summaryrefslogtreecommitdiffstats
path: root/src/fastd.c
AgeCommit message (Collapse)Author
2013-07-29Fix assertion fail on key renewal handshakes with peers without remotesMatthias Schiffer
2013-07-25Move more code out of fastd.cMatthias Schiffer
2013-07-25Move send functions out of fastd.cMatthias Schiffer
2013-07-25Move socket handling out of fastd.cMatthias Schiffer
2013-07-25Move _GNU_SOURCE define to types.hMatthias Schiffer
2013-07-25Improve handling of similar remote resolvesMatthias Schiffer
2013-07-25Set IP_MTU_DISCOVER on socketsMatthias Schiffer
2013-07-24Include IP address in "sending handshake" debug messagesMatthias Schiffer
2013-07-24Allow specifying multiple remote entries for a single peerMatthias Schiffer
2013-07-24Remove handing for packets received on wrong sockets (this shouldn't happen)Matthias Schiffer
2013-07-24Don't let resolves delay handshakesMatthias Schiffer
2013-07-24Don't initialize peers before dropping privilegesMatthias Schiffer
2013-07-23Use schedule_handshake in handle_resolv_returnsMatthias Schiffer
2013-07-23Don't trigger a resolve when a packet from an unknown peer is receivedMatthias Schiffer
2013-07-12Supply the correct sockaddr size for bindMatthias Schiffer
2013-05-20Optimize send_all() to allow zero-copy TUN modeMatthias Schiffer
2013-05-20Add send_all() function to reduce duplicate codeMatthias Schiffer
2013-05-19Simplify TUN/TAP receive handlingMatthias Schiffer
2013-05-19Simplify send funktionMatthias Schiffer
2013-05-19Cast void* to char* before pointer arithmeticMatthias Schiffer
2013-05-19Simplify handling of received packetsMatthias Schiffer
2013-05-19Add a missing return in handle_socket_receive_known()Matthias Schiffer
2013-05-19Simplify socket receive pathMatthias Schiffer
2013-04-22Miscellaneous fixes in ethernet address handlingMatthias Schiffer
Check the length of ethernet frames, and the fastd_eth_addr_t structure must be packed.
2013-04-20Greatly improve handling of hosts with multiple IP addressesMatthias Schiffer
2013-04-17Fix handling of the local address in shell commandsMatthias Schiffer
Without this fix, using on-establish/disestablish/verify would cause a strange zero port when a bind with a random port was used, and a segmentation fault with dynamic binds.
2013-03-08Handle duplicate keysMatthias Schiffer
When two peers are configured with the same key, disable both. When a temporary peer's key is configured, delete the temporary key.
2013-03-08Allow disabling previously enabled peersMatthias Schiffer
2013-03-08Disable peer configs by default, enable on peer creationMatthias Schiffer
This allows to remove some duplicate code, and will simplify the detection and handling of duplicate keys.
2013-03-04Load peer dirs in the last step of the configurationMatthias Schiffer
Loading the peer dirs directly led to peers being discovered in a different order after reconfigure.
2013-03-02Don't crash on empty UDP packetsMatthias Schiffer
2013-03-02Print error message on aborts due to buffer push/pull errorsMatthias Schiffer
2013-02-27Allow temporary peers when no other floating or dynamic peers are configuredMatthias Schiffer
2013-02-27Don't set the peer address for temporary peers before the session is ↵Matthias Schiffer
actually established Doing so could lead to duplicate address entries in different peers, causing very strange behaviour. Add additional parameters for the local and the peer address to fastd_shell_exec() to allow the on-verify script to use this information nevertheless.
2013-02-26Experimental support for accepting connections from unknown peersMatthias Schiffer
2013-02-25Get rid of some duplicate code for calling shell commandsMatthias Schiffer
2013-02-23Fail initialization when a default socket can't be boundMatthias Schiffer
2013-02-23Print port for "any" address in bind log messagesMatthias Schiffer
2013-02-23Implement simple peer dump triggered by SIGUSR1Matthias Schiffer
2013-02-23Use fastd_peer_t instead of fastd_peer_config_t in handshake codeMatthias Schiffer
Directly using the peers allows us to get rid of the inefficient get_peer() function and is necessary for adding support for unknown peers.
2013-01-24resolver: write whole hostname instead of a pointer to the resolver pipeMatthias Schiffer
Shouldn't make a difference, but feels cleaner now, and silences a clang-analyzer warning.
2013-01-21Remove unneded calls to method functions in head and tail space calculationMatthias Schiffer
2013-01-21Add error message for OOM on buffer allocMatthias Schiffer
2013-01-05Adjust copyright yearsMatthias Schiffer
2013-01-04Add some debug output to uid/gid switchingMatthias Schiffer
2013-01-04Set supplementary groupsMatthias Schiffer
2012-12-25Remove capability locking featureMatthias Schiffer
This isn't our job, so there is no reason to support this.
2012-12-24Add user switching and capability supportMatthias Schiffer
2012-12-23Set FD_CLOEXEC on all file descriptors, use non-blocking IO for sockets and TUNMatthias Schiffer
2012-12-18Convert type names to _t conventionMatthias Schiffer