Re: [Patch] Add Export functionality to NetworkManager-openvpn
- From: Huzaifa Sidhpurwala <sidhpurwala huzaifa gmail com>
- To: networkmanager-list gnome org
- Subject: Re: [Patch] Add Export functionality to NetworkManager-openvpn
- Date: Fri, 16 Oct 2009 13:54:41 +0530
Small improvement here, added auth-user-pass for some auth types
On Fri, Oct 16, 2009 at 1:23 PM, Huzaifa Sidhpurwala
<sidhpurwala huzaifa gmail com> wrote:
Hi All,
This patch is a bit raw, but is well tested, It does not work with static keys, but i am working on it.
Can you someone please check this out, so that i know i am working in the right direction?
diff --git a/properties/import-export.c b/properties/import-export.c
index 5e17dea..84155ef 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -415,7 +415,148 @@ do_import (const char *path, char **lines, GError **error)
gboolean
do_export (const char *path, NMConnection *connection, GError **error)
{
- return FALSE;
+ NMSettingConnection *s_con;
+ NMSettingIP4Config *s_ip4;
+ NMSettingVPN *s_vpn;
+
+ FILE *f;
+
+ const char *value;
+ const char *gateway = NULL;
+ const char *cipher = NULL;
+ const char *cacert = NULL;
+ const char *connection_type = NULL;
+ const char *user_cert = NULL;
+ const char *private_key = NULL;
+
+ guint16 port = 0;
+ gboolean success = FALSE;
+ gboolean device_tun = TRUE;
+ gboolean proto_udp = TRUE;
+ gboolean use_lzo = FALSE;
+ gboolean reneg_exists = FALSE;
+ guint32 reneg = 0;
+
+
+ s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
+ s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG);
+
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+
+ f = fopen (path, "w");
+ if (!f) {
+ g_set_error (error, 0, 0, "could not open file for writing");
+ return FALSE;
+ }
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_REMOTE);
+ if (value && strlen (value))
+ gateway = value;
+ else {
+ g_set_error (error, 0, 0, "connection was incomplete (missing gateway)");
+ goto done;
+ }
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE);
+ if (value && strlen (value))
+ connection_type = value;
+
+ if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) {
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CA);
+ if (value && strlen (value))
+ cacert = value;
+ }
+
+ if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS)))
+ {
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CERT);
+ if (value && strlen (value))
+ user_cert = value;
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_KEY);
+ if (value && strlen (value))
+ private_key = value;
+ }
+/* Advanced values start*/
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PORT);
+ if (value && strlen (value))
+ port = strtol (value, NULL, 10);
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS);
+ if (value && strlen (value)) {
+ reneg_exists = TRUE;
+ reneg = strtol (value, NULL, 10);
+ }
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_PROTO_TCP);
+ if (value && !strcmp (value, "yes"))
+ proto_udp = FALSE;
+
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TAP_DEV);
+ if (value && !strcmp (value, "yes"))
+ device_tun = FALSE;
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_COMP_LZO);
+ if (value && !strcmp (value, "yes"))
+ use_lzo = TRUE;
+
+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CIPHER);
+ if (value && strlen (value))
+ cipher = value;
+
+/* Advanced values end*/
+
+
+ fprintf (f,"client\n" "remote %s ",gateway);
+
+
+ if (port)
+ fprintf (f,"%d\n", port);
+ else
+ fprintf (f,"\n");
+
+ if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) {
+
+ if (cacert)
+ fprintf (f, "ca %s\n", cacert);
+ }
+
+ if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_TLS)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS))) {
+ if (user_cert)
+ fprintf (f, "cert %s\n", user_cert);
+ if (private_key)
+ fprintf(f, "key %s\n", private_key);
+ }
+
+ if ((!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD)) ||
+ (!strcmp(connection_type, NM_OPENVPN_CONTYPE_PASSWORD_TLS)))
+ fprintf (f, "auth-user-pass\n");
+
+ if (reneg_exists)
+ fprintf (f, "reneg-sec %d\n", reneg);
+
+ if (cipher)
+ fprintf (f, "cipher %s\n", cipher);
+
+ if (use_lzo)
+ fprintf (f, "comp-lzo yes\n");
+
+
+ fprintf (f, "dev %s\n" "proto %s\n", (device_tun ? "tun" : "tap"), (proto_udp ? "udp" : "tcp") );
+
+/* Add extra args which are hard-coded*/
+ fprintf (f, "nobind\n" "auth-nocache\n" "script-security 2\n"
+ "persist-key\n" "persist-tun\n"
+ "user openvpn\n" "group openvpn\n");
+ success = TRUE;
+
+done:
+ fclose (f);
+ return success;
}
-
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
