diff --git a/configure.ac b/configure.ac index fc67b1d9..64d25a79 100644 --- a/configure.ac +++ b/configure.ac @@ -7,7 +7,7 @@ dnl Inspiration from RRDtool configure.ac, the AutoConf Archive dnl (http://www.nongnu.org/autoconf-archive/), and other examples. dnl Minimum Autoconf version required. -AC_PREREQ(2.61) +AC_PREREQ(2.62) dnl Define our name, version and email. m4_define(my_package, [fwknop]) @@ -24,7 +24,7 @@ AM_INIT_AUTOMAKE([tar-ustar -Wall -Werror foreign]) dnl AM_MAINTAINER_MODE -AC_CONFIG_HEADER([config.h]) +AC_CONFIG_HEADERS([config.h]) dnl The top of our header dnl diff --git a/server/access.c b/server/access.c index 9871c822..af113031 100644 --- a/server/access.c +++ b/server/access.c @@ -1036,7 +1036,7 @@ dump_access_list(fko_srv_options_t *opts) "==============================================================\n" " OPEN_PORTS: %s\n" " RESTRICT_PORTS: %s\n" - " KEY: %s\n" + " KEY: \n" " FW_ACCESS_TIMEOUT: %i\n" " ENABLE_CMD_EXEC: %s\n" " CMD_EXEC_USER: %s\n" @@ -1044,7 +1044,7 @@ dump_access_list(fko_srv_options_t *opts) " REQUIRE_SOURCE_ADDRESS: %s\n" " GPG_HOME_DIR: %s\n" " GPG_DECRYPT_ID: %s\n" - " GPG_DECRYPT_PW: %s\n" + " GPG_DECRYPT_PW: \n" " GPG_REQUIRE_SIG: %s\n" "GPG_IGNORE_SIG_VERIFY_ERROR: %s\n" " GPG_REMOTE_ID: %s\n", @@ -1052,7 +1052,7 @@ dump_access_list(fko_srv_options_t *opts) acc->source, (acc->open_ports == NULL) ? "" : acc->open_ports, (acc->restrict_ports == NULL) ? "" : acc->restrict_ports, - (acc->key == NULL) ? "" : acc->key, + //(acc->key == NULL) ? "" : acc->key, acc->fw_access_timeout, acc->enable_cmd_exec ? "Yes" : "No", (acc->cmd_exec_user == NULL) ? "" : acc->cmd_exec_user, @@ -1060,7 +1060,7 @@ dump_access_list(fko_srv_options_t *opts) acc->require_source_address ? "Yes" : "No", (acc->gpg_home_dir == NULL) ? "" : acc->gpg_home_dir, (acc->gpg_decrypt_id == NULL) ? "" : acc->gpg_decrypt_id, - (acc->gpg_decrypt_pw == NULL) ? "" : acc->gpg_decrypt_pw, + //(acc->gpg_decrypt_pw == NULL) ? "" : acc->gpg_decrypt_pw, acc->gpg_require_sig ? "Yes" : "No", acc->gpg_ignore_sig_error ? "Yes" : "No", (acc->gpg_remote_id == NULL) ? "" : acc->gpg_remote_id diff --git a/server/pcap_capture.c b/server/pcap_capture.c index bd36e6c7..482a0dbc 100644 --- a/server/pcap_capture.c +++ b/server/pcap_capture.c @@ -137,7 +137,7 @@ pcap_capture(fko_srv_options_t *opts) * to actually use this mode (which when set on a FreeBSD * system, it silently breaks the packet capture). */ - if((pcap_setnonblock(pcap, 0, errstr)) == -1) + if((pcap_setnonblock(pcap, DEF_PCAP_NONBLOCK, errstr)) == -1) { log_msg(LOG_ERR, "[*] Error setting pcap nonblocking to %i: %s", 0, errstr diff --git a/server/pcap_capture.h b/server/pcap_capture.h index a591b775..79372dc5 100644 --- a/server/pcap_capture.h +++ b/server/pcap_capture.h @@ -31,6 +31,17 @@ */ #define MAX_PCAP_ERRORS_BEFORE_BAIL 100 +/* We normally want pcap in non-blockinbg mode, but this seems to be + * broken on FreeBSD 7 (at least my test host), so we'll set the default + * mode to on unless it is a FreeBSD system. --DSS XXX: What we really need + * to do is figure out what the difference is and address it correctly. +*/ +#if defined(__FreeBSD__) + #define DEF_PCAP_NONBLOCK 0 +#else + #define DEF_PCAP_NONBLOCK 1 +#endif + /* Prototypes */ int pcap_capture(fko_srv_options_t *opts);