summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)Author
2016-03-20ec25519_fhmqvc: simplify protocol_handle_recv control flowMatthias Schiffer
2016-03-19ec25519_fhmqvc: update to follow new libuecc recommendationsMatthias Schiffer
2016-02-22capabilities: guard packet mark check with USE_PACKET_MARKMatthias Schiffer
At the moment, both capabilities and packet marks are supported on Linux only, so this doesn't really matter except for testing.
2016-02-22capabilities: print message about retained capabilitiesMatthias Schiffer
2016-02-22Retain CAP_NET_ADMIN if a packet mark is configured and dynamic binds are ↵Matthias Schiffer
required
2016-02-22Add "drop privileges force" option which allows to drop CAP_NET_ADMIN even ↵Matthias Schiffer
when fastd thinks it might still need it
2016-02-22Improve capability handling, retain required capabilitiesMatthias Schiffer
2016-02-22Update copyright yearsMatthias Schiffer
2016-02-22socket: improve and simplify error handlingMatthias Schiffer
Rather exit on errors we're unlikely to recover from than retrying indefinitely.
2016-02-22peer: remove dead code in fastd_peer_reset_socket()Matthias Schiffer
2016-02-22types: replace static consts with definesMatthias Schiffer
2016-02-22Handle optional features (capabilities, status socket) more consistentlyMatthias Schiffer
2016-02-21Print UID and GID as unsigned in log messageMatthias Schiffer
2016-02-21Replace setuid/setgid with setresuid/setresgid (or setreuid/setregid)Matthias Schiffer
The semantics of setuid in SUID processes are not entirely clear on all Unix-like systems. Better use setresuid to drop privileges where available.
2015-12-21Don't block fatal signalsMatthias Schiffer
2015-12-21Terminate with the received signalMatthias Schiffer
2015-11-25log: clean up fastd_logfMatthias Schiffer
Also, return early when no log destination would get the message anyways.
2015-11-18Unify periodic handshakes and peer maintenanceMatthias Schiffer
2015-11-18Clean up peer task handlingMatthias Schiffer
2015-11-17Use task queue for peer resets and keepalivesMatthias Schiffer
This makes it unnecessary to iterate over all peers for maintenance, and desynchronizes different peers' keepalives.
2015-11-16Call ethernet address cleanup from generic maintenance taskMatthias Schiffer
2015-11-10Add lots of missing doxygen commentsMatthias Schiffer
2015-11-10Implement generic task queue to handle handshakes and maintenanceMatthias Schiffer
2015-11-10pqueue: remove some unnessasary assignmentsMatthias Schiffer
2015-11-10Remove now unused doubly-linked list implementationMatthias Schiffer
2015-11-10Use heap-based priority queue to schedule handshakes instead of a linked listMatthias Schiffer
2015-11-10Add efficient priority queue implementationMatthias Schiffer
2015-11-09Destroy interfaces on OpenBSD as wellMatthias Schiffer
2015-11-09Implement interface cleanup on FreeBSDMatthias Schiffer
Based-on-patch-by: Julian Kornberger <jk+github@digineo.de>
2015-11-09Add generic interface cleanup infrastructureMatthias Schiffer
Some systems (like FreeBSD) don't delete TUN/TAP interfaces after closing, add some infrastructure to do that.
2015-11-09Check return value of sodium_init()Matthias Schiffer
Fixes a warning with -Wunused-result.
2015-11-09Use a global ioctl socketMatthias Schiffer
Based-on-patch-by: Julian Kornberger <jk+github@digineo.de>
2015-10-25Update libuecc dependency to v6 and remove use of deprecated APIMatthias Schiffer
2015-10-20Improve include_directories to prevent conflicts between system and fastd ↵Matthias Schiffer
headers In in-tree builds, fastd's poll.h was conflicting with the system one on non-Linux systems.
2015-10-18peer_group: add fastd_peer_group_lookup_peer_shell_command macro to simplify ↵Matthias Schiffer
shell command lookup
2015-10-18config: make on_up/down/establish/disestablish commands configurable per ↵Matthias Schiffer
peer group
2015-10-18peer_group: move to a new header, add recursive lookup macrosMatthias Schiffer
2015-10-18status: ensure that the status socket is unlinked when fastd exits with an errorMatthias Schiffer
2015-09-04config: allow moving the 'on verify' clause into a peer groupMatthias Schiffer
2015-06-25Use __attribute__((packed)) instead of __attribute__((__packed__)) consistentlyMatthias Schiffer
2015-06-25Don't depend on net/if_ether.hMatthias Schiffer
Instead of adding compatiblity code to make this work with musl, just duplicate the needed definitions in fastd.
2015-06-22salsa20{,12}/xmm: avoid symbol conflicts with libnaclMatthias Schiffer
Also remove some dead code
2015-05-12config: allow on-verify configuration without any other peersMatthias Schiffer
2015-03-24Add some MTU-related Doxygen commentsMatthias Schiffer
2015-03-24Make build dependencies more configurableMatthias Schiffer
2015-03-24Add support for defining the MTU per peerMatthias Schiffer
2015-03-24peer: fix segfault on on-connect with unknown peerMatthias Schiffer
2015-03-24config: add missing Doxygen commentMatthias Schiffer
2015-03-24iface: add support for interface name patternsMatthias Schiffer
2015-03-24log: allow escaping % patternsMatthias Schiffer