On Thu, Dec 3, 2009 at 8:23 PM, Rusty Lynch <[email protected]> wrote:
> On Tue, Dec 1, 2009 at 7:34 PM, <[email protected]> wrote:
>> These patches add VPN support to connmman, they are based on
>> David Woodhouse works.
>>
>> I added and modified existing scripts to support vpn connection.
>>
>> To create and connect to a new vpn you need to running test/connect-vpn
>> script.
>>
>> Usage: ./test/connect-provider <name> <host> <cookie> [cafile]
>>
>> You can get the cookie by running openconnect
>> # openconnect -c ~/.cert/certificate.pem -k
>> ~/.cert/priv-key.pem --script /etc/vpnc/vpnc-script 192.55.54.27
>> --cafile ~/.cert/intel-certchain.crt --key-password-from-fsid
>> --printcookie --cookieonly
>>
>>
>> To list avaialbe vpn to connect to you can use /test/list-providers script.
>>
>> To remove or disconnect vpn from the available list you need
>> test/disconnect-vpn script.
>
> I just applied the series of patch to the tip of the master branch,
> and I am getting a permission error when i try and run
> test/connect-vpn:
>
> Traceback (most recent call last):
> File "./connect-vpn", line 22, in <module>
> "VPN.Domain": "intel.com"}))
> File "/usr/lib/python2.6/site-packages/dbus/proxies.py", line 68, in __call__
> return self._proxy_method(*args, **keywords)
> File "/usr/lib/python2.6/site-packages/dbus/proxies.py", line 140, in
> __call__
> **keywords)
> File "/usr/lib/python2.6/site-packages/dbus/connection.py", line
> 622, in call_blocking
> message, timeout)
> dbus.exceptions.DBusException:
> org.moblin.connman.Error.PermissionDenied: Permission denied
>
> I am running this on a Molin 2.1 system.
After digging into this a little more, I can see that policykit is
refusing any of my modify request from the command line... so, for
example i couldn't use connect-service either.
I was building with bootstrap-configure which added the
--enable-polkit=builtin, so I instead started building with what the
Moblin 2.1 rpm is using for configure options (which doesn't pass any
polkit related options) and I no longer see the Permission denied
error.
But... now i see a different set of things that I'm not sure what is happening.
I run:
$ sudo ./connect-vpn SOMENAME THE-IP-OF-MY-VPN-GW XXCOOKIEXXX
~/.cert/my-certchain.crt
Attempting to connect service SOMENAME
Traceback (most recent call last):
File "./connect-vpn", line 22, in <module>
"VPN.Domain": "intel.com"}))
File "/usr/lib/python2.6/site-packages/dbus/proxies.py", line 68, in __call__
return self._proxy_method(*args, **keywords)
File "/usr/lib/python2.6/site-packages/dbus/proxies.py", line 140, in __call__
**keywords)
File "/usr/lib/python2.6/site-packages/dbus/connection.py", line
622, in call_blocking
message, timeout)
dbus.exceptions.DBusException: org.moblin.connman.Error.NotSupported:
Not supported
At this point all of my DNS queries timeout, including normal external
servers like www.yahoo.com, or machines i know of inside the VPN i am
trying to connect with.
I can run:
$ ./list-providers
[ /provider/openconnect_SOMENAME ]
Type = openconnect
Name = SOMENAME
PassphraseRequired = 1
I can run 'disconnect-vpn openconnect_SOMENAME' and sometimes my DNS queries
start working again for external machines, and sometimes connman
segfaults (but no, i haven't tried finding the core to get a trace
yet.)
Am I missing a step? Is there some additional authorization (i.e. the
blurb about PassphraseRequired from list-providers). What should I see
if my cookie is expired?
--rusty
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
