DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,643 Commits 15 Branches 0 Tags
Commit Graph

2643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Rash
b4213bb3fb Merge branch 'master' of ssh://github.com/mrash/fwknop 2019-03-11 21:57:10 -07:00
Michael Rash
fb69921fdd add ALLOW_ANY_USER_AGENT to ignore incoming User-Agent strings in SPA packets over HTTP, closes #296 2019-03-11 21:56:21 -07:00
Michael Rash
b484741632
Merge pull request #294 from fmarier/patch-2 2019-02-28 06:44:10 -05:00
Michael Rash
bf2aa28f57
Merge pull request #292 from fmarier/patch-1 2019-02-28 06:43:17 -05:00
Francois Marier
973043a411
Include systemd unit files in tarballs 2019-02-25 13:18:11 -08:00
Francois Marier
1f417ea829
Fix AppArmor profile for Debian unstable 2019-02-25 09:07:54 -08:00
Michael Rash
2857a9cb1b [test suite] fix whitespace trailing chars test 2018-10-27 21:21:52 -04:00
Michael Rash
bacd054b13 strip trailing whitespace from config values, closes #288 2018-10-24 23:40:13 -04:00
Michael Rash
7ac347fbdd
Merge pull request #286 from DeforaNetworks/khorben/coverity/1355235-toctou 
khorben/coverity/1355235 TOCTOU
 2018-08-28 20:36:58 -04:00
Pierre Pronchery
40664566e6 Look for support for fileno() in the system 
This should help fwknop remain as portable as before.
The fallback code still suffers from the TOCTOU condition though.
 2018-08-27 20:23:41 +02:00
Pierre Pronchery
2def3bb0e8 Avoid TOCTOU by using fstat() after open() 
This also needs fileno() after fopen(). This time it addresses the code
for the client.

This is the third part of three for Coverity issue 1355235.
 2018-08-27 20:19:31 +02:00
Pierre Pronchery
cb8632f4db Avoid TOCTOU by using fstat() after open() 
This also needs fileno() after fopen().

This is the second part of three for Coverity issue 1355235.
 2018-08-27 20:19:31 +02:00
Pierre Pronchery
7eadce33d0 Avoid TOCTOU when calling stat() just before fopen() 
This is the first part of three for Coverity issue 1355235.
 2018-08-27 19:40:41 +02:00
Michael Rash
3c717b8e69 [test suite] use 'badhost.' so local resolution will not be an issue (Michael Dukelsky) 2018-08-24 20:07:34 -07:00
Michael Rash
369cd89e5e [server] remove logically dead code per Coverity scan 2018-08-20 18:47:54 -07:00
Michael Rash
e82cb8621f [test suite] another bogus user test for fko-wrapper 2018-08-19 16:24:08 -07:00
Michael Rash
d7aacb68f2 [test suite] add bogus username test to fko-wrapper 2018-08-19 16:21:47 -07:00
Michael Rash
4769d136d9 [libfko] add NULL check to fko_get_raw_spa_digest_type() - bug discovered by fko-wrapper 2018-08-19 16:19:56 -07:00
Michael Rash
d328278cb8 [test suite] minor Makefile enhancement (variable usage) for fko-wrapper 2018-08-19 14:02:42 -07:00
Michael Rash
57ef059811 [test suite] add calls to fko_set_raw_spa_digest_type() and fko_get_raw_spa_digest_type() 2018-08-19 12:40:14 -07:00
Michael Rash
d50276d6fe [test suite] better job of cleaning up coverage files 2018-08-18 19:46:47 -07:00
Michael Rash
62336616d7 [test suite] minor decoding and fko_set_timestamp() exercise enhancements for fko_wrapper 2018-08-18 09:41:23 -07:00
Michael Rash
f7f52cf18c Merge branch 'master' of https://github.com/mrash/fwknop 2018-08-17 18:42:38 -07:00
Michael Rash
f95901ac03 [test suite] minor tests directory path update 2018-08-17 18:41:57 -07:00
Michael Rash
b046599849 [build] add MemorySanitizer support 2018-08-17 21:16:12 -04:00
Michael Rash
309abdab0c [server] Bug fix for MemorySanitizer error 
Replace strlcpy() with memcpy() since the source buffer is not a string.
strlcpy() caught this anyway, but memcpy() usage is probably more valid.

==29766==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x562bc2e50420 in strlcpy /home/mbr/git/fwknop.git/common/strlcpy.c:61:3
    #1 0x562bc2e25362 in process_packet /home/mbr/git/fwknop.git/server/process_packet.c:225:5
    #2 0x7fa6173c9d57  (/lib64/libpcap.so.1+0x1fd57)
    #3 0x562bc2e2456a in pcap_capture /home/mbr/git/fwknop.git/server/pcap_capture.c:227:15
    #4 0x562bc2e13ef0 in main /home/mbr/git/fwknop.git/server/fwknopd.c:296:13
    #5 0x7fa61643724a in __libc_start_main /usr/src/debug/glibc-2.27-74-g68c1bf8097/csu/../csu/libc-start.c:308:16
    #6 0x562bc2d9dec9 in _start (/home/mbr/git/fwknop.git/server/.libs/fwknopd+0x1dec9)

  Uninitialized value was created by a heap allocation
    #0 0x562bc2da6c84 in malloc (/home/mbr/git/fwknop.git/server/.libs/fwknopd+0x26c84)
    #1 0x7fa6173ca996  (/lib64/libpcap.so.1+0x20996)

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/mbr/git/fwknop.git/common/strlcpy.c:61:3 in strlcpy
 2018-08-17 20:51:36 -04:00
Michael Rash
201d065f52 [server] fix Clang compiler warning to remove extraneous var increment 
utils.c:217:13: warning: variable 'i' is incremented both in the loop header and in the loop
      body [-Wfor-loop-analysis]
            i++;
            ^
utils.c:213:34: note: incremented here
        for (i=0; i<strlen(str); i++)
 2018-08-16 22:55:34 -04:00
Michael Rash
02542a025e [test suite] minor update to exercise rc file comment line detection code 2018-08-11 09:46:22 -07:00
Michael Rash
799ec87765 [client] write --server-resolve-ipv4 arg to the rc file when saving 2018-08-11 09:42:20 -07:00
Michael Rash
5339179c8e [test suite] NO_SAVE_ARGS rc file code coverage 2018-08-11 08:43:47 -07:00
Michael Rash
69291b91fa [test suite] add invalid ALLOW_IP test 2018-08-11 08:23:41 -07:00
Michael Rash
40d554103c [test suite] add negative time offset test to hit additional error path in client/config_init.c 2018-08-11 08:15:26 -07:00
Michael Rash
759965ee08 [server] fix UBSAN warning 'fwknopd.c:1044:50: runtime error: left shift of 2 by 30 places cannot be represented in type 'int'' 2018-08-10 21:22:23 -07:00
Michael Rash
a7fc73b111 [test suite] start with -m32 gcc option for ASAN instrumentation check (32-bit compilation is preferred for ASAN operations) 2018-08-10 18:33:54 -07:00
Michael Rash
ffa6548946 [test suite] add --enable-cunit-tests to -h output 2018-08-10 18:32:26 -07:00
Michael Rash
0b9639f29a [test suite] restore C-Unit test functionality (header ordering fix) 2018-08-10 09:21:13 -07:00
Michael Rash
be142216e4 [test suite] remove redundant statement 2018-08-10 08:54:07 -07:00
Michael Rash
9bdaf393bf better ASAN instrumention check using readelf 2018-08-10 08:27:15 -07:00
Michael Rash
5a305ffe07 [test suite] improve ASAN instrumentation check (m32 vs. non-m32 Makefile option) 2018-08-10 07:44:10 -07:00
Michael Rash
6438771965
Merge pull request #273 from DeforaNetworks/khorben/http-1.1 
Use HTTP/1.1 when communicating over HTTP
 2018-08-09 04:51:45 -07:00
Michael Rash
71b8f22402
Merge pull request #282 from DeforaNetworks/khorben/execvp 
Use execvp() instead of execvpe()
 2018-08-08 17:05:55 -07:00
Michael Rash
d59c77a20b Revert "Fix two erroneous calls to strlcat()" 
This reverts commit c412166aaabe96d41466abb3e4b0099a837c4017.
 2018-08-07 23:35:34 -07:00
Michael Rash
c4f437f1dc
Merge pull request #284 from DeforaNetworks/khorben/strlcat 2018-08-07 06:28:12 -04:00
Pierre Pronchery
c412166aaa Fix two erroneous calls to strlcat() 
strlcat() needs to be informed about the actual size of the buffer. Two
calls simply used the size expected, thus potentially allowing
stack-based buffer overflows.

There is no direct security impact in this case, since the code affected
is on the client side, and the input comes from configuration
information.
 2018-08-07 09:48:30 +02:00
Michael Rash
108290c6f3
Merge pull request #283 from DeforaNetworks/khorben/srandom 
Seed random() at least a bit before using random()
 2018-08-06 20:49:49 -04:00
Michael Rash
2766648afd Merge branch 'master' of ssh://ubuntu1604/home/mbr/git/fwknop 2018-08-06 20:43:29 -04:00
Michael Rash
d8b9005d19 Merge branch 'master' of https://github.com/mrash/fwknop 2018-08-06 17:41:32 -07:00
Michael Rash
a6337ba054 Merge branch 'master' of ssh://github.com/mrash/fwknop 2018-08-06 20:41:09 -04:00
Michael Rash
bd30379313 doc update 2018-08-06 17:27:52 -07:00
Michael Rash
81a264ad24 bump version to 2.6.10 2018-08-06 17:26:12 -07:00