Browse files

Added ChangeLog, ShortLog, and diffstat files for the 2.0 release.

  • Loading branch information...
1 parent 4ecbcba commit 305708aa27587793a76b478bf9e7a4fafe957666 @mrash committed Jan 2, 2012
Showing with 5,803 additions and 1,149 deletions.
  1. +3,916 −0 ChangeLog-v2.0
  2. +0 −815 ChangeLog-v2.0rc5
  3. +453 −0 ShortLog-v2.0
  4. +0 −123 ShortLog-v2.0rc5
  5. +1,434 −0 diffstat-v2.0
  6. +0 −211 diffstat-v2.0rc5
View
3,916 ChangeLog-v2.0
3,916 additions, 0 deletions not shown because the diff is too large. Please use a local Git client to view these changes.
View
815 ChangeLog-v2.0rc5
@@ -1,815 +0,0 @@
-commit 7a231a3b72758d93b4b9425fd403247aa2018499
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:21:31 2011 -0500
-
- added local_spa.key file
-
-commit 3d0ceccf65010a84dd30fc5e9c567e24f03104ce
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:20:39 2011 -0500
-
- added local_spa.key file
-
-commit 710f98a9b572cd126cd3f662b29244bc0d6e6533
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:16:38 2011 -0500
-
- minor addition of the CREDITS file for 'make dist'
-
-commit 9bcd7cb137103db89400f4f652ab834e05ea5eba
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:16:03 2011 -0500
-
- Added the CREDITS file for 'make dist'
-
-commit 3b2ec921be16db4bcccb4a0bfe13ebdb620a5b31
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:11:58 2011 -0500
-
- change log doc updates
-
-commit 474a18b57d054939e6f4063d5ef491b4cee4a240
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 22:10:47 2011 -0500
-
- Added various files to Makefile.am so that 'make dist' continues to work
-
-commit 690fe25fa4201af8f76c28450177581ce14a1459
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 21:14:31 2011 -0500
-
- added CREDITS file, bumped software version, added ChangeLog files
-
-commit bcba9d6bdef6032a992e64a8bd6bd7604b83b006
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Dec 5 21:14:14 2011 -0500
-
- added CREDITS file, bumped software version, added ChangeLog files
-
-commit 893b89a3eba5fa9945095f8df4460f912fdb0cbc
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Dec 3 21:21:29 2011 -0500
-
- minor compiler warning fix on OpenBSD
-
-commit 860b4527a455d1d50f2b563f4939ee1990b53bd8
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Dec 3 13:10:35 2011 -0500
-
- minor compile fixes for FreeBSD
-
-commit 9b7c1a8ce69fe51337458cce4e7b5e9cb3d7654b
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Nov 30 20:51:19 2011 -0500
-
- Added FORCE_NAT mode to the access.conf file
-
- This commit adds a new configuration variable "FORCE_NAT" to the access.conf
- file:
-
- For any valid SPA packet, force the requested connection to be NAT'd
- through to the specified (usually internal) IP and port value. This is
- useful if there are multiple internal systems running a service such as
- SSHD, and you want to give transparent access to only one internal system
- for each stanza in the access.conf file. This way, multiple external
- users can each directly access only one internal system per SPA key.
-
- This commit also implements a few minor code cleanups.
-
-commit 8585958e6e164d47c3d9dc106d4a15aee18599b9
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Nov 28 23:20:11 2011 -0500
-
- minor newline fix for access.conf output dump
-
-commit 2a1243fee6d618096bc402b5a56ae3c2670b8b50
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Nov 28 23:18:07 2011 -0500
-
- memory leak bugfix as a follow up to commit b280f5cde0246cdef33dee3f8be66a2bcef77336
-
-commit b280f5cde0246cdef33dee3f8be66a2bcef77336
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Nov 28 22:03:21 2011 -0500
-
- Added access stanza expiration feature, multiple access stanza bug fix
-
- This commit does two major things:
-
- 1) Two new access.conf variables are added "ACCESS_EXPIRE" and
- "ACCESS_EXPIRE_EPOCH" to allow access stanzas to be expired without having
- to modify the access.conf file and restart fwknopd.
-
- 2) Allow an access stanza that matches the SPA source address to not
- automatically short circuit other stanzas if there is an error (such as when
- there are multiple encryption keys involved and an incoming SPA packet is
- meant for, say, the second stanza and the first therefore doesn't allow
- proper decryption).
-
-commit 9e884e9759362ce401bf77dab819b24e10caca62
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 22 22:56:48 2011 -0500
-
- added SPA packet aging tests
-
-commit 72a4353fd850c099816f6e1acb9fad12bcb2ff27
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 22 22:56:36 2011 -0500
-
- bug fix to exclude SPA packets with timestamps in the future that are too great (old packets were properly excluded already)
-
-commit 644b9e943214ed6ede762af72f395b73ea03faf0
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 22 22:40:26 2011 -0500
-
- added test for --test mode in the fwknop client
-
-commit 0015da44427bf988372818b26916a6229e9f68ca
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 22 22:34:10 2011 -0500
-
- bug fix to honor the fwknop client --time-offset-plus and --time-offset-minus options
-
-commit 05b189ff4fe61c7149efcf4f18cada14553e6dbe
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 22 22:13:27 2011 -0500
-
- added DNAT mode tests, minor memory leak fix in NAT mode, added fwknopd check for ENABLE_IPT_FORWARDING variable before attempting NAT access
-
-commit dd2deec73dc5f0d630ab86e92fe1e0073d692414
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Nov 18 23:23:50 2011 -0500
-
- added tests for various access.conf variables
-
-commit 63498c9032bfe74bc91de5d6607391e7b7cdfe36
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Nov 17 21:17:50 2011 -0500
-
- added IP/subnet match tests, added --Anonymize-results mode
-
-commit 34cd0c7a78a62e1df2533641ca08adaaafa2aa7d
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Nov 15 21:45:51 2011 -0500
-
- simplified the client/server interaction code, started on IP filtering tests, added spoof username tests
-
-commit 3d94aaa9205e5703c50635b9007efab485d9b2da
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Nov 10 22:54:25 2011 -0500
-
- minor test wording consolidation
-
-commit 50b48147c0392cd91f7ad83af56b20d0abbd3c3e
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Nov 10 22:33:32 2011 -0500
-
- This commit fixes two memory leaks and adds a common exit function.
-
- The two memory leaks were found with the test suite running in
- --enable-valgrind mode - here are the relevant error messages:
-
- For fwknopd server GPG clean up:
-
- ==345== 9 bytes in 1 blocks are definitely lost in loss record 2 of 2
- ==345== at 0x4C2815C: malloc (vg_replace_malloc.c:236)
- ==345== by 0x52F6B81: strdup (strdup.c:43)
- ==345== by 0x10FA57: add_string_list_ent (access.c:308)
- ==345== by 0x110513: parse_access_file (access.c:387)
- ==345== by 0x10B5FB: main (fwknopd.c:193)
-
- For fwknop client rc file processing:
-
- ==8045== 568 bytes in 1 blocks are still reachable in loss record 12 of 12
- ==8045== at 0x4C2815C: malloc (vg_replace_malloc.c:236)
- ==8045== by 0x50A53AA: __fopen_internal (iofopen.c:76)
- ==8045== by 0x10C3FF: process_rc (config_init.c:446)
- ==8045== by 0x10C8F6: config_init (config_init.c:671)
- ==8045== by 0x10AC9E: main (fwknop.c:62)
-
- There is also a new clean_exit() function that makes it easier to ensure that
- resources are deallocated upon existing.
-
-commit 9ebd55f52289d5904fbde3b8838ca92c7271d9e9
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Nov 10 22:33:00 2011 -0500
-
- remove CMD timestamps for --diff mode
-
-commit 9e19b8bc267031900c555c55fc5c1e54b6093461
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Nov 6 13:51:23 2011 -0500
-
- added --diff mode to the test suite to compare results from one execution to the next
-
-commit a5a3c06ef225c737acbd21c6cedd1a94f1a6c484
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Nov 4 23:46:31 2011 -0400
-
- consolidated several test functions into a single generic_exec() function
-
-commit f41a26b389605311a21a95a9ad2b23f460ed02ee
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Nov 3 22:15:19 2011 -0400
-
- Fixed fwknopd memory leak, several other fixes and updates
-
- This commit does several things. First, a memory leak in fwknopd has been
- fixed by ensuring to free access.conf stanzas. This bug was found with the
- new test suite running in --enable-valgrind mode. Here is what some of the
- valgrind output looked like to find the leak:
-
- ==19217== 11 bytes in 1 blocks are indirectly lost in loss record 3 of 5
- ==19217== at 0x4C2815C: malloc (vg_replace_malloc.c:236)
- ==19217== by 0x52F6B81: strdup (strdup.c:43)
- ==19217== by 0x10FC8B: add_acc_string (access.c:49)
- ==19217== by 0x1105C8: parse_access_file (access.c:756)
- ==19217== by 0x10B79B: main (fwknopd.c:194)
- ==19217==
- ==19217== 16 bytes in 1 blocks are indirectly lost in loss record 4 of 5
- ==19217== at 0x4C27480: calloc (vg_replace_malloc.c:467)
- ==19217== by 0x10FEC0: add_source_mask (access.c:88)
- ==19217== by 0x110100: expand_acc_source (access.c:191)
- ==19217== by 0x1104B0: parse_access_file (access.c:500)
- ==19217== by 0x10B79B: main (fwknopd.c:194)
- ==19217==
- ==19217== 183 (152 direct, 31 indirect) bytes in 1 blocks are definitely lost in loss record 5 of 5
- ==19217== at 0x4C27480: calloc (vg_replace_malloc.c:467)
- ==19217== by 0x1103E4: parse_access_file (access.c:551)
- ==19217== by 0x10B79B: main (fwknopd.c:194)
- ==19217==
- ==19217== LEAK SUMMARY:
- ==19217== definitely lost: 152 bytes in 1 blocks
- ==19217== indirectly lost: 31 bytes in 3 blocks
- ==19217== possibly lost: 0 bytes in 0 blocks
- ==19217== still reachable: 8 bytes in 1 blocks
- ==19217== suppressed: 0 bytes in 0 blocks
-
- Second, this commit changes how fwknopd acquires packet data with
- pcap_dispatch() - packets are now processed within the callback function
- process_packet() that is provided to pcap_dispatch(), the global packet
- counter is incremented by the return value from pcap_dispatch() (since this is
- the number of packets processed per pcap loop), and there are two new
- fwknopd.conf variables PCAP_DISPATCH_COUNT and PCAP_LOOP_SLEEP to control the
- number of packets that pcap_dispatch() should process per loop and the number
- of microseconds that fwknopd should sleep per loop respectively. Without this
- change, it was fairly easy to cause fwknopd to miss packets by creating bursts
- of packets that would all be processed one at time with the usleep() delay
- between each. For fwknopd deployed on a busy network and with a permissive
- pcap filter (i.e. something other than the default that causes fwknopd to look
- at, say, TCP ACK's), this change should help.
-
- Third, the criteria that a packet must reach before data copying into the
- buffer designed for SPA processing has been tightened. A packet less than
- /greater than the minimum/maximum expected sizes is ignored before data is
- copied, and the base64 check is done as well.
-
-commit 97a8d751c1b02271e812701d4cb938833d36918a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Oct 30 22:14:00 2011 -0400
-
- added complete SPA cycle tests for tcp ports 23 and 9418 (git), and for udp 53 dns
-
-commit 044ea54d936745e29c856de71818f0497633d531
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 29 23:49:29 2011 -0400
-
- updated client SPA verbose message to include the server IP/host
-
-commit 8e4b45dd568ef86ba773605662a5d058be714d33
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 29 23:48:42 2011 -0400
-
- minor looping criteria update for valgrind tests
-
-commit ea3e81787121e56e1a44cc0a5ee3b9ba64c4f5eb
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 29 16:59:57 2011 -0400
-
- [test-suite] added the ability to run all fwknop tests through valgrind
-
-commit f999e2e6720021328e2f34bf57d05b8081d8ffae
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 29 16:55:28 2011 -0400
-
- bugfix to return preprocess_spa_data() result properly to calling function
-
-commit b1b830f744b01e0a3f0d4a19b6d38dd51afaae1f
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 28 23:01:06 2011 -0400
-
- update to remove packet direction requirement when sniffing on OpenBSD loopback interfaces
-
-commit cde71b1b274cae5af3b6e986e5ac369d79c0cc3a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 28 23:00:26 2011 -0400
-
- minor whitespace removal
-
-commit dbbbe60fe4b6908bff56d026d886381c83a44087
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 28 22:59:52 2011 -0400
-
- added stack protection detection for OpenBSD systems
-
-commit 2e96ece4b074beff06aaca2f51bd90c84bfeeef8
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 28 22:42:27 2011 -0400
-
- Update to ensure libfko.so path is detected properly on OpenBSD
-
-commit 464dbe95d07657794aaac9e230153ffd84a2ed06
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 27 21:51:55 2011 -0400
-
- Update to print all firewall commands in --verbose mode
-
- This commit makes it easier to determine exactly which commands fwknopd
- runs in --verbose mode when interacting with the underlying firewall.
- This commit also adds --verbose --verbose mode to the test suite.
-
-commit 6388e8ac7fab3d89b164862c9e113fed37e9f397
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Oct 25 21:00:40 2011 -0400
-
- added 'const' to function prototype vars where possible
-
- Added the 'const' qualifier to function prototype variables where possible.
- In addition, reduced some functions to file-scope with 'static' where possible.
-
- Also made a few minor changes to remove extra whitespace, and fixed a bug
- in create_fwknoprc() to ensure the new fwknoprc filehandle is closed.
-
-commit 85377267e299118d5302afde3dfeed426b353879
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Oct 24 21:52:13 2011 -0400
-
- compiler warning fix for sscanf() on freebsd
-
- This commit fixes the following gcc warning on freebsd systems:
-
- replay_cache.c: In function 'replay_file_cache_init':
- replay_cache.c:312: warning: format '%ld' expects type 'long int *', but argument 9 has type 'time_t *'
-
-commit 1c6fc0f3f80e086b43471e756f8249015fe2e4b2
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Oct 24 20:48:56 2011 -0400
-
- update to detect loopback interface
-
-commit 3299fb25815bcec09b5410d3393ab806f8b78a68
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Oct 24 20:48:20 2011 -0400
-
- minor whitespace removal
-
-commit c9860811f5de4b28f674d53d16b1bca10f12bed8
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 22:29:27 2011 -0400
-
- added LD_LIBRARY_PATH to all fwknop/fwknopd commands to make manual command execution easier
-
-commit 50bcc537eea23e9cd269a51e63d9da525c0a91ac
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 22:06:00 2011 -0400
-
- added digest cache validation after GPG tests
-
-commit 1b8606461cc21108b190f871bf2d8b0929589fce
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 21:54:22 2011 -0400
-
- minor update to match include/exclude criteria on the whole test message
-
-commit 9e3a4b4c920444df10b6a74eb574a542091adbfc
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 21:29:44 2011 -0400
-
- extended packet validity tests in GPG mode
-
-commit 09e6ed1405436b975cb41c89dc2517f0e73c54bb
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 16:48:30 2011 -0400
-
- added first GPG complete cycle SPA test
-
-commit 2d9dbe1fca011cd6bf726b86fb21af97da11ce49
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 15:19:54 2011 -0400
-
- minor whitespace removal
-
-commit e4f4ee78253f1f44c8809173ad2209ba8364e2c5
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 14:25:56 2011 -0400
-
- added test to validate digest.cache structure
-
-commit 266150218a021894e6dab0a8b4d7525183fe004a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 10:57:25 2011 -0400
-
- added -P bpf test for complete SPA cycle over non standard SPA port
-
-commit 0ab39a64a5b86babdd0c5f7412fe160bca13cb69
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Oct 22 10:48:37 2011 -0400
-
- added -P bpf filter test
-
-commit 6848983b474d4571b1434a349d10ac21b278ebda
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 21 23:43:08 2011 -0400
-
- added Rijndael SPA validity tests
-
-commit 081b58d9510e4bbafb6dd57b4e55a02d7105e43a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 21 23:13:24 2011 -0400
-
- added rule timeout detection
-
-commit 9b816ed29af1be3a259d9c154418cbe624c2a93f
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 21 22:55:45 2011 -0400
-
- added replay attack detection test
-
-commit 0bda4ee1e5f671c2e64a2b961de2f2ed0f9170a5
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Oct 21 22:54:49 2011 -0400
-
- minor removal of whitespace
-
-commit caf458ad3fb2ce9408035630869e877f0c97768d
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 20 23:33:41 2011 -0400
-
- added first complete SPA cycle test
-
-commit 44598fd7dd6be8207bae512b8b6e13f08e265d2a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 20 23:31:59 2011 -0400
-
- Added --digest-file and --pid-file args
-
- Added --digest-file and --pid-file args so that the user can easily alter
- these paths from the command line.
-
-commit 6f699f7e5d28ac1d8e66d66b9cedb3094a35439e
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 20 00:06:58 2011 -0400
-
- added client/server interaction test capability
-
-commit b8571bcc05cc81448b8d52ef8eef71f2eaefa987
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Oct 18 21:28:38 2011 -0400
-
- Minor PID string length fix
-
- Changed PID string length to 7 to accomodate an ending newline and NULL
- char when writing to the fwknopd .pid file. Without this fix, with a
- 5 digit PID the trailing newline would be truncated (no room for the
- ending NULL char).
-
-commit 0e7a0e9a378c5b9605228075718f53012e87cadd
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Oct 17 23:03:28 2011 -0400
-
- Added --fw-list-all and --fw-flush
-
- Added new command line options --fw-list-all and --fw-flush to allow all
- firewall rules to be displayed including those not created by fwknopd, and
- allow all firewall rules created by fwknopd to be deleted.
-
- Also switched -D config dump output to stdout.
-
-commit e479e776dbd848ba82e65e22b35e7e479a788161
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Oct 17 22:55:01 2011 -0400
-
- Added usage of sudo for recompilation test
-
- The test suite now recompiles fwknop only if the --enable-recompile-check
- option is used, and if so, uses sudo (if installed) to have the resulting
- binaries own by the original user (instead of by root). Also made a couple
- of API changes to create test output files automatically if they don't
- exist.
-
-commit 11c240c41b74c110068b8748b28a074ac121608c
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 22:44:35 2011 -0400
-
- minor update to allow fw rules to be dumped before parsing the access.conf file
-
-commit e36c833f554f59312c02e5efec0bbc77ab0ee301
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 22:02:21 2011 -0400
-
- minor whitespace fixes
-
-commit 9962dc08088b31d116b7b5d41bf8e3ced8cfa814
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 20:59:30 2011 -0400
-
- minor wording update netfilter -> iptables
-
-commit 45ecc6f39932271f7a70b1fe8dec99dc9d2438c0
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 20:41:12 2011 -0400
-
- minor bugfix to ensure that the proper firewall is used to collect system specs
-
-commit 103cd2a8fb0ebe7919a5647ae90a9425242ca0ae
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 20:30:05 2011 -0400
-
- added the test/conf/ directory for config files use by the test suite
-
-commit 6f0d2c509121de45f470dae4c17b6a7e46ea19d0
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 20:29:37 2011 -0400
-
- minor typo fix
-
-commit 64160a0c57aee0c406be5158836fe10b3f38e3f9
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 13 20:29:19 2011 -0400
-
- started on basic SPA generation, updated to use LD_LIBRARY_PATH for local libfko instance
-
-commit a1f4a65f27b73ebe5744c7ae4bf64a0876032e13
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Oct 12 23:37:28 2011 -0400
-
- interim commit to add major functionality to the fwknop test suite
-
-commit 4a41ecc9556fedd4bb04206081b4096a2fddaeee
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Oct 12 23:36:51 2011 -0400
-
- removed
-
-commit 88d8eb03b30a03ebb43a7da33c5f65d2de2c3289
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Oct 12 23:36:04 2011 -0400
-
- minor update to switch to stdout when exiting with success
-
-commit 41c0be29b7a3ea6a0c859b43e43ccdc3aa5e30ba
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 6 23:02:29 2011 -0400
-
- switched --help output to stdout from stderr
-
-commit 26f58a705dbdf9a07e430fc2558871d491c27d63
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Oct 6 22:53:27 2011 -0400
-
- minor update to account for hardening-check return values
-
-commit 1a3e1caffe707e71fd3cf99ffaa4547f7fda017a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Tue Oct 4 23:15:04 2011 -0400
-
- Initial start on a test suite
-
- This commit begins development on a comprehensive test suite for fwknop.
- The initial tests are focused on compilation correctness and security options
- as determined by the "hardening-check" script from Kees Cook of the Debian
- security team.
-
-commit 05f3cec96a03251d1a308d90200c9dc479ae4558
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Sep 25 21:12:30 2011 -0400
-
- Added --help usage information
-
- With the --help command line argument, the following information is printed:
-
- $ ./fwknop-launcher-lsof.pl --help
-
- Usage: fwknop-launcher-lsof.pl [options]
-
- Options:
-
- -c, --config <file> - Path to fwknop-launcher.conf config file.
- -l, --lsof-cmd <path> - Path to lsof command.
- -f, --fwknop-cmd <path> - Path to fwknop client command.
- -s, --sleep <seconds> - Specify sleep interval (default:
- 1 seconds)
- -n --no-daemon - Run in foreground mode.
- -u, --user <username> - Specify username (usually this is not
- needed).
- --home-dir <dir> - Path to user's home directory (usually
- this is not needed).
- -v --verbose - Print verbose information to the terminal
- (requires --no-daemon).
- --help - Print usage info and exit.
-
-commit 71ea0c6bfd3be6ff8d95e6f1d1029394e51c07f4
-Merge: 7748423 35ee5a2
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Sep 25 21:02:54 2011 -0400
-
- Merge branch 'master' into fwknop-launcher
-
-commit 7748423b15958fedfcaeb942f3f26cdc5b40dcde
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Sep 24 22:24:30 2011 -0400
-
- Added the fwknop lsof launcher under the extras/ directory
-
- The fwknop lsof launcher (extras/fwknop-launcher/fwknop-launcher-lsof.pl) is a
- lightweight daemon that allows the user to not have to manually run the fwknop
- client when attempting to gain access to a service that is protected by Single
- Packet Authorization via fwknopd. This is accomplished by checking the output
- of lsof to look for pending connections in the SYN_SENT state, which (usually)
- indicate that a remote firewall is blocking the attempted connection. At this
- point, the launcher executes the fwknop client with the --get-key arg (so the
- user must place the key in the local filesystem) to generate an SPA packet for
- the attempted connection. The remote fwknopd daemon will reconfigure the
- firewall to allow temporary access, and this usually happens fast enough that
- the original connection attempt will then succeed.
-
- The idea for this was originally for a pcap-based connection watcher by
- Sebastien Jeanquier.
-
-commit 35ee5a202debe2e7c15227f7704753c977281de2
-Merge: 35abc34 668ed90
-Author: Michael Rash <michael.rash@gmail.com>
-Date: Wed Sep 21 18:10:16 2011 -0700
-
- Merge pull request #5 from maxkas/master
-
- Fwknop client for iPhone devices - contributed by Max Kastanas
-
-commit 668ed9033f601f052fe58ebf87a8eff144b50fcf
-Author: Max Kastanas <max2idea@users.sf.net>
-Date: Fri Sep 16 22:51:53 2011 -0700
-
- Codebase of Fwknop client for iOS (iPhone) devices
-
-commit 35abc349ab91ff40f0706a66e9ba50188cb94cb2
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Sep 12 23:04:41 2011 -0400
-
- minor typo fix: fwkop -> fwknop
-
-commit f693a2721cf499815853639c8dfb924ab4c427cd
-Merge: e07ccdd 87416c0
-Author: Damien Stuart <dstuart@dstuart.org>
-Date: Sat Sep 10 11:30:09 2011 -0400
-
- Merge branch 'master' of https://github.com/mrash/fwknop
-
-commit e07ccdd5508c488a818790c16728ebdc13be284c
-Author: Damien Stuart <dstuart@dstuart.org>
-Date: Sat Sep 10 11:25:08 2011 -0400
-
- Added the cmd_opts.h file to server and client's Makefile.am so they are included with make dist.
-
-commit 87416c0cdf544ff636ea963bd90f1f22dd7ca49a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Fri Sep 9 22:09:37 2011 -0400
-
- Replaced all strcpy() calls with strlcpy()
-
- OpenBSD especially gives compiler warnings whenever strcpy() is used. All such
- calls have been replaced with strlcpy().
-
-commit 0b8c4890758bfd6612780c28041d7b1e3e9f1a15
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Sep 8 23:44:50 2011 -0400
-
- Added read-only relocations and immediate bindings
-
- Commit 4248b2687054b38e79e2ab9eecf71e5b299172f4 removed read-only relocations
- and immediate bindings for FreeBSD systems (and the same was done for OpenBSD
- systems too). This commit adds these security features back in as linker
- options by only changing LDFLAGS as opposed to also adding the corresponding
- flags to CFLAGS. The end result is that the following errors are fixed:
-
- gcc: -z: linker input file unused because linking not done
- gcc: relro: linker input file unused because linking not done
-
-commit c65e25c6568c53d44d0163ebd4889260466bcdfa
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Sep 8 21:33:52 2011 -0400
-
- Check for active_rules > 0 before decrementing
-
- In the fw_config struct the active_rules member is unsigned, so this change
- ensures that we don't try to decrement it below zero whenever a firewall rule
- is deleted or an error condition occurs.
-
-commit 88b6d44f1f70daf951cf7e1d237114f96ad30a9a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Thu Sep 8 00:20:20 2011 -0400
-
- Update to make _exp_ string a #define
-
- Replaced all instances of "_exp_" with the #define EXPIRE_COMMENT_PREFIX so
- that the prefix can easily be changed. so
- that the prefix can easily be changed. so
- that the prefix can easily be changed. so
- that the prefix can easily be changed.
-
-commit 2531896ebf98d80380f462b4fae9e16940206a40
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Sep 7 23:24:18 2011 -0400
-
- Added the ability to delete PF rules
-
- This commit adds the ability to fwknopd to delete PF rules after the SPA timer
- expires. The strategy implemented is similar to iptables and ipfw, except
- that all PF rules are added to an 'anchor', and deleting a specific expired
- rule is done by listing all rules in the anchor and reinstantiating it via
- 'pfctl -a <anchor> -f -' with the expired rule deleted. fwknopd uses the
- "_exp_<expire time>" convention in a PF rule label similarly to how fwknopd
- interfaces with iptables (via the 'comment' match), and ipfw (via the
- "//<comment>" feature).
-
-commit f9810904c36c270a5d19111ae7566c6d410bed4a
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Sep 3 21:00:12 2011 -0400
-
- minor comment typo fixes
-
-commit d60dde17b71b898a821a60d9a1166c32436c17c2
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Sep 3 14:50:28 2011 -0400
-
- PF rules are now added to the fwknop anchor
-
- This commit implements the ability to add PF firewall rules to the fwknop
- anchor after a valid SPA packet is sniffed off the wire. A subsequent commit
- will add the ability to delete these rules.
-
-commit 6938f7a6aecb1395f750c56a4e10489d6d060fc9
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Aug 28 13:37:23 2011 -0400
-
- Minor copyright holder update
-
- Minor copyright holder update
-
-commit 10ff421e1ef86c1b437645764abe11819a88c292
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sun Aug 28 13:27:15 2011 -0400
-
- For PF firewalls implemented a check for an active fwknop anchor
-
- This commit ensures that for PF firewalls that the fwknop anchor is active and
- linked into the running PF policy. This is accomplished by looking for the
- string 'anchor "fwknop"' in the output of "pfctl -s rules". If the anchor
- exists, then fwknopd will be able to influence traffic via rules added and
- removed from the fwknop anchor.
-
-commit 5bc5ef4305cafd26ee3faaf5eefb3f6b9f05441e
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Aug 27 11:07:19 2011 -0400
-
- Added --fw-list info to --help
-
- Added --fw-list output to usage info when --help is specified from the command
- line.
-
-commit 0649ef924a8c979fd815c2d2e8416a16aeabeb62
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Sat Aug 27 10:57:17 2011 -0400
-
- PF support on OpenBSD in progress, fwknop --fw-list now works
-
- This is the first commit that has fwknopd interact with the PF firewall on
- OpenBSD (via fwknopd --fw-list to show any active fwknopd rules).
-
-commit dcf2d94bf675a906c570814d9cd65e2a1bfd2e77
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Aug 24 23:55:36 2011 -0400
-
- Added autoconf check for pf firewalls
-
- On OpenBSD systems fwknop now checks for pf firewalls via autoconf. The next
- step will be to fill in support for pf via the C code.
-
-commit 649b7a88c1d6caa0e3760c7694b9d5b5b855dd4c
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Wed Aug 24 23:17:45 2011 -0400
-
- Disabled read-only relocations and immediate binding compiler protections
-
- Similarly to FreeBSD systems, gcc throws the following warnings with read-only
- relcations and immediate binding protections - disbabled for now:
-
- gcc: -z: linker input file unused because linking not done
- gcc: relro: linker input file unused because linking not done
- gcc: -z: linker input file unused because linking not done
- gcc: now: linker input file unused because linking not done
-
-commit 47da588003b9bf1645a97823cfa940b8c5a93071
-Author: Michael Rash <mbr@cipherdyne.org>
-Date: Mon Aug 22 21:39:28 2011 -0400
-
- removed 2.0.0 branch specific ChangeLog, ShortLog and diffstat files
View
453 ShortLog-v2.0
@@ -0,0 +1,453 @@
+Damien S. Stuart (1):
+ Refactored configure.ac to use a custom macro for compiler flag checks. Set version to 2.0 (non-release candidate). Minor typo fixes.
+
+Damien Stuart (233):
+ Initial import.
+ Initial Makefile and first cut at fwknop.h, the spa_random_number function, and a program for testing the functions.
+ Added strlcat/cpy functions. Added spa_user function.
+ Added spa_timestamp function.
+ Added more source files. Split out libfwknop functions to a static lib. Misc updates.
+ Added base64 and md5 code.
+ Added sha256 code.
+ Added sha1 refactored the access to the digest routines via digest.c. Other misc teaks to format and style of digest code.
+ Added rijndael code, spa digest and message functions, and a shitload of other changes and tweaks.
+ Makefile tweak.
+ More updates to address compatibility issues with the perl version of fwknop.
+ Total re-arrangement for autoconf/automake implementation.
+ Another major re-write of the fwknop library.
+ Re-arrangement of source tree.
+ Remove files that were stored as sym links.
+ Putting the reg version of the files back
+ Updates to allow for building libfko as a shared lib. (make use of libtool).
+ Added documentation stub.
+ Made fko.h an include_HEADER for proper distribution.
+ Tweaks to add some more ctx state tracking.
+ Minor docs update - Added GPL to info doc.
+ Added some basic format checking to spa message data and message_type checks when client_timeout is set/unset.
+ Added fallback for isdigit() if ctype.h is not available.
+ Added decrypting/decoding/parsing of SPA data.
+ Added gpl-2.0.texi file to doc/Makefile.am so it is included in the dist.
+ Code format tweaks. Added a couple more convenience functions.
+ more checks for configure. omit salt from Rijndael-encrypted data as returned by fko_get_dpa_data.
+ Update to docs.
+ Some progress on the libfko doc.
+ Documentation updates and minor tweaks.
+ Documentation fixes.
+ Reorganized libfko doc.
+ Made the context struct opaque to users of the library. Somewhat major API tweak in that fko_ctx_t is not a pointer type and the fko_new functions take a pointer to that.
+ Broke these out from fko.h.
+ Minor tweaks, and fixed one potential memory allocation issue discovered with valgrind.
+ Updated README
+ First cut at GPG encrytion support (decryption and doc update are pending).
+ Fixed a potential bug where the NULL-termination of the base64-encoded data was being lost during process just before rijndael decryption.
+ Removing files that are auto-generated by the autogen.sh script.
+ Fixed gpgme check so it would not fail if gpgme was not installed. Setup to allow using --with[out]-gpgme option to configure.
+ Fixed configure.ac again (I broke it with my last change). Added first cut at gpg decryption routine.
+ Added fwknop.h to the source list in Makefile.am so it will be included in the distrubution.
+ Documentation updates and minor tweaks. Made it version 1.10.0 consistent in caonfigure.ac and fko.h.
+ Make version consistent for real this time.
+ Fixed flag on gpgme_keylist_next that was forcing only private keys for recipient. Fixed typo in docs.
+ Added more gpgme-related errors and error checking. Other minor tweaks.
+ Slightly improved and cleaner GPG error handling (there is still plenty of room for improvement).
+ Some minor cleanup and tweaks to gpgme code.
+ Add more compiler conditionals for GPGME support to fix error during compiles on systems without gpgme.
+ Replaced deprecated gpgme_key_release calls with gpgme_key_unref. Fixed more potential memory leaks.
+ Split out the source files. Added processing for a couple more command-line options.
+ Added getpasswd routine for getting a password from the user. A few updates to the lib to accomodate clearing the password after we are done with it. Update the fwknop program to reflect/use some of the new functionality.
+ Update libfko docs for the gpgme-related error codes and function.
+ Fixed minor typo
+ Fixed typo in Makefile.am
+ Added better autoconf handling of gpgpme. Fixes so libfko will compile under FreeBSD (7.0 release anyway).
+ Better error checking/message for decription. Fixed typo in docs.
+ Updated autoconf files and code to support Solaris (ver 10 x86 at least). This includes better type checking and resolving some conflicting names under Solaris.
+ Tweaked byte order determination for Solaris systems.
+ Added gpg-home-dir support to libfko and the fwknop program. Added the fko_set_spa_data() function. Documentation updates and other tweaks to support these changes.
+ Fixed typo in doc
+ Fixed segfault issue when spa_data_final was called before spa_message was set.
+ Fixed double-free when destroy was called after a failed gpg encryption/decryption.
+ Added perl module code to the repository.
+ Interim check-in of API changes, libfko and fwknop binary now support the updated API. Docs and Perl module are pending.
+ Tweaks to updated API. Added GPG signature checking and processing functions. Updated Perl module and perldoc for new API and functions.
+ Updated documentation to reflect API changes and GPG signature functions.
+ Added the Perl module files to Makefile.am so they will be included in the dist.
+ Changed fko version to 1.9.12. Made signing GPG-encrypted messages optional.
+ Made the dist name "fwknop-c" so as not to confuse it with the current "fwknop".
+ Updates and revisions to accommodate a Windows build.
+ Updated Makefile.am to add win32 directory to the dist.
+ Added getopt_long and getlogin capability to the Windows build.
+ Removed old test code from fwknop client. Other tweaks and enhancements.
+ Fixed bad variable name after moving the winsock startup code to a the send_spa_packet function.
+ Implemented sending spa data via TCP or ICMP via SOCK_RAW (unix only so far).
+ Added sending via tcp (established) conneciton. removed --debug as an option. Some minor code reformatting and refactoring.
+ Tweak for win32 platform
+ Yet another tweak for win32.
+ Tweaks again for win32 build
+ Brought Error constants in sync with libfko.
+ Minor updates to non-code-related files. Changed some copyrights to 2009.
+ Forgot to bump the perl module minor version number.
+ Added a TODO file
+ Added the digest types constants to the types and individual export tags.
+ Added handling of Backspace and Ctrl-U in the Win32 handling of get_passswd.
+ Tweaks to the win32 build (Visual Studio project configs).
+ Fixed spa access message validation routine to allow for multiple comma-separated requests in one message.
+ Tweaks to cover WIN32 build. Added print of error if tcp connect() fails.
+ Fixed some formatting errors in the POD.
+ Added SHA384 and SHA512 digests. Tweaks for getting rid of windows warnings. Use recv instead of read on socket. Bumped version to 0.63 (libfko) and 0.23 (FKO perl module).
+ Forgot to add the files for the updated SHA digests (oops).
+ Update the VS project file for the new SHA digest files and functions.
+ Fixed typo (actually a cut-and-paste remnant) in the doc.
+ Major rearrangement. Renamed directories: "fko" to "lib", "src" to "client". Added "common" and "server" directories. Setup autoconf to allow disabling the server and/or client builds.
+ Forgot to add the server dir.
+ Made the configure help message show --disable-xxx as the options for whether or not to build the server or client.
+ Some minor refactoring of the TIME_OFFSET handling. Other minor code formatting tweaks.
+ Updates to accommodate the Windows build.
+ Changed http_resolve_host code to make it work with or without trailing whitespace in returned content. Updated the IP address format and value checking code. Switched back to whatsmyip.com as default IP resolver.
+ Updated ip,port format and value check.
+ Fixed another minor typo in the doc
+ Added fwknop.man.asciidoc to docs and fwknop.8 man page to client (derived from fwknop.man.asciidoc).
+ Added check for libpcap. More stubbing in on the server code side.
+ Added more server command-line and config file processing code. Updated autoconf config for new checks and files.
+ Added override config handling and updated the config_init routines to parse everything in the correct order (i.e. config file, override configs, then command-line).
+ Minor manpage tweak
+ More tweaks to config file processing, including simple variable expansion.
+ Added some more stuff to deal with byte order identification on Solaris 10 x86 systems.
+ Added perl/legacy distribution (fwknop-1.9.12). Renamed this distribution from fwknop-c to simply fwknop. Made the version 2.0.0-alpha.
+ Removed the wipe_pw routine as it could result in segfaults when a static key is used.
+ Added some more (stubbed-in) server code and functions. Minor doc tweak.
+ Updated pid/lock file handling. Implemetned -K option.
+ Updates and enhancements to logging functions. Now log_msg writes only to stderr when running in foreground. Default log facility is LOG_DAEMON. Config file options of ENABLE_PACP_PROMISC, HOSTNAME, SYSLOG_IDENTITY, and SYSLOG_FACILITY are processed.
+ Updated sniffer to be able to handle the linux "any" interface.
+ Added stubs and some handling for signals. SIGHUP induces the re-reading the configs and restarting the capture loop. SIGTERM and SIGINT simply trigger a graceful exit. Trimmed some more of the configuration options.
+ Fixed memory leak issue in libfko when fko_new_with_data() was called with a bad key. Added autoconf checks for gdbm with fallback to ndbm for server builds. Added digest cache capability using gdbm (in ndbm compatibility mode) or ndbm for replay detection.
+ Changed digest cache to use gdbm directly wth fallback to ndbm (still not tested).
+ Fixed missed MY_DBM_CLOSE call
+ Fixed minor typo in the POD synopsis (thanks Franck!).
+ Updated digest cache to store additional information including src ip, created, first_replay, last_replay, and replay count.
+ Fixed bug in signal handling when libpcap version 1.0 is used. Minor doc update.
+ The default conf and run directories are captured from the autoconf output. Added post install hook to create the xxx/var/run/fwknop directory (which works, but breaks the "make distcheck" feature of autoconf). Changed order of config processing and set conf struct for some default and overridden parameters so they will be shown properly when -D is used.
+ Autoconf updates for detecting locally installed program paths and changes to facilitate portability. Also set AM_MAINTAINER_MODE so we are not forced to regen/reconfigure when we change one of the autoconf source files (but we do now need to remember to do it ourselves before making a new dist).
+ Made local exe checks run only of a server is being built. Removed checks for external progs that may not be needed yet.
+ Added configure args for specifying specific pathes to the local executables used by fwknopd.
+ Fixed incorrect variable in configure.ac.
+ Added check for SPA packet age against the MAX_SPA_PACKET_AGE if ENABLE SPA_PACKET_AGING is set to "Y" in the conf file. Made the digest cache check only of ENABLE_DIGEST_PERSISTENCE is "Y".
+ Added check for and create of run dir and/or basename of digest_cache (if different from run dir). Added set_locale() call based on LOCALE setting in the conf file.
+ Added access.conf handling and processing. Added a new acces.conf parameter: RESTRICT_PORTS for specifying 1 or more proto/ports that are explicitly not allowed.
+ Updated changelog. Made the fwknop.man.asciidoc match the changes made to the fwknopd.8 manpage.
+ Commented out AM_MAINTAINER_MODE.
+ Added support for multiple GPG_REMOTE_ID values from access.conf (still need to implement the use of those however). Also, went back to support colons (:) as an optional part of the access.conf parameter name (better to keep backward compatibility).
+ Added additional sanity checks and clean-up of access.conf processing and functionality. Fixes require source and added check for required username. Added fallback to use GPG_DECRYPT_PW if it was set and the normal KEY failed with a decyption error. Fixed packet count checks to allow a limit of 0 to mean unlimited number of packets.
+ Bumped working version to 2.0.0-alpha-pre2 to differentiate from the tagged 2.0.0-alpha-pre1. Updated Changelog.
+ Fixed libfko so gpgme engine is gpg by default. Added functions to libfko to set/get path to gpgme engine. Fixed some memory leaks. Reworkd the get_user_pw routine. Added code in fwknopd to put back the "hQ" string on the front of incoming GPG-encypted message data. Removed the previously add pretty-print routine to configure. Updated configure to check for path to gpg executable. Updated docs accordingly.
+ Forgot to remove the m4 dir from Makefil.am
+ Tweaks to eliminate warnings on win32 build of libfko and client.
+ Updated TODO list (removed items that were compled and/or deprecated).
+ Added an initial fwknopd.8 man page (and source asciidoc). Added the --locale and --no-locale command-line option support. The set_config_entry function now allows setting a config entry to NULL to clear and free it.
+ Changed to fix possible double-free bug under some circumstances.
+ Started firewall rule processing. Added rule initialization. Added some of the initial routines for external command execution with ability to capture stdout, stderr, and exit status.
+ Minor tweaks to firewall rules processing and external command execution code.
+ Added the fwknopd.8 man page.
+ First cut at creating access rules and removing them when they expire (not sure I like this implementation but it is a start).
+ Very minor comment and code tweaks (mostly just an excuse to test the relocation of the svn server).
+ Added support for FWKNOP_OUTPUT_ACCESS and NAT_ACCESS modes (still needs testing and tweaking).
+ Tweaked firewall rule creation code. Added SNAT/MASQUERADE support. Fixed rule processing code so an INPUT rule was not created for NAT request. Still needs more review and testing.
+ Mostly documentation file updates.
+ Added support for parsing and processing SPA requests over HTTP. Beefed up verbose logging a bit. Added some more sanity checks on the validity of incoming SPA data before attempting to decode.
+ Tweak to client usage message output. Added TCP server funcionality to the server (call it a first cut).
+ More tweaks. Added SIGCHLD handler and code to try to restart the TCP server if it dies for whatever reason.
+ Some tweaks to the sigchld handling in the server. Other misc minor cleanup.
+ More updates to take care of warnings on Ubuntu systems (fixes for common sense warnings that should have come up om my Fedora system but didn't).
+ Start of cleanup for beta release candidate. Removed locale-related code (for now) as it was breaking some things like logging. removed some unimplemented and/or unused parameters and config directives (as well as thier respective documentation references. Added a --rotate-digest-cache command-line arg to force a rename of the digest cache file and start a new one.
+ More tweaks, clean-up and documentation tweaks for the first release. Made client http-proxy option allow case insensitive match and to take an option :port as part of the argument.
+ Added support for COMMAND_MSG requests. Also added CMD_EXEC_USER to access.conf to allow for fwknopd to setuid to the specified user before running the command. Other minor tweaks.
+ Added the GPG signature checking code. Added GPG_REQUIRE_SIG and GPG_IGNORE_SIG_VERIFY_ERROR parameters to access.conf. Implement the checking of GPG signature IDs against the GPG_REOMOTE_ID list.
+ Updates to TCP server to close the lock file handle, use a non-blocking socket, and detect when the parent fwknop dies so it can exit as well.
+ Changed the way running external commands are hanlded to address issues with it not working on some systems/configurations. Just using system and popen and fw commands are run with stdout and stderr tied to gether.
+ Put locale code back in. More cleanup of config directives and options.
+ More cleanup. Removed the direction field (src, dst, both) from the chain configuration directives. Remove the HOSTNAME parameter as it was not used.
+ Due to issues and usage restrictions on whatismyip.com, I am making the default resolve_ip_http url www.cipherdyne.org/cgi-bin/myip.
+ Added .fwknoprc file creation and processing. This allows for saved default and named configuration profiles. Updated fwknop manpage to reflect the new capability. Also cleaned up messages (errors, info) from the program.
+ Added installation hook to set the perms on the .conf files to 600 during make install. Minot doc tweak.
+ Fixed bad param name in generated .fwknoprc file.
+ Fixed bug where named-stanza was not being found when it indeed existed.
+ Added fwknop.spec for rpm builds. Removed the server post install hook as it breaks make distcheck and rpm builds.
+ Minor cleanup on the spec file.
+ Fixed bug where ALLOW_IP of resolve was not overridden by an ALLOW_IP parameter in a named stanza. Removed erroneous invalid parameter from the initially generated .fwknoprc file.
+ Fixed issues found by the Windows compiler (that I would think would have been flagged by gcc).
+ Removed unreferenced variables.
+ Use USERPROFILE instead of HOME for homedir determination on win32 builds.
+ Fixed autoconf config so libfko and fwknop client are not linked with libpcap and libgdbm. Fixed some issues in the fwknop.spec file.
+ Fixed another oops in the spec file.
+ Renamed the legacy perl verison of fwknop.spec to fwkop-legacy.spec to resolve rpmbuild confusion when using the -tx options.
+ Manpage updates
+ Added AC_SYS_LARGE_FILE to configure.ac
+ Modified top-level Makefile.am so the legacy perl stuff is not packaged into the distribution tar file. More cleanup of the fwknopd man page.
+ Slightly revamped how signals were setup.
+ Reworked how man pages are generated. Now, man pages in the client and server directory are "fwknop(d).8.in" and a target was added to Makefile.am to create the man pages while doing variable substitutions based on directives specified via the configure script. Minor tweak to fwknop.spec file.
+ Removed checks for sig verification flag on gpg_sig info related functions.
+ Reverted last libfko change. Added set verify_sig flag when remote_ids are specified.
+ Moved force set of verify flag on remote_id value to before decryption phase.
+ Added the fwknopd_errors.[ch] files which provides the get_errstr() and fwknopd_errstr() functions. The get_errstr() function takes and error_code, tries to determine the type, then calls the appropriate xxx_errstr function to return a description string. Fixed some minor errors in the libfko API docs.
+ Almost all he conf variables have a default value if they are not there (or set). All the entries in the initial fwknop.conf file are not commented out adn can be override as needed.
+ Fixed some misplaced dependencies in the fwknop.spec file.
+ Updated the version number in the win32 config.h copy
+ Updates and clean-up to address the many compiler warnings when compiled with -Wall. Also some autoconf updates
+ Per Franck Joncourt - Corrected misspelled word in fwknopd man page and access.conf.
+ Added check to make sure a firewall program is set.
+ Removed a debug print statement.
+ Cleaned out some old commented-out sections configure.ac and fixed an issue where exteranl file checks would fail when running configure in cross-compiler environment. No code changes made.
+ Added extras directory. Bumped version in autoconf to 1.0.0rc2.
+ Fixed issue with spaces in in access.conf comma-separated values. Fixed issue with GPG signature check being forced when GPG_REMOTE_ID is set and GPG_REQUIRE_SIG was "N". Updated dependency in the spec file. Updates to ChangeLog.
+ Added some OpenWRT-related files to the extras directory.
+ Tweaks to autoconf files.
+ Updates to accomodate building and compiling on FreeBSD systems.
+ Oops left out new header for last update.
+ Uncommented call to check_firewall_rules (left in while debugging freebsd build).
+ Refactored firewall rule code to separate files by firewall type. Stubbed in ipfw and ipf firewall types. Updated autoconf to set a firewall type and path depending on configure arguments.
+ Start of addition of access requests via ipfw.
+ Added rule expire and purge for ipfw. Almost there...
+ Missed a config file update on the last check-in.
+ Wrapped #ifdef around a linux-specific chunk.
+ Made fw_cleanup not remove rules from the expired rule set. Added code to read in any existing expired rules into the rule_map at startup.
+ Made autoconf print an error message indicating ipf is not supported if it is specified. Changelog updates.
+ Minor fwknopd man page tweak.
+ Fixed handling of man page generation in Makefile.am so it works from alternate build directories.
+ Set pcap non-block mode back on unless it is a freebsd system. Server verbose output no longer shows access key or GPG password.
+ Tweaks to the fwknop.spec file
+ Put the usleep back pcap_capture (oops).
+ Needed to bump libfko revision to 2 do identify as part of newer dist.
+ Update added HAVE_ERRNO_H 1 to win32/config.h.
+ Bumped version to rc3 (even though we may go straight to release) and lib rev to 3.
+ Updated perl module for additional error messages.
+ Updated the GPL blurb at the top of the source files. Added some missing copyright statements (Thanks to Franck Joncourt).
+ Added code to zero out rcfile path before setting it. Also added a bounds check to that as well.
+ Minor comment and documentation tweaks. Add the python directory which contains my first cut at a libfko Python wrapper module.
+ Added the Fko class code to wrap the _fko wrapper around libfko.
+ Added pydoc text to the fko python module. Minot tweak to setup.py.
+ Do not need parens around expression in if statements in python (still learning).
+ Fixed bug where libfko would segfault if fko_get_spa_data() was called before fko_spa_data_final() was called (and successful). Added include of time.h in fko.h.
+ Additional docs and classes added to the fko python module. Minor tweak and bumped version in the fwknop.spec file.
+ Removed unnecessary include.
+ Adding Max Kastanas's fwknop client app code for Android
+ Minor update to the android README
+ Added python/fko.py to Makefile.am so it is also included in distributions. Minor tweak to address compile error on Mac os X.
+ Fix check and handling of ndbm as an option for the digest cache.
+ Added a no-digest-cache configure option and capability (though it is not recommended).
+ Set FD_CLOEXEC on pid file descriptor. Added support for setting the URL for resolving source IP via command-line or the .fwknoprc file.
+ Added the cmd_opts.h file to server and client's Makefile.am so they are included with make dist.
+ Merge branch 'master' of https://github.com/mrash/fwknop
+
+Max Kastanas (1):
+ Codebase of Fwknop client for iOS (iPhone) devices
+
+Michael Rash (210):
+ Merged in fwknop-c-ubuntu branch changes via:
+ - Added command line argument processing for:
+ - Added code to send SPA packet data over a UDP socket. - Added minor validation step to enforce --Destination usage if not running in --Test mode (will extend this validation to include other option).
+ minor update to not force --Destination in --Version mode
+ added Id tag expansion
+ -Added the --get-key option to allow SPA passwords to be read from a file. This feature will be useful for an automated test suite that drives the fwknop C client against an SPA server implementation.
+ Added the following options:
+ minor bug fix to anticipate closing newline in a password read from a file via --get-key
+ updated to concatenate the allow IP and access string for fko_set_spa_message()
+ updated Copyright to Damien
+ Minor bug fix to process gpg command line arguments properly when handling the command line.
+ removed unnecessary initialization of string vars to 0x0 because the earlier memset() takes care of this
+ added the --save-packet argument so that SPA packet data can be saved to the local filesystem by the fwknop-c client
+ added --save-packet-append so that SPA packet data can be appended to a file
+ minor link update for the cipherdyne.org website
+ minor wording update to match fwknop help to config_init.h for --server-proto option
+ minor typo fix (gps -> gpg)
+ bug fix suggested by Damien to allow the recompute of the SPA digest to properly happen when calling spa_digest() with a true value
+ initial stab at libfko server daemon TODO's
+ added B64_GPG_PREFIX 'hQ' string for GnuPG prefix handling (similar to the 'Salted__' handling for Rijndael SPA packet encryption
+ - Added the ability to send SPA packets over valid HTTP requests with the fwknop-c client. - Added support for transmitting SPA packets over IPv6 via TCP and UDP sockets, and also via HTTP. - Added GnuPG 'hQ' base64 encoded prefix handling (this prefix is stripped out of encrypted SPA packet data). - Added hostname resolution support to the fwknop-c client if the SPA server is specified as a hostname instead of an IP address. - Minor bug fix to allow a GnuPG password to be specified via the --get-key functionality.
+ * Got forward and local NAT modes working with the --nat-access, --nat-local, --nat-port, and --nat-randport options. All NAT modes are now passing the fwknop test suite. * Added the --server-command option to build an SPA packet with a command for the server to execute. * Added the --fw-timeout option for client side timeouts to be specified. * Added the --time-offset-plus and --time-offset-minus options to allow the user to influence the timestamp associated with an SPA packet. * Added the --rand-port option so that the SPA packet destination port can be randomized.
+ * Added the --show-last and --no-save command line options to show the command line used for the previous fwknop invocation, and to have the fwknop client not save its command line arguments. * Bug fix to force libfko to recalculate the random data embedded in the the SPA packet after a random port is acquired via --rand-port or --nat-rand-port. This is a precaution so that an attacker cannot guess some of the internal SPA data based on the destination port number.
+ changed the minimum destination SPA port from 1024 to 10,000
+ minor doc updates
+ Added the --source-ip argument to build SPA packets with 0.0.0.0 (the fwknopd server can wrap access controls around this)
+ bugfix to order HTTP request headers properly, updated the user agent for SPA over HTTP to use the options->http_user_agent variable (can be set from the command line)
+ added the --resolve-ip-http and --user-agent command line args so the fwknop-c client can resolve the external network via http://www.cipherdyne.org/cgi/myip.cgi
+ updated SPA over HTTP packets to always begin the a slash right after the GET string, updated to print SPA packets over HTTP to stderr in test/verbose mode
+ updated to handle the fwknop-c version string '2.0.0-alpha' in HTTP tests
+ Added --List-mode so that identifying strings for tests can be printed on stdout. This is useful to see what is available for --test-include regex's.
+ Added better --debug output for time differences on incoming SPA packets. This makes it easier to tell when there are problems with time synchronization between the fwknop client and fwknopd server systems.
+ - Added --http-proxy argument to the fwknop C client. - (Legacy code): Changed HTTP proxy handling to point an SPA packet to an HTTP proxy with -D specifying the end point host and --HTTP-proxy pointing to the proxy host. This fix was suggested by Jonathan Bennett.
+ added Daniel Lopez, and Jonathan Bennett's proxy fix
+ added the latest http proxy fixes to the ChangeLog
+ (Legacy code) Applied patch from Jonthan Bennett to support the usage of the http_proxy environmental variable for sending SPA packets through an HTTP proxy. The patch also adds support for specifying an HTTP proxy user and password via the following syntax:
+ * (Legacy code) Bug fix to allow the --rand-port argument to function along without an inappropriate check for the --Server-port arg.
+ minor bug fix to ensure that -R resolution work with --URL=http://www.cipherdyne.org/cgi/clientip.cgi
+ minor bug fix to not append --Server-port option in --rand-port mode
+ bumped version to 2.0.0-alpha-pre1
+ minor update to include the -f arg in the usage() output
+ Added --packet-limit to fwknopd so that the number of incoming candidate SPA packets can be limited from the command line. When this limit is reached (any packet that contains application layer data and passes the pcap filter is included in the count) then fwknopd exits.
+ added Id tag expansion
+ added Id tag expansion
+ minor spacing fix
+ added --http-proxy and --no-save-args to usage() output
+ added --http-proxy argument to the fwknop.8 man page
+ removed unnecessary --no-save arg since --no-save-args covers it
+ Added --access-file command line arg to fwknopd so that the path to the access.conf file can be specified from the command line.
+ added -a arg to fwknopd usage() output
+ minor update to the fwknop client to use '#define GETOPTS_OPTION_STRING' for getopt() command line arg processing.
+ * Added a new command line argument "--last-cmd" to run the fwknop client with the same command line arguments as the previous time it was executed. The previous arguments are parsed out of the ~/.fwknop.run file (if it exists). * Bug fix to not send any SPA packet out on the wire if a NULL password/key is provided to the fwknop client. This could happen if the user tried to abort fwknop execution by sending the process a SIGINT while being prompted to enter the password/key for SPA encryption.
+ (legacy code) (test suite) Bug fix for GnuPG SPA/HTTP tests not pointing to the proper HTTP output file
+ * Fixed a few minor warnings like the following:
+ added --last-cmd argument to fwknop(8) man page via the fwknop.man.asciidoc file
+ added --server-cmd arg to fwknop client man page and help output
+ bug fix in --packet-limit handling to ensure multi-packet processing when the arg is not used
+ Added minor validation code to access.conf parsing to ensure that a SOURCE stanza begins with the SOURCE variable and that there is at least one usage of the OPEN_PORTS and KEY variables. The OPEN_PORTS requirement might be relaxed when PERMIT_CLIENT_PORTS handling is added.
+ bug fix to ensure the --last-cmd re-parsing of command line args via getopt_long() has a reset index
+ Update to call parse_proto_and_port() before allocating a new port list. This fixes the following stack trace when generating an SPA packet that contains "none/0" for the port list:
+ updated to call dump_access_list() if -D was given to dump config information
+ applied patch from Franck to catch a couple of man page typos
+ Updated to define a default gpg keyring path of /root/.gnupg, and if the GPG_HOME_DIR variable is not defined in the fwknopd.conf file or the access.conf file, then this default will take over.
+ minor macro update to define the default gpg keyring
+ minor update to check the gpg keyring path setting in access stanzas only if a decrypt password is specified
+ - added is_valid_dir() utility function for checking directory stat()/existence (this is used for gpg keyring path validation).
+ added --fw-list arg to the fwknopd daemon to list all current firewall rules for any running fwknopd process
+ removed additional wait() call from run_extcmd(), updated --fw-list to just use system() to execute the iptables listing commands
+ Bug fix for USE_NDBM variable so that client-only builds work. The specific error before the patch along with the command line invocation of the "configure" script appear below:
+ minor bug fix to account for PATH_SEP being defined as a character instead of a string
+ minor off-by-one fix for home directory path separator
+ Removed legacy $Id$ tags from svn
+ Bug fix for uninitialized variable found with splint static analyzer
+ Minor rename in support of non-dbm file cache
+ Added autoconf support for non-dbm file cache.
+ Updated digest file path for gdbm/ndbm support
+ Added --pcap-filter to the fwknopd command line
+ Merge branch 'master' into optional_dbm_support
+ Implemented linked list cache of SPA digests
+ Started on code to parse the digest cache file
+ Added dst IP to tracked SPA data
+ Added source port and protocol to digest tracking
+ Added digest file import code
+ Consolidated replay warnings in a single function
+ Implemented memory clean up for digest cache list
+ Added fwknop-2.0.0rc2 openwrt support from Jonathan Bennett
+ Minor variable cleanup to fix compiler warnings
+ Added stack protection, PIE, fortify source, etc.
+ Updated replay warnings to include proto/port info
+ Update to force base64 check for all SPA data
+ Update to add any missing iptables jump rules
+ Renamed ChangeLog -> ChangeLog.old for new ChangeLog handling
+ Added ChangeLog derived from git commit messages.
+ Bumped version to fwknop-2.0.0-rc3
+ added the VERSION file
+ Bug fix for ./configure args to disable compile time security options
+ Added -Wall for all gcc warnings during compile
+ minor commit to fix minor compilations warnings
+ Minor restructuring to suppress compiler "defined but not used warnings"
+ Update to suppress additional compiler warning
+ On FreeBSD disable read-only relocations and immediate binding protections
+ Fixed a few minor compiler warnings on FreeBSD
+ On FreeBSD, made gpgme header path inclusion optional
+ Bug fix to create the digest.cache file at init
+ Bug fix for missing set existence check on ipfw firewalls
+ Bug fix for ipfw firewalls to not always require seeing 'Dynamic' rules
+ Updated ChangeLog with all changes from 2.0.0-rc3
+ Added version specific ChangeLog, ShortLog, and diffstat files.
+ bumped version to 2.0.0rc4
+ removed 2.0.0 branch specific ChangeLog, ShortLog and diffstat files
+ Disabled read-only relocations and immediate binding compiler protections
+ Added autoconf check for pf firewalls
+ PF support on OpenBSD in progress, fwknop --fw-list now works
+ Added --fw-list info to --help
+ For PF firewalls implemented a check for an active fwknop anchor
+ Minor copyright holder update
+ PF rules are now added to the fwknop anchor
+ minor comment typo fixes
+ Added the ability to delete PF rules
+ Update to make _exp_ string a #define
+ Check for active_rules > 0 before decrementing
+ Added read-only relocations and immediate bindings
+ Replaced all strcpy() calls with strlcpy()
+ minor typo fix: fwkop -> fwknop
+ Merge pull request #5 from maxkas/master
+ Added the fwknop lsof launcher under the extras/ directory
+ Merge branch 'master' into fwknop-launcher
+ Added --help usage information
+ Initial start on a test suite
+ minor update to account for hardening-check return values
+ switched --help output to stdout from stderr
+ minor update to switch to stdout when exiting with success
+ removed
+ interim commit to add major functionality to the fwknop test suite
+ started on basic SPA generation, updated to use LD_LIBRARY_PATH for local libfko instance
+ minor typo fix
+ added the test/conf/ directory for config files use by the test suite
+ minor bugfix to ensure that the proper firewall is used to collect system specs
+ minor wording update netfilter -> iptables
+ minor whitespace fixes
+ minor update to allow fw rules to be dumped before parsing the access.conf file
+ Added usage of sudo for recompilation test
+ Added --fw-list-all and --fw-flush
+ Minor PID string length fix
+ added client/server interaction test capability
+ Added --digest-file and --pid-file args
+ added first complete SPA cycle test
+ minor removal of whitespace
+ added replay attack detection test
+ added rule timeout detection
+ added Rijndael SPA validity tests
+ added -P bpf filter test
+ added -P bpf test for complete SPA cycle over non standard SPA port
+ added test to validate digest.cache structure
+ minor whitespace removal
+ added first GPG complete cycle SPA test
+ extended packet validity tests in GPG mode
+ minor update to match include/exclude criteria on the whole test message
+ added digest cache validation after GPG tests
+ added LD_LIBRARY_PATH to all fwknop/fwknopd commands to make manual command execution easier
+ minor whitespace removal
+ update to detect loopback interface
+ compiler warning fix for sscanf() on freebsd
+ added 'const' to function prototype vars where possible
+ Update to print all firewall commands in --verbose mode
+ Update to ensure libfko.so path is detected properly on OpenBSD
+ added stack protection detection for OpenBSD systems
+ minor whitespace removal
+ update to remove packet direction requirement when sniffing on OpenBSD loopback interfaces
+ bugfix to return preprocess_spa_data() result properly to calling function
+ [test-suite] added the ability to run all fwknop tests through valgrind
+ minor looping criteria update for valgrind tests
+ updated client SPA verbose message to include the server IP/host
+ added complete SPA cycle tests for tcp ports 23 and 9418 (git), and for udp 53 dns
+ Fixed fwknopd memory leak, several other fixes and updates
+ consolidated several test functions into a single generic_exec() function
+ added --diff mode to the test suite to compare results from one execution to the next
+ remove CMD timestamps for --diff mode
+ This commit fixes two memory leaks and adds a common exit function.
+ minor test wording consolidation
+ simplified the client/server interaction code, started on IP filtering tests, added spoof username tests
+ added IP/subnet match tests, added --Anonymize-results mode
+ added tests for various access.conf variables
+ added DNAT mode tests, minor memory leak fix in NAT mode, added fwknopd check for ENABLE_IPT_FORWARDING variable before attempting NAT access
+ bug fix to honor the fwknop client --time-offset-plus and --time-offset-minus options
+ added test for --test mode in the fwknop client
+ bug fix to exclude SPA packets with timestamps in the future that are too great (old packets were properly excluded already)
+ added SPA packet aging tests
+ Added access stanza expiration feature, multiple access stanza bug fix
+ memory leak bugfix as a follow up to commit b280f5cde0246cdef33dee3f8be66a2bcef77336
+ minor newline fix for access.conf output dump
+ Added FORCE_NAT mode to the access.conf file
+ minor compile fixes for FreeBSD
+ minor compiler warning fix on OpenBSD
+ added CREDITS file, bumped software version, added ChangeLog files
+ added CREDITS file, bumped software version, added ChangeLog files
+ Added various files to Makefile.am so that 'make dist' continues to work
+ change log doc updates
+ Added the CREDITS file for 'make dist'
+ minor addition of the CREDITS file for 'make dist'
+ added local_spa.key file
+ added local_spa.key file
+ minor addition of the local_spa.key file for 'make dist'
+ updated copyright and license statement - fwknop is GPL software
+ minor wording update subversion -> git
+ bumped version to 2.0
+ minor test suite addition to check for linker input file warnings
+ minor test suite update to look for linker warnings in a more generic way
+ added FKO_CHECK_COMPILER_ARG_LDFLAGS_ONLY to fix ro-relocations and immediate binding protection compliation warnings on FreeBSD
+ bumped version to 2.0
+
View
123 ShortLog-v2.0rc5
@@ -1,123 +0,0 @@
-Damien Stuart (2):
- Added the cmd_opts.h file to server and client's Makefile.am so they
- are included with make dist.
- Merge branch 'master' of https://github.com/mrash/fwknop
-
-Max Kastanas (1):
- Codebase of Fwknop client for iOS (iPhone) devices
-
-Michael Rash (93):
- removed 2.0.0 branch specific ChangeLog, ShortLog and diffstat files
- Disabled read-only relocations and immediate binding compiler
- protections
- Added autoconf check for pf firewalls
- PF support on OpenBSD in progress, fwknop --fw-list now works
- Added --fw-list info to --help
- For PF firewalls implemented a check for an active fwknop anchor
- Minor copyright holder update
- PF rules are now added to the fwknop anchor
- minor comment typo fixes
- Added the ability to delete PF rules
- Update to make _exp_ string a #define
- Check for active_rules > 0 before decrementing
- Added read-only relocations and immediate bindings
- Replaced all strcpy() calls with strlcpy()
- minor typo fix: fwkop -> fwknop
- Merge pull request #5 from maxkas/master
- Added the fwknop lsof launcher under the extras/ directory
- Merge branch 'master' into fwknop-launcher
- Added --help usage information
- Initial start on a test suite
- minor update to account for hardening-check return values
- switched --help output to stdout from stderr
- minor update to switch to stdout when exiting with success
- removed
- interim commit to add major functionality to the fwknop test suite
- started on basic SPA generation, updated to use LD_LIBRARY_PATH for
- local libfko instance
- minor typo fix
- added the test/conf/ directory for config files use by the test suite
- minor bugfix to ensure that the proper firewall is used to collect
- system specs
- minor wording update netfilter -> iptables
- minor whitespace fixes
- minor update to allow fw rules to be dumped before parsing the
- access.conf file
- Added usage of sudo for recompilation test
- Added --fw-list-all and --fw-flush
- Minor PID string length fix
- added client/server interaction test capability
- Added --digest-file and --pid-file args
- added first complete SPA cycle test
- minor removal of whitespace
- added replay attack detection test
- added rule timeout detection
- added Rijndael SPA validity tests
- added -P bpf filter test
- added -P bpf test for complete SPA cycle over non standard SPA port
- added test to validate digest.cache structure
- minor whitespace removal
- added first GPG complete cycle SPA test
- extended packet validity tests in GPG mode
- minor update to match include/exclude criteria on the whole test
- message
- added digest cache validation after GPG tests
- added LD_LIBRARY_PATH to all fwknop/fwknopd commands to make manual
- command execution easier
- minor whitespace removal
- update to detect loopback interface
- compiler warning fix for sscanf() on freebsd
- added 'const' to function prototype vars where possible
- Update to print all firewall commands in --verbose mode
- Update to ensure libfko.so path is detected properly on OpenBSD
- added stack protection detection for OpenBSD systems
- minor whitespace removal
- update to remove packet direction requirement when sniffing on
- OpenBSD loopback interfaces
- bugfix to return preprocess_spa_data() result properly to calling
- function
- [test-suite] added the ability to run all fwknop tests through
- valgrind
- minor looping criteria update for valgrind tests
- updated client SPA verbose message to include the server IP/host
- added complete SPA cycle tests for tcp ports 23 and 9418 (git), and
- for udp 53 dns
- Fixed fwknopd memory leak, several other fixes and updates
- consolidated several test functions into a single generic_exec()
- function
- added --diff mode to the test suite to compare results from one
- execution to the next
- remove CMD timestamps for --diff mode
- This commit fixes two memory leaks and adds a common exit function.
- minor test wording consolidation
- simplified the client/server interaction code, started on IP
- filtering tests, added spoof username tests
- added IP/subnet match tests, added --Anonymize-results mode
- added tests for various access.conf variables
- added DNAT mode tests, minor memory leak fix in NAT mode, added
- fwknopd check for ENABLE_IPT_FORWARDING variable before attempting
- NAT access
- bug fix to honor the fwknop client --time-offset-plus and
- --time-offset-minus options
- added test for --test mode in the fwknop client
- bug fix to exclude SPA packets with timestamps in the future that are
- too great (old packets were properly excluded already)
- added SPA packet aging tests
- Added access stanza expiration feature, multiple access stanza bug
- fix
- memory leak bugfix as a follow up to commit
- b280f5cde0246cdef33dee3f8be66a2bcef77336
- minor newline fix for access.conf output dump
- Added FORCE_NAT mode to the access.conf file
- minor compile fixes for FreeBSD
- minor compiler warning fix on OpenBSD
- added CREDITS file, bumped software version, added ChangeLog files
- added CREDITS file, bumped software version, added ChangeLog files
- Added various files to Makefile.am so that 'make dist' continues to
- work
- change log doc updates
- Added the CREDITS file for 'make dist'
- minor addition of the CREDITS file for 'make dist'
- added local_spa.key file
- added local_spa.key file
-
View
1,434 diffstat-v2.0
<
@@ -0,0 +1,1434 @@
+ AUTHORS | 19 +
+ COPYING | 340 +
+ CREDITS | 17 +
+ ChangeLog | 3020 +++++++++
+ ChangeLog.old | 227 +
+ INSTALL | 234 +
+ Makefile.am | 163 +
+ NEWS | 38 +
+ README | 86 +-
+ TODO | 41 +
+ VERSION | 1 +
+ android/Application.mk | 2 +
+ android/COPYING | 674 ++
+ android/README | 142 +
+ android/project/AndroidManifest.xml | 19 +
+ android/project/build.properties | 16 +
+ android/project/build.xml | 67 +
+ android/project/default.properties | 11 +
+ android/project/jni/Android.mk | 36 +
+ android/project/jni/config.h | 350 +
+ android/project/jni/fwknop/fwknop_client.c | 186 +
+ android/project/jni/fwknop/fwknop_client.h | 56 +
+ android/project/jni/fwknop/send_spa_packet.c | 94 +
+ android/project/jni/libfwknop/README | 11 +
+ android/project/jni/libfwknop/get_libfko_files.sh | 37 +
+ android/project/jni/logutils.h | 38 +
+ android/project/nbproject/build-impl.xml | 744 +++
+ android/project/nbproject/genfiles.properties | 8 +
+ .../project/nbproject/private/private.properties | 5 +
+ android/project/nbproject/private/private.xml | 4 +
+ android/project/nbproject/project.properties | 67 +
+ android/project/nbproject/project.xml | 17 +
+ android/project/res/drawable-hdpi/icon.png | Bin 0 -> 4147 bytes
+ android/project/res/drawable-ldpi/icon.png | Bin 0 -> 1723 bytes
+ android/project/res/drawable-mdpi/icon.png | Bin 0 -> 2574 bytes
+ android/project/res/drawable/lock_128x128.png | Bin 0 -> 13472 bytes
+ android/project/res/drawable/lock_32x32.png | Bin 0 -> 1257 bytes
+ android/project/res/drawable/lock_64x64.png | Bin 0 -> 4018 bytes
+ android/project/res/layout/main.xml | 180 +
+ android/project/res/values/strings.xml | 5 +
+ .../src/com/max2idea/android/fwknop/Fwknop.java | 531 ++
+ .../project/src/com/max2idea/android/fwknop/R.java | 52 +
+ autogen.sh | 15 +
+ client/Makefile.am | 28 +
+ client/cmd_opts.h | 108 +
+ client/config_init.c | 943 +++
+ client/config_init.h | 48 +
+ client/fwknop.8.in | 676 ++
+ client/fwknop.c | 807 +++
+ client/fwknop.h | 42 +
+ client/fwknop_common.h | 144 +
+ client/getpasswd.c | 218 +
+ client/getpasswd.h | 39 +
+ client/http_resolve_host.c | 289 +
+ client/spa_comm.c | 660 ++
+ client/spa_comm.h | 42 +
+ client/utils.c | 73 +
+ client/utils.h | 41 +
+ common/Makefile.am | 1 +
+ common/common.h | 135 +
+ common/netinet_common.h | 181 +
+ configure.ac | 561 ++
+ doc/Makefile.am | 6 +
+ doc/README | 40 +
+ doc/fwknop.man.asciidoc | 579 ++
+ doc/fwknopd.man.asciidoc | 485 ++
+ doc/gpl-2.0.texi | 400 ++
+ doc/libfko.texi | 1331 ++++
+ extras/fwknop-launcher/fwknop-launcher-lsof.pl | 350 +
+ extras/fwknop-launcher/fwknop-launcher.conf | 30 +
+ extras/fwknop.init.debian | 200 +
+ extras/fwknop.init.openwrt | 29 +
+ extras/fwknop.init.redhat | 115 +
+ extras/openwrt/README.openwrt | 19 +
+ extras/openwrt/package/fwknop/Makefile | 141 +
+ extras/openwrt/package/fwknop/files/fwknopd.init | 29 +
+ extras/openwrt/package/gpgme/Makefile | 82 +
+ fwknop.spec | 153 +
+ iphone/COPYING | 340 +
+ iphone/Classes/FwknopController.h | 30 +
+ iphone/Classes/FwknopController.m | 309 +
+ iphone/Classes/MyAppDelegate.h | 33 +
+ iphone/Classes/MyAppDelegate.m | 53 +
+ iphone/Classes/bridge_fwknop.c | 28 +
+ iphone/Classes/bridge_fwknop.h | 21 +
+ iphone/Classes/config.h | 346 +
+ iphone/Classes/fwknop/fwknop_client.c | 162 +
+ iphone/Classes/fwknop/fwknop_client.h | 60 +
+ iphone/Classes/fwknop/send_spa_packet.c | 94 +
+ iphone/Classes/libfwknop/README | 11 +
+ iphone/Classes/libfwknop/config.h | 14 +
+ iphone/Classes/libfwknop/fko_common.b | 140 +
+ iphone/Classes/libfwknop/get_libfko_files.sh | 38 +
+ iphone/Classes/logutils.h | 33 +
+ iphone/Fwknop.pch | 23 +
+ iphone/Fwknop.xcodeproj/dev.mode1v3 | 1539 +++++
+ iphone/Fwknop.xcodeproj/dev.pbxuser | 2859 +++++++++
+ iphone/Fwknop.xcodeproj/project.pbxproj | 413 ++
+ iphone/Info.plist | 30 +
+ iphone/README | 42 +
+ iphone/lock_57x57.png | Bin 0 -> 3466 bytes
+ iphone/main.m | 29 +
+ lib/Makefile.am | 18 +
+ lib/base64.c | 122 +
+ lib/base64.h | 44 +
+ lib/cipher_funcs.c | 320 +
+ lib/cipher_funcs.h | 55 +
+ lib/digest.c | 228 +
+ lib/digest.h | 70 +
+ lib/fko.h | 274 +
+ lib/fko_client_timeout.c | 114 +
+ lib/fko_common.h | 132 +
+ lib/fko_context.h | 103 +
+ lib/fko_decode.c | 371 ++
+ lib/fko_digest.c | 162 +
+ lib/fko_encode.c | 230 +
+ lib/fko_encryption.c | 953 +++
+ lib/fko_error.c | 208 +
+ lib/fko_funcs.c | 372 ++
+ lib/fko_limits.h | 53 +
+ lib/fko_message.c | 286 +
+ lib/fko_nat_access.c | 100 +
+ lib/fko_rand_value.c | 152 +
+ lib/fko_server_auth.c | 100 +
+ lib/fko_state.h | 92 +
+ lib/fko_timestamp.c | 74 +
+ lib/fko_user.c | 116 +
+ lib/fko_util.h | 43 +
+ lib/gpgme_funcs.c | 539 ++
+ lib/gpgme_funcs.h | 45 +
+ lib/md5.c | 276 +
+ lib/md5.h | 55 +
+ lib/rijndael.c | 614 ++
+ lib/rijndael.h | 127 +
+ lib/sha1.c | 290 +
+ lib/sha1.h | 63 +
+ lib/sha2.c | 1085 ++++
+ lib/sha2.h | 209 +
+ lib/strlcat.c | 72 +
+ lib/strlcpy.c | 68 +
+ perl/FKO/Changes | 9 +
+ perl/FKO/FKO.xs | 597 ++
+ perl/FKO/MANIFEST | 14 +
+ perl/FKO/Makefile.PL | 38 +
+ perl/FKO/README | 35 +
+ perl/FKO/inc/Devel/CheckLib.pm | 278 +
+ perl/FKO/lib/FKO.pm | 1075 ++++
+ perl/FKO/lib/FKO_Constants.pl | 169 +
+ perl/FKO/ppport.h | 4954 +++++++++++++++
+ perl/FKO/t/00_init.t | 48 +
+ perl/FKO/t/01_constants.t | 59 +
+ perl/FKO/t/02_functions.t | 221 +
+ perl/FKO/t/03_errors.t | 90 +
+ perl/FKO/typemap | 3 +
+ perl/legacy/fwknop/CREDITS | 356 ++
+ perl/legacy/fwknop/ChangeLog | 1192 ++++
+ perl/legacy/fwknop/ChangeLog.svn | 932 +++
+ perl/legacy/fwknop/INSTALL | 31 +
+ perl/legacy/fwknop/LICENSE | 340 +
+ perl/legacy/fwknop/Makefile | 47 +
+ perl/legacy/fwknop/README | 51 +
+ perl/legacy/fwknop/README.ACCESS | 90 +
+ perl/legacy/fwknop/README.GPG | 89 +
+ perl/legacy/fwknop/README.PK | 51 +
+ perl/legacy/fwknop/README.RPM | 72 +
+ perl/legacy/fwknop/TODO | 129 +
+ perl/legacy/fwknop/VERSION | 1 +
+ perl/legacy/fwknop/access.conf | 35 +
+ perl/legacy/fwknop/bump_version.pl | 67 +
+ perl/legacy/fwknop/chainmgr_test.pl | 66 +
+ perl/legacy/fwknop/config_vars.conf | 4 +
+ perl/legacy/fwknop/config_vars.pl | 109 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/Build.PL | 49 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/Changes | 115 +
+ .../fwknop/deps/Class-MethodMaker/Generate.pm | 12 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/INSTALL | 21 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/MANIFEST | 65 +
+ .../fwknop/deps/Class-MethodMaker/MANIFEST.SKIP | 25 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/META.yml | 13 +
+ .../fwknop/deps/Class-MethodMaker/Makefile.PL | 81 +
+ .../fwknop/deps/Class-MethodMaker/MethodMaker.xs | 17 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/README | 53 +
+ .../legacy/fwknop/deps/Class-MethodMaker/SIGNATURE | 87 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/TODO | 98 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/VERSION | 1 +
+ .../deps/Class-MethodMaker/benchmark/lexical.pl | 47 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/cmmg.pl | 284 +
+ .../Class-MethodMaker/components/CommonMethods.pm | 16 +
+ .../deps/Class-MethodMaker/components/array.m | 566 ++
+ .../deps/Class-MethodMaker/components/hash.m | 603 ++
+ .../deps/Class-MethodMaker/components/scalar.m | 348 +
+ .../legacy/fwknop/deps/Class-MethodMaker/configure | 20 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/end.pod | 46 +
+ .../fwknop/deps/Class-MethodMaker/examples/simple1 | 31 +
+ .../fwknop/deps/Class-MethodMaker/generate.PL | 22 +
+ .../Class-MethodMaker/lib/Class/MethodMaker.pm | 784 +++
+ .../lib/Class/MethodMaker/Constants.pm | 79 +
+ .../lib/Class/MethodMaker/Engine.pm | 1138 ++++
+ .../lib/Class/MethodMaker/OptExt.pm | 480 ++
+ .../lib/Class/MethodMaker/V1Compat.pm | 1063 ++++
+ .../fwknop/deps/Class-MethodMaker/t/0-signature.t | 16 +
+ .../legacy/fwknop/deps/Class-MethodMaker/t/array.t | 1087 ++++
+ .../legacy/fwknop/deps/Class-MethodMaker/t/basic.t | 59 +
+ .../fwknop/deps/Class-MethodMaker/t/diffclass.t | 106 +
+ perl/legacy/fwknop/deps/Class-MethodMaker/t/hash.t | 1047 +++
+ perl/legacy/fwknop/deps/Class-MethodMaker/t/new.t | 171 +
+ .../deps/Class-MethodMaker/t/redefine-warnings.t | 62 +
+ .../fwknop/deps/Class-MethodMaker/t/scalar.t | 960 +++
+ .../legacy/fwknop/deps/Class-MethodMaker/t/test.pm | 1191 ++++
+ .../fwknop/deps/Class-MethodMaker/t/test_v1.pm | 68 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_abstract.t | 36 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_boolean.t | 83 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_code.t | 45 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_copy.t | 49 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_counter.t | 34 +
+ .../deps/Class-MethodMaker/t/v1_get_concat.t | 37 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_get_set.t | 57 +
+ .../deps/Class-MethodMaker/t/v1_get_set_hi.t | 29 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_hash.t | 146 +
+ .../deps/Class-MethodMaker/t/v1_key_attrib.t | 51 +
+ .../deps/Class-MethodMaker/t/v1_key_with_create.t | 54 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_list.t | 81 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_method.t | 31 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_new.t | 84 +
+ .../Class-MethodMaker/t/v1_new_hash_with_init.t | 29 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_object.t | 79 +
+ .../deps/Class-MethodMaker/t/v1_object_list.t | 79 +
+ .../deps/Class-MethodMaker/t/v1_object_tie_hash.t | 89 +
+ .../deps/Class-MethodMaker/t/v1_object_tie_list.t | 107 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_set_once.t | 120 +
+ .../deps/Class-MethodMaker/t/v1_set_once_static.t | 88 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_singleton.t | 36 +
+ .../deps/Class-MethodMaker/t/v1_static_get_set.t | 55 +
+ .../deps/Class-MethodMaker/t/v1_static_hash.t | 87 +
+ .../deps/Class-MethodMaker/t/v1_static_list.t | 93 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_tie_hash.t | 90 +
+ .../fwknop/deps/Class-MethodMaker/t/v1_tie_list.t | 67 +
+ .../deps/Class-MethodMaker/t/v1_tie_scalar.t | 77 +
+ perl/legacy/fwknop/deps/Crypt-CBC/CBC.pm | 1050 ++++
+ perl/legacy/fwknop/deps/Crypt-CBC/Changes | 170 +
+ .../Crypt-CBC/Crypt-CBC-2.16-vulnerability.txt | 119 +
+ perl/legacy/fwknop/deps/Crypt-CBC/MANIFEST | 24 +
+ perl/legacy/fwknop/deps/Crypt-CBC/META.yml | 13 +
+ perl/legacy/fwknop/deps/Crypt-CBC/Makefile.PL | 14 +
+ perl/legacy/fwknop/deps/Crypt-CBC/README | 68 +
+ .../fwknop/deps/Crypt-CBC/README.compatibility | 44 +
+ perl/legacy/fwknop/deps/Crypt-CBC/VERSION | 1 +
+ perl/legacy/fwknop/deps/Crypt-CBC/eg/aes.pl | 65 +
+ perl/legacy/fwknop/deps/Crypt-CBC/eg/des.pl | 63 +
+ perl/legacy/fwknop/deps/Crypt-CBC/eg/idea.pl | 64 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/Blowfish.t | 52 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/Blowfish_PP.t | 53 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/CAST5.t | 52 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/DES.t | 53 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/IDEA.t | 53 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/PCBC.t | 56 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/Rijndael.t | 53 +
+ .../fwknop/deps/Crypt-CBC/t/Rijndael_compat.t | 88 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/func.t | 108 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/null_data.t | 55 +
+ .../fwknop/deps/Crypt-CBC/t/onezeropadding.t | 50 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/parameters.t | 251 +
+ perl/legacy/fwknop/deps/Crypt-CBC/t/preexisting.t | 77 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/COPYING | 437 ++
+ perl/legacy/fwknop/deps/Crypt-Rijndael/Changes | 97 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/LICENSE | 1 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/MANIFEST | 27 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/META.yml | 15 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/Makefile.PL | 35 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/NEWS | 10 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/README | 83 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/Rijndael.pm | 129 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/Rijndael.xs | 182 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/VERSION | 1 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/_rijndael.c | 616 ++
+ .../fwknop/deps/Crypt-Rijndael/examples/README | 1 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/rijndael.h | 176 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/00_load.t | 176 +
+ .../fwknop/deps/Crypt-Rijndael/t/blocksize.t | 9 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/cbc.t | 19 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/cfb.t | 19 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/ctr.t | 19 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/ecb.t | 19 +
+ .../fwknop/deps/Crypt-Rijndael/t/lib/mode.pl | 35 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/ofb.t | 19 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/pcbc.t | 26 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/t/pod.t | 4 +
+ .../fwknop/deps/Crypt-Rijndael/t/pod_coverage.t | 4 +
+ .../legacy/fwknop/deps/Crypt-Rijndael/t/rt/27632.t | 43 +
+ .../fwknop/deps/Crypt-Rijndael/t/test_manifest | 14 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/test | 9 +
+ perl/legacy/fwknop/deps/Crypt-Rijndael/typemap | 1 +
+ perl/legacy/fwknop/deps/Digest-SHA/Changes | 411 ++
+ perl/legacy/fwknop/deps/Digest-SHA/MANIFEST | 39 +
+ perl/legacy/fwknop/deps/Digest-SHA/META.yml | 17 +
+ perl/legacy/fwknop/deps/Digest-SHA/Makefile.PL | 41 +
+ perl/legacy/fwknop/deps/Digest-SHA/README | 44 +
+ perl/legacy/fwknop/deps/Digest-SHA/SHA.xs | 203 +
+ perl/legacy/fwknop/deps/Digest-SHA/VERSION | 1 +
+ perl/legacy/fwknop/deps/Digest-SHA/examples/dups | 62 +
+ .../fwknop/deps/Digest-SHA/lib/Digest/SHA.pm | 669 ++
+ perl/legacy/fwknop/deps/Digest-SHA/shasum | 268 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/hmac.c | 103 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/hmac.h | 58 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/hmacxtra.c | 62 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/sha.c | 640 ++
+ perl/legacy/fwknop/deps/Digest-SHA/src/sha.h | 233 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/sha64bit.c | 101 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/sha64bit.h | 15 +
+ perl/legacy/fwknop/deps/Digest-SHA/src/shaxtra.c | 57 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/allfcns.t | 30 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/base64.t | 43 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/bitbuf.t | 73 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/dumpload.t | 102 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/fips198.t | 42 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/gg.t | 72 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/gglong.t | 150 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/hmacsha.t | 77 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/ireland.t | 50 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/methods.t | 102 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/nistbit.t | 72 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/nistbyte.t | 73 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/pod.t | 18 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/podcover.t | 44 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/rfc2202.t | 57 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/sha1.t | 37 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/sha224.t | 37 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/sha256.t | 37 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/sha384.t | 41 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/sha512.t | 41 +
+ perl/legacy/fwknop/deps/Digest-SHA/t/woodbury.t | 143 +
+ perl/legacy/fwknop/deps/Digest-SHA/typemap | 2 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/COPYING | 2 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/ChangeLog | 587 ++
+ perl/legacy/fwknop/deps/GnuPG-Interface/MANIFEST | 68 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/META.yml | 14 +
+ .../legacy/fwknop/deps/GnuPG-Interface/Makefile.PL | 54 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/NEWS | 170 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/README | 456 ++
+ perl/legacy/fwknop/deps/GnuPG-Interface/SIGNATURE | 89 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/THANKS | 10 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/VERSION | 1 +
+ .../deps/GnuPG-Interface/lib/GnuPG/Fingerprint.pm | 90 +
+ .../deps/GnuPG-Interface/lib/GnuPG/Handles.pm | 178 +
+ .../deps/GnuPG-Interface/lib/GnuPG/Interface.pm | 1289 ++++
+ .../fwknop/deps/GnuPG-Interface/lib/GnuPG/Key.pm | 121 +
+ .../deps/GnuPG-Interface/lib/GnuPG/Options.pm | 348 +
+ .../deps/GnuPG-Interface/lib/GnuPG/PrimaryKey.pm | 91 +
+ .../deps/GnuPG-Interface/lib/GnuPG/PublicKey.pm | 54 +
+ .../deps/GnuPG-Interface/lib/GnuPG/SecretKey.pm | 54 +
+ .../deps/GnuPG-Interface/lib/GnuPG/Signature.pm | 90 +
+ .../deps/GnuPG-Interface/lib/GnuPG/SubKey.pm | 87 +
+ .../deps/GnuPG-Interface/lib/GnuPG/UserId.pm | 96 +
+ .../fwknop/deps/GnuPG-Interface/t/Fingerprint.t | 29 +
+ .../t/GnuPG/ComparableFingerprint.pm | 29 +
+ .../deps/GnuPG-Interface/t/GnuPG/ComparableKey.pm | 57 +
+ .../t/GnuPG/ComparablePrimaryKey.pm | 52 +
+ .../GnuPG-Interface/t/GnuPG/ComparablePublicKey.pm | 22 +
+ .../GnuPG-Interface/t/GnuPG/ComparableSecretKey.pm | 22 +
+ .../GnuPG-Interface/t/GnuPG/ComparableSignature.pm | 41 +
+ .../GnuPG-Interface/t/GnuPG/ComparableSubKey.pm | 54 +
+ .../GnuPG-Interface/t/GnuPG/ComparableUserId.pm | 57 +
+ .../fwknop/deps/GnuPG-Interface/t/Interface.t | 29 +
+ .../legacy/fwknop/deps/GnuPG-Interface/t/MyTest.pm | 63 +
+ .../deps/GnuPG-Interface/t/MyTestSpecific.pm | 132 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/t/UserId.t | 28 +
+ .../fwknop/deps/GnuPG-Interface/t/clearsign.t | 38 +
+ .../legacy/fwknop/deps/GnuPG-Interface/t/decrypt.t | 60 +
+ .../fwknop/deps/GnuPG-Interface/t/detach_sign.t | 38 +
+ .../legacy/fwknop/deps/GnuPG-Interface/t/encrypt.t | 65 +
+ .../deps/GnuPG-Interface/t/encrypt_symmetrically.t | 39 +
+ .../fwknop/deps/GnuPG-Interface/t/export_keys.t | 37 +
+ .../deps/GnuPG-Interface/t/get_public_keys.t | 102 +
+ .../deps/GnuPG-Interface/t/get_secret_keys.t | 66 +
+ .../fwknop/deps/GnuPG-Interface/t/import_keys.t | 39 +
+ .../deps/GnuPG-Interface/t/list_public_keys.t | 76 +
+ .../deps/GnuPG-Interface/t/list_secret_keys.t | 79 +
+ .../fwknop/deps/GnuPG-Interface/t/list_sigs.t | 71 +
+ .../deps/GnuPG-Interface/t/passphrase_handling.t | 62 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/t/sign.t | 38 +
+ .../deps/GnuPG-Interface/t/sign_and_encrypt.t | 39 +
+ perl/legacy/fwknop/deps/GnuPG-Interface/t/verify.t | 39 +
+ .../fwknop/deps/GnuPG-Interface/t/wrap_call.t | 59 +
+ .../deps/GnuPG-Interface/test/encrypted.1.gpg | 14 +
+ .../fwknop/deps/GnuPG-Interface/test/key.1.asc | 29 +
+ .../fwknop/deps/GnuPG-Interface/test/options | 2 +
+ .../fwknop/deps/GnuPG-Interface/test/passphrase | 1 +
+ .../fwknop/deps/GnuPG-Interface/test/plain.1.txt | 4 +
+ .../GnuPG-Interface/test/public-keys-sigs/1.0.test | 28 +
+ .../GnuPG-Interface/test/public-keys-sigs/1.1.test | 28 +
+ .../GnuPG-Interface/test/public-keys-sigs/2.0.test | 9 +
+ .../GnuPG-Interface/test/public-keys-sigs/2.1.test | 9 +
+ .../deps/GnuPG-Interface/test/public-keys/1.0.test | 12 +
+ .../deps/GnuPG-Interface/test/public-keys/1.1.test | 12 +
+ .../deps/GnuPG-Interface/test/public-keys/2.0.test | 4 +
+ .../deps/GnuPG-Interface/test/public-keys/2.1.test | 4 +
+ .../fwknop/deps/GnuPG-Interface/test/pubring.gpg | Bin 0 -> 3315 bytes
+ .../deps/GnuPG-Interface/test/secret-keys/1.0.test | 7 +
+ .../deps/GnuPG-Interface/test/secret-keys/2.0.test | 4 +
+ .../fwknop/deps/GnuPG-Interface/test/secring.gpg | Bin 0 -> 1138 bytes
+ .../fwknop/deps/GnuPG-Interface/test/signed.1.asc | 11 +
+ perl/legacy/fwknop/deps/IPTables-ChainMgr/Changes | 24 +
+ perl/legacy/fwknop/deps/IPTables-ChainMgr/MANIFEST | 6 +
+ .../fwknop/deps/IPTables-ChainMgr/Makefile.PL | 12 +
+ perl/legacy/fwknop/deps/IPTables-ChainMgr/README | 41 +
+ perl/legacy/fwknop/deps/IPTables-ChainMgr/VERSION | 1 +
+ .../IPTables-ChainMgr/lib/IPTables/ChainMgr.pm | 892 +++
+ .../deps/IPTables-ChainMgr/t/IPTables-ChainMgr.t | 6 +
+ perl/legacy/fwknop/deps/IPTables-Parse/Changes | 25 +
+ perl/legacy/fwknop/deps/IPTables-Parse/MANIFEST | 6 +
+ perl/legacy/fwknop/deps/IPTables-Parse/Makefile.PL | 12 +
+ perl/legacy/fwknop/deps/IPTables-Parse/README | 39 +
+ perl/legacy/fwknop/deps/IPTables-Parse/VERSION | 1 +
+ .../deps/IPTables-Parse/lib/IPTables/Parse.pm | 792 +++
+ .../fwknop/deps/IPTables-Parse/t/IPTables-Parse.t | 17 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/ChangeLog | 90 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/IPv4Addr.pm | 385 ++
+ perl/legacy/fwknop/deps/Net-IPv4Addr/IPv4Addr.spec | 90 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/MANIFEST | 15 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/Makefile.PL | 8 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/NEWS | 28 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/README | 41 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/VERSION | 1 +
+ .../fwknop/deps/Net-IPv4Addr/debian/changelog | 37 +
+ .../legacy/fwknop/deps/Net-IPv4Addr/debian/control | 12 +
+ .../fwknop/deps/Net-IPv4Addr/debian/copyright | 14 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/debian/dirs | 4 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/debian/docs | 4 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/debian/rules | 85 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/ipv4calc | 89 +
+ perl/legacy/fwknop/deps/Net-IPv4Addr/test.pl | 68 +
+ perl/legacy/fwknop/deps/Net-Pcap/MANIFEST | 26 +
+ perl/legacy/fwknop/deps/Net-Pcap/Makefile.PL | 18 +
+ perl/legacy/fwknop/deps/Net-Pcap/Pcap.pm | 319 +
+ perl/legacy/fwknop/deps/Net-Pcap/Pcap.xs | 473 ++
+ perl/legacy/fwknop/deps/Net-Pcap/README | 97 +
+ perl/legacy/fwknop/deps/Net-Pcap/VERSION | 1 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/01-module.t | 13 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/02-lookup.t | 70 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/03-openlive.t | 57 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/04-loop.t | 67 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/05-dump.t | 80 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/06-offline.t | 141 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/07-stats.t | 60 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/08-filter.t | 61 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/09-error.t | 54 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/10-fileno.t | 109 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/11-misc.t | 81 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/12-next.t | 81 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/13-dispatch.t | 56 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/README | 10 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest1.pl | 37 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest2.pl | 19 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest3.pl | 39 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest4.pl | 40 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest5.pl | 40 +
+ perl/legacy/fwknop/deps/Net-Pcap/t/leaktest6.pl | 39 +
+ perl/legacy/fwknop/deps/Net-Pcap/typemap | 43 +
+ perl/legacy/fwknop/deps/Net-Ping-External/Changes | 51 +
+ .../fwknop/deps/Net-Ping-External/External.pm | 412 ++
+ perl/legacy/fwknop/deps/Net-Ping-External/MANIFEST | 6 +
+ .../fwknop/deps/Net-Ping-External/Makefile.PL | 8 +
+ perl/legacy/fwknop/deps/Net-Ping-External/README | 14 +
+ perl/legacy/fwknop/deps/Net-Ping-External/VERSION | 1 +
+ perl/legacy/fwknop/deps/Net-Ping-External/test.pl | 114 +
+ perl/legacy/fwknop/deps/Net-RawIP/Changes | 236 +
+ perl/legacy/fwknop/deps/Net-RawIP/MANIFEST | 49 +
+ perl/legacy/fwknop/deps/Net-RawIP/MANIFEST.SKIP | 25 +
+ perl/legacy/fwknop/deps/Net-RawIP/META.yml | 12 +
+ perl/legacy/fwknop/deps/Net-RawIP/Makefile.PL | 125 +
+ perl/legacy/fwknop/deps/Net-RawIP/README | 45 +
+ perl/legacy/fwknop/deps/Net-RawIP/README.Devel | 51 +
+ perl/legacy/fwknop/deps/Net-RawIP/RawIP.xs | 1591 +++++
+ .../legacy/fwknop/deps/Net-RawIP/RawIP/libpcap.pod | 138 +
+ perl/legacy/fwknop/deps/Net-RawIP/TODO | 26 +
+ perl/legacy/fwknop/deps/Net-RawIP/VERSION | 1 +
+ perl/legacy/fwknop/deps/Net-RawIP/eth.c | 287 +
+ .../deps/Net-RawIP/examples/DoS_linux.2.2.7-9 | 45 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/iflist | 10 +
+ .../fwknop/deps/Net-RawIP/examples/ip_rt_dev | 7 +
+ .../deps/Net-RawIP/examples/ipopt_traceroute | 69 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/land | 15 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/macof | 91 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/oshare | 30 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/ping | 62 +
+ .../legacy/fwknop/deps/Net-RawIP/examples/sniff.pl | 47 +
+ .../fwknop/deps/Net-RawIP/examples/traceroute | 122 +
+ perl/legacy/fwknop/deps/Net-RawIP/examples/watch | 78 +
+ perl/legacy/fwknop/deps/Net-RawIP/ifaddrlist.c | 127 +
+ perl/legacy/fwknop/deps/Net-RawIP/ifaddrlist.h | 15 +
+ perl/legacy/fwknop/deps/Net-RawIP/ip.h | 21 +
+ perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP.pm | 1107 ++++
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/ethhdr.pm | 9 +
+ .../deps/Net-RawIP/lib/Net/RawIP/generichdr.pm | 9 +
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/icmphdr.pm | 9 +
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/iphdr.pm | 10 +
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/opt.pm | 9 +
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/tcphdr.pm | 10 +
+ .../fwknop/deps/Net-RawIP/lib/Net/RawIP/udphdr.pm | 9 +
+ perl/legacy/fwknop/deps/Net-RawIP/rdev.c | 182 +
+ perl/legacy/fwknop/deps/Net-RawIP/solaris.h | 29 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/critic.t | 12 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/iflist.t | 56 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/memory_leak.t | 105 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/pod-coverage.t | 11 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/pod.t | 10 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/set_icmp.t | 48 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/simple.t | 215 +
+ perl/legacy/fwknop/deps/Net-RawIP/t/timem.t | 15 +
+ perl/legacy/fwknop/deps/Net-RawIP/typemap | 15 +
+ perl/legacy/fwknop/deps/Net-RawIP/util.c | 193 +
+ perl/legacy/fwknop/deps/README | 8 +
+ perl/legacy/fwknop/deps/TermReadKey/Configure.pm | 869 +++
+ perl/legacy/fwknop/deps/TermReadKey/MANIFEST | 10 +
+ perl/legacy/fwknop/deps/TermReadKey/Makefile.PL | 61 +
+ perl/legacy/fwknop/deps/TermReadKey/README | 125 +
+ perl/legacy/fwknop/deps/TermReadKey/ReadKey.pm | 564 ++
+ perl/legacy/fwknop/deps/TermReadKey/ReadKey.xs | 1832 ++++++
+ perl/legacy/fwknop/deps/TermReadKey/VERSION | 1 +
+ perl/legacy/fwknop/deps/TermReadKey/genchars.pl | 489 ++
+ perl/legacy/fwknop/deps/TermReadKey/ppport.h | 579 ++
+ perl/legacy/fwknop/deps/TermReadKey/test.pl | 366 ++
+ perl/legacy/fwknop/deps/Unix-Syslog/Artistic | 131 +
+ perl/legacy/fwknop/deps/Unix-Syslog/Changes | 91 +
+ perl/legacy/fwknop/deps/Unix-Syslog/MANIFEST | 8 +
+ perl/legacy/fwknop/deps/Unix-Syslog/Makefile.PL | 11 +
+ perl/legacy/fwknop/deps/Unix-Syslog/README | 138 +
+ perl/legacy/fwknop/deps/Unix-Syslog/Syslog.pm | 281 +
+ perl/legacy/fwknop/deps/Unix-Syslog/Syslog.xs | 260 +
+ perl/legacy/fwknop/deps/Unix-Syslog/VERSION | 1 +
+ perl/legacy/fwknop/deps/Unix-Syslog/test.pl | 194 +
+ perl/legacy/fwknop/fwknop | 2707 ++++++++
+ perl/legacy/fwknop/fwknop.8 | 810 +++
+ perl/legacy/fwknop/fwknop.conf | 454 ++
+ perl/legacy/fwknop/fwknop.h | 92 +
+ perl/legacy/fwknop/fwknop_funcs.c | 381 ++
+ perl/legacy/fwknop/fwknop_serv | 504 ++
+ perl/legacy/fwknop/fwknop_serv.8 | 28 +
+ perl/legacy/fwknop/fwknopd | 6640 ++++++++++++++++++++
+ perl/legacy/fwknop/fwknopd.8 | 374 ++
+ perl/legacy/fwknop/init-scripts/OS_X/Fwknop | 32 +
+ .../init-scripts/OS_X/StartupParameters.plist | 4 +
+ perl/legacy/fwknop/init-scripts/fwknop-init.fedora | 100 +
+ .../legacy/fwknop/init-scripts/fwknop-init.freebsd | 27 +
+ .../legacy/fwknop/init-scripts/fwknop-init.generic | 37 +
+ perl/legacy/fwknop/init-scripts/fwknop-init.gentoo | 57 +
+ perl/legacy/fwknop/init-scripts/fwknop-init.redhat | 76 +
+ .../fwknop-init.redhat-chkconfig-enable | 76 +
+ perl/legacy/fwknop/install.pl | 1816 ++++++
+ perl/legacy/fwknop/knopmd.8 | 33 +
+ perl/legacy/fwknop/knopmd.c | 432 ++
+ perl/legacy/fwknop/knoptm | 1372 ++++
+ perl/legacy/fwknop/knoptm.8 | 90 +
+ perl/legacy/fwknop/knopwatchd.8 | 47 +
+ perl/legacy/fwknop/knopwatchd.c | 863 +++
+ perl/legacy/fwknop/os_sample | 37 +
+ perl/legacy/fwknop/os_sample.pkts | 30 +
+ perl/legacy/fwknop/packaging/cd_rpmbuilder | 262 +
+ perl/legacy/fwknop/packaging/fwknop-legacy.spec | 342 +
+ .../fwknop/packaging/fwknop-nobuildreqs.spec | 341 +
+ perl/legacy/fwknop/packaging/fwknop-nodeps.spec | 208 +
+ perl/legacy/fwknop/packaging/fwknop.SlackBuild | 27 +
+ perl/legacy/fwknop/parse_pf.pl | 33 +
+ perl/legacy/fwknop/patches/README | 23 +
+ perl/legacy/fwknop/patches/openssh-4.2p1_SPA.patch | 290 +
+ perl/legacy/fwknop/patches/openssh-4.3p2_SPA.patch | 264 +
+ perl/legacy/fwknop/pf.os | 642 ++
+ perl/legacy/fwknop/strlcat.c | 70 +
+ perl/legacy/fwknop/strlcpy.c | 66 +
+ perl/legacy/fwknop/test/README | 174 +
+ perl/legacy/fwknop/test/base64_byte_frequency.pl | 99 +
+ perl/legacy/fwknop/test/conf/README | 11 +
+ .../fwknop/test/conf/any_interface_fwknop.conf | 143 +
+ .../test/conf/blacklist_dashA_IP_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/blacklist_fwknop.conf | 143 +
+ .../legacy/fwknop/test/conf/client-gpg/pubring.gpg | Bin 0 -> 2480 bytes
+ .../legacy/fwknop/test/conf/client-gpg/secring.gpg | Bin 0 -> 1350 bytes
+ .../legacy/fwknop/test/conf/client-gpg/trustdb.gpg | Bin 0 -> 1360 bytes
+ .../fwknop/test/conf/client_timeout_access.conf | 22 +
+ perl/legacy/fwknop/test/conf/default_access.conf | 22 +
+ perl/legacy/fwknop/test/conf/default_fwknop.conf | 143 +
+ .../fwknop/test/conf/excluded_net_access.conf | 19 +
+ .../fwknop/test/conf/external_cmd_access.conf | 9 +
+ .../test/conf/external_cmd_no_dash_A_access.conf | 9 +
+ .../conf/external_cmd_no_open_ports_access.conf | 9 +
+ .../fwknop/test/conf/filter_62203_fwknop.conf | 140 +
+ perl/legacy/fwknop/test/conf/forward_access.conf | 20 +
+ .../fwknop/test/conf/forward_chain_fwknop.conf | 142 +
+ .../test/conf/forward_internal_ip_access.conf | 21 +
+ perl/legacy/fwknop/test/conf/gpg2_access.conf | 26 +
+ perl/legacy/fwknop/test/conf/gpg2_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/gpg2_http_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/gpg_access.conf | 25 +
+ .../fwknop/test/conf/gpg_access_no_prefix.conf | 26 +
+ perl/legacy/fwknop/test/conf/http_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/icmp_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/ipt_sleep_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/md5_fwknop.conf | 143 +
+ .../legacy/fwknop/test/conf/multi_port_access.conf | 21 +
+ .../fwknop/test/conf/multi_source_access.conf | 33 +
+ .../fwknop/test/conf/no_local_nat_fwknop.conf | 143 +
+ .../test/conf/no_loopback_ip_match_access.conf | 19 +
+ .../legacy/fwknop/test/conf/no_promisc_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/output_access.conf | 21 +
+ .../fwknop/test/conf/output_chain_fwknop.conf | 143 +
+ .../fwknop/test/conf/override_sleep_fwknop.conf | 4 +
+ perl/legacy/fwknop/test/conf/pcap_file_fwknop.conf | 142 +
+ perl/legacy/fwknop/test/conf/pf.os | 642 ++
+ .../test/conf/pk_encrypted_sequence_access.conf | 19 +
+ perl/legacy/fwknop/test/conf/pk_fwknop.conf | 143 +
+ .../conf/pk_multi_port_shared_sequence_access.conf | 17 +
+ .../pk_multi_protocol_shared_sequence_access.conf | 17 +
+ .../pk_single_port_shared_sequence_access.conf | 17 +
+ perl/legacy/fwknop/test/conf/popen_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/rand_port_fwknop.conf | 140 +
+ .../legacy/fwknop/test/conf/server-gpg/pubring.gpg | Bin 0 -> 2480 bytes
+ .../legacy/fwknop/test/conf/server-gpg/random_seed | Bin 0 -> 600 bytes
+ .../legacy/fwknop/test/conf/server-gpg/secring.gpg | Bin 0 -> 1352 bytes
+ .../legacy/fwknop/test/conf/server-gpg/trustdb.gpg | Bin 0 -> 1360 bytes
+ perl/legacy/fwknop/test/conf/sha1_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/sha256_fwknop.conf | 143 +
+ .../test/conf/socket_com_tcp_serv_fwknop.conf | 143 +
+ .../test/conf/socket_com_udp_serv_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/spa_aging_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/system_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/conf/tcp_serv_fwknop.conf | 143 +
+ perl/legacy/fwknop/test/fwknop_test.pl | 5030 +++++++++++++++
+ perl/legacy/fwknop/test/output/README | 16 +
+ python/README | 59 +
+ python/fko.py | 839 +++
+ python/fkomodule.c | 1444 +++++
+ python/setup.py | 38 +
+ server/Makefile.am | 47 +
+ server/access.c | 1212 ++++
+ server/access.conf | 174 +
+ server/access.h | 50 +
+ server/cmd_opts.h | 154 +
+ server/config_init.c | 812 +++
+ server/config_init.h | 47 +
+ server/extcmd.c | 394 ++
+ server/extcmd.h | 79 +
+ server/fw_util.c | 42 +
+ server/fw_util.h | 70 +
+ server/fw_util_ipf.c | 178 +
+ server/fw_util_ipf.h | 46 +
+ server/fw_util_ipfw.c | 877 +++
+ server/fw_util_ipfw.h | 60 +
+ server/fw_util_iptables.c | 1005 +++
+ server/fw_util_iptables.h | 53 +
+ server/fw_util_pf.c | 559 ++
+ server/fw_util_pf.h | 48 +
+ server/fwknopd.8.in | 484 ++
+ server/fwknopd.c | 698 ++
+ server/fwknopd.conf | 340 +
+ server/fwknopd.h | 67 +
+ server/fwknopd_common.h | 461 ++
+ server/fwknopd_errors.c | 109 +
+ server/fwknopd_errors.h | 76 +
+ server/incoming_spa.c | 647 ++
+ server/incoming_spa.h | 38 +
+ server/log_msg.c | 183 +
+ server/log_msg.h | 53 +
+ server/pcap_capture.c | 299 +
+ server/pcap_capture.h | 54 +
+ server/process_packet.c | 205 +
+ server/process_packet.h | 50 +
+ server/replay_cache.c | 679 ++
+ server/replay_cache.h | 72 +
+ server/sig_handler.c | 151 +
+ server/sig_handler.h | 50 +
+ server/tcp_server.c | 216 +
+ server/tcp_server.h | 40 +
+ server/utils.c | 184 +
+ server/utils.h | 69 +
+ test/conf/client-gpg/pubring.gpg | Bin 0 -> 2480 bytes
+ test/conf/client-gpg/secring.gpg | Bin 0 -> 1350 bytes
+ test/conf/client-gpg/trustdb.gpg | Bin 0 -> 1360 bytes
+ test/conf/default_access.conf | 3 +
+ test/conf/default_fwknopd.conf | 4 +
+ test/conf/expired_epoch_stanza_access.conf | 4 +
+ test/conf/expired_stanza_access.conf | 4 +
+ test/conf/force_nat_access.conf | 4 +
+ test/conf/future_expired_stanza_access.conf | 4 +
+ test/conf/gpg_access.conf | 7 +
+ test/conf/invalid_expire_access.conf | 4 +
+ test/conf/ip_source_match_access.conf | 3 +
+ test/conf/mismatch_open_ports_access.conf | 4 +
+ test/conf/mismatch_user_access.conf | 4 +
+ test/conf/multi_gpg_access.conf | 7 +
+ test/conf/multi_source_match_access.conf | 3 +
+ test/conf/multi_stanzas_access.conf | 15 +
+ test/conf/multi_stanzas_with_broken_keys.conf | 19 +
+ test/conf/nat_fwknopd.conf | 5 +
+ test/conf/no_multi_source_match_access.conf | 3 +
+ test/conf/no_source_match_access.conf | 3 +
+ test/conf/no_subnet_source_match_access.conf | 3 +
+ test/conf/open_ports_access.conf | 4 +
+ test/conf/override_fwknopd.conf | 1 +
+ test/conf/require_src_access.conf | 5 +
+ test/conf/require_user_access.conf | 4 +
+ test/conf/server-gpg/pubring.gpg | Bin 0 -> 2480 bytes
+ test/conf/server-gpg/secring.gpg | Bin 0 -> 1352 bytes
+ test/conf/server-gpg/trustdb.gpg | Bin 0 -> 1360 bytes
+ test/conf/subnet_source_match_access.conf | 3 +
+ test/hardening-check | 285 +
+ test/local_spa.key | 3 +
+ test/test-fwknop.pl | 2689 ++++++++
+ win32/config.h | 205 +
+ win32/fwknop-client.vcproj | 519 ++
+ win32/getlogin.c | 41 +
+ win32/getlogin.h | 35 +
+ win32/getopt.c | 1277 ++++
+ win32/getopt.h | 185 +
+ win32/getopt1.c | 196 +
+ win32/libfko.sln | 44 +
+ win32/libfko.vcproj | 538 ++
+ 716 files changed, 136916 insertions(+), 1 deletions(-)
+ create mode 100644 AUTHORS
+ create mode 100644 COPYING
+ create mode 100644 CREDITS
+ create mode 100644 ChangeLog
+ create mode 100644 ChangeLog.old
+ create mode 100644 INSTALL
+ create mode 100644 Makefile.am
+ create mode 100644 NEWS
+ create mode 100644 TODO
+ create mode 100644 VERSION
+ create mode 100644 android/Application.mk
+ create mode 100644 android/COPYING
+ create mode 100644 android/README
+ create mode 100644 android/project/AndroidManifest.xml
+ create mode 100644 android/project/build.properties
+ create mode 100644 android/project/build.xml
+ create mode 100644 android/project/default.properties
+ create mode 100644 android/project/jni/Android.mk
+ create mode 100644 android/project/jni/config.h
+ create mode 100644 android/project/jni/fwknop/fwknop_client.c
+ create mode 100644 android/project/jni/fwknop/fwknop_client.h
+ create mode 100644 android/project/jni/fwknop/send_spa_packet.c
+ create mode 100644 android/project/jni/libfwknop/README
+ create mode 100755 android/project/jni/libfwknop/get_libfko_files.sh
+ create mode 100644 android/project/jni/logutils.h
+ create mode 100644 android/project/nbproject/build-impl.xml
+ create mode 100644 android/project/nbproject/genfiles.properties
+ create mode 100644 android/project/nbproject/private/config.properties
+ create mode 100644 android/project/nbproject/private/private.properties
+ create mode 100644 android/project/nbproject/private/private.xml
+ create mode 100644 android/project/nbproject/project.properties
+ create mode 100644 android/project/nbproject/project.xml
+ create mode 100644 android/project/res/drawable-hdpi/icon.png
+ create mode 100644 android/project/res/drawable-ldpi/icon.png
+ create mode 100644 android/project/res/drawable-mdpi/icon.png
+ create mode 100644 android/project/res/drawable/lock_128x128.png
+ create mode 100644 android/project/res/drawable/lock_32x32.png
+ create mode 100644 android/project/res/drawable/lock_64x64.png
+ create mode 100644 android/project/res/layout/main.xml
+ create mode 100644 android/project/res/values/strings.xml
+ create mode 100644 android/project/src/com/max2idea/android/fwknop/Fwknop.java
+ create mode 100644 android/project/src/com/max2idea/android/fwknop/R.java
+ create mode 100755 autogen.sh
+ create mode 100644 client/Makefile.am
+ create mode 100644 client/cmd_opts.h
+ create mode 100644 client/config_init.c
+ create mode 100644 client/config_init.h
+ create mode 100644 client/fwknop.8.in
+ create mode 100644 client/fwknop.c
+ create mode 100644 client/fwknop.h
+ create mode 100644 client/fwknop_common.h
+ create mode 100644 client/getpasswd.c
+ create mode 100644 client/getpasswd.h
+ create mode 100644 client/http_resolve_host.c
+ create mode 100644 client/spa_comm.c
+ create mode 100644 client/spa_comm.h
+ create mode 100644 client/utils.c
+ create mode 100644 client/utils.h
+ create mode 100644 common/Makefile.am
+ create mode 100644 common/common.h
+ create mode 100644 common/netinet_common.h
+ create mode 100644 configure.ac
+ create mode 100644 doc/Makefile.am
+ create mode 100644 doc/README
+ create mode 100644 doc/fwknop.man.asciidoc
+ create mode 100644 doc/fwknopd.man.asciidoc
+ create mode 100644 doc/gpl-2.0.texi
+ create mode 100644 doc/libfko.texi
+ create mode 100755 extras/fwknop-launcher/fwknop-launcher-lsof.pl
+ create mode 100644 extras/fwknop-launcher/fwknop-launcher.conf
+ create mode 100755 extras/fwknop.init.debian
+ create mode 100755 extras/fwknop.init.openwrt
+ create mode 100755 extras/fwknop.init.redhat
+ create mode 100644 extras/openwrt/README.openwrt
+ create mode 100644 extras/openwrt/package/fwknop/Makefile
+ create mode 100644 extras/openwrt/package/fwknop/files/fwknopd.init
+ create mode 100644 extras/openwrt/package/gpgme/Makefile
+ create mode 100644 fwknop.spec
+ create mode 100755 iphone/COPYING
+ create mode 100755 iphone/Classes/FwknopController.h
+ create mode 100755 iphone/Classes/FwknopController.m
+ create mode 100755 iphone/Classes/MyAppDelegate.h
+ create mode 100755 iphone/Classes/MyAppDelegate.m
+ create mode 100644 iphone/Classes/bridge_fwknop.c
+ create mode 100644 iphone/Classes/bridge_fwknop.h
+ create mode 100644 iphone/Classes/config.h
+ create mode 100644 iphone/Classes/fwknop/fwknop_client.c
+ create mode 100644 iphone/Classes/fwknop/fwknop_client.h
+ create mode 100644 iphone/Classes/fwknop/send_spa_packet.c
+ create mode 100644 iphone/Classes/libfwknop/README
+ create mode 100644 iphone/Classes/libfwknop/config.h
+ create mode 100644 iphone/Classes/libfwknop/fko_common.b
+ create mode 100755 iphone/Classes/libfwknop/get_libfko_files.sh
+ create mode 100644 iphone/Classes/logutils.h
+ create mode 100755 iphone/Fwknop.pch
+ create mode 100644 iphone/Fwknop.xcodeproj/dev.mode1v3
+ create mode 100644 iphone/Fwknop.xcodeproj/dev.pbxuser
+ create mode 100755 iphone/Fwknop.xcodeproj/project.pbxproj
+ create mode 100755 iphone/Info.plist
+ create mode 100755 iphone/README
+ create mode 100644 iphone/lock_57x57.png
+ create mode 100755 iphone/main.m
+ create mode 100644 lib/Makefile.am
+ create mode 100644 lib/base64.c
+ create mode 100644 lib/base64.h
+ create mode 100644 lib/cipher_funcs.c
+ create mode 100644 lib/cipher_funcs.h
+ create mode 100644 lib/digest.c
+ create mode 100644 lib/digest.h
+ create mode 100644 lib/fko.h
+ create mode 100644 lib/fko_client_timeout.c
+ create mode 100644 lib/fko_common.h
+ create mode 100644 lib/fko_context.h
+ create mode 100644 lib/fko_decode.c
+ create mode 100644 lib/fko_digest.c
+ create mode 100644 lib/fko_encode.c
+ create mode 100644 lib/fko_encryption.c
+ create mode 100644 lib/fko_error.c
+ create mode 100644 lib/fko_funcs.c
+ create mode 100644 lib/fko_limits.h
+ create mode 100644 lib/fko_message.c
+ create mode 100644 lib/fko_nat_access.c
+ create mode 100644 lib/fko_rand_value.c
+ create mode 100644 lib/fko_server_auth.c
+ create mode 100644 lib/fko_state.h
+ create mode 100644 lib/fko_timestamp.c
+ create mode 100644 lib/fko_user.c
+ create mode 100644 lib/fko_util.h
+ create mode 100644 lib/gpgme_funcs.c
+ create mode 100644 lib/gpgme_funcs.h
+ create mode 100644 lib/md5.c
+ create mode 100644 lib/md5.h
+ create mode 100644 lib/rijndael.c
+ create mode 100644 lib/rijndael.h
+ create mode 100644 lib/sha1.c
+ create mode 100644 lib/sha1.h
+ create mode 100644 lib/sha2.c
+ create mode 100644 lib/sha2.h
+ create mode 100644 lib/strlcat.c
+ create mode 100644 lib/strlcpy.c
+ create mode 100644 perl/FKO/Changes
+ create mode 100644 perl/FKO/FKO.xs
+ create mode 100644 perl/FKO/MANIFEST
+ create mode 100644 perl/FKO/Makefile.PL
+ create mode 100644 perl/FKO/README
+ create mode 100644 perl/FKO/inc/Devel/CheckLib.pm
+ create mode 100644 perl/FKO/lib/FKO.pm
+ create mode 100644 perl/FKO/lib/FKO_Constants.pl
+ create mode 100644 perl/FKO/ppport.h
+ create mode 100644 perl/FKO/t/00_init.t
+ create mode 100644 perl/FKO/t/01_constants.t
+ create mode 100644 perl/FKO/t/02_functions.t
+ create mode 100644 perl/FKO/t/03_errors.t
+ create mode 100644 perl/FKO/typemap
+ create mode 100644 perl/legacy/fwknop/CREDITS
+ create mode 100644 perl/legacy/fwknop/ChangeLog
+ create mode 100644 perl/legacy/fwknop/ChangeLog.svn
+ create mode 100644 perl/legacy/fwknop/INSTALL
+ create mode 100644 perl/legacy/fwknop/LICENSE
+ create mode 100644 perl/legacy/fwknop/Makefile
+ create mode 100644 perl/legacy/fwknop/README
+ create mode 100644 perl/legacy/fwknop/README.ACCESS
+ create mode 100644 perl/legacy/fwknop/README.GPG
+ create mode 100644 perl/legacy/fwknop/README.PK
+ create mode 100644 perl/legacy/fwknop/README.RPM
+ create mode 100644 perl/legacy/fwknop/TODO
+ create mode 100644 perl/legacy/fwknop/VERSION
+ create mode 100644 perl/legacy/fwknop/access.conf
+ create mode 100755 perl/legacy/fwknop/bump_version.pl
+ create mode 100755 perl/legacy/fwknop/chainmgr_test.pl
+ create mode 100644 perl/legacy/fwknop/config_vars.conf
+ create mode 100755 perl/legacy/fwknop/config_vars.pl
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/Build.PL
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/Generate.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/INSTALL
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/MANIFEST.SKIP
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/MethodMaker.xs
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/README
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/SIGNATURE
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/TODO
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/benchmark/lexical.pl
+ create mode 100755 perl/legacy/fwknop/deps/Class-MethodMaker/cmmg.pl
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/components/CommonMethods.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/components/array.m
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/components/hash.m
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/components/scalar.m
+ create mode 100755 perl/legacy/fwknop/deps/Class-MethodMaker/configure
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/end.pod
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/examples/simple1
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/generate.PL
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/.placeholder
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/MethodMaker.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/MethodMaker/Constants.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/MethodMaker/Engine.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/MethodMaker/OptExt.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/lib/Class/MethodMaker/V1Compat.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/0-signature.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/array.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/basic.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/diffclass.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/hash.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/new.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/redefine-warnings.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/scalar.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/test.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/test_v1.pm
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_abstract.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_boolean.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_code.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_copy.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_counter.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_get_concat.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_get_set.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_get_set_hi.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_hash.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_key_attrib.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_key_with_create.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_list.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_method.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_new.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_new_hash_with_init.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_object.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_object_list.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_object_tie_hash.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_object_tie_list.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_set_once.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_set_once_static.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_singleton.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_static_get_set.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_static_hash.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_static_list.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_tie_hash.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_tie_list.t
+ create mode 100644 perl/legacy/fwknop/deps/Class-MethodMaker/t/v1_tie_scalar.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/CBC.pm
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/Crypt-CBC-2.16-vulnerability.txt
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/README
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/README.compatibility
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/VERSION
+ create mode 100755 perl/legacy/fwknop/deps/Crypt-CBC/eg/aes.pl
+ create mode 100755 perl/legacy/fwknop/deps/Crypt-CBC/eg/des.pl
+ create mode 100755 perl/legacy/fwknop/deps/Crypt-CBC/eg/idea.pl
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/Blowfish.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/Blowfish_PP.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/CAST5.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/DES.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/IDEA.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/PCBC.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/Rijndael.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/Rijndael_compat.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/func.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/null_data.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/onezeropadding.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/parameters.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-CBC/t/preexisting.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/COPYING
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/LICENSE
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/NEWS
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/README
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/Rijndael.pm
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/Rijndael.xs
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/_rijndael.c
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/examples/README
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/rijndael.h
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/00_load.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/blocksize.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/cbc.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/cfb.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/ctr.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/ecb.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/lib/mode.pl
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/ofb.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/pcbc.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/pod.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/pod_coverage.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/rt/27632.t
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/t/test_manifest
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/test
+ create mode 100644 perl/legacy/fwknop/deps/Crypt-Rijndael/typemap
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/README
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/SHA.xs
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/VERSION
+ create mode 100755 perl/legacy/fwknop/deps/Digest-SHA/examples/dups
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/lib/Digest/SHA.pm
+ create mode 100755 perl/legacy/fwknop/deps/Digest-SHA/shasum
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/hmac.c
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/hmac.h
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/hmacxtra.c
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/sha.c
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/sha.h
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/sha64bit.c
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/sha64bit.h
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/src/shaxtra.c
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/allfcns.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/base64.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/bitbuf.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/dumpload.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/fips198.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/gg.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/gglong.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/hmacsha.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/ireland.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/methods.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/nistbit.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/nistbyte.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/pod.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/podcover.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/rfc2202.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/sha1.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/sha224.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/sha256.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/sha384.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/sha512.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/t/woodbury.t
+ create mode 100644 perl/legacy/fwknop/deps/Digest-SHA/typemap
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/COPYING
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/ChangeLog
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/NEWS
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/README
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/SIGNATURE
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/THANKS
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Fingerprint.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Handles.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Interface.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Key.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Options.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/PrimaryKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/PublicKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/SecretKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/Signature.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/SubKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/lib/GnuPG/UserId.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/Fingerprint.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableFingerprint.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparablePrimaryKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparablePublicKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableSecretKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableSignature.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableSubKey.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/GnuPG/ComparableUserId.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/Interface.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/MyTest.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/MyTestSpecific.pm
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/UserId.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/clearsign.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/decrypt.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/detach_sign.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/encrypt.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/encrypt_symmetrically.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/export_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/get_public_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/get_secret_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/import_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/list_public_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/list_secret_keys.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/list_sigs.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/passphrase_handling.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/sign.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/sign_and_encrypt.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/verify.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/t/wrap_call.t
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/encrypted.1.gpg
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/key.1.asc
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/options
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/passphrase
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/plain.1.txt
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys-sigs/1.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys-sigs/1.1.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys-sigs/2.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys-sigs/2.1.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys/1.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys/1.1.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys/2.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/public-keys/2.1.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/pubring.gpg
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/secret-keys/1.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/secret-keys/2.0.test
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/secring.gpg
+ create mode 100644 perl/legacy/fwknop/deps/GnuPG-Interface/test/signed.1.asc
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/Changes
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/README
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/lib/IPTables/ChainMgr.pm
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-ChainMgr/t/IPTables-ChainMgr.t
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/Changes
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/README
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/lib/IPTables/Parse.pm
+ create mode 100644 perl/legacy/fwknop/deps/IPTables-Parse/t/IPTables-Parse.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/ChangeLog
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/IPv4Addr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/IPv4Addr.spec
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/NEWS
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/README
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/changelog
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/control
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/copyright
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/dirs
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/docs
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/debian/rules
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/ipv4calc
+ create mode 100644 perl/legacy/fwknop/deps/Net-IPv4Addr/test.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/Pcap.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/Pcap.xs
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/README
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/01-module.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/02-lookup.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/03-openlive.t
+ create mode 100755 perl/legacy/fwknop/deps/Net-Pcap/t/04-loop.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/05-dump.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/06-offline.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/07-stats.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/08-filter.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/09-error.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/10-fileno.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/11-misc.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/12-next.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/13-dispatch.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/README
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest1.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest2.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest3.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest4.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest5.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/t/leaktest6.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-Pcap/typemap
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/External.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/README
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Net-Ping-External/test.pl
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/Changes
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/MANIFEST.SKIP
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/META.yml
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/README
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/README.Devel
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/RawIP.xs
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/RawIP/libpcap.pod
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/TODO
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/VERSION
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/eth.c
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/DoS_linux.2.2.7-9
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/iflist
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/ip_rt_dev
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/ipopt_traceroute
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/land
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/macof
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/oshare
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/ping
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/examples/sniff.pl
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/traceroute
+ create mode 100755 perl/legacy/fwknop/deps/Net-RawIP/examples/watch
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/ifaddrlist.c
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/ifaddrlist.h
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/ip.h
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/ethhdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/generichdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/icmphdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/iphdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/opt.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/tcphdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/lib/Net/RawIP/udphdr.pm
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/rdev.c
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/solaris.h
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/critic.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/iflist.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/memory_leak.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/pod-coverage.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/pod.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/set_icmp.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/simple.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/t/timem.t
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/typemap
+ create mode 100644 perl/legacy/fwknop/deps/Net-RawIP/util.c
+ create mode 100644 perl/legacy/fwknop/deps/README
+ create mode 100644 perl/legacy/fwknop/deps/TermReadKey/Configure.pm
+ create mode 100644 perl/legacy/fwknop/deps/TermReadKey/MANIFEST
+ create mode 100644 perl/legacy/fwknop/deps/TermReadKey/Makefile.PL
+ create mode 100644 perl/legacy/fwknop/deps/TermReadKey/README