Re: vpnc plugin parameter
- From: Jirka Klimes <jklimes redhat com>
- To: Jan Malanik <jmalanik redhat com>
- Cc: networkmanager-list gnome org
- Subject: Re: vpnc plugin parameter
- Date: Thu, 17 Feb 2011 13:38:17 +0100
On Tuesday 15 of February 2011 17:20:55 Jan Malanik wrote:
> hi,
> I'm trying backport this patch to nm version 0.8.1-10.git20100831.fc14
> and NetworkManager-vpnc version 0.8.1-1.fc14.
> I added line
> #define NM_LOCAL_PORT "500"
> to file nm-vpnc-service.h, repack source tarball and then start command
> rpmbuild -ba NetworkManager-vpnc.spec
> During compilation I get an error:
>
> m-vpnc.c: In function 'vpnc_plugin_ui_interface_init':
> nm-vpnc.c:1444:13: error: 'NMVpnPluginUiInterface' has no member named
> 'import'
> nm-vpnc.c:1445:13: error: 'NMVpnPluginUiInterface' has no member named
> 'export'
> make[3]: *** [libnm_vpnc_properties_la-nm-vpnc.lo] Error 1
> make[3]: Leaving directory
> `/root/rpmbuild/BUILD/NetworkManager-vpnc-0.8.1/properties'
> make[2]: *** [all-recursive] Error 1
> make[2]: Leaving directory
> `/root/rpmbuild/BUILD/NetworkManager-vpnc-0.8.1/properties'
> make[1]: *** [all-recursive] Error 1
> make[1]: Leaving directory `/root/rpmbuild/BUILD/NetworkManager-vpnc-0.8.1'
> make: *** [all] Error 2
> error: Bad exit status from /var/tmp/rpm-tmp.kC10CJ (%build)
>
>
> I think this is due the different versions of NetworkManager and vpnc
> plugin.
> Is there any other solution than downgrade NetworkManager package?
>
> thanks
>
There was a change in between of import/export function names - commit
6ddce13ade01c3f7eec5da34675d05c7e913f7a2
So, you have to include this patch as well.
Steps:
1. yumdownloader --source NetworkManager-vpnc
2. rpm -ihv NetworkManager-vpnc-0.8.1-1.fc14.src.rpm
3. cd ~/rpmbuild/SPECS/
4. Edit NetworkManager-vpnc.spec to include local-port-0.patch
and fix-import-export.patch
(updated spec in the attachment)
5. copy local-port-0.patch to ~/rpmbuild/SOURCES
6. copy fix-import-export.patch to ~/rpmbuild/SOURCES
7. rpmbuild -ba NetworkManager-vpnc.spec
8. find your rpm in ~/rpmbuild/SOURCES
Jirka
%define nm_version 1:0.8.1
%define dbus_version 1.1
%define gtk2_version 2.10.0
%define vpnc_version 0.5
%define shared_mime_version 0.16-3
%define snapshot %{nil}
%define realversion 0.8.1
Summary: NetworkManager VPN plugin for vpnc
Name: NetworkManager-vpnc
Epoch: 1
Version: 0.8.1
Release: 1%{snapshot}%{?dist}
License: GPLv2+
Group: System Environment/Base
URL: http://www.gnome.org/projects/NetworkManager/
Source: %{name}-%{realversion}%{snapshot}.tar.bz2
Patch0: local-port-0.patch
Patch1: fix-import-export.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: gtk2-devel >= %{gtk2_version}
BuildRequires: dbus-devel >= %{dbus_version}
BuildRequires: NetworkManager-devel >= %{nm_version}
BuildRequires: NetworkManager-glib-devel >= %{nm_version}
BuildRequires: GConf2-devel
BuildRequires: gnome-keyring-devel
BuildRequires: libglade2-devel
BuildRequires: intltool gettext
Requires: gtk2 >= %{gtk2_version}
Requires: dbus >= %{dbus_version}
Requires: NetworkManager >= %{nm_version}
Requires: vpnc >= %{vpnc_version}
Requires: shared-mime-info >= %{shared_mime_version}
Requires: GConf2
Requires: gnome-keyring
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
%description
This package contains software for integrating the vpnc VPN software
with NetworkManager and the GNOME desktop
%prep
%setup -q -n NetworkManager-vpnc-%{realversion}
%patch0 -p1 -b .local-port
%patch1 -p1 -b .import-export
%build
%configure --enable-more-warnings=yes
make %{?_smp_mflags}
%install
make install DESTDIR=$RPM_BUILD_ROOT
rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.a
%find_lang %{name}
%clean
rm -rf $RPM_BUILD_ROOT
%post
/sbin/ldconfig
/usr/bin/update-desktop-database &> /dev/null || :
touch --no-create %{_datadir}/icons/hicolor
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
%postun
/sbin/ldconfig
/usr/bin/update-desktop-database &> /dev/null || :
touch --no-create %{_datadir}/icons/hicolor
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
%files -f %{name}.lang
%defattr(-, root, root)
%doc AUTHORS ChangeLog
%{_libdir}/NetworkManager/lib*.so*
%{_libexecdir}/nm-vpnc-auth-dialog
%{_sysconfdir}/dbus-1/system.d/nm-vpnc-service.conf
%{_sysconfdir}/NetworkManager/VPN/nm-vpnc-service.name
%{_libexecdir}/nm-vpnc-service
%{_libexecdir}/nm-vpnc-service-vpnc-helper
%{_datadir}/gnome-vpn-properties/vpnc/nm-vpnc-dialog.glade
#%{_datadir}/applications/nm-vpnc.desktop
%{_datadir}/icons/hicolor/48x48/apps/gnome-mime-application-x-cisco-vpn-settings.png
%dir %{_datadir}/gnome-vpn-properties/vpnc
%changelog
* Tue Jul 27 2010 Dan Williams <dcbw redhat com> - 1:0.8.1-1
- Update to 0.8.1 release
- Updated translations
* Sun Apr 11 2010 Dan Williams <dcbw redhat com> - 1:0.8.0-1
- Handle NAT Traversal importing better
- Default to newer NAT-T instead of deprecated Cisco-UDP
- Add "Force NAT-T" option
- Updated translations
* Mon Dec 14 2009 Dan Williams <dcbw redhat com> - 1:0.7.997-1
- Add some debug options (VPNC_DEBUG, --persist)
- Make .desktop file pass validation (rh #489475)
* Mon Sep 21 2009 Dan Williams <dcbw redhat com> - 1:0.7.996-3
- Rebuild for updated NetworkManager
- Convert imported files to UTF8 before parsing
* Sun Aug 30 2009 Dan Williams <dcbw redhat com> - 1:0.7.996-2
- Fix NM requirement
* Fri Aug 28 2009 Dan Williams <dcbw redhat com> - 1:0.7.996-1
- Rebuild for updated NetworkManager
- Allow missing description in imported .pcf files
- Allow the 'Vendor' config option
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1:0.7.0.99-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1:0.7.0.99-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Thu Mar 5 2009 Dan Williams <dcbw redhat com> 1:0.7.0.99-1
- Update to 0.7.1rc3
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng lists fedoraproject org> - 1:0.7.0.97-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Feb 19 2009 Dan Williams <dcbw redhat com> 1:0.7.0.97-1
- Update to 0.7.1rc1
- Handle import/export of "EnableNat", "DHGroup", "SaveUserPassword", and "EnableLocalLAN"
* Sat Jan 3 2009 Dan Williams <dcbw redhat com> 1:0.7.0-1
- Rebuild for updated NetworkManager
- Better handling of passwords that shouldn't be saved
- Fix some specfile issues (rh #477151)
* Fri Nov 21 2008 Dan Williams <dcbw redhat com> 1:0.7.0-0.11.svn4326
- Rebuild for updated NetworkManager
* Tue Nov 18 2008 Dan Williams <dcbw redhat com> 1:0.7.0-0.11.svn4296
- Rebuild for updated NetworkManager
* Mon Nov 17 2008 Dan Williams <dcbw redhat com> 1:0.7.0-0.11.svn4293
- Ensure errors are shown when connection fails (rh #331141)
- Fix failures to ask for passwords on connect (rh #429287)
- Fix routing when concentrator specifies routes (rh #449283)
- Pull in upstream support for tokens and not saving passwords
* Mon Oct 27 2008 Dan Williams <dcbw redhat com> 1:0.7.0-0.11.svn4229
- Rebuild for updated NetworkManager
* Tue Oct 14 2008 Dan Williams <dcbw redhat com> 1:0.7.0-11.svn4175
- Fix password issue with configurations that don't save the user password
in the keyring (rh #466864)
* Sun Oct 12 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn4175
- Rebuild for updated NetworkManager
- Allow changing passwords from the connection editor
* Fri Aug 29 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn4024
- Fix regression where username radio buttons were mistakenly shown in the
auth dialog
- Fix regression where the auth dialog would segfault when cancel was clicked
* Wed Aug 27 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn4022
- Rebuild for updated NetworkManager
* Mon Aug 11 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn3928
- Rebuild for updated NetworkManager
* Thu Jul 24 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn3846
- Rebuild for updated NetworkManager
* Fri Jul 18 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn3832
- Update for NM netmask -> prefix changes
* Wed Jul 02 2008 Dan Williams <dcbw redhat com> 1:0.7.0-10.svn3801
- Update for moving VPN editing into connection manager
- Add option to disable Dead Peer Detection
- Add option to select NAT Traversal mode
* Thu May 01 2008 Dan Williams <dcbw redhat com> 1:0.7.0-7.7.svn3627
- Update for compat with new NM bits
* Wed Apr 09 2008 Dan Williams <dcbw redhat com> 1:0.7.0-6.7.svn3549
- Update for compat with new NM bits
* Tue Mar 25 2008 Dan Williams <dcbw redhat com> - 1:0.7.0-0.6.7.svn3502
- Send suggested MTU to NetworkManager
* Mon Feb 18 2008 Fedora Release Engineering <rel-eng fedoraproject org> - 1:0.7.0-0.7.7.svn3204
- Autorebuild for GCC 4.3
* Fri Jan 4 2008 Dan Williams <dcbw redhat com> - 1:0.7.0-0.6.7.svn3204
- Support new vpnc 0.4 Cisco UDP Encapsulation option
- Fix another crash in the properties applet
- Remove upstreamed pcfimport patch
* Mon Nov 26 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.6.3.svn3109
- Rebuild for updated NetworkManager
* Tue Nov 13 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.6.2.svn3083
- Rebuild for updated NetworkManager
* Sat Oct 27 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.4.svn3030
- Fix a crash when editing VPN properties a second time
* Tue Oct 23 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.3.svn3014
- Rebuild
* Wed Oct 17 2007 Bill Nottingham <notting redhat com> - 1:0.7.0-0.3.svn2970
- rebuild (#336261)
* Wed Oct 10 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.2.svn2970
- Fix default username
* Thu Sep 28 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.1.svn2914
- Fix .name file on 64-bit systems
* Fri Sep 28 2007 Jesse Keating <jkeating redhat com> - 1:0.7.0-0.2.svn2910
- BuildRequire NetworkManager-glib-devel
* Thu Sep 27 2007 Dan Williams <dcbw redhat com> - 1:0.7.0-0.1.svn2910
- New snapshot; ported to NM 0.7 API
* Fri Aug 17 2007 Denis Leroy <denis poolshark org> - 1:0.6.4-4
- Updated License tag
- Added patch to make properties multilib friendly (#243535)
* Thu Mar 22 2007 Denis Leroy <denis poolshark org> - 1:0.6.4-3
- Added patch to improve configuration GUI, add NAT traversal and single DES options
* Sun Feb 18 2007 Denis Leroy <denis poolshark org> - 1:0.6.4-2
- Readded NAT-keepalive support patch from SVN branch
* Wed Feb 14 2007 Denis Leroy <denis poolshark org> - 1:0.6.4-1
- Downgrading to 1:0.6.4 to keep par with core NM version
* Mon Dec 4 2006 Dan Williams <dcbw redhat com> - 0.7.0-0.cvs20061204
- Allow "NAT-Keepalive packet interval" config option
* Sat Oct 21 2006 Denis Leroy <denis poolshark org> - 0.7.0-0.cvs20060929.3
- Added patch to support saving group password only
* Thu Oct 5 2006 Denis Leroy <denis poolshark org> - 0.7.0-0.cvs20060929.2
- Leave .so link alone, needed by nm
* Fri Sep 29 2006 Denis Leroy <denis poolshark org> - 0.7.0-0.cvs20060929.1
- Update to CVS snapshot 060929
- Some rpmlint cleanups
* Fri Sep 29 2006 Denis Leroy <denis poolshark org> - 0.7.0-0.cvs20060529.4
- Added XML::Parser BR
* Fri Sep 29 2006 Denis Leroy <denis poolshark org> - 0.7.0-0.cvs20060529.3
- Added gettext BR
* Wed Sep 27 2006 Warren Togami <wtogami redhat com> - 0.7.0-0.cvs20060529.2
- rebuild for FC6
* Thu Jul 20 2006 Warren Togami <wtogami redhat com> - 0.7.0-0.cvs20060529.1
- rebuild for new dbus
* Mon May 29 2006 Dan Williams <dcbw redhat com> - 0.7.0-0.cvs20060529
- Gnome.org #336913: HIG tweaks for vpn properties pages
* Sun May 21 2006 Dan Williams <dcbw redhat com> 0.7.0-0.cvs20060521
- Update to CVS snapshot
- Honor user-specified rekeying intervals
* Mon May 15 2006 Dan Williams <dcbw redhat com> 0.6.2-1
- New release for NM 0.6.2 compat
* Fri Apr 21 2006 Dan Williams <dcbw redhat com> 0.6.0-3
- Add dist tag to RPM release
* Wed Apr 12 2006 Christopher Aillon <caillon redhat com> 0.6.0-2
- Rekey every 2 hours
* Tue Mar 14 2006 Dan Williams <dcbw redhat com> - 0.6.0-1
- Update to CVS snapshot of 0.6 for NM compatibility
* Fri Jan 27 2006 Dan Williams <dcbw redhat com> - 0.5.0-1
- CVS snapshot for compatibility new NetworkManager
* Tue Dec 6 2005 Jeremy Katz <katzj redhat com> - 0.3-3
- rebuild for new dbus
* Mon Oct 17 2005 Dan Williams <dcbw redhat com> 0.3-2
- Rebuild to test new Extras buildsystem
* Thu Aug 18 2005 David Zeuthen <davidz redhat com> 0.3-1
- New upstream release
- Bump some versions for deps
* Fri Jul 1 2005 David Zeuthen <davidz redhat com> 0.2-2
- Add missing changelog entry for last commit
- Temporarily BuildReq libpng-devel as it is not pulled in by gtk2-devel
(should be fixed in Core shortly)
- Pull in latest D-BUS (which features automatic reloading of policy files)
so users do not have to restart the messagebus after installing this package
* Thu Jun 30 2005 David Zeuthen <davidz redhat com> 0.2-1
- New upsteam version
- Add the new gnome-mime-application-x-cisco-vpn-settings.png icon and call
gtk-update-icon-cache as appropriate
* Fri Jun 17 2005 David Zeuthen <davidz redhat com> 0.1-2.cvs20050617
- Add Prereq: /usr/bin/update-desktop-database
- Nuke .la and .a files
- Use find_lang macro to handle locale files properly
- Add Requires for suitable version of shared-mime-info since our desktop
file depends on the application/x-cisco-vpn-settings MIME-type
* Fri Jun 17 2005 David Zeuthen <davidz redhat com> 0.1-1.cvs20050617
- Latest CVS snapshot
* Thu Jun 16 2005 David Zeuthen <davidz redhat com> 0.1-1
- Initial build
From 6ddce13ade01c3f7eec5da34675d05c7e913f7a2 Mon Sep 17 00:00:00 2001
From: Dan Williams <dcbw redhat com>
Date: Tue, 3 Aug 2010 11:23:39 -0700
Subject: [PATCH] ui: fix import/export for NM commit 16cda9fae1a7e706616924b6dbe15b7e81f52bab
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Jiří Klimeš <jklimes redhat com>
---
properties/nm-vpnc.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/properties/nm-vpnc.c b/properties/nm-vpnc.c
index b0286ed..887b158 100644
--- a/properties/nm-vpnc.c
+++ b/properties/nm-vpnc.c
@@ -1441,8 +1441,8 @@ vpnc_plugin_ui_interface_init (NMVpnPluginUiInterface *iface_class)
/* interface implementation */
iface_class->ui_factory = ui_factory;
iface_class->get_capabilities = get_capabilities;
- iface_class->import = import;
- iface_class->export = export;
+ iface_class->import_from_file = import;
+ iface_class->export_to_file = export;
iface_class->get_suggested_name = get_suggested_name;
iface_class->delete_connection = delete_connection;
}
--
1.7.4
From fcb196788634db66b30245f346812070604ff0ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes redhat com>
Date: Fri, 15 Oct 2010 14:49:50 +0200
Subject: [PATCH] core: use 'Local Port 0' configuration option to use random IKE source port (rh #514071)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
vpnc uses source IKE port 500 by default. This may cause clashes
when some other process claimed that port before. So use random
port by default. When VPN setting contains 'Local Port' VPN data
use that value instead. This VPN data is not present in GUI.
Moreover import/export UseLegacyIKEPort pcf option.
Signed-off-by: Jiří Klimeš <jklimes redhat com>
---
properties/nm-vpnc.c | 38 +++++++++++++++++++++++++++++++++++++-
src/nm-vpnc-service.c | 13 +++++++++++++
src/nm-vpnc-service.h | 3 ++-
3 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/properties/nm-vpnc.c b/properties/nm-vpnc.c
index 887b158..4999a03 100644
--- a/properties/nm-vpnc.c
+++ b/properties/nm-vpnc.c
@@ -6,6 +6,7 @@
*
* Copyright (C) 2005 David Zeuthen, <davidz redhat com>
* Copyright (C) 2005 - 2008 Dan Williams, <dcbw redhat com>
+ * Copyright (C) 2005 - 2010 Red Hat, Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -62,6 +63,8 @@
#define PW_TYPE_ASK 1
#define PW_TYPE_UNUSED 2
+#define NM_VPNC_LOCAL_PORT_DEFAULT 500
+
/************** plugin class **************/
static void vpnc_plugin_ui_interface_init (NMVpnPluginUiInterface *iface_class);
@@ -574,7 +577,7 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
{
VpncPluginUiWidget *self = VPNC_PLUGIN_UI_WIDGET (iface);
VpncPluginUiWidgetPrivate *priv = VPNC_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
- NMSettingVPN *s_vpn;
+ NMSettingVPN *s_vpn, *s_vpn_orig;
GtkWidget *widget;
char *str;
GtkTreeModel *model;
@@ -667,6 +670,16 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
nm_setting_vpn_add_secret (s_vpn, NM_VPNC_KEY_SECRET, str);
}
+ /* Local Port is not in GUI (yet?). So when present in the connection,
+ * copy it from the old VPN setting to the new one to preserve it.
+ */
+ s_vpn_orig = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ if (s_vpn_orig) {
+ const char *local_port = nm_setting_vpn_get_data_item (s_vpn_orig, NM_VPNC_KEY_LOCAL_PORT);
+ if (local_port && strlen (local_port))
+ nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT, local_port);
+ }
+
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
return TRUE;
}
@@ -984,6 +997,7 @@ import (NMVpnPluginUiInterface *iface, const char *path, GError **error)
gboolean bool_value;
NMSettingIP4Config *s_ip4;
gint val;
+ gboolean found;
pcf = pcf_file_load (path);
if (!pcf) {
@@ -1144,6 +1158,18 @@ import (NMVpnPluginUiInterface *iface, const char *path, GError **error)
}
}
+ /* UseLegacyIKEPort=0 uses dynamic source IKE port instead of 500.
+ * http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_administration_guide_chapter09186a008015cfdc.html#1192555
+ * See also: http://support.microsoft.com/kb/928310
+ */
+ found = pcf_file_lookup_int (pcf, "main", "UseLegacyIKEPort", &val);
+ if (!found || val != 0) {
+ char *tmp;
+ tmp = g_strdup_printf ("%d", (gint) NM_VPNC_LOCAL_PORT_DEFAULT); /* Use default vpnc local port: 500 */
+ nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT, tmp);
+ g_free (tmp);
+ }
+
g_hash_table_destroy (pcf);
return connection;
@@ -1169,6 +1195,7 @@ export (NMVpnPluginUiInterface *iface,
const char *peertimeout = NULL;
const char *dhgroup = NULL;
GString *routes = NULL;
+ GString *uselegacyikeport = NULL;
gboolean success = FALSE;
guint32 routes_count = 0;
gboolean save_password = FALSE;
@@ -1267,6 +1294,11 @@ export (NMVpnPluginUiInterface *iface,
routes = NULL;
}
+ uselegacyikeport = g_string_new ("");
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT);
+ if (!value || !strcmp (value, "0"))
+ g_string_assign (uselegacyikeport, "UseLegacyIKEPort=0\n");
+
fprintf (f,
"[main]\n"
"Description=%s\n"
@@ -1305,6 +1337,7 @@ export (NMVpnPluginUiInterface *iface,
"EnableSplitDNS=1\n"
"SingleDES=%s\n"
"SPPhonebook=\n"
+ "%s"
"X-NM-Use-NAT-T=%s\n"
"X-NM-Force-NAT-T=%s\n"
"%s\n",
@@ -1318,6 +1351,7 @@ export (NMVpnPluginUiInterface *iface,
/* NTDomain */ domain != NULL ? domain : "",
/* PeerTimeout */ peertimeout != NULL ? peertimeout : "0",
/* SingleDES */ singledes ? "1" : "0",
+ /* UseLegacyIKEPort */ (uselegacyikeport->len) ? uselegacyikeport->str : "",
/* X-NM-Use-NAT-T */ use_natt ? "1" : "0",
/* X-NM-Force-NAT-T */ use_force_natt ? "1" : "0",
/* X-NM-Routes */ (routes && routes->str) ? routes->str : "");
@@ -1327,6 +1361,8 @@ export (NMVpnPluginUiInterface *iface,
done:
if (routes)
g_string_free (routes, TRUE);
+ if (uselegacyikeport)
+ g_string_free (uselegacyikeport, TRUE);
fclose (f);
return success;
}
diff --git a/src/nm-vpnc-service.c b/src/nm-vpnc-service.c
index c278dc5..f933a66 100644
--- a/src/nm-vpnc-service.c
+++ b/src/nm-vpnc-service.c
@@ -60,6 +60,7 @@ static const char *vpnc_binary_paths[] =
#define NM_VPNC_HELPER_PATH LIBEXECDIR"/nm-vpnc-service-vpnc-helper"
#define NM_VPNC_UDP_ENCAPSULATION_PORT 0 /* random port */
+#define NM_VPNC_LOCAL_PORT_ISAKMP 0 /* random port */
typedef struct {
const char *name;
@@ -84,6 +85,7 @@ static ValidProperty valid_properties[] = {
{ NM_VPNC_KEY_DPD_IDLE_TIMEOUT, G_TYPE_INT, 0, 86400 },
{ NM_VPNC_KEY_NAT_TRAVERSAL_MODE, G_TYPE_STRING, 0, 0 },
{ NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT, G_TYPE_INT, 0, 65535 },
+ { NM_VPNC_KEY_LOCAL_PORT, G_TYPE_INT, 0, 65535 },
/* Ignored option for internal use */
{ NM_VPNC_KEY_SECRET_TYPE, G_TYPE_NONE, 0, 0 },
{ NM_VPNC_KEY_XAUTH_PASSWORD_TYPE, G_TYPE_NONE, 0, 0 },
@@ -417,6 +419,7 @@ nm_vpnc_config_write (gint vpnc_fd,
const char *props_natt_mode;
const char *default_username;
const char *pw_type;
+ const char *local_port;
default_username = nm_setting_vpn_get_user_name (s_vpn);
@@ -429,6 +432,16 @@ nm_vpnc_config_write (gint vpnc_fd,
NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT " %d\n",
NM_VPNC_UDP_ENCAPSULATION_PORT);
+ local_port = nm_setting_vpn_get_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT);
+ if (!local_port) {
+ /* Configure 'Local Port' to 0 (random port) if the value is not set in the setting.
+ * Otherwise vpnc would try to use 500 and could clash with other IKE processes.
+ */
+ write_config_option (vpnc_fd,
+ NM_VPNC_KEY_LOCAL_PORT " %d\n",
+ NM_VPNC_LOCAL_PORT_ISAKMP);
+ }
+
/* Fill username if it's not present */
props_username = nm_setting_vpn_get_data_item (s_vpn, NM_VPNC_KEY_XAUTH_USER);
if ( default_username
diff --git a/src/nm-vpnc-service.h b/src/nm-vpnc-service.h
index da4c2b7..293d9ca 100644
--- a/src/nm-vpnc-service.h
+++ b/src/nm-vpnc-service.h
@@ -15,7 +15,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
- * (C) Copyright 2005 - 2008 Red Hat, Inc.
+ * (C) Copyright 2005 - 2010 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@@ -54,6 +54,7 @@
#define NM_VPNC_KEY_NAT_TRAVERSAL_MODE "NAT Traversal Mode"
#define NM_VPNC_KEY_DPD_IDLE_TIMEOUT "DPD idle timeout (our side)"
#define NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT "Cisco UDP Encapsulation Port"
+#define NM_VPNC_KEY_LOCAL_PORT "Local Port"
#define NM_VPNC_NATT_MODE_NATT "natt"
#define NM_VPNC_NATT_MODE_NONE "none"
--
1.7.4
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
