[network-manager-openvpn/th/tmp] add support for --tls-cipher option



commit be3d8df8f112f43abb54fc2404ce82169a9f7158
Author: Thomas Haller <thaller redhat com>
Date:   Wed May 18 17:11:29 2016 +0200

    add support for --tls-cipher option
    
    Not shown in the UI.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=763484

 properties/import-export.c  |   11 +++++++++++
 shared/nm-service-defines.h |    1 +
 shared/utils.h              |    1 +
 src/nm-openvpn-service.c    |    7 +++++++
 4 files changed, 20 insertions(+), 0 deletions(-)
---
diff --git a/properties/import-export.c b/properties/import-export.c
index 885f940..f2b7440 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -1144,6 +1144,15 @@ do_import (const char *path, const char *contents, gsize contents_len, GError **
                        continue;
                }
 
+               if (NM_IN_STRSET (params[0], NMV_OVPN_TAG_TLS_CIPHER)) {
+                       if (!args_params_check_nargs_n (params, 1, &line_error))
+                               goto handle_line_error;
+                       if (!args_params_check_arg_utf8 (params, 1, NULL, &line_error))
+                               goto handle_line_error;
+                       setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_TLS_CIPHER, params[1]);
+                       continue;
+               }
+
                if (NM_IN_STRSET (params[0], NMV_OVPN_TAG_KEEPALIVE)) {
                        gint64 v2;
 
@@ -1745,6 +1754,8 @@ do_export_create (NMConnection *connection, const char *path, GError **error)
 
        args_write_line_setting_value (f, NMV_OVPN_TAG_CIPHER, s_vpn, NM_OPENVPN_KEY_CIPHER);
 
+       args_write_line_setting_value (f, NMV_OVPN_TAG_TLS_CIPHER, s_vpn, NM_OPENVPN_KEY_TLS_CIPHER);
+
        args_write_line_setting_value_int (f, NMV_OVPN_TAG_KEYSIZE, s_vpn, NM_OPENVPN_KEY_KEYSIZE);
 
        value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_COMP_LZO);
diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
index 21f25b5..b204bdb 100644
--- a/shared/nm-service-defines.h
+++ b/shared/nm-service-defines.h
@@ -64,6 +64,7 @@
 #define NM_OPENVPN_KEY_DEV "dev"
 #define NM_OPENVPN_KEY_DEV_TYPE "dev-type"
 #define NM_OPENVPN_KEY_TUN_IPV6 "tun-ipv6"
+#define NM_OPENVPN_KEY_TLS_CIPHER "tls-cipher"
 #define NM_OPENVPN_KEY_TLS_REMOTE "tls-remote"
 #define NM_OPENVPN_KEY_REMOTE_CERT_TLS "remote-cert-tls"
 
diff --git a/shared/utils.h b/shared/utils.h
index 76491a5..6370871 100644
--- a/shared/utils.h
+++ b/shared/utils.h
@@ -64,6 +64,7 @@
 #define NMV_OVPN_TAG_SOCKS_PROXY_RETRY  "socks-proxy-retry"
 #define NMV_OVPN_TAG_SOCKS_PROXY        "socks-proxy"
 #define NMV_OVPN_TAG_TLS_AUTH           "tls-auth"
+#define NMV_OVPN_TAG_TLS_CIPHER         "tls-cipher"
 #define NMV_OVPN_TAG_TLS_CLIENT         "tls-client"
 #define NMV_OVPN_TAG_TLS_REMOTE         "tls-remote"
 #define NMV_OVPN_TAG_TOPOLOGY           "topology"
diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
index 12c6de2..85dc0ba 100644
--- a/src/nm-openvpn-service.c
+++ b/src/nm-openvpn-service.c
@@ -134,6 +134,7 @@ static ValidProperty valid_properties[] = {
        { NM_OPENVPN_KEY_DEV,                  G_TYPE_STRING, 0, 0, FALSE },
        { NM_OPENVPN_KEY_DEV_TYPE,             G_TYPE_STRING, 0, 0, FALSE },
        { NM_OPENVPN_KEY_TUN_IPV6,             G_TYPE_STRING, 0, 0, FALSE },
+       { NM_OPENVPN_KEY_TLS_CIPHER,           G_TYPE_STRING, 0, 0, FALSE },
        { NM_OPENVPN_KEY_TLS_REMOTE,           G_TYPE_STRING, 0, 0, FALSE },
        { NM_OPENVPN_KEY_REMOTE_CERT_TLS,      G_TYPE_STRING, 0, 0, FALSE },
        { NM_OPENVPN_KEY_NS_CERT_TYPE,         G_TYPE_STRING, 0, 0, FALSE },
@@ -1331,6 +1332,12 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
                add_openvpn_arg (args, tmp);
        }
 
+       tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TLS_CIPHER);
+       if (tmp && tmp[0]) {
+               add_openvpn_arg (args, "--tls-cipher");
+               add_openvpn_arg (args, tmp);
+       }
+
        /* Keysize */
        tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_KEYSIZE);
        if (tmp && strlen (tmp)) {


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]