8d2ccbd7e5
And another unused include...
2012-12-26 20:39:50 +01:00
9cf7b53dd6
Remove unused include
2012-12-26 20:05:48 +01:00
ae28e7c8b1
Remove capability locking feature
...
This isn't our job, so there is no reason to support this.
2012-12-25 17:22:29 +01:00
78440eab81
Add user switching and capability support
2012-12-24 23:52:18 +01:00
eaac494273
Add WITH_CAPABILITIES CMake flag and check for libcap
2012-12-24 17:14:40 +01:00
cd8ab035e6
Add example systemd unit
2012-12-23 22:35:31 +01:00
4d8a5e4160
Set FD_CLOEXEC on all file descriptors, use non-blocking IO for sockets and TUN
2012-12-23 22:18:25 +01:00
3883abb85a
Fix up all usage of deprecated libuecc API
2012-12-23 21:23:33 +01:00
3c19fd226e
Use new pkg-config support of libuecc
2012-12-23 21:11:51 +01:00
577a9c0ed6
Install fastd binary to PREFIX/bin
2012-12-18 21:03:39 +01:00
224ea7b081
Convert type names to _t convention
2012-12-18 21:00:44 +01:00
766a0c145d
Always convert v4-mapped IPv6 addresses to IPv4 addresses
2012-12-13 18:02:39 +01:00
505eb46494
Add helper function to simplify v4-mapped addresses
2012-12-13 17:51:00 +01:00
da4d1d1586
Reduce v4-mapped IPv6 addresses to IPv4 addresses
...
We need this for "any" binds to work correctly again.
2012-12-13 14:13:51 +01:00
b3b4397734
Only try to set MTU when it isn't correct
...
This allows fastd to run completely without root privileges when the TUN/TAP
device is pre-created
2012-12-08 23:52:28 +01:00
6b6099a630
Maximum interface name length is IFNAMSIZ-1, not IFNAMSIZ
...
Linux handles the string just fine without NULL termination, but that doesn't
make it correct...
2012-12-08 23:35:39 +01:00
268aefb54c
Free socket before handshake if no address is set to avoid crash
2012-12-08 17:51:22 +01:00
9a155e4c51
Revert "Fix crash occuring under certain circumstances on resolve failure"
...
This reverts commit 6330d8abe0
2012-12-08 17:46:34 +01:00
6330d8abe0
Fix crash occuring under certain circumstances on resolve failure
...
When a dynamic peer is in handshake state and a previous resolve has returned an
address, the peer must be reset on a resolve failure even when there is no
established session to avoid aborting on the next handshake.
2012-12-08 12:54:41 +01:00
64754a379d
Increment version for new development
2012-12-08 12:54:10 +01:00
656175881b
fastd 6
2012-11-10 18:06:14 +01:00
6ef24092b5
Keep track of configured peer count correctly on dynamic reloads
2012-11-10 15:20:39 +01:00
13c71785b5
Don't allow global config statements in peer groups
2012-11-10 14:55:41 +01:00
68b33305cc
Give the default peer group a name
2012-11-10 14:47:28 +01:00
c0e60d4823
Truncate PID file
2012-11-08 08:47:19 +01:00
93ee0d9cb3
fastd 6-rc1
2012-11-06 20:46:38 +01:00
2bf6746fb7
Get rid of some annoyances with peer limits
...
Remove some debug messages, and don't resolve peers again and again we don't
want to connect to anyways.
2012-11-05 23:46:27 +01:00
f7244b9309
Don't inline send_handshake
2012-11-05 23:37:01 +01:00
65e60edefc
Only delay initial handshakes for groups with constraints
2012-11-05 22:48:34 +01:00
773e84403f
Add randomized initial handshake delays
...
This delay should barely be noticable, and it will make fastd connect to a
random choice of peers when a peer limit is set
2012-11-05 22:35:29 +01:00
8f60a96b84
Implement peer limit constraints
2012-11-05 22:24:42 +01:00
f631c10660
Implement peer groups
2012-11-05 18:26:55 +01:00
0c2f5da165
Fix some more bugs in fastd_peer_claim_address
2012-11-05 10:11:17 +01:00
51aa24d4a2
Reset dynamic peer if there is an established session and resolve fails
...
Fixes an assertion fail when address resolution fails during session refresh.
2012-11-04 17:06:35 +01:00
2791d3bc99
Improve handling of associated sockets in key matching
2012-11-02 09:27:58 +01:00
2f81a97f5c
Directly use peer when receiving on associated sockets
2012-11-02 09:02:35 +01:00
74b73a980b
Keep track of corresonding peers in associated sockets
2012-11-02 08:56:54 +01:00
cb98cbc593
Dynamically create and destroy sockets without fixed binds
2012-11-01 15:11:40 +01:00
86df5dbefe
Move unistd.h include to fastd.h
2012-11-01 15:11:25 +01:00
42e44a0b5c
Handle socket errors
2012-11-01 12:14:32 +01:00
80cbd0c9bd
Refactor bind address configuration
2012-11-01 11:04:39 +01:00
921485a5bc
Allow setting IPv[46] default bind addresses
2012-10-29 23:06:24 +01:00
2f021fd3e1
Allow setting bind interface
2012-10-29 22:48:06 +01:00
2c6a4b5c11
Fix bind error messages
2012-10-29 22:45:08 +01:00
078b835209
Add support for multiple binds
2012-10-29 22:21:47 +01:00
f5462bd63a
config: Simplify default_config()
2012-10-29 12:40:13 +01:00
6626f28fc9
fastd v0.5
2012-09-21 15:53:56 +02:00
2acd81bd7a
Nicely encapsulate different crypto algorithm implementations
2012-09-21 15:10:28 +02:00
65912e3e6f
Imcrement rc version
2012-09-16 07:42:49 +02:00
2506e2c63e
Handle posix_memalign return value
...
This is nothing we could handle correctly (well, in the long run we should print
and error message), but at least this silences a warning with _FORTIFY_SOURCE.
2012-09-16 07:40:05 +02:00
