DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,005 Commits 15 Branches 0 Tags
Commit Graph

1005 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franck Joncourt
7a719389ca Integrated the log module in the whol client source code. 
perror() is also replaced by log_msg()
 2013-04-29 22:18:29 +02:00
Michael Rash
486f0ea52f [test suite] restore gpg directories after test suite runs 2013-04-27 22:41:17 -04:00
Michael Rash
dd05975217 Merge remote-tracking branch 'fjoncourt/master' 
This merges changes from Franck Joncourt for issues #55 (log module for fwknop)
and #64 (hostname resolution not working for -P icmp spoofing).
 2013-04-27 22:26:38 -04:00
Michael Rash
12a6e9e93a Convert most strlcat() calls to use destination bound from sizeof() 
This commit helps to ensure correctness of strlcat() calls in support of fixing
issue #2.
 2013-04-27 20:41:12 -04:00
Franck Joncourt
b04de687ce Fixed hostname resolution while spoof ip is used. 
mrash/fwknop#64
 2013-04-27 23:31:40 +02:00
Franck Joncourt
0bf0d8f876 Merge remote-tracking branch 'upstream/master' 2013-04-27 22:38:27 +02:00
Franck Joncourt
6063679c6d Continue implementing the log_msg module. 2013-04-27 22:19:40 +02:00
Michael Rash
b3f55bf1ab Convert most strlcpy() calls to use destination bound from sizeof() 
This commit helps to ensure correctness of strlcpy() calls in support of fixing
issue #2.
 2013-04-27 15:08:11 -04:00
Michael Rash
6b095d948d [test suite] minor openssl verification update to print base64 decode flag value 2013-04-27 12:56:50 -04:00
Michael Rash
eb727e1271 removed roadmap.org file in favor of using github milestones 2013-04-26 21:56:26 -04:00
Michael Rash
6036619b1c removed todo.org file in favor of using github issues 2013-04-26 21:47:49 -04:00
Franck Joncourt
2396193e06 Replaced all references to *fprintf(stderr,* by log_msg() in config_init.c 2013-04-26 17:16:05 +02:00
Franck Joncourt
65d0517a9c Inverted log level enumeration 2013-04-26 16:18:08 +02:00
Franck Joncourt
bb70a9752f Ajout du module log_msg pour le client 2013-04-26 14:08:25 +02:00
Michael Rash
0ec547e04d [server] another minor CLANG static analyzer fix 2013-04-25 21:32:02 -04:00
Michael Rash
a6e8919728 [server] fix minor CLANG static analyzer bugs 
These are simple logic fixes that would not have impacted run time to address
the following warnings generated by the CLANG static analyzer:

incoming_spa.c:433:17: warning: Value stored to 'attempted_decrypt' is never read
                attempted_decrypt = 1;
                ^                   ~
incoming_spa.c:647:13: warning: Value stored to 'acc' is never read
            acc = acc->next;
            ^     ~~~~~~~~~
 2013-04-25 21:29:37 -04:00
Franck Joncourt
bf889f7b6e Used args enumeration for both the update_rc() and add_rc_param(). 
Updated fwknop client to refer to the fwknop args enumeration rather
than the config variable names directly. This should make easier to
handle future changes of the variable name.

New function to validate a string matches a YES pattern in the configuration
file : is_yes_str().

The parse_rc_param() only returns at the end of the function, unless a fatal
error has been encountered.
 2013-04-25 23:03:02 +02:00
Michael Rash
5e82adbf3f [test suite] added GPG password required HMAC tests, added --disable-valgrind argument 2013-04-23 21:56:41 -04:00
Michael Rash
4ea683678b [test suite] added gpg_no_pw_hmac_access.conf file 2013-04-22 20:59:32 -04:00
Michael Rash
f02cc0ddd2 Added HMAC support to GPG encryption modes, closes #58 2013-04-22 20:45:59 -04:00
Michael Rash
2f72960e0f [test suite] clean command tmp files before and after each test 2013-04-21 21:13:15 -04:00
Michael Rash
08add2fd48 [server] minor function prototype convention update for create_rule() 2013-04-21 20:48:42 -04:00
Michael Rash
6c1b755bea [test suite] removed unnecessary comment lines from test config files 2013-04-20 15:31:26 -04:00
Michael Rash
f0036f7f22 [client] set HMAC mode whenever any HMAC option is given, add --key-hmac arg 2013-04-20 11:12:04 -04:00
Michael Rash
387b6e40d3 [test suite] updated non-based64 keys in non-base64 key files 2013-04-20 11:09:48 -04:00
Michael Rash
e447ef57c0 [test suite] bug fix to properly extract 'KEY' variable for Rijndael key information 2013-04-20 11:04:53 -04:00
Michael Rash
9a366c2d67 [test suite] consolidated client/server interaction result variables into client_server_interaction() 2013-04-19 19:43:15 -04:00
Michael Rash
f010d88016 removed trailing semicolon from KEY value 2013-04-19 19:42:06 -04:00
Michael Rash
d356d07bb8 minor typo fix in ChangeLog file 2013-04-18 22:17:18 -04:00
Michael Rash
39115c6dde added Ruhsam Bernhard to the credits file 2013-04-18 21:15:00 -04:00
Michael Rash
77c876c110 credits and changelog updates 2013-04-18 20:53:37 -04:00
Michael Rash
a61939c005 [test suite] Reorganize client/server interactions to be more rigorous 
This is a significant commit that alters how the test suite interacts with the
fwknop client and server by looking for indications that SPA packets are
actually received.  This is done by first waiting for 'main event loop' in
fwknopd log output to ensure that fwknopd is ready to receive packets, sending
the SPA packet(s), and then watching for for 'SPA Packet from IP' in fwknopd
output.  This is an improvement over the previous strategy that was only based
on timeout values since it works identically regardless of whether fwknop is
being run under valgrind or when the test suite is run on an embedded system
with very limited resources.  Another check is run for fwknopd receiving the
SIGTERM signal to shutdown via 'fwknopd -K', and that failing, the test suite
manually kills the process (though this should be rarely needed).

The above strategy is the result of discussions with George Herlin who proposed
the verification-based approach to test suite operations.

Other things this commit changes is the ability to detect whether OpenSSL
supports the 'hexkey:<key>' style specification for HMAC keys (an older version
of FreeBSD doesn't support this) and falls back to the '-hmac <key>' method if
not.
 2013-04-18 09:35:23 -04:00
Michael Rash
b17cb08ddc fixed two type mismatch compilation warnings for the perl FKO extension 2013-04-17 23:27:54 -04:00
Michael Rash
d785dcbe62 [test suite] added tests/python_fko.pl for python tests 2013-04-15 22:02:19 -04:00
Michael Rash
cbf751e8dd [test suite] check for fwknopd ready to receive packets 
This commit was inspired through conversations with George Herlin.
 2013-04-12 21:50:47 -04:00
Michael Rash
87fc50bb31 Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 
This commit from Franck Joncourt closes #43
 2013-04-12 21:16:20 -04:00
Franck Joncourt
fbd38d805b Added some else statements and their comments. 2013-04-12 14:48:26 +02:00
Franck Joncourt
d988f95a46 Fixed test-fwknop.pl to remove any references to my test files. 2013-04-11 13:36:58 +02:00
Franck Joncourt
9faa625d95 Removed tests. 2013-04-11 13:08:36 +02:00
Michael Rash
c112cb4811 [test suite] get hmac iptables duplicated and sha512 long key tests to pass 2013-04-10 23:31:58 -04:00
Franck Joncourt
fd767a1f47 Resolve ip address in all of tha nat modes (mrash/fwknop#43). 2013-04-10 16:06:06 +02:00
Franck Joncourt
8f3e6a4ed1 Merge remote-tracking branch 'upstream/hmac_support' into hmac_support 2013-04-10 15:12:54 +02:00
Michael Rash
378305a8ab [test suite] added perl FKO Rijndael key test with embedded NULL char 2013-04-09 22:48:54 -04:00
Michael Rash
b45a1b07ad minor var naming/spacing update 2013-04-09 21:28:32 -04:00
Michael Rash
05ced0a514 add HMAC_KEY variable support to access.conf (alternative to HMAC_KEY_BASE64) 2013-04-08 22:14:06 -04:00
Michael Rash
748715acf8 [test suite] added python->C HMAC test 2013-04-08 20:45:14 -04:00
Michael Rash
57773993e4 [test suite] don't remove output/ directory in --list mode, closes #53 2013-04-07 20:57:35 -04:00
Michael Rash
cccab3c22b [test suite] restore --diff mode, fixes #52 2013-04-07 16:28:33 -04:00
Michael Rash
a59b5acc99 Merge patch from Franck in support of issue #43 2013-04-07 15:11:09 -04:00
Michael Rash
4f9fbe4549 [test suite] NAT name resolution tests 
This commit adds tests for NAT name resolution in support of issue #43.
 2013-04-07 13:33:42 -04:00