summaryrefslogtreecommitdiffstats
path: root/src/peer.c
AgeCommit message (Collapse)Author
2013-04-17Fix handling of the local address in shell commandsMatthias Schiffer
Without this fix, using on-establish/disestablish/verify would cause a strange zero port when a bind with a random port was used, and a segmentation fault with dynamic binds.
2013-03-08Disable peer configs by default, enable on peer creationMatthias Schiffer
This allows to remove some duplicate code, and will simplify the detection and handling of duplicate keys.
2013-03-03Make 'peer limit 0' allow no connectionsMatthias Schiffer
2013-02-27Don't set the peer address for temporary peers before the session is ↵Matthias Schiffer
actually established Doing so could lead to duplicate address entries in different peers, causing very strange behaviour. Add additional parameters for the local and the peer address to fastd_shell_exec() to allow the on-verify script to use this information nevertheless.
2013-02-27Refactor fastd_peer_claim_addressMatthias Schiffer
2013-02-26Don't reset "seen" timestamp on peer resetMatthias Schiffer
2013-02-26Experimental support for accepting connections from unknown peersMatthias Schiffer
2013-02-25Get rid of some duplicate code for calling shell commandsMatthias Schiffer
2013-01-05Adjust copyright yearsMatthias Schiffer
2012-12-18Convert type names to _t conventionMatthias Schiffer
2012-12-13Add helper function to simplify v4-mapped addressesMatthias Schiffer
2012-12-08Free socket before handshake if no address is set to avoid crashMatthias Schiffer
2012-12-08Revert "Fix crash occuring under certain circumstances on resolve failure"Matthias Schiffer
This reverts commit 6330d8abe044c26ca8d0c0246f9d075c53779782.
2012-12-08Fix crash occuring under certain circumstances on resolve failureMatthias Schiffer
When a dynamic peer is in handshake state and a previous resolve has returned an address, the peer must be reset on a resolve failure even when there is no established session to avoid aborting on the next handshake.
2012-11-10Keep track of configured peer count correctly on dynamic reloadsMatthias Schiffer
2012-11-05Only delay initial handshakes for groups with constraintsMatthias Schiffer
2012-11-05Add randomized initial handshake delaysMatthias Schiffer
This delay should barely be noticable, and it will make fastd connect to a random choice of peers when a peer limit is set
2012-11-05Implement peer limit constraintsMatthias Schiffer
2012-11-05Implement peer groupsMatthias Schiffer
2012-11-05Fix some more bugs in fastd_peer_claim_addressMatthias Schiffer
2012-11-04Reset dynamic peer if there is an established session and resolve failsMatthias Schiffer
Fixes an assertion fail when address resolution fails during session refresh.
2012-11-02Keep track of corresonding peers in associated socketsMatthias Schiffer
2012-11-01Dynamically create and destroy sockets without fixed bindsMatthias Schiffer
2012-11-01Move unistd.h include to fastd.hMatthias Schiffer
2012-10-29Add support for multiple bindsMatthias Schiffer
2012-06-15Allow setting dynamic peers to flaotingMatthias Schiffer
2012-06-15Avoid using the same handshake key to establish more than one sessionMatthias Schiffer
This fix prevents a potential attack using intentional packet reordering to initialize more than one session with using the same handshake keys, leading to more that one session to be initialized with the same key data altogether, allowing to decrypt some packets in the worst case.
2012-06-07Limit handshake frequency where possibleMatthias Schiffer
2012-06-06Limit resolve frequencyMatthias Schiffer
2012-06-06Improve some log levelsMatthias Schiffer
2012-05-18Don't consider enable state on peer config change detectionMatthias Schiffer
2012-05-17Fix handling of unsuccessful resolveMatthias Schiffer
2012-04-27Automatically set interface MTUMatthias Schiffer
2012-04-19Don't regenerate session handshake keypair for every handshake so a global ↵Matthias Schiffer
state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely.
2012-04-16Lots of fixes and improvements on the resolver codeMatthias Schiffer
2012-04-16Add support for peers specified by hostnamesMatthias Schiffer
2012-04-06Add some missing error handlingMatthias Schiffer
2012-04-05Add on-establish and on-disestablish commandsv0.2Matthias Schiffer
2012-04-05Cleanly shutdown; add on-down commandMatthias Schiffer
2012-04-05Implement reconfiguration on SIGHUPMatthias Schiffer
2012-04-03Save absolute path in peer configs from peer dirsMatthias Schiffer
2012-04-03Keep track of peer dirsMatthias Schiffer
2012-04-03Save source dirs with peer configsMatthias Schiffer
2012-04-03Ignore peer configs with errors in peer dirs instead of exitingMatthias Schiffer
2012-04-02Add sending of keep-alive packetsMatthias Schiffer
2012-04-01Require port with peer specfication, remove default portMatthias Schiffer
2012-04-01Don't stop repeating handshakes until valid data using the new key is receivedMatthias Schiffer
2012-04-01Fix handshakes occuring twice after unexpected data receiveMatthias Schiffer
2012-03-31Trigger handshake when unexpected data is received from a floating peerMatthias Schiffer
2012-03-31ecfxp: refresh session key periodicallyMatthias Schiffer