DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,407 Commits 15 Branches 0 Tags
5f50ac22dbec45cbe625c11c19a4c006469745f4
Commit Graph

275 Commits

Author SHA1 Message Date
Michael Rash
c382febf3d [client] use libfko is_valid_ipv4_addr() for IP address validation 2013-11-26 23:48:56 -05:00
Michael Rash
196fef65b6 [libfko] move is_base64 check to libfko 
This commit replaces the separately implemented client/server
is_base64() check with a single libfko function, and libfko itself now
uses it as well before prepending Rijndael or GnuPG base64 encoded
prefixes.
 2013-11-16 19:20:08 -05:00
Michael Rash
63568d061b minor hex_dump() formatting bug fix to properly align ascii remainder output 2013-11-15 14:53:04 -05:00
Franck Joncourt
f8ae3b8da3 Merge remote-tracking branch 'upstream/master' into fko_dump 2013-08-10 14:32:34 +02:00
Michael Rash
eb7914d45c minor ChangeLog update for --stanza-list 2013-08-08 21:37:44 -04:00
Franck Joncourt
7296d3f3bf * Interim commit to add a dump function to dump the FKO context shared 
by both the server and client. mrash/fwknop#95
 2013-08-05 23:28:07 +02:00
Franck Joncourt
04f72ea724 * Fixed typos. 2013-07-30 23:00:19 +02:00
Franck Joncourt
ccee56b998 * A bit more of documentation. 2013-07-30 21:49:33 +02:00
Franck Joncourt
4c478c1bb6 * Added a new --stanza-list command line to fwknop to dump the stanzas 
configured in ./fwknoprc. The default stanza is not displayed.
 2013-07-30 21:38:54 +02:00
Michael Rash
ea9d6a0fdc [client] apply patch from Ilya Tumaykin for terminal setting type 
This commit also fixes a 'possible use of uninitialized value' warning from gcc for
the old_c_lflag variable.
 2013-07-24 22:44:08 -04:00
Damien Stuart
5ec4998aaa Reset terminal setting to orignal values after entering keys via stdin 2013-07-24 14:39:26 -04:00
Michael Rash
65dc33dd9c [client] added --use-hmac to --help output (noticed by Damien) 2013-07-18 23:06:24 -04:00
Michael Rash
3ee8b47870 [client] fix minor memory leak in getpasswd() routine caught by the test suite in valgrind mode 2013-07-18 17:30:25 -04:00
Michael Rash
f2d829535b [client] fix minor compilation warning about an unused variable 2013-07-18 00:15:22 -04:00
Damien S. Stuart
4b0f0802ee Tweaks to unbreak the windows build: Renamed FD_SET macro to FD_SET_ALT to avoid conflict with the well-known FD_SET macro. Made the client read password from file descriptor a non-supported function on Windows. 2013-07-17 22:46:24 -04:00
Michael Rash
a009ebfde2 [client] minor man page update to state that -a is more secure than -R 2013-07-09 23:21:12 -04:00
Michael Rash
189a183e18 allow zero length to return FKO_SUCCESS from zero_buf() call 2013-07-09 21:40:23 -04:00
Michael Rash
5e3ec3b611 [client] in '-M legacy' mode truncate the key to 16 bytes 
This change helps to maintain backwards compatibility with older fwknopd daemons
that cannot handle Rijndael keys greater than 16 bytes.  Blair Zajac suggested
printing a warning in '-M legacy' mode when keys are attempted > 16 bytes long,
and this warning is included in this commit.
 2013-07-09 21:13:07 -04:00
Michael Rash
1b524f8104 [client] make legacy encryption mode and HMAC usage mutually exclusive 2013-07-08 23:06:57 -04:00
Michael Rash
24c4c5e208 continued zeroing out of sensitive data buffers in support of issue #93 2013-07-08 23:00:18 -04:00
Michael Rash
1e77f6ed53 continued changes to zero out sensitive information before exit (#93) 2013-07-07 22:32:30 -04:00
Franck Joncourt
9d7feb52f6 Merge remote-tracking branch 'upstream/master' 2013-06-30 22:22:34 +02:00
Franck Joncourt
c2e1a00154 s/GNU Public/GNU General Public/g 2013-06-30 22:21:22 +02:00
Michael Rash
a792e8bf4e minor man page documentation updates (added twitter reference) 2013-06-30 15:55:01 -04:00
Franck Joncourt
5db1eeb268 Interim commit to add a VERBOSE variable to fwknopd. 2013-06-27 21:39:38 -04:00
Michael Rash
37b624ac8b bump version to 2.5, minor fwknopd -S exit status update 
This commit bumps the fwknop version to 2.5 and sets the libfko version to 2.0 to
signal incompatibility with older libfko versions.  Backwards compatibility is
maintained in SPA packet construction, but function prototypes in libfko-2.0 are
no longer compatible with older versions.

This commit also returns non-zero exit status under 'fwknopd --status' if there
is no existing fwknopd process.  This is better than always exiting with a zero
status regardless of whether fwknopd is already running or not, and adds a level
of scriptability to --status usage.  This change was suggested by George Herlin.
 2013-06-27 21:21:10 -04:00
Franck Joncourt
47a7ffe22b Merge remote-tracking branch 'upstream/master' 2013-06-25 23:03:28 +02:00
Michael Rash
371036bad0 [client] re-use encryption/HMAC keys in --test mode 
The client --test mode decrypts SPA packet data as a final step, but get_keys()
was being called to re-acquire the encryption/HMAC keys.  This commit reuses
the same keys that were supplied for SPA packet encryption/authentication
because the most important code to test is not get_keys() but rather libfko
encryption/decryption/authentication operations.
 2013-06-21 21:08:41 -04:00
Michael Rash
6b132862fd [client] minor man page backwards compatibility wording tweak 2013-06-20 22:12:29 -04:00
Michael Rash
047513710a [client] add GPG_NO_SIGNING_PW to --save-rc-stanza functionality 2013-06-20 22:11:42 -04:00
Franck Joncourt
afd6f6b23c Interim commit to add a VERBOSE variable to fwknopd. 2013-06-20 23:33:04 +02:00
Michael Rash
68acbaadc4 remove newline chars from log_msg() calls 2013-06-19 23:42:58 -04:00
Michael Rash
e3a2289d70 [client] man page update to include GPG_SIGNING_PW synonym for KEY variable in GPG mode 2013-06-19 23:37:19 -04:00
Michael Rash
13173343ee [client] add GPG_ALLOW_NO_SIGNING_PW and --gpg-no-signing-pw 
This change brings similar functionality to the client as the GPG_ALLOW_NO_PW
keyword in the server access.conf file.  Although this option is less likely
to be used than the analogous server functionality, it stands to reason that
the client should offer this feature.  The test suite has also been updated to
not use the --get-key option for the 'no password' GPG tests.
 2013-06-18 22:51:22 -04:00
Michael Rash
afbf6d51c0 [client] minor man page backwards compatibility update to include better examples 2013-06-16 08:27:29 -04:00
Michael Rash
48b2213780 [client] truncate args save file with open() 2013-06-13 21:20:11 -04:00
Michael Rash
a3e06966b5 [client] minor man page wording update for backwards compatibility section 2013-06-10 21:14:09 -04:00
Michael Rash
46dadecf5a [client] minor man page tweak to use rc VERBOSE bool value (which is the default now) 2013-06-09 16:00:46 -04:00
Michael Rash
056fd44c24 [commit] default --verbose rc handling to bool Y/N values, but allow integers too when --verbose is given multiple times 2013-06-09 15:58:22 -04:00
Michael Rash
dbfa2579a7 [client] minor man page tweak 2013-06-09 15:57:16 -04:00
Franck Joncourt
e515ba45fe Merge remote-tracking branch 'upstream/master' 
Conflicts:
	client/fwknop.8.in
 2013-06-05 21:47:41 +02:00
Franck Joncourt
7dec26852a Updated fwknop manpage to document both the use of stdin and fd commands. 2013-06-05 21:38:26 +02:00
Michael Rash
66399fed1a Merge remote-tracking branch 'fjoncourt/master' 
Closes #74 - allows a passphrase to be read from STDIN or from a file descriptor
via --fd.
 2013-06-02 22:54:23 -04:00
Franck Joncourt
583e1e02c7 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	client/config_init.c
 2013-06-02 21:54:25 +02:00
Franck Joncourt
9fce10abd8 Adding support for reading encryption/key password from a file descriptor. 
* Added tests to the test suite.
 * Updated the usage message.
 * Fixed the password functions.

reference : mrash/fwknop#74
 2013-06-02 21:36:17 +02:00
Michael Rash
382099e85a Updated copyright dates, removed NEWS file in favor of the ChangeLog 2013-06-02 14:07:01 -04:00
Michael Rash
1b41e606a7 Added backwards compatibility section to the client man page 
Added backwards compatibility section and new material on a 'quick start'
subsection for the EXAMPLES section.
 2013-06-02 13:51:25 -04:00
Franck Joncourt
f3af0d48c5 Interim commit to be able to load key from file descriptor (fd 0 for example). 2013-06-01 23:14:56 +02:00
Michael Rash
9b2cd9e2e5 [client] allow -D to be used in --save-rc-stanza mode if -n is not given 
This change simplifies the fwknop client usage by allowing the -D argument to
be used as the stanza name if -n is not also specified in --save-rc-stanza
mode.
 2013-05-31 23:01:47 -04:00
Michael Rash
9cbb80d434 update man page in client/server directories to the latest 2013-05-31 21:36:49 -04:00