DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,087 Commits 15 Branches 0 Tags
Commit Graph

1087 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Rash
6a2bc3db27 [server] minor memory leak bug fix during access.conf parsing found by Coverity 2013-05-13 20:48:23 -04:00
Michael Rash
8e31f8feb0 [server] varargs cleanup bug fix found by Coverity 2013-05-13 20:42:07 -04:00
Michael Rash
d60870740d [server] fix pointer NULL check after strdup() - found by Coverity 2013-05-13 20:41:25 -04:00
Michael Rash
0c3da4bee4 [server] minor cosmetic (unnecessary NULL checks and one un-triggerable memory leak) found by Coverity 2013-05-13 20:40:29 -04:00
Michael Rash
cdd0a5f3f3 [server] minor memory leak bug fix during access.conf parsing found by Coverity 2013-05-13 20:38:39 -04:00
Michael Rash
c83bc15c5e bumped VERSION file to fwknop-2.5-pre1 2013-05-12 22:42:13 -04:00
Michael Rash
3246c3c6b0 [test suite] added hmac_get_key_access.conf file 2013-05-12 22:30:28 -04:00
Michael Rash
09f073d393 Added blurb on Coverity to the ChangeLog 2013-05-12 21:04:25 -04:00
Michael Rash
838782f198 [test suite] added fko_destroy() calls to fko-wrapper 2013-05-12 20:57:19 -04:00
Michael Rash
1caf6035d9 [server] fixed potential double-free condition found by Coverity 
Within the access loop always call fko_destroy() right up front whenever
ctx != NULL to ensure a clean slate each time through the loop regardless of
what state may have been reached the previous time through the loop.
 2013-05-12 20:54:44 -04:00
Michael Rash
c555a35489 [client] set ctx=NULL after fko_destroy() calls 2013-05-12 20:54:04 -04:00
Michael Rash
d85c2e74ce [libfko] set ctx=NULL after fko_destroy(), add NULL check for encrypted msg pointer in fko_new_with_data() 2013-05-12 20:53:22 -04:00
Michael Rash
7b3c854a02 [libfko] added context initialized check to fko_decrypt_spa_data() 2013-05-12 20:49:00 -04:00
Michael Rash
6d0f970b34 [libfko] bug fix to apply ctx initialization check before attempting to use ctx->message_type in fko_set_spa_client_timeout() 2013-05-12 15:02:31 -04:00
Michael Rash
38395b04c6 [test suite] add -x to run_valgrind.sh fko-wrapper script 2013-05-12 14:43:19 -04:00
Michael Rash
3302dd4220 [test suite] added -g to fko_wrapper Makefile for debugging symbols 2013-05-12 14:42:35 -04:00
Michael Rash
a8410d8f2a [test suite] allow valgrind coverage test to run after --test-limit 2013-05-11 13:28:55 -04:00
Michael Rash
282b0198ec [libfko] changed 'state' context element to 'int' type to fix a 'extra high-order bits' bug found by Coverity 2013-05-09 22:43:05 -04:00
Michael Rash
aafc3ac264 [server] setsockopt() nad fcntl() return value checking (found by Coverity) 2013-05-09 22:35:08 -04:00
Michael Rash
72e4edbf6a [libfko] fixed remaining sizeof() usage bug in SHA256 code found by Coverity 2013-05-09 22:14:06 -04:00
Michael Rash
62edf09101 [libfko] fixed remaining buffer constraints in lib/hmac.c code found by Coverity 2013-05-09 22:13:25 -04:00
Michael Rash
add518016c [client] removed unnecessary array NULL check found by Coverity 2013-05-09 22:10:38 -04:00
Michael Rash
9046acaf22 [libfko] memory leak fixes found by Coverity 2013-05-09 21:56:13 -04:00
Michael Rash
8c09d38941 various sizeof() usage and type bug fixes found by Coverity 2013-05-09 21:17:27 -04:00
Michael Rash
b92f892ae0 [test suite] minor bug fix for printing the number of test buckets to be executed 2013-05-09 21:11:45 -04:00
Michael Rash
9f9bbcbcdd fixed several resource leak conditions found by Coverity 2013-05-09 17:15:58 -04:00
Michael Rash
aaa28d4ab3 [server] double free bug fix in access.conf parsing routine caught by Coverity 2013-05-08 23:44:13 -04:00
Michael Rash
3a1efd9321 [server] fixed several (non-exploitable) overflow conditions found by Coverity 2013-05-08 23:29:06 -04:00
Michael Rash
8d980ae686 remove dead code caught by Coverity 2013-05-07 23:02:49 -04:00
Michael Rash
50f0ee2f7d [server] bug fix for GPG 'nesting level does not match indentation' issue (discovered by Coverity) 2013-05-07 22:53:20 -04:00
Michael Rash
e1c6f04ef9 [client] fix missing 'break' in switch statement (discovered by Coverity) 2013-05-07 21:43:38 -04:00
Michael Rash
8f423e8b89 [server] added --pcap-any-direction along with config file support 
From the config file comments:

This variable controls whether fwknopd is permitted to sniff SPA packets
regardless of whether they are received on the sniffing interface or sent
from the sniffing interface.  In the later case, this can be useful to have
fwknopd sniff SPA packets that are forwarded through a system and destined
for a different network.  If the sniffing interface is the egress interface
for such packets, then this variable will need to be set to "Y" in order for
fwknopd to see them.  The default is "N" so that fwknopd only looks for SPA
packets that are received on the sniffin

PCAP_ANY_DIRECTION         N;
 2013-05-06 22:23:59 -04:00
Michael Rash
5aac3d978c minor typo fix 2013-05-06 22:22:22 -04:00
Franck Joncourt
a9a143a85d Merge remote-tracking branch 'upstream/master' 2013-05-06 11:52:35 +02:00
Franck Joncourt
d4577ab697 Added new tests to the test suite to validate the --save-rc-stanza command line argument. 2013-05-06 11:49:16 +02:00
Franck Joncourt
b3cbf1ecfa Replaced printf() by log_msg(). 2013-05-06 10:02:02 +02:00
Michael Rash
eb143db9a7 [client] added --get-hmac-key to mirror --get-key, closes #68 2013-05-05 21:54:07 -04:00
Michael Rash
83493a424c Merge branch 'master' of github.com:mrash/fwknop 2013-05-05 21:01:26 -04:00
Michael Rash
314cc3eb23 Merge remote-tracking branch 'origin/win32_fixes' 
This fixes issue #69 thanks to Damien.
 2013-05-05 20:59:04 -04:00
Damien S. Stuart
0363a2099a Regenerated the client and server manpage .in files from the asciidoc sources 2013-05-05 20:44:47 -04:00
Damien S. Stuart
63fed301b8 Merge branch 'win32_fixes' of ssh://github.com/mrash/fwknop into win32_fixes 2013-05-05 20:37:02 -04:00
Damien S. Stuart
2c1a911a50 Copied the win32 Visual Studio solution and project files to preserve a VS 2008 version. 2013-05-05 20:36:33 -04:00
Damien Stuart
c0c0941d55 Tweaked WIN32 conditional for using inet_ntoa instead of inet_ntop to apply only to versions below Vista (WINVER <= 0x0600) 2013-05-05 19:02:48 -04:00
Damien Stuart
b84415c33c Use inet_aton on Windows (Older windows versions do not have enet_ntop). 2013-05-05 16:37:18 -04:00
Franck Joncourt
327257ef5f Fixed command line arguments (key-base64-rijndael and key-base64-hmac). 
The cmd_opts structure containing the command line args does not follow the
documentation. This update fix it.
 2013-05-05 22:03:21 +02:00
Franck Joncourt
ea8a9419ed Added force-stanza to the client documentation. 2013-05-05 22:00:02 +02:00
Franck Joncourt
f3da685348 Merge remote-tracking branch 'upstream/master' 2013-05-05 21:47:21 +02:00
Franck Joncourt
17a105fd8a Added GPG_SIGNER and GPG_RECIPIENT to the list of important variables. 2013-05-05 21:43:31 +02:00
Franck Joncourt
b8145f6d7f Added --force-stanza command line arg to avoid prompting the user. 2013-05-05 21:13:26 +02:00
Damien Stuart
15d9c6197b Fixes to get hmac_support and 2.5 changes working for the Windows lib and client builds. 2013-05-05 13:20:20 -04:00