fastd

mirror of https://github.com/neocturne/fastd.git synced 2025-05-13 20:15:07 +02:00

Author	SHA1	Message	Date
Matthias Schiffer	d03a0a1734	receive: require data packets to contain at least a full method header Further lower the ampliciation factor by ignoring packets that are too short to be a valid data packet.	2025-01-26 14:17:31 +01:00
Matthias Schiffer	1f233bee76	receive: do not send both L2TP and compat handshakes for fast reconnect Determine from the payload packet type whether the previous connection was using L2TP or compat packets and only send the handshake the peer will actually react to. This reduced the amplification factor of the fastd fast reconnect feature.	2025-01-26 14:17:31 +01:00
Matthias Schiffer	ce1b79b12d	handshake: pass initial handshake flags to fastd_protocol::handshake_init() Prepare for not passing FLAG_INITIAL to fast-reconnect handshakes.	2025-01-26 14:17:31 +01:00
Matthias Schiffer	e21476b8b5	.readthedocs.yml: fix for build with current readthedocs	2025-01-26 14:16:09 +01:00
Matthias Schiffer	aa9b094a48	ec25519-fhmqvc: improve debug message for hitting peer limits "local constrains" was very unspecific.	2024-12-30 00:48:56 +01:00
Matthias Schiffer	c4478dac60	doc: update Sphinx and RTD theme	2024-12-29 23:25:33 +01:00
Matthias Schiffer	bf582abad6	cipher: xmm: enable IBT and SHSTK support Add endbr instructions for IBT (Indirect Branch Tracking). This is not strictly necessary, as these functions are never called indirectly, but there's also no reason not to. While fastd now requires a Binutils version that supports these instructions, this is the case at least since 2.30, which is older than fastd's minimum required Meson version. For SHSTK (Shadow Stacks) no changes are needed. A note section is inserted to mark both features as supported.	2024-12-29 23:25:33 +01:00
Matthias Schiffer	5e9c49ed26	cipher: xmm: enable preprocessor This fixes the #if defined(...) for .note.GNU-stack to actually work as expected. All comments in the assembly files are converted to C++ syntax to avoid clashing with preprocessor directives.	2024-12-29 23:25:33 +01:00
Matthias Schiffer	cce04acd60	build: fix compatiblity with Meson 0.49 Allow building fastd on Debian Buster (oldoldstable) again.	2024-12-29 23:25:33 +01:00
Matthias Schiffer	de0e0d5b5a	log: consistently use snprintf_safe()	2024-01-09 11:29:29 +01:00
Matthias Schiffer	fa88c739b9	Rename COPYRIGHT file to LICENSE	2024-01-08 11:42:51 +01:00
Matthias Schiffer	c08a3d59de	dep: update vendored libmnl to 1.0.5	2024-01-08 11:37:21 +01:00
Matthias Schiffer	66798e84ce	build: replace deprecated meson.source_root()	2024-01-08 11:30:34 +01:00
Matthias Schiffer	2456f767ed	Add Code of Conduct Add the Contributor Covenant as a Code of Conduct.	2023-08-25 21:45:44 +02:00
Matthias Schiffer	d9dd14045c	config: fix typo in comment	2022-05-05 23:38:30 +02:00
Matthias Schiffer	baafee09eb	status: add per-peer MTU information	2022-05-03 20:26:32 +02:00
Matthias Schiffer	69dabf6db9	status: fix display of interface name with L2TP offloading Closes #25	2022-05-03 20:26:32 +02:00
Matthias Schiffer	09cc37f894	status: add wrap_string_or_null() helper	2022-05-03 20:22:27 +02:00
Matthias Schiffer	fc4e527762	doc: config: improve explanation of "float" option Suggested-by: Steffen Möller <moeller@debian.org>	2021-09-01 19:54:44 +02:00
Matthias Schiffer	221cdb58cf	README, doc: add explanation of what fastd is Fixes #22	2021-09-01 19:00:09 +02:00
Sven Eckelmann	7a6350a295	doc: Fix incorrect "persist interface" examples (#21 ) The lexer doesn't understand the token ``iface`` and thus parsing a config with a line ``persist iface`` will break the config parser. The correct way of writing such a config statement is ``persist interface yes\|no;``	2021-07-28 16:59:20 +02:00
Matthias Schiffer	2817438e6a	util: add 16-bit byte swap helpers for non-Linux systems (#20 ) At the moment, only htobe16() is used, breaking build on OSX. Fixes #19	2021-06-30 22:06:55 +02:00
Matthias Schiffer	d95ae84384	config: allow disabling L2TP offload when fastd doesn't support it Only attempting to enable the offloading should raise an error when it is not supported.	2021-06-27 14:45:46 +02:00
Matthias Schiffer	0b544b89b1	doc: building: mention libmnl	2021-06-27 12:54:53 +02:00
Matthias Schiffer	851f98d0f6	build: change version number fallback handling Add 'v' prefix only to VCS_TAG and not to the project version to improve `meson dist` behaviour.	2021-06-27 12:24:50 +02:00
Matthias Schiffer	dd7a70cec3	Development version	2021-06-27 12:09:53 +02:00
Matthias Schiffer	0f47d83eac	fastd v22	2021-06-27 12:09:53 +02:00
Matthias Schiffer	de324f6e00	doc: add fastd v22 release notes	2021-06-27 12:09:53 +02:00
Matthias Schiffer	519d359d28	doc: manual: drop OpenWrt method list It doesn't make sense to keep a distro-specific method list (that may even change between distro releases) in the fastd documentation.	2021-06-27 11:21:18 +02:00
Matthias Schiffer	33defff0f5	doc: manual: recommend to use privileged ports with L2TP offloading	2021-06-27 11:21:18 +02:00
Matthias Schiffer	49066121de	capabilities: retain additional capabilities for L2TP offloading For offloading it is necessary to "clone" sockets, duplicating their bind port and device. We already keep CAP_NET_ADMIN in this case, so adding CAP_NET_BIND_SERVICE and CAP_NET_RAW doesn't significantly increase attack surface.	2021-06-27 11:21:18 +02:00
Matthias Schiffer	e8d8162828	doc: set Python and theme version for Sphinx/RTD	2021-06-26 20:20:31 +02:00
Matthias Schiffer	84a59b1f62	doc: examples/openwrt: fix extra command list/help to match implementation - The `up` and `down` commands do not exist anymore (indivudual instances can be started and stopped by passing the instance name to `start` and `stop`) - `show_key` and `generate_key` only accept a single instance name to match `start`/`stop`/... behaviour	2021-06-26 19:33:29 +02:00
Matthias Schiffer	ec01ce0519	doc: examples/openwrt: update initscript to use extra_command helper A fallback is included for older OpenWrt versions that lack this helper. Closes #14	2021-06-26 18:56:33 +02:00
Matthias Schiffer	e87c09f506	iface: set TUNSIFHEAD for TUN interfaces on NetBSD Required to match the multiaf_tun setting (which must be set to true so tunneling IPv6 can work).	2021-06-26 14:49:32 +02:00
Matthias Schiffer	1910c6d41a	treewide: reformat using clang-format 12.0.0	2021-06-26 14:42:55 +02:00
Matthias Schiffer	78bb809fab	build: exclude src/dep/ from format command	2021-06-26 14:42:38 +02:00
Matthias Schiffer	f6058a4d92	config: fix max buffer size calculation for multiaf_tun targets multiaf_tun targets (i.e. *BSD) need one block of additional headroom. Fixes an assertion failure on buffer allocation on these targets in TUN mode.	2021-06-26 14:40:42 +02:00
nia	f60f258bd3	Fix building on NetBSD Just a simple case of using the code shared with macOS.	2021-06-24 16:50:54 +02:00
Matthias Schiffer	7dc53ab69e	Optionally link libmnl into fastd statically Regular builds should just link libmnl dynamically, but for OpenWrt and similar embedded distros this allows to reduce the required flash size a bit.	2021-03-12 19:47:44 +01:00
Matthias Schiffer	35a6011b08	doc: examples/openwrt: add offload_l2tp option	2021-03-07 20:34:36 +01:00
Matthias Schiffer	6d7799c762	doc: add null@l2tp to methods and MTU manual pages	2021-03-05 22:10:14 +01:00
Matthias Schiffer	cbcf3f44da	doc: config: describe `offload l2tp`	2021-03-05 22:01:23 +01:00
Matthias Schiffer	e807590494	doc: use RTD theme by default, make sidebar more useful	2021-03-05 21:49:59 +01:00
Matthias Schiffer	c4447560e0	doc: update protocol wire format description	2021-03-05 21:43:24 +01:00
Matthias Schiffer	5601acc098	doc: describe null-l2tp method	2021-03-04 18:49:25 +01:00
Matthias Schiffer	5b2a5f4385	offload: l2tp: add selftest to catch problems on fastd startup	2021-03-04 00:44:43 +01:00
Matthias Schiffer	975646a018	offload: implement L2TP offloading	2021-03-04 00:44:43 +01:00
Matthias Schiffer	ad8c7655d6	peer: generic session offloading support	2021-03-04 00:44:43 +01:00
Matthias Schiffer	6dbcfb2991	iface: factor our MTU setting on Linux The function is needed for L2TP offloading.	2021-03-04 00:44:43 +01:00

1 2 3 4 5 ...

1247 commits