|
|
118ebb9d65
|
Initiate handshake when a packet can't be sent because the local address is invalid
|
2013-10-16 18:33:51 +02:00 |
|
|
|
4c188ac861
|
Fix fast roaming when local IP address has changed
|
2013-10-16 12:07:45 +02:00 |
|
|
|
ecebe8a755
|
New development cycle
|
2013-10-16 12:07:32 +02:00 |
|
|
|
84e3d7a16b
|
fastd v10
|
2013-10-11 16:32:12 +02:00 |
|
|
|
4a7d1acb59
|
Fix source address choice for IPv4 on Linux
|
2013-10-04 09:10:03 +02:00 |
|
|
|
9d950241cd
|
Invalidate null sessions when they are superseded
|
2013-09-30 22:15:54 +02:00 |
|
|
|
6ed43cdc22
|
fastd v9
|
2013-09-07 17:30:46 +02:00 |
|
|
|
467cc0f6c2
|
Change directory to / when privileges are dropped or the user is changed
|
2013-09-06 17:13:34 +02:00 |
|
|
|
02c1cb4ce2
|
Add packet/byte statistics
|
2013-09-03 21:53:45 +02:00 |
|
|
|
f0fa4e0c90
|
Demote some sendmsg warnings to debug and debug2 levels
|
2013-08-30 12:57:25 +02:00 |
|
|
|
7f33ccb920
|
Don't initialize monotone timestamps with zero
The monotone timestamp is near zero on linux systems, confusing fastd.
|
2013-08-29 19:04:31 +02:00 |
|
|
|
620f1cd45f
|
Replace old task queue
The handshakes are now schedules in a doubly-linked list that is maintained as a
part of the peer structure.
|
2013-08-29 11:53:34 +02:00 |
|
|
|
dcaf41a18e
|
Simplify keepalive sending
By using a global keepalive timer, the O(n) keepalive queue purge operation on
every send operation is avoided.
|
2013-08-29 00:45:13 +02:00 |
|
|
|
2343f5329c
|
ec25519: ensure old sessions are invalidated quickly after a new one has been established
|
2013-08-28 19:54:11 +02:00 |
|
|
|
6e63479b03
|
Remote unused fastd_task_replace_peer()
|
2013-08-28 15:50:37 +02:00 |
|
|
|
72b8ec6a93
|
ec25519: ensure that there is always a handshake enqueued after sending a handshake finish
This ensures that the handshake is repeated in case the finish packet is lost.
|
2013-08-28 15:45:43 +02:00 |
|
|
|
1b9709bae3
|
ec25519: reset peers as soon as their current session times out
|
2013-08-28 15:45:35 +02:00 |
|
|
|
3a3d423920
|
Cancel the session establishment earlier when the address can't be claimed by the peer
There is no reason to run through all the session establishment just to cancel
it a moment later.
|
2013-08-28 14:13:44 +02:00 |
|
|
|
738639cf71
|
Introduce constants for tristate values
|
2013-08-28 13:39:18 +02:00 |
|
|
|
81bff2df03
|
Introduce new log level debug2 for potentially very frequent messages
|
2013-08-27 17:57:06 +02:00 |
|
|
|
e91f17de87
|
options: change config error' to command line error' messages
|
2013-08-26 14:57:39 +02:00 |
|
|
|
81a329682b
|
ec25519-fhmqvc: use different handshake keys as initiator and responder
This ensures that even in the unlikely case of a crossed handshake fastd will
never establish two sessions with the same encryption key
|
2013-08-25 21:20:18 +02:00 |
|
|
|
464b4ed42e
|
ec25519-fhmqvc: put public and secret keys together in a keypair structure
|
2013-08-25 20:45:33 +02:00 |
|
|
|
9aff9fc56e
|
Fix typo in systemd unit description
|
2013-08-21 11:33:32 +02:00 |
|
|
|
4d2db5dbd2
|
OpenBSD doesn't support IPv4 on IPv6 sockets
|
2013-08-20 16:50:51 +02:00 |
|
|
|
d52f208d9f
|
Use v4-mapped addresses for IPv4 peers on IPv6 sockets
This is needed at least on FreeBSD
|
2013-08-20 16:16:55 +02:00 |
|
|
|
f6640a80f4
|
Prevent zero-before-free operations from being optimized out
|
2013-08-20 06:52:03 +02:00 |
|
|
|
d9dc87d840
|
Fix lots of -Wextra warnings
Everything clang and GCC warn about, except GCC's missing-field-initializers
which are just stupid as they don't allow {} syntax to zero a field.
|
2013-08-20 06:08:07 +02:00 |
|
|
|
3fd947a2d1
|
ec25519: add alignment attributes to all keys used as hash inputs
|
2013-08-19 03:31:57 +02:00 |
|
|
|
28c9b536f4
|
ec25519: reorder some code to fix a false-positive "may be used uninitialized" warning
|
2013-08-19 03:03:46 +02:00 |
|
|
|
ca94908db5
|
ec25519: minor code simplifications in handshake handling
|
2013-08-18 12:14:51 +02:00 |
|
|
|
efa0a3607f
|
Cache values calculated in the handshake reponse to reuse them in the finish handling
|
2013-08-17 10:54:21 +02:00 |
|
|
|
49cb21b22d
|
Make handshake records const uint8_t* instead of void*
This enforces explicit casting and thus avoids alignment problems.
|
2013-08-17 10:22:15 +02:00 |
|
|
|
00d7406fe2
|
Slightly improve the SHA256 API
|
2013-08-17 09:37:27 +02:00 |
|
|
|
f12681b09b
|
Check closedir return value
Just for the sake of completeness.
|
2013-08-17 02:49:53 +02:00 |
|
|
|
1ebbf81c00
|
Use readdir instead of readdir_r
readdir_r can be unsafe for very long filenames.
|
2013-08-17 02:34:44 +02:00 |
|
|
|
c2dd57d208
|
lex: fix scanning of IPv6 addresses
|
2013-08-16 06:24:48 +02:00 |
|
|
|
cab67b91b8
|
Fix segfault on single peer includes without name
|
2013-08-16 05:45:01 +02:00 |
|
|
|
0565d0e843
|
Always compile with -Wall (and fix other property settings)
|
2013-08-15 07:07:42 +02:00 |
|
|
|
d6b829effe
|
Don't require NaCl when it is not used
|
2013-08-15 06:54:32 +02:00 |
|
|
|
d6085504ce
|
Align sender key
Unaligned access might be a problem on some architectures, so it's better to
copy it to an aligned buffer before further handling the handshake.
|
2013-08-15 04:03:44 +02:00 |
|
|
|
1bb34487bf
|
Replace NaCl's HMAC implementation
|
2013-08-15 02:44:26 +02:00 |
|
|
|
6ecf69b6e6
|
Add small SHA256 implementation
The NaCl implementation has a code size of more than 10KiB.
|
2013-08-15 01:18:51 +02:00 |
|
|
|
e10944f8c9
|
Allow disabling redundant command line options
|
2013-08-14 19:12:45 +02:00 |
|
|
|
5ebebb3688
|
Change the order of the option handlers to match the option definion
|
2013-08-14 18:55:11 +02:00 |
|
|
|
0c6f6e9242
|
Reorder command line options in usage message and add separating empty lines
|
2013-08-14 18:49:27 +02:00 |
|
|
|
61cc8fdedc
|
lex: don't check for NULL before free
|
2013-08-14 04:44:31 +02:00 |
|
|
|
9929ac9123
|
lex: various fixes
|
2013-08-14 02:02:11 +02:00 |
|
|
|
bf721f718e
|
Implement new lexer that is not generated by flex to reduce code size
|
2013-08-14 01:19:33 +02:00 |
|
|
|
cd0f973cf6
|
lexer: reduce code size
|
2013-08-13 19:00:00 +02:00 |
|
