Fetching contributors…
Cannot retrieve contributors at this time
2215 lines (1618 sloc) 74.4 KB
commit 779029e8bbce2317a80e240692aea329478ad123 (HEAD, refs/remotes/github/master, refs/remotes/github/HEAD, refs/heads/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jun 8 20:38:40 2016 -0400
doc update
client/fwknop.8.in | 6 +++---
server/fwknopd.8.in | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
commit 3686eab348b7927bfeeee3a014bb244c6a5dee6c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jun 8 17:12:37 2016 -0700
bump version numbers in preparation for 2.6.9 release
ChangeLog | 2 +-
VERSION | 2 +-
configure.ac | 2 +-
fwknop.spec | 8 +++++++-
lib/Makefile.am | 8 ++++----
win32/config.h | 2 +-
6 files changed, 15 insertions(+), 9 deletions(-)
commit 6db424999d56a37c539182f67c6383daf0863309
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue Jun 7 22:23:50 2016 -0500
Add my email address to the man pages
doc/fwknop.man.asciidoc | 2 +-
doc/fwknopd.man.asciidoc | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
commit 36f356425467d3b31bcfde8b4141eca9593f69c7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jun 6 22:36:34 2016 -0400
add material on Damien's NFQ support
ChangeLog | 7 +++++++
1 file changed, 7 insertions(+)
commit ae417e43bbf31187680b8ec3efbf4c4fec368339
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jun 6 20:23:46 2016 -0400
recognize Jonathan as a core developer
client/fwknop.8.in | 8 ++++----
doc/fwknop.man.asciidoc | 9 +++++----
doc/fwknopd.man.asciidoc | 9 +++++----
server/fwknopd.8.in | 8 ++++----
4 files changed, 18 insertions(+), 16 deletions(-)
commit 0a439c1dc03f00cd5c6681610296ca3dc647bdbb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jun 6 20:23:28 2016 -0400
further GPLv2+ clarifications
doc/gpl-2.0.texi | 6 +++---
doc/libfko.texi | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
commit 5f15119190c230071cf8b8744936527dd25dd8b7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Jun 3 22:08:15 2016 -0400
clarify GPL v2+ for the license per issue #222
NEWS | 5 ++++-
client/fwknop.8.in | 8 ++++----
doc/fwknop.man.asciidoc | 4 ++--
doc/fwknopd.man.asciidoc | 2 +-
extras/fwknop-launcher/fwknop-launcher-lsof.pl | 2 +-
extras/spa-entropy/spa-entropy.pl | 2 +-
fwknop.spec | 2 +-
server/fwknopd.8.in | 6 +++---
8 files changed, 17 insertions(+), 14 deletions(-)
commit d7a51a19d4ae9eba3fd29c331e343cb47452a288
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jun 2 22:55:17 2016 -0400
clarify GPL license version for README, closes issue #222
README.md | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
commit d7ddbec9620aa3b3d6a5c322708175c225934c7f
Author: Damien Stuart <dstuart@dstuart.org>
Date: Thu Jun 2 22:45:47 2016 -0400
Indicate GPL2+ in setup.py
python/setup.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit a4879fdfc4822528b6ee79e7b773adfba08689db
Author: Damien Stuart <dstuart@dstuart.org>
Date: Thu Jun 2 22:36:59 2016 -0400
Added explicit GPL2 license text to the python module code files.
python/fko.py | 22 ++++++++++++++++++++++
python/fkomodule.c | 17 +++++++++++++++++
python/setup.py | 19 ++++++++++++++++++-
3 files changed, 57 insertions(+), 1 deletion(-)
commit dd1f05c03077b517f74a2f37703cd83c88d13b91
Merge: a651b09 d448004
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue May 31 21:11:25 2016 -0400
Merge pull request #221 from oneru/master
[Server] slightly broadens FORWARD rule matching, disables rewriting …
commit a651b092cc0af9dcfc230d2ed9436b8a979e4850
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 30 14:33:19 2016 -0500
[Test suite] Typo fix
test/tests/basic_operations.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 3d044a2d04bbc767c4eafe991b9bc7fb651b6cec
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 30 14:32:33 2016 -0500
Minor wording change to error message
server/access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit df47ed4ecd00cee07d3334ca7c703efd2ae05257
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 30 14:24:51 2016 -0500
[test suite] Modify test to work with iptables
test/tests/basic_operations.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit d6b8205b2a053abe23a2cc4870642c11c1503312
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 30 14:23:10 2016 -0500
[Test suite] minor change to rerun-failed
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 8122e46bc77028a1bc4e4e42b63e0c7050e5f480
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 30 09:19:58 2016 -0500
[Test suite] rearranges processing of rerun-failed, handles options better
test/test-fwknop.pl | 175 ++++++++++++++++++++++++++--------------------------
1 file changed, 86 insertions(+), 89 deletions(-)
commit b5db9c66d340a391bff018a54382db7dab403c1d
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 29 23:40:14 2016 -0500
[Server] Free the access list on invalid hostname, fixes memory leak.
server/fw_util_firewalld.c | 1 +
server/fw_util_iptables.c | 1 +
2 files changed, 2 insertions(+)
commit 67c46de9dd76451d8cdd3d0f0681e155f5e02a42
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 29 20:07:12 2016 -0500
Minor error message wording fix, also fixes test suite test
server/access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 2d1568f413fda9fa3b253ef6967f894de72c3b1b
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 29 18:02:49 2016 -0500
[Test suite] Minor fix, prevent stall on slow systems
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit d448004f3848a252f13f8a6a3cd7744a23d7b4f8
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 29 14:13:53 2016 -0500
[Server] slightly broadens FORWARD rule matching, disables rewriting sport for snat
server/fw_util_firewalld.c | 19 +++++++++++++------
server/fw_util_firewalld.h | 2 +-
server/fw_util_iptables.c | 19 +++++++++++++------
server/fw_util_iptables.h | 2 +-
4 files changed, 28 insertions(+), 14 deletions(-)
commit 246d8a1db7e16f67a44b3843f21f57e38c510ff5
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 29 14:01:53 2016 -0500
[Server] enable global fw variable even for access stanzas that enable command exec
server/access.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
commit 2937bc10588e89853d21ae7fd1adace8b9b8e523 (refs/remotes/moria/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 28 05:24:29 2016 -0700
[test suite] fix NAT DNS bad host check
test/test-fwknop.pl | 21 +++++++++++++++++++++
test/tests/rijndael_hmac.pl | 5 +----
2 files changed, 22 insertions(+), 4 deletions(-)
commit 7f12fc72d18127cf11c148ce394460c6b1321d71
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 28 05:06:07 2016 -0700
[test suite] more NAT DNS coverage
Makefile.am | 2 ++
test/conf/firewd_nat_disable_aging_fwknopd.conf | 2 ++
test/conf/ipt_nat_disable_aging_fwknopd.conf | 2 ++
test/conf/ipt_no_nat_dns_fwknopd.conf | 2 +-
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 37 +++++++++++++++++++++++++
6 files changed, 45 insertions(+), 1 deletion(-)
commit 8514061681fadb17d859c24bc111ee7c06181c70
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 28 04:41:01 2016 -0700
[test suite] minor removal of comments
test/conf/firewd_no_nat_dns_fwknopd.conf | 2 --
test/conf/ipt_no_nat_dns_fwknopd.conf | 2 --
2 files changed, 4 deletions(-)
commit 3a10ccff4d2960dca2750f7d04ae8d9748c6ec21
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 28 04:39:04 2016 -0700
[test suite] NAT DNS test coverage fix
Makefile.am | 3 ++-
test/conf/firewd_no_nat_dns_fwknopd.conf | 4 ++++
test/conf/ipt_no_nat_dns_fwknopd.conf | 4 ++++
test/conf/no_nat_dns_fwknopd.conf | 3 ---
test/test-fwknop.pl | 2 +-
test/tests/rijndael_hmac.pl | 7 ++++---
6 files changed, 15 insertions(+), 8 deletions(-)
commit 8366e118e27de69be1c12d4b846d7e52f211ab00
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 27 23:30:01 2016 -0700
[server] negative testing for ENABLE_NAT_DNS
Makefile.am | 1 +
test/conf/no_nat_dns_fwknopd.conf | 3 +++
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 16 ++++++++++++++++
4 files changed, 21 insertions(+)
commit 919156fdf028a4977b8ed50a0a85ed0849cd53d8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 28 09:29:34 2016 -0400
apply doc updates to man pages
client/fwknop.8.in | 4 ++--
server/fwknopd.8.in | 23 +++++++++++++++++++++--
2 files changed, 23 insertions(+), 4 deletions(-)
commit 74ddbf63b2177f77bb3e68491cb2ce6b77836aed
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 27 23:15:39 2016 -0700
minor documentation updates
client/config_init.c | 2 ++
doc/fwknopd.man.asciidoc | 17 ++++++++++++++++-
server/fwknopd.conf | 12 ++++++------
3 files changed, 24 insertions(+), 7 deletions(-)
commit efd21281aa13f2e95189d5447cceae6635d4b397 (refs/heads/readme_include_fwknop_gui)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 27 10:55:33 2016 -0700
minor README wording update, include Android link
README.md | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
commit 7573824d2179d2ff1ccaa73373209bebb6c8fd68 (refs/remotes/moria/readme_include_fwknop_gui)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 27 10:08:36 2016 -0700
add fwknop-gui language and screenshot to main README
README.md | 10 ++++++++++
doc/images/fwknop-gui-OSX.png | Bin 0 -> 133562 bytes
2 files changed, 10 insertions(+)
commit ac247bb7389cff2c604c2719a4fa16aff10ba2bc
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 26 23:49:12 2016 -0500
[Test suite] Adds --rerun-failed description to help output
test/test-fwknop.pl | 9 +++++++++
1 file changed, 9 insertions(+)
commit 6e54e9452ac74dd20755bebb939a31df2507fe05
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu May 26 19:21:07 2016 -0700
[test suite] add ENABLE_RULE_PREPEND test
Makefile.am | 1 +
server/config_init.c | 4 ++--
server/fw_util_firewalld.c | 2 +-
server/fw_util_iptables.c | 2 +-
server/fwknopd_common.h | 4 ++--
test/conf/prepend_fwknopd.conf | 3 +++
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 16 ++++++++++++++++
8 files changed, 27 insertions(+), 6 deletions(-)
commit 6a8a554851d52f94552902e2000c8b9084ec1936
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 26 10:07:23 2016 -0500
[Test suite] Adds tests for invalid server and client cmd lines involving --key-gen
test/tests/rijndael_hmac.pl | 48 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 48 insertions(+)
commit 74d3515218f3e93a3d2be44e7499780ea65dcc78
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 26 09:32:26 2016 -0500
Removes a dead code path in client
A trio of checks were done two places, and the code path always went through both checks.
Since the program announced a fail and closed, the second set of checks could never be triggered.
client/config_init.c | 22 ----------------------
1 file changed, 22 deletions(-)
commit d804ba33f5802d6225f2b1b56aa60e0e9c9f15e6
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Wed May 25 21:21:48 2016 -0500
[Test suite] Adds --no-rc-file tests
test/tests/basic_operations.pl | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
commit b0c0242054cd8832052c98d84b52fdfc68d6b5f6
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Wed May 25 09:31:06 2016 -0500
[Test suite] Add a couple of tests for --no-home-dir
test/tests/basic_operations.pl | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
commit 16dd3f4d32b13bb19adb11ecd5d08035d41d144b
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 24 22:02:42 2016 -0500
[Test suite] Adds libfiu test to emulate failure in set_sig_handlers()
test/tests/fault_injection.pl | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
commit 71cea19f3d854150da1f3d1b6f675689d54d15d9
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 24 22:00:21 2016 -0500
[Server] Respond to set signal handler failure with clean_exit
server/fwknopd.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit d593779ecf24bcd5be7c2213b66f30c149d73223
Merge: 08c6a9d db1cdd2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue May 24 19:01:59 2016 -0700
Merge branch 'master' of https://github.com/mrash/fwknop
commit 08c6a9d4e2daae41071752a96ff6933b8813eb76
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue May 24 19:00:58 2016 -0700
[test suite] trigger a couple of -p errors for code coverage
common/fko_util.c | 4 +---
test/tests/basic_operations.pl | 21 +++++++++++++++++++++
2 files changed, 22 insertions(+), 3 deletions(-)
commit db1cdd2fea63d616a14ba0cf76df478966df5e3d
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 24 20:46:11 2016 -0500
[Server] Moves signal handling code to earlier in fwknopd initialization
Also serves to de-duplicate code slightly
server/fwknopd.c | 6 ++++++
server/nfq_capture.c | 7 -------
server/pcap_capture.c | 7 -------
server/udp_server.c | 7 -------
4 files changed, 6 insertions(+), 21 deletions(-)
commit 4122199139462b8be28a2acd4a0080b14fc05bfc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue May 24 18:43:03 2016 -0700
[test suite] apply server output criteria in fault injection tests
test/test-fwknop.pl | 11 +++++++++++
1 file changed, 11 insertions(+)
commit 270d8bea624c9e8aecbd23fe52e47cc407c032c5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue May 24 18:40:44 2016 -0700
[test suite] fault injection test for build_cmd() error path
server/cmd_cycle.c | 4 ++++
test/tests/fault_injection.pl | 16 ++++++++++++++++
2 files changed, 20 insertions(+)
commit 5194b4b69a1b0bb4cf35fd69473f049f324e28f3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon May 23 19:24:40 2016 -0700
[test suite] minor test addition for sudo exec groups and code coverage
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac_cmd_exec.pl | 18 ++++++++++++++++++
2 files changed, 19 insertions(+)
commit d329b6ab39d632a45d816f60a3994abdd4895dd7
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 22 22:46:01 2016 -0500
[Test suite] Adds workaround for Openssl not yet supporting SHA3 hmac
test/test-fwknop.pl | 5 +++++
1 file changed, 5 insertions(+)
commit 04b80c2cb2a165c5095db0c40e3964f47af730e5
Merge: 231cca5 5f6b339
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun May 22 21:45:59 2016 -0400
Merge pull request #220 from oneru/rerun-failed
[Test suite] Adds rerun-failed mode
commit 5f6b339868b8a9854ef641b7c1da88a530aa8a45
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 21 12:09:42 2016 -0500
[Test suite] Adds rerun-failed mode
test/test-fwknop.pl | 174 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 172 insertions(+), 2 deletions(-)
commit 231cca538d827401ec8c7dd23c7fafb4ab8b35e1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 21 18:04:00 2016 -0700
[test suite] add missing config files for HMAC SHA3_256 tests
test/conf/fwknoprc_hmac_sha3_256_key | 4 ++++
test/conf/hmac_sha3_256_access.conf | 5 +++++
2 files changed, 9 insertions(+)
commit a3adca69e1026870072ea845b971cd44d83f5a9e (tag: refs/tags/2.6.9-pre1)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 21 06:18:46 2016 -0700
[test suite] add HMAC SHA3_256 complete cycle test
Makefile.am | 2 ++
test/test-fwknop.pl | 2 ++
test/tests/rijndael_hmac.pl | 14 ++++++++++++++
3 files changed, 18 insertions(+)
commit 05ede9fe0da74e61a76a533ccff3c74f00e47157
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 21 06:17:28 2016 -0700
[server] minor printf() -> log_msg() update
server/access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit ab599631ed5a9aa63efbb4ce6b2339556158a8c0
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri May 20 21:42:06 2016 -0500
Adds valgrind supression for libfaketime
test/valgrind_suppressions | 14 ++++++++++++++
1 file changed, 14 insertions(+)
commit 55b9eac37c337c33e8aff2451afc35e3eb396978
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri May 20 21:40:43 2016 -0500
Test Suite: tweak a test to avoid --verbose in client call
test/tests/rijndael_hmac.pl | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit ce0def7e1897ea63626dd612fca7819d31023336
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri May 20 21:39:35 2016 -0500
Client: Only dump SPA data twice when --test and --verbose are used
client/fwknop.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
commit 09fcad0f045a0e9140150a6c28a216125775c2f9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 20 18:45:20 2016 -0700
[test suite] add HMAC_SHA3_512 test
Makefile.am | 3 +++
test/conf/fwknoprc_hmac_sha3_512_key | 4 ++++
test/conf/gpg_hmac_sha3_512_access.conf | 9 +++++++++
test/conf/hmac_sha3_512_access.conf | 5 +++++
test/test-fwknop.pl | 3 +++
test/tests/rijndael_hmac.pl | 14 ++++++++++++++
6 files changed, 38 insertions(+)
commit ae15e00f0b801c052b5f7dd954b7dd2c541fc7a9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 20 18:42:52 2016 -0700
[server] minor change to set default timeout
server/incoming_spa.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
commit a4273d362774fd17c524c5e4e3369c4d2ee39170
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 23:25:01 2016 -0500
Server: Add extra check for failing firewall cmd
server/fw_util_firewalld.c | 5 +++++
1 file changed, 5 insertions(+)
commit 33d4cd3ce4535b88dfa6da2b462ef9c90d9bbc56
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 23:23:25 2016 -0500
Test suite: Make timeout for rule expiration a loop.
test/test-fwknop.pl | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
commit 1d5fc8498f269d566da2894df90295652adc74ec
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu May 19 19:41:39 2016 -0700
[test suite] add HMAC include_keys_file() test
test/tests/basic_operations.pl | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
commit 6d663dd15c4fac231ca4bfae0a1616155fa3dd00
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 15:07:18 2016 -0500
Test suite: Add missed curly bracket
test/test-fwknop.pl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit bbaf57b66ecb2f2a32c27dad2b4786772b3f84b4
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 14:05:48 2016 -0500
Test suite: Adds timeout for generic_exec, prevents indefinite test suite hangs
test/test-fwknop.pl | 29 ++++++++++++++++++++++++++---
1 file changed, 26 insertions(+), 3 deletions(-)
commit 5b2c29e46c9d6c019a3c6f994fb4785d9af200d8
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 14:04:24 2016 -0500
Test suite: Fixes hmac verification for tests with multiple hmac keys
test/test-fwknop.pl | 45 ++++++++++++++++++++++++++++++++++++++-------
1 file changed, 38 insertions(+), 7 deletions(-)
commit 2c6396df5c1ff9287498d85b8504699e3f905258
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 14:03:15 2016 -0500
Test suite: More timing tweaks
test/test-fwknop.pl | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
commit 7bcd9f77934b58ac7314b72a474456c8dc578bde
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 19 13:50:12 2016 -0500
Server: Allow more time for server shutdown
server/fwknopd.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
commit a63b92e07c3f27e7312a3761ab5e69e3b264dd83
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Wed May 18 22:55:06 2016 -0500
test suite: When getting spa packet from log, get the last one
test/test-fwknop.pl | 1 -
1 file changed, 1 deletion(-)
commit e46938d5d12786e7e2322d8a7022ad30aad12259
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue May 17 18:21:03 2016 -0700
[test suite] additional code coverage tests for include_keys_file()
test/test-fwknop.pl | 7 ++
test/tests/basic_operations.pl | 185 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 192 insertions(+)
commit f8273783da7eee03ba61fa6c4793a30e10b951d6
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 17 09:12:11 2016 -0500
Test suite: Improve error handling for non-existant log files
test/test-fwknop.pl | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
commit 833447388763b09fc7f3ef2d3cfd9972f005649f
Merge: e5cfd5d ef72883
Author: Michael Rash <michael.rash@gmail.com>
Date: Sat May 14 23:19:17 2016 -0400
Merge pull request #219 from oneru/test-suite
commit ef72883f8e2fcee9c344ca3f697ef17c3d2e50e7
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 14 00:59:00 2016 -0500
test suite: update test to search for correct failure message
test/tests/basic_operations.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit f50b5c6e9941b5e383e5aa4b5dd5bad040f98afd
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 14 00:47:05 2016 -0500
Tightens nat access validation in client
client/fwknop.c | 152 ++++++++++++++++++++------------------------------------
1 file changed, 53 insertions(+), 99 deletions(-)
commit e5cfd5df191aa93623ab4237e54fca99d7663595
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 13 09:40:09 2016 -0700
[libfko] minor memset to zero update for SHA3 digest tmp buf
lib/fko_decode.c | 2 ++
1 file changed, 2 insertions(+)
commit be3c356661507dc5d6dea152a8f8342e4ce0d387
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 13 09:25:06 2016 -0700
[libfko] account for SHA3_256 and SHA3_512 digest lengths matching SHA256 and SHA512
lib/fko_decode.c | 43 +++++++++++++++++++++++++++++++++++++++++-
test/tests/basic_operations.pl | 10 ++++++++++
2 files changed, 52 insertions(+), 1 deletion(-)
commit 975093c546d15896830c2aaf8205c58099fd16d9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 13 09:04:13 2016 -0700
minor sha3_256 string conversion bug fix
common/fko_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 4707c4f3c3def66051b14c15720faa0cbbb96c62
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu May 12 22:14:08 2016 -0700
[test suite] add SHA3_512 test for the client
test/tests/basic_operations.pl | 11 +++++++++++
1 file changed, 11 insertions(+)
commit b75c29b5a4776172d883d6eb1eb73daf28a92ce0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed May 11 22:21:54 2016 -0700
SHA3 ChangeLog update
ChangeLog | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
commit fe3d6b8cd763225057373f7e8881c404c4e2d5f8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed May 11 22:10:58 2016 -0700
ChangeLog updates
CREDITS | 2 ++
ChangeLog | 11 +++++++++++
2 files changed, 13 insertions(+)
commit 272cd05dc64cba835aa66ca79a1f65e3dea180a0
Merge: 60a9cc2 dd319d5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed May 11 22:05:35 2016 -0700
Merge branch 'master' of https://github.com/mrash/fwknop
commit dd319d5609088c6404f22235b04e328fd34b02e7
Merge: 7c84cad 66eedd4
Author: Michael Rash <michael.rash@gmail.com>
Date: Thu May 12 22:05:29 2016 -0400
Merge pull request #218 from oneru/test-suite
Test suite: Adds workaround for tcp server test
commit 60a9cc203b330190a922169c4c31b4fd087aede2
Merge: c348950 ba5f5e2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed May 11 22:05:20 2016 -0700
Merge branch 'master' of ssh://192.168.10.1/home/mbr/git/fwknop
commit ba5f5e2424b854ffde8e4232bdfce15743d0aefc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu May 12 22:23:54 2016 -0400
add sha3_256 sha3_512 to man page docs
client/fwknop.8.in | 30 +++++++++++++++++++-----------
doc/fwknop.man.asciidoc | 13 ++++++++-----
doc/fwknopd.man.asciidoc | 6 +++---
server/fwknopd.8.in | 14 ++++++++------
4 files changed, 38 insertions(+), 25 deletions(-)
commit 66eedd4f7faca69ee8cec065189b3e11beeeef2b
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Wed May 11 19:31:48 2016 -0500
Test suite: Adds workaround for tcp server test
server/tcp_server.c | 5 +++++
test/test-fwknop.pl | 19 +++++++++++++++++++
test/tests/rijndael.pl | 2 +-
3 files changed, 25 insertions(+), 1 deletion(-)
commit 7c84cadd430a3fefc70f929f77421c205aed0b17
Author: Damien Stuart <dstuart@dstuart.org>
Date: Tue May 10 22:43:11 2016 -0400
Added missing parens on if statement (was causing compiler error on fw_util_iptables).
server/fw_util_iptables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit c3489508414b3c3874e92e222a13765e436fd6c7
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 8 21:45:37 2016 -0500
test suite: Adds another precise_sleep() to avoid race condition
test/test-fwknop.pl | 1 +
1 file changed, 1 insertion(+)
commit 23d70f1aa3cb27d5396a40c03a1772c08f2ef82b
Merge: 08b63e7 b088030
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun May 8 21:53:13 2016 -0400
Merge pull request #216 from oneru/add-nat-validation
Add nat validation
commit 08b63e79a35f49d54319b4c697e23b996e2cf3a3
Merge: b517fda ae44264
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun May 8 21:53:03 2016 -0400
Merge pull request #217 from oneru/test-suite
test suite: add delay loops to tolerate timing variations
commit ae442641b1152cb7310d6f367abdaa12d14d4f21
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 8 11:33:52 2016 -0500
test suite: add delay loops to tolerate timing variations
test/test-fwknop.pl | 31 +++++++++++++++++++++++++++----
1 file changed, 27 insertions(+), 4 deletions(-)
commit b517fdad44d0818960c67912781d4dd15da6e7f5
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 8 00:41:45 2016 -0500
Add checks to avoid calling strlen on a null pointer
server/fw_util_firewalld.c | 4 ++--
server/fw_util_iptables.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
commit b088030ad581446a81d8d1f46ee51af6a306f9b2
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 22:48:19 2016 -0500
Adds hostname validation for hostname in NAT on server
server/fw_util_firewalld.c | 7 ++++++-
server/fw_util_iptables.c | 7 ++++++-
2 files changed, 12 insertions(+), 2 deletions(-)
commit ddc422125ff4b15fb916122c0ed0c6416dd47aa1
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 22:32:54 2016 -0500
Style changes, and avoid returning undefined value in fw_util functions
server/fw_util_firewalld.c | 7 ++-----
server/fw_util_iptables.c | 7 ++-----
2 files changed, 4 insertions(+), 10 deletions(-)
commit 7b11166260a10b14d1d0c0c889e146e6a20bb026
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 22:02:30 2016 -0500
Fix bogus NAT IP tests
test/tests/rijndael.pl | 2 +-
test/tests/rijndael_hmac.pl | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
commit fc1a436ff5086d002c500d06858001aa061b5e4a
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 21:56:52 2016 -0500
Adds the is_valid_hostname() c-unit-tests
common/fko_util.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
commit 65e0c4abd6fb79d1e0cefe6e182e4dde0b5d98b6
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 21:56:09 2016 -0500
Add is_valid_hostname()
common/fko_util.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
common/fko_util.h | 1 +
2 files changed, 63 insertions(+)
commit 5f80a1ae33125d927146e9d727ddf9974f682fd7
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 21:18:44 2016 -0500
Adds is_valid_ipv4_addr() c-unit tests
common/fko_util.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
commit dc9ad5de4ad1eee2b75cbdf9bc187cdd193217f3
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat May 7 21:15:54 2016 -0500
Adds a length modifier to is_valid_ipv4_addr
client/config_init.c | 6 +++---
client/fwknop.c | 2 +-
common/fko_util.c | 34 +++++++++++++++++++---------------
common/fko_util.h | 2 +-
lib/fko_message.c | 2 +-
server/access.c | 4 ++--
server/config_init.c | 4 ++--
server/fw_util_firewalld.c | 10 +++++-----
server/fw_util_iptables.c | 10 +++++-----
server/incoming_spa.c | 4 ++--
10 files changed, 41 insertions(+), 37 deletions(-)
commit d4ec9a0755e147563601146d92d4ac133d74dc94
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat May 7 09:14:30 2016 -0400
remove execute bit from file permissions
client/fwknop_utests.c | 0
server/fwknopd_utests.c | 0
server/nfq_capture.c | 0
server/nfq_capture.h | 0
4 files changed, 0 insertions(+), 0 deletions(-)
commit 194b83e89f7b84fe493ba485ceefde9a2e3cfbee
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri May 6 08:14:36 2016 -0500
Test suite: Catch Valgrind output even when less than 10 bytes lost
test/test-fwknop.pl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit 35db922853d2aa604238c0dcc7f34c35747de676
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 5 22:52:51 2016 -0500
Fix memory leak in free_last_stanza, found using asan
server/access.c | 1 +
1 file changed, 1 insertion(+)
commit c6e95820a4ce0721d67df75e13d69af27390fd1e
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 5 13:26:35 2016 -0500
Add tests for include_keys
test/conf/access-include.tar.gz | Bin 502 -> 671 bytes
test/tests/basic_operations.pl | 199 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 199 insertions(+)
commit 581a9638c6513cc0c2805b3e1cc5e08fde6dc650
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 5 13:20:29 2016 -0500
Add handling for colon in include_keys
server/access.c | 6 ++++++
1 file changed, 6 insertions(+)
commit 09cd5791007731f495ab1e1a6dce2d066d83e61c
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu May 5 13:20:01 2016 -0500
Fix include_keys log output
server/access.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
commit 4eec3bd0c22b4718837e6c0e21d316d51f57be02
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 3 10:47:34 2016 -0500
Test suite: Change sleep_cycle in fw_check to sleep for half seconds
test/test-fwknop.pl | 6 +++---
test/tests/rijndael_hmac.pl | 2 +-
test/tests/rijndael_hmac_cmd_open_close.pl | 6 +++---
3 files changed, 7 insertions(+), 7 deletions(-)
commit afe1cd47b0d13da77411579320d1c2cd1b68bb2f
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue May 3 10:46:23 2016 -0500
Add the precise_sleep() function to the test suite
test/test-fwknop.pl | 5 +++++
1 file changed, 5 insertions(+)
commit 58bce15b1e08b8f940b0e8a7a3dc1fdd416f643d
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 2 13:17:03 2016 -0500
Exclude the CUnit tests themselves from lcov
client/config_init.c | 8 ++++----
common/fko_util.c | 8 ++++----
lib/base64.c | 8 ++++----
lib/cipher_funcs.c | 8 ++++----
lib/digest.c | 8 ++++----
lib/fko_decode.c | 9 ++++-----
lib/hmac.c | 8 ++++----
server/access.c | 9 ++++-----
test/gen-coverage-report.sh | 4 +++-
test/lcov.env | 2 ++
10 files changed, 37 insertions(+), 35 deletions(-)
commit f0ca6fc4b2c25d056d8d13f2ccfd003586720fe0
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon May 2 11:40:09 2016 -0500
Adds linking order magic to fix compiling CUint and libfiu together
client/Makefile.am | 3 +++
configure.ac | 2 ++
2 files changed, 5 insertions(+)
commit cb6dcc3d0c79cc8072b4cc483972367761b090d0
Merge: 163176b da4e713
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun May 1 22:08:40 2016 -0400
Merge pull request #214 from oneru/cunit-in-test-suite
Cunit in test suite
commit da4e713ac3c9ee6673a6235500f87b19b4be1eb9
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 1 15:28:42 2016 -0500
Adds the c_unit tests to the perl test suite
Makefile.am | 1 +
test/configure_max_coverage.sh | 2 +-
test/test-fwknop.pl | 25 +++++++++++++++++++++++++
test/tests/cunit_tests.pl | 26 ++++++++++++++++++++++++++
4 files changed, 53 insertions(+), 1 deletion(-)
commit a7905f56cb5af07da9594e512addd7e1ad6c57bb
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun May 1 15:16:56 2016 -0500
Modifies c_unit compilation to avoid static linking.
lib/Makefile.am | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit 163176be7cb27c24d09c639b66c5bc321a1d961e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun May 1 10:35:03 2016 -0400
[test suite] increase client timeout args for '-f client timeout' test (@oneru)
test/tests/rijndael_hmac.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit d462b025c385537ff0c9107cd3dc7aa32288b209
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Apr 30 09:36:36 2016 -0400
[test suite] fix sudo tests (localhost -> ALL) from @oneru
test/tests/rijndael_hmac_cmd_exec.pl | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
commit e7f039699cfe421a0687a874c46193283f30a052
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Apr 30 09:33:29 2016 -0400
[test suite] fix 'FORCE_SNAT and 0.0.0.0' test (@oneru)
test/tests/basic_operations.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit f42aeb39dc1771ab69987296ab9d17754a71a5f1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Apr 30 09:27:07 2016 -0400
[server] make sure exp buffer does not contain closing '*' chars (from @oneru)
server/fw_util_firewalld.c | 4 +++-
server/fw_util_iptables.c | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
commit a554f0d685af880ee48fcdad317519eafebc7c1e
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Apr 24 21:51:13 2016 -0500
Disable ipv6 dns resolution in the client
client/spa_comm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit c5043e0a3e1ba9509e0bf93a522cc3e90eff7649
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Apr 24 00:10:35 2016 -0500
When --fw-flush is specified, set enable_fw to true
server/fwknopd.c | 1 +
1 file changed, 1 insertion(+)
commit 4374948ca66996c38d64bdc11e2d1c16950aa6d7
Merge: 9d92f65 94b33e0
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue Apr 19 20:14:28 2016 -0400
Merge pull request #212 from oneru/master
Assorted test suite related fixes
commit 94b33e0ba1d41a75417a3c1f99f946f2de049808
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue Apr 19 14:48:03 2016 -0500
Increases a delay value in the test suite
The test suite was consistently showing the "exit upon down interface" as failing.
The 1 second delay was not enough time for my machine to completely close fwknopd, resulting in the false positive.
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit aa0d92637638503f0fa302a73db12aaa359d9d9c
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Tue Apr 19 14:14:51 2016 -0500
Removes non-ascii characters from sha3.c
Opted to simply remove the umlat from the author's name, and spelled out the greek letters that were in the comments.
lib/sha3.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
commit 9d92f65a0386238d300b11bd412fb3da9456a806
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Apr 16 07:40:24 2016 -0700
[test suite] add test for X-Fowarded-For header
ChangeLog | 5 ++++-
Makefile.am | 2 ++
test/conf/spa_x_forwarded_for.pcap | Bin 0 -> 754 bytes
test/conf/spa_x_forwarded_for_fwknopd.conf | 2 ++
test/test-fwknop.pl | 2 ++
test/tests/rijndael_hmac.pl | 14 ++++++++++++++
6 files changed, 24 insertions(+), 1 deletion(-)
commit 84d4128812d147ab0667834d1c72ec4117fb438c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Apr 15 17:37:16 2016 -0700
[test suite] exclude test/fko-wrapper/* from code coverage stats (we want coverage for the client/server/lib code)
test/gen-coverage-report.sh | 3 ++-
test/lcov.env | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
commit 0637b6fbeeeb2b6f65391c1f8cee4393bd9befef
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Apr 12 19:24:30 2016 -0700
[perl] allow for SHA3 block length
perl/FKO/t/04_fuzzing.t | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
commit f648fca6a25677f81f35af2f6bd9843f46f7147b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Apr 11 20:47:29 2016 -0400
[test suite] apply loopback interface to invalid pcap filter test
test/test-fwknop.pl | 2 +-
test/tests/basic_operations.pl | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
commit 6449ce2eb3d9a27030bc6d4c71a8e6a20e1ea0ff
Merge: 713e127 23e4fd6
Author: Michael Rash <michael.rash@gmail.com>
Date: Mon Apr 11 19:38:43 2016 -0400
Merge pull request #210 from oneru/master
Adds more Doxygen documentation in preparation for 2.6.9
commit 23e4fd6a2b8d925fb257aabfb6636038f2097191
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Apr 11 11:28:40 2016 -0500
Adds more Doxygen documentation in preparation for 2.6.9
Doxyfile | 2 +-
server/access.c | 39 ++++++++++++---
server/access.h | 125 ++++++++++++++++++++++++++++++++++++++++++++++--
server/cmd_cycle.h | 31 ++++++++++++
server/cmd_opts.h | 2 +-
server/config_init.h | 31 +++++++++++-
server/extcmd.h | 90 ++++++++++++++++++++++++++++++++++
server/fwknopd.h | 33 +++++++++++--
server/fwknopd_common.h | 9 ++++
server/fwknopd_errors.h | 12 +++++
server/incoming_spa.h | 10 ++++
server/nfq_capture.c | 12 ++---
server/nfq_capture.h | 12 ++---
13 files changed, 379 insertions(+), 29 deletions(-)
commit 713e127270b83f16b68dddfec9538c9bd16e67a5
Merge: 6436235 e357b04
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun Apr 10 20:40:19 2016 -0400
Merge pull request #209 from oneru/master
Corrects a problem where the NAT Access string was incorrectly set
commit e357b04ff5be95b7c9c4d8c35baa05e96df20fc8
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Apr 10 17:06:38 2016 -0500
Corrects a problem where the NAT Access string was incorrectly set in some cases
client/fwknop.c | 44 +++++++-------------------------------------
1 file changed, 7 insertions(+), 37 deletions(-)
commit 6436235baf1001bf61382ac43739f759e6c42a98
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Apr 10 16:01:59 2016 -0400
client man page update
client/fwknop.8.in | 24 ++++++++++++++++++++----
1 file changed, 20 insertions(+), 4 deletions(-)
commit 5e7871c9c6a39a218bbac1f74c51cd4db51ab21d
Merge: d5c2989 d939deb
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun Apr 10 13:30:46 2016 -0400
Merge pull request #208 from oneru/master
commit d939deb811c41bcf55e381b7b80228fb7af017d1
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Apr 10 12:02:21 2016 -0500
Spelling corrections, found using the codespell tool.
CREDITS | 2 +-
ChangeLog | 4 ++--
android/project/src/com/max2idea/android/fwknop/Fwknop.java | 2 +-
client/config_init.c | 6 +++---
client/getpasswd.c | 4 ++--
client/spa_comm.c | 4 ++--
client/utils.c | 2 +-
common/fko_util.c | 8 ++++----
common/fko_util.h | 2 +-
doc/README | 4 ++--
doc/libfko.texi | 8 ++++----
extras/openwrt/README.openwrt | 4 ++--
iphone/Classes/libfwknop/fko_common.b | 2 +-
lib/fko.h | 4 ++--
lib/fko_common.h | 2 +-
lib/fko_context.h | 4 ++--
lib/fko_digest.c | 2 +-
lib/fko_message.c | 2 +-
lib/fko_nat_access.c | 2 +-
lib/fko_server_auth.c | 2 +-
lib/fko_state.h | 2 +-
lib/fko_user.c | 4 ++--
lib/sha2.c | 2 +-
perl/FKO/lib/FKO.pm | 2 +-
perl/legacy/fwknop/ChangeLog | 4 ++--
perl/legacy/fwknop/deps/Class-MethodMaker/Changes | 10 +++++-----
perl/legacy/fwknop/deps/Class-MethodMaker/components/scalar.m | 2 +-
.../deps/Class-MethodMaker/lib/Class/MethodMaker/Engine.pm | 4 ++--
.../deps/Class-MethodMaker/lib/Class/MethodMaker/V1Compat.pm | 2 +-
perl/legacy/fwknop/deps/Class-MethodMaker/t/array.t | 6 +++---
perl/legacy/fwknop/deps/Class-MethodMaker/t/hash.t | 4 ++--
perl/legacy/fwknop/deps/Class-MethodMaker/t/scalar.t | 2 +-
perl/legacy/fwknop/deps/GnuPG-Interface/ChangeLog | 2 +-
perl/legacy/fwknop/deps/GnuPG-Interface/NEWS | 2 +-
perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Interface.pm | 2 +-
perl/legacy/fwknop/deps/Net-IPv4Addr/debian/rules | 2 +-
perl/legacy/fwknop/deps/Net-Pcap/Pcap.pm | 4 ++--
perl/legacy/fwknop/deps/Net-RawIP/Changes | 6 +++---
perl/legacy/fwknop/deps/Net-RawIP/examples/macof | 2 +-
perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP.pm | 4 ++--
perl/legacy/fwknop/deps/TermReadKey/Configure.pm | 8 ++++----
perl/legacy/fwknop/deps/TermReadKey/README | 4 ++--
perl/legacy/fwknop/deps/TermReadKey/ReadKey.pm | 2 +-
perl/legacy/fwknop/deps/TermReadKey/ppport.h | 2 +-
perl/legacy/fwknop/deps/TermReadKey/test.pl | 2 +-
perl/legacy/fwknop/deps/Unix-Syslog/test.pl | 2 +-
perl/legacy/fwknop/fwknop.8 | 2 +-
perl/legacy/fwknop/fwknop.conf | 2 +-
perl/legacy/fwknop/fwknopd | 2 +-
perl/legacy/fwknop/install.pl | 2 +-
python/fko.py | 2 +-
server/fw_util_ipfw.c | 2 +-
server/incoming_spa.c | 4 ++--
server/log_msg.c | 4 ++--
test/fuzzing/patches/enable_perl_fko_bogus_packets.patch | 6 +++---
test/test-fwknop.pl | 2 +-
56 files changed, 93 insertions(+), 93 deletions(-)
commit d5c298906114437dac7b796c15be141a15b96b27
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Apr 10 11:15:14 2016 -0400
[test suite] restrict -f server instance to loopback interface
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 03911aecd3f758dd319fda705899622713d71f28
Merge: eb94f19 0917755
Author: Michael Rash <michael.rash@gmail.com>
Date: Sat Apr 9 21:19:08 2016 -0400
Merge pull request #206 from oneru/master
Adds configuration option for X-Forwarded-For
commit eb94f19d8fcf4f255c867bb497d846f0218d1de3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Apr 9 21:17:10 2016 -0400
[client] add --no-home-dir and --no-rc-file, closes #203
client/cmd_opts.h | 4 +++
client/config_init.c | 90 +++++++++++++++++++++++++++++++++++++++++++------
client/fwknop.c | 13 +++++--
client/fwknop_common.h | 2 ++
doc/fwknop.man.asciidoc | 12 +++++--
5 files changed, 106 insertions(+), 15 deletions(-)
commit 09177554bf39daf5f146659e621d8b393aee8445
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Apr 9 11:03:16 2016 -0500
Adds configuration option for X-Forwarded-For
server/cmd_opts.h | 1 +
server/config_init.c | 4 ++++
server/fwknopd.conf | 5 +++++
server/fwknopd_common.h | 2 ++
server/incoming_spa.c | 2 +-
5 files changed, 13 insertions(+), 1 deletion(-)
commit 44b040b470162b677c7a2d12ed7e8f2f2aabfd37
Merge: 17dd9de 9d0e12a
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Apr 8 22:46:02 2016 -0400
Merge pull request #205 from oneru/master
Adds option to insert new FW rules to top of chain
commit 9d0e12a313604cb149ccc2d33aee5878dd25427e
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Apr 8 20:36:34 2016 -0500
Adds option to insert new FW rules to top of chain
server/cmd_opts.h | 1 +
server/config_init.c | 4 ++++
server/fw_util_firewalld.c | 9 +++++++--
server/fw_util_iptables.c | 10 +++++++---
server/fwknopd.conf | 6 ++++++
server/fwknopd_common.h | 2 ++
6 files changed, 27 insertions(+), 5 deletions(-)
commit 17dd9de06f13b3ba8936dd785cbb8c1f3d0996c7
Merge: 5c00c42 342983f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Feb 26 21:43:42 2016 -0500
Merge branch 'master' of ssh://github.com/mrash/fwknop
commit 5c00c422fff369b1627427899a9fa9ff0381a239
Merge: deed691 c5c58ee
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Feb 26 21:42:47 2016 -0500
Merge branch 'master' of ssh://moria/home/mbr/git/fwknop
commit c5c58ee6a57c5d8a2418ea78c6d8f08cddf1c282
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Feb 26 20:53:07 2016 -0500
[server] bug fix for cmd open/close cycle to stop access.conf processing upon first successful match
ChangeLog | 5 +++++
server/cmd_cycle.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
commit 342983f94c700e7dcbf85b1b7a67572443c4ae99
Merge: deed691 8542655
Author: Michael Rash <michael.rash@gmail.com>
Date: Mon Feb 22 22:40:24 2016 -0500
Merge pull request #202 from oneru/patch-1
Check for non-null pointer value
commit 8542655fd78ee9fcdf90706c720e37b84ec7b657
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Feb 22 21:26:23 2016 -0600
Check for non-null pointer value
If a base64 encoded key is provided twice, add_acc_b64_string() was using malloc to allocate a second key value without first freeing the previous value. This patch adds null checks, and frees the previous memory usage if needed.
server/access.c | 11 +++++++++++
1 file changed, 11 insertions(+)
commit deed691c4ea9ae397e3939eac50acf8c4a7267be
Merge: 44d7f48 55b42a0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 21 20:55:51 2016 -0500
Merge branch 'master' of ssh://github.com/mrash/fwknop
commit 44d7f4850593cebeefa579114396c451cd9aa47e
Merge: 0980567 06e42a3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 21 20:54:52 2016 -0500
Merge branch 'master' of ssh://moria/home/mbr/git/fwknop
commit 06e42a3cfa8d54efc3a164449b118bb8883b219f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 21 11:50:41 2016 -0800
[test suite] first test for include_keys functionality
Makefile.am | 1 +
test/conf/include_keys1_hmac_access.conf | 12 ++++++++++++
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 13 +++++++++++++
4 files changed, 27 insertions(+)
commit 55b42a0ebbf418852281d58c5f4ec6da19aea8ee
Merge: 0980567 fac1092
Author: Michael Rash <michael.rash@gmail.com>
Date: Sun Feb 14 10:24:48 2016 -0500
Merge pull request #201 from zarkdav/master
Fix client/Makefile.am to work with libtool 2.4.6 from Cygwin
commit fac10925d1c2df87b5c23b46c3476eec1b0329a1
Author: Benjamin Ryzman <benjamin.ryzman@intercloud.fr>
Date: Sun Feb 14 11:29:41 2016 +0100
Fix client/Makefile.am to work with libtool 2.4.6 from Cygwin
client/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 0980567c4adcdca21276d03f901c7d83a12a924b
Merge: 6907066 4855202
Author: Michael Rash <michael.rash@gmail.com>
Date: Wed Feb 3 23:50:23 2016 -0500
Merge pull request #199 from alteman/patch-1
commit 4855202c98d4f448cc919b8429955b114faee228
Author: alteman <kirill.novichikhin+alteman@gmail.com>
Date: Thu Feb 4 00:55:39 2016 +0300
Fix Ubuntu AppArmor regression
Error:
$ sudo fwknopd -f -c /etc/fwknop/fwknopd.conf
Starting fwknopd
Added jump rule from chain: INPUT to chain: FWKNOP_INPUT
iptables 'comment' match is available
Sniffing interface: ppp0
[*] pcap_open_live() error: ppp0: You don't have permission to capture on that device (socket: Permission denied)
Syslog:
[...] kernel: [...] type=1400 audit([...]): apparmor="DENIED" operation="create" profile="/usr/sbin/fwknopd" pid=[...] comm="fwknopd" family="packet" sock_type="dgram" protocol=768
extras/apparmor/usr.sbin.fwknopd | 1 +
1 file changed, 1 insertion(+)
commit 69070666a953928f440ac3dc174260e8f7dc99ea
Merge: 381e772 6fc17e1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 30 12:43:58 2016 -0500
Merge branch 'master' of ssh://github.com/mrash/fwknop
commit 381e772d220fa70e841977fc34a02ddc52245825
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 30 12:43:41 2016 -0500
minor typo fix
README.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 6fc17e1eb41ccf3b845a9c19cf00623d1c6a5309
Merge: 1fb4524 785152a
Author: Michael Rash <michael.rash@gmail.com>
Date: Sat Jan 23 10:03:32 2016 -0500
Merge pull request #197 from oneru/master
commit 785152a364d57c05540f4b685b053603204b8b87
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Jan 22 22:37:36 2016 -0600
Modify server/access.c CUnit test to use the correct function.
add_port_list_ent() only supports one protocol/port entry at a time. The second entry was ignored.
server/access.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
commit 1fb4524e0769e98b0fb564e2998af3cb893b2e92
Merge: f0b9b93 8d901b1
Author: Michael Rash <michael.rash@gmail.com>
Date: Mon Jan 18 21:28:56 2016 -0500
Merge pull request #195 from oneru/mingw_Build_dll
commit f0b9b93b6a3793cb86ce078515a7ba01a9c1b645
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 18 19:54:04 2016 -0500
[libfko] comment out SHA3 hash functions that we're not using
lib/sha3.c | 9 ++++++---
lib/sha3.h | 8 ++++----
2 files changed, 10 insertions(+), 7 deletions(-)
commit 8d901b10b027cfdd50f646ac4ea55a9bcb688f21
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Jan 18 18:39:50 2016 -0600
Add yet another Mingw fix, Fixes dll build
lib/Makefile.am | 6 ++++++
1 file changed, 6 insertions(+)
commit e3c6f87f049f2e9e5b48dc7b2d513f1a0390ef3d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 17 13:40:07 2016 -0800
[libfko] minor permissions update
lib/fko_utests.c | 0
1 file changed, 0 insertions(+), 0 deletions(-)
commit 0a037d35540bad74fc05101ad2bd4a556f1adf93
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 17 13:06:12 2016 -0800
[test suite] minor file existence check
test/coverage_diff.py | 9 +++++++++
1 file changed, 9 insertions(+)
commit 4fc9d0566099930175a47a36891ca91ea7186fb4
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Jan 17 13:09:15 2016 -0500
Tweaks for MINGW builds
common/Makefile.am | 5 +++++
configure.ac | 6 +++++-
lib/Makefile.am | 6 ------
3 files changed, 10 insertions(+), 7 deletions(-)
commit e4fffdf44c8d3b036b987fe67295b7c8c5d0972b
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Jan 17 10:45:51 2016 -0500
Changes to fix the native Windows build.
common/fko_util.c | 18 ++++++++++++++++--
lib/hmac.c | 23 ++++++++---------------
win32/libfko.sln | 11 ++++-------
3 files changed, 28 insertions(+), 24 deletions(-)
commit e76a7a82336c8805bf3dd2f3a26e8af075abdacb
Merge: 97970dc 32f3546
Author: Michael Rash <michael.rash@gmail.com>
Date: Sat Jan 16 21:35:00 2016 -0500
Merge pull request #190 from oneru/include_keys
Include keys
commit 97970dccb98cd14e2483c85f75ec94ecdf161471
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sat Jan 16 15:12:39 2016 -0500
Added "AM_CONDITIONAL(MINGW, false)" before the host check section of configure.ac
configure.ac | 2 ++
1 file changed, 2 insertions(+)
commit dbd5ae74864c74ced6b9b93dfcdb7fd95eadb7bb
Merge: 8bb46f9 c0ad757
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Jan 15 18:05:34 2016 -0500
Merge pull request #193 from oneru/mingw32-fixes
commit c0ad75704e0424c4cafa0ee37595ee45c15aef3c
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Jan 15 01:14:50 2016 -0600
Fixes to allow for MINGW32 compilation
configure.ac | 4 ++++
lib/Makefile.am | 5 +++++
lib/fko_user.c | 4 +++-
3 files changed, 12 insertions(+), 1 deletion(-)
commit 8bb46f96644fa6d6b08cb046abadf49ccd6419cf
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Jan 12 21:42:42 2016 -0500
[extras] add scan-build wrapper for the CLANG static analyzer
Makefile.am | 1 +
extras/clang/scan-build.sh | 11 +++++++++++
2 files changed, 12 insertions(+)
commit 2451050a4c395912183cdddb71eea2a77daecb27
Merge: 5e6530c 17badb2
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue Jan 12 08:07:53 2016 -0500
Merge pull request #192 from oneru/hmac-hardening
Hmac hardening
commit 17badb2b1d9cc13c2f4d35943e06164a1b9f10c3
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Jan 11 23:48:24 2016 -0600
Change hmac functions to use calloc and check for null
lib/fko_hmac.c | 18 +++++++++------
lib/hmac.c | 70 +++++++++++++++++++++++++++++++++++++++++-----------------
lib/hmac.h | 21 ++++++++++++------
3 files changed, 75 insertions(+), 34 deletions(-)
commit 1d10b0e4c296cf758661332d5577b9ae364a2227
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Jan 11 23:47:55 2016 -0600
Add base64 test to fko.h
lib/fko.h | 1 +
1 file changed, 1 insertion(+)
commit 5e6530cc237e03ee18e4c0950afed7c01f1696af
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 11 22:22:02 2016 -0500
[test suite] bug fix in lcov coverage generation to pull in _base and _info into the final result
ChangeLog | 2 ++
test/gen-coverage-report.sh | 4 ++--
test/lcov.env | 1 +
3 files changed, 5 insertions(+), 2 deletions(-)
commit 1ace0ac547323d8f35d10160d11e9c7347420210
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 11 22:20:35 2016 -0500
[test suite] minor typo fix
test/afl/fuzzing-wrappers/client-rc.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit fb7574e6bffb130281aba4cff86f22db01297440
Merge: 29411de abd895c
Author: Michael Rash <michael.rash@gmail.com>
Date: Mon Jan 11 22:06:52 2016 -0500
Merge pull request #191 from oneru/cleanups
Merge simplified HMAC implementation.
commit abd895c5229a0f7ed0a20badaef4f98782c1a945
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Jan 11 00:09:06 2016 -0600
Removes unused string from set_nat_access
client/fwknop.c | 1 -
1 file changed, 1 deletion(-)
commit 108a669730d28fe2651f821438595f8bb44505fc
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Jan 11 00:04:09 2016 -0600
Update fko_wrapper to reflect SHA3 changing MAX_DIGEST_BLOCK_LEN
test/fko-wrapper/fko_wrapper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 83961750b3826e2e9e4a8134ab0339467007f371
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Jan 10 22:48:07 2016 -0600
Add ifdef for mingw compilation
common/common.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit 82faacfb8eb01f623cfa52b56695e1f3246f10b7
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sun Jan 3 23:24:54 2016 -0600
Add base64 CUnit tests
lib/base64.c | 114 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
lib/fko_utests.c | 1 +
2 files changed, 115 insertions(+)
commit 29411dea8ce5669e80d8fc133ae664017b234491
Merge: 6247fe9 efe2b20
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 08:44:22 2016 -0500
Merge branch 'master' of ssh://github.com/mrash/fwknop
commit 6247fe9e6a6e69edf6fd9b2dbe219610601e342f
Merge: 81419d8 0d41b78
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 08:31:12 2016 -0500
Merge remote-tracking branch 'origin/dstuart_netfilter_queue'
commit 578cf501bed122cb5138027eb7ca2476d0c002a5
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Jan 2 22:14:03 2016 -0600
Add Doxygen documentation to lib/hmac.c functions
lib/hmac.c | 15 +++++--------
lib/hmac.h | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 78 insertions(+), 11 deletions(-)
commit af7d9e8544df27865d88aa680586ec020b3f8f64
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Jan 2 21:59:26 2016 -0600
Simplify hmac implementations
lib/hmac.c | 422 +++++++++++++++++++------------------------------------------
1 file changed, 129 insertions(+), 293 deletions(-)
commit a3e0d1cc1b6736a24321bb01ed6c3bbd15d3639f
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Jan 2 20:18:12 2016 -0600
clean up whitespace problems
ChangeLog | 2 +-
INSTALL | 1 -
client/Makefile.am | 1 -
client/config_init.c | 11 +++++------
client/log_msg.c | 14 +++++++-------
common/common.h | 2 +-
common/fko_util.c | 2 +-
doc/README | 2 --
doc/fwknop.man.asciidoc | 6 +++---
doc/fwknopd.man.asciidoc | 14 +++++++-------
doc/gpl-2.0.texi | 2 +-
doc/libfko.texi | 18 +++++++++---------
lib/fko_common.h | 2 +-
lib/fko_context.h | 2 +-
lib/fko_decode.c | 4 ++--
lib/fko_state.h | 2 +-
lib/md5.c | 4 ++--
lib/rijndael.c | 6 +++---
18 files changed, 45 insertions(+), 50 deletions(-)
commit 32f35468f63059f3fa6192746282c22983250785
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Jan 2 17:28:50 2016 -0600
Add some documentation for the include directives
server/access.conf | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
commit 330663499fe16bb0162bd1262148c442b9afc8bc
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Sat Jan 2 16:42:18 2016 -0600
Allows an access stanza to be ignored when a problem is caused in an include_keys stanza
server/access.c | 45 ++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 40 insertions(+), 5 deletions(-)
commit 09b7fc94da59adb8cdc2571196c2b3255ae1fd98
Author: Jonathan Bennett <JBennett@incomsystems.biz>
Date: Sun Dec 27 21:34:31 2015 -0600
Add %include_keys directive
server/access.c | 177 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 177 insertions(+)
commit efe2b207f077c8411be9fa0a356acd049941bbc5
Merge: 40cef83 9bb70fa
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Jan 1 19:35:54 2016 -0500
Merge pull request #189 from oneru/doxygen
Convert file headers to Doxygen format
commit 40cef83794adb1a3687a12a018d10f1f4a02f347
Merge: 81419d8 dda7fa3
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Jan 1 19:35:45 2016 -0500
Merge pull request #188 from oneru/nat_dns
Nat dns
commit 9bb70fa17a93b3199d68cb6e6ff98e02d7dd6c0e
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Jan 1 03:02:17 2016 +0000
Add Doxygen headers for common files
common/common.h | 13 ++++++-------
common/cunit_common.c | 6 ++++++
common/cunit_common.h | 6 ++++++
common/fko_util.c | 13 ++++++-------
common/fko_util.h | 13 ++++++-------
common/netinet_common.h | 15 +++++++--------
common/strlcat.c | 13 ++++++-------
common/strlcpy.c | 13 ++++++-------
8 files changed, 49 insertions(+), 43 deletions(-)
commit 9475b625a064e202bda36e512ccb110323f0660f
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Jan 1 02:13:21 2016 +0000
Add Doxygen headers to client files
client/cmd_opts.h | 13 ++++++-------
client/config_init.c | 9 ++++-----
client/config_init.h | 11 +++++------
client/fwknop.c | 9 +++++----
client/fwknop.h | 13 ++++++-------
client/fwknop_common.h | 13 ++++++-------
client/fwknop_utests.c | 8 +++++++-
client/getpasswd.c | 13 ++++++-------
client/getpasswd.h | 13 ++++++-------
client/http_resolve_host.c | 13 ++++++-------
client/log_msg.c | 9 +++++----
client/log_msg.h | 9 +++++----
client/spa_comm.c | 13 ++++++-------
client/spa_comm.h | 13 ++++++-------
client/utils.c | 13 ++++++-------
client/utils.h | 13 ++++++-------
16 files changed, 91 insertions(+), 94 deletions(-)
commit 3378ba24235c9e02bb6bca63dd76dbac0d0efcf2
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Fri Jan 1 02:09:59 2016 +0000
Add Doxygen headers for server files
Doxyfile | 1 +
server/access.c | 13 ++++++-------
server/access.h | 13 ++++++-------
server/cmd_cycle.c | 11 ++++++-----
server/cmd_cycle.h | 10 +++++-----
server/cmd_opts.h | 13 ++++++-------
server/config_init.c | 13 ++++++-------
server/config_init.h | 13 ++++++-------
server/extcmd.c | 13 ++++++-------
server/extcmd.h | 13 ++++++-------
server/fw_util.c | 13 ++++++-------
server/fw_util.h | 13 ++++++-------
server/fw_util_firewalld.c | 13 ++++++-------
server/fw_util_firewalld.h | 13 ++++++-------
server/fw_util_ipf.c | 13 ++++++-------
server/fw_util_ipf.h | 13 ++++++-------
server/fw_util_ipfw.c | 13 ++++++-------
server/fw_util_ipfw.h | 13 ++++++-------
server/fw_util_iptables.c | 13 ++++++-------
server/fw_util_iptables.h | 13 ++++++-------
server/fw_util_pf.c | 13 ++++++-------
server/fw_util_pf.h | 13 ++++++-------
server/fwknopd.c | 8 +++-----
server/fwknopd.h | 13 ++++++-------
server/fwknopd_common.h | 13 ++++++-------
server/fwknopd_errors.c | 13 ++++++-------
server/fwknopd_errors.h | 13 ++++++-------
server/fwknopd_utests.c | 8 +++++++-
server/incoming_spa.c | 13 ++++++-------
server/incoming_spa.h | 13 ++++++-------
server/log_msg.c | 13 ++++++-------
server/log_msg.h | 13 ++++++-------
server/pcap_capture.c | 13 ++++++-------
server/pcap_capture.h | 13 ++++++-------
server/process_packet.c | 13 +++++++------
server/process_packet.h | 13 ++++++-------
server/replay_cache.c | 13 +++++++------
server/replay_cache.h | 13 ++++++-------
server/sig_handler.c | 13 ++++++-------
server/sig_handler.h | 13 ++++++-------
server/tcp_server.c | 13 ++++++-------
server/tcp_server.h | 13 ++++++-------
server/udp_server.c | 13 ++++++-------
server/udp_server.h | 13 ++++++-------
server/utils.c | 9 +++++----
server/utils.h | 13 ++++++-------
46 files changed, 269 insertions(+), 298 deletions(-)
commit ae5451dccc3a827f555ee749067be3f496238ce6
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu Dec 31 22:56:23 2015 +0000
Doxygen headers for libfko files
Doxyfile | 6 +++---
lib/base64.c | 13 ++++++-------
lib/base64.h | 13 ++++++-------
lib/cipher_funcs.c | 13 ++++++-------
lib/cipher_funcs.h | 13 ++++++-------
lib/digest.c | 9 +++++----
lib/digest.h | 13 ++++++-------
lib/fko.h | 2 +-
lib/fko_client_timeout.c | 13 ++++++-------
lib/fko_common.h | 13 ++++++-------
lib/fko_context.h | 3 +--
lib/fko_decode.c | 13 ++++++-------
lib/fko_digest.c | 13 ++++++-------
lib/fko_encode.c | 13 ++++++-------
lib/fko_encryption.c | 13 ++++++-------
lib/fko_error.c | 13 ++++++-------
lib/fko_funcs.c | 13 ++++++-------
lib/fko_hmac.c | 13 ++++++-------
lib/fko_limits.h | 11 ++++++-----
lib/fko_message.c | 14 ++++++--------
lib/fko_message.h | 13 ++++++-------
lib/fko_nat_access.c | 13 ++++++-------
lib/fko_rand_value.c | 13 ++++++-------
lib/fko_server_auth.c | 13 ++++++-------
lib/fko_state.h | 13 ++++++-------
lib/fko_timestamp.c | 13 ++++++-------
lib/fko_user.c | 13 ++++++-------
lib/fko_user.h | 13 ++++++-------
lib/fko_utests.c | 6 ++++++
lib/gpgme_funcs.c | 13 ++++++-------
lib/gpgme_funcs.h | 13 ++++++-------
lib/hmac.c | 13 ++++++-------
lib/hmac.h | 13 ++++++-------
lib/md5.c | 13 ++++++-------
lib/md5.h | 13 ++++++-------
lib/rijndael.c | 13 ++++++-------
lib/rijndael.h | 17 ++++++++++-------
lib/sha1.c | 16 +++++++---------
lib/sha1.h | 13 ++++++-------
lib/sha2.c | 21 ++++++++++-----------
lib/sha2.h | 18 ++++++++----------
lib/sha3.c | 6 ++++++
lib/sha3.h | 24 ++++++++++++++++++------
43 files changed, 267 insertions(+), 276 deletions(-)
commit dda7fa39c195fe0d3c470617d6a98598ce174c10
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu Dec 31 19:24:45 2015 +0000
Disable client side nat_dns
client/fwknop.c | 27 ++++++++++-----------------
common/fko_util.c | 3 ++-
2 files changed, 12 insertions(+), 18 deletions(-)
commit 669e448db5dfceaf7ec161d4236212b5e8dc22dd
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu Dec 31 18:05:55 2015 +0000
Add ENABLE_NAT_DNS config option
server/cmd_opts.h | 1 +
server/config_init.c | 4 ++++
server/fw_util_firewalld.c | 27 +++++++++++++++++++++++----
server/fw_util_iptables.c | 27 +++++++++++++++++++++++----
server/fwknopd.conf | 3 +++
server/fwknopd_common.h | 2 ++
6 files changed, 56 insertions(+), 8 deletions(-)
commit 748803aef746c5ef551161e9f37e238e6886a508
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu Dec 31 03:38:27 2015 +0000
Add length checks for nat_access messages
common/fko_util.h | 2 +-
lib/fko_message.c | 17 ++++++++++++++---
server/fw_util_firewalld.c | 6 ++++--
server/fw_util_iptables.c | 6 ++++--
server/fwknopd_common.h | 1 -
5 files changed, 23 insertions(+), 9 deletions(-)
commit bc55f0f21f4afee930f2c233699b38d01d9bdabe
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Thu Dec 31 02:12:08 2015 +0000
Add count_characters and a CUnit test series for it.
client/fwknop_common.h | 1 -
common/fko_util.c | 43 +++++++++++++++++++++++++++++++++++++++++++
common/fko_util.h | 13 +++++++++++--
lib/fko.h | 2 +-
lib/fko_utests.c | 2 ++
server/fw_util_firewalld.c | 2 +-
server/fw_util_iptables.c | 2 +-
7 files changed, 59 insertions(+), 6 deletions(-)
commit 56be13b3f67a4abf2cb307cf366a6450c0bbc8a9
Author: Jonathan Bennett <JBennett@incomsystems.biz>
Date: Fri Dec 25 11:20:00 2015 -0600
Add dns resolution for nat access
common/fko_util.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++
common/fko_util.h | 14 ++++++-
lib/fko_message.c | 3 +-
server/fw_util_firewalld.c | 22 ++++++++---
server/fw_util_iptables.c | 23 ++++++++---
5 files changed, 145 insertions(+), 12 deletions(-)
commit 81419d8f0080eb874c2156e68498891adb0eb312
Merge: fc1ef7f 2edbc04
Author: Michael Rash <michael.rash@gmail.com>
Date: Wed Dec 30 22:42:40 2015 -0500
Merge pull request #183 from oneru/for-2.6.9
For 2.6.9
commit 2edbc04bc7b5a5b3d5100c0f27bbbe4423d3ceda
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Dec 21 10:49:09 2015 -0600
properly handle longer HMAC keys for hmac_sha384 and hmac_sha512
lib/hmac.c | 29 +++++++++++++++++++++--------
1 file changed, 21 insertions(+), 8 deletions(-)
commit 32a37f7e1fcf6d4aa7d42ce4c0c4ef85173c2f14
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Dec 21 10:32:29 2015 -0600
Add CUnit tests for various crypto functions
lib/cipher_funcs.c | 247 ++++++++++++
lib/digest.c | 388 ++++++++++++++++++-
lib/fko.h | 4 +
lib/fko_utests.c | 5 +-
lib/hmac.c | 1097 +++++++++++++++++++++++++++++++++++++++++++++++++++-
5 files changed, 1738 insertions(+), 3 deletions(-)
commit d9f9cb8ad5943ec7d16725e797f20cb410466c8d
Author: Jonathan Bennett <jbennett@incomsystems.biz>
Date: Mon Dec 21 09:56:12 2015 -0600
Add SHA3 and HMAC-SHA3 support
client/config_init.c | 6 +-
common/fko_util.c | 20 +++
lib/Makefile.am | 2 +-
lib/digest.c | 35 ++++++
lib/digest.h | 5 +
lib/fko.h | 4 +
lib/fko_digest.c | 20 +++
lib/fko_hmac.c | 20 +++
lib/hmac.c | 84 +++++++++++++
lib/hmac.h | 6 +-
lib/sha3.c | 334 +++++++++++++++++++++++++++++++++++++++++++++++++++
lib/sha3.h | 40 ++++++
server/access.c | 2 +-
13 files changed, 572 insertions(+), 6 deletions(-)
commit fc1ef7f21fbd2359f22cdb146d953a5c7647192e
Merge: c41ccef 4a7411b
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue Dec 29 20:47:33 2015 -0500
Merge pull request #181 from vaygr/xff
X-Forwarded-For HTTP header support
commit c41ccef2faad802d102708ebaa1fefd472aaff18
Merge: e3ae674 b661dee
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue Dec 29 20:43:21 2015 -0500
Merge pull request #185 from oneru/doxygen
Initial Doxygen config file and work on documenting libfko functions
commit b661dee583fdc5f5f68a10a27e2217d5cd52440f
Author: Jonathan Bennett <JBennett@incomsystems.biz>
Date: Sun Dec 27 20:09:38 2015 -0600
Initial Doxygen config file and work on documenting libfko functions
Doxyfile | 2448 +++++++++++++++++++++++++++++++++++++++++++++++++++++
lib/fko.h | 1342 ++++++++++++++++++++++++-----
lib/fko_context.h | 69 +-
lib/hmac.h | 13 +-
server/access.c | 6 +-
5 files changed, 3651 insertions(+), 227 deletions(-)
commit e3ae6747d9bf9f80fec3419cd7b839e25bad854d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Dec 24 16:08:35 2015 -0500
doc updates
client/fwknop.8.in | 14 +++++++-------
doc/fwknop.man.asciidoc | 16 ++++++++--------
doc/fwknopd.man.asciidoc | 14 +++++++-------
server/fwknopd.8.in | 12 ++++++------
4 files changed, 28 insertions(+), 28 deletions(-)
commit 0d41b78d18e1bd2e92d7729e2707595cb10d5298
Merge: db28efa dd2f4c2
Author: Damien Stuart <dstuart@dstuart.org>
Date: Mon Dec 21 00:12:11 2015 -0500
Merge branch 'master' into dstuart_netfilter_queue and resolved one conflict in cmd_opts.h
commit db28efae258a85d9afbb90b42ad8339f67eb75a6
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Dec 20 23:46:32 2015 -0500
Added linking libnfnetlink. Tweaks to get NFQ working with firewalld.
server/Makefile.am | 4 ++--
server/config_init.c | 11 +++++------
server/fw_util_firewalld.c | 13 ++++++++-----
3 files changed, 15 insertions(+), 13 deletions(-)
commit ba611a2d2ce3d442bc35277f7260f0373f561b8d
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Dec 20 21:58:31 2015 -0500
Many additions and modifications for support of capture via Netfilter Queue.
configure.ac | 4 +-
server/Makefile.am | 4 +-
server/cmd_opts.h | 9 ++
server/config_init.c | 49 ++++++++
server/fw_util_firewalld.c | 68 +++++++----
server/fw_util_firewalld.h | 5 +-
server/fw_util_iptables.c | 72 +++++++----
server/fw_util_iptables.h | 4 +-
server/fwknopd.c | 5 +-
server/fwknopd.conf | 35 ++++++
server/fwknopd_common.h | 27 +++--
server/nfq_capture.c | 291 +++++++++++++++++++++++++++++++++++++++++++++
server/nfq_capture.h | 43 +++++++
server/process_packet.c | 36 +++---
server/process_packet.h | 15 ++-
15 files changed, 582 insertions(+), 85 deletions(-)
commit 4a7411ba5730d152b044da5df7d60d0d903a2d7b
Author: Vlad Glagolev <vaygr@users.noreply.github.com>
Date: Sun Dec 20 21:19:31 2015 +0300
1st implementation of X-Forwarded-For HTTP header support
server/fwknopd_common.h | 1 +
server/incoming_spa.c | 37 ++++++++++++++++++++++++++++++++++---
2 files changed, 35 insertions(+), 3 deletions(-)
commit d2cef1746cbf2730eadebb8721c6d4447e9ab7d0 (refs/remotes/oneru/dstuart_netfilter_queue)
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sat Nov 28 15:03:39 2015 -0500
Initial update for NETFILTER_QUEUE support. These changes are not tested at all as they were edit on a Mac, but are linux-specific.
configure.ac | 25 ++++++++-
server/Makefile.am | 13 +++++
server/cmd_opts.h | 9 ++-
server/config_init.c | 5 ++
server/fw_util_firewalld.c | 135 ++++++++++++++++++++++++++++++++++++++++++++
server/fw_util_firewalld.h | 5 ++
server/fw_util_iptables.c | 137 +++++++++++++++++++++++++++++++++++++++++++++
server/fw_util_iptables.h | 5 ++
server/fwknopd.c | 23 +++++++-
server/fwknopd_common.h | 7 +++
10 files changed, 360 insertions(+), 4 deletions(-)