DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,011 Commits 15 Branches 0 Tags
892ee15ff9e574d78e716f87e89fa822e708a398
Commit Graph

174 Commits

Author SHA1 Message Date
Michael Rash
df5066447d Started on --save-rc-stanza tests, client bug fix for HMAC verification in --test mode 2013-04-29 21:43:21 -04:00
Franck Joncourt
36202d8c66 Merge remote-tracking branch 'upstream/master' 2013-04-29 22:21:18 +02:00
Franck Joncourt
7a719389ca Integrated the log module in the whol client source code. 
perror() is also replaced by log_msg()
 2013-04-29 22:18:29 +02:00
Michael Rash
b719c06769 [client] ensure to set HMAC mode by default only when an HMAC key is used 2013-04-28 21:51:16 -04:00
Michael Rash
dd05975217 Merge remote-tracking branch 'fjoncourt/master' 
This merges changes from Franck Joncourt for issues #55 (log module for fwknop)
and #64 (hostname resolution not working for -P icmp spoofing).
 2013-04-27 22:26:38 -04:00
Michael Rash
12a6e9e93a Convert most strlcat() calls to use destination bound from sizeof() 
This commit helps to ensure correctness of strlcat() calls in support of fixing
issue #2.
 2013-04-27 20:41:12 -04:00
Franck Joncourt
b04de687ce Fixed hostname resolution while spoof ip is used. 
mrash/fwknop#64
 2013-04-27 23:31:40 +02:00
Franck Joncourt
6063679c6d Continue implementing the log_msg module. 2013-04-27 22:19:40 +02:00
Michael Rash
b3f55bf1ab Convert most strlcpy() calls to use destination bound from sizeof() 
This commit helps to ensure correctness of strlcpy() calls in support of fixing
issue #2.
 2013-04-27 15:08:11 -04:00
Franck Joncourt
2396193e06 Replaced all references to *fprintf(stderr,* by log_msg() in config_init.c 2013-04-26 17:16:05 +02:00
Franck Joncourt
65d0517a9c Inverted log level enumeration 2013-04-26 16:18:08 +02:00
Franck Joncourt
bb70a9752f Ajout du module log_msg pour le client 2013-04-26 14:08:25 +02:00
Franck Joncourt
bf889f7b6e Used args enumeration for both the update_rc() and add_rc_param(). 
Updated fwknop client to refer to the fwknop args enumeration rather
than the config variable names directly. This should make easier to
handle future changes of the variable name.

New function to validate a string matches a YES pattern in the configuration
file : is_yes_str().

The parse_rc_param() only returns at the end of the function, unless a fatal
error has been encountered.
 2013-04-25 23:03:02 +02:00
Michael Rash
f0036f7f22 [client] set HMAC mode whenever any HMAC option is given, add --key-hmac arg 2013-04-20 11:12:04 -04:00
Michael Rash
87fc50bb31 Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 
This commit from Franck Joncourt closes #43
 2013-04-12 21:16:20 -04:00
Franck Joncourt
fbd38d805b Added some else statements and their comments. 2013-04-12 14:48:26 +02:00
Michael Rash
c112cb4811 [test suite] get hmac iptables duplicated and sha512 long key tests to pass 2013-04-10 23:31:58 -04:00
Franck Joncourt
fd767a1f47 Resolve ip address in all of tha nat modes (mrash/fwknop#43). 2013-04-10 16:06:06 +02:00
Michael Rash
a59b5acc99 Merge patch from Franck in support of issue #43 2013-04-07 15:11:09 -04:00
Franck Joncourt
8f667c17ac Fixed Nat mode not resolving hostname to IP's. 
Linked mrash/fwknop#43
 2013-04-06 22:59:59 +02:00
Michael Rash
08c9cc0938 HMAC function rename for consistency 
Make sure that HMAC function names conform to previously established get_*,
set_* naming convention.
 2013-03-29 20:42:44 -04:00
Michael Rash
08ab1cf8e1 remove execute bit 2013-03-23 08:56:22 -04:00
Franck Joncourt
11ba153832 Merge remote-tracking branch 'upstream/hmac_support' into hmac_support 2013-03-20 22:33:45 +01:00
Franck Joncourt
4b63181387 Updated fwknop documentation. 2013-03-20 22:31:58 +01:00
Franck Joncourt
b6bd8a8e8c Fixed issue when trying to save options for a new stanza. 2013-03-20 21:38:52 +01:00
Michael Rash
e4689892ef [client] minor http resolve update to include URL in error output 2013-03-19 21:09:11 -04:00
Franck Joncourt
d8090a8143 Allowed an fwknoprc stanza (-n) to be overriden by arguments from the command line. 
Added a sanity check to make sure the -n option is used with the --save-rc-stanza option.
 2013-03-18 22:06:31 +01:00
Michael Rash
c7b5611fa4 Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 
Significant merge from Franck Joncourt to add the ability to save command line
args to ~/.fwknoprc stanzas.  This merge is in support of #4.

Conflicts:
	lib/fko_util.c
	lib/fko_util.h
 2013-03-17 21:34:23 -04:00
Michael Rash
4bdb71315a [client] --nat-rand-port bug fix 
Bug fix for --nat-rand-port mode to ensure that the port to be
NAT'd is properly defined so that the fwknopd server will NAT
connnections to this port instead of applying the NAT operation to the
port that is to be accessed via -A.  This change also prints the
randomly assigned port to stdout regardless of whether --verbose mode is
used (since it not then the user will have no idea which port is
actually going to be NAT'd on the fwknopd side).
 2013-03-16 14:38:20 -04:00
Michael Rash
253ccb7cea added encryption type/mode and message type string representations for FKO context diplay output 2013-03-14 22:26:44 -04:00
Franck Joncourt
b9046df64d Remove useless comment. 2013-03-14 22:39:36 +01:00
Franck Joncourt
212075094c Added the possibility to parse only sedction in a fwknoprc file and 
not only the whole file - more.
 2013-03-14 22:16:37 +01:00
Franck Joncourt
366536055f Added the possibility to parse only sedction in a fwknoprc file and not only the whole file 2013-03-13 07:13:50 +01:00
Michael Rash
02d0255a7c update base64 key char arrays to use MAX_B64_KEY_LEN macro 2013-03-11 22:55:00 -04:00
Michael Rash
6478d2b892 minor fix to remove extraneous memset() call 2013-03-11 22:54:10 -04:00
Michael Rash
70c17be916 added MAX_B64_KEY_LEN for full length SHA512 keys 2013-03-11 22:50:02 -04:00
Franck Joncourt
977ee18c3f New function bool_to_yesno. 2013-03-10 20:55:19 +01:00
Michael Rash
7821e83dfc Merge branch 'hmac_support' of github.com:mrash/fwknop into hmac_support 
Conflicts:
	client/fwknop.c
	lib/fko_hmac.c
 2013-03-10 14:32:07 -04:00
Michael Rash
22dde8eb35 SPA with HMAC SHA256 and SHA384 now works 
This is a fairly significant commit that lays the groundwork for getting
selectable HMAC modes working for both the client and server.  One libfko API
change was required so that the hmac_type is passed into fko_new_with_data().
This allows the server to set the hmac_type via access.conf stanzas.  The
effort in this commit will be extended to allow HMAC MD5, SHA1, and SHA512
also function properly.
 2013-03-10 14:26:05 -04:00
Damien Stuart
6fa3be393c Renamed fko_set_hmac_type to fko_set_spa_hmac_type. Incorporated libfko changes and additions to the fko python module code. 2013-03-10 13:21:24 -04:00
Franck Joncourt
8a2bc732b7 Fixed data format for some arguments in fwknoprc when they are saved. 2013-03-10 18:17:08 +01:00
Michael Rash
6f45b2c3b1 added HMAC SHA384 and SHA512 support, bug fix to allow shorter HMAC key lengths than associated digest block size 2013-03-09 23:27:08 -05:00
Franck Joncourt
c5163fcc24 Added new parameters HMAC_DIGEST_TYPE to the save capability. 2013-03-09 12:39:05 +01:00
Franck Joncourt
c2ef7f224a Moved static functions from the client to the fko_util.c file. 2013-03-09 12:17:17 +01:00
Franck Joncourt
469f9a5f39 Merge remote-tracking branch 'upstream/hmac_support' into hmac_support 
Conflicts:
	client/cmd_opts.h
	client/config_init.c
 2013-03-09 11:54:45 +01:00
Michael Rash
44d05a6916 interim commit for supporting multiple HMAC digest types (# 45) 2013-03-07 23:14:48 -05:00
Michael Rash
39ca73a245 [test suite] added OpenSSL HMAC verification (closes #39) 2013-03-05 23:29:46 -05:00
Franck Joncourt
053db37c0d Added more command line switches in order for the user to be able to specify the Rijndael, Rijndael base64 and HMAC key. 2013-03-05 21:01:38 +01:00
Michael Rash
1dc47f80d8 Fix byte order warning 
This commit fixes a byte order warning for both sha1.c and md5.c like so:

sha1.c:127:6: warning: #warning Undetermined or unsupported Byte Order... We will try LITTLE_ENDIAN [-Wcpp]

Also removed a couple of header includes that appear not be needed.
 2013-03-03 14:29:08 -05:00
Franck Joncourt
38a803fb71 * Added KEY, KEY_BASE64 and HMAC_KEY_BASE64 definitions to the save capability. 
* Allowed section to be found during an update of fwknoprc even if there are somes spaces before the stanza.
* Allowed the user to strike the ENTER key to overwrite the section as it will be done with the 'Y' char.
 2013-03-03 18:41:31 +01:00