DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
Files
ca64e3aa4e8fe831d47a81d3deb11ce9df2f0541
fwknop/ChangeLog.git
Michael Rash ecf00d36bd ChangeLog.git update since 2.6.3
2014-11-16 16:32:39 -05:00

1356 lines
47 KiB
Plaintext
Raw Blame History

commit 9860aebfab874e7a22c75d4b3ebd60940267c2f2 (HEAD, refs/heads/master)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 16 16:31:40 2014 -0500
minor date update for the 2.6.4 release
ChangeLog | 2 +-
fwknop.spec | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
commit a90bc544ba5851a341be6a2c2b14be0a28c428ca
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 16 15:47:07 2014 -0500
Revert "[test suite] minor path update for gcov"
This reverts commit 978bc4e3e1eab4e2fd82eb88391024177685fd26.
test/gen-coverage-report.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
commit 978bc4e3e1eab4e2fd82eb88391024177685fd26
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 16 09:19:15 2014 -0500
[test suite] minor path update for gcov
test/gen-coverage-report.sh | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
commit a72b69eee73f408b77bbd090f194f411f55a194a (refs/remotes/origin/master, refs/remotes/origin/HEAD)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 10:51:48 2014 -0500
manpage updates
client/fwknop.8.in | 6 +++---
server/fwknopd.8.in | 62 +++++++++++++++++++++++++++++++++++++++++++++++------
2 files changed, 58 insertions(+), 10 deletions(-)
commit 90bed88863397a21295f323aebdfa11719bae5a8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 10:49:20 2014 -0500
changes since 2.6.3
ChangeLog.git | 2124 +++++++++++++++++++++++----------------------------------
1 file changed, 857 insertions(+), 1267 deletions(-)
commit d2880021ca6a42d7d0e040e6f0de840b55fb51a1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 10:45:59 2014 -0500
[server] document --udp-server option
doc/fwknopd.man.asciidoc | 7 ++++++-
server/cmd_opts.h | 2 +-
server/config_init.c | 13 ++++++++-----
3 files changed, 15 insertions(+), 7 deletions(-)
commit 85f559a9fdad7af9df4c242c7bbf074b4f3b346c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 10:27:19 2014 -0500
2.6.4 release date
ChangeLog | 2 +-
fwknop.spec | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
commit 5df437660212f7a7c99bae142421e34a557e3836
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 00:36:33 2014 -0500
add new test suite files to Makefile.am
Makefile.am | 12 ++++++++++++
1 file changed, 12 insertions(+)
commit 49b09c490358cea202000bd5b098b272ba491152
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 00:22:14 2014 -0500
[test suite] update to use helper scripts for code coverage report generation
test/afl/afl-compile-code-coverage.sh | 9 ++++++
test/afl/afl-compile.sh | 2 +-
test/afl/afl-gen-code-coverage.sh | 13 ++++++++
test/gen-coverage-report.sh | 29 +++++++++++++++++
test/rm-coverage-files.sh | 12 +++++++
test/test-fwknop.pl | 61 +++++++++++++++--------------------
6 files changed, 90 insertions(+), 36 deletions(-)
commit b9d5919cdd1bca0371fa06ac6e3fa0fc7cfbee25
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 00:16:38 2014 -0500
[test suite] AFL README update
test/afl/README | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
commit 2e1d0761603515d32b8867def285e283790b43ce
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 00:16:17 2014 -0500
[server] minor status wording update
server/fwknopd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 665b65ef3efdb1d47ff71a4495195e8da03a1001
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 15 00:15:55 2014 -0500
doc updates to include material about AFL support
ChangeLog | 7 +++++++
doc/fwknop.man.asciidoc | 5 +++--
doc/fwknopd.man.asciidoc | 19 ++++++++++++++-----
3 files changed, 24 insertions(+), 7 deletions(-)
commit aaa44656bcfcb705d80768a7b9aa0d45a0e55e21
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 13 20:55:04 2014 -0500
[server] add support for American Fuzzy Lop (ALF) fuzzing
Makefile.am | 1 +
configure.ac | 15 +++++++
lib/base64.c | 17 +++++++-
lib/fko_decode.c | 10 +++++
server/cmd_opts.h | 3 +-
server/config_init.c | 8 ++++
server/fwknopd.c | 81 +++++++++++++++++++++++++++++++++++++-
server/fwknopd_common.h | 1 +
test/afl/README | 50 +++++++++++++++++++++++
test/afl/afl-compile.sh | 8 ++++
test/afl/afl-fuzzing.in/spa.start | 1 +
test/afl/afl-fuzzing.in/spa2.start | 1 +
test/afl/afl-fuzzing.in/spa3.start | 1 +
test/afl/afl-run.sh | 16 ++++++++
test/afl/fwknopd-stdin-test.sh | 6 +++
test/test-fwknop.pl | 3 ++
test/tests/afl_fuzzing.pl | 13 ++++++
17 files changed, 231 insertions(+), 4 deletions(-)
commit fe288120b32e945b33b10b7b26675aa84744b3ae (refs/heads/execvpe)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 9 21:41:10 2014 -0500
minor ChangeLog wording update
ChangeLog | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
commit 1a76d5586fc37e36d555ac5181b2e4f886036eed
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 9 21:36:36 2014 -0500
[test suite] extend server receive criteria
test/test-fwknop.pl | 22 ++++++++++++++++++----
test/tests/rijndael.pl | 10 ++++++++--
test/tests/rijndael_hmac.pl | 1 +
3 files changed, 27 insertions(+), 6 deletions(-)
commit ba337108af9524d533ebd17c37b180a0e4daf8ed
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 8 21:44:49 2014 -0500
[test suite] implement multi-cycle test sequences
test/test-fwknop.pl | 281 +++++++++++++++++++++++++++++--------------
test/tests/configure_args.pl | 28 +++++
test/tests/rijndael.pl | 11 ++
test/tests/rijndael_hmac.pl | 42 +++++++
4 files changed, 269 insertions(+), 93 deletions(-)
commit 7022d79ca796219c0d4fa62984d4b967056618bd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 6 20:24:50 2014 -0500
[server] minor code cleanup
server/fw_util_pf.c | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
commit a8879231c30c144293eed8bcfa80030734873f02
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 6 20:24:33 2014 -0500
[server] add run_extcmd_write() call in code coverage mode
server/extcmd.c | 9 +++++++--
server/fw_util_iptables.c | 11 +++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
commit 0c59f6e50017db2ccd2d3103b35e6dfc1179242f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 6 20:23:40 2014 -0500
add CODE_COVERAGE macro for ./configure --enable-profile-coverage
configure.ac | 1 +
server/tcp_server.c | 10 +++++-----
2 files changed, 6 insertions(+), 5 deletions(-)
commit 46fd32a6f12264be58af09be0e4b3739e6361ca4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 6 20:22:05 2014 -0500
[test suite] minor bug fix to add --no-firewd-check-support option for one test
test/tests/rijndael_hmac.pl | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
commit 4ca718f8da49face1131f4869ebea13e01ca28cc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Nov 6 20:21:05 2014 -0500
[test suite] allow valgrind/crash search/profile coverage tests to run after --test-limit
test/test-fwknop.pl | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
commit 04f8b9669a6dca2c828a275c9c991beccd910092 (refs/remotes/origin/execvpe)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Nov 5 23:19:51 2014 -0500
[server] check number of cmd args even when execvpe() is not available
server/extcmd.c | 56 ++++++++++++++++++++++++++++++++++++++------------------
1 file changed, 38 insertions(+), 18 deletions(-)
commit e7942f48e0d95c98426990b11f6870af0b5e0e4a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 4 22:44:59 2014 -0500
[server] allow loop restart after select() sets EINTR (since we handle signals) - fixes cmd execution through UDP on FreeBSD
server/udp_server.c | 31 ++++++++++++++++++++++++-------
1 file changed, 24 insertions(+), 7 deletions(-)
commit c5f038928143421906d2f54587ecefe94dfde8ff
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Nov 4 22:43:04 2014 -0500
[server] minor code restructure, use FD_ISSET() test on file descriptors
server/tcp_server.c | 28 ++++++++++++++++------------
1 file changed, 16 insertions(+), 12 deletions(-)
commit 705c50741497e933521af2a9303751dab3e1b555
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Nov 3 19:57:50 2014 -0500
[test suite] check for TCP/UDP server string in do_fwknopd_cmd()
test/test-fwknop.pl | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
commit fdc6e0db20cc940a09c02def3aebd5c2af0dcd54
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Nov 2 15:30:56 2014 -0500
[test suite] bug fix to specify LD_LIBRARY_PATH for configure --enable-udp-server recompile test
test/test-fwknop.pl | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
commit 7a98eed75921b57bd1d9271d49bc18a22319acfe
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 1 20:44:35 2014 -0400
[test suite] add spa_fuzzing.py and a few minor helper files for FreeBSD/OpenBSD
Makefile.am | 4 ++++
test/misc/freebsd_rc.conf | 12 ++++++++++++
test/misc/pf.rules | 6 ++++++
test/misc/pf.sh | 3 +++
4 files changed, 25 insertions(+)
commit 3826bb5631743ab8cbea0fbd06bc90b4ea01d4b4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 1 12:04:11 2014 -0400
ChangeLog updates, bump version to 2.6.4
ChangeLog | 28 +++++++++++++++++++++-------
VERSION | 2 +-
configure.ac | 2 +-
fwknop.spec | 5 ++++-
win32/config.h | 2 +-
5 files changed, 28 insertions(+), 11 deletions(-)
commit 50009115b3dba3f35bd93757c26d6239757b3a1d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Nov 1 12:03:49 2014 -0400
[server] bug fix to close write filehandle in _run_extcmd_write()
server/extcmd.c | 1 +
1 file changed, 1 insertion(+)
commit 4880243902f22ce436053040922b4079f86dc77e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 28 21:56:19 2014 -0400
[test suite] added invalid_firewd_input_chain_* files
test/conf/invalid_firewd_input_chain_2_fwknopd.conf | 1 +
test/conf/invalid_firewd_input_chain_3_fwknopd.conf | 1 +
test/conf/invalid_firewd_input_chain_4_fwknopd.conf | 1 +
test/conf/invalid_firewd_input_chain_5_fwknopd.conf | 1 +
test/conf/invalid_firewd_input_chain_6_fwknopd.conf | 1 +
test/conf/invalid_firewd_input_chain_fwknopd.conf | 1 +
6 files changed, 6 insertions(+)
commit 387c1acdf777bff5397b36d2e368fad99bc04af6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 28 21:29:34 2014 -0400
add fcs_spa.pcap to Makefile.am
Makefile.am | 1 +
1 file changed, 1 insertion(+)
commit 34e38fe39eb930ae9a69d0a46b7312d95a4ec95e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 28 21:28:21 2014 -0400
[server] first pass at eliminating popen() write calls with run_extcmd_write() (used for PF firewalls)
server/extcmd.c | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++--
server/extcmd.h | 4 ++-
server/fw_util_pf.c | 34 ++++++------------
server/fw_util_pf.h | 4 +--
4 files changed, 113 insertions(+), 29 deletions(-)
commit b5fe62bfc74288b885188f7b5012cff0aa71c4c1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 26 16:58:13 2014 -0400
[test suite] command exec too many args tests
common/common.h | 2 +-
test/tests/rijndael_hmac_cmd_exec.pl | 28 ++++++++++++++++++++++++++++
2 files changed, 29 insertions(+), 1 deletion(-)
commit d2abbd87202719734b5258d58c2635e5883a94fa
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 25 22:29:49 2014 -0400
[test suite] more code coverage tests
server/config_init.c | 2 +-
test/tests/basic_operations.pl | 40 ++++++++++++++++++++++++++++++++++++++++
test/tests/rijndael_hmac.pl | 3 ++-
3 files changed, 43 insertions(+), 2 deletions(-)
commit 17608dd01df6eee5446c0b0cfbde69a132d0d7a2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 25 08:42:30 2014 -0400
[test suite] additional code coverage
server/fwknopd.c | 16 ++++++++--------
server/utils.c | 11 +++--------
test/tests/basic_operations.pl | 26 ++++++++++++++++++++++++++
3 files changed, 37 insertions(+), 16 deletions(-)
commit 837f7780fe23d0486c4bfe32c1eacaf9a73fa43a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 25 08:42:14 2014 -0400
[libfko] validate MAX_PORT integer value for SPA messages
common/common.h | 1 -
lib/fko_limits.h | 5 +++--
lib/fko_message.c | 13 +++++++++++--
3 files changed, 14 insertions(+), 5 deletions(-)
commit 58d47cb3853c563677de00aca816a4a019ca81ea
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 24 20:39:40 2014 -0400
[test suite] additional code coverage for a few areas
Makefile.am | 1 +
server/access.c | 13 ++-----------
test/conf/gpg_no_sig_no_fpr_access.conf | 8 ++++++++
test/test-fwknop.pl | 1 +
test/tests/basic_operations.pl | 29 ++++++++++++++++++++++++++++-
5 files changed, 40 insertions(+), 12 deletions(-)
commit 7b70ed08d261dc9db9e026b215a72da2cbd58089
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 23:05:21 2014 -0400
[server] ensure to break out of while loop and close() UDP socket before returning
server/udp_server.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
commit 30402516950446eb0ebd14723bb00c9611d8a5c1
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 20:03:34 2014 -0400
[test suite] default to recompiling fwknop in code coverage profiling mode
test/test-fwknop.pl | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
commit cbb3b0d4137316455a03336340c4168a7dcf3f76
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 19:55:30 2014 -0400
[test suite] add branch coverage stats in code coverage mode
test/test-fwknop.pl | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
commit a2ce50e9e5999e890da7ce6ed57806e271f770dd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 08:45:21 2014 -0400
[python module] default to HMAC SHA256 when an HMAC key is used but no HMAC mode was specified
ChangeLog | 19 +++++++++++--------
python/fko.py | 23 ++++++++++++++---------
python/fkomodule.c | 9 ++++-----
test/fko-python.py | 4 ++++
4 files changed, 33 insertions(+), 22 deletions(-)
commit d7be3f43ac27d52da6af59ca758c2deb1805bee0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 08:40:21 2014 -0400
[test suite] firewall prefix typo bug fix
test/test-fwknop.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 22161af075f9d3cda1c6ec8b79273951b30c5cc5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Oct 23 08:39:42 2014 -0400
[test suite] add ipt_local_nat_fwknopd.conf
test/conf/ipt_local_nat_fwknopd.conf | 2 ++
1 file changed, 2 insertions(+)
commit b8f1cf6c6c1c935df4260e30ab555458ce686b62 (refs/remotes/ubuntu13/execvpe)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 21 22:49:03 2014 -0400
make sure test suite conf files are included in Makefile.am
Makefile.am | 16 +++++++++++++---
test/conf/local_nat_fwknopd.conf | 2 --
test/test-fwknop.pl | 2 +-
3 files changed, 14 insertions(+), 6 deletions(-)
commit 56a6b7dee5476eedb481bac2aefc765ba54ed3a0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 21 22:43:21 2014 -0400
give firewalld its own namespace (can track firewalld changes independently of iptables)
Makefile.am | 18 +-
test/conf/custom_input_chain_fwknopd.conf | 2 -
test/conf/custom_nat_chain_fwknopd.conf | 5 -
test/conf/firewd_custom_input_chain_fwknopd.conf | 2 +
test/conf/firewd_custom_nat_chain_fwknopd.conf | 5 +
test/conf/firewd_local_nat_fwknopd.conf | 2 +
test/conf/firewd_nat_fwknopd.conf | 1 +
test/conf/firewd_no_flush_exit_fwknopd.conf | 1 +
test/conf/firewd_no_flush_init_fwknopd.conf | 1 +
.../conf/firewd_no_flush_init_or_exit_fwknopd.conf | 2 +
test/conf/firewd_output_chain_fwknopd.conf | 2 +
test/conf/firewd_snat_fwknopd.conf | 3 +
test/conf/firewd_snat_no_translate_ip_fwknopd.conf | 2 +
test/conf/ipt_custom_input_chain_fwknopd.conf | 2 +
test/conf/ipt_custom_nat_chain_fwknopd.conf | 5 +
test/conf/ipt_nat_fwknopd.conf | 1 +
test/conf/ipt_no_flush_exit_fwknopd.conf | 1 +
test/conf/ipt_no_flush_init_fwknopd.conf | 1 +
test/conf/ipt_no_flush_init_or_exit_fwknopd.conf | 2 +
test/conf/ipt_snat_fwknopd.conf | 3 +
test/conf/ipt_snat_no_translate_ip_fwknopd.conf | 2 +
test/conf/nat_fwknopd.conf | 1 -
test/conf/no_flush_exit_fwknopd.conf | 1 -
test/conf/no_flush_init_fwknopd.conf | 1 -
test/conf/no_flush_init_or_exit_fwknopd.conf | 2 -
test/conf/snat_fwknopd.conf | 3 -
test/conf/snat_no_translate_ip_fwknopd.conf | 2 -
test/test-fwknop.pl | 400 +++++++++++----------
test/tests/basic_operations.pl | 18 +-
test/tests/gpg.pl | 12 +-
test/tests/gpg_no_pw.pl | 12 +-
test/tests/rijndael.pl | 62 ++--
test/tests/rijndael_hmac.pl | 108 +++---
33 files changed, 360 insertions(+), 325 deletions(-)
commit 6945e23bc93d9580ccbcda1e770d6f818d2c7b0d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 20 22:23:46 2014 -0400
[test suite] UDP server command execution tests, run configure arg recompile tests after gcov profiling stuff
Makefile.am | 1 +
test/test-fwknop.pl | 216 +++++++++++++++++++++--------------
test/tests/configure_args.pl | 71 +++++++++++-
test/tests/rijndael_cmd_exec.pl | 12 ++
test/tests/rijndael_hmac.pl | 3 +-
test/tests/rijndael_hmac_cmd_exec.pl | 12 ++
6 files changed, 225 insertions(+), 90 deletions(-)
commit 15f73c7f9e1dd99d3a54a5e6428909b4873ad1b4
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 19 22:58:35 2014 -0400
[test suite] added configure args test with UDP server test for fwknopd not linking against libpcap
Makefile.am | 1 +
test/test-fwknop.pl | 56 ++++++++++++++++++++++++++++++++++++++++++++
test/tests/configure_args.pl | 9 +++++++
3 files changed, 66 insertions(+)
commit 0af8faa0b37b08533fa1aa678f0e9e2f15cc6b11
Merge: 00b229b 2b04639
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 13 20:25:14 2014 -0400
Merge branch 'udp_listener' into execvpe
commit 00b229b8341b860324a46acd0b8bc603f59990fe
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 13 19:54:30 2014 -0400
[test suite] detect firewalld vs. iptables for server rewrite conf tests
test/test-fwknop.pl | 11 +++++-
test/tests/basic_operations.pl | 86 +++++++++++++++++++++---------------------
2 files changed, 53 insertions(+), 44 deletions(-)
commit c70e1c72a060eb846654d20bcdc1ddd30ba7f8fd
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 12 21:57:04 2014 -0400
[server] update firewalld code to use run_extcmd() instead of popen() and system() - allows execvpe() to be used
server/fw_util_firewalld.c | 165 +++++++++++++++++++++++----------------------
server/fw_util_firewalld.h | 44 ++++++------
server/fw_util_iptables.c | 6 +-
3 files changed, 112 insertions(+), 103 deletions(-)
commit d9fb29318e3ee64e207bbd0771393c3de78b9d02
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 12 21:29:44 2014 -0400
[test suite] add --exit-parse-config to fwknopd basic tests where possible
test/tests/basic_operations.pl | 27 +++++++++++++--------------
1 file changed, 13 insertions(+), 14 deletions(-)
commit c481f7f6b3ed3723904c3838ac63e9fced62618d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 12 13:16:30 2014 -0400
add --disable-execvpe arg to configure script (looks for execvpe() support by default)
configure.ac | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
commit 62ee780d65d12de41bafa1f7226b1808d7cb04af
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 10 08:20:01 2014 -0400
[server] make pid_status a static var at the top of each fw_util_*.c file
server/fw_util_ipfw.c | 16 +++++++++-------
server/fw_util_iptables.c | 28 +++++++++++++++-------------
server/fw_util_iptables.h | 2 +-
3 files changed, 25 insertions(+), 21 deletions(-)
commit e54b15ceaff86d2da4ccac69691da1562a4e2640
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 10 08:16:31 2014 -0400
[test suite] fix up Rijndael cmd exec test
test/tests/rijndael_cmd_exec.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit a6007918a8b4a71707c58ed9f468613a409ae740
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 10 08:15:44 2014 -0400
added setuid/setgid cmd exec test files
Makefile.am | 2 ++
1 file changed, 2 insertions(+)
commit 2b5088eb76f5a7af06d68e94c66885e73e81974d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Oct 8 23:10:09 2014 -0400
[test suite] added use terminal test, fix up Rijndael CMD tests
test/conf/cmd_giduid_access.conf | 6 ++++++
test/conf/cmd_setuid_access.conf | 5 +++++
test/test-fwknop.pl | 14 ++++++++++++++
test/tests/rijndael.pl | 3 +--
test/tests/rijndael_cmd_exec.pl | 27 +++++++++++++++++++++++++++
5 files changed, 53 insertions(+), 2 deletions(-)
commit 6dd599f3de138dfcd3fea39b32241b6df06a245d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 7 23:23:05 2014 -0400
[server] update ipfw and pf firewall interace code to latest run_extcmd() API
server/fw_util_ipfw.c | 34 +++++++++++++++++++++-------------
server/fw_util_pf.c | 40 ++++++++++++++++++----------------------
server/fw_util_pf.h | 18 ++++++++++++++----
3 files changed, 53 insertions(+), 39 deletions(-)
commit 06f3db1de8bebf4a3fb2e5982b7beb0e57a788b5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 7 21:42:36 2014 -0400
[server] restore shell stderr redirect when execvpe() is not available
server/fw_util_iptables.h | 42 ++++++++++++++++++++++++------------------
1 file changed, 24 insertions(+), 18 deletions(-)
commit 1905baa0e8d7ac16f6dd77aa548c72ba30d2a8de
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 7 21:37:29 2014 -0400
[server] minor macro usage update
server/fw_util_iptables.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
commit b7785a930460014bb0c3b9b2ee4e160040cbe67a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Oct 7 21:01:17 2014 -0400
[server] extend run_extcmd() to allow the caller to specify whether to collect stderr
server/extcmd.c | 49 ++++++++++++++--------------------
server/extcmd.h | 13 ++++++---
server/fw_util_iptables.c | 68 ++++++++++++++++++++++++++++++-----------------
server/fw_util_pf.c | 4 +--
server/incoming_spa.c | 6 +++--
5 files changed, 79 insertions(+), 61 deletions(-)
commit ed9e1ac236c3c48507916754c1c3dff89d2e05b8
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 6 22:10:40 2014 -0400
added setgid() call for command execution along with CMD_EXEC_GROUP access.conf var
Makefile.am | 1 +
server/access.c | 45 ++++++++++++++++++++++++----
server/extcmd.c | 56 ++++++++++++++++++++++++-----------
server/extcmd.h | 8 +++--
server/fwknopd_common.h | 2 ++
server/incoming_spa.c | 13 ++++----
test/conf/hmac_cmd_giduid_access.conf | 7 +++++
test/test-fwknop.pl | 7 +++--
test/tests/basic_operations.pl | 17 +++++++++++
test/tests/rijndael_hmac_cmd_exec.pl | 13 ++++++++
10 files changed, 136 insertions(+), 33 deletions(-)
commit e6d162215f30b0ba18fb620a616459fc1966e4cc
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 6 22:04:20 2014 -0400
[test suite] added command execution setuid() 'nobody' test
Makefile.am | 1 +
test/conf/hmac_cmd_setuid_access.conf | 6 ++++++
test/test-fwknop.pl | 16 ++++++++++++++++
test/tests/rijndael_hmac_cmd_exec.pl | 16 +++++++++++++++-
4 files changed, 38 insertions(+), 1 deletion(-)
commit fedc691e21e5ad5c55336995d5509eb08533cb34
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 6 21:10:02 2014 -0400
[test suite] added generate_core.sh script and --enable-cores-pattern arg for the test suite
Makefile.am | 1 +
test/generate_cores.sh | 13 +++++++++++++
test/test-fwknop.pl | 6 ++++++
3 files changed, 20 insertions(+)
commit 248c4b301e329919c1c02e9b59f71346378e3de3
Author: Michael Rash <mbr@cipherdyne.org>
Date: Mon Oct 6 20:04:00 2014 -0400
added configure detection of execvpe() - doesn't exist on Mac OS X yet
client/http_resolve_host.c | 26 +++++++++++++-
client/utils.c | 1 -
configure.ac | 2 +-
server/extcmd.c | 90 ++++++++++++++++++++++++++++++++++++++++++++--
server/fw_util_ipfw.c | 45 ++++++++++++-----------
5 files changed, 139 insertions(+), 25 deletions(-)
commit 652b8cb80eda66c30b89b5111b700f72e8e17e7b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Oct 5 20:21:05 2014 -0400
[server] have run_extcmd() collect process exit status for calling function (in addition to return value)
server/extcmd.c | 39 +++++++++++++++---------
server/extcmd.h | 7 +++--
server/fw_util_iptables.c | 75 ++++++++++++++++++++++++-----------------------
server/incoming_spa.c | 28 +++++++++---------
4 files changed, 81 insertions(+), 68 deletions(-)
commit a47ddfcb1ec97f1c5263d3568e32535bddae2523
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 21:14:49 2014 -0400
[server] added WIFEXITED(status) check for external commands run via execvpe()
server/extcmd.c | 20 +++++++++++++++-----
server/extcmd.h | 2 ++
2 files changed, 17 insertions(+), 5 deletions(-)
commit 841d732c0750aabbdea8fd7234bd7123b83bf858
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 19:56:26 2014 -0400
[server] removed remaining popen() call for iptables firewalls
server/fw_util_iptables.c | 66 +++++++++++++++++++----------------------------
1 file changed, 27 insertions(+), 39 deletions(-)
commit 50952b4a6ec3b1cd6e8aeeebce8e95896f0d111a
Merge: 87f3bbd 4623212
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 19:36:04 2014 -0400
Merge branch 'master' of https://github.com/mrash/fwknop into execvpe
commit 87f3bbdd23ebb3af30a39df3011a5d01af352676
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 16:40:44 2014 -0400
[server] hex_dump() '%' bug fix, minor verbose criteria update
server/extcmd.c | 11 +++++++----
server/utils.c | 15 ++++++++-------
2 files changed, 15 insertions(+), 11 deletions(-)
commit 46232122c35ed981fdf95f0f6289f08d8e794581
Merge: 836370d e9655db
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 10:38:08 2014 -0400
Merge branch 'master' of https://github.com/mrash/fwknop
commit 836370d034a308ee2de8c34754528e5c1d9d95f2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 10:32:52 2014 -0400
[client] minor tab->spaces fix
client/config_init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit d71f38697199d932e4d1c156642b9f99a047c62b
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Oct 4 10:31:15 2014 -0400
[server] add search_extcmd() to replace all popen() calls with the execvpe() no env strategy
server/extcmd.c | 152 +++++++++++++++++++++-------------------------
server/extcmd.h | 2 +
server/fw_util_iptables.c | 52 +++++++---------
3 files changed, 92 insertions(+), 114 deletions(-)
commit e271442aa995188a21815e2b3573325c1bcb263a
Author: Michael Rash <mbr@cipherdyne.org>
Date: Fri Oct 3 21:58:51 2014 -0400
[server] first cut at converting iptables commands to use execvpe()
client/fwknop.c | 1 -
client/fwknop_common.h | 4 --
client/http_resolve_host.c | 6 +--
client/utils.c | 65 +++++++++++++--------------
client/utils.h | 1 -
common/common.h | 4 ++
server/extcmd.c | 107 ++++++++++++++++++++++++++++++++++++++-------
server/extcmd.h | 6 ++-
server/fw_util_iptables.c | 39 +++++++++--------
server/fw_util_iptables.h | 38 ++++++++--------
server/incoming_spa.c | 6 +--
server/utils.c | 93 +++++++++++++++++++++++++++++++++++++++
server/utils.h | 9 ++--
13 files changed, 275 insertions(+), 104 deletions(-)
commit 7aa34a92f1ad1b98998770bb422a9d7a16797a9f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 22:33:44 2014 -0400
[client] add strtoargv() to easily get an argv array for passing to execvpe()
client/fwknop.c | 27 ++++++--------------------
client/http_resolve_host.c | 48 +++++++++-------------------------------------
client/utils.c | 43 +++++++++++++++++++++++++++++++++++++++++
client/utils.h | 1 +
4 files changed, 59 insertions(+), 60 deletions(-)
commit bf3319e0bac513168aeaef084bbeae944d59bd30
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 22:19:17 2014 -0400
[test suite] minor addition of spaces for --last tests
test/test-fwknop.pl | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
commit 0d6917fa4e123e37a3630536538d4dd29068a33f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 22:09:10 2014 -0400
minor hex_dump() update to use a consistent macro definition for ascii str length
server/utils.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
commit 2247dfeab848db3a0b3b8d18457eae6300b51e8d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 21:59:01 2014 -0400
use execvpe() with NULL env for wget calls
client/fwknop.c | 40 ++++-----------
client/fwknop_common.h | 5 +-
client/http_resolve_host.c | 121 +++++++++++++++++++++++++++++++++++----------
client/utils.c | 50 +++++++++++++++++++
client/utils.h | 2 +
5 files changed, 160 insertions(+), 58 deletions(-)
commit b1358d564deb39c0adc59e17dab3c2443ea52c9c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 21:34:58 2014 -0400
minor client --help update
client/config_init.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
commit e9655db0b42633bb27ba766a1ae1dd4535fdb91b
Merge: 9bdcd67 899729b
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Oct 3 00:08:45 2014 -0400
Merge pull request #135 from tombriden/multi_ports
android: allow definition of multiple tcp/udp ports
commit 9bdcd6746a1c2ac33f324bb23cd1235a4d81e014
Merge: 50434c5 dc30f16
Author: Michael Rash <michael.rash@gmail.com>
Date: Fri Oct 3 00:03:06 2014 -0400
Merge pull request #137 from schuellerf/master
Support for "--no-save-args" in .fwknoprc
commit dc30f162c7d6e438f1eb82f757adb58dbfc7a8cd
Author: Florian Schüller <schuellerf@gmx.net>
Date: Wed Oct 1 14:12:57 2014 +0200
Add "NO_SAVE_ARGS" to initial config file
client/config_init.c | 1 +
1 file changed, 1 insertion(+)
commit 981d1f7077137a13de256b12d738e18860def88e
Author: Florian Schüller <schuellerf@gmx.net>
Date: Wed Oct 1 14:12:10 2014 +0200
Support for "--no-save-args" in .fwknoprc
client/config_init.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
commit 85ff6b25e145a938e618c4cf40739e89fa3082e0
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Sep 30 21:12:43 2014 -0400
updated --last-cmd tests to write the previous args first
test/test-fwknop.pl | 11 +++++++++++
test/tests/rijndael.pl | 2 +-
test/tests/rijndael_hmac.pl | 2 +-
3 files changed, 13 insertions(+), 2 deletions(-)
commit 2b046392b7e05ac20387bbcf539530a6559da50b (refs/remotes/origin/udp_listener)
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 22:44:12 2014 -0400
minor unused var removal
configure.ac | 2 --
1 file changed, 2 deletions(-)
commit ddbba5bc90f105269a18d353e1e1b14bdff69299
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 22:40:50 2014 -0400
autoconf update to ensure libpcap is not linked against in --enable-udp-server mode
configure.ac | 27 +++++++++++----------------
server/Makefile.am | 2 +-
server/config_init.c | 8 ++++++++
server/fwknopd.c | 5 ++++-
server/fwknopd_common.h | 8 ++++++--
server/pcap_capture.c | 5 +++--
server/process_packet.h | 2 +-
7 files changed, 34 insertions(+), 23 deletions(-)
commit 52d34a70a21d4e6d019d3a94bb84448051f87c29
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 22:32:20 2014 -0400
fwknopd man page updates, added UDPSERV_SELECT_TIMEOUT config option
configure.ac | 4 ++--
doc/fwknopd.man.asciidoc | 29 +++++++++++++++++++++--------
server/cmd_opts.h | 1 +
server/config_init.c | 8 ++++++++
server/fwknopd_common.h | 3 +++
server/udp_server.c | 12 ++++++++++--
6 files changed, 45 insertions(+), 12 deletions(-)
commit 52c9d51d7d02e1caa0e02ea992fffcc435ae5845
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 22:06:34 2014 -0400
consolidate signal handling a bit, UDP server msg size updates
server/pcap_capture.c | 20 +++-----------------
server/sig_handler.c | 24 ++++++++++++++++++++++++
server/sig_handler.h | 1 +
server/udp_server.c | 49 +++++++++++++++++--------------------------------
4 files changed, 45 insertions(+), 49 deletions(-)
commit e2c2ad141e87b6b799525c3f91b80a294bc117f2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 22:06:06 2014 -0400
TCP/UDP server port validation tests
test/tests/basic_operations.pl | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
commit ad3b23091720be83c9f8ccb742cf10ea07fe7cf6
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 21:21:25 2014 -0400
minor client cmd line bug fix for UDP server HMAC test
test/tests/rijndael_hmac.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 360905ec5624edb927f708561acfb9f76e6c9423
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 21:19:19 2014 -0400
implement --packet-limit for UDP server mode
server/udp_server.c | 43 ++++++++++++++++++++++++++++++------------
test/tests/basic_operations.pl | 8 ++++++++
2 files changed, 39 insertions(+), 12 deletions(-)
commit a5dd273189a89071f25cae9954ae11a840e2e488
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 20:48:57 2014 -0400
replay attack detection test for UDP server mode
test/tests/rijndael_replay_attacks.pl | 9 +++++++++
1 file changed, 9 insertions(+)
commit 5db3a12763b1322cc466379e14a362f67ff4d15c
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 20:30:09 2014 -0400
add signal handling code to UDP server mode
server/fwknopd.c | 17 +++++++++++------
server/pcap_capture.c | 1 -
server/udp_server.c | 31 ++++++++++++++++++++++++++++++-
3 files changed, 41 insertions(+), 8 deletions(-)
commit aa2492bba237529e6a2b7dc3a4530e2995750a69
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 16:51:38 2014 -0400
Added UDP server HMAC cycle tests
test/tests/rijndael_hmac.pl | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
commit 0af7f72500c6bb404af3fefa5b572403ec2593e5
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 16:49:12 2014 -0400
enforce MAX_SPA_PACKET_LEN restriction for incoming datagrams for UDP listener mode
server/udp_server.c | 32 +++++++-------------------------
1 file changed, 7 insertions(+), 25 deletions(-)
commit dc9e8da702c61c36f04072f2dd6cb5d8f99f8f5d
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 14:54:40 2014 -0400
started on UDP server tests for Rijndael mode
test/conf/udp_server_fwknopd.conf | 2 ++
test/test-fwknop.pl | 1 +
test/tests/rijndael.pl | 21 +++++++++++++++++++++
3 files changed, 24 insertions(+)
commit f2a3562f712d511825967b5d3633cbf92abd9fad
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 11:49:24 2014 -0400
removed
server/udp_server.c.orig | 117 -----------------------------------------------
1 file changed, 117 deletions(-)
commit 1fd0e7e96012d9bdce0a2a3912bff3498fff3637
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 11:49:04 2014 -0400
first cut at UDP server mode
configure.ac | 24 ++++++
server/Makefile.am | 13 ++-
server/cmd_opts.h | 3 +
server/config_init.c | 15 ++++
server/fwknopd.c | 22 ++++-
server/fwknopd_common.h | 6 ++
server/pcap_capture.c | 5 ++
server/process_packet.h | 2 +
server/udp_server.c | 211 +++++++++++++++++++++++++++++++++++++++++++++++
server/udp_server.c.orig | 117 ++++++++++++++++++++++++++
server/udp_server.h | 40 +++++++++
11 files changed, 451 insertions(+), 7 deletions(-)
commit c07afac8833e0c46048a1ae34a8a96f19fa6a59e
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sun Sep 28 09:29:30 2014 -0400
calculate sizeof caddr for each client connection
server/tcp_server.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit 50434c5c4c9fe274430c560f83200061e545add2
Author: Michael Rash <mbr@cipherdyne.org>
Date: Sat Sep 27 23:23:12 2014 -0400
Use the fwknop User-Agent for wget SSL external IP resolutions
Bug fix to ensure that a User-Agent string can be specified when the
fwknop client uses wget via SSL to resolve the external IP address. This
closes issue #134 on github reported by Barry Allard. The fwknop now
uses the wget '-U' option to specify the User-Agent string with a
default of "Fwknop/<version>". In addition, a new command line argument
"--use-wget-user-agent" to allow the default wget User-Agent string to
apply instead.
CREDITS | 2 ++
ChangeLog | 9 ++++++++-
client/cmd_opts.h | 2 ++
client/config_init.c | 15 +++++++++++++++
client/fwknop.8.in | 29 +++++++++++++++++++++++++++--
client/fwknop_common.h | 3 ++-
client/http_resolve_host.c | 13 +++++++++++++
doc/fwknop.man.asciidoc | 11 +++++++++++
test/conf/fwknoprc_hmac_https_resolve | 1 +
test/tests/basic_operations.pl | 13 +++++++++++++
test/tests/rijndael_hmac.pl | 14 +++++++++++++-
11 files changed, 107 insertions(+), 5 deletions(-)
commit 899729b498de672dccf14c461bc60fee588d0c09
Author: Tom Briden <tom@decompile.me.uk>
Date: Sat Sep 27 11:14:10 2014 +0100
android: allow definition of multiple tcp/udp ports
android/project/res/layout/main.xml | 19 +++---
.../src/com/max2idea/android/fwknop/Fwknop.java | 76 ++++++++++++----------
2 files changed, 52 insertions(+), 43 deletions(-)
commit aae72a947026d96a43fe854079e92b9a31ad8b36
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Sep 3 23:28:51 2014 -0400
firewalld support from Gerry Reno
CREDITS | 3 +++
ChangeLog | 7 +++++++
2 files changed, 10 insertions(+)
commit f7f97d3f3004ed553d418c95f9cefa6675bea338
Author: Michael Rash <mbr@cipherdyne.org>
Date: Wed Sep 3 23:15:34 2014 -0400
[server] firewalld reports 'success' as a string upon command success in contrast to iptables
server/fw_util_firewalld.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
commit 4fe549c4512ddd21d86bdcea52041baa48aa1dda
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 21:13:42 2014 -0400
added feature: firewalld
README.md | 4 ++++
1 file changed, 4 insertions(+)
commit 2da57da0cb3ec3fac6ec0f5de628d7c3eb2ea0cf
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 16:13:46 2014 -0400
more changes for firewalld
server/fw_util_firewalld.c | 8 +++++++-
server/fw_util_firewalld.h | 38 +++++++++++++++++++-------------------
2 files changed, 26 insertions(+), 20 deletions(-)
commit ac82b1ced2b976d8010d73cc2786503b14a73641
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 13:51:08 2014 -0400
more changes for firewalld
.gitignore | 25 ++++---
server/Makefile.am | 1 +
server/access.c | 30 ++++++++-
server/cmd_opts.h | 19 +++++-
server/config_init.c | 150 ++++++++++++++++++++++++++++++++++++++++-
server/fw_util_firewalld.c | 162 ++++++++++++++++++++++-----------------------
server/fw_util_firewalld.h | 2 +-
server/fwknopd.conf | 110 ++++++++++++++++++++++++++++++
server/fwknopd_common.h | 91 +++++++++++++++++++++++--
server/incoming_spa.c | 12 +++-
10 files changed, 501 insertions(+), 101 deletions(-)
commit d47ebb602a8f42b42031ecfadfaf29f37a6c6829
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 02:23:39 2014 -0400
more changes for firewalld
.gitignore | 29 +++++++++++++++++++++++++++++
server/access.c | 6 +++---
server/cmd_opts.h | 2 +-
server/config_init.c | 6 ++++--
server/fw_util.h | 4 +++-
server/fw_util_firewalld.h | 2 +-
server/fwknopd_common.h | 8 ++++----
server/incoming_spa.c | 2 +-
8 files changed, 46 insertions(+), 13 deletions(-)
commit 25d252c11aea89a5ba5f46868847c72851a62a95
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 00:29:17 2014 -0400
more changes for firewalld
README.md | 9 ++++++---
configure.ac | 39 ++++++++++++++++++++++++++++++++++-----
fwknop.spec | 10 +++++-----
server/fw_util_firewalld.h | 38 +++++++++++++++++++-------------------
4 files changed, 64 insertions(+), 32 deletions(-)
commit e54383b518fad5e0a31ae0f752d3c3c7ec70f16c
Author: Gerry Reno <greno@verizon.net>
Date: Sun Aug 31 00:06:37 2014 -0400
first cut at firewalld
server/fw_util_firewalld.c | 1583 ++++++++++++++++++++++++++++++++++++++++++++
server/fw_util_firewalld.h | 62 ++
2 files changed, 1645 insertions(+)
commit ea64f15ae7b73a3986807dd76bf9076756b691e8
Author: Gerry Reno <greno@verizon.net>
Date: Sat Aug 30 19:09:02 2014 -0400
added .gitignore
.gitignore | 43 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 43 insertions(+)
commit 73186e511ae226f4e5e1dae5638567ecea788fbc
Author: Damien Stuart <dstuart@dstuart.org>
Date: Sat Aug 30 16:18:46 2014 -0400
Added WIN32 definitions for popen (_popen) and pclose (_pclose) to accommodate the call to wget on Windows-based systems.
common/common.h | 2 ++
win32/config.h | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
commit 8cec7eaeee14f2674a2acf095eff38735091147b
Merge: eb0e8eb 4aacf32
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Aug 26 23:23:31 2014 -0400
Merge branch 'master' of ssh://github.com/mrash/fwknop
commit 4aacf32f3b015e43316d76c40fe12bbcb0a9c838
Merge: 00a057a 813e4e0
Author: Michael Rash <michael.rash@gmail.com>
Date: Tue Aug 26 23:22:15 2014 -0400
Merge pull request #127 from g-reno/android-keypreserve
restore keys from prefs when app is launched
commit eb0e8eb6a1946c2e89ff66399e186d54535bf013
Author: Michael Rash <mbr@cipherdyne.org>
Date: Tue Aug 26 23:21:14 2014 -0400
fwknopd man page updates for access.conf vars
client/config_init.c | 9 +++++----
doc/fwknopd.man.asciidoc | 44 +++++++++++++++++++++++++++++---------------
server/fwknopd.8.in | 48 +++++++++++++++++++++++++++++++++---------------
3 files changed, 67 insertions(+), 34 deletions(-)
commit 00a057a09da1a7dded8aa6de6479adcc51787202
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 21 21:15:09 2014 -0400
ChangeLog update for FCS bug fix
CREDITS | 10 ++++++++++
ChangeLog | 11 +++++++++++
2 files changed, 21 insertions(+)
commit dfcfb2e47b37183c14bd8ab37ec0e8c2a718c186
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 21 21:08:27 2014 -0400
minor code restructure for Ethernet FCS header processing
server/process_packet.c | 14 +++-----------
server/process_packet.h | 1 +
2 files changed, 4 insertions(+), 11 deletions(-)
commit e04f3fef21c997f2359034d32c1bd9c23d363ebe
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 21 21:07:52 2014 -0400
added Ethernet FCS header test with pcap contributed by Bill Stubs
test/test-fwknop.pl | 1 +
test/tests/rijndael_hmac.pl | 13 +++++++++++++
2 files changed, 14 insertions(+)
commit ba9078d990258ad47b564579be4891bd2ace7413
Merge: e4eb984 2c0606f
Author: Michael Rash <mbr@cipherdyne.org>
Date: Thu Aug 21 20:44:48 2014 -0400
Merge branch 'beaglebone_libpcap_workaround' of https://github.com/stubbsw/fwknop into stubbsw-beaglebone_libpcap_workaround
commit 813e4e05756ff6fea3ea4b4baeb1af93aeb33e34
Author: Gerry Reno <greno@verizon.net>
Date: Thu Aug 21 18:16:00 2014 -0400
restore keys from prefs when app is launched
android/project/src/com/max2idea/android/fwknop/Fwknop.java | 3 +++
1 file changed, 3 insertions(+)
commit 2c0606f2b84c28ea7b53c2f3d7bcec46705fbcf5
Author: stubbsw <stubbsw@users.noreply.github.com>
Date: Thu Aug 21 07:04:55 2014 -0400
pcap of spa with Ethernet FCS
Captured with:
tcpdump -i eth0 -l -nn -s 0 -w fcs_spa.pcap udp port 62201
Generated remotely with:
LD_LIBRARY_PATH=./lib/.libs ./client/.libs/fwknop -A tcp/22 -a 127.0.0.2
-D 192.168.18.11 --no-save-args --verbose --verbose --rc-file
./test/conf/fwknoprc_default_hmac_base64_key
test/conf/fcs_spa.pcap | Bin 0 -> 311 bytes
1 file changed, 0 insertions(+), 0 deletions(-)
commit e4eb984869f41f04bd2fd9f50a4e2803a1a29fb0
Merge: 36489b5 19f31c3
Author: Michael Rash <michael.rash@gmail.com>
Date: Wed Aug 20 23:20:40 2014 -0400
Merge pull request #125 from stubbsw/beaglebone_libpcap_workaround
workaround libpcap 4 extra bytes
commit 19f31c3e2300226f8414b2d050315190168cf6d9
Author: stubbsw <stubbsw@users.noreply.github.com>
Date: Tue Aug 19 06:54:18 2014 -0400
update to indicate Ethernet FCS support vs. bug
server/process_packet.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
commit b98579ab8f23b436b54fa0a0a3371ec71362f827
Author: stubbsw <stubbsw@users.noreply.github.com>
Date: Sun Aug 17 11:50:56 2014 -0400
workaround libpcap 4 extra bytes
Workaround for libpcap returning a length that is 4 bytes longer than
the
packet on the wire. Observed on:
Linux beaglebone 3.8.13-bone50 #1 SMP Tue May 13 13:24:52 UTC 2014
armv7l GNU/Linux
ldd fwknopd
libfko.so.2 => /usr/local/lib/libfko.so.2 (0xb6f62000)
libpcap.so.0.8 => /usr/lib/arm-linux-gnueabihf/libpcap.so.0.8
(0xb6f20000)
libc.so.6 => /lib/arm-linux-gnueabihf/libc.so.6 (0xb6e3b000)
/lib/ld-linux-armhf.so.3 (0xb6f94000)
libgcc_s.so.1 => /lib/arm-linux-gnueabihf/libgcc_s.so.1 (0xb6e17000)
Calculate the new pkt_end from the length in the ip header.
server/process_packet.c | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
View Git Blame Copy Permalink