summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)Author
2014-09-01Ensure peer add/delete messages are printed for the same peersMatthias Schiffer
2014-08-31Replace memcmp with a constant-time version in some placesMatthias Schiffer
2014-08-28Add generic-umac and composed-umac methods based on UMACMatthias Schiffer
2014-08-28Add UHASH implementationMatthias Schiffer
2014-08-28Revert "Experimental HMAC-SHA1 implementation"Matthias Schiffer
We don't really want to support it, and it's slower than GHASH... This reverts commit 9bf498263765328011ee105e5e7b3e1cc1b2bc3f.
2014-08-25Move some utility funtions to a new headerMatthias Schiffer
2014-08-25Experimental HMAC-SHA1 implementationMatthias Schiffer
This adds experimental support for <cipher>+hmac-sha1 methods. It currently depends on OpenSSL and is not yet ready for production use.
2014-08-25MAC: rename hash() to digest() and change length unit from blocks to bytesMatthias Schiffer
2014-08-24Coding style: always add a space between a pointer's type and the *Matthias Schiffer
2014-08-24Use simple int64_t timestamps in ms instead of timespecsMatthias Schiffer
2014-08-24Exit if invalid peers are configured on the command lineMatthias Schiffer
2014-08-24Don't output "adding peer" messages for static peersMatthias Schiffer
Otherwise log messages are emitted to early.
2014-08-24Improve error messages for invalid static peersMatthias Schiffer
2014-08-24Fix function name in commentMatthias Schiffer
2014-08-24Instead of replacing changed peers, delete and re-add themMatthias Schiffer
This ensures they get a new ID, so asychronous replies for the old config aren't associated with the new one.
2014-08-24Fix waitpid EINTR error on SIGCHLDMatthias Schiffer
waitpid may fail with EINTR for SIGCHLD even when all signals are blocked.
2014-08-24Fix connections to peers with static addressesMatthias Schiffer
2014-08-24Merge peer config into peer structureMatthias Schiffer
With this refactoring, the structure fastd_peer_config_t is merged into fastd_peer_t, and fastd_remote_config_t into fastd_remote_t. This also means we now create peers directly when reading their configurations, which significantly simplifies the whole reload process, and prepares for some future optimizations like a key hash table. Note: This commit is too big, but I couldn't come up with a nice way to split it into smaller pieces...
2014-08-22Remove VECTOR_ALLOCMatthias Schiffer
It is done automatically now if the VECTOR is zeroed before.
2014-08-19Create peer structures for disabled peers as wellMatthias Schiffer
We have a 1:1 association between peers and peer configs now.
2014-08-18Unify enabled and dynamic flags into a config_state flagMatthias Schiffer
2014-08-18Remove a few now unneeded peer->config NULL checksMatthias Schiffer
2014-08-18Fix a few comment typosMatthias Schiffer
2014-08-18Dynamically create peer configs for dynamic peersMatthias Schiffer
This avoids duplicating the protocol_config field.
2014-08-18Rename WITH_VERIFY CMake option to WITH_DYNAMIC_PEERSMatthias Schiffer
2014-08-18peer: add a flag `dynamic' instead of checking the config field for NULLMatthias Schiffer
2014-08-18Rename "temporary peers" to "dynamic peers"Matthias Schiffer
2014-08-18peer: remove fastd_remote_is_dynamic()Matthias Schiffer
2014-08-18peer: remove dead code fastd_remote_matches_dynamic()Matthias Schiffer
2014-08-09Move fastd_config_t.peers to fastd_context_t.peer_configsMatthias Schiffer
2014-08-09log: fix port of IPv6 addresses with hidden IP addressesMatthias Schiffer
2014-08-02Add MacOS X semaphore implementationMatthias Schiffer
2014-08-02Encapsulate semaphore handlingMatthias Schiffer
2014-08-02Add support for Mac OS XMatthias Schiffer
2014-08-02Don't use exponential notation for integersMatthias Schiffer
2014-08-02Introduce and use alloc helpersMatthias Schiffer
These new helpers will terminate fastd on allocation failures and add some additional convenience (allow strdup with NULL; typesafe new(type) macros).
2014-08-01Use srandom/random instead of rand_rMatthias Schiffer
There's no need to keep our own seed.
2014-07-10config: fix basic config checks in TUN modeMatthias Schiffer
2014-06-28Fix build with ENABLE_OPENSSLMatthias Schiffer
2014-06-14peer_hashtable: fix address hashing on systems with holes in sockaddr ↵Matthias Schiffer
definitions
2014-06-14Add missing sys/uio.h includesMatthias Schiffer
2014-06-14verify: add missing sys/wait.h includeMatthias Schiffer
2014-06-14shell: add missing signal.h includeMatthias Schiffer
2014-06-14peer: remove always-true conditionMatthias Schiffer
2014-06-14Ensure that peers get their place in the handshake queue even when the async ↵Matthias Schiffer
queue is full When the first resolve return for a newly reset peer is lost, init_handshake() would never be called, and the peer would never get handshakes again. This probably won't ever happen in practice, but since it's easy to fix, better be correct here.
2014-06-14Limit the number of concurrent on-verify runsMatthias Schiffer
2014-06-12Remove an unused variableMatthias Schiffer
2014-06-12Fix an undefined shiftMatthias Schiffer
2014-06-10Clean up peer config loadingMatthias Schiffer
Instead of changing the peer list and peer group in the main conf during (re-)loading, add a parser state which contains this information.
2014-06-08Allow async verify for handshake responsesMatthias Schiffer
This will lead to a bit strange handshake as a handshake response is answered with another handshake response, but it won't lead to loops because of the verification and handshake backoff intervals.