summaryrefslogtreecommitdiffstats
path: root/src/protocols/ec25519_fhmqvc
AgeCommit message (Collapse)Author
2015-11-17Use task queue for peer resets and keepalivesMatthias Schiffer
This makes it unnecessary to iterate over all peers for maintenance, and desynchronizes different peers' keepalives.
2015-10-25Update libuecc dependency to v6 and remove use of deprecated APIMatthias Schiffer
2015-10-18peer_group: add fastd_peer_group_lookup_peer_shell_command macro to simplify ↵Matthias Schiffer
shell command lookup
2015-10-18config: make on_up/down/establish/disestablish commands configurable per ↵Matthias Schiffer
peer group
2015-10-18peer_group: move to a new header, add recursive lookup macrosMatthias Schiffer
2015-09-04config: allow moving the 'on verify' clause into a peer groupMatthias Schiffer
2015-03-24Make build dependencies more configurableMatthias Schiffer
2015-03-24Add support for defining the MTU per peerMatthias Schiffer
2015-03-23peer: create interface when the connection has been established and no ↵Matthias Schiffer
interface exists yet Allows using dynamic interfaces with dynamic peers.
2015-03-23ec25519-fhmqvc: call fastd_peer_reset to setup newly added dynamic peersMatthias Schiffer
2015-03-23Improve sync/async execution of up/down scriptsMatthias Schiffer
2015-03-23Set the default interface for all peersMatthias Schiffer
2015-01-23ec25519-fhmqvc: comment updateMatthias Schiffer
2015-01-23ec25519-fhmqvc: add sender's public key to a few debug messagesMatthias Schiffer
2015-01-23ec25519-fhmqvc: use new hexdump logging feature for unknown keysMatthias Schiffer
2015-01-22ec25519-fhmqvc: use reduced-bitlength scalar multiplicationMatthias Schiffer
The values d and e will only use 128bits, so speed up the scalar multiplication by using the new reduced-bitlength scalar multiplication functions. This change requires the current development version of libuecc.
2015-01-21Downgrade "verification failed" message from verbose to debug2Matthias Schiffer
This message will be printed for every packet in severe reordering situtations, so better not print it by default. In the future, we'll need a rate limiting mechanism...
2015-01-20handshake: delay method parsing until the sender key has been handledMatthias Schiffer
Otherwise fastd won't use the correct peer group's method list for handshakes incoming on generic sockets.
2015-01-14Update copyright yearsMatthias Schiffer
2015-01-14Allow to configure methods per peer groupMatthias Schiffer
2015-01-09Comment typo fixMatthias Schiffer
2015-01-09ec25519-fhmqvc: don't check group order of peers' public keysMatthias Schiffer
Skipping this check will significantly speed up startup with many peers. As we now do embedded group order verification, an attacker can't gain anything from small-subgroup attacks, so skipping the check isn't a security issue.
2015-01-09ec25519-fhmqvc: optimize handshake by using embedded group element verificationMatthias Schiffer
Using the embedded group element verification allows us to get away without explicit verification, thus needing one scalar multiplication less. This reduces the number of expensive operations needed for a handshake to three: one Galois field square root (for key unpacking) and two scalar multiplications. For this optimization to be secure, private keys must be divisible by 8. This is the case for all keys generated with all but extremely old versions of fastd (pre-0.4). If fastd finds that its secret is not divisible by 8, it will refuse to start now.
2015-01-09Move protocol-specific TLV specifications to main handshake record enumMatthias Schiffer
2015-01-09ec25519-fhmqvc: unpack peers' keys only onceMatthias Schiffer
2015-01-09Add support for a new big-endian handshake formatMatthias Schiffer
Because of strange dicisions in the past, fastd currently uses little endian type and length values in its handshake. As the common network byte order is big endian, changing the handshake format would be preferable. This commit adds support for a new big-endian handshake. For now, fastd will continue to send little-endian handshakes so ensure backwarts compatiblity, but if it receives a big-endian handshake, it will respond with a big-endian one.
2015-01-08ecc25519-fhmqvc: add doxygen comments to the key check functionsMatthias Schiffer
2015-01-06ec25519-fhmqvc: additional key checksMatthias Schiffer
Until now, it wasn't checked if a public key was the identity element. I don't think this mistake allows any actual attacks against the handshake though.
2014-11-15ec25519-fhmqvc: extend describe_peer to return the whole keyMatthias Schiffer
2014-11-15Fix segfault when checking peer addressesMatthias Schiffer
This segfault would occur when a peer with a static IP address (e.i. not a hostname resolved via DNS) is read, and any other peer after that.
2014-11-11ec25519-fhmqvc: add missing Doxygen commentMatthias Schiffer
2014-10-13ec25519-fhmqvc: improve unknown key messageMatthias Schiffer
2014-09-16More fixes for zero-length VLAsMatthias Schiffer
2014-09-10ec25519-fhmqvc: refactor old session check codeMatthias Schiffer
2014-09-09Add current method of connections to status outputMatthias Schiffer
2014-09-08Make stats of reordered packetsMatthias Schiffer
2014-09-06Move UNUSED attribute to the start of arguments to help editors understand ↵Matthias Schiffer
the syntax
2014-08-31Replace memcmp with a constant-time version in some placesMatthias Schiffer
2014-08-24Coding style: always add a space between a pointer's type and the *Matthias Schiffer
2014-08-24Use simple int64_t timestamps in ms instead of timespecsMatthias Schiffer
2014-08-24Merge peer config into peer structureMatthias Schiffer
With this refactoring, the structure fastd_peer_config_t is merged into fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we now create peers directly when reading their configurations, which significantly simplifies the whole reload process, and prepares for some future optimizations like a key hash table. Note: This commit is too big, but I couldn't come up with a nice way to split it into smaller pieces...
2014-08-19Create peer structures for disabled peers as wellMatthias Schiffer
We have a 1:1 association between peers and peer configs now.
2014-08-18Dynamically create peer configs for dynamic peersMatthias Schiffer
This avoids duplicating the protocol_config field.
2014-08-18Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERSMatthias Schiffer
2014-08-18Rename "temporary peers" to "dynamic peers"Matthias Schiffer
2014-08-09Move fastd_config_t.peers to fastd_context_t.peer_configsMatthias Schiffer
2014-08-02Introduce and use alloc helpersMatthias Schiffer
These new helpers will terminate fastd on allocation failures and add some additional convenience (allow strdup with NULL; typesafe new(type) macros).
2014-06-08Allow async verify for handshake responsesMatthias Schiffer
This will lead to a bit strange handshake as a handshake response is answered with another handshake response, but it won't lead to loops because of the verification and handshake backoff intervals.
2014-05-31Make log levels verbose and info more usefulMatthias Schiffer
2014-05-29Document *everything*Matthias Schiffer