DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,570 Commits 15 Branches 0 Tags
bd32e40529872608cb449bfeba59d7dfdcfa00ac
Commit Graph

49 Commits

Author SHA1 Message Date
Michael Rash
67dd1d5bdd [server] bug fix to allow IP-formatted masks for SOURCE lines in access.conf 2014-04-12 15:21:00 -04:00
Michael Rash
b243bb4bb7 [client] fix minor memory leak before exit() in parsing invalid time offsets 2014-04-11 22:45:27 -04:00
Michael Rash
b422f1b9a7 [test suite] implement new fwknopd access/fwknopd.conf file writing feature similar to client rc file writing/testing 2014-04-10 23:10:11 -04:00
Michael Rash
55d1ee3fd9 [test suite] --key-* arg validation with --fd 0 2014-04-09 23:56:50 -04:00
Michael Rash
0ff2100993 [test suite/client] memory leak bug fix and test coverage 
This commit fixes a minor memory leak in the fwknop client before
calling exit() when an abnormally large number of command line arguments
are given.  The leak was found with valgrind together with the test
suite (specifically the 'show last args (4)' test):

==23748== 175 bytes in 50 blocks are definitely lost in loss record 1 of 1
==23748==    at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23748==    by 0x1112F1: run_last_args (fwknop.c:991)
==23748==    by 0x110D36: prev_exec (fwknop.c:916)
==23748==    by 0x10D953: main (fwknop.c:170)

Additional test coverage was added for the client via the
basic_operations.pl tests.
 2014-04-08 21:12:46 -04:00
Michael Rash
e5169d0878 [test suite] env HOME tests, -R http resolve tests 2014-04-08 11:15:53 -04:00
Michael Rash
d9c1eb8f51 [test suite] more client/config_init.c test coverage 2014-04-07 22:31:56 -04:00
Michael Rash
5da38165ef [test suite] KEY_FILE and HMAC_KEY_FILE tests 2014-04-06 22:21:14 -04:00
Michael Rash
c6cb892a05 [test suite] more client/config_init.c test coverage 2014-04-06 22:14:10 -04:00
Michael Rash
5176cd0976 [test suite] additional test coverage for client/config_init.c 2014-04-06 21:27:15 -04:00
Michael Rash
4d63644ce7 [test suite] additional test coverage for client/config_init.c 2014-04-06 15:42:22 -04:00
Michael Rash
710720b237 [test suite] non-default stanza digest update test 2014-04-05 23:09:04 -04:00
Michael Rash
e95d601a48 [test suite] added --key-gen -K file path too long test 2014-04-05 21:51:56 -04:00
Michael Rash
48eb5fcc94 [test suite] added key file path too long tests 2014-04-05 21:29:24 -04:00
Michael Rash
d0d77ba67f [test suite] added rc file path too long test 2014-04-05 08:19:20 -04:00
Michael Rash
1ec1443768 [test suite] add several validation tests to exercise various client/config_init.c lines 2014-04-04 23:03:03 -04:00
Michael Rash
b8492d4319 [test suite] added --key-rijndael and --key-hmac tests 2014-04-03 22:52:53 -04:00
Michael Rash
2da2704d4c [test suite] fwknoprc GPG tests, more time offset tests 2014-04-03 19:30:58 -04:00
Michael Rash
e4a382a87f [test suite] save pkt to file tests 2014-04-03 10:04:52 -04:00
Michael Rash
083db46416 [test suite] added popen() 'n' answer test 2014-04-03 08:56:27 -04:00
Michael Rash
00fed6132c [test suite] additional save rc file variable coverage 2014-04-02 23:55:00 -04:00
Michael Rash
e60d491864 [test suite] basic ops save rc stanza --encryption-mode tests 2014-04-01 14:22:10 -04:00
Michael Rash
78dd3ea43b [test suite] basic ops save rc stanza time offset minus test 2014-04-01 14:19:49 -04:00
Michael Rash
9f10c3ede6 [test suite] basic ops save rc stanza time offset tests 2014-04-01 14:18:14 -04:00
Michael Rash
b005287aa6 [test suite] basic ops get key tests 2014-04-01 14:09:00 -04:00
Michael Rash
50e454216c [test suite] additional critical var popen() tests 2014-03-31 13:54:10 -04:00
Michael Rash
5b6c3768fb [test suite] exercise client rc file ask overwrite feature via popen() 2014-03-31 08:02:08 -04:00
Michael Rash
c382febf3d [client] use libfko is_valid_ipv4_addr() for IP address validation 2013-11-26 23:48:56 -05:00
Michael Rash
6dd5ab8e35 [test suite] added --cmd-verbose to control fwknop command verbosity levels 
This commit provides an easy way to control how verbose fwknop command
execution will be.  For example, fwknopd only calls hex_dump() against
SPA packets when --verbose > 2, so invoking the tests suite as follows
will result in hex_dump() being included in fwknopd output (see the
output/1_fwknopd.test file:

./test-fwknop.pl --include "Rijndael.*complete.*22" --test-limit 1 --cmd-verbose "--verbose --verbose --verbose"

[+] candidate SPA packet payload:

  0x0000:  39 62 72 51 58 75 7a 4b  57 54 53 67 57 56 35 66 9brQXuzKWTSgWV5f
  0x0010:  73 63 78 42 35 78 69 51  65 6c 55 4f 53 78 69 45 scxB5xiQelUOSxiE
  0x0020:  51 30 59 6a 41 50 70 31  4f 70 43 62 32 51 4a 4c Q0YjAPp1OpCb2QJL
  0x0030:  48 34 42 65 68 64 6d 47  35 49 31 50 36 2f 5a 69 H4BehdmG5I1P6/Zi
  0x0040:  6a 34 4b 41 62 34 53 68  6a 59 66 4f 71 2b 46 6c j4KAb4ShjYfOq+Fl
  0x0050:  4a 35 52 75 70 33 39 6f  6e 65 42 79 72 51 46 57 J5Rup39oneByrQFW
  0x0060:  61 38 6c 37 63 48 6e 38  5a 54 36 59 6e 55 56 47 a8l7cHn8ZT6YnUVG
  0x0070:  50 36 6e 53 6f 69 30 61  70 72 32 52 39 62 6b 56 P6nSoi0apr2R9bkV
  0x0080:  37 50 61 67 41 61 6b 49  44 63 58 59 44 6b 2f 64 7PagAakIDcXYDk/d
  0x0090:  67 51 45 61 37 39 32 6f  30 4d 38 6e 30 30 6e 35 gQEa792o0M8n00n5
  0x00a0:  55                                               U
 2013-11-22 23:00:20 -05:00
Michael Rash
cb2fc3abbe [test suite] handle LD_LIBRARY_PATH from the main test-fwknop.pl script 2013-11-14 22:47:13 -05:00
Michael Rash
6870e65800 [test suite] minor cleanup to remove uncessary 'fatal' test hash keys 2013-11-14 10:24:58 -05:00
Michael Rash
05e7d52a5f [client] merged --stanza-list changes from Franck, closes #94 2013-08-08 20:54:07 -04:00
Michael Rash
8c73c7801b [server] send IPT_*_ACCESS vars through basic validation at fwknopd.conf parse time 2013-08-05 00:00:45 -04:00
Michael Rash
131c643cad [server] make IPT_INPUT_ACCESS validation more strict on allowed chars 2013-08-04 23:20:53 -04:00
Michael Rash
870a08c9f5 [test suite] added invalid IPT input chain specification tests 2013-08-04 21:22:35 -04:00
Michael Rash
2f7a3f0a8a [test suite] SNAT MASQUERADE test 2013-08-03 20:52:27 -04:00
Michael Rash
0200169dfd [test suite] started on SNAT tests 2013-08-03 13:36:32 -04:00
Franck Joncourt
836921a9ea * Added new test to validate --stanza-list 2013-07-30 22:54:10 +02:00
Michael Rash
13626a2a74 [test suite] added tests for KEY synonym GPG_SIGNING_PW 2013-06-19 23:41:37 -04:00
Michael Rash
f9df2f6eca [test suite] additional --save-rc-stanza tests for vars not printed in fwknop client decode output 2013-06-10 21:18:37 -04:00
Franck Joncourt
9fce10abd8 Adding support for reading encryption/key password from a file descriptor. 
* Added tests to the test suite.
 * Updated the usage message.
 * Fixed the password functions.

reference : mrash/fwknop#74
 2013-06-02 21:36:17 +02:00
Franck Joncourt
31d94d50b1 Added tests to validate the encryption mode for the client. 
Renamed the CBC legacy VI encryption mode by legacy as mentionned in the man page.
 2013-05-12 17:35:19 +02:00
Franck Joncourt
d4577ab697 Added new tests to the test suite to validate the --save-rc-stanza command line argument. 2013-05-06 11:49:16 +02:00
Franck Joncourt
fca497f0d8 New tests for rc file processing (SPA_SOURCE_PORT, FW_TIMEOUT). 
Added spa source port variable to dump_transmit_options() and renamed port
to destination port.
 2013-05-01 15:29:17 +02:00
Franck Joncourt
2110790a30 Added new rc file processing tests for the SPA_SERVER_PORT. 2013-04-30 13:54:58 +02:00
Michael Rash
df5066447d Started on --save-rc-stanza tests, client bug fix for HMAC verification in --test mode 2013-04-29 21:43:21 -04:00
Franck Joncourt
b53699ef92 Added tests for the SPA_SERVER_PROTO variable from an rc file. 2013-04-29 22:53:06 +02:00
Michael Rash
ea5bb6937a [test suite] add client rc file processing tests (digest only for now, more coming) 2013-04-28 21:52:14 -04:00
Michael Rash
d4362b7b38 [test suite] import test definitions from tests/*.pl files 2013-03-08 21:09:51 -05:00