fwknop.git
16 months ago[libfko] Have 'make install' run ldconfig if basic fwknop/fwknopd -h exec fails fwknop-2.5-pre3
Michael Rash [Sun, 30 Jun 2013 18:50:12 +0000]
[libfko] Have 'make install' run ldconfig if basic fwknop/fwknopd -h exec fails

This commit makes sure that if running 'fwknop -h' or 'fwknopd -h' appears to
fail then run ldconfig under the 'make install' step.  George Herlin reported
that on some systems ldconfig was not automatically getting executed via the
autoconf Makefile config, and since fwknop/fwknopd depend on a shared library
(libfko), ldconfig needs to be executed by 'make install' if it wasn't already
done.

16 months ago[libfko] fix a few 'Overfull \hbox' errors in libfko .pdf generation
Michael Rash [Sat, 29 Jun 2013 14:39:07 +0000]
[libfko] fix a few 'Overfull \hbox' errors in libfko .pdf generation

16 months ago[server] convert several LOG_INFO messages to LOG_DEBUG
Michael Rash [Fri, 28 Jun 2013 02:15:39 +0000]
[server] convert several LOG_INFO messages to LOG_DEBUG

16 months agoMerge remote-tracking branch 'fjoncourt/master'
Michael Rash [Fri, 28 Jun 2013 01:55:58 +0000]
Merge remote-tracking branch 'fjoncourt/master'

16 months ago* Mentionned the VERBOSE variable in fwknopd.conf.
Franck Joncourt [Tue, 25 Jun 2013 20:04:54 +0000]
* Mentionned the VERBOSE variable in fwknopd.conf.
* Made sure the -v command line switch overrides the value of the
  VERBOSE variable set in an fwknopd.conf file.

16 months agos/VERBOSITY/VERBOSE/g on the server side for consistency purposes.
Franck Joncourt [Tue, 25 Jun 2013 19:56:53 +0000]
s/VERBOSITY/VERBOSE/g on the server side for consistency purposes.

16 months agoFixed use of --verbose command line switch.
Franck Joncourt [Mon, 24 Jun 2013 21:15:50 +0000]
Fixed use of --verbose command line switch.

Set default log verbosity to LOG_INFO in the log_msg driver.

16 months agoInterim commit to add a VERBOSE variable to fwknopd.
Franck Joncourt [Thu, 20 Jun 2013 21:33:04 +0000]
Interim commit to add a VERBOSE variable to fwknopd.

16 months ago[test suite] bug fix for rotate digest cache tests
Michael Rash [Fri, 28 Jun 2013 01:26:49 +0000]
[test suite] bug fix for rotate digest cache tests

When the test suite is executed with '--include "rotate"' then previous tests
aren't executed in order to create a new digest cache file.  So, when init() is
called and a clean slate is established, there is nothing to rotate away.  This
change creates the default digest cache data (comment line only) if the file
doesn't already exist for the rotate tests.

16 months agobumped VERSION file to fwknop-2.5
Michael Rash [Fri, 28 Jun 2013 01:26:31 +0000]
bumped VERSION file to fwknop-2.5

16 months agobump version to 2.5, minor fwknopd -S exit status update
Michael Rash [Fri, 28 Jun 2013 01:21:10 +0000]
bump version to 2.5, minor fwknopd -S exit status update

This commit bumps the fwknop version to 2.5 and sets the libfko version to 2.0 to
signal incompatibility with older libfko versions.  Backwards compatibility is
maintained in SPA packet construction, but function prototypes in libfko-2.0 are
no longer compatible with older versions.

This commit also returns non-zero exit status under 'fwknopd --status' if there
is no existing fwknopd process.  This is better than always exiting with a zero
status regardless of whether fwknopd is already running or not, and adds a level
of scriptability to --status usage.  This change was suggested by George Herlin.

16 months agoMerge remote-tracking branch 'upstream/master'
Franck Joncourt [Tue, 25 Jun 2013 21:03:28 +0000]
Merge remote-tracking branch 'upstream/master'

16 months ago* Mentionned the VERBOSE variable in fwknopd.conf.
Franck Joncourt [Tue, 25 Jun 2013 20:04:54 +0000]
* Mentionned the VERBOSE variable in fwknopd.conf.
* Made sure the -v command line switch overrides the value of the
  VERBOSE variable set in an fwknopd.conf file.

16 months agos/VERBOSITY/VERBOSE/g on the server side for consistency purposes.
Franck Joncourt [Tue, 25 Jun 2013 19:56:53 +0000]
s/VERBOSITY/VERBOSE/g on the server side for consistency purposes.

16 months agoFixed use of --verbose command line switch.
Franck Joncourt [Mon, 24 Jun 2013 21:15:50 +0000]
Fixed use of --verbose command line switch.

Set default log verbosity to LOG_INFO in the log_msg driver.

17 months agoChangeLog 2.5 updates
Michael Rash [Sat, 22 Jun 2013 01:37:23 +0000]
ChangeLog 2.5 updates

17 months ago[server] minor --help update to include cipherdyne.org URL
Michael Rash [Sat, 22 Jun 2013 01:11:23 +0000]
[server] minor --help update to include cipherdyne.org URL

17 months ago[client] re-use encryption/HMAC keys in --test mode
Michael Rash [Sat, 22 Jun 2013 01:08:38 +0000]
[client] re-use encryption/HMAC keys in --test mode

The client --test mode decrypts SPA packet data as a final step, but get_keys()
was being called to re-acquire the encryption/HMAC keys.  This commit reuses
the same keys that were supplied for SPA packet encryption/authentication
because the most important code to test is not get_keys() but rather libfko
encryption/decryption/authentication operations.

17 months ago[client] minor man page backwards compatibility wording tweak
Michael Rash [Fri, 21 Jun 2013 02:12:29 +0000]
[client] minor man page backwards compatibility wording tweak

17 months ago[client] add GPG_NO_SIGNING_PW to --save-rc-stanza functionality
Michael Rash [Fri, 21 Jun 2013 02:11:42 +0000]
[client] add GPG_NO_SIGNING_PW to --save-rc-stanza functionality

17 months agoInterim commit to add a VERBOSE variable to fwknopd.
Franck Joncourt [Thu, 20 Jun 2013 21:33:04 +0000]
Interim commit to add a VERBOSE variable to fwknopd.

17 months agoadded fwknoprc gpg signing pw test conf files to Makefile.am
Michael Rash [Thu, 20 Jun 2013 03:47:04 +0000]
added fwknoprc gpg signing pw test conf files to Makefile.am

17 months agoremove newline chars from log_msg() calls
Michael Rash [Thu, 20 Jun 2013 03:42:58 +0000]
remove newline chars from log_msg() calls

17 months ago[test suite] added tests for KEY synonym GPG_SIGNING_PW
Michael Rash [Thu, 20 Jun 2013 03:41:37 +0000]
[test suite] added tests for KEY synonym GPG_SIGNING_PW

17 months ago[libfko] defensive coding update to quiet minor CLANG static analyzer false positives
Michael Rash [Thu, 20 Jun 2013 03:38:37 +0000]
[libfko] defensive coding update to quiet minor CLANG static analyzer false positives

17 months ago[client] man page update to include GPG_SIGNING_PW synonym for KEY variable in GPG...
Michael Rash [Thu, 20 Jun 2013 03:37:19 +0000]
[client] man page update to include GPG_SIGNING_PW synonym for KEY variable in GPG mode

17 months ago[test suite] minor permission modification update to use %cf hash
Michael Rash [Wed, 19 Jun 2013 03:12:42 +0000]
[test suite] minor permission modification update to use %cf hash

17 months ago[client] add GPG_ALLOW_NO_SIGNING_PW and --gpg-no-signing-pw
Michael Rash [Wed, 19 Jun 2013 02:51:22 +0000]
[client] add GPG_ALLOW_NO_SIGNING_PW and --gpg-no-signing-pw

This change brings similar functionality to the client as the GPG_ALLOW_NO_PW
keyword in the server access.conf file.  Although this option is less likely
to be used than the analogous server functionality, it stands to reason that
the client should offer this feature.  The test suite has also been updated to
not use the --get-key option for the 'no password' GPG tests.

17 months ago[test suite] bug fix for missing file permission mods noticed by Franck
Michael Rash [Wed, 19 Jun 2013 02:50:10 +0000]
[test suite] bug fix for missing file permission mods noticed by Franck

17 months agoMerge remote-tracking branch 'fjoncourt/master'
Michael Rash [Wed, 19 Jun 2013 02:48:33 +0000]
Merge remote-tracking branch 'fjoncourt/master'

New strategy for log_module from Franck, closes #89

17 months agoFixed default verbosity to LOG_NOTICE rather than LOG_WARNING.
Franck Joncourt [Tue, 18 Jun 2013 20:12:41 +0000]
Fixed default verbosity to LOG_NOTICE rather than LOG_WARNING.

17 months agoReplaced some uses of *fprintf(stderr* by *log_msg(LOG_ERR* in config_init.c
Franck Joncourt [Mon, 17 Jun 2013 10:31:07 +0000]
Replaced some uses of *fprintf(stderr* by *log_msg(LOG_ERR* in config_init.c

17 months agoMerge remote-tracking branch 'upstream/master'
Franck Joncourt [Sun, 16 Jun 2013 20:28:26 +0000]
Merge remote-tracking branch 'upstream/master'

17 months agos/fprintf(stderr/log_msg(LOG_ERR/
Franck Joncourt [Sun, 16 Jun 2013 20:16:41 +0000]
s/fprintf(stderr/log_msg(LOG_ERR/

17 months agoFix static_log_flag in the log_module.
Franck Joncourt [Sun, 16 Jun 2013 19:24:37 +0000]
Fix static_log_flag in the log_module.

17 months agoFix log_msg().
Franck Joncourt [Sun, 16 Jun 2013 19:16:25 +0000]
Fix log_msg().

  * Added new constant LOG_WITHOUT_SYSLOG to be able to print messages to
    stderr only.
  * Renamed LOG_STDERR_MASK as LOG_VERBOSITY_MASK for a better understanding.

17 months agoInterim commit to make the log_msg strategy.
Franck Joncourt [Sun, 16 Jun 2013 17:12:06 +0000]
Interim commit to make the log_msg strategy.

  * log_msg : New log_set_verbosity(): It sets the default verbosity for the
    log module according to the verbose option set by the user through the command
    line.
  * Remove useless checks of the verbose option when log_msg() is invoked.

17 months ago[client] minor man page backwards compatibility update to include better examples
Michael Rash [Sun, 16 Jun 2013 12:27:29 +0000]
[client] minor man page backwards compatibility update to include better examples

17 months ago[test suite] bug fix for proper replay attack regex searching of test output, added...
Michael Rash [Sun, 16 Jun 2013 01:20:39 +0000]
[test suite] bug fix for proper replay attack regex searching of test output, added several replay attack tests

17 months ago[server] ensure 'Rule added' log messages are generated when create_rule() is called
Michael Rash [Fri, 14 Jun 2013 01:23:59 +0000]
[server] ensure 'Rule added' log messages are generated when create_rule() is called

17 months agominor typo and format fixes
Michael Rash [Fri, 14 Jun 2013 01:22:58 +0000]
minor typo and format fixes

17 months ago[server] when log_msg() is called fflush() output to stderr (when stderr is used)
Michael Rash [Fri, 14 Jun 2013 01:21:40 +0000]
[server] when log_msg() is called fflush() output to stderr (when stderr is used)

17 months ago[client] truncate args save file with open()
Michael Rash [Fri, 14 Jun 2013 01:20:11 +0000]
[client] truncate args save file with open()

17 months ago[test suite] minor OS compatibility test re-order
Michael Rash [Thu, 13 Jun 2013 03:10:19 +0000]
[test suite] minor OS compatibility test re-order

17 months ago[libfko] BYTEORDER macro update to 4321 or 1234 if all other methods fail
Michael Rash [Thu, 13 Jun 2013 03:09:55 +0000]
[libfko] BYTEORDER macro update to 4321 or 1234 if all other methods fail

17 months ago[test suite] added a few OS compatibility tests
Michael Rash [Wed, 12 Jun 2013 02:01:23 +0000]
[test suite] added a few OS compatibility tests

17 months ago[test suite] minor bug fix to add 'iptables' to custom chain test titles fwknop-2.5-pre2
Michael Rash [Tue, 11 Jun 2013 02:38:55 +0000]
[test suite] minor bug fix to add 'iptables' to custom chain test titles

17 months agobump version to 2.5-pre2
Michael Rash [Tue, 11 Jun 2013 02:34:48 +0000]
bump version to 2.5-pre2

17 months ago[libfko] handle endian detection on PPC (and other) systems
Michael Rash [Tue, 11 Jun 2013 02:27:57 +0000]
[libfko] handle endian detection on PPC (and other) systems

Blair Zajac contributed a patch to handle endian detection on PPC systems
and issue a compile time error if it cannot be determined.  This commit affects
the BYTEORDER macro.

17 months ago[libfko] use local strndup() if autoconf HAVE_STRNDUP not defined
Michael Rash [Tue, 11 Jun 2013 01:45:26 +0000]
[libfko] use local strndup() if autoconf HAVE_STRNDUP not defined

Blair Zajac reported that strndup() is not available on some PPC systems, so
this commit switches to use the local lib/fko_util.c implementation similarly
to what is done for Windows systems.

17 months agoadded missing test suite conf/ files to Makefile.am
Michael Rash [Tue, 11 Jun 2013 01:21:52 +0000]
added missing test suite conf/ files to Makefile.am

17 months ago[test suite] additional --save-rc-stanza tests for vars not printed in fwknop client...
Michael Rash [Tue, 11 Jun 2013 01:18:37 +0000]
[test suite] additional --save-rc-stanza tests for vars not printed in fwknop client decode output

17 months ago[test suite] added backwards compatibility tests with a dual usage key in access...
Michael Rash [Tue, 11 Jun 2013 01:16:33 +0000]
[test suite] added backwards compatibility tests with a dual usage key in access.conf

17 months ago[client] minor man page wording update for backwards compatibility section
Michael Rash [Tue, 11 Jun 2013 01:14:09 +0000]
[client] minor man page wording update for backwards compatibility section

17 months ago[client] minor man page tweak to use rc VERBOSE bool value (which is the default...
Michael Rash [Sun, 9 Jun 2013 20:00:46 +0000]
[client] minor man page tweak to use rc VERBOSE bool value (which is the default now)

17 months ago[commit] default --verbose rc handling to bool Y/N values, but allow integers too...
Michael Rash [Sun, 9 Jun 2013 19:58:22 +0000]
[commit] default --verbose rc handling to bool Y/N values, but allow integers too when --verbose is given multiple times

17 months ago[client] minor man page tweak
Michael Rash [Sun, 9 Jun 2013 19:57:16 +0000]
[client] minor man page tweak

17 months ago[test suite] added tests for setting gpg recipient, signer, and homedir via the clien...
Michael Rash [Sun, 9 Jun 2013 19:27:19 +0000]
[test suite] added tests for setting gpg recipient, signer, and homedir via the client rc file

17 months agoMerge branch 'master' of github.com:mrash/fwknop
Michael Rash [Sun, 9 Jun 2013 18:33:29 +0000]
Merge branch 'master' of github.com:mrash/fwknop

17 months ago[server] fix 'Use of untrusted string value' bug found by Coverity
Michael Rash [Sun, 9 Jun 2013 18:28:17 +0000]
[server] fix 'Use of untrusted string value' bug found by Coverity

This commit changes iptables policy parsing to re-use rule_exists() for fwknop
jump rule detection instead of using sscanf() against iptables policy list
output.  Also, fwknop jump rules are now deleted from iptables policies in a
loop to ensure all are removed even if there are duplicates (even though this
should not happen under normal circumstances anyway).

17 months agoMerge pull request #87 from fjoncourt/master
Michael Rash [Fri, 7 Jun 2013 03:22:55 +0000]
Merge pull request #87 from fjoncourt/master

Fwknop manpage update (fd and stdin command)

17 months ago[server] minor addition of IPT_CHK_RULE_ARGS macro for iptables -C usage
Michael Rash [Thu, 6 Jun 2013 02:33:42 +0000]
[server] minor addition of IPT_CHK_RULE_ARGS macro for iptables -C usage

17 months ago[server] minor bug fix to switch iptables comment match check to built-in INPUT chain
Michael Rash [Thu, 6 Jun 2013 01:46:51 +0000]
[server] minor bug fix to switch iptables comment match check to built-in INPUT chain

17 months agoMerge remote-tracking branch 'upstream/master'
Franck Joncourt [Wed, 5 Jun 2013 19:47:41 +0000]
Merge remote-tracking branch 'upstream/master'

Conflicts:
client/fwknop.8.in

17 months agoUpdated fwknop manpage to document both the use of stdin and fd commands.
Franck Joncourt [Wed, 5 Jun 2013 19:38:26 +0000]
Updated fwknop manpage to document both the use of stdin and fd commands.

17 months ago[server] comment additions regarding Coverity low priority TOCTOU issues
Michael Rash [Wed, 5 Jun 2013 02:17:59 +0000]
[server] comment additions regarding Coverity low priority TOCTOU issues

17 months ago[extras] update spa-entropy.pl script to point fwknop client in gpg mode to the no...
Michael Rash [Wed, 5 Jun 2013 01:17:15 +0000]
[extras] update spa-entropy.pl script to point fwknop client in gpg mode to the no-pw homedir

17 months agoMerge branch 'gpgme_autoconf_macro'
Michael Rash [Tue, 4 Jun 2013 01:59:26 +0000]
Merge branch 'gpgme_autoconf_macro'

This commit adds a new m4/gpgme.m4 to allow autogen.sh to work properly when
libgpgme is not installed.  Closes #72.

17 months agoa few HMAC doc updates to the libfko.texi file
Michael Rash [Tue, 4 Jun 2013 01:45:29 +0000]
a few HMAC doc updates to the libfko.texi file

17 months agofko-wrapper update to print fko_errstr() text, and to have one successful HMAC cycle
Michael Rash [Tue, 4 Jun 2013 00:54:40 +0000]
fko-wrapper update to print fko_errstr() text, and to have one successful HMAC cycle

17 months agoMerge remote-tracking branch 'fjoncourt/master'
Michael Rash [Mon, 3 Jun 2013 02:54:23 +0000]
Merge remote-tracking branch 'fjoncourt/master'

Closes #74 - allows a passphrase to be read from STDIN or from a file descriptor
via --fd.

17 months ago[test suite] minor bug fix to include the new legacy long key file in Makefile.am
Michael Rash [Mon, 3 Jun 2013 02:08:54 +0000]
[test suite] minor bug fix to include the new legacy long key file in Makefile.am

17 months ago[test suite] added backwards compatibility test for truncated keys longer > 16 chars
Michael Rash [Mon, 3 Jun 2013 01:19:19 +0000]
[test suite] added backwards compatibility test for truncated keys longer > 16 chars

17 months agoMerge remote-tracking branch 'upstream/master'
Franck Joncourt [Sun, 2 Jun 2013 19:54:25 +0000]
Merge remote-tracking branch 'upstream/master'

Conflicts:
client/config_init.c

17 months agoAdding support for reading encryption/key password from a file descriptor.
Franck Joncourt [Sun, 2 Jun 2013 19:36:17 +0000]
Adding support for reading encryption/key password from a file descriptor.

 * Added tests to the test suite.
 * Updated the usage message.
 * Fixed the password functions.

reference : mrash/fwknop#74

17 months agostarted on libfko.texi function prototype and FKO error code documentation updates
Michael Rash [Sun, 2 Jun 2013 18:50:37 +0000]
started on libfko.texi function prototype and FKO error code documentation updates

17 months agorestored the NEWS file since autoconf seems to need it
Michael Rash [Sun, 2 Jun 2013 18:29:37 +0000]
restored the NEWS file since autoconf seems to need it

17 months agoUpdated copyright dates, removed NEWS file in favor of the ChangeLog
Michael Rash [Sun, 2 Jun 2013 18:07:01 +0000]
Updated copyright dates, removed NEWS file in favor of the ChangeLog

17 months agoAdded backwards compatibility section to the client man page
Michael Rash [Sun, 2 Jun 2013 17:51:25 +0000]
Added backwards compatibility section to the client man page

Added backwards compatibility section and new material on a 'quick start'
subsection for the EXAMPLES section.

17 months agoChangeLog update to mention the constant_runtime_cmp() change
Michael Rash [Sun, 2 Jun 2013 02:30:29 +0000]
ChangeLog update to mention the constant_runtime_cmp() change

17 months agoMerge branch 'hmac_timing_bug_fix'
Michael Rash [Sun, 2 Jun 2013 02:23:35 +0000]
Merge branch 'hmac_timing_bug_fix'

Fixes #85

17 months agoadded fwknopd man page blurb for the ENABLE_PCAP_ANY_DIRECTION variable
Michael Rash [Sun, 2 Jun 2013 02:10:32 +0000]
added fwknopd man page blurb for the ENABLE_PCAP_ANY_DIRECTION variable

17 months agoConvert strncmp() calls to constant_runtime_cmp() at various places hmac_timing_bug_fix
Michael Rash [Sun, 2 Jun 2013 01:55:45 +0000]
Convert strncmp() calls to constant_runtime_cmp() at various places

This commit is a follow up to Ryman's report (#85) of a potential timing attack
that could be leveraged against fwknop when strncmp() is used to compare HMAC
digests.  All strncmp() calls that do similar things have been replaced with a
new constant_runtime_cmp() function that mitigates this problem.

17 months agoInterim commit to be able to load key from file descriptor (fd 0 for example).
Franck Joncourt [Sat, 1 Jun 2013 21:14:56 +0000]
Interim commit to be able to load key from file descriptor (fd 0 for example).

17 months ago[libfko] HMAC comparison timing bug fix
Michael Rash [Sat, 1 Jun 2013 13:09:17 +0000]
[libfko] HMAC comparison timing bug fix

Ryman reported a timing attack bug in the HMAC comparison operation (#85) and
suggested a fix derived from YaSSL:
http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg320402.html

17 months ago[server] minor update to rename PCAP_ANY_DIRECTION -> ENABLE_PCAP_ANY_DIRECTION
Michael Rash [Sat, 1 Jun 2013 03:19:48 +0000]
[server] minor update to rename PCAP_ANY_DIRECTION -> ENABLE_PCAP_ANY_DIRECTION

17 months ago[client] allow -D to be used in --save-rc-stanza mode if -n is not given
Michael Rash [Sat, 1 Jun 2013 03:01:47 +0000]
[client] allow -D to be used in --save-rc-stanza mode if -n is not given

This change simplifies the fwknop client usage by allowing the -D argument to
be used as the stanza name if -n is not also specified in --save-rc-stanza
mode.

17 months agoadded HMAC digests section to libfko info doc
Michael Rash [Sat, 1 Jun 2013 02:47:06 +0000]
added HMAC digests section to libfko info doc

17 months agoupdate man page in client/server directories to the latest
Michael Rash [Sat, 1 Jun 2013 01:36:49 +0000]
update man page in client/server directories to the latest

17 months ago[test suite] minor update to reduce logging noise in valgrind comparison test
Michael Rash [Fri, 31 May 2013 02:50:29 +0000]
[test suite] minor update to reduce logging noise in valgrind comparison test

17 months agominor configure.ac typo fix for --help output
Michael Rash [Fri, 31 May 2013 02:42:13 +0000]
minor configure.ac typo fix for --help output

17 months agominor documentation updates
Michael Rash [Fri, 31 May 2013 02:26:09 +0000]
minor documentation updates

17 months ago[client] don't print keys to stdout in --save-rc-stanza --key-gen mode
Michael Rash [Fri, 31 May 2013 02:03:11 +0000]
[client] don't print keys to stdout in --save-rc-stanza --key-gen mode

This is a minor commit to not print keys to stdout when both --save-rc-stanza
and --key-gen are set on the command line.

17 months agoMerge remote-tracking branch 'fjoncourt/save_rc_stanza'
Michael Rash [Wed, 29 May 2013 22:53:08 +0000]
Merge remote-tracking branch 'fjoncourt/save_rc_stanza'

This set of fixes from Franck allows for much better --save-rc-stanza
functionality - new SPA keys can automatically be saved to the fwknoprc
file when --key-gen and --save-rc-stanza are given, keys aren't overwritten
upon updating the arguments for an existing stanza, and more.

Conflicts:
client/config_init.c

17 months agoThe -R command line switch is now handled in fwknoprc as RESOLVE_IP_HTTP variable.
Franck Joncourt [Wed, 29 May 2013 12:06:57 +0000]
The -R command line switch is now handled in fwknoprc as RESOLVE_IP_HTTP variable.

17 months agoFixed ask_overwrite(). Generated keys are now stored in fwknoprc.
Franck Joncourt [Wed, 29 May 2013 10:19:56 +0000]
Fixed ask_overwrite(). Generated keys are now stored in fwknoprc.

 * ask_overwrite() : when the user inputs more than one char when prompted,
   a second call to the function does not take the second char anymore.
   We parse all of the chars until we reach an LF char and discard all of them
   except the first one.
   The overwrite is requested only when the user sets 'y', if there is anything
   else we asssume 'N'.

 * When -k is used on the command line along with the --save-rc-stanza, the
   generated keys are also written in the stanza in fwknoprc.

17 months agoThe variables are now stored in a hash (variable name and position) rather than
Franck Joncourt [Tue, 28 May 2013 15:14:36 +0000]
The variables are now stored in a hash (variable name and position) rather than
an array containing only their name. It is now possible to sort them without
 worrying about their position in the enumeration.

Improve variable naming for a better understanding (var_ndx becomes var_pos).

17 months agoInterim commit to handle bitmask with more than 32 positions.
Franck Joncourt [Mon, 27 May 2013 16:18:47 +0000]
Interim commit to handle bitmask with more than 32 positions.

17 months agoSet command line argument bitmask as a 64-bits value to be able to handle more arguments.
Franck Joncourt [Sat, 25 May 2013 19:56:01 +0000]
Set command line argument bitmask as a 64-bits value to be able to handle more arguments.

 Interim commit to add the VERBOSE variable to be stored in the fwknoprc file when
 -v is used with --save-rc-stanza. The VERBOSE variable is also read by fwknop
 and the verbosity level is set accordingly.

18 months agominor Makefile.am update to set permissions on access.conf.inst and fwknopd.conf...
Michael Rash [Fri, 24 May 2013 02:29:41 +0000]
minor Makefile.am update to set permissions on access.conf.inst and fwknopd.conf.inst files