Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Apr 18, 2013
  1. [test suite] Reorganize client/server interactions to be more rigorous

    authored
    This is a significant commit that alters how the test suite interacts with the
    fwknop client and server by looking for indications that SPA packets are
    actually received.  This is done by first waiting for 'main event loop' in
    fwknopd log output to ensure that fwknopd is ready to receive packets, sending
    the SPA packet(s), and then watching for for 'SPA Packet from IP' in fwknopd
    output.  This is an improvement over the previous strategy that was only based
    on timeout values since it works identically regardless of whether fwknop is
    being run under valgrind or when the test suite is run on an embedded system
    with very limited resources.  Another check is run for fwknopd receiving the
    SIGTERM signal to shutdown via 'fwknopd -K', and that failing, the test suite
    manually kills the process (though this should be rarely needed).
    
    The above strategy is the result of discussions with George Herlin who proposed
    the verification-based approach to test suite operations.
    
    Other things this commit changes is the ability to detect whether OpenSSL
    supports the 'hexkey:<key>' style specification for HMAC keys (an older version
    of FreeBSD doesn't support this) and falls back to the '-hmac <key>' method if
    not.
Commits on Apr 13, 2013
  1. [test suite] check for fwknopd ready to receive packets

    authored
    This commit was inspired through conversations with George Herlin.
Commits on Apr 11, 2013
Commits on Apr 10, 2013
  1. minor var naming/spacing update

    authored
Commits on Apr 9, 2013
Commits on Apr 8, 2013
Commits on Apr 7, 2013
  1. [test suite] NAT name resolution tests

    authored
    This commit adds tests for NAT name resolution in support of issue #43.
Commits on Apr 2, 2013
Commits on Mar 30, 2013
  1. HMAC function rename for consistency

    authored
    Make sure that HMAC function names conform to previously established get_*,
    set_* naming convention.
Commits on Mar 29, 2013
Commits on Mar 23, 2013
Commits on Mar 22, 2013
Commits on Mar 20, 2013
  1. [test suite] added two basic tests for installation and operations of…

    authored
    … the python fko extension
Commits on Mar 19, 2013
  1. minor typo fix

    authored
Commits on Mar 16, 2013
  1. [client] --nat-rand-port bug fix

    authored
    Bug fix for --nat-rand-port mode to ensure that the port to be
    NAT'd is properly defined so that the fwknopd server will NAT
    connnections to this port instead of applying the NAT operation to the
    port that is to be accessed via -A.  This change also prints the
    randomly assigned port to stdout regardless of whether --verbose mode is
    used (since it not then the user will have no idea which port is
    actually going to be NAT'd on the fwknopd side).
Commits on Mar 13, 2013
Commits on Mar 12, 2013
Commits on Mar 11, 2013
Commits on Mar 10, 2013
  1. Merge branch 'hmac_support' of github.com:mrash/fwknop into hmac_support

    authored
    Conflicts:
    	client/fwknop.c
    	lib/fko_hmac.c
  2. SPA with HMAC SHA256 and SHA384 now works

    authored
    This is a fairly significant commit that lays the groundwork for getting
    selectable HMAC modes working for both the client and server.  One libfko API
    change was required so that the hmac_type is passed into fko_new_with_data().
    This allows the server to set the hmac_type via access.conf stanzas.  The
    effort in this commit will be extended to allow HMAC MD5, SHA1, and SHA512
    also function properly.
  3. @damienstuart

    Renamed fko_set_hmac_type to fko_set_spa_hmac_type. Incorporated libf…

    damienstuart authored
    …ko changes and additions to the fko python module code.
Commits on Mar 9, 2013
Something went wrong with that request. Please try again.