summaryrefslogtreecommitdiffstats
path: root/src/config.c
AgeCommit message (Collapse)Author
2012-12-13Always convert v4-mapped IPv6 addresses to IPv4 addressesMatthias Schiffer
2012-11-10Don't allow global config statements in peer groupsMatthias Schiffer
2012-11-10Give the default peer group a nameMatthias Schiffer
2012-11-05Implement peer groupsMatthias Schiffer
2012-11-01Dynamically create and destroy sockets without fixed bindsMatthias Schiffer
2012-11-01Refactor bind address configurationMatthias Schiffer
2012-10-29Add support for multiple bindsMatthias Schiffer
2012-10-29config: Simplify default_config()Matthias Schiffer
2012-09-21Nicely encapsulate different crypto algorithm implementationsMatthias Schiffer
2012-09-16Make implementations used for AES128-CTR and GHASH configurable.Matthias Schiffer
2012-07-02Fix typo in --machine-readable help messageMatthias Schiffer
2012-07-01Add support for multiple crypto methods without reconfigurationMatthias Schiffer
2012-06-27Primitive aes128-gcm implementationMatthias Schiffer
2012-06-15Avoid using the same handshake key to establish more than one sessionMatthias Schiffer
This fix prevents a potential attack using intentional packet reordering to initialize more than one session with using the same handshake keys, leading to more that one session to be initialized with the same key data altogether, allowing to decrypt some packets in the worst case.
2012-06-07Limit handshake frequency where possibleMatthias Schiffer
2012-06-06Limit resolve frequencyMatthias Schiffer
2012-06-06Improve some log levelsMatthias Schiffer
2012-06-05Increase reorder countMatthias Schiffer
2012-06-05Add support for receiving reordered packetsMatthias Schiffer
2012-06-04Decreate keepalive intervalMatthias Schiffer
2012-06-04Add pidfile supportMatthias Schiffer
2012-05-18New logging facilitiesMatthias Schiffer
2012-05-17Add daemon modeMatthias Schiffer
2012-04-22Add --show-key and --machine-readable optionsMatthias Schiffer
2012-04-19Don't regenerate session handshake keypair for every handshake so a global ↵Matthias Schiffer
state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely.
2012-04-18Simplity option code, improve help page formattingMatthias Schiffer
2012-04-17Add --help pageMatthias Schiffer
2012-04-16Cancel start if no peers are configuredMatthias Schiffer
2012-04-16Remove unused variableMatthias Schiffer
2012-04-16Rename peer-to-peer to forward; remove now useless peer command line optionv0.4-rc1Matthias Schiffer
2012-04-16Lots of fixes and improvements on the resolver codeMatthias Schiffer
2012-04-14Separate handshake from encryption methodMatthias Schiffer
2012-04-06Add some missing error handlingMatthias Schiffer
2012-04-05Add on-establish and on-disestablish commandsv0.2Matthias Schiffer
2012-04-05Cleanly shutdown; add on-down commandMatthias Schiffer
2012-04-05Implement reconfiguration on SIGHUPMatthias Schiffer
2012-04-03Save absolute path in peer configs from peer dirsMatthias Schiffer
2012-04-03Keep track of peer dirsMatthias Schiffer
2012-04-03Don't set bind sockaddr in config if none is configuredMatthias Schiffer
2012-04-03Save source dirs with peer configsMatthias Schiffer
2012-04-03Ignore peer configs with errors in peer dirs instead of exitingMatthias Schiffer
2012-04-03Only handle - as stdin when given on command lineMatthias Schiffer
2012-04-03Keep list of strings allocated by the lexerMatthias Schiffer
2012-04-02Allow peer-to-peer forwardingMatthias Schiffer
2012-04-02Add sending of keep-alive packetsMatthias Schiffer
2012-04-01Add log level configurationMatthias Schiffer
2012-04-01Require port with peer specfication, remove default portMatthias Schiffer
2012-03-31ecfxp: refresh session key periodicallyMatthias Schiffer
2012-03-31Change how handshakes are triggeredMatthias Schiffer
2012-03-30Limit key validityMatthias Schiffer