Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Dec 28, 2014
  1. Franck Joncourt
Commits on Dec 6, 2014
Commits on Dec 5, 2014
Commits on Dec 4, 2014
  1. [server] add AFL support for fuzzing SPA Rijndael decryption routine …

    authored
    …directly with --afl-pkt-file
Commits on Dec 1, 2014
Commits on Nov 29, 2014
  1. DigitalDJ
Commits on Nov 26, 2014
Commits on Nov 15, 2014
Commits on Nov 14, 2014
Commits on Nov 2, 2014
Commits on Oct 29, 2014
  1. add fcs_spa.pcap to Makefile.am

    authored
Commits on Oct 25, 2014
Commits on Oct 22, 2014
Commits on Oct 21, 2014
  1. [test suite] UDP server command execution tests, run configure arg re…

    authored
    …compile tests after gcov profiling stuff
Commits on Oct 20, 2014
  1. [test suite] added configure args test with UDP server test for fwkno…

    authored
    …pd not linking against libpcap
Commits on Oct 10, 2014
Commits on Oct 7, 2014
Commits on Sep 7, 2014
  1. Franck Joncourt

    Both the fwknop client and server have their own test suites tied to …

    fjoncourt authored
    …fwknop_utests
    
    and fwknopd_utests binaries.
    
    When profil coverage is enbaled, lcov filee are parsed by test-fwknop.pl and added
    to the main profil coverage report in the output directory.
    
    Running make from the main directory build the c-unit test suites if enabled.
Commits on Jul 28, 2014
Commits on Jul 25, 2014
  1. [client] Updated IP resolution mode -R to use SSL

    authored
    External IP resolution via '-R' (or '--resolve-ip-http') is now done via SSL by
    default. The IP resolution URL is now 'https://www.cipherdyne.org/cgi-gin/myip';,
    and a warning is generated in '-R' mode whenever a non-HTTPS URL is specified
    (it is safer just to use the default). The fwknop client leverages 'wget' for
    this operation since that is cleaner than having fwknop link against an SSL
    library.
Commits on Jul 19, 2014
  1. fixed README paths

    authored
Commits on Jul 12, 2014
Commits on Jul 8, 2014
Commits on Jul 5, 2014
Commits on Jul 4, 2014
Commits on Jul 3, 2014
Commits on Jun 30, 2014
  1. [server] Require sig ID's or fingerprints when sigs are validated

    authored
    When validating access.conf stanzas make sure that one of
    GPG_REMOTE_ID or GPG_FINGERPRINT_ID is specified whenever GnuPG
    signatures are to be verified for incoming SPA packets. Signature
    verification is the default, and can only be disabled with
    GPG_DISABLE_SIG but this is NOT recommended.
  2. [server] add access.conf variable GPG_FINGERPRINT_ID

    authored
    Add a new GPG_FINGERPRINT_ID variable to the access.conf file
    so that full GnuPG fingerprints can be required for incoming SPA packets
    in addition to the appreviated GnuPG signatures listed in GPG_REMOTE_ID.
    From the test suite, an example fingerprint is
    
    GPG_FINGERPRINT_ID            00CC95F05BC146B6AC4038C9E36F443C6A3FAD56
Commits on Jun 25, 2014
Commits on May 22, 2014
Something went wrong with that request. Please try again.