summaryrefslogtreecommitdiffstats
path: root/src/config.c
AgeCommit message (Collapse)Author
2013-08-17Use readdir instead of readdir_rMatthias Schiffer
readdir_r can be unsafe for very long filenames.
2013-08-14Implement new lexer that is not generated by flex to reduce code sizeMatthias Schiffer
2013-08-12Add pre-up and post-down handlersMatthias Schiffer
2013-08-12Improve interface name handlingMatthias Schiffer
2013-08-07Fix segfault on --generate-keyMatthias Schiffer
2013-08-07Guard socket options not available on FreeBSDMatthias Schiffer
2013-07-25Move command line handling out of config.cMatthias Schiffer
2013-07-25Move send functions out of fastd.cMatthias Schiffer
2013-07-25Move _GNU_SOURCE define to types.hMatthias Schiffer
2013-07-23Don't trigger a resolve when a packet from an unknown peer is receivedMatthias Schiffer
2013-07-19Nicer command line option specificationMatthias Schiffer
2013-07-19Generalize float attribute, deprecate old float syntaxMatthias Schiffer
2013-07-04Fix typos in usage outputMatthias Schiffer
2013-06-09Don't allow peer groups in TUN modeMatthias Schiffer
2013-06-02Fix spelling of 'tunnelling'Matthias Schiffer
2013-04-25Fix memory leak in config parserMatthias Schiffer
2013-04-20Ignore backup filesMatthias Schiffer
2013-03-21Don't read the default peer group twice on startupMatthias Schiffer
There are no negative consequences when the peers are loaded twice, but we can spare some log spam like this.
2013-03-09Add options to hide IP and MAC addresses from log outputMatthias Schiffer
2013-03-08Really fix adding new peers from a peer dirMatthias Schiffer
2013-03-08Don't forget all peers when no peers are configured in peer dirsMatthias Schiffer
2013-03-08Don't lose all but one peer configured in peer dirs after loadingMatthias Schiffer
This regression was introduced in 4e9b2a8819c7062ad052cd6c549db1d0fbed001d.
2013-03-08Disable peer configs by default, enable on peer creationMatthias Schiffer
This allows to remove some duplicate code, and will simplify the detection and handling of duplicate keys.
2013-03-04Load peer dirs in the last step of the configurationMatthias Schiffer
Loading the peer dirs directly led to peers being discovered in a different order after reconfigure.
2013-03-03Make 'peer limit 0' allow no connectionsMatthias Schiffer
2013-03-03Fix typo in --log-level help textMatthias Schiffer
2013-03-03Remove the word "version" from usage textMatthias Schiffer
It is now included in the version string itself.
2013-02-26Experimental support for accepting connections from unknown peersMatthias Schiffer
2013-02-23Subtract splay time to key refresh intervalMatthias Schiffer
A random splay time of up to 5 minutes will ensure that simultaneous handshakes with many peers are desynchronized as fast as possible.
2013-01-05Adjust copyright yearsMatthias Schiffer
2013-01-04Set supplementary groupsMatthias Schiffer
2012-12-24Add user switching and capability supportMatthias Schiffer
2012-12-18Convert type names to _t conventionMatthias Schiffer
2012-12-13Always convert v4-mapped IPv6 addresses to IPv4 addressesMatthias Schiffer
2012-11-10Don't allow global config statements in peer groupsMatthias Schiffer
2012-11-10Give the default peer group a nameMatthias Schiffer
2012-11-05Implement peer groupsMatthias Schiffer
2012-11-01Dynamically create and destroy sockets without fixed bindsMatthias Schiffer
2012-11-01Refactor bind address configurationMatthias Schiffer
2012-10-29Add support for multiple bindsMatthias Schiffer
2012-10-29config: Simplify default_config()Matthias Schiffer
2012-09-21Nicely encapsulate different crypto algorithm implementationsMatthias Schiffer
2012-09-16Make implementations used for AES128-CTR and GHASH configurable.Matthias Schiffer
2012-07-02Fix typo in --machine-readable help messageMatthias Schiffer
2012-07-01Add support for multiple crypto methods without reconfigurationMatthias Schiffer
2012-06-27Primitive aes128-gcm implementationMatthias Schiffer
2012-06-15Avoid using the same handshake key to establish more than one sessionMatthias Schiffer
This fix prevents a potential attack using intentional packet reordering to initialize more than one session with using the same handshake keys, leading to more that one session to be initialized with the same key data altogether, allowing to decrypt some packets in the worst case.
2012-06-07Limit handshake frequency where possibleMatthias Schiffer
2012-06-06Limit resolve frequencyMatthias Schiffer
2012-06-06Improve some log levelsMatthias Schiffer