commit 67dd1d5bddce484824ae57b4cac679a17401c3a8 (HEAD, refs/heads/master) Author: Michael Rash Date: Sat Apr 12 15:21:00 2014 -0400 [server] bug fix to allow IP-formatted masks for SOURCE lines in access.conf server/access.c | 69 ++++++++++++++++++++++++++++----- test/conf/client-gpg-no-pw/trustdb.gpg | Bin 1360 -> 1360 bytes test/tests/basic_operations.pl | 65 +++++++++++++++++++++++++++++++ 3 files changed, 124 insertions(+), 10 deletions(-) commit 55965dd1a40c8fba91119ed7916085a1f9db5480 Author: Michael Rash Date: Sat Apr 12 15:20:31 2014 -0400 minor typo fix ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit b243bb4bb79d022c72184035b2962a5e1b06966f Author: Michael Rash Date: Fri Apr 11 22:45:27 2014 -0400 [client] fix minor memory leak before exit() in parsing invalid time offsets client/config_init.c | 48 ++++++++++++++++++++++++++---------------- test/tests/basic_operations.pl | 4 ++-- 2 files changed, 32 insertions(+), 20 deletions(-) commit 2cafdad9686c319c374f54ebf64293127ea0c0cb Author: Michael Rash Date: Fri Apr 11 22:41:00 2014 -0400 bump version to 2.6.1 ChangeLog | 7 ++++--- VERSION | 2 +- configure.ac | 2 +- fwknop.spec | 5 ++++- 4 files changed, 10 insertions(+), 6 deletions(-) commit b97484734ecb8c3a8581d69bd28375e5845d486b Author: Michael Rash Date: Thu Apr 10 23:18:44 2014 -0400 [client] fix memory leak introduced in 0ff210099 client/fwknop.c | 1 - 1 file changed, 1 deletion(-) commit b422f1b9a7103ae391df299ac15d768405bf4047 Author: Michael Rash Date: Thu Apr 10 23:10:11 2014 -0400 [test suite] implement new fwknopd access/fwknopd.conf file writing feature similar to client rc file writing/testing test/test-fwknop.pl | 81 +++++++++++++-- test/tests/basic_operations.pl | 228 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 302 insertions(+), 7 deletions(-) commit c75cbdddef39ae011aacdccf38a01bf853679ad4 Author: Michael Rash Date: Thu Apr 10 23:08:51 2014 -0400 [test suite] add compounded tests for fko-wrapper test/fko-wrapper/fko_wrapper.c | 102 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 100 insertions(+), 2 deletions(-) commit fdb8c890e90bae0f4f66fd341b7be706711e711a Author: Michael Rash Date: Thu Apr 10 23:08:19 2014 -0400 [server] make parse_access_file() exit if there is a variable formatting problem server/access.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) commit 4b86edbbe25eccfb9d4fbe4362cbc98f61521d41 Author: Michael Rash Date: Thu Apr 10 23:07:39 2014 -0400 [client] ensure to call fko_destroy() on the correct context if encryption mode could not be determined client/fwknop.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit f539afc750dd4d4b4e64151ae5e9925470b1fb38 Author: Michael Rash Date: Thu Apr 10 20:48:05 2014 -0400 [client] make is_rc_param() error condition fatal client/config_init.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) commit 55d1ee3fd953088dda61f1ad1d3bac41bcab1cf2 Author: Michael Rash Date: Wed Apr 9 23:56:50 2014 -0400 [test suite] --key-* arg validation with --fd 0 test/tests/basic_operations.pl | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) commit ac6ffe2ec798e93bb06e08a046be24704b58c9d2 Author: Michael Rash Date: Wed Apr 9 23:56:03 2014 -0400 [server] Validate GPG sigs with libfko fko_gpg_signature_id_match() function ChangeLog | 3 +++ lib/fko_encryption.c | 5 ++++- server/access.c | 17 --------------- server/access.h | 1 - server/incoming_spa.c | 59 +++++++++++++++++++++++++++++++++++++++++++++------ 5 files changed, 59 insertions(+), 26 deletions(-) commit 0ff2100993e8722e0e62ec616fc84396bd7808c3 Author: Michael Rash Date: Tue Apr 8 21:12:46 2014 -0400 [test suite/client] memory leak bug fix and test coverage This commit fixes a minor memory leak in the fwknop client before calling exit() when an abnormally large number of command line arguments are given. The leak was found with valgrind together with the test suite (specifically the 'show last args (4)' test): ==23748== 175 bytes in 50 blocks are definitely lost in loss record 1 of 1 ==23748== at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==23748== by 0x1112F1: run_last_args (fwknop.c:991) ==23748== by 0x110D36: prev_exec (fwknop.c:916) ==23748== by 0x10D953: main (fwknop.c:170) Additional test coverage was added for the client via the basic_operations.pl tests. Makefile.am | 1 + client/fwknop.c | 27 +++++--- test/invalid.args | 1 + test/tests/basic_operations.pl | 149 +++++++++++++++++++++++++++++++++++++++-- 4 files changed, 163 insertions(+), 15 deletions(-) commit 2e4eea8d496e14dfb64feb01fe09e02a1fa08cbc Author: Michael Rash Date: Tue Apr 8 21:08:24 2014 -0400 [libfko] minor formating update for strtol_wrapper() range output messages lib/fko_util.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) commit 5752433420605202e143e42359f2a2d40fdb8973 Author: Michael Rash Date: Tue Apr 8 21:06:45 2014 -0400 [libfko] minor comment re-wording lib/fko_client_timeout.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit d327f99efbcaa17b423c8f42cd4a1bb6f7639362 Author: Michael Rash Date: Tue Apr 8 21:06:18 2014 -0400 [client] minor typo fix client/spa_comm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit e5169d0878172113bbd7e2f5d4d5f7fa4702a0b8 Author: Michael Rash Date: Tue Apr 8 20:45:13 2014 -0400 [test suite] env HOME tests, -R http resolve tests test/test-fwknop.pl | 17 ++++++++ test/tests/basic_operations.pl | 98 +++++++++++++++++++++++++++++++++++++++++- 2 files changed, 113 insertions(+), 2 deletions(-) commit d9c1eb8f5134fe0d2be895e22f53a14d4016951b Author: Michael Rash Date: Mon Apr 7 22:31:56 2014 -0400 [test suite] more client/config_init.c test coverage Makefile.am | 3 + test/invalid.key | 2 + test/invalid2.key | 1 + test/invalid3.key | 1 + test/test-fwknop.pl | 3 + test/tests/basic_operations.pl | 124 +++++++++++++++++++++++++++++++++++++++++ 6 files changed, 134 insertions(+) commit 5da38165effbe8a3e4200835374231f0433d4361 Author: Michael Rash Date: Sun Apr 6 22:21:14 2014 -0400 [test suite] KEY_FILE and HMAC_KEY_FILE tests test/tests/basic_operations.pl | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) commit c6cb892a0574562202f787c5388703976c2929e1 Author: Michael Rash Date: Sun Apr 6 22:14:10 2014 -0400 [test suite] more client/config_init.c test coverage client/config_init.c | 3 --- test/tests/basic_operations.pl | 54 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+), 3 deletions(-) commit 5176cd09760fbb4de87cbbbbd4ea8bb00cb8dd8c Author: Michael Rash Date: Sun Apr 6 21:27:15 2014 -0400 [test suite] additional test coverage for client/config_init.c test/tests/basic_operations.pl | 106 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 100 insertions(+), 6 deletions(-) commit 09fb2dd2405b3dfb3fd47f94c70ac1ce058e5924 Author: Michael Rash Date: Sun Apr 6 21:27:07 2014 -0400 [test suite] allow tests/*.pl files to use lib_view_str variable directly test/test-fwknop.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 4d63644ce72d3a161332bd141e22a9f86335107a Author: Michael Rash Date: Sun Apr 6 15:42:22 2014 -0400 [test suite] additional test coverage for client/config_init.c test/tests/basic_operations.pl | 90 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 89 insertions(+), 1 deletion(-) commit 710720b237f5d791e9a7e79fdb18da280b3a75a8 Author: Michael Rash Date: Sat Apr 5 23:09:04 2014 -0400 [test suite] non-default stanza digest update test test/tests/basic_operations.pl | 14 ++++++++++++++ 1 file changed, 14 insertions(+) commit e95d601a4808817479b9b564e9578752393734ac Author: Michael Rash Date: Sat Apr 5 21:51:56 2014 -0400 [test suite] added --key-gen -K file path too long test test/tests/basic_operations.pl | 8 ++++++++ 1 file changed, 8 insertions(+) commit 48eb5fcc942d67ee8fff11f3c02dfc6efcecf9a2 Author: Michael Rash Date: Sat Apr 5 21:29:24 2014 -0400 [test suite] added key file path too long tests test/tests/basic_operations.pl | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) commit d0d77ba67f6a2c5df15adb39b96d1258076e6b09 Author: Michael Rash Date: Sat Apr 5 08:19:20 2014 -0400 [test suite] added rc file path too long test test/tests/basic_operations.pl | 9 +++++++++ 1 file changed, 9 insertions(+) commit 1ec1443768831feb7c1934d6b2ad2e5df5328495 Author: Michael Rash Date: Fri Apr 4 23:03:03 2014 -0400 [test suite] add several validation tests to exercise various client/config_init.c lines test/tests/basic_operations.pl | 168 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 164 insertions(+), 4 deletions(-) commit a65324bad1c5bfbf0bc59e96904e34cc71262db3 Author: Michael Rash Date: Fri Apr 4 23:02:09 2014 -0400 [client] return error exit status if --stanza-list cannot open the rc file client/config_init.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) commit 0b6a407392f40cbbd59721bdbed437001426a76c Author: Michael Rash Date: Fri Apr 4 22:54:38 2014 -0400 [libfko] remove unused digest *_End(), *_Data(), and *_hex() functions in favor of better test coverage (always can be reinstantiated if needed) lib/digest.c | 85 ------------------------------------------------- lib/digest.h | 5 --- lib/sha2.c | 101 ----------------------------------------------------------- lib/sha2.h | 18 ----------- 4 files changed, 209 deletions(-) commit f9885d0657f936fbcce68a666af0cd4d409d4e2f Author: Michael Rash Date: Fri Apr 4 22:50:41 2014 -0400 [libfko] add GPG sig status to fko dump context function lib/fko_util.c | 4 ++++ 1 file changed, 4 insertions(+) commit b8492d43191e53f715ae6edabc7c1d9704e1612e Author: Michael Rash Date: Thu Apr 3 22:52:53 2014 -0400 [test suite] added --key-rijndael and --key-hmac tests test/tests/basic_operations.pl | 159 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 156 insertions(+), 3 deletions(-) commit 956199a3cb260c3138dd542ae5c273b1c952e137 Author: Michael Rash Date: Thu Apr 3 22:52:11 2014 -0400 [client] minor typo fix for -P requirement under spoofed src mode client/config_init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 2da2704d4c09651f1b88bc3b57c6244b23b2a875 Author: Michael Rash Date: Thu Apr 3 19:29:14 2014 -0400 [test suite] fwknoprc GPG tests, more time offset tests Makefile.am | 2 + client/fwknop.c | 5 +- test/conf/fwknoprc_hmac_time_offset_days | 18 ++++++ test/conf/fwknoprc_hmac_time_offset_hours | 18 ++++++ test/conf/fwknoprc_hmac_time_offset_mins | 18 ++++++ test/conf/gpg_no_pw_hmac_clientdir_access.conf | 8 +++ test/conf/gpg_no_pw_hmac_serverdir_access.conf | 8 +++ test/test-fwknop.pl | 25 ++++++-- test/tests/basic_operations.pl | 88 ++++++++++++++++++++++++++ test/tests/gpg_no_pw_hmac.pl | 27 ++++++++ 10 files changed, 212 insertions(+), 5 deletions(-) commit d4c696d24a14335778533d13cfc77f1f1c7c567a Author: Michael Rash Date: Thu Apr 3 19:27:44 2014 -0400 [client] minor update to comment out unused function client/log_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit e4a382a87fec21f2d234f388b70a9fe11a2a7c7b Author: Michael Rash Date: Thu Apr 3 00:10:22 2014 -0400 [test suite] save pkt to file tests test/tests/basic_operations.pl | 63 ++++++++++++++++++++++++++++++++---------- 1 file changed, 49 insertions(+), 14 deletions(-) commit 083db46416adc5629af64da8fdf1239e8b226e4d Author: Michael Rash Date: Wed Apr 2 23:58:03 2014 -0400 [test suite] added popen() 'n' answer test test/tests/basic_operations.pl | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) commit 00fed6132c2045415cccd983068599553314c6fc Author: Michael Rash Date: Wed Apr 2 23:55:00 2014 -0400 [test suite] additional save rc file variable coverage test/tests/basic_operations.pl | 109 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) commit f121dc5e8a5cd61b915cd5b7001375ec86cdf442 Author: Michael Rash Date: Wed Apr 2 23:54:33 2014 -0400 [test suite] ensure to recompile for gcov coverage analysis test/test-fwknop.pl | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) commit 9be5c24cad4c544a8345c803b84375ba94849e1f Author: Michael Rash Date: Mon Mar 31 23:40:11 2014 -0400 [test suite] remove .gcno files in --profile-coverage-init mode test/test-fwknop.pl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) commit e60d49186459fe508c71bbead365d9c57fe3ffca Author: Michael Rash Date: Mon Mar 31 23:15:34 2014 -0400 [test suite] basic ops save rc stanza --encryption-mode tests test/tests/basic_operations.pl | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) commit 78dd3ea43bc489b471c7190c9f9482b7db42d942 Author: Michael Rash Date: Mon Mar 31 23:09:57 2014 -0400 [test suite] basic ops save rc stanza time offset minus test test/tests/basic_operations.pl | 11 +++++++++++ 1 file changed, 11 insertions(+) commit 9f10c3ede6c6c1b645a38850d7cdbfa08907ec0f Author: Michael Rash Date: Mon Mar 31 23:09:25 2014 -0400 [test suite] basic ops save rc stanza time offset tests test/tests/basic_operations.pl | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) commit b005287aa685960e748119dced9efb7f94099080 Author: Michael Rash Date: Mon Mar 31 23:01:44 2014 -0400 [test suite] basic ops get key tests test/tests/basic_operations.pl | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) commit f2484e599fd5074f0c3aded00603581652f8f326 Author: Michael Rash Date: Mon Mar 31 22:21:58 2014 -0400 [test suite] rc file time offset tests Makefile.am | 3 +++ test/test-fwknop.pl | 3 +++ test/tests/rijndael_hmac.pl | 39 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+) commit cfa15f3961a0ae4b3519a35e2aa67e7fa5525f1e Author: Michael Rash Date: Mon Mar 31 22:12:01 2014 -0400 [test suite] minor popen_cmd() status update test/test-fwknop.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit 7e1f3aad691a93f2ea0c15bc6b1cd88c5e8bb67e Author: Michael Rash Date: Sun Mar 30 21:12:01 2014 -0400 [test suite] add long_spa.key file Makefile.am | 1 + test/long_spa.key | 3 +++ 2 files changed, 4 insertions(+) commit 50e454216c7c75ce21190f34edd6e57840b255f4 Author: Michael Rash Date: Sun Mar 30 21:10:17 2014 -0400 [test suite] additional critical var popen() tests test/tests/basic_operations.pl | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) commit 8ed9728fd35c50d16a9b40c3701aafe91c64accc Author: Michael Rash Date: Sun Mar 30 20:59:33 2014 -0400 [test suite] add coverage test for client -M legacy truncated key test/test-fwknop.pl | 5 +++++ test/tests/rijndael.pl | 12 ++++++++++++ 2 files changed, 17 insertions(+) commit e09e091f71db5067321899532c55db049307b981 Author: Michael Rash Date: Sun Mar 30 20:45:23 2014 -0400 [test suite] add --profile-coverage-init to recompile and remove old .gcov and .gcda files test/test-fwknop.pl | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) commit 5b6c3768fbea989d6f6b6ef6f4eef90ae4873478 Author: Michael Rash Date: Sun Mar 30 20:34:11 2014 -0400 [test suite] exercise client rc file ask overwrite feature via popen() test/test-fwknop.pl | 52 ++++++++++++++++++++++++++++++++++++++++-- test/tests/basic_operations.pl | 14 ++++++++++++ 2 files changed, 64 insertions(+), 2 deletions(-) commit bfa1704072e1192f1b13d0d7ba7349d14784a789 Author: Michael Rash Date: Sun Mar 30 16:06:46 2014 -0400 [test suite] exclude /usr/include/* files from lcov coverage analysis test/test-fwknop.pl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) commit 3ca546092b5953d6e893b1aaae98807f6e2c5299 Author: Michael Rash Date: Sat Mar 29 22:23:45 2014 -0400 [test suite] additional rc file code coverage tests Makefile.am | 1 + test/conf/fwknoprc_hmac_http_resolve | 40 ++++++++++++++++++++++++++++++++++++ test/test-fwknop.pl | 4 ++++ test/tests/rijndael_hmac.pl | 25 ++++++++++++++++++++++ 4 files changed, 70 insertions(+) commit a9fb3c05db0382bf782058ac1cc2a334e3fd82bf Author: Michael Rash Date: Sat Mar 29 21:45:10 2014 -0400 [test suite] minor typo fix test/tests/rijndael.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 22b1b2d9d267655a29a844ae6612e1aa1fc39660 Author: Michael Rash Date: Sat Mar 29 21:44:24 2014 -0400 [test suite] additional client/config_init.c code coverage test for fwknoprc file parsing Makefile.am | 1 + test/conf/fwknoprc_hmac_defaults | 40 ++++++++++++++++++++++++++++++++++++++++ test/test-fwknop.pl | 4 ++++ test/tests/rijndael_hmac.pl | 13 +++++++++++++ 4 files changed, 58 insertions(+) commit 9c86477e72ada37824117bf85619f4294deef51a Author: Michael Rash Date: Sat Mar 29 15:05:52 2014 -0400 [test suite] HTTP proxy tests for client/spa_comm.c test coverage test/tests/rijndael.pl | 11 +++++++++++ test/tests/rijndael_hmac.pl | 11 +++++++++++ 2 files changed, 22 insertions(+) commit 535bcdf2a6ff1111d674c24df3f821b08ce61529 Author: Michael Rash Date: Sat Mar 29 14:53:52 2014 -0400 [test suite] IP resolution tests for client/http_resolve_host.c coverage test/test-fwknop.pl | 2 ++ test/tests/rijndael.pl | 43 +++++++++++++++++++++++++++++++++++++++++++ test/tests/rijndael_hmac.pl | 45 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+) commit ef0eb18fd3d9062ff892a6ab13d41cf1b405f601 Author: Michael Rash Date: Sat Mar 29 14:04:09 2014 -0400 [client] removed unused hex_dump() function client/utils.c | 39 --------------------------------------- 1 file changed, 39 deletions(-) commit c4a59ec90fdf8a00de2f2365de4f2ed8a017ec31 Author: Michael Rash Date: Thu Mar 27 21:59:30 2014 -0400 [server] fix IP subnet mask CIDR range restriction bug found by Coverity server/access.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 6b87710397af65261f16fdbb99fa5e68eb44f467 Author: Michael Rash Date: Thu Mar 27 21:21:17 2014 -0400 [libfko] fix memory leak in fko_encode_spa_data() caught by Coverity lib/fko_encode.c | 3 +++ 1 file changed, 3 insertions(+) commit 41f12eba81869814ceb6f5c809e90442d6a56b40 Author: Michael Rash Date: Wed Mar 26 21:14:11 2014 -0400 [libfko] Memory leak bug fix in GnuPG handling Bug fix to correct a memory leak in GnuPG SPA packet handling within the gpg_decrypt() function. Here is the specific valgrind leak record that enabled the bug to be found (note that the new valgrind suppressions usage was critical for finding this bug among all other libgpgme memory leaks): ==23983== 1,044 bytes in 1 blocks are definitely lost in loss record 7 of 8 ==23983== at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==23983== by 0x4E41D3A: gpg_decrypt (fko_encryption.c:422) ==23983== by 0x4E42520: fko_decrypt_spa_data (fko_encryption.c:626) ==23983== by 0x1155B0: incoming_spa (incoming_spa.c:519) ==23983== by 0x1180A7: process_packet (process_packet.c:211) ==23983== by 0x506D857: ??? (in /usr/lib/x86_64-linux-gnu/libpcap.so.1.4.0) ==23983== by 0x117865: pcap_capture (pcap_capture.c:270) ==23983== by 0x10F937: main (fwknopd.c:353) ChangeLog | 20 ++++++++++++++++++++ lib/fko_encryption.c | 10 ++++------ 2 files changed, 24 insertions(+), 6 deletions(-) commit 74a4cabb9c8bfbe1d49fbff6abde24265007bc37 Author: Michael Rash Date: Wed Mar 26 20:51:10 2014 -0400 [test suite] Added valgrind suppressions for gpgme Running the test suite with --enable-valgrind resulted in large numbers of leaks detected in gpgme functions. This commit adds a valgrind suppressions file to squash these errors (which are not fwknop's fault), and also enables the valgrind --child-slient-after-fork option by default. Both of these can disable in test suite execution with two new options: --valgrind-disable-suppressions and --valgrind-disable-child-silent. Makefile.am | 1 + test/test-fwknop.pl | 28 ++++++++++++++++++++++++---- test/valgrind_suppressions | 8 ++++++++ 3 files changed, 33 insertions(+), 4 deletions(-) commit 73bc473563154ea1445c7a9010f5593785401a14 Author: Michael Rash Date: Wed Mar 19 23:12:01 2014 -0400 [client+server] verify GnuPG signatures by default - [server] When GnuPG is used, the default now is to require that incoming SPA packets are signed by a key listed in GPG_REMOTE_ID for each access.conf stanza. In other words, the usage of GPG_REQUIRE_SIG is no longer necessary in order to authenticate SPA packets via the GnuPG signature. Verification of GnuPG signatures can be disabled with a new access.conf variable GPG_DISABLE_SIG, but this is NOT a recommended configuration. - [client+server] Add --gpg-exe command line argument and GPG_EXE config variable to ~/.fwknoprc and the access.conf file so that the path to GnuPG can be changed from the default /usr/bin/gpg path. ChangeLog | 10 ++++++++ Makefile.am | 2 ++ client/cmd_opts.h | 2 ++ client/config_init.c | 20 ++++++++++++++- client/fwknop.c | 13 ++++++++++ client/fwknop_common.h | 1 + doc/fwknop.man.asciidoc | 3 +++ doc/fwknopd.man.asciidoc | 25 ++++++++++++------- lib/fko_util.c | 47 ++++++++++++++++++++++++++++++++++- server/access.c | 44 +++++++++++++++++++++++++++++++- server/cmd_opts.h | 3 +++ server/config_init.c | 5 ++++ server/fwknopd.conf | 7 +++++- server/fwknopd_common.h | 8 ++++++ server/incoming_spa.c | 18 +++++++++++++- test/conf/fwknoprc_gpg_invalid_exe | 4 +++ test/conf/gpg_invalid_exe_access.conf | 9 +++++++ test/test-fwknop.pl | 14 ++++++++++- test/tests/gpg_hmac.pl | 47 +++++++++++++++++++++++++++++++++++ 19 files changed, 267 insertions(+), 15 deletions(-) commit a52aa8d54a478f7d0bc2d07351302c2d54451574 Author: Michael Rash Date: Tue Mar 18 20:39:25 2014 -0400 [test suite] don't remove .gcov/.gcda profiling files in --list-mode test/test-fwknop.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) commit 6875d0092cf642ecd5c3c2bb6c8c5a456e37bbe6 Author: Michael Rash Date: Tue Mar 18 20:37:47 2014 -0400 [test suite] exercise fko_base64_encode() and fko_base64_decode() in fko-wrapper test/fko-wrapper/fko_wrapper.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) commit 00f878c5edf34ef2b87daeb8e839dd394399dea0 Author: Michael Rash Date: Mon Mar 17 22:36:49 2014 -0400 [test suite] add --spoof-user test test/tests/rijndael_hmac.pl | 15 +++++++++++++++ 1 file changed, 15 insertions(+) commit d98cb7fd2c622635d92d77f8820aab55aab45be7 Author: Michael Rash Date: Mon Mar 17 22:36:17 2014 -0400 [test suite] add --preserve-previous-profile-files test/test-fwknop.pl | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) commit a3762926b59e1ee07335941926fe74253f49569e Author: Michael Rash Date: Mon Mar 17 22:07:42 2014 -0400 for --enable-profile-coverage add -lgcov to LDFLAGS and remove -O0 optimization switch configure.ac | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) commit 46e8428e010fea4141ba72845495b5695f4746a1 Author: Michael Rash Date: Mon Mar 17 22:06:31 2014 -0400 [extras] allow configure wrapper to pass on args to the configure script extras/apparmor/configure_args.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 4ba55d6814c1ef2963a88416a093041db31604ff Author: Michael Rash Date: Mon Mar 17 22:05:45 2014 -0400 fix automake subdir-objects warning on Mac OS X, fixes part of #115 common/Makefile.am | 2 ++ 1 file changed, 2 insertions(+) commit b33a6e4c22964e681ef9aa83042e367858378a23 Author: Michael Rash Date: Mon Mar 17 21:43:36 2014 -0400 [test suite] ensure the fko multi-call wrapper is executed under valgrind test/tests/rijndael_fuzzing.pl | 6 ++++++ 1 file changed, 6 insertions(+) commit 490b8e31063de831cb081057a89c377dd1fee011 Author: Michael Rash Date: Mon Mar 17 21:42:31 2014 -0400 [test suite] add lcov html results for gcov profile coverage in --enable-profile-coverage mode test/test-fwknop.pl | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) commit 7e290245b2bdc0dc561d56c857328cdf373129d5 (refs/remotes/origin/master, refs/remotes/origin/HEAD) Author: Michael Rash Date: Sun Mar 16 21:47:19 2014 -0400 [libfko] per-SPA message type field count validation This commit implements more rigorous SPA packet field count validation that takes into account expected field counts for each SPA message type. Two new libfko error codes have been added in support of this, and the corresponding changes made in the perl and python modules. lib/fko.h | 2 + lib/fko_decode.c | 92 ++++++++++++--- lib/fko_error.c | 6 + lib/fko_limits.h | 2 +- perl/FKO/lib/FKO_Constants.pl | 262 +++++++++++++++++++++--------------------- python/fko.py | 260 ++++++++++++++++++++--------------------- test/test-fwknop.pl | 13 ++- 7 files changed, 360 insertions(+), 277 deletions(-) commit 6de811cbc69b59dba04d183762648eeeb88dc39c Author: Michael Rash Date: Sun Mar 16 16:37:21 2014 -0400 [libfko] minor error constant label typo fix lib/fko.h | 2 +- lib/fko_error.c | 4 ++-- lib/fko_util.c | 2 +- perl/FKO/lib/FKO_Constants.pl | 4 ++-- python/fko.py | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) commit 2f9c20fb2764a120b49166e326f48849f7ff8d8d Author: Michael Rash Date: Sun Mar 16 09:11:31 2014 -0400 [test suite] minor bug fix to add udpraw mode for spoofed src test test/tests/rijndael.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit da09ba7300e1ceb8fdc147dcf65d0b9a6899087b Author: Michael Rash Date: Sun Mar 16 09:08:33 2014 -0400 [libfko] dedicated parsing functions for decoding client timeout and server auth SPA fields lib/fko_decode.c | 163 ++++++++++++++++++++++--------------------------------- 1 file changed, 65 insertions(+), 98 deletions(-) commit 5baf8a3fa9fba6fefc861207bdff8bdb29800253 Author: Michael Rash Date: Sat Mar 15 22:02:57 2014 -0400 replace malloc() with calloc() calls client/config_init.c | 4 ++-- client/fwknop.c | 4 ++-- lib/fko_decode.c | 14 +++++++------- lib/fko_digest.c | 10 +++++----- lib/fko_encode.c | 2 +- lib/fko_encryption.c | 12 ++++++------ lib/fko_rand_value.c | 6 ++---- lib/fko_util.c | 2 +- lib/gpgme_funcs.c | 2 +- server/config_init.c | 2 +- server/log_msg.c | 4 ++-- server/replay_cache.c | 4 ++-- 12 files changed, 32 insertions(+), 34 deletions(-) commit 2556433bba9b1c923394f95119a208fe58000a60 Author: Michael Rash Date: Sat Mar 15 21:37:30 2014 -0400 [libfko] add digest verification and length fcns to decode routine lib/fko_decode.c | 142 ++++++++++++++++++++++++++++++++----------------------- lib/fko_util.h | 1 - 2 files changed, 82 insertions(+), 61 deletions(-) commit ded2443b0085dab91443b6c68af442e23c889a79 Author: Michael Rash Date: Fri Mar 14 23:08:34 2014 -0400 ChangeLog updates for 2.6.1 ChangeLog | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) commit 5fff8a7f4f803eaae1ad131f34469c69a4b98a24 Merge: f5bb439 f82a7e3 Author: Michael Rash Date: Fri Mar 14 23:02:47 2014 -0400 Merge branch 'ms_compatible_usernames' This merges in work on #114 to allow MS compatible usernames, and should help Cygwin (and Windows) users. commit f5bb43927d31561bac586c0a2ea9325e5e4a8b9a Merge: 0897bd5 cbc7584 Author: Michael Rash Date: Fri Mar 14 22:57:53 2014 -0400 Merge branch 'master' of https://github.com/mrash/fwknop commit 0897bd54e155ee35e06edfe14700a1cbe50d0998 Author: Michael Rash Date: Fri Mar 14 22:57:36 2014 -0400 [libfko] call SPA field parsers via function pointers in fko_decode_spa_data() lib/fko_decode.c | 82 ++++++++++++++------------------------------------------ 1 file changed, 20 insertions(+), 62 deletions(-) commit 2eff0c01aa445644f76779c6a175f1b1910ebc90 Author: Michael Rash Date: Fri Mar 14 19:21:33 2014 -0400 [libfko] start on refactoring fko_decode_spa_data() to put SPA field parsing into dedicated functions lib/fko_decode.c | 539 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 289 insertions(+), 250 deletions(-) commit cbc75844459300c4c4fa6d6872815974cef7ae03 Merge: 9e990c9 d963f74 Author: Michael Rash Date: Fri Mar 14 09:16:18 2014 -0400 Merge branch 'master' of ssh://github.com/mrash/fwknop commit 9e990c9be01dbda86d5687cf58e41418cc3cd11f Author: Michael Rash Date: Tue Mar 11 21:29:33 2014 -0400 fix header non-ascii chars, and introduce test suite support for detecting this in source files AUTHORS | 2 +- android/project/jni/config.h | 2 +- android/project/jni/fwknop/fwknop_client.c | 2 +- android/project/jni/fwknop/fwknop_client.h | 2 +- android/project/jni/fwknop/send_spa_packet.c | 2 +- android/project/jni/logutils.h | 2 +- .../src/com/max2idea/android/fwknop/Fwknop.java | 2 +- client/cmd_opts.h | 2 +- client/config_init.c | 2 +- client/config_init.h | 2 +- client/fwknop.c | 2 +- client/fwknop.h | 2 +- client/fwknop_common.h | 2 +- client/getpasswd.c | 2 +- client/getpasswd.h | 2 +- client/http_resolve_host.c | 2 +- client/log_msg.c | 2 +- client/log_msg.h | 2 +- client/spa_comm.c | 2 +- client/spa_comm.h | 2 +- client/utils.c | 2 +- client/utils.h | 2 +- common/common.h | 2 +- common/netinet_common.h | 2 +- extras/fwknop.init.openwrt | 2 +- extras/openwrt/package/fwknop/files/fwknopd.init | 2 +- iphone/Classes/fwknop/fwknop_client.c | 2 +- iphone/Classes/fwknop/fwknop_client.h | 2 +- iphone/Classes/fwknop/send_spa_packet.c | 2 +- iphone/Classes/libfwknop/fko_common.b | 2 +- lib/base64.c | 2 +- lib/base64.h | 2 +- lib/cipher_funcs.c | 2 +- lib/cipher_funcs.h | 2 +- lib/digest.c | 2 +- lib/digest.h | 2 +- lib/fko.h | 2 +- lib/fko_client_timeout.c | 2 +- lib/fko_common.h | 2 +- lib/fko_context.h | 2 +- lib/fko_decode.c | 2 +- lib/fko_digest.c | 2 +- lib/fko_encode.c | 2 +- lib/fko_encryption.c | 2 +- lib/fko_error.c | 2 +- lib/fko_funcs.c | 2 +- lib/fko_hmac.c | 2 +- lib/fko_limits.h | 2 +- lib/fko_message.c | 2 +- lib/fko_message.h | 2 +- lib/fko_nat_access.c | 2 +- lib/fko_rand_value.c | 2 +- lib/fko_server_auth.c | 2 +- lib/fko_state.h | 2 +- lib/fko_timestamp.c | 2 +- lib/fko_user.c | 2 +- lib/fko_user.h | 2 +- lib/fko_util.c | 2 +- lib/fko_util.h | 2 +- lib/gpgme_funcs.c | 2 +- lib/gpgme_funcs.h | 2 +- lib/hmac.c | 2 +- lib/hmac.h | 2 +- python/fkomodule.c | 2 +- python/setup.py | 2 +- server/access.c | 2 +- server/access.h | 2 +- server/cmd_opts.h | 2 +- server/config_init.c | 2 +- server/config_init.h | 2 +- server/extcmd.c | 2 +- server/extcmd.h | 2 +- server/fw_util.c | 2 +- server/fw_util.h | 2 +- server/fw_util_ipf.c | 2 +- server/fw_util_ipf.h | 2 +- server/fw_util_ipfw.c | 2 +- server/fw_util_ipfw.h | 2 +- server/fw_util_iptables.c | 2 +- server/fw_util_iptables.h | 2 +- server/fw_util_pf.c | 2 +- server/fw_util_pf.h | 2 +- server/fwknopd.c | 2 +- server/fwknopd.h | 2 +- server/fwknopd_common.h | 2 +- server/fwknopd_errors.c | 2 +- server/fwknopd_errors.h | 2 +- server/incoming_spa.c | 2 +- server/incoming_spa.h | 2 +- server/log_msg.c | 2 +- server/log_msg.h | 2 +- server/pcap_capture.c | 2 +- server/pcap_capture.h | 2 +- server/process_packet.c | 2 +- server/process_packet.h | 2 +- server/replay_cache.c | 2 +- server/replay_cache.h | 2 +- server/sig_handler.c | 2 +- server/sig_handler.h | 2 +- server/tcp_server.c | 2 +- server/tcp_server.h | 2 +- server/utils.c | 2 +- server/utils.h | 2 +- test/test-fwknop.pl | 27 ++++++++++++++++++++++ test/tests/code_structure.pl | 6 +++++ win32/config.h | 2 +- win32/getlogin.h | 2 +- 107 files changed, 138 insertions(+), 105 deletions(-) commit ad512ff6e78e6d4c28bc202b9b6ba379389d139f Author: Michael Rash Date: Thu Mar 13 00:10:22 2014 -0400 [test suite] added Rijndael+HMAC SPOOF_SRC fwknoprc file test Makefile.am | 1 + client/config_init.c | 8 ++++++++ test/conf/fwknoprc_hmac_spoof_src_base64_key | 6 ++++++ test/test-fwknop.pl | 1 + test/tests/rijndael_hmac.pl | 28 ++++++++++++++++++++++++++++ 5 files changed, 44 insertions(+) commit 4181b43f55a10e037a60cee021e31b09423adf4c Author: Michael Rash Date: Wed Mar 12 23:59:01 2014 -0400 [test suite] Added Rijndael+HMAC NAT rand port via client rc file test ChangeLog | 1 + Makefile.am | 1 + test/conf/fwknoprc_hmac_nat_rand_base64_key | 5 +++++ test/test-fwknop.pl | 1 + test/tests/rijndael_hmac.pl | 17 +++++++++++++++++ 5 files changed, 25 insertions(+) commit 83595bdabbecd78f479247c30df2db5c909edf0d Author: Michael Rash Date: Wed Mar 12 23:56:12 2014 -0400 [test suite] Added Rijndael+HMAC command execution test ChangeLog | 1 + Makefile.am | 2 ++ test/conf/hmac_cmd_access.conf | 5 +++++ test/test-fwknop.pl | 6 ++++++ test/tests/rijndael_hmac_cmd_exec.pl | 18 ++++++++++++++++++ 5 files changed, 32 insertions(+) commit f82a7e3558714cd7eb81a8c1584f8925e1f547a6 Author: Michael Rash Date: Wed Mar 12 23:43:11 2014 -0400 [perl FKO module] comment out username fuzzing packets that are now acceptable to libfko perl/FKO/t/04_fuzzing.t | 3 ++- perl/FKO/t/fuzzing_spa_packets | 56 +++++++++++++++++++++--------------------- 2 files changed, 30 insertions(+), 29 deletions(-) commit 1213eae92637bad8012108b3b8d1f0ce79e70e90 Author: Michael Rash Date: Wed Mar 12 23:41:01 2014 -0400 [test suite] allow fuzzing_spa_packet file comments to skip particular packets test/test-fwknop.pl | 1 + 1 file changed, 1 insertion(+) commit d963f74c46c9964137392927204ea4cc11401cc5 Author: Michael Rash Date: Tue Mar 11 21:29:33 2014 -0400 fix header non-ascii chars, and introduce test suite support for detecting this in source files AUTHORS | 2 +- android/project/jni/config.h | 2 +- android/project/jni/fwknop/fwknop_client.c | 2 +- android/project/jni/fwknop/fwknop_client.h | 2 +- android/project/jni/fwknop/send_spa_packet.c | 2 +- android/project/jni/logutils.h | 2 +- .../src/com/max2idea/android/fwknop/Fwknop.java | 2 +- client/cmd_opts.h | 2 +- client/config_init.c | 2 +- client/config_init.h | 2 +- client/fwknop.c | 2 +- client/fwknop.h | 2 +- client/fwknop_common.h | 2 +- client/getpasswd.c | 2 +- client/getpasswd.h | 2 +- client/http_resolve_host.c | 2 +- client/log_msg.c | 2 +- client/log_msg.h | 2 +- client/spa_comm.c | 2 +- client/spa_comm.h | 2 +- client/utils.c | 2 +- client/utils.h | 2 +- common/common.h | 2 +- common/netinet_common.h | 2 +- extras/fwknop.init.openwrt | 2 +- extras/openwrt/package/fwknop/files/fwknopd.init | 2 +- iphone/Classes/fwknop/fwknop_client.c | 2 +- iphone/Classes/fwknop/fwknop_client.h | 2 +- iphone/Classes/fwknop/send_spa_packet.c | 2 +- iphone/Classes/libfwknop/fko_common.b | 2 +- lib/base64.c | 2 +- lib/base64.h | 2 +- lib/cipher_funcs.c | 2 +- lib/cipher_funcs.h | 2 +- lib/digest.c | 2 +- lib/digest.h | 2 +- lib/fko.h | 2 +- lib/fko_client_timeout.c | 2 +- lib/fko_common.h | 2 +- lib/fko_context.h | 2 +- lib/fko_decode.c | 2 +- lib/fko_digest.c | 2 +- lib/fko_encode.c | 2 +- lib/fko_encryption.c | 2 +- lib/fko_error.c | 2 +- lib/fko_funcs.c | 2 +- lib/fko_hmac.c | 2 +- lib/fko_limits.h | 2 +- lib/fko_message.c | 2 +- lib/fko_message.h | 2 +- lib/fko_nat_access.c | 2 +- lib/fko_rand_value.c | 2 +- lib/fko_server_auth.c | 2 +- lib/fko_state.h | 2 +- lib/fko_timestamp.c | 2 +- lib/fko_user.c | 2 +- lib/fko_user.h | 2 +- lib/fko_util.c | 2 +- lib/fko_util.h | 2 +- lib/gpgme_funcs.c | 2 +- lib/gpgme_funcs.h | 2 +- lib/hmac.c | 2 +- lib/hmac.h | 2 +- python/fkomodule.c | 2 +- python/setup.py | 2 +- server/access.c | 2 +- server/access.h | 2 +- server/cmd_opts.h | 2 +- server/config_init.c | 2 +- server/config_init.h | 2 +- server/extcmd.c | 2 +- server/extcmd.h | 2 +- server/fw_util.c | 2 +- server/fw_util.h | 2 +- server/fw_util_ipf.c | 2 +- server/fw_util_ipf.h | 2 +- server/fw_util_ipfw.c | 2 +- server/fw_util_ipfw.h | 2 +- server/fw_util_iptables.c | 2 +- server/fw_util_iptables.h | 2 +- server/fw_util_pf.c | 2 +- server/fw_util_pf.h | 2 +- server/fwknopd.c | 2 +- server/fwknopd.h | 2 +- server/fwknopd_common.h | 2 +- server/fwknopd_errors.c | 2 +- server/fwknopd_errors.h | 2 +- server/incoming_spa.c | 2 +- server/incoming_spa.h | 2 +- server/log_msg.c | 2 +- server/log_msg.h | 2 +- server/pcap_capture.c | 2 +- server/pcap_capture.h | 2 +- server/process_packet.c | 2 +- server/process_packet.h | 2 +- server/replay_cache.c | 2 +- server/replay_cache.h | 2 +- server/sig_handler.c | 2 +- server/sig_handler.h | 2 +- server/tcp_server.c | 2 +- server/tcp_server.h | 2 +- server/utils.c | 2 +- server/utils.h | 2 +- test/test-fwknop.pl | 27 ++++++++++++++++++++++ test/tests/code_structure.pl | 6 +++++ win32/config.h | 2 +- win32/getlogin.h | 2 +- 107 files changed, 138 insertions(+), 105 deletions(-) commit b5eb857533b907f71474b10aecfc9b94000fb7bc (refs/remotes/origin/ms_compatible_usernames) Author: Michael Rash Date: Sun Mar 9 23:12:53 2014 -0400 [libfko] allow MS compatible usernames Allow usernames that are compatible with Microsoft guidelines as defined here: http://technet.microsoft.com/en-us/library/bb726984.aspx This allows for greater compatibility between fwknop clients on Windows (for example that may be deployed with Cygwin) and fwknopd on other systems. This change was suggested by Gerry Reno, and tracked by Github issue #114. lib/fko_user.c | 41 ++++++++++++++++++++++++++++++++++------- perl/FKO/t/04_fuzzing.t | 20 ++++++++++---------- test/test-fwknop.pl | 25 ++++++++++++++----------- 3 files changed, 58 insertions(+), 28 deletions(-) commit 0bae1a5a1bd172794dbfa88ab3e6d53c2835588c Author: Michael Rash Date: Sun Mar 9 19:16:36 2014 -0400 started on 2.6.1 ChangeLog entries ChangeLog | 9 +++++++++ client/fwknop.c | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) commit 08e5c9252cba9367f1122f834bf79f499ea4e050 Author: Michael Rash Date: Wed Mar 5 23:10:47 2014 -0500 [client] bug fix to set non-zero random source port for UDP raw SPA mode client/fwknop.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) commit be971e2ec8ffd703a31a82d49c2e9d8273c80b9e Author: Michael Rash Date: Wed Mar 5 23:11:42 2014 -0500 [client] bug fix to convert UDP length header field to network byte order in UDP raw mode client/spa_comm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit f3a02b5d2d48005be87ee82ca16615ac14f86cb2 Author: Michael Rash Date: Thu Mar 6 23:52:56 2014 -0500 [test suite] establish new test.log file in --list mode test/test-fwknop.pl | 79 +++++++++++++++++++++++++++++------------------------ 1 file changed, 44 insertions(+), 35 deletions(-) commit f476570b2afb8f93c64e06ecbb4ea60c74eb0552 Author: Michael Rash Date: Thu Mar 6 23:41:01 2014 -0500 [test suite] minor --help update to include missed options test/test-fwknop.pl | 2 ++ 1 file changed, 2 insertions(+) commit bfdbb8f2609b219e1d3c72bdec3979103f0a104b Author: Michael Rash Date: Sun Mar 2 22:54:31 2014 -0500 Updated authorship and copyright information This commit updates all authorship and copyright information to include a standard header that references the AUTHORS and CREDITS file. This standard header was written by the Debian legal team at the request of Franck Joncourt. AUTHORS | 35 +++++++++++++++++----- CREDITS | 3 +- android/project/jni/config.h | 6 ++-- android/project/jni/fwknop/fwknop_client.c | 6 ++-- android/project/jni/fwknop/fwknop_client.h | 6 ++-- android/project/jni/fwknop/send_spa_packet.c | 6 ++-- android/project/jni/logutils.h | 6 ++-- .../src/com/max2idea/android/fwknop/Fwknop.java | 6 ++-- client/cmd_opts.h | 6 ++-- client/config_init.c | 6 ++-- client/config_init.h | 6 ++-- client/fwknop.c | 8 ++--- client/fwknop.h | 7 ++--- client/fwknop_common.h | 6 ++-- client/getpasswd.c | 6 ++-- client/getpasswd.h | 6 ++-- client/http_resolve_host.c | 6 ++-- client/log_msg.c | 6 ++-- client/log_msg.h | 6 ++-- client/spa_comm.c | 7 ++--- client/spa_comm.h | 6 ++-- client/utils.c | 6 ++-- client/utils.h | 6 ++-- common/common.h | 6 ++-- common/netinet_common.h | 6 ++-- extras/fwknop.init.openwrt | 7 +++-- extras/openwrt/package/fwknop/files/fwknopd.init | 7 +++-- iphone/Classes/fwknop/fwknop_client.c | 6 ++-- iphone/Classes/fwknop/fwknop_client.h | 6 ++-- iphone/Classes/fwknop/send_spa_packet.c | 6 ++-- iphone/Classes/libfwknop/fko_common.b | 6 ++-- lib/base64.c | 5 +++- lib/base64.h | 6 ++-- lib/cipher_funcs.c | 6 ++-- lib/cipher_funcs.h | 6 ++-- lib/digest.c | 6 ++-- lib/digest.h | 6 ++-- lib/fko.h | 6 ++-- lib/fko_client_timeout.c | 6 ++-- lib/fko_common.h | 6 ++-- lib/fko_context.h | 8 ++--- lib/fko_decode.c | 6 ++-- lib/fko_digest.c | 6 ++-- lib/fko_encode.c | 6 ++-- lib/fko_encryption.c | 6 ++-- lib/fko_error.c | 6 ++-- lib/fko_funcs.c | 6 ++-- lib/fko_hmac.c | 6 ++-- lib/fko_limits.h | 6 ++-- lib/fko_message.c | 6 ++-- lib/fko_message.h | 6 ++-- lib/fko_nat_access.c | 6 ++-- lib/fko_rand_value.c | 6 ++-- lib/fko_server_auth.c | 6 ++-- lib/fko_state.h | 6 ++-- lib/fko_timestamp.c | 6 ++-- lib/fko_user.c | 6 ++-- lib/fko_user.h | 6 ++-- lib/fko_util.c | 6 ++-- lib/fko_util.h | 6 ++-- lib/gpgme_funcs.c | 6 ++-- lib/gpgme_funcs.h | 6 ++-- lib/hmac.c | 6 ++-- lib/hmac.h | 8 ++--- lib/sha2.c | 4 +-- python/fkomodule.c | 6 ++-- python/setup.py | 6 ++-- server/access.c | 6 ++-- server/access.h | 6 ++-- server/cmd_opts.h | 6 ++-- server/config_init.c | 6 ++-- server/config_init.h | 6 ++-- server/extcmd.c | 6 ++-- server/extcmd.h | 6 ++-- server/fw_util.c | 6 ++-- server/fw_util.h | 6 ++-- server/fw_util_ipf.c | 6 ++-- server/fw_util_ipf.h | 6 ++-- server/fw_util_ipfw.c | 6 ++-- server/fw_util_ipfw.h | 6 ++-- server/fw_util_iptables.c | 6 ++-- server/fw_util_iptables.h | 6 ++-- server/fw_util_pf.c | 7 ++--- server/fw_util_pf.h | 7 ++--- server/fwknopd.c | 6 ++-- server/fwknopd.h | 7 ++--- server/fwknopd_common.h | 6 ++-- server/fwknopd_errors.c | 6 ++-- server/fwknopd_errors.h | 6 ++-- server/incoming_spa.c | 6 ++-- server/incoming_spa.h | 6 ++-- server/log_msg.c | 6 ++-- server/log_msg.h | 6 ++-- server/pcap_capture.c | 6 ++-- server/pcap_capture.h | 6 ++-- server/process_packet.c | 6 ++-- server/process_packet.h | 6 ++-- server/replay_cache.c | 6 ++-- server/replay_cache.h | 6 ++-- server/sig_handler.c | 6 ++-- server/sig_handler.h | 6 ++-- server/tcp_server.c | 6 ++-- server/tcp_server.h | 6 ++-- server/utils.c | 6 ++-- server/utils.h | 6 ++-- win32/config.h | 6 ++-- win32/getlogin.h | 8 ++--- 107 files changed, 357 insertions(+), 323 deletions(-) commit 3eeca9b2e34b820cb19e192ca37cc936ea3e6d91 Author: Michael Rash Date: Sat Mar 1 14:34:20 2014 -0500 [server] minor comment typo fix server/access.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 14dc8c6ea2c8ff7db9d2307333535150cb3ae726 Author: Michael Rash Date: Sun Feb 9 21:39:52 2014 -0500 [test suite] check for Darwin uname output for Mac OS X test/test-fwknop.pl | 3 +++ 1 file changed, 3 insertions(+) commit 6409216d3435e633967e169c1e8f55d05b1b780b Author: Michael Rash Date: Thu Feb 6 22:20:40 2014 -0500 [test suite] added git branch and commit values to init test/test-fwknop.pl | 10 ++++++++++ 1 file changed, 10 insertions(+) commit 873b06b4223b8e4d4ce854c4655a2366bd5dac8b Author: Michael Rash Date: Thu Feb 6 22:12:23 2014 -0500 [test suite] added portrange bpf filter test Makefile.am | 1 + test/conf/portrange_fwknopd.conf | 1 + test/test-fwknop.pl | 1 + test/tests/rijndael_hmac.pl | 12 ++++++++++++ 4 files changed, 15 insertions(+) commit 7bb5811651bd833b2a991c3dda0b3a1c85505bdc Author: Michael Rash Date: Sun Feb 2 20:32:02 2014 -0500 [libfko] minor bug fix to not return GPG error codes from _rijndael_decrypt() lib/fko_encryption.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit 8922c279d32db63ba1c58f674c425caaebe4a708 Author: Michael Rash Date: Sun Feb 2 20:29:14 2014 -0500 [test suite] buf fix for DYLD_LIBRARY_PATH on Mac OS X systems test/run-test-suite.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) commit 55dec8532a7399c2da1b8da551766348ae734321 Author: Michael Rash Date: Sun Feb 2 20:28:02 2014 -0500 [test suite] minor spelling typo fix test/test-fwknop.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) commit 86873441db0422804105a5d323961747f1340142 Merge: d79fcea 63a8298 Author: Michael Rash Date: Sat Jan 18 23:13:56 2014 -0500 Merge branch 'master' of ssh://10.211.55.11/home/mbr/git/fwknop commit d79fcea6d71fbfbc50901fada8f88f44149fb502 Author: Michael Rash Date: Fri Jan 17 21:10:36 2014 -0500 [client] minor bug fix to add --spoof-source synonym for --spoof-src to match man page client/cmd_opts.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) commit 63a829803ea72180a1575b70533f8fbf1e165a17 Author: Michael Rash Date: Fri Jan 17 23:43:11 2014 -0500 [test suite] added --client-only mode for the test suite test/test-fwknop.pl | 31 +++++++++++++++++++++++++++---- test/tests/python_fko.pl | 2 +- 2 files changed, 28 insertions(+), 5 deletions(-)