* Issue 1065
* feat: Allow to configure a custom value for time drift between client/server for authentication
The use case is to support scenarios where it's not possible to enforce sync between client and server times.
* enh: drift redefined with skew
Co-authored-by: Francesco Marino <francesco.marino@cybaze.it>
On a 32-bit PowerPC Linux system using musl libc (with 64-bit time_t),
the t_auth test fails because `long` is not the same type as `time_t`.
This patch uses an int64_t temporary value, which can be truncated to
32-bit if necessary.
* fix: Fix memory leaks related to --logfile.
* fix: Fix memory leaks related to loading RSA keys.
* fix: Fix some memory leaks in failure cases in the iperf3 client.
Fixes#1023.
This condition was only possible when configuration authentication
via the libiperf API.
While here, also fix a few other sundry issues:
* Remove arbitrary length limits on username and password.
* Improved error handling.
* Updated error messages for readability.
* Fixed minor typo in some identifiers.
Fixes#996.
The base64 decode will crash on musl c-library builds for OpenWRT
due to the write of the '\0' past the end of the allocated buffer.
Fix other various memory leaks on the authentication code paths.
Fix some memory-free library calls into OpenSSL.
Based heavily on PR #881 originally submitted by @acmay,
with comments from @ralcini.
Add an optional mode that requires clients to authenticate with the server.
In this mode, clients need to provide a username and a password, which are checked against a password file on the server. The authentication credentials are protected by an RSA public keypair...the encrypted credentials are sent along with the test parameters.
Operationally the use of this feature places the following additional requirements on the build and installation of iperf3:
o The presence of the OpenSSL headers and libraries to build iperf3, and the libraries available on the client and server at runtime.
o Generation of an RSA public keypair; the private part is used by the server and the public part must be distributed to the clients.
o Username/password pairs for all authorized users, to be stored in a file on the server.
o Loose time synchronization between the server and clients (to within approximately 30 seconds).
o Appropriate command-line flags given on the client and server.
Note that iperf3 can be built and run as before, without fulfilling any of these requirements.
Partial documentation for this feature is included in this commit. It is anticipated that additional documentation text and editing will follow this merge.
Submitted by @ralcini. First suggested by @codyhanson in pull request #242.
