Hi Mike,

> fwknop-2.0.3 has been released:

Thanks very much for your good work on this code, and to the others who contributed to its robustness.  Also, the tutorial is much appreciated.  It is a fine piece of work.

I installed fwknop-2.0.3 on a FreeBSD 8.3 box and encountered a couple of what I'm guessing are minor problems during testing.

Running "./test-fwknop.pl --enable-recompile" produced the complaint:

   [*] ../lib/.libs directory does not exist. at ./test-fwknop.pl line 3249.

It appears that simply creating that directory is all that is needed.

The test suite produced failures in the "fortify source functions" and "read-only relocations" tests, output of which is below.  Any hints on what caused this?


[build security] [client] fortify source functions..................fail (5)
[build security] [client] read-only relocations.....................fail (6)
[build security] [server] fortify source functions..................fail (11)
[build security] [server] read-only relocations.....................fail (12)
[build security] [libfko] fortify source functions..................fail (16)
[build security] [libfko] read-only relocations.....................fail (17)


[+] TEST: [build security] [client] fortify source functions
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../client/.libs/fwknop
../client/.libs/fwknop:
 Position Independent Executable: yes
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with line:  Fortify Source functions: no, not found!

[+] TEST: [build security] [client] read-only relocations
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../client/.libs/fwknop
../client/.libs/fwknop:
 Position Independent Executable: yes
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with line:  Read-only relocations: no, not found!

[+] TEST: [build security] [server] fortify source functions
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../server/.libs/fwknopd
../server/.libs/fwknopd:
 Position Independent Executable: yes
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with line:  Fortify Source functions: no, not found!

[+] TEST: [build security] [server] read-only relocations
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../server/.libs/fwknopd
../server/.libs/fwknopd:
 Position Independent Executable: yes
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with line:  Read-only relocations: no, not found!

[+] TEST: [build security] [libfko] fortify source functions
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../lib/.libs/libfko.so
../lib/.libs/libfko.so:
 Position Independent Executable: no, regular shared library (ignored)
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with line:  Fortify Source functions: no, not found!

[+] TEST: [build security] [libfko] read-only relocations
Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../lib/.libs/libfko.so
../lib/.libs/libfko.so:
 Position Independent Executable: no, regular shared library (ignored)
 Stack protected: yes
 Stack protected: yes
 Fortify Source functions: no, not found!
 Read-only relocations: no, not found!
 Immediate binding: yes
[.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with line:  Read-only relocations: no, not found!

best regards,
mark