Re: PPTP Support

From: Dan Williams <dcbw redhat com>
To: Robert Love <rml novell com>
Cc: rml ximian com, networkmanager list <networkmanager-list gnome org>
Subject: Re: PPTP Support
Date: Tue, 22 Nov 2005 11:46:31 -0500

On Tue, 2005-11-22 at 11:36 -0500, Robert Love wrote:
> On Tue, 2005-11-22 at 11:33 -0500, Dan Williams wrote:
> 
> > Yeah, this does rather suck.  But if pptp just calls pppd and doesn't
> > allow specification of stuff like a script file to run after everything
> > is done, etc, its going to be hard.  Hopefully there's a way to do this
> > without touching/moving stuff around...
> > 
> > > In the case of the secrets file, I suppose you could write that data out
> > > yourself, no?
> > 
> > I did this initially for vpnc before they added the 'options written to
> > stdin' option in 0.3.3 (which is why NM requires 0.3.3).  It works, but
> > of course its a security risk.  If there's no alternative though, it's
> > probably the best route.
> 
> Yah.  I am not so worried about the secrets file (although we ought to
> work toward fixing that, too) but the ifup modifications needed:
> 
>         ipparam=$6
>         if [ "$ipparam" == "nm-pptp-service" ]; then
>         export route_vpn_gateway=$5
>         export dev=$1
>         export ifconfig_local=$4
>         if [ -e /etc/ppp/resolv.conf ]; then
>         export IP4_DNS=`grep '^nameserver[[:space:]]' /etc/ppp/resolv.conf | sed -e 's/^nameserver\s*\(.*\)/\1/' | xargs | sed -e 's/ /,/'`
>         fi
>         /usr/bin/nm-pptp-service-pptp-helper
>         exit
>         fi
> 
> I dunno if we can get distros to carry edits to /etc/ppp/ip-up.

Yeah, seems dodgy.

> Anyhow, Dan -- should we merge this or wait until some of the other
> issues are resolved?  I have a copy in my tree that I can commit now, if
> the former.
> 
> Antony is right in that "almost just works" is better than nothing, but
> I also don't want to put a solution into the tree if it is far from what
> we want.

My suggestion: let's see where the conversation with pptp and pppd go.
If they are amenable to adding something like the ifup/ip-up
command-line option, and do so in a short time, then lets add it.
Otherwise, I think we should push back on them for a bit and get this
sorted out before putting it in CVS.  I'm not married to this though,
suggestions welcome.

Dan

References:
- PPTP Support
  - From: Antony J Mee
- Re: PPTP Support
  - From: Robert Love
- Re: PPTP Support
  - From: Dan Williams
- Re: PPTP Support
  - From: Robert Love

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]