Re: openvpn fixes against svn 3138
Darren Albers wrote: > On Dec 5, 2007 5:59 PM, Casey Harkins <[EMAIL PROTECTED]> wrote: >> No problem. They'll be more coming. There's still some config crashes, >> DNS is not getting set up correctly and there is a long standing bug >> when specifying custom routes that I plan on fixing now that I've >> started familiarizing myself with the code. >> >> -casey >> > > You will be a hero to a lot of people if you can fix this last one! > I'm assuming you're referring to NM leaving you with no default route when specifying specific routes from the VPN configuration? If so, is it a problem for all vpn plugins, or specific to the openvpn plugin? For the openvpn plugin (though I'd imagine something similar could be done for other VPN plugins as well), I want to extend the "Only use VPN connection for these addresses" to include a checkbox for "and addresses specified by the VPN server". -casey ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Casey Harkins wrote: > Dan Williams wrote: >> On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: >>> Attached is a patch with a number of fixes for openvpn against svn >>> revision 3138. I'm still having some crashes creating/editing >>> properties, but can consistently create new working settings by running >>> /usr/bin/nm-vpn-properties directly. Connecting is working fine for me >>> (X509 with password, TA and UDP). >>> >>> I'm going to continue poking away at the property issues and see if I >>> can eliminate the remaining issues. > > No problem. They'll be more coming. There's still some config crashes, > DNS is not getting set up correctly and there is a long standing bug > when specifying custom routes that I plan on fixing now that I've > started familiarizing myself with the code. > > -casey Thanks for the patches, I've had a few issues while testing -- Error in nm-vpn-connection.c / get_secrets_cb(), due to a mandatory check for a secret. Presumably there are no secrets for my "X509 Certificates" connection type? Error in nm-openvpn-service-openvpn-helper.c / main(), due to a mandatory check for "ifconfig_remote" which isn't specified on a TAP connection. Also, I'm not getting a route added for the VPN subnet. I've just commented these first two checks out for now, and have finally managed to make a VPN connection from F8! Keep up the good work ;) Regards, Jon ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Dec 5, 2007 5:59 PM, Casey Harkins <[EMAIL PROTECTED]> wrote: > > No problem. They'll be more coming. There's still some config crashes, > DNS is not getting set up correctly and there is a long standing bug > when specifying custom routes that I plan on fixing now that I've > started familiarizing myself with the code. > > -casey > You will be a hero to a lot of people if you can fix this last one! ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Dan Williams wrote: > On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: >> Attached is a patch with a number of fixes for openvpn against svn >> revision 3138. I'm still having some crashes creating/editing >> properties, but can consistently create new working settings by running >> /usr/bin/nm-vpn-properties directly. Connecting is working fine for me >> (X509 with password, TA and UDP). >> >> I'm going to continue poking away at the property issues and see if I >> can eliminate the remaining issues. > No problem. They'll be more coming. There's still some config crashes, DNS is not getting set up correctly and there is a long standing bug when specifying custom routes that I plan on fixing now that I've started familiarizing myself with the code. -casey ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: > Attached is a patch with a number of fixes for openvpn against svn > revision 3138. I'm still having some crashes creating/editing > properties, but can consistently create new working settings by running > /usr/bin/nm-vpn-properties directly. Connecting is working fine for me > (X509 with password, TA and UDP). > > I'm going to continue poking away at the property issues and see if I > can eliminate the remaining issues. Committed, thanks! Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 16:08 -0600, Casey Harkins wrote: > Dan Williams wrote: > > Is this dependent on a specific openVPN version? Because some of the > > config options and command line things look like they've changed... > > The only change with openvpn interaction I made is reading the ip > address from the "ifconfig_local" environment variable, rather than > "ipconfig_local". This change was introduced in NetworkManager revision > #2952 [1], which was likely just a typo as the code was reworked. So, no > this shouldn't be dependent on a specific openvpn version (at least not > any different than all previous versions of the openvpn plugin). > > Here's a quick summary of my changes by file: > > nm-openvpn-service-openvpn-helper.c: > * Get ip from "ifconfig_local", not "ipconfig_local". > > nm-openvpn-service.c: > * Add PASSWORD and CERTPASS to the props list for validation. > * Convert "remote" prop to string before passing to openvpn. > * Change an error message from vpnc to openvpn. > > nm-openvpn.c: > * Fix wrong key being used to store TA_DIR property. > * Make advanced settings widgets load properly from glade. > > auth-dialog/main.c: > * Fix gconf paths (prefix subpaths with leading slash). > * Fix a missed name -> id change. > * Don't overwrite proper needpass/certpass. > * Dump key names out with passwords. > > > I noticed a couple places where I think there's some leaking going on > that I'll come back and address later. (I'm assuming GladeXML*'s should > be unref'ed when we're done with them?) I especially like the comment, > "The string here is leaked, big deal." in nm-openvpn-service.c. ;-) Yes, they get g_object_unref()-ed when you're done with them. Thanks for the explanation, I think I'll go ahead and commit the patch. Cheers, Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
Dan Williams wrote: > Is this dependent on a specific openVPN version? Because some of the > config options and command line things look like they've changed... The only change with openvpn interaction I made is reading the ip address from the "ifconfig_local" environment variable, rather than "ipconfig_local". This change was introduced in NetworkManager revision #2952 [1], which was likely just a typo as the code was reworked. So, no this shouldn't be dependent on a specific openvpn version (at least not any different than all previous versions of the openvpn plugin). Here's a quick summary of my changes by file: nm-openvpn-service-openvpn-helper.c: * Get ip from "ifconfig_local", not "ipconfig_local". nm-openvpn-service.c: * Add PASSWORD and CERTPASS to the props list for validation. * Convert "remote" prop to string before passing to openvpn. * Change an error message from vpnc to openvpn. nm-openvpn.c: * Fix wrong key being used to store TA_DIR property. * Make advanced settings widgets load properly from glade. auth-dialog/main.c: * Fix gconf paths (prefix subpaths with leading slash). * Fix a missed name -> id change. * Don't overwrite proper needpass/certpass. * Dump key names out with passwords. I noticed a couple places where I think there's some leaking going on that I'll come back and address later. (I'm assuming GladeXML*'s should be unref'ed when we're done with them?) I especially like the comment, "The string here is leaked, big deal." in nm-openvpn-service.c. ;-) -casey [1]http://svn.gnome.org/viewvc/NetworkManager/trunk/vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c?r1=2118&r2=2952 ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: openvpn fixes against svn 3138
On Wed, 2007-12-05 at 14:56 -0600, Casey Harkins wrote: > Attached is a patch with a number of fixes for openvpn against svn > revision 3138. I'm still having some crashes creating/editing > properties, but can consistently create new working settings by running > /usr/bin/nm-vpn-properties directly. Connecting is working fine for me > (X509 with password, TA and UDP). > > I'm going to continue poking away at the property issues and see if I > can eliminate the remaining issues. Is this dependent on a specific openVPN version? Because some of the config options and command line things look like they've changed... Thanks for the patch though; can I get some more people to test it out before I commit? Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
openvpn fixes against svn 3138
Attached is a patch with a number of fixes for openvpn against svn
revision 3138. I'm still having some crashes creating/editing
properties, but can consistently create new working settings by running
/usr/bin/nm-vpn-properties directly. Connecting is working fine for me
(X509 with password, TA and UDP).
I'm going to continue poking away at the property issues and see if I
can eliminate the remaining issues.
-casey
Index: vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c
===
--- vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c (revision 3138)
+++ vpn-daemons/openvpn/src/nm-openvpn-service-openvpn-helper.c (working copy)
@@ -212,7 +212,7 @@
helper_failed (connection, "Tunnel Device");
/* IP address */
- val = addr_to_gvalue (getenv ("ipconfig_local"));
+ val = addr_to_gvalue (getenv ("ifconfig_local"));
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
else
Index: vpn-daemons/openvpn/src/nm-openvpn-service.c
===
--- vpn-daemons/openvpn/src/nm-openvpn-service.c (revision 3138)
+++ vpn-daemons/openvpn/src/nm-openvpn-service.c (working copy)
@@ -99,6 +99,8 @@
{ NM_OPENVPN_KEY_TA, G_TYPE_STRING },
{ NM_OPENVPN_KEY_TA_DIR, G_TYPE_STRING },
{ NM_OPENVPN_KEY_USERNAME,G_TYPE_STRING },
+ { NM_OPENVPN_KEY_PASSWORD,G_TYPE_STRING },
+ { NM_OPENVPN_KEY_CERTPASS,G_TYPE_STRING },
{ NULL, G_TYPE_NONE }
};
@@ -386,7 +388,7 @@
tmp = g_hash_table_lookup (properties, NM_OPENVPN_KEY_REMOTE);
if (tmp) {
g_ptr_array_add (openvpn_argv, (gpointer) "--remote");
- g_ptr_array_add (openvpn_argv, tmp);
+ g_ptr_array_add (openvpn_argv, (gpointer) g_value_get_string ((GValue *) tmp));
}
tmp = g_hash_table_lookup (properties, NM_OPENVPN_KEY_COMP_LZO);
@@ -635,7 +637,7 @@
NM_VPN_PLUGIN_ERROR,
NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
"%s",
- "Could not start vpnc binary.");
+ "Could not start openvpn binary.");
goto out;
}
Index: vpn-daemons/openvpn/properties/nm-openvpn.c
===
--- vpn-daemons/openvpn/properties/nm-openvpn.c (revision 3138)
+++ vpn-daemons/openvpn/properties/nm-openvpn.c (working copy)
@@ -331,7 +331,7 @@
else
dir = "";
- g_hash_table_insert (properties, NM_OPENVPN_KEY_TA, str_to_gvalue (dir));
+ g_hash_table_insert (properties, NM_OPENVPN_KEY_TA_DIR, str_to_gvalue (dir));
}
}
@@ -1637,7 +1637,37 @@
impl->last_fc_dir = NULL;
+ /* advanced settings */
glade_file = g_strdup_printf ("%s/%s", GLADEDIR, "nm-openvpn-dialog.glade");
+ impl->xml = glade_xml_new (glade_file, "nm-openvpn-advanced-dialog", GETTEXT_PACKAGE);
+ g_free( glade_file );
+ if (impl->xml == NULL)
+ goto error;
+
+ impl->advanced = GTK_DIALOG (glade_xml_get_widget(impl->xml, "nm-openvpn-advanced-dialog"));
+
+ impl->w_port = GTK_ENTRY (glade_xml_get_widget (impl->xml, "openvpn-port"));
+ impl->w_use_routes = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-routes"));
+ impl->w_routes = GTK_ENTRY (glade_xml_get_widget (impl->xml, "openvpn-routes"));
+
+ impl->w_use_lzo= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-lzo"));
+ impl->w_use_tap= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-tap"));
+ impl->w_use_tcp= GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-tcp"));
+
+ impl->w_use_cipher = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-cipher"));
+ impl->w_cipher = GTK_COMBO_BOX( glade_xml_get_widget( impl->xml, "openvpn-cipher" ) );
+ populate_cipher(impl->w_cipher);
+
+ impl->w_use_ta = GTK_CHECK_BUTTON (glade_xml_get_widget (impl->xml, "openvpn-use-ta"));
+ impl->w_ta = GTK_ENTRY( glade_xml_get_widget( impl->xml, "openvpn-ta" ) );
+ impl->w_button_ta = GTK_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-but-ta" ) );
+ impl->w_ta_dir_label = GTK_LABEL( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-label" ) );
+ impl->w_ta_dir_none= GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-none" ) );
+ impl->w_ta_dir_zero= GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-zero" ) );
+ impl->w_ta_dir_one = GTK_RADIO_BUTTON( glade_xml_get_widget( impl->xml, "openvpn-ta-dir-one" ) );
+
+ /* normal settings */
+ glade_file = g_strdup_printf ("%s/%s", GLADEDIR, "nm-openvpn-dialog.glade");
impl->xml = glade_xml_new (glade_file, "nm-openvpn-widget", GETTEXT_PACKAGE);
g_free( glade_file );
if (impl->xml == NULL)
@@ -1646,18 +1676,13 @@
impl->widget = glade_xml_get_widget(impl->xml, "nm-openvpn-widget");
g_object_ref
