Re: [PATCH] Add checkbox to pass the --float option in OpenVPN

2010-12-15 Thread Carlos Alberto Lopez Perez 
On 11/02/2010 06:32 PM, Carlos Alberto Lopez Perez wrote:
> Hello,
> 
> I am missing an option to pass the "--float" parameter to OpenVPN from
> network-manager-openvpn so I cooked a small patch that adds a checkbox
> under advanced options.
> 
> "--float" when specified with "--remote" allows an OpenVPN session to
> initially connect to a peer at a known address, however if packets arrive
> from a new address and pass all authentication tests, the new address will
> take control of the session.  This is useful when you are connecting to a
> peer which holds a dynamic address such as a dial-in user or DHCP client.
> 
> Could you merge it upstream?
> 
> Thanks in advance!
> 
> Regards.
> 
> 
> 
> ___
> networkmanager-list mailing list
> networkmanager-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list


Hello,

Any chance of merging this upstream? Thanks!



signature.asc
Description: OpenPGP digital signature
___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH] Add checkbox to pass the --float option in OpenVPN

2010-11-02 Thread Carlos Alberto Lopez Perez 
Hello,

I am missing an option to pass the "--float" parameter to OpenVPN from
network-manager-openvpn so I cooked a small patch that adds a checkbox
under advanced options.

"--float" when specified with "--remote" allows an OpenVPN session to
initially connect to a peer at a known address, however if packets arrive
from a new address and pass all authentication tests, the new address will
take control of the session.  This is useful when you are connecting to a
peer which holds a dynamic address such as a dial-in user or DHCP client.

Could you merge it upstream?

Thanks in advance!

Regards.
From bf1d3f07b35e83ac4a54ce06bf8bd580c972f483 Mon Sep 17 00:00:00 2001
From: Carlos Alberto Lopez Perez 
Date: Tue, 2 Nov 2010 18:04:59 +0100
Subject: [PATCH] Add checkbox to pass the --float option in OpenVPN

 *  Essentially, --float tells OpenVPN to accept authenticated packets from
any address, not only the address which was specified in the --remote
option. This allows remote peer to change its IP address and/or port
number. This is useful when you are connecting to a peer which holds
a dynamic address such as a dial-in user or DHCP client.
---
 properties/auth-helpers.c  |   11 +++
 properties/nm-openvpn-dialog.glade |   14 ++
 src/nm-openvpn-service.c   |5 +
 src/nm-openvpn-service.h   |1 +
 4 files changed, 31 insertions(+), 0 deletions(-)

diff --git a/properties/auth-helpers.c b/properties/auth-helpers.c
index 631be2b..09b7a0e 100644
--- a/properties/auth-helpers.c
+++ b/properties/auth-helpers.c
@@ -841,6 +841,7 @@ static const char *advanced_keys[] = {
 	NM_OPENVPN_KEY_PORT,
 	NM_OPENVPN_KEY_COMP_LZO,
 	NM_OPENVPN_KEY_MSSFIX,
+	NM_OPENVPN_KEY_FLOAT,
 	NM_OPENVPN_KEY_TUNNEL_MTU,
 	NM_OPENVPN_KEY_FRAGMENT_SIZE,
 	NM_OPENVPN_KEY_TAP_DEV,
@@ -1389,6 +1390,12 @@ advanced_dialog_new (GHashTable *hash, const char *contype)
 		gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
 	}
 
+	value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_FLOAT);
+		if (value && !strcmp (value, "yes")) {
+			widget = glade_xml_get_widget (xml, "float_checkbutton");
+			gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
+	}
+
 	value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_PROTO_TCP);
 	if (value && !strcmp (value, "yes")) {
 		widget = glade_xml_get_widget (xml, "tcp_checkbutton");
@@ -1581,6 +1588,10 @@ advanced_dialog_new_hash_from_dialog (GtkWidget *dialog, GError **error)
 	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
 		g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_MSSFIX), g_strdup ("yes"));
 
+	widget = glade_xml_get_widget (xml, "float_checkbutton");
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
+		g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_FLOAT), g_strdup ("yes"));
+
 	widget = glade_xml_get_widget (xml, "tcp_checkbutton");
 	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
 		g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_PROTO_TCP), g_strdup ("yes"));
diff --git a/properties/nm-openvpn-dialog.glade b/properties/nm-openvpn-dialog.glade
index 78cc383..1f9e5d9 100644
--- a/properties/nm-openvpn-dialog.glade
+++ b/properties/nm-openvpn-dialog.glade
@@ -1107,6 +1107,20 @@
 7
   
 
+
+  
+Accept authenticated packets from any address (_Float)
+True
+True
+False
+True
+True
+  
+  
+False
+8
+  
+
   
 
 
diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
index 8ac0d26..bb3326f 100644
--- a/src/nm-openvpn-service.c
+++ b/src/nm-openvpn-service.c
@@ -99,6 +99,7 @@ static ValidProperty valid_properties[] = {
 	{ NM_OPENVPN_KEY_CIPHER,   G_TYPE_STRING, 0, 0, FALSE },
 	{ NM_OPENVPN_KEY_COMP_LZO, G_TYPE_BOOLEAN, 0, 0, FALSE },
 	{ NM_OPENVPN_KEY_CONNECTION_TYPE,  G_TYPE_STRING, 0, 0, FALSE },
+	{ NM_OPENVPN_KEY_FLOAT,G_TYPE_BOOLEAN, 0, 0, FALSE },
 	{ NM_OPENVPN_KEY_FRAGMENT_SIZE,G_TYPE_INT, 0, G_MAXINT, FALSE },
 	{ NM_OPENVPN_KEY_KEY,  G_TYPE_STRING, 0, 0, FALSE },
 	{ NM_OPENVPN_KEY_LOCAL_IP, G_TYPE_STRING, 0, 0, TRUE },
@@ -802,6 +803,10 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
 	if (tmp && !strcmp (tmp, "yes"))
 		add_openvpn_arg (args, "--comp-lzo");
 
+	tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_FLOAT);
+	if (tmp && !strcmp (tmp, "yes"))
+		add_openvpn_arg (args, "--float");
+
 	add_openvpn_arg (a