This commit fixes a minor memory leak for the digest cache file path in
--rotate-digest-cache mode in the replay_cache_init() function. The leak was
caught by valgrind, and a new test was added to the test suite for it. Here
is the valgrind warning:
==29021== 21 bytes in 1 blocks are definitely lost in loss record 2 of 2
==29021== at 0x4C2B3F8: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==29021== by 0x1103AA: replay_cache_init (replay_cache.c:96)
==29021== by 0x10BB8C: main (fwknopd.c:254)
In --enable-valgrind mode, this commit adds the ability to compare current test
result output with any previous test suite execution. Whenever valgrind flags
a new function or if an existing flagged function has a greater number of
calls, then the final valgrind test will fail. This allows a greater level of
valgrind validation to take place for new code in an automated fashion. For
example, if a change to a piece of code introduces a memory handling problem of
the sort that valgrind can detect, then the final test will fail like so:
# ./test-fwknop.pl --include "complete cycle.*HMAC" --enable-valgrind --test-limit 1
[+] Starting the fwknop test suite...
args: --include complete cycle.*HMAC --enable-valgrind --test-limit 1
Saved results from previous run to: output.last/
[Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)...pass (1)
[valgrind output] [flagged functions] ..............................fail (2)
[+] 1/1/2 tests passed/failed/executed
The newly flagged functions will be written to the corresponding test file:
# cat output/2.test
[+] TEST: [valgrind output] [flagged functions]~
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: main
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_spa_data_final
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: strdup
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_new
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_encrypt_spa_data
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_encode_spa_data
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_calculate_hmac
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_set_username
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_set_rand_value
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: fko_set_spa_message
[-] 1.test (client) '[+] TEST: [Rijndael SPA] [client+server] complete cycle + HMAC (tcp/22 ssh)' --> NEW valgrind flagged function: set_digest
[-] 1.test New and/or greater number of valgrind flagged function calls
Applied fix from Franck Joncourt for the 'warning: dereferencing type-punned
pointer will break strict-aliasing rules [-Wstrict-aliasing]' error in the
MD5 digest code.
[libfko] Added the ability to maintain backwards compatibility with the
now deprecated "zero padding" strategy in AES mode that was a hold over
from the old perl fwknop implementation. This enables the backwards
compatiblity tests to continue to pass in the test suite.
Added --enable-openssl-checks to send all SPA packets encrypted via libfko
through the OpenSSL library to ensure that the libfko usage of AES is always
compatible with OpenSSL. This ensures that the fwknop usage of AES is properly
implemented as verified by the OpenSSL library, which is a frequently audited
high profile crypto engine. If a vulnerability is discovered in OpenSSL and a
change is made, then the --enable-openssl-checks mode will allow the test suite
to discover this in a automated fashion for fwknop.
Significant bug fix to honor the full encryption key length for
user-supplied Rijndael keys > 16 bytes long. Previous to this bug fix,
only the first 16 bytes of a key were actually used in the encryption/
decryption process even if the supplied key was longer. The result was
a weakening of expected security for users that had keys > 16 bytes,
although this is probably not too common. Note that "passphrase" is
perhaps technically a better word for "user-supplied key" in this
context since Rijndael in CBC mode derives a real encryption/decryption
key from the passphrase through a series of applications of md5 against
the passphrase and a random salt. This issue was reported by Michael T.
Dean. Closes issue #18 on github.
This merges in code from Franck Joncourt to ensure that duplicate iptables
rules are not created for SPA packets that are themselves different but arrive
at the same time and that request exactly the same access. This is done by
using the 'iptables -C' functionality to determine whether a duplicate rule
already exists before adding a new one.
Put strlcpy and strlcat object files back in the source group in lib.
Moved libfko_util.a to the common directory (though sources remain in
lib). Client and server code looks to common dir for libfko-util.
This fixes issue with strlcpy showing as undefined symbol when perl FKO
module is loaded.
