[vpnc-devel] Feature requests: Kvpnc compability, cisco hash integration.

Christoph Thielecke christoph.thielecke at gmx.de
Wed Aug 23 11:51:39 CEST 2006 

Hello,

> > 665a666
> >
> > >       int stdinfd;
> >
> > 788c789,793
> > <                       s > > ---
> >
> > >                       stdinfd > > >                       if(isatty(stdinfd))
> > >                               s > > >                       else
> > >                               getline(&s,&s_len,stdin);
> >
> > (comes from http://home.gna.org/kvpnc/de_DE/faq.html#013)
Frédéric Tronel has wrote:

--- begin ---
I've further explored the problem, and I think I have found why it does not 
work. Reading the source code of vpnc unveals that it is using the "obsolete" 
getpass function of libc. This function does not support password passing 
through pipes since it directly manipulates /dev/tty to turn off echoing of 
the password on the terminal. Hence it is impossible for kvpnc to pass the 
user password to vpnc. The bug is coming from vpnc, not kvpnc. 
I'll study the problem this week-end and try to produce a patch for vpnc.
--- end ---

There is also a bug entry:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug78316

I also have looked in my mails and this problem was found some time in 
history. I got a mail from Juan Antonio Martinez <jantonio at dit.upm.es> at 
24.11.2004 14:40 and he wrote:
--- begin ---
Last version of vpnc (0.3.2) did some patches that makes
kvpnc unusable. Main one is the use of getpass() to
retrieve passwords.

kvpnc uses stdin to feed passwords into vpnc...
--- end ---

I'll attach his patch at this mail.

> if getpass() is obsolet, where is the replacement?

> second, I would recommend kvpnc not to use the interactive config
> dialog, but to pass "-" as configfile and make sure to add
> "Noninteractive".
Now I have use that way but it's insecure because I have to store the 
passwords into the config file :(
I think its not too hard to implement this patch in vpnc in all places.


Best regards

Christoph
-- 
Linux User Group Wernigerode
http://www.lug-wr.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vpnc-0.3.2.patch
Type: text/x-diff
Size: 2961 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20060823/291e7ae4/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20060823/291e7ae4/attachment.pgp

More information about the vpnc-devel mailing list