Hi,
as vtun 3.x uses a new encryption module, vtun 2.6 clients
fails to connect to a v3.x server.
For 3.x clients that connects to a 2.6 server, there is a fall-back
solution, but not for 2.6 clients to a 3.x server.
Attached is a patch that allows 2.6 clients to connect to a 3.2 server.
Use oldblowfish128ecb as encryption method.
Kind regards,
Ingo Flaschberger
diff -u vtun-3.0.2_org/auth.c vtun-3.0.2/auth.c
--- vtun-3.0.2_org/auth.c 2008-01-07 23:35:18.000000000 +0100
+++ vtun-3.0.2/auth.c 2009-04-23 16:52:45.000000000 +0200
@@ -169,8 +169,13 @@
if( host->flags & VTUN_KEEP_ALIVE )
*(ptr++) = 'K';
- if( host->flags & VTUN_ENCRYPT )
- ptr += sprintf(ptr,"E%d", host->cipher);
+ if( host->flags & VTUN_ENCRYPT ) {
+ if (host->cipher == VTUN_LEGACY_ENCRYPT) { /* use old flag method */
+ ptr += sprintf(ptr,"E");
+ } else {
+ ptr += sprintf(ptr,"E%d", host->cipher);
+ }
+ }
strcat(ptr,">");
diff -u vtun-3.0.2_org/cfg_file.y vtun-3.0.2/cfg_file.y
--- vtun-3.0.2_org/cfg_file.y 2008-01-07 23:35:22.000000000 +0100
+++ vtun-3.0.2/cfg_file.y 2009-04-23 15:03:56.000000000 +0200
@@ -569,6 +569,11 @@
llist_free(&h->down, free_cmd, NULL);
free_addr(h);
+
+ /* releases only host struct instances which were
+ * allocated in the case of K_HOST except default_host */
+ if( h->passwd )
+ free(h);
return 0;
}
diff -u vtun-3.0.2_org/cfg_kwords.h vtun-3.0.2/cfg_kwords.h
--- vtun-3.0.2_org/cfg_kwords.h 2008-01-07 23:35:26.000000000 +0100
+++ vtun-3.0.2/cfg_kwords.h 2009-04-23 16:44:45.000000000 +0200
@@ -82,6 +82,7 @@
{ "inetd", VTUN_INETD },
{ "stand", VTUN_STAND_ALONE },
{ "keep", VTUN_PERSIST_KEEPIF },
+ { "oldblowfish128ecb", VTUN_LEGACY_ENCRYPT },
{ "blowfish128ecb", VTUN_ENC_BF128ECB },
{ "blowfish128cbc", VTUN_ENC_BF128CBC },
{ "blowfish128cfb", VTUN_ENC_BF128CFB },
diff -u vtun-3.0.2_org/vtund.conf vtun-3.0.2/vtund.conf
--- vtun-3.0.2_org/vtund.conf 2008-01-07 23:36:05.000000000 +0100
+++ vtun-3.0.2/vtund.conf 2009-04-23 16:55:02.000000000 +0200
@@ -133,22 +133,24 @@
# -----------
# encrypt - Enable 'yes' or disable 'no' encryption.
# It is also possible to specify a method:
-# 'blowfish128ecb' - Blowfish cipher, 128 bit key, mode ECB
-# 'blowfish128cbc' - Blowfish cipher, 128 bit key, mode CBC
-# 'blowfish128cfb' - Blowfish cipher, 128 bit key, mode CFB
-# 'blowfish128ofb' - Blowfish cipher, 128 bit key, mode OFB
-# 'blowfish256ecb' - Blowfish cipher, 256 bit key, mode ECB
-# 'blowfish256cbc' - Blowfish cipher, 256 bit key, mode CBC
-# 'blowfish256cfb' - Blowfish cipher, 256 bit key, mode CFB
-# 'blowfish256ofb' - Blowfish cipher, 256 bit key, mode OFB
-# 'aes128ecb' - AES cipher, 128 bit key, mode ECB
-# 'aes128cbc' - AES cipher, 128 bit key, mode CBC
-# 'aes128cfb' - AES cipher, 128 bit key, mode CFB
-# 'aes128ofb' - AES cipher, 128 bit key, mode OFB
-# 'aes256ecb' - AES cipher, 256 bit key, mode ECB
-# 'aes256cbc' - AES cipher, 256 bit key, mode CBC
-# 'aes256cfb' - AES cipher, 256 bit key, mode CFB
-# 'aes256ofb' - AES cipher, 256 bit key, mode OFB
+# 'oldblowfish128ecb' - Blowfish chiper, 128bit key, mode ECB
+# for use with 2.6 clients
+# 'blowfish128ecb' - Blowfish cipher, 128 bit key, mode ECB
+# 'blowfish128cbc' - Blowfish cipher, 128 bit key, mode CBC
+# 'blowfish128cfb' - Blowfish cipher, 128 bit key, mode CFB
+# 'blowfish128ofb' - Blowfish cipher, 128 bit key, mode OFB
+# 'blowfish256ecb' - Blowfish cipher, 256 bit key, mode ECB
+# 'blowfish256cbc' - Blowfish cipher, 256 bit key, mode CBC
+# 'blowfish256cfb' - Blowfish cipher, 256 bit key, mode CFB
+# 'blowfish256ofb' - Blowfish cipher, 256 bit key, mode OFB
+# 'aes128ecb' - AES cipher, 128 bit key, mode ECB
+# 'aes128cbc' - AES cipher, 128 bit key, mode CBC
+# 'aes128cfb' - AES cipher, 128 bit key, mode CFB
+# 'aes128ofb' - AES cipher, 128 bit key, mode OFB
+# 'aes256ecb' - AES cipher, 256 bit key, mode ECB
+# 'aes256cbc' - AES cipher, 256 bit key, mode CBC
+# 'aes256cfb' - AES cipher, 256 bit key, mode CFB
+# 'aes256ofb' - AES cipher, 256 bit key, mode OFB
# Default method is 'blowfish128ecb'.
# Ignored by the client.
#
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensign option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
VTun-devel mailing list
VTun-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/vtun-devel