DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
934 Commits 15 Branches 0 Tags
Commit Graph

934 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franck Joncourt
4b63181387 Updated fwknop documentation. 2013-03-20 22:31:58 +01:00
Franck Joncourt
b6bd8a8e8c Fixed issue when trying to save options for a new stanza. 2013-03-20 21:38:52 +01:00
Franck Joncourt
d8090a8143 Allowed an fwknoprc stanza (-n) to be overriden by arguments from the command line. 
Added a sanity check to make sure the -n option is used with the --save-rc-stanza option.
 2013-03-18 22:06:31 +01:00
Michael Rash
817a719a9c [python module] update fko_new_with_data() call to include hmac_type 2013-03-17 23:03:48 -04:00
Michael Rash
92af5b53be Merge remote-tracking branch 'fjoncourt/python_binding' into hmac_support 2013-03-17 23:02:57 -04:00
Michael Rash
247edec004 minor hmac prototype update to add const qualifier 2013-03-17 22:48:29 -04:00
Michael Rash
066e90d955 [test suite] added hmac_force_nat_access.conf file to Makefile.am 2013-03-17 22:42:52 -04:00
Michael Rash
c7b5611fa4 Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 
Significant merge from Franck Joncourt to add the ability to save command line
args to ~/.fwknoprc stanzas.  This merge is in support of #4.

Conflicts:
	lib/fko_util.c
	lib/fko_util.h
 2013-03-17 21:34:23 -04:00
Franck Joncourt
d299f1de66 Add ne wdirective to setup.py in order to be able to build the python binding 
without having libfko installed on the system.
 2013-03-17 12:03:07 +01:00
Michael Rash
7e784df387 [server] allow long Rijndael command messages 
This change allows SPA clients to include long messages in command mode and
generally allows decryption operations to dictate success/failure instead of
SPA packet length to gate decryption attempts.  Closes #40.
 2013-03-16 14:43:15 -04:00
Michael Rash
1de5e370e1 [test suite] added 'server_conf' hash key verification 2013-03-16 14:40:08 -04:00
Michael Rash
4bdb71315a [client] --nat-rand-port bug fix 
Bug fix for --nat-rand-port mode to ensure that the port to be
NAT'd is properly defined so that the fwknopd server will NAT
connnections to this port instead of applying the NAT operation to the
port that is to be accessed via -A.  This change also prints the
randomly assigned port to stdout regardless of whether --verbose mode is
used (since it not then the user will have no idea which port is
actually going to be NAT'd on the fwknopd side).
 2013-03-16 14:38:20 -04:00
Michael Rash
253ccb7cea added encryption type/mode and message type string representations for FKO context diplay output 2013-03-14 22:26:44 -04:00
Franck Joncourt
b9046df64d Remove useless comment. 2013-03-14 22:39:36 +01:00
Franck Joncourt
212075094c Added the possibility to parse only sedction in a fwknoprc file and 
not only the whole file - more.
 2013-03-14 22:16:37 +01:00
Franck Joncourt
366536055f Added the possibility to parse only sedction in a fwknoprc file and not only the whole file 2013-03-13 07:13:50 +01:00
Michael Rash
aa36f3ffee bug fix to remove hmac_sha512_long_key_access.conf file (doesn't exist) from Makefile.am 2013-03-12 23:25:53 -04:00
Michael Rash
3ef3ab29c8 [test suite] 'key_file' hash key update for HMAC SHA384 test 2013-03-12 23:20:12 -04:00
Michael Rash
0b9f25362e [test suite] minor bug fix for HMAC SHA384 default key test rc file path 2013-03-12 23:10:09 -04:00
Michael Rash
9e32cdd6d9 [test suite] added files to Makefile.am and added a test to verify this 2013-03-12 22:50:37 -04:00
Michael Rash
55d188ed1f [test suite] added HMAC key tests 2013-03-12 22:18:43 -04:00
Michael Rash
fe22423a44 [libfko] bug fix to maintain OpenSSL compatibility for HMAC keys longer than associated block size 2013-03-12 22:17:41 -04:00
Michael Rash
402a545cb2 convert standard hmac access.conf file for HMAC SHA512 to use key size of 128 bytes 2013-03-11 23:12:56 -04:00
Michael Rash
bf6cc6c605 --key-gen bug fix to allow --key-len and --hmac-key-len values to apply to generated key lengths 2013-03-11 23:02:07 -04:00
Michael Rash
02d0255a7c update base64 key char arrays to use MAX_B64_KEY_LEN macro 2013-03-11 22:55:00 -04:00
Michael Rash
6478d2b892 minor fix to remove extraneous memset() call 2013-03-11 22:54:10 -04:00
Michael Rash
70c17be916 added MAX_B64_KEY_LEN for full length SHA512 keys 2013-03-11 22:50:02 -04:00
Michael Rash
4ef2a1ec57 fix fko_new_with_data() call to include the hmac type 2013-03-11 22:41:08 -04:00
Michael Rash
6e7a56067b [perl FKO module] add hmac_type to fko_new_with_data() calls 2013-03-11 21:13:20 -04:00
Michael Rash
343bd449d4 HMAC MD5 bug fix to ensure to set the MD5 block length to 64 2013-03-10 21:59:39 -04:00
Michael Rash
bd2af22691 [test suite] set HMAC_DIGEST_TYPE to md5 for HMAC MD5 test 2013-03-10 21:58:52 -04:00
Michael Rash
3598fc7d7d added missing hmac_md5() function to hmac.h 2013-03-10 18:56:19 -04:00
Michael Rash
7274f6724e Merge branch 'hmac_support' of github.com:mrash/fwknop into hmac_support 2013-03-10 18:12:41 -04:00
Damien Stuart
19cf0d51fd Merge branch 'hmac_support' of github.com:mrash/fwknop into hmac_support 2013-03-10 17:17:39 -04:00
Damien Stuart
744e002779 Removed tmp lib and include dirs from the python module setup.py file. 2013-03-10 17:17:19 -04:00
Michael Rash
dc0ce29477 bug fix to anticipate OpenSSL HMAC output that spans multiple lines (as in SHA512) 2013-03-10 16:37:34 -04:00
Michael Rash
c5b5cba729 Added HMAC MD5 support (need test suite validation still) 2013-03-10 16:30:06 -04:00
Franck Joncourt
977ee18c3f New function bool_to_yesno. 2013-03-10 20:55:19 +01:00
Michael Rash
0529d23595 remove minor debugging statement 2013-03-10 15:13:34 -04:00
Michael Rash
6882ac57ec add HMAC-SHA1 support 2013-03-10 14:56:39 -04:00
Michael Rash
7821e83dfc Merge branch 'hmac_support' of github.com:mrash/fwknop into hmac_support 
Conflicts:
	client/fwknop.c
	lib/fko_hmac.c
 2013-03-10 14:32:07 -04:00
Michael Rash
22dde8eb35 SPA with HMAC SHA256 and SHA384 now works 
This is a fairly significant commit that lays the groundwork for getting
selectable HMAC modes working for both the client and server.  One libfko API
change was required so that the hmac_type is passed into fko_new_with_data().
This allows the server to set the hmac_type via access.conf stanzas.  The
effort in this commit will be extended to allow HMAC MD5, SHA1, and SHA512
also function properly.
 2013-03-10 14:26:05 -04:00
Damien Stuart
6fa3be393c Renamed fko_set_hmac_type to fko_set_spa_hmac_type. Incorporated libfko changes and additions to the fko python module code. 2013-03-10 13:21:24 -04:00
Franck Joncourt
8a2bc732b7 Fixed data format for some arguments in fwknoprc when they are saved. 2013-03-10 18:17:08 +01:00
Michael Rash
6f45b2c3b1 added HMAC SHA384 and SHA512 support, bug fix to allow shorter HMAC key lengths than associated digest block size 2013-03-09 23:27:08 -05:00
Michael Rash
f9fa3c2b6d [test suite] derive HMAC digest type from client display context output 2013-03-09 23:25:59 -05:00
Michael Rash
6741cfc22b convert HMAC functions to static where possible 2013-03-09 16:48:08 -05:00
Michael Rash
3ff39dfab4 [test suite] minor variable conversion to 'our' vars 2013-03-09 16:41:32 -05:00
Franck Joncourt
c5163fcc24 Added new parameters HMAC_DIGEST_TYPE to the save capability. 2013-03-09 12:39:05 +01:00
Franck Joncourt
c2ef7f224a Moved static functions from the client to the fko_util.c file. 2013-03-09 12:17:17 +01:00