Re: openvpn fixes against svn 3138
Darren Albers wrote: > On Dec 5, 2007 5:59 PM, Casey Harkins <[EMAIL PROTECTED]> wrote: >> No problem. They'll be more coming. There's still some config crashes, >> DNS is not getting set up correctly and there is a long standing bug >> when specifying custom routes that I plan on fixing now that I've >> started familiarizing myself with the code. >> >> -casey >> > > You will be a hero to a lot of people if you can fix this last one! > I'm assuming you're referring to NM leaving you with no default route when specifying specific routes from the VPN configuration? If so, is it a problem for all vpn plugins, or specific to the openvpn plugin? For the openvpn plugin (though I'd imagine something similar could be done for other VPN plugins as well), I want to extend the "Only use VPN connection for these addresses" to include a checkbox for "and addresses specified by the VPN server". -casey ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Casey Harkins wrote: > Dan Williams wrote: >> On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: >>> Attached is a patch with a number of fixes for openvpn against svn >>> revision 3138. I'm still having some crashes creating/editing >>> properties, but can consistently create new working settings by running >>> /usr/bin/nm-vpn-properties directly. Connecting is working fine for me >>> (X509 with password, TA and UDP). >>> >>> I'm going to continue poking away at the property issues and see if I >>> can eliminate the remaining issues. > > No problem. They'll be more coming. There's still some config crashes, > DNS is not getting set up correctly and there is a long standing bug > when specifying custom routes that I plan on fixing now that I've > started familiarizing myself with the code. > > -casey Thanks for the patches, I've had a few issues while testing -- Error in nm-vpn-connection.c / get_secrets_cb(), due to a mandatory check for a secret. Presumably there are no secrets for my "X509 Certificates" connection type? Error in nm-openvpn-service-openvpn-helper.c / main(), due to a mandatory check for "ifconfig_remote" which isn't specified on a TAP connection. Also, I'm not getting a route added for the VPN subnet. I've just commented these first two checks out for now, and have finally managed to make a VPN connection from F8! Keep up the good work ;) Regards, Jon ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Dec 5, 2007 5:59 PM, Casey Harkins <[EMAIL PROTECTED]> wrote: > > No problem. They'll be more coming. There's still some config crashes, > DNS is not getting set up correctly and there is a long standing bug > when specifying custom routes that I plan on fixing now that I've > started familiarizing myself with the code. > > -casey > You will be a hero to a lot of people if you can fix this last one! ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Dan Williams wrote: > On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: >> Attached is a patch with a number of fixes for openvpn against svn >> revision 3138. I'm still having some crashes creating/editing >> properties, but can consistently create new working settings by running >> /usr/bin/nm-vpn-properties directly. Connecting is working fine for me >> (X509 with password, TA and UDP). >> >> I'm going to continue poking away at the property issues and see if I >> can eliminate the remaining issues. > No problem. They'll be more coming. There's still some config crashes, DNS is not getting set up correctly and there is a long standing bug when specifying custom routes that I plan on fixing now that I've started familiarizing myself with the code. -casey ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: > Attached is a patch with a number of fixes for openvpn against svn > revision 3138. I'm still having some crashes creating/editing > properties, but can consistently create new working settings by running > /usr/bin/nm-vpn-properties directly. Connecting is working fine for me > (X509 with password, TA and UDP). > > I'm going to continue poking away at the property issues and see if I > can eliminate the remaining issues. Committed, thanks! Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 16:08 -0600, Casey Harkins wrote: > Dan Williams wrote: > > Is this dependent on a specific openVPN version? Because some of the > > config options and command line things look like they've changed... > > The only change with openvpn interaction I made is reading the ip > address from the "ifconfig_local" environment variable, rather than > "ipconfig_local". This change was introduced in NetworkManager revision > #2952 [1], which was likely just a typo as the code was reworked. So, no > this shouldn't be dependent on a specific openvpn version (at least not > any different than all previous versions of the openvpn plugin). > > Here's a quick summary of my changes by file: > > nm-openvpn-service-openvpn-helper.c: > * Get ip from "ifconfig_local", not "ipconfig_local". > > nm-openvpn-service.c: > * Add PASSWORD and CERTPASS to the props list for validation. > * Convert "remote" prop to string before passing to openvpn. > * Change an error message from vpnc to openvpn. > > nm-openvpn.c: > * Fix wrong key being used to store TA_DIR property. > * Make advanced settings widgets load properly from glade. > > auth-dialog/main.c: > * Fix gconf paths (prefix subpaths with leading slash). > * Fix a missed name -> id change. > * Don't overwrite proper needpass/certpass. > * Dump key names out with passwords. > > > I noticed a couple places where I think there's some leaking going on > that I'll come back and address later. (I'm assuming GladeXML*'s should > be unref'ed when we're done with them?) I especially like the comment, > "The string here is leaked, big deal." in nm-openvpn-service.c. ;-) Yes, they get g_object_unref()-ed when you're done with them. Thanks for the explanation, I think I'll go ahead and commit the patch. Cheers, Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Dan Williams wrote: > Is this dependent on a specific openVPN version? Because some of the > config options and command line things look like they've changed... The only change with openvpn interaction I made is reading the ip address from the "ifconfig_local" environment variable, rather than "ipconfig_local". This change was introduced in NetworkManager revision #2952 [1], which was likely just a typo as the code was reworked. So, no this shouldn't be dependent on a specific openvpn version (at least not any different than all previous versions of the openvpn plugin). Here's a quick summary of my changes by file: nm-openvpn-service-openvpn-helper.c: * Get ip from "ifconfig_local", not "ipconfig_local". nm-openvpn-service.c: * Add PASSWORD and CERTPASS to the props list for validation. * Convert "remote" prop to string before passing to openvpn. * Change an error message from vpnc to openvpn. nm-openvpn.c: * Fix wrong key being used to store TA_DIR property. * Make advanced settings widgets load properly from glade. auth-dialog/main.c: * Fix gconf paths (prefix subpaths with leading slash). * Fix a missed name -> id change. * Don't overwrite proper needpass/certpass. * Dump key names out with passwords. I noticed a couple places where I think there's some leaking going on that I'll come back and address later. (I'm assuming GladeXML*'s should be unref'ed when we're done with them?) I especially like the comment, "The string here is leaked, big deal." in nm-openvpn-service.c. ;-) -casey [1]http://svn.gnome.org/viewvc/NetworkManager/trunk/vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c?r1=2118&r2=2952 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: > Attached is a patch with a number of fixes for openvpn against svn > revision 3138. I'm still having some crashes creating/editing > properties, but can consistently create new working settings by running > /usr/bin/nm-vpn-properties directly. Connecting is working fine for me > (X509 with password, TA and UDP). > > I'm going to continue poking away at the property issues and see if I > can eliminate the remaining issues. Is this dependent on a specific openVPN version? Because some of the config options and command line things look like they've changed... Thanks for the patch though; can I get some more people to test it out before I commit? Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
openvpn fixes against svn 3138
Attached is a patch with a number of fixes for openvpn against svn revision 3138. I'm still having some crashes creating/editing properties, but can consistently create new working settings by running /usr/bin/nm-vpn-properties directly. Connecting is working fine for me (X509 with password, TA and UDP). I'm going to continue poking away at the property issues and see if I can eliminate the remaining issues. -casey Index: vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c === --- vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c (revision 3138) +++ vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c (working copy) @@ -212,7 +212,7 @@ helper_failed (connection, "Tunnel Device"); /* IP address */ - val = addr_to_gvalue (getenv ("ipconfig_local")); + val = addr_to_gvalue (getenv ("ifconfig_local")); if (val) g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val); else Index: vpn-daemons/openvpn/src/nm-openvpn-service.c === --- vpn-daemons/openvpn/src/nm-openvpn-service.c (revision 3138) +++ vpn-daemons/openvpn/src/nm-openvpn-service.c (working copy) @@ -99,6 +99,8 @@ { NM_OPENVPN_KEY_TA, G_TYPE_STRING }, { NM_OPENVPN_KEY_TA_DIR, G_TYPE_STRING }, { NM_OPENVPN_KEY_USERNAME,G_TYPE_STRING }, + { NM_OPENVPN_KEY_PASSWORD,G_TYPE_STRING }, + { NM_OPENVPN_KEY_CERTPASS,G_TYPE_STRING }, { NULL, G_TYPE_NONE } }; @@ -386,7 +388,7 @@ tmp = g_hash_table_lookup (properties, NM_OPENVPN_KEY_REMOTE); if (tmp) { g_ptr_array_add (openvpn_argv, (gpointer) "--remote"); - g_ptr_array_add (openvpn_argv, tmp); + g_ptr_array_add (openvpn_argv, (gpointer) g_value_get_string ((GValue *) tmp)); } tmp = g_hash_table_lookup (properties, NM_OPENVPN_KEY_COMP_LZO); @@ -635,7 +637,7 @@ NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED, "%s", - "Could not start vpnc binary."); + "Could not start openvpn binary."); goto out; } Index: vpn-daemons/openvpn/properties/nm-openvpn.c === --- vpn-daemons/openvpn/properties/nm-openvpn.c (revision 3138) +++ vpn-daemons/openvpn/properties/nm-openvpn.c (working copy) @@ -331,7 +331,7 @@ else dir = ""; - g_hash_table_insert (properties, NM_OPENVPN_KEY_TA, str_to_gvalue (dir)); + g_hash_table_insert (properties, NM_OPENVPN_KEY_TA_DIR, str_to_gvalue (dir)); } } @@ -1637,7 +1637,37 @@ impl->last_fc_dir = NULL; + /* advanced settings */ glade_file = g_strdup_printf ("%s/%s", GLADEDIR, "nm-openvpn-dialog.glade"); + impl->xml = glade_xml_new (glade_file, "nm-openvpn-advanced-dialog", GETTEXT_PACKAGE); + g_free( glade_file ); + if (impl->xml == NULL) + goto error; + + impl->advanced = GTK_DIALOG (glade_xml_get_widget(impl->xml, "nm-openvpn-advanced-dialog")); + + impl->w_port = GTK_ENTRY (glade_xml_get_widget (impl->xml, "openvpn-port")); + impl->w_use_routes = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-routes")); + impl->w_routes = GTK_ENTRY (glade_xml_get_widget (impl->xml, "openvpn-routes")); + + impl->w_use_lzo= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-lzo")); + impl->w_use_tap= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-tap")); + impl->w_use_tcp= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-tcp")); + + impl->w_use_cipher = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-cipher")); + impl->w_cipher = GTK_COMBO_BOX( glade_xml_get_widget( impl->xml, "openvpn-cipher" ) ); + populate_cipher(impl->w_cipher); + + impl->w_use_ta = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-ta")); + impl->w_ta = GTK_ENTRY( glade_xml_get_widget( impl->xml, "openvpn-ta" ) ); + impl->w_button_ta = GTK_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-but-ta" ) ); + impl->w_ta_dir_label = GTK_LABEL( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-label" ) ); + impl->w_ta_dir_none= GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-none" ) ); + impl->w_ta_dir_zero= GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-zero" ) ); + impl->w_ta_dir_one = GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-one" ) ); + + /* normal settings */ + glade_file = g_strdup_printf ("%s/%s", GLADEDIR, "nm-openvpn-dialog.glade"); impl->xml = glade_xml_new (glade_file, "nm-openvpn-widget", GETTEXT_PACKAGE); g_free( glade_file ); if (impl->xml == NULL) @@ -1646,18 +1676,13 @@ impl->widget = glade_xml_get_widget(impl->xml, "nm-openvpn-widget"); g_object_ref