Re: PPTP Support

On Tue, 2005-11-22 at 11:33 -0500, Dan Williams wrote:

> Yeah, this does rather suck.  But if pptp just calls pppd and doesn't
> allow specification of stuff like a script file to run after everything
> is done, etc, its going to be hard.  Hopefully there's a way to do this
> without touching/moving stuff around...
> > In the case of the secrets file, I suppose you could write that data out
> > yourself, no?
> I did this initially for vpnc before they added the 'options written to
> stdin' option in 0.3.3 (which is why NM requires 0.3.3).  It works, but
> of course its a security risk.  If there's no alternative though, it's
> probably the best route.

Yah.  I am not so worried about the secrets file (although we ought to
work toward fixing that, too) but the ifup modifications needed:

        if [ "$ipparam" == "nm-pptp-service" ]; then
        export route_vpn_gateway=$5
        export dev=$1
        export ifconfig_local=$4
        if [ -e /etc/ppp/resolv.conf ]; then
        export IP4_DNS=`grep '^nameserver[[:space:]]' /etc/ppp/resolv.conf | sed -e 's/^nameserver\s*\(.*\)/\1/' | xargs | sed -e 's/ /,/'`

I dunno if we can get distros to carry edits to /etc/ppp/ip-up.

Anyhow, Dan -- should we merge this or wait until some of the other
issues are resolved?  I have a copy in my tree that I can commit now, if
the former.

Antony is right in that "almost just works" is better than nothing, but
I also don't want to put a solution into the tree if it is far from what
we want.

	Robert Love

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]