buyback for bz3467/bug1685781 - Ingo's patch to enable old encryption
for older clients to newer servers.
This commit is contained in:
mtbishop
parent
eb0ff6139a
commit
d13873edb8
11
auth.c
11
auth.c
@ -17,7 +17,7 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id: auth.c,v 1.9.2.3 2008/01/07 22:35:18 mtbishop Exp $
|
||||
* $Id: auth.c,v 1.9.2.4 2009/04/24 09:15:33 mtbishop Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -169,8 +169,13 @@ char *bf2cf(struct vtun_host *host)
|
||||
if( host->flags & VTUN_KEEP_ALIVE )
|
||||
*(ptr++) = 'K';
|
||||
|
||||
if( host->flags & VTUN_ENCRYPT )
|
||||
ptr += sprintf(ptr,"E%d", host->cipher);
|
||||
if( host->flags & VTUN_ENCRYPT ) {
|
||||
if (host->cipher == VTUN_LEGACY_ENCRYPT) { /* use old flag method */
|
||||
ptr += sprintf(ptr,"E");
|
||||
} else {
|
||||
ptr += sprintf(ptr,"E%d", host->cipher);
|
||||
}
|
||||
}
|
||||
|
||||
strcat(ptr,">");
|
||||
|
||||
|
||||
@ -17,7 +17,7 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id: cfg_kwords.h,v 1.6.2.3 2009/03/29 10:08:41 mtbishop Exp $
|
||||
* $Id: cfg_kwords.h,v 1.6.2.4 2009/04/24 09:15:35 mtbishop Exp $
|
||||
*/
|
||||
|
||||
extern int lineno;
|
||||
@ -86,6 +86,7 @@ struct kword cfg_param[] = {
|
||||
{ "inetd", VTUN_INETD },
|
||||
{ "stand", VTUN_STAND_ALONE },
|
||||
{ "keep", VTUN_PERSIST_KEEPIF },
|
||||
{ "oldblowfish128ecb", VTUN_LEGACY_ENCRYPT },
|
||||
{ "blowfish128ecb", VTUN_ENC_BF128ECB },
|
||||
{ "blowfish128cbc", VTUN_ENC_BF128CBC },
|
||||
{ "blowfish128cfb", VTUN_ENC_BF128CFB },
|
||||
|
||||
41
vtund.conf
41
vtund.conf
@ -6,7 +6,7 @@
|
||||
# Ted Rolle <ted@acacia.datacomm.com>
|
||||
#
|
||||
# Configuration file example
|
||||
# $Id: vtund.conf,v 1.4.2.3 2009/03/29 10:09:05 mtbishop Exp $
|
||||
# $Id: vtund.conf,v 1.4.2.4 2009/04/24 09:15:38 mtbishop Exp $
|
||||
#
|
||||
#
|
||||
# Lines which begin with '#' are comments
|
||||
@ -135,7 +135,7 @@
|
||||
#
|
||||
# -----------
|
||||
# compress - Enable 'yes' or disable 'no' compression.
|
||||
# It is also possible to specify method:
|
||||
# It is also possible to specify a method:
|
||||
# 'zlib' - ZLIB compression
|
||||
# 'lzo' - LZO compression
|
||||
# and level:
|
||||
@ -146,22 +146,27 @@
|
||||
# -----------
|
||||
# encrypt - Enable 'yes' or disable 'no' encryption.
|
||||
# It is also possible to specify a method:
|
||||
# 'blowfish128ecb' - Blowfish cipher, 128 bit key, mode ECB
|
||||
# 'blowfish128cbc' - Blowfish cipher, 128 bit key, mode CBC
|
||||
# 'blowfish128cfb' - Blowfish cipher, 128 bit key, mode CFB
|
||||
# 'blowfish128ofb' - Blowfish cipher, 128 bit key, mode OFB
|
||||
# 'blowfish256ecb' - Blowfish cipher, 256 bit key, mode ECB
|
||||
# 'blowfish256cbc' - Blowfish cipher, 256 bit key, mode CBC
|
||||
# 'blowfish256cfb' - Blowfish cipher, 256 bit key, mode CFB
|
||||
# 'blowfish256ofb' - Blowfish cipher, 256 bit key, mode OFB
|
||||
# 'aes128ecb' - AES cipher, 128 bit key, mode ECB
|
||||
# 'aes128cbc' - AES cipher, 128 bit key, mode CBC
|
||||
# 'aes128cfb' - AES cipher, 128 bit key, mode CFB
|
||||
# 'aes128ofb' - AES cipher, 128 bit key, mode OFB
|
||||
# 'aes256ecb' - AES cipher, 256 bit key, mode ECB
|
||||
# 'aes256cbc' - AES cipher, 256 bit key, mode CBC
|
||||
# 'aes256cfb' - AES cipher, 256 bit key, mode CFB
|
||||
# 'aes256ofb' - AES cipher, 256 bit key, mode OFB
|
||||
# 'blowfish128ecb' - Blowfish cipher, 128 bit key, mode ECB
|
||||
# 'blowfish128cbc' - Blowfish cipher, 128 bit key, mode CBC
|
||||
# 'blowfish128cfb' - Blowfish cipher, 128 bit key, mode CFB
|
||||
# 'blowfish128ofb' - Blowfish cipher, 128 bit key, mode OFB
|
||||
# 'blowfish256ecb' - Blowfish cipher, 256 bit key, mode ECB
|
||||
# 'blowfish256cbc' - Blowfish cipher, 256 bit key, mode CBC
|
||||
# 'blowfish256cfb' - Blowfish cipher, 256 bit key, mode CFB
|
||||
# 'blowfish256ofb' - Blowfish cipher, 256 bit key, mode OFB
|
||||
# 'aes128ecb' - AES cipher, 128 bit key, mode ECB
|
||||
# 'aes128cbc' - AES cipher, 128 bit key, mode CBC
|
||||
# 'aes128cfb' - AES cipher, 128 bit key, mode CFB
|
||||
# 'aes128ofb' - AES cipher, 128 bit key, mode OFB
|
||||
# 'aes256ecb' - AES cipher, 256 bit key, mode ECB
|
||||
# 'aes256cbc' - AES cipher, 256 bit key, mode CBC
|
||||
# 'aes256cfb' - AES cipher, 256 bit key, mode CFB
|
||||
# 'aes256ofb' - AES cipher, 256 bit key, mode OFB
|
||||
#
|
||||
# A special encryption method is provided for use with clients
|
||||
# running pre-3.0 versions:
|
||||
# 'oldblowfish128ecb' - Blowfish cipher, 128bit key, mode ECB
|
||||
#
|
||||
# Default method is 'blowfish128ecb'.
|
||||
# Ignored by the client.
|
||||
#
|
||||
|
||||
55
vtund.conf.5
55
vtund.conf.5
@ -1,5 +1,5 @@
|
||||
.\" Manual page for vtund.conf
|
||||
.\" $Id: vtund.conf.5,v 1.4.2.2 2009/03/29 10:09:08 mtbishop Exp $
|
||||
.\" $Id: vtund.conf.5,v 1.4.2.3 2009/04/24 09:15:41 mtbishop Exp $
|
||||
.TH VTUND.CONF 5
|
||||
|
||||
.SH NAME
|
||||
@ -176,7 +176,7 @@ during compilation (configure --disable-nathack).
|
||||
Connect timeout.
|
||||
|
||||
.IP \fBcompress\ \fImethod\fR[\fB:\fIlevel\fR]
|
||||
specifies compression method to use. Compression \fImethod\fRs includes:
|
||||
specifies compression method to use. Compression \fImethod\fRs include:
|
||||
.RS
|
||||
.IP \fBno\fR
|
||||
no compression
|
||||
@ -190,9 +190,54 @@ LZO compression (if compiled in)
|
||||
.IP
|
||||
You can also specify \fIlevel\fR of compression using one
|
||||
digit (1 is best speed, 9 is best compression ratio).
|
||||
This option ignored by the client.
|
||||
.IP \fBencrypt\ \fByes\fR|\fBno\fR
|
||||
enable or disable encryption. This option ignored by the client.
|
||||
This option is ignored by the client.
|
||||
|
||||
.IP \fBencrypt\ \fImethod\fR[\fB:\fIlevel\fR]
|
||||
specifies encryption method to use. Encryption \fImethod\fRs include:
|
||||
.RS
|
||||
.IP \fBno\fR
|
||||
no encryption
|
||||
.IP \fByes\fR
|
||||
default encryption method (\fBblowfish128ecb\fR)
|
||||
.IP \fBblowfish128ecb\fR
|
||||
Blowfish cipher, 128 bit key, mode ECB
|
||||
.IP \fBblowfish128cbc\fR
|
||||
Blowfish cipher, 128 bit key, mode CBC
|
||||
.IP \fBblowfish128cfb\fR
|
||||
Blowfish cipher, 128 bit key, mode CFB
|
||||
.IP \fBblowfish128ofb\fR
|
||||
Blowfish cipher, 128 bit key, mode OFB
|
||||
.IP \fBblowfish256ecb\fR
|
||||
Blowfish cipher, 256 bit key, mode ECB
|
||||
.IP \fBblowfish256cbc\fR
|
||||
Blowfish cipher, 256 bit key, mode CBC
|
||||
.IP \fBblowfish256cfb\fR
|
||||
Blowfish cipher, 256 bit key, mode CFB
|
||||
.IP \fBblowfish256ofb\fR
|
||||
Blowfish cipher, 256 bit key, mode OFB
|
||||
.IP \fBaes128ecb\fR
|
||||
.IP \fBoldblowfish128ecb\fR
|
||||
Blowfish cipher, 128bit key, mode ECB
|
||||
(for use with 2.6 clients only)
|
||||
AES cipher, 128 bit key, mode ECB
|
||||
.IP \fBaes128cbc\fR
|
||||
AES cipher, 128 bit key, mode CBC
|
||||
.IP \fBaes128cfb\fR
|
||||
AES cipher, 128 bit key, mode CFB
|
||||
.IP \fBaes128ofb\fR
|
||||
AES cipher, 128 bit key, mode OFB
|
||||
.IP \fBaes256ecb\fR
|
||||
AES cipher, 256 bit key, mode ECB
|
||||
.IP \fBaes256cbc\fR
|
||||
AES cipher, 256 bit key, mode CBC
|
||||
.IP \fBaes256cfb\fR
|
||||
AES cipher, 256 bit key, mode CFB
|
||||
.IP \fBaes256ofb\fR
|
||||
AES cipher, 256 bit key, mode OFB
|
||||
.RE
|
||||
.IP
|
||||
This option is ignored by the client.
|
||||
|
||||
.IP \fBkeepalive\ \fByes\fR|\fBno\fR
|
||||
enable or disable connection keep-alive.
|
||||
This option is ignored by the client.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user