Hi all - The initial release of the new libfko pure C implementation - developed by Damien Stuart - of the fwknop SPA protocol is available here:
http://www.cipherdyne.org/fwknop/download/fwknop-c-0.62.tar.gz MD5: 560e101627d430800d01070518e2c9de GPG: http://www.cipherdyne.org/fwknop/download/fwknop-c-0.62.tar.gz.asc The libfko library allows other programs to easily implement the SPA protocol, and a new C client is bundled with fwknop-c-0.62 as well as a new perl module "FKO" that implements a perl XS extension of libfko functions. Once the fwknopd server piece is also developed, the libfko code will allow SPA to easily be extended to systems where perl is either not installed or cannot be run (due to hardware constraints such as small routers running OpenWRT). There is already extensive documentation on libfko included in the docs/ directory, and here is a PDF that is built from this: http://www.cipherdyne.org/fwknop/download/libfko.pdf fwknop-c follows the standard autoconf method of installing open source software, so just: $ ./configure --prefix=/usr && make $ su # make install The new fwknop-c client can be found at /usr/bin/fwknop once you have installed per the above, and all important options are supported similarly to the perl fwknop client. So, the familiar commands like: $ fwknop -A tcp/22 -R -D <host_or_ip> should work just the same. A few of the command line arguments have been changed in the C version, and by default the output on stdout is reduced (just use -v to change this). I've attached a file that shows the --help output from the new C client, and here is a sample of --verbose mode output: >>>>>>>>>>>>>>>>>>>> $ fwknop -A tcp/22 -R -D 127.0.0.1 -v [+] Resolved external IP (via http://www.cipherdyne.org/cgi/myip.cgi) as: 123.123.123.123 Enter encryption password: FKO Field Values: ================= Random Value: 5288636771109718 Username: mbr Timestamp: 1248673567 FKO Version: 1.9.12 Message Type: 1 Message String: 123.123.123.123,tcp/22 Nat Access: <NULL> Server Auth: <NULL> Client Timeout: 0 Digest Type: 3 Encoded Data: 5288636771109718:bWJy:1248673567:1.9.12:1:NzEuMTI3LjE1Ny41MSx0Y3AvMjI SPA Data Digest: 47z6EW+cuHGzAgHUVGfNS0y2oJOkAonVNTnQXR+edzA Final Packed/Encrypted/Encoded Data: /H40ePx3ITUj9UaCW840gqcbcv5FZT0Dh76avvaB0FQa2/wCmfQkg2KQ2d01BuO4xN4WKdMFRy4yIK31HXJ/aGL3ZgZr8UNoracaaaa1KVIqjSZNM2y0FHoY/YTMFjAyv5taaaaaa13Vyu5ff2c6XdV7pnsSaaaaDlIiaugd2jTof0S4rFrWEn [+] Generating SPA packet: protocol: udp port: 62201 [+] send_spa_packet: bytes sent: 182 >>>>>>>>>>>>>>>>>>>> Creating SPA packets with GnuPG is also supported with the new C client if you have the "gpgme" library installed too (just add the --with-gpgme argument to the configure script in this case). Coupled with this is a new -pre release of fwknop: http://www.cipherdyne.org/fwknop/download/fwknop-1.9.12-pre5.tar.gz MD5: 910e5e0195e3b749149466d4029d00f0 GPG: http://www.cipherdyne.org/fwknop/download/fwknop-1.9.12-pre5.tar.gz.asc By default, the fwknop perl code uses the FKO module if is installed (since libfko will become the standard), but will revert to using the original perl code if FKO does not exist on the system. Please email me with any thoughts, questions, or comments. Thanks, --Mike ------------------------------------------------------------------------------ _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
