summaryrefslogtreecommitdiffstats
path: root/src/peer.c
AgeCommit message (Collapse)Author
2013-08-20Fix lots of -Wextra warningsMatthias Schiffer
Everything clang and GCC warn about, except GCC's missing-field-initializers which are just stupid as they don't allow {} syntax to zero a field.
2013-08-07Add sys/wait.h includes where necessary on FreeBSDMatthias Schiffer
2013-07-25Move _GNU_SOURCE define to types.hMatthias Schiffer
2013-07-25Improve handling of similar remote resolvesMatthias Schiffer
2013-07-24Fix remote record memory leakMatthias Schiffer
2013-07-24Fix fastd_peer_claim_address for peers with different addressesMatthias Schiffer
2013-07-24Allow specifying multiple remote entries for a single peerMatthias Schiffer
2013-07-24Don't let resolves delay handshakesMatthias Schiffer
2013-07-23Prepare for improved peer state handlingMatthias Schiffer
2013-07-19Generalize float attribute, deprecate old float syntaxMatthias Schiffer
2013-07-17Use calloc to allocate peer configsMatthias Schiffer
2013-04-24Initialize local address on peer creationMatthias Schiffer
2013-04-20Greatly improve handling of hosts with multiple IP addressesMatthias Schiffer
2013-04-17Fix handling of the local address in shell commandsMatthias Schiffer
Without this fix, using on-establish/disestablish/verify would cause a strange zero port when a bind with a random port was used, and a segmentation fault with dynamic binds.
2013-03-08Disable peer configs by default, enable on peer creationMatthias Schiffer
This allows to remove some duplicate code, and will simplify the detection and handling of duplicate keys.
2013-03-03Make 'peer limit 0' allow no connectionsMatthias Schiffer
2013-02-27Don't set the peer address for temporary peers before the session is ↵Matthias Schiffer
actually established Doing so could lead to duplicate address entries in different peers, causing very strange behaviour. Add additional parameters for the local and the peer address to fastd_shell_exec() to allow the on-verify script to use this information nevertheless.
2013-02-27Refactor fastd_peer_claim_addressMatthias Schiffer
2013-02-26Don't reset "seen" timestamp on peer resetMatthias Schiffer
2013-02-26Experimental support for accepting connections from unknown peersMatthias Schiffer
2013-02-25Get rid of some duplicate code for calling shell commandsMatthias Schiffer
2013-01-05Adjust copyright yearsMatthias Schiffer
2012-12-18Convert type names to _t conventionMatthias Schiffer
2012-12-13Add helper function to simplify v4-mapped addressesMatthias Schiffer
2012-12-08Free socket before handshake if no address is set to avoid crashMatthias Schiffer
2012-12-08Revert "Fix crash occuring under certain circumstances on resolve failure"Matthias Schiffer
This reverts commit 6330d8abe044c26ca8d0c0246f9d075c53779782.
2012-12-08Fix crash occuring under certain circumstances on resolve failureMatthias Schiffer
When a dynamic peer is in handshake state and a previous resolve has returned an address, the peer must be reset on a resolve failure even when there is no established session to avoid aborting on the next handshake.
2012-11-10Keep track of configured peer count correctly on dynamic reloadsMatthias Schiffer
2012-11-05Only delay initial handshakes for groups with constraintsMatthias Schiffer
2012-11-05Add randomized initial handshake delaysMatthias Schiffer
This delay should barely be noticable, and it will make fastd connect to a random choice of peers when a peer limit is set
2012-11-05Implement peer limit constraintsMatthias Schiffer
2012-11-05Implement peer groupsMatthias Schiffer
2012-11-05Fix some more bugs in fastd_peer_claim_addressMatthias Schiffer
2012-11-04Reset dynamic peer if there is an established session and resolve failsMatthias Schiffer
Fixes an assertion fail when address resolution fails during session refresh.
2012-11-02Keep track of corresonding peers in associated socketsMatthias Schiffer
2012-11-01Dynamically create and destroy sockets without fixed bindsMatthias Schiffer
2012-11-01Move unistd.h include to fastd.hMatthias Schiffer
2012-10-29Add support for multiple bindsMatthias Schiffer
2012-06-15Allow setting dynamic peers to flaotingMatthias Schiffer
2012-06-15Avoid using the same handshake key to establish more than one sessionMatthias Schiffer
This fix prevents a potential attack using intentional packet reordering to initialize more than one session with using the same handshake keys, leading to more that one session to be initialized with the same key data altogether, allowing to decrypt some packets in the worst case.
2012-06-07Limit handshake frequency where possibleMatthias Schiffer
2012-06-06Limit resolve frequencyMatthias Schiffer
2012-06-06Improve some log levelsMatthias Schiffer
2012-05-18Don't consider enable state on peer config change detectionMatthias Schiffer
2012-05-17Fix handling of unsuccessful resolveMatthias Schiffer
2012-04-27Automatically set interface MTUMatthias Schiffer
2012-04-19Don't regenerate session handshake keypair for every handshake so a global ↵Matthias Schiffer
state can be used; remove the concept of temporary peers These changes will fix the possibility of a TCP-SYN-Flood-like DoS attack, at the cost of another protocol change: as we can't count request IDs when we don't know have temporary peers, request IDs are removed completely.
2012-04-16Lots of fixes and improvements on the resolver codeMatthias Schiffer
2012-04-16Add support for peers specified by hostnamesMatthias Schiffer
2012-04-06Add some missing error handlingMatthias Schiffer