fwknop.git
3 months ago[libfko] bug fix to check strdup() return value
Michael Rash [Mon, 9 Jun 2014 03:09:55 +0000]
[libfko] bug fix to check strdup() return value

Using the 'fiu-run' fault injection binary, a couple of cases were
turned up with libfko does not properly check the strdup() return value.
This commit fixes these issues, and here is an illustration of the stack
trace for one such issue:

  Core was generated by `../client/.libs/fwknop -A tcp/22 -a 127.0.0.2 -D
  127.0.0.1 --get-key local_spa.'.
  Program terminated with signal 11, Segmentation fault.
  #0  __strnlen_sse2 () at ../sysdeps/x86_64/multiarch/../strnlen.S:34
  34      ../sysdeps/x86_64/multiarch/../strnlen.S: No such file or directory.
  (gdb) where
  #0  __strnlen_sse2 () at ../sysdeps/x86_64/multiarch/../strnlen.S:34
  #1  0x00007effa38189bc in _rijndael_encrypt (enc_key_len=<optimized out>, enc_key=<optimized out>, ctx=0x7effa5945750) at fko_encryption.c:141
  #2  fko_encrypt_spa_data (ctx=0x7effa5945750, enc_key=<optimized out>, enc_key_len=<optimized out>) at fko_encryption.c:605
  #3  0x00007effa381a2d6 in fko_spa_data_final (ctx=0x7effa5945750, enc_key=enc_key@entry=0x7fff3ff4aa10 "fwknoptest", enc_key_len=<optimized out>, hmac_key=hmac_key@entry=0x7fff3ff4aaa0 "", hmac_key_len=0) at fko_funcs.c:489
  #4  0x00007effa405f2fb in main (argc=<optimized out>, argv=<optimized out>) at fwknop.c:449

3 months ago[test suite] make valgrind suppressions slightly more perscriptive
Michael Rash [Mon, 9 Jun 2014 00:22:19 +0000]
[test suite] make valgrind suppressions slightly more perscriptive

3 months ago[test suite] in valgrind mode, make tests fail whenever there are 'definitely' or...
Michael Rash [Mon, 9 Jun 2014 00:20:19 +0000]
[test suite] in valgrind mode, make tests fail whenever there are 'definitely' or 'indirectly' lost bytes in memory

3 months ago[client] minor bug fix for condition under which fiu_* functions are called for fault...
Michael Rash [Mon, 9 Jun 2014 00:19:03 +0000]
[client] minor bug fix for condition under which fiu_* functions are called for fault injection

3 months ago[libfko] fko_new() bug fix to not leak memory under fko_set_... error conditions
Michael Rash [Sat, 7 Jun 2014 01:28:28 +0000]
[libfko] fko_new() bug fix to not leak memory under fko_set_... error conditions

This commit changes how fko_new() deals with FKO context initialization
to not set ctx->initval back to zero (uninitialized) imediately after
calling each fko_set_... function and before checking the fko_set_... return
value.  The reason for this change is that fko_destroy() checks for
context initialization via ctx->initval before calling free() against
any heap allocated context member. So, if fko_set_... returns an error,
fko_destroy() (previous to this commit) would have no opportunity to
free such members.

This bug was found with fault injection testing provided by libfiu
together with valgrind. Specifically the following test suite command
exposes the problem (from the test/ directory):

./test-fwknop.pl --enable-complete --include "fault injection.*libfko"

In the resulting output/2.test file valgrind reports the following:

==27941== LEAK SUMMARY:
==27941==    definitely lost: 264 bytes in 1 blocks
==27941==    indirectly lost: 28 bytes in 3 blocks
==27941==      possibly lost: 0 bytes in 0 blocks
==27941==    still reachable: 1,099 bytes in 12 blocks
==27941==         suppressed: 0 bytes in 0 blocks

After this commit is applied, this changes to:

==7137== LEAK SUMMARY:
==7137==    definitely lost: 0 bytes in 0 blocks
==7137==    indirectly lost: 0 bytes in 0 blocks
==7137==      possibly lost: 0 bytes in 0 blocks
==7137==    still reachable: 1,099 bytes in 12 blocks
==7137==         suppressed: 0 bytes in 0 blocks

Note that 'definitely lost' in valgrind output means there is a real
memory leak that needs to be fixed whereas 'still reachable' is most
likely not a real problem according to:

http://valgrind.org/docs/manual/faq.html#faq.deflost

3 months ago[test suite] additional fix for duplicate fault injection tags
Michael Rash [Fri, 6 Jun 2014 03:13:01 +0000]
[test suite] additional fix for duplicate fault injection tags

3 months ago[test suite] minor fix for duplicate fault injection tags
Michael Rash [Fri, 6 Jun 2014 03:10:41 +0000]
[test suite] minor fix for duplicate fault injection tags

3 months agoadd --fault-injection-tag support to the client/server/libfko
Michael Rash [Fri, 6 Jun 2014 03:05:49 +0000]
add --fault-injection-tag support to the client/server/libfko

This is a significant commit to add the ability to leverage libfko fault
injections from both the fwknop client and server command lines via a
new option '--fault-injection-tag <tag name>'.  This option is used by
the test suite with the tests/fault_injection.pl tests.

3 months ago[test suite] added coverage_diff.py
Michael Rash [Mon, 2 Jun 2014 02:30:54 +0000]
[test suite] added coverage_diff.py

This commit adds support for diff'ing before and after gcov/lcov results
to see when new function/line coverage is added by the test suite.  Here
is an example of its output:

Sun Jun  1 22:28:00 2014 CMD: ./coverage_diff.py
[+] Coverage: /home/mbr/git/fwknop.git/server/config_init.c
[+] new 'fcns' coverage: usage()
[+] new 'lines' coverage: 1015
[+] new 'lines' coverage: 1017
[+] new 'lines' coverage: 1019
[+] new 'lines' coverage: 1059
[+] new 'lines' coverage: 979
[+] Coverage: /home/mbr/git/fwknop.git/server/fw_util_iptables.c
[+] new 'lines' coverage: 560
[+] new 'lines' coverage: 561

3 months ago[test suite] add shell escape for /usr/include/* wildcard on lcov command line
Michael Rash [Tue, 27 May 2014 03:15:09 +0000]
[test suite] add shell escape for /usr/include/* wildcard on lcov command line

3 months agorestore trustdb.gpg files
Michael Rash [Tue, 27 May 2014 03:06:14 +0000]
restore trustdb.gpg files

3 months ago[test suite] fix LD_LIBRARY_PATH for fiu-run execution against fko-wrapper binaries
Michael Rash [Tue, 27 May 2014 02:53:44 +0000]
[test suite] fix LD_LIBRARY_PATH for fiu-run execution against fko-wrapper binaries

3 months agoRevert "add gcc '-pg' flag in --enable-profile-coverage mode"
Michael Rash [Tue, 27 May 2014 01:28:19 +0000]
Revert "add gcc '-pg' flag in --enable-profile-coverage mode"

This reverts commit bbe5626566d617317f2d25f5650f2299c95f2c9f because -pg
is needed for gprof, not gcov, and valgrind is incompatible with -pg.

3 months agouse fiu.h instead of fiu-local.h
Michael Rash [Mon, 26 May 2014 19:54:12 +0000]
use fiu.h instead of fiu-local.h

3 months ago[test suite] added first test to run fwknop client underneath fiu-run for libc fault...
Michael Rash [Mon, 26 May 2014 19:09:02 +0000]
[test suite] added first test to run fwknop client underneath fiu-run for libc fault injection

3 months ago[test suite] in --enable-fuzzing-interfaces mode create fko-wrapper/send_spa_payloads...
Michael Rash [Mon, 26 May 2014 18:18:27 +0000]
[test suite] in --enable-fuzzing-interfaces mode create fko-wrapper/send_spa_payloads file if it does exist

3 months ago[test suite] minor fko_wrapper comment update
Michael Rash [Mon, 26 May 2014 12:40:26 +0000]
[test suite] minor fko_wrapper comment update

3 months agoclient/server added libfiu header files in --enable-libfiu-support mode
Michael Rash [Mon, 26 May 2014 12:39:44 +0000]
client/server added libfiu header files in --enable-libfiu-support mode

3 months ago[test suite] auto-generate fko-wrapper/fuzz_spa_payload file with spa_fuzzing.py...
Michael Rash [Mon, 26 May 2014 02:10:43 +0000]
[test suite] auto-generate fko-wrapper/fuzz_spa_payload file with spa_fuzzing.py if necessary in --enable-complete/--enable-fuzzing-interfaces mode

3 months ago[test suite] added configure_max_coverage.sh for --enable-complete mode
Michael Rash [Sun, 25 May 2014 20:23:40 +0000]
[test suite] added configure_max_coverage.sh for --enable-complete mode

3 months ago[test suite] SPA packet fuzzer minor comment additions to clearly define SPA packet...
Michael Rash [Sun, 25 May 2014 19:50:09 +0000]
[test suite] SPA packet fuzzer minor comment additions to clearly define SPA packet types

3 months ago[test suite] added fko_new_with_data() call with SPA data that is too short
Michael Rash [Sun, 25 May 2014 19:08:31 +0000]
[test suite] added fko_new_with_data() call with SPA data that is too short

3 months ago[test suite] added --enable-complete option for fuzzing, fault injection, and code...
Michael Rash [Sun, 25 May 2014 16:37:35 +0000]
[test suite] added --enable-complete option for fuzzing, fault injection, and code coverage

4 months ago[test suite] added the ability to run fiu-run fault injection binary against fwknop
Michael Rash [Sat, 24 May 2014 21:55:57 +0000]
[test suite] added the ability to run fiu-run fault injection binary against fwknop

4 months ago[libfko] added fault injections for remaining ...set...() functions called by fko_new()
Michael Rash [Sat, 24 May 2014 19:12:07 +0000]
[libfko] added fault injections for remaining ...set...() functions called by fko_new()

4 months ago[libfko] added fault injections for fko_set_username()
Michael Rash [Sat, 24 May 2014 18:47:10 +0000]
[libfko] added fault injections for fko_set_username()

4 months ago[libfko] added fault injections for fko_set_rand_value()
Michael Rash [Sat, 24 May 2014 18:01:49 +0000]
[libfko] added fault injections for fko_set_rand_value()

4 months ago[libfko] started on libfiu fault injection code
Michael Rash [Sat, 24 May 2014 14:14:28 +0000]
[libfko] started on libfiu fault injection code

4 months ago[test suite] added tests/rijndael_hmac_fuzzing.pl file
Michael Rash [Fri, 23 May 2014 22:55:06 +0000]
[test suite] added tests/rijndael_hmac_fuzzing.pl file

4 months ago[test suite] add hmac_fuzzing_access.conf file
Michael Rash [Fri, 23 May 2014 22:50:47 +0000]
[test suite] add hmac_fuzzing_access.conf file

4 months ago[test suite] added tests/rijndael_hmac_fuzzing.pl file
Michael Rash [Fri, 23 May 2014 22:55:06 +0000]
[test suite] added tests/rijndael_hmac_fuzzing.pl file

4 months ago[test suite] add hmac_fuzzing_access.conf file
Michael Rash [Fri, 23 May 2014 22:50:47 +0000]
[test suite] add hmac_fuzzing_access.conf file

4 months ago[test suite] add fault injection tests
Michael Rash [Thu, 22 May 2014 13:36:11 +0000]
[test suite] add fault injection tests

4 months ago[test suite] make fko_wrapper binary path absolute
Michael Rash [Thu, 22 May 2014 13:30:36 +0000]
[test suite] make fko_wrapper binary path absolute

4 months ago[test suite] make fko_wrapper binary path absolute
Michael Rash [Thu, 22 May 2014 13:29:06 +0000]
[test suite] make fko_wrapper binary path absolute

4 months ago[test suite] add fko_basic.c file to the FKO wrapper
Michael Rash [Thu, 22 May 2014 13:24:16 +0000]
[test suite] add fko_basic.c file to the FKO wrapper

4 months agoadd gcc '-pg' flag in --enable-profile-coverage mode
Michael Rash [Thu, 22 May 2014 13:19:45 +0000]
add gcc '-pg' flag in --enable-profile-coverage mode

4 months ago[test suite] minor line counter addition for file_find_regex()
Michael Rash [Wed, 21 May 2014 13:12:20 +0000]
[test suite] minor line counter addition for file_find_regex()

4 months agoadded --enable-libfiu-support to build fwknop with fault injection support
Michael Rash [Wed, 21 May 2014 12:27:31 +0000]
added --enable-libfiu-support to build fwknop with fault injection support

4 months ago[test suite] started on support for libfiu fault injection tests
Michael Rash [Wed, 21 May 2014 01:20:10 +0000]
[test suite] started on support for libfiu fault injection tests

4 months ago[test suite] expand libfko username coverage testing by adding undef LOGNAME env...
Michael Rash [Sun, 11 May 2014 03:16:32 +0000]
[test suite] expand libfko username coverage testing by adding undef LOGNAME env variable test

4 months ago[test suite] stronger valgrind test requirements
Michael Rash [Sat, 10 May 2014 01:13:48 +0000]
[test suite] stronger valgrind test requirements

This commit adds a couple of suppressions for known issues that valgrind
finds in libcap, and then makes a significant change to how the test
suite deals with any valgrind errors (in --enable-valgrind mode) that
are outside of these suppressions.  That is, any new valgrind errors
that are discovered will cause the test that triggers them to fail.
Previous to this commit, the final valgrind "flagged functions" test
attmpted to do this by comparing valgrind output across test runs. This
worked well enough for a while, but this latest commit enforces a
stricter stance for valgrind validation of the fwknop code base.

4 months ago[fko-wrapper] add missing fko_destroy() call
Michael Rash [Sat, 10 May 2014 00:53:32 +0000]
[fko-wrapper] add missing fko_destroy() call

4 months ago[test suite] python fuzzer pkt_id counter minor bug fix
Michael Rash [Sat, 10 May 2014 00:51:29 +0000]
[test suite] python fuzzer pkt_id counter minor bug fix

4 months ago[test suite] add lib path and valgrind string to server start/stop cycle tests
Michael Rash [Fri, 9 May 2014 11:57:46 +0000]
[test suite] add lib path and valgrind string to server start/stop cycle tests

4 months ago[test suite] add SIGINT, SIGUSR1, and SIGUSR2 signals to restart cycle test for code...
Michael Rash [Fri, 9 May 2014 11:49:57 +0000]
[test suite] add SIGINT, SIGUSR1, and SIGUSR2 signals to restart cycle test for code coverage

4 months ago[test stuie] fko-wrapper PKT_ID generation + send fuzzing packets back through fko_ne...
Michael Rash [Mon, 5 May 2014 05:15:20 +0000]
[test stuie] fko-wrapper PKT_ID generation + send fuzzing packets back through fko_new_with_data() cycle

4 months ago[server] add --test mode to enable broader fuzzing coverage
Michael Rash [Tue, 6 May 2014 03:51:21 +0000]
[server] add --test mode to enable broader fuzzing coverage

4 months ago[server] minor fix to remove unnecessary opts.status check
Michael Rash [Tue, 6 May 2014 03:11:32 +0000]
[server] minor fix to remove unnecessary opts.status check

4 months agoadd new test suite conf files
Michael Rash [Tue, 6 May 2014 03:05:02 +0000]
add new test suite conf files

4 months ago[test suite] Rijndael HMAC fuzzing support and a few minor test additions
Michael Rash [Tue, 6 May 2014 03:01:44 +0000]
[test suite] Rijndael HMAC fuzzing support and a few minor test additions

4 months ago[server] add --exit-parse-config option, man page updates (minor formatting change)
Michael Rash [Sun, 4 May 2014 13:17:27 +0000]
[server] add --exit-parse-config option, man page updates (minor formatting change)

4 months ago[test suite] add digest cache rewrite feature for test coverage, add config line...
Michael Rash [Sun, 4 May 2014 13:16:39 +0000]
[test suite] add digest cache rewrite feature for test coverage, add config line and pcap filter validation tests

4 months ago[test suite] add multi-port access request to python fuzzer
Michael Rash [Sun, 4 May 2014 13:15:44 +0000]
[test suite] add multi-port access request to python fuzzer

4 months ago[server] add --dump-serv-err-codes for test coverage
Michael Rash [Wed, 30 Apr 2014 03:50:54 +0000]
[server] add --dump-serv-err-codes for test coverage

4 months ago[server] add test coverage for tcp server when FUZZING_INTERFACES is defined
Michael Rash [Wed, 30 Apr 2014 03:41:01 +0000]
[server] add test coverage for tcp server when FUZZING_INTERFACES is defined

4 months ago[server] bug fix to handle SPA packets via http
Michael Rash [Wed, 30 Apr 2014 03:25:31 +0000]
[server] bug fix to handle SPA packets via http

4 months ago[test suite] significant test coverage update
Michael Rash [Wed, 30 Apr 2014 00:54:01 +0000]
[test suite] significant test coverage update

This commit adds a lot of test coverage support as guided by gcov +
lcov.

Also added the --no-ipt-check-support option to fwknopd (this is only
useful in practice on older Linux distros where 'iptables -C' is not
available, but it helps with test coverage).

4 months agoMerge branch 'spa_encoding_fuzzing'
Michael Rash [Tue, 29 Apr 2014 03:00:16 +0000]
Merge branch 'spa_encoding_fuzzing'

4 months agochanges since fwknop-2.6.1 2.6.2
Michael Rash [Tue, 29 Apr 2014 01:20:21 +0000]
changes since fwknop-2.6.1

4 months agoupdated RPM Release tag to 1
Michael Rash [Tue, 29 Apr 2014 01:17:13 +0000]
updated RPM Release tag to 1

4 months agochanges since 2.6.1
Michael Rash [Tue, 29 Apr 2014 01:08:49 +0000]
changes since 2.6.1

4 months ago[libfko] bumped version to 2.0.2
Michael Rash [Tue, 29 Apr 2014 01:08:27 +0000]
[libfko] bumped version to 2.0.2

4 months agochanges since 2.6.1
Michael Rash [Tue, 29 Apr 2014 00:43:18 +0000]
changes since 2.6.1

4 months agominor 2.6.2 release date change
Michael Rash [Tue, 29 Apr 2014 00:26:05 +0000]
minor 2.6.2 release date change

4 months agochanges since 2.6.1
Michael Rash [Sun, 27 Apr 2014 03:46:40 +0000]
changes since 2.6.1

4 months agobumped version to 2.6.2
Michael Rash [Sun, 27 Apr 2014 03:43:32 +0000]
bumped version to 2.6.2

4 months agoChangeLog for 2.6.2
Michael Rash [Sun, 27 Apr 2014 03:42:17 +0000]
ChangeLog for 2.6.2

4 months ago[libfko] fix double free bug in SPA parser
Michael Rash [Wed, 23 Apr 2014 01:58:09 +0000]
[libfko] fix double free bug in SPA parser

This commit fixes a double free condition discovered through the new
python SPA payload fuzzer.  This bug could be triggered in fwknopd with
a malicious SPA payload but only when GnuPG is used.  When Rijndael is
used for SPA packet encryption, this bug cannot be triggered due to an
length/format check towards the end of _rijndael_decrypt().  It should
be noted that only a person in possession of the correct encryption and
authentication GnuPG keys could trigger this bug.

4 months ago[libfko/test suite] add the FUZZING_INTERFACES macro
Michael Rash [Sun, 27 Apr 2014 03:04:44 +0000]
[libfko/test suite] add the FUZZING_INTERFACES macro

Add a new fko_set_encoded_data() function gated by #define
FUZZING_INTERFACES to allow encryption and authentication to be bypassed
for fuzzing purposes (and only fuzzing purposes).  The fko-wrapper code
has been extended to process data in the
test/fko-wrapper/fuzz_spa_payloads file, which is created by the new
python fuzzer.  Typical workflow is:

$ cd test/fko-wrapper
$ ../spa_fuzzer.py > fuzz_spa_payloads
$ make fuzzing

(as root):

./test-fwknop.pl  --enable-profile-coverage --enable-fuzzing-interfaces --enable-all --include wrapper

[+] Starting the fwknop test suite...

    args: --enable-profile-coverage --enable-fuzzing-interfaces --enable-all --include wrapper

    Saved results from previous run to: output.last/

    Valgrind mode enabled, will import previous coverage from:
        output.last/valgrind-coverage/

[+] Total test buckets to execute: 2

[Rijndael] [fko-wrapper] multiple libfko calls (with valgrind)......pass (1)
[Rijndael] [fko-wrapper] multiple libfko calls......................pass (2)
[profile coverage] gcov profile coverage............................pass (3)
[valgrind output] [flagged functions] ..............................pass (4)

    Run time: 5.85 minutes

[+] 0/0/0 OpenSSL tests passed/failed/executed
[+] 0/0/0 OpenSSL HMAC tests passed/failed/executed
[+] 4/0/4 test buckets passed/failed/executed

4 months ago[test suite] python fuzzer - more field length variations to hit MAX_SPA_MESSAGE_SIZE
Michael Rash [Sun, 27 Apr 2014 03:01:47 +0000]
[test suite] python fuzzer - more field length variations to hit MAX_SPA_MESSAGE_SIZE

4 months ago[test suite] libfko wrapper is already called in Rijndael tests
Michael Rash [Sun, 27 Apr 2014 02:35:57 +0000]
[test suite] libfko wrapper is already called in Rijndael tests

4 months ago[test suite] python fuzzer - account for base64 strings that have stripped '=' chars
Michael Rash [Sun, 27 Apr 2014 02:03:32 +0000]
[test suite] python fuzzer - account for base64 strings that have stripped '=' chars

4 months ago[test suite] python fuzzer - add fuzzing fields to original fields (interim commit)
Michael Rash [Sat, 26 Apr 2014 21:03:47 +0000]
[test suite] python fuzzer - add fuzzing fields to original fields (interim commit)

5 months ago[test suite] python fuzzer - break out fuzzing sections into dedicated functions
Michael Rash [Fri, 25 Apr 2014 02:11:04 +0000]
[test suite] python fuzzer - break out fuzzing sections into dedicated functions

5 months ago[test suite] add command mode SPA payload and splicing tests to python fuzzer
Michael Rash [Thu, 24 Apr 2014 03:31:37 +0000]
[test suite] add command mode SPA payload and splicing tests to python fuzzer

5 months ago[test suite] support multiple initial SPA payloads in the python fuzzer
Michael Rash [Wed, 23 Apr 2014 03:48:13 +0000]
[test suite] support multiple initial SPA payloads in the python fuzzer

5 months ago[test suite] python fuzzer additional tests
Michael Rash [Wed, 23 Apr 2014 03:20:06 +0000]
[test suite] python fuzzer additional tests

5 months ago[libfko] fix double free bug in SPA parser
Michael Rash [Wed, 23 Apr 2014 01:58:09 +0000]
[libfko] fix double free bug in SPA parser

This commit fixes a double free condition discovered through the new
python SPA payload fuzzer.  This bug could be triggered in fwknopd with
a malicious SPA payload but only when GnuPG is used.  When Rijndael is
used for SPA packet encryption, this bug cannot be triggered due to an
length/format check towards the end of _rijndael_decrypt().  It should
be noted that only a person in possession of the correct encryption and
authentication GnuPG keys could trigger this bug.

5 months ago[test suite] add python SPA packet payload fuzzer
Michael Rash [Wed, 23 Apr 2014 01:00:16 +0000]
[test suite] add python SPA packet payload fuzzer

5 months ago[test suite] add --enable-fuzzing-interfaces, fix profile coverage file handling
Michael Rash [Wed, 23 Apr 2014 00:58:03 +0000]
[test suite] add --enable-fuzzing-interfaces, fix profile coverage file handling

5 months ago[libfko] for fuzzing purposes, added fko_set_encoded_data() to bypass encryption...
Michael Rash [Sat, 19 Apr 2014 01:39:54 +0000]
[libfko] for fuzzing purposes, added fko_set_encoded_data() to bypass encryption and authentication for SPA payloads

5 months agocredit Blair and Tim with MacPorts and Homebrew maintainer status
Michael Rash [Mon, 14 Apr 2014 01:39:50 +0000]
credit Blair and Tim with MacPorts and Homebrew maintainer status

5 months agochanges since 2.6.0 2.6.1
Michael Rash [Sat, 12 Apr 2014 19:25:03 +0000]
changes since 2.6.0

5 months ago[server] bug fix to allow IP-formatted masks for SOURCE lines in access.conf
Michael Rash [Sat, 12 Apr 2014 19:21:00 +0000]
[server] bug fix to allow IP-formatted masks for SOURCE lines in access.conf

5 months agominor typo fix
Michael Rash [Sat, 12 Apr 2014 19:20:31 +0000]
minor typo fix

5 months ago[client] fix minor memory leak before exit() in parsing invalid time offsets
Michael Rash [Sat, 12 Apr 2014 02:45:27 +0000]
[client] fix minor memory leak before exit() in parsing invalid time offsets

5 months agobump version to 2.6.1
Michael Rash [Sat, 12 Apr 2014 02:41:00 +0000]
bump version to 2.6.1

5 months ago[client] fix memory leak introduced in 0ff210099
Michael Rash [Fri, 11 Apr 2014 03:18:44 +0000]
[client] fix memory leak introduced in 0ff210099

5 months ago[test suite] implement new fwknopd access/fwknopd.conf file writing feature similar...
Michael Rash [Fri, 11 Apr 2014 03:10:11 +0000]
[test suite] implement new fwknopd access/fwknopd.conf file writing feature similar to client rc file writing/testing

5 months ago[test suite] add compounded tests for fko-wrapper
Michael Rash [Fri, 11 Apr 2014 03:08:51 +0000]
[test suite] add compounded tests for fko-wrapper

5 months ago[server] make parse_access_file() exit if there is a variable formatting problem
Michael Rash [Fri, 11 Apr 2014 03:08:19 +0000]
[server] make parse_access_file() exit if there is a variable formatting problem

5 months ago[client] ensure to call fko_destroy() on the correct context if encryption mode could...
Michael Rash [Fri, 11 Apr 2014 03:07:39 +0000]
[client] ensure to call fko_destroy() on the correct context if encryption mode could not be determined

5 months ago[client] make is_rc_param() error condition fatal
Michael Rash [Fri, 11 Apr 2014 00:48:05 +0000]
[client] make is_rc_param() error condition fatal

5 months ago[test suite] --key-* arg validation with --fd 0
Michael Rash [Thu, 10 Apr 2014 03:56:50 +0000]
[test suite] --key-* arg validation with --fd 0

5 months ago[server] Validate GPG sigs with libfko fko_gpg_signature_id_match() function
Michael Rash [Thu, 10 Apr 2014 03:56:03 +0000]
[server] Validate GPG sigs with libfko fko_gpg_signature_id_match() function

5 months ago[test suite/client] memory leak bug fix and test coverage
Michael Rash [Wed, 9 Apr 2014 01:12:46 +0000]
[test suite/client] memory leak bug fix and test coverage

This commit fixes a minor memory leak in the fwknop client before
calling exit() when an abnormally large number of command line arguments
are given.  The leak was found with valgrind together with the test
suite (specifically the 'show last args (4)' test):

==23748== 175 bytes in 50 blocks are definitely lost in loss record 1 of 1
==23748==    at 0x4C2C494: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23748==    by 0x1112F1: run_last_args (fwknop.c:991)
==23748==    by 0x110D36: prev_exec (fwknop.c:916)
==23748==    by 0x10D953: main (fwknop.c:170)

Additional test coverage was added for the client via the
basic_operations.pl tests.

5 months ago[libfko] minor formating update for strtol_wrapper() range output messages
Michael Rash [Wed, 9 Apr 2014 01:08:24 +0000]
[libfko] minor formating update for strtol_wrapper() range output messages

5 months ago[libfko] minor comment re-wording
Michael Rash [Wed, 9 Apr 2014 01:06:45 +0000]
[libfko] minor comment re-wording

5 months ago[client] minor typo fix
Michael Rash [Wed, 9 Apr 2014 01:06:18 +0000]
[client] minor typo fix