summaryrefslogtreecommitdiffstats
path: root/src/fastd.h
AgeCommit message (Collapse)Author
2012-09-16Make implementations used for AES128-CTR and GHASH configurable.Matthias Schiffer
2012-09-16Fix alignment for NaCl's core2 assembler implementation of AES128-CTRMatthias Schiffer
2012-09-15Use inline function for alignmentMatthias Schiffer
2012-09-15Add support for kernel AES implementationsMatthias Schiffer
This gives AES128 a slight boost on my system, but it is still slower than XSalsa20... I should probably write userspace code that can make use of AES-NI and CLMUL. Or directly jump to the kernel space with the whole forwarding code. Nevertheless, this might run nicely on Geode CPUs and similar hardware with AES acceleration, at least if the context switches aren't too expensive...
2012-09-15Add support for using kernel implementations of GHASHMatthias Schiffer
This doesn't really improve performance on my Intel CPU (I guess due to the context switches), but more tests have to be made, in combination with offloading the AES to the kernel as well, and on different hardware.
2012-09-15Rework some parts of the AES128-GCM methodMatthias Schiffer
These changes improve the performance of the AES128-GCM method by ~10% on my Intel CPU when compiled with -O2. Furthermore, the AES and the GHASH parts are separated now, allowing to switch to other implementations of the algorithms more easily.
2012-09-15Improve data alignmentMatthias Schiffer
Ensure that the actual packet data is always aligned to a multiple of 8.
2012-07-01Version incrementv0.5-rc2Matthias Schiffer
2012-07-01Version incrementv0.5-rc1Matthias Schiffer
2012-07-01Add support for multiple crypto methods without reconfigurationMatthias Schiffer
2012-06-24Release 0.4v0.4Matthias Schiffer
2012-06-15Version incrementv0.4-rc13Matthias Schiffer
2012-06-15Avoid using the same handshake key to establish more than one sessionMatthias Schiffer
This fix prevents a potential attack using intentional packet reordering to initialize more than one session with using the same handshake keys, leading to more that one session to be initialized with the same key data altogether, allowing to decrypt some packets in the worst case.
2012-06-07Limit handshake frequency where possibleMatthias Schiffer
2012-06-06Limit resolve frequencyMatthias Schiffer
2012-06-05Increment rc versionv0.4-rc12Matthias Schiffer
2012-06-05Fix possible duplicate session establishmentMatthias Schiffer
This is causing duplicate nonces in the worst case.
2012-06-05Add support for receiving reordered packetsMatthias Schiffer
2012-06-04Increment rc versionv0.4-rc11Matthias Schiffer
2012-06-04Add pidfile supportMatthias Schiffer
2012-05-24Increase rc versionv0.4-rc10Matthias Schiffer
2012-05-18Uninline pr_logMatthias Schiffer
2012-05-18Increment rc versionv0.4-rc9Matthias Schiffer
2012-05-18New logging facilitiesMatthias Schiffer
2012-05-17Add daemon modeMatthias Schiffer
2012-05-03Use pipe to transmit resolved addresses to main threadv0.4-rc7Matthias Schiffer
2012-04-27Increment rcv0.4-rc5Matthias Schiffer
2012-04-22Add --show-key and --machine-readable optionsMatthias Schiffer
2012-04-19Don't regenerate session handshake keypair for every handshake so a global ↵Matthias Schiffer
state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely.
2012-04-17Add --help pageMatthias Schiffer
2012-04-16Rename peer-to-peer to forward; remove now useless peer command line optionv0.4-rc1Matthias Schiffer
2012-04-16Lots of fixes and improvements on the resolver codeMatthias Schiffer
2012-04-16Add support for peers specified by hostnamesMatthias Schiffer
2012-04-14Reduce task queue usageMatthias Schiffer
2012-04-14Separate handshake from encryption methodMatthias Schiffer
2012-04-05Add on-establish and on-disestablish commandsv0.2Matthias Schiffer
2012-04-05Cleanly shutdown; add on-down commandMatthias Schiffer
2012-04-05Implement reconfiguration on SIGHUPMatthias Schiffer
2012-04-03Keep track of peer dirsMatthias Schiffer
2012-04-03Ignore peer configs with errors in peer dirs instead of exitingMatthias Schiffer
2012-04-03Keep list of strings allocated by the lexerMatthias Schiffer
2012-04-02Allow peer-to-peer forwardingMatthias Schiffer
2012-04-02Add sending of keep-alive packetsMatthias Schiffer
2012-04-01Add timestamps to log messagesMatthias Schiffer
2012-04-01Add log level configurationMatthias Schiffer
2012-04-01Add verbose log level, change some log messagesMatthias Schiffer
2012-04-01Add missing includes that didn't throw errors with clangMatthias Schiffer
2012-03-31ecfxp: refresh session key periodicallyMatthias Schiffer
2012-03-31Change how handshakes are triggeredMatthias Schiffer
2012-03-30Limit key validityMatthias Schiffer