summaryrefslogtreecommitdiffstats
path: root/src/config.c
AgeCommit message (Collapse)Author
2014-08-24Merge peer config into peer structureMatthias Schiffer
With this refactoring, the structure fastd_peer_config_t is merged into fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we now create peers directly when reading their configurations, which significantly simplifies the whole reload process, and prepares for some future optimizations like a key hash table. Note: This commit is too big, but I couldn't come up with a nice way to split it into smaller pieces...
2014-08-18Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERSMatthias Schiffer
2014-08-09Move fastd_config_t.peers to fastd_context_t.peer_configsMatthias Schiffer
2014-08-02Add support for Mac OS XMatthias Schiffer
2014-08-02Introduce and use alloc helpersMatthias Schiffer
These new helpers will terminate fastd on allocation failures and add some additional convenience (allow strdup with NULL; typesafe new(type) macros).
2014-07-10config: fix basic config checks in TUN modeMatthias Schiffer
2014-06-10Clean up peer config loadingMatthias Schiffer
Instead of changing the peer list and peer group in the main conf during (re-)loading, add a parser state which contains this information.
2014-05-31Split main functionMatthias Schiffer
init() is still a bit long, but much better than before.
2014-05-29Document *everything*Matthias Schiffer
2014-05-29Simplify configuration of cipher and MAC implementationsMatthias Schiffer
Let the cipher and MAC handlers just store the chosen implementations themselves instead of relying on the global configuration.
2014-05-25Unify fastd_peer_group_t and fastd_peer_group_config_t into a single structureMatthias Schiffer
2014-05-25Make a few struct fields that are not supposed to be changed defines insteadMatthias Schiffer
2014-05-22Move fastd_loglevel_t to log.hMatthias Schiffer
2014-05-01Remove support for log filesMatthias Schiffer
syslog/journald do a much better job at organizing logs, with the additional advantage of proper log rotation. If someone really wants to have a log file for fastd, they can just redirect stderr.
2014-04-26Make on-verify support optionalMatthias Schiffer
2014-04-26Implement async verifyMatthias Schiffer
2014-04-24config: remove support for deprecated float syntaxMatthias Schiffer
2014-04-21Fix peer group tree traversal when reading peer dirsMatthias Schiffer
This broke when conf was made global.
2014-04-20Make ctx globalMatthias Schiffer
2014-04-20Make conf globalMatthias Schiffer
2014-04-19Free on-connect handler on exitMatthias Schiffer
2014-04-19Optimize maintenance routine (and don't run it more often than necessary)Matthias Schiffer
2014-04-11Improve shell command config handlingMatthias Schiffer
2014-03-20Enable secure handshakes by defaultMatthias Schiffer
2014-03-14Adjust copyright yearsMatthias Schiffer
2014-03-10Make --verify-config option more flexibleMatthias Schiffer
2014-01-26Add support for link-local bind addressesMatthias Schiffer
2014-01-26Add support for setting packet marksMatthias Schiffer
2013-12-16config: don't check configuration before logging has been set upMatthias Schiffer
2013-11-30Make crypto implementation configurable (and update a few error messages)Matthias Schiffer
2013-11-30Clean up some parts of the configuration handling (and fix a few little bugs)Matthias Schiffer
2013-11-30Rename methods to methods providers and method contexts to methods to ↵Matthias Schiffer
reflect their function better
2013-11-30Perform string-based lookup of method-related information only onceMatthias Schiffer
2013-11-29Reorder check: avoid undefined behaviour due to negative or to long shiftsMatthias Schiffer
2013-11-20Replace max_packet_size functions by a max_overhead fieldMatthias Schiffer
2013-11-20Slightly simplify method/cipher/MAC definitionsMatthias Schiffer
2013-11-15config: move check for no configured methodMatthias Schiffer
First check all error conditions before getting to the warnings (this is important for --generate-key). Also, downgrade the exit_bug to exit_error if method `null' is not supported.
2013-11-02Move a few prototypes from fastd.h into a new config.hMatthias Schiffer
2013-11-02Convert ghash to the new crypto algorithm schemeMatthias Schiffer
2013-11-02Convert aes128-gcm into a generic gcm methodMatthias Schiffer
2013-11-02Allow flexible specification of methods provided by an implementationMatthias Schiffer
2013-11-02Implement the first step towards a more flexible way to support crypto methodsMatthias Schiffer
2013-10-29Rename fastd_parse_method_name to fastd_method_get_by_nameMatthias Schiffer
2013-10-29Generate method list automagicallyMatthias Schiffer
2013-10-29config: iterate over configured methods only in configure_method_parameters()Matthias Schiffer
2013-10-29Handle methods as stringsMatthias Schiffer
2013-10-20Warn when no encryption method is setMatthias Schiffer
2013-10-16Add `secure handshakes' option (without effect for now)Matthias Schiffer
Not setting the option produces a warning (so not having it set is deprecated now), so we can change the default from no to yes in a few release cycles.
2013-08-29Simplify keepalive sendingMatthias Schiffer
By using a global keepalive timer, the O(n) keepalive queue purge operation on every send operation is avoided.
2013-08-28ec25519: ensure old sessions are invalidated quickly after a new one has ↵Matthias Schiffer
been established