[server] Strong access.conf validation
authorMichael Rash <mbr@cipherdyne.org>
Mon, 3 Sep 2012 04:21:46 +0000 (00:21 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Mon, 3 Sep 2012 04:21:46 +0000 (00:21 -0400)
commite2c0ac4821773eb335e36ad6cd35830b8d97c75a
tree4c34f05f203df6ff8a6c64e9956f0c1ab082ce0d
parent263fa01f2af1d336961df320f1c7a9ea84ddac9a
[server] Strong access.conf validation

Fernando Arnaboldi from IOActive found several conditions in
which the server did not properly throw out maliciously constructed
variables in the access.conf file.  This has been fixed along with new
fuzzing tests in the test suite.
CREDITS
ChangeLog
Makefile.am
server/access.c
test/conf/open_ports_access.conf
test/test-fwknop.pl