summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)Author
2013-10-30Separate ec25519-fhmqvc into multiple source filesMatthias Schiffer
2013-10-29Correctly terminate method listMatthias Schiffer
2013-10-29Rename fastd_parse_method_name to fastd_method_get_by_nameMatthias Schiffer
2013-10-29Generate method list automagicallyMatthias Schiffer
2013-10-29config: iterate over configured methods only in configure_method_parameters()Matthias Schiffer
2013-10-29handshake: get_method() code simplificationMatthias Schiffer
2013-10-29Drop compatiblity code for fastd 0.4Matthias Schiffer
2013-10-29Handle methods as stringsMatthias Schiffer
2013-10-29Allow using libsodium instead of NaClMatthias Schiffer
As libsodium has some strange include files (like a version.h), we try to use absolute include paths whenever possible in fastd now and rename our generated headers.
2013-10-28Unify duplicate code in xsalsa20-poly1305 and aes128-gcm methodsMatthias Schiffer
2013-10-28Organize method and protocol source files into distinct source directoriesMatthias Schiffer
2013-10-24Fix maybe-uninitialized warningMatthias Schiffer
2013-10-20Don't print fastd version from handshake requests when secure handshakes are ↵Matthias Schiffer
set, instead print it on handshake finish
2013-10-20Warn when no encryption method is setMatthias Schiffer
2013-10-20Don't send chosen method name when it doesn't matterMatthias Schiffer
2013-10-20Align handshake bufferMatthias Schiffer
2013-10-20Always check for mode and protocol mismatchesMatthias Schiffer
This was accidentially disabled in the previous commit for initial handshake requests.
2013-10-20Refactor handshake code, prevent downgrade attacksMatthias Schiffer
2013-10-19Rename RECORD_HANDSHAKE_MAC to RECORD_TLV_MACMatthias Schiffer
2013-10-19Authenticate the TLV records onlyMatthias Schiffer
2013-10-19Use the rsv2 field in the handshake header as an optional length field to ↵Matthias Schiffer
facilitate future extensions
2013-10-19Get rid of packet.hMatthias Schiffer
2013-10-19Add a HMAC to authenticate all handshake TLVMatthias Schiffer
2013-10-18Generalize SHA256 functions to work with arbitrary inputsMatthias Schiffer
2013-10-17Use the default delay before a handshake is sent when the local address is ↵Matthias Schiffer
invalid Sending it right away will make crossed handshakes more probable which is especially painful when roaming, so it's better to add the delay.
2013-10-16Add `secure handshakes' option (without effect for now)Matthias Schiffer
Not setting the option produces a warning (so not having it set is deprecated now), so we can change the default from no to yes in a few release cycles.
2013-10-16Initiate handshake when a packet can't be sent because the local address is ↵Matthias Schiffer
invalid
2013-10-16Fix fast roaming when local IP address has changedMatthias Schiffer
2013-10-04Fix source address choice for IPv4 on LinuxMatthias Schiffer
2013-09-30Invalidate null sessions when they are supersededMatthias Schiffer
2013-09-06Change directory to / when privileges are dropped or the user is changedMatthias Schiffer
2013-09-03Add packet/byte statisticsMatthias Schiffer
2013-08-30Demote some sendmsg warnings to debug and debug2 levelsMatthias Schiffer
2013-08-29Don't initialize monotone timestamps with zeroMatthias Schiffer
The monotone timestamp is near zero on linux systems, confusing fastd.
2013-08-29Replace old task queueMatthias Schiffer
The handshakes are now schedules in a doubly-linked list that is maintained as a part of the peer structure.
2013-08-29Simplify keepalive sendingMatthias Schiffer
By using a global keepalive timer, the O(n) keepalive queue purge operation on every send operation is avoided.
2013-08-28ec25519: ensure old sessions are invalidated quickly after a new one has ↵Matthias Schiffer
been established
2013-08-28Remote unused fastd_task_replace_peer()Matthias Schiffer
2013-08-28ec25519: ensure that there is always a handshake enqueued after sending a ↵Matthias Schiffer
handshake finish This ensures that the handshake is repeated in case the finish packet is lost.
2013-08-28ec25519: reset peers as soon as their current session times outMatthias Schiffer
2013-08-28Cancel the session establishment earlier when the address can't be claimed ↵Matthias Schiffer
by the peer There is no reason to run through all the session establishment just to cancel it a moment later.
2013-08-28Introduce constants for tristate valuesMatthias Schiffer
2013-08-27Introduce new log level debug2 for potentially very frequent messagesMatthias Schiffer
2013-08-26options: change `config error' to `command line error' messagesMatthias Schiffer
2013-08-25ec25519-fhmqvc: use different handshake keys as initiator and responderMatthias Schiffer
This ensures that even in the unlikely case of a crossed handshake fastd will never establish two sessions with the same encryption key
2013-08-25ec25519-fhmqvc: put public and secret keys together in a keypair structureMatthias Schiffer
2013-08-20OpenBSD doesn't support IPv4 on IPv6 socketsMatthias Schiffer
2013-08-20Use v4-mapped addresses for IPv4 peers on IPv6 socketsMatthias Schiffer
This is needed at least on FreeBSD
2013-08-20Prevent zero-before-free operations from being optimized outMatthias Schiffer
2013-08-20Fix lots of -Wextra warningsMatthias Schiffer
Everything clang and GCC warn about, except GCC's missing-field-initializers which are just stupid as they don't allow {} syntax to zero a field.