[vpnc-devel] svn commit: vpnc r416

Antonio Borneo borneo.antonio at gmail.com
Sat Sep 12 17:23:52 CEST 2009 

Hi,
I'm reviewing the commit r416 to merge it in Nortel branch.
I want highlight this incorrect modification applied to trunk/config.c
-   printf("%s: unknown authentication mode %s\nknown modes: psk cert
hybrid\n", argv[0], config[CONFIG_AUTH_MODE]);
+   printf("%s: unknown authentication mode %s\nknown modes: psk-plain
psk-xauth cert hybrid\n", argv[0], config[CONFIG_AUTH_MODE]);
This is NOT correct, since the only allowed values for
config[CONFIG_AUTH_MODE] are still the original "psk", "cert" and
"hybrid".
The code has not been modified (yet?!?) to accept either "psk-plain"
or "psk-xauth".
Below, for your reference, a wider extract of the modification applied

I will not merge this part of the patch in Nortel branch.

Joerg,
in attachmet the simple patch to recover the original string.

Best Regards,
Antonio Borneo


On Thu, Aug 20, 2009 at 3:02 AM,  <vpnc at unix-ag.uni-kl.de> wrote:
> Author: Joerg Mayer
> Date: Wed Aug 19 21:02:00 2009
> New Revision: 416
>
> Log:
> Mostly by Dan Williams <dcbw at redhat.com>
> gnutls padding fixes by Laurent Goujon <laurent.goujon at online.fr>
>
> vpnc currently requires openssl to provide the hybrid auth mode.  That's
> not ideal, since vpnc doesn't not include the OpenSSL exception in its
> license, meaning many distributions cannot ship a hybrid-auth-enabled
> vpnc.
>
> This patch splits out the certificate handing functions into a more
> modular framework, and adds a gnutls implementation of certificate
> handling bits, including testcases to ensure things work as expected.
> Hybrid-auth with gnutls is the default mode now, since vpnc has no
> licensing problem with gnutls.  That means everyone gets hybrid FTW.
>
>
...
> Modified: trunk/config.c
> ==============================================================================
> --- trunk/config.c (original)
> +++ trunk/config.c Wed Aug 19 21:02:00 2009
...
> @@ -696,16 +696,9 @@
>                } else if (!strcmp(config[CONFIG_AUTH_MODE], "hybrid")) {
>                        opt_auth_mode = AUTH_MODE_HYBRID;
>                } else {
> -                       printf("%s: unknown authentication mode %s\nknown modes: psk cert hybrid\n", argv[0], config[CONFIG_AUTH_MODE]);
> +                       printf("%s: unknown authentication mode %s\nknown modes: psk-plain psk-xauth cert hybrid\n", argv[0], config[CONFIG_AUTH_MODE]);
>                        exit(1);
>                }
...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch_psk-plain.diff
Type: text/x-patch
Size: 626 bytes
Desc: not available
Url : http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/attachments/20090912/c4a84b6b/attachment.bin

More information about the vpnc-devel mailing list