bbb341c040
Fix the build with firewalld
2018-08-20 11:02:16 +02:00
15dfc94e9c
Fix the build on Linux (iptables)
2018-08-20 11:02:16 +02:00
08e805da53
Optimize moot variable initialization away
2018-08-20 11:02:16 +02:00
6405398858
Add a command-line option to enable IPv6 (TCP/UDP)
...
This is currently "--ipv6", or "-6" for short.
2018-08-20 11:02:16 +02:00
1fd5fe197d
Begin to allow IPv6 addresses in source stanzas
2018-08-20 11:02:16 +02:00
987875616a
Fix some issues with TCP over IPv6
2018-08-20 11:02:16 +02:00
3e329a537d
Correct the packet length calculation with IPv6
2018-08-20 11:02:16 +02:00
c8670aa2d3
Simplify the calculation of pkt_data_len
2018-08-20 11:02:16 +02:00
d260f502d9
Use the correct offset for inet_ntop()
2018-08-20 11:02:16 +02:00
c753215038
Prepare access stanzas for more address families
2018-08-20 11:02:16 +02:00
a2902cbc62
Terminate IPs resolved externally as expected
2018-08-20 11:02:15 +02:00
74370395a7
Constify
2018-08-20 11:02:15 +02:00
f35c1d7cb7
Add IPv6 support to the plain UDP and TCP servers
2018-08-20 11:02:15 +02:00
32cdd1183e
Specify the family at run-time for TCP/UDP servers
...
This is still using IPv4 by default for the moment.
2018-08-20 11:02:15 +02:00
d6ce22b989
Set the address family for incoming SPA over UDP
2018-08-20 11:02:15 +02:00
11e9b29f24
Fix processing command-line arguments with whitespace
2018-08-20 11:02:15 +02:00
587a4fbcb1
Rework IPv6 support when comparing addresses
2018-08-20 11:02:15 +02:00
76d609bac6
Use /usr/bin/env to locate perl
2018-08-20 11:02:15 +02:00
da1ab0563d
Use a constant for AF_INET
...
This should eventually help with portability to IPv6.
2018-08-20 11:02:15 +02:00
b070e80623
Use sizeof() instead of re-using hard-coded values
...
This should help with portability for the protocol family eventually.
2018-08-20 11:02:15 +02:00
f61a3085f0
Use sizeof() instead of re-using hard-coded values
...
This should help with portability for the protocol family eventually.
2018-08-20 11:02:15 +02:00
baed23c50c
Use AF_INET instead of PF_INET
...
I believe it should be more portable this way, since AF_INET is required
to be present in <sys/socket.h> in POSIX.
2018-08-20 11:02:15 +02:00
d1c1373980
Allow access control "ANY" with any protocol family
2018-08-20 11:02:15 +02:00
17549b93be
Use a more appropriate type for sd_len
2018-08-20 11:02:15 +02:00
82a5eec571
Constify
2018-08-20 11:02:15 +02:00
a2462c6c3e
Typo
2018-08-20 11:02:15 +02:00
bd1c488cbd
Typo
2018-08-20 11:02:15 +02:00
89c7d6f8b9
Let access list stanzas be defined in IPv6
2018-08-20 11:02:15 +02:00
8ecd10b4c0
Interpret incoming addresses according to their family
2018-08-20 11:02:15 +02:00
6bcaf4f3e3
Add support for receiving SPA messages over IPv6
2018-08-20 11:02:15 +02:00
37a8000aa2
Protect some more headers for inclusion
2018-08-20 11:02:15 +02:00
a525734afc
Also include <netinet/ip6.h> where relevant
2018-08-20 11:02:15 +02:00
1a813bb2b8
Code cleanup
2018-08-20 11:02:15 +02:00
3dc61166a4
Rework the network listening routine some more
2018-08-20 11:02:15 +02:00
ce9b5fb364
Rework the network listening routine
2018-08-20 11:02:15 +02:00
2367bc23e8
Also check for <netinet/ip6.h> and <netinet/icmp6.h>
...
This will allow porting the raw ICMP code to IPv6.
2018-08-20 11:02:15 +02:00
72a50b9c8e
Use uppercase to log "IP"
2018-08-20 11:02:15 +02:00
2f6ea521ff
Allow connecting to remote IPv6 hosts for TCP or UDP
...
This alone should allow interacting with IPv4 firewalling rules over
IPv6, for these two protocols.
2018-08-20 11:02:15 +02:00
f7b18d64f3
Give have_allow_ip() a chance to allow IPv6
...
This greatly loosens the check for a valid IPv4/IPv6 there - but it is
redundant anyway, since there is always a call to is_valid_ip_addr().
2018-08-20 11:02:14 +02:00
aea56f54c4
Implement is_valid_ip_addr() with getaddrinfo()
2018-08-20 11:02:14 +02:00
b3494dcfc1
Migrate is_valid_ipv4_addr() to a more generic function
...
It is now called is_valid_ip_addr() and expects an additional parameter
for the address family.
2018-08-20 10:59:27 +02:00
a0dda67dfe
Also catch the IPv6 version of INADDR_ANY
2018-08-20 10:59:27 +02:00
460bd8c672
Be more consistent when creating ~/.fwknoprc
2018-08-20 10:59:27 +02:00
b8252dbdb8
Let IPs resolve to IPv6 addresses over SSL
...
Again, this depends on the remote host to be actually supporting IPv6.
2018-08-20 10:59:27 +02:00
07693a9245
Let IPs resolve to IPv6 addresses
...
The remote code seems to be independent from the fwknop project though.
Until it will be capable to return IPv6 addresses, in itself this will
remain irrelevant for the purpose of adding IPv6 support to fwknop.
On another hand, it does help us introduce definitions and update
headers to actually support IPv6.
2018-08-20 10:59:27 +02:00
Michael Rash
e82cb8621f
[test suite] another bogus user test for fko-wrapper
2018-08-19 16:24:08 -07:00
Michael Rash
d7aacb68f2
[test suite] add bogus username test to fko-wrapper
2018-08-19 16:21:47 -07:00
Michael Rash
4769d136d9
[libfko] add NULL check to fko_get_raw_spa_digest_type() - bug discovered by fko-wrapper
2018-08-19 16:19:56 -07:00
Michael Rash
d328278cb8
[test suite] minor Makefile enhancement (variable usage) for fko-wrapper
2018-08-19 14:02:42 -07:00
Michael Rash
57ef059811
[test suite] add calls to fko_set_raw_spa_digest_type() and fko_get_raw_spa_digest_type()
2018-08-19 12:40:14 -07:00
