Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Dec 28, 2014
  1. Franck Joncourt
Commits on Dec 6, 2014
Commits on Dec 5, 2014
Commits on Dec 4, 2014
  1. [server] add AFL support for fuzzing SPA Rijndael decryption routine …

    …directly with --afl-pkt-file
Commits on Dec 1, 2014
Commits on Nov 29, 2014
  1. DigitalDJ
Commits on Nov 26, 2014
Commits on Nov 15, 2014
Commits on Nov 14, 2014
Commits on Nov 2, 2014
Commits on Oct 29, 2014
  1. add fcs_spa.pcap to

Commits on Oct 25, 2014
Commits on Oct 22, 2014
Commits on Oct 21, 2014
  1. [test suite] UDP server command execution tests, run configure arg re…

    …compile tests after gcov profiling stuff
Commits on Oct 20, 2014
  1. [test suite] added configure args test with UDP server test for fwkno…

    …pd not linking against libpcap
Commits on Oct 10, 2014
Commits on Oct 7, 2014
Commits on Sep 7, 2014
  1. Franck Joncourt

    Both the fwknop client and server have their own test suites tied to …

    fjoncourt authored
    and fwknopd_utests binaries.
    When profil coverage is enbaled, lcov filee are parsed by and added
    to the main profil coverage report in the output directory.
    Running make from the main directory build the c-unit test suites if enabled.
Commits on Jul 28, 2014
Commits on Jul 25, 2014
  1. [client] Updated IP resolution mode -R to use SSL

    External IP resolution via '-R' (or '--resolve-ip-http') is now done via SSL by
    default. The IP resolution URL is now '';,
    and a warning is generated in '-R' mode whenever a non-HTTPS URL is specified
    (it is safer just to use the default). The fwknop client leverages 'wget' for
    this operation since that is cleaner than having fwknop link against an SSL
Commits on Jul 19, 2014
  1. fixed README paths

Commits on Jul 12, 2014
Commits on Jul 8, 2014
Commits on Jul 5, 2014
Commits on Jul 4, 2014
Commits on Jul 3, 2014
Commits on Jun 30, 2014
  1. [server] Require sig ID's or fingerprints when sigs are validated

    When validating access.conf stanzas make sure that one of
    GPG_REMOTE_ID or GPG_FINGERPRINT_ID is specified whenever GnuPG
    signatures are to be verified for incoming SPA packets. Signature
    verification is the default, and can only be disabled with
    GPG_DISABLE_SIG but this is NOT recommended.
  2. [server] add access.conf variable GPG_FINGERPRINT_ID

    Add a new GPG_FINGERPRINT_ID variable to the access.conf file
    so that full GnuPG fingerprints can be required for incoming SPA packets
    in addition to the appreviated GnuPG signatures listed in GPG_REMOTE_ID.
    From the test suite, an example fingerprint is
    GPG_FINGERPRINT_ID            00CC95F05BC146B6AC4038C9E36F443C6A3FAD56
Commits on Jun 25, 2014
Commits on May 22, 2014
Something went wrong with that request. Please try again.