Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-11-10 | fastd 6v6 | Matthias Schiffer | |
2012-11-10 | Keep track of configured peer count correctly on dynamic reloads | Matthias Schiffer | |
2012-11-10 | Don't allow global config statements in peer groups | Matthias Schiffer | |
2012-11-10 | Give the default peer group a name | Matthias Schiffer | |
2012-11-08 | Truncate PID file | Matthias Schiffer | |
2012-11-06 | fastd 6-rc1v6-rc1 | Matthias Schiffer | |
2012-11-05 | Get rid of some annoyances with peer limits | Matthias Schiffer | |
Remove some debug messages, and don't resolve peers again and again we don't want to connect to anyways. | |||
2012-11-05 | Don't inline send_handshake | Matthias Schiffer | |
2012-11-05 | Only delay initial handshakes for groups with constraints | Matthias Schiffer | |
2012-11-05 | Add randomized initial handshake delays | Matthias Schiffer | |
This delay should barely be noticable, and it will make fastd connect to a random choice of peers when a peer limit is set | |||
2012-11-05 | Implement peer limit constraints | Matthias Schiffer | |
2012-11-05 | Implement peer groups | Matthias Schiffer | |
2012-11-05 | Fix some more bugs in fastd_peer_claim_address | Matthias Schiffer | |
2012-11-04 | Reset dynamic peer if there is an established session and resolve fails | Matthias Schiffer | |
Fixes an assertion fail when address resolution fails during session refresh. | |||
2012-11-02 | Improve handling of associated sockets in key matching | Matthias Schiffer | |
2012-11-02 | Directly use peer when receiving on associated sockets | Matthias Schiffer | |
2012-11-02 | Keep track of corresonding peers in associated sockets | Matthias Schiffer | |
2012-11-01 | Dynamically create and destroy sockets without fixed binds | Matthias Schiffer | |
2012-11-01 | Move unistd.h include to fastd.h | Matthias Schiffer | |
2012-11-01 | Handle socket errors | Matthias Schiffer | |
2012-11-01 | Refactor bind address configuration | Matthias Schiffer | |
2012-10-29 | Allow setting IPv[46] default bind addresses | Matthias Schiffer | |
2012-10-29 | Allow setting bind interface | Matthias Schiffer | |
2012-10-29 | Fix bind error messages | Matthias Schiffer | |
2012-10-29 | Add support for multiple binds | Matthias Schiffer | |
2012-10-29 | config: Simplify default_config() | Matthias Schiffer | |
2012-09-21 | fastd v0.5v0.5 | Matthias Schiffer | |
2012-09-21 | Nicely encapsulate different crypto algorithm implementations | Matthias Schiffer | |
2012-09-16 | Imcrement rc versionv0.5-rc4 | Matthias Schiffer | |
2012-09-16 | Handle posix_memalign return value | Matthias Schiffer | |
This is nothing we could handle correctly (well, in the long run we should print and error message), but at least this silences a warning with _FORTIFY_SOURCE. | |||
2012-09-16 | Increment rc versionv0.5-rc3 | Matthias Schiffer | |
2012-09-16 | Make implementations used for AES128-CTR and GHASH configurable. | Matthias Schiffer | |
2012-09-16 | Fix alignment for NaCl's core2 assembler implementation of AES128-CTR | Matthias Schiffer | |
2012-09-16 | Ignore SIGPIPE | Matthias Schiffer | |
We want this because of reasons. Just to be sure. | |||
2012-09-15 | Use inline function for alignment | Matthias Schiffer | |
2012-09-15 | Add support for kernel AES implementations | Matthias Schiffer | |
This gives AES128 a slight boost on my system, but it is still slower than XSalsa20... I should probably write userspace code that can make use of AES-NI and CLMUL. Or directly jump to the kernel space with the whole forwarding code. Nevertheless, this might run nicely on Geode CPUs and similar hardware with AES acceleration, at least if the context switches aren't too expensive... | |||
2012-09-15 | Add support for using kernel implementations of GHASH | Matthias Schiffer | |
This doesn't really improve performance on my Intel CPU (I guess due to the context switches), but more tests have to be made, in combination with offloading the AES to the kernel as well, and on different hardware. | |||
2012-09-15 | Rework some parts of the AES128-GCM method | Matthias Schiffer | |
These changes improve the performance of the AES128-GCM method by ~10% on my Intel CPU when compiled with -O2. Furthermore, the AES and the GHASH parts are separated now, allowing to switch to other implementations of the algorithms more easily. | |||
2012-09-15 | Improve data alignment | Matthias Schiffer | |
Ensure that the actual packet data is always aligned to a multiple of 8. | |||
2012-09-14 | Critical: fix various problems in the AES128-GCM method | Matthias Schiffer | |
There were several bugs in the code that were severely lowering the expected security and completely breaking compatiblity with alternative implementations. The fixed version is checked against the test vectors specified in [1], and should thus be correct. [1] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf | |||
2012-07-02 | Fix typo in --machine-readable help message | Matthias Schiffer | |
2012-07-02 | Remove unneeded include | Matthias Schiffer | |
2012-07-02 | Require whitespace after keywords and strings etc. in config files | Matthias Schiffer | |
2012-07-01 | Version incrementv0.5-rc2 | Matthias Schiffer | |
2012-07-01 | Add missing _GNU_SOURCE definition | Matthias Schiffer | |
2012-07-01 | Version incrementv0.5-rc1 | Matthias Schiffer | |
2012-07-01 | Add support for multiple crypto methods without reconfiguration | Matthias Schiffer | |
2012-07-01 | Fix invalid print on handshake failure with an unknown code. | Matthias Schiffer | |
2012-06-27 | Remove unneeded size bytes from GCM to suppress warnings | Matthias Schiffer | |
2012-06-27 | Implement GCM with lookup table | Matthias Schiffer | |