DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

Fixed issue with spaces in in access.conf comma-separated values. Fixed issue with GPG signature check being forced when GPG_REMOTE_ID is set and GPG_REQUIRE_SIG was "N". Updated dependency in the spec file. Updates to ChangeLog.

Browse Source 
git-svn-id: file:///home/mbr/svn/fwknop/trunk@273 510a4753-2344-4c79-9c09-4d669213fbeb
This commit is contained in:
Damien Stuart 2010-07-31 18:04:08 +00:00
parent 7dc24c133e
commit 9c2cd267bf
5 changed files with 43 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -1,4 +1,4 @@
2010-07-18 Damien Stuart <dstuart@dstuart.org> 2010-07-21 Damien Stuart <dstuart@dstuart.org>
* Bumped version in configure.ac to 2.0.0rc2 * Bumped version in configure.ac to 2.0.0rc2
* Added extras directory to source distribution as a holder for extra * Added extras directory to source distribution as a holder for extra
and/or contributed files. This initially includes startup (init) and/or contributed files. This initially includes startup (init)

0
extras/fwknop.init.fedora → extras/fwknop.init.redhat
View File

6
fwknop.spec
View File

@ -13,7 +13,7 @@
%define _mandir /usr/share/man %define _mandir /usr/share/man
Name: fwknop Name: fwknop
Version: 2.0.0rc1 Version: 2.0.0rc2
# Uncomment this when the version becomes 2.0.0 (without the rcX). # Uncomment this when the version becomes 2.0.0 (without the rcX).
#Epoch: 1 #Epoch: 1
Release: 1%{?dist} Release: 1%{?dist}
@ -25,7 +25,7 @@ URL: http://www.cipherdyne.org/fwknop/
Source0: fwknop-%{version}.tar.gz Source0: fwknop-%{version}.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildRequires: gpgme-devel, libpcap-devel, gdbm-devel BuildRequires: gpg, gpgme-devel, libpcap-devel, gdbm-devel
Requires: libfko Requires: libfko
@ -34,7 +34,7 @@ Requires: libfko
Version: 0.0.1 Version: 0.0.1
Summary: The fwknop library Summary: The fwknop library
Group: Development/Libraries Group: Development/Libraries
Requires: gpgme Requires: gpg, gpgme
%package -n libfko-devel %package -n libfko-devel
Version: 0.0.1 Version: 0.0.1

32
server/access.c
View File

@ -167,12 +167,22 @@ expand_acc_source(acc_stanza_t *acc)
{ {
if(*ndx == ',') if(*ndx == ',')
{ {
/* Skip over any leading whitespace.
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_source_mask(acc, buf); add_source_mask(acc, buf);
start = ndx+1; start = ndx+1;
} }
} }
/* Skip over any leading whitespace (once again for the last in the list).
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_source_mask(acc, buf); add_source_mask(acc, buf);
} }
@ -317,12 +327,22 @@ expand_acc_port_list(acc_port_list_t **plist, char *plist_str)
{ {
if(*ndx == ',') if(*ndx == ',')
{ {
/* Skip over any leading whitespace.
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_port_list_ent(plist, buf); add_port_list_ent(plist, buf);
start = ndx+1; start = ndx+1;
} }
} }
/* Skip over any leading whitespace (once again for the last in the list).
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_port_list_ent(plist, buf); add_port_list_ent(plist, buf);
@ -336,18 +356,30 @@ expand_acc_string_list(acc_string_list_t **stlist, char *stlist_str)
char *ndx, *start; char *ndx, *start;
char buf[1024]; char buf[1024];
int stlen = strlen(stlist_str);
start = stlist_str; start = stlist_str;
for(ndx = start; *ndx; ndx++) for(ndx = start; *ndx; ndx++)
{ {
if(*ndx == ',') if(*ndx == ',')
{ {
/* Skip over any leading whitespace.
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_string_list_ent(stlist, buf); add_string_list_ent(stlist, buf);
start = ndx+1; start = ndx+1;
} }
} }
/* Skip over any leading whitespace (once again for the last in the list).
*/
while(isspace(*start))
start++;
strlcpy(buf, start, (ndx-start)+1); strlcpy(buf, start, (ndx-start)+1);
add_string_list_ent(stlist, buf); add_string_list_ent(stlist, buf);

9
server/incoming_spa.c
View File

@ -271,7 +271,7 @@ incoming_spa(fko_srv_options_t *opts)
* related parameters. This also applies when REMOTE_ID is * related parameters. This also applies when REMOTE_ID is
* set. * set.
*/ */
if(acc->gpg_require_sig || acc->gpg_remote_id != NULL) if(acc->gpg_require_sig)
{ {
fko_set_gpg_signature_verify(ctx, 1); fko_set_gpg_signature_verify(ctx, 1);
@ -327,7 +327,7 @@ incoming_spa(fko_srv_options_t *opts)
* then we need to make sure this incoming message is signer ID matches * then we need to make sure this incoming message is signer ID matches
* an entry in the list. * an entry in the list.
*/ */
if(enc_type == FKO_ENCRYPTION_GPG && acc->gpg_remote_id != NULL) if(enc_type == FKO_ENCRYPTION_GPG && acc->gpg_require_sig)
{ {
res = fko_get_gpg_signature_id(ctx, &gpg_id); res = fko_get_gpg_signature_id(ctx, &gpg_id);
if(res != FKO_SUCCESS) if(res != FKO_SUCCESS)
@ -337,7 +337,10 @@ incoming_spa(fko_srv_options_t *opts)
goto clean_and_bail; goto clean_and_bail;
} }
if(!acc_check_gpg_remote_id(acc, gpg_id)) if(opts->verbose)
log_msg(LOG_INFO, "Incoming SPA data signed by '%s'.", gpg_id);
if(acc->gpg_remote_id != NULL && !acc_check_gpg_remote_id(acc, gpg_id))
{ {
log_msg(LOG_WARNING, log_msg(LOG_WARNING,
"Incoming SPA packet signed by ID: %s, but that ID is not the GPG_REMOTE_ID list.", "Incoming SPA packet signed by ID: %s, but that ID is not the GPG_REMOTE_ID list.",