FS#77647 - [vpnc] vpnc-1:0.5.3.r526.r213-1 refuses to connect with weaker authentication methods
Attached to Project:
Arch Linux
Opened by Musikolo (Musikolo) - Saturday, 25 February 2023, 23:57 GMT
Last edited by Toolybird (Toolybird) - Monday, 27 February 2023, 00:52 GMT
Opened by Musikolo (Musikolo) - Saturday, 25 February 2023, 23:57 GMT
Last edited by Toolybird (Toolybird) - Monday, 27 February 2023, 00:52 GMT
|
Details
Description: Noticed that with last version
vpnc-1:0.5.3.r526.r213-1, it rejects connecting with weaker
authentication methods and prints the following warning:
Feb 25 17:16:39 MyLaptop NetworkManager[2815]: /usr/sbin/vpnc: Peer has selected md5 as authentication method. Feb 25 17:16:39 MyLaptop NetworkManager[2815]: This algorithm is considered too weak today. Feb 25 17:16:39 MyLaptop NetworkManager[2815]: If your vpn concentrator admin still insists on using md5, Feb 25 17:16:39 MyLaptop NetworkManager[2815]: use the "--enable-weak-authentication" option. Reverting back to previous version vpnc-1:0.5.3.r506.r204-2 solves the issue and everything works again. This version was built on Nov 2 as it can be seen at https://archive.archlinux.org/packages/v/vpnc/ Following this, I noticed that none of the changes introduced the code since November suggests a change in the permitted authentication methods. All I saw were minor changes: - https://github.com/streambinder/vpnc/commits/master So, I wonder where the new behavior comes from? |
This task depends upon
Closed by Toolybird (Toolybird)
Monday, 27 February 2023, 00:52 GMT
Reason for closing: Upstream
Additional comments about closing: See comments
Monday, 27 February 2023, 00:52 GMT
Reason for closing: Upstream
Additional comments about closing: See comments
https://github.com/streambinder/vpnc/compare/b4c83bbd2f0ea1078477ea187f7e1476762ba788...46b8335b6e0df577fd3c40e87362ed8c5724c8df which includes https://github.com/streambinder/vpnc/commit/1db1d23a6d95456dc9e4cfd7f8f4ec1f92554e75
[1] https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/-/issues
Since there is nothing it can be done on the ArchLinux side, please feel free to close this issue.
Thank you so much for the provided assistance!