[NetworkManager-openswan] New upstream release 0.9.8.4

avesh avesh at fedoraproject.org
Tue Dec 10 22:50:22 UTC 2013


commit 08f137fc1113b3a85c99a3e89a920c3a088d8a31
Author: Avesh Agarwal <avagarwa at redhat.com>
Date:   Tue Dec 10 17:51:36 2013 -0500

    New upstream release 0.9.8.4
    
    - Fixed 926225
    - Fixed dependency to libreswan.
    - Created a new sub package NetworkManager-openswan-gnome
    - Various other spec file fixes.
    - Additional code changes are as follows:
    - Fixed an issue where proper network stack is not loaded unless
      _stackmanager is run before starting pluto daemon service.
    - Fixed the termination operation of pluto daemon to comply with
      libreswan changes.
    - Fixed various debug messages.
    - Fixed initiation of pluto daemon by this plugin to reflect the
      changes in libreaswan.
    - Fixed defaults values for more parameters to help the VPN
      connection stay more reliable.
    - Rewrote pluto watch API which watches the pluto process for its status.
      Fixed memory leak issues as not all child processes were reaped correctly.
      Also g_spwan_close_pid was not being called after children were reaped.
      Also modified debugs and added more to help with debugging in the future.
    - Fixed an issue where nm-openswan service is searching for ipsec binary in
      both /sbin and /usr/sbin leading to same operation twice, as /sbin is just
      symlink to /usr/sbin, so removed /sbin from the search paths.
    - Fixed some libreswan related macro changes.
    - Fixed netmask issue when sending IP information to the nm openswan
      plugin service.
    - Fixed the current code as it does not set the default route field
      NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT when sending VPN information
      to nm-openswan plugin. This fix sets the field to TRUE.
    - Fixed some issues found by coverity scan.
    - Fixed an issue where writing configuration on stdin should not end with
      \n as it gives error. It used to work previously, but not with latest
      NetworkManager versions.
    - libreswan related fixes, as some macros have been modified after forking
      to libreswan from openswan.
    - openswan/libreswan does not provide tun0 interface, so fixed the code
      where it sends tun0 interface.
    - Fix prcoessing of nm-openswan-dialog.ui file and added more error notifications.
    - Fixed dead code based on coverity scan.
    - Fixed gnomekeyring lib dependencies.
    - Fixed Networkmanager and related lib dependencies.
    - Fixed gtk label max width issue by setting it to 35.
    - NM-openswan was missing support for nm-openswan-auth-dialog.desktop.in.in.
      So added a new nm-openswan-auth-dialog.desktop.in.in, and modified related
      Makefile and configure.ac files.

 .gitignore                                         |    2 +
 ...-was-missing-support-for-nm-openswan-auth.patch |   67 ++++++++
 ...label-max-width-issue-by-setting-it-to-35.patch |   33 ++++
 ...tworkmanager-and-related-lib-dependencies.patch |   31 ++++
 0004-Fixed-gnomekeyring-lib-dependencies.patch     |   34 ++++
 0005-Fixed-dead-code-based-on-coverity-scan.patch  |  145 ++++++++++++++++
 ...ing-of-nm-openswan-dialog.ui-file-and-add.patch |   59 +++++++
 ...breswan-does-not-provide-tun0-interface-s.patch |   98 +++++++++++
 ...elated-fixes-as-some-macros-have-been-mod.patch |   52 ++++++
 ...sue-where-writing-configuration-on-stdin-.patch |   28 +++
 0010-Fixed-more-coverity-scan-issues.patch         |  175 ++++++++++++++++++++
 ...urrent-code-as-it-does-not-set-the-defaul.patch |   55 ++++++
 ...sk-issue-when-sending-IP-information-to-t.patch |   36 ++++
 0013-Fixed-more-libreswan-related-changes.patch    |   68 ++++++++
 ...sue-where-nm-openswan-service-is-searchin.patch |   27 +++
 ...to-watch-API-which-watches-the-pluto-proc.patch |  131 +++++++++++++++
 ...lts-values-for-more-parameters-to-help-th.patch |   28 +++
 ...ation-of-pluto-daemon-by-this-plugin-to-r.patch |   50 ++++++
 0018-Fixed-various-debug-messages.patch            |  103 ++++++++++++
 ...ermination-operation-of-pluto-daemon-to-c.patch |   44 +++++
 ...sue-where-proper-network-stack-is-not-loa.patch |   39 +++++
 NetworkManager-openswan.spec                       |  141 +++++++++++++++--
 sources                                            |    4 +-
 23 files changed, 1437 insertions(+), 13 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 6f4e6a5..ae1f9c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
 NetworkManager-openswan-0.8.tar.gz
 /NetworkManager-openswan-0.9.8.0.sha256sum
 /NetworkManager-openswan-0.9.8.0.tar.xz
+/NetworkManager-openswan-0.9.8.4.sha256sum
+/NetworkManager-openswan-0.9.8.4.tar.xz
diff --git a/0001-NM-openswan-was-missing-support-for-nm-openswan-auth.patch b/0001-NM-openswan-was-missing-support-for-nm-openswan-auth.patch
new file mode 100644
index 0000000..e745bde
--- /dev/null
+++ b/0001-NM-openswan-was-missing-support-for-nm-openswan-auth.patch
@@ -0,0 +1,67 @@
+From ce807219123614d8496b29b591b8147dc190db54 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:38:23 -0500
+Subject: [PATCH 01/20] NM-openswan was missing support for
+ nm-openswan-auth-dialog.desktop.in.in. So added a new
+ nm-openswan-auth-dialog.desktop.in.in, and modified related Makefile and
+ configure.ac files.
+
+---
+ auth-dialog/Makefile.am                           | 15 ++++++++++++++-
+ auth-dialog/nm-openswan-auth-dialog.desktop.in.in |  7 +++++++
+ configure.ac                                      |  1 +
+ 3 files changed, 22 insertions(+), 1 deletion(-)
+ create mode 100644 auth-dialog/nm-openswan-auth-dialog.desktop.in.in
+
+diff --git a/auth-dialog/Makefile.am b/auth-dialog/Makefile.am
+index 4b5a01d..d1e8711 100644
+--- a/auth-dialog/Makefile.am
++++ b/auth-dialog/Makefile.am
+@@ -22,5 +22,18 @@ nm_openswan_auth_dialog_LDADD = \
+ 	$(GTK_LIBS) \
+ 	$(GNOMEKEYRING_LIBS)
+ 
+-CLEANFILES = *~
++ at INTLTOOL_DESKTOP_RULE@
++desktopdir = $(datadir)/applications
++desktop_in_in_files = nm-openswan-auth-dialog.desktop.in.in
++desktop_in_files = nm-openswan-auth-dialog.desktop.in
++desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
+ 
++EXTRA_DIST = \
++	$(desktop_in_in_files)
++
++CLEANFILES = \
++	*~ \
++	$(desktop_DATA)
++
++DISTCLEANFILES = \
++	$(desktop_in_files)
+diff --git a/auth-dialog/nm-openswan-auth-dialog.desktop.in.in b/auth-dialog/nm-openswan-auth-dialog.desktop.in.in
+new file mode 100644
+index 0000000..9c91b6b
+--- /dev/null
++++ b/auth-dialog/nm-openswan-auth-dialog.desktop.in.in
+@@ -0,0 +1,7 @@
++[Desktop Entry]
++_Name=Network
++_Comment=Request VPN authentication
++Exec=@LIBEXECDIR@/nm-openswan-auth-dialog
++Terminal=false
++Type=Application
++NoDisplay=true
+diff --git a/configure.ac b/configure.ac
+index b214ef7..10af655 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -114,6 +114,7 @@ AC_CONFIG_FILES([
+ Makefile
+ src/Makefile
+ auth-dialog/Makefile
++auth-dialog/nm-openswan-auth-dialog.desktop.in
+ properties/Makefile
+ po/Makefile.in
+ ])
+-- 
+1.8.3.1
+
diff --git a/0002-Fixed-gtk-label-max-width-issue-by-setting-it-to-35.patch b/0002-Fixed-gtk-label-max-width-issue-by-setting-it-to-35.patch
new file mode 100644
index 0000000..8cc7230
--- /dev/null
+++ b/0002-Fixed-gtk-label-max-width-issue-by-setting-it-to-35.patch
@@ -0,0 +1,33 @@
+From fc10d570b9291e687e4b1dfbfcf8c5c8f5f38f02 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:39:57 -0500
+Subject: [PATCH 02/20] Fixed gtk label max width issue by setting it to 35.
+
+---
+ auth-dialog/vpn-password-dialog.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/auth-dialog/vpn-password-dialog.c b/auth-dialog/vpn-password-dialog.c
+index 9fa2509..685e17e 100644
+--- a/auth-dialog/vpn-password-dialog.c
++++ b/auth-dialog/vpn-password-dialog.c
+@@ -29,6 +29,8 @@
+ #include <glib/gi18n.h>
+ #include <gtk/gtk.h>
+ 
++#include "src/nm-openswan-service.h"
++
+ G_DEFINE_TYPE (VpnPasswordDialog, vpn_password_dialog, GTK_TYPE_DIALOG)
+ 
+ #define VPN_PASSWORD_DIALOG_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), \
+@@ -278,6 +280,7 @@ vpn_password_dialog_new (const char *title,
+ 		message_label = GTK_LABEL (gtk_label_new (message));
+ 		gtk_label_set_justify (message_label, GTK_JUSTIFY_LEFT);
+ 		gtk_label_set_line_wrap (message_label, TRUE);
++		gtk_label_set_max_width_chars (message_label, 35);
+ 		gtk_size_group_add_widget (priv->group, GTK_WIDGET (message_label));
+ 		gtk_box_pack_start (GTK_BOX (main_vbox), GTK_WIDGET (message_label), FALSE, FALSE, 0);
+ 		gtk_size_group_add_widget (priv->group, priv->table_alignment);
+-- 
+1.8.3.1
+
diff --git a/0003-Fixed-Networkmanager-and-related-lib-dependencies.patch b/0003-Fixed-Networkmanager-and-related-lib-dependencies.patch
new file mode 100644
index 0000000..0cc7ecc
--- /dev/null
+++ b/0003-Fixed-Networkmanager-and-related-lib-dependencies.patch
@@ -0,0 +1,31 @@
+From d39ea5f4a0d3048c5109550833ce8af743540a0e Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:41:36 -0500
+Subject: [PATCH 03/20] Fixed Networkmanager and related lib dependencies.
+
+---
+ configure.ac | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 10af655..27e2242 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -66,10 +66,10 @@ AC_SUBST(DBUS_CFLAGS)
+ AC_SUBST(DBUS_LIBS)
+ 
+ PKG_CHECK_MODULES(NM,
+-	NetworkManager >= 0.9.6
+-	libnm-util >= 0.9.6
+-	libnm-glib >= 0.9.6
+-	libnm-glib-vpn >= 0.9.6)
++	NetworkManager >= 0.9.8
++	libnm-util >= 0.9.8
++	libnm-glib >= 0.9.8
++	libnm-glib-vpn >= 0.9.8)
+ AC_SUBST(NM_CFLAGS)
+ AC_SUBST(NM_LIBS)
+ 
+-- 
+1.8.3.1
+
diff --git a/0004-Fixed-gnomekeyring-lib-dependencies.patch b/0004-Fixed-gnomekeyring-lib-dependencies.patch
new file mode 100644
index 0000000..160d39c
--- /dev/null
+++ b/0004-Fixed-gnomekeyring-lib-dependencies.patch
@@ -0,0 +1,34 @@
+From 41fd9ad25736659b3a465630bca7da294b1204e5 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:42:50 -0500
+Subject: [PATCH 04/20] Fixed gnomekeyring lib dependencies.
+
+---
+ properties/Makefile.am | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/properties/Makefile.am b/properties/Makefile.am
+index f599e21..abbf208 100644
+--- a/properties/Makefile.am
++++ b/properties/Makefile.am
+@@ -12,6 +12,7 @@ ui_DATA = nm-openswan-dialog.ui
+ 
+ libnm_openswan_properties_la_CPPFLAGS = \
+ 	$(GTK_CFLAGS) \
++	$(GNOMEKEYRING_CFLAGS) \
+ 	$(NM_CFLAGS) \
+ 	-DICONDIR=\""$(datadir)/pixmaps"\" \
+ 	-DUIDIR=\""$(uidir)"\" \
+@@ -22,7 +23,8 @@ libnm_openswan_properties_la_CPPFLAGS = \
+ 
+ libnm_openswan_properties_la_LIBADD = \
+ 	$(GTK_LIBS) \
+-	$(NM_LIBS)
++	$(NM_LIBS) \
++	$(GNOMEKEYRING_LIBS)
+ 
+ libnm_openswan_properties_la_LDFLAGS = \
+         -avoid-version
+-- 
+1.8.3.1
+
diff --git a/0005-Fixed-dead-code-based-on-coverity-scan.patch b/0005-Fixed-dead-code-based-on-coverity-scan.patch
new file mode 100644
index 0000000..18fa120
--- /dev/null
+++ b/0005-Fixed-dead-code-based-on-coverity-scan.patch
@@ -0,0 +1,145 @@
+From ff5dfb0a75d4312ddc923dff637ad180266ff923 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:44:24 -0500
+Subject: [PATCH 05/20] Fixed dead code based on coverity scan.
+
+---
+ properties/nm-openswan.c | 94 ++++++++++++++++--------------------------------
+ 1 file changed, 31 insertions(+), 63 deletions(-)
+
+diff --git a/properties/nm-openswan.c b/properties/nm-openswan.c
+index 75acedd..c13de36 100644
+--- a/properties/nm-openswan.c
++++ b/properties/nm-openswan.c
+@@ -158,6 +158,36 @@ stuff_changed_cb (GtkWidget *widget, gpointer user_data)
+ }
+ 
+ static void
++setup_password_widget (OpenswanPluginUiWidget *self,
++                       const char *entry_name,
++                       NMSettingVPN *s_vpn,
++                       const char *secret_name,
++                       gboolean new_connection)
++{
++	OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
++	NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
++	GtkWidget *widget;
++	const char *value;
++
++	if (new_connection)
++		secret_flags = NM_SETTING_SECRET_FLAG_AGENT_OWNED;
++
++	widget = (GtkWidget *) gtk_builder_get_object (priv->builder, entry_name);
++	g_assert (widget);
++	gtk_size_group_add_widget (priv->group, widget);
++
++	if (s_vpn) {
++		value = nm_setting_vpn_get_secret (s_vpn, secret_name);
++		gtk_entry_set_text (GTK_ENTRY (widget), value ? value : "");
++		nm_setting_get_secret_flags (NM_SETTING (s_vpn), secret_name, &secret_flags, NULL);
++	}
++	secret_flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
++	g_object_set_data (G_OBJECT (widget), "flags", GUINT_TO_POINTER (secret_flags));
++
++	g_signal_connect (widget, "changed", G_CALLBACK (stuff_changed_cb), self);
++}
++
++static void
+ show_toggled_cb (GtkCheckButton *button, OpenswanPluginUiWidget *self)
+ {
+ 	OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
+@@ -301,35 +331,6 @@ init_one_pw_combo (OpenswanPluginUiWidget *self,
+ 	g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (pw_type_combo_changed_cb), self);
+ }
+ 
+-static void
+-setup_password_widget (OpenswanPluginUiWidget *self,
+-                       const char *entry_name,
+-                       NMSettingVPN *s_vpn,
+-                       const char *secret_name,
+-                       gboolean new_connection)
+-{
+-	OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
+-	NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
+-	GtkWidget *widget;
+-	const char *value;
+-
+-	if (new_connection)
+-		secret_flags = NM_SETTING_SECRET_FLAG_AGENT_OWNED;
+-
+-	widget = (GtkWidget *) gtk_builder_get_object (priv->builder, entry_name);
+-	g_assert (widget);
+-	gtk_size_group_add_widget (priv->group, widget);
+-
+-	if (s_vpn) {
+-		value = nm_setting_vpn_get_secret (s_vpn, secret_name);
+-		gtk_entry_set_text (GTK_ENTRY (widget), value ? value : "");
+-		nm_setting_get_secret_flags (NM_SETTING (s_vpn), secret_name, &secret_flags, NULL);
+-	}
+-	secret_flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
+-	g_object_set_data (G_OBJECT (widget), "flags", GUINT_TO_POINTER (secret_flags));
+-
+-	g_signal_connect (widget, "changed", G_CALLBACK (stuff_changed_cb), self);
+-}
+ 
+ static gboolean
+ init_plugin_ui (OpenswanPluginUiWidget *self,
+@@ -338,7 +339,7 @@ init_plugin_ui (OpenswanPluginUiWidget *self,
+                 GError **error)
+ {
+ 	OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
+-	NMSettingVPN *s_vpn;
++	NMSettingVPN *s_vpn = NULL;
+ 	GtkWidget *widget;
+ 	const char *value = NULL;
+ 
+@@ -435,24 +436,6 @@ init_plugin_ui (OpenswanPluginUiWidget *self,
+ 	}
+ 	g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
+ 
+-	/*widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "disable_dpd_checkbutton"));
+-	g_return_val_if_fail (widget != NULL, FALSE);
+-	if (s_vpn) {
+-		value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT);
+-		if (value) {
+-			long int tmp;
+-
+-			errno = 0;
+-			tmp = strtol (value, NULL, 10);
+-			if (tmp >= 0 && tmp <= G_MAXUINT32 && errno == 0)
+-				priv->orig_dpd_timeout = (guint32) tmp;
+-
+-			if (priv->orig_dpd_timeout == 0)
+-				gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
+-		}
+-	}
+-	g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (stuff_changed_cb), self);*/
+-
+ 	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "show_passwords_checkbutton"));
+ 	g_return_val_if_fail (widget != NULL, FALSE);
+ 	g_signal_connect (G_OBJECT (widget), "toggled",
+@@ -563,21 +546,6 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
+ 	if (str && strlen (str))
+ 		nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DOMAIN, str);
+ 
+-	//widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "disable_dpd_checkbutton"));
+-	//if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
+-	//	nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, "0");
+-	//} else {
+-		/* If DPD was disabled and now the user wishes to enable it, just
+-		 * don't pass the DPD_IDLE_TIMEOUT option to openswan and thus use the
+-		 * default DPD idle time.  Otherwise keep the original DPD idle timeout.
+-		 */
+-	//	if (priv->orig_dpd_timeout >= 10) {
+-	//		char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout);
+-	//		nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DPDTIMEOUT, tmp);
+-	//		g_free (tmp);
+-	//	}
+-	//}
+-
+ 	save_one_password (s_vpn,
+ 	                   priv->builder,
+ 	                   "user_password_entry",
+-- 
+1.8.3.1
+
diff --git a/0006-Fix-prcoessing-of-nm-openswan-dialog.ui-file-and-add.patch b/0006-Fix-prcoessing-of-nm-openswan-dialog.ui-file-and-add.patch
new file mode 100644
index 0000000..5ac53d5
--- /dev/null
+++ b/0006-Fix-prcoessing-of-nm-openswan-dialog.ui-file-and-add.patch
@@ -0,0 +1,59 @@
+From bc55d220fe7fe7b377aa21d1e2c153d54716e4ec Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:50:05 -0500
+Subject: [PATCH 06/20] Fix prcoessing of nm-openswan-dialog.ui file and added
+ more error notifications.
+
+---
+ properties/nm-openswan.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/properties/nm-openswan.c b/properties/nm-openswan.c
+index c13de36..e164e85 100644
+--- a/properties/nm-openswan.c
++++ b/properties/nm-openswan.c
+@@ -462,7 +462,7 @@ save_one_password (NMSettingVPN *s_vpn,
+                    const char *secret_key,
+                    const char *type_key)
+ {
+-	NMSettingSecretFlags flags;
++	NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
+ 	const char *data_val = NULL, *password;
+ 	GtkWidget *entry, *combo;
+ 
+@@ -577,6 +577,7 @@ nm_vpn_plugin_ui_widget_interface_new (NMConnection *connection, GError **error)
+ {
+ 	NMVpnPluginUiWidgetInterface *object;
+ 	OpenswanPluginUiWidgetPrivate *priv;
++	char *ui_file;
+ 	NMSettingVPN *s_vpn;
+ 	gboolean is_new = TRUE;
+ 
+@@ -591,15 +592,23 @@ nm_vpn_plugin_ui_widget_interface_new (NMConnection *connection, GError **error)
+ 
+ 	priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (object);
+ 
++	ui_file = g_strdup_printf ("%s/%s", UIDIR, "nm-openswan-dialog.ui");
+ 	priv->builder = gtk_builder_new ();
+ 	g_assert (priv->builder);
+ 
+ 	gtk_builder_set_translation_domain (priv->builder, GETTEXT_PACKAGE);
+ 
+-	if (gtk_builder_add_from_file (priv->builder, UIDIR "/nm-openswan-dialog.ui", error) == 0) {
++	if (!gtk_builder_add_from_file (priv->builder, ui_file, error)) {
++		g_warning ("Couldn't load builder file: %s",
++		           error && *error ? (*error)->message : "(unknown)");
++		g_clear_error (error);
++		g_set_error (error, OPENSWAN_PLUGIN_UI_ERROR, 0,
++		             "could not load required resources at %s", ui_file);
++		g_free (ui_file);
+ 		g_object_unref (object);
+ 		return NULL;
+ 	}
++	g_free (ui_file);
+ 
+ 	priv->widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "openswan-vbox"));
+ 	if (!priv->widget) {
+-- 
+1.8.3.1
+
diff --git a/0007-openswan-libreswan-does-not-provide-tun0-interface-s.patch b/0007-openswan-libreswan-does-not-provide-tun0-interface-s.patch
new file mode 100644
index 0000000..d1f6ad5
--- /dev/null
+++ b/0007-openswan-libreswan-does-not-provide-tun0-interface-s.patch
@@ -0,0 +1,98 @@
+From db46fa8f456b7b21ad259ffab4a5b4e51e8c5809 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 13:58:50 -0500
+Subject: [PATCH 07/20] openswan/libreswan does not provide tun0 interface, so
+ fixed the code where it sends tun0 interface.
+
+---
+ src/nm-openswan-service-helper.c | 26 ++++++++++++++++++++------
+ src/nm-openswan-service.h        |  4 ++++
+ 2 files changed, 24 insertions(+), 6 deletions(-)
+
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index d0b4e19..35cd9d9 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -202,12 +202,13 @@ int
+ main (int argc, char *argv[])
+ {
+ 	DBusGConnection *connection;
+-	char *tmp;
++	char *tmp=NULL;
+ 	GHashTable *config;
+ 	GValue *val;
+ 	GError *err = NULL;
+-	//struct in_addr temp_addr;
++	struct in_addr temp_addr;
+ 	//long int mtu = 1412;
++	char nmask[16]="255.255.255.255";
+ 
+ #if !GLIB_CHECK_VERSION (2, 35, 0)
+ 	g_type_init ();
+@@ -237,13 +238,25 @@ main (int argc, char *argv[])
+ 	else
+ 		helper_failed (connection, "Openswan Pluto Right Peer (VPN Gateway)");
+ 
++
++	/*
++	 * Tunnel device
++	 * Indicate that openswan plugin doesn't use tun/tap device
++	 */
++	val = g_slice_new0 (GValue);
++	g_value_init (val, G_TYPE_STRING);
++	g_value_set_string (val, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV_NONE);
++	g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
++
++#if 0
+ 	/* Tunnel device */
+ 	//val = str_to_gvalue (getenv ("TUNDEV"), FALSE);
+-	val = str_to_gvalue ("tun0", FALSE);
++	//val = str_to_gvalue ("tun0", FALSE);
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
+ 	else
+ 		helper_failed (connection, "Tunnel Device");
++#endif
+ 
+ 	/* IP address */
+ 	val = addr_to_gvalue (getenv ("PLUTO_MY_SOURCEIP"));
+@@ -258,9 +271,10 @@ main (int argc, char *argv[])
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+ 	else
+ 		helper_failed (connection, "IP4 PTP Address");
+-#if 0
++//#if 0
+ 	/* Netmask */
+-	tmp = getenv ("INTERNAL_IP4_NETMASK");
++	//tmp = getenv ("INTERNAL_IP4_NETMASK");
++	tmp = nmask;
+ 	if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
+ 		GValue *value;
+ 
+@@ -270,7 +284,7 @@ main (int argc, char *argv[])
+ 
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, value);
+ 	}
+-#endif
++//#endif
+ 
+ 	/* DNS */
+ 	val = addr_list_to_gvalue (getenv ("PLUTO_CISCO_DNS_INFO"));
+diff --git a/src/nm-openswan-service.h b/src/nm-openswan-service.h
+index cd79b43..0b6022d 100644
+--- a/src/nm-openswan-service.h
++++ b/src/nm-openswan-service.h
+@@ -54,6 +54,10 @@
+ #define NM_OPENSWAN_PW_TYPE_ASK    "ask"
+ #define NM_OPENSWAN_PW_TYPE_UNUSED "unused"
+ 
++#ifndef NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV_NONE
++#define NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV_NONE "_none_"
++#endif
++
+ typedef struct {
+ 	NMVPNPlugin parent;
+ } NMOPENSWANPlugin;
+-- 
+1.8.3.1
+
diff --git a/0008-libreswan-related-fixes-as-some-macros-have-been-mod.patch b/0008-libreswan-related-fixes-as-some-macros-have-been-mod.patch
new file mode 100644
index 0000000..035f61d
--- /dev/null
+++ b/0008-libreswan-related-fixes-as-some-macros-have-been-mod.patch
@@ -0,0 +1,52 @@
+From 571c3af579c5753b82aab522486b6af45b27d7d8 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:01:00 -0500
+Subject: [PATCH 08/20] libreswan related fixes, as some macros have been
+ modified after forking to libreswan from openswan.
+
+---
+ src/nm-openswan-service-helper.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index 35cd9d9..07bc576 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -210,6 +210,7 @@ main (int argc, char *argv[])
+ 	//long int mtu = 1412;
+ 	char nmask[16]="255.255.255.255";
+ 
++
+ #if !GLIB_CHECK_VERSION (2, 35, 0)
+ 	g_type_init ();
+ #endif
+@@ -217,7 +218,7 @@ main (int argc, char *argv[])
+ 	/* openswan gives us a "reason" code.  If we are given one,
+ 	 * don't proceed unless its "connect".
+ 	 */
+-	tmp = getenv ("openswan_reason");
++	tmp = getenv ("libreswan_reason");
+ 	if (tmp && strcmp (tmp, "connect") != 0)
+ 		exit (0);
+ 
+@@ -287,7 +288,7 @@ main (int argc, char *argv[])
+ //#endif
+ 
+ 	/* DNS */
+-	val = addr_list_to_gvalue (getenv ("PLUTO_CISCO_DNS_INFO"));
++	val = addr_list_to_gvalue (getenv ("PLUTO_PEER_DNS_INFO"));
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DNS, val);
+ 
+@@ -299,7 +300,7 @@ main (int argc, char *argv[])
+ #endif
+ 
+ 	/* Default domain */
+-	val = str_to_gvalue (getenv ("PLUTO_CISCO_DOMAIN_INFO"), TRUE);
++	val = str_to_gvalue (getenv ("PLUTO_PEER_DOMAIN_INFO"), TRUE);
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DOMAIN, val);
+ 
+-- 
+1.8.3.1
+
diff --git a/0009-Fixed-an-issue-where-writing-configuration-on-stdin-.patch b/0009-Fixed-an-issue-where-writing-configuration-on-stdin-.patch
new file mode 100644
index 0000000..a3cd52c
--- /dev/null
+++ b/0009-Fixed-an-issue-where-writing-configuration-on-stdin-.patch
@@ -0,0 +1,28 @@
+From 85774a1cd6f94e1d23ad0403bc912d4671503434 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:05:06 -0500
+Subject: [PATCH 09/20] Fixed an issue where writing configuration on stdin
+ should not end with \n as it gives error. It used to work previously, but not
+ with latest NetworkManager versions.
+
+---
+ src/nm-openswan-service.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index ec0553c..f9bea3d 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -577,7 +577,8 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
+ 
+         write_config_option (fdtmp1, " nm_configured=yes\n");
+         //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
+-        write_config_option (fdtmp1, " auto=add\n");
++        //write_config_option (fdtmp1, " auto=add\n");
++        write_config_option (fdtmp1, " auto=add");
+         //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_VPN_SETTING_NAME));
+         //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_NAME));
+ 	}
+-- 
+1.8.3.1
+
diff --git a/0010-Fixed-more-coverity-scan-issues.patch b/0010-Fixed-more-coverity-scan-issues.patch
new file mode 100644
index 0000000..ecc7413
--- /dev/null
+++ b/0010-Fixed-more-coverity-scan-issues.patch
@@ -0,0 +1,175 @@
+From 0cae80518c6329f1575bf46b615123a5e034515a Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:33:38 -0500
+Subject: [PATCH 10/20] Fixed more coverity scan issues.
+
+---
+ src/Makefile.am                  |  3 ---
+ src/nm-openswan-service-helper.c | 21 -------------------
+ src/nm-openswan-service.c        | 44 ----------------------------------------
+ 3 files changed, 68 deletions(-)
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 12ce851..4f3e316 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -21,17 +21,14 @@ nm_openswan_service_SOURCES = \
+ 				nm-openswan-service.c \
+ 				nm-openswan-service.h
+ 
+-
+ nm_openswan_service_LDADD = \
+ 				$(DBUS_LIBS) \
+ 				$(GTHREAD_LIBS) \
+ 				$(NM_LIBS)
+ 
+-
+ nm_openswan_service_helper_SOURCES = \
+ 				nm-openswan-service-helper.c
+ 
+-
+ nm_openswan_service_helper_LDADD = \
+ 				$(DBUS_LIBS) \
+ 				$(GTHREAD_LIBS) \
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index 07bc576..e148b26 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -207,7 +207,6 @@ main (int argc, char *argv[])
+ 	GValue *val;
+ 	GError *err = NULL;
+ 	struct in_addr temp_addr;
+-	//long int mtu = 1412;
+ 	char nmask[16]="255.255.255.255";
+ 
+ 
+@@ -292,12 +291,6 @@ main (int argc, char *argv[])
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DNS, val);
+ 
+-#if 0
+-	/* WINS servers */
+-	val = addr_list_to_gvalue (getenv ("INTERNAL_IP4_NBNS"));
+-	if (val)
+-		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_NBNS, val);
+-#endif
+ 
+ 	/* Default domain */
+ 	val = str_to_gvalue (getenv ("PLUTO_PEER_DOMAIN_INFO"), TRUE);
+@@ -309,20 +302,6 @@ main (int argc, char *argv[])
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_BANNER, val);
+ 
+-#if 0
+-	/* MTU */
+-	tmp = getenv ("INTERNAL_IP4_MTU");
+-	if (tmp && strlen (tmp)) {
+-		errno = 0;
+-		mtu = strtol (tmp, NULL, 10);
+-		if (errno || mtu < 0 || mtu > 20000) {
+-			g_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
+-			mtu = 1412;
+-		}
+-	}
+-	val = uint_to_gvalue ((guint32) mtu);
+-	g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_MTU, val);
+-#endif
+ 
+ 	/* Send the config info to nm-openswan-service */
+ 	send_ip4_config (connection, config);
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index f9bea3d..64792a6 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -308,11 +308,7 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 	g_ptr_array_add (openswan_argv, (gpointer) "--add");
+ 	g_ptr_array_add (openswan_argv, (gpointer) "--config");
+ 	g_ptr_array_add (openswan_argv, (gpointer) "-");
+-	//g_ptr_array_add (openswan_argv, (gpointer) "--up");
+-	//g_ptr_array_add (openswan_argv, (gpointer) "--name");
+ 	g_ptr_array_add (openswan_argv, (gpointer) "nm-conn1");
+-	//g_ptr_array_add (openswan_argv, (gpointer) "--xauthpass");
+-	//g_ptr_array_add (openswan_argv, (gpointer) nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
+ 	g_ptr_array_add (openswan_argv, NULL);
+ 
+ 	if (!g_spawn_async_with_pipes (NULL, (char **) openswan_argv->pdata, NULL,
+@@ -524,17 +520,11 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
+ {
+ 	WriteConfigInfo *info;
+ 	const char *props_username;
+-	//const char *props_natt_mode;
+ 	const char *default_username;
+ 	const char *phase1_alg_str;
+ 	const char *phase2_alg_str;
+-	//const char *pw_type;
+ 	gint fdtmp1=-1;
+-	//gint conf_fd=-1;
+-	//gint secret_fd=-1;
+ 
+-        //conf_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.conf", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
+-        //secret_fd = open ("/etc/ipsec.d/ipsec-nm-conn1.secrets", O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
+ 
+         fdtmp1 = openswan_fd;
+         if(fdtmp1 != -1) {
+@@ -576,49 +566,17 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
+         }
+ 
+         write_config_option (fdtmp1, " nm_configured=yes\n");
+-        //write_config_option (fdtmp1, " leftupdown=%s\n", NM_OSW_UPDOWN_PATH);
+-        //write_config_option (fdtmp1, " auto=add\n");
+         write_config_option (fdtmp1, " auto=add");
+-        //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_VPN_SETTING_NAME));
+-        //write_config_option (fdtmp1, " #connectionname=%s\n", nm_setting_vpn_get_data_item (s_vpn, NM_SETTING_NAME));
+ 	}
+ 
+-	//default_username = nm_setting_vpn_get_user_name (s_vpn);
+-
+-	/* Fill username if it's not present */
+-	/*props_username = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_LEFTXAUTHUSER);
+-	if (   default_username
+-	    && strlen (default_username)
+-	    && (!props_username || !strlen (props_username))) {
+-		write_config_option (openswan_fd,
+-		                     NM_OPENSWAN_LEFTXAUTHUSER " %s\n",
+-		                     default_username);
+-	}*/
+-	
+ 	info = g_malloc0 (sizeof (WriteConfigInfo));
+-	//info->fd = openswan_fd;
+-	//info->conf_fd = conf_fd;
+ 	info->conf_fd = openswan_fd;
+-	//info->secret_fd = secret_fd;
+ 	info->s_vpn = s_vpn;
+ 
+-	/* Check for ignored user password */
+-	/*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
+-	if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
+-		info->upw_ignored = TRUE;*/
+-
+-	/* Check for ignored group password */
+-	/*pw_type = nm_setting_vpn_get_data_item (s_vpn, NM_OPENSWAN_PSK_INPUT_MODES);
+-	if (pw_type && !strcmp (pw_type, NM_OPENSWAN_PW_TYPE_UNUSED))
+-		info->gpw_ignored = TRUE;*/
+-
+ 	nm_setting_vpn_foreach_data_item (s_vpn, write_one_property, info);
+-	//nm_setting_vpn_foreach_secret (s_vpn, write_one_property, info);
+ 	*error = info->error;
+-	//close(conf_fd);
+ 	close(openswan_fd);
+ 	sleep(3);
+-	//close(secret_fd);
+ 	g_free (info);
+ 
+ 	return *error ? FALSE : TRUE;
+@@ -807,8 +765,6 @@ real_disconnect (NMVPNPlugin   *plugin,
+         }
+         g_ptr_array_free (openswan_argv, TRUE);
+ 
+-        //unlink("/etc/ipsec.d/ipsec-nm-conn1.conf");
+-        //unlink("/etc/ipsec.d/ipsec-nm-conn1.secrets");
+ 
+ 	return TRUE;
+ }
+-- 
+1.8.3.1
+
diff --git a/0011-Fixed-the-current-code-as-it-does-not-set-the-defaul.patch b/0011-Fixed-the-current-code-as-it-does-not-set-the-defaul.patch
new file mode 100644
index 0000000..03afc9f
--- /dev/null
+++ b/0011-Fixed-the-current-code-as-it-does-not-set-the-defaul.patch
@@ -0,0 +1,55 @@
+From 9a5e803eac0f3bd30517a4e615271f0f1d97ca02 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:37:22 -0500
+Subject: [PATCH 11/20] Fixed the current code as it does not set the default
+ route field NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT when sending VPN
+ information to nm-openswan plugin. This fix sets the field to TRUE.
+
+---
+ src/nm-openswan-service-helper.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index e148b26..59d79f9 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -121,6 +121,17 @@ str_to_gvalue (const char *str, gboolean try_convert)
+ }
+ 
+ static GValue *
++bool_to_gvalue (gboolean b)
++{
++        GValue *val;
++
++        val = g_slice_new0 (GValue);
++        g_value_init (val, G_TYPE_BOOLEAN);
++        g_value_set_boolean (val, b);
++        return val;
++}
++
++static GValue *
+ uint_to_gvalue (guint32 num)
+ {
+ 	GValue *val;
+@@ -252,6 +263,7 @@ main (int argc, char *argv[])
+ 	/* Tunnel device */
+ 	//val = str_to_gvalue (getenv ("TUNDEV"), FALSE);
+ 	//val = str_to_gvalue ("tun0", FALSE);
++	val = str_to_gvalue ("lo", FALSE);
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
+ 	else
+@@ -302,6 +314,10 @@ main (int argc, char *argv[])
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_BANNER, val);
+ 
++	/* Routes */
++	/* No default route*/
++	g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT,
++					bool_to_gvalue (TRUE));
+ 
+ 	/* Send the config info to nm-openswan-service */
+ 	send_ip4_config (connection, config);
+-- 
+1.8.3.1
+
diff --git a/0012-Fixed-netmask-issue-when-sending-IP-information-to-t.patch b/0012-Fixed-netmask-issue-when-sending-IP-information-to-t.patch
new file mode 100644
index 0000000..468fa96
--- /dev/null
+++ b/0012-Fixed-netmask-issue-when-sending-IP-information-to-t.patch
@@ -0,0 +1,36 @@
+From 7917ed515f29f54847e3bf57b6b61e7097ed78e7 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:38:08 -0500
+Subject: [PATCH 12/20] Fixed netmask issue when sending IP information to the
+ nm openswan plugin service.
+
+---
+ src/nm-openswan-service-helper.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index 59d79f9..d521645 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -283,9 +283,8 @@ main (int argc, char *argv[])
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+ 	else
+ 		helper_failed (connection, "IP4 PTP Address");
+-//#if 0
++
+ 	/* Netmask */
+-	//tmp = getenv ("INTERNAL_IP4_NETMASK");
+ 	tmp = nmask;
+ 	if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
+ 		GValue *value;
+@@ -296,7 +295,6 @@ main (int argc, char *argv[])
+ 
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, value);
+ 	}
+-//#endif
+ 
+ 	/* DNS */
+ 	val = addr_list_to_gvalue (getenv ("PLUTO_PEER_DNS_INFO"));
+-- 
+1.8.3.1
+
diff --git a/0013-Fixed-more-libreswan-related-changes.patch b/0013-Fixed-more-libreswan-related-changes.patch
new file mode 100644
index 0000000..a1ebd87
--- /dev/null
+++ b/0013-Fixed-more-libreswan-related-changes.patch
@@ -0,0 +1,68 @@
+From 2581ac2914b666b427a90ea400e757ef41030bdd Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:45:06 -0500
+Subject: [PATCH 13/20] Fixed more libreswan related changes.
+
+---
+ src/nm-openswan-service-helper.c | 7 +++----
+ src/nm-openswan-service.c        | 8 ++++----
+ 2 files changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/src/nm-openswan-service-helper.c b/src/nm-openswan-service-helper.c
+index d521645..cde7443 100644
+--- a/src/nm-openswan-service-helper.c
++++ b/src/nm-openswan-service-helper.c
+@@ -204,8 +204,8 @@ addr_list_to_gvalue (const char *str)
+  *
+  * PLUTO_PEER             	-- vpn gateway address
+  * PLUTO_MY_SOURCEIP		-- address
+- * PLUTO_CISCO_DNS_INFO         -- list of dns serverss
+- * PLUTO_CISCO_DOMAIN_INFO      -- default domain name
++ * PLUTO_PEER_DNS_INFO         -- list of dns serverss
++ * PLUTO_PEER_DOMAIN_INFO      -- default domain name
+  * PLUTO_PEER_BANNER           -- banner from server
+  *
+  */
+@@ -247,8 +247,7 @@ main (int argc, char *argv[])
+ 	if (val)
+ 		g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_GATEWAY, val);
+ 	else
+-		helper_failed (connection, "Openswan Pluto Right Peer (VPN Gateway)");
+-
++		helper_failed (connection, "IPsec/Pluto Right Peer (VPN Gateway)");
+ 
+ 	/*
+ 	 * Tunnel device
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index 64792a6..d59c58f 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -860,15 +860,15 @@ main (int argc, char *argv[])
+ 	g_option_context_parse (opt_ctx, &argc, &argv, NULL);
+ 	g_option_context_free (opt_ctx);
+ 
+-	if (getenv ("OPENSWAN_DEBUG"))
++	if (getenv ("IPSEC_DEBUG"))
+ 		debug = TRUE;
+ 
+ 	if (debug)
+-		g_message ("nm-openswan-service (version " DIST_VERSION ") starting...");
++		g_printf ("nm-openswan-service (version " DIST_VERSION ") starting...\n");
+ 
+ 	plugin = nm_openswan_plugin_new ();
+ 	if (!plugin)
+-		exit (1);
++		exit (EXIT_FAILURE);
+ 
+ 	loop = g_main_loop_new (NULL, FALSE);
+ 
+@@ -881,5 +881,5 @@ main (int argc, char *argv[])
+ 	g_main_loop_unref (loop);
+ 	g_object_unref (plugin);
+ 
+-	exit (0);
++	exit (EXIT_SUCCESS);
+ }
+-- 
+1.8.3.1
+
diff --git a/0014-Fixed-an-issue-where-nm-openswan-service-is-searchin.patch b/0014-Fixed-an-issue-where-nm-openswan-service-is-searchin.patch
new file mode 100644
index 0000000..924e0fe
--- /dev/null
+++ b/0014-Fixed-an-issue-where-nm-openswan-service-is-searchin.patch
@@ -0,0 +1,27 @@
+From fdd136923c77b71080f2ccb2c0fe0a5234e73c1c Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 14:47:14 -0500
+Subject: [PATCH 14/20] Fixed an issue where nm-openswan service is searching
+ for ipsec binary in both /sbin and /usr/sbin leading to same operation twice,
+ as /sbin is just symlink to /usr/sbin, so removed /sbin from the search
+ paths.
+
+---
+ src/nm-openswan-service.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index d59c58f..7f1a9c9 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -57,7 +57,6 @@ typedef struct {
+ static const char *openswan_binary_paths[] =
+ {
+ 	"/usr/sbin/ipsec",
+-	"/sbin/ipsec",
+ 	"/usr/local/sbin/ipsec",
+ 	NULL
+ };
+-- 
+1.8.3.1
+
diff --git a/0015-Rewrite-pluto-watch-API-which-watches-the-pluto-proc.patch b/0015-Rewrite-pluto-watch-API-which-watches-the-pluto-proc.patch
new file mode 100644
index 0000000..9d3df67
--- /dev/null
+++ b/0015-Rewrite-pluto-watch-API-which-watches-the-pluto-proc.patch
@@ -0,0 +1,131 @@
+From 24e2b36b20f2b6d42f715618e13c2919ad0fc51c Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 15:04:09 -0500
+Subject: [PATCH 15/20] Rewrite pluto watch API which watches the pluto process
+ for its status. Fixed memory leak issues as not all child processes were
+ reaped correctly. Also g_spwan_close_pid was not being called after children
+ were reaped. Also modified debugs and added more to help with debugging in
+ the future.
+
+---
+ src/nm-openswan-service.c | 52 +++++++++++++++++++++++++++--------------------
+ 1 file changed, 30 insertions(+), 22 deletions(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index 7f1a9c9..b73ab1f 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -207,30 +207,33 @@ nm_openswan_secrets_validate (NMSettingVPN *s_vpn, GError **error)
+ }
+ 
+ static void
+-openswan_watch_cb_auto (GPid pid, gint status, gpointer user_data)
++pluto_watch_cb (GPid pid, gint status, gpointer user_data)
+ {
+         NMOPENSWANPlugin *plugin = NM_OPENSWAN_PLUGIN (user_data);
+         NMOPENSWANPluginPrivate *priv = NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin);
+         guint error = 0;
+ 
++	if(debug)
++	g_printf("pluto_watch: current child pid = %d, pluto pid=%d\n", pid, priv->pid);
++
+         if (WIFEXITED (status)) {
+                 error = WEXITSTATUS (status);
+                 if (error != 0)
+-                        g_warning ("openswan: ipsec auto exited with error code %d", error);
++                        g_printf ("pluto_watch: pluto exited with error code %d\n", error);
+         }
+         else if (WIFSTOPPED (status))
+-                g_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
++                g_printf ("pluto_watch: pluto stopped unexpectedly with signal %d\n", WSTOPSIG (status));
+         else if (WIFSIGNALED (status))
+-                g_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
++                g_printf ("pluto_watch: pluto died with signal %d\n", WTERMSIG (status));
+         else
+-                g_warning ("openswan: ipsec auto died from an unknown cause");
++                g_printf ("pluto_watch: pluto died from an unknown cause\n");
+ 
+         /* Reap child if needed. */
+-        //waitpid (priv->pid_auto, NULL, WNOHANG);
+-        //priv->pid_auto = 0;
++		waitpid (pid, NULL, WNOHANG);
++
++		if(debug)
++		g_printf ("pluto_watch: reaped child pid =%d\n", pid);
+ 
+-        waitpid (priv->pid, NULL, WNOHANG);
+-        priv->pid = 0;
+ 
+ 	/* Must be after data->state is set since signals use data->state */
+ 	switch (error) {
+@@ -246,18 +249,29 @@ openswan_watch_cb_auto (GPid pid, gint status, gpointer user_data)
+ 		break;
+ 	}
+ 
+-	nm_vpn_plugin_set_state (NM_VPN_PLUGIN (plugin), NM_VPN_SERVICE_STATE_STOPPED);
++	if(pid == priv->pid || error) {
++		priv->pid = 0;
++
++		if(debug)
++		g_printf ("pluto_watch: nm pluto service is stopping\n");
++
++		nm_vpn_plugin_set_state (NM_VPN_PLUGIN (plugin), NM_VPN_SERVICE_STATE_STOPPED);
++	}
++
++	if(debug)
++	g_printf ("pluto_watch: nm pluto service will continue after reaping a child\n");
++
++	/*closing pid*/
++	g_spawn_close_pid(pid);
+ }
+ 
+ 
+ static gint
+-//nm_openswan_start_openswan_binary (NMSettingVPN *s_vpn, NMOPENSWANPlugin *plugin, GError **error)
+ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ {
+ 	GPid	pid, pid_auto;
+ 	const char **openswan_binary = NULL;
+ 	GPtrArray *openswan_argv;
+-	GSource *openswan_watch;
+ 	gint	stdin_fd;
+ 
+ 	/* Find openswan ipsec */
+@@ -293,11 +307,8 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 
+ 	g_message ("openswan: ipsec started with pid %d", pid);
+ 
+-    NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
+-	openswan_watch = g_child_watch_source_new (pid);
+-	g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL);
+-	g_source_attach (openswan_watch, NULL);
+-	g_source_unref (openswan_watch);
++	NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
++	g_child_watch_add(pid, (GChildWatchFunc) pluto_watch_cb, plugin);
+ 
+ 	sleep(2);
+ 
+@@ -322,11 +333,7 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 
+ 	g_message ("openswan: ipsec auto started with pid %d", pid_auto);
+ 
+-	/*NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
+-	openswan_watch = g_child_watch_source_new (pid_auto);
+-	g_source_set_callback (openswan_watch, (GSourceFunc) openswan_watch_cb_auto, plugin, NULL);
+-	g_source_attach (openswan_watch, NULL);
+-	g_source_unref (openswan_watch);*/
++	g_child_watch_add(pid_auto, (GChildWatchFunc) pluto_watch_cb, plugin);
+ 
+ 	return stdin_fd;
+ }
+@@ -376,6 +383,7 @@ nm_openswan_start_openswan_connection (NMOPENSWANPlugin *plugin, GError **error)
+ 	g_ptr_array_free (openswan_argv, TRUE);
+ 
+     sleep(3);
++        g_child_watch_add(pid, (GChildWatchFunc) pluto_watch_cb, plugin);
+ 
+ 	g_message ("openswan: ipsec auto connection started with pid %d", pid);
+ 
+-- 
+1.8.3.1
+
diff --git a/0016-Fixed-defaults-values-for-more-parameters-to-help-th.patch b/0016-Fixed-defaults-values-for-more-parameters-to-help-th.patch
new file mode 100644
index 0000000..f3bad15
--- /dev/null
+++ b/0016-Fixed-defaults-values-for-more-parameters-to-help-th.patch
@@ -0,0 +1,28 @@
+From dde144e924005c3048061b4d758019a1358ac505 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 15:05:25 -0500
+Subject: [PATCH 16/20] Fixed defaults values for more parameters to help the
+ VPN connection stay more reliable.
+
+---
+ src/nm-openswan-service.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index b73ab1f..b807bcc 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -573,6 +573,10 @@ nm_openswan_config_write (gint openswan_fd, NMSettingVPN *s_vpn,
+         }
+ 
+         write_config_option (fdtmp1, " nm_configured=yes\n");
++        write_config_option (fdtmp1, " rekey=yes\n");
++        write_config_option (fdtmp1, " salifetime=24h\n");
++        write_config_option (fdtmp1, " ikelifetime=24h\n");
++        write_config_option (fdtmp1, " keyingtries=1\n");
+         write_config_option (fdtmp1, " auto=add");
+ 	}
+ 
+-- 
+1.8.3.1
+
diff --git a/0017-Fixed-initiation-of-pluto-daemon-by-this-plugin-to-r.patch b/0017-Fixed-initiation-of-pluto-daemon-by-this-plugin-to-r.patch
new file mode 100644
index 0000000..2428ce9
--- /dev/null
+++ b/0017-Fixed-initiation-of-pluto-daemon-by-this-plugin-to-r.patch
@@ -0,0 +1,50 @@
+From 9dadb938c40e4d56fea6c6d55f3c9b90e776fb62 Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 15:21:54 -0500
+Subject: [PATCH 17/20] Fixed initiation of pluto daemon by this plugin to
+ reflect the changes in libreaswan.
+
+---
+ src/nm-openswan-service.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index b807bcc..f205c1d 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -49,7 +49,6 @@ G_DEFINE_TYPE (NMOPENSWANPlugin, nm_openswan_plugin, NM_TYPE_VPN_PLUGIN)
+ 
+ typedef struct {
+ 	GPid pid;
+-	GPid pid_auto;
+ } NMOPENSWANPluginPrivate;
+ 
+ #define NM_OPENSWAN_PLUGIN_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_OPENSWAN_PLUGIN, NMOPENSWANPluginPrivate))
+@@ -291,14 +290,20 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 		return -1;
+ 	}
+ 
+-	openswan_argv = g_ptr_array_new ();
+-	g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
+-	g_ptr_array_add (openswan_argv, (gpointer) "setup");
++	/*openswan_argv = g_ptr_array_new ();
+ 	g_ptr_array_add (openswan_argv, (gpointer) "start");
+ 	g_ptr_array_add (openswan_argv, NULL);
+ 
++        g_ptr_array_free (openswan_argv, TRUE);*/
++	openswan_argv = g_ptr_array_new ();
++	g_ptr_array_add (openswan_argv, (gpointer) "/usr/libexec/ipsec/pluto");
++	g_ptr_array_add (openswan_argv, (gpointer) "--config");
++	g_ptr_array_add (openswan_argv, (gpointer) "/etc/ipsec.conf");
++	g_ptr_array_add (openswan_argv, (gpointer) "--nofork");
++	g_ptr_array_add (openswan_argv, NULL);
++
+ 	if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
+-							 0, NULL, NULL, &pid, error)) {
++							 G_SPAWN_DO_NOT_REAP_CHILD, NULL, NULL, &pid, error)) {
+ 		g_ptr_array_free (openswan_argv, TRUE);
+ 		g_warning ("openswan ipsec failed to start.  error: '%s'", (*error)->message);
+ 		return -1;
+-- 
+1.8.3.1
+
diff --git a/0018-Fixed-various-debug-messages.patch b/0018-Fixed-various-debug-messages.patch
new file mode 100644
index 0000000..cedde11
--- /dev/null
+++ b/0018-Fixed-various-debug-messages.patch
@@ -0,0 +1,103 @@
+From 9ef10efa0905b22395987d99b26b8d5cbebd03ba Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 15:23:59 -0500
+Subject: [PATCH 18/20] Fixed various debug messages.
+
+---
+ src/nm-openswan-service.c | 25 +++++++++++++------------
+ 1 file changed, 13 insertions(+), 12 deletions(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index f205c1d..fffd020 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -305,12 +305,12 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 	if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
+ 							 G_SPAWN_DO_NOT_REAP_CHILD, NULL, NULL, &pid, error)) {
+ 		g_ptr_array_free (openswan_argv, TRUE);
+-		g_warning ("openswan ipsec failed to start.  error: '%s'", (*error)->message);
++		g_printf ("pluto failed to start.  error: '%s'\n", (*error)->message);
+ 		return -1;
+ 	}
+ 	g_ptr_array_free (openswan_argv, TRUE);
+ 
+-	g_message ("openswan: ipsec started with pid %d", pid);
++	g_printf ("ipsec/pluto started with pid %d\n", pid);
+ 
+ 	NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
+ 	g_child_watch_add(pid, (GChildWatchFunc) pluto_watch_cb, plugin);
+@@ -331,20 +331,19 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 							 NULL, NULL, error)) {
+ 
+ 		g_ptr_array_free (openswan_argv, TRUE);
+-		g_warning ("openswan: ipsec auto failed to start.  error: '%s'", (*error)->message);
++		g_printf ("ipsec auto add failed with error: '%s'\n", (*error)->message);
+ 		return -1;
+ 	}
+ 	g_ptr_array_free (openswan_argv, TRUE);
+ 
+-	g_message ("openswan: ipsec auto started with pid %d", pid_auto);
++	if(debug)
++        g_printf ("pluto auto started with pid %d\n", pid_auto);
+ 
+ 	g_child_watch_add(pid_auto, (GChildWatchFunc) pluto_watch_cb, plugin);
+ 
+ 	return stdin_fd;
+ }
+ 
+-
+-
+ static gint
+ nm_openswan_start_openswan_connection (NMOPENSWANPlugin *plugin, GError **error)
+ {
+@@ -382,15 +381,17 @@ nm_openswan_start_openswan_connection (NMOPENSWANPlugin *plugin, GError **error)
+ 							 NULL, NULL, error)) {
+ 
+ 		g_ptr_array_free (openswan_argv, TRUE);
+-		g_warning ("openswan: ipsec auto connection failed to start.  error: '%s'", (*error)->message);
++		g_printf ("ipsec/pluto auto connection failed to start.  error: '%s'\n", (*error)->message);
+ 		return -1;
+ 	}
+ 	g_ptr_array_free (openswan_argv, TRUE);
+ 
+-    sleep(3);
++	if(debug)
++        g_printf ("pluto up started with pid %d\n", pid);
++
+         g_child_watch_add(pid, (GChildWatchFunc) pluto_watch_cb, plugin);
+ 
+-	g_message ("openswan: ipsec auto connection started with pid %d", pid);
++	//sleep(3);
+ 
+ 	return stdin_fd;
+ }
+@@ -408,7 +409,7 @@ write_config_option (int fd, const char *format, ...)
+ 		g_print ("Config: %s", string);
+ 
+ 	if ( write (fd, string, strlen (string)) == -1) {
+-	g_warning ("nm-openswan: error in write_config_option");
++	g_printf ("nm-openswan: error in write_config_option\n");
+ 	}
+ 
+ 	g_free (string);
+@@ -521,7 +522,7 @@ write_one_property (const char *key, const char *value, gpointer user_data)
+ 		/* ignored */
+ 	} else {
+ 		/* Just ignore unknown properties */
+-		g_warning ("Don't know how to write property '%s' with type %s",
++		g_printf ("Don't know how to write property '%s' with type %s\n",
+ 				  (char *) key, g_type_name (type));
+ 	}
+ }
+@@ -676,7 +677,7 @@ real_connect (NMVPNPlugin   *plugin,
+ 	if (openswan_fd < 0)
+ 		goto out;
+ 
+-    write_config_option (openswan_fd, "%s", nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
++	write_config_option (openswan_fd, "%s", nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
+ 	close(openswan_fd);
+ 	openswan_fd=-1;
+ 
+-- 
+1.8.3.1
+
diff --git a/0019-Fixed-the-termination-operation-of-pluto-daemon-to-c.patch b/0019-Fixed-the-termination-operation-of-pluto-daemon-to-c.patch
new file mode 100644
index 0000000..127977a
--- /dev/null
+++ b/0019-Fixed-the-termination-operation-of-pluto-daemon-to-c.patch
@@ -0,0 +1,44 @@
+From 27c17d7d805ad87632872cf2ded5237fc59159dd Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 15:25:35 -0500
+Subject: [PATCH 19/20] Fixed the termination operation of pluto daemon to
+ comply with libreswan changes.
+
+---
+ src/nm-openswan-service.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index fffd020..af541bd 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -769,20 +769,21 @@ real_disconnect (NMVPNPlugin   *plugin,
+         }
+ 
+         openswan_argv = g_ptr_array_new ();
+-        g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
+-        g_ptr_array_add (openswan_argv, (gpointer) "setup");
+-        g_ptr_array_add (openswan_argv, (gpointer) "stop");
++		g_ptr_array_add (openswan_argv, (gpointer) "/usr/libexec/ipsec/whack");
++		g_ptr_array_add (openswan_argv, (gpointer) "--shutdown");
++        //g_ptr_array_add (openswan_argv, (gpointer) (*openswan_binary));
++        //g_ptr_array_add (openswan_argv, (gpointer) "setup");
++        //g_ptr_array_add (openswan_argv, (gpointer) "stop");
+         g_ptr_array_add (openswan_argv, NULL);
+ 
+         if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
+                                                          0, NULL, NULL, NULL, error)) {
+                 g_ptr_array_free (openswan_argv, TRUE);
+-                g_warning ("Openswan (pluto) failed to stop.  error: '%s'", (*error)->message);
++                g_printf ("ipsec (pluto) failed to stop.  error: '%s'\n", (*error)->message);
+                 return -1;
+         }
+         g_ptr_array_free (openswan_argv, TRUE);
+ 
+-
+ 	return TRUE;
+ }
+ 
+-- 
+1.8.3.1
+
diff --git a/0020-Fixed-an-issue-where-proper-network-stack-is-not-loa.patch b/0020-Fixed-an-issue-where-proper-network-stack-is-not-loa.patch
new file mode 100644
index 0000000..364b6f0
--- /dev/null
+++ b/0020-Fixed-an-issue-where-proper-network-stack-is-not-loa.patch
@@ -0,0 +1,39 @@
+From 7559f06152549e0c457d08c67f2d3088b37c6ccf Mon Sep 17 00:00:00 2001
+From: Avesh Agarwal <avagarwa at redhat.com>
+Date: Tue, 10 Dec 2013 16:56:18 -0500
+Subject: [PATCH 20/20] Fixed an issue where proper network stack is not loaded
+ unless _stackmanager is run before starting pluto daemon service.
+
+---
+ src/nm-openswan-service.c | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/src/nm-openswan-service.c b/src/nm-openswan-service.c
+index af541bd..f6afee5 100644
+--- a/src/nm-openswan-service.c
++++ b/src/nm-openswan-service.c
+@@ -290,11 +290,19 @@ nm_openswan_start_openswan_binary (NMOPENSWANPlugin *plugin, GError **error)
+ 		return -1;
+ 	}
+ 
+-	/*openswan_argv = g_ptr_array_new ();
++	openswan_argv = g_ptr_array_new ();
++	g_ptr_array_add (openswan_argv, (gpointer) "/usr/libexec/ipsec/_stackmanager");
+ 	g_ptr_array_add (openswan_argv, (gpointer) "start");
+ 	g_ptr_array_add (openswan_argv, NULL);
+ 
+-        g_ptr_array_free (openswan_argv, TRUE);*/
++	if (!g_spawn_sync (NULL, (char **) openswan_argv->pdata, NULL,
++													0, NULL, NULL, NULL, NULL, NULL, error)) {
++                g_ptr_array_free (openswan_argv, TRUE);
++                g_printf ("pluto _stackmanager failed with error: '%s'\n", (*error)->message);
++                return -1;
++        }
++	g_ptr_array_free (openswan_argv, TRUE);
++
+ 	openswan_argv = g_ptr_array_new ();
+ 	g_ptr_array_add (openswan_argv, (gpointer) "/usr/libexec/ipsec/pluto");
+ 	g_ptr_array_add (openswan_argv, (gpointer) "--config");
+-- 
+1.8.3.1
+
diff --git a/NetworkManager-openswan.spec b/NetworkManager-openswan.spec
index 981cd60..fee2d02 100644
--- a/NetworkManager-openswan.spec
+++ b/NetworkManager-openswan.spec
@@ -1,19 +1,41 @@
-%define nm_version        1:0.9.2
+#%define nm_version        1:0.9.8
 
-%define realversion 0.9.8.0
+%define realversion 0.9.8.4
 
 Summary:   NetworkManager VPN plug-in for openswan
 Name:      NetworkManager-openswan
-Version:   0.9.8.0
+Version:   0.9.8.4
 Release:   1%{?dist}
 License:   GPLv2+
 Group:     System Environment/Base
 URL:       http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openswan/0.9/
 Source0:   http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openswan/0.9/%{name}-%{realversion}.tar.xz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
+Patch1:    0001-NM-openswan-was-missing-support-for-nm-openswan-auth.patch
+Patch2:    0002-Fixed-gtk-label-max-width-issue-by-setting-it-to-35.patch
+Patch3:    0003-Fixed-Networkmanager-and-related-lib-dependencies.patch
+Patch4:    0004-Fixed-gnomekeyring-lib-dependencies.patch
+Patch5:    0005-Fixed-dead-code-based-on-coverity-scan.patch
+Patch6:    0006-Fix-prcoessing-of-nm-openswan-dialog.ui-file-and-add.patch
+Patch7:    0007-openswan-libreswan-does-not-provide-tun0-interface-s.patch
+Patch8:    0008-libreswan-related-fixes-as-some-macros-have-been-mod.patch
+Patch9:    0009-Fixed-an-issue-where-writing-configuration-on-stdin-.patch
+Patch10:   0010-Fixed-more-coverity-scan-issues.patch
+Patch11:   0011-Fixed-the-current-code-as-it-does-not-set-the-defaul.patch
+Patch12:   0012-Fixed-netmask-issue-when-sending-IP-information-to-t.patch
+Patch13:   0013-Fixed-more-libreswan-related-changes.patch
+Patch14:   0014-Fixed-an-issue-where-nm-openswan-service-is-searchin.patch
+Patch15:   0015-Rewrite-pluto-watch-API-which-watches-the-pluto-proc.patch
+Patch16:   0016-Fixed-defaults-values-for-more-parameters-to-help-th.patch
+Patch17:   0017-Fixed-initiation-of-pluto-daemon-by-this-plugin-to-r.patch
+Patch18:   0018-Fixed-various-debug-messages.patch
+Patch19:   0019-Fixed-the-termination-operation-of-pluto-daemon-to-c.patch
+Patch20:   0020-Fixed-an-issue-where-proper-network-stack-is-not-loa.patch
 
 BuildRequires: gtk3-devel
 BuildRequires: dbus-devel
+BuildRequires: NetworkManager-devel
+BuildRequires: NetworkManager-glib-devel
 BuildRequires: NetworkManager-devel       >= %{nm_version}
 BuildRequires: NetworkManager-glib-devel  >= %{nm_version}
 %if 0%{?fedora} > 16 || 0%{?rhel} >= 7
@@ -25,46 +47,143 @@ BuildRequires: intltool gettext
 
 Requires: NetworkManager   >= %{nm_version}
 Requires: gnome-keyring
+Requires: gtk3
+Requires: dbus
+Requires: libreswan
+Requires: shared-mime-info
+#Requires: nm-connection-editor
+
+%global _privatelibs libnm-openswan-properties[.]so.*
+%global __provides_exclude ^(%{_privatelibs})$
+%global __requires_exclude ^(%{_privatelibs})$
 
 %description
 This package contains software for integrating the openswan VPN software
 with NetworkManager and the GNOME desktop
 
+%package -n NetworkManager-openswan-gnome
+Summary: NetworkManager VPN plugin for openswan - GNOME files
+Group:   System Environment/Base
+
+Requires: NetworkManager-openswan = %{version}-%{release}
+Requires: nm-connection-editor
+
+%description -n NetworkManager-openswan-gnome
+This package contains software for integrating VPN capabilities with
+the openswan/libreswan server with NetworkManager (GNOME files).
+
 %prep
 %setup -q  -n NetworkManager-openswan-%{realversion}
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
+%patch18 -p1
+%patch19 -p1
+%patch20 -p1
 
 %build
+autoreconf
 %configure --disable-static --enable-more-warnings=yes
 make %{?_smp_mflags}
 
 %install
-
 make install DESTDIR=$RPM_BUILD_ROOT
-
 rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
+rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.a
+mv  %{buildroot}%{_libexecdir}/nm-openswan-service-helper  %{buildroot}%{_libexecdir}/nm-libreswan-service-helper
 
 %find_lang %{name}
 
+%post
+update-desktop-database &> /dev/null || :
+
+%postun
+update-desktop-database &> /dev/null || :
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
 %files -f %{name}.lang
 %defattr(-, root, root,-)
-%config /etc/NetworkManager/VPN/nm-openswan-service.name
-%config /etc/dbus-1/system.d/nm-openswan-service.conf
-
 %doc AUTHORS ChangeLog COPYING
-%{_libdir}/NetworkManager/lib*.so*
+#%{_libdir}/NetworkManager/lib*.so*
 %{_libexecdir}/nm-openswan-auth-dialog
 %{_sysconfdir}/dbus-1/system.d/nm-openswan-service.conf
 %{_sysconfdir}/NetworkManager/VPN/nm-openswan-service.name
 %{_libexecdir}/nm-openswan-service
-%{_libexecdir}/nm-openswan-service-helper
-%{_datadir}/gnome-vpn-properties/openswan/nm-openswan-dialog.ui
+%{_libexecdir}/nm-libreswan-service-helper
+%{_datadir}/applications/nm-openswan-auth-dialog.desktop
+#%dir %{_datadir}/gnome-vpn-properties/openswan
+#%{_datadir}/gnome-vpn-properties/openswan/nm-openswan-dialog.ui
+
+%files -n NetworkManager-openswan-gnome
+%doc AUTHORS ChangeLog COPYING
+%{_libdir}/NetworkManager/lib*.so*
 %dir %{_datadir}/gnome-vpn-properties/openswan
+%{_datadir}/gnome-vpn-properties/openswan/nm-openswan-dialog.ui
+
 
 %changelog
+* Tue Dec 10 2013 Avesh Agarwal <avagarwa at redhat.com> - 0.9.8.4-1
+- New upstream release 0.9.8.4
+- Fixed 926225
+- Fixed dependency to libreswan.
+- Created a new sub package NetworkManager-openswan-gnome
+- Various other spec file fixes.
+- Additional code changes are as follows:
+- Fixed an issue where proper network stack is not loaded unless
+  _stackmanager is run before starting pluto daemon service.
+- Fixed the termination operation of pluto daemon to comply with
+  libreswan changes.
+- Fixed various debug messages.
+- Fixed initiation of pluto daemon by this plugin to reflect the
+  changes in libreaswan.
+- Fixed defaults values for more parameters to help the VPN
+  connection stay more reliable.
+- Rewrote pluto watch API which watches the pluto process for its status.
+  Fixed memory leak issues as not all child processes were reaped correctly.
+  Also g_spwan_close_pid was not being called after children were reaped.
+  Also modified debugs and added more to help with debugging in the future.
+- Fixed an issue where nm-openswan service is searching for ipsec binary in
+  both /sbin and /usr/sbin leading to same operation twice, as /sbin is just
+  symlink to /usr/sbin, so removed /sbin from the search paths.
+- Fixed some libreswan related macro changes.
+- Fixed netmask issue when sending IP information to the nm openswan
+  plugin service.
+- Fixed the current code as it does not set the default route field
+  NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT when sending VPN information
+  to nm-openswan plugin. This fix sets the field to TRUE.
+- Fixed some issues found by coverity scan.
+- Fixed an issue where writing configuration on stdin should not end with
+  \n as it gives error. It used to work previously, but not with latest
+  NetworkManager versions.
+- libreswan related fixes, as some macros have been modified after forking
+  to libreswan from openswan.
+- openswan/libreswan does not provide tun0 interface, so fixed the code
+  where it sends tun0 interface.
+- Fix prcoessing of nm-openswan-dialog.ui file and added more error notifications.
+- Fixed dead code based on coverity scan.
+- Fixed gnomekeyring lib dependencies.
+- Fixed Networkmanager and related lib dependencies.
+- Fixed gtk label max width issue by setting it to 35.
+- NM-openswan was missing support for nm-openswan-auth-dialog.desktop.in.in.
+  So added a new nm-openswan-auth-dialog.desktop.in.in, and modified related
+  Makefile and configure.ac files.
+
 * Mon Aug 5 2013 Avesh Agarwal <avagarwa at redhat.com> - 0.9.8.0-1
 - Rebase to latest upstream version 0.9.8.0
 - Fixed several issues with the packaging
diff --git a/sources b/sources
index 1e85c40..5ae9be8 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-70281754557a11eef344ecbc7f88b4ce  NetworkManager-openswan-0.9.8.0.sha256sum
-6a373868f85ac3b7c953f7fd6c76e637  NetworkManager-openswan-0.9.8.0.tar.xz
+4aafa86d4203bb2b51c93165db165086  NetworkManager-openswan-0.9.8.4.sha256sum
+6cb2b64bc79c4174856613d077667b66  NetworkManager-openswan-0.9.8.4.tar.xz


More information about the scm-commits mailing list