Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-09-01 | Ensure peer add/delete messages are printed for the same peers | Matthias Schiffer | |
2014-08-31 | Replace memcmp with a constant-time version in some places | Matthias Schiffer | |
2014-08-28 | Add generic-umac and composed-umac methods based on UMAC | Matthias Schiffer | |
2014-08-28 | Add UHASH implementation | Matthias Schiffer | |
2014-08-28 | Revert "Experimental HMAC-SHA1 implementation" | Matthias Schiffer | |
We don't really want to support it, and it's slower than GHASH... This reverts commit 9bf498263765328011ee105e5e7b3e1cc1b2bc3f. | |||
2014-08-25 | Move some utility funtions to a new header | Matthias Schiffer | |
2014-08-25 | Experimental HMAC-SHA1 implementation | Matthias Schiffer | |
This adds experimental support for <cipher>+hmac-sha1 methods. It currently depends on OpenSSL and is not yet ready for production use. | |||
2014-08-25 | MAC: rename hash() to digest() and change length unit from blocks to bytes | Matthias Schiffer | |
2014-08-24 | Coding style: always add a space between a pointer's type and the * | Matthias Schiffer | |
2014-08-24 | Use simple int64_t timestamps in ms instead of timespecs | Matthias Schiffer | |
2014-08-24 | Exit if invalid peers are configured on the command line | Matthias Schiffer | |
2014-08-24 | Don't output "adding peer" messages for static peers | Matthias Schiffer | |
Otherwise log messages are emitted to early. | |||
2014-08-24 | Improve error messages for invalid static peers | Matthias Schiffer | |
2014-08-24 | Fix function name in comment | Matthias Schiffer | |
2014-08-24 | Instead of replacing changed peers, delete and re-add them | Matthias Schiffer | |
This ensures they get a new ID, so asychronous replies for the old config aren't associated with the new one. | |||
2014-08-24 | Fix waitpid EINTR error on SIGCHLD | Matthias Schiffer | |
waitpid may fail with EINTR for SIGCHLD even when all signals are blocked. | |||
2014-08-24 | Fix connections to peers with static addresses | Matthias Schiffer | |
2014-08-24 | Merge peer config into peer structure | Matthias Schiffer | |
With this refactoring, the structure fastd_peer_config_t is merged into fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we now create peers directly when reading their configurations, which significantly simplifies the whole reload process, and prepares for some future optimizations like a key hash table. Note: This commit is too big, but I couldn't come up with a nice way to split it into smaller pieces... | |||
2014-08-22 | Remove VECTOR_ALLOC | Matthias Schiffer | |
It is done automatically now if the VECTOR is zeroed before. | |||
2014-08-19 | Create peer structures for disabled peers as well | Matthias Schiffer | |
We have a 1:1 association between peers and peer configs now. | |||
2014-08-18 | Unify enabled and dynamic flags into a config_state flag | Matthias Schiffer | |
2014-08-18 | Remove a few now unneeded peer->config NULL checks | Matthias Schiffer | |
2014-08-18 | Fix a few comment typos | Matthias Schiffer | |
2014-08-18 | Dynamically create peer configs for dynamic peers | Matthias Schiffer | |
This avoids duplicating the protocol_config field. | |||
2014-08-18 | Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERS | Matthias Schiffer | |
2014-08-18 | peer: add a flag `dynamic' instead of checking the config field for NULL | Matthias Schiffer | |
2014-08-18 | Rename "temporary peers" to "dynamic peers" | Matthias Schiffer | |
2014-08-18 | peer: remove fastd_remote_is_dynamic() | Matthias Schiffer | |
2014-08-18 | peer: remove dead code fastd_remote_matches_dynamic() | Matthias Schiffer | |
2014-08-09 | Move fastd_config_t.peers to fastd_context_t.peer_configs | Matthias Schiffer | |
2014-08-09 | log: fix port of IPv6 addresses with hidden IP addresses | Matthias Schiffer | |
2014-08-02 | Add MacOS X semaphore implementation | Matthias Schiffer | |
2014-08-02 | Encapsulate semaphore handling | Matthias Schiffer | |
2014-08-02 | Add support for Mac OS X | Matthias Schiffer | |
2014-08-02 | Don't use exponential notation for integers | Matthias Schiffer | |
2014-08-02 | Introduce and use alloc helpers | Matthias Schiffer | |
These new helpers will terminate fastd on allocation failures and add some additional convenience (allow strdup with NULL; typesafe new(type) macros). | |||
2014-08-01 | Use srandom/random instead of rand_r | Matthias Schiffer | |
There's no need to keep our own seed. | |||
2014-07-10 | config: fix basic config checks in TUN mode | Matthias Schiffer | |
2014-06-28 | Fix build with ENABLE_OPENSSL | Matthias Schiffer | |
2014-06-14 | peer_hashtable: fix address hashing on systems with holes in sockaddr ↵ | Matthias Schiffer | |
definitions | |||
2014-06-14 | Add missing sys/uio.h includes | Matthias Schiffer | |
2014-06-14 | verify: add missing sys/wait.h include | Matthias Schiffer | |
2014-06-14 | shell: add missing signal.h include | Matthias Schiffer | |
2014-06-14 | peer: remove always-true condition | Matthias Schiffer | |
2014-06-14 | Ensure that peers get their place in the handshake queue even when the async ↵ | Matthias Schiffer | |
queue is full When the first resolve return for a newly reset peer is lost, init_handshake() would never be called, and the peer would never get handshakes again. This probably won't ever happen in practice, but since it's easy to fix, better be correct here. | |||
2014-06-14 | Limit the number of concurrent on-verify runs | Matthias Schiffer | |
2014-06-12 | Remove an unused variable | Matthias Schiffer | |
2014-06-12 | Fix an undefined shift | Matthias Schiffer | |
2014-06-10 | Clean up peer config loading | Matthias Schiffer | |
Instead of changing the peer list and peer group in the main conf during (re-)loading, add a parser state which contains this information. | |||
2014-06-08 | Allow async verify for handshake responses | Matthias Schiffer | |
This will lead to a bit strange handshake as a handshake response is answered with another handshake response, but it won't lead to loops because of the verification and handshake backoff intervals. |