fbbcae3a0d
Significant bug fix to honor the full encryption key length for user-supplied Rijndael keys > 16 bytes long. Previous to this bug fix, only the first 16 bytes of a key were actually used in the encryption/ decryption process even if the supplied key was longer. The result was a weakening of expected security for users that had keys > 16 bytes, although this is probably not too common. Note that "passphrase" is perhaps technically a better word for "user-supplied key" in this context since Rijndael in CBC mode derives a real encryption/decryption key from the passphrase through a series of applications of md5 against the passphrase and a random salt. This issue was reported by Michael T. Dean. Closes issue #18 on github.
This directory contains the fwknop test suite. After compiling the fwknop sources in the parent directory of test/ the test suite can be executed. One of the most comprehensive ways of executing the test suite is as follows: # ./run-test-suite.sh --enable-all This mode enables IP resolution tests, so you will need Internet access in this case. If this is not possible or desirable, then another comprehensive testing mode can be achieved with: # ./run-test-suite.sh --enable-recompile --enable-perl-module-checks --enable-distcheck Additional detail on the test suite (including --diff and --enable-valgrind modes) may be found in the fwknop tutorial available here: http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html#3.5