summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-12-23Set FD_CLOEXEC on all file descriptors, use non-blocking IO for sockets and TUNMatthias Schiffer
2012-12-23Fix up all usage of deprecated libuecc APIMatthias Schiffer
2012-12-23Use new pkg-config support of libueccMatthias Schiffer
2012-12-18Install fastd binary to PREFIX/binMatthias Schiffer
2012-12-18Convert type names to _t conventionMatthias Schiffer
2012-12-13Always convert v4-mapped IPv6 addresses to IPv4 addressesMatthias Schiffer
2012-12-13Add helper function to simplify v4-mapped addressesMatthias Schiffer
2012-12-13Reduce v4-mapped IPv6 addresses to IPv4 addressesMatthias Schiffer
We need this for "any" binds to work correctly again.
2012-12-08Only try to set MTU when it isn't correctMatthias Schiffer
This allows fastd to run completely without root privileges when the TUN/TAP device is pre-created
2012-12-08Maximum interface name length is IFNAMSIZ-1, not IFNAMSIZMatthias Schiffer
Linux handles the string just fine without NULL termination, but that doesn't make it correct...
2012-12-08Free socket before handshake if no address is set to avoid crashMatthias Schiffer
2012-12-08Revert "Fix crash occuring under certain circumstances on resolve failure"Matthias Schiffer
This reverts commit 6330d8abe044c26ca8d0c0246f9d075c53779782.
2012-12-08Fix crash occuring under certain circumstances on resolve failureMatthias Schiffer
When a dynamic peer is in handshake state and a previous resolve has returned an address, the peer must be reset on a resolve failure even when there is no established session to avoid aborting on the next handshake.
2012-12-08Increment version for new developmentMatthias Schiffer
2012-11-10fastd 6v6Matthias Schiffer
2012-11-10Keep track of configured peer count correctly on dynamic reloadsMatthias Schiffer
2012-11-10Don't allow global config statements in peer groupsMatthias Schiffer
2012-11-10Give the default peer group a nameMatthias Schiffer
2012-11-08Truncate PID fileMatthias Schiffer
2012-11-06fastd 6-rc1v6-rc1Matthias Schiffer
2012-11-05Get rid of some annoyances with peer limitsMatthias Schiffer
Remove some debug messages, and don't resolve peers again and again we don't want to connect to anyways.
2012-11-05Don't inline send_handshakeMatthias Schiffer
2012-11-05Only delay initial handshakes for groups with constraintsMatthias Schiffer
2012-11-05Add randomized initial handshake delaysMatthias Schiffer
This delay should barely be noticable, and it will make fastd connect to a random choice of peers when a peer limit is set
2012-11-05Implement peer limit constraintsMatthias Schiffer
2012-11-05Implement peer groupsMatthias Schiffer
2012-11-05Fix some more bugs in fastd_peer_claim_addressMatthias Schiffer
2012-11-04Reset dynamic peer if there is an established session and resolve failsMatthias Schiffer
Fixes an assertion fail when address resolution fails during session refresh.
2012-11-02Improve handling of associated sockets in key matchingMatthias Schiffer
2012-11-02Directly use peer when receiving on associated socketsMatthias Schiffer
2012-11-02Keep track of corresonding peers in associated socketsMatthias Schiffer
2012-11-01Dynamically create and destroy sockets without fixed bindsMatthias Schiffer
2012-11-01Move unistd.h include to fastd.hMatthias Schiffer
2012-11-01Handle socket errorsMatthias Schiffer
2012-11-01Refactor bind address configurationMatthias Schiffer
2012-10-29Allow setting IPv[46] default bind addressesMatthias Schiffer
2012-10-29Allow setting bind interfaceMatthias Schiffer
2012-10-29Fix bind error messagesMatthias Schiffer
2012-10-29Add support for multiple bindsMatthias Schiffer
2012-10-29config: Simplify default_config()Matthias Schiffer
2012-09-21fastd v0.5v0.5Matthias Schiffer
2012-09-21Nicely encapsulate different crypto algorithm implementationsMatthias Schiffer
2012-09-16Imcrement rc versionv0.5-rc4Matthias Schiffer
2012-09-16Handle posix_memalign return valueMatthias Schiffer
This is nothing we could handle correctly (well, in the long run we should print and error message), but at least this silences a warning with _FORTIFY_SOURCE.
2012-09-16Increment rc versionv0.5-rc3Matthias Schiffer
2012-09-16Make implementations used for AES128-CTR and GHASH configurable.Matthias Schiffer
2012-09-16Fix alignment for NaCl's core2 assembler implementation of AES128-CTRMatthias Schiffer
2012-09-16Ignore SIGPIPEMatthias Schiffer
We want this because of reasons. Just to be sure.
2012-09-15Use inline function for alignmentMatthias Schiffer
2012-09-15Add support for kernel AES implementationsMatthias Schiffer
This gives AES128 a slight boost on my system, but it is still slower than XSalsa20... I should probably write userspace code that can make use of AES-NI and CLMUL. Or directly jump to the kernel space with the whole forwarding code. Nevertheless, this might run nicely on Geode CPUs and similar hardware with AES acceleration, at least if the context switches aren't too expensive...