Re: nm vpn plugin api docs?

From: Dan Williams <dcbw redhat com>
To: Martin Willi <martin strongswan org>
Cc: "networkmanager-list gnome org" <networkmanager-list gnome org>, Steve Hillier <keyhman gmail com>
Subject: Re: nm vpn plugin api docs?
Date: Sat, 20 Sep 2008 12:09:25 -0700

On Thu, 2008-09-18 at 08:16 +0200, Martin Willi wrote:
> Hi,
> 
> > challenges were interactive authentication and multiple, concurrent  
> > connections -- this is absolutely needed because of the way openswan  
> > handles the case of multiple subnets over a single tunnel.
> 
> I was facing similar problems in my strongSwan IKEv2 plugin [1].
> Interactive authentication is difficult and multiple active connection
> is currently almost impossible to implement. I decided to strip these
> features, as in most road-warrior scenarios this is not so important.

That's the right thing to do for now.  Auth information is sent to the
plugin initially and auth is one-shot; if the given credentials fail,
the user needs to change them and try again.  Clearly suboptimal but
what we're stuck with for now.

I rewrote most of the VPN stuff a week ago to support multiple active
connections and interactive authentication but it was simply
irresponsible to commit that patch so close to a 0.7 release.  I've
still got the patch and we can land it after 0.7 comes out, as long as
we make it clear we aren't guaranteeing the VPN plugin D-Bus interface
and libnm-glib API in 0.7.

Or I'm tempted to drive towards a 0.8 release with these features (modem
manager, bluetooth, better vpn).  Not sure yet.

Dan

> > So I checked out the latest rev from svn trunk, but I didnt see the  
> > API changes you mentioned. Is the rewritten code you 'shelved' even  
> > avaiable yet?
> 
> There have been some recent API changes:
> - VPN secrets in separate settings (r4031)
> - UUID, not connection ID is passed to auth dialog (r4053)
> 
> > 
> > I tried to build anyway, but I'm having a hell of a time getting all  
> > the dependencies satisfied. I switched to ubuntu this year, and while  
> > I love the stability, the software packages are dated and setting up a  
> > sane build environment seems to be a big first step to working on the  
> > 0.7 code tree.
> 
> There is a NetworkManager PPA available at launchpad [2]. Just install
> all the dev packages and you are ready to go. I'm also running a
> strongSwan PPA [3] for my NM plugin, so you might want to check that out
> to get another example how things work.
> 
> Regards
> Martin
> 
> [1]http://trac.strongswan.org/browser/trunk/src/charon/plugins/nm/
> [2]https://launchpad.net/~network-manager/+archive
> [3]https://launchpad.net/~martinwilli/+archive
> 
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list

References:
- nm vpn plugin api docs?
  - From: Steve Hillier
- Re: nm vpn plugin api docs?
  - From: Dan Williams
- Re: nm vpn plugin api docs?
  - From: Steve Hillier
- Re: nm vpn plugin api docs?
  - From: Martin Willi

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]