Drop automake build support.

Add basic build instructions.
Rework of the README, INSTALL and help page.
Remove empty folder templates and the NEWS file.
Delete the INSTALL.debian and INSTALL.gentoo files.
Create the doc/misc folder to hold lot of config
and/or readme files.

Signed-off-by: gregory guy <gregory-tde@laposte.net>

24 files changed, 1803 insertions, 0 deletions

diff --git a/doc/misc/README.DCOP b/doc/misc/README.DCOP
new file mode 100644
index 0000000..e46c83d
--- /dev/null
+++ b/doc/misc/README.DCOP
@@ -0,0 +1,87 @@
+Controlling KVpnc using DCOP
+========================
+
+DCOP use is simple:
+dcop kvpnc-<pid> KVpncInterface <command>
+
+The PID (process identifier number) can be obtained by:
+ps ax | grep kvpnc | grep -v grep
+
+The first number in line is the PID. 
+Hint: You can use kdcop for browsing the applications which can be controlled and their functions.
+
+KVpnc provides the following functions:
+--------------------------------------------------
+QCStringList interfaces()
+QCStringList functions()
+QString getVersion()
+void doConnect()
+void doDisconnect()
+uint getConnectedTime()
+QString getStatus()
+QString getCurrentProfile()
+void setProfile(QString profilename)
+void createNewProfile()
+void createNewProfileWithWizard()
+void deleteCurrentProfile()
+void openPreferences()
+void doImportCert()
+void doImportPcf()
+void doImportPcf(QString file)
+void doImportOpenvpnConfig()
+void doImportOpenvpnConfig(QString file)
+QStringList profiles()
+QStringList toolinfo()
+void doQuit()
+void doGenerateOpenvpnKey()
+void doSendFeedbackMail()
+QStringList getProfileTypes()
+
+Return and parameter data types:
+------------------------------------------
+QString text (QString format)
+QStringList string list - list of text (QString format)
+QCStringList string list - list of text (C format)
+uint unsigned int - number
+void empty - no return value
+
+Examples:
+-------------
+1. List all profile names
+	root@linux# dcop kvpnc-3957 KVpncInterface profiles
+	profile1
+	profile2
+	profile3
+
+2. Get information about tools
+	root@linux# dcop kvpnc-3957 KVpncInterface toolinfo
+	vpnc,Found,0.3.3,full,
+	gnome-ssh-askpass,Found,No info,full,
+	ksshaskpass,Found,0.4.1,full,
+	ssh,Found,5.1p1,full,
+	tail,Found,6.10,full,
+	cisco_cert_mgr,Found,4.8.01 (0640),full,
+	vtund,Not found,No info,none,
+	bash,Found,No info,full,
+	pkcs11-tool,Found,No info,full,
+	route,Found,1.98,full,
+	ifconfig,Found,1.42,full,
+	ip,Found,iproute2-ss080725,full,
+	ping,Found,iputils-sss20071127,full,
+	killall,Found,22.6,full,
+	kill,Found,3.2.7,full,
+	openvpn,Found,2.1_rc11,full,
+	openssl,Found,0.9.8g,full,
+	iptables,Found,v1.4.1.1,full,
+	setkey,Found,0.7.1,full,
+	openl2tpd,Found,No info,full,
+	xl2tpd,Found,xl2tpd-1.2.0,full,
+	l2tpd,Not found,No info,none,
+	pptp,Found,1.7.2,full,
+	pppd,Found,2.4.4,full,
+	ipsec,Found,strongSwan U4.2.4,full,
+	racoonctl,Found,No info,full,
+	vpnclient,Found,4.8.01 (0640),full,
+
+3. change current profile to hs_harz 
+	dcop kvpnc-3957 KVpncInterface setProfile 'hs_harz'
\ No newline at end of file
diff --git a/doc/misc/README.FRITZBOX_VPN_IMPORT b/doc/misc/README.FRITZBOX_VPN_IMPORT
new file mode 100644
index 0000000..2b477f9
--- /dev/null
+++ b/doc/misc/README.FRITZBOX_VPN_IMPORT
@@ -0,0 +1,24 @@
+What
+====
+IPSec vpn to AVM Fritzbox using KVpnc
+
+Description:
+=========
+Some AVM Fritzbox router provides a IPSec VPN for accessing the local lan from the internet.
+There is a windows program called "Fritz!Fernzugang einrichten" (http://webgw.avm.de/download/t_download.jsp?partid=14654) which also runs fine using wine. This allows you to create a vpn profile for a given mail address.
+It creates 2 files: vpnconfig_xxx.cfg (to import into the fritzbox router) and vpnuser_xxx.cfg for use with the program "Fritz!Fernzugang" which only runs under windows.
+A detailed document for this process is available here (German only): http://www.avm.de/de/Service/Service-Portale/Service-Portal/VPN_Praxis_und_Tipps/step_by_step_fernzugang.php?portal=VPN
+You can import a the vpn user config file directly into Kvpnc. It must be not encrypted and is named vpnuser_xxx.cfg where xxx is your mail address.
+After import you can connect directly after importing the vpnuser_xxx.cfg file (vpnconfig_xxx.cfg must be imported into the fritzbox router before).
+
+Requirements:
+===========
+"Fritz!Fernzugang einrichten"
+KVpnc
+racoon (ipsec-tools)
+
+
+Have a lot of fun ;)
+
+
+
diff --git a/doc/misc/README.OPENVPN_INLINE_CERT b/doc/misc/README.OPENVPN_INLINE_CERT
new file mode 100644
index 0000000..7ddb3c5
--- /dev/null
+++ b/doc/misc/README.OPENVPN_INLINE_CERT
@@ -0,0 +1,27 @@
+KVpnc can import OpenVPN configuration files which contain inline certificates (user certificate, ca certificate, private key, tls-key).
+The format for the inline parts must be:
+
+<ca>
+-----BEGIN CERTIFICATE-----
+...
+-----END CERTIFICATE-----
+</ca>
+
+<cert>
+-----BEGIN CERTIFICATE-----
+...
+-----END CERTIFICATE-----
+</cert>
+
+<key>
+-----BEGIN RSA PRIVATE KEY-----
+...
+-----END RSA PRIVATE KEY-----
+</key>
+
+key-direction 1
+<tls-auth>
+-----BEGIN OpenVPN Static key V1-----
+...
+-----END OpenVPN Static key V1-----
+</tls-auth>
diff --git a/doc/misc/README.SSH_VPN b/doc/misc/README.SSH_VPN
new file mode 100644
index 0000000..0fb9af0
--- /dev/null
+++ b/doc/misc/README.SSH_VPN
@@ -0,0 +1,58 @@
+You need to have enabled the following options in /etc/ssh/sshd_config (Server):
+
+PermitTunnel yes
+PermitRootLogin yes
+
+Minimum requirement is OpenSSH 4.3 and ksshaskpass/ssh-askpass-gnome.
+
+TUN and TAP modes are supported.
+
+Network configuration can be made automaticlly (default) or by execution an specified script on server. If script is used the following parameters will be given:
+
+Parameter 0: script name e.g. /root/ssh_vpn_up.sh
+Parameter 1: device type  e.g. tun
+Parameter 2: ip address  e.g. 1.2.3.4 (tun)
+Parameter 3: remote ip address 1.2.3.5 (tun)
+
+On automatic configuration tun0/tap0 will be used.
+
+Example script on server:
+
+###### /root/ssh_vpn_up.sh #####
+#!/bin/bash
+
+# $0 script name /root/ssh_vpn_up.sh
+# $1 device type tun|tap
+# $2 ip address 1.2.3.4 (tun)
+# $3 remote ip address 1.2.3.5 (tun)
+
+device="tun0"
+ip=""
+remote_ip=""
+type="tun"
+
+echo "type: $1"
+
+if [ $# -gt 0 ]; then
+        type="$1"
+        if [ $# -gt 1 ]; then
+                ip=$2
+                if [ $# -gt 2 ]; then
+                        remoteip=$3
+                fi
+        fi
+fi
+
+if [ "$type "="tun" ]; then
+echo "tun!"
+/sbin/ifconfig $device $ip pointopoint $remoteip up
+fi
+
+if [ "$type"="tap" ]; then
+echo "tap!"
+netmask="255.255.255.0"
+ip="10.0.0.1"
+device="tap0"
+/sbin/ifconfig $device $ip netmask $netmask up
+fi
+############ END ##########
diff --git a/doc/misc/README.VIRTUALIP b/doc/misc/README.VIRTUALIP
new file mode 100644
index 0000000..101a590
--- /dev/null
+++ b/doc/misc/README.VIRTUALIP
@@ -0,0 +1 @@
+on ipsec (openswan/strongswan) you can set the virtual_private value (aka %v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.2.0/24,%v4:!192.168.15.128/25) in network - virtual ip settings - virtual subnets. You have to put the string here, it will be directly passed into ipsec.conf for the connection block.
diff --git a/doc/misc/README.handbook b/doc/misc/README.handbook
new file mode 100644
index 0000000..71395af
--- /dev/null
+++ b/doc/misc/README.handbook
@@ -0,0 +1,14 @@
+How to write the handbook
+-------------------------
+
+
+Step 1: write your content in English in index.docbook (maybe multiple files with xinclude)
+Step 2: run './update_handbook.sh' in this directory. This will update english translation template (handbook.pot) and all translations (e.g. fr/handbook.po)
+Step 3: translate <yourlanguage>/handbook.po (if your language isnt there yet, grab handbook.pot and send to me)
+Step 4: run './update_handbook.sh' again. This will create the docbook files containing the translation
+
+Best regards
+
+Christoph <crissi99@gmx.de>
+
+Last change: 2005/19/09 
diff --git a/doc/misc/README.smartcard b/doc/misc/README.smartcard
new file mode 100644
index 0000000..310d98a
--- /dev/null
+++ b/doc/misc/README.smartcard
@@ -0,0 +1,25 @@
+Smartcard support in KVpnc
+==========================
+
+Date: 2007/13/01
+
+1. preparation
+	- smartcard reader suported by opensc
+	- 'pkcs11-tool -L' shows your reader
+	- openvpn 2.1 (development version!)
+2. using it
+	01. create a OpenVPN connection with the wizard
+	02. go to profile - authentication - certificate/psk
+	03. check 'enable pkcs11 smartcard support'
+	04. select id type (usally id)
+	05. check 'use token provider library' and select one if nessary
+	06. click detect button behind slot combobox (now the slots on cardreaders should shown, usually 0)
+	07. select your slot
+	08. click detect button behind id combobox (now the content of the slot selected slot of step 6 should shown should be shown)
+	09. select your id
+	10. click save
+	11. exit preferences dialog
+	12. click connect
+	13. if pin entry dialog shows up, enter your pin
+
+Feedback are welcome to <crissi99@gmx.de>.
diff --git a/doc/misc/debian_compile.txt b/doc/misc/debian_compile.txt
new file mode 100644
index 0000000..b36d37d
--- /dev/null
+++ b/doc/misc/debian_compile.txt
@@ -0,0 +1,14 @@
+export kde_prefix=/usr
+export sysconfdir=/etc
+export kde_includedir=/usr/include/tde
+export infodir=/usr/share/info
+export mandir=/usr/share/man
+export qtdir=/usr/share/qt3
+export kde_cgidir=/usr/lib/cgi-bin
+export kde_confdir=/etc/kde3
+export kde_htmldir=/usr/share/doc/tde/HTML
+
+./configure --disable-debug --disable-rpath --prefix=$kde_prefix --sysconfdir=$sysconfdir --includedir=$kde_includedir --infodir=$infodir --mandir=$mandir --with-qt-dir=$qtdir --enable-pipe
+
+make
+
diff --git a/doc/misc/debian_compile_debug.txt b/doc/misc/debian_compile_debug.txt
new file mode 100644
index 0000000..bf97953
--- /dev/null
+++ b/doc/misc/debian_compile_debug.txt
@@ -0,0 +1,14 @@
+export kde_prefix=/usr
+export sysconfdir=/etc
+export kde_includedir=/usr/include/tde
+export infodir=/usr/share/info
+export mandir=/usr/share/man
+export qtdir=/usr/share/qt3
+export kde_cgidir=/usr/lib/cgi-bin
+export kde_confdir=/etc/kde3
+export kde_htmldir=/usr/share/doc/tde/HTML
+
+./configure --enable-debug=full --disable-rpath --prefix=$kde_prefix --sysconfdir=$sysconfdir --includedir=$kde_includedir --infodir=$infodir --mandir=$mandir --with-qt-dir=$qtdir
+
+make
+
diff --git a/doc/misc/der_import.txt b/doc/misc/der_import.txt
new file mode 100644
index 0000000..02c39c6
--- /dev/null
+++ b/doc/misc/der_import.txt
@@ -0,0 +1 @@
+openssl x509 -in Uniklinikum\ Giessen\ Root\ Authority\ 1.crt -out cert.pem -inform DER
diff --git a/doc/misc/gentoo_compile.txt b/doc/misc/gentoo_compile.txt
new file mode 100644
index 0000000..d787cf1
--- /dev/null
+++ b/doc/misc/gentoo_compile.txt
@@ -0,0 +1,4 @@
+export KDEPREFIX=/usr/kde/`cat /etc/rc.conf |grep XSESSION= | awk -F \" '{print $2}' | awk -F \- '{print $2}'`/
+./configure --disable-debug --disable-rpath
+
+make
diff --git a/doc/misc/loginfo b/doc/misc/loginfo
new file mode 100644
index 0000000..58806a3
--- /dev/null
+++ b/doc/misc/loginfo
@@ -0,0 +1 @@
+ALL /usr/bin/perl /home/crissi/ciabot_cvs_1.12.pl %p %{s} %n $USER project from_email dest_email ignore_regexp
diff --git a/doc/misc/openvpn.txt b/doc/misc/openvpn.txt
new file mode 100644
index 0000000..17e6c5e
--- /dev/null
+++ b/doc/misc/openvpn.txt
@@ -0,0 +1,29 @@
+prerequisites:
+  - openssl
+
+
+- port 5000 udp
+
+
+server:
+netsprinter:~ # openvpn --port 5000 --dev tun0 --ifconfig 10.0.0.1 10.0.0.2 --secret geheimer.key
+Sun Jan 23 17:32:14 2005 0[0]: OpenVPN 1.6_rc4 i686-pc-linux-gnu [SSL] [LZO] [PTHREAD] built on Dec  3 2004
+Sun Jan 23 17:32:14 2005 1[0]: TUN/TAP device tun0 opened
+Sun Jan 23 17:32:14 2005 2[0]: /sbin/ifconfig tun0 10.0.0.1 pointopoint 10.0.0.2 mtu 1256
+Sun Jan 23 17:32:14 2005 3[0]: PTHREAD support initialized
+Sun Jan 23 17:32:14 2005 4[0]: UDPv4 link local (bound): [undef]:5000
+Sun Jan 23 17:32:14 2005 5[0]: UDPv4 link remote: [undef]
+Sun Jan 23 17:32:59 2005 6[0]: Peer Connection Initiated with 192.168.1.37:5000
+Sun Jan 23 17:35:57 2005 7[0]: select : Interrupted system call (code=4)
+Sun Jan 23 17:35:57 2005 8[0]: SIGINT received, exiting
+
+
+client:
+crissi:/home/crissi# openvpn --dev tun0 --port 5000 --remote 192.168.1.36 --ifconfig 10.0.0.2 10.0.0.1 --secret ./geheimer.key
+Sun Jan 23 17:45:47 2005 OpenVPN 2.0_rc6 i386-pc-linux [SSL] [LZO] [EPOLL] built on Jan  5 2005
+Sun Jan 23 17:45:47 2005 TUN/TAP device tun0 opened
+Sun Jan 23 17:45:47 2005 /sbin/ifconfig tun0 10.0.0.2 pointopoint 10.0.0.1 mtu 1500
+Sun Jan 23 17:45:47 2005 UDPv4 link local (bound): [undef]:5000
+Sun Jan 23 17:45:47 2005 UDPv4 link remote: 192.168.1.36:5000
+Sun Jan 23 17:45:57 2005 Peer Connection Initiated with 192.168.1.36:5000
+Sun Jan 23 17:45:58 2005 Initialization Sequence Completed
diff --git a/doc/misc/pptp.txt b/doc/misc/pptp.txt
new file mode 100644
index 0000000..24bdc2f
--- /dev/null
+++ b/doc/misc/pptp.txt
@@ -0,0 +1,82 @@
+requirements:
+- mppe patched kernel (http://www.polbox.com/h/hs001/)
+- pptp client (http://pptpclient.sourceforge.net/)
+
+
+needed for connection:
+- IP address or hostname
+- dns
+	- automatic (usepeerdns)
+	- name servers (ip)
+- authentication domain name 
+- authentication
+	- no (noauth)
+	- yes 
+- username
+- password
+- encryption
+	- refuse 40 bit encr (nomppe-40)
+	- refuse 128 bit encr (nomppe-128)
+	- require stateless encr (mppe-stateful)
+	- require mppe (require-mppe)
+		- requires ppp-compress-18 (ppp_mppe)
+	- refuse eap (refuse-eap)
+
+optional:
+- debug (debug dump)
+- reconnect on disconnect (persist)
+
+
+options:
+
+       mppe-stateful
+              Allow  MPPE  to  use  stateful  mode.   Stateless  mode is still
+              attempted first.  The default is to disallow stateful mode.
+       nomppe Disables MPPE (Microsoft Point to Point  Encryption).   This  is
+              the default.
+
+       nomppe-40
+              Disable 40-bit encryption with MPPE.
+
+       nomppe-128
+              Disable 128-bit encryption with MPPE.
+
+       nomppe-stateful
+              Disable MPPE stateful mode.  This is the default.
+
+       refuse-mschap
+              With this option, pppd will not agree to authenticate itself  to
+              the peer using MS-CHAP.
+
+       refuse-mschap-v2
+              With  this option, pppd will not agree to authenticate itself to
+              the peer using MS-CHAPv2.
+       require-mppe
+              Require  the  use of MPPE (Microsoft Point to Point Encryption).
+              This option disables all other compression types.   This  option
+              enables  both  40-bit and 128-bit encryption.  In order for MPPE
+              to successfully come up, you must have authenticated with either
+              MS-CHAP  or  MS-CHAPv2.  This option is presently only supported
+              under Linux, and only if your  kernel  has  been  configured  to
+              include MPPE support.
+
+       require-mppe-40
+              Require the use of MPPE, with 40-bit encryption.
+
+       require-mppe-128
+              Require the use of MPPE, with 128-bit encryption.
+
+       require-mschap
+              Require the peer to authenticate itself using MS-CHAP [Microsoft
+              Challenge Handshake Authentication Protocol] authentication.
+
+       require-mschap-v2
+              Require  the  peer  to  authenticate  itself   using   MS-CHAPv2
+              [Microsoft  Challenge Handshake Authentication Protocol, Version
+              2] authentication.
+
+       require-eap
+              Require the peer to authenticate itself  using  EAP  [Extensible
+              Authentication Protocol] authentication.
+
+
diff --git a/doc/misc/update_handbook.sh b/doc/misc/update_handbook.sh
new file mode 100755
index 0000000..24210e6
--- /dev/null
+++ b/doc/misc/update_handbook.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+LANGS="de fr sv"
+
+echo -n "update pot..."
+xml2pot en/index.docbook > en/handbook.pot
+echo " done."
+
+for lang in $LANGS; do
+        echo -n "updating $lang..."
+	mv $lang/handbook.po $lang/handbook_old.po
+	msgmerge -o $lang/handbook.po $lang/handbook_old.po en/handbook.pot
+	rm $lang/handbook_old.po
+        po2xml en/index.docbook $lang/handbook.po > $lang/index.docbook
+        echo " done."
+done
diff --git a/doc/misc/vpnc-0.2-err-sort.txt b/doc/misc/vpnc-0.2-err-sort.txt
new file mode 100644
index 0000000..8123dde
--- /dev/null
+++ b/doc/misc/vpnc-0.2-err-sort.txt
@@ -0,0 +1,29 @@
+IKE DH Group * unsupported
+IKE DH Group must not be nopfs
+Perfect Forward Secrecy * unsupported
+authentication unsuccessful
+binding to port *
+can't allocate memory
+can't initialise tunnel interface
+can't poll socket
+can't send packet
+can't send packet
+couldn't open *
+got response from unknown host *
+hash comparison failed: * check group password!
+making socket
+malformed loadbalance target
+missing IPSec ID
+missing IPSec gatway address
+missing IPSec secret
+missing Xauth password
+missing Xauth username
+no response from target
+out of memory
+reading *
+reading user input
+receiving packet
+response was invalid [1]: *
+response was invalid [2]: *
+response was invalid [3]: *
+unknown host *
diff --git a/doc/misc/vpnc-0.2-err.txt b/doc/misc/vpnc-0.2-err.txt
new file mode 100644
index 0000000..2a48c31
--- /dev/null
+++ b/doc/misc/vpnc-0.2-err.txt
@@ -0,0 +1,30 @@
+making socket
+binding to port \%d
+out of memory
+unknown host `\%s'
+can't initialise tunnel interface
+receiving packet
+got response from unknown host \%s:\%d
+can't send packet
+can't poll socket
+no response from target
+response was invalid [1]: \%s
+response was invalid [2]: \%s
+response was invalid [3]: \%s
+hash comparison failed: \%s\ncheck group password!
+can't send packet
+malformed loadbalance target
+reading user input
+authentication unsuccessful
+couldn't open `\%s'
+reading `\%s'
+can't allocate memory
+missing IPSec gatway address
+missing IPSec ID
+missing IPSec secret
+missing Xauth username
+missing Xauth password
+IKE DH Group \"\%s\" unsupported
+Perfect Forward Secrecy \"\%s\" unsupported
+IKE DH Group must not be nopfs
+
diff --git a/doc/misc/vpnc-0.2-strings.txt b/doc/misc/vpnc-0.2-strings.txt
new file mode 100644
index 0000000..cd91bb4
--- /dev/null
+++ b/doc/misc/vpnc-0.2-strings.txt
@@ -0,0 +1,563 @@
+/lib/ld-linux.so.2
+libgcrypt.so.11
+gcry_md_get_algo_dlen
+gcry_mpi_scan
+gcry_md_close
+gcry_mpi_get_nbits
+gcry_md_read
+gcry_md_setkey
+gcry_mpi_copy
+gcry_mpi_powm
+gcry_control
+gcry_randomize
+gcry_md_write
+gcry_mpi_mul_2exp
+gcry_cipher_open
+gcry_cipher_ctl
+gcry_md_hash_buffer
+gcry_cipher_close
+gcry_cipher_algo_info
+gcry_free
+gcry_mpi_add_ui
+gcry_cipher_encrypt
+gcry_md_open
+gcry_check_version
+gcry_mpi_set_ui
+gcry_cipher_decrypt
+gcry_mpi_new
+gcry_mpi_release
+_Jv_RegisterClasses
+gcry_md_ctl
+gcry_mpi_aprint
+__gmon_start__
+libgpg-error.so.0
+_DYNAMIC
+_init
+_fini
+_GLOBAL_OFFSET_TABLE_
+libc.so.6
+putchar
+strcpy
+unsetenv
+ioctl
+stdout
+connect
+getenv
+__strtol_internal
+getpid
+__getdelim
+memcpy
+perror
+puts
+getpass
+system
+feof
+malloc
+recvfrom
+socket
+fflush
+strncasecmp
+abort
+uname
+calloc
+fprintf
+strcat
+bind
+chdir
+setsockopt
+stdin
+signal
+openlog
+strncmp
+strncpy
+strcasecmp
+sendto
+realloc
+__strdup
+fork
+inet_aton
+memset
+inet_ntoa
+time
+__assert_fail
+poll
+syslog
+gethostbyname
+asprintf
+fclose
+stderr
+fwrite
+__errno_location
+inet_ntop
+fopen
+_IO_stdin_used
+_exit
+__libc_start_main
+setsid
+getsockname
+_edata
+__bss_start
+_end
+GLIBC_2.1
+GLIBC_2.0
+GCRYPT_1.2
+PTRh
+QVhT
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+;A0t
+q0Ph_
+Ph@#
+PVht
+w0PS
+w0PS
+G0;G
+G(;G0|
+w(PS
+[^_]
+;B0t
+p0Sh	
+[^_]
+w0PS
+[^_]
+[^_]
+[^_]
+Ph@$
+[^_]
+[^_]
+[^_]
+WSh@%
+r0PS
+[^_]
+[^_]
+[^_]
+PSht
+[^_]
+[^_]
+Rh> 
+PhW 
+Pho 
+[^_]
+[^_]
+F	PS
+F	PS
+F	PS
+[^_]
+[^_]
+[^_]
+[^_]
+Ph@1
+PhR1
+Ph@1
+Phi1
+[^_]
+Ph}1
+G	Ph
+Ph}1
+G	Ph
+G	Ph
+Ph"2
+Ph22
+PhJ2
+PhP2
+Ph[2
+Phh2
+PhJ2
+PhP2
+Ph[2
+Ph|2
+G	Ph
+[^_]
+[^_]
+C Pj
+Phm9
+[^_]
+;V(t<
+9Z8u
+9B`t
+[^_]
+pHWh
+pThs;
+pHWj
+Phq:
+[^_]
+[^_]
+P`Qh
+p8h =
+PhL^
+ hH^
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+nopfs
+sha1
+3des
+aes128
+aes192
+aes256
+get_algo
+vpnc.c
+what <= SUPP_ALGO_CRYPT
+key <= SUPP_ALGO_IPSEC_SA
+server
+%s:%c
+%02x
+making socket
+binding to port %d
+out of memory
+unknown host `%s'
+using interface %s
+receiving packet
+exchange_type
+can't send packet
+can't poll socket
+no response from target
+S4.1
+i_cookie
+i_nonce
+S4.2
+dh_public
+S4.3
+S4.4
+response was invalid [1]: %s
+IKE SA selected %s-%s
+response was invalid [2]: %s
+response was invalid [3]: %s
+skeyid
+returned_hash
+dh_shared_secret
+skeyid_d
+skeyid_a
+skeyid_e
+enc-key
+do_phase_1
+d->ivlen < d->md_len
+current_iv
+S4.5
+initial_iv
+S4.6
+hashlen: %d
+u.hash.length: %d
+expected_hash
+h->u.hash.data
+authing NULL package!
+S5.1
+S5.2
+malformed loadbalance target
+S5.3
+S5.4
+%c%c
+%.*s%s
+S5.5
+xauth packet unsupported: %s
+reading user input
+S5.6
+authentication unsuccessful
+S5.7
+CISCO_BANNER
+CISCO_DEF_DOMAIN
+INTERNAL_IP4_NBNS
+INTERNAL_IP4_DNS
+INTERNAL_IP4_NETMASK
+INTERNAL_IP4_ADDRESS
+Banner: 
+Remote Application Version: 
+got pfs setting: %d
+got address %s
+TUNDEV
+VPNGATEWAY
+S7.1
+len = %d
+S7.2
+S7.3
+S7.4
+S7.5
+S7.6
+IPSEC SA selected %s-%s
+S7.7
+S7.8
+S7.9
+S7.10
+default value for this option
+commandline option,
+configfile variable, 
+argument type
+description
+--gateway
+IPSec gateway 
+<ip/hostname>
+IP/name of your IPSec gateway
+--id
+IPSec ID 
+<ASCII string>
+your group name
+IPSec secret 
+--username
+Xauth username 
+your username
+Xauth password 
+--script
+Config Script 
+<command>
+--domain
+Domain 
+--dh
+IKE DH Group 
+<dh1/dh2/dh5>
+name of the IKE DH Group
+--pfs
+Perfect Forward Secrecy 
+<nopfs/dh1/dh2/dh5/server>
+--enable-1des
+Enable Single DES
+--application-version
+Application version 
+Application Version to report
+--ifname
+Interface name 
+--debug
+Debug 
+<0/1/2/3/99>
+Show verbose debug messages
+--no-detach
+No Detach
+--pid-file
+Pidfile 
+<filename>
+--local-port
+Local Port 
+<0-65535>
+--non-inter
+Noninteractive
+couldn't open `%s'
+reading `%s'
+can't allocate memory
+Legend:
+(configfile only option)
+  %s %s
+  %s%s
+      %s
+    Default: %s
+1.1.12
+hex_test
+--version
+vpnc version 0.2-rm+zomb.1
+Supported DH-Groups:
+Supported Hash-Methods:
+Supported Encryptions:
+--print-config
+--help
+%s: unknown option %s
+/etc/vpnc/default.conf
+/etc/vpnc.conf
+Enter IPSec gateway address: 
+Enter IPSec ID for %s: 
+Enter username for %s: 
+Enter password for %s@%s: 
+vpnc.conf:
+%s%s
+missing IPSec gatway address
+missing IPSec ID
+missing IPSec secret
+missing Xauth username
+missing Xauth password
+can't initialise tunnel interface
+got response from unknown host %s:%d
+want extype %d, got %d, ignoring
+unknown attribute %d, arborting..
+hash comparison failed: %s
+check group password!
+---!!!!!!!!! entering phase2_fatal !!!!!!!!!---
+got cisco loadbalancing notice, diverting to %s
+got responder liftime notice, ignoring..
+expected xauth packet; rejected: %s
+server requested domain, but none set (use "Domain ..." in config or --domain
+xauth SET response rejected: %s
+configuration response rejected: %s
+generating %d bytes keymat (cnt=%d)
+ignoring responder-lifetime notify
+quick mode response rejected: %s
+check pfs setting
+quick mode response rejected [2]: %s
+Cisco Systems VPN Client %s:%s
+your group password (cleartext, no support for obfuscated strings)
+your password (cleartext, no support for obfuscated strings)
+command is executed using system() to configure the interface,
+      routing and so on. Device name, IP, etc. are passed using enviroment
+      variables, see README. This script is executed right after ISAKMP is
+      done, but befor tunneling is enabled.
+(NT-) Domain name for authentication
+Diffie-Hellman group to use for PFS
+enables weak single DES encryption
+visible name of the TUN interface
+Don't detach from the console after login
+store the pid of background process in <filename>
+local ISAKMP port number to use (0 == use random port)
+Don't ask anything, exit on missing options
+warning: unknown configuration directive in %s at line %d
+Usage: %s [--version] [--print-config] [--help] [options] [config file]
+Report bugs to vpnc@unix-ag.uni-kl.de
+Copyright (C) 2002, 2003 Geoffrey Keating, Maurice Massar
+vpnc comes with NO WARRANTY, to the extent permitted by law.
+You may redistribute copies of vpnc under the terms of the GNU General
+Public License.  For more information about these matters, see the files
+named COPYING.
+WARNING! active debug level is >= 99, output includes username and password (hex encoded)
+WARNING! active debug level is >= 99, output includes username and password (hex encoded)
+Enter IPSec secret for %s@%s: 
+IKE DH Group "%s" unsupported
+Perfect Forward Secrecy "%s" unsupported
+IKE DH Group must not be nopfs
+; H_
+malloc of %lu bytes failed
+alloc of %lud bytes failed
+flatten_isakmp_packet
+isakmp-pkt.c
+blksz != 0
+t.attributes.type
+t.attributes.u.attr_16
+t.attributes.u.lots.length
+(not dumping xauth data)
+t.attributes.u.lots.data
+next_type
+sa.doi
+sa.situation
+p.number
+p.prot_id
+p.spi_size
+p.spi
+t.number
+t.id
+ke.data
+id.type
+id.protocol
+id.port
+id.data
+cert.encoding
+cert.data
+n.doi
+n.protocol
+n.spi_length
+n.type
+n.spi
+n.data
+d.num_spi
+d.spi
+modecfg.type
+DONE PARSING PAYLOAD type
+BEGIN_PARSE
+r_cookie
+payload
+isakmp_version
+flags
+message_id
+PARSE_OK
+INVALID_PAYLOAD_TYPE
+DOI_NOT_SUPPORTED
+SITUATION_NOT_SUPPORTED
+INVALID_COOKIE
+INVALID_MAJOR_VERSION
+INVALID_MINOR_VERSION
+INVALID_EXCHANGE_TYPE
+INVALID_FLAGS
+INVALID_MESSAGE_ID
+INVALID_PROTOCOL_ID
+INVALID_SPI
+INVALID_TRANSFORM_ID
+ATTRIBUTES_NOT_SUPPORTED
+NO_PROPOSAL_CHOSEN
+BAD_PROPOSAL_SYNTAX
+PAYLOAD_MALFORMED
+INVALID_KEY_INFORMATION
+INVALID_ID_INFORMATION
+INVALID_CERT_ENCODING
+INVALID_CERTIFICATE
+CERT_TYPE_UNSUPPORTED
+INVALID_CERT_AUTHORITY
+INVALID_HASH_INFORMATION
+AUTHENTICATION_FAILED
+INVALID_SIGNATURE
+ADDRESS_NOTIFICATION
+NOTIFY_SA_LIFETIME
+CERTIFICATE_UNAVAILABLE
+UNSUPPORTED_EXCHANGE_TYPE
+UNEQUAL_PAYLOAD_LENGTHS
+|S5v
+size = %ld, blksz = %ld, padding = %ld
+ sending: ========================>
+(not dumping xauth data length)
+recvfrom: %m
+packet too short from %s
+truncated in: %d -> %d
+socket(SOCK_RAW)
+setsockopt(IP_HDRINCL)
+ipesp
+socket: %m
+connect: %m
+getsockname: %m
+local address for %s is %s
+unknown spi %ld
+hmac_compute
+tunip.c
+md_ctx != 0
+ret == 0
+sending ESP packet (after ah)
+sendto: %m
+truncated out (%d out of %d)
+Packet too short
+HMAC mismatch in ESP mode
+Inconsistent padlen
+Inconsistent next_header %d
+Bad padding
+poll: %m
+read: %m
+routing loop to %s
+unknown spi from %s
+terminated
+tous.enc_secret
+tous.auth_secret
+tothem.enc_secret
+tothem.auth_secret
+vpnc
+VPNC started in foreground...
+can't find a local address for packets to %s
+sending packet: len = %d, padding = %d
+sending ESP packet (before crypt)
+sending ESP packet (after crypt)
+payload len %d not a multiple of algorithm block size %d
+peer hasn't a known address yet
+spi %ld: remote address changed from %s to %s
+received update probe from peer
+can't open pidfile %s for writing
+Warning, could not fork the child process!
+VPNC started in background (pid: %d)...
+/dev/net/tun
+can't open /dev/net/tun, check that it is either device char 10 200 or (with DevFS) a symlink to ../misc/net/tun (not misc/net/tun!!!)
+ifconfig $TUNDEV inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask 255.255.255.255 mtu 1412 up
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
+id <= (int)(sizeof (groups) / sizeof (groups[0]))
+group_init
+math_group.c
+groups[i].type == MODP
+group_get
+id >= 1
+clone->type == MODP
+group_free
+grp->type == MODP
+modp_clone
+new_grp
+modp_init
diff --git a/doc/misc/vpnc-0.3.1-err-newlines.txt b/doc/misc/vpnc-0.3.1-err-newlines.txt
new file mode 100644
index 0000000..1454146
--- /dev/null
+++ b/doc/misc/vpnc-0.3.1-err-newlines.txt
@@ -0,0 +1,9 @@
+Warning, could not fork the child process!
+alloc of * bytes failed
+can't send packet
+error: arbitrary naming tunnel interface is not supported in this version
+error: arbitrary naming tunnel interface only supported on linux
+malloc of * bytes failed
+reading user input
+vpnc.conf:
+warning: unknown configuration directive in * at line *
diff --git a/doc/misc/vpnc-0.3.1-err-sort.txt b/doc/misc/vpnc-0.3.1-err-sort.txt
new file mode 100644
index 0000000..efa8cb9
--- /dev/null
+++ b/doc/misc/vpnc-0.3.1-err-sort.txt
@@ -0,0 +1,34 @@
+IKE DH Group * unsupported
+IKE DH Group must not be nopfs
+Perfect Forward Secrecy * unsupported
+Warning, could not fork the child process!
+alloc of * bytes failed
+authentication unsuccessful
+binding to port *
+can't allocate memory
+can't initialise tunnel interface
+can't poll socket
+can't send packet
+couldn't open *
+error: arbitrary naming tunnel interface is not supported in this version
+error: arbitrary naming tunnel interface only supported on linux
+got response from unknown host *
+hash comparison failed: * check group password!
+making socket
+malformed loadbalance target
+malloc of * bytes failed
+missing IPSec ID
+missing IPSec gatway address
+missing IPSec secret
+missing Xauth password
+missing Xauth username
+no response from target
+out of memory
+reading *
+receiving packet
+response was invalid [1]: *
+response was invalid [2]: *
+response was invalid [3]: *
+unknown host *
+vpnc.conf:
+warning: unknown configuration directive in * at line *
diff --git a/doc/misc/vpnc-0.3.1-err.txt b/doc/misc/vpnc-0.3.1-err.txt
new file mode 100644
index 0000000..d2c5adb
--- /dev/null
+++ b/doc/misc/vpnc-0.3.1-err.txt
@@ -0,0 +1,34 @@
+couldn't open `%s'
+reading `%s'", name
+can't allocate memory
+warning: unknown configuration directive in %s at line %d
+vpnc.conf:\n\n
+missing IPSec gatway address
+missing IPSec ID
+missing IPSec secret
+missing Xauth username
+missing Xauth password
+IKE DH Group \"%s\" unsupported\n
+Perfect Forward Secrecy \"%s\" unsupported\n
+IKE DH Group must not be nopfs
+malloc of %lu bytes failed
+alloc of %lud bytes failed
+error: arbitrary naming tunnel interface only supported on linux\n
+error: arbitrary naming tunnel interface is not supported in this version\n
+Warning, could not fork the child process!\n
+making socket
+binding to port %d
+out of memory
+unknown host `%s'\n", hostname
+can't initialise tunnel interface
+receiving packet
+got response from unknown host %s:%d
+can't send packet
+can't poll socket
+no response from target
+response was invalid [1]: %s
+response was invalid [2]: %s
+response was invalid [3]: %s
+hash comparison failed: %s\ncheck group password!
+malformed loadbalance target
+authentication unsuccessful
\ No newline at end of file
diff --git a/doc/misc/vpnc-0.3.1-strings.txt b/doc/misc/vpnc-0.3.1-strings.txt
new file mode 100644
index 0000000..d86e142
--- /dev/null
+++ b/doc/misc/vpnc-0.3.1-strings.txt
@@ -0,0 +1,622 @@
+/lib/ld-linux.so.2
+SuSE
+libgcrypt.so.11
+gcry_md_get_algo_dlen
+gcry_mpi_scan
+gcry_md_close
+gcry_mpi_get_nbits
+gcry_md_read
+gcry_md_setkey
+gcry_mpi_copy
+gcry_mpi_powm
+gcry_control
+gcry_randomize
+gcry_md_write
+gcry_mpi_mul_2exp
+gcry_cipher_open
+gcry_cipher_ctl
+gcry_md_hash_buffer
+gcry_cipher_close
+gcry_cipher_algo_info
+gcry_free
+gcry_mpi_add_ui
+gcry_cipher_encrypt
+gcry_md_open
+gcry_check_version
+gcry_mpi_set_ui
+gcry_cipher_decrypt
+gcry_mpi_new
+gcry_mpi_release
+_Jv_RegisterClasses
+gcry_md_ctl
+gcry_mpi_aprint
+__gmon_start__
+libgpg-error.so.0
+_DYNAMIC
+_init
+_fini
+_GLOBAL_OFFSET_TABLE_
+libc.so.6
+putchar
+strcpy
+unsetenv
+ioctl
+stdout
+connect
+getenv
+__strtol_internal
+getpid
+__getdelim
+memcpy
+perror
+puts
+getpass
+system
+feof
+malloc
+recvfrom
+socket
+fflush
+strncasecmp
+abort
+uname
+calloc
+fprintf
+strcat
+bind
+chdir
+setsockopt
+stdin
+signal
+openlog
+strncmp
+strncpy
+strcasecmp
+sendto
+realloc
+__strdup
+fork
+inet_aton
+memset
+inet_ntoa
+time
+__assert_fail
+poll
+syslog
+gethostbyname
+asprintf
+fclose
+stderr
+fwrite
+__errno_location
+inet_ntop
+fopen
+_IO_stdin_used
+_exit
+__libc_start_main
+strchr
+setsid
+getsockname
+_edata
+__bss_start
+_end
+GLIBC_2.1
+GLIBC_2.0
+GCRYPT_1.2
+PTRh
+QVh\
+jyh&%
+jzh&%
+[^_]
+[^_]
+[^_]
+Pht%
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+;BDt
+Ph)&
+pDSh<&
+[^_]
+wDPS
+[^_]
+[^_]
+[^_]
+rDPS
+[^_]
+[^_]
+Pht&
+Sh}&
+;BDt
+;FDt
+qDPh
+PVh!'
+rDPS
+q4h2'
+rDPS
+q0h;'
+C(;CD
+CD;C(
+w$hM'
+G@;GDv
+v@PS
+vLhv'
+[^_]
+Ph4(
+[^_]
+Ph|,
+Vhz(
+Vhm(
+Ph0)
+Ph|,
+PhL)
+[^_]
+[^_]
+[^_]
+Pha)
+Ph -
+PSh!'
+[^_]
+Vh0.
+ShK.
+[^_]
+F	PS
+F	PS
+F	PS
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+Ph(/
+G	Ph1/
+Ph;/
+PhL/
+G	PhU/
+Phb/
+G	Phj/
+Phv/
+G	PhU/
+[^_]
+Sht&
+Ph!0
+Ph*0
+Ph20
+PhA0
+PhO0
+PhU0
+Phr'
+[^_]
+C Pj
+Ph	<
+[^_]
+C Pj
+Ph	<
+[^_]
+PhH>
+;V(t<
+9Z8u
+9B`t
+[^_]
+SQhx>
+pHSh
+pHSj
+[^_]
+[^_]
+[^_]
+Php=
+[^_]
+P`Qh o
+p8hh?
+Ph,)
+PhLn
+ hHn
+PRh1@
+PRh;@
+7RhE@
+ PRhO@
+;PhU@
+[^_]
+[^_]
+VWhPD
+[^_]
+RhFD
+Ph]D
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+[^_]
+nopfs
+sha1
+3des
+aes128
+aes192
+aes256
+get_algo
+vpnc.c
+what <= SUPP_ALGO_CRYPT
+key <= SUPP_ALGO_IPSEC_SA
+server
+making socket
+binding to port %d
+out of memory
+unknown host `%s'
+using interface %s
+TUNDEV
+VPNGATEWAY
+receiving packet
+can't send packet
+can't poll socket
+no response from target
+hashlen: %lu
+u.hash.length: %d
+expected_hash
+h->u.hash.data
+authing NULL package!
+S4.1
+i_cookie
+i_nonce
+S4.2
+dh_public
+S4.3
+S4.4
+response was invalid [1]: %s
+IKE SA selected %s-%s
+response was invalid [2]: %s
+response was invalid [3]: %s
+skeyid
+returned_hash
+dh_shared_secret
+skeyid_d
+skeyid_a
+skeyid_e
+enc-key
+do_phase_1
+s->ivlen <= s->md_len
+current_iv
+S4.5
+NAT status: no NAT-T VID seen
+initial_iv
+S4.6
+S5.1
+S5.2
+malformed loadbalance target
+S5.3
+S5.4
+%c%c
+%.*s%s
+S5.5
+xauth packet unsupported: %s
+Answer
+Password
+Passcode
+%s for VPN %s@%s: 
+S5.6
+authentication unsuccessful
+S5.7
+CISCO_BANNER
+CISCO_DEF_DOMAIN
+INTERNAL_IP4_NBNS
+INTERNAL_IP4_DNS
+INTERNAL_IP4_NETMASK
+INTERNAL_IP4_ADDRESS
+ignoring zero length netmask
+Banner: 
+Remote Application Version: 
+got pfs setting: %d
+unknown attriube %d / 0x%X
+got address %s
+S7.1
+len = %d
+S7.2
+S7.3
+S7.4
+S7.5
+S7.6
+IPSEC SA selected %s-%s
+S7.7
+S7.8
+S7.9
+S7.10
+1.1.90
+hex_test
+vpnc version 0.3.1
+can't initialise tunnel interface
+got response from unknown host %s:%d
+NAT-T mode, adding non-esp marker
+---!!!!!!!!! entering phase2_fatal !!!!!!!!!---
+generating %d bytes keymat (cnt=%d)
+unknown attribute %d, arborting..
+hash comparison failed: %s
+check group password!
+NAT status: this end behind NAT? %s -- remote end behind NAT? %s
+NAT status: NAT-T VID seen, no NAT device detected
+got cisco loadbalancing notice, diverting to %s
+got responder liftime notice, ignoring..
+expected xauth packet; rejected: %s
+server requested domain, but none set (use "Domain ..." in config or --domain
+xauth SET response rejected: %s
+configuration response rejected: %s
+got peer udp encapsulation port: %hu
+ignoring responder-lifetime notify
+quick mode response rejected: %s
+check pfs setting
+quick mode response rejected [2]: %s
+; H_
+malloc of %lu bytes failed
+alloc of %lud bytes failed
+flatten_isakmp_packet
+isakmp-pkt.c
+blksz != 0
+t.attributes.type
+t.attributes.u.attr_16
+t.attributes.u.lots.length
+(not dumping xauth data)
+t.attributes.u.lots.data
+next_type
+sa.doi
+sa.situation
+p.number
+p.prot_id
+p.spi_size
+p.spi
+t.number
+t.id
+ke.data
+id.type
+id.protocol
+id.port
+id.data
+cert.encoding
+cert.data
+n.doi
+n.protocol
+n.spi_length
+n.type
+n.spi
+n.data
+d.num_spi
+d.spi
+modecfg.type
+UNKNOWN.data
+DONE PARSING PAYLOAD type
+BEGIN_PARSE
+r_cookie
+payload
+isakmp_version
+exchange_type
+flags
+message_id
+PARSE_OK
+INVALID_PAYLOAD_TYPE
+DOI_NOT_SUPPORTED
+SITUATION_NOT_SUPPORTED
+INVALID_COOKIE
+INVALID_MAJOR_VERSION
+INVALID_MINOR_VERSION
+INVALID_EXCHANGE_TYPE
+INVALID_FLAGS
+INVALID_MESSAGE_ID
+INVALID_PROTOCOL_ID
+INVALID_SPI
+INVALID_TRANSFORM_ID
+ATTRIBUTES_NOT_SUPPORTED
+NO_PROPOSAL_CHOSEN
+BAD_PROPOSAL_SYNTAX
+PAYLOAD_MALFORMED
+INVALID_KEY_INFORMATION
+INVALID_ID_INFORMATION
+INVALID_CERT_ENCODING
+INVALID_CERTIFICATE
+CERT_TYPE_UNSUPPORTED
+INVALID_CERT_AUTHORITY
+INVALID_HASH_INFORMATION
+AUTHENTICATION_FAILED
+INVALID_SIGNATURE
+ADDRESS_NOTIFICATION
+NOTIFY_SA_LIFETIME
+CERTIFICATE_UNAVAILABLE
+UNSUPPORTED_EXCHANGE_TYPE
+UNEQUAL_PAYLOAD_LENGTHS
+|S5v
+size = %ld, blksz = %ld, padding = %ld
+ sending: ========================>
+(not dumping xauth data length)
+recvfrom: %m
+packet too short from %s
+truncated in: %d -> %d
+socket(SOCK_RAW)
+setsockopt(IP_HDRINCL)
+ipesp
+udpesp
+socket: %m
+connect: %m
+getsockname: %m
+local address for %s is %s
+unknown spi %ld
+hmac_compute
+tunip.c
+md_ctx != 0
+ret == 0
+sending ESP packet (after ah)
+sendto: %m
+truncated out (%d out of %d)
+Packet too short
+HMAC mismatch in ESP mode
+Inconsistent padlen
+Inconsistent next_header %d
+Bad padding
+poll: %m
+read: %m
+routing loop to %s
+unknown spi from %s
+terminated
+tous.enc_secret
+tous.auth_secret
+tothem.enc_secret
+tothem.auth_secret
+vpnc
+VPNC started in foreground...
+can't find a local address for packets to %s
+sending packet: len = %d, padding = %lu
+sending ESP packet (before crypt)
+sending ESP packet (after crypt)
+truncated out (%Zd out of %Zd)
+payload len %d not a multiple of algorithm block size %lu
+peer hasn't a known address yet
+spi %ld: remote address changed from %s to %s
+received update probe from peer
+can't open pidfile %s for writing
+Warning, could not fork the child process!
+VPNC started in background (pid: %d)...
+%s: %02x
+%s: %04x
+%s: %08x
+%s:%c
+%02x
+default value for this option
+10000
+commandline option,
+configfile variable, 
+argument type
+description
+--gateway
+IPSec gateway 
+<ip/hostname>
+IP/name of your IPSec gateway
+--id
+IPSec ID 
+<ASCII string>
+your group name
+IPSec secret 
+--username
+Xauth username 
+your username
+Xauth password 
+--udp
+UDP Encapsulate
+--domain
+Domain 
+--xauth-inter
+Xauth interactive
+--script
+Config Script 
+<command>
+--dh
+IKE DH Group 
+<dh1/dh2/dh5>
+name of the IKE DH Group
+--pfs
+Perfect Forward Secrecy 
+<nopfs/dh1/dh2/dh5/server>
+--enable-1des
+Enable Single DES
+--application-version
+Application version 
+Application Version to report
+--ifname
+Interface name 
+--debug
+Debug 
+<0/1/2/3/99>
+Show verbose debug messages
+--no-detach
+No Detach
+--pid-file
+Pidfile 
+<filename>
+--local-port
+Local Port 
+<0-65535>
+--udp-port
+UDP Encapsulation Port 
+--disable-natt
+Disable NAT Traversal
+disable use of NAT-T
+--non-inter
+Noninteractive
+couldn't open `%s'
+reading `%s'
+can't allocate memory
+%s%.*s
+Legend:
+(configfile only option)
+  %s %s
+  %s%s
+      
+    Default: %s
+Supported DH-Groups:
+Supported Hash-Methods:
+Supported Encryptions:
+--version
+--print-config
+--help
+--long-help
+%s: unknown option %s
+/etc/vpnc/default.conf
+/etc/vpnc.conf
+Enter IPSec gateway address: 
+Enter IPSec ID for %s: 
+Enter username for %s: 
+Enter password for %s@%s: 
+vpnc.conf:
+missing IPSec gatway address
+missing IPSec ID
+missing IPSec secret
+missing Xauth username
+missing Xauth password
+Cisco Systems VPN Client %s:%s
+your group password (cleartext, no support for obfuscated strings)
+your password (cleartext, no support for obfuscated strings)
+Use Cisco-UDP encapsulation of IPSEC traffic
+(NT-) Domain name for authentication
+enable interactive extended authentication (for challange response auth)
+command is executed using system() to configure the interface,
+routing and so on. Device name, IP, etc. are passed using enviroment
+variables, see README. This script is executed right after ISAKMP is
+done, but befor tunneling is enabled.
+Diffie-Hellman group to use for PFS
+enables weak single DES encryption
+visible name of the TUN interface
+Don't detach from the console after login
+store the pid of background process in <filename>
+local ISAKMP port number to use (0 == use random port)
+local UDP port number to use (0 == use random port)
+Don't ask anything, exit on missing options
+warning: unknown configuration directive in %s at line %d
+Usage: %s [--version] [--print-config] [--help] [--long-help] [options] [config file]
+Report bugs to vpnc@unix-ag.uni-kl.de
+Copyright (C) 2002-2004 Geoffrey Keating, Maurice Massar
+vpnc comes with NO WARRANTY, to the extent permitted by law.
+You may redistribute copies of vpnc under the terms of the GNU General
+Public License.  For more information about these matters, see the files
+named COPYING.
+WARNING! active debug level is >= 99, output includes username and password (hex encoded)
+WARNING! active debug level is >= 99, output includes username and password (hex encoded)
+Enter IPSec secret for %s@%s: 
+IKE DH Group "%s" unsupported
+Perfect Forward Secrecy "%s" unsupported
+IKE DH Group must not be nopfs
+/dev/net/tun
+can't open /dev/net/tun, check that it is either device char 10 200 or (with DevFS) a symlink to ../misc/net/tun (not misc/net/tun)
+ifconfig $TUNDEV inet $INTERNAL_IP4_ADDRESS pointopoint $INTERNAL_IP4_ADDRESS netmask 255.255.255.255 mtu 1412 up
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF
+FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
+id <= (int)(sizeof(groups) / sizeof(groups[0]))
+group_init
+math_group.c
+groups[i].type == MODP
+group_get
+id >= 1
+clone->type == MODP
+group_free
+grp->type == MODP
+modp_clone
+new_grp
+modp_init
diff --git a/doc/misc/vpnc-err.txt b/doc/misc/vpnc-err.txt
new file mode 100644
index 0000000..86b84d4
--- /dev/null
+++ b/doc/misc/vpnc-err.txt
@@ -0,0 +1,40 @@
+IKE DH Group * unsupported
+IKE DH Group must not be nopfs
+Perfect Forward Secrecy * unsupported
+Warning, could not fork the child process!
+alloc of * bytes failed
+authentication unsuccessful
+binding to port *
+can't allocate memory
+can't initialise tunnel interface
+can't poll socket
+can't send packet
+configuration response rejected: *
+couldn't open *
+error: arbitrary naming tunnel interface is not supported in this version
+error: arbitrary naming tunnel interface only supported on linux
+expected xauth packet; rejected: *
+got response from unknown host *
+hash comparison failed: * check group password!
+making socket
+malformed loadbalance target
+malloc of * bytes failed
+missing IPSec ID
+missing IPSec gatway address
+missing IPSec secret
+missing Xauth password
+missing Xauth username
+no response from target
+out of memory
+quick mode response rejected [2]: *
+quick mode response rejected: * check pfs setting
+reading *
+receiving packet
+response was invalid [1]: *
+response was invalid [2]: *
+response was invalid [3]: *
+unknown host *
+vpnc.conf:
+warning: unknown configuration directive in * at line *
+xauth SET response rejected: *
+xauth packet unsupported: *
diff --git a/doc/misc/vpnc_connect_script_dns_patch_fix.txt b/doc/misc/vpnc_connect_script_dns_patch_fix.txt
new file mode 100644
index 0000000..717e28f
--- /dev/null
+++ b/doc/misc/vpnc_connect_script_dns_patch_fix.txt
@@ -0,0 +1,46 @@
+From: Thomas Bettler <bettlert@...>
+ Subject: Troubles with dns
+ Newsgroups: gmane.network.vpnc.devel
+ Date: 2005-01-08 15:25:28 GMT (15 weeks, 3 days, 6 hours and 18 minutes ago)
+As we discussed on back in november, dns servers assigned from vpn connection 
+are not handled, instead resolv uses the old dns entries.
+
+This should be corrected.
+http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2004-November/000296.html
+and  
+http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2004-November/000298.html
+
+I propose to add the two patches to make it work with or 
+without /sbin/resolvconf (which isn't part of all linux systems)
+
+patch for vpnc-connect
++if [ -x /sbin/resolvconf ] ; then
++ for i in $INTERNAL_IP4_DNS; do
++  echo $i >> /etc/resolv.conf.vpnc
++ done
++ if [ "$DIRECTION" = "up" ] ; then
++  cat /etc/resolv.conf.vpnc | /sbin/resolvconf -a "$IFACE"
++ else
++  /sbin/resolvconf -d "$IFACE"
++ fi
++else
++# in case we have no /sbin/resolvconf handle /etc/resolv.conf manually
++ mv /etc/resolv.conf /var/run/vpnc/resolv.conf
++ for i in $INTERNAL_IP4_DNS; do
++  echo nameserver $i >> /etc/resolv.conf
++ done
++fi
+
+patch for vpnc-disconnect
++if [ -x /sbin/resolvconf ] ; then
++##### remark
++##### I don't know /sbin/resolvconf and don't know exactly how to revert.
++##### This line might not work... please test
++ /sbin/resolvconf -d "$IFACE"
++else
++ mv /var/run/vpnc/resolv.conf /etc/resolv.conf
++fi
+
+Lots of greatings
+Thomas Bettler
+