Commit Graph

124 Commits

Author SHA1 Message Date
Adam Ierymenko
141b858737 Self-test fixes for new packet armor/dearmor functions that combine old encrypt and MAC functions. 2013-09-27 16:25:35 -04:00
Adam Ierymenko
903b5b4218 Add validation of known-good identity to selftest to check endian and similar issues across platforms. 2013-09-19 12:57:35 -04:00
Adam Ierymenko
e376c6f6a9 New crypto integrated -- going to be testing new identity address generation algo a bit more before finalizing. 2013-09-16 13:57:57 -04:00
Adam Ierymenko
300d26973a Test vectors for all new crypto. 2013-09-15 10:41:52 -04:00
Adam Ierymenko
660f92b6a7 Add test vectors for ensuring identical C25519 operation across systems. 2013-09-14 13:51:08 -04:00
Adam Ierymenko
09c8b4bbb3 More new crypto: Ed25519 signatures. 2013-09-13 19:18:01 -04:00
Adam Ierymenko
77965af288 Add new crypto: SHA512 and C25519 -- not integrated yet. 2013-09-13 15:47:00 -04:00
Adam Ierymenko
f3ad05347e Improve code security posture by replacing sprintf with a safer function. 2013-08-30 17:05:43 -04:00
Adam Ierymenko
9f16707b0b Cut out tap test code from selftest. 2013-08-25 18:25:22 -04:00
Adam Ierymenko
bbbc032959 Tap works! At least in isolation. Time to create the Windows executable and the Windows service to run it and handle auto-update. 2013-08-25 18:18:02 -04:00
Adam Ierymenko
e2effbd1ce Tap driver basically builds in VS2012... fork of tap-windows from OpenVPN (compatible license). 2013-08-23 17:39:21 -04:00
Adam Ierymenko
f6e7be102a Decided to abandon the winpcap direction for Windows tap... re-evaluating using OpenVPN tap driver in some form for now. 2013-08-23 09:50:51 -04:00
Adam Ierymenko
c8213a3f58 Commit of a draft of the pcap-based strategy for a Windows tap. This may, in the end, not work, since winpcap may not support immediate capture and also because some software flags winpcap as malware. Like I said, trying to do anything interesting with Windows is PAIN. 2013-08-22 22:33:32 -04:00
Adam Ierymenko
ca5334509c Tap now creates Microsoft Loopback Adapter instances and tags them with a special ID... work in progress. 2013-08-22 14:30:55 -04:00
Adam Ierymenko
150a53eb17 Self test almost builds, now need skeleton EthernetTap implementation for Windows. 2013-08-14 11:19:21 -04:00
Adam Ierymenko
fc18334dbb Version 0.4.3 (the real one): fix Gentoo ip config failures and crashes
This version fixes problems with locating the 'ip' command on Gentoo
and possibly other Linux systems, and a problem that could cause a
crash if EthernetTap was unable to locate one of the commands it
invokes to configure IP information on tap devices.

The code also now builds on Windows. It doesn't run yet, but it's a
step. Windows port is in full swing.

Finally, the multicast rate limit defaults were raised a little. More
testing is needed here, and real world measurments.
2013-08-13 15:14:03 -04:00
Adam Ierymenko
f5d77a1bc2 Clean up a bunch of valgrind errors, nix a potentially unsafe op in Buffer assignment operator. 2013-08-12 13:17:03 -04:00
Adam Ierymenko
93a7eef2a5 Replace libcrypto RAND_ with our own to avoid valgrind errors. 2013-08-10 10:27:53 -04:00
Adam Ierymenko
67acba4bc9 Stop using RAND_ in libcrypto for Utils::getSecureRandom() due to annoying valgrind spew from libcrypto use of uninitialized RAM as a random source. Might look into replacing RAND_ in libcrypto with our own simple /dev/urandom / Windows CAPI plugin. 2013-08-10 10:12:16 -04:00
Adam Ierymenko
fb975ead23 Add simple key=value dictionary, sorta like java.util.Properties. 2013-07-27 15:09:51 -04:00
Adam Ierymenko
a816f56426 Dump huffman, doesnt add much and complicates porting to other languages. Also fix compile error in idtool. 2013-07-27 14:01:19 -04:00
Adam Ierymenko
c345c699fd Self test for command bus encode/decode. 2013-07-18 13:27:46 -04:00
Adam Ierymenko
ef3e319c64 Several things:
(1) Probable fix for issue #7 and major cleanup of EthernetTap code with consolidation for all unix-like systems and specialization for different flavors only when needed.

(2) Refactor of Buffer<> to make its members private, and Packet to use Buffer's methods exclusively to access them. This improves clarity and means we're no longer lying about Buffer's role in the code's security posture.

(3) Add -fstack-protect to Makefile to bounds check stack variables.
2013-07-09 14:06:55 -04:00
Adam Ierymenko
150850b800 New git repository for release - version 0.2.0 tagged 2013-07-04 16:56:19 -04:00