[Patch] openvpn with TCP
Hey,
Here's a patch to make openvpn work with TCP port. NM uses --proto tcp
which, according to the manual page (and a bug #190940 in bnc), isn't
correct.
Tambet
Index: openvpn/properties/nm-openvpn.c
===
RCS file: /cvs/gnome/NetworkManager/vpn-daemons/openvpn/properties/nm-openvpn.c,v
retrieving revision 1.4.2.3
diff -u -r1.4.2.3 nm-openvpn.c
--- openvpn/properties/nm-openvpn.c 27 Sep 2006 15:10:23 - 1.4.2.3
+++ openvpn/properties/nm-openvpn.c 2 Oct 2006 12:10:59 -
@@ -225,7 +225,7 @@
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (impl-w_use_tap), TRUE);
should_expand = TRUE;
} else if ( (strcmp (key, proto) == 0)
- (strcmp (value, tcp) == 0) ) {
+ (strcmp (value, tcp-client) == 0) ) {
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (impl-w_use_tcp), TRUE);
should_expand = TRUE;
} else if (strcmp (key, cipher) == 0) {
@@ -328,7 +328,7 @@
data = g_slist_append (data, g_strdup (remote));
data = g_slist_append (data, g_strdup (remote));
data = g_slist_append (data, g_strdup (proto));
- data = g_slist_append (data, use_tcp ? g_strdup (tcp) : g_strdup(udp));
+ data = g_slist_append (data, use_tcp ? g_strdup (tcp-client) : g_strdup(udp));
data = g_slist_append (data, g_strdup (ca));
data = g_slist_append (data, g_strdup (ca));
data = g_slist_append (data, g_strdup (cert));
@@ -980,7 +980,7 @@
should_expand = TRUE;
}
- if ( strcmp (proto, tcp) == 0 ) {
+ if ( strcmp (proto, tcp-client) == 0 ) {
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (impl-w_use_tcp), TRUE);
should_expand = TRUE;
}
___
NetworkManager-list mailing list
NetworkManager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: NM doesn't recognize my connection!
On 10/1/06, Jeff Schallenberg [EMAIL PROTECTED] wrote: Network Manager doesn't recognize my wireless connections. I am using a D-Link DWL-650+ (Texas Instruments ACX-100). There is an icon, OK, but it thinks I have no connection (little red exclamation point). Clicking on it does nothing. Double-clicking on it does nothing. Right-clicking on it offers to disable networking or to remove it from the panel. How do I get Network Manager to recognize my wireless connections? Is there a config file to edit, or something? Are you running Debian or Ubuntu? http://live.gnome.org/DarrenAlbers/NetworkManagerFAQ#head-45c7dcb29a13372e1da1221b5ed499d981ea7ec6 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Proposing nm-applet for GNOME 2.18?
Hi there, IIRC, there was some interest to propose nm-applet for GNOME 2.18. Is this still the case? If yes, a small mail to d-d-l would be great ;-) Vincent -- Les gens heureux ne sont pas pressés. ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proposing nm-applet for GNOME 2.18?
On Mon, 2006-10-02 at 14:51 +0200, Vincent Untz wrote: IIRC, there was some interest to propose nm-applet for GNOME 2.18. Is this still the case? If yes, a small mail to d-d-l would be great ;-) Yah, I stirred that up before. I will do it right now. Robert Love ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Madwifi issues
HiI've just joined on nm maillist. First of all congratulations! The design goals of project are amazing.Actualy I want to provide a set of deb packages to make nm works perfectly on ubuntu in thinkpads (and in long term, in everywhere). I need a solution to support madwifi and ipw drivers, leap authentication and everything in Ubuntu Dapper version. I have some questions: - I've noticed that the cvs version does not support madwifi drivers but I know that there is a workarround. I don't know why this fix is not integrated yet but I can imagine that you have already discussed a lot about it, so I want to know where you've discussed this to take a look (if someone want to explain me, it would be perfect). - I'm experiencing A LOT of issues with madwifi driver, probably there are madwifi users here. Is the problem nm, wpa_supplicant or madwifi driver ? Are you prefer use ndiswrapper instead of madwifi ?Thanks Aloisio AlmeidaSoftware EngineerLTC - IBM Brazil ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn needs more settings
On Sun, 2006-10-01 at 22:14 -0400, Adam Pavelec wrote: On 10/2/2006, Steve Wray [EMAIL PROTECTED] wrote: How about giving the option to pull in a regular, normal openvpn config file and stuff that into the NetworkManager settings? That would be just brilliant... I second this motion! As it stands, I cannot get the OpenVPN plugin to interoperate due to a very simple config that I cannot seem to replicate with NM: remote my.openvpn.server port 1194 dev tap nobind tls-client ca ca.crt cert my.openvpn.server.crt key my.openvpn.server.key pull verb 4 It /would/ be brilliant if we could simply point NM:OpenVPN to a .ovpn config file! The vpnc plugin has an 'import' option to pull in Cisco .pcf files, so there's really no reason that the OpenVPN plugin can't have one. Of course, it needs to support all the 4,000,000 options which OpenVPN supports, but that's actually not that hard. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: NM doesn't recognize my connection!
On Sun, 2006-10-01 at 23:06 -0400, Jeff Schallenberg wrote: Network Manager doesn't recognize my wireless connections. I am using a D-Link DWL-650+ (Texas Instruments ACX-100). What version of this driver, where did you get it from, and does it actually work with Wireless Extensions? Is it the old acx driver or the new softmac acx driver? Is it from John Linville's wireless-2.6 git tree? Just to warn you that out-of-kernel drivers are usually dicey, and they don't usually support Linux Wireless Extensions correctly. But if the device driver work with wpa_supplicant, they should work with NetworkManager. But first, lets see the answer to Darren's question. Dan There is an icon, OK, but it thinks I have no connection (little red exclamation point). Clicking on it does nothing. Double-clicking on it does nothing. Right-clicking on it offers to disable networking or to remove it from the panel. How do I get Network Manager to recognize my wireless connections? Is there a config file to edit, or something? -- - Jeff ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Madwifi issues
On Mon, 2006-10-02 at 10:40 -0300, Aloisio wrote: Hi I've just joined on nm maillist. First of all congratulations! The design goals of project are amazing. Actualy I want to provide a set of deb packages to make nm works perfectly on ubuntu in thinkpads (and in long term, in everywhere). I need a solution to support madwifi and ipw drivers, leap authentication and everything in Ubuntu Dapper version. I have some questions: - I've noticed that the cvs version does not support madwifi drivers but I know that there is a workarround. I don't know why this fix is not integrated yet but I can imagine that you have already discussed a lot about it, so I want to know where you've discussed this to take a look (if someone want to explain me, it would be perfect). No, madwifi needs to support Linux Wireless Extensions correctly, not private ioctls that no other driver supports. We're not going to run around supporting 50 different private driver APIs. That said, madwifi _did_ get Wireless Extensions 19 (needed for WPA) support a few months ago. If you want WPA, or you want NetworkManager to work with your driver, you need to use a fairly recent version of madwifi, specifically madwifi-ng. - I'm experiencing A LOT of issues with madwifi driver, probably there are madwifi users here. Is the problem nm, wpa_supplicant or madwifi driver ? Are you prefer use ndiswrapper instead of madwifi ? The madwifi driver has only recently supported Wireless Extensions, the standard driver API under Linux for configuring a wireless device. NM requires that the device use WE. Some vendors patch NM to use the wpa_supplicant 'madwifi' driver for compatibility with older versions of madwifi, but that's not supported by the NetworkManager project itself. In any case, can you provide logs (syslog output from NM) or other descriptions of the issues you're having? Thanks! Dan Thanks Aloisio Almeida Software Engineer LTC - IBM Brazil ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: [Patch] openvpn with TCP
On Mon, 2006-10-02 at 10:06 -0400, Dan Williams wrote: Patch looks fine; but did OpenVPN previously use 'tcp'? Or has it always used 'tcp-client'? It seems odd that there is a 'udp' option, but the TCP option is called 'tcp-client'. I'd expect it to be either 'tcp' 'udp', or 'tcp-client' 'udp-client'. I don't want to break stuff on an upgrade unless we know exactly what we're breaking. From the information I could gather (mostly from openvpn ChangeLog), it looks like 'tcp' is provided as a shortcut, but only works if the '-server' or '-client' part can be guessed (from --mode I think). The first time '--proto tcp-client' is mentioned in the ChangeLog is from 2004.01.14 -- Version 1.6-beta1. Tambet ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Madwifi issues
On 10/2/06, Aloisio [EMAIL PROTECTED] wrote: Hi I've just joined on nm maillist. First of all congratulations! The design goals of project are amazing. Actualy I want to provide a set of deb packages to make nm works perfectly on ubuntu in thinkpads (and in long term, in everywhere). I need a solution to support madwifi and ipw drivers, leap authentication and everything in Ubuntu Dapper version. I have some questions: - I've noticed that the cvs version does not support madwifi drivers but I know that there is a workarround. I don't know why this fix is not integrated yet but I can imagine that you have already discussed a lot about it, so I want to know where you've discussed this to take a look (if someone want to explain me, it would be perfect). - I'm experiencing A LOT of issues with madwifi driver, probably there are madwifi users here. Is the problem nm, wpa_supplicant or madwifi driver ? Are you prefer use ndiswrapper instead of madwifi ? If you want to make a package for Ubuntu I would recommend grabbing the source from the ubuntu package and using the patches there. It contains a lot of madwifi specific fixes that make life as a madwifi user much easier and would be quicker than combing through the NM list archives for the same thing. Also, while Edgy is in Universe freeze it might be better to work with the current package maintainer to update his packages (currently at 0.6.3) and try and get a UVF exception. I am not sure how likely that will be since it will probably require a lot of testing but it is certainly worth a try and will avoid duplicating work... Thanks, Darren ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn needs more settings
Hello. On Mon, 2006-10-02 at 09:54, Dan Williams wrote: On Sun, 2006-10-01 at 22:14 -0400, Adam Pavelec wrote: It /would/ be brilliant if we could simply point NM:OpenVPN to a .ovpn config file! The vpnc plugin has an 'import' option to pull in Cisco .pcf files, so there's really no reason that the OpenVPN plugin can't have one. Exactly what i suggested as Tim comes up with the openvpn plugin. Nobody was interested at this time. Nice to see it sounds like a usefull feature now. ;) SCNR regards Stefan Schmidt signature.asc Description: Digital signature ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
openvpn; even basic setup not going so great
I'm glad that I have started some useful discussion on the issue of openvpn config with network manager, I hope it leads somewhere! I am having some problems with a very *very* basic openvpn setup. The server has this: dev tun ifconfig 10.8.0.2 10.8.0.1 secret static.key I have a working openvpn config file on the client which looks like this: remote ip.address.removed dev tun ifconfig 10.8.0.1 10.8.0.2 secret static.key route 192.168.1.0 255.255.255.0 I've tried setting this up in NetworkManager with no luck, but I note that there doesn't seem to be an option for setting the route. (And yes, I did set the lzo compression option in the NetworkManager gui.) That said, it doesn't quite make sense with the error messages because its not as if the server is trying to push a route; the worst that should happen is that the routing doesn't come up correctly when NetworkManager brings the VPN up. /var/log/NetworkManager has this to say: Oct 3 10:01:21 thinkux NetworkManager: WARNING nm_vpn_service_process_signal (): VPN failed for service 'org.freedesktop.NetworkManager.openvpn', signal 'IPConfigBad', with message 'The VPN login failed because the VPN program received an invalid configuration from the VPN server.'. Meanwhile I see this in /var/log/messages: Oct 3 10:09:24 thinkux nm-openvpn[4617]: /usr/bin/nm-openvpn-service-openvpn-helper tun0 1500 1545 10.8.0.2 10.8.0.1 init Oct 3 10:09:24 thinkux nm-openvpn[4617]: script failed: shell command exited with error status: 1 Any ideas? I find it hard to believe that such a basic openvpn config could be causing problems for NetworkManager, I'm not using anywhere near the bazillion options that openvpn supports ;) Thanks! ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn needs more settings
On Mon, 2006-10-02 at 15:02 +1300, Steve Wray wrote: How about giving the option to pull in a regular, normal openvpn config file and stuff that into the NetworkManager settings? That would be just brilliant... Or even just to get NetworkManager to point at an openvpn config file (under 'advanced' with a 'browse for a file to use instead of the gconfd stuff')? I mean gconfd is all very well but actually using config files that the underlying software itself actually uses shouldn't be *too* hard eh? Hardly brilliant. It's waaay to dangerous to do that. At least if openvpn is anything like vpnc where you can specify things like --script command. Allowing this basically gives the unprivileged user at the desktop console root powers. As such it would be considered an exploit. Hence why we're validating options we read from gconf. So the only sane way to fix this is do what Dan says; extend the function nm_openvpn_config_options_validate() etc. etc. to only include options that does not give the full power of root to the unprivileged desktop user. David ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn needs more settings
David Zeuthen wrote: On Mon, 2006-10-02 at 15:02 +1300, Steve Wray wrote: How about giving the option to pull in a regular, normal openvpn config file and stuff that into the NetworkManager settings? That would be just brilliant... Or even just to get NetworkManager to point at an openvpn config file (under 'advanced' with a 'browse for a file to use instead of the gconfd stuff')? I mean gconfd is all very well but actually using config files that the underlying software itself actually uses shouldn't be *too* hard eh? Hardly brilliant. It's waaay to dangerous to do that. At least if openvpn is anything like vpnc where you can specify things like --script command. Allowing this basically gives the unprivileged user at the desktop console root powers. As such it would be considered an exploit. Hence why we're validating options we read from gconf. openvpn runs in user space; when root runs it, it drops priviledges (usually to 'nobody') I believe that there is no need for priviledge escalation. It should be able to run with the priviledges of the user who invokes it. That said, I havn't tested this. Actually, I'd assumed that this is how NetworkManager actually operates with openvpn... I didn't notice it asking for the root password... So the only sane way to fix this is do what Dan says; extend the function nm_openvpn_config_options_validate() etc. etc. to only include options that does not give the full power of root to the unprivileged desktop user. David ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proposing nm-applet for GNOME 2.18?
On 10/2/06, Robert Love [EMAIL PROTECTED] wrote: On Mon, 2006-10-02 at 14:51 +0200, Vincent Untz wrote: IIRC, there was some interest to propose nm-applet for GNOME 2.18. Is this still the case? If yes, a small mail to d-d-l would be great ;-) Yah, I stirred that up before. I will do it right now. Thanks. I've been disappointed to see that NM isn't set up by default in 2.16 in Ubuntu's 6.10 development tree. I wish that Ubuntu and Fedora would at least add NM to their development trees, regardless of the lack of inclusion in Gnome 2.16. Has OpenSUSE added it? :-) Best, Miles ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
