enoch/n2n
1
0
Fork 0
mirror of https://github.com/ntop/n2n.git synced 2024-09-19 16:41:11 +02:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity
1,427 Commits 7 Branches 7 Tags 5.4 MiB
Commit Graph

1427 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Emanuele Faranda
87bf4ca298
Merge pull request #100 from emanuele-f/transop-rework 
Rework transops and api
 2019-05-04 19:14:01 +00:00
Luca Deri
18388c8e05 Added service dependency 2019-05-02 09:22:33 +02:00
emanuele-f
c89ece71ca Code rework changes 
- Remove keyschedule leftover and adapt to new API
- Fix cleanup functions
- Remove unused random_device_mac
 2019-04-27 15:55:07 +02:00
emanuele-f
f577d997a7 Drop keyschedule support 
- Legacy features are now moved to the legacy directory with readme
- Keyschedule feature is not supported anymore
 2019-04-27 12:42:06 +02:00
emanuele-f
e757f94efa Initial code rework (wip) 
- The edge structure is now opaque
- The configuration is now exposed via an API
- Code cleanup: using multiple transops at once is not supported anymore
 2019-04-27 01:56:57 +02:00
emanuele-f
08b992cbb7 Add more detailed error message when TAP open fails 
Closes #94
 2019-04-24 01:02:36 +02:00
emanuele-f
fc16352198 Add decryption test in benchmark 2019-04-22 01:39:09 +02:00
emanuele-f
c702ca8686 Move AES IV out of struct sa_aes 2019-04-22 01:24:58 +02:00
emanuele-f
84593a2254 memcpy fix 2019-04-16 02:23:01 +02:00
emanuele-f
bb07f0426e Properly initialize AES IV and hash the AES key 
This implements the changes discussed in #68 and #72.
This breaks compatibility with the previous AES implementation.

This also fixes two problems reported by valgrind:

==4887== Invalid write of size 2
==4887==    at 0x483E9DB: memmove (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4887==    by 0x10E37F: setup_aes_key (transform_aes.c:378)
==4887==    by 0x10E451: add_aes_key (transform_aes.c:401)
==4887==    by 0x10ED10: transop_aes_setup_psk (transform_aes.c:580)
==4887==    by 0x10A547: main (benchmark.c:92)
==4887==  Address 0x4d574a0 is 0 bytes after a block of size 16 alloc'd
==4887==    at 0x4839B65: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4887==    by 0x10E337: setup_aes_key (transform_aes.c:374)
==4887==    by 0x10E451: add_aes_key (transform_aes.c:401)
==4887==    by 0x10ED10: transop_aes_setup_psk (transform_aes.c:580)
==4887==    by 0x10A547: main (benchmark.c:92)

==13057== Use of uninitialised value of size 8
==13057==    at 0x49023B3: ??? (in /usr/lib/libcrypto.so.1.1)
==13057==    by 0x490346A: AES_cbc_encrypt (in /usr/lib/libcrypto.so.1.1)
==13057==    by 0x11270A: transop_encode_aes (transform_aes.c:230)
==13057==    by 0x10F5CD: send_packet2net (edge_utils.c:1224)
==13057==    by 0x10F813: readFromTAPSocket (edge_utils.c:1278)
==13057==    by 0x1106A8: run_edge_loop (edge_utils.c:1596)
==13057==    by 0x10B9F7: main (edge.c:701)
 2019-04-16 02:09:13 +02:00
emanuele-f
d689691599 n2n.h cleanup 2019-04-14 18:08:51 +02:00
emanuele-f
3149a77753 Replace fprintf with traceEvent 2019-04-14 17:33:57 +02:00
emanuele-f
49d5ecf2a8 Reduce duplicated code in quick_edge_init 2019-04-14 17:21:47 +02:00
emanuele-f
50bc1492e2 Remove unnecessary structures in AES encryption 
This undoes most of the changes made in 37233553a4 as the problem with the drops was only mitigated.
The actual fix for the dropped packets was in e989f475a1 and the invalid initialization was the root cause
 2019-04-12 00:23:20 +02:00
emanuele-f
e3951631b9 Improve benchmark 
Sample on i3 2GHz:

Run [transop_null] for 3s (512 bytes):   	    11203585 packets	  3734.5 Kpps	  1912.1 MB/s
Run [transop_twofish] for 3s (512 bytes):   	       60705 packets	    20.2 Kpps	    10.4 MB/s
Run [transop_aes] for 3s (512 bytes):   	      467937 packets	   156.0 Kpps	    79.9 MB/s
 2019-04-11 00:46:34 +02:00
emanuele-f
d4205d36fd Additional fix for missing SO_REUSEPORT 
edge_utils already fixed in 77392f8e53
 2019-04-10 14:59:01 +02:00
emanuele-f
e989f475a1 Fix invalid initializations 2019-03-28 00:20:16 +01:00
emanuele-f
f5b2d00b06 Show multicast group join error code 2019-03-27 21:42:40 +01:00
emanuele-f
03761fc84c Handle WSAECONNRESET to avoid stopping the supernode on Windows 2019-03-27 01:13:58 +01:00
emanuele-f
03dbedd52b Change supernode registration messages log to info 2019-03-26 22:24:28 +01:00
emanuele-f
c71f629d1b Fix encryption key being zeroed by AES initialization 2019-03-26 21:56:02 +01:00
emanuele-f
9e2aa47bf0 Add Centos packaging instructions 2019-03-03 04:35:04 +01:00
emanuele-f
7e5fd863a8 Improve Windows compilation instructions 2019-03-03 04:15:38 +01:00
emanuele-f
327a847681 Version fix 2019-03-01 20:38:33 +01:00
emanuele-f
77392f8e53 Add check for SO_REUSEPORT 
Fixes #51
 2019-03-01 20:34:44 +01:00
emanuele-f
5742ef978f Add Windows compilation instructions 2019-03-01 20:16:24 +01:00
Emanuele Faranda
d7b3b2c06b
Merge pull request #66 from csheely/windows-cmake-build 
Submit minor changes to enable Windows CMake builds w/o requiring additional local mods.
 2019-03-01 18:57:20 +00:00
Emanuele Faranda
585ed22a5d
Merge pull request #67 from emanuele-f/fix_aes_multiedge 
Fixes packet drops while communicating with multiple nodes in AES PSK
 2019-03-01 18:53:47 +00:00
Emanuele Faranda
c4b96bea42
Merge pull request #71 from emanuele-f/udp_timeout 
Reduce the registration timeout to keep the connection open
 2019-03-01 16:07:02 +00:00
emanuele-f
5f4dfdc683 Reduce the registration timeout to keep the connection open 2019-02-25 23:42:46 +01:00
emanuele-f
37233553a4 Fixes packet drops while communicating with multiple nodes in AES PSK 
Per-node AES structures must be kept as CBC cannot work with a single structure across multiple nodes
 2019-02-20 01:26:18 +01:00
Chris Sheely
ba0ecabbf6 Submit minor changes to enable Windows CMake builds w/o further mods. 2019-02-11 16:49:37 -05:00
emanuele-f
5feb00bcf8 Create gitignore 2019-02-11 11:27:43 +01:00
Luca
dcf96a0809 Added #ifdef's for AES 2019-01-28 21:56:38 +01:00
Luca Deri
d275965e00
Merge pull request #60 from emanuele-f/enable_aes 
Add AES CBC psk encryption
 2019-01-28 21:52:04 +01:00
emanuele-f
200cfd24a3 Fix benchmark AES lib 2019-01-28 01:44:47 +01:00
emanuele-f
5d7db5f332 Add transopts benchmarks 2019-01-28 01:05:48 +01:00
emanuele-f
e4601590aa Add -A option to enable AES CBC psk encryption 2019-01-28 00:27:54 +01:00
Luca Deri
63e74ccc6a Added support for ARM64 platforms 2019-01-26 09:33:24 +01:00
emanuele-f
a96237f83d Use systemd helpers to honor system wide preferences on service enable/start 
Also fix services being started after upgrade even if they were disabled but config existed
 2018-12-31 16:36:32 +01:00
Luca Deri
1e8b61806d Added note to fix /dev/tap problems 2018-12-22 08:23:22 +01:00
emanuele-f
f02b68f5af Use after network-online to avoid DNS resolve and multicast bind issues 2018-12-14 10:52:55 +01:00
Emanuele Faranda
d896a9c3e8 Fix missing n2n-ntopng in configure 2018-12-12 16:16:46 +01:00
emanuele-f
3bd4e2c335 Add n2n-ntopng to bind the services lifetimes 2018-12-12 16:02:41 +01:00
Luca Deri
55d5392cd2 Added check for missing argument (-l) 2018-12-04 13:55:33 +01:00
emanuele-f
e07ae72c17 Fix multicast self registration 
Trace: (192.168.1.10/AE:C4:1F:99:D7:16 is the edge node itself)

02/Dec/2018 23:01:44 [edge_utils.c:175] Registering with multicast group 224.0.0.68:1968
02/Dec/2018 23:01:44 [edge_utils.c:533] send REGISTER 224.0.0.68:1968
02/Dec/2018 23:01:44 [edge_utils.c:463] sendto sent=36 to
02/Dec/2018 23:01:44 [edge_utils.c:1500] Received packet from multicast socket
02/Dec/2018 23:01:44 [edge_utils.c:1296] ### Rx N2N UDP (36) from 192.168.1.10:48122
02/Dec/2018 23:01:44 [edge_utils.c:1341] Rx REGISTER src=AE:C4:1F:99:D7:16 dst=00:00:00:00:00:00 from peer 192.168.1.10:48122 (192.168.1.10:48122)
02/Dec/2018 23:01:44 [edge_utils.c:567] send REGISTER_ACK 192.168.1.10:48122
02/Dec/2018 23:01:44 [edge_utils.c:463] sendto sent=36 to
02/Dec/2018 23:01:44 [edge_utils.c:1296] ### Rx N2N UDP (36) from 192.168.1.10:48122
02/Dec/2018 23:01:44 [edge_utils.c:1367] Rx REGISTER_ACK src=AE:C4:1F:99:D7:16 dst=AE:C4:1F:99:D7:16 from peer 192.168.1.10:48122 (192.168.1.10:48122)
02/Dec/2018 23:01:44 [edge_utils.c:266] set_peer_operational: AE:C4:1F:99:D7:16 -> 192.168.1.10:48122
02/Dec/2018 23:01:44 [edge_utils.c:318] Failed to find sender in pending_peers.
 2018-12-03 00:00:12 +01:00
Luca Deri
e7cfa00435 Path fix 2018-12-01 08:45:41 +01:00
Luca Deri
b758d69e6c Config files are installed with the .sample extension 
You can now do 'cp edge.conf.sample edge.conf' to create a n2n configuration. If the .conf (for edge and supernode) are present, the service is enabled automatically. This prevents unwanted services to be enabled, and it preserves services activation across updates
 2018-12-01 08:36:58 +01:00
Emanuele Faranda
b84cedd8b8 Add support for multi-service n2n edge 
E.g. systemctl start edge@n2n1 will read /etc/n2n/edge-n2n1.conf
 2018-11-28 13:04:44 +01:00
Luca Deri
2e2654dd2a Disable automatic n2n startup 2018-11-23 16:57:14 +01:00