rpms/NetworkManager-openvpn/EL-5 NetworkManager-openvpn-0.7.0-route.patch, NONE, 1.1 NetworkManager-openvpn-0.7.0-cipher.patch, NONE, 1.1 NetworkManager-openvpn.spec, 1.6, 1.7

Mon Oct 12 03:43:17 UTC 2009

Author: huzaifas

Update of /cvs/pkgs/rpms/NetworkManager-openvpn/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21427

Modified Files:
	NetworkManager-openvpn.spec 
Added Files:
	NetworkManager-openvpn-0.7.0-route.patch 
	NetworkManager-openvpn-0.7.0-cipher.patch 
Log Message:
Fix routing/cipher

NetworkManager-openvpn-0.7.0-route.patch:
 nm-openvpn-service-openvpn-helper.c |   50 ++++++++++++++++++++++++++++--------
 1 file changed, 40 insertions(+), 10 deletions(-)

--- NEW FILE NetworkManager-openvpn-0.7.0-route.patch ---
diff -Naur NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c
--- NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c	2008-12-12 01:22:57.000000000 +0530
+++ NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c	2009-10-09 12:59:38.000000000 +0530
@@ -287,6 +287,7 @@
 	GValue *nbns_list = NULL;
 	GValue *dns_domain = NULL;
 	struct in_addr temp_addr;
+	gboolean tapdev = FALSE;
 
 	g_type_init ();
 
@@ -310,13 +311,17 @@
 	if (val)
 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, val);
 
-	/* Tunnel device */
-	val = str_to_gvalue (getenv ("dev"), FALSE);
+	/* VPN device */
+	tmp = getenv ("dev");
+	val = str_to_gvalue (tmp, FALSE);
 	if (val)
 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
 	else
 		helper_failed (connection, "Tunnel Device");
 
+	if (strncmp (tmp, "tap", 3) == 0)
+		tapdev = TRUE;
+
 	/* IP address */
 	val = addr_to_gvalue (getenv ("ifconfig_local"));
 	if (val)
@@ -326,20 +331,45 @@
 
 	/* PTP address; for vpnc PTP address == internal IP4 address */
 	val = addr_to_gvalue (getenv ("ifconfig_remote"));
-	if (val)
-		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+	if (val) {
+		/* Sigh.  Openvpn added 'topology' stuff in 2.1 that changes the meaning
+		 * of the ifconfig bits without actually telling you what they are
+		 * supposed to mean; basically relying on specific 'ifconfig' behavior.
+		 */
+		tmp = getenv ("ifconfig_remote");
+		if (tmp && !strncmp (tmp, "255.", 4)) {
+			guint32 addr;
+
+			/* probably a netmask, not a PTP address; topology == subnet */
+			addr = g_value_get_uint (val);
+			g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (addr));
+			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
+		} else
+			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+	}
 
-	/* Netmask */
-	tmp = getenv ("route_netmask_1");
+	/* Netmask
+	 *
+	 * Either TAP or TUN modes can have an arbitrary netmask in newer versions
+	 * of openvpn, while in older versions only TAP mode would.  So accept a
+	 * netmask if passed, otherwise default to /32 for TUN devices since they
+	 * are usually point-to-point.
+	 */
+	tmp = getenv ("ifconfig_netmask");
 	if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
-		GValue *val;
-
 		val = g_slice_new0 (GValue);
 		g_value_init (val, G_TYPE_UINT);
 		g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (temp_addr.s_addr));
-
 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
-	}
+	} else if (!tapdev) {
+		if (!g_hash_table_lookup (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX)) {
+			val = g_slice_new0 (GValue);
+			g_value_init (val, G_TYPE_UINT);
+			g_value_set_uint (val, 32);
+			g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
+		}
+	} else
+		nm_warning ("No IP4 netmask/prefix (missing or invalid 'ifconfig_netmask')");
 
 	val = get_routes ();
 	if (val)

NetworkManager-openvpn-0.7.0-cipher.patch:
 auth-helpers.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--- NEW FILE NetworkManager-openvpn-0.7.0-cipher.patch ---
diff -Naur NetworkManager-openvpn-0.7.0/properties/auth-helpers.c NetworkManager-openvpn-0.7.0.cipher/properties/auth-helpers.c
--- NetworkManager-openvpn-0.7.0/properties/auth-helpers.c	2008-12-12 01:22:57.000000000 +0530
+++ NetworkManager-openvpn-0.7.0.cipher/properties/auth-helpers.c	2009-10-09 14:32:52.000000000 +0530
@@ -1059,7 +1059,9 @@
 		g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_TAP_DEV), g_strdup ("yes"));
 
 	contype = g_object_get_data (G_OBJECT (dialog), "connection-type");
-	if (!strcmp (contype, NM_OPENVPN_CONTYPE_TLS) || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD_TLS)) {
+        if (   !strcmp (contype, NM_OPENVPN_CONTYPE_TLS)
+            || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD_TLS)
+            || !strcmp (contype, NM_OPENVPN_CONTYPE_PASSWORD)) {
 		GtkTreeModel *model;
 		GtkTreeIter iter;
 


Index: NetworkManager-openvpn.spec
===================================================================
RCS file: /cvs/pkgs/rpms/NetworkManager-openvpn/EL-5/NetworkManager-openvpn.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -p -r1.6 -r1.7
--- NetworkManager-openvpn.spec	7 Feb 2009 11:40:39 -0000	1.6
+++ NetworkManager-openvpn.spec	12 Oct 2009 03:43:16 -0000	1.7
@@ -22,6 +22,8 @@ Group: System Environment/Base
 # - use generated NetworkManager-openvpn-0.7.0.tar.gz
 Source: %{name}-%{version}.%{svn_snapshot}.tar.gz
 Patch0: NetworkManager-openvpn-0.7.0-keyring.patch
+Patch1: NetworkManager-openvpn-0.7.0-route.patch
+Patch2: NetworkManager-openvpn-0.7.0-cipher.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: gtk2-devel                 >= %{gtk2_version}
@@ -55,7 +57,8 @@ with NetworkManager and the GNOME deskto
 %prep
 %setup -q -n %{name}-%{version}
 %patch0 -p1 -b .keyring
-
+%patch1 -p1 -b .route
+%patch2 -p1 -b .cipher
 
 %build
 if [ ! -f configure ]; then
@@ -107,6 +110,10 @@ fi
 %dir %{_datadir}/gnome-vpn-properties/openvpn
 
 %changelog
+* Mon Oct 12 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> 1:0.7.0-18.svn11.2
+- Fix Routing issues with EL-5 build (rh #525646)
+- Fix issue where cipher type is not stored in gconf
+
 * Sat Feb  7 2009 Lubomir Rintel <lkundrak at v3.sk> 1:0.7.0-18.svn11.1
 - Adjust for RHEL 5.3, older and less capable keyring manager
 


