summaryrefslogtreecommitdiffstats
path: root/src/fastd.c
AgeCommit message (Collapse)Author
2016-02-22Add "drop privileges force" option which allows to drop CAP_NET_ADMIN even ↵Matthias Schiffer
when fastd thinks it might still need it
2016-02-22Improve capability handling, retain required capabilitiesMatthias Schiffer
2016-02-22Update copyright yearsMatthias Schiffer
2016-02-22socket: improve and simplify error handlingMatthias Schiffer
Rather exit on errors we're unlikely to recover from than retrying indefinitely.
2016-02-21Print UID and GID as unsigned in log messageMatthias Schiffer
2016-02-21Replace setuid/setgid with setresuid/setresgid (or setreuid/setregid)Matthias Schiffer
The semantics of setuid in SUID processes are not entirely clear on all Unix-like systems. Better use setresuid to drop privileges where available.
2015-12-21Don't block fatal signalsMatthias Schiffer
2015-12-21Terminate with the received signalMatthias Schiffer
2015-11-10Implement generic task queue to handle handshakes and maintenanceMatthias Schiffer
2015-11-09Check return value of sodium_init()Matthias Schiffer
Fixes a warning with -Wunused-result.
2015-11-09Use a global ioctl socketMatthias Schiffer
Based-on-patch-by: Julian Kornberger <jk+github@digineo.de>
2015-10-20Improve include_directories to prevent conflicts between system and fastd ↵Matthias Schiffer
headers In in-tree builds, fastd's poll.h was conflicting with the system one on non-Linux systems.
2015-10-18config: make on_up/down/establish/disestablish commands configurable per ↵Matthias Schiffer
peer group
2015-03-23Move ifname logic from peer to ifaceMatthias Schiffer
2015-03-23Improve sync/async execution of up/down scriptsMatthias Schiffer
2015-03-23peer: set peer name in on-up environment for peer-specific interfacesMatthias Schiffer
2015-03-23Some Android fixes for issues introduced by multi-interface supportMatthias Schiffer
Not really tested, I'll do that when the multiif support is finished.
2015-03-23iface: add ifname argumentMatthias Schiffer
2015-03-23Don't reset peers twice on start in TUN modeMatthias Schiffer
2015-03-23iface: make fastd_iface_open() gracefully (at least on Linux, for now)Matthias Schiffer
2015-03-23Use peer-specific interface in TUN modeMatthias Schiffer
2015-03-23Configure static peers before capabilities are droppedMatthias Schiffer
2015-03-22Rename tuntap to iface to match struct nameMatthias Schiffer
2015-03-22First work towards multi-interface supportMatthias Schiffer
2015-03-22Refactor poll APIMatthias Schiffer
2015-01-20Implement new hash table to keep track of unknown peers handshakes have been ↵Matthias Schiffer
sent to This should significantly reduce the number of handshakes sent after restarting fastd with many active connections.
2015-01-14Refactor handling of platforms without user/group settings (Android)Matthias Schiffer
2015-01-14Update copyright yearsMatthias Schiffer
2015-01-14Add Android 4.1+ support. See doc/README-Android.md for build HOWTO.Rick Lei
* Update CMake files to work with android-cmake * Use unix domain socket for communicating with Android GUI * May also run standalone but requires rooted Android device
2015-01-14Reset all connections on SIGUSR2Matthias Schiffer
2014-09-15status: add uptime and established timesMatthias Schiffer
2014-09-06Fix async command waitpid error handling (again...)Matthias Schiffer
2014-09-05Add status socket to get the current status as JSONMatthias Schiffer
2014-09-04Support dynamic binds with extra options (interface binds, specific ↵Matthias Schiffer
addresses...)
2014-09-01Remove old state dump featureMatthias Schiffer
It will be replaced by a nicer version.
2014-08-24Coding style: always add a space between a pointer's type and the *Matthias Schiffer
2014-08-24Use simple int64_t timestamps in ms instead of timespecsMatthias Schiffer
2014-08-24Fix waitpid EINTR error on SIGCHLDMatthias Schiffer
waitpid may fail with EINTR for SIGCHLD even when all signals are blocked.
2014-08-24Merge peer config into peer structureMatthias Schiffer
With this refactoring, the structure fastd_peer_config_t is merged into fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we now create peers directly when reading their configurations, which significantly simplifies the whole reload process, and prepares for some future optimizations like a key hash table. Note: This commit is too big, but I couldn't come up with a nice way to split it into smaller pieces...
2014-08-22Remove VECTOR_ALLOCMatthias Schiffer
It is done automatically now if the VECTOR is zeroed before.
2014-08-19Create peer structures for disabled peers as wellMatthias Schiffer
We have a 1:1 association between peers and peer configs now.
2014-08-18Unify enabled and dynamic flags into a config_state flagMatthias Schiffer
2014-08-18Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERSMatthias Schiffer
2014-08-18peer: add a flag `dynamic' instead of checking the config field for NULLMatthias Schiffer
2014-08-18Rename "temporary peers" to "dynamic peers"Matthias Schiffer
2014-08-09Move fastd_config_t.peers to fastd_context_t.peer_configsMatthias Schiffer
2014-08-02Encapsulate semaphore handlingMatthias Schiffer
2014-08-02Introduce and use alloc helpersMatthias Schiffer
These new helpers will terminate fastd on allocation failures and add some additional convenience (allow strdup with NULL; typesafe new(type) macros).
2014-08-01Use srandom/random instead of rand_rMatthias Schiffer
There's no need to keep our own seed.
2014-06-14Limit the number of concurrent on-verify runsMatthias Schiffer
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 17:00:42 +0100