[Patch] Add Export functionality to NetworkManager-openvpn
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
[Patch] Add Export functionality to NetworkManager-openvpn
by Huzaifa Sidhpurwala-2
::
Rate this Message:
Hi All,
This patch is a bit raw, but is well tested, It does not work with static keys, but i am working on it. Can you someone please check this out, so that i know i am working in the right direction? [import-export.patch] diff --git a/properties/import-export.c b/properties/import-export.c index 5e17dea..b0dd5ed 100644 --- a/properties/import-export.c +++ b/properties/import-export.c @@ -415,7 +415,144 @@ do_import (const char *path, char **lines, GError **error) gboolean do_export (const char *path, NMConnection *connection, GError **error) { - return FALSE; + NMSettingConnection *s_con; + NMSettingIP4Config *s_ip4; + NMSettingVPN *s_vpn; + + FILE *f; + + const char *value; + const char *gateway = NULL; + const char *cipher = NULL; + const char *cacert = NULL; + const char *connection_type = NULL; + const char *user_cert = NULL; + const char *private_key = NULL; + + guint16 port = 0; + gboolean success = FALSE; + gboolean device_tun = TRUE; + gboolean proto_udp = TRUE; + gboolean use_lzo = FALSE; + gboolean reneg_exists = FALSE; + guint32 reneg = 0; + + + s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION)); + s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG); + + s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN); + + f = fopen (path, "w"); + if (!f) { + g_set_error (error, 0, 0, "could not open file for writing"); + return FALSE; + } + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_REMOTE); + if (value && strlen (value)) + gateway = value; + else { + g_set_error (error, 0, 0, "connection was incomplete (missing gateway)"); + goto done; + } + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE); + if (value && strlen (value)) + connection_type = value; + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CA); + if (value && strlen (value)) + cacert = value; + } + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) + { + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CERT); + if (value && strlen (value)) + user_cert = value; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_KEY); + if (value && strlen (value)) + private_key = value; + } +/* Advanced values start*/ + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PORT); + if (value && strlen (value)) + port = strtol (value, NULL, 10); + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS); + if (value && strlen (value)) { + reneg_exists = TRUE; + reneg = strtol (value, NULL, 10); + } + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROTO_TCP); + if (value && !strcmp (value, "yes")) + proto_udp = FALSE; + + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TAP_DEV); + if (value && !strcmp (value, "yes")) + device_tun = FALSE; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_COMP_LZO); + if (value && !strcmp (value, "yes")) + use_lzo = TRUE; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CIPHER); + if (value && strlen (value)) + cipher = value; + +/* Advanced values end*/ + + + fprintf (f,"client\n" "remote %s ",gateway); + + + if (port) + fprintf (f,"%d\n", port); + else + fprintf (f,"\n"); + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + + if (cacert) + fprintf (f, "ca %s\n", cacert); + } + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + if (user_cert) + fprintf (f, "cert %s\n", user_cert); + if (private_key) + fprintf(f, "key %s\n", private_key); + } + + if (reneg_exists) + fprintf (f, "reneg-sec %d\n", reneg); + + if (cipher) + fprintf (f, "cipher %s\n", cipher); + + if (use_lzo) + fprintf (f, "comp-lzo yes\n"); + + + fprintf (f, "dev %s\n" "proto %s\n", (device_tun ? "tun" : "tap"), (proto_udp ? "udp" : "tcp") ); + +/* Add extra args which are hard-coded*/ + fprintf (f, "nobind\n" "auth-nocache\n" "script-security 2\n" + "persist-key\n" "persist-tun\n" + "user openvpn\n" "group openvpn\n"); + success = TRUE; + +done: + fclose (f); + return success; } - _______________________________________________ NetworkManager-list mailing list NetworkManager-list@... http://mail.gnome.org/mailman/listinfo/networkmanager-list |
|
|
Re: [Patch] Add Export functionality to NetworkManager-openvpn
by Huzaifa Sidhpurwala-2
::
Rate this Message:
Small improvement here, added auth-user-pass for some auth types
On Fri, Oct 16, 2009 at 1:23 PM, Huzaifa Sidhpurwala <sidhpurwala.huzaifa@...> wrote: Hi All, [import-export.patch] diff --git a/properties/import-export.c b/properties/import-export.c index 5e17dea..84155ef 100644 --- a/properties/import-export.c +++ b/properties/import-export.c @@ -415,7 +415,148 @@ do_import (const char *path, char **lines, GError **error) gboolean do_export (const char *path, NMConnection *connection, GError **error) { - return FALSE; + NMSettingConnection *s_con; + NMSettingIP4Config *s_ip4; + NMSettingVPN *s_vpn; + + FILE *f; + + const char *value; + const char *gateway = NULL; + const char *cipher = NULL; + const char *cacert = NULL; + const char *connection_type = NULL; + const char *user_cert = NULL; + const char *private_key = NULL; + + guint16 port = 0; + gboolean success = FALSE; + gboolean device_tun = TRUE; + gboolean proto_udp = TRUE; + gboolean use_lzo = FALSE; + gboolean reneg_exists = FALSE; + guint32 reneg = 0; + + + s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION)); + s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG); + + s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN); + + f = fopen (path, "w"); + if (!f) { + g_set_error (error, 0, 0, "could not open file for writing"); + return FALSE; + } + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_REMOTE); + if (value && strlen (value)) + gateway = value; + else { + g_set_error (error, 0, 0, "connection was incomplete (missing gateway)"); + goto done; + } + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE); + if (value && strlen (value)) + connection_type = value; + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CA); + if (value && strlen (value)) + cacert = value; + } + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) + { + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CERT); + if (value && strlen (value)) + user_cert = value; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_KEY); + if (value && strlen (value)) + private_key = value; + } +/* Advanced values start*/ + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PORT); + if (value && strlen (value)) + port = strtol (value, NULL, 10); + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS); + if (value && strlen (value)) { + reneg_exists = TRUE; + reneg = strtol (value, NULL, 10); + } + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROTO_TCP); + if (value && !strcmp (value, "yes")) + proto_udp = FALSE; + + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TAP_DEV); + if (value && !strcmp (value, "yes")) + device_tun = FALSE; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_COMP_LZO); + if (value && !strcmp (value, "yes")) + use_lzo = TRUE; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CIPHER); + if (value && strlen (value)) + cipher = value; + +/* Advanced values end*/ + + + fprintf (f,"client\n" "remote %s ",gateway); + + + if (port) + fprintf (f,"%d\n", port); + else + fprintf (f,"\n"); + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + + if (cacert) + fprintf (f, "ca %s\n", cacert); + } + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) { + if (user_cert) + fprintf (f, "cert %s\n", user_cert); + if (private_key) + fprintf(f, "key %s\n", private_key); + } + + if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) || + (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) + fprintf (f, "auth-user-pass\n"); + + if (reneg_exists) + fprintf (f, "reneg-sec %d\n", reneg); + + if (cipher) + fprintf (f, "cipher %s\n", cipher); + + if (use_lzo) + fprintf (f, "comp-lzo yes\n"); + + + fprintf (f, "dev %s\n" "proto %s\n", (device_tun ? "tun" : "tap"), (proto_udp ? "udp" : "tcp") ); + +/* Add extra args which are hard-coded*/ + fprintf (f, "nobind\n" "auth-nocache\n" "script-security 2\n" + "persist-key\n" "persist-tun\n" + "user openvpn\n" "group openvpn\n"); + success = TRUE; + +done: + fclose (f); + return success; } - _______________________________________________ NetworkManager-list mailing list NetworkManager-list@... http://mail.gnome.org/mailman/listinfo/networkmanager-list |
|
|
Re: [Patch] Add Export functionality to NetworkManager-openvpn
by Dan Williams
::
Rate this Message:
On Fri, 2009-10-16 at 13:54 +0530, Huzaifa Sidhpurwala wrote:
> Small improvement here, added auth-user-pass for some auth types > > On Fri, Oct 16, 2009 at 1:23 PM, Huzaifa Sidhpurwala > <sidhpurwala.huzaifa@...> wrote: > Hi All, > This patch is a bit raw, but is well tested, It does not work > with static keys, but i am working on it. > Can you someone please check this out, so that i know i am > working in the right direction? I fixed it up for the NM code style, added a bunch of testcases, and committed it to git. Thanks! Dan _______________________________________________ NetworkManager-list mailing list NetworkManager-list@... http://mail.gnome.org/mailman/listinfo/networkmanager-list |
| Free embeddable forum powered by Nabble | Forum Help |
