Permalink
Commits on Jun 1, 2013
  1. [libfko] HMAC comparison timing bug fix

    Ryman reported a timing attack bug in the HMAC comparison operation (#85) and
    suggested a fix derived from YaSSL:
    http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg320402.html
    committed Jun 1, 2013
  2. [client] allow -D to be used in --save-rc-stanza mode if -n is not given

    This change simplifies the fwknop client usage by allowing the -D argument to
    be used as the stanza name if -n is not also specified in --save-rc-stanza
    mode.
    committed Jun 1, 2013
Commits on May 31, 2013
  1. minor documentation updates

    committed May 31, 2013
  2. [client] don't print keys to stdout in --save-rc-stanza --key-gen mode

    This is a minor commit to not print keys to stdout when both --save-rc-stanza
    and --key-gen are set on the command line.
    committed May 31, 2013
Commits on May 29, 2013
  1. Merge remote-tracking branch 'fjoncourt/save_rc_stanza'

    This set of fixes from Franck allows for much better --save-rc-stanza
    functionality - new SPA keys can automatically be saved to the fwknoprc
    file when --key-gen and --save-rc-stanza are given, keys aren't overwritten
    upon updating the arguments for an existing stanza, and more.
    
    Conflicts:
    	client/config_init.c
    committed May 29, 2013
  2. The -R command line switch is now handled in fwknoprc as RESOLVE_IP_H…

    …TTP variable.
    Franck Joncourt committed May 29, 2013
  3. Fixed ask_overwrite(). Generated keys are now stored in fwknoprc.

     * ask_overwrite() : when the user inputs more than one char when prompted,
       a second call to the function does not take the second char anymore.
       We parse all of the chars until we reach an LF char and discard all of them
       except the first one.
       The overwrite is requested only when the user sets 'y', if there is anything
       else we asssume 'N'.
    
     * When -k is used on the command line along with the --save-rc-stanza, the
       generated keys are also written in the stanza in fwknoprc.
    Franck Joncourt committed May 29, 2013
Commits on May 28, 2013
  1. The variables are now stored in a hash (variable name and position) r…

    …ather than
    
    an array containing only their name. It is now possible to sort them without
     worrying about their position in the enumeration.
    
    Improve variable naming for a better understanding (var_ndx becomes var_pos).
    Franck Joncourt committed May 28, 2013
Commits on May 27, 2013
  1. Interim commit to handle bitmask with more than 32 positions.

    Franck Joncourt committed May 27, 2013
Commits on May 25, 2013
  1. Set command line argument bitmask as a 64-bits value to be able to ha…

    …ndle more arguments.
    
     Interim commit to add the VERBOSE variable to be stored in the fwknoprc file when
     -v is used with --save-rc-stanza. The VERBOSE variable is also read by fwknop
     and the verbosity level is set accordingly.
    Franck Joncourt committed May 25, 2013
Commits on May 23, 2013
  1. minor Makefile.am update to set permissions on access.conf.inst and f…

    …wknopd.conf.inst files
    committed May 24, 2013
  2. [client] minor fix to set -R mode with a resolve URL is also set

    The command line arg validation function also checks this.
    committed May 24, 2013
  3. [test suite] bug fix on FreeBSD to just run the server for the active…

    …/expire sets not equal test
    committed May 24, 2013
  4. [server] update access.conf comments to conform to no trailing semico…

    …lon or colon within the variable name
    committed May 23, 2013
Commits on May 22, 2013
  1. [test suite] minor formatting update to access.conf files to mimic fw…

    …knoprc vars (no colon or trailing semicolon)
    committed May 22, 2013
  2. Use {0} initializer for all stack allocated char arrays

    Lots of places in the code were already using {0} to initialize stack char
    arrays, but memset() was being used as well.  This commit removes all
    unnecessary memset() calls against char arrays that are already initialized
    via {0} (which sets all members to zero for such arrays).
    committed May 22, 2013
Commits on May 21, 2013
  1. Merge remote-tracking branch 'fjoncourt/save_rc_stanza'

    Closes issues #81 and #82 thanks to Franck.
    committed May 21, 2013
Commits on May 20, 2013
  1. Fixed stanza name in log message. We display the stanza we were looki…

    …ng for, not the current one.
    Franck Joncourt committed May 20, 2013
Commits on May 19, 2013
  1. [server] port list memory leak bug fix for OpenBSD/pf and FreeBSD/ipf…

    …w firewall interface code found by Coverity
    committed May 19, 2013
  2. Merge pull request #80 from fjoncourt/fix-gpl2.0

    [FTBS] Fixed gpl2.0.texi
    committed May 19, 2013
  3. Fixed gpl2.0.texi to make it build.

     The @appendixsubsec entries are substituted by @appendixsec entries.
    Franck Joncourt committed May 19, 2013