rpms/NetworkManager-openswan/devel NetworkManager-openswan.spec, 1.2, 1.3 nm-secret-whack.patch, 1.1, 1.2
avesh agarwal
avesh at fedoraproject.org
Thu Jul 8 20:14:15 UTC 2010
Author: avesh
Update of /cvs/pkgs/rpms/NetworkManager-openswan/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv4556
Modified Files:
NetworkManager-openswan.spec nm-secret-whack.patch
Log Message:
* Thu Jul 8 2010 Avesh Agarwal <avagarwa at redhat.com> - 0.8.0-3.20100411git
- Modified the patch so that it does not pass user password to
"ipsec whack" command.
Index: NetworkManager-openswan.spec
===================================================================
RCS file: /cvs/pkgs/rpms/NetworkManager-openswan/devel/NetworkManager-openswan.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- NetworkManager-openswan.spec 8 Jul 2010 16:41:02 -0000 1.2
+++ NetworkManager-openswan.spec 8 Jul 2010 20:14:14 -0000 1.3
@@ -6,7 +6,7 @@
Summary: NetworkManager VPN plug-in for openswan
Name: NetworkManager-openswan
Version: 0.8.0
-Release: 2%{snapshot}%{?dist}
+Release: 3%{snapshot}%{?dist}
License: GPLv2+
Group: System Environment/Base
URL: http://people.redhat.com/avagarwa/files/NetworkManager-openswan/
@@ -76,6 +76,10 @@ rm -rf $RPM_BUILD_ROOT
%dir %{_datadir}/gnome-vpn-properties/openswan
%changelog
+* Thu Jul 8 2010 Avesh Agarwal <avagarwa at redhat.com> - 0.8.0-3.20100411git
+- Modified the patch so that it does not pass user password to
+ "ipsec whack" command.
+
* Thu Jul 8 2010 Avesh Agarwal <avagarwa at redhat.com> - 0.8.0-2.20100411git
- Modified to initiate VPN connections with openswan whack interface
- Fixed the issue of world readable conf and secret files
nm-secret-whack.patch:
properties/nm-openswan-dialog.glade | 111 +++++++++++-------------------------
properties/nm-openswan.c | 24 +++----
src/nm-openswan-service-helper.c | 4 -
src/nm-openswan-service.c | 34 ++++++-----
4 files changed, 69 insertions(+), 104 deletions(-)
Index: nm-secret-whack.patch
===================================================================
RCS file: /cvs/pkgs/rpms/NetworkManager-openswan/devel/nm-secret-whack.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- nm-secret-whack.patch 8 Jul 2010 16:41:03 -0000 1.1
+++ nm-secret-whack.patch 8 Jul 2010 20:14:15 -0000 1.2
@@ -231,65 +231,37 @@ diff -urNp NetworkManager-openswan-0.8-o
</child>
diff -urNp NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c NetworkManager-openswan-0.8/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8-orig/src/nm-openswan-service.c 2010-06-04 17:50:13.000000000 -0400
-+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2010-07-08 11:39:24.904302790 -0400
-@@ -202,14 +202,14 @@ openswan_watch_cb_auto (GPid pid, gint s
- if (WIFEXITED (status)) {
- error = WEXITSTATUS (status);
- if (error != 0)
-- nm_warning ("openswan: ipsec auto exited with error code %d", error);
-+ nm_warning ("openswan: ipsec whack exited with error code %d", error);
- }
- else if (WIFSTOPPED (status))
-- nm_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
-+ nm_warning ("openswan: ipsec whack stopped unexpectedly with signal %d", WSTOPSIG (status));
- else if (WIFSIGNALED (status))
-- nm_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
-+ nm_warning ("openswan: ipsec whack died with signal %d", WTERMSIG (status));
- else
-- nm_warning ("openswan: ipsec auto died from an unknown cause");
-+ nm_warning ("openswan: ipsec whack died from an unknown cause");
-
- /* Reap child if needed. */
- waitpid (priv->pid_auto, NULL, WNOHANG);
-@@ -218,7 +218,7 @@ openswan_watch_cb_auto (GPid pid, gint s
++++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2010-07-08 16:05:26.372305285 -0400
+@@ -218,6 +218,7 @@ openswan_watch_cb_auto (GPid pid, gint s
static gint
--nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
-+nm_openswan_start_openswan_binary (NMSettingVPN *s_vpn, NMOPENSWANPlugin *plugin, GError **error)
++//nm_openswan_start_openswan_binary (NMSettingVPN *s_vpn, NMOPENSWANPlugin *plugin, GError **error)
+ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
{
GPid pid, pid_auto;
- const char **openswan_binary = NULL;
-@@ -259,12 +259,14 @@ nm_openswan_start_openswan_binary (NMOPE
+@@ -259,12 +260,14 @@ nm_openswan_start_openswan_binary (NMOPE
sleep(2);
- /*ipsec auto --up <conn-name>*/
openswan_argv = g_ptr_array_new ();
g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
-- g_ptr_array_add (openswan_argv, (gpointer) "auto");
-- g_ptr_array_add (openswan_argv, (gpointer) "--up");
-+ g_ptr_array_add (openswan_argv, (gpointer) "whack");
-+ g_ptr_array_add (openswan_argv, (gpointer) "--initiate");
-+ g_ptr_array_add (openswan_argv, (gpointer) "--name");
+ g_ptr_array_add (openswan_argv, (gpointer) "auto");
+ g_ptr_array_add (openswan_argv, (gpointer) "--up");
++ //g_ptr_array_add (openswan_argv, (gpointer) "--name");
g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1");
-+ g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass");
-+ g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
++ //g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass");
++ //g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
g_ptr_array_add (openswan_argv, NULL);
if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL,
-@@ -272,18 +274,18 @@ nm_openswan_start_openswan_binary (NMOPE
- NULL, NULL, error)) {
-
- g_ptr_array_free (openswan_argv, TRUE);
-- nm_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
-+ nm_warning ("openswan: ipsec whack failed to start. error: '%s'", (*error)->message);
- return -1;
+@@ -277,13 +280,13 @@ nm_openswan_start_openswan_binary (NMOPE
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
-+ nm_info ("openswan: ipsec whack started with pid %d", pid_auto);
++ nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
- NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
- openswan_watch = g_child_watch_source_new (pid_auto);
@@ -304,18 +276,7 @@ diff -urNp NetworkManager-openswan-0.8-o
return stdin_fd;
}
-@@ -318,8 +320,8 @@ write_one_property (const char *key, con
- WriteConfigInfo *info = (WriteConfigInfo *) user_data;
- GType type = G_TYPE_INVALID;
- int i;
-- const char *default_username;
-- const char *props_username;
-+ //const char *default_username;
-+ //const char *props_username;
- const char *leftid;
-
- if (info->error)
-@@ -365,19 +367,19 @@ write_one_property (const char *key, con
+@@ -365,7 +368,7 @@ write_one_property (const char *key, con
//write_config_option (info->fd, "%s %s\n", (char *) key, (char *) value);
if (!strcmp (key, NM_OPENSWAN_PSK_VALUE)) {
@@ -324,21 +285,7 @@ diff -urNp NetworkManager-openswan-0.8-o
write_config_option (info->secret_fd, "@%s: PSK \"%s\"\n", leftid, (char *) value);
}
- if (!strcmp (key, NM_OPENSWAN_XAUTH_PASSWORD)) {
-- default_username = nm_setting_vpn_get_user_name (info->s_vpn);
-+ /*default_username = nm_setting_vpn_get_user_name (info->s_vpn);
- props_username = nm_setting_vpn_get_data_item (info->s_vpn, NM_OPENSWAN_LEFTXAUTHUSER);
- if ( default_username && strlen (default_username)
- && (!props_username || !strlen (props_username))) {
- write_config_option (info->secret_fd, "@%s : XAUTH \"%s\"\n",default_username, (char *) value);
- } else {
- write_config_option (info->secret_fd, "@%s : XAUTH \"%s\"\n", props_username, (char *) value);
-- }
-+ }*/
- }
-
- } else if (type == G_TYPE_BOOLEAN) {
-@@ -426,8 +428,8 @@ nm_openswan_config_write (NMSettingVPN *
+@@ -426,8 +429,8 @@ nm_openswan_config_write (NMSettingVPN *
gint conf_fd=-1;
gint secret_fd=-1;
@@ -349,7 +296,7 @@ diff -urNp NetworkManager-openswan-0.8-o
fdtmp1 = conf_fd;
if(fdtmp1 != -1) {
-@@ -454,8 +456,10 @@ nm_openswan_config_write (NMSettingVPN *
+@@ -454,8 +457,10 @@ nm_openswan_config_write (NMSettingVPN *
write_config_option (fdtmp1, " ike=aes-sha1\n");
write_config_option (fdtmp1, " esp=aes-sha1;modp1024\n");
write_config_option (fdtmp1, " nm_configured=yes\n");
@@ -361,7 +308,7 @@ diff -urNp NetworkManager-openswan-0.8-o
}
//default_username = nm_setting_vpn_get_user_name (s_vpn);
-@@ -514,10 +518,10 @@ real_connect (NMVPNPlugin *plugin,
+@@ -514,8 +519,8 @@ real_connect (NMVPNPlugin *plugin,
if (!nm_openswan_secrets_validate (s_vpn, error))
goto out;
@@ -370,12 +317,9 @@ diff -urNp NetworkManager-openswan-0.8-o
+ if (!nm_openswan_config_write (s_vpn, error))
+ goto out;
-- openswan_fd = nm_openswan_start_openswan_binary (NM_OPENSWAN_PLUGIN (plugin), error);
-+ openswan_fd = nm_openswan_start_openswan_binary (s_vpn, NM_OPENSWAN_PLUGIN (plugin), error);
+ openswan_fd = nm_openswan_start_openswan_binary (NM_OPENSWAN_PLUGIN (plugin), error);
if (openswan_fd < 0)
- goto out;
-
-@@ -622,6 +626,9 @@ real_disconnect (NMVPNPlugin *plugin,
+@@ -622,6 +627,9 @@ real_disconnect (NMVPNPlugin *plugin,
}
g_ptr_array_free (openswan_argv, TRUE);
More information about the scm-commits
mailing list