I have not performed a code review, but am familiar with the software. I am extremely uncomfortable promoting this to main as is because of the 'encryption' support. http://www.cs.auckland.ac.nz/~pgut001/pubs/linux_vpn.txt has a good summary. IMO if this were to be considered for main, we should completely disable/remove the 'encryption' support, as well as remove references to it in the documentation. I realize it has legitimate use cases for pure (ie unencrypted) tunneling, but if we upload it as is, it's easy to imagine someone saying 'oh, hey, it has encryption. let's use it!' This needs to be avoided.
A much better solution would be to have upstream use proper, modern tunneling software like openvpn. It can use preshared keys (among other things) to make initial setup easier (which will allow for security- concsious users to adjust as needed) and upstream can 'upgrade' to proper TLS down the road. -- MIR for vtun https://bugs.launchpad.net/bugs/412059 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to vtun in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
