Permalink
Browse files

credits and changelog updates

  • Loading branch information...
1 parent a61939c commit 77c876c1108a2be36d7a6a6fc152d32a4396b3b8 @mrash committed Apr 19, 2013
Showing with 28 additions and 0 deletions.
  1. +11 −0 CREDITS
  2. +17 −0 ChangeLog
View
11 CREDITS
@@ -46,6 +46,10 @@ Franck Joncourt
- Contributed a patch to ensure that duplicate iptables rules are not
created even for different SPA packets that arrive at the same time and
request the same access.
+ - Added support for resolving hostnames in various NAT modes (fixes issue
+ #43 in github).
+ - Added support for saving fwknop client command line arguments via a new
+ options --save-rc-stanza.
Jonathan Schulz
- Submitted patches to change HTTP connection type to 'close' for -R mode
@@ -99,3 +103,10 @@ Sean Greven
Michael T. Dean
- Reported the Rijndael key truncation issue for user-supplied keys
(passphrases) greater than 16 bytes long.
+
+George Herlin
+ - Proposed a verification approach to test suite operations, and the result
+ was implemented in a61939c005e2b09d6800e2171f607c9d1948f022. This makes
+ test suite operate equivalently regardless of whether valgrind is used or
+ whether fwknop is being tested on an embedded system with very limited
+ resources.
View
@@ -25,6 +25,23 @@ fwknop-2.5 (//2013):
engine. If a vulnerability is discovered in OpenSSL and a change is
made, then the --enable-openssl-checks mode will allow the test suite to
discover this in a automated fashion for fwknop.
+ - [test suite] Changed how the test suite interacts with the fwknop client
+ and server by looking for indications that SPA packets are actually
+ received. This is done by first waiting for 'main event loop' in fwknopd
+ log output to ensure that fwknopd is ready to receive packets, sending
+ the SPA packet(s), and then watching for for 'SPA Packet from IP' in
+ fwknopd output. This is an improvement over the previous strategy that
+ was only based on timeout values since it works identically regardless of
+ whether fwknop is being run under valgrind or when the test suite is run
+ on an embedded system with very limited resources. Another check is run
+ for fwknopd receiving the SIGTERM signal to shutdown via 'fwknopd -K',
+ and that failing, the test suite manually kills the process (though this
+ should be rarely needed). This change was implemented based on
+ discussions with George Herlin.
+ - (Franck Joncourt) Added support for resolving hostnames in various NAT
+ modes (fixes issue #43 in github).
+ - (Franck Joncourt) Added support for saving fwknop client command line
+ arguments via a new options --save-rc-stanza.
- [client] Bug fix for --nat-rand-port mode to ensure that the port to be
NAT'd is properly defined so that the fwknopd server will NAT
connnections to this port instead of applying the NAT operation to the

0 comments on commit 77c876c

Please sign in to comment.