CREDITS | 17 + ChangeLog-v2.0.0 | 3020 ------------------------ ChangeLog-v2.0rc5 | 797 +++++++ Makefile.am | 68 + ShortLog-v2.0.0 | 654 ----- ShortLog-v2.0rc5 | 120 + VERSION | 2 +- android/project/jni/config.h | 6 +- client/Makefile.am | 2 +- client/config_init.c | 59 +- client/fwknop.c | 84 +- client/fwknop_common.h | 6 +- client/getpasswd.c | 4 +- client/http_resolve_host.c | 8 +- client/spa_comm.c | 62 +- client/spa_comm.h | 2 +- client/utils.c | 2 +- client/utils.h | 2 +- common/common.h | 4 +- common/netinet_common.h | 11 +- configure.ac | 66 +- diffstat-v2.0.0 | 1310 ---------- diffstat-v2.0rc5 | 209 ++ doc/fwknop.man.asciidoc | 8 +- doc/fwknopd.man.asciidoc | 93 +- doc/libfko.texi | 12 +- extras/fwknop-launcher/fwknop-launcher-lsof.pl | 350 +++ extras/fwknop-launcher/fwknop-launcher.conf | 30 + extras/openwrt/package/fwknop/Makefile | 2 +- fwknop.spec | 8 +- iphone/COPYING | 340 +++ iphone/Classes/FwknopController.h | 30 + iphone/Classes/FwknopController.m | 309 +++ iphone/Classes/MyAppDelegate.h | 33 + iphone/Classes/MyAppDelegate.m | 53 + iphone/Classes/bridge_fwknop.c | 28 + iphone/Classes/bridge_fwknop.h | 21 + iphone/Classes/config.h | 346 +++ iphone/Classes/fwknop/fwknop_client.c | 162 ++ iphone/Classes/fwknop/fwknop_client.h | 60 + iphone/Classes/fwknop/send_spa_packet.c | 94 + iphone/Classes/libfwknop/README | 11 + iphone/Classes/libfwknop/config.h | 14 + iphone/Classes/libfwknop/fko_common.b | 140 ++ iphone/Classes/libfwknop/get_libfko_files.sh | 38 + iphone/Classes/logutils.h | 33 + iphone/Fwknop.pch | 23 + iphone/Fwknop.xcodeproj/dev.mode1v3 | 1539 ++++++++++++ iphone/Fwknop.xcodeproj/dev.pbxuser | 2859 ++++++++++++++++++++++ iphone/Fwknop.xcodeproj/project.pbxproj | 413 ++++ iphone/Info.plist | 30 + iphone/README | 42 + iphone/lock_57x57.png | Bin 0 -> 3466 bytes iphone/main.m | 29 + lib/base64.c | 2 +- lib/base64.h | 2 +- lib/cipher_funcs.c | 22 +- lib/cipher_funcs.h | 4 +- lib/digest.c | 4 +- lib/fko.h | 28 +- lib/fko_client_timeout.c | 6 +- lib/fko_decode.c | 34 +- lib/fko_digest.c | 24 +- lib/fko_encode.c | 18 +- lib/fko_encryption.c | 58 +- lib/fko_error.c | 10 +- lib/fko_funcs.c | 18 +- lib/fko_message.c | 12 +- lib/fko_nat_access.c | 2 +- lib/fko_rand_value.c | 4 +- lib/fko_server_auth.c | 2 +- lib/fko_timestamp.c | 6 +- lib/fko_user.c | 1 - lib/gpgme_funcs.c | 2 +- lib/gpgme_funcs.h | 2 +- lib/rijndael.c | 268 ++-- server/Makefile.am | 7 +- server/access.c | 261 ++- server/access.h | 7 +- server/cmd_opts.h | 17 +- server/config_init.c | 112 +- server/config_init.h | 2 +- server/extcmd.c | 8 +- server/extcmd.h | 4 +- server/fw_util.h | 14 +- server/fw_util_ipf.c | 15 +- server/fw_util_ipfw.c | 231 ++- server/fw_util_ipfw.h | 5 +- server/fw_util_iptables.c | 272 ++- server/fw_util_iptables.h | 25 +- server/fw_util_pf.c | 559 +++++ server/fw_util_pf.h | 48 + server/fwknopd.8.in | 5 +- server/fwknopd.c | 172 +- server/fwknopd.conf | 41 +- server/fwknopd.h | 2 + server/fwknopd_common.h | 51 +- server/fwknopd_errors.c | 29 +- server/fwknopd_errors.h | 7 +- server/incoming_spa.c | 683 ++++--- server/incoming_spa.h | 2 +- server/log_msg.c | 12 +- server/pcap_capture.c | 61 +- server/process_packet.c | 33 +- server/replay_cache.c | 13 +- server/tcp_server.c | 10 +- server/utils.c | 23 +- server/utils.h | 3 +- test/conf/client-gpg/pubring.gpg | Bin 0 -> 2480 bytes test/conf/client-gpg/secring.gpg | Bin 0 -> 1350 bytes test/conf/client-gpg/trustdb.gpg | Bin 0 -> 1360 bytes test/conf/default_access.conf | 3 + test/conf/default_fwknopd.conf | 4 + test/conf/expired_epoch_stanza_access.conf | 4 + test/conf/expired_stanza_access.conf | 4 + test/conf/force_nat_access.conf | 4 + test/conf/future_expired_stanza_access.conf | 4 + test/conf/gpg_access.conf | 7 + test/conf/invalid_expire_access.conf | 4 + test/conf/ip_source_match_access.conf | 3 + test/conf/mismatch_open_ports_access.conf | 4 + test/conf/mismatch_user_access.conf | 4 + test/conf/multi_gpg_access.conf | 7 + test/conf/multi_source_match_access.conf | 3 + test/conf/multi_stanzas_access.conf | 15 + test/conf/multi_stanzas_with_broken_keys.conf | 19 + test/conf/nat_fwknopd.conf | 5 + test/conf/no_multi_source_match_access.conf | 3 + test/conf/no_source_match_access.conf | 3 + test/conf/no_subnet_source_match_access.conf | 3 + test/conf/open_ports_access.conf | 4 + test/conf/override_fwknopd.conf | 1 + test/conf/require_src_access.conf | 5 + test/conf/require_user_access.conf | 4 + test/conf/server-gpg/pubring.gpg | Bin 0 -> 2480 bytes test/conf/server-gpg/secring.gpg | Bin 0 -> 1352 bytes test/conf/server-gpg/trustdb.gpg | Bin 0 -> 1360 bytes test/conf/subnet_source_match_access.conf | 3 + test/hardening-check | 285 +++ test/local_spa.key | 3 + test/test-fwknop.pl | 2689 +++++++++++++++++++++ win32/config.h | 2 +- 142 files changed, 13849 insertions(+), 6178 deletions(-) create mode 100644 CREDITS delete mode 100644 ChangeLog-v2.0.0 create mode 100644 ChangeLog-v2.0rc5 delete mode 100644 ShortLog-v2.0.0 create mode 100644 ShortLog-v2.0rc5 delete mode 100644 diffstat-v2.0.0 create mode 100644 diffstat-v2.0rc5 create mode 100755 extras/fwknop-launcher/fwknop-launcher-lsof.pl create mode 100644 extras/fwknop-launcher/fwknop-launcher.conf create mode 100755 iphone/COPYING create mode 100755 iphone/Classes/FwknopController.h create mode 100755 iphone/Classes/FwknopController.m create mode 100755 iphone/Classes/MyAppDelegate.h create mode 100755 iphone/Classes/MyAppDelegate.m create mode 100644 iphone/Classes/bridge_fwknop.c create mode 100644 iphone/Classes/bridge_fwknop.h create mode 100644 iphone/Classes/config.h create mode 100644 iphone/Classes/fwknop/fwknop_client.c create mode 100644 iphone/Classes/fwknop/fwknop_client.h create mode 100644 iphone/Classes/fwknop/send_spa_packet.c create mode 100644 iphone/Classes/libfwknop/README create mode 100644 iphone/Classes/libfwknop/config.h create mode 100644 iphone/Classes/libfwknop/fko_common.b create mode 100755 iphone/Classes/libfwknop/get_libfko_files.sh create mode 100644 iphone/Classes/logutils.h create mode 100755 iphone/Fwknop.pch create mode 100644 iphone/Fwknop.xcodeproj/dev.mode1v3 create mode 100644 iphone/Fwknop.xcodeproj/dev.pbxuser create mode 100755 iphone/Fwknop.xcodeproj/project.pbxproj create mode 100755 iphone/Info.plist create mode 100755 iphone/README create mode 100644 iphone/lock_57x57.png create mode 100755 iphone/main.m create mode 100644 server/fw_util_pf.c create mode 100644 server/fw_util_pf.h create mode 100644 test/conf/client-gpg/pubring.gpg create mode 100644 test/conf/client-gpg/secring.gpg create mode 100644 test/conf/client-gpg/trustdb.gpg create mode 100644 test/conf/default_access.conf create mode 100644 test/conf/default_fwknopd.conf create mode 100644 test/conf/expired_epoch_stanza_access.conf create mode 100644 test/conf/expired_stanza_access.conf create mode 100644 test/conf/force_nat_access.conf create mode 100644 test/conf/future_expired_stanza_access.conf create mode 100644 test/conf/gpg_access.conf create mode 100644 test/conf/invalid_expire_access.conf create mode 100644 test/conf/ip_source_match_access.conf create mode 100644 test/conf/mismatch_open_ports_access.conf create mode 100644 test/conf/mismatch_user_access.conf create mode 100644 test/conf/multi_gpg_access.conf create mode 100644 test/conf/multi_source_match_access.conf create mode 100644 test/conf/multi_stanzas_access.conf create mode 100644 test/conf/multi_stanzas_with_broken_keys.conf create mode 100644 test/conf/nat_fwknopd.conf create mode 100644 test/conf/no_multi_source_match_access.conf create mode 100644 test/conf/no_source_match_access.conf create mode 100644 test/conf/no_subnet_source_match_access.conf create mode 100644 test/conf/open_ports_access.conf create mode 100644 test/conf/override_fwknopd.conf create mode 100644 test/conf/require_src_access.conf create mode 100644 test/conf/require_user_access.conf create mode 100644 test/conf/server-gpg/pubring.gpg create mode 100644 test/conf/server-gpg/secring.gpg create mode 100644 test/conf/server-gpg/trustdb.gpg create mode 100644 test/conf/subnet_source_match_access.conf create mode 100755 test/hardening-check create mode 100644 test/local_spa.key create mode 100755 test/test-fwknop.pl