Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

3021 lines (1937 sloc) 122.167 kb
commit 35456877fa257889c7d894cc24c98fba06106ca6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 21 13:50:16 2011 -0400
Bug fix for ipfw firewalls to not always require seeing 'Dynamic' rules
This commit fixes an issue on ipfw firewalls where fwknopd would always require
seeing ipfw 'Dynamic' rules associated with newly added connections. But, such
connections may never be established for various reasons. Previous to this
commit the following warning was frequently generated by fwknopd:
Unexpected error: did not find 'Dynamic rules' string in list output.
commit 4b2a96578bcc8ba07371989dcc124ef42813acea
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 21 13:28:16 2011 -0400
Bug fix for missing set existence check on ipfw firewalls
This commit fixes an issues on systems running the ipfw firewall where the
'set' where fwknopd puts new access rules was attempted to be deleted without
first checking to see whether it exists. The following errors would be
generated (now fixed):
ipfw: rule 16777217: setsockopt(IP_FW_DEL): Invalid argument
Error 17664 from cmd:'/sbin/ipfw delete set 1':
Fatal: Errors detected during ipfw rules initialization.
commit 03859387b6667839d8eb6eaf1601e2c14c24d355
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 22:34:24 2011 -0400
Bug fix to create the digest.cache file at init
Bug fix to ensure that the digest.cache file gets created at fwknopd init time
so fwknopd does not throw the following error:
Error opening digest cache file. Incoming digests will not be remembered.
commit 04afd2846dd563296c40667557ef4ac0d47aeb0c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 22:02:21 2011 -0400
On FreeBSD, made gpgme header path inclusion optional
If gpgme is installed on FreeBSD systems it appears that
-I/usr/local/include/gpgme must be added to the include path, but this change
only adds the path if gpgme is installed and going to be used.
commit 6eeb41309401a0c8a47613bcc9f3ce58aa1f6436
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 13:33:00 2011 -0400
Fixed a few minor compiler warnings on FreeBSD
This commit fixes a few warnings about possible uninitialized and unused
variables.
commit 4248b2687054b38e79e2ab9eecf71e5b299172f4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 13:19:33 2011 -0400
On FreeBSD disable read-only relocations and immediate binding protections
gcc on FreeBSD generates the following errors when the -Wl,-z,relro -Wl,-z,now
flags are used:
gcc: -z: linker input file unused because linking not done
gcc: relro: linker input file unused because linking not done
gcc: -z: linker input file unused because linking not done
gcc: now: linker input file unused because linking not done
commit ff7c4219e8a946fa28aeec941a17d3998ab87ae7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 12:56:30 2011 -0400
Update to suppress additional compiler warning
This change fixes the following compiler warning that was seen with many of
the source files in server/
fwknopd_common.h:223: warning: ‘config_map’ defined but not used
commit ab7226092dcf687a46916e1841cc05107a5fce8f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 20 12:34:57 2011 -0400
Minor restructuring to suppress compiler "defined but not used warnings"
This commit fixes several compiler warnings like the following (now that -Wall
is the default):
config_init.h:68: warning: ‘cmd_opts’ defined but not used
commit db681fb7916470ec981f0d4e4514402cb49eca3f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 19 22:00:16 2011 -0400
minor commit to fix minor compilations warnings
commit 637f7a4c936d91a18ef71f364c5fe1c7c5256f5e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 19 21:14:24 2011 -0400
Added -Wall for all gcc warnings during compile
Enable gcc compilation to include -Wall for all warnings (can be disabled
with --disable-wall to ./configure).
commit bf59c2688f3dc11913c347c4d1e92c95dfcaa671
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 19 20:51:50 2011 -0400
Bug fix for ./configure args to disable compile time security options
The ./configure script would generate the following error for the attempted
use of the --without-stackprotector (and other related options like
--without-pie):
configure: WARNING: unrecognized options: --without-stackprotect
commit 41fc93407e303a47a412ee91a54f136f80a903f1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 18 22:26:52 2011 -0400
added the VERSION file
commit 8b0787c270dc12552275d610bf38115f95cd5972
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 18 22:25:12 2011 -0400
Bumped version to fwknop-2.0.0-rc3
Bumped version to fwknop-2.0.0-rc3
commit 1e494aba2ec806bec8f670c5378cf6dd5624c012
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 18 21:13:58 2011 -0400
Added ChangeLog derived from git commit messages.
There will be branch and release specific ChangeLog files as well.
commit 409c08ac5c3f6310306ddba9b34c985db491722c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 18 21:10:09 2011 -0400
Renamed ChangeLog -> ChangeLog.old for new ChangeLog handling
The ChangeLog will be derived from commit messages.
commit b9122f648e57a9f3cfa84c3462ab2463fe04e275
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 18 20:37:31 2011 -0400
Update to add any missing iptables jump rules
Upon the receipt of a valid SPA packet, a check is done to make sure that
a jump rule from the appropriate built-in iptables chains exists to the
fwknop chains. Such rules could have been deleted by other manipulations
of the iptables policy, so it is important to ensure they exist. Running
in foreground (-f) mode, here is an illustration of the jump rule being
added after it got deleted:
SPA Packet from IP: 127.0.0.1 received.
Added jump rule from chain: INPUT to chain: FWKNOP_INPUT
Added Rule to FWKNOP_INPUT for 127.0.0.1, tcp/22 expires at 1313680648
commit acdf15f158c32bb12b141ecb8bd37fae5f7bfcb1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 17 21:24:03 2011 -0400
Update to force base64 check for all SPA data
Previous to this change a check was done for base64 characters in incoming
SPA data only up to MIN_SPA_DATA_SIZE. This check may be reinstantiated for
SPA packets that are delivered over HTTP (and the packet data is embedded
within a URL that may also contain non-base64 chars), but in the meantime the
fwknopd daemon should not accept SPA packets over arbitrary ports with any
non-base64 chars.
commit 92b7e2588ee64f253720cf8d819ee64f42333aee
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 17 21:07:35 2011 -0400
Updated replay warnings to include proto/port info
Replay warnings now include port and protocol information. Here is an example:
SPA Packet from IP: 127.0.0.1 received.
Replay detected from source IP: 127.0.0.1
Destination proto/port: 17/62201
Original source IP: 127.0.0.1
Original dst proto/port: 17/62201
Entry created: 08/17/11 21:06:07
First replay: 08/17/11 21:06:32
Last replay: 08/17/11 21:06:45
Replay count: 7
commit df96e42c51b6847d91575dfd68f8cb23ba3aa318
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 17 20:36:28 2011 -0400
Added stack protection, PIE, fortify source, etc.
Added various security options that can be enabled at compile time. These
options include everything that the "hardening-check" script written by Kees
Cook checks for. After this change, the hardening-check script produces the
following output against the fwknopd binary:
$ hardening-check server/.libs/fwknopd
server/.libs/fwknopd:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: yes
Read-only relocations: yes
Immediate binding: yes
One of the compile outputs (for example) that shows the new options is:
/bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -g -O2 -fstack-protector-all -fPIE -pie -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wl,-z,now -MT fko_decode.lo -MD -MP -MF .deps/fko_decode.Tpo -c -o fko_decode.lo fko_decode.c
From the hardening-check man page, here is a description of each of these
options:
NAME
hardening-check - check binaries for security hardening features
SYNOPSIS
Examine a given set of ELF binaries and check for several security
hardening features, failing if they are not all found.
DESCRIPTION
This utility checks a given list of ELF binaries for several security
hardening features that can be compiled into an executable. These
features are:
Position Independent Executable
This indicates that the executable was built in such a way
(PIE) that the "text" section of the program can be relocated
in memory. To take full advantage of this feature, the
executing kernel must support text Address Space Layout
Randomization (ASLR).
Stack Protected
This indicates that the executable was compiled with the
gcc(1) option -fstack-protector. The program will be
resistant to have its stack overflowed.
Fortify Source functions
This indicates that the executable was compiled with
-D_FORTIFY_SOURCE=2 and -O2 or higher. This causes certain
unsafe glibc functions with their safer counterparts (e.g.
strncpy instead of strcpy).
Read-only relocations
This indicates that the executable was build with -Wl,-z,relro
to have ELF markings (RELRO) that ask the runtime linker to
mark any regions of the relocation table as "read-only" if
they were resolved before execution begins. This reduces the
possible areas of memory in a program that can be used by an
attacker that performs a successful memory corruption exploit.
Immediate binding
This indicates that the executable was built with -Wl,-z,now
to have ELF markings (BIND_NOW) that ask the runtime linker to
resolve all relocations before starting program execution.
When combined with RELRO above, this further reduces the
regions of memory available to memory corruption attacks.
commit 60b6a5a4d8a3075ef5d0bc7025859f704ef90bb0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 14 22:46:09 2011 -0400
Minor variable cleanup to fix compiler warnings
Minor cleanup to fix compiler warnings about unused variables.
commit e7d275ee312c618c3233a504c5aa54b72312f39a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 14 21:55:29 2011 -0400
Added fwknop-2.0.0rc2 openwrt support from Jonathan Bennett
Applied a patch sent from Jonathan Bennett to add fwknop-2.0.0rc2 support to
openwrt. One thing to note about this patch is that the +libgdbm library
dependency has been removed because fwknop now implements its own digest
tracking file without needing gdbm/ndbm on the system.
commit 878fae8e8a22ea2c34ca544e84e163347835f361
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 14 19:42:50 2011 -0400
Implemented memory clean up for digest cache list
Upon fwknopd shutdown, a new function free_replay_list() is now called in order
to free heap allocated memory dedicated to SPA digest tracking. Without this
fix, valgrind reports the following (some output snipped):
valgrind --leak-check=full ./server/.libs/fwknopd -f -i lo -P "udp port 62201"
==30864== 431 (48 direct, 383 indirect) bytes in 1 blocks are definitely lost in loss record 17 of 17
==30864== at 0x4C27480: calloc (vg_replace_malloc.c:467)
==30864== by 0x407CB7: replay_check_file_cache (replay_cache.c:461)
==30864== by 0x407B69: replay_check (replay_cache.c:413)
==30864== by 0x405813: incoming_spa (incoming_spa.c:363)
==30864== by 0x406275: pcap_capture (pcap_capture.c:223)
==30864== by 0x40317D: main (fwknopd.c:297)
commit 5ee6715cffe9dd4bbed3c0c3eaa75b5dc618b9a6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 14 12:36:25 2011 -0400
Consolidated replay warnings in a single function
For both the simple digest file cache and the gdbm/ndbm tracking methods, all
replay warnings are generated by a single function "replay_warning()".
commit c13cca4aa18317e462c4900e3779de67fa194e21
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 13 22:35:52 2011 -0400
Added digest file import code
The digest file is now imported as a linked list of digest cache entries at
init time for SPA replay attack detection.
commit 941a4aa9a39ca5a42ecec92a6fa6908ebcc2c9f2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 13 21:00:54 2011 -0400
Added source port and protocol to digest tracking
Added the source port and protocol fields to valid SPA packets in the digest
cache. This can help to discover replay trends. The format of the digest
file cache is now:
<digest> <proto> <src_ip> <src_port> <dst_ip> <dst_port> <time>
commit 6982a72c07e11ef632922e7bc63d65141149a091
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 12 22:00:44 2011 -0400
Added dst IP to tracked SPA data
The digest cache now contains destination IP addresses of valid SPA packets.
The complete format is now:
<digest> <src_ip> <dst_ip> <creation time>
commit 4197e51c9d9421604c3a0985f1f4820e8547c731
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 12 21:43:07 2011 -0400
Started on code to parse the digest cache file
At init time fwknopd will read in the digest cache file into the in-memory
linked list of digests for SPA replay detection. This commit starts on this
code, but the file format does not yet include destination IP addresses
(to be added in an upcoming commit).
commit 459cfb4d45c40e62c5c74ed86db638f6a5b6bbbb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 12 20:16:00 2011 -0400
Implemented linked list cache of SPA digests
When not using gdbm/ndbm support (the default now), fwknopd implements a linked
list of SPA packet digests for replay attack detection along with writing
digest data in ascii text down to disk (in the CONF_DIGEST_FILE file).
commit e443550e5f7745b0958525713f4ad097c2c7a398
Merge: 52c7956 d2c5085
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 10 22:41:18 2011 -0400
Merge branch 'master' into optional_dbm_support
commit d2c50858435eecb7f2d73574c7d03d44f1d02307
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 10 22:38:01 2011 -0400
Added --pcap-filter to the fwknopd command line
To override the value of the PCAP_FILTER variable in the fwknopd.conf
config file, a new fwknopd command line argument "--pcap-filter" was
added. This assists in various activities by making it trivial to
change how fwknopd acquires packet data without editing the fwknopd.conf
file. Here is an example:
fwknopd -i lo -f --pcap-filter "udp port 12345"
commit 52c795634b75156b6fe87e656eef3a8e0f986aef
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 10 22:07:25 2011 -0400
Updated digest file path for gdbm/ndbm support
If fwknopd is compiled with --disable-file-cache to the ./configure script
then it will assume that the default filename is "digest_db.cache" for the
digest cache. If the file cache method is used (this is the default), then
"digest.cache" is the default filename. A new variable DIGEST_DB_FILE in
the fwknopd.conf file controls the digest filename if gdbm/ndbm support is
required.
commit 0525cd4a5caebad8c7f16d33df81e8b9cae1f4d9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Aug 10 20:56:42 2011 -0400
Added autoconf support for non-dbm file cache.
This change starts on support for a simple file-based cache mechanism
for tracking SPA digests. This removes the libgdbm/libndbm dependency
by default, but it can be re-enabled with the --disable-file-cache
argument to the ./configure script.
commit 2dd7c4aac7a309ef51189d58eadb900a1e94615c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Aug 8 22:49:28 2011 -0400
Minor rename in support of non-dbm file cache
Added the optional_dbm_support branch and made a minor renaming change
on this branch for the coming non-dbm file cache support.
commit 1e47243574d96ad3aa1f98f31e76b312f275a9cb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Aug 8 22:24:22 2011 -0400
Bug fix for uninitialized variable found with splint static analyzer
In the save_args() function the args_str_len variable was being used before
being initialized as reported via the splint static code analysis tool. Here
is the splint output that found this bug:
client/fwknop.c:650:13: Variable args_str_len used before definition
An rvalue is used that may not be initialized to a value on some execution
path. (Use -usedef to inhibit warning)
commit 69f41eb3999eea1e907a5a71c7e83cd18600fca6
Author: Damien Stuart <dstuart@dstuart.org>
Date: Thu Jul 7 08:12:49 2011 -0400
Set FD_CLOEXEC on pid file descriptor.
Added support for setting the URL for resolving source IP via command-line or the .fwknoprc file.
commit ca5f82c067f837637356175cfd365cc4bf66bf5e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jun 18 20:53:40 2011 -0400
Removed legacy $Id$ tags from svn
$Id$ tags don't really mean anything to git so they have been removed from all
source files.
commit 39e7412bb8958ed7af693b2d6d59e32b55e67901
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Mar 27 02:38:41 2011 +0000
Added a no-digest-cache configure option and capability (though it is not recommended).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@313 510a4753-2344-4c79-9c09-4d669213fbeb
commit 03361fea743dec2e975f31490058a2470394aec3
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Mar 26 16:33:02 2011 +0000
Fix check and handling of ndbm as an option for the digest cache.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@312 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6c050b481ca8b8d812d74de5ee6630ab3954f7a6
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Feb 12 13:18:31 2011 +0000
Added python/fko.py to Makefile.am so it is also included in distributions. Minor tweak to address compile error on Mac os X.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@311 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4b0c280948af39872082b0ae95ebf59f5670ce9e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 2 03:32:46 2011 +0000
Minor update to the android README
git-svn-id: file:///home/mbr/svn/fwknop/trunk@310 510a4753-2344-4c79-9c09-4d669213fbeb
commit a24a2eed8f4b75bdfae65d3c9eb7797b87f863e1
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 2 02:58:53 2011 +0000
Adding Max Kastanas's fwknop client app code for Android
git-svn-id: file:///home/mbr/svn/fwknop/trunk@309 510a4753-2344-4c79-9c09-4d669213fbeb
commit d8f282143ed1c32629a7f82e828a5f33410ed2d5
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jan 1 21:00:24 2011 +0000
Removed unnecessary include.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@308 510a4753-2344-4c79-9c09-4d669213fbeb
commit 225e36414d25a421b84bc831111f0319c2ab13d6
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 5 15:44:01 2010 +0000
Additional docs and classes added to the fko python module. Minor tweak and bumped version in the fwknop.spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@307 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9d821548e79eb719e99eb8f45248fb5f7b3449ff
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 5 14:57:01 2010 +0000
Fixed bug where libfko would segfault if fko_get_spa_data() was called before fko_spa_data_final() was called (and successful). Added include of time.h in fko.h.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@306 510a4753-2344-4c79-9c09-4d669213fbeb
commit 966b9bdccc32a3ba910cf09c50b8648ac1b4c4a5
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Dec 4 21:57:34 2010 +0000
Do not need parens around expression in if statements in python (still learning).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@305 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4e5326660cd30ec2865609c14839a6cf4bcf9542
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Dec 4 04:12:17 2010 +0000
Added pydoc text to the fko python module. Minot tweak to setup.py.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@304 510a4753-2344-4c79-9c09-4d669213fbeb
commit b6bf1d28bf1e13af872585b7f2533727f8762525
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Nov 27 03:18:58 2010 +0000
Added the Fko class code to wrap the _fko wrapper around libfko.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@303 510a4753-2344-4c79-9c09-4d669213fbeb
commit 00bc99a966a8e80126d2ab5bccb96e1c1d44e89e
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Nov 26 15:51:00 2010 +0000
Minor comment and documentation tweaks. Add the python directory which contains my first cut at a libfko Python wrapper module.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@302 510a4753-2344-4c79-9c09-4d669213fbeb
commit 04ebf6c2ad9109ec58038dbcb5a31157f8a4d664
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Nov 14 00:16:32 2010 +0000
Added code to zero out rcfile path before setting it. Also added a bounds check to that as well.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@301 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0f6ca00ac492551e2a10cd220b7839f065042dc7
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Nov 13 03:04:36 2010 +0000
Updated the GPL blurb at the top of the source files. Added some missing copyright statements (Thanks to Franck Joncourt).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@300 510a4753-2344-4c79-9c09-4d669213fbeb
commit 67af7f7921df283985648e5110fc5e488095fa9c
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Nov 10 15:30:09 2010 +0000
Updated perl module for additional error messages.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@299 510a4753-2344-4c79-9c09-4d669213fbeb
commit 781218e7e197e5e964876473a78b87b9d5496857
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 31 01:45:28 2010 +0000
Bumped version to rc3 (even though we may go straight to release) and lib rev to 3.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@298 510a4753-2344-4c79-9c09-4d669213fbeb
commit d84112adcab11303e549a31f50cdad36a0a54d8e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 31 01:36:25 2010 +0000
Update added HAVE_ERRNO_H 1 to win32/config.h.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@297 510a4753-2344-4c79-9c09-4d669213fbeb
commit a3bafdb36431d3b2c1acd5fc2c6b1e2dd12594ea
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Oct 30 16:19:54 2010 +0000
Needed to bump libfko revision to 2 do identify as part of newer dist.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@295 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3c83e899cba26a76a77658c42ebe1b4de7503bdf
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Oct 23 17:34:47 2010 +0000
Put the usleep back pcap_capture (oops).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@293 510a4753-2344-4c79-9c09-4d669213fbeb
commit ce6fe8c705e393ae59fac3199fb6ff94f14a7416
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Oct 21 02:39:57 2010 +0000
Tweaks to the fwknop.spec file
git-svn-id: file:///home/mbr/svn/fwknop/trunk@291 510a4753-2344-4c79-9c09-4d669213fbeb
commit bbe8c9d7a16cf0c139631975b1c1f4aebf10638b
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Oct 21 01:53:04 2010 +0000
Set pcap non-block mode back on unless it is a freebsd system. Server verbose output no longer shows access key or GPG password.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@290 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4f504848a009a43f8cc9131ca504f1207bfffdb4
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 17 02:52:21 2010 +0000
Fixed handling of man page generation in Makefile.am so it works from alternate build directories.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@289 510a4753-2344-4c79-9c09-4d669213fbeb
commit f1e82bc7aeaaec783b4072a19810e9287c939bdf
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 29 02:06:13 2010 +0000
Minor fwknopd man page tweak.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@288 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1381f183747caff1adca701c30f3b2996fcccda9
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 29 01:50:58 2010 +0000
Made autoconf print an error message indicating ipf is not supported if it is specified. Changelog updates.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@287 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6bcebe565c9d2f691ba5f6d032ffeca379416973
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 29 01:32:04 2010 +0000
Made fw_cleanup not remove rules from the expired rule set. Added code to read in any existing expired rules into the rule_map at startup.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@286 510a4753-2344-4c79-9c09-4d669213fbeb
commit ff9dad6fd9eec3bfd32076a3c9847cb669c64388
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Aug 27 22:09:36 2010 +0000
Wrapped #ifdef around a linux-specific chunk.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@285 510a4753-2344-4c79-9c09-4d669213fbeb
commit c4c158c1ba24158b48e842ea8a837a24b90c3d5d
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Aug 26 22:56:47 2010 +0000
Missed a config file update on the last check-in.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@284 510a4753-2344-4c79-9c09-4d669213fbeb
commit cdff077bb67f158e60f4d3a1643d70a3e3ac871f
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Aug 24 03:09:35 2010 +0000
Added rule expire and purge for ipfw. Almost there...
git-svn-id: file:///home/mbr/svn/fwknop/trunk@283 510a4753-2344-4c79-9c09-4d669213fbeb
commit 51c21b318f01793012861018c83ff0040e867591
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Aug 23 02:43:43 2010 +0000
Start of addition of access requests via ipfw.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@282 510a4753-2344-4c79-9c09-4d669213fbeb
commit b0de05c70ada1893ea3ab6750196232c97f72f29
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 14 01:26:42 2010 +0000
minor off-by-one fix for home directory path separator
git-svn-id: file:///home/mbr/svn/fwknop/trunk@281 510a4753-2344-4c79-9c09-4d669213fbeb
commit ea19245f99f59acc4ca056423828e6b06d036cbd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 12 02:19:03 2010 +0000
minor bug fix to account for PATH_SEP being defined as a character instead of a string
git-svn-id: file:///home/mbr/svn/fwknop/trunk@280 510a4753-2344-4c79-9c09-4d669213fbeb
commit 838b80fd7d7b822cfeecce9f2dc34c6ca49f68cd
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Aug 10 02:29:09 2010 +0000
Refactored firewall rule code to separate files by firewall type. Stubbed in ipfw and ipf firewall types. Updated autoconf to set a firewall type and path depending on configure arguments.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@279 510a4753-2344-4c79-9c09-4d669213fbeb
commit c1f67b900d4124084be115921e331533fb515b17
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 8 19:01:36 2010 +0000
Uncommented call to check_firewall_rules (left in while debugging freebsd build).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@278 510a4753-2344-4c79-9c09-4d669213fbeb
commit dcd6106a4bf0cc5646c790c252c9e246b4307b81
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 8 18:56:53 2010 +0000
Oops left out new header for last update.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@277 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6126b7b7ca8b5b0db5c13b5b9f64a70d42b6402f
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 8 18:53:35 2010 +0000
Updates to accomodate building and compiling on FreeBSD systems.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@276 510a4753-2344-4c79-9c09-4d669213fbeb
commit 51adbe26a2e27d449a6dc439ee8354b5e7a9a31e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 1 02:13:03 2010 +0000
Tweaks to autoconf files.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@275 510a4753-2344-4c79-9c09-4d669213fbeb
commit 55e9fe41e172e5f36557902b91e82155d62e39ab
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jul 31 19:11:22 2010 +0000
Added some OpenWRT-related files to the extras directory.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@274 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9c2cd267bffb88113acc486cda371a80257773b8
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jul 31 18:04:08 2010 +0000
Fixed issue with spaces in in access.conf comma-separated values. Fixed issue with GPG signature check being forced when GPG_REMOTE_ID is set and GPG_REQUIRE_SIG was "N". Updated dependency in the spec file. Updates to ChangeLog.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@273 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7dc24c133e0a135ca891e20e62f718660bd49c02
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 29 11:01:53 2010 +0000
Bug fix for USE_NDBM variable so that client-only builds work. The specific
error before the patch along with the command line invocation of the
"configure" script appear below:
$ ./configure --prefix=/usr --disable-server
[...]
configure: error: conditional "USE_NDBM" was never defined.
Usually this means the macro was only invoked conditionally.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@272 510a4753-2344-4c79-9c09-4d669213fbeb
commit 35f71a82fd02f4dbc99d65f5e931651c73d7709c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 25 15:40:51 2010 +0000
Added extras directory. Bumped version in autoconf to 1.0.0rc2.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@271 510a4753-2344-4c79-9c09-4d669213fbeb
commit 94130067a6554893601d81f0b1cf7812e810ca0d
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jul 19 02:39:26 2010 +0000
Cleaned out some old commented-out sections configure.ac and fixed an issue where exteranl file checks would fail when running configure in cross-compiler environment. No code changes made.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@269 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3111e5868b56b16bd3eee39cdd8a4b64924a513c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 18 01:56:19 2010 +0000
Removed a debug print statement.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@268 510a4753-2344-4c79-9c09-4d669213fbeb
commit bf8586922e9e81b74aa2ef35093f29ec9007c900
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 16 20:47:50 2010 +0000
Added check to make sure a firewall program is set.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@267 510a4753-2344-4c79-9c09-4d669213fbeb
commit aa0cc1c699c7102598f7db2fa4e61ad6dc6cda9e
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 16 20:14:35 2010 +0000
Per Franck Joncourt - Corrected misspelled word in fwknopd man page and access.conf.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@266 510a4753-2344-4c79-9c09-4d669213fbeb
commit b0886a1d4938d2ce940816b6ef857ef7a0acfa5f
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 16 14:28:32 2010 +0000
Updates and clean-up to address the many compiler warnings when compiled with -Wall. Also some autoconf updates
git-svn-id: file:///home/mbr/svn/fwknop/trunk@265 510a4753-2344-4c79-9c09-4d669213fbeb
commit c3da912fc282f22bab11aa1fd65c2b709a5a5344
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 16 01:09:11 2010 +0000
Updated the version number in the win32 config.h copy
git-svn-id: file:///home/mbr/svn/fwknop/trunk@264 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8cfa222761f5282af16bccbdec569324bf0c689d
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 16 00:39:17 2010 +0000
Fixed some misplaced dependencies in the fwknop.spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@263 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4c995c146badb1a4689b8e0889e2c04adcd8ef18
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jul 15 01:38:16 2010 +0000
Almost all he conf variables have a default value if they are not there (or set). All the entries in the initial fwknop.conf file are not commented out adn can be override as needed.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@262 510a4753-2344-4c79-9c09-4d669213fbeb
commit d904f5637f15a50b15d543a67181647dce63c9cb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jul 14 02:58:51 2010 +0000
removed additional wait() call from run_extcmd(), updated --fw-list to just use system() to execute the iptables listing commands
git-svn-id: file:///home/mbr/svn/fwknop/trunk@261 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6f4ff9cb69f6d3089791636d369b9698508e701f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Jul 13 04:09:07 2010 +0000
added --fw-list arg to the fwknopd daemon to list all current firewall rules for any running fwknopd process
git-svn-id: file:///home/mbr/svn/fwknop/trunk@260 510a4753-2344-4c79-9c09-4d669213fbeb
commit ed9170e506d104577caca79e849e0017ca8252b2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jul 12 01:48:49 2010 +0000
- added is_valid_dir() utility function for checking directory stat()/existence (this
is used for gpg keyring path validation).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@259 510a4753-2344-4c79-9c09-4d669213fbeb
commit f03b2786eba1c3d263494b249e48b534e9461773
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 11 20:16:32 2010 +0000
Added the fwknopd_errors.[ch] files which provides the get_errstr() and fwknopd_errstr() functions. The get_errstr() function takes and error_code, tries to determine the type, then calls the appropriate xxx_errstr function to return a description string. Fixed some minor errors in the libfko API docs.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@258 510a4753-2344-4c79-9c09-4d669213fbeb
commit 390ea80df7d4c9c8ad94bc135f0de100d2c35705
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 11 14:04:23 2010 +0000
Moved force set of verify flag on remote_id value to before decryption phase.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@257 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3c5c8f1da7c19da68a63a8571756105c8f75d17b
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 11 13:55:44 2010 +0000
Reverted last libfko change. Added set verify_sig flag when remote_ids are specified.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@256 510a4753-2344-4c79-9c09-4d669213fbeb
commit 647fc3e64d9a9215b2066879528a6634d828638f
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 11 13:36:18 2010 +0000
Removed checks for sig verification flag on gpg_sig info related functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@255 510a4753-2344-4c79-9c09-4d669213fbeb
commit eed35a8f1cec59d3de67d04666fc46e5ece5fe15
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jul 11 12:37:31 2010 +0000
minor update to check the gpg keyring path setting in access stanzas only if a decrypt password is specified
git-svn-id: file:///home/mbr/svn/fwknop/trunk@254 510a4753-2344-4c79-9c09-4d669213fbeb
commit 05fdf6f3196d4a64663d564c12385c1316bf5943
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jul 11 02:49:12 2010 +0000
minor macro update to define the default gpg keyring
git-svn-id: file:///home/mbr/svn/fwknop/trunk@253 510a4753-2344-4c79-9c09-4d669213fbeb
commit 688ae8d4f0a20b2f130acba3d25018a4d8ca0351
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jul 11 02:45:38 2010 +0000
Updated to define a default gpg keyring path of /root/.gnupg, and if the GPG_HOME_DIR variable
is not defined in the fwknopd.conf file or the access.conf file, then this default will take
over.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@252 510a4753-2344-4c79-9c09-4d669213fbeb
commit a0b813ca55671cf7493df73d8b8db8f3e0792e95
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 11 01:27:12 2010 +0000
Reworked how man pages are generated. Now, man pages in the client and server directory are "fwknop(d).8.in" and a target was added to Makefile.am to create the man pages while doing variable substitutions based on directives specified via the configure script. Minor tweak to fwknop.spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@251 510a4753-2344-4c79-9c09-4d669213fbeb
commit 492b1db86101de2d31db3d0883ff29494f652b59
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jul 10 16:41:52 2010 +0000
Slightly revamped how signals were setup.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@250 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4a85c6fd258c643333f90238f2fddc2fc3374408
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jul 10 00:48:41 2010 +0000
Modified top-level Makefile.am so the legacy perl stuff is not packaged into the distribution tar file. More cleanup of the fwknopd man page.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@249 510a4753-2344-4c79-9c09-4d669213fbeb
commit 153d1ec96259398635e9ee32117904742bd42b16
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 9 18:18:41 2010 +0000
Added AC_SYS_LARGE_FILE to configure.ac
git-svn-id: file:///home/mbr/svn/fwknop/trunk@248 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9c6377aff641034e45a63e31bd7c1fc3f64ce998
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 9 02:09:22 2010 +0000
Manpage updates
git-svn-id: file:///home/mbr/svn/fwknop/trunk@247 510a4753-2344-4c79-9c09-4d669213fbeb
commit b83733f00dcf0e79e998cd2235c511bec6509934
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jul 8 02:07:35 2010 +0000
Renamed the legacy perl verison of fwknop.spec to fwkop-legacy.spec to resolve rpmbuild confusion when using the -tx options.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@246 510a4753-2344-4c79-9c09-4d669213fbeb
commit a80b392d2720d0f05ea970436968ef0d2cf47545
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jul 8 02:02:12 2010 +0000
Fixed another oops in the spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@245 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9d2a4c247175ef83bb40e4aadd2af81e19f4b423
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jul 8 01:59:51 2010 +0000
Fixed autoconf config so libfko and fwknop client are not linked with libpcap and libgdbm. Fixed some issues in the fwknop.spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@244 510a4753-2344-4c79-9c09-4d669213fbeb
commit 21e2c95364aa74b31c0223d657516f049e57f25b
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 17:46:46 2010 +0000
Use USERPROFILE instead of HOME for homedir determination on win32 builds.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@243 510a4753-2344-4c79-9c09-4d669213fbeb
commit e63f1de1e3edef0e23fc7911014ea4f5f2d84b5b
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 17:36:20 2010 +0000
Removed unreferenced variables.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@242 510a4753-2344-4c79-9c09-4d669213fbeb
commit bbb8f7bcc6081900529162a2948cfd834de08fd9
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 17:32:21 2010 +0000
Fixed issues found by the Windows compiler (that I would think would have been flagged by gcc).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@241 510a4753-2344-4c79-9c09-4d669213fbeb
commit b098a07f045e00b03b678fc9fc9ee3ff35ffffcf
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 15:47:22 2010 +0000
Fixed bug where ALLOW_IP of resolve was not overridden by an ALLOW_IP parameter in a named stanza. Removed erroneous invalid parameter from the initially generated .fwknoprc file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@240 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2e03feabef665f8116ffaa0e69ea4ef46ff8e1b6
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 02:39:55 2010 +0000
Minor cleanup on the spec file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@239 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2a67766589b7f629d604ab656f4143a6f3fa700b
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jul 7 02:32:01 2010 +0000
Added fwknop.spec for rpm builds. Removed the server post install hook as it breaks make distcheck and rpm builds.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@238 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7308180c22113acf0a4debf77360a030ad8b58db
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jul 6 19:02:39 2010 +0000
Fixed bug where named-stanza was not being found when it indeed existed.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@237 510a4753-2344-4c79-9c09-4d669213fbeb
commit d7fc21d254b803a3dfa5d50d7ebfc70e1269deea
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jul 6 02:12:06 2010 +0000
Fixed bad param name in generated .fwknoprc file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@236 510a4753-2344-4c79-9c09-4d669213fbeb
commit e9c0f415414abb2b287ff15d0f973ed5d01aa38f
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jul 6 00:59:33 2010 +0000
Added installation hook to set the perms on the .conf files to 600 during make install. Minot doc tweak.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@235 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5035cf0fed040da379f4f81fea905bec837c9790
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jul 5 22:49:03 2010 +0000
Added .fwknoprc file creation and processing. This allows for saved default and named configuration profiles. Updated fwknop manpage to reflect the new capability. Also cleaned up messages (errors, info) from the program.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@234 510a4753-2344-4c79-9c09-4d669213fbeb
commit a1531a56e3668352279e04ebd1c85907d9eb0c29
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jul 5 02:18:44 2010 +0000
Due to issues and usage restrictions on whatismyip.com, I am making the default resolve_ip_http url www.cipherdyne.org/cgi-bin/myip.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@233 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8129f86ddd069e928daa2e97561a51763a0aaa70
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 4 21:12:51 2010 +0000
More cleanup. Removed the direction field (src, dst, both) from the chain configuration directives. Remove the HOSTNAME parameter as it was not used.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@232 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5f1f0650ead7e1b8a70e5bbbef6aa6befb18a247
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 4 13:34:31 2010 +0000
Put locale code back in. More cleanup of config directives and options.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@231 510a4753-2344-4c79-9c09-4d669213fbeb
commit b6c57aa6a0f8a7e29aeebd9588ca49278c870e62
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jul 3 02:07:28 2010 +0000
Changed the way running external commands are hanlded to address issues with it not working on some systems/configurations. Just using system and popen and fw commands are run with stdout and stderr tied to gether.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@230 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3c3d75abb57b2513eca14df4951f8bdafce47340
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 1 03:44:42 2010 +0000
applied patch from Franck to catch a couple of man page typos
git-svn-id: file:///home/mbr/svn/fwknop/trunk@229 510a4753-2344-4c79-9c09-4d669213fbeb
commit 14e844f3f2838dc4401c59cba54c1ffcff89e4fd
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jul 1 03:12:32 2010 +0000
Updates to TCP server to close the lock file handle, use a non-blocking socket, and detect when the parent fwknop dies so it can exit as well.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@228 510a4753-2344-4c79-9c09-4d669213fbeb
commit b217c6a1fa6fde872df0148d3cf1c4c05fd691e1
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 29 02:40:59 2010 +0000
Added the GPG signature checking code. Added GPG_REQUIRE_SIG and GPG_IGNORE_SIG_VERIFY_ERROR parameters to access.conf. Implement the checking of GPG signature IDs against the GPG_REOMOTE_ID list.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@227 510a4753-2344-4c79-9c09-4d669213fbeb
commit b7ede1625d03323b60e0696eb37fff9355027e4e
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 29 01:00:11 2010 +0000
Added support for COMMAND_MSG requests. Also added CMD_EXEC_USER to access.conf to allow for fwknopd to setuid to the specified user before running the command. Other minor tweaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@226 510a4753-2344-4c79-9c09-4d669213fbeb
commit b95d222d3c8cab0ad7e9b68ef3279f3cbb8a0d69
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 27 21:07:56 2010 +0000
More tweaks, clean-up and documentation tweaks for the first release. Made client http-proxy option allow case insensitive match and to take an option :port as part of the argument.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@225 510a4753-2344-4c79-9c09-4d669213fbeb
commit fe09438921e45127cf4aae19621f135b20c098fb
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jun 24 02:31:36 2010 +0000
Start of cleanup for beta release candidate. Removed locale-related code (for now) as it was breaking some things like logging. removed some unimplemented and/or unused parameters and config directives (as well as thier respective documentation references. Added a --rotate-digest-cache command-line arg to force a rename of the digest cache file and start a new one.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@224 510a4753-2344-4c79-9c09-4d669213fbeb
commit b57ada4c169be31cd481c63c61b2d11df72e1679
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 22 01:28:49 2010 +0000
More updates to take care of warnings on Ubuntu systems (fixes for common sense warnings that should have come up om my Fedora system but didn't).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@223 510a4753-2344-4c79-9c09-4d669213fbeb
commit aef097a31f4c0afe508b878f23fc3dc4f54de287
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 22 01:14:42 2010 +0000
Some tweaks to the sigchld handling in the server. Other misc minor cleanup.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@222 510a4753-2344-4c79-9c09-4d669213fbeb
commit 68b171ddd4ce2cf97cd17eb2ba816589b66c1a00
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jun 21 03:24:27 2010 +0000
More tweaks. Added SIGCHLD handler and code to try to restart the TCP server if it dies for whatever reason.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@221 510a4753-2344-4c79-9c09-4d669213fbeb
commit 315f3e677843ba9e1efc8d03104f759859aa0d62
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 20 23:15:52 2010 +0000
Tweak to client usage message output. Added TCP server funcionality to the server (call it a first cut).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@220 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3915f1b7aacd169ad7a82c1ba0e05c43514fa428
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 20 15:22:41 2010 +0000
Added support for parsing and processing SPA requests over HTTP. Beefed up verbose logging a bit. Added some more sanity checks on the validity of incoming SPA data before attempting to decode.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@219 510a4753-2344-4c79-9c09-4d669213fbeb
commit 63b4da38dcd320e18b74641fac42ddad11876aa4
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jun 19 01:15:19 2010 +0000
Mostly documentation file updates.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@218 510a4753-2344-4c79-9c09-4d669213fbeb
commit dc6058d3a5b325ae07bfa6309cccf90fcec3802f
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jun 16 03:12:00 2010 +0000
Tweaked firewall rule creation code. Added SNAT/MASQUERADE support. Fixed rule processing code so an INPUT rule was not created for NAT request. Still needs more review and testing.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@217 510a4753-2344-4c79-9c09-4d669213fbeb
commit 579ec77698efeccbc933d7bcfbd0431577a1ed20
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 15 02:50:17 2010 +0000
Added support for FWKNOP_OUTPUT_ACCESS and NAT_ACCESS modes (still needs testing and tweaking).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@216 510a4753-2344-4c79-9c09-4d669213fbeb
commit fa12602f096c7a8428d6265820b9b9f3db4f1e90
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 8 02:02:44 2010 +0000
Very minor comment and code tweaks (mostly just an excuse to test the relocation of the svn server).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@215 510a4753-2344-4c79-9c09-4d669213fbeb
commit aad2daadbfe4285fb9ece3153d7517ce9041f8d0
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon May 17 01:27:26 2010 +0000
First cut at creating access rules and removing them when they expire (not sure I like this implementation but it is a start).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@214 510a4753-2344-4c79-9c09-4d669213fbeb
commit bf9e165165021db01828da6a67a2488e3606a70e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Apr 25 14:44:01 2010 +0000
Added the fwknopd.8 man page.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@213 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0008cdc86c0e329a98f78cd786a5e0ac1c86bf0c
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Apr 14 01:59:02 2010 +0000
Minor tweaks to firewall rules processing and external command execution code.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@212 510a4753-2344-4c79-9c09-4d669213fbeb
commit 83a10b96f6a121240e738fda9a8b123a65bf1992
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Apr 12 12:41:57 2010 +0000
Started firewall rule processing. Added rule initialization. Added some of the initial routines for external command execution with ability to capture stdout, stderr, and exit status.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@211 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9282a0fd29ab1d5363daf68bee361eadf936363d
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Mar 14 03:45:03 2010 +0000
Changed to fix possible double-free bug under some circumstances.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@210 510a4753-2344-4c79-9c09-4d669213fbeb
commit f3c33c273bf18fab710e31da19d1e2aeac4b3ddd
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Feb 9 20:23:42 2010 +0000
Added an initial fwknopd.8 man page (and source asciidoc). Added the --locale and --no-locale command-line option support. The set_config_entry function now allows setting a config entry to NULL to clear and free it.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@209 510a4753-2344-4c79-9c09-4d669213fbeb
commit d24b19ec946e67d216eff3fa5d78dd1fda160fcc
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 7 03:30:46 2010 +0000
Updated TODO list (removed items that were compled and/or deprecated).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@208 510a4753-2344-4c79-9c09-4d669213fbeb
commit 43731722892392820fa629c4402f547e5fa96efa
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Feb 6 19:27:54 2010 +0000
Tweaks to eliminate warnings on win32 build of libfko and client.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@207 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7ba6482afb1823b8562cda590394df347d922243
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Feb 6 18:58:13 2010 +0000
Forgot to remove the m4 dir from Makefil.am
git-svn-id: file:///home/mbr/svn/fwknop/trunk@206 510a4753-2344-4c79-9c09-4d669213fbeb
commit d0373a5b3386f5e459d069bb619a572207ec1e57
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Feb 6 03:43:54 2010 +0000
Fixed libfko so gpgme engine is gpg by default. Added functions to libfko to set/get path to gpgme engine. Fixed some memory leaks. Reworkd the get_user_pw routine. Added code in fwknopd to put back the "hQ" string on the front of incoming GPG-encypted message data. Removed the previously add pretty-print routine to configure. Updated configure to check for path to gpg executable. Updated docs accordingly.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@205 510a4753-2344-4c79-9c09-4d669213fbeb
commit 02e5d45bf0ca861acc89d206d80404689949f7c2
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 31 01:42:49 2010 +0000
Bumped working version to 2.0.0-alpha-pre2 to differentiate from the tagged 2.0.0-alpha-pre1. Updated Changelog.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@204 510a4753-2344-4c79-9c09-4d669213fbeb
commit e3bd3b703e8a6cab07c0e0d24f145da40b0fe1cb
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jan 30 20:22:53 2010 +0000
Added additional sanity checks and clean-up of access.conf processing and functionality. Fixes require source and added check for required username. Added fallback to use GPG_DECRYPT_PW if it was set and the normal KEY failed with a decyption error. Fixed packet count checks to allow a limit of 0 to mean unlimited number of packets.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@203 510a4753-2344-4c79-9c09-4d669213fbeb
commit 903f5f466c76d4bf617e93bdf50a67d02f4108a6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 20 01:34:23 2010 +0000
updated to call dump_access_list() if -D was given to dump config information
git-svn-id: file:///home/mbr/svn/fwknop/trunk@202 510a4753-2344-4c79-9c09-4d669213fbeb
commit e8b875789b107283cad7d4079e9e86d4273bf53c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 20 01:20:36 2010 +0000
Update to call parse_proto_and_port() before allocating a new port list. This
fixes the following stack trace when generating an SPA packet that contains
"none/0" for the port list:
Program received signal SIGABRT, Aborted.
0x00007ffff74574b5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) where
#0 0x00007ffff74574b5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff745af50 in *__GI_abort () at abort.c:92
#2 0x00007ffff748fc97 in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3 0x00007ffff7499dd6 in malloc_printerr (action=3, str=0x7ffff755b748 "double free or corruption (fasttop)", ptr=<value optimized out>) at malloc.c:6217
#4 0x00007ffff749e74c in *__GI___libc_free (mem=<value optimized out>) at malloc.c:3716
#5 0x000000000040570c in free_acc_port_list (acc=0x60a1c0, port_str=0x7fffffffdc20 "none/0") at access.c:390
#6 acc_check_port_access (acc=0x60a1c0, port_str=0x7fffffffdc20 "none/0") at access.c:892
#7 0x0000000000403f4a in incoming_spa (opts=<value optimized out>) at incoming_spa.c:229
#8 0x00000000004041eb in pcap_capture (opts=0x7fffffffde40) at pcap_capture.c:155
#9 0x0000000000402ba7 in main (argc=9, argv=0x7fffffffe6e8) at fwknopd.c:241
git-svn-id: file:///home/mbr/svn/fwknop/trunk@201 510a4753-2344-4c79-9c09-4d669213fbeb
commit b34c506a90e9fe4eda22c5dec367179f5ca36d5c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 20 01:18:12 2010 +0000
bug fix to ensure the --last-cmd re-parsing of command line args via getopt_long() has a reset index
git-svn-id: file:///home/mbr/svn/fwknop/trunk@200 510a4753-2344-4c79-9c09-4d669213fbeb
commit daca01a2c656a3103db502b1aca6c338b31d2534
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Jan 19 02:51:37 2010 +0000
Added minor validation code to access.conf parsing to ensure that a SOURCE stanza
begins with the SOURCE variable and that there is at least one usage of the
OPEN_PORTS and KEY variables. The OPEN_PORTS requirement might be relaxed when
PERMIT_CLIENT_PORTS handling is added.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@199 510a4753-2344-4c79-9c09-4d669213fbeb
commit ca531c3dccc804acad9101d61eeb5daa5c09d065
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Jan 19 02:48:41 2010 +0000
bug fix in --packet-limit handling to ensure multi-packet processing when the arg is not used
git-svn-id: file:///home/mbr/svn/fwknop/trunk@198 510a4753-2344-4c79-9c09-4d669213fbeb
commit 33cb0d48269ec95866eade22bbe854d6955bed35
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 16 22:09:14 2010 +0000
added --server-cmd arg to fwknop client man page and help output
git-svn-id: file:///home/mbr/svn/fwknop/trunk@197 510a4753-2344-4c79-9c09-4d669213fbeb
commit cee622aab5779012d0d233cec118c4a37538ac34
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 16 21:11:27 2010 +0000
added --last-cmd argument to fwknop(8) man page via the fwknop.man.asciidoc file
git-svn-id: file:///home/mbr/svn/fwknop/trunk@196 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1092e6ef4676562518899ddb37fbda7b485567e3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 16 14:59:36 2010 +0000
* Fixed a few minor warnings like the following:
cipher_funcs.c:85: warning: ignoring return value of ‘fread’, declared with attribute warn_unused_result
A few of these were in code in the lib/ directory, and required adding a
new error code 'FKO_ERROR_FILESYSTEM_OPERATION' and associated error
string 'Read/write bytes mismatch'.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@195 510a4753-2344-4c79-9c09-4d669213fbeb
commit 80bde174adb5378a1589dd66a14feba19bc21454
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 16 14:35:22 2010 +0000
(legacy code) (test suite) Bug fix for GnuPG SPA/HTTP tests not pointing to the proper HTTP output file
git-svn-id: file:///home/mbr/svn/fwknop/trunk@194 510a4753-2344-4c79-9c09-4d669213fbeb
commit d1fae9bee1e0c9a8b2afa8c4a90b9a78e2e7b2d8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 16 01:05:41 2010 +0000
* Added a new command line argument "--last-cmd" to run the fwknop client
with the same command line arguments as the previous time it was
executed. The previous arguments are parsed out of the ~/.fwknop.run
file (if it exists).
* Bug fix to not send any SPA packet out on the wire if a NULL password/key
is provided to the fwknop client. This could happen if the user tried to
abort fwknop execution by sending the process a SIGINT while being
prompted to enter the password/key for SPA encryption.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@193 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4e128083457b775ab552a620016f0623761490f3
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jan 11 01:33:38 2010 +0000
Added support for multiple GPG_REMOTE_ID values from access.conf (still need to implement the use of those however). Also, went back to support colons (:) as an optional part of the access.conf parameter name (better to keep backward compatibility).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@192 510a4753-2344-4c79-9c09-4d669213fbeb
commit d2ec56b6ce493d81ffb293386212c0f578836534
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 9 14:22:22 2010 +0000
minor update to the fwknop client to use '#define GETOPTS_OPTION_STRING' for
getopt() command line arg processing.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@191 510a4753-2344-4c79-9c09-4d669213fbeb
commit bcdef1938a75a625394ee892457a3142af57e4c2
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jan 6 03:05:45 2010 +0000
Commented out AM_MAINTAINER_MODE.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@190 510a4753-2344-4c79-9c09-4d669213fbeb
commit b32c23e12ec45d270478f4ff8a94dc3ee9c18fcb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 6 00:53:23 2010 +0000
added -a arg to fwknopd usage() output
git-svn-id: file:///home/mbr/svn/fwknop/trunk@189 510a4753-2344-4c79-9c09-4d669213fbeb
commit be37cecda17f44c9ef875b894b47d5239a8916a9
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jan 5 00:06:56 2010 +0000
Updated changelog. Made the fwknop.man.asciidoc match the changes made to the fwknopd.8 manpage.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@188 510a4753-2344-4c79-9c09-4d669213fbeb
commit 11cedcf3eb610e9e747cd74d7d5de897cff4f02a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 4 04:08:58 2010 +0000
Added --access-file command line arg to fwknopd so that the path to the
access.conf file can be specified from the command line.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@187 510a4753-2344-4c79-9c09-4d669213fbeb
commit ed6a01d9965e692f4455c7d80ac89c1e68e67054
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 4 00:36:39 2010 +0000
removed unnecessary --no-save arg since --no-save-args covers it
git-svn-id: file:///home/mbr/svn/fwknop/trunk@186 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1d91143a25d1bc17fd9228195423d41c61a4af69
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 4 00:36:03 2010 +0000
added --http-proxy argument to the fwknop.8 man page
git-svn-id: file:///home/mbr/svn/fwknop/trunk@185 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5c5d8d92dfdeae86f878add69f866d38efe0c205
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 4 00:35:06 2010 +0000
added --http-proxy and --no-save-args to usage() output
git-svn-id: file:///home/mbr/svn/fwknop/trunk@184 510a4753-2344-4c79-9c09-4d669213fbeb
commit 055aa365cb91b8c937113736b96d9c7757084fe4
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jan 4 00:20:19 2010 +0000
Added access.conf handling and processing. Added a new acces.conf parameter: RESTRICT_PORTS for specifying 1 or more proto/ports that are explicitly not allowed.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@183 510a4753-2344-4c79-9c09-4d669213fbeb
commit 852a65394248bc75e531200cff1331af405e77e9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 21:27:57 2010 +0000
minor spacing fix
git-svn-id: file:///home/mbr/svn/fwknop/trunk@182 510a4753-2344-4c79-9c09-4d669213fbeb
commit ba68afc37b833a8d0d3e920b9f6d85b3645a9da7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 04:52:25 2010 +0000
added Id tag expansion
git-svn-id: file:///home/mbr/svn/fwknop/trunk@181 510a4753-2344-4c79-9c09-4d669213fbeb
commit 510702dc1834a47c096f412fe62ff29cd273f2e4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 04:49:51 2010 +0000
added Id tag expansion
git-svn-id: file:///home/mbr/svn/fwknop/trunk@180 510a4753-2344-4c79-9c09-4d669213fbeb
commit 153a0964e2d1e7a6fccaf7cfd7d58bbec057c7e2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 04:37:37 2010 +0000
Added --packet-limit to fwknopd so that the number of incoming candidate
SPA packets can be limited from the command line. When this limit is
reached (any packet that contains application layer data and passes the
pcap filter is included in the count) then fwknopd exits.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@179 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9e4efa55baf3c97f1855ad3d24c51c8fd3472f63
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 3 02:00:26 2010 +0000
minor update to include the -f arg in the usage() output
git-svn-id: file:///home/mbr/svn/fwknop/trunk@178 510a4753-2344-4c79-9c09-4d669213fbeb
commit 909ff4eaecbf78d3bc1b7e5ffaa9958dd4c40892
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Jan 2 16:42:07 2010 +0000
Added check for and create of run dir and/or basename of digest_cache (if different from run dir). Added set_locale() call based on LOCALE setting in the conf file.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@177 510a4753-2344-4c79-9c09-4d669213fbeb
commit d8dc9be9412b8103f4f6b68e45ba84d0d21507c1
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 29 20:16:52 2009 +0000
Added check for SPA packet age against the MAX_SPA_PACKET_AGE if ENABLE SPA_PACKET_AGING is set to "Y" in the conf file. Made the digest cache check only of ENABLE_DIGEST_PERSISTENCE is "Y".
git-svn-id: file:///home/mbr/svn/fwknop/trunk@176 510a4753-2344-4c79-9c09-4d669213fbeb
commit 142d07142bc60860c01807675b5ad9668c78ca10
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 29 04:27:54 2009 +0000
Fixed incorrect variable in configure.ac.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@175 510a4753-2344-4c79-9c09-4d669213fbeb
commit b8235802032a7069d1574c266a5749866a54cb33
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 29 03:56:32 2009 +0000
Added configure args for specifying specific pathes to the local executables used by fwknopd.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@174 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2310b366ee16f3e5f1a59c2c07e9081d3123d1de
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 29 02:45:47 2009 +0000
Made local exe checks run only of a server is being built. Removed checks for external progs that may not be needed yet.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@173 510a4753-2344-4c79-9c09-4d669213fbeb
commit 861c0e8e1a87b8bdac7118b81dfc13de722d5260
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Dec 28 03:20:55 2009 +0000
Autoconf updates for detecting locally installed program paths and changes to facilitate portability. Also set AM_MAINTAINER_MODE so we are not forced to regen/reconfigure when we change one of the autoconf source files (but we do now need to remember to do it ourselves before making a new dist).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@172 510a4753-2344-4c79-9c09-4d669213fbeb
commit f6b98cab8791b248ed95a56d79abd60e60fd4107
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 18 13:43:49 2009 +0000
The default conf and run directories are captured from the autoconf output. Added post install hook to create the xxx/var/run/fwknop directory (which works, but breaks the "make distcheck" feature of autoconf). Changed order of config processing and set conf struct for some default and overridden parameters so they will be shown properly when -D is used.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@171 510a4753-2344-4c79-9c09-4d669213fbeb
commit 814d7d3565269592670316fa6f9c9729bf15b8ae
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Dec 7 03:48:53 2009 +0000
Fixed bug in signal handling when libpcap version 1.0 is used. Minor doc update.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@170 510a4753-2344-4c79-9c09-4d669213fbeb
commit fecdd4a76462b4dd6bbeaee516622def0d64a9a0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 20 05:17:02 2009 +0000
bumped version to 2.0.0-alpha-pre1
git-svn-id: file:///home/mbr/svn/fwknop/trunk@168 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4d2521bcd8f07e649f78ea6c04919ead76c32afb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 20 05:16:06 2009 +0000
minor bug fix to not append --Server-port option in --rand-port mode
git-svn-id: file:///home/mbr/svn/fwknop/trunk@167 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7401ef9644dc4715b8612ab1250b1e81c057819a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 20 05:15:44 2009 +0000
minor bug fix to ensure that -R resolution work with --URL=http://www.cipherdyne.org/cgi/clientip.cgi
git-svn-id: file:///home/mbr/svn/fwknop/trunk@166 510a4753-2344-4c79-9c09-4d669213fbeb
commit 867990aa7d09acbf7c24878d917007e98318ada8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 20 04:52:32 2009 +0000
* (Legacy code) Bug fix to allow the --rand-port argument to function along
without an inappropriate check for the --Server-port arg.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@165 510a4753-2344-4c79-9c09-4d669213fbeb
commit fc8e8dd2dcc54c90118cc1a0556d9d3b60c33f92
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Nov 2 05:05:30 2009 +0000
(Legacy code) Applied patch from Jonthan Bennett to support the usage of
the http_proxy environmental variable for sending SPA packets through an
HTTP proxy. The patch also adds support for specifying an HTTP proxy
user and password via the following syntax:
'http://username:password@proxy.com:port' or
'http://username:password@proxy.com'
git-svn-id: file:///home/mbr/svn/fwknop/trunk@164 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5cf8813eac21edec19cc5dbf754df11e32cc3240
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Nov 2 01:46:56 2009 +0000
Updated digest cache to store additional information including src ip, created, first_replay, last_replay, and replay count.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@163 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2145aeac5b9e010d973b7d7eaa9f56c1a0e6155c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 28 03:52:14 2009 +0000
added the latest http proxy fixes to the ChangeLog
git-svn-id: file:///home/mbr/svn/fwknop/trunk@162 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9dfe63e8582a9efe4cbd71219d4ee18b48900753
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 28 03:51:30 2009 +0000
added Daniel Lopez, and Jonathan Bennett's proxy fix
git-svn-id: file:///home/mbr/svn/fwknop/trunk@161 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8614cc1f625664d16068a714cabfdadb9c106125
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 28 03:38:57 2009 +0000
- Added --http-proxy argument to the fwknop C client.
- (Legacy code): Changed HTTP proxy handling to point an SPA packet to
an HTTP proxy with -D specifying the end point host and --HTTP-proxy
pointing to the proxy host. This fix was suggested by Jonathan Bennett.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@160 510a4753-2344-4c79-9c09-4d669213fbeb
commit 38590801e06fffc3b231af0c6ef231853d7519fb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 25 15:48:02 2009 +0000
Added better --debug output for time differences on incoming SPA packets. This makes it
easier to tell when there are problems with time synchronization between the fwknop client
and fwknopd server systems.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@159 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8cd0864ab076aa851628965f08b74d5163352de6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 25 15:46:35 2009 +0000
Added --List-mode so that identifying strings for tests can be printed on stdout. This is
useful to see what is available for --test-include regex's.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@158 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7f95651feda44a1929cdc3df712a9d28f657b51f
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Oct 19 23:52:36 2009 +0000
Fixed minor typo in the POD synopsis (thanks Franck!).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@157 510a4753-2344-4c79-9c09-4d669213fbeb
commit b0edb8cafea3f34ed2f394b125e61b422f46e1e5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 18 16:32:05 2009 +0000
updated to handle the fwknop-c version string '2.0.0-alpha' in HTTP tests
git-svn-id: file:///home/mbr/svn/fwknop/trunk@156 510a4753-2344-4c79-9c09-4d669213fbeb
commit 34745aa8be48ad4b07897fa052548e63d4c1a17c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 18 14:35:28 2009 +0000
Fixed missed MY_DBM_CLOSE call
git-svn-id: file:///home/mbr/svn/fwknop/trunk@155 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4b8e3e974b218c688774ab51e046d16fd5ba8a2b
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 18 14:26:06 2009 +0000
Changed digest cache to use gdbm directly wth fallback to ndbm (still not tested).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@154 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8c1261ca39fba47568542b8afdb5ca1b16cadf3e
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Oct 16 02:23:02 2009 +0000
Fixed memory leak issue in libfko when fko_new_with_data() was called with a bad key. Added autoconf checks for gdbm with fallback to ndbm for server builds. Added digest cache capability using gdbm (in ndbm compatibility mode) or ndbm for replay detection.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@153 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8b4b55fa4450c271cd39934cebb53b4e766b3147
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Oct 11 17:42:45 2009 +0000
Added stubs and some handling for signals. SIGHUP induces the re-reading the configs and restarting the capture loop. SIGTERM and SIGINT simply trigger a graceful exit. Trimmed some more of the configuration options.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@152 510a4753-2344-4c79-9c09-4d669213fbeb
commit e399f39c395010337b368bd1547aeca68bda33e9
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Sep 28 00:33:09 2009 +0000
Updated sniffer to be able to handle the linux "any" interface.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@151 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5a72c4fca76ef29bbb52a6333dfbedde08498741
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Sep 27 15:09:41 2009 +0000
Updates and enhancements to logging functions. Now log_msg writes only to stderr when running in foreground. Default log facility is LOG_DAEMON. Config file options of ENABLE_PACP_PROMISC, HOSTNAME, SYSLOG_IDENTITY, and SYSLOG_FACILITY are processed.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@150 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8a94aa94126bef1c5d4d7fcef6999c840bec6297
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Sep 24 03:13:33 2009 +0000
Updated pid/lock file handling. Implemetned -K option.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@149 510a4753-2344-4c79-9c09-4d669213fbeb
commit 61c243f827d3b6b68e0111eb931641416cf395d9
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Sep 14 00:38:31 2009 +0000
Added some more (stubbed-in) server code and functions. Minor doc tweak.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@148 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8a06e363382d3e9fff3e73759bdbc219e7d64212
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Sep 14 00:37:13 2009 +0000
Removed the wipe_pw routine as it could result in segfaults when a static key is used.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@147 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2bf25e62a7ed95057ea7c85c2f1f52dd6fcb7cb2
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Sep 11 00:43:24 2009 +0000
Added perl/legacy distribution (fwknop-1.9.12). Renamed this distribution from fwknop-c to simply fwknop. Made the version 2.0.0-alpha.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@143 510a4753-2344-4c79-9c09-4d669213fbeb
commit a07decf1d910a9664a7f8002c3d53a34b95761f6
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Sep 9 01:38:03 2009 +0000
Added some more stuff to deal with byte order identification on Solaris 10 x86 systems.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@142 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4fef98682b278338fbd10ab8ab587407cfbbc4c0
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Sep 6 02:38:30 2009 +0000
More tweaks to config file processing, including simple variable expansion.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@141 510a4753-2344-4c79-9c09-4d669213fbeb
commit 911361deff49eb051f236bcca4ff3a4a26a22505
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Sep 5 23:41:15 2009 +0000
Minor manpage tweak
git-svn-id: file:///home/mbr/svn/fwknop/trunk@140 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0c87e7395feec4bd17dffd8e3361aec853bb4661
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Sep 5 17:32:15 2009 +0000
Added override config handling and updated the config_init routines to parse everything in the correct order (i.e. config file, override configs, then command-line).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@139 510a4753-2344-4c79-9c09-4d669213fbeb
commit 998fe8da0af353f66d11f04e45133738316351db
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Sep 5 02:54:42 2009 +0000
Added more server command-line and config file processing code. Updated autoconf config for new checks and files.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@138 510a4753-2344-4c79-9c09-4d669213fbeb
commit 791eb4055b767b7e4d0501e5e5273cc244e4525b
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Sep 4 21:14:44 2009 +0000
Added check for libpcap. More stubbing in on the server code side.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@137 510a4753-2344-4c79-9c09-4d669213fbeb
commit f0fa45cec2e501a538d861e70ed81084bba47096
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Sep 3 03:25:35 2009 +0000
Added fwknop.man.asciidoc to docs and fwknop.8 man page to client (derived from fwknop.man.asciidoc).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@136 510a4753-2344-4c79-9c09-4d669213fbeb
commit 10c0aabe3860ae47ac32e69db92295b060c18a31
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Aug 12 02:11:14 2009 +0000
Fixed another minor typo in the doc
git-svn-id: file:///home/mbr/svn/fwknop/trunk@135 510a4753-2344-4c79-9c09-4d669213fbeb
commit 768606906ee35773f6d3e8d71681545eb9256ed7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Aug 11 03:11:57 2009 +0000
updated SPA over HTTP packets to always begin the a slash right after the GET string, updated to print SPA packets over HTTP to stderr in test/verbose mode
git-svn-id: file:///home/mbr/svn/fwknop/trunk@134 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1781e9e758b6fbeb8a91b60d566aef4ac4b79f3a
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Aug 11 02:04:51 2009 +0000
Updated ip,port format and value check.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@133 510a4753-2344-4c79-9c09-4d669213fbeb
commit eaa179a6c1384df12d471e8e23b3973816e09e6b
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Aug 11 01:40:47 2009 +0000
Changed http_resolve_host code to make it work with or without trailing whitespace in returned content. Updated the IP address format and value checking code. Switched back to whatsmyip.com as default IP resolver.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@132 510a4753-2344-4c79-9c09-4d669213fbeb
commit 08aa1ef2e8bbd8acb20cedaf52e93768f8b12b4a
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 9 17:14:08 2009 +0000
Updates to accommodate the Windows build.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@131 510a4753-2344-4c79-9c09-4d669213fbeb
commit 78fb936a55966fe2a4bce2a3973d9ab18b0fa62e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 9 16:33:02 2009 +0000
Some minor refactoring of the TIME_OFFSET handling. Other minor code formatting tweaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@130 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1da9ea0f6b55cdb66491f010cf6ce138446eb42c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 9 16:19:50 2009 +0000
Made the configure help message show --disable-xxx as the options for whether or not to build the server or client.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@129 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5b3f6f07da34b3f7fba30a30cd49fc6dc297ce02
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 9 15:45:45 2009 +0000
Forgot to add the server dir.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@128 510a4753-2344-4c79-9c09-4d669213fbeb
commit 53b7fae8bb1b61ef5fc165819fd2ca14d96c3c86
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 9 15:43:16 2009 +0000
Major rearrangement. Renamed directories: "fko" to "lib", "src" to "client". Added "common" and "server" directories. Setup autoconf to allow disabling the server and/or client builds.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@127 510a4753-2344-4c79-9c09-4d669213fbeb
commit 078661e35505817c363bf015e9bbb256930c3b50
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 2 21:27:46 2009 +0000
Fixed typo (actually a cut-and-paste remnant) in the doc.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@126 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8d789eff4df5ebe95427f003042c7086595950be
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 2 18:34:29 2009 +0000
Update the VS project file for the new SHA digest files and functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@125 510a4753-2344-4c79-9c09-4d669213fbeb
commit f011889da05b4d5ed7ce4ff3475b6278f6f1fd7b
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 2 18:30:58 2009 +0000
Forgot to add the files for the updated SHA digests (oops).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@124 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7f45031cef416e0d0edbea58c7ce051714768ca6
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Aug 2 18:28:34 2009 +0000
Added SHA384 and SHA512 digests. Tweaks for getting rid of windows warnings. Use recv instead of read on socket. Bumped version to 0.63 (libfko) and 0.23 (FKO perl module).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@123 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3029e012389c4ed07fda584b0c4a892ffe32d3e0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jul 27 05:33:21 2009 +0000
added the --resolve-ip-http and --user-agent command line args so the fwknop-c client can resolve the external network via http://www.cipherdyne.org/cgi/myip.cgi
git-svn-id: file:///home/mbr/svn/fwknop/trunk@121 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9bc2b1539eab85fdfb54be17237e0650e9860115
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jul 27 05:27:54 2009 +0000
bugfix to order HTTP request headers properly, updated the user agent for SPA over HTTP to use the options->http_user_agent variable (can be set from the command line)
git-svn-id: file:///home/mbr/svn/fwknop/trunk@120 510a4753-2344-4c79-9c09-4d669213fbeb
commit 868aa6ee376a05064862b94b8782c6bed6ada2ca
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jul 26 17:28:22 2009 +0000
Added the --source-ip argument to build SPA packets with 0.0.0.0 (the fwknopd server can wrap access controls around this)
git-svn-id: file:///home/mbr/svn/fwknop/trunk@119 510a4753-2344-4c79-9c09-4d669213fbeb
commit a57baa20d077f808881e71ca545869bf7a39cc4f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jul 26 15:08:46 2009 +0000
minor doc updates
git-svn-id: file:///home/mbr/svn/fwknop/trunk@118 510a4753-2344-4c79-9c09-4d669213fbeb
commit 17ca88ad4cd34d695c27e16b6c361ec635d440bc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 23 04:35:04 2009 +0000
changed the minimum destination SPA port from 1024 to 10,000
git-svn-id: file:///home/mbr/svn/fwknop/trunk@117 510a4753-2344-4c79-9c09-4d669213fbeb
commit f5849dc68c7185e51dac95a244e64c041a5b1e57
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 23 04:17:04 2009 +0000
* Added the --show-last and --no-save command line options to show the
command line used for the previous fwknop invocation, and to have the
fwknop client not save its command line arguments.
* Bug fix to force libfko to recalculate the random data embedded in the
the SPA packet after a random port is acquired via --rand-port or
--nat-rand-port. This is a precaution so that an attacker cannot guess
some of the internal SPA data based on the destination port number.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@116 510a4753-2344-4c79-9c09-4d669213fbeb
commit 70db22064edac8ff6c25c9c9757f2d81692e8b21
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Jul 21 05:18:28 2009 +0000
* Got forward and local NAT modes working with the --nat-access,
--nat-local, --nat-port, and --nat-randport options. All NAT modes
are now passing the fwknop test suite.
* Added the --server-command option to build an SPA packet with a command
for the server to execute.
* Added the --fw-timeout option for client side timeouts to be specified.
* Added the --time-offset-plus and --time-offset-minus options to allow
the user to influence the timestamp associated with an SPA packet.
* Added the --rand-port option so that the SPA packet destination port can
be randomized.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@115 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3a77e0fefa03f87c615a9b555e7b10acd0512194
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jul 19 20:48:19 2009 +0000
Fixed some formatting errors in the POD.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@114 510a4753-2344-4c79-9c09-4d669213fbeb
commit 561ba4f7e499045c34f44b607cc4678d15db2e62
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jul 17 01:52:03 2009 +0000
Tweaks to cover WIN32 build. Added print of error if tcp connect() fails.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@113 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6f79b6fb04090c53bca9abe53fc15e13786587da
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 16 06:40:51 2009 +0000
- Added the ability to send SPA packets over valid HTTP requests with
the fwknop-c client.
- Added support for transmitting SPA packets over IPv6 via TCP and UDP
sockets, and also via HTTP.
- Added GnuPG 'hQ' base64 encoded prefix handling (this prefix is
stripped out of encrypted SPA packet data).
- Added hostname resolution support to the fwknop-c client if the SPA
server is specified as a hostname instead of an IP address.
- Minor bug fix to allow a GnuPG password to be specified via the
--get-key functionality.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@112 510a4753-2344-4c79-9c09-4d669213fbeb
commit 31ef94024cea1edb3024c9f78efa30794aa81264
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jul 16 00:28:04 2009 +0000
added B64_GPG_PREFIX 'hQ' string for GnuPG prefix handling (similar to the 'Salted__' handling for Rijndael SPA packet encryption
git-svn-id: file:///home/mbr/svn/fwknop/trunk@111 510a4753-2344-4c79-9c09-4d669213fbeb
commit 111d24c89b6e3e46a1094b2db321ca9e52bf66e9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Jul 3 03:34:21 2009 +0000
initial stab at libfko server daemon TODO's
git-svn-id: file:///home/mbr/svn/fwknop/trunk@110 510a4753-2344-4c79-9c09-4d669213fbeb
commit e0e08f0cf2e8b3ce4a3313aeffe9262fa5320c59
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jun 29 00:52:12 2009 +0000
bug fix suggested by Damien to allow the recompute of the SPA digest to properly happen when calling spa_digest() with a true value
git-svn-id: file:///home/mbr/svn/fwknop/trunk@109 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5ba9f1ecf9f70acae3209841ee9ecaeb8e954bfc
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 28 18:19:24 2009 +0000
Fixed spa access message validation routine to allow for multiple comma-separated requests in one message.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@108 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0bec8bd141d3aa851faad2e42cacf9c97422d9d8
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jun 16 00:18:59 2009 +0000
Tweaks to the win32 build (Visual Studio project configs).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@107 510a4753-2344-4c79-9c09-4d669213fbeb
commit 591e5be81e33f24c73dc48d95f839dcb7791be45
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jun 14 23:44:43 2009 +0000
minor typo fix (gps -> gpg)
git-svn-id: file:///home/mbr/svn/fwknop/trunk@106 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6e167c65df1da839c63b12dee04d86d2bf6708d9
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 14 16:38:17 2009 +0000
Added handling of Backspace and Ctrl-U in the Win32 handling of get_passswd.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@105 510a4753-2344-4c79-9c09-4d669213fbeb
commit 33e353b2fc5a8f1abe0afc69bc4b73fc453cbc15
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 14 14:22:03 2009 +0000
Added the digest types constants to the types and individual export tags.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@104 510a4753-2344-4c79-9c09-4d669213fbeb
commit 44bca335746599f6b191b8d69f7a4dc133c363d8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jun 10 04:42:49 2009 +0000
minor wording update to match fwknop help to config_init.h for --server-proto option
git-svn-id: file:///home/mbr/svn/fwknop/trunk@103 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0dae9badba1c44cae6737e9bc1445f58e9e65344
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jun 8 22:55:40 2009 +0000
Added a TODO file
git-svn-id: file:///home/mbr/svn/fwknop/trunk@102 510a4753-2344-4c79-9c09-4d669213fbeb
commit 04690e2f077b66264a56ec436838d26381c0d083
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 20:46:14 2009 +0000
Forgot to bump the perl module minor version number.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@101 510a4753-2344-4c79-9c09-4d669213fbeb
commit 488ca566e19b399b623b7e55f871894ef6115b73
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 20:33:53 2009 +0000
Minor updates to non-code-related files. Changed some copyrights to 2009.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@100 510a4753-2344-4c79-9c09-4d669213fbeb
commit caab726e7b02b592712eeaec5c3b7667dd0fd876
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 20:02:14 2009 +0000
Brought Error constants in sync with libfko.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@99 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2fee69dc33297cda54cf736c9d9e99c65bad3a3c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 17:27:12 2009 +0000
Tweaks again for win32 build
git-svn-id: file:///home/mbr/svn/fwknop/trunk@98 510a4753-2344-4c79-9c09-4d669213fbeb
commit 5811d1107bfa0eb31b0ce3e01ba4a7c7d227089a
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 17:13:36 2009 +0000
Yet another tweak for win32.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@97 510a4753-2344-4c79-9c09-4d669213fbeb
commit 51c37ba15918e29c673d30ab40bc744c6b09f304
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 17:03:01 2009 +0000
Tweak for win32 platform
git-svn-id: file:///home/mbr/svn/fwknop/trunk@96 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7817e442641ed4a696ca92c29ba97e5d9a152b45
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jun 7 16:55:22 2009 +0000
Added sending via tcp (established) conneciton. removed --debug as an option. Some minor code reformatting and refactoring.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@95 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7206fa03a6bf681b53cfafae09ec83d760734516
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri May 29 01:41:35 2009 +0000
minor link update for the cipherdyne.org website
git-svn-id: file:///home/mbr/svn/fwknop/trunk@94 510a4753-2344-4c79-9c09-4d669213fbeb
commit c509b53dd4456fc0ea9f1ed9f57078b0d162aa37
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue May 26 15:03:00 2009 +0000
Implemented sending spa data via TCP or ICMP via SOCK_RAW (unix only so far).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@93 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9c9d46cc09ef2f1ac55c64cd985a226abdacb939
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon May 25 18:55:13 2009 +0000
Fixed bad variable name after moving the winsock startup code to a the send_spa_packet function.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@92 510a4753-2344-4c79-9c09-4d669213fbeb
commit 79a15c2f6d5ffc85c21f89f37ae10c10a2631e3d
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon May 25 18:47:02 2009 +0000
Removed old test code from fwknop client. Other tweaks and enhancements.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@91 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8c5f6ee069f4a6d0dfabc0b81120f3532215f30b
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon May 25 14:32:51 2009 +0000
Added getopt_long and getlogin capability to the Windows build.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@90 510a4753-2344-4c79-9c09-4d669213fbeb
commit cf65f6ef5d63810f85261d4a62926d7dc087e246
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun May 24 17:00:08 2009 +0000
Updated Makefile.am to add win32 directory to the dist.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@89 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4192eb887632ba4fa00d63a3a9fac014bc4a3078
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun May 24 16:46:33 2009 +0000
Updates and revisions to accommodate a Windows build.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@88 510a4753-2344-4c79-9c09-4d669213fbeb
commit ee78a35cfdf75d940d8924c04a5f641d8074a94d
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue May 19 00:48:28 2009 +0000
Made the dist name "fwknop-c" so as not to confuse it with the current "fwknop".
git-svn-id: file:///home/mbr/svn/fwknop/trunk@87 510a4753-2344-4c79-9c09-4d669213fbeb
commit d711843e846c832609ceb9801ed7d6518a04b020
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun May 17 15:44:07 2009 +0000
Changed fko version to 1.9.12. Made signing GPG-encrypted messages optional.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@86 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2fff0a0a209d409249d56c18e90768165a7a40b7
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue May 12 01:39:18 2009 +0000
Added the Perl module files to Makefile.am so they will be included in the dist.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@85 510a4753-2344-4c79-9c09-4d669213fbeb
commit a32100f9646711550591123ec94c53b545f76deb
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun May 3 18:10:23 2009 +0000
Updated documentation to reflect API changes and GPG signature functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@84 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2865912c0ace898b830ce90431f90b2d54d72a84
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun May 3 15:47:45 2009 +0000
Tweaks to updated API. Added GPG signature checking and processing functions. Updated Perl module and perldoc for new API and functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@83 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6e147ad3e7a5538394e5bec3f2afab5724a70b06
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat May 2 03:02:08 2009 +0000
Interim check-in of API changes, libfko and fwknop binary now support the updated API. Docs and Perl module are pending.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@82 510a4753-2344-4c79-9c09-4d669213fbeb
commit 58c1a857119be213c09d066d41bb7e521e94fe98
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Apr 18 13:47:09 2009 +0000
Added perl module code to the repository.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@81 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7e2d52e38fd084c0ae1e8f666ba42a98e2e364e5
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Apr 18 13:36:21 2009 +0000
Fixed double-free when destroy was called after a failed gpg encryption/decryption.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@80 510a4753-2344-4c79-9c09-4d669213fbeb
commit 339db831292b09325202045332440ba5832e3f40
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Apr 13 03:34:11 2009 +0000
added --save-packet-append so that SPA packet data can be appended to a file
git-svn-id: file:///home/mbr/svn/fwknop/trunk@79 510a4753-2344-4c79-9c09-4d669213fbeb
commit f3e4694a0c04957edee693478bac1abe399553e5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Apr 13 03:13:10 2009 +0000
added the --save-packet argument so that SPA packet data can be saved to the local filesystem by the fwknop-c client
git-svn-id: file:///home/mbr/svn/fwknop/trunk@78 510a4753-2344-4c79-9c09-4d669213fbeb
commit d19e2777f7e47dff6616e3865a00d226f1b4b3a7
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Mar 30 00:56:05 2009 +0000
Fixed segfault issue when spa_data_final was called before spa_message was set.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@77 510a4753-2344-4c79-9c09-4d669213fbeb
commit 675e24be4c93cff08662ac64af59774f946706a7
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Mar 25 02:08:13 2009 +0000
Fixed typo in doc
git-svn-id: file:///home/mbr/svn/fwknop/trunk@76 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6e90c5efc6a705e431869f48d774c3e1114372fb
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Mar 17 02:05:25 2009 +0000
Added gpg-home-dir support to libfko and the fwknop program. Added the fko_set_spa_data() function. Documentation updates and other tweaks to support these changes.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@75 510a4753-2344-4c79-9c09-4d669213fbeb
commit b82f0e99dd9fad68929e40c738bc6db3be01c33a
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Mar 15 14:37:35 2009 +0000
Tweaked byte order determination for Solaris systems.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@74 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7f0e7a9a350e6a3da83b2953d6ccff27e342603e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Mar 15 14:00:42 2009 +0000
Updated autoconf files and code to support Solaris (ver 10 x86 at least). This includes better type checking and resolving some conflicting names under Solaris.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@73 510a4753-2344-4c79-9c09-4d669213fbeb
commit e1b5b7eed1fbe3ecf5588df69aa7b8f2f0ab9600
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Mar 7 14:36:26 2009 +0000
removed unnecessary initialization of string vars to 0x0 because the earlier memset() takes care of this
git-svn-id: file:///home/mbr/svn/fwknop/trunk@72 510a4753-2344-4c79-9c09-4d669213fbeb
commit 450795da716d8e4189cb62d3f445532ceaa13aa0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Feb 28 21:53:30 2009 +0000
Minor bug fix to process gpg command line arguments properly when handling
the command line.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@71 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3fd6f4dd7e630079f8736b47638a8f0a20d8987e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Feb 28 21:16:39 2009 +0000
updated Copyright to Damien
git-svn-id: file:///home/mbr/svn/fwknop/trunk@70 510a4753-2344-4c79-9c09-4d669213fbeb
commit c3f483a0916dca5e493939bc8d2d90dd2138431a
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 22 22:18:38 2009 +0000
Better error checking/message for decription. Fixed typo in docs.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@69 510a4753-2344-4c79-9c09-4d669213fbeb
commit 41127cd7ed62158691b53245e42679b20b10e839
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 22 19:15:24 2009 +0000
Added better autoconf handling of gpgpme. Fixes so libfko will compile under FreeBSD (7.0 release anyway).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@68 510a4753-2344-4c79-9c09-4d669213fbeb
commit 62487d72fda892cd75e5c7ff216f686541f3845f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Feb 14 04:28:46 2009 +0000
updated to concatenate the allow IP and access string for fko_set_spa_message()
git-svn-id: file:///home/mbr/svn/fwknop/trunk@67 510a4753-2344-4c79-9c09-4d669213fbeb
commit 41df11b21756c96d44c3948448720c20434294e6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Feb 14 04:27:57 2009 +0000
minor bug fix to anticipate closing newline in a password read from a file via --get-key
git-svn-id: file:///home/mbr/svn/fwknop/trunk@66 510a4753-2344-4c79-9c09-4d669213fbeb
commit 96df3a2dc237b0183aa6528a2040b41b09060bd6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Feb 13 07:49:54 2009 +0000
Added the following options:
--Access
--allow-ip
--spoof-user
--debug
--no-save
The --Access and --allow-ip options still need to be fleshed out for
proper operation.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@65 510a4753-2344-4c79-9c09-4d669213fbeb
commit 51abd640c011adecd4d658e771fec49875d3b0be
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Feb 13 06:17:22 2009 +0000
-Added the --get-key option to allow SPA passwords to be read from a
file. This feature will be useful for an automated test suite that
drives the fwknop C client against an SPA server implementation.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@64 510a4753-2344-4c79-9c09-4d669213fbeb
commit bcafc22d48deff10710a5c5af1581e699f0f97fb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Feb 12 05:05:40 2009 +0000
added Id tag expansion
git-svn-id: file:///home/mbr/svn/fwknop/trunk@63 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4b08fba26ae564576a5d4e9f46c92e73faca1408
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Feb 11 20:15:19 2009 +0000
Fixed typo in Makefile.am
git-svn-id: file:///home/mbr/svn/fwknop/trunk@62 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3342349b4843c3b0b4acad5abf85ded4185585cc
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Feb 11 02:47:09 2009 +0000
Fixed minor typo
git-svn-id: file:///home/mbr/svn/fwknop/trunk@61 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4ef8a25596de387d0ad61a39221af5c15178c611
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Feb 11 01:00:08 2009 +0000
Update libfko docs for the gpgme-related error codes and function.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@60 510a4753-2344-4c79-9c09-4d669213fbeb
commit be3bb0762f269639e233f2ecbed21682f6d62b7a
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Feb 10 01:54:07 2009 +0000
Added getpasswd routine for getting a password from the user. A few updates to the lib to accomodate clearing the password after we are done with it. Update the fwknop program to reflect/use some of the new functionality.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@59 510a4753-2344-4c79-9c09-4d669213fbeb
commit 06257a92222382245d0a52b87aff3f416f5a7424
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Feb 9 02:33:38 2009 +0000
Split out the source files. Added processing for a couple more command-line options.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@58 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2396d8fee6aec4ed25f50c905e6393d597a9ba74
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 1 23:02:20 2009 +0000
Replaced deprecated gpgme_key_release calls with gpgme_key_unref. Fixed more potential memory leaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@57 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0c7c2558820ea01671f7e181bfbea9ebb5b110c1
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 1 15:36:55 2009 +0000
Add more compiler conditionals for GPGME support to fix error during compiles on systems without gpgme.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@56 510a4753-2344-4c79-9c09-4d669213fbeb
commit 43c309b10ce116db733110e3ea91969ef2b42388
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 1 14:44:31 2009 +0000
minor update to not force --Destination in --Version mode
git-svn-id: file:///home/mbr/svn/fwknop/trunk@55 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6b878ea65a29e4505684e466f0f31e5c847dbdf7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 1 14:30:45 2009 +0000
- Added code to send SPA packet data over a UDP socket.
- Added minor validation step to enforce --Destination usage if not
running in --Test mode (will extend this validation to include other
option).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@54 510a4753-2344-4c79-9c09-4d669213fbeb
commit 12e7a8d700a54f2d8f14f3dbbd4f7101600df868
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 1 13:54:06 2009 +0000
Some minor cleanup and tweaks to gpgme code.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@53 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7008774e52451efc363aeeb0b39066ef824eb8c8
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Feb 1 03:50:51 2009 +0000
Slightly improved and cleaner GPG error handling (there is still plenty of room for improvement).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@52 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1f443da41b1a354e6f63566b609b1ed951c80854
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Feb 1 03:31:00 2009 +0000
- Added command line argument processing for:
--Destination
--Server-port
--Server-proto
--Source-port
--Spoof-src
--Test
- Stubbed in packet sending functions for SPA packets over UDP, TCP, and ICMP,
with the default set to UDP port 62201.
- Updated to use fko_version() in --Version mode.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@51 510a4753-2344-4c79-9c09-4d669213fbeb
commit 3ee06b36d30049c3c9d5a011d5e57671539f8081
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Jan 29 03:49:55 2009 +0000
Added more gpgme-related errors and error checking. Other minor tweaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@50 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2d34c27f5a7d28d60be26c6dd3dee0f6bbe37788
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Jan 28 03:38:42 2009 +0000
Fixed flag on gpgme_keylist_next that was forcing only private keys for recipient. Fixed typo in docs.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@49 510a4753-2344-4c79-9c09-4d669213fbeb
commit 7951d327e8b49a6d26eeff6b2ee41c02f95337dc
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jan 27 02:53:54 2009 +0000
Make version consistent for real this time.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@48 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8e7cf3b5a940238e703ef6229d37a150435ae0e5
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Jan 27 02:47:49 2009 +0000
Documentation updates and minor tweaks. Made it version 1.10.0 consistent in caonfigure.ac and fko.h.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@47 510a4753-2344-4c79-9c09-4d669213fbeb
commit 86ef05fc7a3172ca7e6637f888aa8b3179b8554c
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jan 26 13:48:53 2009 +0000
Added fwknop.h to the source list in Makefile.am so it will be included in the distrubution.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@46 510a4753-2344-4c79-9c09-4d669213fbeb
commit 10b308b2d593715d4a115639f8016f520532ecf4
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Jan 26 03:39:47 2009 +0000
Fixed configure.ac again (I broke it with my last change). Added first cut at gpg decryption routine.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@45 510a4753-2344-4c79-9c09-4d669213fbeb
commit 54e1f22a80114111c40ba5f047f5bceb76b69c6e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jan 26 02:04:25 2009 +0000
Merged in fwknop-c-ubuntu branch changes via:
svn merge -r 39:40 svn+ssh://rohan/usr/local/svn/fwknop-c/branches/fwknop-c-ubuntu
This merge includes the following:
-Started on command line argument processing with getopt_long().
For now this just handles --help and --version, and there is a new
cmdl_opts typedef for setting and storing option data.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@44 510a4753-2344-4c79-9c09-4d669213fbeb
commit 18c056047575266e278c40348fe59987525d788f
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 25 18:38:31 2009 +0000
Fixed gpgme check so it would not fail if gpgme was not installed. Setup to allow using --with[out]-gpgme option to configure.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@43 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2a5120468db4a482732f4a6c3dae4b4d2fed8957
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 25 16:13:47 2009 +0000
Removing files that are auto-generated by the autogen.sh script.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@42 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9ebdb622a06ba453ff67b006087fc8251f93301c
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 25 15:50:52 2009 +0000
Fixed a potential bug where the NULL-termination of the base64-encoded data was being lost during process just before rijndael decryption.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@41 510a4753-2344-4c79-9c09-4d669213fbeb
commit e846cdd44d4c9e12b102d3e72ad8302ba886921e
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Jan 25 03:58:50 2009 +0000
First cut at GPG encrytion support (decryption and doc update are pending).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@39 510a4753-2344-4c79-9c09-4d669213fbeb
commit 04674071ef188ad66c4c2588d96296446bc30a3a
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jan 2 14:52:20 2009 +0000
Updated README
git-svn-id: file:///home/mbr/svn/fwknop/trunk@36 510a4753-2344-4c79-9c09-4d669213fbeb
commit c0c61a5eece80fb5cbc5388e84f5a0a616606f3c
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Jan 2 14:30:36 2009 +0000
Minor tweaks, and fixed one potential memory allocation issue discovered with valgrind.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@35 510a4753-2344-4c79-9c09-4d669213fbeb
commit b446bdc31e7d7fc7947d91fd1948ee7080a6f716
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 31 20:52:58 2008 +0000
Broke these out from fko.h.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@34 510a4753-2344-4c79-9c09-4d669213fbeb
commit 49fb5f939d651c00691f65d01756eb3c11ca732d
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 31 20:40:09 2008 +0000
Made the context struct opaque to users of the library. Somewhat major API tweak in that fko_ctx_t is not a pointer type and the fko_new functions take a pointer to that.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@33 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8fe9db44706238b4ce1364d00ed6dbe857f7ce5b
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 31 15:33:09 2008 +0000
Reorganized libfko doc.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@32 510a4753-2344-4c79-9c09-4d669213fbeb
commit edf966e7d39f80e084858075fac0b3d5b34709eb
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 31 15:06:24 2008 +0000
Documentation fixes.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@31 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0000fe270df7ce187688166309ef7f2e1388dc54
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 31 05:11:02 2008 +0000
Documentation updates and minor tweaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@30 510a4753-2344-4c79-9c09-4d669213fbeb
commit 686ee5caf10f380070600e78d42962a22b628317
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 30 04:21:01 2008 +0000
Some progress on the libfko doc.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@29 510a4753-2344-4c79-9c09-4d669213fbeb
commit d4e115f86bcad12f758cfe1008816a85814902fd
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Dec 29 01:22:41 2008 +0000
Update to docs.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@28 510a4753-2344-4c79-9c09-4d669213fbeb
commit 474a787e0be9f691bb1ae11ff4a01819936e49ed
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 28 16:22:40 2008 +0000
more checks for configure. omit salt from Rijndael-encrypted data as returned by fko_get_dpa_data.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@27 510a4753-2344-4c79-9c09-4d669213fbeb
commit e6eb3061fb0a09d09a3a9143eaea2e7136561611
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 28 16:09:11 2008 +0000
Code format tweaks. Added a couple more convenience functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@26 510a4753-2344-4c79-9c09-4d669213fbeb
commit 9ef004b9ba8cce45821b9605b95d655868757b86
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 28 03:35:57 2008 +0000
Added gpl-2.0.texi file to doc/Makefile.am so it is included in the dist.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@25 510a4753-2344-4c79-9c09-4d669213fbeb
commit a4e82aa68ff5b2ecb218f9ae94de87b0d8fcb682
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 28 03:08:04 2008 +0000
Added decrypting/decoding/parsing of SPA data.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@24 510a4753-2344-4c79-9c09-4d669213fbeb
commit 620ffec5cc33b4d68b3519a9cf5c6ad5a5da9b5a
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 26 21:04:38 2008 +0000
Added fallback for isdigit() if ctype.h is not available.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@23 510a4753-2344-4c79-9c09-4d669213fbeb
commit 98bb7ed53657483f189a0666b59640de38056144
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 26 20:39:23 2008 +0000
Added some basic format checking to spa message data and message_type checks when client_timeout is set/unset.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@22 510a4753-2344-4c79-9c09-4d669213fbeb
commit a93e8ddd4ef2851681a9834f7f56a55f3d29c4f6
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 26 12:56:57 2008 +0000
Minor docs update - Added GPL to info doc.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@21 510a4753-2344-4c79-9c09-4d669213fbeb
commit 4560866fc580b9d7eace9e9991a8dd5e9424e664
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 26 04:14:16 2008 +0000
Tweaks to add some more ctx state tracking.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@20 510a4753-2344-4c79-9c09-4d669213fbeb
commit bda1598c81f9d71c7b3d0c1b24a02a629ade690d
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Dec 26 01:17:11 2008 +0000
Made fko.h an include_HEADER for proper distribution.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@19 510a4753-2344-4c79-9c09-4d669213fbeb
commit 65e11abc96da42925e871ed16381757502878f63
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 25 04:11:06 2008 +0000
Added documentation stub.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@18 510a4753-2344-4c79-9c09-4d669213fbeb
commit e113cb7e8ab3e6f06b014efcbfd39ca076dbece0
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 25 01:26:23 2008 +0000
Updates to allow for building libfko as a shared lib. (make use of libtool).
git-svn-id: file:///home/mbr/svn/fwknop/trunk@17 510a4753-2344-4c79-9c09-4d669213fbeb
commit 6c70a69445fa44c0d9b98ff4233b218594cca4c4
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 25 01:25:27 2008 +0000
Putting the reg version of the files back
git-svn-id: file:///home/mbr/svn/fwknop/trunk@16 510a4753-2344-4c79-9c09-4d669213fbeb
commit b4bad315e76461ec253a41ad2b1425d0741bd1cb
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 25 01:24:55 2008 +0000
Remove files that were stored as sym links.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@15 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1cdf9fd5489cf929f0f89cff0201fb640c934270
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 24 22:02:12 2008 +0000
Re-arrangement of source tree.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@14 510a4753-2344-4c79-9c09-4d669213fbeb
commit a82c361e28fc513dae3d46da16d57906e636cda2
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 24 04:31:45 2008 +0000
Another major re-write of the fwknop library.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@13 510a4753-2344-4c79-9c09-4d669213fbeb
commit deb85ddddfdbe0673536cc55bdad3de2554ac3ec
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Dec 21 19:11:51 2008 +0000
Total re-arrangement for autoconf/automake implementation.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@12 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8041bdf6ddb08d99330f59232dd745d15ce3635c
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 18 14:25:09 2008 +0000
More updates to address compatibility issues with the perl version of fwknop.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@11 510a4753-2344-4c79-9c09-4d669213fbeb
commit f3dc818b288671a04bda4469553f7f1fb4c1466c
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Dec 8 01:17:53 2008 +0000
Makefile tweak.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@10 510a4753-2344-4c79-9c09-4d669213fbeb
commit 1e7534df68861e2ff9021d8752a3e26db230e1fc
Author: Damien Stuart <dstart@dstuart.org>
Date: Mon Dec 8 01:02:21 2008 +0000
Added rijndael code, spa digest and message functions, and a shitload of other changes and tweaks.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@9 510a4753-2344-4c79-9c09-4d669213fbeb
commit 8b54a0d4d6dc08c7004db72a19f307c0d69786f8
Author: Damien Stuart <dstart@dstuart.org>
Date: Thu Dec 4 01:47:32 2008 +0000
Added sha1 refactored the access to the digest routines via digest.c. Other misc teaks to format and style of digest code.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@8 510a4753-2344-4c79-9c09-4d669213fbeb
commit 49378671fa41d1c2b0a8bffec0326ddb9c33f2f4
Author: Damien Stuart <dstart@dstuart.org>
Date: Wed Dec 3 02:27:53 2008 +0000
Added sha256 code.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@7 510a4753-2344-4c79-9c09-4d669213fbeb
commit 962e20310d2cf0b1f2e92879d25134fae4f1ba30
Author: Damien Stuart <dstart@dstuart.org>
Date: Tue Dec 2 23:54:51 2008 +0000
Added base64 and md5 code.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@6 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0022ffa6178d7cbf46615a9b39510cb3aa40d243
Author: Damien Stuart <dstart@dstuart.org>
Date: Sun Nov 30 22:21:15 2008 +0000
Added more source files. Split out libfwknop functions to a static lib. Misc updates.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@5 510a4753-2344-4c79-9c09-4d669213fbeb
commit 2564d103f0a5e914d145ef777241fc6b07840106
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Nov 29 21:59:08 2008 +0000
Added spa_timestamp function.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@4 510a4753-2344-4c79-9c09-4d669213fbeb
commit 12fce24403704f78198f4ead8d85af295e5cdcae
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Nov 29 21:34:35 2008 +0000
Added strlcat/cpy functions. Added spa_user function.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@3 510a4753-2344-4c79-9c09-4d669213fbeb
commit 55dd479c68a73f9e5dcb0dbba6b2bec09747421f
Author: Damien Stuart <dstart@dstuart.org>
Date: Sat Nov 29 18:50:33 2008 +0000
Initial Makefile and first cut at fwknop.h, the spa_random_number function, and a program for testing the functions.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@2 510a4753-2344-4c79-9c09-4d669213fbeb
commit 0cdcbddf0d9f4dba786296288aa8f5c84ef3e413
Author: Damien Stuart <dstart@dstuart.org>
Date: Fri Nov 28 00:57:59 2008 +0000
Initial import.
git-svn-id: file:///home/mbr/svn/fwknop/trunk@1 510a4753-2344-4c79-9c09-4d669213fbeb
Jump to Line
Something went wrong with that request. Please try again.