diff -urNp NetworkManager-openswan-0.8-orig/properties/nm-openswan.c NetworkManager-openswan-0.8/properties/nm-openswan.c --- NetworkManager-openswan-0.8-orig/properties/nm-openswan.c 2010-06-04 17:50:13.000000000 -0400 +++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2010-07-08 12:15:43.376302841 -0400 @@ -426,7 +426,7 @@ init_plugin_ui (OpenswanPluginUiWidget * } g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self); - widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton"); + /*widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton"); g_return_val_if_fail (widget != NULL, FALSE); if (s_vpn) { value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT); @@ -442,7 +442,7 @@ init_plugin_ui (OpenswanPluginUiWidget * gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); } } - g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self); + g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);*/ widget = glade_xml_get_widget (priv->xml, "show_passwords_checkbutton"); g_return_val_if_fail (widget != NULL, FALSE); @@ -530,20 +530,20 @@ update_connection (NMVpnPluginUiWidgetIn if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DOMAIN, str); - widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton"); - if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { - nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, "0"); - } else { + //widget = glade_xml_get_widget (priv->xml, "disable_dpd_checkbutton"); + //if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { + // nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, "0"); + //} else { /* If DPD was disabled and now the user wishes to enable it, just * don't pass the DPD_IDLE_TIMEOUT option to openswan and thus use the * default DPD idle time. Otherwise keep the original DPD idle timeout. */ - if (priv->orig_dpd_timeout >= 10) { - char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout); - nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, tmp); - g_free (tmp); - } - } + // if (priv->orig_dpd_timeout >= 10) { + // char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout); + // nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, tmp); + // g_free (tmp); + // } + //} upw_type = handle_one_pw_type (s_vpn, priv->xml, "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES); gpw_type = handle_one_pw_type (s_vpn, priv->xml, "group_pass_type_combo", NM_OPENSWAN_PSK_INPUT_MODES); diff -urNp NetworkManager-openswan-0.8-orig/properties/nm-openswan-dialog.glade NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade --- NetworkManager-openswan-0.8-orig/properties/nm-openswan-dialog.glade 2010-06-04 17:50:13.000000000 -0400 +++ NetworkManager-openswan-0.8/properties/nm-openswan-dialog.glade 2010-07-08 12:20:07.277052416 -0400 @@ -1,7 +1,7 @@ - - - + + + window1 @@ -23,6 +23,7 @@ False False + 0 @@ -37,18 +38,6 @@ 6 6 - - - - - - - - - - - - True @@ -74,10 +63,10 @@ + Show passwords True True - Show passwords - 0 + False True @@ -197,6 +186,18 @@ + + + + + + + + + + + + @@ -207,6 +208,7 @@ False + 0 @@ -223,6 +225,7 @@ False False + 0 @@ -237,47 +240,6 @@ 6 6 - - - - - True - True - Disable Dead Peer Detection - 0 - True - - - 1 - 2 - 4 - 5 - - - - - True - - - - 1 - 2 - 2 - 3 - - - - - True - 0 - Encryption method: - - - 2 - 3 - - - True 0 @@ -326,27 +288,22 @@ - - True - 0 - NAT traversal: - - - 3 - 4 - + - - True - - - - 1 - 2 - 3 - 4 - + + + + + + + + + + + + + diff -urNp NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c NetworkManager-openswan-0.8/src/nm-openswan-service.c --- NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c 2010-06-04 17:50:13.000000000 -0400 +++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2010-07-08 11:39:24.904302790 -0400 @@ -202,14 +202,14 @@ openswan_watch_cb_auto (GPid pid, gint s if (WIFEXITED (status)) { error = WEXITSTATUS (status); if (error != 0) - nm_warning ("openswan: ipsec auto exited with error code %d", error); + nm_warning ("openswan: ipsec whack exited with error code %d", error); } else if (WIFSTOPPED (status)) - nm_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status)); + nm_warning ("openswan: ipsec whack stopped unexpectedly with signal %d", WSTOPSIG (status)); else if (WIFSIGNALED (status)) - nm_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status)); + nm_warning ("openswan: ipsec whack died with signal %d", WTERMSIG (status)); else - nm_warning ("openswan: ipsec auto died from an unknown cause"); + nm_warning ("openswan: ipsec whack died from an unknown cause"); /* Reap child if needed. */ waitpid (priv->pid_auto, NULL, WNOHANG); @@ -218,7 +218,7 @@ openswan_watch_cb_auto (GPid pid, gint s static gint -nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error) +nm_openswan_start_openswan_binary (NMSettingVPN *s_vpn, NMOPENSWANPlugin *plugin, GError **error) { GPid pid, pid_auto; const char **openswan_binary = NULL; @@ -259,12 +259,14 @@ nm_openswan_start_openswan_binary (NMOPE sleep(2); - /*ipsec auto --up */ openswan_argv = g_ptr_array_new (); g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary)); - g_ptr_array_add (openswan_argv, (gpointer) "auto"); - g_ptr_array_add (openswan_argv, (gpointer) "--up"); + g_ptr_array_add (openswan_argv, (gpointer) "whack"); + g_ptr_array_add (openswan_argv, (gpointer) "--initiate"); + g_ptr_array_add (openswan_argv, (gpointer) "--name"); g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1"); + g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass"); + g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD)); g_ptr_array_add (openswan_argv, NULL); if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL, @@ -272,18 +274,18 @@ nm_openswan_start_openswan_binary (NMOPE NULL, NULL, error)) { g_ptr_array_free (openswan_argv, TRUE); - nm_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message); + nm_warning ("openswan: ipsec whack failed to start. error: '%s'", (*error)->message); return -1; } g_ptr_array_free (openswan_argv, TRUE); - nm_info ("openswan: ipsec auto started with pid %d", pid_auto); + nm_info ("openswan: ipsec whack started with pid %d", pid_auto); - NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto; - openswan_watch = g_child_watch_source_new (pid_auto); - g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL); - g_source_attach (openswan_watch, NULL); - g_source_unref (openswan_watch); + NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto; + openswan_watch = g_child_watch_source_new (pid_auto); + g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL); + g_source_attach (openswan_watch, NULL); + g_source_unref (openswan_watch); return stdin_fd; } @@ -318,8 +320,8 @@ write_one_property (const char *key, con WriteConfigInfo *info = (WriteConfigInfo *) user_data; GType type = G_TYPE_INVALID; int i; - const char *default_username; - const char *props_username; + //const char *default_username; + //const char *props_username; const char *leftid; if (info->error) @@ -365,19 +367,19 @@ write_one_property (const char *key, con //write_config_option (info->fd, "%s %s\n", (char *) key, (char *) value); if (!strcmp (key, NM_OPENSWAN_PSK_VALUE)) { - leftid=nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTID); + leftid=nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTID); write_config_option (info->secret_fd, "@%s: PSK \"%s\"\n", leftid, (char *) value); } if (!strcmp (key, NM_OPENSWAN_XAUTH_PASSWORD)) { - default_username = nm_setting_vpn_get_user_name (info->s_vpn); + /*default_username = nm_setting_vpn_get_user_name (info->s_vpn); props_username = nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTXAUTHUSER); if ( default_username && strlen (default_username) && (!props_username || !strlen (props_username))) { write_config_option (info->secret_fd, "@%s : XAUTH \"%s\"\n",default_username, (char *) value); } else { write_config_option (info->secret_fd, "@%s : XAUTH \"%s\"\n", props_username, (char *) value); - } + }*/ } } else if (type == G_TYPE_BOOLEAN) { @@ -426,8 +428,8 @@ nm_openswan_config_write (NMSettingVPN * gint conf_fd=-1; gint secret_fd=-1; - conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR); + secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR); fdtmp1 = conf_fd; if(fdtmp1 != -1) { @@ -454,8 +456,10 @@ nm_openswan_config_write (NMSettingVPN * write_config_option (fdtmp1, " ike=aes-sha1\n"); write_config_option (fdtmp1, " esp=aes-sha1;modp1024\n"); write_config_option (fdtmp1, " nm_configured=yes\n"); - //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH); + //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH); write_config_option (fdtmp1, " auto=add\n"); + //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_VPN_SETTING_NAME)); + //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_NAME)); } //default_username = nm_setting_vpn_get_user_name (s_vpn); @@ -514,10 +518,10 @@ real_connect (NMVPNPlugin *plugin, if (!nm_openswan_secrets_validate (s_vpn, error)) goto out; - if (!nm_openswan_config_write (s_vpn, error)) - goto out; + if (!nm_openswan_config_write (s_vpn, error)) + goto out; - openswan_fd = nm_openswan_start_openswan_binary (NM_OPENSWAN_PLUGIN (plugin), error); + openswan_fd = nm_openswan_start_openswan_binary (s_vpn, NM_OPENSWAN_PLUGIN (plugin), error); if (openswan_fd < 0) goto out; @@ -622,6 +626,9 @@ real_disconnect (NMVPNPlugin *plugin, } g_ptr_array_free (openswan_argv, TRUE); + unlink("/etc/ipsec.d/ipsec-nm-conn1.conf"); + unlink("/etc/ipsec.d/ipsec-nm-conn1.secrets"); + return TRUE; } diff -urNp NetworkManager-openswan-0.8-orig/src/nm-openswan-service-helper.c NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c --- NetworkManager-openswan-0.8-orig/src/nm-openswan-service-helper.c 2010-06-04 17:50:13.000000000 -0400 +++ NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c 2010-07-06 15:10:51.737035482 -0400 @@ -195,7 +195,7 @@ addr_list_to_gvalue (const char *str) * PLUTO_MY_SOURCEIP -- address * PLUTO_CISCO_DNS_INFO -- list of dns serverss * PLUTO_CISCO_DOMAIN_INFO -- default domain name - * PLUTO_SERVERBANNER -- banner from server + * PLUTO_PEER_BANNER -- banner from server * */ int @@ -288,7 +288,7 @@ main (int argc, char *argv[]) g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DOMAIN, val); /* Banner */ - val = str_to_gvalue (getenv ("PLUTO_SERVERBANNER"), TRUE); + val = str_to_gvalue (getenv ("PLUTO_PEER_BANNER"), TRUE); if (val) g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_BANNER, val);