libnaw was begun to authenticate the network connections of software that does not support proper authentication on its own. But the end result is more than that -- it's a global, modular authentication method. In preloadable form, it wraps the connect() and accept() library calls, matching the ip address and port information with that in its configuration. Matching hosts may have rules in place, accepting or rejecting connections, and modular functions may be executed for superb flexibility. Modules may perform any actions, from logging to X.509 certificate-based authentication. They may also communicate with each other through a built-in API.
Currently, preloadable functionality is fully implemented, along with a simple programmer API. An option to link directly with precompiled object files will come shortly. There aren't very many modules at the moment (X.509 authentication, logging, and sample modules), but more are on their way. Download the code, put it to the test, and submit bug reports when it doesn't work as desired.
View the documentation included with the current release:
View the list of frequently asked questions
Join the libnaw mailing list by sending an e-mail to
libnaw-subscribe@list.episec.com.