vpnc-script incorrectly parses the output of ip route with kernels >= 2.6.38

Confirming, if only because there is enough evidence on LKML that there is room for improvement in the script for vpnc.

Guillaume, are you running into any other such parameters that fail to parse in vpnc output (e.g. if you apply the changes referred to in the linked thread, does it work properly?)

If it works with the change, then we can send an email to the vpnc-devel list to have the changes added upstream too, and either upload an updated package with the patch or update vpnc to a new upstream version that fixes the issue.

Also, please confirm in which version of Ubuntu you are getting this problem. Thanks!

[Expired for vpnc (Ubuntu) because there has been no activity for 60 days.]

I can confirm this problem for Ubuntu 11.10.
The posted fix works fine.
Can this fix still be included in Oneiric? Apparently, this problem would make vpnc useless in Oneiric if not fixed...

Confirmed in Oneiric 11.10 (3.0.0-12-generic #20-Ubuntu SMP i686 i686 i386 GNU/Linux)

vpnc version 0.5.3
Copyright (C) 2002-2006 Geoffrey Keating, Maurice Massar, others
vpnc comes with NO WARRANTY, to the extent permitted by law.
You may redistribute copies of vpnc under the terms of the GNU General
Public License. For more information about these matters, see the files
named COPYING.
Built with certificate support.

Supported DH-Groups: nopfs dh1 dh2 dh5
Supported Hash-Methods: md5 sha1
Supported Encryptions: null des 3des aes128 aes192 aes256
Supported Auth-Methods: psk psk+xauth hybrid(rsa)

There is a new version of the vpnc-script that works for me, that can be found here:

http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blob_plain/HEAD:/vpnc-script

Exchange it as descriped here:

http://blog.nowherelan.com/2011/10/10/vpnc-on-ubuntu-oneiric-error-either-to-is-duplicate-or-ipid-is-a-garbage/

but make sure to backup your old script!

Confirmed that the fix in comment #5 works with my vpnc 0.5.3r449-2.1 on Oneiric 64-bit using a *.conf file which worked fine in Lucid and includes the (unusual?) CA-File and Application directives.

Note that the diff between /etc/vpnc/vpnc-script as shipped and the version linked to includes removal of some sections marked "Debian specific" which I presume were source patches in the package. These sections only look to matter if you had custom /etc/vpnc/*-action scripts. For a more conservative fix (which also seems to work for me), try: http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blobdiff_plain/9239bd811d4f189bee4b1dd9441359c11a799631..4deaaf9a324bf02f2b1b37174fdca3595429b270:/vpnc-script

I can confirm the patch linked in comment #6 by Jesse fixes the issue.

For everybody else:
You have to patch /etc/vpnc/vpnc-script
with a patch -p1 < thepatch.patch

vpnc is useless in Ubuntu 11.10 without this bug fixed.

Can someone please upgrade the importance of this bug and see if one of the patches mentioned can be pushed to Oneiric?

To have it working, nothing more than the patch at <http://git.infradead.org/users/dwmw2/vpnc-scripts.git/blobdiff_plain/9239bd811d4f189bee4b1dd9441359c11a799631..4deaaf9a324bf02f2b1b37174fdca3595429b270:/vpnc-script> is needed.

This patch is just two lines long!

What Debian-specific patches to vpnc-script do you have? It may make sense to merge them into the upstream script.

dwmw2, you mean me?

have a look at http://patch-tracker.debian.org/patch/series/view/vpnc/0.5.3r449-2.1/04_debianitis - it's one big patch, unfortunately, but in addition to the two-liner discussed in this bug and uploaded to Debian yesterday, those are all the changes to vpnc-script

This bug was fixed in the package vpnc - 0.5.3r449-2.2

---------------
vpnc (0.5.3r449-2.2) unstable; urgency=low

  * Non-maintainer upload.
  * Bug fix: "more verbose iproute makes vpnc fail connecting", taken from
    http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/4deaaf9a32
    Closes: #624203, #640978, LP: #805435.
 -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 05 Dec 2011 11:05:05 +0000