summaryrefslogtreecommitdiff
path: root/src/ipcpd/unicast
Commit message (Collapse)AuthorAgeFilesLines
* ipcpd: Fix double free, memleak and malloc checkDimitri Staessens2020-02-162-6/+7
| | | | | | | | Some fixes in the multipath implementation related to memory management that showed up with the static analyzer. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* Add equal-cost multipath routing policyDimitri Staessens2020-02-1612-15/+402
| | | | | | | | | | This adds an equal-cost multipath routing policy to Ouroboros, based on Nick Aerts' code. When selected, flows will send packets over all paths with equal cost (hop count). Path selection is round-robin. It does not yet take into account flows that are down. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix uninitialized variable in graphDimitri Staessens2020-02-161-1/+1
| | | | | | | During refactor a variable initialization was removed. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Rename hashtable to pftDimitri Staessens2020-02-168-352/+347
| | | | | | | | | This makes the hashtable more tailored to a packet forwarding table (PFT). In the end not much of a change was needed, but now it's clear the pft maps a destination address to a list of (outgoing) fds. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix minor things in graph and link_stateDimitri Staessens2020-02-162-23/+74
| | | | | | | | | | The vertex was used before definition in the graph implementation. Fixed potential data race in link_state algorithm. Added missing asserts. Removed initialization of variables where not needed to let compiler warn about uninitialized uses. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Configure PFF from routing policyDimitri Staessens2020-02-166-8/+19
| | | | | | | | | | | | The Packet Forwarding Function (PFF) was user-configurable using the irm tool. However, this isn't really wanted since the PFF is dictated by the routing algorithm. This moves the responsability for selecting the correct PFF from the network admin to the unicast IPCP implementation. Each routing policy now has to specify which PFF it will use. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib: Move hashtable from lib to unicastDimitri Staessens2020-02-167-2/+410
| | | | | | | | | | The hashtable is only used for forwarding tables in the unicast IPCP. This moves the generic hashtable out of the library into the unicast IPCP to prepare a more tailored implementation specific to routing tables containing address lists. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Refactor graph to self-contain LFADimitri Staessens2020-02-161-72/+86
| | | | | | | | | | The LFA algorithm modifies the output of the simple routing algorithm, but the output was mixed in the general call. This moves the LFA subroutine to be self-contained. This makes for a cleaner entry point when adding more routing algorithms. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Update copyright to 20200.16.0Dimitri Staessens2020-01-0238-38/+38
| | | | | Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib: Add per-message encryption with OpenSSLDimitri Staessens2019-08-031-0/+3
| | | | | | | | | | | | | | | | | | | This adds a per-message symmetric encryption using the OpenSSL library. At flow allocation, an Elliptic Curve Diffie-Hellman exchange is performed to derive a shared secret, which is then hashed using SHA3-256 to be used as a key for symmetric AES-256 encryption. Each message on an encrypted flow adds a small crypto header that includes a random 128-bit Initialization Vector (IV). If the server does not have OpenSSL enabled, the flow allocation will fail with an -ECRYPT error. Future optimizations are to piggyback the public keys on the flow allocation message, and to enable per-flow encryption that maintains the context of the encryption over multiple packets and doesn't require sending IVs. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Refactor normal to unicastDimitri Staessens2019-07-2941-0/+10036
This completes the renaming of the normal IPCP to the unicast IPCP in the sources, to get everything consistent with the documentation. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>