Merge pull request #191 from oneru/cleanups

Merge simplified HMAC implementation.

ChangeLog

@@ -476,7 +476,7 @@ fwknop-2.5 (07/19/2013):
       far more powerful.
 
 fwknop-2.0.4 (12/09/2012):
-    - [client] Misc fixes and the addition of save_args and last command 
+    - [client] Misc fixes and the addition of save_args and last command
       (.fwknop.last) support on the Windows platform.
     - [client] Fixed bug in username determination code where a valid value
       could be overrwritten in certain circumstances.

INSTALL

@@ -231,4 +231,3 @@ an Autoconf bug.  Until the bug is fixed you can use this workaround:
 
 `configure' also accepts some other, not widely useful, options.  Run
 `configure --help' for more details.
-

client/Makefile.am

@@ -38,4 +38,3 @@ fwknop.8: $(top_srcdir)/client/fwknop.8.in
 
 clean-local:
 	rm -f fwknop.8 fwknop_utests *.gcno *.gcda
-

client/config_init.c

@@ -584,12 +584,12 @@ is_rc_param(const char *line, rc_file_param_t *param)
 }
 
 /**
- * @brief Dump available stanzas from a fwknoprc file
+ * \brief Dump available stanzas from a fwknoprc file
  *
  * This function parses a rcfile and looks for configured stanzas.
  * They are all displayed except the default stanza.
- * 
- * @param rcfile full path to the rcfile to parse
+ *
+ * \param rcfile full path to the rcfile to parse
  */
 static int
 dump_configured_stanzas_from_rcfile(const char* rcfile)
@@ -2638,7 +2638,7 @@ DECLARE_UTEST(check_var_bitmask, "Check var_bitmask functions")
     CU_ASSERT(var_bitmask.dw[0] == 1);
     remove_var_from_bitmask(FWKNOP_CLI_FIRST_ARG, &var_bitmask);
     CU_ASSERT(bitmask_has_var(FWKNOP_CLI_FIRST_ARG, &var_bitmask) == 0);
-    CU_ASSERT(var_bitmask.dw[0] == 0);	
+    CU_ASSERT(var_bitmask.dw[0] == 0);
 
     add_var_to_bitmask(FWKNOP_CLI_ARG_KEY_RIJNDAEL, &var_bitmask);
     CU_ASSERT(bitmask_has_var(FWKNOP_CLI_ARG_KEY_RIJNDAEL, &var_bitmask) == 1);
@@ -2654,7 +2654,7 @@ DECLARE_UTEST(check_var_bitmask, "Check var_bitmask functions")
     CU_ASSERT(bitmask_has_var(FWKNOP_CLI_LAST_ARG+32, &var_bitmask) == 0);
 
     add_var_to_bitmask(FWKNOP_CLI_LAST_ARG+34, &var_bitmask);
-    CU_ASSERT(bitmask_has_var(FWKNOP_CLI_LAST_ARG+34, &var_bitmask) == 0);    
+    CU_ASSERT(bitmask_has_var(FWKNOP_CLI_LAST_ARG+34, &var_bitmask) == 0);
 }
 
 int register_ts_config_init(void)
@@ -2667,4 +2667,3 @@ int register_ts_config_init(void)
 }
 
 #endif /* HAVE_C_UNIT_TESTS */
-

client/fwknop.c

@@ -839,7 +839,6 @@ set_nat_access(fko_ctx_t ctx, fko_cli_options_t *options, const char * const acc
     char                nat_access_buf[MAX_LINE_LEN] = {0};
     char                tmp_access_port[MAX_PORT_STR_LEN+1] = {0}, *ndx = NULL;
     int                 access_port = 0, i = 0, is_err = 0;
-    char                dst_ip_str[INET_ADDRSTRLEN] = {0};
     char                hostname[HOSTNAME_BUFSIZE] = {0};
     int                 port = 0;
     struct addrinfo     hints;

client/log_msg.c

@@ -65,8 +65,8 @@ log_free(void)
 
 /**
  * Set the verbosity level for the current context of the log module.
- * 
- * @param level verbosity level to set
+ *
+ * \param level verbosity level to set
  */
 void
 log_set_verbosity(int level)
@@ -80,9 +80,9 @@ log_set_verbosity(int level)
  * This function sends a message to the stream dedicated to the priority
  * set. If the verbosity for the context is higher than the one used for
  * the message, then the message is discarded.
- * 
- * @param level Verbosity level to used for the message.
- * @param msg   Message to print
+ *
+ * \param level Verbosity level to used for the message.
+ * \param msg   Message to print
  */
 void
 log_msg(int level, char* msg, ...)
@@ -92,7 +92,7 @@ log_msg(int level, char* msg, ...)
     if (level <= log_ctx.verbosity)
     {
         va_start(ap, msg);
-        
+
         switch (level)
         {
             case LOG_VERBOSITY_ERROR:
@@ -103,7 +103,7 @@ log_msg(int level, char* msg, ...)
             case LOG_VERBOSITY_NORMAL:
             case LOG_VERBOSITY_INFO:
             case LOG_VERBOSITY_DEBUG:
-            default : 
+            default :
                 vfprintf(LOG_STREAM_STDOUT, msg, ap);
                 fprintf(LOG_STREAM_STDOUT, "\n");
                 break;

common/common.h

@@ -101,13 +101,15 @@
   #define O_WRONLY		_O_WRONLY
   #define O_RDONLY		_O_RDONLY
   #define O_RDWR		_O_RDWR
-  #define O_CREAT		_O_CREAT 
+  #define O_CREAT		_O_CREAT
   #define O_EXCL		_O_EXCL
   #define S_IRUSR		_S_IREAD
   #define S_IWUSR		_S_IWRITE
   #define PATH_SEP      '\\'
   // --DSS needed for VS versions before 2010
-  typedef __int8 int8_t;
+  #ifndef __MINGW32__
+    typedef __int8 int8_t;
+  #endif
   typedef unsigned __int8 uint8_t;
   typedef __int16 int16_t;
   typedef unsigned __int16 uint16_t;

common/fko_util.c

@@ -566,7 +566,7 @@ char
         ns = calloc(1, len + 1);
         if(ns) {
             ns[len] = 0;
-            // strncpy to be pedantic about modification in multithreaded 
+            // strncpy to be pedantic about modification in multithreaded
             // applications
             return strncpy(ns, s, len);
         }

doc/README

@@ -36,5 +36,3 @@ For creating HTML versions of the man pages, simply use the "-f xhtml"
 option to the "a2x" command:
 
     a2x -f xhtml fwknopd.man.asciidoc
-
-

doc/fwknop.man.asciidoc

@@ -514,7 +514,7 @@ SPA OPTIONS
     decryption. However, in some circumstances, if the clocks are out
     of sync and the user on the client system does not have the required
     access to change the local clock setting, it can be difficult to
-    construct and SPA packet with a time stamp the server will accept. 
+    construct and SPA packet with a time stamp the server will accept.
     In this situation, the *--time-offset-plus* option can allow the user
     to specify an offset (e.g. ``60sec'' ``60min'' ``2days'' etc.) that is
     added to the local time.
@@ -591,7 +591,7 @@ More comprehensive information on this can be found here:
 
 *--gpg-signer-key*='<key ID or Name>'::
     Specify the GnuPG key ID, e.g. ``+ABCD1234+'' (see the output of
-    "gpg --list-keys") or the key name to use when signing the SPA message. 
+    "gpg --list-keys") or the key name to use when signing the SPA message.
     The user is prompted for the associated GnuPG password to create the
     signature. This adds a cryptographically strong mechanism to allow
     the *fwknopd* daemon on the remote server to authenticate who created
@@ -616,7 +616,7 @@ home directory. This initial version has some sample directives that are
 commented out. It is up to the user to edit this file to meet their needs.
 
 The '.fwknoprc' file contains a default configuration area or stanza which
-holds global configuration directives that override the program defaults. 
+holds global configuration directives that override the program defaults.
 You can edit this file and create additional 'named stanzas' that can be
 specified with the *-n* or *--named-config* option. Parameters defined in
 the named stanzas will override any matching 'default' stanza directives.

doc/fwknopd.man.asciidoc

@@ -440,14 +440,14 @@ the '@sysconfdir@/fwknop/fwknopd.conf' file for additional details.
 *SYSLOG_FACILITY* '<facility>'::
     Override syslog facility. The ``SYSLOG_FACILITY'' variable can be set to
     one of ``LOG_LOCAL{0-7}'' or ``LOG_DAEMON'' (the default).
-    
+
 *ENABLE_DESTINATION_RULE* '<Y/N>'::
     Controls whether *fwknopd* will set the destination field on the firewall
-    rule to the destination address specified on the incoming SPA packet. 
+    rule to the destination address specified on the incoming SPA packet.
     This is useful for interfaces with multiple IP addresses hosting separate
-    services. If ``ENABLE_IPT_OUTPUT'' is set to ``Y'', the source field of 
-    the firewall rule is set. FORWARD and SNAT rules are not affected however, 
-    DNAT rules will also have their destination field set. The default is 
+    services. If ``ENABLE_IPT_OUTPUT'' is set to ``Y'', the source field of
+    the firewall rule is set. FORWARD and SNAT rules are not affected however,
+    DNAT rules will also have their destination field set. The default is
     ``N'', which sets the destination field to 0.0.0.0/0 (any).
 
 *FWKNOP_RUN_DIR* '<path>'::
@@ -477,11 +477,11 @@ directive starts a new stanza.
     ``192.168.10.0/24''), and individual IP addresses can be specified as well.
     Also, multiple IP's and/or networks can be defined as a comma separated
     list (e.g.  ``192.168.10.0/24,10.1.1.123'')
-    
+
 *DESTINATION* '<IP,..,IP/NET,..,NET/ANY>'::
     This defines the destination address for which the SPA packet will be
     accepted. The string ``ANY'' is also accepted if a valid SPA packet
-    should be honored to any destination IP. 
+    should be honored to any destination IP.
     Networks should be specified in CIDR notation (e.g. ``192.168.10.0/24''),
     and individual IP addresses can be specified as well. Also, multiple
     IP's and/or networks can be defined as a comma separated list (e.g.

doc/gpl-2.0.texi

@@ -7,7 +7,7 @@
 @center Version 2, June 1991
 
 @c This file is intended to be included within another document,
-@c hence no sectioning command or @node.  
+@c hence no sectioning command or @node.
 
 @display
 Copyright @copyright{} 1989, 1991 Free Software Foundation, Inc.

doc/libfko.texi

@@ -113,7 +113,7 @@ Using libfko
 
 SPA Parameter Types
 
-* Digests::                       The message digest hashes supported by libfko 
+* Digests::                       The message digest hashes supported by libfko
 * SPA Messages::                  The fko @acronym{SPA} message types
                                   supported by libfko (and fwknop)
 * Encryption Algorithms::         Encryption schemes supported by libfko
@@ -130,7 +130,7 @@ SPA Parameter Types
 @cindex Single Packet Authorization, intro
 
 The ``Firewall Knock Operator Library'' (libfko) is a C language library that
-implements the functions needed to create and/or parse 
+implements the functions needed to create and/or parse
 @dfn{Single Packet Authorization} (@acronym{SPA}) data.  It is designed to
 abstract the details of encoding, encryption, decoding, parsing, and verifying
 @acronym{SPA} messages such as those used by Michael Rash's @dfn{Firewall
@@ -155,7 +155,7 @@ programs.
 @sp 1
 @noindent
 For more information on fwknop and @acronym{SPA}, go to
-@uref{http://www.cipherdyne.org/fwknop}. 
+@uref{http://www.cipherdyne.org/fwknop}.
 
 @menu
 * Getting Started::               Purpose of the manual, and how to use it
@@ -521,7 +521,7 @@ fields that have a default value.
 
 This chapter provides the ``howto'' for using libfko, including required
 functions and parameter choices.  In some sections, code samples are provided
-to further illustrate usage.  
+to further illustrate usage.
 
 @menu
 * Creating Contexts::             Creating a new fko context
@@ -963,7 +963,7 @@ use this function.  However, some may find a reason to do it in this way.
 
 @deftypefun int fko_set_gpg_recipient (fko_ctx_t @var{ctx}, const char @var{recipient});
 Sets the @acronym{GPG} key for the recipient.  This would be the recipient's
-public key used to encyrpt the @acronym{SPA} data.  You can use the user name 
+public key used to encyrpt the @acronym{SPA} data.  You can use the user name
 ("recip@@the.dest.com") or the key ID ("5EXXXXCC").  At present, multiple
 recipients are not supported.
 @end deftypefun
@@ -1243,7 +1243,7 @@ called directly as it is called from @code{fko_spa_data_final}.
 @end deftypefun
 
 @deftypefun int fko_decode_spa_data (fko_ctx_t @var{ctx});
-This function performs the decoding, parsing, validation of the @acronym{SPA} 
+This function performs the decoding, parsing, validation of the @acronym{SPA}
 data that was just decrypted. It is normally not called directly as it is
 called from @code{fko_decrypt_spa_data} (which is in turn called from
 @code{fko_new_with_data} if a password is supplied to it).
@@ -1467,9 +1467,9 @@ Invalid data: missing user data
 @item FKO_ERROR_INVALID_DATA_USER_FIRSTCHAR_VALIDFAIL
 Invalid data: user first char not valid
 @item FKO_ERROR_INVALID_DATA_USER_REMCHAR_VALIDFAIL
-Invalid data: user remchar not valid 
+Invalid data: user remchar not valid
 @item FKO_ERROR_INVALID_DATA_UTIL_STRTOL_LT_MIN
-Invalid data: util conversion to long less than minimum 
+Invalid data: util conversion to long less than minimum
 @item FKO_ERROR_INVALID_DATA_UTIL_STRTOL_GT_MAX
 Invalid data: util conversion to long greater than maximum
 @item FKO_ERROR_DATA_TOO_LARGE
@@ -1586,7 +1586,7 @@ Invalid data: encrypt: GPG cipher failed
 @item FKO_ERROR_INVALID_DATA_ENCRYPT_GPG_ENCODEDMSG_NULL
 Invalid data: encrypt: GPG-encoded message is NULL
 @item FKO_ERROR_INVALID_DATA_ENCRYPT_GPG_ENCODEDMSGLEN_VALIDFAIL
-Invalid data: encrypt: invalid GPG-encrypted message length 
+Invalid data: encrypt: invalid GPG-encrypted message length
 @end table
 @end deftypevar