motiejus
/
vtun
1
Fork 0
Code Releases Activity

buyback for bz3467/bug1685781 - Ingo's patch to enable old encryption 

for older clients to newer servers.
This commit is contained in:
mtbishop 2009-04-24 09:15:33 +00:00
parent eb0ff6139a
commit d13873edb8
4 changed files with 83 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
auth.c
View File

@ -17,7 +17,7 @@
*/ */
/* /*
* $Id: auth.c,v 1.9.2.3 2008/01/07 22:35:18 mtbishop Exp $ * $Id: auth.c,v 1.9.2.4 2009/04/24 09:15:33 mtbishop Exp $
*/ */
/* /*
@ -169,8 +169,13 @@ char *bf2cf(struct vtun_host *host)
if( host->flags & VTUN_KEEP_ALIVE ) if( host->flags & VTUN_KEEP_ALIVE )
*(ptr++) = 'K'; *(ptr++) = 'K';
if( host->flags & VTUN_ENCRYPT ) if( host->flags & VTUN_ENCRYPT ) {
if (host->cipher == VTUN_LEGACY_ENCRYPT) { /* use old flag method */
ptr += sprintf(ptr,"E");
} else {
ptr += sprintf(ptr,"E%d", host->cipher); ptr += sprintf(ptr,"E%d", host->cipher);
}
}
strcat(ptr,">"); strcat(ptr,">");

3
cfg_kwords.h
View File

@ -17,7 +17,7 @@
*/ */
/* /*
* $Id: cfg_kwords.h,v 1.6.2.3 2009/03/29 10:08:41 mtbishop Exp $ * $Id: cfg_kwords.h,v 1.6.2.4 2009/04/24 09:15:35 mtbishop Exp $
*/ */
extern int lineno; extern int lineno;
@ -86,6 +86,7 @@ struct kword cfg_param[] = {
{ "inetd", VTUN_INETD }, { "inetd", VTUN_INETD },
{ "stand", VTUN_STAND_ALONE }, { "stand", VTUN_STAND_ALONE },
{ "keep", VTUN_PERSIST_KEEPIF }, { "keep", VTUN_PERSIST_KEEPIF },
{ "oldblowfish128ecb", VTUN_LEGACY_ENCRYPT },
{ "blowfish128ecb", VTUN_ENC_BF128ECB }, { "blowfish128ecb", VTUN_ENC_BF128ECB },
{ "blowfish128cbc", VTUN_ENC_BF128CBC }, { "blowfish128cbc", VTUN_ENC_BF128CBC },
{ "blowfish128cfb", VTUN_ENC_BF128CFB }, { "blowfish128cfb", VTUN_ENC_BF128CFB },

9
vtund.conf
View File

@ -6,7 +6,7 @@
# Ted Rolle <ted@acacia.datacomm.com> # Ted Rolle <ted@acacia.datacomm.com>
# #
# Configuration file example # Configuration file example
# $Id: vtund.conf,v 1.4.2.3 2009/03/29 10:09:05 mtbishop Exp $ # $Id: vtund.conf,v 1.4.2.4 2009/04/24 09:15:38 mtbishop Exp $
# #
# #
# Lines which begin with '#' are comments # Lines which begin with '#' are comments
@ -135,7 +135,7 @@
# #
# ----------- # -----------
# compress - Enable 'yes' or disable 'no' compression. # compress - Enable 'yes' or disable 'no' compression.
# It is also possible to specify method: # It is also possible to specify a method:
# 'zlib' - ZLIB compression # 'zlib' - ZLIB compression
# 'lzo' - LZO compression # 'lzo' - LZO compression
# and level: # and level:
@ -162,6 +162,11 @@
# 'aes256cbc' - AES cipher, 256 bit key, mode CBC # 'aes256cbc' - AES cipher, 256 bit key, mode CBC
# 'aes256cfb' - AES cipher, 256 bit key, mode CFB # 'aes256cfb' - AES cipher, 256 bit key, mode CFB
# 'aes256ofb' - AES cipher, 256 bit key, mode OFB # 'aes256ofb' - AES cipher, 256 bit key, mode OFB
#
# A special encryption method is provided for use with clients
# running pre-3.0 versions:
# 'oldblowfish128ecb' - Blowfish cipher, 128bit key, mode ECB
#
# Default method is 'blowfish128ecb'. # Default method is 'blowfish128ecb'.
# Ignored by the client. # Ignored by the client.
# #

55
vtund.conf.5
View File

@ -1,5 +1,5 @@
.\" Manual page for vtund.conf .\" Manual page for vtund.conf
.\" $Id: vtund.conf.5,v 1.4.2.2 2009/03/29 10:09:08 mtbishop Exp $ .\" $Id: vtund.conf.5,v 1.4.2.3 2009/04/24 09:15:41 mtbishop Exp $
.TH VTUND.CONF 5 .TH VTUND.CONF 5
.SH NAME .SH NAME
@ -176,7 +176,7 @@ during compilation (configure --disable-nathack).
Connect timeout. Connect timeout.
.IP \fBcompress\ \fImethod\fR[\fB:\fIlevel\fR] .IP \fBcompress\ \fImethod\fR[\fB:\fIlevel\fR]
specifies compression method to use. Compression \fImethod\fRs includes: specifies compression method to use. Compression \fImethod\fRs include:
.RS .RS
.IP \fBno\fR .IP \fBno\fR
no compression no compression
@ -190,9 +190,54 @@ LZO compression (if compiled in)
.IP .IP
You can also specify \fIlevel\fR of compression using one You can also specify \fIlevel\fR of compression using one
digit (1 is best speed, 9 is best compression ratio). digit (1 is best speed, 9 is best compression ratio).
This option ignored by the client. This option is ignored by the client.
.IP \fBencrypt\ \fByes\fR|\fBno\fR
enable or disable encryption. This option ignored by the client. .IP \fBencrypt\ \fImethod\fR[\fB:\fIlevel\fR]
specifies encryption method to use. Encryption \fImethod\fRs include:
.RS
.IP \fBno\fR
no encryption
.IP \fByes\fR
default encryption method (\fBblowfish128ecb\fR)
.IP \fBblowfish128ecb\fR
Blowfish cipher, 128 bit key, mode ECB
.IP \fBblowfish128cbc\fR
Blowfish cipher, 128 bit key, mode CBC
.IP \fBblowfish128cfb\fR
Blowfish cipher, 128 bit key, mode CFB
.IP \fBblowfish128ofb\fR
Blowfish cipher, 128 bit key, mode OFB
.IP \fBblowfish256ecb\fR
Blowfish cipher, 256 bit key, mode ECB
.IP \fBblowfish256cbc\fR
Blowfish cipher, 256 bit key, mode CBC
.IP \fBblowfish256cfb\fR
Blowfish cipher, 256 bit key, mode CFB
.IP \fBblowfish256ofb\fR
Blowfish cipher, 256 bit key, mode OFB
.IP \fBaes128ecb\fR
.IP \fBoldblowfish128ecb\fR
Blowfish cipher, 128bit key, mode ECB
(for use with 2.6 clients only)
AES cipher, 128 bit key, mode ECB
.IP \fBaes128cbc\fR
AES cipher, 128 bit key, mode CBC
.IP \fBaes128cfb\fR
AES cipher, 128 bit key, mode CFB
.IP \fBaes128ofb\fR
AES cipher, 128 bit key, mode OFB
.IP \fBaes256ecb\fR
AES cipher, 256 bit key, mode ECB
.IP \fBaes256cbc\fR
AES cipher, 256 bit key, mode CBC
.IP \fBaes256cfb\fR
AES cipher, 256 bit key, mode CFB
.IP \fBaes256ofb\fR
AES cipher, 256 bit key, mode OFB
.RE
.IP
This option is ignored by the client.
.IP \fBkeepalive\ \fByes\fR|\fBno\fR .IP \fBkeepalive\ \fByes\fR|\fBno\fR
enable or disable connection keep-alive. enable or disable connection keep-alive.
This option is ignored by the client. This option is ignored by the client.