<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: CIPE source code modifications
From: "Damion K. Wilson" <dwilson,AT,ibl,DOT,bm>
Date: Tue, 18 Mar 2003 21:25:45 +0100
In-reply-to: <3E62A96A.9080905@ceag.ch>

Thanks for the work. I don't know who the active CIPE users you polled are so 
I'm kind of in the dark about the motivation of some of your changes, so 
please have these users email me or the mailing list so I can get to see the 
requests.

Here's some of my roadmap.

1. Periodic DNS resolving will be going into cipsrvr.exe to facilitate 
virtual 
LAN's between dynamic IP hosts, among other things.

2. The Control panel will go away and will be replaced by an management 
utility. The whole control panel invocation thing has been a pain in the butt 
for me.

3. The format of the key specification will change to allow keywords to 
direct 
where and how the key is stored. e.g file:/a:\statickey.txt or 
blowfish:1234123412341234.

Further I have some issues with your changes

1. The control panel should already have this behaviour. Was there a bug that 
prevented this ?

2. I disagree with the asterisk representation. It's too hard for the 
administrator to confirm that he/she has it done right. I repeat it is NOT A 
PASSWORD AND IT IS STORED IN CLEARTEXT ! If you have problems with this 
representation then you need to chase it up with Olaf. I am strongly 
disinclined to merge this feature as the stated mandate of this project is to 
follow Olaf's direction. It appears that the way forward with this is pkcipe.

3. Nice

4. Redesigned how ? (I'll have to really read the code now, won't I  ?) Does 
the combo box only allow the local IP addresses or does it let you type in 
what you want anyway ?

5. Only necessary if  you have the combo box in 4.

6. Mostly good. DNS resolution should not be done here, though

7. Nice. I don't particularly want any DLL dependencies that won't allow the 
suite to run on NT4.0. The binary distribution supports and will continue to 
support all NT kernel Windows versions.

8. Good idea on both counts.

10. Please explain this mechanism to me.

It would seem that you've already made your fork available for general 
comsumption with confusing version info. CIPE-Win32 is still prerelease, 
hence the "PRE" in pre15 (there are still one or two issues with the kernel 
driver that need to be exorcised once and for all). So, I'd suggest that if 
you're going to continue with providing it as a full distribution then you 
should change the version info to indicate that and to include your name or 
something to indicate that this is a fork and not the "official" version.. 
That way, if someone running your version has a question about it, then they 
can ask you.

Thanks for the good work.

DKW

DKW

On Tuesday 18 March 2003 01:24 pm, you wrote:
> Damion Wilson wrote:
>  > No, I'm afraid I don't right now. [..]
>  >
>  > Michael Da Cova wrote:
>  >> [..] do you have any time scales for the below changes [..] ?
>  >>
>  >> Damion Wilson wrote:
>  >>> [..] Please be aware that I will be rewriting the Control
>  >>>
>  >>> Carsten Emde wrote:
>  >>>> I have [.] made some minor changes. These changes include: [..]
>
> After reading Michael's message and listening to some active CIPE users,
> I decided to add the remaining items from my TODO list and to make the
> resulting binaries and source files available.
>
> I have tested it successfully under Windows 2000. As I said in my
> earlier mail, I do not yet have a Windows XP system available for
> testing but I will acquire one and do some testing soon. In the
> meantime, I would appreciate, if someone out there had the time to test
> it under XP.
>
> Again, I tried my very best to follow the existing style when attacking
> the sources. I would be glad, if Damion could find the time to integrate
> some of the most wanted features into the master sources.
>
>
> 1. Changelog
> ------------
>
> Started at version 2.0.pre-15
>
> #1  02/19/03  cbe
> Modified the handling of the key string: If no key is available, the
> edit field remains empty. A newly entered key string will be stored in
> the registry. If a key is already available, it is displayed and can be
> reused.
>
> #2  02/26/03  cbe
> Further modified the handling of the key string: If a key is already
> available, it is displayed as a string of asterisks. It will not be
> stored when the dialog box is closed.
>
> #3  02/27/03  cbe
> Added a version resource to cipsrvr.exe and to cipepanel.cpl. Added an
> about box to cipsrvr.exe (right mouse click on the title bar: "About
> CIPE ..." menu entry).
>
> #4  02/28/03  cbe
> Redesigned the cipepanel.cpl dialog box. Improved the check to determine
> whether any of the edit fields has been modified. If none was modified,
> the server does not need to be restarted. Added a combo box presenting a
> choice of all local IP addresses. Provided browse buttons to enter
> filenames of the startup and the shutdown scripts.
>
> #5  03/01/03  cbe
> Added 0.0.0.0 to the choice of local IP addresses.
>
> #6  03/02/03  cbe
> Added plausibility checks to all edit fields including validity check of
> the IP addresses. Fixed a problem that prevented the status message from
> being displayed. Added a DNS resolver test of the remote IP address.
>
> #7  03/05/03  cbe
> Improved display of the version information in the about box. Provided
> Apply button to save the data and restart the server without leaving the
> dialog box. Added server status to the about box. Added display of the
> peer name to the title bar. An asterisk following the name denotes that
> the peer data have been changed. When the tree is collapsed, an asterisk
> after the title denotes that the data of at least one peer has been
> modified, or a peer has been added or deleted. Improved display of error
> messages when the server could not be started/restarted. Added the
> newest msvcp60.dll that I could find (#8972 of January 22, 2003) to
> avoid the confusing question during installation about rewriting or not
> the existing file.
>
> #8  03/09/03  cbe
> Added editor to edit the startup and shutdown scripts. Two peers can no
> longer have the same name. When a new peer is added, the default name
> will have a suffix #2, #3 etc.
>
> #9  03/10/03  cbe
> Added a function to the script editor to generate default script files.
>
> #10 03/13/03  cbe
> The generated routing script was incorrect when a peer had been deleted.
> Added optional encryption of the key when it is written to the registry.
> The password is not stored but must be entered every time when the CIPE
> peer is started. This authentication mechanism does not yet work well
> when several peers are in use.
>
> #11 03/18/03  cbe
> Fixed a problem that prevented a peer with a password protected key from
> being reenabled.
>
>
> 2. How to install
> -----------------
>
> Download ftp://ftp.web-alm.net/pub/download/cipe-2.0.15.11.tgz and
> unpack it. You will find the contents of the original disk1 directory.
> Use it in exactly the same way as you did with the disk1 contents from
> CIPE-Win32-2.0-pre15.zip
>
>
> 3. How to compile
> -----------------
>
> Backup the original CIPE source directory. Download the source archive
> ftp://ftp.web-alm.net/pub/download/cipe-src-2.0.15.11.tgz and unpack it
> into the CIPE source directory. Add isvalidip.obj, fileversion.obj,
> cipeedit.obj and cipepasswd.obj to the list of cipanel's link objects in
> cipapplt/makefile. The cryptographic functions are taken from Crypto++:
> a C++ Class Library of Cryptographic Primitives, Version 5.0 9/11/2002;
>   from http://prdownloads.sourceforge.net/cryptopp/crypto50.zip?download.
> Get it, compile it and add the library to the link commands in
> cipapplt/makefile and cipsrvr/makefile.
>
>
> 4. Disclaimer
> -------------
> Any misbehavior of this CIPE version is solely my fault, not Damion's or
> anybody else's. The software changes I made and the sources I provided
> are freely distributable under the GNU public license. As such, there is
> no guarantee whatsoever.
>
>
> Carsten Emde





<< | Thread Index | >> ]    [ << | Date Index | >> ]