rpms/NetworkManager-libreswan
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 0.8.999 (0.9-rc2)

Browse Source
This commit is contained in:
Dan Williams 2011-05-04 00:19:07 -05:00
parent c9690a6dd1
commit 1da30d3659
7 changed files with 16 additions and 1370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
NetworkManager-openswan.spec
View File

@ -1,35 +1,27 @@
%define openswan_version 2.6.27-1
%define snapshot .20100411git
%define realversion 0.8
%define snapshot %{nil}
%define realversion 0.8.999
Summary: NetworkManager VPN plug-in for openswan
Name: NetworkManager-openswan
Version: 0.8.0
Release: 9%{snapshot}%{?dist}
Version: 0.8.999
Release: 1%{snapshot}%{?dist}
License: GPLv2+
Group: System Environment/Base
URL: http://people.redhat.com/avagarwa/files/NetworkManager-openswan/
URL: http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openswan/0.8/
# To get source, either download from the above url, or follow these commands
# Check out NetworkManager-openswan
# "cd" to specfic fedora release
# run "make test-srpm"
Source0: http://people.redhat.com/avagarwa/files/%{name}/%{name}-%{realversion}.tar.gz
Source0: http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openswan/0.8/%{name}-%{realversion}.tar.bz2
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
Patch1: nm-secret-whack.patch
Patch2: nm-616910.patch
Patch3: nm-changes.patch
Patch4: compile-errors.patch
Patch5: nm09.patch
BuildRequires: gtk2-devel
#BuildRequires: dbus-devel
#BuildRequires: NetworkManager-devel
BuildRequires: gtk3-devel
BuildRequires: dbus-devel
BuildRequires: NetworkManager-devel
BuildRequires: NetworkManager-glib-devel
BuildRequires: GConf2-devel
BuildRequires: gnome-keyring-devel
BuildRequires: libglade2-devel
BuildRequires: intltool gettext
Requires: NetworkManager
@ -43,12 +35,6 @@ with NetworkManager and the GNOME desktop
%prep
%setup -q -n NetworkManager-openswan-%{realversion}
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1 -b .nm09
%build
%configure --disable-static --enable-more-warnings=yes
make %{?_smp_mflags}
@ -77,10 +63,15 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/NetworkManager/VPN/nm-openswan-service.name
%{_libexecdir}/nm-openswan-service
%{_libexecdir}/nm-openswan-service-helper
%{_datadir}/gnome-vpn-properties/openswan/nm-openswan-dialog.glade
%{_datadir}/gnome-vpn-properties/openswan/nm-openswan-dialog.ui
%dir %{_datadir}/gnome-vpn-properties/openswan
%changelog
* Tue May 03 2011 Dan Williams <dcbw@redhat.com> - 0.8.999-1
- Update to 0.8.999 (0.9-rc2)
- Port to GTK 3.0 and GtkBuilder
- Fix some issues with secrets storage
* Sun Mar 27 2011 Christopher Aillon <caillon@redhat.com> - 0.8.0-9.20100411git
- Rebuild against NetworkManager 0.9

86
compile-errors.patch
View File

@ -1,86 +0,0 @@
diff -urNp NetworkManager-openswan-0.8-cvs-patched/auth-dialog/main.c NetworkManager-openswan-0.8-current/auth-dialog/main.c
--- NetworkManager-openswan-0.8-cvs-patched/auth-dialog/main.c 2011-02-15 10:56:52.192317259 -0500
+++ NetworkManager-openswan-0.8-current/auth-dialog/main.c 2011-02-16 12:27:03.016111821 -0500
@@ -284,7 +284,6 @@ main (int argc, char *argv[])
char *password = NULL, *group_password = NULL;
char *upw_type = NULL, *gpw_type = NULL;
char buf[1];
- int ret;
GError *error = NULL;
GOptionContext *context;
GOptionEntry entries[] = {
@@ -357,6 +356,9 @@ main (int argc, char *argv[])
fflush (stdout);
/* wait for data on stdin */
- ret = fread (buf, sizeof (char), sizeof (buf), stdin);
+ if (fread (buf, sizeof (char), sizeof (buf), stdin) < sizeof(buf) && ferror(stdin)) {
+ fprintf(stderr,"error occured when reading from stdin in main.c in auth-dialog");
+ }
+
return 0;
}
diff -urNp NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c NetworkManager-openswan-0.8-current/properties/nm-openswan.c
--- NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c 2011-02-15 10:57:24.704317823 -0500
+++ NetworkManager-openswan-0.8-current/properties/nm-openswan.c 2011-02-16 12:27:47.200862374 -0500
@@ -261,7 +261,6 @@ pw_type_changed_helper (OpenswanPluginUi
OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
const char *entry = NULL;
GtkWidget *widget;
- GtkTreeModel *model;
/* If the user chose "Not required", desensitize and clear the correct
* password entry.
@@ -280,7 +279,6 @@ pw_type_changed_helper (OpenswanPluginUi
widget = glade_xml_get_widget (priv->xml, entry);
g_assert (widget);
- model = gtk_combo_box_get_model (GTK_COMBO_BOX (combo));
switch (gtk_combo_box_get_active (GTK_COMBO_BOX (combo))) {
case PW_TYPE_ASK:
case PW_TYPE_UNUSED:
@@ -488,11 +487,9 @@ static guint32
handle_one_pw_type (NMSettingVPN *s_vpn, GladeXML *xml, const char *name, const char *key)
{
GtkWidget *widget;
- GtkTreeModel *model;
guint32 pw_type;
widget = glade_xml_get_widget (xml, name);
- model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
pw_type = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
switch (pw_type) {
@@ -617,12 +615,10 @@ save_one_password (GladeXML *xml,
GnomeKeyringResult ret;
GtkWidget *widget;
const char *password;
- GtkTreeModel *model;
gboolean saved = FALSE;
widget = glade_xml_get_widget (xml, combo);
g_assert (widget);
- model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) == PW_TYPE_SAVE) {
widget = glade_xml_get_widget (xml, entry);
g_assert (widget);
diff -urNp NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.c NetworkManager-openswan-0.8-current/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.c 2011-02-15 10:57:21.422336210 -0500
+++ NetworkManager-openswan-0.8-current/src/nm-openswan-service.c 2011-02-16 12:32:50.003111577 -0500
@@ -379,11 +379,14 @@ write_config_option (int fd, const char
{
char * string;
va_list args;
- int x;
va_start (args, format);
string = g_strdup_vprintf (format, args);
- x = write (fd, string, strlen (string));
+
+ if ( write (fd, string, strlen (string)) == -1) {
+ nm_warning ("nm-openswan: error in write_config_option");
+ }
+
g_free (string);
va_end (args);
}

306
nm-616910.patch
View File

@ -1,306 +0,0 @@
diff -urNp NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c NetworkManager-openswan-0.8/properties/nm-openswan.c
--- NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c 2010-07-21 15:41:07.674107915 -0400
+++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2010-07-21 16:55:34.597114628 -0400
@@ -416,6 +416,28 @@ init_plugin_ui (OpenswanPluginUiWidget *
}
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
+ /* Phase 1 Algorithms: IKE*/
+ widget = glade_xml_get_widget (priv->xml, "phase1_entry");
+ g_return_val_if_fail (widget != NULL, FALSE);
+ gtk_size_group_add_widget (priv->group, GTK_WIDGET (widget));
+ if (s_vpn) {
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_IKE);
+ if (value && strlen (value))
+ gtk_entry_set_text (GTK_ENTRY (widget), value);
+ }
+ g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
+
+ /* Phase 2 Algorithms: ESP*/
+ widget = glade_xml_get_widget (priv->xml, "phase2_entry");
+ g_return_val_if_fail (widget != NULL, FALSE);
+ gtk_size_group_add_widget (priv->group, GTK_WIDGET (widget));
+ if (s_vpn) {
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_ESP);
+ if (value && strlen (value))
+ gtk_entry_set_text (GTK_ENTRY (widget), value);
+ }
+ g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
+
widget = glade_xml_get_widget (priv->xml, "domain_entry");
g_return_val_if_fail (widget != NULL, FALSE);
gtk_size_group_add_widget (priv->group, GTK_WIDGET (widget));
@@ -520,11 +542,25 @@ update_connection (NMVpnPluginUiWidgetIn
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTID, str);
+ /* User name*/
widget = glade_xml_get_widget (priv->xml, "user_entry");
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTXAUTHUSER, str);
+
+ /* Phase 1 Algorithms: ike */
+ widget = glade_xml_get_widget (priv->xml, "phase1_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str))
+ nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_IKE, str);
+
+ /* Phase 2 Algorithms: esp */
+ widget = glade_xml_get_widget (priv->xml, "phase2_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str))
+ nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_ESP, str);
+ /* Domain entry */
widget = glade_xml_get_widget (priv->xml, "domain_entry");
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
diff -urNp NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan-dialog.glade NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade
--- NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan-dialog.glade 2010-07-21 15:41:07.659354607 -0400
+++ NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade 2010-07-21 16:22:37.191355919 -0400
@@ -233,77 +233,120 @@
<property name="visible">True</property>
<property name="left_padding">12</property>
<child>
- <widget class="GtkTable" id="table3">
+ <widget class="GtkEventBox" id="eventbox1">
<property name="visible">True</property>
- <property name="n_rows">5</property>
- <property name="n_columns">2</property>
- <property name="column_spacing">6</property>
- <property name="row_spacing">6</property>
<child>
- <widget class="GtkLabel" id="label26">
+ <widget class="GtkTable" id="table3">
<property name="visible">True</property>
- <property name="xalign">0</property>
- <property name="label" translatable="yes">User name:</property>
+ <property name="n_rows">4</property>
+ <property name="n_columns">2</property>
+ <property name="column_spacing">6</property>
+ <property name="row_spacing">6</property>
+ <child>
+ <widget class="GtkLabel" id="label26">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">User name:</property>
+ </widget>
+ <packing>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkEntry" id="user_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="invisible_char">&#x25CF;</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkLabel" id="label27">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Phase1 Algorithms:</property>
+ </widget>
+ <packing>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkEntry" id="phase1_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="invisible_char">&#x25CF;</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">1</property>
+ <property name="bottom_attach">2</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkLabel" id="label1">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Phase2 Algorithms:</property>
+ </widget>
+ <packing>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkEntry" id="phase2_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="invisible_char">&#x25CF;</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkLabel" id="label2">
+ <property name="visible">True</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Domain:</property>
+ </widget>
+ <packing>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
+ <child>
+ <widget class="GtkEntry" id="domain_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="invisible_char">&#x25CF;</property>
+ </widget>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="y_options"></property>
+ </packing>
+ </child>
</widget>
- <packing>
- <property name="x_options">GTK_FILL</property>
- <property name="y_options"></property>
- </packing>
- </child>
- <child>
- <widget class="GtkEntry" id="user_entry">
- <property name="visible">True</property>
- <property name="can_focus">True</property>
- </widget>
- <packing>
- <property name="left_attach">1</property>
- <property name="right_attach">2</property>
- <property name="y_options"></property>
- </packing>
- </child>
- <child>
- <widget class="GtkLabel" id="label27">
- <property name="visible">True</property>
- <property name="xalign">0</property>
- <property name="label" translatable="yes">Domain:</property>
- </widget>
- <packing>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
- <property name="x_options">GTK_FILL</property>
- <property name="y_options"></property>
- </packing>
- </child>
- <child>
- <widget class="GtkEntry" id="domain_entry">
- <property name="visible">True</property>
- <property name="can_focus">True</property>
- </widget>
- <packing>
- <property name="left_attach">1</property>
- <property name="right_attach">2</property>
- <property name="top_attach">1</property>
- <property name="bottom_attach">2</property>
- <property name="y_options"></property>
- </packing>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
</child>
</widget>
</child>
diff -urNp NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.c NetworkManager-openswan-0.8/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.c 2010-07-21 15:41:07.774135961 -0400
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2010-07-21 17:22:01.650106623 -0400
@@ -69,6 +69,8 @@ static ValidProperty valid_properties[]
{ NM_OPENSWAN_DHGROUP, G_TYPE_STRING, 0, 0 },
{ NM_OPENSWAN_PFSGROUP, G_TYPE_STRING, 0, 0 },
{ NM_OPENSWAN_DPDTIMEOUT, G_TYPE_INT, 0, 86400 },
+ { NM_OPENSWAN_IKE, G_TYPE_STRING, 0, 0 },
+ { NM_OPENSWAN_ESP, G_TYPE_STRING, 0, 0 },
/* Ignored option for internal use */
{ NM_OPENSWAN_PSK_INPUT_MODES, G_TYPE_NONE, 0, 0 },
{ NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES, G_TYPE_NONE, 0, 0 },
@@ -505,6 +507,8 @@ nm_openswan_config_write (gint openswan_
const char *props_username;
//const char *props_natt_mode;
const char *default_username;
+ const char *phase1_alg_str;
+ const char *phase2_alg_str;
//const char *pw_type;
gint fdtmp1=-1;
//gint conf_fd=-1;
@@ -535,8 +539,23 @@ nm_openswan_config_write (gint openswan_
write_config_option (fdtmp1, " remote_peer_type=cisco\n");
write_config_option (fdtmp1, " rightxauthserver=yes\n");
write_config_option (fdtmp1, " rightmodecfgserver=yes\n");
+
+ phase1_alg_str = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_IKE);
+ if(!phase1_alg_str || !strlen (phase1_alg_str)) {
write_config_option (fdtmp1, " ike=aes-sha1\n");
+ }
+ else {
+ write_config_option (fdtmp1, " ike=%s\n", phase1_alg_str);
+ }
+
+ phase2_alg_str = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_ESP);
+ if(!phase2_alg_str || !strlen (phase2_alg_str)) {
write_config_option (fdtmp1, " esp=aes-sha1;modp1024\n");
+ }
+ else {
+ write_config_option (fdtmp1, " esp=%s\n", phase2_alg_str);
+ }
+
write_config_option (fdtmp1, " nm_configured=yes\n");
//write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
write_config_option (fdtmp1, " auto=add\n");
diff -urNp NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.h NetworkManager-openswan-0.8/src/nm-openswan-service.h
--- NetworkManager-openswan-0.8-cvs-patched/src/nm-openswan-service.h 2010-07-21 15:41:07.775128199 -0400
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.h 2010-07-21 17:19:29.930120077 -0400
@@ -47,6 +47,8 @@
#define NM_OPENSWAN_DHGROUP "dhgroup"
#define NM_OPENSWAN_PFSGROUP "pfsgroup"
#define NM_OPENSWAN_DPDTIMEOUT "dpdtimeout"
+#define NM_OPENSWAN_IKE "ike"
+#define NM_OPENSWAN_ESP "esp"
#define NM_OPENSWAN_PW_TYPE_SAVE "save"
#define NM_OPENSWAN_PW_TYPE_ASK "ask"

14
nm-changes.patch
View File

@ -1,14 +0,0 @@
diff -urNp NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c NetworkManager-openswan-0.8-current/properties/nm-openswan.c
--- NetworkManager-openswan-0.8-cvs-patched/properties/nm-openswan.c 2010-09-07 14:21:00.719407075 -0400
+++ NetworkManager-openswan-0.8-current/properties/nm-openswan.c 2010-09-07 14:51:04.925157229 -0400
@@ -850,8 +850,8 @@ openswan_plugin_ui_interface_init (NMVpn
/* interface implementation */
iface_class->ui_factory = ui_factory;
iface_class->get_capabilities = get_capabilities;
- iface_class->import = NULL;
- iface_class->export = NULL;
+ iface_class->import_from_file = NULL;
+ iface_class->export_to_file = NULL;
iface_class->get_suggested_name = NULL;
iface_class->delete_connection = delete_connection;
}

580
nm-secret-whack.patch
View File

@ -1,580 +0,0 @@
diff -urNp NetworkManager-openswan-0.8-orig/properties/nm-openswan.c NetworkManager-openswan-0.8/properties/nm-openswan.c
--- NetworkManager-openswan-0.8-orig/properties/nm-openswan.c 2010-06-04 17:50:13.000000000 -0400
+++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2010-07-08 12:15:43.376302841 -0400
@@ -426,7 +426,7 @@ init_plugin_ui (OpenswanPluginUiWidget *
}
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
- widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton");
+ /*widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton");
g_return_val_if_fail (widget != NULL, FALSE);
if (s_vpn) {
value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT);
@@ -442,7 +442,7 @@ init_plugin_ui (OpenswanPluginUiWidget *
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
}
}
- g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);
+ g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);*/
widget = glade_xml_get_widget (priv->xml, "show_passwords_checkbutton");
g_return_val_if_fail (widget != NULL, FALSE);
@@ -530,20 +530,20 @@ update_connection (NMVpnPluginUiWidgetIn
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DOMAIN, str);
- widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton");
- if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
- nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, "0");
- } else {
+ //widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton");
+ //if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
+ // nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, "0");
+ //} else {
/* If DPD was disabled and now the user wishes to enable it, just
* don't pass the DPD_IDLE_TIMEOUT option to openswan and thus use the
* default DPD idle time. Otherwise keep the original DPD idle timeout.
*/
- if (priv->orig_dpd_timeout >= 10) {
- char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout);
- nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, tmp);
- g_free (tmp);
- }
- }
+ // if (priv->orig_dpd_timeout >= 10) {
+ // char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout);
+ // nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, tmp);
+ // g_free (tmp);
+ // }
+ //}
upw_type = handle_one_pw_type (s_vpn, priv->xml, "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
gpw_type = handle_one_pw_type (s_vpn, priv->xml, "group_pass_type_combo", NM_OPENSWAN_PSK_INPUT_MODES);
diff -urNp NetworkManager-openswan-0.8-orig/properties/nm-openswan-dialog.glade NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade
--- NetworkManager-openswan-0.8-orig/properties/nm-openswan-dialog.glade 2010-06-04 17:50:13.000000000 -0400
+++ NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade 2010-07-08 12:20:07.277052416 -0400
@@ -1,7 +1,7 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!DOCTYPE glade-interface SYSTEM "glade-2.0.dtd">
-<!--*- mode: xml -*-->
+<?xml version="1.0"?>
<glade-interface>
+ <!-- interface-requires gtk+ 2.6 -->
+ <!-- interface-naming-policy toplevel-contextual -->
<widget class="GtkWindow" id="openswan-widget">
<property name="title" translatable="yes">window1</property>
<child>
@@ -23,6 +23,7 @@
<packing>
<property name="expand">False</property>
<property name="fill">False</property>
+ <property name="position">0</property>
</packing>
</child>
<child>
@@ -37,18 +38,6 @@
<property name="column_spacing">6</property>
<property name="row_spacing">6</property>
<child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
- <placeholder/>
- </child>
- <child>
<widget class="GtkComboBox" id="group_pass_type_combo">
<property name="visible">True</property>
<property name="items" translatable="yes"> </property>
@@ -74,10 +63,10 @@
</child>
<child>
<widget class="GtkCheckButton" id="show_passwords_checkbutton">
+ <property name="label" translatable="yes">Show passwords</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
- <property name="label" translatable="yes">Show passwords</property>
- <property name="response_id">0</property>
+ <property name="receives_default">False</property>
<property name="draw_indicator">True</property>
</widget>
<packing>
@@ -197,6 +186,18 @@
<property name="y_options"></property>
</packing>
</child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
</widget>
</child>
</widget>
@@ -207,6 +208,7 @@
</widget>
<packing>
<property name="expand">False</property>
+ <property name="position">0</property>
</packing>
</child>
<child>
@@ -223,6 +225,7 @@
<packing>
<property name="expand">False</property>
<property name="fill">False</property>
+ <property name="position">0</property>
</packing>
</child>
<child>
@@ -237,47 +240,6 @@
<property name="column_spacing">6</property>
<property name="row_spacing">6</property>
<child>
- <placeholder/>
- </child>
- <child>
- <widget class="GtkCheckButton" id="disable_dpd_checkbutton">
- <property name="visible">True</property>
- <property name="can_focus">True</property>
- <property name="label" translatable="yes">Disable Dead Peer Detection</property>
- <property name="response_id">0</property>
- <property name="draw_indicator">True</property>
- </widget>
- <packing>
- <property name="left_attach">1</property>
- <property name="right_attach">2</property>
- <property name="top_attach">4</property>
- <property name="bottom_attach">5</property>
- </packing>
- </child>
- <child>
- <widget class="GtkComboBox" id="encryption_combo">
- <property name="visible">True</property>
- <property name="items" translatable="yes"> </property>
- </widget>
- <packing>
- <property name="left_attach">1</property>
- <property name="right_attach">2</property>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
- </packing>
- </child>
- <child>
- <widget class="GtkLabel" id="label1">
- <property name="visible">True</property>
- <property name="xalign">0</property>
- <property name="label" translatable="yes">Encryption method:</property>
- </widget>
- <packing>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
- </packing>
- </child>
- <child>
<widget class="GtkLabel" id="label26">
<property name="visible">True</property>
<property name="xalign">0</property>
@@ -326,27 +288,22 @@
</packing>
</child>
<child>
- <widget class="GtkLabel" id="label2">
- <property name="visible">True</property>
- <property name="xalign">0</property>
- <property name="label" translatable="yes">NAT traversal:</property>
- </widget>
- <packing>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
- </packing>
+ <placeholder/>
</child>
<child>
- <widget class="GtkComboBox" id="natt_combo">
- <property name="visible">True</property>
- <property name="items" translatable="yes"> </property>
- </widget>
- <packing>
- <property name="left_attach">1</property>
- <property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
- </packing>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
</child>
</widget>
</child>
diff -urNp NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c NetworkManager-openswan-0.8/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c 2010-06-04 17:50:13.000000000 -0400
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2010-07-13 18:19:05.137333584 -0400
@@ -212,12 +212,32 @@ openswan_watch_cb_auto (GPid pid, gint s
nm_warning ("openswan: ipsec auto died from an unknown cause");
/* Reap child if needed. */
- waitpid (priv->pid_auto, NULL, WNOHANG);
- priv->pid_auto = 0;
+ //waitpid (priv->pid_auto, NULL, WNOHANG);
+ //priv->pid_auto = 0;
+
+ waitpid (priv->pid, NULL, WNOHANG);
+ priv->pid = 0;
+
+ /* Must be after data->state is set since signals use data->state */
+ switch (error) {
+ case 2:
+ /* Couldn't log in due to bad user/pass */
+ nm_vpn_plugin_failure (NM_VPN_PLUGIN (plugin), NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED);
+ break;
+ case 1:
+ /* Other error (couldn't bind to address, etc) */
+ nm_vpn_plugin_failure (NM_VPN_PLUGIN (plugin), NM_VPN_PLUGIN_FAILURE_CONNECT_FAILED);
+ break;
+ default:
+ break;
+ }
+
+ nm_vpn_plugin_set_state (NM_VPN_PLUGIN (plugin), NM_VPN_SERVICE_STATE_STOPPED);
}
static gint
+//nm_openswan_start_openswan_binary (NMSettingVPN *s_vpn, NMOPENSWANPlugin *plugin, GError **error)
nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
{
GPid pid, pid_auto;
@@ -257,14 +277,27 @@ nm_openswan_start_openswan_binary (NMOPE
}
g_ptr_array_free (openswan_argv, TRUE);
+ nm_info ("openswan: ipsec started with pid %d", pid);
+
+ NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
+ openswan_watch = g_child_watch_source_new (pid);
+ g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL);
+ g_source_attach (openswan_watch, NULL);
+ g_source_unref (openswan_watch);
+
sleep(2);
- /*ipsec auto --up <conn-name>*/
openswan_argv = g_ptr_array_new ();
g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
g_ptr_array_add (openswan_argv, (gpointer) "auto");
- g_ptr_array_add (openswan_argv, (gpointer) "--up");
+ g_ptr_array_add (openswan_argv, (gpointer) "--add");
+ g_ptr_array_add (openswan_argv, (gpointer) "--config");
+ g_ptr_array_add (openswan_argv, (gpointer) "-");
+ //g_ptr_array_add (openswan_argv, (gpointer) "--up");
+ //g_ptr_array_add (openswan_argv, (gpointer) "--name");
g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1");
+ //g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass");
+ //g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
g_ptr_array_add (openswan_argv, NULL);
if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL,
@@ -277,13 +310,64 @@ nm_openswan_start_openswan_binary (NMOPE
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
+ nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
- NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
- openswan_watch = g_child_watch_source_new (pid_auto);
- g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL);
- g_source_attach (openswan_watch, NULL);
- g_source_unref (openswan_watch);
+ /*NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
+ openswan_watch = g_child_watch_source_new (pid_auto);
+ g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL);
+ g_source_attach (openswan_watch, NULL);
+ g_source_unref (openswan_watch);*/
+
+ return stdin_fd;
+}
+
+
+
+static gint
+nm_openswan_start_openswan_connection (NMOPENSWANPlugin *plugin, GError **error)
+{
+ GPid pid;
+ const char **openswan_binary = NULL;
+ GPtrArray *openswan_argv;
+ gint stdin_fd;
+
+ /* Find openswan ipsec */
+ openswan_binary = openswan_binary_paths;
+ while (*openswan_binary != NULL) {
+ if (g_file_test (*openswan_binary, G_FILE_TEST_EXISTS))
+ break;
+ openswan_binary++;
+ }
+
+ if (!*openswan_binary) {
+ g_set_error (error,
+ NM_VPN_PLUGIN_ERROR,
+ NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
+ "%s",
+ "Could not find openswan binary.");
+ return -1;
+ }
+
+ openswan_argv = g_ptr_array_new ();
+ g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
+ g_ptr_array_add (openswan_argv, (gpointer) "auto");
+ g_ptr_array_add (openswan_argv, (gpointer) "--up");
+ g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1");
+ g_ptr_array_add (openswan_argv, NULL);
+
+ if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL,
+ G_SPAWN_DO_NOT_REAP_CHILD, NULL, NULL, &pid, &stdin_fd,
+ NULL, NULL, error)) {
+
+ g_ptr_array_free (openswan_argv, TRUE);
+ nm_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
+ return -1;
+ }
+ g_ptr_array_free (openswan_argv, TRUE);
+
+ sleep(3);
+
+ nm_info ("openswan: ipsec auto connection started with pid %d", pid);
return stdin_fd;
}
@@ -318,8 +402,8 @@ write_one_property (const char *key, con
WriteConfigInfo *info = (WriteConfigInfo *) user_data;
GType type = G_TYPE_INVALID;
int i;
- const char *default_username;
- const char *props_username;
+ //const char *default_username;
+ //const char *props_username;
const char *leftid;
if (info->error)
@@ -365,11 +449,11 @@ write_one_property (const char *key, con
//write_config_option (info->fd, "%s %s\n", (char *) key, (char *) value);
if (!strcmp (key, NM_OPENSWAN_PSK_VALUE)) {
- leftid=nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTID);
+ leftid=nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTID);
write_config_option (info->secret_fd, "@%s: PSK \"%s\"\n", leftid, (char *) value);
}
- if (!strcmp (key, NM_OPENSWAN_XAUTH_PASSWORD)) {
+ /*if (!strcmp (key, NM_OPENSWAN_XAUTH_PASSWORD)) {
default_username = nm_setting_vpn_get_user_name (info->s_vpn);
props_username = nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTXAUTHUSER);
if ( default_username && strlen (default_username)
@@ -378,7 +462,7 @@ write_one_property (const char *key, con
} else {
write_config_option (info->secret_fd, "@%s : XAUTH \"%s\"\n", props_username, (char *) value);
}
- }
+ }*/
} else if (type == G_TYPE_BOOLEAN) {
if (!strcmp (value, "yes")) {
@@ -414,22 +498,22 @@ write_one_property (const char *key, con
}
static gboolean
-nm_openswan_config_write (NMSettingVPN *s_vpn,
+nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
GError **error)
{
WriteConfigInfo *info;
const char *props_username;
//const char *props_natt_mode;
const char *default_username;
- const char *pw_type;
+ //const char *pw_type;
gint fdtmp1=-1;
- gint conf_fd=-1;
- gint secret_fd=-1;
+ //gint conf_fd=-1;
+ //gint secret_fd=-1;
- conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
- secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+ //conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
+ //secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
- fdtmp1 = conf_fd;
+ fdtmp1 = openswan_fd;
if(fdtmp1 != -1) {
write_config_option (fdtmp1, "conn nm-conn1\n");
write_config_option (fdtmp1, " aggrmode=yes\n");
@@ -454,8 +538,10 @@ nm_openswan_config_write (NMSettingVPN *
write_config_option (fdtmp1, " ike=aes-sha1\n");
write_config_option (fdtmp1, " esp=aes-sha1;modp1024\n");
write_config_option (fdtmp1, " nm_configured=yes\n");
- //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
+ //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
write_config_option (fdtmp1, " auto=add\n");
+ //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_VPN_SETTING_NAME));
+ //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_NAME));
}
//default_username = nm_setting_vpn_get_user_name (s_vpn);
@@ -472,7 +558,49 @@ nm_openswan_config_write (NMSettingVPN *
info = g_malloc0 (sizeof (WriteConfigInfo));
//info->fd = openswan_fd;
- info->conf_fd = conf_fd;
+ //info->conf_fd = conf_fd;
+ info->conf_fd = openswan_fd;
+ //info->secret_fd = secret_fd;
+ info->s_vpn = s_vpn;
+
+ /* Check for ignored user password */
+ /*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
+ if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
+ info->upw_ignored = TRUE;*/
+
+ /* Check for ignored group password */
+ /*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_PSK_INPUT_MODES);
+ if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
+ info->gpw_ignored = TRUE;*/
+
+ nm_setting_vpn_foreach_data_item (s_vpn, write_one_property, info);
+ //nm_setting_vpn_foreach_secret (s_vpn, write_one_property, info);
+ *error = info->error;
+ //close(conf_fd);
+ close(openswan_fd);
+ sleep(3);
+ //close(secret_fd);
+ g_free (info);
+
+ return *error ? FALSE : TRUE;
+}
+
+
+static gboolean
+nm_openswan_config_secret_write (NMSettingVPN *s_vpn,
+ GError **error)
+{
+ WriteConfigInfo *info;
+ //const char *props_username;
+ //const char *default_username;
+ const char *pw_type;
+ //gint fdtmp1=-1;
+ //gint conf_fd=-1;
+ gint secret_fd=-1;
+
+ secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
+
+ info = g_malloc0 (sizeof (WriteConfigInfo));
info->secret_fd = secret_fd;
info->s_vpn = s_vpn;
@@ -486,16 +614,15 @@ nm_openswan_config_write (NMSettingVPN *
if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
info->gpw_ignored = TRUE;
- nm_setting_vpn_foreach_data_item (s_vpn, write_one_property, info);
nm_setting_vpn_foreach_secret (s_vpn, write_one_property, info);
*error = info->error;
- close(conf_fd);
close(secret_fd);
g_free (info);
return *error ? FALSE : TRUE;
}
+
static gboolean
real_connect (NMVPNPlugin *plugin,
NMConnection *connection,
@@ -514,13 +641,31 @@ real_connect (NMVPNPlugin *plugin,
if (!nm_openswan_secrets_validate (s_vpn, error))
goto out;
- if (!nm_openswan_config_write (s_vpn, error))
- goto out;
+ if (!nm_openswan_config_secret_write (s_vpn, error))
+ goto out;
openswan_fd = nm_openswan_start_openswan_binary (NM_OPENSWAN_PLUGIN (plugin), error);
if (openswan_fd < 0)
goto out;
+ if (!nm_openswan_config_write (openswan_fd, s_vpn, error)) {
+ goto out;
+ }
+ else {
+ /*no error*/
+ openswan_fd=-1;
+ }
+
+ unlink("/etc/ipsec.d/ipsec-nm-conn1.secrets");
+
+ openswan_fd = nm_openswan_start_openswan_connection (NM_OPENSWAN_PLUGIN (plugin), error);
+ if (openswan_fd < 0)
+ goto out;
+
+ write_config_option (openswan_fd, "%s", nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
+ close(openswan_fd);
+ openswan_fd=-1;
+
success = TRUE;
out:
@@ -622,6 +767,9 @@ real_disconnect (NMVPNPlugin *plugin,
}
g_ptr_array_free (openswan_argv, TRUE);
+ //unlink("/etc/ipsec.d/ipsec-nm-conn1.conf");
+ //unlink("/etc/ipsec.d/ipsec-nm-conn1.secrets");
+
return TRUE;
}
diff -urNp NetworkManager-openswan-0.8-orig/src/nm-openswan-service-helper.c NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c
--- NetworkManager-openswan-0.8-orig/src/nm-openswan-service-helper.c 2010-06-04 17:50:13.000000000 -0400
+++ NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c 2010-07-06 15:10:51.737035482 -0400
@@ -195,7 +195,7 @@ addr_list_to_gvalue (const char *str)
* PLUTO_MY_SOURCEIP -- address
* PLUTO_CISCO_DNS_INFO -- list of dns serverss
* PLUTO_CISCO_DOMAIN_INFO -- default domain name
- * PLUTO_SERVERBANNER -- banner from server
+ * PLUTO_PEER_BANNER -- banner from server
*
*/
int
@@ -288,7 +288,7 @@ main (int argc, char *argv[])
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DOMAIN, val);
/* Banner */
- val = str_to_gvalue (getenv ("PLUTO_SERVERBANNER"), TRUE);
+ val = str_to_gvalue (getenv ("PLUTO_PEER_BANNER"), TRUE);
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_BANNER, val);

359
nm09.patch
View File

@ -1,359 +0,0 @@
diff -up NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 NetworkManager-openswan-0.8/properties/nm-openswan.c
--- NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 2011-03-27 17:51:22.426710054 -0700
+++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2011-03-27 17:58:58.457008890 -0700
@@ -170,43 +170,41 @@ fill_vpn_passwords (OpenswanPluginUiWidg
char *password = NULL;
char *group_password = NULL;
- /* Grab secrets from the keyring */
+ /* Grab secrets from the connection or the keyring */
if (connection) {
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
const char *tmp;
+ s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
+
s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ if (s_vpn) {
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
+ if (tmp)
+ password = gnome_keyring_memory_strdup (tmp);
+
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
+ if (tmp)
+ group_password = gnome_keyring_memory_strdup (tmp);
+ }
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
- if (s_vpn) {
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
- if (tmp)
- password = gnome_keyring_memory_strdup (tmp);
-
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
- if (tmp)
- group_password = gnome_keyring_memory_strdup (tmp);
- }
- } else {
- s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
-
- /* Lookup passwords in the keyring, and if they weren't there, try
- * the connection itself, which is where they'd be right after import.
- */
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_USER_PASSWORD, &secret_flags, NULL);
+ if (!password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
- OPENSWAN_USER_PASSWORD,
- &password,
- NULL);
- if (!password)
- password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
+ OPENSWAN_USER_PASSWORD,
+ &password,
+ NULL);
+ }
+ secret_flags = NM_SETTING_SECRET_FLAG_NONE;
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_GROUP_PASSWORD, &secret_flags, NULL);
+ if (!group_password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
OPENSWAN_GROUP_PASSWORD,
&group_password,
NULL);
- if (!group_password)
- group_password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE));
}
}
@@ -300,6 +298,20 @@ pw_type_combo_changed_cb (GtkWidget *com
stuff_changed_cb (combo, self);
}
+static const char *
+secret_flags_to_pw_type (NMSettingVPN *s_vpn, const char *key)
+{
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
+
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL)) {
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED)
+ return NM_OPENSWAN_PW_TYPE_UNUSED;
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
+ return NM_OPENSWAN_PW_TYPE_ASK;
+ }
+ return NM_OPENSWAN_PW_TYPE_SAVE;
+}
+
static void
init_one_pw_combo (OpenswanPluginUiWidget *self,
NMSettingVPN *s_vpn,
@@ -330,6 +342,8 @@ init_one_pw_combo (OpenswanPluginUiWidge
store = gtk_list_store_new (1, G_TYPE_STRING);
if (s_vpn)
value = nm_setting_vpn_get_data_item (s_vpn, key);
+ if (!value)
+ value = secret_flags_to_pw_type (s_vpn, key);
gtk_list_store_append (store, &iter);
gtk_list_store_set (store, &iter, 0, _("Saved"), -1);
@@ -485,26 +499,35 @@ get_widget (NMVpnPluginUiWidgetInterface
static guint32
handle_one_pw_type (NMSettingVPN *s_vpn, GladeXML *xml, const char *name, const char *key)
{
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
GtkWidget *widget;
guint32 pw_type;
+ const char *data_val = NULL;
widget = glade_xml_get_widget (xml, name);
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL);
+ flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
+
pw_type = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
switch (pw_type) {
case PW_TYPE_SAVE:
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_SAVE);
+ data_val = NM_OPENSWAN_PW_TYPE_SAVE;
break;
case PW_TYPE_UNUSED:
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_UNUSED);
+ data_val = NM_OPENSWAN_PW_TYPE_UNUSED;
+ flags |= NM_SETTING_SECRET_FLAG_NOT_REQUIRED;
break;
case PW_TYPE_ASK:
default:
pw_type = PW_TYPE_ASK;
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_ASK);
+ data_val = NM_OPENSWAN_PW_TYPE_ASK;
+ flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED;
break;
}
+ nm_setting_vpn_add_data_item (s_vpn, key, data_val);
+ nm_setting_set_secret_flags (NM_SETTING (s_vpn), key, flags, NULL);
return pw_type;
}
@@ -580,22 +603,17 @@ update_connection (NMVpnPluginUiWidgetIn
upw_type = handle_one_pw_type (s_vpn, priv->xml, "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
gpw_type = handle_one_pw_type (s_vpn, priv->xml, "group_pass_type_combo", NM_OPENSWAN_PSK_INPUT_MODES);
- /* System secrets get stored in the connection, user secrets are saved
- * via the save_secrets() hook.
- */
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
- /* User password */
- widget = glade_xml_get_widget (priv->xml, "user_password_entry");
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
- if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
-
- /* Group password */
- widget = glade_xml_get_widget (priv->xml, "group_password_entry");
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
- if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
- }
+ /* User password */
+ widget = glade_xml_get_widget (priv->xml, "user_password_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
+
+ /* Group password */
+ widget = glade_xml_get_widget (priv->xml, "group_password_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
return TRUE;
@@ -642,24 +660,36 @@ save_secrets (NMVpnPluginUiWidgetInterfa
OpenswanPluginUiWidget *self = OPENSWAN_PLUGIN_UI_WIDGET (iface);
OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingConnection *s_con;
+ NMSettingVPN *s_vpn;
const char *id, *uuid;
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
- if (!s_con) {
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ if (!s_con || !s_vpn) {
g_set_error (error,
OPENSWAN_PLUGIN_UI_ERROR,
OPENSWAN_PLUGIN_UI_ERROR_INVALID_CONNECTION,
- "missing 'connection' setting");
+ "missing connection or VPN settings");
return FALSE;
}
id = nm_setting_connection_get_id (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
- save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
- "user_password_entry", "user_pass_type_combo", "user password");
- save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
- "group_password_entry", "group_pass_type_combo", "group password");
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_XAUTH_PASSWORD, &secret_flags, NULL)) {
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
+ save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
+ "user_password_entry", "user_pass_type_combo", "user password");
+ }
+ }
+
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_PSK_VALUE, &secret_flags, NULL)) {
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
+ save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
+ "group_password_entry", "group_pass_type_combo", "group password");
+ }
+ }
return TRUE;
}
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 2011-03-27 17:50:42.579208216 -0700
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2011-03-27 17:59:44.777429804 -0700
@@ -204,14 +204,14 @@ openswan_watch_cb_auto (GPid pid, gint s
if (WIFEXITED (status)) {
error = WEXITSTATUS (status);
if (error != 0)
- nm_warning ("openswan: ipsec auto exited with error code %d", error);
+ g_warning ("openswan: ipsec auto exited with error code %d", error);
}
else if (WIFSTOPPED (status))
- nm_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
+ g_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
else if (WIFSIGNALED (status))
- nm_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
+ g_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
else
- nm_warning ("openswan: ipsec auto died from an unknown cause");
+ g_warning ("openswan: ipsec auto died from an unknown cause");
/* Reap child if needed. */
//waitpid (priv->pid_auto, NULL, WNOHANG);
@@ -274,12 +274,12 @@ nm_openswan_start_openswan_binary (NMOPE
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
0, NULL, NULL, &pid, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec started with pid %d", pid);
+ g_message ("openswan: ipsec started with pid %d", pid);
NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
openswan_watch = g_child_watch_source_new (pid);
@@ -307,12 +307,12 @@ nm_openswan_start_openswan_binary (NMOPE
NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
+ g_message ("openswan: ipsec auto started with pid %d", pid_auto);
/*NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
openswan_watch = g_child_watch_source_new (pid_auto);
@@ -362,14 +362,14 @@ nm_openswan_start_openswan_connection (N
NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
sleep(3);
- nm_info ("openswan: ipsec auto connection started with pid %d", pid);
+ g_message ("openswan: ipsec auto connection started with pid %d", pid);
return stdin_fd;
}
@@ -384,7 +384,7 @@ write_config_option (int fd, const char
string = g_strdup_vprintf (format, args);
if ( write (fd, string, strlen (string)) == -1) {
- nm_warning ("nm-openswan: error in write_config_option");
+ g_warning ("nm-openswan: error in write_config_option");
}
g_free (string);
@@ -497,7 +497,7 @@ write_one_property (const char *key, con
/* ignored */
} else {
/* Just ignore unknown properties */
- nm_warning ("Don't know how to write property '%s' with type %s",
+ g_warning ("Don't know how to write property '%s' with type %s",
(char *) key, g_type_name (type));
}
}
@@ -784,7 +784,7 @@ real_disconnect (NMVPNPlugin *plugin,
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
0, NULL, NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
+ g_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c
--- NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 2011-03-27 17:50:51.747093599 -0700
+++ NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c 2011-03-27 17:59:44.779429780 -0700
@@ -48,7 +48,7 @@ helper_failed (DBusGConnection *connecti
DBusGProxy *proxy;
GError *err = NULL;
- nm_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
+ g_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
proxy = dbus_g_proxy_new_for_name (connection,
NM_DBUS_SERVICE_OPENSWAN,
@@ -61,7 +61,7 @@ helper_failed (DBusGConnection *connecti
G_TYPE_INVALID);
if (err) {
- nm_warning ("Could not send failure information: %s", err->message);
+ g_warning ("Could not send failure information: %s", err->message);
g_error_free (err);
}
@@ -88,7 +88,7 @@ send_ip4_config (DBusGConnection *connec
G_TYPE_INVALID);
if (err) {
- nm_warning ("Could not send IPv4 configuration: %s", err->message);
+ g_warning ("Could not send IPv4 configuration: %s", err->message);
g_error_free (err);
}
@@ -221,7 +221,7 @@ main (int argc, char *argv[])
connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
if (!connection) {
- nm_warning ("Could not get the system bus: %s", err->message);
+ g_warning ("Could not get the system bus: %s", err->message);
exit (1);
}
@@ -299,7 +299,7 @@ main (int argc, char *argv[])
errno = 0;
mtu = strtol (tmp, NULL, 10);
if (errno || mtu < 0 || mtu > 20000) {
- nm_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
+ g_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
mtu = 1412;
}
}

2
sources
View File

@ -1 +1 @@
8e44ef5492e5f5937dcb4a1a620d461b NetworkManager-openswan-0.8.tar.gz
d90c3539293d82febfe4f85d8f2bc5ff NetworkManager-openswan-0.8.999.tar.bz2