Commit Graph

Select branches

Hide Pull Requests

khorben/connect-error-format

khorben/coverity/1355235-toctou

khorben/execvp

khorben/http-1.1

khorben/ipv6

khorben/ipv6-client

khorben/ipv6-server

khorben/netbsd

khorben/snprintf

khorben/srandom

khorben/strlcat

khorben/typo

khorben/usage

khorben/warnings

master

Mono Color

• 05eb19738a added the OpenBSD port from Vlad Michael Rash 2012-09-13 21:25:43 -04:00
• 2b09f048f7 (Vlad Glagolev) Submitted an OpenBSD port for fwknop-2.0.3 Michael Rash 2012-09-13 21:24:54 -04:00
• f8374c8aef [server] (Vlad Glagolev) Submitted a patch to fix command exec mode Michael Rash 2012-09-11 21:54:26 -04:00
• 591416e23b [server] bug fix in --disable-file-cache mode Michael Rash 2012-09-10 21:47:48 -04:00
• 7bd0da29c4 minor spelling typo fixes Michael Rash 2012-09-04 22:04:48 -04:00
• c560dc503a minor spelling typo fixes Michael Rash 2012-09-04 21:47:30 -04:00
• 25edd17aca diff update for fwknop-2.0.3 release Michael Rash 2012-09-04 21:14:49 -04:00
• 55fa4841f2 another merge from master Michael Rash 2012-09-03 22:32:44 -04:00
• 40ac28df21 bump version to 2.0.3 Michael Rash 2012-09-03 22:23:48 -04:00
• 8d26cc90ee include file compilation fix for OpenBSD relative to inet_aton() IP verification Michael Rash 2012-09-03 22:18:59 -04:00
• b05d229bb1 sprintf() -> snprintf() calls Michael Rash 2012-09-03 09:09:35 -04:00
• e2c0ac4821 [server] Strong access.conf validation Michael Rash 2012-09-03 00:21:46 -04:00
• 263fa01f2a added inet_aton() call for IP strong IP validation (credit: Fernando Arnaboldi) Michael Rash 2012-09-03 00:21:32 -04:00
• ffe4d3b162 minor spacing update to make merges into hmac_master easier Michael Rash 2012-09-02 15:53:54 -04:00
• 86b403dadb fixed potential buffer overflow discovered by Fernando Arnaboldi of IOActive Michael Rash 2012-09-01 23:37:03 -04:00
• e3a78a175c verify_file_perms_ownership() to just return if the file doesn't exist Michael Rash 2012-09-01 21:55:52 -04:00
• 1548cbafc8 get MAX_PORT_STR_LEN constant from fko_message.h Michael Rash 2012-08-31 23:05:05 -04:00
• dafcfbc488 bug fix to make sure to verify file permissions/ownership on files that actually exist Michael Rash 2012-08-31 23:00:45 -04:00
• b567514a6c Added fko_context.h file to lib/Makefile.am Michael Rash 2012-08-31 22:59:44 -04:00
• 5daaca01ea merged master 2.0.3 changes Michael Rash 2012-08-31 21:43:55 -04:00
• d739331818 implemented a couple of minor stronger bounds checks Michael Rash 2012-08-30 23:38:54 -04:00
• 2584521c67 Run verify_file_perms_ownership() on fwknop.pid only if it exists Michael Rash 2012-08-30 21:43:53 -04:00
• 406e33ccc0 minor comment update Michael Rash 2012-08-30 21:43:07 -04:00
• 4832312e6d added filesystem permissions test Michael Rash 2012-08-29 23:12:56 -04:00
• a60f05ad44 file permissions and client buffer overflow fix Michael Rash 2012-08-29 22:21:43 -04:00
• 186a424353 Added Ctrl-C and --disable-gpg notes Michael Rash 2012-08-28 21:28:57 -04:00
• 098ae417fe migrated TODO tasks to the todo.org file Michael Rash 2012-08-27 22:30:27 -04:00
• 89dfa2c1fb minor ChangeLog update for the RPM build change Michael Rash 2012-08-27 21:20:02 -04:00
• c5b229c5c8 Added $DESTDIR prefix in uninstall-local and install-exec-hook to fix RPM builds Michael Rash 2012-08-27 21:16:59 -04:00
• e8386dbe6c added encryption mode flags for each access stanza Michael Rash 2012-08-26 15:47:24 -04:00
• 557cd6615b consolidatd fuzzing functions within a single 'fuzzer' function Michael Rash 2012-08-26 15:46:54 -04:00
• f4c16bc47f [server] Stronger IP validation based on a bug found by Fernando Arnaboldi from IOActive Michael Rash 2012-08-25 23:08:55 -04:00
• d46ba1c027 (Fernando Arnaboldi, IOActive) Found and fixed several DoS/code execution vulns for authenticated clients Michael Rash 2012-08-24 22:12:19 -04:00
• b643848e05 added --hmac-mode to spa-entropy.pl Michael Rash 2012-08-19 22:27:04 -04:00
• e80a6de5f7 Memory leak bug fix discovered through the "altered HMAC test" Michael Rash 2012-08-19 10:43:30 -04:00
• b0bf7f3699 minor paren's syntax bug fix Michael Rash 2012-08-18 16:30:34 -04:00
• 6199180c69 minor paren's syntax bug fix Michael Rash 2012-08-18 16:29:08 -04:00
• 6392e5891e Merge branch 'master' into hmac_support Michael Rash 2012-08-18 16:26:06 -04:00
• 6de386b937 updated ChangeLog.git file for the fwknop-2.0.2 release Michael Rash 2012-08-18 15:10:05 -04:00
• f7e84da340 fwknop-2.0.2 release Michael Rash 2012-08-18 15:03:04 -04:00
• 8d6bc05295 merged from master Michael Rash 2012-08-17 21:19:52 -04:00
• 38feb8d7b9 Better --resolve-url handling Michael Rash 2012-08-17 21:02:24 -04:00
• 760162a40a ipfw active/expire test bug fix (atoi() for config vars) Michael Rash 2012-08-16 22:30:09 -04:00
• 2c55773bdb added test/conf/ipfw_active_expire_equal_fwknopd.conf file Michael Rash 2012-08-16 22:19:39 -04:00
• 3afd1aa762 [server] ipfw active/expire sets cannot be the same Michael Rash 2012-08-16 22:16:36 -04:00
• fda5759b2b todo.org notes update Michael Rash 2012-08-16 21:18:11 -04:00
• 3af8e4c517 [client] Added cipherdyne.com backup check in -R mode. Michael Rash 2012-08-15 22:49:29 -04:00
• a646a024d9 added 'Pragma: no-cache' header Michael Rash 2012-08-15 22:46:49 -04:00
• 419fbafa04 added extras/myip/myip.c Michael Rash 2012-08-14 22:52:24 -04:00
• 37950df66f bumped version to fwknop-2.0.2-pre3 Michael Rash 2012-08-14 22:35:02 -04:00
• c272339707 todo.org notes update Michael Rash 2012-08-14 22:34:03 -04:00
• 7ae45ecad1 Added GPG_ALLOW_NO_PW to the fwknopd man page Michael Rash 2012-08-14 22:31:03 -04:00
• 66187a22af minor defensive fko_destroy() calls in two error condition blocks Michael Rash 2012-08-14 22:21:34 -04:00
• dfe6679c57 Added the extras/myip/ directory for client IP resolution code Michael Rash 2012-08-14 21:51:00 -04:00
• 385396b845 Added --enable-distcheck for 'make distcheck' verification Michael Rash 2012-08-13 22:53:29 -04:00
• 863838d0ba [server] Preserve any existing config files in /etc/fwknop/ Michael Rash 2012-08-13 22:39:03 -04:00
• 8fafd4b80b [server] 'make install' permissions fix Michael Rash 2012-08-12 19:57:11 -04:00
• 543de16613 [server] iptables 'comment' match check Michael Rash 2012-08-12 15:44:13 -04:00
• a087b11887 todo update Michael Rash 2012-08-12 15:23:38 -04:00
• a686d96d44 Added todo.org org mode file Michael Rash 2012-08-12 09:29:51 -04:00
• dc23c640bb added gpg_no_pw_access.conf file for no password gpg tests Michael Rash 2012-08-11 09:33:54 -04:00
• 72229b5f46 bumped version to fwknop-2.0.2-pre2 Michael Rash 2012-08-11 09:21:49 -04:00
• 47795d41e2 merged from master Michael Rash 2012-08-10 22:30:07 -04:00
• 27ccfe35d3 [server] Added GPG_ALLOW_NO_PW variable and associated test suite support Michael Rash 2012-08-10 21:52:09 -04:00
• 0af3bd0ee1 [server] Added FLUSH_IPFW_AT_INIT and FLUSH_IPFW_AT_EXIT Michael Rash 2012-08-10 21:48:02 -04:00
• c6f3fde537 bug fix to implement FLUSH_IPT_AT_INIT and FLUSH_IPT_AT_EXIT functionality Michael Rash 2012-08-10 21:43:49 -04:00
• fbdae50064 added Geoff Carstairs for the FORCE_NAT idea Michael Rash 2012-08-08 21:27:33 -04:00
• fd30440128 added Aldan Beaubien for reporting the Morpheus NULL IP problem Michael Rash 2012-08-05 14:07:42 -04:00
• c374a7df27 Merge branch 'master' into hmac_support Michael Rash 2012-08-05 13:26:43 -04:00
• e70739d211 minor whitespace update Michael Rash 2012-08-05 13:05:55 -04:00
• f6ac4484c9 minor memset value update 0 -> 0x0 to conform to other memset() calls Michael Rash 2012-08-05 13:05:30 -04:00
• 4cde31584f bumped version to 2.0.2-pre1 Michael Rash 2012-08-03 22:16:22 -04:00
• 79a947603a added changes for the 2.0.2 release (so far) Michael Rash 2012-08-03 22:08:14 -04:00
• 29512bd8ec [client] -R http recv() read until close (Jonathan Schulz) Michael Rash 2012-08-03 21:49:03 -04:00
• 7c1db89106 minor white space fix tabs->spaces Michael Rash 2012-08-03 21:30:24 -04:00
• eb5176cf60 [test suite] added --enable-all arg Michael Rash 2012-08-03 21:20:21 -04:00
• f7084721b7 added 'altered HMAC' tests to ensure HMAC verification happens properly Michael Rash 2012-08-02 23:24:38 -04:00
• 30acf93b72 Memory leak fix for HMAC verification Michael Rash 2012-08-02 22:55:54 -04:00
• 3d9e96af56 Memory leak fix in client test mode Michael Rash 2012-08-02 22:46:52 -04:00
• cba6478258 Memory leak bug fix for rc file parsing of invalid data Michael Rash 2012-08-02 22:29:54 -04:00
• c37047ac93 Memory leak bug fix in --key-gen mode Michael Rash 2012-08-02 22:00:05 -04:00
• b8ed3a60d9 excluded HMAC random verification from --enable-valgrind mode (too slow for 100 client executions) Michael Rash 2012-08-02 21:56:45 -04:00
• 84b9c775c0 Merge branch 'master' into hmac_support Michael Rash 2012-08-01 23:41:00 -04:00
• 7061b7bd3e added Jonathan Schulz Michael Rash 2012-08-01 23:40:34 -04:00
• 84e036f95b Change HTTP connection type to 'close' in -R mode Michael Rash 2012-08-01 23:27:34 -04:00
• 1528697aaa merged replay prefix and IP resolve tests Michael Rash 2012-08-01 23:05:51 -04:00
• 5fd3343ca9 added client IP resolution test with complete SPA->SSH cycle Michael Rash 2012-08-01 22:30:02 -04:00
• 016098a254 Replay attack bug fix (encryption prefixes) Michael Rash 2012-07-29 23:31:15 -04:00
• c0e53482fa [libfko] minor memory leak fix for user detection (corner case) Michael Rash 2012-07-29 21:31:44 -04:00
• 060fbb607f [server] replay attack detection memory leak bug fix Michael Rash 2012-07-28 00:08:30 -04:00
• a8bb42569c [test suite] minor compile bug fix Michael Rash 2012-07-29 23:35:32 -04:00
• afc71b7df3 Replay attack bug fix (encryption prefixes) Michael Rash 2012-07-29 23:31:15 -04:00
• fd30a3491d minor variable rename LENGTH -> LEN, STRING_LENGTH -> STR_LEN Michael Rash 2012-07-29 21:57:05 -04:00
• a9cbd60327 [libfko] first HMAC-SHA256 implementation (includes test suite support) Michael Rash 2012-07-29 21:34:08 -04:00
• df0f0b7f61 [libfko] minor memory leak fix for user detection (corner case) Michael Rash 2012-07-29 21:31:44 -04:00
• 6d379aba6e [server] replay attack detection memory leak bug fix Michael Rash 2012-07-28 00:08:30 -04:00
• b760f4aad3 [test suite] exempted valgrind collection test from --test-limit Michael Rash 2012-07-27 23:59:03 -04:00
• c6cef8982a [libfko] validate incoming plaintext lengths Michael Rash 2012-07-27 23:25:32 -04:00
• 482e6f974c added msg_hmac_len and removed additional strlen() calls Michael Rash 2012-07-27 21:29:26 -04:00
• 10195cf29a [libfko] added encrypted_msg_len and replaced additional strlen() calls Michael Rash 2012-07-27 18:16:37 -04:00