| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Ubuntu 16 comes with older versions of OpenSSL, glibc and
libgcrypt. Ouroboros will now fall back to OpenSSL even if the version
is <= 1.1.0.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a per-message symmetric encryption using the OpenSSL
library. At flow allocation, an Elliptic Curve Diffie-Hellman exchange
is performed to derive a shared secret, which is then hashed using
SHA3-256 to be used as a key for symmetric AES-256 encryption. Each
message on an encrypted flow adds a small crypto header that includes
a random 128-bit Initialization Vector (IV). If the server does not
have OpenSSL enabled, the flow allocation will fail with an -ECRYPT
error.
Future optimizations are to piggyback the public keys on the flow
allocation message, and to enable per-flow encryption that maintains
the context of the encryption over multiple packets and doesn't
require sending IVs.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
This allows setting the size of the rbuffs in a system independently
of the main packet buffer using SHM_RBUFF_SIZE. The benefit of setting
a smaller rbuff size is that a single process can't fully occupy the
main packet buffer.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
Updates the copyright notice in all sources to 2019.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
This splits off the CRC from FRCT so it can be set
independently. Ouroboros now allows raw flows with error checking.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
Happy New Year, Ouroboros.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
This refactors ouroboros to use "program" instead of "application
process" and "process" instead of "application process instance" to
align with current naming in current Operating Systems courses instead
of the ISO nomenclature adopted by RINA. This change permeates through
the entire implementation. Also contains some minor other refactors.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
| |
Multi-block support was forgotten during the update of the build
system. This enables it again and fixes some bugs when it is disabled
and larger SDUs are sent.
|
|
|
|
|
|
|
| |
This adds a virtual RIB that is accessible as a filesystem that is
accessed through a fuse mountpoint (configurable , default is
/tmp/ouroboros). Currently, each IPCP will export its link state
database.
|
|
|
|
|
| |
There was an else clause matched with the wrong if statement,
resulting in robust mutexes being enabled even in glibc 2.25.
|
|
This revises the build system to have configuration per system
component. System settings can now be set using cmake.
The standard compliance defines were removed from configuration header
and are set in the sources where needed. Also some small code
refactors, such as moving the data for shims out of the ipcp structure
to the respective shims were performed.
|