DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,601 Commits 15 Branches 0 Tags
Commit Graph

398 Commits

Author SHA1 Message Date
Michael Rash
998fb96f0b promote argv handling functions to fko_util (avoids duplication across client and server) 2015-12-16 18:59:10 -08:00
Michael Rash
f230c32371 promote chop_* functions into fko_util 2015-12-16 18:00:57 -08:00
Michael Rash
a000bcd4a0 [client] minor formatting update 2015-12-04 18:49:24 -08:00
Michael Rash
97faa2dbdf minor docs update 2015-11-10 21:40:57 -05:00
Michael Rash
b03c007c44 [client] add --server-resolve-ipv4 to only accept IPv4 addresses from DNS for the SPA server 2015-09-27 10:17:36 -04:00
Damien Stuart
a4309ad768 Added clean up for .gcno and .gcda files (left went c-unit-tests are enabled. 2015-09-05 15:20:22 -04:00
Damien Stuart
2e60687dcf Merge branch 'master' into dstuart_refactor_autoconf 2015-08-29 12:46:24 -04:00
Michael Rash
ecfa8021e5 doc updates to include sudo information 2015-08-24 17:25:06 -07:00
Michael Rash
82464574a6 [client] minor update to make chksum() static 2015-08-18 22:12:23 -04:00
Michael Rash
0fdc263a43 options struct should not be global (CLANG -Wshadow warning) 2015-08-18 21:58:53 -04:00
Michael Rash
0d83c967c0 [client] minor typo fixes 2015-06-09 11:31:51 -04:00
Michael Rash
9b189fe762 [client] ensure that encryption and HMAC keys are not read from stdin in AFL fuzzing mode 2015-06-01 05:25:47 -07:00
Michael Rash
85e07f99c4 man page updates 2015-05-22 15:31:18 -04:00
Michael Rash
ceb1713976 add --key-gen option to fwknopd (suggested by Jonathan Bennett) 2015-05-20 08:55:17 -07:00
Michael Rash
136d017afb [client] ensure no dns, http, or other network comms in AFL fuzzing mode 2015-05-14 17:51:25 -07:00
Damien Stuart
2ea2aea0ba Tweaks for unit test support 2015-05-03 09:46:37 -04:00
Michael Rash
3512f7f417 doc updates 2015-04-20 21:34:12 -04:00
Damien Stuart
e4fae829bc Refactor of Makefile.am files to fix issues caused by referencing source files in other directories - which broke make dist and make distclean targets. 2015-02-17 14:37:20 -05:00
Damien Stuart
987455b902 Remove commented out entries from the client and server Makefile.am. 2015-02-14 12:40:58 -05:00
Damien Stuart
b152d15970 Refactored how the cunit tests are processed so "make dist" does not fail and builds with c-unit-tests enabled work on systems with firewalld (added fw_util_firewalld.c for server tests). 2015-02-14 12:29:30 -05:00
Franck Joncourt
1c81aef39d Fixed file permissions 2014-12-31 09:51:08 +01:00
Franck Joncourt
b7ecb3334a Merge upstream changes to our changes 2014-12-28 15:00:24 +01:00
Michael Rash
74f114603b check fiu_init() and fiu_enable() return values 2014-12-07 16:29:30 -05:00
Damien Stuart
9e671217e1 Move #include <sys/wait.h> directive so it is not seen in the windows build 2014-11-19 22:01:04 -05:00
Michael Rash
ece855b66a [client] bug fix to ensure -a overrides IP resolution 2014-11-18 23:10:19 -05:00
Michael Rash
22289a3f58 [client] disable IP resolution in AFL_FUZZING mode 2014-11-18 20:16:12 -05:00
Michael Rash
a72b69eee7 manpage updates 2014-11-15 10:51:48 -05:00
Michael Rash
248c4b301e added configure detection of execvpe() - doesn't exist on Mac OS X yet 2014-10-06 20:04:00 -04:00
Michael Rash
50952b4a6e Merge branch 'master' of https://github.com/mrash/fwknop into execvpe 2014-10-04 19:36:04 -04:00
Michael Rash
836370d034 [client] minor tab->spaces fix 2014-10-04 10:32:52 -04:00
Michael Rash
e271442aa9 [server] first cut at converting iptables commands to use execvpe() 2014-10-03 21:58:51 -04:00
Michael Rash
7aa34a92f1 [client] add strtoargv() to easily get an argv array for passing to execvpe() 2014-10-03 14:44:01 -04:00
Michael Rash
2247dfeab8 use execvpe() with NULL env for wget calls 2014-10-03 11:39:33 -04:00
Michael Rash
b1358d564d minor client --help update 2014-10-03 11:35:38 -04:00
Florian Schüller
dc30f162c7 Add "NO_SAVE_ARGS" to initial config file 2014-10-01 14:28:36 +02:00
Florian Schüller
981d1f7077 Support for "--no-save-args" in .fwknoprc 2014-10-01 14:28:29 +02:00
Michael Rash
50434c5c4c Use the fwknop User-Agent for wget SSL external IP resolutions 
Bug fix to ensure that a User-Agent string can be specified when the
fwknop client uses wget via SSL to resolve the external IP address. This
closes issue #134 on github reported by Barry Allard. The fwknop now
uses the wget '-U' option to specify the User-Agent string with a
default of "Fwknop/<version>". In addition, a new command line argument
"--use-wget-user-agent" to allow the default wget User-Agent string to
apply instead.
 2014-09-27 23:23:12 -04:00
Franck Joncourt
260cd5481b Use of init and cleanup functions for the test suite. 2014-09-07 20:33:39 +02:00
Franck Joncourt
32c5afae83 Merge remote-tracking branch 'upstream/master' into c_unit_testing 2014-09-07 15:24:59 +02:00
Franck Joncourt
688f08c2a0 Both the fwknop client and server have their own test suites tied to fwknop_utests 
and fwknopd_utests binaries.

When profil coverage is enbaled, lcov filee are parsed by test-fwknop.pl and added
to the main profil coverage report in the output directory.

Running make from the main directory build the c-unit test suites if enabled.
 2014-09-07 15:15:22 +02:00
Michael Rash
eb0e8eb6a1 fwknopd man page updates for access.conf vars 2014-08-26 23:21:14 -04:00
Franck Joncourt
306dd0f685 First layout to add c unit testing support to fwknop. 2014-08-24 21:05:44 +02:00
Michael Rash
b06447384e [client] have autoconf resolve the absolute path to wget for SSL IP resolution 2014-07-27 22:03:58 -04:00
Michael Rash
59718f1a36 [client] Updated IP resolution mode -R to use SSL 
External IP resolution via '-R' (or '--resolve-ip-http') is now done via SSL by
default. The IP resolution URL is now 'https://www.cipherdyne.org/cgi-gin/myip',
and a warning is generated in '-R' mode whenever a non-HTTPS URL is specified
(it is safer just to use the default). The fwknop client leverages 'wget' for
this operation since that is cleaner than having fwknop link against an SSL
library.
 2014-07-25 17:42:06 -04:00
Michael Rash
e1608b90fe [client] call freeaddrinfo() early after iterating through getaddrinfo() results 2014-07-22 22:35:43 -04:00
Michael Rash
666d150aff [client] make close() on socket handle more intuitive (resolves 'double close' bugs flagged by Coverity) 2014-07-22 22:04:44 -04:00
Michael Rash
7df1186c66 fixed several socket handle leaks under error conditions spotted by Coverity 2014-07-22 11:30:33 -04:00
Michael Rash
764d9ca26d fix gcc -Wstrlcpy-strlcat-size warnings 2014-07-19 16:30:53 -04:00
Michael Rash
53a1e1bc00 [client] minor bug fix for condition under which fiu_* functions are called for fault injection 2014-06-08 20:19:03 -04:00
Michael Rash
6d1d66fe03 add --fault-injection-tag support to the client/server/libfko 
This is a significant commit to add the ability to leverage libfko fault
injections from both the fwknop client and server command lines via a
new option '--fault-injection-tag <tag name>'.  This option is used by
the test suite with the tests/fault_injection.pl tests.
 2014-06-05 23:05:49 -04:00