Commits on Jul 10, 2012
Commits on Jul 9, 2012
  1. bumped version to 2.0.1-pre1

    committed Jul 9, 2012
Commits on Jul 8, 2012
  1. Only cache replay digests for SPA packets that decrypt

    This change ensures that we only cache replay digests for those SPA packets
    that actually decrypt.  Not doing this would have allowed an attacker to
    potentially fill up digest cache space with digests for garbage packets.
    committed Jul 8, 2012
  2. Bug fix for multi-stanza key use and replay attack detection

    This commit fixes a bug where the same encryption key used for two stanzas in
    the access.conf file would result in access requests that matched the second
    stanza to always be treated as a replay attack.  This has been fixed for
    the fwknop-2.0.1 release, and was reported by Andy Rowland.  Now the fwknopd
    server computes the SHA256 digest of raw incoming payload data before
    decryption, and compares this against all previous hashes.  Previous to this
    commit, fwknopd would add a new hash to the replay digest list right after
    the first access.conf stanza match, so when SPA packet data matched the
    second access.conf stanza a matching replay digest would already be there.
    committed Jul 8, 2012
Commits on May 28, 2012
  1. gcc warning fix fox: fko_decode.c:43:17: warning: variable ‘edata_siz…

    …e’ set but not used [-Wunused-but-set-variable]
    committed May 28, 2012
Commits on Jan 15, 2012
Commits on Jan 2, 2012
  1. added --stat output to ChangeLog

    committed Jan 2, 2012
  2. removed old ChangeLog files

    committed Jan 2, 2012
  3. bumped version to 2.0

    committed Jan 2, 2012
  4. added FKO_CHECK_COMPILER_ARG_LDFLAGS_ONLY to fix ro-relocations and i…

    …mmediate binding protection compliation warnings on FreeBSD
    committed Jan 2, 2012
  5. bumped version to 2.0

    committed Jan 2, 2012
Commits on Dec 29, 2011
  1. Refactored to use a custom macro for compiler flag checks.

    Set version to 2.0 (non-release candidate).
    Minor typo fixes.
    damienstuart committed with Damien S. Stuart Dec 29, 2011
Commits on Dec 13, 2011
Commits on Dec 6, 2011
  1. added local_spa.key file

    committed Dec 6, 2011
  2. added local_spa.key file

    committed Dec 6, 2011
  3. change log doc updates

    committed Dec 6, 2011
Commits on Dec 4, 2011
Commits on Dec 3, 2011
  1. minor compile fixes for FreeBSD

    committed Dec 3, 2011