DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,643 Commits 15 Branches 0 Tags
Commit Graph

132 Commits

Author SHA1 Message Date
Pierre Pronchery
cb8632f4db Avoid TOCTOU by using fstat() after open() 
This also needs fileno() after fopen().

This is the second part of three for Coverity issue 1355235.
 2018-08-27 20:19:31 +02:00
Michael Rash
369cd89e5e [server] remove logically dead code per Coverity scan 2018-08-20 18:47:54 -07:00
Michael Rash
759965ee08 [server] fix UBSAN warning 'fwknopd.c:1044:50: runtime error: left shift of 2 by 30 places cannot be represented in type 'int'' 2018-08-10 21:22:23 -07:00
Jonathan Bennett
71cea19f3d [Server] Respond to set signal handler failure with clean_exit 2016-05-24 22:00:21 -05:00
Jonathan Bennett
db1cdd2fea [Server] Moves signal handling code to earlier in fwknopd initialization 
Also serves to de-duplicate code slightly
 2016-05-24 20:48:40 -05:00
Jonathan Bennett
7bcd9f7793 Server: Allow more time for server shutdown 2016-05-19 13:50:12 -05:00
Jonathan Bennett
c5043e0a3e When --fw-flush is specified, set enable_fw to true 2016-04-24 00:10:35 -05:00
Michael Rash
29411dea8c Merge branch 'master' of ssh://github.com/mrash/fwknop 2016-01-03 08:44:22 -05:00
Michael Rash
6247fe9e6a Merge remote-tracking branch 'origin/dstuart_netfilter_queue' 2016-01-03 08:31:12 -05:00
Jonathan Bennett
3378ba2423 Add Doxygen headers for server files 2016-01-01 02:09:59 +00:00
Michael Rash
a85b081f79 copyright update 2015-12-23 14:34:51 -05:00
Michael Rash
c2737ee9f4 [server] chop_char() handles file string length 2015-12-21 00:12:12 -08:00
Damien Stuart
0d41b78d18 Merge branch 'master' into dstuart_netfilter_queue and resolved one conflict in cmd_opts.h 2015-12-21 00:12:11 -05:00
Damien Stuart
ba611a2d2c Many additions and modifications for support of capture via Netfilter Queue. 2015-12-20 21:58:31 -05:00
Michael Rash
e25b78e81d [test suite] restore digest cache validation with a new arg --exit-parse-digest-cache 2015-12-19 05:46:36 -08:00
Michael Rash
8533d9d248 [server] use chop_char() to strip trailing '/' chars from directories 2015-12-17 22:51:08 -05:00
Michael Rash
b305f67ca5 [test suite] start on %include_folder tests, make sure at least one valid access.conf stanza has been parsed 2015-12-12 20:39:37 -08:00
Michael Rash
66458dfa49 [server] exit before writing pid file in --exit-parse-config mode 2015-12-12 06:22:40 -08:00
Jonathan Bennett
a0c4acd31c Adds the --access-folder command line option 2015-12-10 12:45:28 -06:00
Jonathan Bennett
c3d50a9503 Unwind the recursive access.conf properly on an error 
and remove a debugging log message.
 2015-12-04 18:34:09 -06:00
Jonathan Bennett
1e34a3430c Add access.conf %include depth tracking 2015-12-04 18:16:57 -06:00
Jonathan Bennett
ce0b7f6727 Initial work on access.conf includes 2015-12-03 23:23:42 -06:00
Damien Stuart
d2cef1746c Initial update for NETFILTER_QUEUE support. These changes are not tested at all as they were edit on a Mac, but are linux-specific. 2015-11-28 15:03:39 -05:00
Michael Rash
cfa02859eb [server] don't run firewall handling code for command-only modes 2015-11-17 20:48:37 -08:00
Michael Rash
2f49be6cb0 [server] For SIGHUP processing, don't send the TCP server SIGTERM unless it is running 2015-11-01 01:58:47 -08:00
Michael Rash
464a680f13 [server] minor --udp-server option handling update for completeness 2015-06-30 17:44:07 -07:00
Franck Joncourt
1c81aef39d Fixed file permissions 2014-12-31 09:51:08 +01:00
Franck Joncourt
b7ecb3334a Merge upstream changes to our changes 2014-12-28 15:00:24 +01:00
Michael Rash
74f114603b check fiu_init() and fiu_enable() return values 2014-12-07 16:29:30 -05:00
Michael Rash
285ec0ddcb [server] add AFL support for fuzzing SPA Rijndael decryption routine directly with --afl-pkt-file 2014-12-03 20:25:05 -05:00
Michael Rash
7a2763a133 [server] minor fix to add AFL_FUZZING macro 2014-11-28 19:18:38 -05:00
Michael Rash
01e294aed3 [test suite] use -A mode for AFL fuzzing, make sure fwknopd does not init digest cache in -A mode 2014-11-28 19:13:35 -05:00
Michael Rash
8872e50818 [test suite] use digest tracking override for ALF fwknopd fuzzing 2014-11-25 15:04:30 -05:00
Michael Rash
2e1d076160 [server] minor status wording update 2014-11-15 00:16:17 -05:00
Michael Rash
aaa44656bc [server] add support for American Fuzzy Lop (ALF) fuzzing 2014-11-13 20:55:04 -05:00
Michael Rash
17608dd01d [test suite] additional code coverage 2014-10-25 08:42:30 -04:00
Michael Rash
ddbba5bc90 autoconf update to ensure libpcap is not linked against in --enable-udp-server mode 2014-09-29 11:42:11 -04:00
Michael Rash
5db3a12763 add signal handling code to UDP server mode 2014-09-28 20:30:09 -04:00
Michael Rash
1fd0e7e960 first cut at UDP server mode 2014-09-28 11:49:04 -04:00
Franck Joncourt
688f08c2a0 Both the fwknop client and server have their own test suites tied to fwknop_utests 
and fwknopd_utests binaries.

When profil coverage is enbaled, lcov filee are parsed by test-fwknop.pl and added
to the main profil coverage report in the output directory.

Running make from the main directory build the c-unit test suites if enabled.
 2014-09-07 15:15:22 +02:00
Michael Rash
1dccab0fc8 [server] handle signal vars in dedicated function 2014-07-08 16:26:51 -05:00
Michael Rash
5c54ef00ad [server] refactor main() into a more natural breakdown of functions 2014-07-07 21:34:45 -05:00
Michael Rash
a2ff2a396c [server] call clean_exit() upon check_dir_path() error 2014-07-03 10:31:30 -04:00
Michael Rash
11b9732c16 [server] Call clean_exit() from daemon parent process 
When becoming a daemon, make sure the fwknopd parent process calls
clean_exit() to release memory before calling exit().
 2014-06-30 10:09:39 -04:00
Michael Rash
74440be653 [server] minor pointer typo fix 2014-06-16 23:08:50 -04:00
Michael Rash
054793fd9e [server] check fiu_enable() return value in --fault-injection mode 2014-06-15 09:48:37 -04:00
Michael Rash
70f70091b1 [server] skip fw initialization and cleanup in --test mode 2014-06-10 09:21:01 -04:00
Michael Rash
6d1d66fe03 add --fault-injection-tag support to the client/server/libfko 
This is a significant commit to add the ability to leverage libfko fault
injections from both the fwknop client and server command lines via a
new option '--fault-injection-tag <tag name>'.  This option is used by
the test suite with the tests/fault_injection.pl tests.
 2014-06-05 23:05:49 -04:00
Michael Rash
64a4642c47 [server] minor fix to remove unnecessary opts.status check 2014-05-08 07:28:48 -04:00
Michael Rash
02ed5f5ad4 [server] add --exit-parse-config option, man page updates (minor formatting change) 2014-05-04 09:17:27 -04:00