DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,683 Commits 15 Branches 0 Tags
7f9d09e8d3eeecc88a16ef5631f08039c3f35dfd
Commit Graph

136 Commits

Author SHA1 Message Date
Michael Rash
799ec87765 [client] write --server-resolve-ipv4 arg to the rc file when saving 2018-08-11 09:42:20 -07:00
Michael Rash
5339179c8e [test suite] NO_SAVE_ARGS rc file code coverage 2018-08-11 08:43:47 -07:00
Michael Rash
69291b91fa [test suite] add invalid ALLOW_IP test 2018-08-11 08:23:41 -07:00
Michael Rash
40d554103c [test suite] add negative time offset test to hit additional error path in client/config_init.c 2018-08-11 08:15:26 -07:00
Michael Rash
f5509bcd0c [server] Add MAX_FW_TIMEOUT to access.conf variables. 
[server] Add MAX_FW_TIMEOUT to access.conf stanzas to allow a
maximum number of seconds for client-specified timeouts in SPA packets.
This fixes issue #226 which was spotted by Jeremiah Rothschild.
 2016-09-29 22:18:13 -04:00
Jonathan Bennett
a651b092cc [Test suite] Typo fix 2016-05-30 14:33:19 -05:00
Jonathan Bennett
df47ed4ecd [test suite] Modify test to work with iptables 2016-05-30 14:24:51 -05:00
Jonathan Bennett
d804ba33f5 [Test suite] Adds --no-rc-file tests 2016-05-25 21:21:48 -05:00
Jonathan Bennett
b0c0242054 [Test suite] Add a couple of tests for --no-home-dir 2016-05-25 09:31:06 -05:00
Michael Rash
08c6a9d4e2 [test suite] trigger a couple of -p errors for code coverage 2016-05-24 19:00:58 -07:00
Michael Rash
1d5fc8498f [test suite] add HMAC include_keys_file() test 2016-05-19 19:41:39 -07:00
Michael Rash
e46938d5d1 [test suite] additional code coverage tests for include_keys_file() 2016-05-17 18:21:03 -07:00
Michael Rash
8334473887 Merge pull request #219 from oneru/test-suite 2016-05-14 23:19:17 -04:00
Jonathan Bennett
ef72883f8e test suite: update test to search for correct failure message 2016-05-14 00:59:00 -05:00
Michael Rash
be3c356661 [libfko] account for SHA3_256 and SHA3_512 digest lengths matching SHA256 and SHA512 2016-05-13 09:25:06 -07:00
Michael Rash
4707c4f3c3 [test suite] add SHA3_512 test for the client 2016-05-12 22:14:08 -07:00
Jonathan Bennett
c6e95820a4 Add tests for include_keys 2016-05-05 13:26:35 -05:00
Michael Rash
e7f039699c [test suite] fix 'FORCE_SNAT and 0.0.0.0' test (@oneru) 2016-04-30 09:33:29 -04:00
Michael Rash
f648fca6a2 [test suite] apply loopback interface to invalid pcap filter test 2016-04-11 20:47:29 -04:00
Michael Rash
5f895db744 [test suite] restore gpg home dir test 2015-12-19 16:13:23 -08:00
Michael Rash
10a2742a88 [test suite] add clean validation test for digest cache 2015-12-19 13:30:49 -08:00
Michael Rash
e25b78e81d [test suite] restore digest cache validation with a new arg --exit-parse-digest-cache 2015-12-19 05:46:36 -08:00
Michael Rash
923b94bda7 [test suite] restore pcap dispatch count test 2015-12-19 05:06:38 -08:00
Michael Rash
beaf31ad5d [test suite] restore previous args test 2015-12-19 05:01:55 -08:00
Michael Rash
fc8b2ee9c3 [test suite] additional %include_folder test 2015-12-17 23:07:03 -05:00
Michael Rash
8533d9d248 [server] use chop_char() to strip trailing '/' chars from directories 2015-12-17 22:51:08 -05:00
Michael Rash
d85b1077fb [test suite] additional %include_folder tests 2015-12-15 11:58:12 -08:00
Michael Rash
42fd4d6afa [test suite] additional FORCE_NAT code coverage 2015-12-14 22:39:57 -08:00
Michael Rash
d8dc1fcdee [server] add is_valid_file() function, default to lstat() instead of stat(), more %include_folder tests 2015-12-13 01:39:29 -08:00
Michael Rash
b305f67ca5 [test suite] start on %include_folder tests, make sure at least one valid access.conf stanza has been parsed 2015-12-12 20:39:37 -08:00
Michael Rash
ba3d16c5e3 [test suite] complete cycle test from %include derived access stanza 2015-12-12 11:19:14 -08:00
Michael Rash
c12ecd092a [test suite] interleaved access.conf %include tests 2015-12-12 06:45:39 -08:00
Michael Rash
bcd0a90a18 [test suite] %include missing key test 2015-12-12 06:32:14 -08:00
Michael Rash
9c92a368fe [test suite] access.conf %include missing file 2015-12-12 06:27:47 -08:00
Michael Rash
7757929624 [test suite] multi-include non-recursive access.conf test 2015-12-12 06:23:16 -08:00
Michael Rash
5b0cfb16a0 [test suite] add access.conf %include recursion limit test 2015-12-10 15:31:18 -08:00
Michael Rash
f0269751e6 [test suite] fix FORCE_SNAT tests 2015-12-10 14:34:35 -08:00
Michael Rash
4cab37acf9 [test suite] client --time-offset code coverage 2015-12-10 14:32:30 -08:00
Michael Rash
95383149cb [server] bug fix to honor CMD_EXEC_USER and CMD_SUDO_EXEC_USER vars 2015-12-08 19:01:53 -08:00
Michael Rash
35558097cc [test suite] fix FORCE_NAT and FORCE_SNAT required server regex matches 2015-12-05 16:07:01 -08:00
Michael Rash
51c0efb665 [test suite] minor var addition for Rijndael key existence test 2015-12-05 07:00:24 -08:00
Michael Rash
21149faf89 [libfko] fko_set_username() crash bug fix. 
Bug fix for a crash in libfko that could be triggered in fko_set_username()
when a username that is 64 chars or longer is specified. This crash
cannot be triggered in fwknopd even if an SPA packet contains such a
username however due to additional protections in the SPA decoding
routines. Further, this bug does not apply to the main fwknop client
either because the maximal username size is truncated down below 64
bytes. Hence, this bug only applies to client-side software that is
directly using libfko calling the fko_set_username() function.
 2015-12-04 19:01:26 -08:00
Michael Rash
4587a279e1 [server] validate CMD_CYCLE_* vars from the access.conf file 2015-10-13 19:17:06 -07:00
Michael Rash
dd1528c829 [test suite] set sudo path on the fwknopd command line 2015-08-21 22:24:45 -04:00
Michael Rash
89b2e8f477 [server] interface goes down will cause fwknopd to exit 
By default, fwknopd will now exit if the interface that it is
sniffing goes down (patch contributed by Github user 'sgh7'). If this
happens, it is expected that the native process monitoring feature in
things like systemd or upstart will restart fwknopd. However, if fwknopd
is not being monitored by systemd, upstart, or anything else, this
behavior can be disabled with the EXIT_AT_INTF_DOWN variable in the
fwknopd.conf file. If disabled, fwknopd will try to recover when a
downed interface comes back up.
 2015-07-18 13:11:25 -07:00
Michael Rash
4874dc9c83 [test suite] add --gpg-exe invalid path test 2015-07-05 22:55:23 -04:00
Michael Rash
ceb1713976 add --key-gen option to fwknopd (suggested by Jonathan Bennett) 2015-05-20 08:55:17 -07:00
Michael Rash
68db4b77a5 [server] allow FORWARD_ALL to control whether FORCE_NAT is required 2015-04-19 07:11:10 -07:00
Michael Rash
2d0b623a9a [test suite] more FORCE_NAT tests 2015-04-08 18:50:26 -07:00
Michael Rash
ca41ce6e75 [test suite] restore FORCE_SNAT test passing result 2015-04-08 18:40:44 -07:00