Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Am 10.05.12 01:39, schrieb Alon Bar-Lev: > On Thu, May 10, 2012 at 2:24 AM, Arne Schwabe wrote: >>> I need a better description of the tun process... so far I did not >>> understand why you cannot use standard approach of creating persistent >>> tun with non root access and then use the iproute2 w

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 3:01 AM, Arne Schwabe wrote: > Am 10.05.12 01:39, schrieb Alon Bar-Lev: >> On Thu, May 10, 2012 at 2:24 AM, Arne Schwabe wrote: I need a better description of the tun process... so far I did not understand why you cannot use standard approach of creating persiste

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

> -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: donderdag 10 mei 2012 2:10 > To: Arne Schwabe > Cc: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset > > On Thu, May 10, 2012 at 3:01 AM, Arne Schwab

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 9:35 AM, Adriaan de Jong wrote: >> -Original Message- >> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >> Sent: donderdag 10 mei 2012 2:10 >> To: Arne Schwabe >> Cc: openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 9:49 AM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 9:35 AM, Adriaan de Jong wrote: >>> -Original Message- >>> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >>> Sent: donderdag 10 mei 2012 2:10 >>> To: Arne Schwabe >>> Cc: openvpn-devel@lists.sourceforge.net

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

That would be another option. In the model we were using (which might be different), the order is as follows: 1. openvpn is started 2. openvpn opens a socket to the remote host 2. openvpn establishes the control channel across this socket 3. openvpn passes socket and control channel data (IP, rou

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Thank you, Yes, I understand. If I narrow this to "feature requests", basically we say that: 1. we want direct tun management to the management interface. 2. we want to have some logic when openvpn socket is opened. 3. Pass pre opened tun. (1) - direct tun management to the management interface

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

I still prefer using the management interface. It keeps the interface to the Java stuff very clean (socket-based). Further you potentially allow other systems, such as Apple or Windows Phone to do the same. It avoids messy JNI stuff, and fits into the spirit of the management interface. It's the

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

I guess you refer to (2), right? I don't think the spirit of the management interface was to pass fds... as it was written in tcp. A plugin does not mean that you need to write JNI, as it can communicate using a different unix domain socket to upstream anyway... Something like: open fd=45 for man

[Openvpn-devel] openvpn question

Hi all, I am new to openvpn. I am using openvpn on my  linux machine. I have a basic question about openvpn.  How openvpn process the incoming packets ? Is it processing incoming packets one by one, means receive one packet from the kernel, decrypt it and send it back to the kernel then n

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen wrote: >>> Hello David, >>> >>> On Mon, May 7, 2012 at 10:33 AM, David Sommerseth >>> wrote: >>> >>> >>> The reason I don't see the benefit of splitting out the plug-ins as much is that they all depend on OpenVPN. You can not make mu

Re: [Openvpn-devel] openvpn question

Hi Raj, Raj Kumar wrote: Hi all, I am new to openvpn. I am using openvpn on my linux machine. I have a basic question about openvpn. How openvpn process the incoming packets ? Is it processing incoming packets one by one, means receive one packet from the kernel, decrypt it and send it

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

> Hello, > > I have developed the port of openvpn for Android 4.0: > https://play.google.com/store/apps/details?id=de.blinkt.openvpn and > http://code.google.com/p/ics-openvpn/ > > The API of Android 4.0 requires that openvpn runs as completely > unprivileged process. There all opening of tun, add

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Hi, Samuli Seppänen wrote: Hello, I have developed the port of openvpn for Android 4.0: https://play.google.com/store/apps/details?id=de.blinkt.openvpn and http://code.google.com/p/ics-openvpn/ The API of Android 4.0 requires that openvpn runs as completely unprivileged process. There all open

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 00:36, Arne Schwabe wrote: >> I suggest you clone the repository at github, create a branch >> and order your changes. > > > that would mean to revert all changes, making the changes in small > steps and commiting each step? (I am still

Re: [Openvpn-devel] openvpn question

Hi JJK, Thanks a lot for quick responds.  your answer really helped me. Regards Raj From: Jan Just Keijser To: Raj Kumar Cc: "openvpn-devel@lists.sourceforge.net" Sent: Thursday, May 10, 2012 2:17 PM Subject: Re: [Openvpn-devel] openvpn question Hi

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 09:28, Adriaan de Jong wrote: > I still prefer using the management interface. It keeps the > interface to the Java stuff very clean (socket-based). Further you > potentially allow other systems, such as Apple or Windows Phone to > do the

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

> -Original Message- > From: David Sommerseth [mailto:openvpn.l...@topphemmelig.net] > Sent: donderdag 10 mei 2012 11:49 > To: Alon Bar-Lev > Cc: Adriaan de Jong; openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset > > -BEGIN P

[Openvpn-devel] Some issues with openvpn-build/windows-nsis

Hi, I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran into some issues: $ cd openvpn-build/windows-nsis $ ./build-snapshot --- snip --- make[3]: Leaving directory `/home/samuli/opt/openvpn-build/windows-nsis/tmp/build-i686/pkcs11-helper-1.10' make[2]: Leaving directory `/hom

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

Il 10.05.2012 15:11, Samuli Seppänen ha scritto: > Hi, > > I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran > into some issues: > > $ cd openvpn-build/windows-nsis > $ ./build-snapshot > --- snip --- > > make[3]: Leaving directory > `/home/samuli/opt/openvpn-build/windows-nsis

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen wrote: > >> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen wrote: Hello David, On Mon, May 7, 2012 at 10:33 AM, David Sommerseth wrote: > The reason I don't see the benefit of splitting out the plug-ins a

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

On Thu, May 10, 2012 at 3:23 PM, Samuli Seppänen wrote: > Il 10.05.2012 15:11, Samuli Seppänen ha scritto: >> Hi, >> >> I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran >> into some issues: >> >> $ cd openvpn-build/windows-nsis >> $ ./build-snapshot >> --- snip --- >> >> make

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: > Hi, > > I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran > into some issues: > > $ cd openvpn-build/windows-nsis > $ ./build-snapshot > --- snip --- > > make[3]: Leaving directory > `/home/samuli/opt/openvpn-build/wind

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 12:06 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 00:36, Arne Schwabe wrote: > >>> I suggest you clone the repository at github, create a branch >>> and order your changes. >> >> >> that would mean to revert all changes, mak

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 14:33, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen > wrote: >> >>> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen >>> wrote: > Hello David, > > On Mon, May 7, 2012 at 10:33 AM, David Sommerseth

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Thu, May 10, 2012 at 3:39 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 14:33, Alon Bar-Lev wrote: >> On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen >> wrote: >>> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen wrote: >> Hello

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

> >> -Original Message- >> From: David Sommerseth [mailto:openvpn.l...@topphemmelig.net] >> Sent: donderdag 10 mei 2012 11:49 >> To: Alon Bar-Lev >> Cc: Adriaan de Jong; openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset >> >>

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 12:48 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 09:28, Adriaan de Jong wrote: >> I still prefer using the management interface. It keeps the >> interface to the Java stuff very clean (socket-based). Further you >> potentia

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

> On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: >> Hi, >> >> I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran >> into some issues: >> >> $ cd openvpn-build/windows-nsis >> $ ./build-snapshot >> --- snip --- >> >> make[3]: Leaving directory >> `/home/samuli/opt/open

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

On Thu, May 10, 2012 at 3:42 PM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 3:39 PM, David Sommerseth > wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On 10/05/12 14:33, Alon Bar-Lev wrote: >>> On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen >>> wrote: > On Tue, M

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Let me introduce myself first as this is my first post to this mailing list. I'm Mendelt Siebenga, a new colleague of Adriaan de Jong. I started working for Fox IT a couple of weeks ago. I've been working on something similar to what Arne has been doing but my background is more in higher level

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

I generaly agree with Mendelt. A few additions > We considered two ways of doing this: > - Modify OpenVPN to make it possible to use JNI to call into OpenVPN directly from Java code. I implemented that in the first version of my app (<= 0.4.6). But that involed evil trickery like set_jmp/long_jmp

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Hello Mendelt, Thank you for taking the time to explain the process, now at least I can comment better. On Thu, May 10, 2012 at 5:03 PM, Mendelt Siebenga wrote: > Android has a lot of limitations on how you can get access to a TUN device > without rooting your phone. Basically what you need t

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

> -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: donderdag 10 mei 2012 16:33 > To: Mendelt Siebenga > Cc: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset > > Hello Mendelt, > > Thank you for takin

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 5:43 PM, Adriaan de Jong wrote: >> -Original Message- >> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >> Sent: donderdag 10 mei 2012 16:33 >> To: Mendelt Siebenga >> Cc: openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel] [PATCH] Openvpn for And

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 16:50, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 5:43 PM, Adriaan de Jong > wrote: >>> -Original Message- From: Alon Bar-Lev >>> [mailto:alon.bar...@gmail.com] Sent: donderdag 10 mei 2012 >>> 16:33 To: Mendelt Siebenga Cc: >>>

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

On Thu, May 10, 2012 at 3:53 PM, Samuli Seppänen wrote: > >> On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: >>> Hi, >>> >>> I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran >>> into some issues: >>> >>> $ cd openvpn-build/windows-nsis >>> $ ./build-snapshot >>> ---

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 6:17 PM, David Sommerseth wrote: > Development is all about iterations.  Let's see what we can do NOW to > get Arne's approach reviewed properly, see if there are things which > can be do to simplify the future somewhat ... but don't make this > depend on a complete modular

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

On Thu, May 10, 2012 at 6:20 PM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 6:17 PM, David Sommerseth > wrote: >> Development is all about iterations.  Let's see what we can do NOW to >> get Arne's approach reviewed properly, see if there are things which >> can be do to simplify the future so

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

Hi, 2012/5/10 David Sommerseth : > On 10/05/12 16:50, Alon Bar-Lev wrote: >> Why? plugin is adding a custom logic, and you need custom logic. As >> I wrote it does not imply that you implement your JNI there. > > Okay ... fine ... there are plenty of big visions for a future version > of OpenVPN,

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

I am listing a few requirements that are not discussed before but may still be important and non obvious. These at least people not involved with the Android platform a better picture of required changes. > To allow OpenVPN to be properly refactored afterwards, the important > part is probably to g