Windows client ask for an encryption password

[Makiro]

When running the Windows client:
fwknop-static.exe --named-config=test1 --verbose

I get:
Enter encryption password:

 

Then I hit ENTER (or type whatever), and get:

=================

   Random Value: 2610212263265631
       Username: xxxxx
      Timestamp: 1623347571
    FKO Version: 1.9.12
   Message Type: 1
 Message String: 0.0.0.0,tcp/12345
     Nat Access: <NULL>
    Server Auth: <NULL>
 Client Timeout: 0
    Digest Type: 3

   Encoded Data: 2610212263265631:ZGF2aWQ:1623347571:1.9.12:1:MC4wLjAuMCx0Y3AvMTIzNDU

SPA Data Digest: rn9CU5mQ2PVs/kL/jdzKkEf5bqal26x4bZ3ng4SGJG8

Final Packed/Encrypted/Encoded Data:

8Fy1ZCH56rvOtW9otRxoVza4aJuR8VB485OfW2USvQB7E/PneX3HZEZ5yPrA2hpOQ4YZGIMxW3lu+ailqGkLBKXV7578aQjYiCmaQlUjdLVxf+rvSIiy8CAHYL5mg1DY7G8PGHRcgNX6/nu40KKzfbZ+nrWrUw3oc

Generating SPA packet:
    protocol: udp
    port: 62201
send_spa_packet: bytes sent: 161

Note this output does not contain those 3 lines:

HMAC Type: 3 (SHA256)
Encryption Type: 1 (Rijndael)
Encryption Mode: 2 (CBC)

The server's log is not happy:
(stanza #1) Error creating fko context: Args contain invalid data: FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL

 

The configuration file is:

[default]

[test1]
SPA_SERVER                  192.168.1.2
ALLOW_IP                    source
ACCESS                      tcp/12345
KEY_BASE64                  6GigY4WRwPEOYpXOb5nfR0DTJLTT+A+LpO1gamOLwMg=
HMAC_KEY_BASE64             pCGSe3UYUJOLiuVxm6DHJCDAut7hhHx5EbYec46WCfaO8JtnSt5eXO0hqvCoGGNsb588AoSE6vz+2OjRdBOK6Q==
USE_HMAC                    Y

 

When I use the same configuration file and same command line on a Debian host, I'm not asked for a password, and the server's log show the authentication is ok.

[mutr]

The windows binary on the site is outdated and is not compatible with the newest fknopd.
I was able to compile client from sources using MSYS2 with a few changes.
Start MSYS2 MinGW x64 console and run this:

pacman -Sy mingw-w64-x86_64-gcc mingw-w64-x86_64-make mingw-w64-x86_64-libtool texinfo autoconf automake git patch libtool
git clone -b2.6.10 https://github.com/mrash/fwknop.git
cd fwknop
patch -p1 < fwknop_2.6.10_mingw.patch # see below
autoreconf
./configure --disable-server --disable-execvpe --disable-fortify-source --disable-stack-protector --with-wget=wget.exe LIBS="-lwsock32 -lws2_32" LDFLAG="-no-undefined" CFLAGS="-DWIN32 -D_WINSOCK_H"
mingw32-make.exe -j4 MAKEINFO=true

fwknop_2.6.10_mingw.patch

diff --git a/client/log_msg.h b/client/log_msg.h
index cc17716b..3dda1614 100644
--- a/client/log_msg.h
+++ b/client/log_msg.h
@@ -38,7 +38,7 @@ enum
     LOG_VERBOSITY_INFO,         /*!< Constant to define a INFO message */
     LOG_VERBOSITY_DEBUG,        /*!< Constant to define a DEBUG message */
     LOG_LAST_VERBOSITY
-} log_level_t;
+};
 
 #define LOG_DEFAULT_VERBOSITY   LOG_VERBOSITY_NORMAL    /*!< Default verbosity to use */
 
diff --git a/client/utils.c b/client/utils.c
index 718f0b6d..af1c4ef3 100644
--- a/client/utils.c
+++ b/client/utils.c
@@ -82,6 +82,7 @@ verify_file_perms_ownership(const char *file)
             */
         }
 
+#ifndef WIN32
         if((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != (S_IRUSR|S_IWUSR))
         {
             log_msg(LOG_VERBOSITY_ERROR,
@@ -103,6 +104,7 @@ verify_file_perms_ownership(const char *file)
             res = 0;
             */
         }
+#endif
     }
     else
     {
diff --git a/common/common.h b/common/common.h
index 54ef0b82..9063d40b 100644
--- a/common/common.h
+++ b/common/common.h
@@ -105,6 +105,14 @@
   #define O_EXCL		_O_EXCL
   #define S_IRUSR		_S_IREAD
   #define S_IWUSR		_S_IWRITE
+#ifndef S_ISLNK
+#   ifdef S_IFLNK
+#       define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK)
+#   else
+#       define S_ISLNK(m) 0
+#   endif
+#endif  /* !S_ISLNK */
+
   #define PATH_SEP      '\\'
   // --DSS needed for VS versions before 2010
   #ifndef __MINGW32__

[cnsn521]

多谢兄弟提供的方案，编译了大半天没通过