fwknop.git
3 days ago[test suite] AFL fuzzing README update master
Michael Rash [Sat, 22 Nov 2014 03:18:17 +0000]
[test suite] AFL fuzzing README update

3 days ago[test suite] added *hang.sh helper scripts for AFL results analysis
Michael Rash [Sat, 22 Nov 2014 03:16:02 +0000]
[test suite] added *hang.sh helper scripts for AFL results analysis

3 days ago[test suite] moved helper scripts to fuzzing-wrappers/helpers/
Michael Rash [Sat, 22 Nov 2014 02:42:32 +0000]
[test suite] moved helper scripts to fuzzing-wrappers/helpers/

3 days ago[test suite] update AFL helper scripts to accept file path from the command line
Michael Rash [Sat, 22 Nov 2014 02:32:05 +0000]
[test suite] update AFL helper scripts to accept file path from the command line

3 days ago[test suite] minor comment removal
Michael Rash [Sat, 22 Nov 2014 02:22:20 +0000]
[test suite] minor comment removal

5 days agoMove #include <sys/wait.h> directive so it is not seen in the windows build
Damien Stuart [Thu, 20 Nov 2014 03:01:04 +0000]
Move #include <sys/wait.h> directive so it is not seen in the windows build

6 days ago[test suite] AFL wrapper enhancements (fwknopd conf file fuzzing, use -t 1000 for...
Michael Rash [Thu, 20 Nov 2014 01:19:14 +0000]
[test suite] AFL wrapper enhancements (fwknopd conf file fuzzing, use -t 1000 for all fuzzing cycles)

6 days ago[test suite] add multiple stanzas for the fwknoprc AFL test
Michael Rash [Wed, 19 Nov 2014 04:10:56 +0000]
[test suite] add multiple stanzas for the fwknoprc AFL test

6 days ago[client] bug fix to ensure -a overrides IP resolution
Michael Rash [Wed, 19 Nov 2014 04:10:19 +0000]
[client] bug fix to ensure -a overrides IP resolution

7 days ago[client] disable IP resolution in AFL_FUZZING mode
Michael Rash [Wed, 19 Nov 2014 01:16:12 +0000]
[client] disable IP resolution in AFL_FUZZING mode

7 days ago[test suite] additional AFL support for client fwknoprc file and server fwknopd.conf...
Michael Rash [Wed, 19 Nov 2014 01:15:13 +0000]
[test suite] additional AFL support for client fwknoprc file and server fwknopd.conf file

8 days ago[test suite] removed files added by mistake
Michael Rash [Tue, 18 Nov 2014 01:00:38 +0000]
[test suite] removed files added by mistake

8 days ago[test suite] start on AFL fuzzing for conf files in addition to SPA pkts
Michael Rash [Tue, 18 Nov 2014 00:58:47 +0000]
[test suite] start on AFL fuzzing for conf files in addition to SPA pkts

9 days agoChangeLog.git update since 2.6.3 2.6.4
Michael Rash [Sun, 16 Nov 2014 21:32:39 +0000]
ChangeLog.git update since 2.6.3

9 days agominor date update for the 2.6.4 release
Michael Rash [Sun, 16 Nov 2014 21:31:40 +0000]
minor date update for the 2.6.4 release

9 days agoRevert "[test suite] minor path update for gcov"
Michael Rash [Sun, 16 Nov 2014 20:47:07 +0000]
Revert "[test suite] minor path update for gcov"

This reverts commit 978bc4e3e1eab4e2fd82eb88391024177685fd26.

9 days ago[test suite] minor path update for gcov
Michael Rash [Sun, 16 Nov 2014 14:19:15 +0000]
[test suite] minor path update for gcov

10 days agomanpage updates
Michael Rash [Sat, 15 Nov 2014 15:51:48 +0000]
manpage updates

10 days agochanges since 2.6.3
Michael Rash [Sat, 15 Nov 2014 15:49:20 +0000]
changes since 2.6.3

10 days ago[server] document --udp-server option
Michael Rash [Sat, 15 Nov 2014 15:45:59 +0000]
[server] document --udp-server option

10 days ago2.6.4 release date
Michael Rash [Sat, 15 Nov 2014 15:27:19 +0000]
2.6.4 release date

10 days agoadd new test suite files to Makefile.am
Michael Rash [Sat, 15 Nov 2014 05:36:33 +0000]
add new test suite files to Makefile.am

10 days ago[test suite] update to use helper scripts for code coverage report generation
Michael Rash [Sat, 15 Nov 2014 05:22:14 +0000]
[test suite] update to use helper scripts for code coverage report generation

10 days ago[test suite] AFL README update
Michael Rash [Sat, 15 Nov 2014 05:16:38 +0000]
[test suite] AFL README update

10 days ago[server] minor status wording update
Michael Rash [Sat, 15 Nov 2014 05:16:17 +0000]
[server] minor status wording update

10 days agodoc updates to include material about AFL support
Michael Rash [Sat, 15 Nov 2014 05:15:55 +0000]
doc updates to include material about AFL support

11 days ago[server] add support for American Fuzzy Lop (ALF) fuzzing
Michael Rash [Fri, 14 Nov 2014 01:55:04 +0000]
[server] add support for American Fuzzy Lop (ALF) fuzzing

2 weeks agominor ChangeLog wording update 2.6.4-pre1
Michael Rash [Mon, 10 Nov 2014 02:41:10 +0000]
minor ChangeLog wording update

2 weeks ago[test suite] extend server receive criteria
Michael Rash [Mon, 10 Nov 2014 02:36:36 +0000]
[test suite] extend server receive criteria

2 weeks ago[test suite] implement multi-cycle test sequences execvpe
Michael Rash [Sun, 9 Nov 2014 02:44:49 +0000]
[test suite] implement multi-cycle test sequences

2 weeks ago[server] minor code cleanup
Michael Rash [Fri, 7 Nov 2014 01:24:50 +0000]
[server] minor code cleanup

2 weeks ago[server] add run_extcmd_write() call in code coverage mode
Michael Rash [Fri, 7 Nov 2014 01:24:33 +0000]
[server] add run_extcmd_write() call in code coverage mode

2 weeks agoadd CODE_COVERAGE macro for ./configure --enable-profile-coverage
Michael Rash [Fri, 7 Nov 2014 01:23:40 +0000]
add CODE_COVERAGE macro for ./configure --enable-profile-coverage

2 weeks ago[test suite] minor bug fix to add --no-firewd-check-support option for one test
Michael Rash [Fri, 7 Nov 2014 01:22:05 +0000]
[test suite] minor bug fix to add --no-firewd-check-support option for one test

2 weeks ago[test suite] allow valgrind/crash search/profile coverage tests to run after --test...
Michael Rash [Fri, 7 Nov 2014 01:21:05 +0000]
[test suite] allow valgrind/crash search/profile coverage tests to run after --test-limit

2 weeks ago[server] check number of cmd args even when execvpe() is not available
Michael Rash [Thu, 6 Nov 2014 04:19:51 +0000]
[server] check number of cmd args even when execvpe() is not available

2 weeks ago[server] allow loop restart after select() sets EINTR (since we handle signals) ...
Michael Rash [Wed, 5 Nov 2014 03:44:59 +0000]
[server] allow loop restart after select() sets EINTR (since we handle signals) - fixes cmd execution through UDP on FreeBSD

2 weeks ago[server] minor code restructure, use FD_ISSET() test on file descriptors
Michael Rash [Wed, 5 Nov 2014 03:43:04 +0000]
[server] minor code restructure, use FD_ISSET() test on file descriptors

3 weeks ago[test suite] check for TCP/UDP server string in do_fwknopd_cmd()
Michael Rash [Tue, 4 Nov 2014 00:57:50 +0000]
[test suite] check for TCP/UDP server string in do_fwknopd_cmd()

3 weeks ago[test suite] bug fix to specify LD_LIBRARY_PATH for configure --enable-udp-server...
Michael Rash [Sun, 2 Nov 2014 20:30:56 +0000]
[test suite] bug fix to specify LD_LIBRARY_PATH for configure --enable-udp-server recompile test

3 weeks ago[test suite] add spa_fuzzing.py and a few minor helper files for FreeBSD/OpenBSD
Michael Rash [Sun, 2 Nov 2014 00:44:35 +0000]
[test suite] add spa_fuzzing.py and a few minor helper files for FreeBSD/OpenBSD

3 weeks agoChangeLog updates, bump version to 2.6.4
Michael Rash [Sat, 1 Nov 2014 16:04:11 +0000]
ChangeLog updates, bump version to 2.6.4

3 weeks ago[server] bug fix to close write filehandle in _run_extcmd_write()
Michael Rash [Sat, 1 Nov 2014 16:03:49 +0000]
[server] bug fix to close write filehandle in _run_extcmd_write()

3 weeks ago[test suite] added invalid_firewd_input_chain_* files
Michael Rash [Wed, 29 Oct 2014 01:56:19 +0000]
[test suite] added invalid_firewd_input_chain_* files

3 weeks agoadd fcs_spa.pcap to Makefile.am
Michael Rash [Wed, 29 Oct 2014 01:29:34 +0000]
add fcs_spa.pcap to Makefile.am

4 weeks ago[server] first pass at eliminating popen() write calls with run_extcmd_write() (used...
Michael Rash [Wed, 29 Oct 2014 01:28:21 +0000]
[server] first pass at eliminating popen() write calls with run_extcmd_write() (used for PF firewalls)

4 weeks ago[test suite] command exec too many args tests
Michael Rash [Sun, 26 Oct 2014 20:58:13 +0000]
[test suite] command exec too many args tests

4 weeks ago[test suite] more code coverage tests
Michael Rash [Sun, 26 Oct 2014 02:29:49 +0000]
[test suite] more code coverage tests

4 weeks ago[test suite] additional code coverage
Michael Rash [Sat, 25 Oct 2014 12:42:30 +0000]
[test suite] additional code coverage

4 weeks ago[libfko] validate MAX_PORT integer value for SPA messages
Michael Rash [Sat, 25 Oct 2014 12:42:14 +0000]
[libfko] validate MAX_PORT integer value for SPA messages

4 weeks ago[test suite] additional code coverage for a few areas
Michael Rash [Sat, 25 Oct 2014 00:39:40 +0000]
[test suite] additional code coverage for a few areas

4 weeks ago[server] ensure to break out of while loop and close() UDP socket before returning
Michael Rash [Fri, 24 Oct 2014 03:05:21 +0000]
[server] ensure to break out of while loop and close() UDP socket before returning

4 weeks ago[test suite] default to recompiling fwknop in code coverage profiling mode
Michael Rash [Fri, 24 Oct 2014 00:03:34 +0000]
[test suite] default to recompiling fwknop in code coverage profiling mode

4 weeks ago[test suite] add branch coverage stats in code coverage mode
Michael Rash [Thu, 23 Oct 2014 23:55:30 +0000]
[test suite] add branch coverage stats in code coverage mode

4 weeks ago[python module] default to HMAC SHA256 when an HMAC key is used but no HMAC mode...
Michael Rash [Thu, 23 Oct 2014 12:45:21 +0000]
[python module] default to HMAC SHA256 when an HMAC key is used but no HMAC mode was specified

4 weeks ago[test suite] firewall prefix typo bug fix
Michael Rash [Thu, 23 Oct 2014 12:40:21 +0000]
[test suite] firewall prefix typo bug fix

4 weeks ago[test suite] add ipt_local_nat_fwknopd.conf
Michael Rash [Thu, 23 Oct 2014 12:39:42 +0000]
[test suite] add ipt_local_nat_fwknopd.conf

4 weeks agomake sure test suite conf files are included in Makefile.am
Michael Rash [Wed, 22 Oct 2014 02:49:03 +0000]
make sure test suite conf files are included in Makefile.am

4 weeks agogive firewalld its own namespace (can track firewalld changes independently of iptables)
Michael Rash [Wed, 22 Oct 2014 02:43:21 +0000]
give firewalld its own namespace (can track firewalld changes independently of iptables)

5 weeks ago[test suite] UDP server command execution tests, run configure arg recompile tests...
Michael Rash [Tue, 21 Oct 2014 02:23:46 +0000]
[test suite] UDP server command execution tests, run configure arg recompile tests after gcov profiling stuff

5 weeks ago[test suite] added configure args test with UDP server test for fwknopd not linking...
Michael Rash [Mon, 20 Oct 2014 02:58:35 +0000]
[test suite] added configure args test with UDP server test for fwknopd not linking against libpcap

6 weeks agoMerge branch 'udp_listener' into execvpe
Michael Rash [Tue, 14 Oct 2014 00:25:14 +0000]
Merge branch 'udp_listener' into execvpe

6 weeks ago[test suite] detect firewalld vs. iptables for server rewrite conf tests
Michael Rash [Mon, 13 Oct 2014 23:54:30 +0000]
[test suite] detect firewalld vs. iptables for server rewrite conf tests

6 weeks ago[server] update firewalld code to use run_extcmd() instead of popen() and system...
Michael Rash [Mon, 13 Oct 2014 01:57:04 +0000]
[server] update firewalld code to use run_extcmd() instead of popen() and system() - allows execvpe() to be used

6 weeks ago[test suite] add --exit-parse-config to fwknopd basic tests where possible
Michael Rash [Mon, 13 Oct 2014 01:29:44 +0000]
[test suite] add --exit-parse-config to fwknopd basic tests where possible

6 weeks agoadd --disable-execvpe arg to configure script (looks for execvpe() support by default)
Michael Rash [Sun, 12 Oct 2014 17:16:30 +0000]
add --disable-execvpe arg to configure script (looks for execvpe() support by default)

6 weeks ago[server] make pid_status a static var at the top of each fw_util_*.c file
Michael Rash [Fri, 10 Oct 2014 12:20:01 +0000]
[server] make pid_status a static var at the top of each fw_util_*.c file

6 weeks ago[test suite] fix up Rijndael cmd exec test
Michael Rash [Fri, 10 Oct 2014 12:16:31 +0000]
[test suite] fix up Rijndael cmd exec test

6 weeks agoadded setuid/setgid cmd exec test files
Michael Rash [Fri, 10 Oct 2014 12:15:44 +0000]
added setuid/setgid cmd exec test files

6 weeks ago[test suite] added use terminal test, fix up Rijndael CMD tests
Michael Rash [Thu, 9 Oct 2014 03:10:09 +0000]
[test suite] added use terminal test, fix up Rijndael CMD tests

6 weeks ago[server] update ipfw and pf firewall interace code to latest run_extcmd() API
Michael Rash [Wed, 8 Oct 2014 03:23:05 +0000]
[server] update ipfw and pf firewall interace code to latest run_extcmd() API

6 weeks ago[server] restore shell stderr redirect when execvpe() is not available
Michael Rash [Wed, 8 Oct 2014 01:42:36 +0000]
[server] restore shell stderr redirect when execvpe() is not available

6 weeks ago[server] minor macro usage update
Michael Rash [Wed, 8 Oct 2014 01:37:29 +0000]
[server] minor macro usage update

7 weeks ago[server] extend run_extcmd() to allow the caller to specify whether to collect stderr
Michael Rash [Wed, 8 Oct 2014 01:01:17 +0000]
[server] extend run_extcmd() to allow the caller to specify whether to collect stderr

7 weeks agoadded setgid() call for command execution along with CMD_EXEC_GROUP access.conf var
Michael Rash [Tue, 7 Oct 2014 02:10:40 +0000]
added setgid() call for command execution along with CMD_EXEC_GROUP access.conf var

7 weeks ago[test suite] added command execution setuid() 'nobody' test
Michael Rash [Tue, 7 Oct 2014 02:04:20 +0000]
[test suite] added command execution setuid() 'nobody' test

7 weeks ago[test suite] added generate_core.sh script and --enable-cores-pattern arg for the...
Michael Rash [Tue, 7 Oct 2014 01:10:02 +0000]
[test suite] added generate_core.sh script and --enable-cores-pattern arg for the test suite

7 weeks agoadded configure detection of execvpe() - doesn't exist on Mac OS X yet
Michael Rash [Tue, 7 Oct 2014 00:04:00 +0000]
added configure detection of execvpe() - doesn't exist on Mac OS X yet

7 weeks ago[server] have run_extcmd() collect process exit status for calling function (in addit...
Michael Rash [Mon, 6 Oct 2014 00:21:05 +0000]
[server] have run_extcmd() collect process exit status for calling function (in addition to return value)

7 weeks ago[server] added WIFEXITED(status) check for external commands run via execvpe()
Michael Rash [Sun, 5 Oct 2014 01:14:49 +0000]
[server] added WIFEXITED(status) check for external commands run via execvpe()

7 weeks ago[server] removed remaining popen() call for iptables firewalls
Michael Rash [Sat, 4 Oct 2014 23:56:26 +0000]
[server] removed remaining popen() call for iptables firewalls

7 weeks agoMerge branch 'master' of https://github.com/mrash/fwknop into execvpe
Michael Rash [Sat, 4 Oct 2014 23:36:04 +0000]
Merge branch 'master' of https://github.com/mrash/fwknop into execvpe

7 weeks ago[server] hex_dump() '%' bug fix, minor verbose criteria update
Michael Rash [Sat, 4 Oct 2014 20:40:44 +0000]
[server] hex_dump() '%' bug fix, minor verbose criteria update

7 weeks agoMerge branch 'master' of https://github.com/mrash/fwknop
Michael Rash [Sat, 4 Oct 2014 14:38:08 +0000]
Merge branch 'master' of https://github.com/mrash/fwknop

7 weeks ago[client] minor tab->spaces fix
Michael Rash [Sat, 4 Oct 2014 14:32:52 +0000]
[client] minor tab->spaces fix

7 weeks ago[server] add search_extcmd() to replace all popen() calls with the execvpe() no env...
Michael Rash [Sat, 4 Oct 2014 14:31:15 +0000]
[server] add search_extcmd() to replace all popen() calls with the execvpe() no env strategy

7 weeks ago[server] first cut at converting iptables commands to use execvpe()
Michael Rash [Sat, 4 Oct 2014 01:58:51 +0000]
[server] first cut at converting iptables commands to use execvpe()

7 weeks ago[client] add strtoargv() to easily get an argv array for passing to execvpe()
Michael Rash [Wed, 1 Oct 2014 02:33:44 +0000]
[client] add strtoargv() to easily get an argv array for passing to execvpe()

7 weeks ago[test suite] minor addition of spaces for --last tests
Michael Rash [Wed, 1 Oct 2014 02:19:17 +0000]
[test suite] minor addition of spaces for --last tests

7 weeks agominor hex_dump() update to use a consistent macro definition for ascii str length
Michael Rash [Wed, 1 Oct 2014 02:09:10 +0000]
minor hex_dump() update to use a consistent macro definition for ascii str length

7 weeks agouse execvpe() with NULL env for wget calls
Michael Rash [Wed, 1 Oct 2014 01:59:01 +0000]
use execvpe() with NULL env for wget calls

7 weeks agominor client --help update
Michael Rash [Wed, 1 Oct 2014 01:34:58 +0000]
minor client --help update

7 weeks agoMerge pull request #135 from tombriden/multi_ports
Michael Rash [Fri, 3 Oct 2014 04:08:45 +0000]
Merge pull request #135 from tombriden/multi_ports

android: allow definition of multiple tcp/udp ports

7 weeks agoMerge pull request #137 from schuellerf/master
Michael Rash [Fri, 3 Oct 2014 04:03:06 +0000]
Merge pull request #137 from schuellerf/master

Support for "--no-save-args" in .fwknoprc

7 weeks agoAdd "NO_SAVE_ARGS" to initial config file
Florian Schüller [Wed, 1 Oct 2014 12:12:57 +0000]
Add "NO_SAVE_ARGS" to initial config file

7 weeks agoSupport for "--no-save-args" in .fwknoprc
Florian Schüller [Wed, 1 Oct 2014 12:12:10 +0000]
Support for "--no-save-args" in .fwknoprc

8 weeks agoupdated --last-cmd tests to write the previous args first
Michael Rash [Wed, 1 Oct 2014 01:12:43 +0000]
updated --last-cmd tests to write the previous args first

8 weeks agominor unused var removal
Michael Rash [Mon, 29 Sep 2014 02:44:12 +0000]
minor unused var removal

8 weeks agoautoconf update to ensure libpcap is not linked against in --enable-udp-server mode
Michael Rash [Mon, 29 Sep 2014 02:40:50 +0000]
autoconf update to ensure libpcap is not linked against in --enable-udp-server mode

8 weeks agofwknopd man page updates, added UDPSERV_SELECT_TIMEOUT config option udp_listener
Michael Rash [Mon, 29 Sep 2014 02:32:20 +0000]
fwknopd man page updates, added UDPSERV_SELECT_TIMEOUT config option