20060830-005 Release of GlowWorm FW Lite v1.0.11
Mostly new interface features and kernel extension improvements. -cj
20060830-004 Provide English Description of "Don't Remember" Option
Provide an English description of what will happen, when answering an authorization
dialog when the "Don't remember" option is selected. -cj [Suggested by Jeremy
Jones]
20060830-003 Modify Authorization Dialog "Remember..." Text
Capitalized the "Remember..." phrases by getting rid of the "Allow or deny..."
title to the box enclosing the radio buttons, and placing "Remember" in front of
each option. Changed the "just this once" option to "Don't Remember". Consequently,
was able to shrink (vertically) the authorization dialog window a little bit. -cj
[Suggested by Jeremy Jones]
20060830-002 Add Rule Match Count in Rules Window
Added a "rule match count" text field at the top-right of the rules window, which
shows the total number of times all of the rules in the current rule set have
matched on an event. -cj
20060830-001 Add Service Name Support in Rules Window
Added a preference item to enable/disable service name (as opposed to port number)
support in the rules window. -cj
20060826-003 Make Text Fields in Authorization Dialog Selectable
Made the text fields in the authorization selectable, so that one can copy-and-paste
the values. -cj [Suggested by Jeremy Jones]
20060826-002 Add Explicit Check for Kernel Extension Load Success
Added an explicit check to ensure that the kernel extension load succeeded. -cj
20060826-001 Display Registration Code Window Does Funky Resizing
When trying to resize the Display Registration Code window, it would immediately
jump to a very narrow width because the minimum dimensions were set to something
less than the current dimensions ... which is odd. Fixed. -cj
20060825-006 Release of GlowWorm FW Lite v1.0.10 r2
Emergency fixed of a stupid bug that prevented pretty much everyone's registration
codes from verifying properly. -cj
20060825-005 Registration Verification Fails
I managed to do the 1.0.10 release with a bug that only allowed registration codes
with a single "special" character in it to work - how cool is that? Anyway, fixed
that bug and quickly uploaded the new release. -cj
20060825-004 Release of GlowWorm FW Lite v1.0.10
Because of the severity of the bugs, I'm releasing this build early. The reverse
dns support seems to be working well, despite limited testing. -cj
20060825-003 Does not Properly Support non-ASCII Characters in Registration Information
Added (better) support for non-ascii characters in the registration XML. I still
need to take the additional step of adding UTF-8 support. -cj
20060825-002 Does not Properly Create Directories on Install
Who knows how long this bug has been haunting me. When performing an initial
install, it did not create the ~/Library/Application Support/GlowWorm FW Lite/
directory before trying to create the RegCodes directory within that (nonexistent)
directory. Fixed. -cj
20060825-001 Verify Successful Load of All Saved Rule Lists
Instead of blindly assuming that the rule lists are successfully loaded, verify
that the plist parse succeeded and if it did not, alert the user and quit. -cj
20060824-011 Improve Error Messages in Download Form
If one of the required fields was left blank, the resulting page was mal-formed
because it lacked the "body" of the html. Fixed for all of the possible error
messages. -cj
20060824-010 Make CAPTCHA Image More Readable
After several complaints, I modified the settings of the captcha program so that it
would draw the letters on top of the lines. It improved the readability quite a bit.
If people still complain, I can either have it draw fewer lines or draw no lines at
all. -cj
20060824-009 Release of GlowWorm FW Lite v1.0.10 d1
After adding reverse dns support, incremented the version number and released the
"beta" for testing. -cj
20060824-008 Enabled 'Reverse DNS' Preference Item
Enabled the checkbox in the Preferences window to enable/disable reverse dns
support. -cj
20060824-007 Geocoding Overwrites Displayed Values in Race Condition
If the authorization dialog is present, and another event occurs which requires
authorization, the possibility exists that the results from the second geocode will
over-write the values displayed for the current authorization alert. Fixed. -cj
20060824-006 Add Support for Reverse DNS in Authorization Alert
Added support for reverse dns in the authorization dialog. The dns request is
performed by a thread dedicated to the task, so the display and functionality of an
authorization alert should not be hurt by a slow or un-responsive dns server. I had
to shrink the text size in order to fit the reverse dns name into the top of the
authorization alert. -cj
20060824-005 Port Number Sheet Not Updating
If you changed the port number for a rule and click "Cancel", when you again tried
to change the port number for that same rule, the values you typed in previously
were still there. Fixed. -cj [Reported by Jeremy Jones]
20060824-004 Add 'Email Confirm' Field to Registration Form
Given the number of typos I found, amongst email addresses, I added a 'confirm'
field for email. Hopefully this will cut down on some of it. -cj
20060824-003 Release of GlowWorm FW Lite v1.0.9
Fixed a few noticeable bugs and usability issues. -cj
20060824-002 Reduce the Number of Password Requests
People were complaining about the number of times that their password was being
requested. It was needed on startup to load the kernel extension and on quit to
unload the kernel extension. A preference item now exists that allows the kernel
extension to remain loaded on quit. Additionally, the permissions of the pid2pathd
file are verified before they are repaired, so that we do not request the password
for that purpose, unnecessarily, either. -cj
20060824-001 Really Fix Thread Synchronization Issue
The thread synchronization issue that I thought I fixed (20060821-002) was not
really fixed, and now it is. I think. -cj
20060822-003 Redefine "too short" for the Registration Server
Some people seem to type in a single initial for either their first or last name,
so I redefined for the registration server what "too short" meant for a value. Now
they can type in those single initials. -cj
20060822-002 Find memory Leaks in Registration Server (bignum)
Found and fixed a memory leak in the bignum library, in the bignum_pow() function.
Fixed. -cj
20060822-001 Find Memory Leaks in Registration Server
There is at least one memory leak in the registration server. I found and fixed
one, so now we'll see if there were in fact two or more. -cj
20060821-012 Added to HyperJeff
HyperJeff?? Yeah. I thought the same thing. GlowWorm is now listed in their index.
They don't really have individual pages dedicated to each program. The main web
site is here: http://osx.hyperjeff.net/Apps/apps.php
20060821-011 Added to Softpedia
I had not previously heard of Softpedia, so it is fortuitous that they found me;
or GlowWorm, anyway. The url is:
http://mac.softpedia.com/get/Security/GlowWorm-FW-Lite.shtml Added the award image
to the About page, with a link back to Softpedia.
20060821-010 Add Link to TPN Hosting
Added link to TPN Hosting for "graciously providing web hosting for GlowWorm". -cj
20060821-009 Remove Document Related Menu Items from the File Menu
Removed the document related menu items (Open, New, Open Recent, etc.) from the
File menu, since this is not a document based application. -cj [Suggested by Jeremy
Jones]
20060821-008 Add Link for "Free Registration Code" to Serial Window
Some of the download sites I'm finding wanting to direct-link to the file, or even
host the file themselves - thus a user might end up with the software without having
seen the registration page. I added a sentence to the Serial Window, which is the
first thing a new user will see, which instructs the user on how to get a free
registration code. -cj
20060821-007 Added to Freshmeat
I had previously submitted GlowWorm FW Lite v1.0.7 to Freshmeat. The url is:
http://freshmeat.net/projects/glowworm/ -cj
20060821-006 Added to MacUpdate
I had previously submitted GlowWorm FW Lite v1.0.7 to MacUpdate. They quickly added
it. The url is: http://www.macupdate.com/info.php/id/22548 -cj
20060821-005 Added to VersionTracker
I submitted GlowWorm FW Lite v1.0.8 to VersionTracker, and they quickly added it.
The url is: http://www.versiontracker.com/dyn/moreinfo/macosx/30653 -cj
20060821-004 Release of GlowWorm FW Lite v1.0.8
New release fixes endianness issue on Intel and a thread synchronization issue. -cj
20060821-003 Registration Code Validation Fails on Intel
Previously, the sha2-512 code which required endian-specific operations, was
decided at compile time via an #ifdef. That was fine until I switched to a
universal binary, where compilation for both architectures happens at the same time.
I replaced the #ifdef with an if-statement that verified endianness and acted
accordingly. -cj [Reported by Heribert Watzke]
20060821-002 Second Connection is Sometimes Ignored
When an application rapidly opens two connections, both of which require
authorization, the second request was sometimes ignored in the sense that the
authorization dialog never appeared - although the sound would play. This was a
synchronization issue and is now fixed. -cj
20060821-001 Release of GlowWorm FW Lite v1.0.7
First public release. All of the testing feedback so far had uncovered very few
bugs and almost entirely just good interface suggestions. I'll be implementing them
over the next week or two. -cj
20060819-007 Prototype Interface for Application Info Panel
The application info panel will show process information plus information for each
socket connection and a means of accessing the connection history for that
application.
20060819-006 Prototype Interface for Application Monitor
The application monitor window will show each application that has (or had) one or
more socket connections open. It is iChat-Buddy-List-like. Additional information
for a given application and its individual socket connections will be available in
a panel. Basic information for the sum of the sockets for a given application
(data rate TX/RX, total TX/RX, etc.) will be visible in this window.
20060819-005 Switch "No Email" Checkbox Value
When creating the XML for the registration server when the user submits the
registration form, the "bequiet" checkbox value was being inverted. Fixed. -cj
20060819-004 Fix 'Registration Server Not Responding' Error Message in Registration Form
The HTML displayed if the registration server could not be reached, when a person
submits a registration form, was all messed up. Fixed. -cj
20060819-003 Add 'Expiration' and 'Version' to Registration Record
Added the 'expire' and 'version' columns to the registration table. Also added the
'expire' element to the registration xml - which might be useful for controlling
beta testing registration codes. -cj
20060819-002 Personalize Registration Email
Added the registrant's name, email and serial number to the registration email,
along with links to the main web page and the support page. -cj
20060819-001 Add Explanation for Password to the Registration Form
Added an explanation as to what the 'password' field is for, in the registration
form. -cj [Reported by Paul Jones]
20060818-006 Version Number in Splash Screen is Gibberish
I was printing the version number as a C string instead of an NSString. Whoops. -cj
[Reported by Paul Jones]
20060818-005 Add Default .Mac Rules
Added a set of .Mac rules to the default "System" rule set so that .Mac sync'ing
can occur without any authorization dialogs. -cj
20060818-004 Add Registration Code Questions to Support Page
Added two registration code related questions to the support page, describing, in
brief, what it is and how it works. -cj
20060818-003 Programmatically set Splash Screen Version Info
The splash screen version info is now pulled from the bundle's plist file. -cj
20060818-002 Release of GlowWorm FW Lite v1.0.6
Needed to increment version number due to changes in kernel extension. -cj
20060818-001 Escape all Strings Before Performing SQL Statement
All input from an external source (ie, the web site form) is now escaped before
becoming part of a sql statement. I can sleep better at night, now. -cj
20060817-011 More Pid-to-Path Mayhem
I realized that even if I copied the trailing \0 onto the buffer, inside getopt(),
in the kernel extension, that if I indicated a return length that did not include
that \0, that it was not actually copied back to the user space. I just added a
call to bzero() for the buffer, in user space, before calling getopt(). -cj
20060817-010 Update Website with new Screenshots, Content
Replaced all of the dated (all of them) screen shots, plus added a bunch more to
fill in the blanks found in the Support page. Also, filled in the answers to the
various support questions. -cj
20060817-010 Some Windows do not Resize Properly
Several windows did not re-size properly; that is, the elements within the window
did not know how to react to a change in the window size. Fixed all of the issues
that I could find. -cj
20060817-009 Kernel Supplied Pid-to-Path Comes with Extra Garbage
Sometimes the kernel supplied pid-to-path paths come with an extra character or two
on the end of the path. This was due to the lack of a terminating \0. It has been
added. -cj
20060817-008 Resolve Symlinks During Rule Evaluation
The pid-to-path paths can sometimes include symlinks, and rules, in general, do not.
Thus, the two paths might be referring to the same executable, albeit indirectly.
Resolve symlinks in the pid-to-path path when performing rule evalution. -cj
20060817-007 Update Random Serial Number Generator
A unique, random serial number is created for each registration code. Updated the
test format to the real format, which is xxxx-xxxx-xxxx-xxxx. -cj
20060817-006 Release of GlowWorm FW Lite v1.0.5
Needed to increment version number due to changes in kernel extension. -cj
20060817-005 De-Register Event Handlers with Kernel Extension on Workspace Resign
It is not generally a good idea to have GlowWorm running and active when the user
who is running it does not have the active session. That is, if the user starts GW
and then switches to the Login Window or to another user, we should de-register all
event listeners with the kernel extension. The reasoning is this: first, the user
who is running GW is the user who is interested in network security, and if such a
user has multi-user enabled, he really doesn't care about security. Further, if
another user performs an action which is evaluated by GW to "Ask", there is no way
for that user to answer the authorization request. And the security-conscience user
who started GW wouldn't want him to be able to, either. GlowWorm now listens for
two workspace events: NSWorkspaceSessionDidBecomeActiveNotification and
NSWorkspaceSessionDidResignActiveNotification. Upon receiving the "resign active"
notification, we de-register our event handlers, and upon receiving "become action",
we re-register those event handlers. -cj
20060817-004 Enable "Quit" Button on Registration Code Install Window
The "Quit" button was no connected to anything. It is now. -cj
20060817-003 Fix Permissions on pid2pathd File on Start
While I was repairing the permissions of pid2pathd on start by setting the sticky
bit and changing the owner to root, I was not also setting the executable bit. -cj
20060817-002 Fix Kauth Pid-to-Path Code
Something changed in 10.4.7 that made my VNODE scope kauth listener cease to
function properly. In particular, while the vp->v_name (for a vnode_t) used to
always be populated, it no longer is. I changed the listening scope to FILEOP, which
is definitely more appropriate for my needs. -cj
20060817-001 Add Support for Customizable Features in Kernel Extension via Registration Code
Added support in the kernel for customizing the available feature set, based on a
registration code. The user app sends the registration code (first thing) to the
kernel extension, which authenticates the signature and activates whatever features
the registration code specifies. -cj
20060815-004 Expand Receive Capabilities of Kernel Control Code in Kext
Expand the receive capabilities of the kernel control code in the kext, such that
it can handle post-head data for "data" and "regc" events. In the case of the
former, the client will eventually be sending backing altered packet data to be
injected into a socket stream; and in the case of the latter, the registration code
will be sent for verification purposes, and to enable functionality within the
kernel extension. I've got things stubbed out. -cj
20060815-003 Add CAPTCHA Support to Registration Web Form
Added captcha support (securimage) to the registration web from, so that we only
get human-submitted registration requests ... hopefully. -cj
20060815-002 Fix Endianess Issues
While testing the registration server under Linux on Intel hardware and the user
app under OS X on PowerPC hardware, I found endianess issues, mostly pertaining to
bignum and sha2. Fixed. Additionally, removed a bunch of unnecessary print
statements. -cj
20060815-001 Finish User Interface f or Registration Installation
Added a splash screen and got the various user interface elements working that allow
the user to install a new registration code on startup. Additionally, the splash
screen indicates the progress of GW as it starts up.
20060814-002 Store and Retrieve Registration Codes
When a registration code is installed, it is saved to disk. When the application
starts up the next time, it reads that registration code in, verifies it, and
populates the various registration windows - the installation window with the raw
registration code, and the display window with the associated xml. -cj
20060814-001 Get Signature Verification in App Working
Got the application parsing a registration code, pulling out the two signature
values and the message, base64-decoding everything, computing the hash on the xml
and verifying the signature against the hash. -cj
20060812-001 Remove boolean_t Type
Removed my boolean_t type from all of the code, because it was far more hassle than
it was worth ... what with conflicting with ot her definitions of boolean types. -cj
20060811-006 Add User Interface for Registration Installation
Continued work on creating a graphical interface for performing registration code
installation. -cj
20060811-005 Create Registration Result Web Pages
Created registration result web pages, to be seen after a user submits the form for
a registration code ... instead of embedding the html in the registration client,
which is just a little bit ugly. No dynamic content this way, however. Oh well. -cj
20060811-004 Create makefiles for regd/regc for compilation under linux
Created makefiles (since there is no Xcode - or even close) for Linux for compiling
the registration server and cgi client, under Linux. -cj
20060811-003 Get Registration Client Working
Worked through the various bugs and got the registration client working via Apache,
parsing the query string, sending the form input to the registration server and
subsequently returning a result page to the http user agent. -cj
20060811-002 Get Registration Server Working
Worked through the rest of the bugs and got the multi-threaded registration server
working well with Postgres, sending email and everything else. -cj
20060811-001 Update Database and Separate Account from Registration
Revised the database to reflect that a given account (email address) can have
multiple registration codes associated with it. -cj
20060810-001 Create registration server
Got the registration server reading input from my test-cgi program, parsing the
input, creating a new db record, notifying a worker thread, locking the record,
generating a signature, sending the email and updating the record accordingly.
20060807-001 Memory bug in Bignum
Found and fixed a memory bug in Bignum, where a successful result of growing the
capacity of the bignum instance, was not verified. Caused the potential for a write
beyond the end of the array, which was very infrequent, but not a good thing when it
did happen. -cj
20060802-005 Create registration server
Created a registration server. It will take (indirectly) registration submissions
from the web site, generate registration codes, store the information in the
database and email the registration code to the registrant. Got it compiling and
running. Still got bugs to work out. -cj
20060802-004 Add a string class
Added a string class to the framework. Written in C. Basic string level operations
are supported. It still needs to do substring and such. -cj
20060802-003 Add a base-64 encode/decode library
Added code to the framework for performing base-64 encoding and decoding. -cj
20060802-002 Improve method for finding random-k for elgamal signatures
Improved the method for finding a random-k when generating elgamal signatures.
Specifically, the code loops until it finds a k that is relatively prime to
p - 1. -cj
20060802-001 Add sign-ed-ness support to bignum
Generating and verifying elgamal signatures requires supporting negative numbers.
Added fairly basic support for representing negative numbers, as well as performing
operations on them. There are still some missing pieces, but it works for my
purposes, so far. -cj
20060725-004 Add logo to application as icon
Removed the name from the logo and scaled to 16x16, 32x32, 48x48 and 128x128, and
dumped into a new icon and added to the project. I have an icon!
20060725-003 Add logo to web site
Having received the final version of the logo from The Logo Company, added it to the
web site. -cj
20060725-002 Release of GlowWorm FW Lite v1.0.4
Needed to increment version number due to changes in kernel extension. -cj
20060725-001 Find alternate pid-to-path method
The current pid-to-path method fell short; it only returned the path as it was
passed as the first argument to exec(). Thus, in the case of the Finder launching
an application, this was acceptable. In the case of cron or a user in Terminal,
the path was likely to be ambiguous (ie, 'telnet'). Found an alternate method to
cover these instances; implemented it in the kernel. Likely, I will move the
pidToPathDaemon functionality into the kernel as well, and just let it all reside
there. -cj
20060721-003 Unix processes are not matching manually added rules
Clicking the plus (+) button to add a new rule, and selecting a unix program, such
as '/usr/bin/telnet' adds the new rule, but it will not match for most 'telnet'
events, because the path-to-executable is just the value passed as the first
argument to the executable, which in most circumstances is just going to be
'telnet' (with no absolute path). -cj
20060721-002 Clicking on the application column of the Rules table causes an exception
Probably due to my custom cell for the application column, clicking (just once) on
the column causes a message to be sent to the setObjectValue method in the data
source. The 'anObject' passed along is nil. This causes an exception. For the time
being I just added a check for nil in setObjectValue. -cj
20060721-001 Add modpow() functionality to bignum library
Applied Cryptography (Bruce Shneier) has a simple algorithm for doing binary modular
exponentiation, which is the basis for my modpow() implementation. With any luck,
this is the last thing I'll need to implement for ElGamal signatures. -cj
20060720-008 Add application name to English rule description for "until quit"
The rule description now starts with "Remember until Safari quits that...". This
makes the application name stated twice in the sentence, but oh well.
20060720-007 Add application name, dynamically, to the "until quit" radio button
Added the application name to the title of the "until quit" radio button in the
authorization dialog, so that instead of reading "until the application quits",
it might read, "until Safari quits". Slightly more understandable.
20060720-006 Install default "quit" rule set
Although it is blank, the install code now copies the "quit.plist" file as
necessary.
20060720-005 Make "until quit" feature work the way it ought to work
In my ignorance, I was thinking that "until quit" would mean "until GlowWorm
quits", like, "I want to add some temporary rules that'll auto-expire when I quit.
Not what everyone else expected. Changed the code (and it only required very
minimal changes) such that such rules are only in effect during the lifetime of the
target application. After the application quits, the next time that rule is
evaluated for that same application (as a different process id), the rule is
expired and removed from the list.
20060720-004 Add interface for customizing details when remembering an authorization
Based on my own testing, and feedback from The One Other Tester, it became obvious
that assuming that all details (application, address, port) of a given event should
be used when remembering an Allow/Deny action, was naive. Added an interface to
the Details section of the authorization dialog window that allows one to customize
which of those three details are included in the remembered rule (if remembering).
Besides the three checkboxes is a plain English description of what the rule will
allow/deny if it is accepted as-is. -cj
20060720-003 Add default "main" rule for Mali to access any port 995 host
Added a new default "main" rule for Mail to access any host on port 995, which is
pop3s. -cj
20060720-002 Add default "main" rule for Mail to access any port 143 host
Added a new default "main" rule for Mail to access any host on port 143, which is
imap. -cj
20060720-001 Add default "main" rule for Mail to access any port 80 host
Added a new default "main" rule for Mail to access any host on port 80. This is for
"html email". A privacy-conscience user can easily un-check or delete the rule. -cj
20060719-016 Make obvious the double-click-to-edit nature of the Rules table
Added a faint text block above the Rules table that says to double-click on a value
to edit it. I think that's the best I can do for the time being. No other ideas are
coming to mind. -cj
20060719-015 Disable the dashboardadvisord auto-deny rule
If I'm hoping that Apple will list this program amongst the pile of other third
party software, I was thinking that I probably shouldn't auto-deny this. I left
the rule present, however, but un-checked. A user could easily re-check it. And
its mere presence might be sufficient to get people wondering. -cj
20060719-014 Add default "main" rule for Software Update to access Akamai
The Akamai IP address allocation range is from 81.52.133.0 - 81.52.134.63, and I
do not believe that my subnet mask feature is sophisticated enough to be able to
handle this exactly. Instead, I added a rule that'll at least restrict it to the
first two octets, plus the high five (5) bits of the third octet. I hope that the
additional range this allows for isn't occupied by l33t h4k3rs from Russia. -cj
20060719-013 Add Help menu items for visiting web site
Added Help menu items, "Visit Website", "Online FAQ" and "Send Feedback". Added
code to open the appropriate URLs in the default web browser. -cj
20060719-012 Release of GlowWorm FW Lite v1.0.3
Needed to increment version number due to changes in kernel extension. -cj
20060719-011 Send SIGTERM signal to pid2pathd when application is terminating
From the applicationShouldTerminate method, the SIGTERM signal is sent to the
pid2pathd process so that it'll hopefully die off promptly. -cj
20060719-010 Add default "main" rule for iTunes
Added a default rule to the "Main" Rule Set to allow iTunes to connect to any
port 80 server. iTunes creates nearly sixty (60) socket connections while loading
the iTunes Music Store. It's too much of a pain to figure out which (if any) of
those connections are unnecessary connections pertaining to the sending of personal
data. Some other time. -cj
20060719-009 Added handler for SIGCHLD signals (for pid2pathd)
The application needs to know when the pid2pathd process terminates (possibly due
to some error). Added a SIGCHLD handler so that we can be notified when (the only)
child process changes state. Calls waitpid() to let the process be reaped. Need to
add code to re-start the pid2pathd if we are not trying to quit, and also need to
limit the speed at which pid2pathd can be re-spawned. -cj
20060719-008 Added handler for SIGBUS signals
Found that if the application terminates due to a SIGBUS signal, that it stays
zombie-ed forever. Because the process did not terminate normally, the kernel
control connection still exists, which makes it impossible for the kernel
extension to unload. Added a handler for the SIGBUS signal which causes the
application to cleanly disconnect from the kernel extension and exit. -cj
20060719-007 Add threod to perform geocoding operation
The geocoding operation is subject to extreme delays, and just given the fact that
it is not instantaneous even when it is performing well, it still causes a rather
noticeable delay in the drawing of the authorization dialog window. Added a thread
to performing the geocoding operation. It is woken up when a new event is added to
the list of events which require user authorization, by a second call to sem_post().
There's probably a better way to do that, but I'll figure that out later. For each
event in the authorization list, it performs the geocode, and updates the dialog
if the dialog is still showing the event for which it geocoded. -cj
20060719-006 Add application icon to Application column in rules table
Display the applicable icon for each rule in the Rule table, from the application
bundle. When the application is a unix executable that is not associated with an
application bundle, then use the Terminal icon. It looks pretty generic. When an
icon is not available for an application, use the generic application icon. -cj
20060719-005 Replace polling for pid2pathd response with select()
The largest performance bottleneck came from the half-second sleep() that was
performed while doing a non-blocking wait for a response from pid2pathd. Replaced
this with a call to select(). Amazing performance increase. Superficially not
possible to see a performance difference in a network application when running with
GW and when not. -cj
20060719-004 Add service name along side port number in authorization dialog
Added a call to getservbyport() in the showNextAuthEvent method, which appends the
applicable service name to the dialog text, if such a service name exists. -cj
20060719-003 Add authorization processing thread to controller
Changed procRule in the controller to only add a new ConnEvent to the auth list,
and not actually decide whether to display the authorization dialog. Added a thread
and a processing loop, sleeping on a semaphore, which is notified when a new event
is added to the authorization list. That thread will then display the authorization
dialog window as necessary. With this change, the thread that runs in the GlowWorm
fmwk will be able to return to processing events sitting in the receive queue,
much faster. -cj
20060719-002 Geocode remote endpoint address when authorization connection
Added a "Location" NSTextField to the "details" are of the authorization dialog.
Added a check box to the preferences window, allowing the user to enable or disable
geocoding. Added the Geocode and GeocodeEntry classes, the former of which provides
the method for performing geocoding, as well as an NSDictionary based caching
machanism. A timeout of 5 seconds is imposed upon the http request. Added a rule to
the system rules, allowing any application to contact api.hostip.info on port 80.
If this rule is not present, and a geocoding operation is performed, a deadlock
state can occur. -cj
20060719-001 Fix error in kernel extension gw_eh_remove()
Although it had not yet caused a problem, because I had never had multiple kernel
control connections, simultaneously, the gw_eh_remove() function would
indiscriminately OSFree() handlers, while only removing the correct one(s) from the
global eh_list. That would have seriously been a pain to track down. Fixed. Will
have to increment the version number at some point. -cj
20060718-001 Add rule for /usr/sbin/lookupd on 127.0.0.1:1033
Despite my best efforts, I neglected to change the lookupd system rule in the master
copy of the rule sets, from port 53 to port 1033. Fixed. Neglecting this one
particular rule can result in all manner of system crashedness. -cj
20060717-006 Kernel extension GlowWormSocket locking issue
At one point, it seemed like a good idea to release the lock on the GlowWormSocket
when sleeping on authorization. I was being stupid. What can happen (and did
happen) is that that same GlowWormSocket instance can be released when detach() is
called, and when the GlowWormSocket thread that was sleeping, wakes up, it is
looking at a bone fide piece of invalid memory. So, I fixed that. Now, when detach
is called, it also calls wakeup() on the relevant GlowWormSocket, and then waits on
an exclusive mutex lock, which it can only get after the sleeping thread wakes up,
and returns from the function, having released the read-only lock. -cj
20060717-005 Re-process authorization events before displaying them
If a single application (ie, Safari) tries to create a series of identical
connections, each of which process to an "Ask", whereby causing an authorization
dialog to be displayed, the user might possibly indicate that the decision he
makes should be remembered (ie, remember forever, until quit, until reboot), then
we should not show the user identical events. To accomplish this, the code which
displays the authorization dialog (or advances to the next authorization event),
GlowWormController:showNextAuthEvent, re-processes the event through the rules,
and if a match is found, and the action is Allow or Deny, then it is carried out
accordingly, and then it moves on to the next event. -cj
20060717-004 Include default with application, and install if missing
A default rule set for "Main", "System" and "Reboot" is now packaged with the
application, and the installation process for the kext has been completely
re-written, and now also includes the installation of these default rule sets. The
default "Main" rules mostly include common applications (Safari, Mail, iCal, etc.),
the default "System" rules are mostly utilities necessary for the system to run
normally, and the default "Reboot" rule set is empty. -cj
20060717-003 Resolve full path to executable from bundle name
When a user modifies the application for a rule by selecting a bundle (such as a
.app), only the path up to the Whatever.app was being stored. This was in contrast
to the behavior if one were to browse within the bundle, and select a specific
executable. Now, when a bundle is selected, the "/Contents/MacOS/" directory is
searched for an executable by the same name as the bundle (less the .app, of
course), and that full path to an executable is stored, and the executable name is
displayed. -cj
20061717-002 Add periodic save
A flag, mLastChangeSaved, is set in GlowWormController, each time an event is
matched against a rule, because matching an event against a rule causes the "count"
for that rule to be updated. If the application subsequently crashes, and the user
has not performed any other actions that would have caused the rule table to be
saved, then that count is lost. A loop, sleeping for 5 minutes at a time, checks
to see if this flag is set, saves the rule tables, and then un-sets the flag. -cj
20060717-001 Add system rule set and system-neccesary default rules
There are many system utilities that are necessary for basic operation, and several
in fact that are run when the machine makes up, which if disallowed, will cause the
machine not to function properly. I added a "System" rule table, and included those
system utilities that were run on wake, plus some others that are generally helpful.
The user can always modify these to his liking, but at least the default settings
will allow the machine to work. -cj
20060715-009 Release of GlowWorm FW Lite v1.0.2
Needed to increment version number due to changes in kernel extension. -cj
20060715-008 Cache pidToPath result for a given ConnEvent
During the course of processing a single ConnEvent, the pidToPath code was being
called at least four times. Given that each such call involved a messages being sent
to the pid2pathd daemon, a wait, reading the response, and so forth, this needed to
be fixed. Now, the result is cached in the ConnEvent, and the user application is
using the method GlowWorm::pidToPathWithConn:(ConnEvent *), and the path is cached
in the ConnEvent.
20060715-007 Play the "tink" sound when a connection event occurs
A very fast "tink" sound is played by GlowWormController::procEventConnAuth() upon
receiving an event. This way there is an audible clue as to how many events are
being processed ... even if those events are all automatically handled by the
current rule set. People might find this annoying. It should be moved to a
preference window, but, unfortunately, no such window exists. -cj
20060715-006 Play "pop" on authorization event received
Previously, the "pop" sound was played when the authorization dialog appeared,
instead of when the authorization event original occurred. I moved the code to the
rule-handling code, so that as soon as the rule handling code determines that an
authorization dialog needs to be displayed, it will play the sound. -cj
20060715-005 Catch signals in user application
Added code to catch SIGINT and SIGTERM in the application, so that we can cleanly
quit - save rules, unload the kext, terminate pid2pathd, etc. - instead of just
dying. Also added code such that subsequent signals would cause an immediate call
to exit(-1), instead. -cj
20060715-004 Terminate pid2pathd process when quitting application
Added code to GlowWorm::stop() to send SIGTERM to the pid2pathd process. I believe
that it will already automatically die when the application process terminates, but
just in case there is some reason for calling start() and stop() on GlowWorm in
the midst of operation - like to reset things or something - then, this is
necessary. -cj
20060715-003 Repair pid2pathd permissions
Added code to GlowWormController:actionInstall() to chown and chmod the pid2pathd
resource to "root" and "+s". At some point I need to revise the code to first check
the owner and permissions and only run chown/chmod if it is actually necessary.
Presently, it simply runs every time the application is launched. -cj
20060715-002 Run pid-to-path translation as root
Some alert messages appear with a process name of because the sysctl()
call used to resolve a pid into a name will only function for processes that belong
to the user making the call ... unless of course that user is root. I did not want
to run the entire application setuid-root, and repeated calls to a simple unix
executable to do the pid-to-path resolution incurred a lot of over-head, so I
instead put the code into a daemon which listens on a unix domain socket. I added
code to the GlowWorm framework for launching the daemon and connecting. All of the
rest of the code remained the same, because I simply modified "pidToPath:" to make
the call to the p2pd process instead of sysctl()'ing itself. -cj
20060715-001 Kernel extension unload issue
After loading and unloading the kernel extension many, many times, I found that the
call to sflt_unregister() never made it to its gw_sflt_unregister() callback, and
therefore the kernel extension would never unload. I added code to check to see if
this call to glowworm_stop() was in fact a subsequent call, and if the call to
sflt_unregister() had already been made, then it now simply returns KERN_SUCCESS.
The only casualty is that any memory that had not already been OSFree()'ed would
be leaked. But the kernel extension *will* unload. -cj
20060714-002 Release of GlowWorm FW Lite v1.0.1
Needed to increment version number so that I could distribute a build which would
automatically upgrade the installed kernel extension. -cj
20060714-001 Kernel extension unload issue
If the user application crashed (and therefore did not call
kextunload, and if there were any pending authorizations, those kernel threads that
were sleeping on authorization would not immediately wake up and return because the
gw_ctl_disconnect() function was not telling them to wake up. Also, a check was
added to gw_flt_connect_in() and gw_flt_connect_out() in the sleep loop, to make
sure that the kctl associated with the auth_handler on which it was sleeping, is
always TRUE, because gw_ctl_disconnect() sets that to FALSE before waking the
threads. -cj
20060713-001 Kernel extension unload issue
When unloading the kext (via quitting the app) while an authorization request is
still pending, the kext freaks out. Specifically, the call to sflt_unregister()
happened before the loop which would wake up any sleeping threads, and since the
socket filter won't unregister until all of its threads are no longer executing, it
simply didn't do anything. But at the same time, the system would be hosed, and it
would no longer be possible to make any socket connections, or to even simply
shutdown the computer. I re-arranged the stop() process such that all threads were
woken up first, then we sleep for a couple of seconds, then we try to get the
exclusive execution lock and then we call sflt_unregister(). It is likely that the
two second sleep is unnecessary as long as I wait on the execution lock. Maybe. But
it lets me sleep better at night this way. -cj [Reported by Denis Bueno]
20060712-001 Release of GlowWorm FW Lite v1.0.0
Released. Sent to father and a friend. Brave souls. Friend gave up easily. Father
persisted in testing. -cj
|
