summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)Author
2015-03-23iface: discard empty packetsMatthias Schiffer
2015-03-23Fix sending data from peer-specific interfacesMatthias Schiffer
2015-03-22Add iface_persist config option (always true for now)Matthias Schiffer
2015-03-22Add missing Doxygen commentsMatthias Schiffer
2015-03-22iface: add support for multiple mode of operations using the same interface ↵Matthias Schiffer
types
2015-03-22handshake: allow the internal mode IDs to differ from the mode ID in the ↵Matthias Schiffer
handshakes
2015-03-22iface: set iface name to NULL when Android integration is usedMatthias Schiffer
2015-03-22Rename tuntap to iface to match struct nameMatthias Schiffer
2015-03-22tuntap: generalize some common partsMatthias Schiffer
2015-03-22First work towards multi-interface supportMatthias Schiffer
2015-03-22peer: remove free_socket_by_id()Matthias Schiffer
2015-03-22tuntap: fix compilation for AndroidMatthias Schiffer
2015-03-22Refactor poll APIMatthias Schiffer
2015-03-22vector: never reduce allocated sizeMatthias Schiffer
2015-03-16fastd_cpuid: compile on GCC againMatthias Schiffer
2015-03-16Make cpuid asm more robustMatthias Schiffer
2015-03-03Use new json-c include pathMatthias Schiffer
2015-01-28Remove a few more instances of strcpyMatthias Schiffer
2015-01-28fastd_string_stack_dup[n]: use memcpy instead of strcpy when the length of ↵Matthias Schiffer
the string is known Is a bit more optimized and avoids a warning on OpenBSD
2015-01-28Fix build on non-Linux systemsMatthias Schiffer
2015-01-23ec25519-fhmqvc: comment updateMatthias Schiffer
2015-01-23ec25519-fhmqvc: add sender's public key to a few debug messagesMatthias Schiffer
2015-01-23ec25519-fhmqvc: use new hexdump logging feature for unknown keysMatthias Schiffer
2015-01-23Add hexdump support to fastd logging functionsMatthias Schiffer
2015-01-22ec25519-fhmqvc: use reduced-bitlength scalar multiplicationMatthias Schiffer
The values d and e will only use 128bits, so speed up the scalar multiplication by using the new reduced-bitlength scalar multiplication functions. This change requires the current development version of libuecc.
2015-01-21Downgrade "verification failed" message from verbose to debug2Matthias Schiffer
This message will be printed for every packet in severe reordering situtations, so better not print it by default. In the future, we'll need a rate limiting mechanism...
2015-01-21Fix handling of severe packet reorderingMatthias Schiffer
fastd would incorrectly mark wrong sequence numbers as seen when reordering by more than 64 sequence numbers had occured.
2015-01-21Always disable PMTU discoveryMatthias Schiffer
fastd currently can't fragment packets anyways, so it doesn't make any sense to perform PMTU discovery. This makes the config option `pmtu' a no-op.
2015-01-20handshake: delay method parsing until the sender key has been handledMatthias Schiffer
Otherwise fastd won't use the correct peer group's method list for handshakes incoming on generic sockets.
2015-01-20Another comment fixMatthias Schiffer
2015-01-20Implement new hash table to keep track of unknown peers handshakes have been ↵Matthias Schiffer
sent to This should significantly reduce the number of handshakes sent after restarting fastd with many active connections.
2015-01-17Never create sockets for an address family without matching bindsMatthias Schiffer
2015-01-16Comment typo fixesMatthias Schiffer
2015-01-14Refactor handling of platforms without user/group settings (Android)Matthias Schiffer
2015-01-14Update copyright yearsMatthias Schiffer
2015-01-14android_ctrl_sock: include and whitespace cleanupMatthias Schiffer
2015-01-14Add Android 4.1+ support. See doc/README-Android.md for build HOWTO.Rick Lei
* Update CMake files to work with android-cmake * Use unix domain socket for communicating with Android GUI * May also run standalone but requires rooted Android device
2015-01-14Reset all connections on SIGUSR2Matthias Schiffer
2015-01-14Allow to configure methods per peer groupMatthias Schiffer
2015-01-12Make MTU mismatches fatalMatthias Schiffer
As fastd calculates its receive buffer sizes based on the MTU, not matching MTUs is bound to cause issues anyways, so let's fail completely.
2015-01-11doc: move comments from generated source files to headersMatthias Schiffer
Unfortunately, Doxygen stopped interpreting the .c.in files as C source files a while ago. Move the comments to the header files to avoid the Doxygen warnings.
2015-01-11More doxygen fixesMatthias Schiffer
I keep forgetting this...
2015-01-11config: allow ipv4/ipv6 keywords before static addressesMatthias Schiffer
2015-01-10poll: more include cleanupMatthias Schiffer
2015-01-10poll:remove sys/signal.h includeMatthias Schiffer
This had been added accidentially.
2015-01-09Comment typo fixMatthias Schiffer
2015-01-09ec25519-fhmqvc: don't check group order of peers' public keysMatthias Schiffer
Skipping this check will significantly speed up startup with many peers. As we now do embedded group order verification, an attacker can't gain anything from small-subgroup attacks, so skipping the check isn't a security issue.
2015-01-09ec25519-fhmqvc: optimize handshake by using embedded group element verificationMatthias Schiffer
Using the embedded group element verification allows us to get away without explicit verification, thus needing one scalar multiplication less. This reduces the number of expensive operations needed for a handshake to three: one Galois field square root (for key unpacking) and two scalar multiplications. For this optimization to be secure, private keys must be divisible by 8. This is the case for all keys generated with all but extremely old versions of fastd (pre-0.4). If fastd finds that its secret is not divisible by 8, it will refuse to start now.
2015-01-09Move protocol-specific TLV specifications to main handshake record enumMatthias Schiffer
2015-01-09poll: define SYS_epoll_pwait if it isn't availableMatthias Schiffer