Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: vpnc: devel

merge vpnc-nortel with trunk (phase 1)

  

 
vpnc devel RSS feed   Index | Next | Previous | View Threaded


spamfilter at zingo

Feb 3, 2008, 2:40 PM

Post #1 of 11 (2302 views)
Permalink
merge vpnc-nortel with trunk (phase 1)
Hello

I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
I tried to re-struct it back as much as possible to follow the trunk code base.
I tried to put all important difference behind a build flag ( NORTELVPN ) so that
the code for nortel and non nortel could coexist e.g. the branch could be removed.
( Well maybe after some more code cleanup. )

The latest fix on vpnc-nortel branch did breake my setup so I have put it
under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
how to fix it.

I don't know anything about VPN stuff so my remaining difference might be done better
please let me know.

Next step would be better cleanup and if possible a runtime check instead of this
"#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
someone that knows the code could look at it merge it in easier or give more
instruction on what needs to be fixed.

I have put all my file and a patch file against vpnc-nortel
on my website, since the patch is rather big (changes from 43 to 284)
I don't know what should be easier to use if it should be applied.
I recommend using the file list instead of the patch and check it
against trunk:284

vpnc-nortel merged with trunk/284 (latest of today 20080203)

All files:
http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz

Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)

http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch

Hope this make anyone happy :)

--
Zingo "Stefan" Andersen (zingo.org and vectrace.com)
I'm a signature file virus! Copy me into your signature. Please?



_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


gofman.mike at gmail

Feb 3, 2008, 5:44 PM

Post #2 of 11 (1371 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Ough wow.
Finally someone is working on what's been missing for so long.

Zingo Andersen wrote:
> Hello
>
> I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
> I tried to re-struct it back as much as possible to follow the trunk code base.
> I tried to put all important difference behind a build flag ( NORTELVPN ) so that
> the code for nortel and non nortel could coexist e.g. the branch could be removed.
> ( Well maybe after some more code cleanup. )
>
> The latest fix on vpnc-nortel branch did breake my setup so I have put it
> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> how to fix it.
>
> I don't know anything about VPN stuff so my remaining difference might be done better
> please let me know.
>
> Next step would be better cleanup and if possible a runtime check instead of this
> "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
> someone that knows the code could look at it merge it in easier or give more
> instruction on what needs to be fixed.
>
> I have put all my file and a patch file against vpnc-nortel
> on my website, since the patch is rather big (changes from 43 to 284)
> I don't know what should be easier to use if it should be applied.
> I recommend using the file list instead of the patch and check it
> against trunk:284
>
> vpnc-nortel merged with trunk/284 (latest of today 20080203)
>
> All files:
> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
>
> Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
>
> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
>
> Hope this make anyone happy :)
>
>

_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


spamfilter at zingo

Feb 4, 2008, 1:28 AM

Post #3 of 11 (1347 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Let's see it we can reach the goal...

I need some help with how to go on with this

- It would be great if someone non nortel could test it by removing
-DNORTELVPN from the makefile

- How could the #ifdef madness be removed?
by a config setting or runtimecheck from the server, if there is some way
to runtime check, I don't know.

- There are a few cases of double code that do this magic VPN Stuff I don't know
if it could be merge together or not.

- What more do I have to do to get this accepted to trunk?

--
Zingo "Stefan" Andersen (zingo.org and vectrace.com)
I'm a signature file virus! Copy me into your signature. Please?

Mike Gofman wrote:
> Ough wow.
> Finally someone is working on what's been missing for so long.
>
> Zingo Andersen wrote:
>> Hello
>>
>> I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
>> I tried to re-struct it back as much as possible to follow the trunk code base.
>> I tried to put all important difference behind a build flag ( NORTELVPN ) so that
>> the code for nortel and non nortel could coexist e.g. the branch could be removed.
>> ( Well maybe after some more code cleanup. )
>>
>> The latest fix on vpnc-nortel branch did breake my setup so I have put it
>> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
>> how to fix it.
>>
>> I don't know anything about VPN stuff so my remaining difference might be done better
>> please let me know.
>>
>> Next step would be better cleanup and if possible a runtime check instead of this
>> "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
>> someone that knows the code could look at it merge it in easier or give more
>> instruction on what needs to be fixed.
>>
>> I have put all my file and a patch file against vpnc-nortel
>> on my website, since the patch is rather big (changes from 43 to 284)
>> I don't know what should be easier to use if it should be applied.
>> I recommend using the file list instead of the patch and check it
>> against trunk:284
>>
>> vpnc-nortel merged with trunk/284 (latest of today 20080203)
>>
>> All files:
>> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
>>
>> Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
>>
>> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
>>
>> Hope this make anyone happy :)
>>
>>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel[at]unix-ag.uni-kl.de
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>


_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


farjumper at mail

Feb 6, 2008, 12:32 PM

Post #4 of 11 (1307 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Good work! Thanks.

About problems with NORTELVPN_XAUTHTYPE_AS_REQUEST. What router do you use? Do you use the token for authorization? Can you send me a log?

PS: My bet for nortel differencing is the new parameter in the settings. It implies that more hardwares will be supported in future :)

-----Original Message-----
From: "Zingo Andersen" <spamfilter[at]zingo.org>
>
> Let's see it we can reach the goal...
>
> I need some help with how to go on with this
>
> - It would be great if someone non nortel could test it by removing
> -DNORTELVPN from the makefile
>
> - How could the #ifdef madness be removed?
> by a config setting or runtimecheck from the server, if there is some way
> to runtime check, I don't know.
>
> - There are a few cases of double code that do this magic VPN Stuff I don't know
> if it could be merge together or not.
>
> - What more do I have to do to get this accepted to trunk?
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> I'm a signature file virus! Copy me into your signature. Please?
>
> Mike Gofman wrote:
> > Ough wow.
> > Finally someone is working on what's been missing for so long.
> >
> > Zingo Andersen wrote:
> >> Hello
> >>
> >> I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
> >> I tried to re-struct it back as much as possible to follow the trunk code base.
> >> I tried to put all important difference behind a build flag ( NORTELVPN ) so that
> >> the code for nortel and non nortel could coexist e.g. the branch could be removed.
> >> ( Well maybe after some more code cleanup. )
> >>
> >> The latest fix on vpnc-nortel branch did breake my setup so I have put it
> >> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> >> how to fix it.
> >>
> >> I don't know anything about VPN stuff so my remaining difference might be done better
> >> please let me know.
> >>
> >> Next step would be better cleanup and if possible a runtime check instead of this
> >> "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
> >> someone that knows the code could look at it merge it in easier or give more
> >> instruction on what needs to be fixed.
> >>
> >> I have put all my file and a patch file against vpnc-nortel
> >> on my website, since the patch is rather big (changes from 43 to 284)
> >> I don't know what should be easier to use if it should be applied.
> >> I recommend using the file list instead of the patch and check it
> >> against trunk:284
> >>
> >> vpnc-nortel merged with trunk/284 (latest of today 20080203)
> >>
> >> All files:
> >> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
> >>
> >> Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
> >>
> >> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
> >>
> >> Hope this make anyone happy :)
> >>
> >>
> >
> > _______________________________________________
> > vpnc-devel mailing list
> > vpnc-devel[at]unix-ag.uni-kl.de
> > https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> > http://www.unix-ag.uni-kl.de/~massar/vpnc/
> >
>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel[at]unix-ag.uni-kl.de
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>
_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


spamfilter at zingo

Feb 6, 2008, 1:41 PM

Post #5 of 11 (1287 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Hi

Vladimir Buell wrote:
> Good work! Thanks.

Did you manage to test it? I don't currently know if it work for
anyone except me but it probably will ;-)

>> >> The latest fix on vpnc-nortel branch did breake my setup so I have put it
>> >> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
>> >> how to fix it.


> About problems with NORTELVPN_XAUTHTYPE_AS_REQUEST.
> What router do you use?

Sorry no idea.

> Do you use the token for authorization?

I have a little RSA SecurID HW dongle with a display that spits out
numbers every minute if that it what you mean.

> Can you send me a log?

did that off list...

> PS: My bet for nortel differencing is the new parameter in the settings. It implies that more hardwares
will be
> supported in future :)

Let me know if you find something useful to test on!

Also does anyone know if there is some ID or something that differs
NortelVPN from CiscoVPN. If there is then I could try to remove the
#ifdef NORTELVPN madness.

--
Zingo "Stefan" Andersen (zingo.org and vectrace.com)
I'm a signature file virus! Copy me into your signature. Please?




_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


farjumper at mail

Feb 7, 2008, 1:02 PM

Post #6 of 11 (1280 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
About VPN type differentiation: there are already CONFIG_VENDOR in config with two vendors: "cisco" and "netscreen". Rather good place for adding new type: "nortel".

I don't know how to know a router type in runtime, only idea I have is to check a vendor ID. A document [1] say that "It doesn't matter what VID the initiator sends" so we can try to send just RFC's VID and look what the "real" VID router responds after.

By the way this unknown "magic" data (see below) looks like something nortel specific.
(this is taken from Andersen's log)

PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 126e1f57 7291153b 20485f7f 155b4bc8
(unknown)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)

PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 00 (ISAKMP_PAYLOAD_NONE)
length: 0014
ke.data: 12f5f28c 457168a9 702d9fe2 74cc0100
(Cisco Unity)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)

[1] http://www.nta-monitor.com/wiki/index.php/Nortel_VPN_Router#Vendor_IDs

thanks
Volodymyr Buell


-----Original Message-----
From: "Zingo Andersen" <zingo[at]zingo.org>
To: "Vladimir Buell" <farjumper[at]mail.ru>,"vpnc list to send bug reports and discussions with developers" <vpnc-devel[at]unix-ag.uni-kl.de>
Date: Wed, 6 Feb 2008 22:14:26 +0100 (CET)
Subject: Re: [vpnc-devel] merge vpnc-nortel with trunk (phase 1)

>
> Hi
>
> Vladimir Buell wrote:
> > Good work! Thanks.
>
> Did you manage to test it? I don't currently know if it work for
> anyone except me but it probably will ;-)
>
> >> >> The latest fix on vpnc-nortel branch did breake my setup so I have put it
> >> >> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> >> >> how to fix it.
>
>
> > About problems with NORTELVPN_XAUTHTYPE_AS_REQUEST.
> > What router do you use?
>
> Sorry no idea.
>
> > Do you use the token for authorization?
>
> I have a little RSA SecurID HW dongle with a display that spits out
> numbers every minute if that it what you mean.
>
> > Can you send me a log?
>
> did that off list...
>
> > PS: My bet for nortel differencing is the new parameter in the settings. It implies that more hardwares will be
> > supported in future :)
>
> Let me know if you find something useful to test on!
>
> Also does anyone know if there is some ID or something that differs
> NortelVPN from CiscoVPN. If there is then I could try to remove the
> #ifdef NORTELVPN madness.
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> I'm a signature file virus! Copy me into your signature. Please?
>
>
>
_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


farjumper at mail

Feb 8, 2008, 5:56 AM

Post #7 of 11 (1281 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Sorry. All the time I get this message:

----
got delete for old connection, ignoring..
vpnc: no response from target
----

I don't know what this means, old version (0.3.3-nortel) never told me such thing...

-----Original Message-----
From: "Zingo Andersen" <zingo[at]zingo.org>
To: "Vladimir Buell" <farjumper[at]mail.ru>,"vpnc list to send bug reports and discussions with developers" <vpnc-devel[at]unix-ag.uni-kl.de>
Date: Wed, 6 Feb 2008 22:14:26 +0100 (CET)
Subject: Re: [vpnc-devel] merge vpnc-nortel with trunk (phase 1)

>
> Hi
>
> Vladimir Buell wrote:
> > Good work! Thanks.
>
> Did you manage to test it? I don't currently know if it work for
> anyone except me but it probably will ;-)
>
> >> >> The latest fix on vpnc-nortel branch did breake my setup so I have put it
> >> >> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> >> >> how to fix it.
>
>
> > About problems with NORTELVPN_XAUTHTYPE_AS_REQUEST.
> > What router do you use?
>
> Sorry no idea.
>
> > Do you use the token for authorization?
>
> I have a little RSA SecurID HW dongle with a display that spits out
> numbers every minute if that it what you mean.
>
> > Can you send me a log?
>
> did that off list...
>
> > PS: My bet for nortel differencing is the new parameter in the settings. It implies that more hardwares will be
> > supported in future :)
>
> Let me know if you find something useful to test on!
>
> Also does anyone know if there is some ID or something that differs
> NortelVPN from CiscoVPN. If there is then I could try to remove the
> #ifdef NORTELVPN madness.
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> I'm a signature file virus! Copy me into your signature. Please?
>
>
>
_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


spamfilter at zingo

Feb 12, 2008, 2:26 PM

Post #8 of 11 (1275 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Vladimir Buell wrote:
> Sorry. All the time I get this message:
> ----
> got delete for old connection, ignoring..
> vpnc: no response from target
> ----
> I see there are lot of commented sections remarked as
> "Removed for NORTELVPN". Can my problem be related to this?

I hope not, I tried to use the same patch at the first patch but on the later branch

in the NORTEL case a lot of the stuff from setup_link() was cutout and re-aranged into
do_phase2() with sub function check_transform()
setup_link(); was left but without the cutouts

then in main() (see last in vpnc.c)
do_phase2() is moved into the do {...} while (do_load_balance) loop

like this: (debug comment removed)
do {
do_phase1(config[CONFIG_IPSEC_ID], config[CONFIG_IPSEC_SECRET], s);
#ifdef NORTELVPN
do_load_balance = do_phase2_xauth(s);
do_load_balance = do_phase2_config(s);
do_phase2(s);
#else
/* FIXME: Create and use a generic function in supp.[hc] */
if (s->ike.auth_algo >= IKE_AUTH_HybridInitRSA)
do_load_balance = do_phase2_xauth(s);
if ((opt_vendor == VENDOR_CISCO) && (do_load_balance == 0))
do_load_balance = do_phase2_config(s);
#endif

} while (do_load_balance);
setup_link(s);
close_tunnel();

I tried to recreate the cutout on the latest by comparing vpnc-nortel with version 43 and do the same on the latest.
Since I tried to re-split setup_link() into do_phase2() with sub function check_transform() I tried to keep the
section as intact as possible remove the stuff not used in the old nortel-vpnc e.g I tried to identyfy the code
section and re-cut them from setup_link() keeping as much left as possible to see the code as it looked in
setup_link() as intact as possible. The section that were not in the vpnc-nortel branch are the section re-cut:ed and
then out commented with
"Removed for NORTELVPN"


> By the way this unknown "magic" data (see below) looks like something nortel specific.
> (this is taken from Andersen's log)
>
> PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
> next_type: 0d (ISAKMP_PAYLOAD_VID)
> length: 0014
> ke.data: 126e1f57 7291153b 20485f7f 155b4bc8
> (unknown)
> DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
>
> PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
> next_type: 00 (ISAKMP_PAYLOAD_NONE)
> length: 0014
> ke.data: 12f5f28c 457168a9 702d9fe2 74cc0100
> (Cisco Unity)
> DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)

How does this look in the non Nortel case?
> (Cisco Unity)


--
Zingo "Stefan" Andersen (zingo.org and vectrace.com)
I'm a signature file virus! Copy me into your signature. Please?

> About VPN type differentiation: there are already CONFIG_VENDOR in config with two vendors: "cisco" and "netscreen".
> Rather good place for adding new type: "nortel".
>
> I don't know how to know a router type in runtime, only idea I have is to check a vendor ID. A document [1] say that
> "It doesn't matter what VID the initiator sends" so we can try to send just RFC's VID and look what the "real" VID
> router responds after.
>
> By the way this unknown "magic" data (see below) looks like something nortel specific.
> (this is taken from Andersen's log)
>
> PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
> next_type: 0d (ISAKMP_PAYLOAD_VID)
> length: 0014
> ke.data: 126e1f57 7291153b 20485f7f 155b4bc8
> (unknown)
> DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
>
> PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
> next_type: 00 (ISAKMP_PAYLOAD_NONE)
> length: 0014
> ke.data: 12f5f28c 457168a9 702d9fe2 74cc0100
> (Cisco Unity)
> DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
>
> [1] http://www.nta-monitor.com/wiki/index.php/Nortel_VPN_Router#Vendor_IDs
>
> thanks
> Volodymyr Buell
>
>


_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


spamfilter at zingo

Mar 6, 2008, 1:52 AM

Post #9 of 11 (1197 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Hello
I'm wondering what to do with this code
It works for me and a few others but Vladimir Buell has problems with it that still has to be smoked out

This probably means that it should not replace the vpnc-nortel branch until Vladimir's problems are fixed.

Might I suggest that this should get a new branch made from rev 284 so that diffs and merges could be made easy with
the main branch?

--
Zingo "Stefan" Andersen (zingo.org and vectrace.com)

Zingo Andersen wrote:
> Hello
>
> I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
> I tried to re-struct it back as much as possible to follow the trunk code base.
> I tried to put all important difference behind a build flag ( NORTELVPN ) so that
> the code for nortel and non nortel could coexist e.g. the branch could be removed.
> ( Well maybe after some more code cleanup. )
>
> The latest fix on vpnc-nortel branch did breake my setup so I have put it
> under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> how to fix it.
>
> I don't know anything about VPN stuff so my remaining difference might be done better
> please let me know.
>
> Next step would be better cleanup and if possible a runtime check instead of this
> "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
> someone that knows the code could look at it merge it in easier or give more
> instruction on what needs to be fixed.
>
> I have put all my file and a patch file against vpnc-nortel
> on my website, since the patch is rather big (changes from 43 to 284)
> I don't know what should be easier to use if it should be applied.
> I recommend using the file list instead of the patch and check it
> against trunk:284
>
> vpnc-nortel merged with trunk/284 (latest of today 20080203)
>
> All files:
> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
>
> Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
>
> http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
>
> Hope this make anyone happy :)
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> I'm a signature file virus! Copy me into your signature. Please?
>
>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel[at]unix-ag.uni-kl.de
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>


_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


vbuell at gmail

Apr 11, 2008, 12:22 PM

Post #10 of 11 (976 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Hi

I think we can replace vpnc-nortel branch with Zingo version now.

Also I suggest to completely remove NORTELVPN_XAUTHTYPE_AS_REQUEST section
since it doesn't work practically for everyone:


--- vpnc_zingo.c 2008-04-11 22:11:25.000000000 +0300
+++ vpnc.c 2008-04-11 22:12:52.000000000 +0300
@@ -2175,15 +2175,8 @@
switch (ap->type) {
case ISAKMP_XAUTH_ATTRIB_TYPE:

-#ifdef NORTELVPN_XAUTHTYPE_AS_REQUEST
if (ap->af != isakmp_attr_16 || !(ap->u.attr_16 == 0 ||
ap->u.attr_16 == 5))
reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
- xauth_type_requested = ap->u.attr_16;
-#else
-
- if (ap->af != isakmp_attr_16 || ap->u.attr_16 != 0)
- reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
-#endif
break;
case ISAKMP_XAUTH_ATTRIB_USER_NAME:
case ISAKMP_XAUTH_ATTRIB_USER_PASSWORD:




Thanks,
Volodymyr


On Thu, Mar 6, 2008 at 12:52 PM, Zingo Andersen <spamfilter[at]zingo.org>
wrote:

> Hello
> I'm wondering what to do with this code
> It works for me and a few others but Vladimir Buell has problems with it
> that still has to be smoked out
>
> This probably means that it should not replace the vpnc-nortel branch
> until Vladimir's problems are fixed.
>
> Might I suggest that this should get a new branch made from rev 284 so
> that diffs and merges could be made easy with
> the main branch?
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
>
> Zingo Andersen wrote:
> > Hello
> >
> > I have merged in latest from trunk to my vpnc-nortel setup and manage to
> get it usable
> > I tried to re-struct it back as much as possible to follow the trunk
> code base.
> > I tried to put all important difference behind a build flag ( NORTELVPN
> ) so that
> > the code for nortel and non nortel could coexist e.g. the branch could
> be removed.
> > ( Well maybe after some more code cleanup. )
> >
> > The latest fix on vpnc-nortel branch did breake my setup so I have put
> it
> > under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until
> someone know
> > how to fix it.
> >
> > I don't know anything about VPN stuff so my remaining difference might
> be done better
> > please let me know.
> >
> > Next step would be better cleanup and if possible a runtime check
> instead of this
> > "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with
> trunk so that
> > someone that knows the code could look at it merge it in easier or give
> more
> > instruction on what needs to be fixed.
> >
> > I have put all my file and a patch file against vpnc-nortel
> > on my website, since the patch is rather big (changes from 43 to 284)
> > I don't know what should be easier to use if it should be applied.
> > I recommend using the file list instead of the patch and check it
> > against trunk:284
> >
> > vpnc-nortel merged with trunk/284 (latest of today 20080203)
> >
> > All files:
> > http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
> >
> > Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
> >
> > http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
> >
> > Hope this make anyone happy :)
> >
> > --
> > Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> > I'm a signature file virus! Copy me into your signature. Please?
> >
> >
> >
> > _______________________________________________
> > vpnc-devel mailing list
> > vpnc-devel[at]unix-ag.uni-kl.de
> > https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> > http://www.unix-ag.uni-kl.de/~massar/vpnc/<http://www.unix-ag.uni-kl.de/%7Emassar/vpnc/>
> >
>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel[at]unix-ag.uni-kl.de
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/<http://www.unix-ag.uni-kl.de/%7Emassar/vpnc/>
>
>


--
Thanks,
Volodymyr


farjumper at mail

Apr 11, 2008, 12:43 PM

Post #11 of 11 (1064 views)
Permalink
Re: merge vpnc-nortel with trunk (phase 1) [In reply to]
Hi

I think we can replace vpnc-nortel branch with Zingo's version now.

Also I suggest to completely remove NORTELVPN_XAUTHTYPE_AS_REQUEST section since it doesn't work practically for everyone:


--- vpnc_zingo.c 2008-04-11 22:11:25.000000000 +0300
+++ vpnc.c 2008-04-11 22:12:52.000000000 +0300
@@ -2175,15 +2175,8 @@
switch (ap->type) {
case ISAKMP_XAUTH_ATTRIB_TYPE:

-#ifdef NORTELVPN_XAUTHTYPE_AS_REQUEST
if (ap->af != isakmp_attr_16 || !(ap->u.attr_16 == 0 || ap->u.attr_16 == 5))
reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
- xauth_type_requested = ap->u.attr_16;
-#else
-
- if (ap->af != isakmp_attr_16 || ap->u.attr_16 != 0)
- reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
-#endif
break;
case ISAKMP_XAUTH_ATTRIB_USER_NAME:
case ISAKMP_XAUTH_ATTRIB_USER_PASSWORD:




Thanks,
Volodymyr

-----Original Message-----
From: "Zingo Andersen" <spamfilter[at]zingo.org>
To: "vpnc list to send bug reports and discussions with developers"<vpnc-devel[at]unix-ag.uni-kl.de>
Date: Thu, 6 Mar 2008 10:52:39 +0100 (CET)
Subject: Re: [vpnc-devel] merge vpnc-nortel with trunk (phase 1)

>
> Hello
> I'm wondering what to do with this code
> It works for me and a few others but Vladimir Buell has problems with it that still has to be smoked out
>
> This probably means that it should not replace the vpnc-nortel branch until Vladimir's problems are fixed.
>
> Might I suggest that this should get a new branch made from rev 284 so that diffs and merges could be made easy with
> the main branch?
>
> --
> Zingo "Stefan" Andersen (zingo.org and vectrace.com)
>
> Zingo Andersen wrote:
> > Hello
> >
> > I have merged in latest from trunk to my vpnc-nortel setup and manage to get it usable
> > I tried to re-struct it back as much as possible to follow the trunk code base.
> > I tried to put all important difference behind a build flag ( NORTELVPN ) so that
> > the code for nortel and non nortel could coexist e.g. the branch could be removed.
> > ( Well maybe after some more code cleanup. )
> >
> > The latest fix on vpnc-nortel branch did breake my setup so I have put it
> > under another build flag ( NORTELVPN_XAUTHTYPE_AS_REQUEST ) until someone know
> > how to fix it.
> >
> > I don't know anything about VPN stuff so my remaining difference might be done better
> > please let me know.
> >
> > Next step would be better cleanup and if possible a runtime check instead of this
> > "#ifdef NORTELVPN" madness. The Idea was to bring it up to par with trunk so that
> > someone that knows the code could look at it merge it in easier or give more
> > instruction on what needs to be fixed.
> >
> > I have put all my file and a patch file against vpnc-nortel
> > on my website, since the patch is rather big (changes from 43 to 284)
> > I don't know what should be easier to use if it should be applied.
> > I recommend using the file list instead of the patch and check it
> > against trunk:284
> >
> > vpnc-nortel merged with trunk/284 (latest of today 20080203)
> >
> > All files:
> > http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.tar.gz
> >
> > Or a patch on latest vpnc-nortel to bring it up to 284 (lots of changes)
> >
> > http://www.zingo.org/webtest/vpnc-nortel_merge_with_284.patch
> >
> > Hope this make anyone happy :)
> >
> > --
> > Zingo "Stefan" Andersen (zingo.org and vectrace.com)
> > I'm a signature file virus! Copy me into your signature. Please?
> >
> >
> >
> > _______________________________________________
> > vpnc-devel mailing list
> > vpnc-devel[at]unix-ag.uni-kl.de
> > https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> > http://www.unix-ag.uni-kl.de/~massar/vpnc/
> >
>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel[at]unix-ag.uni-kl.de
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>
_______________________________________________
vpnc-devel mailing list
vpnc-devel[at]unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

vpnc devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.