Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-01-04 | Set supplementary groups | Matthias Schiffer | |
2012-12-25 | Remove capability locking feature | Matthias Schiffer | |
This isn't our job, so there is no reason to support this. | |||
2012-12-24 | Add user switching and capability support | Matthias Schiffer | |
2012-12-23 | Set FD_CLOEXEC on all file descriptors, use non-blocking IO for sockets and TUN | Matthias Schiffer | |
2012-12-18 | Convert type names to _t convention | Matthias Schiffer | |
2012-12-13 | Add helper function to simplify v4-mapped addresses | Matthias Schiffer | |
2012-12-13 | Reduce v4-mapped IPv6 addresses to IPv4 addresses | Matthias Schiffer | |
We need this for "any" binds to work correctly again. | |||
2012-12-08 | Only try to set MTU when it isn't correct | Matthias Schiffer | |
This allows fastd to run completely without root privileges when the TUN/TAP device is pre-created | |||
2012-12-08 | Maximum interface name length is IFNAMSIZ-1, not IFNAMSIZ | Matthias Schiffer | |
Linux handles the string just fine without NULL termination, but that doesn't make it correct... | |||
2012-11-10 | Keep track of configured peer count correctly on dynamic reloads | Matthias Schiffer | |
2012-11-08 | Truncate PID file | Matthias Schiffer | |
2012-11-05 | Get rid of some annoyances with peer limits | Matthias Schiffer | |
Remove some debug messages, and don't resolve peers again and again we don't want to connect to anyways. | |||
2012-11-05 | Don't inline send_handshake | Matthias Schiffer | |
2012-11-05 | Implement peer limit constraints | Matthias Schiffer | |
2012-11-05 | Implement peer groups | Matthias Schiffer | |
2012-11-02 | Directly use peer when receiving on associated sockets | Matthias Schiffer | |
2012-11-02 | Keep track of corresonding peers in associated sockets | Matthias Schiffer | |
2012-11-01 | Dynamically create and destroy sockets without fixed binds | Matthias Schiffer | |
2012-11-01 | Move unistd.h include to fastd.h | Matthias Schiffer | |
2012-11-01 | Handle socket errors | Matthias Schiffer | |
2012-11-01 | Refactor bind address configuration | Matthias Schiffer | |
2012-10-29 | Fix bind error messages | Matthias Schiffer | |
2012-10-29 | Add support for multiple binds | Matthias Schiffer | |
2012-09-21 | Nicely encapsulate different crypto algorithm implementations | Matthias Schiffer | |
2012-09-16 | Fix alignment for NaCl's core2 assembler implementation of AES128-CTR | Matthias Schiffer | |
2012-09-16 | Ignore SIGPIPE | Matthias Schiffer | |
We want this because of reasons. Just to be sure. | |||
2012-09-15 | Use inline function for alignment | Matthias Schiffer | |
2012-09-15 | Add support for using kernel implementations of GHASH | Matthias Schiffer | |
This doesn't really improve performance on my Intel CPU (I guess due to the context switches), but more tests have to be made, in combination with offloading the AES to the kernel as well, and on different hardware. | |||
2012-09-15 | Rework some parts of the AES128-GCM method | Matthias Schiffer | |
These changes improve the performance of the AES128-GCM method by ~10% on my Intel CPU when compiled with -O2. Furthermore, the AES and the GHASH parts are separated now, allowing to switch to other implementations of the algorithms more easily. | |||
2012-09-15 | Improve data alignment | Matthias Schiffer | |
Ensure that the actual packet data is always aligned to a multiple of 8. | |||
2012-07-01 | Add support for multiple crypto methods without reconfiguration | Matthias Schiffer | |
2012-06-27 | Fix critical memory corruption bug in core | Matthias Schiffer | |
2012-06-19 | Don't re-resolve dynamic-floating peers on key refresh | Matthias Schiffer | |
2012-06-07 | Limit handshake frequency where possible | Matthias Schiffer | |
2012-06-07 | Fix memory leak | Matthias Schiffer | |
2012-06-06 | Limit resolve frequency | Matthias Schiffer | |
2012-06-06 | Improve some log levels | Matthias Schiffer | |
2012-06-04 | Add version string to handshake | Matthias Schiffer | |
2012-06-04 | Add pidfile support | Matthias Schiffer | |
2012-06-02 | Fix warning message | Matthias Schiffer | |
2012-05-18 | Uninline pr_log | Matthias Schiffer | |
2012-05-18 | New logging facilities | Matthias Schiffer | |
2012-05-17 | Add daemon mode | Matthias Schiffer | |
2012-05-17 | Close inherited file handlesv0.4-rc8 | Matthias Schiffer | |
2012-05-04 | Free eth_addr list on exit | Matthias Schiffer | |
2012-05-03 | Use pipe to transmit resolved addresses to main threadv0.4-rc7 | Matthias Schiffer | |
2012-04-27 | Automatically set interface MTU | Matthias Schiffer | |
2012-04-25 | Send handshakes after resolve even when the connection is already ↵v0.4-rc4 | Matthias Schiffer | |
established for session refreshs to work | |||
2012-04-22 | Add --show-key and --machine-readable options | Matthias Schiffer | |
2012-04-19 | Don't regenerate session handshake keypair for every handshake so a global ↵ | Matthias Schiffer | |
state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely. |