NetworkManager-libreswan to replace NetworkManager-openswan

[Lubomir Rintel]

Hello everyone!

For 1.2 series we're renaming NetworkManager-openswan VPN plugin to
NetworkManager-libreswan.

It seems that the user community has shifted its focus to libreswan for
new deployments therefore we decided to rename the plugin to avoid
confusion.

Currently the plugin supports both libreswan and openswan as there are
very few differences between the two when it comes to interfacing with
the plugin. However, with openswan having been dropped from major Linux
distributions (Fedora and Debian most prominently) it's getting more
difficult for us to ensure that openswan remains well supported.

NetworkManager-libreswan will remain be compatible with existing
NetworkManager-openswan connections and the transition should be
smooth. We'll release first version of NetworkManager-libreswan
together with the release of NetworkManager 1.2.

We're committed to maintain NetworkManager-openswan as long as
NetworkManager 1.0 stable branch is maintained.

Regards,
Lubo
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Installing Network-manager Openswan-plugin for ubuntu

[Ray Klassen]

Hi.

Compiled and installed NetworkManager-openswan-0.9.8.0 (configure,
make, make install) on ubuntu 13.04 and it doesn't seem to show up as
an available VPN under the VPN Connections, Configure VPN, Add menu.
Installed openswan itself in case I needed that as infrastructure, no
change.


Are there special --prefix options one needs with ubuntu?

are there dependencies that don't relate to the compile? (I've
obviously got all of those, since it did compile successfully)

are there any special incantations to do on Network Manager to help it
sense the presence of a new plugin?

Is ubuntu unity incompatible with this plugin?
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: Installing Network-manager Openswan-plugin for ubuntu

[Dan Fruehauf]

Hi Ray,

I'm not extremely familiar with the OpenSwan VPN plugin, however a few
thing you can try and wouldn't hurt:
 * A restart for NetworkManager to see if it helps anything.
 * Not sure about the location of things on Ubuntu, but make sure you have
the library (.so) at the correct location as it will provide you with the
GUI you're after.

Cheers.



On Sun, May 26, 2013 at 11:15 PM, Ray Klassen rayklas...@gmail.com wrote:

 Hi.

 Compiled and installed NetworkManager-openswan-0.9.8.0 (configure,
 make, make install) on ubuntu 13.04 and it doesn't seem to show up as
 an available VPN under the VPN Connections, Configure VPN, Add menu.
 Installed openswan itself in case I needed that as infrastructure, no
 change.


 Are there special --prefix options one needs with ubuntu?

 are there dependencies that don't relate to the compile? (I've
 obviously got all of those, since it did compile successfully)

 are there any special incantations to do on Network Manager to help it
 sense the presence of a new plugin?

 Is ubuntu unity incompatible with this plugin?
 ___
 networkmanager-list mailing list
 networkmanager-list@gnome.org
 https://mail.gnome.org/mailman/listinfo/networkmanager-list

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan - update

[Turbo Fredriksson]

Quoting steve hillier [EMAIL PROTECTED]:

 So, first you need to get nm
 aware of the nm-openswan vpn service (see above).

Being a Debian GNU/Linux developer, the first thing I did (after trying
it 'your way' :) was to create a .deb package. All this works perfect.
Got network manager to see the new service etc...

 You'll know it's
 working, when you can add the IPsec type of vpn connection through
 the vpn manager interface. Selecting this will start a wizard which
 eventually calls out to my shared library to configure the connection
 details.

This is where it breaks. SOMETIMES (especially if I'm running with
strace or gdb), i can briefly see a window pop up. But this is where
it segfaults...

 If you're debugging the shared library, it's at this point,
 you're debugger will go active (when nm tries to load my library and
 call the factory method to instantiate the configuration window). This
 is where the library tries to build a GUI and crashes.

Right..

 I Just recently I realized that I may be creating my config window
 entirely wrong. I'm buidling a top-level window when I should be
 adding elements to the wizard window (I think).

Seems resonable, because nm say:

(nm-vpn-properties:20827): Gtk-WARNING **: Can't set a parent on a toplevel 
widget

Unfortunatly, gdb doesn't catch the segfault so I can't get a back
trace... And I can't get anjuta to recognize the project.

And I'm as green as you when it comes to coding GUI's with GTK...
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan - update

[steve hillier]

haha.. can't believe it took me this long to catch this oversight.

I used glade to design the UI for configuring the connection, and it 
just defaults to a top-level window. I'm loading the glade ui file as a 
resource and I never really closely exampled the XML that glade-ui 
designer output. Oops.

Gonna need to completely re-work my UI code to fix this. boo

That's not trivial undertaking (for me). I'll start on it in the next 
few weeks, now that I know what the problem is. Thanks for the insight!

On another note, and somewhat a shot in the dark, I hit a bug yesterday 
while testing my code that I never had before.

I wanted to manually verify an IPsec connection before I tried my gui 
again, and I got an error messge error inserting padlock, no such 
device blahblahblah.

I only get it when I try to start a connection that uses AES encryption. 
I'm using openswan as my IPsec implementation. Anyone else hit this? I'm 
using a dell laptop, so I don't think this is related to the VIA Bios 
issue I've read about on the 'net. Any help greatly appreciated. I'm not 
down with 3DES and all my test connections use AES encyption, so testing 
has become somewhat impossible until I find a fix for this. I know I can 
upgrade, but Fedora6 is rock-solid stable and I love my beryl-setup with 
all that eye-candy. Can't get it to work in FC7.

All help appreciated.

steve.

Turbo Fredriksson wrote:
 Quoting steve hillier [EMAIL PROTECTED]:

   
 So, first you need to get nm
 aware of the nm-openswan vpn service (see above).
 

 Being a Debian GNU/Linux developer, the first thing I did (after trying
 it 'your way' :) was to create a .deb package. All this works perfect.
 Got network manager to see the new service etc...

   
 You'll know it's
 working, when you can add the IPsec type of vpn connection through
 the vpn manager interface. Selecting this will start a wizard which
 eventually calls out to my shared library to configure the connection
 details.
 

 This is where it breaks. SOMETIMES (especially if I'm running with
 strace or gdb), i can briefly see a window pop up. But this is where
 it segfaults...

   
 If you're debugging the shared library, it's at this point,
 you're debugger will go active (when nm tries to load my library and
 call the factory method to instantiate the configuration window). This
 is where the library tries to build a GUI and crashes.
 

 Right..

   
 I Just recently I realized that I may be creating my config window
 entirely wrong. I'm buidling a top-level window when I should be
 adding elements to the wizard window (I think).
 

 Seems resonable, because nm say:

 (nm-vpn-properties:20827): Gtk-WARNING **: Can't set a parent on a toplevel 
 widget

 Unfortunatly, gdb doesn't catch the segfault so I can't get a back
 trace... And I can't get anjuta to recognize the project.

 And I'm as green as you when it comes to coding GUI's with GTK...

   

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan - update

[steve hillier]

Nice to hear others had use for the code (if it actually worked ;) ).

When I started, I developed in Anjuta on fedora 6.

I was mainly interested in the symbol browser and debugging features of 
Anjuta. Especially when I started experimenting with libwhack integration.

It wasn't long into that experiment when I realized a problem that 
prevented me from proceeding down that path, and so I backed off those 
code mods and went back to calling whack from my app (see the version 
magic #define in libwhack.h from the openswan src tarball ). The 
problem, simply, was that it introduced a version dependancy between 
nm-os and openswan that I felt was unacceptable.

It was then that I started re-factoring the code to clean up the mess 
and sort out some logic bugs. Once the logic was fixed my code compiled, 
and that's when I ran into the type-casting issues with my gui objects, 
and that problem stalled the entire project -- there's only so much GUI 
api doc u can read and with my new job, very little time to do any 
actual debugging.

I eventually moved my dev environment to a new laptop, and it took some 
time before I could get NM-OS compiling again (Even though the laptop 
was also running fedora 6). My bad. This wasn't a dist code tar ball 
that would simply compile. this was a snapshot of my development 
workspace as it stood at that time.

I've continued to work on the code in my limited spare time under anjuta 
with mixed results. I'm also new to GTK coding and I suck at it which is 
why is so slow going.

Since starting my new job, I've been forced to learn Java, and 
specifically J2EE programming in a hurry.

As with most Java coders, Eclipse is my IDE of choice for many reasons. 
In fact, I use Redhat developer studio beta2 (you can guess which j2ee 
server I'm learning).

Now I just recently discovered that Eclipse has a plugin to support 
C/C++ development.

I'm working on getting nm-openswan building under eclipse, and my reason 
is simple: it's got a killer debugger and awesome ide tools. the symbols 
browser alone chews anjuta. If I succeed, then I'll package up my 
workspace and mail that out. In the mean time, all I can say is keep 
plugging away at anjuta.

Once I get back to code that actually runs (at least some of the time) 
I'll send another tarball out, one I'm not ashamed to put my name on. I 
haven't forgotten the project, other priorities just 'butted' in line. 
Sorry.

Things to try under anjuta:

- don't use anjuta to compile. I use it for editing and debugging only. 
I usually run make from the cmd line.
- run `make clean  make  make install ` from the top-level of the 
src dir.
- explore the src dir to /usr/local/src (that's the path I used to store 
my dev src).

if you're not familiar with the inner workings of NetworkManager, get 
the source and start reading the code / api docs. Certain files have to 
be visible in specific locations for the NetworkManager to see the new 
vpn service. One in particular that comes to mind is in 
/etc/NetworkManager/vpn (or something to that effect).

My install script settings place my service configuration file in 
/usr/local/etc/NetworkManager/vpn/blahbah. As of NetowrkManager0.6.x 
it didn't scan that folder automatically, so after 'make install' on a 
new system, I would have to symlink my file to 
/etc/NetworkManager/vpn/  before restarting NetworkManager daemon to 
have it pickup the service. The logs of the daemon will tell you if it 
knows about the new vpn service on a restart if you turn up the logging.

Not sure if the same is true for the 0.7 code branch. Maybe in a few 
months (when things finally settle down at work), I'll port my code to 
0.7 code base and get it compiling again. I know some of the stuff I 
wanted to do wasn't possible until planned changes to the vpn api were 
implemented (to manage multiple concurrent vpn connections, etc...). 
Maybe others on the list can update you on the status of that change.

For now, I tinker with my debugger from time to time on Fedora 6, still 
using the old 0.6.x code base that I started with, just until I get the 
GUI bugs worked out.

To debug in anjuta, there's a process to be followed. Remember, this is 
shared library, not a binary executable, that executable is Nm daemon 
itself which listens on the DBUS for vpn service request messages 
(amongst many other things). So, first you need to get nm aware of the 
nm-openswan vpn service (see above). You'll know it's working, when you 
can add the IPsec type of vpn connection through the vpn manager 
interface. Selecting this will start a wizard which eventually calls out 
to my shared library to configure the connection details. If you're 
debugging the shared library, it's at this point, you're debugger will 
go active (when nm tries to load my library and call the factory method 
to instantiate the configuration window). This is where the library 
tries to build a GUI and crashes.

I Just recently I realized that I may

OpenSWAN

[Turbo Fredriksson]

I need OpenSWAN support in NetworkManager, but only found 
'work in progress' (no links to where/how to get it/set it up).

It's not inte SVN trunk... Where can I get it so I can help?

I can't (don't want to :) wait for 'steve' to get time to do
it. If I can't get it NOW, then I'll just have to roll up my
sleves and help :).
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: OpenSWAN

[Darren Albers]

On 7/22/07, Turbo Fredriksson [EMAIL PROTECTED] wrote:
 I need OpenSWAN support in NetworkManager, but only found
 'work in progress' (no links to where/how to get it/set it up).

 It's not inte SVN trunk... Where can I get it so I can help?

 I can't (don't want to :) wait for 'steve' to get time to do
 it. If I can't get it NOW, then I'll just have to roll up my
 sleves and help :).


I think you will probably need to roll up your sleeves  ;-)   Maybe
Steve can put the code he has worked on somewhere for you to start
hacking on it?
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[steve]

Technically speaking, you should be able to run as many concurrent IPsec 
connections as you want. In reality, I've used openswan to run up to 4 
seperate and independant concurrent IPsec tunnels, some with and without 
Virtual interfaces (for DHCP over IPsec).

My goal is to make NM-Openswan capable of doing the same thing, but as 
we've discussed previously, the nm-VPN API's weren't really designed to 
handle the case of multiple concurrent vpn connections.

I'm currently reviewing the proposed changes to the VPN API and 
comparing it to the over all design of my plugin to see how to find a 
working model that can be used for any VPN client (not just openswan).

Ideally, I think NM should be able to handle any number of concurrent 
Point-to-Point vpn connections with split tunneling. Of course some vpn 
clients don't support split tunneling (Cisco vpn is one I think) which 
is more akin to the one-off style design of the current API.

It all comes down to routing table modifications. For example, Pluto 
(the daemonized portion of Openswan) automatically handles routing table 
modifications, whereas others will recieve those modifcations and pass 
them back to nm for processing in: nm_vpn_ip4config().

given that vpnc, openswan, openvpn, and most other vpn clients are 
simply getting front-ends and DBUS integration, I'd like to allow the 
native clients to handle the requsite routing table mods and use nm to 
montior, control, and create / modify the parameters of the connection 
configs passed the the actual vpn client.

To try and supplant that functionality within the nm-vpn plugin 
architecture will introduce dependencies between nm and specific 
versions of various vpn clients which is not what we want (IMHO). For 
example, if the internal API's of Openswan change, and my nm-openswan 
plugin replaces the functionality of parts of the openswan distribution, 
then there's a good chance my plugin will break on new subsequent 
releases of the openswan client.

Whereas if I simply control the components of Openswan from my plugin, 
along with passing connection configs and status across DBUS for 
monitoring, I can expect that the user-end functionality of the openswan 
client to change very little, and *hopefully* my nm-openswan vpn plugin 
will work with new releases of openswan, regardless of any internal API 
changes to the openswan client.

If I'm repeating someone else's ideas, it's because I'm still catching 
up on the mailing list.

As always, all comments are welcome.

Steve.

NB: Thanks for all the replies, it's good to know so many are interested 
in this plugin.

As a bonus, I've been given access to a variety of supposedly IPsec 
compliant gateways. I'll have lots of variety for my testing, and it 
should validate my initial testing results that showed OpenSwan as the 
ideal choice for standard IPsec vpn connections when I started writing 
the nm-vpn plugin.


Dan Williams wrote:
 On Mon, 2007-06-11 at 23:34 +0200, Tomáš Hnyk wrote:
   
 On Sun, 10 Jun 2007 01:46:15 +0200, Dan Williams [EMAIL PROTECTED] wrote:

 
 On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
   
 Hi,

 Just a quick post to inform anyone who cares, that I've finished my
 employment transition, re-created my development environment and I've
 re-started work on the openswan vpn plugin.

 I've made two design changes to allow for multiple concurrent vpn
 connections (in future releases) as it will be required for my new job.
 I'll post again when I've got a tar ball for others to test.
 
 Awesome!  You might want to look at an email recently sent about a new
 API for VPNs to see if it would also work for openswan.

 Proposal for a new VPN DBUS interface - May 8th

 Dan

   
 If anyone feels inclined to help with the effort (which is mainly bug
 fixing at this point), feel free to contact me.

 Steve.
 
 Does this also mean that it will possible to use VPN even if the network  
 connection is not managed through NM but is set to static as described  
 here:  
 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/115750 - or  
 is that only Ubuntu thing?
 

 NM by definition won't know (and therefore won't care) about connections
 that aren't know to NM.  That's as it should be.  On the other hand, the
 configuration information will soon be flexible enough to deal with most
 of the cases, but that's already mostly the case for VPNs.

 Dan



   

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[Igor Neves]

Dan Williams wrote:
 On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
 Hi,

 Just a quick post to inform anyone who cares, that I've finished my 
 employment transition, re-created my development environment and I've 
 re-started work on the openswan vpn plugin.

 I've made two design changes to allow for multiple concurrent vpn 
 connections (in future releases) as it will be required for my new job.
 I'll post again when I've got a tar ball for others to test.
 
 Awesome!  You might want to look at an email recently sent about a new
 API for VPNs to see if it would also work for openswan.
 
 Proposal for a new VPN DBUS interface - May 8th
 
 Dan
 
 If anyone feels inclined to help with the effort (which is mainly bug 
 fixing at this point), feel free to contact me.

 Steve.

Hi,

This new API will make possible to have multiple VPN connections with
openvpn plugin?

This will be plugin side work, or the code we already have, will still work?

Thanks.
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[Tomáš Hnyk]

On Sun, 10 Jun 2007 01:46:15 +0200, Dan Williams [EMAIL PROTECTED] wrote:

 On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
 Hi,

 Just a quick post to inform anyone who cares, that I've finished my
 employment transition, re-created my development environment and I've
 re-started work on the openswan vpn plugin.

 I've made two design changes to allow for multiple concurrent vpn
 connections (in future releases) as it will be required for my new job.
 I'll post again when I've got a tar ball for others to test.

 Awesome!  You might want to look at an email recently sent about a new
 API for VPNs to see if it would also work for openswan.

 Proposal for a new VPN DBUS interface - May 8th

 Dan

 If anyone feels inclined to help with the effort (which is mainly bug
 fixing at this point), feel free to contact me.

 Steve.
Does this also mean that it will possible to use VPN even if the network  
connection is not managed through NM but is set to static as described  
here:  
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/115750 - or  
is that only Ubuntu thing?
Tomas
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[Darren Albers]

Tomas, that is an Ubuntu specific issue.




On 6/11/07, Tomáš Hnyk [EMAIL PROTECTED] wrote:
 On Sun, 10 Jun 2007 01:46:15 +0200, Dan Williams [EMAIL PROTECTED] wrote:

  On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
  Hi,
 
  Just a quick post to inform anyone who cares, that I've finished my
  employment transition, re-created my development environment and I've
  re-started work on the openswan vpn plugin.
 
  I've made two design changes to allow for multiple concurrent vpn
  connections (in future releases) as it will be required for my new job.
  I'll post again when I've got a tar ball for others to test.
 
  Awesome!  You might want to look at an email recently sent about a new
  API for VPNs to see if it would also work for openswan.
 
  Proposal for a new VPN DBUS interface - May 8th
 
  Dan
 
  If anyone feels inclined to help with the effort (which is mainly bug
  fixing at this point), feel free to contact me.
 
  Steve.
 Does this also mean that it will possible to use VPN even if the network
 connection is not managed through NM but is set to static as described
 here:
 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/115750 - or
 is that only Ubuntu thing?
 Tomas
 ___
 NetworkManager-list mailing list
 NetworkManager-list@gnome.org
 http://mail.gnome.org/mailman/listinfo/networkmanager-list

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[Dan Williams]

On Mon, 2007-06-11 at 23:34 +0200, Tomáš Hnyk wrote:
 On Sun, 10 Jun 2007 01:46:15 +0200, Dan Williams [EMAIL PROTECTED] wrote:
 
  On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
  Hi,
 
  Just a quick post to inform anyone who cares, that I've finished my
  employment transition, re-created my development environment and I've
  re-started work on the openswan vpn plugin.
 
  I've made two design changes to allow for multiple concurrent vpn
  connections (in future releases) as it will be required for my new job.
  I'll post again when I've got a tar ball for others to test.
 
  Awesome!  You might want to look at an email recently sent about a new
  API for VPNs to see if it would also work for openswan.
 
  Proposal for a new VPN DBUS interface - May 8th
 
  Dan
 
  If anyone feels inclined to help with the effort (which is mainly bug
  fixing at this point), feel free to contact me.
 
  Steve.
 Does this also mean that it will possible to use VPN even if the network  
 connection is not managed through NM but is set to static as described  
 here:  
 https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/115750 - or  
 is that only Ubuntu thing?

NM by definition won't know (and therefore won't care) about connections
that aren't know to NM.  That's as it should be.  On the other hand, the
configuration information will soon be flexible enough to deal with most
of the cases, but that's already mostly the case for VPNs.

Dan


___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

nm-openswan is alive again!

[steve]

Hi,

Just a quick post to inform anyone who cares, that I've finished my 
employment transition, re-created my development environment and I've 
re-started work on the openswan vpn plugin.

I've made two design changes to allow for multiple concurrent vpn 
connections (in future releases) as it will be required for my new job.
I'll post again when I've got a tar ball for others to test.

If anyone feels inclined to help with the effort (which is mainly bug 
fixing at this point), feel free to contact me.

Steve.
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan is alive again!

[Dan Williams]

On Sat, 2007-06-09 at 18:03 -0400, steve wrote:
 Hi,
 
 Just a quick post to inform anyone who cares, that I've finished my 
 employment transition, re-created my development environment and I've 
 re-started work on the openswan vpn plugin.
 
 I've made two design changes to allow for multiple concurrent vpn 
 connections (in future releases) as it will be required for my new job.
 I'll post again when I've got a tar ball for others to test.

Awesome!  You might want to look at an email recently sent about a new
API for VPNs to see if it would also work for openswan.

Proposal for a new VPN DBUS interface - May 8th

Dan

 If anyone feels inclined to help with the effort (which is mainly bug 
 fixing at this point), feel free to contact me.
 
 Steve.
 ___
 NetworkManager-list mailing list
 NetworkManager-list@gnome.org
 http://mail.gnome.org/mailman/listinfo/networkmanager-list

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

nm-openswan dev update - debugging properties library help needed

[steve]

Hi all,

Just thought I should post a quick update, and post a request for help 
at the same time.

I'm almost at 0.1a code level. I have several major bugs to fix before I 
reach that milestone, but once reached, that will be first release.

NM Registers my new DBUS path for the openswan service on startup and 
the nm-openswan-service handler appears to be stable (finally).

My first and biggest problem has to do with debugging shared libraries 
with Anjuta/gdb: How do you do it?

I wrote my library to implement the UI to configure a connection, but 
even though it builds no problem, it won't load for some reason...

The situation is this: when nm-vpn-properties loads, it parses my 
service file (from /etc/NetworkManager/VPN) and
then tries to load /usr/local/lib/libnm-os-properties.so

but I get this nm_warning output:
Cannot open module '/usr/local/lib/libnm-os-properties'

-- yes I checked for type-o's and spelling mistakes ;)

-- I ran 'strace nm-vpn-properties' to find out what's failing, and it 
does find the library and opens it succesfully:

brk(0x9599000)  = 0x9599000
open(/etc/NetworkManager/VPN/nm-openswan-service.name, 
O_RDONLY|O_LARGEFILE) = 14
fstat64(14, {st_mode=S_IFREG|0644, st_size=220, ...}) = 0
read(14, [VPN Connection]\nname=openswan\ns..., 4096) = 220
read(14, , 4096)  = 0
close(14)   = 0
stat64(/usr/local/lib/libnm-os-properties, 0xbfe45d4c) = -1 ENOENT (No 
such file or directory)
stat64(/usr/local/lib/libnm-os-properties.so, {st_mode=S_IFREG|0755, 
st_size=84578, ...}) = 0
open(/usr/local/lib/libnm-os-properties.so, O_RDONLY) = 14
read(14, \177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340 \0..., 
512) = 512
fstat64(14, {st_mode=S_IFREG|0755, st_size=84578, ...}) = 0

mmap2(NULL, 29652, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 14, 
0) = 0x4f6000
mmap2(0x4fd000, 4096, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 14, 0x7) = 0x4fd000

^- here's the problem I think... but that's as close as I can get.

My instincts tell me this is a memory allocation error where I'm not 
initializing or declaring some var before I use it... but that would 
come back to being able to debug my shared lib.

The mapped memory addresses seem kinda small to me compared with those 
of the openvpn and vpnc shared libs loaded in the same stack trace. 
Here's the rest of the relevant trace:

close(14)   = 0
mprotect(0x4f6000, 28672, PROT_READ|PROT_WRITE) = 0
munmap(0x4f6000, 29652) = 0
write(2, \n** (nm-vpn-properties:7763): WA..., 98
** (nm-vpn-properties:7763): WARNING **: Cannot open module 
'/usr/local/lib/libnm-os-properties'
) = 98

So how can I debug my shared-lib and figure out why it's failing to load?

All help appreciated as I've been banging my head against the key-board 
for days (soon time for a new one).

I've got everything else for basic functionality coded, building and 
installing fine, but until I can define a connection, testing cannot 
proceed.

If anyone has any suggestions, please send them asap before I go crazy 
with this one ;)

Thanks,

Steve.


___
NetworkManager-list mailing list
[EMAIL PROTECTED]
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan development update

[Dan Williams]

On Sun, 2007-03-25 at 20:05 -0400, steve wrote:
 Hi,
 
 It's been busy at work and hence development slows down accordingly, but 
 my weekends are free and I've made some big strides this weekend.
 
 I also wasted about 5 hours of my time today (not to mention the 
 frustration and head scratching for the past 3 weeks) at why the symbol 
 plugin for Anjuta (my IDE) wasn't working reliably: it sometimes 
 displayed correct data, then other times it wouldn't display that same 
 data at all.
 
 The 5 hours today went towards 3 efforts:
 
 1. Try out eclipse (read the docs -- it doesn't support automake build 
 systems)
 2. Try out Kdevelop (well.. I'm not developing for KDE and it crashed 
 everytime I tried to import my project or create a new GTK+ project and 
 import my source
 3. Try to compile the latest source of the next rev of Anjuta: Too many 
 library version conflicts with my FC6 installation to make a sane build 
 enviornment feisable on my laptop.
 
 Then I stumbled across the reason for all my problems: I started with 
 the source to nm-vpnc (FC6 src rpm + redhat patches) and of course, just 
 like copying in school, you get the mistakes as well as the correct 
 answers.
 
 Moral of the Story: Don't copy verbatim if you can avoid it.
 
 After I fixed the problem ( which had to do with name/type conflicts on 
 typedef struct definitions ) the symbol browser in FC6's default 
 installation of Anjuta started working perfectly.
 
 Afterwards, I ran a build of the default vpc source (Just for kicks) 
 and  saw warnings about the same thing. Anyway, just wanted to save 
 people time if anyone else is writing a vpn plugin, and started with the 
 source an existing one for reference like I did.
 
 Development continues on nm-openswan and I hope to have a complete set 
 of working alpha code for all targets of the plugin in about 2 weeks. At 
 that point I'm going to setup some kind of CVS repository for the dist.
 
 There is still one big design question to be answered through testing. 
 If anyone knows openswan well, or cares to help me figure this one out, 
 feel free to offer advice. Here's my dilema:
 
 Call out to /usr/libexec/ipsec/whack to initiate/terminate an ipsec 
 connection

What's involved in the whack code to initiate/terminate the connection?
i.e. how complex is the code there?

dan

 -OR-
 
 integrate the code for whack into my project and link against it at 
 build time (so my code actually talks directly to pluto through a 
 socket). I don't like this idea as my code becomes dependant on a 
 specific version of openswan (it's hard to explain the why of that). 
 Each new major rev of openswan will require an update to my source and a 
 recompile to work again and introducing depenancies doesn't seem to fit 
 with the design goals of NetworkManager.

Hopefully not; is the whack/pluto interface considered internal API to
the project?  If so, that's pretty dumb because apparently the only
public interface they offer is suboptimal CLI tools.  We do not want to
wrap CLI tools with GUI bits, we want the GUI gits to be capable of the
full functionality for a variety of reasons.

Dan

 All feedback welcome.
 
 I'll send another update once I've got this problem licked and the alpha 
 code compiles (without segfaults  at runtime ;)
 
 Steve.
 ___
 NetworkManager-list mailing list
 NetworkManager-list@gnome.org
 http://mail.gnome.org/mailman/listinfo/networkmanager-list

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan development update

[steve]

Dan Williams wrote:
 On Tue, 2007-03-27 at 19:34 -0400, Darren Albers wrote:
   
 On 3/25/07, steve [EMAIL PROTECTED] wrote:
 
 Hi,

 It's been busy at work and hence development slows down accordingly, but
 my weekends are free and I've made some big strides this weekend.

 I also wasted about 5 hours of my time today (not to mention the
 frustration and head scratching for the past 3 weeks) at why the symbol
 plugin for Anjuta (my IDE) wasn't working reliably: it sometimes
 displayed correct data, then other times it wouldn't display that same
 data at all.

 The 5 hours today went towards 3 efforts:

 1. Try out eclipse (read the docs -- it doesn't support automake build
 systems)
 2. Try out Kdevelop (well.. I'm not developing for KDE and it crashed
 everytime I tried to import my project or create a new GTK+ project and
 import my source
 3. Try to compile the latest source of the next rev of Anjuta: Too many
 library version conflicts with my FC6 installation to make a sane build
 enviornment feisable on my laptop.

 Then I stumbled across the reason for all my problems: I started with
 the source to nm-vpnc (FC6 src rpm + redhat patches) and of course, just
 like copying in school, you get the mistakes as well as the correct
 answers.

 Moral of the Story: Don't copy verbatim if you can avoid it.

 After I fixed the problem ( which had to do with name/type conflicts on
 typedef struct definitions ) the symbol browser in FC6's default
 installation of Anjuta started working perfectly.

 Afterwards, I ran a build of the default vpc source (Just for kicks)
 and  saw warnings about the same thing. Anyway, just wanted to save
 people time if anyone else is writing a vpn plugin, and started with the
 source an existing one for reference like I did.

 Development continues on nm-openswan and I hope to have a complete set
 of working alpha code for all targets of the plugin in about 2 weeks. At
 that point I'm going to setup some kind of CVS repository for the dist.

 There is still one big design question to be answered through testing.
 If anyone knows openswan well, or cares to help me figure this one out,
 feel free to offer advice. Here's my dilema:

 Call out to /usr/libexec/ipsec/whack to initiate/terminate an ipsec
 connection

 -OR-

 integrate the code for whack into my project and link against it at
 build time (so my code actually talks directly to pluto through a
 socket). I don't like this idea as my code becomes dependant on a
 specific version of openswan (it's hard to explain the why of that).
 Each new major rev of openswan will require an update to my source and a
 recompile to work again and introducing depenancies doesn't seem to fit
 with the design goals of NetworkManager.

 All feedback welcome.

 I'll send another update once I've got this problem licked and the alpha
 code compiles (without segfaults  at runtime ;)

 Steve.
   
 Hi Steve!

 Thank you for the update, so far it looks great.  Sorry for the late
 response I flagged your earlier email to respond to it but travel kept
 my from doing it.   I was looking at your earlier screenshot and I was
 curious if it was possible to set the password to prompt  for people
 with RSA tokens and what options were there for Xauth?   With the
 nortel client there is a group username and password and the
 connection properties dialog seemed to permit either a Pre-shared key
 or Certificate but not just X-auth, or am I misreading the dialog?

 Regarding SVN, once the plugin reaches a somewhat usable state Dan
 might be willing to host it on the gnome svn with the other VPN
 plugins but I am not sure what his or gnome's requirements would be.

 I haven't looked at the VPNC or OpenVPN plugin code in awhile but if I
 remember properly they just call vpnc or openvpn directly so it seems
 like calling openswan that way would be inline with the other plugins,
 however I have never used Openswan so I am not sure of any limitations
 or issues with that.
 

 Openswan appears to be a bit different since there isn't really one
 particular daemon that runs with each connection.  It uses internal
 kernel support to set up IPSec connections with different hosts and
 such, and there's apparently one daemon that handles everything.  From
 my reads it looked pretty involved and unlike the current one-shot VPN
 plugins that we've already got, since the connections are persistent and
 don't terminate when the daemon terminates.

 Dan

   
 Thank you again for taking this on!  I suspect that a lot of people
 will find your work useful!  I know I will if I can connect to my
 Nortel concentrator at work, it will allow me remove my XP VM that I
 use now!

 Thanks!
 Darren
 ___
 NetworkManager-list mailing list
 NetworkManager-list@gnome.org
 http://mail.gnome.org/mailman/listinfo/networkmanager-list
 


   

You're analysis is correct -- Openswan VPN is much more difficult that 
the other NM vpn plugins

Re: nm-openswan development update

[Darren Albers]

On 3/25/07, steve [EMAIL PROTECTED] wrote:
 Hi,

 It's been busy at work and hence development slows down accordingly, but
 my weekends are free and I've made some big strides this weekend.

 I also wasted about 5 hours of my time today (not to mention the
 frustration and head scratching for the past 3 weeks) at why the symbol
 plugin for Anjuta (my IDE) wasn't working reliably: it sometimes
 displayed correct data, then other times it wouldn't display that same
 data at all.

 The 5 hours today went towards 3 efforts:

 1. Try out eclipse (read the docs -- it doesn't support automake build
 systems)
 2. Try out Kdevelop (well.. I'm not developing for KDE and it crashed
 everytime I tried to import my project or create a new GTK+ project and
 import my source
 3. Try to compile the latest source of the next rev of Anjuta: Too many
 library version conflicts with my FC6 installation to make a sane build
 enviornment feisable on my laptop.

 Then I stumbled across the reason for all my problems: I started with
 the source to nm-vpnc (FC6 src rpm + redhat patches) and of course, just
 like copying in school, you get the mistakes as well as the correct
 answers.

 Moral of the Story: Don't copy verbatim if you can avoid it.

 After I fixed the problem ( which had to do with name/type conflicts on
 typedef struct definitions ) the symbol browser in FC6's default
 installation of Anjuta started working perfectly.

 Afterwards, I ran a build of the default vpc source (Just for kicks)
 and  saw warnings about the same thing. Anyway, just wanted to save
 people time if anyone else is writing a vpn plugin, and started with the
 source an existing one for reference like I did.

 Development continues on nm-openswan and I hope to have a complete set
 of working alpha code for all targets of the plugin in about 2 weeks. At
 that point I'm going to setup some kind of CVS repository for the dist.

 There is still one big design question to be answered through testing.
 If anyone knows openswan well, or cares to help me figure this one out,
 feel free to offer advice. Here's my dilema:

 Call out to /usr/libexec/ipsec/whack to initiate/terminate an ipsec
 connection

 -OR-

 integrate the code for whack into my project and link against it at
 build time (so my code actually talks directly to pluto through a
 socket). I don't like this idea as my code becomes dependant on a
 specific version of openswan (it's hard to explain the why of that).
 Each new major rev of openswan will require an update to my source and a
 recompile to work again and introducing depenancies doesn't seem to fit
 with the design goals of NetworkManager.

 All feedback welcome.

 I'll send another update once I've got this problem licked and the alpha
 code compiles (without segfaults  at runtime ;)

 Steve.

Hi Steve!

Thank you for the update, so far it looks great.  Sorry for the late
response I flagged your earlier email to respond to it but travel kept
my from doing it.   I was looking at your earlier screenshot and I was
curious if it was possible to set the password to prompt  for people
with RSA tokens and what options were there for Xauth?   With the
nortel client there is a group username and password and the
connection properties dialog seemed to permit either a Pre-shared key
or Certificate but not just X-auth, or am I misreading the dialog?

Regarding SVN, once the plugin reaches a somewhat usable state Dan
might be willing to host it on the gnome svn with the other VPN
plugins but I am not sure what his or gnome's requirements would be.

I haven't looked at the VPNC or OpenVPN plugin code in awhile but if I
remember properly they just call vpnc or openvpn directly so it seems
like calling openswan that way would be inline with the other plugins,
however I have never used Openswan so I am not sure of any limitations
or issues with that.

Thank you again for taking this on!  I suspect that a lot of people
will find your work useful!  I know I will if I can connect to my
Nortel concentrator at work, it will allow me remove my XP VM that I
use now!

Thanks!
Darren
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

nm-openswan development update

[steve]

Hi,

It's been busy at work and hence development slows down accordingly, but 
my weekends are free and I've made some big strides this weekend.

I also wasted about 5 hours of my time today (not to mention the 
frustration and head scratching for the past 3 weeks) at why the symbol 
plugin for Anjuta (my IDE) wasn't working reliably: it sometimes 
displayed correct data, then other times it wouldn't display that same 
data at all.

The 5 hours today went towards 3 efforts:

1. Try out eclipse (read the docs -- it doesn't support automake build 
systems)
2. Try out Kdevelop (well.. I'm not developing for KDE and it crashed 
everytime I tried to import my project or create a new GTK+ project and 
import my source
3. Try to compile the latest source of the next rev of Anjuta: Too many 
library version conflicts with my FC6 installation to make a sane build 
enviornment feisable on my laptop.

Then I stumbled across the reason for all my problems: I started with 
the source to nm-vpnc (FC6 src rpm + redhat patches) and of course, just 
like copying in school, you get the mistakes as well as the correct 
answers.

Moral of the Story: Don't copy verbatim if you can avoid it.

After I fixed the problem ( which had to do with name/type conflicts on 
typedef struct definitions ) the symbol browser in FC6's default 
installation of Anjuta started working perfectly.

Afterwards, I ran a build of the default vpc source (Just for kicks) 
and  saw warnings about the same thing. Anyway, just wanted to save 
people time if anyone else is writing a vpn plugin, and started with the 
source an existing one for reference like I did.

Development continues on nm-openswan and I hope to have a complete set 
of working alpha code for all targets of the plugin in about 2 weeks. At 
that point I'm going to setup some kind of CVS repository for the dist.

There is still one big design question to be answered through testing. 
If anyone knows openswan well, or cares to help me figure this one out, 
feel free to offer advice. Here's my dilema:

Call out to /usr/libexec/ipsec/whack to initiate/terminate an ipsec 
connection

-OR-

integrate the code for whack into my project and link against it at 
build time (so my code actually talks directly to pluto through a 
socket). I don't like this idea as my code becomes dependant on a 
specific version of openswan (it's hard to explain the why of that). 
Each new major rev of openswan will require an update to my source and a 
recompile to work again and introducing depenancies doesn't seem to fit 
with the design goals of NetworkManager.

All feedback welcome.

I'll send another update once I've got this problem licked and the alpha 
code compiles (without segfaults  at runtime ;)

Steve.
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [RFC] nm-openswan

[jherm]

steve-210 wrote:
 
 Does anyone have need for this type of plugin, or is this software only
 useful for me?
 

Yes, and no! I would absolutely love this. I am using Ubuntu Linux at the
moment and I'm loving network-manager, now with VPN support. Unfortunately,
I can't connect to my VPN at work using OpenVPN. OpenSwan only. If you could
hack this into network-manager, I think it could be a huge time saver for a
good amount of people.
-- 
View this message in context: 
http://www.nabble.com/nm-openswan-tf3366858.html#a9483353
Sent from the Gnome - NetworkManager mailing list archive at Nabble.com.

___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

re: More on nm-OpenSwan

[Dan Williams]

On Sat, 2007-03-10 at 16:22 -0500, steve wrote:
 I'm trying to implement the ipsec connection startup command
 
 I'm using the function g_spawn_async_with_pipes to call the ipsec binary 
 with the appropriate args.
 The process will terminate when successful.
 
 I want to pipe the output of the process (stdout) to a Status window 
 (pop-up widget??) in real-time.

For debugging?  Otherwise it's better to send meaningful error messages
along with the failure signals that the VPN daemon sends to NM.

 I'm thinking I need to use a GIOChannel to capture the output this way. 
 Can anyone clarify?
 
 example:
 
 code
 GFILE *output = g_fopen(//dev//stdout, r);
 GIOChannel *connOutput = NULL;
 gchar * stdout_buffer;
 connOutput = g_io_channel_unix_new(output);
 
 while (g_io_channel_read_line(connOutput, stdout_buffer, NULL, NULL, 
 error) != (G_IO_STATUS_EOF || G_IO_STATUS_ERROR))
 {
 nm_status_update(%s, stdout_buffer); //pseudo function for now
 if (stdout_buffer == \n\n)
 {
   g_io_channel_close(connOutput);
   g_fclose(output);
   g_free(stdout_buffer);
   return 0:
   }
 }
 .
 /code
 
 
 Does that make any sense or am I going about this the wrong way?

I think what you actually want to do is to spawn your process and
specify your own file descriptors for stdout and stderr.  See
supplicant_exec() in src/nm-device-802-11-wireless.c of the
NETWORKMANAGER_0_6_0_RELEASE branch.

Dan


___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

More on nm-OpenSwan

[steve]

Hi,

I'm working on this in my spare time so I apologize if this update seems 
delayed.

First, because nm-openswan depends on it for now, I'll explain and post 
my changes to the openswan init script.

In FC6, by convention, custom IPsec definitions are stored on a 
per-connection basis in files named conn.conf in /etc/ipsec.d
I've extended that same convention by adding the need for a 
corresponding conn.secrets file which consists of the following 
formatted data:

WhiteSpaceRemoteGateway: TypeIdentifierWhiteSpaceKey

Example:
 vpn.mydomain.org: PSK MyFirstPreSharedKey!

I will add support for certificates later (I don't use them myself).

here's my patch to the init script, diff'd from the distro default:

code
--- ipsec2007-03-10 12:04:08.0 -0500
+++ ipsec.new2007-03-10 12:08:41.0 -0500
@@ -39,7 +39,6 @@
 # Check that we are root ... so non-root users stop here
 [ `id -u` = 0 ] || exit 1
 
-
 me='ipsec setup'# for messages
 
 syslog ()
@@ -138,6 +137,33 @@
 
 prog=IPsec
 
+
+gen_secrets()
+{
+# generate /etc/ipsec.secrets from /etc/ipsec.d/*.secrets
+
+filter=`ip route show |grep default |cut -f 3 -d ' '|cut -d '.' -f 
1,2,3`;
+if_ip=`/sbin/ifconfig -a |grep $filter |cut -d ':' -f 2 |cut -f 1 
-d ' '`;
+
+for i in /etc/ipsec.d/*.secrets;
+do (
+echo -n $if_ip  /etc/ipsec.secrets;
+cat $i /etc/ipsec.secrets;
+)
+done;
+return 0;
+}
+
+reset_secrets()
+{
+rm -f /etc/ipsec.secrets;
+echo # DO NOT EDIT THIS FILE /etc/ipsec.secrets;
+echo # This file is re-generated everytime the IPsec subsystem 
restarts. /etc/ipsec.secrets;
+echo # Secrets should be stored in /etc/ipsec.d/*.secrets  
/etc/ipsec.secrets;
+
+return 0;
+}
+
 # do it
 start_it()
 {
@@ -153,12 +179,15 @@
 
 case $1 in
   start|--start|_autostart)
+reset_secrets;
+gen_secrets;
 start_it $1;
 RETVAL=$?;
 ;;
 
   stop|--stop|_autostop)
 stop_it $1;
+reset_secrets;
 RETVAL=$?;
 ;;
 
@@ -174,6 +203,8 @@
 
   restart|--restart|force-reload)
 stop_it stop
+reset_secrets;
+gen_secrets;
 start_it start
 RETVAL=$?
 ;;
/code

This is a simple automation that fixed a problem I had with reliably 
running multiple ipsec tunnels at the same time.

Now on to nm-openswan. I started with the nm-vpc code base as a guide to 
how the plugin is written and needs to function.

I've re-written the Properties GUI to be suitable to configuring IPsec 
connections, and currently need to finish coding the callback handlers.

Here's how I'm approaching this plugin development thus far (feel free 
to correct / advise me):

nm-openswan will depend on a working installation of openswan and all 
it's dependancies.
|- I've modified the init script for openswan that comes with FC6 to 
automate the startup procedure:
   reason: matching with %any isn't reliable in my experience. 
auto-generating 1-to-1 matches using the IP of the nic that's assigned 
to %defaultroute proved much more reliable (100%) when managing multiple 
IPsec connections.

Everytime the default interface changes, the ipsec service needs to be 
refreshed, which means nm-openswan needs to restart the ipsec service: 
/etc/init.d/ipsec restart

Everytime a new IPsec connection is defined, the ipsec service needs to 
be refreshed to pickup the new connection:
/etc/init.d/ipsec restart

nm-openswan will need to be able to start the openswan service if it's 
not running, restart it if a new connection has been added, or one has 
been deleted, or one has been modified (to refresh the configs). The 
Service CANNOT be started before a network connection has been 
established (ie: %defaultroute exists)

Once the service is up, the connections defined in /etc/ipsec.d should 
be listed by name under the VPN Connections sub-menu, perhaps with the 
identifier IPsec:  preceeding it for clarity.

The Disconnect VPN functionality may have to change somewhat to 
accomidate multiple, simultaneous IPsec tunnels. A chooser to allow the 
selection of which connection to bring down is too much in my mind and 
deviates from the simplistic nature of the NetworkManager UI.

Instead I was thinking of a toggle widget next to the Connection Name, 
allowing it to be toggled On/Off.

At the moment, I'm working on understanding and Coding up the functions 
for controlling the ipsec service and eventually, up-ing/down-ing 
individual connections.

I'm having a hard time finding a good explaination on the concepts of 
how the seperate nm components use DBus.
I could use a good explaination or pointer to some docs on how it all 
comes together conceptually.

Some specific questions I have:

How can I display the status of an SA negotiation in progress?

on the command line, I type: ipsec auto --up connectionname ENTER
and the output is streamed to the console as it negotiates the 
connection. I believe I need to capture this output and parse as it 
streams in, grep'ing

re: More on nm-OpenSwan

[steve]

I'm trying to implement the ipsec connection startup command

I'm using the function g_spawn_async_with_pipes to call the ipsec binary 
with the appropriate args.
The process will terminate when successful.

I want to pipe the output of the process (stdout) to a Status window 
(pop-up widget??) in real-time.

I'm thinking I need to use a GIOChannel to capture the output this way. 
Can anyone clarify?

example:

code
GFILE *output = g_fopen(//dev//stdout, r);
GIOChannel *connOutput = NULL;
gchar * stdout_buffer;
connOutput = g_io_channel_unix_new(output);

while (g_io_channel_read_line(connOutput, stdout_buffer, NULL, NULL, 
error) != (G_IO_STATUS_EOF || G_IO_STATUS_ERROR))
{
nm_status_update(%s, stdout_buffer); //pseudo function for now
if (stdout_buffer == \n\n)
{
  g_io_channel_close(connOutput);
  g_fclose(output);
  g_free(stdout_buffer);
  return 0:
  }
}
.
/code


Does that make any sense or am I going about this the wrong way?

Thanks for any help.

Steve.
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-openswan

[Dan Williams]

On Thu, 2007-03-08 at 08:32 +0100, Soren Hansen wrote:
 On Wed, Mar 07, 2007 at 09:08:47PM -0500, steve wrote:
  Does anyone have need for this type of plugin, or is this software
  only useful for me?
 
 It could definitely be useful, please share it!

+1

Dan


___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list