ouroboros/src/ipcpd/eth, branch 0.18.0

build: Update email addresses

2021-01-03T10:57:05+00:00

The ugent email addresses are shut down, updated to Ouroboros mail addresses. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

build: Update copyright to 2021

2021-01-03T10:56:28+00:00

Happy New Year, Ouroboros! Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Improve locking np1_flow_set in eth and udp

2020-09-26T14:32:26+00:00

A flow_set is thread-safe and doesn't need to be protected by a lock. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

build: Add support for GCC 10

2020-05-23T15:31:49+00:00

GCC 10 defaults to -fno-common, so some variables that were defined in the headers needed to be declared "extern". The GCC 10 static analyzer can now be invoked using the DebugAnalyzer build option. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib, ipcpd: piggyback ECDHE on flow allocation

2020-02-25T07:21:09+00:00

The initial implementation for the ECDHE key exchange was doing the key exchange after a flow was established. The public keys are now sent allowg on the flow allocation messages, so that an encrypted tunnel can be created within 1 RTT. The flow allocation steps had to be extended to pass the opaque data ('piggybacking'). Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Fix bad newline in eth.c

2020-02-16T17:25:08+00:00

Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Filter fqueue events in packet handlers

2020-01-25T15:02:21+00:00

The eth, udp and local IPCPs were not filtering out the event types from the flow, causing some reads when there are no packets in the queue. The types are now also organized as flags so they can be filtered more quickly if needed. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

2020-01-02T14:07:36+00:00

Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Fix length mismatch of encryption cypher

2019-08-09T17:43:07+00:00

The cypher_s field in QoS was sometimes 32 and sometimes 16 bits. This is now corrected to be 16 bits. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Add per-message encryption with OpenSSL

2019-08-03T10:10:57+00:00

This adds a per-message symmetric encryption using the OpenSSL library. At flow allocation, an Elliptic Curve Diffie-Hellman exchange is performed to derive a shared secret, which is then hashed using SHA3-256 to be used as a key for symmetric AES-256 encryption. Each message on an encrypted flow adds a small crypto header that includes a random 128-bit Initialization Vector (IV). If the server does not have OpenSSL enabled, the flow allocation will fail with an -ECRYPT error. Future optimizations are to piggyback the public keys on the flow allocation message, and to enable per-flow encryption that maintains the context of the encryption over multiple packets and doesn't require sending IVs. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders