-SHA1 implementation
...
This adds experimental support for <cipher>+hmac-sha1 methods. It currently
depends on OpenSSL and is not yet ready for production use.
2014-08-25 02:19:32 +02:00
f2d84afd9d
MAC: rename hash() to digest() and change length unit from blocks to bytes
2014-08-25 00:09:19 +02:00
9855a34f48
Coding style: always add a space between a pointer's type and the *
2014-08-24 21:06:09 +02:00
1ae3aae351
Use simple int64_t timestamps in ms instead of timespecs
2014-08-24 16:07:50 +02:00
4c0623a080
Exit if invalid peers are configured on the command line
2014-08-24 03:31:12 +02:00
d42e9d9b1a
Don't output "adding peer" messages for static peers
...
Otherwise log messages are emitted to early.
2014-08-24 03:19:15 +02:00
25c9d93516
Improve error messages for invalid static peers
2014-08-24 03:17:50 +02:00
e7b0801809
Fix function name in comment
2014-08-24 02:55:09 +02:00
6a178be29f
Instead of replacing changed peers, delete and re-add them
...
This ensures they get a new ID, so asychronous replies for the old config aren't
associated with the new one.
2014-08-24 01:46:30 +02:00
b54d87d26f
Fix waitpid EINTR error on SIGCHLD
...
waitpid may fail with EINTR for SIGCHLD even when all signals are blocked.
2014-08-24 01:33:02 +02:00
1d38bad857
Fix connections to peers with static addresses
2014-08-24 01:14:02 +02:00
a04bcf247f
Merge peer config into peer structure
...
With this refactoring, the structure fastd_peer_config_t is merged into
fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we
now create peers directly when reading their configurations, which significantly
simplifies the whole reload process, and prepares for some future optimizations
like a key hash table.
Note: This commit is too big, but I couldn't come up with a nice way to split it
into smaller pieces...
2014-08-24 01:00:45 +02:00
ad4999488e
Remove VECTOR_ALLOC
...
It is done automatically now if the VECTOR is zeroed before.
2014-08-22 17:47:51 +02:00
35a18b1dea
Create peer structures for disabled peers as well
...
We have a 1:1 association between peers and peer configs now.
2014-08-19 00:21:38 +02:00
21ade840c9
Unify enabled and dynamic flags into a config_state flag
2014-08-18 22:52:25 +02:00
c9c7cbb67c
Remove a few now unneeded peer->config NULL checks
2014-08-18 22:44:57 +02:00
d39193123e
Fix a few comment typos
2014-08-18 22:33:01 +02:00
50d9aa2334
Dynamically create peer configs for dynamic peers
...
This avoids duplicating the protocol_config field.
2014-08-18 22:30:30 +02:00
cb3c88e020
Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERS
2014-08-18 22:08:30 +02:00
5d111c83ff
peer: add a flag `dynamic' instead of checking the config field for NULL
2014-08-18 22:01:38 +02:00
2352e1a79e
Rename "temporary peers" to "dynamic peers"
2014-08-18 21:34:53 +02:00
c251df4a17
peer: remove fastd_remote_is_dynamic()
2014-08-18 21:33:06 +02:00
02c72f46bd
peer: remove dead code fastd_remote_matches_dynamic()
2014-08-18 21:27:59 +02:00
7879164915
Move fastd_config_t.peers to fastd_context_t.peer_configs
2014-08-09 06:16:14 +02:00
e0f99a4199
log: fix port of IPv6 addresses with hidden IP addresses
2014-08-09 06:14:53 +02:00
c800a400b0
Add MacOS X semaphore implementation
2014-08-01 21:55:13 -07:00
4f25bdd259
Encapsulate semaphore handling
2014-08-02 06:45:39 +02:00
96a291d11f
Add support for Mac OS X
2014-08-01 21:08:18 -07:00
e63fe3b8d0
Don't use exponential notation for integers
2014-08-02 03:38:31 +02:00
546ac79363
Introduce and use alloc helpers
...
These new helpers will terminate fastd on allocation failures and add some
additional convenience (allow strdup with NULL; typesafe new(type) macros).
2014-08-02 00:53:47 +02:00
b22364f4af
Fix CMake warning about doc target, only use `doxygen' target
...
Also, to avoid conflicts with the doc directory, the default output dir has been
changed to doxygen.
2014-08-01 22:32:07 +02:00
5f385b0ea0
Use srandom/random instead of rand_r
...
There's no need to keep our own seed.
2014-08-01 22:12:56 +02:00
ebcf28b9ab
config: fix basic config checks in TUN mode
2014-07-10 18:20:17 +02:00
ebe85fa478
Development version
2014-06-30 21:41:25 +02:00
d4cef341eb
fastd v14
2014-06-30 21:40:51 +02:00
17d7b74daf
Fix build with ENABLE_OPENSSL
2014-06-28 21:02:19 +02:00
54a3574537
Development version
2014-06-21 20:20:28 +02:00
d5d7dc0601
fastd v13
2014-06-21 20:16:34 +02:00
556ff2e7bb
Update man
2014-06-21 17:30:18 +02:00
7f1a29a516
peer_hashtable: fix address hashing on systems with holes in sockaddr definitions
2014-06-14 14:58:33 +02:00
10378374ec
Add missing sys/uio.h includes
2014-06-14 14:34:41 +02:00
c17bdd0818
verify: add missing sys/wait.h include
2014-06-14 14:29:37 +02:00
f70848f7d0
shell: add missing signal.h include
2014-06-14 14:28:43 +02:00
e30ecc7387
peer: remove always-true condition
2014-06-14 14:05:29 +02:00
223066fe24
Ensure that peers get their place in the handshake queue even when the async queue is full
...
When the first resolve return for a newly reset peer is lost, init_handshake()
would never be called, and the peer would never get handshakes again. This
probably won't ever happen in practice, but since it's easy to fix, better be
correct here.
2014-06-14 13:59:50 +02:00
781538295f
Limit the number of concurrent on-verify runs
2014-06-14 03:30:17 +02:00
