DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

minor ChangeLog updates

Browse Source
This commit is contained in:
Michael Rash 2012-10-19 22:11:27 -04:00
parent 54297086ba
commit 95001b7da8
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ChangeLog
View File

@ -10,7 +10,7 @@ fwknop-2.0.4 (09/20/2012):
under SPA message type validity test. Support for command exec mode was under SPA message type validity test. Support for command exec mode was
also added to the test suite. also added to the test suite.
- (Vlad Glagolev) Submitted an OpenBSD port for fwknop-2.0.3, and this has - (Vlad Glagolev) Submitted an OpenBSD port for fwknop-2.0.3, and this has
been checked in under extras/openbsd/. been checked in under the extras/openbsd/ directory.
- [server] Bug fix to allow GPG_ALLOW_NO_PW to result in not also having - [server] Bug fix to allow GPG_ALLOW_NO_PW to result in not also having
to specify a Rijndael key. to specify a Rijndael key.
- [client] Added '-P udpraw' to allow the client to send SPA packets over - [client] Added '-P udpraw' to allow the client to send SPA packets over
@ -19,17 +19,25 @@ fwknop-2.0.4 (09/20/2012):
source IP. source IP.
- [libfko] Added validation of NAT access strings in the various NAT - [libfko] Added validation of NAT access strings in the various NAT
modes. modes.
- [libfko] Restricted usernames embedded in SPA packets to be
alpha-numeric along with "-" chars.
- [server] Bug fix to accept SPA packets over ICMP if the fwknop client - [server] Bug fix to accept SPA packets over ICMP if the fwknop client
is executed with '-P icmp' and the user has the required privileges. is executed with '-P icmp' and the user has the required privileges.
- Applied patch from Franck Joncourt to have the perl FKO module link - [test suite] Applied patch from Franck Joncourt to have the perl FKO
against libfko in the local directory (if it exists) so that it doesn't module link against libfko in the local directory (if it exists) so that
have to have libfko completely installed in /usr/lib/. This allows the it doesn't have to have libfko completely installed in the /usr/lib/
test suite to run FKO tests without installing libfko. directory. This allows the test suite to run FKO tests without
installing libfko.
- [test suite] Significant update to include a set of fuzzing SPA packets
that are built using a patched version of libfko. These packets are
located in the test/fuzzing/bogus_spa_packets file, and are designed to
ensure proper validation of SPA packet data. This validation is
performed in --enable-perl-module-checks mode via the perl FKO module.
- [client] Added --icmp-type and --icmp-code arguments so the user can - [client] Added --icmp-type and --icmp-code arguments so the user can
control the icmp type/code combination for spoofed SPA packets ('-P control the icmp type/code combination for spoofed SPA packets ('-P
icmp') mode. icmp') mode.
- [client] Updated default TTL value to 64 for spoofed SPA packets. This - [client] Updated default TTL value to 64 for spoofed SPA packets. This
closer to more OS default TTL values than the previous 255. is closer to more OS default TTL values than the previous 255.
fwknop-2.0.3 (09/03/2012): fwknop-2.0.3 (09/03/2012):
- [server] Fernando Arnaboldi from IOActive found several DoS/code - [server] Fernando Arnaboldi from IOActive found several DoS/code