DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,617 Commits 15 Branches 0 Tags
Commit Graph

700 Commits

Author SHA1 Message Date
Michael Rash
759965ee08 [server] fix UBSAN warning 'fwknopd.c:1044:50: runtime error: left shift of 2 by 30 places cannot be represented in type 'int'' 2018-08-10 21:22:23 -07:00
Michael Rash
71b8f22402
Merge pull request #282 from DeforaNetworks/khorben/execvp 
Use execvp() instead of execvpe()
 2018-08-08 17:05:55 -07:00
Michael Rash
a6337ba054 Merge branch 'master' of ssh://github.com/mrash/fwknop 2018-08-06 20:41:09 -04:00
Michael Rash
bd30379313 doc update 2018-08-06 17:27:52 -07:00
Pierre Pronchery
0b475ec7b3 Use execvp() instead of execvpe() 
execvp() is (usually) equivalent to execvpe(), without enforcing any
change to the environment. However, unlike execvp(), execvpe() is not
standardized by POSIX, and may therefore not be available nor detected
when configuring the project (like on NetBSD).

No place could be found in fwknop to be using execvpe() and changing the
environment. Therefore it seems only logical (and safer) to use execvp()
instead.

This also updates the tests to reflect this change.
 2018-08-06 12:04:45 +02:00
Michael Rash
e0c860d2c7
Merge pull request #277 from DeforaNetworks/khorben/usage 
More consistent usage screens
 2018-07-18 21:28:48 -04:00
Pierre Pronchery
8a1289cdc9 More consistent usage screens 2018-07-17 16:45:46 +02:00
Pierre Pronchery
50f56a581f Fix the configuration variable name for GPG_DECRYPT_PW 2018-07-10 11:31:54 +02:00
Pierre Pronchery
5228fe88d0 Avoid compilation warnings from ctype(3) helpers 
Characters should be casted as unsigned before use in functions from
<ctype.h>. Otherwise the compiler treats 8-bit characters (eg UTF-8) as
negative values (since it expects signed integers) and they no longer
match the comparison tables. Worse, the character 0xff gets interpreted
as -1 (like EOF). In turn, it helps to explicitly cast the result as a
signed integer, since this is what is expected. Characters in the range
0x80-0xff do keep their original values.

See the manual page for ctype(3) for more details (eg from NetBSD)
 2018-06-12 14:01:22 -04:00
Michael Rash
ecb25a042c regenerate fwknopd man page with Jonathan's pcap loop fix 2017-09-18 22:25:52 -04:00
Michael Rash
be39f1a6f7 [server] call exit() upon execvpe() error, fixes #235 2016-10-10 20:38:38 -04:00
Michael Rash
836335ed41 [server] add strerror() to fopen() failures for the digest cache file 2016-10-09 09:35:17 -04:00
Michael Rash
f5509bcd0c [server] Add MAX_FW_TIMEOUT to access.conf variables. 
[server] Add MAX_FW_TIMEOUT to access.conf stanzas to allow a
maximum number of seconds for client-specified timeouts in SPA packets.
This fixes issue #226 which was spotted by Jeremiah Rothschild.
 2016-09-29 22:18:13 -04:00
Markus Gerstel
2b365abcee fix spelling errors flagged by Debian lintian 2016-08-22 22:53:46 +01:00
Michael Rash
779029e8bb doc update 2016-06-08 20:38:40 -04:00
Michael Rash
ae417e43bb recognize Jonathan as a core developer 2016-06-06 20:23:46 -04:00
Michael Rash
5f15119190 clarify GPL v2+ for the license per issue #222 2016-06-03 22:08:15 -04:00
Michael Rash
dd1f05c030 Merge pull request #221 from oneru/master 
[Server] slightly broadens FORWARD rule matching, disables rewriting …
 2016-05-31 21:11:25 -04:00
Jonathan Bennett
3d044a2d04 Minor wording change to error message 2016-05-30 14:32:33 -05:00
Jonathan Bennett
b5db9c66d3 [Server] Free the access list on invalid hostname, fixes memory leak. 2016-05-29 23:40:14 -05:00
Jonathan Bennett
67c46de9dd Minor error message wording fix, also fixes test suite test 2016-05-29 20:07:12 -05:00
Jonathan Bennett
d448004f38 [Server] slightly broadens FORWARD rule matching, disables rewriting sport for snat 2016-05-29 14:13:53 -05:00
Jonathan Bennett
246d8a1db7 [Server] enable global fw variable even for access stanzas that enable command exec 2016-05-29 14:01:53 -05:00
Michael Rash
919156fdf0 apply doc updates to man pages 2016-05-28 09:29:34 -04:00
Michael Rash
74ddbf63b2 minor documentation updates 2016-05-27 23:15:39 -07:00
Michael Rash
6e54e9452a [test suite] add ENABLE_RULE_PREPEND test 2016-05-26 19:21:07 -07:00
Jonathan Bennett
71cea19f3d [Server] Respond to set signal handler failure with clean_exit 2016-05-24 22:00:21 -05:00
Jonathan Bennett
db1cdd2fea [Server] Moves signal handling code to earlier in fwknopd initialization 
Also serves to de-duplicate code slightly
 2016-05-24 20:48:40 -05:00
Michael Rash
270d8bea62 [test suite] fault injection test for build_cmd() error path 2016-05-24 18:40:44 -07:00
Michael Rash
05ede9fe0d [server] minor printf() -> log_msg() update 2016-05-21 06:17:28 -07:00
Michael Rash
ae15e00f0b [server] minor change to set default timeout 2016-05-20 18:42:52 -07:00
Jonathan Bennett
a4273d3627 Server: Add extra check for failing firewall cmd 2016-05-19 23:25:01 -05:00
Jonathan Bennett
7bcd9f7793 Server: Allow more time for server shutdown 2016-05-19 13:50:12 -05:00
Michael Rash
272cd05dc6 Merge branch 'master' of https://github.com/mrash/fwknop 2016-05-11 22:05:35 -07:00
Michael Rash
dd319d5609 Merge pull request #218 from oneru/test-suite 
Test suite: Adds workaround for tcp server test
 2016-05-12 22:05:29 -04:00
Michael Rash
60a9cc203b Merge branch 'master' of ssh://192.168.10.1/home/mbr/git/fwknop 2016-05-11 22:05:20 -07:00
Michael Rash
ba5f5e2424 add sha3_256 sha3_512 to man page docs 2016-05-12 22:23:54 -04:00
Jonathan Bennett
66eedd4f7f Test suite: Adds workaround for tcp server test 2016-05-11 19:31:48 -05:00
Damien Stuart
7c84cadd43 Added missing parens on if statement (was causing compiler error on fw_util_iptables). 2016-05-10 22:43:11 -04:00
Michael Rash
23d70f1aa3 Merge pull request #216 from oneru/add-nat-validation 
Add nat validation
 2016-05-08 21:53:13 -04:00
Jonathan Bennett
b517fdad44 Add checks to avoid calling strlen on a null pointer 2016-05-08 00:41:45 -05:00
Jonathan Bennett
b088030ad5 Adds hostname validation for hostname in NAT on server 2016-05-07 23:21:01 -05:00
Jonathan Bennett
ddc422125f Style changes, and avoid returning undefined value in fw_util functions 2016-05-07 22:36:39 -05:00
Jonathan Bennett
dc9ad5de4a Adds a length modifier to is_valid_ipv4_addr 2016-05-07 21:59:48 -05:00
Michael Rash
d4ec9a0755 remove execute bit from file permissions 2016-05-07 09:14:30 -04:00
Jonathan Bennett
35db922853 Fix memory leak in free_last_stanza, found using asan 2016-05-05 22:52:51 -05:00
Jonathan Bennett
581a9638c6 Add handling for colon in include_keys 2016-05-05 13:20:29 -05:00
Jonathan Bennett
09cd579100 Fix include_keys log output 2016-05-05 13:20:01 -05:00
Jonathan Bennett
58bce15b1e Exclude the CUnit tests themselves from lcov 2016-05-02 13:17:03 -05:00
Michael Rash
f42aeb39dc [server] make sure exp buffer does not contain closing '*' chars (from @oneru) 2016-04-30 09:27:07 -04:00