Software Release - fwknop-0.9.7
04 August, 2006
The 0.9.7 release of fwknop is ready for download. Here is the ChangeLog:- Added fwknop_serv to function as minimal TCP server over which SPA packets can be sent. This allows SPA to be compatible with the Tor network, which requires that a virtual circuit is established before traffic can be sent.
- Updated to Crypt::CBC 2.18 after a vulnerability was discovered in previous versions of Crypt::CBC that caused weak ciphertext to be generated for algorithms that have blocksizes greater than 8 bytes (such as Rijndael used by fwknop). Manually specifying initialization vectors is not necessary now.
- Updated SSH patch to support OpenSSH-4.3p2.
- Bugfix to make sure to create /var/* directories if they don't exist (such as when /var is a tmpfs).
- Bugfix to wrap SPA Rijndael decryption with eval{} so that fwknopd does not die if there are problems trying to decrypt data. This is necessary because of the security vulnerability fix in Crypt::CBC that creates some incompatibilities in different versions of Crypt::CBC.