Changeset 1025

Show
Ignore:
Timestamp:
03/01/08 23:22:49 (9 months ago)
Author:
mbr
Message:

- Updated the fwknop client to always call encode_base64() with the string
to encode along with a second null-string argument to force all encoded
data to not include line breaks.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • fwknop/trunk/ChangeLog

    r1021 r1025  
    2929      support for the SHA256, SHA1, and MD5 digest changes made by the SPAPICT 
    3030      Group. 
     31    - Updated the fwknop client to always call encode_base64() with the string 
     32      to encode along with a second null-string argument to force all encoded 
     33      data to not include line breaks. 
    3134    - Bugfix in install.pl to not test for the iptable command on non-Linux 
    3235      systems, and to not test for the ipfw command on systems that are Linux. 

  • fwknop/trunk/fwknop

    r1024 r1025  
    481481    } 
    482482    print  "        Username:       $user\n" unless $quiet; 
    483     return ':' . encode_base64($user); 
     483    return ':' . encode_base64($user, ''); 
    484484} 
    485485 
     
    530530    if ($cmdline_pcap_cmd) { 
    531531        print "        Cmd:            $cmdline_pcap_cmd\n" unless $quiet; 
    532         return ':' . encode_base64("$enc_allow_ip,$cmdline_pcap_cmd"); 
     532        return ':' . encode_base64("$enc_allow_ip,$cmdline_pcap_cmd", ''); 
    533533 
    534534    } 
     
    540540    print "        Access:         $enc_allow_ip,$access_str\n" 
    541541        unless $quiet; 
    542     return ':' . encode_base64("$enc_allow_ip,$access_str"); 
     542    return ':' . encode_base64("$enc_allow_ip,$access_str", ''); 
    543543} 
    544544 
     
    557557            print "\n"; 
    558558        } 
    559         return ':' . encode_base64("crypt,$server_auth_crypt_pw"); 
     559        return ':' . encode_base64("crypt,$server_auth_crypt_pw", ''); 
    560560    } 
    561561    return ''; 
     
    566566        print "        Forward access: $forward_access_str\n" 
    567567            unless $quiet; 
    568         return ':' . encode_base64($forward_access_str); 
     568        return ':' . encode_base64($forward_access_str, ''); 
    569569    } 
    570570    return ''; 
     
    683683    } 
    684684 
    685     my $encoded_msg = encode_base64($ctext); 
    686  
    687     $encoded_msg =~ s/=*$//; 
    688     $encoded_msg =~ s/\n//g; 
     685    my $encoded_msg = encode_base64($ctext, ''); 
    689686 
    690687    print "[+] Encrypted message: $encoded_msg\n" if $debug; 
     
    697694    my $cipher = Crypt::CBC->new( 
    698695        { 
    699             'key'             => $enc_key, 
    700             'cipher'          => $enc_alg 
     696            'key'    => $enc_key, 
     697            'cipher' => $enc_alg 
    701698        } 
    702699    ); 
    703     my $encoded_msg = encode_base64($cipher->encrypt($msg)); 
    704  
    705     ### remove trailing "==" (the decrypt function will put 
    706     ### them back before attempting to decrypt)... this is to 
    707     ### make it more difficult for an IDS to detect fwknop 
    708     ### traffic 
    709     $encoded_msg =~ s/=*$//; 
    710     $encoded_msg =~ s/\n//g; 
     700    my $encoded_msg = encode_base64($cipher->encrypt($msg), ''); 
    711701 
    712702    print "[+] Encrypted message: $encoded_msg\n" if $debug;