DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
fwknop/ChangeLog.git
Michael Rash 94cc77fda6 added fwknop.spec update to ChangeLog.git
2014-01-12 22:29:04 -05:00

1903 lines
70 KiB
Plaintext
Raw Blame History

commit 177290c5c3c50af616aa5cb2dc5dee0bf2c611ec (HEAD, refs/heads/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 12 22:27:38 2014 -0500
updated fwknop.spec file release note for 2.6.0
fwknop.spec | 4 ++++
1 file changed, 4 insertions(+)
commit 56966ee832ccb21651292e0209aec23e468a8d01
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 12 21:41:54 2014 -0500
added Coverity finds/fixes to ChangeLog.git for 2.6.0
ChangeLog.git | 30 +++++++++++++++++++++++++++++-
1 file changed, 29 insertions(+), 1 deletion(-)
commit cf6a38ea0dc8e0c66e37da4c3eb926476738deba
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 12 21:40:20 2014 -0500
[server] better checking for read() return value flagged by Coverity
server/fwknopd.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
commit 05d6e1c4a744007d3ac04be486d16f13f38cfa9e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Jan 12 21:08:55 2014 -0500
[server] fixed copy-and-paste NULL check bug found by Coverity
server/access.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 431caa287a85c06521630fe6efefc4e8c1992cfd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 11 23:33:53 2014 -0500
added ChangeLog.git to show changes since 2.5.1
ChangeLog | 2 +-
ChangeLog.git | 1864 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 1818 insertions(+), 48 deletions(-)
commit 825c361958580b459d88080798bc72398f967352 (refs/remotes/web/master, refs/remotes/origin/master, refs/remotes/origin/HEAD)
Merge: a347be3 1e17299
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Jan 11 15:21:10 2014 -0500
Merge branch 'master' of https://github.com/mrash/fwknop
commit 1e1729905e27d7b71f5ea75faed97efa12424034
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sat Jan 11 10:58:01 2014 -0500
Bumped libfko and protocol versions to 2.0.1. Added dependencies for this version to the fwknop.spec file.
fwknop.spec | 13 ++++++-------
lib/Makefile.am | 2 +-
lib/fko.h | 2 +-
3 files changed, 8 insertions(+), 9 deletions(-)
commit a347be354d646d29e304f668eb5aa8f94863d18d
Merge: 551b243 bd0b8a1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Jan 10 22:46:54 2014 -0500
merged android4.4_support branch
commit 551b243007d8e481e284a9d90ab9372fefc09b87 (tag: refs/tags/2.6.0-pre1, refs/remotes/minastirith/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Jan 2 20:47:41 2014 -0500
(Marek Wrzosek) Update docs to reflect random 'digits' use instead of 'bytes'
Suggested doc update to fwknop man pages to accurately describe the usage
of digits instead of bytes for SPA random data. About 53 bits of entropy
are actually used, although this is in addition to the 64-bit random salt
in for key derivation used by PBKDF1 in Rjindael CBC mode.
CREDITS | 8 ++++++++
client/fwknop.8.in | 10 +++++-----
doc/fwknop.man.asciidoc | 15 ++++++++-------
3 files changed, 21 insertions(+), 12 deletions(-)
commit 6add06f76cbe2de3650d85ddf738c0f0327b9887
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 1 22:27:07 2014 -0500
bumped version to 2.6.0
ChangeLog | 2 +-
VERSION | 2 +-
configure.ac | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
commit 3820b6439478ff9b1b090120859bbb56918ec594
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 1 19:45:38 2014 -0500
[libfko] ensure a NULL HMAC key is properly handled
lib/fko_hmac.c | 6 ++++++
1 file changed, 6 insertions(+)
commit 34a3808b99e0008728777c97d00d28216f56c9b9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 1 19:45:02 2014 -0500
[test suite] minor display_ctx() call position update
test/fko-wrapper/fko_wrapper.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
commit f5fd8de48204e3a3c2a0fcdb11e81ffef614e553
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 1 14:07:39 2014 -0500
[test suite] better loop output for fko-wrapper
test/fko-wrapper/fko_wrapper.c | 31 ++++++++++++++++---------------
1 file changed, 16 insertions(+), 15 deletions(-)
commit 3adb3599323ae4b1abc7e4a1537e753addf1d99c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jan 1 13:42:13 2014 -0500
minor README update
README | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
commit 227d0ab947f82a579aa2c55ba934256e9d64a078
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Dec 31 23:27:05 2013 -0500
[libfko] ensure NULL is handled properly for all fko_get_* functions
lib/fko_client_timeout.c | 3 +++
lib/fko_digest.c | 6 +++++
lib/fko_encode.c | 3 +++
lib/fko_encryption.c | 3 +++
lib/fko_funcs.c | 6 +++++
lib/fko_hmac.c | 6 +++++
lib/fko_message.c | 6 +++++
lib/fko_nat_access.c | 3 +++
lib/fko_rand_value.c | 3 +++
lib/fko_server_auth.c | 3 +++
lib/fko_timestamp.c | 3 +++
lib/fko_user.c | 3 +++
test/fko-wrapper/fko_wrapper.c | 53 +++++++++++++++++++++++++++++-------------
13 files changed, 85 insertions(+), 16 deletions(-)
commit 7aa6d37fff7e638b4845ce97ac0e85a17b507f6f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 30 21:56:08 2013 -0500
[libfko] added NULL check for fko_set_spa_data() data arg
lib/fko_funcs.c | 3 +++
test/fko-wrapper/fko_wrapper.c | 44 ++++++++++++++++++++++++++++++++++--------
2 files changed, 39 insertions(+), 8 deletions(-)
commit 5022beaf12902c0c0aeef089f4cf9ec74727c8c7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 30 21:09:27 2013 -0500
[libfko] < 0 checks not needed for size_t vars which are unsigned
lib/cipher_funcs.c | 3 ---
lib/fko_util.c | 12 ------------
2 files changed, 15 deletions(-)
commit 297d7d00fe4d6e6b6fd9aa3b8b1a042e1571bd2d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 29 22:44:16 2013 -0500
[libfko] enc key NULL checks with fko-wrapper test support
lib/fko_encryption.c | 4 ++++
lib/fko_funcs.c | 9 +++++++--
test/fko-wrapper/fko_wrapper.c | 8 +++++++-
3 files changed, 18 insertions(+), 3 deletions(-)
commit 0c6911941b18cc9eb9a41d5a31770260b7baa13f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 29 21:05:04 2013 -0500
[libfko] reject negative length values
Integer lengths that are negative are never valid. This commit also
extends the fuzzing capabilities of the test/fko-wrapper code to
validate libfko calls with negative length arguments, and one crash
scenario with a negative length for the encryption key was found (and
fixed) this way.
lib/base64.c | 2 +-
lib/cipher_funcs.c | 3 +
lib/fko.h | 5 +-
lib/fko_encryption.c | 10 ++-
lib/fko_funcs.c | 6 ++
lib/fko_hmac.c | 4 +-
lib/fko_util.c | 12 ++++
lib/gpgme_funcs.c | 6 +-
test/fko-wrapper/fko_wrapper.c | 145 ++++++++++++++++++++++++++++++++---------
9 files changed, 154 insertions(+), 39 deletions(-)
commit d09e2786461dbbeee79237d8719932a0a3a064e5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 29 20:02:56 2013 -0500
added fko-wrapper no valgrind script
Makefile.am | 1 +
1 file changed, 1 insertion(+)
commit 283c72e4636b74a3ad0f8ff40bacb685c426ff45
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 29 19:59:16 2013 -0500
[test suite] run fko-wrapper without valgrind, closes #113
test/fko-wrapper/run_no_valgrind.sh | 3 ++
test/test-fwknop.pl | 63 +++++++++++++++++++++++++++++++++++++
test/tests/rijndael_fuzzing.pl | 6 ++++
3 files changed, 72 insertions(+)
commit 8a7ca121e9052a70ff293fef9c1293d270dea4c7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 28 15:22:01 2013 -0500
[test suite] use ctx_update() where possible for fko-wrapper
test/fko-wrapper/fko_wrapper.c | 101 ++++++-----------------------------------
1 file changed, 15 insertions(+), 86 deletions(-)
commit bf9fa57ca81fda211de61e120d42f30a39163f2a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 28 14:56:35 2013 -0500
[test suite] added 'getset' versions of fko_ int/short wrapper functions
test/fko-wrapper/fko_wrapper.c | 110 ++++++++++++++++++++++++++++++++++-------
1 file changed, 92 insertions(+), 18 deletions(-)
commit 8f3ea42b3fe5c41d78f730617c033e206c2b43a9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 28 14:20:11 2013 -0500
[test suite] update fko-wrapper to use constants from fko.h
test/fko-wrapper/fko_wrapper.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
commit 4c42d5575e8a0c98156c0af0250c12ba0427e8d5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 28 14:10:47 2013 -0500
[test suite] added ctx_update() function to fko-wrapper test
test/fko-wrapper/fko_wrapper.c | 38 ++++++++++++++++++--------------------
1 file changed, 18 insertions(+), 20 deletions(-)
commit 05eb4ebb7b4802d99818d7586979c4e1f21b2e1e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Dec 27 23:24:05 2013 -0500
[test suite] call FKO functions via function pointers (interim commit)
test/fko-wrapper/fko_wrapper.c | 170 ++++++++++++++++++++++-------------------
1 file changed, 93 insertions(+), 77 deletions(-)
commit bd0b8a1953b12bcabdf15f9c7a3c049fa7c71969 (refs/remotes/minastirith/android4.4_support)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Dec 26 20:44:35 2013 -0500
[android] updated README file, added project/sdk.paths file
Makefile.am | 1 +
android/README | 35 +++++++++++++++++++++++++++++++++++
android/project/sdk.paths | 3 +++
3 files changed, 39 insertions(+)
commit db58f2008efbafc4f8a0acc39254772c2fcfb0e3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 23:16:03 2013 -0500
[android] Added test/conf/hmac_android_access.conf file to Makefile.am
Makefile.am | 1 +
1 file changed, 1 insertion(+)
commit 509dcf93ddf9a9bef73d2f18b239d7f50643d190
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 23:15:11 2013 -0500
[android] added HMAC test along with non-legacy Rijndael test
ChangeLog | 5 +++--
test/conf/android_access.conf | 2 +-
test/conf/hmac_android_access.conf | 4 ++++
test/test-fwknop.pl | 1 +
test/tests/rijndael_backwards_compatibility.pl | 18 ++++++++++++++++++
test/tests/rijndael_hmac.pl | 18 ++++++++++++++++++
6 files changed, 45 insertions(+), 3 deletions(-)
commit 8fdb5d63958ad5de2d85f03a66843f5cae5eda7f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 22:51:26 2013 -0500
[android] added ant.properties file
Makefile.am | 1 +
android/project/ant.properties | 22 ++++++++++++++++++++++
2 files changed, 23 insertions(+)
commit 171da60f238a4c2c6ff84a7f345053ce74a2dc55
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 22:44:53 2013 -0500
[android] added project.properties file
Makefile.am | 1 +
android/project/project.properties | 14 ++++++++++++++
2 files changed, 15 insertions(+)
commit 3b330f2036cb2680af4d37a1351fe698cbf812db
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 22:40:18 2013 -0500
[android] Makefile.am minor script path update
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit e25d05f05007a00d44e106ae4ef75d19d8e61e5b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 22:39:21 2013 -0500
[android] update Makefile.am for latest Android directory tree
Makefile.am | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
commit 204bc6e58f286fac65cf23e916d1ce74cc1f1921
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 22:29:51 2013 -0500
[android] add HMAC support (currently optional)
android/project/jni/fwknop/fwknop_client.c | 26 ++++++++++++++++++++--
android/project/res/layout/main.xml | 22 ++++++++++++++++++
.../src/com/max2idea/android/fwknop/Fwknop.java | 13 +++++++++++
3 files changed, 59 insertions(+), 2 deletions(-)
commit dc19e07d65c0826907bffd9e8fd8d0ac71327e46
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 23 20:38:04 2013 -0500
[android] update to copy fko.h and associated files to jni/fwknop/ via get_libfko_header.sh
android/project/custom_rules.xml | 25 +++
android/project/jni/fwknop/fko.h | 286 ------------------------
android/project/jni/fwknop/fko_limits.h | 67 ------
android/project/jni/fwknop/fko_message.h | 44 ----
android/project/jni/fwknop/get_libfko_header.sh | 37 +++
5 files changed, 62 insertions(+), 397 deletions(-)
commit 8dfd57677aee237bf36b7f15c982326fb518b6a7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 22 21:12:26 2013 -0500
added Gerry Reno
CREDITS | 6 ++++++
ChangeLog | 2 ++
2 files changed, 8 insertions(+)
commit d43d2fc8175f073094cfeb20f14055c78bd52800
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 22 15:25:32 2013 -0500
[android] applied Gerry Reno's patch for Android-4.4
android/project/AndroidManifest.xml | 2 +-
android/project/build-4.1.2.properties | 16 ---
android/project/build.properties | 16 ---
android/project/build.xml | 129 +++++++++++++--------
android/project/default.properties | 11 --
android/project/jni/Android.mk | 3 +-
.../project/src/com/max2idea/android/fwknop/R.java | 52 ---------
7 files changed, 81 insertions(+), 148 deletions(-)
commit 8ed0d9d8d929b07b6843dc153a1493521be05502
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Dec 22 15:10:23 2013 -0500
Fix 'string literal' warning for Android client
Under Android-4.4 this commit fixes the following warning:
[exec] jni/./fwknop/fwknop_client.c: In function 'Java_com_max2idea_android_fwknop_Fwknop_sendSPAPacket':
[exec] jni/./fwknop/fwknop_client.c:181:5: error: format not a string literal and no format arguments [-Werror=format-security]
[exec] cc1: some warnings being treated as errors
android/project/jni/fwknop/fwknop_client.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 6cba5d2ec92bfda5074767611019912d3fdc67bf
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 16 22:33:55 2013 -0500
[test suite] bug fix for python FKO extension library path (found on Fedora 19)
test/test-fwknop.pl | 9 +++++++++
1 file changed, 9 insertions(+)
commit 919f25f85d53fa6b550241be36ab5f11cb9f5b24
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 14 19:41:00 2013 -0500
[server] fw_initialize() vs. fw_config_init() bug fix for use_masquerade
server/config_init.c | 2 +-
server/fw_util_iptables.c | 28 ++++++++++++----------------
2 files changed, 13 insertions(+), 17 deletions(-)
commit 92cdb47ff7eb34ebf4924d0eed75ac3ea7ce1429
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Dec 14 15:44:39 2013 -0500
[server] added FORCE_MASQUERADE to fwknopd(8) man page, closes #101
This commit completes the addition of generalized NAT (both DNAT and
SNAT) capabilities to access.conf stanzas.
doc/fwknopd.man.asciidoc | 27 ++++++++++++++++-----------
server/config_init.c | 6 ++++++
server/fw_util_iptables.c | 29 ++++++++++++++++-------------
server/fwknopd.8.in | 21 +++++++++++++++++----
server/fwknopd_common.h | 5 +++++
5 files changed, 60 insertions(+), 28 deletions(-)
commit 3a2c33cd3c9ee0c45a2a0173f5cb1966d2ada33d (refs/remotes/github/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Dec 11 23:01:44 2013 -0600
Added Les Aker to credits file
CREDITS | 5 +++++
1 file changed, 5 insertions(+)
commit 3b2cd063fe45232d1ac346a80257570435a0eed2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Dec 10 22:24:39 2013 -0600
[server] pcap_dispatch() packet count default to 100
Updated pcap_dispatch() default packet count from zero to 100.
This change was made to ensure backwards compatibility with older
versions of libpcap per the pcap_dispatch() man page, and also because
some of a report from Les Aker of an unexpected crash on Arch Linux with
libpcap-1.5.1 that is fixed by this change (closes #110).
ChangeLog | 5 +++++
server/fwknopd_common.h | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
commit aeed8323f7c1cf3c69f85432b0118b6932e79ce4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Dec 10 21:31:03 2013 -0600
[test suite] multi-packet pcap test for pcap_dispatch() validation
This commit adds a new pcap file to the test suite with an SPA packet after
99 other garbage packets. This can be used for pcap_dispatch() testing,
though this is not meant to be super instensive - it is just to ensure that
if a PCAP_DISPATCH_COUNT of, say, 10 is selected that the SPA is still seen
by fwknopd. This commit is in support of #110.
Makefile.am | 1 +
test/conf/multi_pkts.pcap | Bin 0 -> 46890 bytes
test/test-fwknop.pl | 3 ++-
test/tests/rijndael.pl | 2 +-
test/tests/rijndael_hmac.pl | 14 ++++++++++++++
5 files changed, 18 insertions(+), 2 deletions(-)
commit 5f50ac22dbec45cbe625c11c19a4c006469745f4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Dec 9 22:10:46 2013 -0600
[server] use SIGKILL if necessary for -K
This change sends SIGKILL to fwknopd under -K if SIGTERM does not do the job
first. This can be necessary in some cases if libpcap does not properly handle
a packet count of zero in pcap_dispatch() (see github issue #110). On a side
note, the default packet dispatch count of zero will likely be changed because
of that issue too.
server/fwknopd.c | 47 +++++++++++++++++++++++++++++++++++++++++++----
test/test-fwknop.pl | 39 ++++++++++++++++++---------------------
2 files changed, 61 insertions(+), 25 deletions(-)
commit 3ef9e5645bbcb39559424dfe211b3531d6fb3089
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Dec 5 23:37:10 2013 -0500
[test suite] added masquerade exception for non-Linux systems
test/test-fwknop.pl | 1 +
1 file changed, 1 insertion(+)
commit 0319b723343f6cab6214a274153a87c14e9e173e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Dec 5 23:01:12 2013 -0500
[test suite] added missing config files
test/conf/hmac_force_masq_access.conf | 6 ++++++
test/conf/hmac_force_snat_access.conf | 6 ++++++
2 files changed, 12 insertions(+)
commit 46b5f2ecaf475cb1a58acbf5d47e6afbcaaa02b8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Dec 5 23:00:19 2013 -0500
[server] added the ability to use FORCE_MASQUERADE to access.conf stanzas
Makefile.am | 3 ++-
server/access.c | 18 ++++++++++++++++++
server/fw_util_iptables.c | 8 ++++++++
server/fwknopd_common.h | 1 +
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 39 +++++++++++++++++++++++++++++++++++++++
6 files changed, 69 insertions(+), 1 deletion(-)
commit 79f0cb898639fca71e43d95c231181075e1135bd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Dec 4 23:11:11 2013 -0500
[libfko] added defensive NULL check for is_valid_ipv4_addr()
lib/fko_util.c | 3 +++
1 file changed, 3 insertions(+)
commit e0114e60c26727268b2b16b3098e8fb117d4a449
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Dec 4 21:52:07 2013 -0500
[server] Added FORCE_SNAT to access.conf stanzas.
Added FORCE_SNAT to the access.conf file so that per-access stanza SNAT
criteria can be specified for SPA access.
ChangeLog | 2 ++
doc/fwknopd.man.asciidoc | 10 ++++++++
server/access.c | 57 ++++++++++++++++++++++++++++++++++++++++++++-
server/fw_util_iptables.c | 44 ++++++++++++++++------------------
server/fwknopd_common.h | 9 +++++++
test/test-fwknop.pl | 3 +++
test/tests/rijndael_hmac.pl | 47 +++++++++++++++++++++++++++++++++----
7 files changed, 143 insertions(+), 29 deletions(-)
commit d7aa820e33e5e65fb87c86f1b8f9e1ca9b1af435
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Dec 3 21:42:23 2013 -0500
[server] Bug fix for SPA NAT modes on iptables firewalls for chain re-creation
For SPA NAT modes this commit ensures that custom fwknop chains are re-created
if they get deleted out from under the running fwknopd instance.
ChangeLog | 3 ++
server/fw_util_iptables.c | 30 ++++++++++++++++-
test/test-fwknop.pl | 26 ++++++++++++++
test/tests/rijndael.pl | 26 +++++++-------
test/tests/rijndael_hmac.pl | 82 +++++++++++++++++++++++++++++++++++++--------
5 files changed, 139 insertions(+), 28 deletions(-)
commit bd73ceb5bd6fc0a907141f3da63e180960424f8e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 27 21:58:13 2013 -0500
[test suite] added FreeBSD-9.2 and OpenBSD-5.4 compatibility tests
test/tests/os_compatibility.pl | 67 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 67 insertions(+)
commit c382febf3dac5f6acbe79565c08661885c263761
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 26 23:48:56 2013 -0500
[client] use libfko is_valid_ipv4_addr() for IP address validation
client/config_init.c | 22 +++++++++++++++++++++-
client/fwknop.c | 32 +-------------------------------
test/tests/basic_operations.pl | 4 ++--
test/tests/rijndael.pl | 2 +-
4 files changed, 25 insertions(+), 35 deletions(-)
commit aeb415d0e0f91fc08e6b2d831b25e1ca9a1e5d08
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 26 21:44:53 2013 -0500
move fuzzing_spa_packets file to perl/FKO/t/ for fuzzing tests
This change moves the fuzzing_spa_packets file from the test/fuzzing/
directory into the perl FKO extension t/ directory and is now referenced
directly by the t/04_fuzzing.t test file. The test suite itself also uses
this file for fuzzing tests as well, but having the FKO built-in tests
enables Test::Valgrind memory checks so it is useful to have this included
in the FKO sources. (When the FKO module is submitted to CPAN, it should
not depend on non-local files, but it's ok for the test suite to reference
the ../perl/FKO/t/ directory.)
Makefile.am | 2 +-
perl/FKO/MANIFEST | 2 +
perl/FKO/t/04_fuzzing.t | 33 +-
perl/FKO/t/fuzzing_spa_packets | 2275 ++++++++++++++++++++++++++++++++++++++
test/fuzzing/fuzzing_spa_packets | 2275 --------------------------------------
test/test-fwknop.pl | 2 +-
6 files changed, 2311 insertions(+), 2278 deletions(-)
commit a15be4005e5c064ed758a7512d127566ed5b60a7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Nov 25 23:15:35 2013 -0500
minor ChangeLog rewording for GPG fix
ChangeLog | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
commit be904769c48fa591fb25b5c87677617a2fded8fb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Nov 25 23:11:01 2013 -0500
[libfko] Bug fix to not decrypt with GnuGP without FKO_ENC_MODE_ASYMMETRIC
[libfko] Bug fix to not attempt SPA packet decryption with GnuPG without
an fko object with encryption_mode set to FKO_ENC_MODE_ASYMMETRIC. This
bug was caught with valgrind validation against the perl FKO extension
together with the set of SPA fuzzing packets in
test/fuzzing/fuzzing_spa_packets. Note that this bug cannot be
triggered via fwknopd because additional checks are made within fwknopd
itself to force FKO_ENC_MODE_ASYMMETRIC whenever an access.conf stanza
contains GPG key information. This fix strengthens libfko itself to
independently require that the usage of fko objects without GPG key
information does not result in attempted GPG decryption operations. Hence
this fix applies mostly to third party usage of libfko - i.e. stock
installations of fwknopd are not affected. As always, it is recommended to
use HMAC authenticated encryption whenever possible even for GPG modes since
this also provides a work around even for libfko prior to this fix.
ChangeLog | 15 ++++++++++++---
lib/fko_encryption.c | 3 ++-
2 files changed, 14 insertions(+), 4 deletions(-)
commit 6dd5ab8e359c61e83ccb9311c7086b07ac6040c9
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 22 23:00:20 2013 -0500
[test suite] added --cmd-verbose to control fwknop command verbosity levels
This commit provides an easy way to control how verbose fwknop command
execution will be. For example, fwknopd only calls hex_dump() against
SPA packets when --verbose > 2, so invoking the tests suite as follows
will result in hex_dump() being included in fwknopd output (see the
output/1_fwknopd.test file:
./test-fwknop.pl --include "Rijndael.*complete.*22" --test-limit 1 --cmd-verbose "--verbose --verbose --verbose"
[+] candidate SPA packet payload:
0x0000: 39 62 72 51 58 75 7a 4b 57 54 53 67 57 56 35 66 9brQXuzKWTSgWV5f
0x0010: 73 63 78 42 35 78 69 51 65 6c 55 4f 53 78 69 45 scxB5xiQelUOSxiE
0x0020: 51 30 59 6a 41 50 70 31 4f 70 43 62 32 51 4a 4c Q0YjAPp1OpCb2QJL
0x0030: 48 34 42 65 68 64 6d 47 35 49 31 50 36 2f 5a 69 H4BehdmG5I1P6/Zi
0x0040: 6a 34 4b 41 62 34 53 68 6a 59 66 4f 71 2b 46 6c j4KAb4ShjYfOq+Fl
0x0050: 4a 35 52 75 70 33 39 6f 6e 65 42 79 72 51 46 57 J5Rup39oneByrQFW
0x0060: 61 38 6c 37 63 48 6e 38 5a 54 36 59 6e 55 56 47 a8l7cHn8ZT6YnUVG
0x0070: 50 36 6e 53 6f 69 30 61 70 72 32 52 39 62 6b 56 P6nSoi0apr2R9bkV
0x0080: 37 50 61 67 41 61 6b 49 44 63 58 59 44 6b 2f 64 7PagAakIDcXYDk/d
0x0090: 67 51 45 61 37 39 32 6f 30 4d 38 6e 30 30 6e 35 gQEa792o0M8n00n5
0x00a0: 55 U
test/test-fwknop.pl | 19 +++++++++++-------
test/tests/basic_operations.pl | 6 +++---
test/tests/gpg.pl | 8 ++++----
test/tests/gpg_hmac.pl | 8 ++++----
test/tests/gpg_no_pw.pl | 8 ++++----
test/tests/gpg_no_pw_hmac.pl | 8 ++++----
test/tests/rijndael.pl | 43 ++++++++++++++++++++---------------------
test/tests/rijndael_cmd_exec.pl | 2 +-
test/tests/rijndael_hmac.pl | 32 +++++++++++++++---------------
9 files changed, 69 insertions(+), 65 deletions(-)
commit cba2873e2285b52c83faf7f7981fea2679c150bc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 22 22:36:17 2013 -0500
AppArmor profile update to allow GnuPG link operations, closes #109
This fix was submitted by Raybuntu through github.
extras/apparmor/usr.sbin.fwknopd | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 72eb3421b6751b051b2d04ed68074a4fb96d9892
Merge: f396b81 65195d7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 21 21:02:08 2013 -0500
Merge branch 'master' of ssh://192.168.10.1/home/mbr/git/fwknop
commit f396b816a1225313a1f55a26bdea544ba71fe637
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 21 21:01:17 2013 -0500
[test suite] fix LD_LIBRARY_PATH for perl FKO 'make test' run
test/test-fwknop.pl | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
commit 65195d74aeac623eccc8913e07ee8edbaae93c1c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 21 20:47:50 2013 -0500
added AppArmor policy to Makefile.am
Makefile.am | 2 ++
1 file changed, 2 insertions(+)
commit eeda4e0f10ddf7a3a627f28d15dfdd37b900b08d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 20 23:14:57 2013 -0500
[test suite] better --lib-dir support for non-default LD_LIBRARY_PATH values
This commit allow the test suite to easily use a non-default LD_LIBRARY_PATH
in order to test mixed combinations of newly compiled fwknop client/server
binaries and previously installed versions of libfko. This allows backwards
compatibility (and forwards compatibility) to be verified by the test suite.
For example, after compiling the fwknop client and server for the 2.5.2
release, one could use libfko from 2.5.1 to verify compatibility:
./test-fwknop.pl --enable-all --lib-path /home/mbr/install/fwknop-2.0.4/lib
See the --fwknop-path and --fwknopd-path args as well in order to support
arbitrary client/server/libfko combinations.
test/test-fwknop.pl | 126 ++++++++++++++++++++++++++++------------------------
1 file changed, 67 insertions(+), 59 deletions(-)
commit 28a915c8c8720053d6b0fdd5f54bd40847083fca
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 20 23:10:36 2013 -0500
[test suite] added short and long IP tests (1.1.1.1 and 123.123.123.123)
test/tests/rijndael.pl | 24 ++++++++++++++++++++++++
test/tests/rijndael_hmac.pl | 30 ++++++++++++++++++++++++++++++
2 files changed, 54 insertions(+)
commit 78f696b2f75b57393328bdae7dead5aec7751fce
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 19 23:31:09 2013 -0500
[libfko] implemented shared utility function for ipv4 address checking
This commit implements a single shared utility function for checking the
validaty of an IPv4 address, and both libfko and the fwknopd server use it
now. The client will be updated as well.
lib/fko_message.c | 27 +++-------------------
lib/fko_util.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++
lib/fko_util.h | 1 +
server/access.c | 7 ++++++
server/config_init.c | 12 ++++++++++
server/fw_util_iptables.c | 8 +++++++
server/incoming_spa.c | 21 +++++++++++++++--
7 files changed, 107 insertions(+), 26 deletions(-)
commit 5f5367cf6261f9191498df1d92a71c963d53de78
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 19 23:14:46 2013 -0500
[server] minor error code text typo fixes
server/fwknopd_errors.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit 8cb5653d5e919b972e4a64cee024ce1e1dd1b512
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Nov 18 22:22:02 2013 -0500
[test suite] minor update for SNAT tests to not restrict --fw-list search to 127.0.0.2
test/tests/rijndael.pl | 2 ++
test/tests/rijndael_hmac.pl | 2 ++
2 files changed, 4 insertions(+)
commit 71d19031e6f8126c116a426815ca7a196d2ab306
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 22:27:07 2013 -0500
[test suite] remove init file before starting test run
test/test-fwknop.pl | 2 ++
1 file changed, 2 insertions(+)
commit 38fe23c398ea4feda57eb2490864427c0462c8b7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 21:26:51 2013 -0500
added tests/code_structure.pl file to Makefile.am
Makefile.am | 1 +
1 file changed, 1 insertion(+)
commit 796bd761a943f5918b999026b0033e09d15c9397
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 20:44:41 2013 -0500
[python extension] bug fix for missing error code constants (caught with code structure test)
python/fko.py | 177 ++++++++++++++++++++++++++++++++++++++++++++--------------
1 file changed, 134 insertions(+), 43 deletions(-)
commit 93c0faafeb26ba11a94a5ca78afb99958e652167
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 20:43:28 2013 -0500
[test suite] extended code structure errstr test to validate python extention error code constants
test/test-fwknop.pl | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
commit 6469f818600bf5013c024d458a4c56a26d237b5a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 19:52:09 2013 -0500
[perl FKO module] bug fix for missing error code constants (caught with code structure test)
perl/FKO/lib/FKO_Constants.pl | 6 ++++++
1 file changed, 6 insertions(+)
commit eebfa8924d649c5b2f1fba34d277492a4a47a78e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 17 19:50:42 2013 -0500
[test suite] extended code structure errstr test to validate perl FKO constants
test/test-fwknop.pl | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 79 insertions(+), 1 deletion(-)
commit c019a4380893719b4c9427f0e7aedb9db7e3acc3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 16 23:23:32 2013 -0500
[libfko] bug fix caught by new code structure error str test to add string for FKO_ERROR_INVALID_DATA_DECODE_EXTRA_TOOBIG
lib/fko_error.c | 3 +++
1 file changed, 3 insertions(+)
commit a9cc97cd2a3c60fbe06ac9627c1fab02b21a74d2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 16 23:22:25 2013 -0500
[test suite] added tests/code_structure.pl with a test for expected lib/fko.h error code fko_errstr() handling
test/test-fwknop.pl | 76 ++++++++++++++++++++++++++++++++++++++++++++
test/tests/code_structure.pl | 9 ++++++
2 files changed, 85 insertions(+)
commit cd15502bf179f43b81e6e0e262e1ac67d693ee89
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 16 20:36:39 2013 -0500
[test suite] minor addition to fko-wrapper to call fko_errstr() across valid and invalid values
test/fko-wrapper/fko_wrapper.c | 6 ++++++
1 file changed, 6 insertions(+)
commit 196fef65b6d5d4d6805d177bc50b4cad2c5b99c8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 16 19:20:08 2013 -0500
[libfko] move is_base64 check to libfko
This commit replaces the separately implemented client/server
is_base64() check with a single libfko function, and libfko itself now
uses it as well before prepending Rijndael or GnuPG base64 encoded
prefixes.
client/utils.c | 21 -----
client/utils.h | 1 -
lib/cipher_funcs.c | 14 ++++
lib/fko.h | 1 +
lib/fko_error.c | 3 +
lib/fko_util.c | 21 +++++
lib/fko_util.h | 1 +
perl/FKO/lib/FKO_Constants.pl | 185 +++++++++++++++++++++---------------------
server/utils.c | 21 -----
server/utils.h | 1 -
10 files changed, 133 insertions(+), 136 deletions(-)
commit 173b7518e11949f47d0c2eb0b46b76f8d265ec94 (refs/remotes/minastirith/mac_os_x_mavericks_build)
Merge: 6d78c49 63568d0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Nov 15 14:55:28 2013 -0500
Merge branch 'mac_os_x_mavericks_build' of ssh://10.211.55.3/home/parallels/git/fwknop into mac_os_x_mavericks_build
commit 63568d061b0e842e0721858a995b959bb782a0e4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 14 22:55:51 2013 -0500
minor hex_dump() formatting bug fix to properly align ascii remainder output
client/utils.c | 2 ++
server/utils.c | 2 ++
2 files changed, 4 insertions(+)
commit 6d78c49ef90e3635e6111644e85f924865ef2443
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 14 23:13:33 2013 -0500
[libfko] minor update to print 'None' for the HMAC type when an HMAC is not used instead of just diplaying '()'
lib/fko_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit cb2fc3abbe0ddaebfa1962957425caee91c22e87
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 14 22:47:13 2013 -0500
[test suite] handle LD_LIBRARY_PATH from the main test-fwknop.pl script
test/test-fwknop.pl | 67 ++++--
test/tests/basic_operations.pl | 69 ++----
test/tests/gpg.pl | 32 +--
test/tests/gpg_hmac.pl | 15 +-
test/tests/gpg_no_pw.pl | 30 +--
test/tests/gpg_no_pw_hmac.pl | 12 +-
test/tests/os_compatibility.pl | 30 +--
test/tests/perl_FKO_module.pl | 9 +-
test/tests/preliminaries.pl | 13 +-
test/tests/python_fko.pl | 3 +-
test/tests/rijndael.pl | 295 +++++++++----------------
test/tests/rijndael_backwards_compatibility.pl | 30 +--
test/tests/rijndael_cmd_exec.pl | 6 +-
test/tests/rijndael_fuzzing.pl | 48 ++--
test/tests/rijndael_hmac.pl | 216 ++++++------------
test/tests/rijndael_replay_attacks.pl | 9 +-
16 files changed, 323 insertions(+), 561 deletions(-)
commit a6f030412f6d9866cb13c2701521e7c433c2b074
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 13 23:17:09 2013 -0500
[test suite] added Rijndael/HMAC compatibility tests for Mac OS X 10.9
test/tests/os_compatibility.pl | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
commit 6870e65800e3f18140bd57e8125f517662546b8c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 13 23:11:43 2013 -0500
[test suite] minor cleanup to remove uncessary 'fatal' test hash keys
test/test-fwknop.pl | 19 ++----
test/tests/basic_operations.pl | 75 ---------------------
test/tests/build_security.pl | 14 ----
test/tests/gpg.pl | 24 -------
test/tests/gpg_hmac.pl | 11 ----
test/tests/gpg_no_pw.pl | 17 -----
test/tests/gpg_no_pw_hmac.pl | 10 ---
test/tests/os_compatibility.pl | 8 ---
test/tests/perl_FKO_module.pl | 30 ---------
test/tests/preliminaries.pl | 8 ---
test/tests/python_fko.pl | 3 -
test/tests/rijndael.pl | 90 --------------------------
test/tests/rijndael_backwards_compatibility.pl | 10 ---
test/tests/rijndael_cmd_exec.pl | 1 -
test/tests/rijndael_fuzzing.pl | 16 -----
test/tests/rijndael_hmac.pl | 70 --------------------
test/tests/rijndael_replay_attacks.pl | 3 -
17 files changed, 7 insertions(+), 402 deletions(-)
commit 5f51d7b3ebf57b962bc3563d9a42c8b15067f925
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 23:32:24 2013 -0500
[test suite] added support for 'otool' instead of 'ldd' on Mac OS X systems
test/test-fwknop.pl | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
commit af3d4fa9266862095ad22e59363dd35e64962f59
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 23:26:58 2013 -0500
minor extras/apparmor configure_args.sh path typo fix
extras/apparmor/configure_args.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 10ac35b344136a178511a2194926e683b382b5cd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 23:26:54 2013 -0500
added extras/apparmor configure_args.sh helper script for building fwknop with args that AppArmor expects
extras/apparmor/configure_args.sh | 13 +++++++++++++
1 file changed, 13 insertions(+)
commit 1299a8ee8772d5fb46465d46f9a52199632e11ea (refs/remotes/origin/mac_os_x_mavericks_build)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 23:05:16 2013 -0500
[test suite] added DYLD_LIBRARY_PATH for Mac OS X 10.9
test/run-test-suite.sh | 2 +-
test/test-fwknop.pl | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
commit e75117616e067030d57d6c4a649438a5f28b10f0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 23:04:35 2013 -0500
[server] ignore pcap direction for sniffing link type DLT_NULL interfaces (fixes OS X 10.9 test suite runs)
server/pcap_capture.c | 1 +
1 file changed, 1 insertion(+)
commit 23ef1d4e59833e3c0a7dc53cd374eb699a4663b8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 12 21:36:14 2013 -0500
[libfko] Candidate build fix for Mac OS X 10.9 (closes #108)
Nikolay Kolev reported a build issue on Mac OS X 10.9 (Mavericks) where fwknop
copies of strlcpy() and strlcat() functions were conflicting with those that ship
with OS X 10.9.
The solution was to add a configure.ac check for strlcat() and strlcpy() and
wrap "#if !HAVE_..." checks around those functions.
A portion of the build errors looked like this:
/Applications/Xcode.app/Contents/Developer/usr/bin/make all-recursive
Making all in lib
/bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I ../common -g -O2 -Wall -Wformat -Wformat-security -fstack-protector-all -fstack-protector -fPIE -D_FORTIFY_SOURCE=2 -MT base64.lo -MD -MP -MF .deps/base64.Tpo -c -o base64.lo base64.c
libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I ../common -g -O2 -Wall -Wformat -Wformat-security -fstack-protector-all -fstack-protector -D_FORTIFY_SOURCE=2 -MT base64.lo -MD -MP -MF .deps/base64.Tpo -c base64.c -fno-common -DPIC -o .libs/base64.o
In file included from base64.c:34:
In file included from ./fko_common.h:149:
./fko_util.h:56:9: error: expected parameter declarator
size_t strlcat(char *dst, const char *src, size_t siz);
^
/usr/include/secure/_string.h:111:44: note: expanded from macro 'strlcat'
__builtin___strlcat_chk (dest, src, len, __darwin_obsz (dest))
^
/usr/include/secure/_common.h:39:62: note: expanded from macro '__darwin_obsz'
#define __darwin_obsz(object) __builtin_object_size (object, _USE_FORTIFY_LEVEL > 1 ? 1 : 0)
^
ChangeLog | 3 +++
configure.ac | 2 +-
lib/fko_util.h | 5 +++++
lib/strlcat.c | 2 ++
lib/strlcpy.c | 2 ++
5 files changed, 13 insertions(+), 1 deletion(-)
commit 5cfbcce7d34a1d5ea3d52be2ca210cc1d0ed9621
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 30 23:39:48 2013 -0400
[perl FKO module] added a series of encryption + HMAC key tests with single bytes converted to NULL
perl/FKO/t/04_fuzzing.t | 56 ++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 55 insertions(+), 1 deletion(-)
commit 6785462573f0cf298a338facc46964dba1e788f7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 30 23:30:31 2013 -0400
added perl FKO t/04_fuzzing.t tests file
Makefile.am | 1 +
1 file changed, 1 insertion(+)
commit 2f2156d54f933e1d9d35f9b77c6e0022c5ae7086
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 27 22:24:12 2013 -0400
[perl FKO module] additional fuzzing tests
perl/FKO/t/04_fuzzing.t | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
commit a98317d367d147273840422aae0fb98969258fa8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 27 15:08:01 2013 -0400
[test suite] minor negative output match addition for Test::Valgrind test
test/tests/perl_FKO_module.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 0451a7394c2cd411b6423c0ef244cd70aa66c925
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 25 22:38:09 2013 -0400
[test suite] added valgrind output interpretation for Test::Valgrind output for previous run comparisons
test/test-fwknop.pl | 10 ++++++++++
1 file changed, 10 insertions(+)
commit 66f3c1236b0a2dd24f8e1d59495dd76b5da96e3b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 24 23:17:51 2013 -0400
[perl FKO module] added t/04_fuzzing tests
perl/FKO/t/02_functions.t | 42 +++----
perl/FKO/t/03_errors.t | 2 +-
perl/FKO/t/04_fuzzing.t | 295 ++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 317 insertions(+), 22 deletions(-)
commit 55bceaddc877b06f927420121f92a48e09f9ddd1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 23:05:36 2013 -0400
[test suite] minor wording update for Test::Valgrind test
test/tests/perl_FKO_module.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit b063bd57349e4e71e2f2cec527482487d27f1d51
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 22:58:58 2013 -0400
added Test::Valgrind note to the ChangeLog
ChangeLog | 7 +++++++
1 file changed, 7 insertions(+)
commit ceb213d545103d72631a81fd10a3489599524c7d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 22:24:47 2013 -0400
[perl FKO] interim commit to update the perldoc info
perl/FKO/lib/FKO.pm | 81 ++++++++++++++++++++++++++++++++++++++---------------
1 file changed, 58 insertions(+), 23 deletions(-)
commit 62939521ac731ab401db1dc3722e6d3300694f20
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 21:38:47 2013 -0400
[test suite] minor python update to use a main() function
python/README | 12 ++++++-----
test/fko-python.py | 59 ++++++++++++++++++++++++++++++------------------------
2 files changed, 40 insertions(+), 31 deletions(-)
commit 682966469cbf617d142d46f0dac6853e3e144551
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 20:37:58 2013 -0400
[test suite] minor Test::Valgrind name typo fix
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 0d80f72c005fcc24f98e72242bb6fb48bdb7d206
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 22 20:36:30 2013 -0400
Revert "[test suite] minor Test::Valgrind name typo fix"
This reverts commit 642024041534d79c897a21b2e19ef3e1ed7b2a61.
lib/fko_funcs.c | 7 -------
test/test-fwknop.pl | 2 +-
2 files changed, 1 insertion(+), 8 deletions(-)
commit 642024041534d79c897a21b2e19ef3e1ed7b2a61
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 21 20:47:01 2013 -0400
[test suite] minor Test::Valgrind name typo fix
lib/fko_funcs.c | 7 +++++++
test/test-fwknop.pl | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
commit b091a1a1bcc8b926109196add75d63fbcca6a784
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 21 20:45:21 2013 -0400
[test suite, FKO module] new(), spa_data_final(), and other fcns don't require key length args
perl/FKO/t/00_init.t | 7 ++-----
test/test-fwknop.pl | 54 ++++++++++++++++++++++++----------------------------
2 files changed, 27 insertions(+), 34 deletions(-)
commit e77a02882e380e9b6f031b1b79da395a1c89f600
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 21 20:34:22 2013 -0400
[test suite] Add support for Test::Valgrind against the perl FKO module
When --enable-valgrind is used, this commit adds support for running the
perl FKO built-in tests (in the t/ directory) under the CPAN
Test::Valgrind module. A check is performed to see whether
Test::Valgrind is install before attempting to use it. Any 'fko_'
function that shows up under the test output is flagged and causes the
test-suite test to fail.
test/test-fwknop.pl | 51 +++++++++++++++++++++++++++++++++++++++++++
test/tests/perl_FKO_module.pl | 8 +++++++
2 files changed, 59 insertions(+)
commit 431a5e3ecdc8838c18aa495cd096258e78e7fe5a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 10 22:43:45 2013 -0400
[perl FKO module] switch to CBC mode tests from ECB
perl/FKO/t/00_init.t | 2 +-
perl/FKO/t/03_errors.t | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
commit ab0d5ac3e289404137cc01a066216fad62363261
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 10 22:34:25 2013 -0400
[test suite] display all possible tests under --list (with a --enable-* note)
test/test-fwknop.pl | 46 ++++++++++++++++++++++++++++------------------
1 file changed, 28 insertions(+), 18 deletions(-)
commit 0dc47f7e5c446aefe3f972bf7d06f69c22ab3cd5
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Sep 15 14:33:42 2013 -0400
Fixed missing error codes and error tests.
perl/FKO/lib/FKO.pm | 2 +-
perl/FKO/lib/FKO_Constants.pl | 259 +++++++++++++++++++++---------------------
perl/FKO/t/03_errors.t | 53 ++++-----
3 files changed, 158 insertions(+), 156 deletions(-)
commit a36bfab7809947529c636e271e228ed0415590a9
Merge: 6daabaf 1047146
Author: Damien Stuart <dstuart@dstuart.org>
Date: Fri Sep 6 23:18:39 2013 -0400
Merge branch 'perl_module'
commit 6daabaf3bef15ddd706108cd88b47e079832ce69
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Sep 5 20:31:08 2013 -0400
minor ChangeLog typo update
ChangeLog | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 1047146b2351d56ea3b73dfb5d7b180d2280f0d4 (refs/remotes/origin/perl_module)
Author: Damien Stuart <dstuart@dstuart.org>
Date: Wed Sep 4 15:19:43 2013 -0400
Updated Perl FKO tests for lastest changes to libfko. Fixed bug where $fko->hmac() was always returning -1.
perl/FKO/FKO.xs | 1 +
perl/FKO/lib/FKO.pm | 27 ++++-------
perl/FKO/t/02_functions.t | 113 +++++++++++++++++++++++++++++++---------------
3 files changed, 86 insertions(+), 55 deletions(-)
commit 85140f2048a7ef7d25ec396256c8ddbb9d4e411c
Merge: 83952fc 5693b05
Author: Michael Rash <michael.rash@gmail.com>
Date: Wed Aug 28 21:55:39 2013 -0700
Merge pull request #105 from fjoncourt/master
Make sure log_msg() sends messages to STDERR until the context gets initialized.
commit 5693b0536a9a52b2ecc5a3ac85a68a123a9f9e87
Author: Franck Joncourt <franck@debian.org>
Date: Tue Aug 27 20:45:17 2013 +0200
Fixed *Value stored is never read* warning found by clang.
lib/fko_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 69ed30edb4a0f4fae266fda5eddb3f0163277588
Author: Franck Joncourt <franck@debian.org>
Date: Tue Aug 27 20:39:03 2013 +0200
Make sure all calls to log_msg() send messages to STDERR until the config files are parsed.
(mrash/fwknop#102)
server/log_msg.c | 6 ++++--
server/log_msg.h | 1 +
2 files changed, 5 insertions(+), 2 deletions(-)
commit 83952fc734a0838b593ae8a6e961da6dbaa00914
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 18 23:02:44 2013 -0400
added Radostan Riedel's AppArmor policy note
CREDITS | 5 +++++
ChangeLog | 3 +++
2 files changed, 8 insertions(+)
commit a5c308f9c55e6f04da889675e435502dbcde53ef
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 18 22:58:10 2013 -0400
Added AppArmor policy
This commit adds an AppArmor policy that is known to work in Debian and Ubuntu
systems. The original version of this policy was contributed by Radostan Riedel
to the fwknop mailing list.
extras/apparmor/usr.sbin.fwknopd | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
commit a68503c7c9d7e01c3a0dcad1eae09032ca3ce62d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 18 22:15:15 2013 -0400
[server] fix crash if replay digest tracking init() fails
This commit fixes a crash if the replay digest init() routine fails - fwknopd
attempted to make use of replay tracking anyway. The crash was discovered
during testing fwknopd with an AppArmor enforce policy deployed. The
following stack trace shows the crash (taken before the previous static
function commit):
Program received signal SIGSEGV, Segmentation fault.
__strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
31 ../sysdeps/x86_64/multiarch/../strlen.S: No such file or directory.
(gdb) where
#0 __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
#1 0x00007f59cabd8b26 in add_replay_file_cache (opts=opts@entry=0x7fff3eaa0bb0, digest=digest@entry=0x0) at replay_cache.c:516
#2 0x00007f59cabd8cf5 in add_replay (opts=opts@entry=0x7fff3eaa0bb0, digest=digest@entry=0x0) at replay_cache.c:472
#3 0x00007f59cabd62eb in incoming_spa (opts=0x7fff3eaa0bb0) at incoming_spa.c:536
#4 0x00007f59ca56164e in ?? () from /usr/lib/x86_64-linux-gnu/libpcap.so.0.8
#5 0x00007f59cabd7175 in pcap_capture (opts=opts@entry=0x7fff3eaa0bb0) at pcap_capture.c:269
#6 0x00007f59cabd3d4d in main (argc=5, argv=0x7fff3eaa1458) at fwknopd.c:314
server/incoming_spa.c | 4 +++-
server/replay_cache.c | 6 ++++++
2 files changed, 9 insertions(+), 1 deletion(-)
commit 5d49f30c01d42de961071f2d2918431fe9518b09
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 18 21:56:53 2013 -0400
[server] minor replay code update to make functions static where possible
server/replay_cache.c | 119 +++++++++++++++++++++++++-------------------------
server/replay_cache.h | 7 ---
2 files changed, 59 insertions(+), 67 deletions(-)
commit c271f01d0094065f99bc93dbf8f49f6a6a7a474b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 17 23:51:23 2013 -0400
[test suite] added 'make test' check for FKO perl module
All built-in tests in the FKO module must pass for this new test to pass. This commit
is in support of #103
test/test-fwknop.pl | 27 +++++++++++++++++++++++++++
test/tests/perl_FKO_module.pl | 9 +++++++++
2 files changed, 36 insertions(+)
commit 89c5e88219d72f67a424b0a427dea3eb74f42d1e
Author: Damien Stuart <dstuart@dstuart.org>
Date: Mon Aug 12 20:53:29 2013 -0400
First round of updates to get the Perl module up-to-date with the new libfko. Added new error refs and commented out bad/invalid tests.
perl/FKO/lib/FKO.pm | 16 ++-
perl/FKO/lib/FKO_Constants.pl | 301 +++++++++++++++++++++++++++++++++---------
perl/FKO/t/00_init.t | 15 ++-
perl/FKO/t/01_constants.t | 34 +++--
perl/FKO/t/02_functions.t | 41 ++++--
perl/FKO/t/03_errors.t | 41 +++---
6 files changed, 345 insertions(+), 103 deletions(-)
commit e8fe29bbe1941276fe6e6cc251c47b10ab0554b6
Merge: c0c8048 12916f2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 11 22:09:22 2013 -0400
Merge branch 'master' of github.com:mrash/fwknop
commit c0c8048ee1c33e8c40a8b9b2a335f353178d1ea8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 11 22:07:02 2013 -0400
Added fko context dumper change to ChangeLog, updated test suite to account for single line printing of final SPA data
ChangeLog | 6 ++++++
lib/fko_util.c | 9 ++-------
test/test-fwknop.pl | 19 +++++--------------
3 files changed, 13 insertions(+), 21 deletions(-)
commit 12916f21efc25935a1a3806cedb896db3d7a3848
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sun Aug 11 22:02:50 2013 -0400
Moved new invalid data error definitions above the GPGME_ERR_START marker.
lib/fko.h | 103 ++++++++++++++++++++++++++++++++------------------------------
1 file changed, 53 insertions(+), 50 deletions(-)
commit fa985c19434f37b1f806b4a275399970ba5fe5c6
Merge: 45e29f6 f8ae3b8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 11 15:02:01 2013 -0400
Merge remote-tracking branch 'fjoncourt/fko_dump'
This implements an FKO context dumping function in lib/fko_utils.c, and closes #100
commit 45e29f6450b49587db66cc08a0e86d8f4de3b01c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 11 14:30:37 2013 -0400
minor edit to credits file for Hank Leininger
CREDITS | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
commit be2bb71c7408d6ae677fceff9bb233afdff7caeb
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 10 21:03:07 2013 -0400
[test suite] minor bug fix for GPG no password HMAC test rc file
test/tests/gpg_no_pw_hmac.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 5176f9e04bd27bce35f09bb66717332a3bf35252
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 10 16:08:19 2013 -0400
[server] minor addition to access stanza dump output to include hmac digest type
server/access.c | 2 ++
1 file changed, 2 insertions(+)
commit c04efc20dd8ad5471285366e58715537eb8b18ee
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 10 15:45:51 2013 -0400
[test suite] added Rijndael HMAC digest mismatch tests
Makefile.am | 4 ++
test/conf/hmac_sha256_digest1_mismatch_access.conf | 5 ++
test/conf/hmac_sha256_digest2_mismatch_access.conf | 5 ++
test/conf/hmac_sha256_digest3_mismatch_access.conf | 5 ++
test/conf/hmac_sha256_digest4_mismatch_access.conf | 5 ++
test/test-fwknop.pl | 4 ++
test/tests/rijndael_hmac.pl | 61 ++++++++++++++++++++++
7 files changed, 89 insertions(+)
commit dfc2a0654777510086842061af9df5b8c422ccff
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 10 14:27:10 2013 -0400
[test suite] added Rijndael HMAC + RAND_PORT test
Makefile.am | 1 +
test/conf/fwknoprc_rand_port_hmac_base64_key | 5 +++++
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 17 +++++++++++++++++
4 files changed, 24 insertions(+)
commit 4775327d985a3d6907cb8b6f7af5fd7418d9277c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 10 13:54:03 2013 -0400
[test suite] added two GnuPG HMAC SHA512 tests
Makefile.am | 4 ++++
test/conf/fwknoprc_gpg_hmac_sha512_key | 4 ++++
test/conf/fwknoprc_hmac_sha512_base64_key | 4 ++++
test/conf/gpg_hmac_sha512_access.conf | 9 +++++++++
test/conf/gpg_no_pw_hmac_sha512_access.conf | 8 ++++++++
test/test-fwknop.pl | 4 ++++
test/tests/gpg_hmac.pl | 16 ++++++++++++++++
test/tests/gpg_no_pw_hmac.pl | 18 ++++++++++++++++++
8 files changed, 67 insertions(+)
commit f8ae3b8da37b4c5d04f3a30613a4d31601737aeb
Merge: b590932 333302a
Author: Franck Joncourt <franck@debian.org>
Date: Sat Aug 10 14:32:34 2013 +0200
Merge remote-tracking branch 'upstream/master' into fko_dump
commit b590932fb67e061836d64b0adb952447da3f0415
Author: Franck Joncourt <franck@debian.org>
Date: Sat Aug 10 14:30:40 2013 +0200
* Removed goto statements. We do not do any further processings
when we reach the error label.
lib/fko_util.c | 67 +++++++++++++++++++++++++++++++---------------------------
1 file changed, 36 insertions(+), 31 deletions(-)
commit 333302a7cf694a3f5968d4609794d8fdc0cb29e7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 9 21:47:38 2013 -0400
ChangeLog/CREDITS update for Hank's libfko error code patch
CREDITS | 5 ++++-
ChangeLog | 3 +++
2 files changed, 7 insertions(+), 1 deletion(-)
commit 4023da87d60dc0d3f7aa51b6c2aa32b97fe0ce71
Merge: eb7914d bc907e0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 9 21:46:49 2013 -0400
Merge remote-tracking branch 'hlein/unique_errors'
[libfko] (Hank Leininger) Contributed a patch to greatly extend libfko
error code descriptions at various places in order to give much better
information on what certain error conditions mean. Closes #98.
commit eb7914d45cd08e861848cd63ea7ea328936648cc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 8 21:37:44 2013 -0400
minor ChangeLog update for --stanza-list
ChangeLog | 2 ++
client/fwknop.8.in | 9 +++++++--
doc/fwknop.man.asciidoc | 2 +-
3 files changed, 10 insertions(+), 3 deletions(-)
commit d9ba40d48f23ac0f8ec2f4b9d89f24ad7594c44b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 8 20:55:10 2013 -0400
[server] fix compilation warning dealing with new iptables chain validation
server/config_init.c | 4 ++++
1 file changed, 4 insertions(+)
commit 05e7d52a5f75d62391cc769772f2442965d9df11
Merge: 320008b 04f72ea
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 8 20:54:07 2013 -0400
[client] merged --stanza-list changes from Franck, closes #94
commit bc907e0b24146ba98d2aa04480a2114f1d0a06c4
Author: Hank Leininger <hlein@korelogic.com>
Date: Mon Aug 5 22:21:10 2013 -0400
Add unique errors for every FKO_ERROR_INVALID_DATA. Needed this to
track down mystery errors (#98).
lib/fko.h | 88 ++++++++++++++++
lib/fko_client_timeout.c | 2 +-
lib/fko_decode.c | 68 ++++++-------
lib/fko_digest.c | 4 +-
lib/fko_encode.c | 4 +-
lib/fko_encryption.c | 36 +++----
lib/fko_error.c | 255 +++++++++++++++++++++++++++++++++++++++++++++++
lib/fko_funcs.c | 14 +--
lib/fko_hmac.c | 10 +-
lib/fko_message.c | 14 +--
lib/fko_nat_access.c | 2 +-
lib/fko_rand_value.c | 2 +-
lib/fko_server_auth.c | 2 +-
lib/fko_timestamp.c | 2 +-
lib/fko_user.c | 6 +-
lib/fko_util.c | 4 +-
16 files changed, 428 insertions(+), 85 deletions(-)
commit 320008b8de4034f523555f8ab2996cbb7d28efa3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Aug 5 21:08:40 2013 -0400
minor ChangeLog update for the test suite --gdb-test feature
ChangeLog | 6 ++++++
1 file changed, 6 insertions(+)
commit 7296d3f3bf13cb65a6dde52276a608b6b2f4b92f
Author: Franck Joncourt <franck@debian.org>
Date: Mon Aug 5 23:28:07 2013 +0200
* Interim commit to add a dump function to dump the FKO context shared
by both the server and client. mrash/fwknop#95
client/fwknop.c | 94 +++++-----------------------
lib/fko_util.c | 165 +++++++++++++++++++++++++++++++++++++++++++++++++-
lib/fko_util.h | 4 ++
server/incoming_spa.c | 13 +++-
server/utils.c | 120 ------------------------------------
server/utils.h | 2 -
6 files changed, 193 insertions(+), 205 deletions(-)
commit 8c73c7801ba0dd718da5ce4a2b763523a28496c7
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Aug 5 00:00:45 2013 -0400
[server] send IPT_*_ACCESS vars through basic validation at fwknopd.conf parse time
server/config_init.c | 48 ++++++++++++++++++++++++++++++++++++++++++
server/fw_util_iptables.c | 39 +++++++++++++++++++++++++++++++---
server/fw_util_iptables.h | 2 ++
server/fwknopd.conf | 2 +-
test/test-fwknop.pl | 2 +-
test/tests/basic_operations.pl | 5 -----
6 files changed, 88 insertions(+), 10 deletions(-)
commit 5fa93c621a371820032d3672de37d9dd79f6e992
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 23:23:07 2013 -0400
[test suite] minor seg fault test message update
test/test-fwknop.pl | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
commit 131c643caddba7e130ed8c15a08afc86dc1a6927
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 23:20:53 2013 -0400
[server] make IPT_INPUT_ACCESS validation more strict on allowed chars
server/fw_util_iptables.c | 17 ++++++++++++++---
test/tests/basic_operations.pl | 6 +++---
2 files changed, 17 insertions(+), 6 deletions(-)
commit 39fa4cc012b8f93dab78619beca17d4601e12631
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 23:01:33 2013 -0400
[server] if iptables init fails then no need to remove fwknop chains
This commit fixes a crash at init time in fwknopd if an improperly formatted
IPT_INPUT_ACCESS variable is used in fwknopd.conf file. fwknopd should not
try to delete chains with a bogus IPT_INPUT_ACCESS variable, and valgrind
verifies that this change does not introduce any memory leaks (see the
'invalid iptables INPUT spec' tests run in --enable-valgrind mode).
server/fwknopd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit a7030b038ad181c2a71a073342ddcb78edc2de45
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 21:46:38 2013 -0400
[test suite] added --gdb-test mode
This commit allows the test suite to execute the same fwknop/fwknopd command
used in a specified test output file under gdb. This is a convenience
measure to allow the user to more rapidly execute fwknop/fwknopd commands
under gdb in the same way the test suite does without having to copy and paste
command line args.
Here is a basic example:
root@lorien:/home/mbr/git/fwknop.git/test# ./test-fwknop.pl --gdb output/6.test
GNU gdb
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /home/mbr/git/fwknop.git/server/.libs/fwknopd...done.
(gdb) run
Starting program: /home/mbr/git/fwknop.git/server/.libs/fwknopd -c conf/invalid_ipt_input_chain_6_fwknopd.conf -a conf/default_access.conf -d run/digest.cache -p run/fwknopd.pid -i lo --foreground --verbose --verbose
test/test-fwknop.pl | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
commit 92e888a34fd5db7d00a619598aa8d5f24ff14333
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 21:24:44 2013 -0400
[test suite] minor removal of duplicate Cwd usage
test/test-fwknop.pl | 1 -
1 file changed, 1 deletion(-)
commit 870a08c9f5c33d84d3673e5ef2082449c0f6236a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 21:22:35 2013 -0400
[test suite] added invalid IPT input chain specification tests
Makefile.am | 8 +++
test/conf/invalid_ipt_input_chain_2_fwknopd.conf | 2 +
test/conf/invalid_ipt_input_chain_3_fwknopd.conf | 2 +
test/conf/invalid_ipt_input_chain_4_fwknopd.conf | 2 +
test/conf/invalid_ipt_input_chain_5_fwknopd.conf | 2 +
test/conf/invalid_ipt_input_chain_6_fwknopd.conf | 2 +
test/conf/invalid_ipt_input_chain_fwknopd.conf | 2 +
test/test-fwknop.pl | 6 ++
test/tests/basic_operations.pl | 77 ++++++++++++++++++++++++
9 files changed, 103 insertions(+)
commit ce3a7bc16d4ba8b53587d03ed6e7ac7c173be41b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 17:55:41 2013 -0400
[test suite] have Makefile.am test/conf/ file inclusion only write errors
test/test-fwknop.pl | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
commit 3395e5c1326d8edc013725ccc4bca18923ce5952
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 11:25:58 2013 -0400
[test suite] don't append segfault searches to every test output file
test/test-fwknop.pl | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit 433b18501c2b2e512202b7c3b517064b2627828d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Aug 4 04:51:39 2013 -0400
[test suite] additional non-HMAC SNAT tests
test/tests/rijndael.pl | 37 +++++++++++++++++++++++++++++++++++++
test/tests/rijndael_hmac.pl | 4 ++--
2 files changed, 39 insertions(+), 2 deletions(-)
commit 2f7a3f0a8af1f9c2bf36986f94b2ac049b9aea23
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 3 20:52:27 2013 -0400
[test suite] SNAT MASQUERADE test
test/tests/basic_operations.pl | 12 ------------
test/tests/rijndael_hmac.pl | 23 ++++++++++++++++++++++-
2 files changed, 22 insertions(+), 13 deletions(-)
commit 24101ac33ae5faeda87cd8d7f8cab1fdf8ff2898
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 3 20:37:50 2013 -0400
[server] add NULL check for SNAT translate IP
server/fw_util_iptables.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
commit 0200169dfdb35e7ce8fa9b30a1f82751d6818c68
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Aug 3 13:36:32 2013 -0400
[test suite] started on SNAT tests
test/conf/snat_fwknopd.conf | 3 +++
test/conf/snat_no_translate_ip_fwknopd.conf | 2 ++
test/test-fwknop.pl | 2 ++
test/tests/basic_operations.pl | 13 +++++++++++++
test/tests/rijndael_hmac.pl | 19 +++++++++++++++++++
5 files changed, 39 insertions(+)
commit f062ac570643efce3b24197d6830b90d63a34674
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 2 23:22:10 2013 -0400
[server] minor enable check via strncasecmp()
server/pcap_capture.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit cc896bbcdeb0ecd244c8b8b8e6ea3e9d3ebf3298
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Aug 2 15:09:00 2013 -0400
[test suite] added checks to look for segfaults/crashes
test/test-fwknop.pl | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
commit 2f0ad7c4be76f71e0d13c95e83f894895b3b1aac
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Jul 31 13:57:49 2013 -0400
[test suite] have fko_wrapper only require fko.h
test/fko-wrapper/Makefile | 2 +-
test/fko-wrapper/fko_wrapper.c | 4 ----
2 files changed, 1 insertion(+), 5 deletions(-)
commit 04f72ea7241679c71f0757b469fe61a8e6875697
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 23:00:19 2013 +0200
* Fixed typos.
client/config_init.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
commit 836921a9ea1b634c7c4cd1ce312671b213fb3bcc
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 22:54:10 2013 +0200
* Added new test to validate --stanza-list
test/conf/fwknoprc_stanza_list | 8 ++++++++
test/test-fwknop.pl | 1 +
test/tests/basic_operations.pl | 10 ++++++++++
3 files changed, 19 insertions(+)
commit ccee56b99894c8893d5948444aa938e1b6e69483
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 21:49:33 2013 +0200
* A bit more of documentation.
client/config_init.c | 3 +++
1 file changed, 3 insertions(+)
commit 80528e21f6cc9f9daade525d9513b9e4fdf7424f
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 21:45:24 2013 +0200
* Updated fwknop manpage to mention the new --stanza-list.
doc/fwknop.man.asciidoc | 3 +++
1 file changed, 3 insertions(+)
commit d74cc9927630b2d4825d719bc8b838b528015f95
Merge: 4c478c1 fc39de6
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 21:42:42 2013 +0200
Merge remote-tracking branch 'upstream/master'
commit 4c478c1bb6a45488629e1f04a03dea4b5631954b
Author: Franck Joncourt <franck@debian.org>
Date: Tue Jul 30 21:38:54 2013 +0200
* Added a new --stanza-list command line to fwknop to dump the stanzas
configured in ./fwknoprc. The default stanza is not displayed.
client/cmd_opts.h | 2 ++
client/config_init.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++
client/fwknop_common.h | 1 +
3 files changed, 66 insertions(+)
commit fc39de607cb258efac7cabe593b4dcfa094ae8b3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Jul 29 00:06:52 2013 -0400
minor man page update to move --syslog-enable to the server man page
doc/fwknop.man.asciidoc | 3 ---
doc/fwknopd.man.asciidoc | 3 +++
server/fwknopd.8.in | 9 +++++++--
3 files changed, 10 insertions(+), 5 deletions(-)
commit f1cee780d29521c9701a8ed5382a992427dd4ab5
Merge: 1977973 54ab33a
Author: Franck Joncourt <franck@debian.org>
Date: Sun Jul 28 22:11:16 2013 +0200
Merge remote-tracking branch 'upstream/master'
commit 197797302041b6f65c9b82510a9eb44f43886cc8
Author: Franck Joncourt <franck@debian.org>
Date: Sun Jul 28 22:07:14 2013 +0200
* Allow messages to be sent to syslog even if the foreground mode is invoked.
doc/fwknop.man.asciidoc | 3 +++
server/cmd_opts.h | 2 ++
server/config_init.c | 5 +++++
server/fwknopd_common.h | 2 ++
server/log_msg.c | 9 +++++++--
5 files changed, 19 insertions(+), 2 deletions(-)
View Git Blame Copy Permalink