Adam Ierymenko
7831c4bfef
Cleanup, dead code removal, some pretty insignificant security stuff that's based on recommendations.
2014-04-18 00:14:12 -07:00
Adam Ierymenko
abc82d6a52
IPC changes and SocketManager changes all build!
2014-03-19 13:56:48 -07:00
Adam Ierymenko
b5c3a92be2
Boring stuff: update dates in copyrights across all files.
2014-02-16 12:40:22 -08:00
Adam Ierymenko
370dd6c4da
Several things:
...
(1) Add a bunch of tedious type casts to eliminate unnecessary compiler warnings on Windows X64 builds.
(2) Some EthernetTap work to integrate Windows custom IOCTL for multicast group lookup (not done quite yet).
(3) Dump some more info in selftest to make sure our Windows path lookup functions are returning sane results.
2014-01-21 13:07:22 -08:00
Adam Ierymenko
b59a7cf1d8
HTTP self-test.
2013-12-06 16:27:00 -08:00
Adam Ierymenko
518410b7e0
HTTP client works!
2013-12-06 16:00:12 -08:00
Adam Ierymenko
7015017686
Make Makefile for Mac use clang options instead of old GCC options, and fix a nasty but obvious bug I introduced into Utils::getSecureRandom.
2013-10-28 15:53:40 -04:00
Adam Ierymenko
d496304bbf
Put back rest of selftest.
2013-10-21 15:59:22 -04:00
Adam Ierymenko
719dd2870d
Self-test for certificate of membership.
2013-10-21 15:47:33 -04:00
Adam Ierymenko
c89cdcc3fd
Blech... moving on!
2013-10-20 15:54:32 -04:00
Adam Ierymenko
1ed8a22d19
And then it turns out to be too slow on a slower 32-bit machine... we do want to do tablets eventually.
2013-10-20 15:46:36 -04:00
Adam Ierymenko
bad043729f
Yet another revision of this algo... yeesh... and update to supernode IDs. I think I am gonna go with this one. Seems memory-hard enough to me. I am probably procrastinating by obsessing over it.
2013-10-20 15:31:32 -04:00
Adam Ierymenko
8c9b73f67b
Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance.
2013-10-18 17:39:48 -04:00
Adam Ierymenko
0c8614b9c6
Add a second arg to idtool generate to make generating both secret and public easier, add new supernode identities after generating them, fix known good and bad IDs in selftest.
2013-10-07 09:36:20 -04:00
Adam Ierymenko
bc715fbd51
Make new identity hashcash algo memory hard, and tweak generation time a bit. Current hashcash cost should be overkill for what we need but still tolerable to users.
2013-10-05 14:15:59 -04:00
Adam Ierymenko
0e43e5e8f2
Rest of work on new hashcash based identity scheme.
2013-10-05 07:00:55 -04:00
Adam Ierymenko
b0187f4472
Hashcash-based identity, work in progress... committing to test speed on other boxes.
2013-10-05 06:00:47 -04:00
Adam Ierymenko
141b858737
Self-test fixes for new packet armor/dearmor functions that combine old encrypt and MAC functions.
2013-09-27 16:25:35 -04:00
Adam Ierymenko
903b5b4218
Add validation of known-good identity to selftest to check endian and similar issues across platforms.
2013-09-19 12:57:35 -04:00
Adam Ierymenko
e376c6f6a9
New crypto integrated -- going to be testing new identity address generation algo a bit more before finalizing.
2013-09-16 13:57:57 -04:00
Adam Ierymenko
300d26973a
Test vectors for all new crypto.
2013-09-15 10:41:52 -04:00
Adam Ierymenko
660f92b6a7
Add test vectors for ensuring identical C25519 operation across systems.
2013-09-14 13:51:08 -04:00
Adam Ierymenko
09c8b4bbb3
More new crypto: Ed25519 signatures.
2013-09-13 19:18:01 -04:00
Adam Ierymenko
77965af288
Add new crypto: SHA512 and C25519 -- not integrated yet.
2013-09-13 15:47:00 -04:00
Adam Ierymenko
f3ad05347e
Improve code security posture by replacing sprintf with a safer function.
2013-08-30 17:05:43 -04:00
Adam Ierymenko
9f16707b0b
Cut out tap test code from selftest.
2013-08-25 18:25:22 -04:00
Adam Ierymenko
bbbc032959
Tap works! At least in isolation. Time to create the Windows executable and the Windows service to run it and handle auto-update.
2013-08-25 18:18:02 -04:00
Adam Ierymenko
e2effbd1ce
Tap driver basically builds in VS2012... fork of tap-windows from OpenVPN (compatible license).
2013-08-23 17:39:21 -04:00
Adam Ierymenko
f6e7be102a
Decided to abandon the winpcap direction for Windows tap... re-evaluating using OpenVPN tap driver in some form for now.
2013-08-23 09:50:51 -04:00
Adam Ierymenko
c8213a3f58
Commit of a draft of the pcap-based strategy for a Windows tap. This may, in the end, not work, since winpcap may not support immediate capture and also because some software flags winpcap as malware. Like I said, trying to do anything interesting with Windows is PAIN.
2013-08-22 22:33:32 -04:00
Adam Ierymenko
ca5334509c
Tap now creates Microsoft Loopback Adapter instances and tags them with a special ID... work in progress.
2013-08-22 14:30:55 -04:00
Adam Ierymenko
150a53eb17
Self test almost builds, now need skeleton EthernetTap implementation for Windows.
2013-08-14 11:19:21 -04:00
Adam Ierymenko
fc18334dbb
Version 0.4.3 (the real one): fix Gentoo ip config failures and crashes
...
This version fixes problems with locating the 'ip' command on Gentoo
and possibly other Linux systems, and a problem that could cause a
crash if EthernetTap was unable to locate one of the commands it
invokes to configure IP information on tap devices.
The code also now builds on Windows. It doesn't run yet, but it's a
step. Windows port is in full swing.
Finally, the multicast rate limit defaults were raised a little. More
testing is needed here, and real world measurments.
2013-08-13 15:14:03 -04:00
Adam Ierymenko
f5d77a1bc2
Clean up a bunch of valgrind errors, nix a potentially unsafe op in Buffer assignment operator.
2013-08-12 13:17:03 -04:00
Adam Ierymenko
93a7eef2a5
Replace libcrypto RAND_ with our own to avoid valgrind errors.
2013-08-10 10:27:53 -04:00
Adam Ierymenko
67acba4bc9
Stop using RAND_ in libcrypto for Utils::getSecureRandom() due to annoying valgrind spew from libcrypto use of uninitialized RAM as a random source. Might look into replacing RAND_ in libcrypto with our own simple /dev/urandom / Windows CAPI plugin.
2013-08-10 10:12:16 -04:00
Adam Ierymenko
fb975ead23
Add simple key=value dictionary, sorta like java.util.Properties.
2013-07-27 15:09:51 -04:00
Adam Ierymenko
a816f56426
Dump huffman, doesnt add much and complicates porting to other languages. Also fix compile error in idtool.
2013-07-27 14:01:19 -04:00
Adam Ierymenko
c345c699fd
Self test for command bus encode/decode.
2013-07-18 13:27:46 -04:00
Adam Ierymenko
ef3e319c64
Several things:
...
(1) Probable fix for issue #7 and major cleanup of EthernetTap code with consolidation for all unix-like systems and specialization for different flavors only when needed.
(2) Refactor of Buffer<> to make its members private, and Packet to use Buffer's methods exclusively to access them. This improves clarity and means we're no longer lying about Buffer's role in the code's security posture.
(3) Add -fstack-protect to Makefile to bounds check stack variables.
2013-07-09 14:06:55 -04:00
Adam Ierymenko
150850b800
New git repository for release - version 0.2.0 tagged
2013-07-04 16:56:19 -04:00