Skip to content
Commits on Jul 15, 2012
  1. @damienstuart
  2. @damienstuart
Commits on Jul 14, 2012
  1. @damienstuart
  2. @damienstuart
  3. @damienstuart
Commits on Jul 13, 2012
  1. [test suite] Bug fix to account for libfko.dylib extension

    committed Jul 12, 2012
    Richard Haas reported the test suite failing on Mac OS X systems with the
    existence check for the libfko library.  Damien Stuart advised that the library
    has a different extention '.dylib' on Mac OS X, so this change accounts for the
Commits on Jul 10, 2012
  1. bumped version to 2.0.1-pre2

    committed Jul 9, 2012
  2. added valgrind parsing note

    committed Jul 9, 2012
Commits on Jul 9, 2012
  1. bumped version to 2.0.1-pre1

    committed Jul 9, 2012
Commits on Jul 8, 2012
  1. Only cache replay digests for SPA packets that decrypt

    committed Jul 8, 2012
    This change ensures that we only cache replay digests for those SPA packets
    that actually decrypt.  Not doing this would have allowed an attacker to
    potentially fill up digest cache space with digests for garbage packets.
  2. Bug fix for multi-stanza key use and replay attack detection

    committed Jul 7, 2012
    This commit fixes a bug where the same encryption key used for two stanzas in
    the access.conf file would result in access requests that matched the second
    stanza to always be treated as a replay attack.  This has been fixed for
    the fwknop-2.0.1 release, and was reported by Andy Rowland.  Now the fwknopd
    server computes the SHA256 digest of raw incoming payload data before
    decryption, and compares this against all previous hashes.  Previous to this
    commit, fwknopd would add a new hash to the replay digest list right after
    the first access.conf stanza match, so when SPA packet data matched the
    second access.conf stanza a matching replay digest would already be there.
Commits on May 28, 2012
  1. gcc warning fix fox: fko_decode.c:43:17: warning: variable ‘edata_siz…

    committed May 28, 2012
    …e’ set but not used [-Wunused-but-set-variable]
Commits on Jan 15, 2012
Commits on Jan 2, 2012
  1. added --stat output to ChangeLog

    committed Jan 2, 2012
  2. removed old ChangeLog files

    committed Jan 2, 2012
  3. bumped version to 2.0

    committed Jan 2, 2012
  4. added FKO_CHECK_COMPILER_ARG_LDFLAGS_ONLY to fix ro-relocations and i…

    committed Jan 2, 2012
    …mmediate binding protection compliation warnings on FreeBSD
  5. bumped version to 2.0

    committed Jan 2, 2012
Commits on Dec 29, 2011
  1. @damienstuart

    Refactored to use a custom macro for compiler flag checks.

    damienstuart committed with Damien S. Stuart Dec 29, 2011
    Set version to 2.0 (non-release candidate).
    Minor typo fixes.
Commits on Dec 13, 2011
Something went wrong with that request. Please try again.