Per-peer timeout, noncediff, noise, cpr settings

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Add Established statistics field to know when connection was established

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] XTEA used as PRP

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] README updating due to noise and CPR features

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Ability to generate Constant Packet Rate traffic

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Overview refactoring

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Correct FramesIn counting, take into account heartbeats

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Timeout is duration, not integer. Simplify code

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Correct remark about how often we send heartbeats

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Smaller Emptiness, as 16 KiB is enough even for jumbo frames

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Nicer code construction

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Correctly summarize overall and payload traffic

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Ability to append noise to outgoing packets

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] User manual refactoring

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] What MTU is and how it is calculated

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Explicitly store payload size in each message

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Benchmark tests for transport encrypt/decrypt functions

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Performance increase by relieving GC

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Example stats output

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] GNU is using HTTPS by default now

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Download link for 2.4 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Merge branch 'develop'

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Store version number in single file only

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Explicitly license documentation at free licence

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Do not include git-specific makedist.sh in release tarballs

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Preparing for 2.4 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Optional HTTP-server providing with known peers information in JSON

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Add various statistics saved for each peer

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Split long line

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Ability to bind human readable name to the peer

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Some refactoring, rewording

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Split large govpn.texi to several smaller parts

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Download link for 2.3 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Merge branch 'develop'

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Move makedist.sh utility to applicable directory

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Preparing for 2.3 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Replace handshake NULLs with an IDtag

Each handshake message contains so called IDtag: XTEA encrypted first 64
bits of transmitted message with client's identity as a key. To
determine if it is handshake message we check all possible client
identities as a key.

Now handshake messages became indistinguishable from the random.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Refresh identitifaction keys in the background

Instead of calling identities refresh everytime.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Explicitly note how to subscribe to maillist

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Point to git-repository URL directly, instead of github project's page

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] It is very likely to make handshake packets indistinguishable from the noise

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Add missing nonces in handshake description examples

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] DJB's suggestion of Curve25519 advertisement

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Add simple script for creating new clients keys

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Add SHA256 checksum additionally to PGP signatures

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Explicitly make Bytes counter 64-bits long

On 32-bit systems int by default is 32-bits long and that counter can
not hold 2**32 value.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Link to website's .onion address

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Version should include compiler's version too

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Remove long human unreadable constant value

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Simplify external command call

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Link to Fortuna PRNG

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Zero handshake and peer states after their usage

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Cleanup old generated HTMLs

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Replace too long section name

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Remark about good PRNG requirement

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Remark about proprietary OS

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Merge branch 'develop'

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Preparing for 2.2 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Keep TAP listener state and skip sinkReady step if necessary

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Heartbeats can block channels during rehandshake. Make them asynchronous

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Skip Ethernet events from rehandshaked peers, as peers are replaced by another ones

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Skip heartbeat packets that can appear during rehandshake period

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Exit quietly if no script is found, as many of them are optional

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Remove hardcopy-related commands from texinfo source

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Note about GOMAXPROC usage

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Merge branch 'develop'

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Preparing for 2.1 release

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Notes about setting GOPATH variable

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

No need in Close method for TAP-interfaces, as we listen for them all the time

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Fixed path to working water-library

Thanks to Martin G (https://github.com/martingartonft) for pointing this out!

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Various documentation additions, links

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Texinfo documentation, client ID, simultaneous clients

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Obfuscate/randomize message nonces

Nonce is directly written inside transport messages and it is the only
part that is different from randomness (because it does not require it
actually). One can use them as GoVPN's traffic fingerprint.

Apply simple PRP function on the nonce before it's usage. Internal
counters are keeped in the state, but encrypted and decrypted during
actual use using XTEA algorithm. It is rather simple, fast enough,
simplier than applying Luby-Rackoff to make PRP from Salsa20.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Move comparison with OpenVPN to Features section

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Raise copyright years

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Slightly more higher performance because of removing :=

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Well, performance is not so high actually

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Allow nonce difference in specified orders, to prevent unordered packets dropping

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Official repositories moved to another URL

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Lesser copyright junk appearing in godoc

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Fewer copying → higher performance

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Rehandshake after every 4GiB of transferred data

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Ability to call up and down scripts

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Heartbeating the channel twice during timeout

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Do not access hot variables through the pointer

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Specify PSK through the file, not as command line argument

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

go vet advises to add blank line

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] More examples with IPv6 and FreeBSD

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

[DOC] Some additions that OpenVPN can be faster, because of it's C nature

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Remove unnecessary precomputations of DH private key

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

FreeBSD TAP support

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Exit when daemon is becoming dead

* Exit if handshake is timeouted
* Exit if daemon becomes unavailable
* Simplify overall code

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Performance optimizations

Do not use everytime buffer creation for each Ethernet, UDP and general
packet processing. Use channels to synchronize access to that shared
buffers.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Various trivial code corrections

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Document example usage

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Ability to decrease verbosity

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Use TAP interface directly, without promiscuous mode

* This removes gopacket dependency
* However adds water-library small one

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Fix nounces incrementing

That bug leads to reusing the same nonce.

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Out-of-order message recieved printing

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

Initial commit

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>