Review Request: Support for importing/exporting OpenVPN connections

Ilia Kats ilia-kats at gmx.net
Sat Jul 23 21:57:15 UTC 2011 


> On July 23, 2011, 6:31 p.m., Lamarque Vieira Souza wrote:
> > vpnplugins/openvpn/openvpn.cpp, line 157
> > <http://git.reviewboard.kde.org/r/102059/diff/1/?file=29553#file29553line157>
> >
> >     You should not try to import a file whose extension is not supported (.ovpn and *.conf this this case). Windows does not support file extensions with more than three characters, do you know what is the extension they use?

Actually, that's not quite true. Yes, on old DOS-like systems you had the 8+3 rule, but any modern Windows system can handle arbitrary file names files with an arbitrary file extension (or none at all). Just look at for example XAMPP for Win, they're using the standard *.conf files for apache configuration. And according to http://openvpn.net/index.php/open-source/documentation/howto.html#install they are in fact using *.ovpn.


> On July 23, 2011, 6:31 p.m., Lamarque Vieira Souza wrote:
> > vpnplugins/openvpn/openvpn.cpp, line 110
> > <http://git.reviewboard.kde.org/r/102059/diff/1/?file=29553#file29553line110>
> >
> >     There is no problem in adding nss-devel as dependency. Nss is also used by NetworkManager, so it is already installed. We just need to change the main CMakeLists.txt to look for it and disable openvpn importing/exporting if it is not installed and emmit a warning when that happen.

Do we need to change the main CMakeLists.txt, or the one of the OpenVPN plugin? Another question is if that's actually needed. The isEncrypted method is only used to set the flags for the cerficate password, but since we're calling the connection editor afterwards anyway, I think we can skip that part here, the user will then simply change the combo box as needed and the flags will be set when saving the connection. And from what I can tell (./configure --help from NM's sources) NM can be compiled with either Nss or GnuTLS, so Nss is not always installed.


- Ilia


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/102059/#review5004
-----------------------------------------------------------


On July 23, 2011, 4:41 p.m., Rajeesh K Nambiar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/102059/
> -----------------------------------------------------------
> 
> (Updated July 23, 2011, 4:41 p.m.)
> 
> 
> Review request for Network Management.
> 
> 
> Summary
> -------
> 
> Caveat emptor: There is one unresolved issue with isEncrypted() function - we need to check of key file is PKCS12 format or not. nm-applet achieves this through a call to nm_setting_802_1x_set_private_key(). I've googled a lot, and looks like there is no way to check PKCS12 file format in either Qt or KDE.
> If we are to add ad-hoc support via SEC_PKCS12DecoderStart and related functions from nss (which is what NetworkManager does), it wil introduce a new dependency on nss-devel.
> 
> 
> This addresses bug 194099.
>     http://bugs.kde.org/show_bug.cgi?id=194099
> 
> 
> Diffs
> -----
> 
>   libs/ui/vpnuiplugin.h 932d86f 
>   settings/config/manageconnectionwidget.cpp 780d50f 
>   vpnplugins/novellvpn/novellvpn.h a95926b 
>   vpnplugins/novellvpn/novellvpn.cpp 61d5519 
>   vpnplugins/openvpn/openvpn.h 4607cd5 
>   vpnplugins/openvpn/openvpn.cpp 6f126b8 
>   vpnplugins/pptp/pptp.h e513d3c 
>   vpnplugins/pptp/pptp.cpp e4efbd7 
>   vpnplugins/strongswan/strongswan.h d648217 
>   vpnplugins/strongswan/strongswan.cpp 9d4a8be 
>   vpnplugins/vpnc/vpnc.h 0b3f6db 
>   vpnplugins/vpnc/vpnc.cpp ea24cf1 
> 
> Diff: http://git.reviewboard.kde.org/r/102059/diff
> 
> 
> Testing
> -------
> 
> Only lightly tested, seems to import/export OK for sample configuration file. I don't have an OpenVPN connection, so it would be great if someone could test.
> 
> 
> Thanks,
> 
> Rajeesh
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kde-networkmanager/attachments/20110723/8d548424/attachment-0001.htm

More information about the kde-networkmanager mailing list