├── .gitattributes ├── .gitignore ├── .gitlab-ci.yml ├── .triage-policies.yml ├── AUTHORS ├── COPYING ├── ChangeLog ├── MAINTAINERS ├── Makefile.am ├── NEWS ├── NetworkManager-openvpn.doap ├── README ├── appdata ├── network-manager-openvpn.metainfo.xml.in ├── openvpn-advanced.png └── openvpn.png ├── auth-dialog └── main.c ├── autogen.sh ├── configure.ac ├── linker-script-binary.ver ├── m4 ├── attributes.m4 ├── compiler_options.m4 └── git-sha-record.m4 ├── nm-openvpn-service.conf ├── nm-openvpn-service.name.in ├── po ├── ChangeLog ├── LINGUAS ├── POTFILES.in ├── POTFILES.skip ├── ar.po ├── as.po ├── be.po ├── bg.po ├── bs.po ├── ca.po ├── ca@valencia.po ├── cs.po ├── da.po ├── de.po ├── dz.po ├── el.po ├── en_GB.po ├── eo.po ├── es.po ├── et.po ├── eu.po ├── fa.po ├── fi.po ├── fr.po ├── fur.po ├── gl.po ├── gu.po ├── he.po ├── hr.po ├── hu.po ├── id.po ├── it.po ├── ja.po ├── ka.po ├── kn.po ├── ko.po ├── lt.po ├── lv.po ├── mk.po ├── mr.po ├── nb.po ├── nl.po ├── pa.po ├── pl.po ├── ps.po ├── pt.po ├── pt_BR.po ├── ro.po ├── ru.po ├── sk.po ├── sl.po ├── sr.po ├── sr@latin.po ├── sv.po ├── ta.po ├── te.po ├── th.po ├── tr.po ├── ug.po ├── uk.po ├── vi.po ├── zh_CN.po ├── zh_HK.po └── zh_TW.po ├── properties ├── gresource.xml ├── import-export.c ├── import-export.h ├── libnm-openvpn-properties.ver ├── libnm-vpn-plugin-openvpn-editor.ver ├── libnm-vpn-plugin-openvpn.ver ├── nm-openvpn-dialog.ui ├── nm-openvpn-editor-plugin.c ├── nm-openvpn-editor-plugin.h ├── nm-openvpn-editor.c ├── nm-openvpn-editor.h └── tests │ ├── conf │ ├── compress.ovpn │ ├── connect-timeout.ovpn │ ├── crl-dir.ovpn │ ├── crl-file.ovpn │ ├── device-notype.ovpn │ ├── device.ovpn │ ├── httpauthfile │ ├── iso885915.ovpn │ ├── keepalive.ovpn │ ├── keysize.ovpn │ ├── mtu-disc.ovpn │ ├── password.conf │ ├── ping-with-exit.ovpn │ ├── ping-with-restart.ovpn │ ├── pkcs12-with-ca.ovpn │ ├── pkcs12.ovpn │ ├── port.ovpn │ ├── proto-tcp-client.ovpn │ ├── proto-tcp.ovpn │ ├── proto-tcp4-client.ovpn │ ├── proto-tcp4.ovpn │ ├── proto-tcp6-client.ovpn │ ├── proto-tcp6.ovpn │ ├── proto-udp.ovpn │ ├── proto-udp4.ovpn │ ├── proto-udp6.ovpn │ ├── proxy-http-with-auth.ovpn │ ├── proxy-http.ovpn │ ├── proxy-socks.ovpn │ ├── push-peer-info.ovpn │ ├── route.ovpn │ ├── rport.ovpn │ ├── server-poll-timeout.ovpn │ ├── static.key │ ├── static.ovpn │ ├── static2.ovpn │ ├── tls-inline-ca.pem │ ├── tls-inline-cert.pem │ ├── tls-inline-crl-verify-file.pem │ ├── tls-inline-key.pem │ ├── tls-inline-ta.pem │ ├── tls-inline.ovpn │ ├── tls.ovpn │ ├── tls2.ovpn │ ├── tls3.ovpn │ ├── tls4.ovpn │ └── tun-opts.conf │ └── test-import-export.c ├── shared ├── README ├── nm-default.h ├── nm-service-defines.h ├── nm-utils │ ├── gsystem-local-alloc.h │ ├── nm-glib.h │ ├── nm-macros-internal.h │ ├── nm-shared-utils.c │ ├── nm-shared-utils.h │ ├── nm-test-utils.h │ ├── nm-vpn-plugin-macros.h │ ├── nm-vpn-plugin-utils.c │ └── nm-vpn-plugin-utils.h ├── utils.c └── utils.h └── src ├── nm-openvpn-service-openvpn-helper.c └── nm-openvpn-service.c /.gitattributes: -------------------------------------------------------------------------------- 1 | /properties/tests/conf/*.ovpn diff 2 | /properties/tests/conf/tls-inline-ca.pem diff 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | *.o 3 | *.lo 4 | *.la 5 | *.bz2 6 | *.swp 7 | Makefile 8 | Makefile.in* 9 | configure 10 | compile 11 | config.* 12 | aclocal.m4 13 | depcomp 14 | install-sh 15 | INSTALL 16 | libtool 17 | ltmain.sh 18 | missing 19 | mkinstalldirs 20 | POTFILES 21 | .dirstamp 22 | stamp-* 23 | .deps 24 | .libs 25 | autom4te.cache 26 | intltool-* 27 | po/*.gmo 28 | po/.intltool-merge-cache 29 | m4/gtk-doc.m4 30 | m4/intltool.m4 31 | m4/libtool.m4 32 | m4/lt*.m4 33 | appdata/network-manager-openvpn.metainfo.xml 34 | 35 | /cscope.files 36 | /cscope.in.out 37 | /cscope.out 38 | /cscope.po.out 39 | 40 | /test-driver 41 | */tests/*.log 42 | */tests/*.trs 43 | test-*.log 44 | 45 | auth-dialog/nm-openvpn-auth-dialog 46 | nm-openvpn-service.name 47 | nm-openvpn.desktop 48 | src/nm-openvpn-service 49 | src/nm-openvpn-service-openvpn-helper 50 | properties/tests/test-import-export 51 | properties/tests/test-import-export-glib 52 | properties/resources.[ch] 53 | /NetworkManager-openvpn*.tar* 54 | /po/NetworkManager-openvpn.pot 55 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | # Quick syntax check: 2 | # python -c 'import sys, yaml; yaml.dump (yaml.load (sys.stdin), sys.stdout)' <.gitlab-ci.yml 3 | 4 | # If things don't seem to work, this can help: 5 | # https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/-/ci/lint 6 | 7 | stages: 8 | - build 9 | - test 10 | - triage 11 | 12 | .fedora_deps: &fedora_deps 13 | before_script: 14 | - dnf -y install 15 | file 16 | findutils 17 | gcc 18 | make 19 | gettext-devel 20 | glib2-devel 21 | gtk3-devel 22 | intltool 23 | libtool 24 | libsecret-devel 25 | libnma-devel 26 | NetworkManager-libnm-devel 27 | pkgconfig 28 | 29 | # Disable fetching Git, run after the tarball is rolled 30 | .dist: &dist 31 | stage: test 32 | dependencies: 33 | - fedora_dist 34 | variables: 35 | GIT_STRATEGY: none 36 | 37 | # Roll the distribution tarball 38 | fedora_dist: 39 | <<: *fedora_deps 40 | image: fedora:36 41 | stage: build 42 | script: 43 | - dnf -y install 44 | /usr/bin/autopoint 45 | autoconf automake make 46 | NetworkManager-libnm-devel 47 | libnma-gtk4-devel 48 | xorg-x11-server-Xvfb xorg-x11-xinit 49 | - sh autogen.sh 50 | # The Xvfb dance below is because of 51 | # https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/4415 52 | - xinit /bin/sh -c 'make -j distcheck && touch .success' -- /usr/bin/Xvfb :5 53 | - test -e .success 54 | artifacts: 55 | paths: 56 | - "*.xz" 57 | 58 | # This one has libnm-glib 59 | fedora28_from_dist: 60 | <<: *dist 61 | <<: *fedora_deps 62 | script: 63 | - tar xJf NetworkManager-openvpn-*.tar.xz 64 | - cd NetworkManager-openvpn-*/ 65 | # Sometimes the CI builder clocks are skewed. 66 | # Make sure the dst files are not from future. 67 | - find |xargs touch 68 | - dnf -y install 69 | NetworkManager-devel 70 | NetworkManager-glib-devel 71 | libnm-gtk-devel 72 | - ./configure 73 | --disable-silent-rules 74 | --with-libnm-glib 75 | - make -j 76 | - make -j check 77 | - make -j install 78 | - make -j uninstall 79 | image: fedora:28 80 | 81 | # A regular build on recent Fedora 82 | fedora_from_dist: 83 | <<: *dist 84 | <<: *fedora_deps 85 | script: 86 | - tar xJf NetworkManager-openvpn-*.tar.xz 87 | - cd NetworkManager-openvpn-*/ 88 | # Sometimes the CI builder clocks are skewed. 89 | # Make sure the dst files are not from future. 90 | - find |xargs touch 91 | - ./configure 92 | --disable-silent-rules 93 | - make -j 94 | - make -j check 95 | - make -j install 96 | - make -j uninstall 97 | image: fedora:latest 98 | 99 | triage:issues: 100 | stage: triage 101 | image: ruby:2.7 102 | script: 103 | - gem install gitlab-triage 104 | - gitlab-triage -d --token $API_TOKEN --source-id $SOURCE_ID 105 | only: 106 | - schedules 107 | -------------------------------------------------------------------------------- /.triage-policies.yml: -------------------------------------------------------------------------------- 1 | host_url: https://gitlab.gnome.org 2 | 3 | resource_rules: 4 | issues: 5 | rules: 6 | - name: Close issues with no activity for 6 months 7 | conditions: 8 | date: 9 | attribute: updated_at 10 | condition: older_than 11 | interval_type: months 12 | interval: 6 13 | state: opened 14 | actions: 15 | comment: | 16 | This issue has been inactive for 6 months, closing automatically, please reopen if you think the issue is still relevant. 17 | status: close 18 | labels: 19 | - auto-closed 20 | - name: Close RFE with no activity for 12 months 21 | conditions: 22 | date: 23 | attribute: updated_at 24 | condition: older_than 25 | interval_type: months 26 | interval: 12 27 | state: opened 28 | labels: 29 | - 1. Enhancement 30 | actions: 31 | comment: | 32 | This enhancement issue has been inactive for 12 months, closing automatically, please reopen if you think the issue is still relevant. 33 | status: close 34 | labels: 35 | - auto-closed 36 | - name: Clear auto-closed label for open issues 37 | conditions: 38 | state: opened 39 | labels: 40 | - auto-closed 41 | actions: 42 | remove_labels: 43 | - auto-closed 44 | merge_requests: 45 | rules: 46 | - name: Close MRs with no activity after 2 month 47 | conditions: 48 | date: 49 | attribute: updated_at 50 | condition: older_than 51 | interval_type: months 52 | interval: 2 53 | state: opened 54 | actions: 55 | comment: | 56 | This MR has been inactive for more than 2 months, closing automatically, please reopen if you think it is still relevant. 57 | status: close 58 | labels: 59 | - auto-closed 60 | - name: Clear auto-closed label for open MRs 61 | conditions: 62 | state: opened 63 | labels: 64 | - auto-closed 65 | actions: 66 | remove_labels: 67 | - auto-closed 68 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Tim Niemueller 2 | Dan Williams 3 | David Zeuthen 4 | Huzaifa S. Sidhpurwala 5 | Federico Mena Quintero 6 | Dan Winship 7 | Thomas Haller 8 | Lubomir Rintel 9 | Jiří Klimeš 10 | Dan Williams 11 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | This program is free software; you can redistribute it and/or modify 2 | it under the terms of the GNU General Public License as published by 3 | the Free Software Foundation; either version 2 of the License, or 4 | (at your option) any later version. 5 | 6 | 7 | GNU GENERAL PUBLIC LICENSE 8 | Version 2, June 1991 9 | 10 | Copyright (C) 1989, 1991 Free Software Foundation, Inc. 11 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 12 | Everyone is permitted to copy and distribute verbatim copies 13 | of this license document, but changing it is not allowed. 14 | 15 | Preamble 16 | 17 | The licenses for most software are designed to take away your 18 | freedom to share and change it. By contrast, the GNU General Public 19 | License is intended to guarantee your freedom to share and change free 20 | software--to make sure the software is free for all its users. This 21 | General Public License applies to most of the Free Software 22 | Foundation's software and to any other program whose authors commit to 23 | using it. (Some other Free Software Foundation software is covered by 24 | the GNU Library General Public License instead.) You can apply it to 25 | your programs, too. 26 | 27 | When we speak of free software, we are referring to freedom, not 28 | price. Our General Public Licenses are designed to make sure that you 29 | have the freedom to distribute copies of free software (and charge for 30 | this service if you wish), that you receive source code or can get it 31 | if you want it, that you can change the software or use pieces of it 32 | in new free programs; and that you know you can do these things. 33 | 34 | To protect your rights, we need to make restrictions that forbid 35 | anyone to deny you these rights or to ask you to surrender the rights. 36 | These restrictions translate to certain responsibilities for you if you 37 | distribute copies of the software, or if you modify it. 38 | 39 | For example, if you distribute copies of such a program, whether 40 | gratis or for a fee, you must give the recipients all the rights that 41 | you have. You must make sure that they, too, receive or can get the 42 | source code. And you must show them these terms so they know their 43 | rights. 44 | 45 | We protect your rights with two steps: (1) copyright the software, and 46 | (2) offer you this license which gives you legal permission to copy, 47 | distribute and/or modify the software. 48 | 49 | Also, for each author's protection and ours, we want to make certain 50 | that everyone understands that there is no warranty for this free 51 | software. If the software is modified by someone else and passed on, we 52 | want its recipients to know that what they have is not the original, so 53 | that any problems introduced by others will not reflect on the original 54 | authors' reputations. 55 | 56 | Finally, any free program is threatened constantly by software 57 | patents. We wish to avoid the danger that redistributors of a free 58 | program will individually obtain patent licenses, in effect making the 59 | program proprietary. To prevent this, we have made it clear that any 60 | patent must be licensed for everyone's free use or not licensed at all. 61 | 62 | The precise terms and conditions for copying, distribution and 63 | modification follow. 64 | 65 | GNU GENERAL PUBLIC LICENSE 66 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 67 | 68 | 0. This License applies to any program or other work which contains 69 | a notice placed by the copyright holder saying it may be distributed 70 | under the terms of this General Public License. The "Program", below, 71 | refers to any such program or work, and a "work based on the Program" 72 | means either the Program or any derivative work under copyright law: 73 | that is to say, a work containing the Program or a portion of it, 74 | either verbatim or with modifications and/or translated into another 75 | language. (Hereinafter, translation is included without limitation in 76 | the term "modification".) Each licensee is addressed as "you". 77 | 78 | Activities other than copying, distribution and modification are not 79 | covered by this License; they are outside its scope. The act of 80 | running the Program is not restricted, and the output from the Program 81 | is covered only if its contents constitute a work based on the 82 | Program (independent of having been made by running the Program). 83 | Whether that is true depends on what the Program does. 84 | 85 | 1. You may copy and distribute verbatim copies of the Program's 86 | source code as you receive it, in any medium, provided that you 87 | conspicuously and appropriately publish on each copy an appropriate 88 | copyright notice and disclaimer of warranty; keep intact all the 89 | notices that refer to this License and to the absence of any warranty; 90 | and give any other recipients of the Program a copy of this License 91 | along with the Program. 92 | 93 | You may charge a fee for the physical act of transferring a copy, and 94 | you may at your option offer warranty protection in exchange for a fee. 95 | 96 | 2. You may modify your copy or copies of the Program or any portion 97 | of it, thus forming a work based on the Program, and copy and 98 | distribute such modifications or work under the terms of Section 1 99 | above, provided that you also meet all of these conditions: 100 | 101 | a) You must cause the modified files to carry prominent notices 102 | stating that you changed the files and the date of any change. 103 | 104 | b) You must cause any work that you distribute or publish, that in 105 | whole or in part contains or is derived from the Program or any 106 | part thereof, to be licensed as a whole at no charge to all third 107 | parties under the terms of this License. 108 | 109 | c) If the modified program normally reads commands interactively 110 | when run, you must cause it, when started running for such 111 | interactive use in the most ordinary way, to print or display an 112 | announcement including an appropriate copyright notice and a 113 | notice that there is no warranty (or else, saying that you provide 114 | a warranty) and that users may redistribute the program under 115 | these conditions, and telling the user how to view a copy of this 116 | License. (Exception: if the Program itself is interactive but 117 | does not normally print such an announcement, your work based on 118 | the Program is not required to print an announcement.) 119 | 120 | These requirements apply to the modified work as a whole. If 121 | identifiable sections of that work are not derived from the Program, 122 | and can be reasonably considered independent and separate works in 123 | themselves, then this License, and its terms, do not apply to those 124 | sections when you distribute them as separate works. But when you 125 | distribute the same sections as part of a whole which is a work based 126 | on the Program, the distribution of the whole must be on the terms of 127 | this License, whose permissions for other licensees extend to the 128 | entire whole, and thus to each and every part regardless of who wrote it. 129 | 130 | Thus, it is not the intent of this section to claim rights or contest 131 | your rights to work written entirely by you; rather, the intent is to 132 | exercise the right to control the distribution of derivative or 133 | collective works based on the Program. 134 | 135 | In addition, mere aggregation of another work not based on the Program 136 | with the Program (or with a work based on the Program) on a volume of 137 | a storage or distribution medium does not bring the other work under 138 | the scope of this License. 139 | 140 | 3. You may copy and distribute the Program (or a work based on it, 141 | under Section 2) in object code or executable form under the terms of 142 | Sections 1 and 2 above provided that you also do one of the following: 143 | 144 | a) Accompany it with the complete corresponding machine-readable 145 | source code, which must be distributed under the terms of Sections 146 | 1 and 2 above on a medium customarily used for software interchange; or, 147 | 148 | b) Accompany it with a written offer, valid for at least three 149 | years, to give any third party, for a charge no more than your 150 | cost of physically performing source distribution, a complete 151 | machine-readable copy of the corresponding source code, to be 152 | distributed under the terms of Sections 1 and 2 above on a medium 153 | customarily used for software interchange; or, 154 | 155 | c) Accompany it with the information you received as to the offer 156 | to distribute corresponding source code. (This alternative is 157 | allowed only for noncommercial distribution and only if you 158 | received the program in object code or executable form with such 159 | an offer, in accord with Subsection b above.) 160 | 161 | The source code for a work means the preferred form of the work for 162 | making modifications to it. For an executable work, complete source 163 | code means all the source code for all modules it contains, plus any 164 | associated interface definition files, plus the scripts used to 165 | control compilation and installation of the executable. However, as a 166 | special exception, the source code distributed need not include 167 | anything that is normally distributed (in either source or binary 168 | form) with the major components (compiler, kernel, and so on) of the 169 | operating system on which the executable runs, unless that component 170 | itself accompanies the executable. 171 | 172 | If distribution of executable or object code is made by offering 173 | access to copy from a designated place, then offering equivalent 174 | access to copy the source code from the same place counts as 175 | distribution of the source code, even though third parties are not 176 | compelled to copy the source along with the object code. 177 | 178 | 4. You may not copy, modify, sublicense, or distribute the Program 179 | except as expressly provided under this License. Any attempt 180 | otherwise to copy, modify, sublicense or distribute the Program is 181 | void, and will automatically terminate your rights under this License. 182 | However, parties who have received copies, or rights, from you under 183 | this License will not have their licenses terminated so long as such 184 | parties remain in full compliance. 185 | 186 | 5. You are not required to accept this License, since you have not 187 | signed it. However, nothing else grants you permission to modify or 188 | distribute the Program or its derivative works. These actions are 189 | prohibited by law if you do not accept this License. Therefore, by 190 | modifying or distributing the Program (or any work based on the 191 | Program), you indicate your acceptance of this License to do so, and 192 | all its terms and conditions for copying, distributing or modifying 193 | the Program or works based on it. 194 | 195 | 6. Each time you redistribute the Program (or any work based on the 196 | Program), the recipient automatically receives a license from the 197 | original licensor to copy, distribute or modify the Program subject to 198 | these terms and conditions. You may not impose any further 199 | restrictions on the recipients' exercise of the rights granted herein. 200 | You are not responsible for enforcing compliance by third parties to 201 | this License. 202 | 203 | 7. If, as a consequence of a court judgment or allegation of patent 204 | infringement or for any other reason (not limited to patent issues), 205 | conditions are imposed on you (whether by court order, agreement or 206 | otherwise) that contradict the conditions of this License, they do not 207 | excuse you from the conditions of this License. If you cannot 208 | distribute so as to satisfy simultaneously your obligations under this 209 | License and any other pertinent obligations, then as a consequence you 210 | may not distribute the Program at all. For example, if a patent 211 | license would not permit royalty-free redistribution of the Program by 212 | all those who receive copies directly or indirectly through you, then 213 | the only way you could satisfy both it and this License would be to 214 | refrain entirely from distribution of the Program. 215 | 216 | If any portion of this section is held invalid or unenforceable under 217 | any particular circumstance, the balance of the section is intended to 218 | apply and the section as a whole is intended to apply in other 219 | circumstances. 220 | 221 | It is not the purpose of this section to induce you to infringe any 222 | patents or other property right claims or to contest validity of any 223 | such claims; this section has the sole purpose of protecting the 224 | integrity of the free software distribution system, which is 225 | implemented by public license practices. Many people have made 226 | generous contributions to the wide range of software distributed 227 | through that system in reliance on consistent application of that 228 | system; it is up to the author/donor to decide if he or she is willing 229 | to distribute software through any other system and a licensee cannot 230 | impose that choice. 231 | 232 | This section is intended to make thoroughly clear what is believed to 233 | be a consequence of the rest of this License. 234 | 235 | 8. If the distribution and/or use of the Program is restricted in 236 | certain countries either by patents or by copyrighted interfaces, the 237 | original copyright holder who places the Program under this License 238 | may add an explicit geographical distribution limitation excluding 239 | those countries, so that distribution is permitted only in or among 240 | countries not thus excluded. In such case, this License incorporates 241 | the limitation as if written in the body of this License. 242 | 243 | 9. The Free Software Foundation may publish revised and/or new versions 244 | of the General Public License from time to time. Such new versions will 245 | be similar in spirit to the present version, but may differ in detail to 246 | address new problems or concerns. 247 | 248 | Each version is given a distinguishing version number. If the Program 249 | specifies a version number of this License which applies to it and "any 250 | later version", you have the option of following the terms and conditions 251 | either of that version or of any later version published by the Free 252 | Software Foundation. If the Program does not specify a version number of 253 | this License, you may choose any version ever published by the Free Software 254 | Foundation. 255 | 256 | 10. If you wish to incorporate parts of the Program into other free 257 | programs whose distribution conditions are different, write to the author 258 | to ask for permission. For software which is copyrighted by the Free 259 | Software Foundation, write to the Free Software Foundation; we sometimes 260 | make exceptions for this. Our decision will be guided by the two goals 261 | of preserving the free status of all derivatives of our free software and 262 | of promoting the sharing and reuse of software generally. 263 | 264 | NO WARRANTY 265 | 266 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 267 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 268 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 269 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 270 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 271 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 272 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 273 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 274 | REPAIR OR CORRECTION. 275 | 276 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 277 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 278 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 279 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 280 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 281 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 282 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 283 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 284 | POSSIBILITY OF SUCH DAMAGES. 285 | 286 | END OF TERMS AND CONDITIONS 287 | 288 | How to Apply These Terms to Your New Programs 289 | 290 | If you develop a new program, and you want it to be of the greatest 291 | possible use to the public, the best way to achieve this is to make it 292 | free software which everyone can redistribute and change under these terms. 293 | 294 | To do so, attach the following notices to the program. It is safest 295 | to attach them to the start of each source file to most effectively 296 | convey the exclusion of warranty; and each file should have at least 297 | the "copyright" line and a pointer to where the full notice is found. 298 | 299 | 300 | Copyright (C) 301 | 302 | This program is free software; you can redistribute it and/or modify 303 | it under the terms of the GNU General Public License as published by 304 | the Free Software Foundation; either version 2 of the License, or 305 | (at your option) any later version. 306 | 307 | This program is distributed in the hope that it will be useful, 308 | but WITHOUT ANY WARRANTY; without even the implied warranty of 309 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 310 | GNU General Public License for more details. 311 | 312 | You should have received a copy of the GNU General Public License 313 | along with this program; if not, write to the Free Software 314 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 315 | 316 | 317 | Also add information on how to contact you by electronic and paper mail. 318 | 319 | If the program is interactive, make it output a short notice like this 320 | when it starts in an interactive mode: 321 | 322 | Gnomovision version 69, Copyright (C) year name of author 323 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 324 | This is free software, and you are welcome to redistribute it 325 | under certain conditions; type `show c' for details. 326 | 327 | The hypothetical commands `show w' and `show c' should show the appropriate 328 | parts of the General Public License. Of course, the commands you use may 329 | be called something other than `show w' and `show c'; they could even be 330 | mouse-clicks or menu items--whatever suits your program. 331 | 332 | You should also get your employer (if you work as a programmer) or your 333 | school, if any, to sign a "copyright disclaimer" for the program, if 334 | necessary. Here is a sample; alter the names: 335 | 336 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 337 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 338 | 339 | , 1 April 1989 340 | Ty Coon, President of Vice 341 | 342 | This General Public License does not permit incorporating your program into 343 | proprietary programs. If your program is a subroutine library, you may 344 | consider it more useful to permit linking proprietary applications with the 345 | library. If this is what you want to do, use the GNU Library General 346 | Public License instead of this License. 347 | 348 | -------------------------------------------------------------------------------- /MAINTAINERS: -------------------------------------------------------------------------------- 1 | Dan Williams 2 | E-mail: dcbw redhat com 3 | Userid: dcbw 4 | 5 | -------------------------------------------------------------------------------- /Makefile.am: -------------------------------------------------------------------------------- 1 | AUTOMAKE_OPTIONS = subdir-objects 2 | 3 | DISTCHECK_CONFIGURE_FLAGS = \ 4 | --enable-more-warnings=yes \ 5 | --with-gtk4 6 | 7 | libexec_PROGRAMS = 8 | 9 | noinst_LTLIBRARIES = 10 | 11 | EXTRA_DIST = 12 | 13 | CLEANFILES = 14 | 15 | check_programs = 16 | 17 | noinst_PROGRAMS = 18 | 19 | SUBDIRS = \ 20 | . \ 21 | po 22 | 23 | plugindir = $(libdir)/NetworkManager 24 | plugin_LTLIBRARIES = 25 | 26 | dbusservicedir = $(datadir)/dbus-1/system.d 27 | dbusservice_DATA = nm-openvpn-service.conf 28 | 29 | nmvpnservicedir = $(NM_VPN_SERVICE_DIR) 30 | nmvpnservice_DATA = nm-openvpn-service.name 31 | 32 | uidir = $(datadir)/gnome-vpn-properties/openvpn 33 | ui_DATA = 34 | 35 | ############################################################################### 36 | 37 | shared_sources = \ 38 | shared/nm-utils/nm-shared-utils.c \ 39 | shared/utils.c 40 | 41 | ############################################################################### 42 | 43 | src_cppflags = \ 44 | -DBINDIR=\"$(bindir)\" \ 45 | -DPREFIX=\""$(prefix)"\" \ 46 | -DSYSCONFDIR=\""$(sysconfdir)"\" \ 47 | -DLIBDIR=\""$(libdir)"\" \ 48 | -DLIBEXECDIR=\""$(libexecdir)"\" \ 49 | -DLOCALSTATEDIR=\""$(localstatedir)"\" \ 50 | -DDATADIR=\"$(datadir)\" \ 51 | -DNM_OPENVPN_LOCALEDIR=\"$(datadir)/locale\" \ 52 | -DG_LOG_DOMAIN=\"nm-openvpn\" \ 53 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_DEFAULT \ 54 | -I$(srcdir)/shared \ 55 | $(GLIB_CFLAGS) \ 56 | $(LIBNM_CFLAGS) 57 | 58 | noinst_LTLIBRARIES += src/libnm-utils.la 59 | 60 | src_libnm_utils_la_SOURCES = $(shared_sources) 61 | src_libnm_utils_la_CPPFLAGS = $(src_cppflags) 62 | src_libnm_utils_la_LIBADD = \ 63 | $(GLIB_LIBS) \ 64 | $(LIBNM_LIBS) 65 | 66 | libexec_PROGRAMS += src/nm-openvpn-service 67 | 68 | src_nm_openvpn_service_CPPFLAGS = $(src_cppflags) 69 | src_nm_openvpn_service_LDFLAGS = \ 70 | -Wl,--version-script="$(srcdir)/linker-script-binary.ver" 71 | src_nm_openvpn_service_LDADD = \ 72 | src/libnm-utils.la \ 73 | $(GLIB_LIBS) \ 74 | $(LIBNM_LIBS) 75 | EXTRA_src_nm_openvpn_service_DEPENDENCIES = \ 76 | linker-script-binary.ver 77 | 78 | libexec_PROGRAMS += src/nm-openvpn-service-openvpn-helper 79 | 80 | src_nm_openvpn_service_openvpn_helper_CPPFLAGS = $(src_cppflags) 81 | src_nm_openvpn_service_openvpn_helper_LDFLAGS = \ 82 | -Wl,--version-script="$(srcdir)/linker-script-binary.ver" 83 | src_nm_openvpn_service_openvpn_helper_LDADD = \ 84 | src/libnm-utils.la \ 85 | $(GLIB_LIBS) \ 86 | $(LIBNM_LIBS) 87 | EXTRA_src_nm_openvpn_service_openvpn_helper_DEPENDENCIES = \ 88 | linker-script-binary.ver 89 | 90 | ############################################################################### 91 | 92 | properties/resources.h: properties/gresource.xml 93 | $(AM_V_GEN) $(GLIB_COMPILE_RESOURCES) $< --target=$@ --sourcedir=$(srcdir)/properties --generate-header --internal 94 | 95 | properties/resources.c: properties/gresource.xml $(shell $(GLIB_COMPILE_RESOURCES) --sourcedir=$(srcdir)/properties --generate-dependencies $(srcdir)/properties/gresource.xml) 96 | $(AM_V_GEN) $(GLIB_COMPILE_RESOURCES) $< --target=$@ --sourcedir=$(srcdir)/properties --generate-source --internal 97 | 98 | gtk4/resources.c: properties/gresource.xml $(shell $(GLIB_COMPILE_RESOURCES) --generate-dependencies $(srcdir)/properties/gresource.xml |sed "s,^,$(builddir)/gtk4/,") 99 | @mkdir -p $(builddir)/gtk4 100 | $(AM_V_GEN) $(GLIB_COMPILE_RESOURCES) $< --target=$@ --sourcedir=$(srcdir)/gtk4 --sourcedir=$(builddir)/gtk4 --generate-source --internal 101 | 102 | gtk4/%.ui: properties/%.ui 103 | @mkdir -p $(builddir)/gtk4 104 | gtk4-builder-tool simplify --3to4 $< |grep -v can-default >$@ 105 | 106 | # Include a prebuilt file in tarball, to avoid hitting 107 | # https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/4415 108 | EXTRA_DIST += \ 109 | gtk4/nm-openvpn-dialog.ui 110 | 111 | CLEANFILES += \ 112 | gtk4/nm-openvpn-dialog.ui \ 113 | gtk4/resources.c \ 114 | properties/resources.c \ 115 | properties/resources.h 116 | 117 | EXTRA_DIST += \ 118 | properties/gresource.xml 119 | 120 | plugin_sources = \ 121 | properties/nm-openvpn-editor-plugin.c \ 122 | properties/nm-openvpn-editor-plugin.h \ 123 | properties/import-export.c \ 124 | properties/import-export.h 125 | 126 | editor_sources = \ 127 | properties/nm-openvpn-editor.c \ 128 | properties/nm-openvpn-editor.h 129 | 130 | properties_cppflags = \ 131 | -DICONDIR=\""$(datadir)/pixmaps"\" \ 132 | -DLOCALEDIR=\"$(datadir)/locale\" \ 133 | -I$(srcdir)/shared \ 134 | $(GLIB_CFLAGS) 135 | 136 | ############################################################################### 137 | 138 | noinst_LTLIBRARIES += properties/libnm-vpn-plugin-openvpn-utils.la 139 | 140 | properties_libnm_vpn_plugin_openvpn_utils_la_SOURCES = \ 141 | $(shared_sources) 142 | 143 | properties_libnm_vpn_plugin_openvpn_utils_la_CPPFLAGS = \ 144 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_LIB_BASE \ 145 | $(properties_cppflags) \ 146 | $(LIBNM_CFLAGS) 147 | 148 | properties_libnm_vpn_plugin_openvpn_utils_la_LIBADD = \ 149 | $(LIBNM_LIBS) \ 150 | $(DL_LIBS) 151 | 152 | noinst_LTLIBRARIES += properties/libnm-vpn-plugin-openvpn-core.la 153 | 154 | properties_libnm_vpn_plugin_openvpn_core_la_SOURCES = \ 155 | shared/nm-utils/nm-vpn-plugin-utils.c \ 156 | shared/nm-utils/nm-vpn-plugin-utils.h \ 157 | shared/nm-utils/nm-vpn-plugin-macros.h \ 158 | $(plugin_sources) 159 | 160 | properties_libnm_vpn_plugin_openvpn_core_la_CPPFLAGS = \ 161 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_LIB_BASE \ 162 | $(properties_cppflags) \ 163 | $(LIBNM_CFLAGS) 164 | 165 | properties_libnm_vpn_plugin_openvpn_core_la_LIBADD = \ 166 | properties/libnm-vpn-plugin-openvpn-utils.la \ 167 | $(LIBNM_LIBS) \ 168 | $(DL_LIBS) 169 | 170 | plugin_LTLIBRARIES += properties/libnm-vpn-plugin-openvpn.la 171 | 172 | properties_libnm_vpn_plugin_openvpn_la_SOURCES = 173 | properties_libnm_vpn_plugin_openvpn_la_LIBADD = \ 174 | properties/libnm-vpn-plugin-openvpn-core.la 175 | properties_libnm_vpn_plugin_openvpn_la_LDFLAGS = \ 176 | -avoid-version \ 177 | -Wl,--version-script=$(srcdir)/properties/libnm-vpn-plugin-openvpn.ver 178 | 179 | ############################################################################### 180 | 181 | if WITH_GNOME 182 | plugin_LTLIBRARIES += properties/libnm-vpn-plugin-openvpn-editor.la 183 | endif 184 | 185 | properties_libnm_vpn_plugin_openvpn_editor_la_SOURCES = \ 186 | $(editor_sources) 187 | 188 | nodist_properties_libnm_vpn_plugin_openvpn_editor_la_SOURCES = \ 189 | properties/resources.c \ 190 | properties/resources.h 191 | 192 | properties_libnm_vpn_plugin_openvpn_editor_la_CPPFLAGS = \ 193 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_LIB_EDITOR \ 194 | $(properties_cppflags) \ 195 | $(GTK_CFLAGS) \ 196 | $(LIBNM_CFLAGS) \ 197 | $(LIBNMA_CFLAGS) 198 | 199 | properties_libnm_vpn_plugin_openvpn_editor_la_LIBADD = \ 200 | properties/libnm-vpn-plugin-openvpn-utils.la \ 201 | $(GLIB_LIBS) \ 202 | $(GTK_LIBS) \ 203 | $(LIBNM_LIBS) \ 204 | $(LIBNMA_LIBS) 205 | 206 | properties_libnm_vpn_plugin_openvpn_editor_la_LDFLAGS = \ 207 | -avoid-version \ 208 | -Wl,--version-script=$(srcdir)/properties/libnm-vpn-plugin-openvpn-editor.ver 209 | 210 | ############################################################################### 211 | 212 | if WITH_GTK4 213 | plugin_LTLIBRARIES += properties/libnm-gtk4-vpn-plugin-openvpn-editor.la 214 | endif 215 | 216 | properties_libnm_gtk4_vpn_plugin_openvpn_editor_la_SOURCES = \ 217 | $(editor_sources) 218 | 219 | nodist_properties_libnm_gtk4_vpn_plugin_openvpn_editor_la_SOURCES = \ 220 | gtk4/resources.c \ 221 | properties/resources.h 222 | 223 | properties_libnm_gtk4_vpn_plugin_openvpn_editor_la_CPPFLAGS = \ 224 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_LIB_EDITOR \ 225 | $(properties_cppflags) \ 226 | $(GTK4_CFLAGS) \ 227 | $(LIBNM_CFLAGS) \ 228 | $(LIBNMA_GTK4_CFLAGS) 229 | 230 | properties_libnm_gtk4_vpn_plugin_openvpn_editor_la_LIBADD = \ 231 | properties/libnm-vpn-plugin-openvpn-utils.la \ 232 | $(GLIB_LIBS) \ 233 | $(GTK4_LIBS) \ 234 | $(LIBNM_LIBS) \ 235 | $(LIBNMA_GTK4_LIBS) 236 | 237 | properties_libnm_gtk4_vpn_plugin_openvpn_editor_la_LDFLAGS = \ 238 | -avoid-version \ 239 | -Wl,--version-script=$(srcdir)/properties/libnm-vpn-plugin-openvpn-editor.ver 240 | 241 | ############################################################################### 242 | 243 | if WITH_LIBNM_GLIB 244 | noinst_LTLIBRARIES += properties/libnm-openvpn-properties-core.la 245 | endif 246 | 247 | properties_libnm_openvpn_properties_core_la_SOURCES = \ 248 | $(shared_sources) \ 249 | $(plugin_sources) \ 250 | $(editor_sources) 251 | 252 | nodist_properties_libnm_openvpn_properties_core_la_SOURCES = \ 253 | properties/resources.c \ 254 | properties/resources.h 255 | 256 | properties_libnm_openvpn_properties_core_la_CPPFLAGS = \ 257 | -DNETWORKMANAGER_COMPILATION='NM_NETWORKMANAGER_COMPILATION_LIB|NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL' \ 258 | $(properties_cppflags) \ 259 | $(GTK_CFLAGS) \ 260 | $(LIBNM_GLIB_CFLAGS) \ 261 | $(LIBNM_GTK_CFLAGS) 262 | 263 | properties_libnm_openvpn_properties_core_la_LIBADD = \ 264 | $(GLIB_LIBS) \ 265 | $(GTK_LIBS) \ 266 | $(LIBNM_GLIB_LIBS) \ 267 | $(LIBNM_GTK_LIBS) 268 | 269 | 270 | if WITH_LIBNM_GLIB 271 | plugin_LTLIBRARIES += properties/libnm-openvpn-properties.la 272 | endif 273 | 274 | properties_libnm_openvpn_properties_la_SOURCES = 275 | properties_libnm_openvpn_properties_la_LIBADD = \ 276 | properties/libnm-openvpn-properties-core.la 277 | properties_libnm_openvpn_properties_la_LDFLAGS = \ 278 | -avoid-version \ 279 | -Wl,--version-script=$(srcdir)/properties/libnm-openvpn-properties.ver 280 | 281 | EXTRA_DIST += \ 282 | properties/libnm-vpn-plugin-openvpn.ver \ 283 | properties/libnm-vpn-plugin-openvpn-editor.ver \ 284 | properties/libnm-openvpn-properties.ver \ 285 | properties/nm-openvpn-dialog.ui 286 | 287 | ############################################################################### 288 | 289 | properties_tests_cppflags = \ 290 | -DNETWORKMANAGER_COMPILATION_TEST \ 291 | -DTEST_SRCDIR="\"$(abs_srcdir)/properties/tests\"" \ 292 | -DTEST_BUILDDIR="\"$(abs_builddir)/properties/tests\"" \ 293 | -I$(srcdir)/shared \ 294 | -I$(srcdir)/properties \ 295 | $(GLIB_CFLAGS) 296 | 297 | 298 | check_programs += properties/tests/test-import-export 299 | 300 | properties_tests_test_import_export_SOURCES = \ 301 | properties/tests/test-import-export.c 302 | 303 | properties_tests_test_import_export_CPPFLAGS = \ 304 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_DEFAULT \ 305 | $(properties_tests_cppflags) \ 306 | $(LIBNM_CFLAGS) \ 307 | $(LIBNMA_CFLAGS) 308 | 309 | properties_tests_test_import_export_LDADD = \ 310 | properties/libnm-vpn-plugin-openvpn-core.la \ 311 | $(GLIB_LIBS) \ 312 | $(LIBNM_LIBS) \ 313 | $(LIBNMA_LIBS) 314 | 315 | 316 | if WITH_LIBNM_GLIB 317 | check_programs += properties/tests/test-import-export-glib 318 | endif 319 | 320 | properties_tests_test_import_export_glib_SOURCES = \ 321 | properties/tests/test-import-export.c 322 | 323 | properties_tests_test_import_export_glib_CPPFLAGS = \ 324 | -DNETWORKMANAGER_COMPILATION='NM_NETWORKMANAGER_COMPILATION_DEFAULT|NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL' \ 325 | $(properties_tests_cppflags) \ 326 | $(GTK_CFLAGS) \ 327 | $(LIBNM_GLIB_CFLAGS) \ 328 | $(LIBNM_GTK_CFLAGS) 329 | 330 | properties_tests_test_import_export_glib_LDADD = \ 331 | properties/libnm-openvpn-properties-core.la \ 332 | $(GLIB_LIBS) \ 333 | $(GTK_LIBS) \ 334 | $(LIBNM_GLIB_LIBS) \ 335 | $(LIBNM_GTK_LIBS) 336 | 337 | 338 | EXTRA_DIST += \ 339 | properties/tests/conf/compress.ovpn \ 340 | properties/tests/conf/iso885915.ovpn \ 341 | properties/tests/conf/mtu-disc.ovpn \ 342 | properties/tests/conf/password.conf \ 343 | properties/tests/conf/pkcs12.ovpn \ 344 | properties/tests/conf/pkcs12-with-ca.ovpn \ 345 | properties/tests/conf/port.ovpn \ 346 | properties/tests/conf/rport.ovpn \ 347 | properties/tests/conf/static.key \ 348 | properties/tests/conf/static.ovpn \ 349 | properties/tests/conf/static2.ovpn \ 350 | properties/tests/conf/tls.ovpn \ 351 | properties/tests/conf/tls2.ovpn \ 352 | properties/tests/conf/tls3.ovpn \ 353 | properties/tests/conf/tls4.ovpn \ 354 | properties/tests/conf/tun-opts.conf \ 355 | properties/tests/conf/proxy-http.ovpn \ 356 | properties/tests/conf/httpauthfile \ 357 | properties/tests/conf/proxy-socks.ovpn \ 358 | properties/tests/conf/proxy-http-with-auth.ovpn \ 359 | properties/tests/conf/keysize.ovpn \ 360 | properties/tests/conf/connect-timeout.ovpn \ 361 | properties/tests/conf/device.ovpn \ 362 | properties/tests/conf/device-notype.ovpn \ 363 | properties/tests/conf/keepalive.ovpn \ 364 | properties/tests/conf/ping-with-exit.ovpn \ 365 | properties/tests/conf/ping-with-restart.ovpn \ 366 | properties/tests/conf/push-peer-info.ovpn \ 367 | properties/tests/conf/route.ovpn \ 368 | properties/tests/conf/server-poll-timeout.ovpn \ 369 | properties/tests/conf/crl-file.ovpn \ 370 | properties/tests/conf/crl-dir.ovpn \ 371 | properties/tests/conf/tls-inline.ovpn \ 372 | properties/tests/conf/tls-inline-ca.pem \ 373 | properties/tests/conf/tls-inline-cert.pem \ 374 | properties/tests/conf/tls-inline-crl-verify-file.pem \ 375 | properties/tests/conf/tls-inline-key.pem \ 376 | properties/tests/conf/tls-inline-ta.pem \ 377 | properties/tests/conf/proto-udp.ovpn \ 378 | properties/tests/conf/proto-udp4.ovpn \ 379 | properties/tests/conf/proto-udp6.ovpn \ 380 | properties/tests/conf/proto-tcp.ovpn \ 381 | properties/tests/conf/proto-tcp4.ovpn \ 382 | properties/tests/conf/proto-tcp6.ovpn \ 383 | properties/tests/conf/proto-tcp4-client.ovpn \ 384 | properties/tests/conf/proto-tcp6-client.ovpn 385 | 386 | ############################################################################### 387 | 388 | if WITH_GNOME 389 | libexec_PROGRAMS += auth-dialog/nm-openvpn-auth-dialog 390 | endif 391 | 392 | auth_dialog_nm_openvpn_auth_dialog_SOURCES = \ 393 | $(shared_sources) \ 394 | auth-dialog/main.c 395 | auth_dialog_nm_openvpn_auth_dialog_CPPFLAGS = \ 396 | -DICONDIR=\""$(datadir)/pixmaps"\" \ 397 | -DBINDIR=\""$(bindir)"\" \ 398 | -DGNOMELOCALEDIR=\"$(datadir)/locale\" \ 399 | -DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_DEFAULT \ 400 | -I$(srcdir)/shared \ 401 | $(GLIB_CFLAGS) \ 402 | $(GTK_CFLAGS) \ 403 | $(LIBNM_CFLAGS) \ 404 | $(LIBNMA_CFLAGS) \ 405 | $(LIBSECRET_CFLAGS) 406 | auth_dialog_nm_openvpn_auth_dialog_LDFLAGS = \ 407 | -Wl,--version-script="$(srcdir)/linker-script-binary.ver" 408 | auth_dialog_nm_openvpn_auth_dialog_LDADD = \ 409 | $(GLIB_LIBS) \ 410 | $(GTK_LIBS) \ 411 | $(LIBNM_LIBS) \ 412 | $(LIBNMA_LIBS) \ 413 | $(LIBSECRET_LIBS) 414 | EXTRA_auth_dialog_nm_openvpn_auth_dialog_DEPENDENCIES = \ 415 | linker-script-binary.ver 416 | 417 | ############################################################################### 418 | 419 | if WITH_LIBNM_GLIB 420 | # Install a file with full path to plugins for an old gnome-shell 421 | # https://bugzilla.gnome.org/show_bug.cgi?id=693590 422 | install-data-hook: 423 | mkdir -p $(DESTDIR)$(sysconfdir)/NetworkManager/VPN 424 | sed -e "1s|^|# This file is obsoleted by a file in $(NM_VPN_SERVICE_DIR)\n\n|" \ 425 | -e 's|[@]LIBEXECDIR[@]|$(libexecdir)|g' \ 426 | -e 's|[@]PLUGINDIR[@]|@NM_PLUGIN_DIR@|g' \ 427 | <$(srcdir)/nm-openvpn-service.name.in \ 428 | >$(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-openvpn-service.name 429 | 430 | uninstall-hook: 431 | rm -f $(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-openvpn-service.name 432 | endif 433 | 434 | appdatadir = $(datadir)/metainfo 435 | appdata_files = $(appdata_in_files:.xml.in=.xml) 436 | if WITH_GNOME 437 | appdata_DATA = $(appdata_files) 438 | endif 439 | appdata_in_files = appdata/network-manager-openvpn.metainfo.xml.in 440 | @INTLTOOL_XML_RULE@ 441 | 442 | nm-openvpn-service.name: $(srcdir)/nm-openvpn-service.name.in 443 | $(AM_V_GEN) sed -e 's|[@]LIBEXECDIR[@]|$(libexecdir)|g' \ 444 | -e 's|[@]PLUGINDIR[@]/|@NM_PLUGIN_DIR_NAME_FILE@|g' \ 445 | $^ >$@ 446 | 447 | # we always build the tests during regular build. 448 | noinst_PROGRAMS += $(check_programs) 449 | 450 | TESTS = $(check_programs) 451 | 452 | EXTRA_DIST += \ 453 | linker-script-binary.ver \ 454 | nm-openvpn-service.name.in \ 455 | $(dbusservice_DATA) \ 456 | $(appdata_in_files) \ 457 | $(appdata_files) \ 458 | intltool-extract.in \ 459 | intltool-merge.in \ 460 | intltool-update.in \ 461 | \ 462 | shared/README \ 463 | shared/nm-utils/gsystem-local-alloc.h \ 464 | shared/nm-utils/nm-glib.h \ 465 | shared/nm-utils/nm-macros-internal.h \ 466 | shared/nm-utils/nm-shared-utils.c \ 467 | shared/nm-utils/nm-shared-utils.h \ 468 | shared/nm-utils/nm-test-utils.h \ 469 | shared/nm-default.h \ 470 | shared/nm-service-defines.h \ 471 | shared/utils.c \ 472 | shared/utils.h \ 473 | $(NULL) 474 | 475 | CLEANFILES += \ 476 | $(nmvpnservice_DATA) \ 477 | $(appdata_files) 478 | 479 | DISTCLEANFILES = \ 480 | intltool-extract \ 481 | intltool-merge \ 482 | intltool-update 483 | 484 | ACLOCAL_AMFLAGS = -I m4 485 | -------------------------------------------------------------------------------- /NEWS: -------------------------------------------------------------------------------- 1 | ======================================================= 2 | NetworkManager-openvpn-1.8.18 3 | Overview of changes since NetworkManager-openvpn-1.8.16 4 | ======================================================= 5 | 6 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 7 | 8 | * Gtk4 version of the editor plugin is now available (for use with Control 9 | Center of GNOME 42 or later). 10 | * Update Catalan, Croatian, Czech, Hebrew and Slovenian translations. 11 | 12 | ======================================================= 13 | NetworkManager-openvpn-1.8.16 14 | Overview of changes since NetworkManager-openvpn-1.8.14 15 | ======================================================= 16 | 17 | * Fix detection of OpenVPN 2.5.0 18 | * Allow the connection to persist across network failures when the VPN 19 | profile has 'vpn.persistent=yes'. 20 | * Fix parsing of incomplete IPv6 configurations pushed by server 21 | * Improve logging message about deprecated tls-remote option 22 | * Update translations 23 | 24 | ======================================================= 25 | NetworkManager-openvpn-1.8.14 26 | Overview of changes since NetworkManager-openvpn-1.8.12 27 | ======================================================= 28 | 29 | * Add support for the following OpenVPN options: push-peer-info, 30 | remote-random-hostname, tls-crypt-v2 31 | * Add --explicit-exit-notify by default when using UDP 32 | * Fix compatibility issues with OpenVPN 2.5.0 33 | * Update translations 34 | 35 | ======================================================= 36 | NetworkManager-openvpn-1.8.12 37 | Overview of changes since NetworkManager-openvpn-1.8.10 38 | ======================================================= 39 | 40 | * The auth helper in external UI mode can now be run without a display 41 | server. Future nmcli version will utilize this for handling the 42 | secrets without a graphical desktop. 43 | * libnm-glib compatibility (NetworkManager < 1.0) is disabled by default. 44 | It can be enabled by passing --with-libnm-glib to configure script. 45 | Nobody should need it by now. Users that still use this are encouraged 46 | to let us know before the libnm-glib support is removed for good. 47 | * Add support for the following OpenVPN options: tls-version-min, 48 | tls-version-max, compress. 49 | * Support inline CRL blobs during import. 50 | * Allow option mssfix to be set to zero. 51 | * Update Catalan, Czech, Danish, Dutch, Friulian, Hungarian, 52 | Indonesian, Italian, Polish, Serbian, Spanish, Swedish and Ukrainian 53 | translations. 54 | 55 | ======================================================= 56 | NetworkManager-openvpn-1.8.10 57 | Overview of changes since NetworkManager-openvpn-1.8.8 58 | ======================================================= 59 | 60 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 61 | 62 | * Fix changing the proxy port in the editor. 63 | * Drop the file extension check when importing a file. 64 | * Support loading the editor shared object from the same directory of 65 | plugin for development purposes. 66 | * Update Brazilian Portuguese, Catalan, Czech, Danish, Lithuanian, 67 | Polish and Spanish translations. 68 | 69 | ======================================================= 70 | NetworkManager-openvpn-1.8.8 71 | Overview of changes since NetworkManager-openvpn-1.8.6 72 | ======================================================= 73 | 74 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 75 | 76 | * Fix a memory corruption bug in the advanced dialog. 77 | * Update Russian translation. 78 | 79 | ======================================================= 80 | NetworkManager-openvpn-1.8.6 81 | Overview of changes since NetworkManager-openvpn-1.8.4 82 | ======================================================= 83 | 84 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 85 | 86 | * Migrate project home to gitlab (https://gitlab.gnome.org/GNOME/NetworkManager-openvpn) 87 | * Don't validate auth parameter and pass it directly to openvpn. 88 | * Fix endless loop checking for encrypted certificate. 89 | * Sanitize newlines in export ovpn file. 90 | * Improve project description in doap file. 91 | * Add Croatian translation. 92 | * Update Catalan, German, Indonesian, Italian, Brazilian Portuguese 93 | and Russian translations. 94 | * Various minor bugfixes and improvements. 95 | 96 | ======================================================= 97 | NetworkManager-openvpn-1.8.4 98 | Overview of changes since NetworkManager-openvpn-1.8.2 99 | ======================================================= 100 | 101 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 102 | 103 | * Add support for the crl-verify option (bgo #782309) 104 | * Fix termination of openvpn process upon disconnect (rh #1576600) 105 | * Update Czech, Finnish, Galician, German, Italian, Latvian, 106 | Lithuanian, Polish, Russian and Swedish translations. 107 | 108 | ======================================================= 109 | NetworkManager-openvpn-1.8.2 110 | Overview of changes since NetworkManager-openvpn-1.8.0 111 | ======================================================= 112 | 113 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 114 | 115 | * Handle more then 255 routes (bgo #788137) 116 | * Fix GUI for editing connection with static key (bgo #788226) 117 | * Fix parsing gateway in helper script (bgo #788514) 118 | * Fix parsing 2FA challenge for "PASSWORD:Verification Failed" (bgo #751842) 119 | * Fix parsing remote hosts from configuration (bgo #792252) 120 | * Fix assertion failure while quitting service (bgo #792252) 121 | * Add support for connect-timeout (bgo #792252) 122 | * Automatically lower connect-timeout if there are multiple remotes to try 123 | at least 3 remotes (bgo #792252) 124 | * Add support for extra-certs (bgo #793746) 125 | * Various code cleanups 126 | * Updated Brazilian Portuguese, Czech, Danish, Finnish, German, Hungarian, 127 | Indonesian, Italian, Lithuanian, Polish, Serbian, Spanish translations. 128 | 129 | ======================================================= 130 | NetworkManager-openvpn-1.8.0 131 | Overview of changes since NetworkManager-openvpn-1.2.10 132 | ======================================================= 133 | 134 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 135 | 136 | * Use gresources for ui files. 137 | * Use NMACertChooser for PKCS#11 support. 138 | * Support --ifconfig option not only for static key connections (bgo#774727). 139 | * Fix import for key-direction to make it independent of the order (bgo#778154). 140 | * Extend support for address family specifier for remote protocol (bgo#731620). 141 | * Updated Brazilian Portuguese, Catalan, Czech, Hungarian, Indonesian, Italian, 142 | Lithuanian, Polish, Serbian, Spanish, Swedish translations. 143 | 144 | ======================================================= 145 | NetworkManager-openvpn-1.2.10 146 | Overview of changes since NetworkManager-openvpn-1.2.8 147 | ======================================================= 148 | 149 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 150 | 151 | * Add support for "tls-crypt" and "mtu-disc" options 152 | * Add support for dynamic challenge-response protocol 153 | * Allow choosing Adaptive or None LZO compression methods in the connection 154 | properties dialog 155 | * Avoid passing the obsolete "tls-remote" option to OpenVPN versions that no 156 | longer support it and discourage its use in the properties dialog 157 | * Updated the build system to use non-recursive make 158 | * Many bug fixes 159 | * Updated Brazilian, Danish, Hungarian, Indonesian, Lithuanian, Polish, Serbian 160 | and Swedish translations 161 | 162 | ======================================================= 163 | NetworkManager-openvpn-1.2.8 164 | Overview of changes since NetworkManager-openvpn-1.2.6 165 | ======================================================= 166 | 167 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 168 | 169 | * Treat cipher and hmac options case insensitive in the properties GUI 170 | * Support numeric argument to mssfix option 171 | * Fixes to translatable strings and use Unicode 172 | * Updated Czech, German, Hungarian, Polish, Spanish translations 173 | 174 | ======================================================= 175 | NetworkManager-openvpn-1.2.6 176 | Overview of changes since NetworkManager-openvpn-1.2.4 177 | ======================================================= 178 | 179 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 180 | 181 | * Restore previous behavior for handling empty "comp-lzo" (bgo#769177) 182 | * Support verify-x509-name (bgo#770922) 183 | * Support max-routes (bgo#720097) 184 | * Updated Brazilian Portuguese, Czech, German, Hungarian, Lithuanian, 185 | Polish, Serbian, Serbian Latin translations 186 | * Fix invalid free when parsing remote option 187 | * Various cleanups 188 | 189 | ======================================================= 190 | NetworkManager-openvpn-1.2.4 191 | Overview of changes since NetworkManager-openvpn-1.2.2 192 | ======================================================= 193 | 194 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 195 | 196 | * Prefer building against stable libsecret API 197 | * Split libnm-vpn-plugin-openvpn.so into a GTK-free core plugin 198 | usable by nmcli and a UI plugin for nm-applet and gnome components. 199 | * Support NM_VPN_LOG_LEVEL environment variable to control debug 200 | logging from NetworkManager. 201 | * Updated Catalan, German, Spanish, Indonesian, Polish, Brazilian Portuguese, 202 | Swedish, Serbian, Serbian Latin translations 203 | * Fix handling comp-lzo option 204 | * Add support for tls-cipher option 205 | * Add support for IPv6 DNS servers 206 | * Fix handling quotes and comments when parsing ovpn files 207 | * Hide internal ABI from properties libraries 208 | * Preserve IP routing configuration on restart 209 | * Various cleanups 210 | 211 | 212 | ======================================================= 213 | NetworkManager-openvpn-1.2.2 214 | Overview of changes since NetworkManager-openvpn-1.2 215 | ======================================================= 216 | 217 | This is a new stable release of NetworkManager-openvpn. Notable changes include: 218 | 219 | * Fixed validation of proxy port 220 | * Use a proper name for the AppStream metadata 221 | * Updated Hungarian translation 222 | 223 | 224 | ======================================================= 225 | NetworkManager-openvpn-1.2 226 | Overview of changes since network-manager-openvpn-1.0 227 | ======================================================= 228 | 229 | This is a new stable release of network-manager-openvpn. Notable changes include: 230 | 231 | * Ported to libnm, libnma and GDBus 232 | * Support multiple concurrent OpenVPN connections 233 | * Various import/export fixes 234 | * Add support for --ping option to backend 235 | * Add support for --ns-cert-type option 236 | * Translation updates 237 | * Add support for importing inline keys, secrets and PKCS12 certificates 238 | * Treate the file names as opaque strings as opposed to UTF-8 239 | * Allow disabling the internal fragmentation in properties dialog 240 | 241 | The following features were backported to 1.0.x releases from 1.0.0 to 1.0.8 242 | are also present in NetworkManager-openvpn-1.2: 243 | 244 | * Fix operations in IPv6-only configurations 245 | * Add support for importing configurations with inline certificates 246 | * Do not require password if user chose not to store it 247 | * Cosmetic UI fixes 248 | * Enhanced the GUI to support agent-owned and always-ask passwords 249 | * Support running unprivileged 250 | * Default to disabling periodic renegotioation. This avoids renegotiating 251 | unnecessarily if the server doesn't specify a renegotiation timeout, 252 | improving usability for OTP users 253 | 254 | 255 | ======================================================= 256 | network-manager-openvpn-1.0 257 | Overview of changes since network-manager-openvpn-0.9.10 258 | ======================================================= 259 | 260 | This is a new stable release of network-manager-openvpn. Notable changes include: 261 | 262 | * Updated translations 263 | * Use Unix socket for management instead of local TCP socket 264 | * Make password requests more robust 265 | * Allow specifying port and protocol for multiple remotes (VPN gateways) 266 | 267 | 268 | ======================================================= 269 | network-manager-openvpn-0.9.10 270 | Overview of changes since network-manager-openvpn-0.9.8 271 | ======================================================= 272 | 273 | This is a new stable release of network-manager-openvpn. Notable changes include: 274 | 275 | * Allow specifying custom interface name and key size 276 | * Better handle --up-restart 277 | * Use libsecret for password storage instead of gnome-keyring 278 | * Add support for interactive password queries from openvpn 279 | * Add support for IPv6 tunnels 280 | 281 | 282 | ======================================================= 283 | network-manager-openvpn-0.9.8 284 | Overview of changes since network-manager-openvpn-0.9.6 285 | ======================================================= 286 | 287 | This is a new stable release of network-manager-openvpn. Notable changes include: 288 | 289 | * Updated translations 290 | * Builds against the GNOME 3.8 versions of GLib and Gtk+ 291 | * nm-openvpn-service now returns translated error messages 292 | * Add support for the 'remote-cert-tls' method for verifying the 293 | server certificate 294 | * Fixed import/export to handle multiple remote servers 295 | * No longer asks for a password when using a passwordless auth mode 296 | 297 | 298 | ======================================================= 299 | network-manager-openvpn-0.9.6 300 | Overview of changes since network-manager-openvpn-0.9.4 301 | ======================================================= 302 | 303 | This is a new stable release of network-manager-openvpn. Notable changes include: 304 | 305 | * Updated translations 306 | * Add option to randomize connect order to openvpn servers/peers 307 | 308 | 309 | ======================================================= 310 | network-manager-openvpn-0.9.4 311 | Overview of changes since network-manager-openvpn-0.9.2 312 | ======================================================= 313 | 314 | This is a new stable release of network-manager-openvpn. Notable changes include: 315 | 316 | * Updated translations 317 | * Fix issues with password dialog width on recent GTK+ versions 318 | * Allow cipher and HMAC options to be set for Static Key mode 319 | * Support for "external UI mode" for DE-native dialogs (ie, GNOME Shell and others) 320 | 321 | 322 | ======================================================= 323 | network-manager-openvpn-0.9.2 324 | Overview of changes since network-manager-openvpn-0.9.0 325 | ======================================================= 326 | 327 | This is a new stable release of network-manager-openvpn. Notable changes include: 328 | 329 | * Updated translations 330 | 331 | 332 | ======================================================= 333 | network-manager-openvpn-0.9.0 334 | Overview of changes since network-manager-openvpn-0.8.x 335 | ======================================================= 336 | 337 | This is a new stable release of network-manager-openvpn. Notable changes include: 338 | 339 | * Updated for NM 0.9 simplified configuration and secrets handling 340 | * Allow passwords to be explicitly asked for every time 341 | 342 | 343 | ======================================================= 344 | network-manager-openvpn-0.8.6 345 | Overview of changes since network-manager-openvpn-0.8.4 346 | ======================================================= 347 | 348 | This is a new stable release of network-manager-openvpn. Notable changes include: 349 | 350 | * Updated translations 351 | * Added support for the RSA-MD4 HMAC digest algorithm 352 | 353 | 354 | ======================================================= 355 | network-manager-openvpn-0.8.4 356 | Overview of changes since network-manager-openvpn-0.8.2 357 | ======================================================= 358 | 359 | This is a new stable release of network-manager-openvpn. Notable changes include: 360 | 361 | * Updated translations 362 | * Convert to GtkBuilder; glade is not longer a build requirement 363 | * Show unencrypted private keys in private key selection file chooser 364 | * Allow larger renegotiation intervals 365 | * Handle secrets for system connections 366 | * Fix handling of various HTTP proxy password issues 367 | * Export HTTP and SOCKS proxy authentication files 368 | 369 | ======================================================= 370 | network-manager-openvpn-0.8.2 371 | Overview of changes since network-manager-openvpn-0.8.1 372 | ======================================================= 373 | 374 | This is a new stable release of network-manager-openvpn. Notable changes include: 375 | 376 | * Updated translations 377 | * Fixes to ensure correct IP configuration of tunnels 378 | * Support for HTTP and SOCKS proxies 379 | * Better debugging options 380 | 381 | -------------------------------------------------------------------------------- /NetworkManager-openvpn.doap: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | NetworkManager-openvpn 9 | OpenVPN support for NetworkManager 10 | OpenVPN support for NetworkManager 11 | 12 | 13 | 14 | 15 | 16 | 17 | C 18 | 19 | 20 | 21 | Lubomir Rintel 22 | 23 | lkundrak 24 | 25 | 26 | 27 | 28 | Thomas Haller 29 | 30 | thaller 31 | 32 | 33 | 34 | 35 | Beniamino Galvani 36 | 37 | bgalvani 38 | 39 | 40 | 41 | 42 | Francesco Giudici 43 | 44 | fgiudici 45 | 46 | 47 | 48 | 49 | Dan Williams 50 | 51 | dcbw 52 | 53 | 54 | 55 | 56 | Antonio Cardace 57 | 58 | acardace 59 | 60 | 61 | 62 | 63 | 64 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | OpenVPN support for NetworkManager 2 | 3 | Added by Tim Niemueller http://www.niemueller.de 4 | 5 | Assumes that you have a running OpenVPN X.509 setup as mentioned 6 | in the OpenVPN 2.0 HOWTO on the OpenVPN homepage. 7 | 8 | TODO: Support for static keys, support for password authentication, 9 | only present auth-dialog if needed. 10 | 11 | Code released under the GPL. See COPYING file in the NetworkManager 12 | directory. 13 | 14 | Aachen, 2005/11/12 15 | 16 | -------------------------------------------------------------------------------- /appdata/network-manager-openvpn.metainfo.xml.in: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | network-manager-openvpn 5 | GPL-2.0+ 6 | CC0-1.0 7 | nm-connection-editor.desktop 8 | gnome-control-center.desktop 9 | <_name>OpenVPN client 10 | <_summary>Client for OpenVPN virtual private networks 11 | 12 | 13 | network 14 | manager 15 | NetworkManager 16 | connection 17 | VPN 18 | OpenVPN 19 | 20 | 21 | 22 | <_p>Support for configuring OpenVPN virtual private network connections. 23 | <_p>OpenVPN is a popular and flexible free-software VPN solution. 24 | 25 | 26 | 27 | 28 | https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/raw/master/appdata/openvpn.png 29 | 30 | 31 | The advanced options dialog 32 | https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/raw/master/appdata/openvpn-advanced.png 33 | 34 | 35 | 36 | https://networkmanager.dev/docs/vpn/ 37 | https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/issues 38 | networkmanager-maint@gnome.bugs 39 | NetworkManager-openvpn 40 | <_developer_name>The NetworkManager Developers 41 | 42 | -------------------------------------------------------------------------------- /appdata/openvpn-advanced.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetworkManager/NetworkManager-openvpn/3bee8c5b14f1232eb20a822ca4a9df737af23649/appdata/openvpn-advanced.png -------------------------------------------------------------------------------- /appdata/openvpn.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetworkManager/NetworkManager-openvpn/3bee8c5b14f1232eb20a822ca4a9df737af23649/appdata/openvpn.png -------------------------------------------------------------------------------- /autogen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Run this to generate all the initial makefiles, etc. 3 | 4 | srcdir=`dirname $0` 5 | test -z "$srcdir" && srcdir=. 6 | REQUIRED_AUTOMAKE_VERSION=1.9 7 | PKG_NAME=NetworkManager-openvpn 8 | 9 | (test -f $srcdir/configure.ac \ 10 | && test -f $srcdir/auth-dialog/main.c) || { 11 | echo -n "**Error**: Directory "\`$srcdir\'" does not look like the" 12 | echo " top-level $PKG_NAME directory" 13 | exit 1 14 | } 15 | 16 | (cd $srcdir; 17 | autoreconf --install --symlink && 18 | intltoolize --force && 19 | autoreconf && 20 | ./configure --enable-maintainer-mode --enable-more-warnings=error $@ 21 | ) 22 | 23 | 24 | -------------------------------------------------------------------------------- /configure.ac: -------------------------------------------------------------------------------- 1 | AC_PREREQ(2.52) 2 | 3 | AC_INIT(NetworkManager-openvpn, 4 | 1.8.19, 5 | https://gitlab.gnome.org/GNOME/NetworkManager-openvpn/issues, 6 | NetworkManager-openvpn) 7 | AM_INIT_AUTOMAKE([1.9 tar-ustar no-dist-gzip dist-xz -Wno-portability]) 8 | AM_MAINTAINER_MODE 9 | AM_SILENT_RULES([yes]) 10 | 11 | AC_CONFIG_HEADERS([config.h]) 12 | 13 | dnl 14 | dnl Require programs 15 | dnl 16 | AC_PROG_CC 17 | AC_GNU_SOURCE 18 | AM_PROG_CC_C_O 19 | AC_PROG_INSTALL 20 | AC_PROG_LIBTOOL 21 | AC_PATH_PROG(GLIB_COMPILE_RESOURCES, glib-compile-resources) 22 | 23 | AC_CHECK_PROG([has_file], file, yes, no) 24 | if test x$has_file = xno ; then 25 | AC_MSG_ERROR(["file" utility not found.]) 26 | fi 27 | 28 | AC_CHECK_PROG([has_find], find, yes, no) 29 | if test x$has_find = xno ; then 30 | AC_MSG_ERROR(["find" utility not found.]) 31 | fi 32 | 33 | AC_CONFIG_MACRO_DIR([m4]) 34 | 35 | dnl Prefer gcc-* variants; the ones libtool would choose don't work with LTO 36 | AC_CHECK_TOOLS(AR, [gcc-ar ar], false) 37 | AC_CHECK_TOOLS(RANLIB, [gcc-ranlib ranlib], :) 38 | 39 | LT_INIT([disable-static]) 40 | 41 | dnl 42 | dnl Required headers 43 | dnl 44 | AC_HEADER_STDC 45 | AC_CHECK_HEADERS(fcntl.h paths.h sys/ioctl.h sys/time.h syslog.h unistd.h) 46 | 47 | dnl 48 | dnl Checks for typedefs, structures, and compiler characteristics. 49 | dnl 50 | AC_TYPE_MODE_T 51 | AC_TYPE_PID_T 52 | AC_HEADER_TIME 53 | 54 | dnl 55 | dnl Checks for library functions. 56 | dnl 57 | AC_PROG_GCC_TRADITIONAL 58 | AC_FUNC_MEMCMP 59 | AC_CHECK_FUNCS(select socket uname) 60 | 61 | GIT_SHA_RECORD(NM_GIT_SHA) 62 | 63 | AC_SEARCH_LIBS([dlopen], [dl dld], [], [ac_cv_search_dlopen=]) 64 | AC_SUBST([DL_LIBS], "$ac_cv_search_dlopen") 65 | 66 | dnl ensure that when the Automake generated makefile calls aclocal, 67 | dnl it honours the $ACLOCAL_FLAGS environment variable 68 | ACLOCAL_AMFLAGS="\${ACLOCAL_FLAGS}" 69 | if test -n "$ac_macro_dir"; then 70 | ACLOCAL_AMFLAGS="-I $ac_macro_dir $ACLOCAL_AMFLAGS" 71 | fi 72 | AC_SUBST([ACLOCAL_AMFLAGS]) 73 | 74 | dnl 75 | dnl GNOME support 76 | dnl 77 | AC_ARG_WITH(gnome, AS_HELP_STRING([--without-gnome], [Build NetworkManager-openvpn without GNOME support, e.g. vpn service only]), [], [with_gnome_specified=no]) 78 | AC_ARG_WITH(gtk4, AS_HELP_STRING([--with-gtk4], [Build NetworkManager-openvpn with libnma-gtk4 support]), [], [with_gtk4_specified=no]) 79 | AC_ARG_WITH(libnm-glib, AS_HELP_STRING([--with-libnm-glib], [Build NetworkManager-openvpn with libnm-glib compatibility (deprecated)]), [], [with_libnm_glib_specified=no]) 80 | if test "$with_libnm_glib_specified" != no -a "$with_libnm_glib" != no; then 81 | if test "$with_gnome_specified" != no -a "$with_gnome" == no; then 82 | AC_MSG_ERROR(Building --with-libnm-glib conflicts with --without-gnome) 83 | fi 84 | fi 85 | if test "$with_gnome" != no; then 86 | with_gnome=yes 87 | fi 88 | if test "$with_gtk4_specified" == no; then 89 | with_gtk4=no 90 | fi 91 | if test "$with_gtk4" != yes; then 92 | with_gtk4=no 93 | fi 94 | if test "$with_libnm_glib_specified" == no; then 95 | with_libnm_glib=no 96 | fi 97 | if test "$with_libnm_glib" != yes; then 98 | with_libnm_glib=no 99 | fi 100 | AM_CONDITIONAL(WITH_GNOME, test "$with_gnome" != no) 101 | AM_CONDITIONAL(WITH_GTK4, test "$with_gtk4" != no) 102 | AM_CONDITIONAL(WITH_LIBNM_GLIB, test "$with_libnm_glib" != no) 103 | 104 | AC_ARG_ENABLE(absolute-paths, AS_HELP_STRING([--enable-absolute-paths], [Use absolute paths to in .name files. Useful for development. (default is no)])) 105 | 106 | GETTEXT_PACKAGE=NetworkManager-openvpn 107 | AC_SUBST(GETTEXT_PACKAGE) 108 | AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE,"$GETTEXT_PACKAGE", [Gettext package]) 109 | 110 | IT_PROG_INTLTOOL([0.35]) 111 | AM_GLIB_GNU_GETTEXT 112 | 113 | PKG_CHECK_MODULES(GLIB, gmodule-2.0 glib-2.0 >= 2.34) 114 | GLIB_CFLAGS="$GLIB_CFLAGS -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_34" 115 | GLIB_CFLAGS="$GLIB_CFLAGS -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_34" 116 | 117 | if test x"$with_gnome" != xno || test x"$with_gtk4" != xno; then 118 | PKG_CHECK_MODULES(LIBSECRET, libsecret-1 >= 0.18) 119 | fi 120 | 121 | if test x"$with_gnome" != xno; then 122 | PKG_CHECK_MODULES(GTK, gtk+-3.0 >= 3.4) 123 | GTK_CFLAGS="$GTK_CFLAGS -DGDK_VERSION_MIN_REQUIRED=GDK_VERSION_3_4" 124 | GTK_CFLAGS="$GTK_CFLAGS -DGDK_VERSION_MAX_ALLOWED=GDK_VERSION_3_4" 125 | 126 | PKG_CHECK_MODULES(LIBNMA, libnma >= 1.7.0) 127 | 128 | if test x"$with_libnm_glib" != xno; then 129 | PKG_CHECK_MODULES(LIBNM_GTK, libnm-gtk >= 1.7.0) 130 | PKG_CHECK_MODULES(LIBNM_GLIB, 131 | NetworkManager >= 1.7.0 132 | libnm-util >= 1.7.0 133 | libnm-glib >= 1.7.0 134 | libnm-glib-vpn >= 1.7.0); 135 | 136 | LIBNM_GLIB_CFLAGS="$LIBNM_GLIB_CFLAGS -DNM_VERSION_MIN_REQUIRED=NM_VERSION_1_2" 137 | LIBNM_GLIB_CFLAGS="$LIBNM_GLIB_CFLAGS -DNM_VERSION_MAX_ALLOWED=NM_VERSION_1_2" 138 | fi 139 | fi 140 | 141 | if test x"$with_gtk4" != xno; then 142 | PKG_CHECK_MODULES(GTK4, gtk4 >= 4.0) 143 | GTK4_CFLAGS="$GTK4_CFLAGS -DGDK_VERSION_MIN_REQUIRED=GDK_VERSION_4_0" 144 | GTK4_CFLAGS="$GTK4_CFLAGS -DGDK_VERSION_MAX_ALLOWED=GDK_VERSION_4_0" 145 | PKG_CHECK_MODULES(LIBNMA_GTK4, libnma-gtk4 >= 1.8.33) 146 | fi 147 | 148 | PKG_CHECK_MODULES(LIBNM, libnm >= 1.7.0) 149 | LIBNM_CFLAGS="$LIBNM_CFLAGS -DNM_VERSION_MIN_REQUIRED=NM_VERSION_1_8" 150 | LIBNM_CFLAGS="$LIBNM_CFLAGS -DNM_VERSION_MAX_ALLOWED=NM_VERSION_1_8" 151 | 152 | NM_VPN_SERVICE_DIR=`$PKG_CONFIG --define-variable prefix='\${prefix}' --variable vpnservicedir libnm` 153 | AC_SUBST(NM_VPN_SERVICE_DIR) 154 | 155 | NM_COMPILER_WARNINGS([yes]) 156 | NM_LTO 157 | NM_LD_GC 158 | 159 | NM_PLUGIN_DIR="$libdir/NetworkManager" 160 | AC_SUBST(NM_PLUGIN_DIR) 161 | if test x"$enable_absolute_paths" == x"yes"; then 162 | NM_PLUGIN_DIR_NAME_FILE="$NM_PLUGIN_DIR/" 163 | else 164 | enable_absolute_paths=no 165 | NM_PLUGIN_DIR_NAME_FILE="" 166 | fi 167 | AC_SUBST(NM_PLUGIN_DIR_NAME_FILE) 168 | 169 | dnl 170 | dnl Distribution version string 171 | dnl 172 | AC_ARG_WITH(dist-version, AS_HELP_STRING([--with-dist-version=], [Define the custom version (like distribution package name and revision)]), ac_distver=$withval, ac_distver="") 173 | if ! test x"$ac_distver" = x""; then 174 | AC_DEFINE_UNQUOTED(DIST_VERSION, "$ac_distver", [Define the distribution version string]) 175 | fi 176 | 177 | AC_CONFIG_FILES([ 178 | Makefile 179 | po/Makefile.in 180 | ]) 181 | AC_OUTPUT 182 | 183 | echo "" 184 | echo "Build configuration: " 185 | echo " --with-dist-version=$ac_distver" 186 | echo " --with-gnome=$with_gnome" 187 | echo " --with-gtk4=$with_gtk4" 188 | echo " --with-libnm-glib=$with_libnm_glib" 189 | echo " --enable-absolute-paths=$enable_absolute_paths" 190 | echo " --enable-more-warnings=$set_more_warnings" 191 | echo " --enable-lto=$enable_lto" 192 | echo " --enable-ld-gc=$enable_ld_gc" 193 | echo "" 194 | -------------------------------------------------------------------------------- /linker-script-binary.ver: -------------------------------------------------------------------------------- 1 | { 2 | global: 3 | _IO_stdin_used; 4 | local: 5 | *; 6 | }; 7 | -------------------------------------------------------------------------------- /m4/attributes.m4: -------------------------------------------------------------------------------- 1 | dnl Macros to check the presence of generic (non-typed) symbols. 2 | dnl Copyright (c) 2006-2008 Diego Pettenò 3 | dnl Copyright (c) 2006-2008 xine project 4 | dnl Copyright (c) 2012 Lucas De Marchi 5 | dnl 6 | dnl This program is free software; you can redistribute it and/or modify 7 | dnl it under the terms of the GNU General Public License as published by 8 | dnl the Free Software Foundation; either version 2, or (at your option) 9 | dnl any later version. 10 | dnl 11 | dnl This program is distributed in the hope that it will be useful, 12 | dnl but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | dnl GNU General Public License for more details. 15 | dnl 16 | dnl You should have received a copy of the GNU General Public License 17 | dnl along with this program; if not, write to the Free Software 18 | dnl Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 | dnl 02110-1301, USA. 20 | dnl 21 | dnl As a special exception, the copyright owners of the 22 | dnl macro gives unlimited permission to copy, distribute and modify the 23 | dnl configure scripts that are the output of Autoconf when processing the 24 | dnl Macro. You need not follow the terms of the GNU General Public 25 | dnl License when using or distributing such scripts, even though portions 26 | dnl of the text of the Macro appear in them. The GNU General Public 27 | dnl License (GPL) does govern all other use of the material that 28 | dnl constitutes the Autoconf Macro. 29 | dnl 30 | dnl This special exception to the GPL applies to versions of the 31 | dnl Autoconf Macro released by this project. When you make and 32 | dnl distribute a modified version of the Autoconf Macro, you may extend 33 | dnl this special exception to the GPL to apply to your modified version as 34 | dnl well. 35 | 36 | dnl Check if FLAG in ENV-VAR is supported by compiler and append it 37 | dnl to WHERE-TO-APPEND variable. Note that we invert -Wno-* checks to 38 | dnl -W* as gcc cannot test for negated warnings. If a C snippet is passed, 39 | dnl use it, otherwise use a simple main() definition that just returns 0. 40 | dnl CC_CHECK_FLAG_APPEND([WHERE-TO-APPEND], [ENV-VAR], [FLAG], [C-SNIPPET]) 41 | 42 | AC_DEFUN([CC_CHECK_FLAG_APPEND], [ 43 | AC_CACHE_CHECK([if $CC supports flag $3 in envvar $2], 44 | AS_TR_SH([cc_cv_$2_$3]), 45 | [eval "AS_TR_SH([cc_save_$2])='${$2}'" 46 | eval "AS_TR_SH([$2])='${cc_save_$2} -Werror `echo "$3" | sed 's/^-Wno-/-W/'`'" 47 | AC_LINK_IFELSE([AC_LANG_SOURCE(ifelse([$4], [], 48 | [int main(void) { return 0; } ], 49 | [$4]))], 50 | [eval "AS_TR_SH([cc_cv_$2_$3])='yes'"], 51 | [eval "AS_TR_SH([cc_cv_$2_$3])='no'"]) 52 | eval "AS_TR_SH([$2])='$cc_save_$2'"]) 53 | 54 | AS_IF([eval test x$]AS_TR_SH([cc_cv_$2_$3])[ = xyes], 55 | [eval "$1='${$1} $3'"]) 56 | ]) 57 | 58 | dnl CC_CHECK_FLAGS_APPEND([WHERE-TO-APPEND], [ENV-VAR], [FLAG1 FLAG2], [C-SNIPPET]) 59 | AC_DEFUN([CC_CHECK_FLAGS_APPEND], [ 60 | for flag in [$3]; do 61 | CC_CHECK_FLAG_APPEND([$1], [$2], $flag, [$4]) 62 | done 63 | ]) 64 | 65 | dnl Check if the flag is supported by linker (cacheable) 66 | dnl CC_CHECK_LDFLAGS([FLAG], [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND]) 67 | 68 | AC_DEFUN([CC_CHECK_LDFLAGS], [ 69 | AC_CACHE_CHECK([if $CC supports $1 flag], 70 | AS_TR_SH([cc_cv_ldflags_$1]), 71 | [ac_save_LDFLAGS="$LDFLAGS" 72 | LDFLAGS="$LDFLAGS $1" 73 | AC_LINK_IFELSE([int main() { return 1; }], 74 | [eval "AS_TR_SH([cc_cv_ldflags_$1])='yes'"], 75 | [eval "AS_TR_SH([cc_cv_ldflags_$1])="]) 76 | LDFLAGS="$ac_save_LDFLAGS" 77 | ]) 78 | 79 | AS_IF([eval test x$]AS_TR_SH([cc_cv_ldflags_$1])[ = xyes], 80 | [$2], [$3]) 81 | ]) 82 | 83 | dnl define the LDFLAGS_NOUNDEFINED variable with the correct value for 84 | dnl the current linker to avoid undefined references in a shared object. 85 | AC_DEFUN([CC_NOUNDEFINED], [ 86 | dnl We check $host for which systems to enable this for. 87 | AC_REQUIRE([AC_CANONICAL_HOST]) 88 | 89 | case $host in 90 | dnl FreeBSD (et al.) does not complete linking for shared objects when pthreads 91 | dnl are requested, as different implementations are present; to avoid problems 92 | dnl use -Wl,-z,defs only for those platform not behaving this way. 93 | *-freebsd* | *-openbsd*) ;; 94 | *) 95 | dnl First of all check for the --no-undefined variant of GNU ld. This allows 96 | dnl for a much more readable command line, so that people can understand what 97 | dnl it does without going to look for what the heck -z defs does. 98 | for possible_flags in "-Wl,--no-undefined" "-Wl,-z,defs"; do 99 | CC_CHECK_LDFLAGS([$possible_flags], [LDFLAGS_NOUNDEFINED="$possible_flags"]) 100 | break 101 | done 102 | ;; 103 | esac 104 | 105 | AC_SUBST([LDFLAGS_NOUNDEFINED]) 106 | ]) 107 | 108 | dnl Check for a -Werror flag or equivalent. -Werror is the GCC 109 | dnl and ICC flag that tells the compiler to treat all the warnings 110 | dnl as fatal. We usually need this option to make sure that some 111 | dnl constructs (like attributes) are not simply ignored. 112 | dnl 113 | dnl Other compilers don't support -Werror per se, but they support 114 | dnl an equivalent flag: 115 | dnl - Sun Studio compiler supports -errwarn=%all 116 | AC_DEFUN([CC_CHECK_WERROR], [ 117 | AC_CACHE_CHECK( 118 | [for $CC way to treat warnings as errors], 119 | [cc_cv_werror], 120 | [CC_CHECK_CFLAGS_SILENT([-Werror], [cc_cv_werror=-Werror], 121 | [CC_CHECK_CFLAGS_SILENT([-errwarn=%all], [cc_cv_werror=-errwarn=%all])]) 122 | ]) 123 | ]) 124 | 125 | AC_DEFUN([CC_CHECK_ATTRIBUTE], [ 126 | AC_REQUIRE([CC_CHECK_WERROR]) 127 | AC_CACHE_CHECK([if $CC supports __attribute__(( ifelse([$2], , [$1], [$2]) ))], 128 | AS_TR_SH([cc_cv_attribute_$1]), 129 | [ac_save_CFLAGS="$CFLAGS" 130 | CFLAGS="$CFLAGS $cc_cv_werror" 131 | AC_COMPILE_IFELSE([AC_LANG_SOURCE([$3])], 132 | [eval "AS_TR_SH([cc_cv_attribute_$1])='yes'"], 133 | [eval "AS_TR_SH([cc_cv_attribute_$1])='no'"]) 134 | CFLAGS="$ac_save_CFLAGS" 135 | ]) 136 | 137 | AS_IF([eval test x$]AS_TR_SH([cc_cv_attribute_$1])[ = xyes], 138 | [AC_DEFINE( 139 | AS_TR_CPP([SUPPORT_ATTRIBUTE_$1]), 1, 140 | [Define this if the compiler supports __attribute__(( ifelse([$2], , [$1], [$2]) ))] 141 | ) 142 | $4], 143 | [$5]) 144 | ]) 145 | 146 | AC_DEFUN([CC_ATTRIBUTE_CONSTRUCTOR], [ 147 | CC_CHECK_ATTRIBUTE( 148 | [constructor],, 149 | [void __attribute__((constructor)) ctor() { int a; }], 150 | [$1], [$2]) 151 | ]) 152 | 153 | AC_DEFUN([CC_ATTRIBUTE_FORMAT], [ 154 | CC_CHECK_ATTRIBUTE( 155 | [format], [format(printf, n, n)], 156 | [void __attribute__((format(printf, 1, 2))) printflike(const char *fmt, ...) { fmt = (void *)0; }], 157 | [$1], [$2]) 158 | ]) 159 | 160 | AC_DEFUN([CC_ATTRIBUTE_FORMAT_ARG], [ 161 | CC_CHECK_ATTRIBUTE( 162 | [format_arg], [format_arg(printf)], 163 | [char *__attribute__((format_arg(1))) gettextlike(const char *fmt) { fmt = (void *)0; }], 164 | [$1], [$2]) 165 | ]) 166 | 167 | AC_DEFUN([CC_ATTRIBUTE_VISIBILITY], [ 168 | CC_CHECK_ATTRIBUTE( 169 | [visibility_$1], [visibility("$1")], 170 | [void __attribute__((visibility("$1"))) $1_function() { }], 171 | [$2], [$3]) 172 | ]) 173 | 174 | AC_DEFUN([CC_ATTRIBUTE_NONNULL], [ 175 | CC_CHECK_ATTRIBUTE( 176 | [nonnull], [nonnull()], 177 | [void __attribute__((nonnull())) some_function(void *foo, void *bar) { foo = (void*)0; bar = (void*)0; }], 178 | [$1], [$2]) 179 | ]) 180 | 181 | AC_DEFUN([CC_ATTRIBUTE_UNUSED], [ 182 | CC_CHECK_ATTRIBUTE( 183 | [unused], , 184 | [void some_function(void *foo, __attribute__((unused)) void *bar);], 185 | [$1], [$2]) 186 | ]) 187 | 188 | AC_DEFUN([CC_ATTRIBUTE_SENTINEL], [ 189 | CC_CHECK_ATTRIBUTE( 190 | [sentinel], , 191 | [void some_function(void *foo, ...) __attribute__((sentinel));], 192 | [$1], [$2]) 193 | ]) 194 | 195 | AC_DEFUN([CC_ATTRIBUTE_DEPRECATED], [ 196 | CC_CHECK_ATTRIBUTE( 197 | [deprecated], , 198 | [void some_function(void *foo, ...) __attribute__((deprecated));], 199 | [$1], [$2]) 200 | ]) 201 | 202 | AC_DEFUN([CC_ATTRIBUTE_ALIAS], [ 203 | CC_CHECK_ATTRIBUTE( 204 | [alias], [weak, alias], 205 | [void other_function(void *foo) { } 206 | void some_function(void *foo) __attribute__((weak, alias("other_function")));], 207 | [$1], [$2]) 208 | ]) 209 | 210 | AC_DEFUN([CC_ATTRIBUTE_MALLOC], [ 211 | CC_CHECK_ATTRIBUTE( 212 | [malloc], , 213 | [void * __attribute__((malloc)) my_alloc(int n);], 214 | [$1], [$2]) 215 | ]) 216 | 217 | AC_DEFUN([CC_ATTRIBUTE_PACKED], [ 218 | CC_CHECK_ATTRIBUTE( 219 | [packed], , 220 | [struct astructure { char a; int b; long c; void *d; } __attribute__((packed));], 221 | [$1], [$2]) 222 | ]) 223 | 224 | AC_DEFUN([CC_ATTRIBUTE_CONST], [ 225 | CC_CHECK_ATTRIBUTE( 226 | [const], , 227 | [int __attribute__((const)) twopow(int n) { return 1 << n; } ], 228 | [$1], [$2]) 229 | ]) 230 | 231 | AC_DEFUN([CC_FLAG_VISIBILITY], [ 232 | AC_REQUIRE([CC_CHECK_WERROR]) 233 | AC_CACHE_CHECK([if $CC supports -fvisibility=hidden], 234 | [cc_cv_flag_visibility], 235 | [cc_flag_visibility_save_CFLAGS="$CFLAGS" 236 | CFLAGS="$CFLAGS $cc_cv_werror" 237 | CC_CHECK_CFLAGS_SILENT([-fvisibility=hidden], 238 | cc_cv_flag_visibility='yes', 239 | cc_cv_flag_visibility='no') 240 | CFLAGS="$cc_flag_visibility_save_CFLAGS"]) 241 | 242 | AS_IF([test "x$cc_cv_flag_visibility" = "xyes"], 243 | [AC_DEFINE([SUPPORT_FLAG_VISIBILITY], 1, 244 | [Define this if the compiler supports the -fvisibility flag]) 245 | $1], 246 | [$2]) 247 | ]) 248 | 249 | AC_DEFUN([CC_FUNC_EXPECT], [ 250 | AC_REQUIRE([CC_CHECK_WERROR]) 251 | AC_CACHE_CHECK([if compiler has __builtin_expect function], 252 | [cc_cv_func_expect], 253 | [ac_save_CFLAGS="$CFLAGS" 254 | CFLAGS="$CFLAGS $cc_cv_werror" 255 | AC_COMPILE_IFELSE([AC_LANG_SOURCE( 256 | [int some_function() { 257 | int a = 3; 258 | return (int)__builtin_expect(a, 3); 259 | }])], 260 | [cc_cv_func_expect=yes], 261 | [cc_cv_func_expect=no]) 262 | CFLAGS="$ac_save_CFLAGS" 263 | ]) 264 | 265 | AS_IF([test "x$cc_cv_func_expect" = "xyes"], 266 | [AC_DEFINE([SUPPORT__BUILTIN_EXPECT], 1, 267 | [Define this if the compiler supports __builtin_expect() function]) 268 | $1], 269 | [$2]) 270 | ]) 271 | 272 | AC_DEFUN([CC_ATTRIBUTE_ALIGNED], [ 273 | AC_REQUIRE([CC_CHECK_WERROR]) 274 | AC_CACHE_CHECK([highest __attribute__ ((aligned ())) supported], 275 | [cc_cv_attribute_aligned], 276 | [ac_save_CFLAGS="$CFLAGS" 277 | CFLAGS="$CFLAGS $cc_cv_werror" 278 | for cc_attribute_align_try in 64 32 16 8 4 2; do 279 | AC_COMPILE_IFELSE([AC_LANG_SOURCE([ 280 | int main() { 281 | static char c __attribute__ ((aligned($cc_attribute_align_try))) = 0; 282 | return c; 283 | }])], [cc_cv_attribute_aligned=$cc_attribute_align_try; break]) 284 | done 285 | CFLAGS="$ac_save_CFLAGS" 286 | ]) 287 | 288 | if test "x$cc_cv_attribute_aligned" != "x"; then 289 | AC_DEFINE_UNQUOTED([ATTRIBUTE_ALIGNED_MAX], [$cc_cv_attribute_aligned], 290 | [Define the highest alignment supported]) 291 | fi 292 | ]) 293 | -------------------------------------------------------------------------------- /m4/compiler_options.m4: -------------------------------------------------------------------------------- 1 | AC_DEFUN([_NM_COMPILER_FLAG], [ 2 | CFLAGS_SAVED="$CFLAGS" 3 | CFLAGS="$CFLAGS $GLIB_CFLAGS -Werror $1" 4 | AC_MSG_CHECKING([whether $1 works as expected]) 5 | 6 | AC_COMPILE_IFELSE([AC_LANG_SOURCE([[]])], [ 7 | AC_COMPILE_IFELSE([AC_LANG_SOURCE([[$2]])], [ 8 | AC_MSG_RESULT(yes) 9 | CFLAGS="$CFLAGS_SAVED" 10 | $3 11 | ],[ 12 | AC_MSG_RESULT(no) 13 | CFLAGS="$CFLAGS_SAVED" 14 | $4 15 | ]) 16 | ],[ 17 | AC_MSG_RESULT(not supported) 18 | CFLAGS="$CFLAGS_SAVED" 19 | ]) 20 | ]) 21 | 22 | dnl Check whether a particular compiler flag is supported, 23 | dnl add it to CFLAGS if it is 24 | AC_DEFUN([NM_COMPILER_FLAG], [ 25 | _NM_COMPILER_FLAG([$1], [], [ 26 | CFLAGS="$CFLAGS $1" 27 | $2 28 | ], [$3]) 29 | ]) 30 | 31 | dnl Check whether a particular warning is not emitted with code provided, 32 | dnl disable it in CFLAGS if the check fails. 33 | AC_DEFUN([NM_COMPILER_WARNING], [ 34 | _NM_COMPILER_FLAG([-W$1], [$2], [CFLAGS="$CFLAGS -W$1"], [CFLAGS="$CFLAGS -Wno-$1"]) 35 | ]) 36 | 37 | AC_DEFUN([NM_COMPILER_WARNINGS], 38 | [AC_ARG_ENABLE(more-warnings, 39 | AS_HELP_STRING([--enable-more-warnings], [Possible values: no/yes/error]), 40 | set_more_warnings="$enableval",set_more_warnings=$1) 41 | AC_MSG_CHECKING(for more warnings) 42 | if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then 43 | AC_MSG_RESULT(yes) 44 | 45 | dnl This is enabled in clang by default, makes little sense, 46 | dnl and causes the build to abort with -Werror. 47 | CFLAGS_SAVED="$CFLAGS" 48 | CFLAGS="$CFLAGS -Qunused-arguments" 49 | AC_COMPILE_IFELSE([AC_LANG_SOURCE([])], [], CFLAGS="$CFLAGS_SAVED") 50 | unset CFLAGS_SAVED 51 | 52 | dnl clang only warns about unknown warnings, unless 53 | dnl called with "-Werror=unknown-warning-option" 54 | dnl Test if the compiler supports that, and if it does 55 | dnl attach it to the CFLAGS. 56 | NM_COMPILER_WARNING([unknown-warning-option], []) 57 | 58 | CFLAGS_MORE_WARNINGS="-Wall -std=gnu99" 59 | 60 | if test "x$set_more_warnings" = xerror; then 61 | CFLAGS_MORE_WARNINGS="$CFLAGS_MORE_WARNINGS -Werror" 62 | fi 63 | 64 | for option in \ 65 | -Wextra \ 66 | -Wdeclaration-after-statement \ 67 | -Wfloat-equal \ 68 | -Wformat-nonliteral \ 69 | -Wformat-security \ 70 | -Wimplicit-fallthrough \ 71 | -Wimplicit-function-declaration \ 72 | -Winit-self \ 73 | -Wlogical-op \ 74 | -Wmissing-declarations \ 75 | -Wmissing-include-dirs \ 76 | -Wmissing-prototypes \ 77 | -Wpointer-arith \ 78 | -Wshadow \ 79 | -Wshift-negative-value \ 80 | -Wstrict-prototypes \ 81 | -Wundef \ 82 | -Wno-duplicate-decl-specifier \ 83 | -Wno-format-truncation \ 84 | -Wno-format-y2k \ 85 | -Wno-missing-field-initializers \ 86 | -Wno-pragmas \ 87 | -Wno-sign-compare \ 88 | -Wno-unused-but-set-variable \ 89 | -Wno-unused-parameter \ 90 | ; do 91 | dnl GCC 4.4 does not warn when checking for -Wno-* flags (https://gcc.gnu.org/wiki/FAQ#wnowarning) 92 | _NM_COMPILER_FLAG([$(printf '%s' "$option" | sed 's/^-Wno-/-W/')], [], 93 | [CFLAGS_MORE_WARNINGS="$CFLAGS_MORE_WARNINGS $option"], []) 94 | done 95 | unset option 96 | 97 | dnl Disable warnings triggered by known compiler problems 98 | 99 | dnl https://bugzilla.gnome.org/show_bug.cgi?id=745821 100 | NM_COMPILER_WARNING([unknown-attributes], [#include ]) 101 | 102 | dnl https://bugzilla.gnome.org/show_bug.cgi?id=744473 103 | NM_COMPILER_WARNING([typedef-redefinition], [#include ]) 104 | 105 | dnl https://llvm.org/bugs/show_bug.cgi?id=21614 106 | NM_COMPILER_WARNING([array-bounds], 107 | [#include ] 108 | [void f () { strcmp ("something", "0"); }] 109 | ) 110 | 111 | dnl https://llvm.org/bugs/show_bug.cgi?id=22949 112 | NM_COMPILER_WARNING([parentheses-equality], 113 | [#include ] 114 | [void f () { if (WIFCONTINUED(0)) return; }] 115 | ) 116 | 117 | dnl systemd-dhcp's log_internal macro and our handle_warn are sometimes 118 | dnl used in void context,u sometimes in int. Makes clang unhappy. 119 | NM_COMPILER_WARNING([unused-value], 120 | [#define yolo ({ (666 + 666); })] 121 | [int f () { int i = yolo; yolo; return i; }] 122 | ) 123 | 124 | dnl clang 3.9 would like to see "{ { 0 } }" here, but that does not 125 | dnl look too wise. 126 | NM_COMPILER_WARNING([missing-braces], 127 | [union { int a[1]; int b[2]; } c = { 0 }] 128 | ) 129 | 130 | CFLAGS="$CFLAGS_MORE_WARNINGS $CFLAGS" 131 | else 132 | AC_MSG_RESULT(no) 133 | fi 134 | ]) 135 | 136 | AC_DEFUN([NM_LTO], 137 | [AC_ARG_ENABLE(lto, AS_HELP_STRING([--enable-lto], [Enable Link Time Optimization for smaller size (default: no)])) 138 | if (test "${enable_lto}" = "yes"); then 139 | CC_CHECK_FLAG_APPEND([lto_flags], [CFLAGS], [-flto]) 140 | if (test -n "${lto_flags}"); then 141 | CFLAGS="-flto $CFLAGS" 142 | else 143 | AC_MSG_ERROR([Link Time Optimization -flto is not supported.]) 144 | fi 145 | else 146 | enable_lto='no' 147 | fi 148 | ]) 149 | 150 | AC_DEFUN([NM_LD_GC], 151 | [AC_ARG_ENABLE(ld-gc, AS_HELP_STRING([--enable-ld-gc], [Enable garbage collection of unused symbols on linking (default: auto)])) 152 | if (test "${enable_ld_gc}" != "no"); then 153 | CC_CHECK_FLAG_APPEND([ld_gc_flags], [CFLAGS], [-fdata-sections -ffunction-sections -Wl,--gc-sections]) 154 | if (test -n "${ld_gc_flags}"); then 155 | enable_ld_gc="yes" 156 | CFLAGS="$ld_gc_flags $CFLAGS" 157 | else 158 | if (test "${enable_ld_gc}" = "yes"); then 159 | AC_MSG_ERROR([Unused symbol eviction requested but not supported.]) 160 | else 161 | enable_ld_gc="no" 162 | fi 163 | fi 164 | fi 165 | ]) 166 | 167 | -------------------------------------------------------------------------------- /m4/git-sha-record.m4: -------------------------------------------------------------------------------- 1 | dnl GIT_SHA_RECORD($1, $2) 2 | dnl 3 | dnl $1: the name of the assigned variable. For example NM_GIT_SHA, 4 | dnl NMA_GIT_SHA, LIBNL_GIT_SHA. 5 | dnl $2: by default, a define to config.h is added. This can be 6 | dnl suppressed by passing "no-config-h". 7 | dnl 8 | AC_DEFUN([GIT_SHA_RECORD], [ 9 | m4_define([git_sha_record_v], 10 | [m4_esyscmd([ ( [ -d ./.git/ ] && [ "$(readlink -f ./.git/)" = "$(readlink -f "$(git rev-parse --git-dir 2>/dev/null)" 2>/dev/null)" ] && git rev-parse --verify -q HEAD 2>/dev/null ) || true ])]) 11 | $1=git_sha_record_v 12 | if test ""$2"" != "no-config-h" ; then 13 | AC_DEFINE_UNQUOTED($1,"$$1",[git commit id of the original source code version]) 14 | fi 15 | ]) 16 | -------------------------------------------------------------------------------- /nm-openvpn-service.conf: -------------------------------------------------------------------------------- 1 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /nm-openvpn-service.name.in: -------------------------------------------------------------------------------- 1 | [VPN Connection] 2 | name=openvpn 3 | service=org.freedesktop.NetworkManager.openvpn 4 | program=@LIBEXECDIR@/nm-openvpn-service 5 | supports-multiple-connections=true 6 | 7 | [libnm] 8 | plugin=@PLUGINDIR@/libnm-vpn-plugin-openvpn.so 9 | 10 | [GNOME] 11 | auth-dialog=@LIBEXECDIR@/nm-openvpn-auth-dialog 12 | properties=@PLUGINDIR@/libnm-openvpn-properties 13 | supports-external-ui-mode=true 14 | supports-hints=true 15 | -------------------------------------------------------------------------------- /po/LINGUAS: -------------------------------------------------------------------------------- 1 | # please keep this list sorted alphabetically 2 | # 3 | ar 4 | as 5 | be 6 | bg 7 | bs 8 | ca 9 | ca@valencia 10 | cs 11 | da 12 | de 13 | dz 14 | el 15 | en_GB 16 | eo 17 | es 18 | et 19 | eu 20 | fa 21 | fi 22 | fr 23 | fur 24 | gl 25 | gu 26 | he 27 | hr 28 | hu 29 | id 30 | it 31 | ja 32 | ka 33 | kn 34 | ko 35 | lt 36 | lv 37 | mk 38 | mr 39 | nb 40 | nl 41 | pa 42 | pl 43 | ps 44 | pt 45 | pt_BR 46 | ro 47 | ru 48 | sk 49 | sl 50 | sr 51 | sr@latin 52 | sv 53 | ta 54 | te 55 | th 56 | tr 57 | ug 58 | uk 59 | vi 60 | zh_CN 61 | zh_HK 62 | zh_TW 63 | -------------------------------------------------------------------------------- /po/POTFILES.in: -------------------------------------------------------------------------------- 1 | # List of source files containing translatable strings. 2 | # Please keep this file sorted alphabetically. 3 | appdata/network-manager-openvpn.metainfo.xml.in 4 | auth-dialog/main.c 5 | properties/import-export.c 6 | properties/nm-openvpn-editor-plugin.c 7 | properties/nm-openvpn-editor.c 8 | shared/nm-utils/nm-shared-utils.c 9 | shared/nm-utils/nm-vpn-plugin-utils.c 10 | shared/utils.c 11 | src/nm-openvpn-service.c 12 | src/nm-openvpn-service-openvpn-helper.c 13 | [type: gettext/glade]properties/nm-openvpn-dialog.ui 14 | -------------------------------------------------------------------------------- /po/POTFILES.skip: -------------------------------------------------------------------------------- 1 | gtk4/nm-openvpn-dialog.ui 2 | -------------------------------------------------------------------------------- /properties/gresource.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | nm-openvpn-dialog.ui 5 | 6 | 7 | -------------------------------------------------------------------------------- /properties/import-export.h: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License along 15 | * with this program; if not, write to the Free Software Foundation, Inc., 16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 17 | * 18 | * Copyright (C) 2008 Dan Williams, 19 | * Copyright (C) 2008 - 2018 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef _IMPORT_EXPORT_H_ 23 | #define _IMPORT_EXPORT_H_ 24 | 25 | extern const char *_nmovpn_test_temp_path; 26 | 27 | gboolean _nmovpn_test_args_parse_line (const char *line, 28 | gsize line_len, 29 | const char ***out_p, 30 | char **out_error); 31 | 32 | NMConnection *do_import (const char *path, const char *contents, gsize contents_len, GError **error); 33 | 34 | gboolean do_export (const char *path, NMConnection *connection, GError **error); 35 | 36 | #endif 37 | -------------------------------------------------------------------------------- /properties/libnm-openvpn-properties.ver: -------------------------------------------------------------------------------- 1 | { 2 | global: 3 | nm_vpn_plugin_ui_factory; 4 | local: 5 | *; 6 | }; 7 | -------------------------------------------------------------------------------- /properties/libnm-vpn-plugin-openvpn-editor.ver: -------------------------------------------------------------------------------- 1 | { 2 | global: 3 | nm_vpn_editor_factory_openvpn; 4 | local: 5 | *; 6 | }; 7 | -------------------------------------------------------------------------------- /properties/libnm-vpn-plugin-openvpn.ver: -------------------------------------------------------------------------------- 1 | { 2 | global: 3 | nm_vpn_editor_plugin_factory; 4 | local: 5 | *; 6 | }; 7 | -------------------------------------------------------------------------------- /properties/nm-openvpn-editor-plugin.c: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License along 15 | * with this program; if not, write to the Free Software Foundation, Inc., 16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 17 | * 18 | * Based on work by David Zeuthen, 19 | * Copyright (C) 2005 Tim Niemueller 20 | * Copyright (C) 2008 - 2010 Dan Williams, 21 | * Copyright (C) 2008 - 2018 Red Hat, Inc. 22 | */ 23 | 24 | #include "nm-default.h" 25 | 26 | #include "nm-openvpn-editor-plugin.h" 27 | 28 | #include 29 | #include 30 | #include 31 | #include 32 | #include 33 | 34 | #if ((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL) 35 | #include "nm-openvpn-editor.h" 36 | #else 37 | #include "nm-utils/nm-vpn-plugin-utils.h" 38 | #endif 39 | 40 | #include "import-export.h" 41 | 42 | #define OPENVPN_PLUGIN_NAME _("OpenVPN") 43 | #define OPENVPN_PLUGIN_DESC _("Compatible with the OpenVPN server.") 44 | 45 | /*****************************************************************************/ 46 | 47 | enum { 48 | PROP_0, 49 | PROP_NAME, 50 | PROP_DESC, 51 | PROP_SERVICE 52 | }; 53 | 54 | static void openvpn_editor_plugin_interface_init (NMVpnEditorPluginInterface *iface_class); 55 | 56 | G_DEFINE_TYPE_EXTENDED (OpenvpnEditorPlugin, openvpn_editor_plugin, G_TYPE_OBJECT, 0, 57 | G_IMPLEMENT_INTERFACE (NM_TYPE_VPN_EDITOR_PLUGIN, 58 | openvpn_editor_plugin_interface_init)) 59 | 60 | /*****************************************************************************/ 61 | 62 | static NMConnection * 63 | import (NMVpnEditorPlugin *iface, const char *path, GError **error) 64 | { 65 | NMConnection *connection = NULL; 66 | char *contents = NULL; 67 | gsize contents_len; 68 | 69 | if (!g_file_get_contents (path, &contents, &contents_len, error)) 70 | return NULL; 71 | 72 | connection = do_import (path, contents, contents_len, error); 73 | 74 | g_free (contents); 75 | return connection; 76 | } 77 | 78 | static gboolean 79 | export (NMVpnEditorPlugin *iface, 80 | const char *path, 81 | NMConnection *connection, 82 | GError **error) 83 | { 84 | return do_export (path, connection, error); 85 | } 86 | 87 | static char * 88 | get_suggested_filename (NMVpnEditorPlugin *iface, NMConnection *connection) 89 | { 90 | NMSettingConnection *s_con; 91 | const char *id; 92 | 93 | g_return_val_if_fail (connection != NULL, NULL); 94 | 95 | s_con = nm_connection_get_setting_connection (connection); 96 | g_return_val_if_fail (s_con != NULL, NULL); 97 | 98 | id = nm_setting_connection_get_id (s_con); 99 | g_return_val_if_fail (id != NULL, NULL); 100 | 101 | return g_strdup_printf ("%s (openvpn).conf", id); 102 | } 103 | 104 | static guint32 105 | get_capabilities (NMVpnEditorPlugin *iface) 106 | { 107 | return (NM_VPN_EDITOR_PLUGIN_CAPABILITY_IMPORT | 108 | NM_VPN_EDITOR_PLUGIN_CAPABILITY_EXPORT | 109 | NM_VPN_EDITOR_PLUGIN_CAPABILITY_IPV6); 110 | } 111 | 112 | #if !((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL) 113 | static NMVpnEditor * 114 | _call_editor_factory (gpointer factory, 115 | NMVpnEditorPlugin *editor_plugin, 116 | NMConnection *connection, 117 | gpointer user_data, 118 | GError **error) 119 | { 120 | return ((NMVpnEditorFactory) factory) (editor_plugin, 121 | connection, 122 | error); 123 | } 124 | #endif 125 | 126 | static NMVpnEditor * 127 | get_editor (NMVpnEditorPlugin *iface, NMConnection *connection, GError **error) 128 | { 129 | gpointer gtk3_only_symbol; 130 | GModule *self_module; 131 | const char *editor; 132 | 133 | g_return_val_if_fail (OPENVPN_IS_EDITOR_PLUGIN (iface), NULL); 134 | g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL); 135 | g_return_val_if_fail (!error || !*error, NULL); 136 | 137 | self_module = g_module_open (NULL, 0); 138 | g_module_symbol (self_module, "gtk_container_add", >k3_only_symbol); 139 | g_module_close (self_module); 140 | 141 | if (gtk3_only_symbol) { 142 | editor = "libnm-vpn-plugin-openvpn-editor.so"; 143 | } else { 144 | editor = "libnm-gtk4-vpn-plugin-openvpn-editor.so"; 145 | } 146 | 147 | #if ((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL) 148 | return openvpn_editor_new (connection, error); 149 | #else 150 | return nm_vpn_plugin_utils_load_editor (editor, 151 | "nm_vpn_editor_factory_openvpn", 152 | _call_editor_factory, 153 | iface, 154 | connection, 155 | NULL, 156 | error); 157 | #endif 158 | } 159 | 160 | /*****************************************************************************/ 161 | 162 | static void 163 | get_property (GObject *object, guint prop_id, 164 | GValue *value, GParamSpec *pspec) 165 | { 166 | switch (prop_id) { 167 | case PROP_NAME: 168 | g_value_set_string (value, OPENVPN_PLUGIN_NAME); 169 | break; 170 | case PROP_DESC: 171 | g_value_set_string (value, OPENVPN_PLUGIN_DESC); 172 | break; 173 | case PROP_SERVICE: 174 | g_value_set_string (value, NM_VPN_SERVICE_TYPE_OPENVPN); 175 | break; 176 | default: 177 | G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); 178 | break; 179 | } 180 | } 181 | 182 | static void 183 | openvpn_editor_plugin_init (OpenvpnEditorPlugin *plugin) 184 | { 185 | } 186 | 187 | static void 188 | openvpn_editor_plugin_interface_init (NMVpnEditorPluginInterface *iface_class) 189 | { 190 | iface_class->get_editor = get_editor; 191 | iface_class->get_capabilities = get_capabilities; 192 | iface_class->import_from_file = import; 193 | iface_class->export_to_file = export; 194 | iface_class->get_suggested_filename = get_suggested_filename; 195 | } 196 | 197 | static void 198 | openvpn_editor_plugin_class_init (OpenvpnEditorPluginClass *req_class) 199 | { 200 | GObjectClass *object_class = G_OBJECT_CLASS (req_class); 201 | 202 | object_class->get_property = get_property; 203 | 204 | g_object_class_override_property (object_class, 205 | PROP_NAME, 206 | NM_VPN_EDITOR_PLUGIN_NAME); 207 | 208 | g_object_class_override_property (object_class, 209 | PROP_DESC, 210 | NM_VPN_EDITOR_PLUGIN_DESCRIPTION); 211 | 212 | g_object_class_override_property (object_class, 213 | PROP_SERVICE, 214 | NM_VPN_EDITOR_PLUGIN_SERVICE); 215 | } 216 | 217 | /*****************************************************************************/ 218 | 219 | G_MODULE_EXPORT NMVpnEditorPlugin * 220 | nm_vpn_editor_plugin_factory (GError **error) 221 | { 222 | g_return_val_if_fail (!error || !*error, NULL); 223 | 224 | bindtextdomain (GETTEXT_PACKAGE, LOCALEDIR); 225 | bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8"); 226 | 227 | return g_object_new (OPENVPN_TYPE_EDITOR_PLUGIN, NULL); 228 | } 229 | 230 | -------------------------------------------------------------------------------- /properties/nm-openvpn-editor-plugin.h: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License along 15 | * with this program; if not, write to the Free Software Foundation, Inc., 16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 17 | * 18 | * Copyright (C) 2008 Dan Williams, 19 | * Copyright (C) 2008 - 2018 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef __NM_OPENVPN_EDITOR_PLUGIN_H__ 23 | #define __NM_OPENVPN_EDITOR_PLUGIN_H__ 24 | 25 | #define OPENVPN_TYPE_EDITOR_PLUGIN (openvpn_editor_plugin_get_type ()) 26 | #define OPENVPN_EDITOR_PLUGIN(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), OPENVPN_TYPE_EDITOR_PLUGIN, OpenvpnEditorPlugin)) 27 | #define OPENVPN_EDITOR_PLUGIN_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), OPENVPN_TYPE_EDITOR_PLUGIN, OpenvpnEditorPluginClass)) 28 | #define OPENVPN_IS_EDITOR_PLUGIN(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), OPENVPN_TYPE_EDITOR_PLUGIN)) 29 | #define OPENVPN_IS_EDITOR_PLUGIN_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), OPENVPN_TYPE_EDITOR_PLUGIN)) 30 | #define OPENVPN_EDITOR_PLUGIN_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), OPENVPN_TYPE_EDITOR_PLUGIN, OpenvpnEditorPluginClass)) 31 | 32 | typedef struct _OpenvpnEditorPlugin OpenvpnEditorPlugin; 33 | typedef struct _OpenvpnEditorPluginClass OpenvpnEditorPluginClass; 34 | 35 | struct _OpenvpnEditorPlugin { 36 | GObject parent; 37 | }; 38 | 39 | struct _OpenvpnEditorPluginClass { 40 | GObjectClass parent; 41 | }; 42 | 43 | GType openvpn_editor_plugin_get_type (void); 44 | 45 | typedef NMVpnEditor *(*NMVpnEditorFactory) (NMVpnEditorPlugin *editor_plugin, 46 | NMConnection *connection, 47 | GError **error); 48 | 49 | NMVpnEditor * 50 | nm_vpn_editor_factory_openvpn (NMVpnEditorPlugin *editor_plugin, 51 | NMConnection *connection, 52 | GError **error); 53 | 54 | #endif /* __NM_OPENVPN_EDITOR_PLUGIN_H__ */ 55 | 56 | -------------------------------------------------------------------------------- /properties/nm-openvpn-editor.h: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License along 15 | * with this program; if not, write to the Free Software Foundation, Inc., 16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 17 | * 18 | * Copyright (C) 2008 Dan Williams, 19 | * Copyright (C) 2008 - 2018 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef __NM_OPENVPN_EDITOR_H__ 23 | #define __NM_OPENVPN_EDITOR_H__ 24 | 25 | #define OPENVPN_TYPE_EDITOR (openvpn_editor_plugin_widget_get_type ()) 26 | #define OPENVPN_EDITOR(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), OPENVPN_TYPE_EDITOR, OpenvpnEditor)) 27 | #define OPENVPN_EDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), OPENVPN_TYPE_EDITOR, OpenvpnEditorClass)) 28 | #define OPENVPN_IS_EDITOR(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), OPENVPN_TYPE_EDITOR)) 29 | #define OPENVPN_IS_EDITOR_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), OPENVPN_TYPE_EDITOR)) 30 | #define OPENVPN_EDITOR_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), OPENVPN_TYPE_EDITOR, OpenvpnEditorClass)) 31 | 32 | typedef struct _OpenvpnEditor OpenvpnEditor; 33 | typedef struct _OpenvpnEditorClass OpenvpnEditorClass; 34 | 35 | struct _OpenvpnEditor { 36 | GObject parent; 37 | }; 38 | 39 | struct _OpenvpnEditorClass { 40 | GObjectClass parent; 41 | }; 42 | 43 | GType openvpn_editor_plugin_widget_get_type (void); 44 | 45 | NMVpnEditor *openvpn_editor_new (NMConnection *connection, GError **error); 46 | 47 | #endif /* __NM_OPENVPN_EDITOR_H__ */ 48 | 49 | -------------------------------------------------------------------------------- /properties/tests/conf/compress.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca ca.crt 5 | 6 | comp-lzo 7 | compress lzo 8 | -------------------------------------------------------------------------------- /properties/tests/conf/connect-timeout.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | connect-timeout 19 6 | 7 | dev tun 8 | persist-key 9 | persist-tun 10 | link-mtu 1400 11 | proto udp 12 | nobind 13 | pull 14 | tls-client 15 | 16 | ca keys/mg8.ca 17 | cert keys/clee.crt 18 | key keys/clee.key 19 | 20 | tls-auth keys/46.key 1 21 | tls-remote "/CN=myvpn.company.com" 22 | 23 | compress 24 | verb 4 25 | 26 | -------------------------------------------------------------------------------- /properties/tests/conf/crl-dir.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | compress 20 | verb 3 21 | 22 | crl-verify /home/user/.cert/crls/ dir -------------------------------------------------------------------------------- /properties/tests/conf/crl-file.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | compress 20 | verb 3 21 | 22 | crl-verify /home/user/.cert/crl.pem -------------------------------------------------------------------------------- /properties/tests/conf/device-notype.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev tap 3 | proto tcp 4 | topology subnet 5 | remote miami.proxpn.com 443 6 | resolv-retry infinite 7 | nobind 8 | persist-key 9 | persist-tun 10 | user openvpn 11 | group openvpn 12 | compress 13 | tun-mtu 1500 14 | mssfix 1450 15 | auth-user-pass 16 | auth-nocache 17 | reneg-sec 0 18 | 19 | cd /etc/openvpn 20 | ca CompanyISCA.pem 21 | cipher AES-256-CBC 22 | reneg-sec 0 23 | 24 | ping 30 25 | ping-exit 120 26 | verb 4 27 | -------------------------------------------------------------------------------- /properties/tests/conf/device.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev company0 3 | dev-type tun 4 | proto tcp 5 | topology subnet 6 | remote miami.proxpn.com 443 7 | resolv-retry infinite 8 | nobind 9 | persist-key 10 | persist-tun 11 | user openvpn 12 | group openvpn 13 | compress 14 | tun-mtu 1500 15 | mssfix 1450 16 | auth-user-pass 17 | auth-nocache 18 | reneg-sec 0 19 | 20 | cd /etc/openvpn 21 | ca CompanyISCA.pem 22 | cipher AES-256-CBC 23 | reneg-sec 0 24 | 25 | ping 30 26 | ping-exit 120 27 | verb 4 28 | -------------------------------------------------------------------------------- /properties/tests/conf/httpauthfile: -------------------------------------------------------------------------------- 1 | myusername 2 | mypassword 3 | -------------------------------------------------------------------------------- /properties/tests/conf/iso885915.ovpn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetworkManager/NetworkManager-openvpn/3bee8c5b14f1232eb20a822ca4a9df737af23649/properties/tests/conf/iso885915.ovpn -------------------------------------------------------------------------------- /properties/tests/conf/keepalive.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 1 20 | tls-remote "/CN=myvpn.company.com" 21 | 22 | compress 23 | verb 3 24 | 25 | keepalive 10 30 26 | -------------------------------------------------------------------------------- /properties/tests/conf/keysize.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | proto tcp 4 | remote miami.proxpn.com 443 5 | resolv-retry infinite 6 | nobind 7 | persist-key 8 | persist-tun 9 | compress 10 | tun-mtu 1500 11 | mssfix 1450 12 | auth-user-pass 13 | reneg-sec 0 14 | 15 | ca ssl/ca.crt 16 | cert ssl/client.crt 17 | key ssl/client.key 18 | cipher BF-CBC 19 | keysize 512 20 | ncp-disable 21 | -------------------------------------------------------------------------------- /properties/tests/conf/mtu-disc.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev company0 3 | dev-type tun 4 | proto tcp 5 | topology subnet 6 | remote miami.proxpn.com 443 7 | resolv-retry infinite 8 | nobind 9 | persist-key 10 | persist-tun 11 | user openvpn 12 | group openvpn 13 | compress 14 | tun-mtu 1500 15 | mssfix 1450 16 | auth-user-pass 17 | auth-nocache 18 | reneg-sec 0 19 | 20 | cd /etc/openvpn 21 | ca CompanyISCA.pem 22 | cipher AES-256-CBC 23 | reneg-sec 0 24 | mtu-disc yes 25 | 26 | ping 30 27 | ping-exit 120 28 | verb 4 29 | -------------------------------------------------------------------------------- /properties/tests/conf/password.conf: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | 4 | proto udp 5 | topology subnet 6 | 7 | rport 2352 8 | remote test.server.com 443 9 | nobind 10 | persist-key 11 | persist-tun 12 | user openvpn 13 | group openvpn 14 | 15 | 16 | ca cacert.pem 17 | cipher AES-256-CBC #xcomment 18 | reneg-sec 0 19 | 20 | auth-user-pass 21 | auth-nocache 22 | 23 | ping 30 24 | ping-exit 120 25 | 26 | # random comment 27 | 28 | script-security 2 29 | 30 | 31 | -------------------------------------------------------------------------------- /properties/tests/conf/ping-with-exit.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 1 20 | tls-remote "/CN=myvpn.company.com" 21 | 22 | compress 23 | verb 3 24 | 25 | ping 10 26 | ping-exit 120 27 | -------------------------------------------------------------------------------- /properties/tests/conf/ping-with-restart.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 1 20 | tls-remote "/CN=myvpn.company.com" 21 | 22 | compress 23 | verb 3 24 | 25 | ping 10 26 | ping-restart 30 27 | -------------------------------------------------------------------------------- /properties/tests/conf/pkcs12-with-ca.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | ca ca.crt 14 | pkcs12 keys/mine.p12 15 | 16 | compress 17 | verb 3 18 | 19 | -------------------------------------------------------------------------------- /properties/tests/conf/pkcs12.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | pkcs12 keys/mine.p12 14 | 15 | compress 16 | verb 3 17 | 18 | -------------------------------------------------------------------------------- /properties/tests/conf/port.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 1 20 | tls-remote "/CN=myvpn.company.com" 21 | 22 | compress 23 | verb 3 24 | 25 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp-client.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp-client 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp4-client.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp4-client 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp4.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp4 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp6-client.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp6-client 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-tcp6.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto tcp6 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-udp.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto udp 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-udp4.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto udp4 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proto-udp6.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca cacert.pem 5 | 6 | proto udp6 7 | -------------------------------------------------------------------------------- /properties/tests/conf/proxy-http-with-auth.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | 4 | proto tcp 5 | topology subnet 6 | 7 | rport 2352 8 | remote test.server.com 443 9 | nobind 10 | persist-key 11 | persist-tun 12 | user openvpn 13 | group openvpn 14 | 15 | http-proxy-retry 16 | http-proxy proxy.domain.tld 3128 httpauthfile basic 17 | 18 | ca cacert.pem 19 | cipher AES-256-CBC 20 | reneg-sec 0 21 | 22 | auth-user-pass 23 | auth-nocache 24 | 25 | ping 30 26 | ping-exit 120 27 | 28 | # random comment 29 | 30 | script-security 2 31 | 32 | 33 | -------------------------------------------------------------------------------- /properties/tests/conf/proxy-http.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | 4 | proto tcp 5 | topology subnet 6 | 7 | rport 2352 8 | remote aa:bb::1 1194 udp 9 | nobind 10 | persist-key 11 | persist-tun 12 | user openvpn 13 | group openvpn 14 | 15 | http-proxy 10.1.1.1 8080 httpauthfile 16 | http-proxy-retry 17 | 18 | ca cacert.pem 19 | cipher AES-256-CBC 20 | reneg-sec 0 21 | 22 | auth-user-pass 23 | auth-nocache 24 | 25 | ping 30 26 | ping-exit 120 27 | 28 | # random comment 29 | 30 | script-security 2 31 | 32 | 33 | -------------------------------------------------------------------------------- /properties/tests/conf/proxy-socks.ovpn: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | 4 | proto tcp 5 | topology subnet 6 | 7 | rport 2352 8 | remote test.server.com 443 9 | nobind 10 | persist-key 11 | persist-tun 12 | user openvpn 13 | group openvpn 14 | 15 | socks-proxy 10.1.1.1 1080 16 | socks-proxy-retry 17 | 18 | ca cacert.pem 19 | cipher AES-256-CBC 20 | reneg-sec 0 21 | 22 | auth-user-pass 23 | auth-nocache 24 | 25 | ping 30 26 | ping-exit 120 27 | 28 | # random comment 29 | 30 | script-security 2 31 | 32 | 33 | -------------------------------------------------------------------------------- /properties/tests/conf/push-peer-info.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 666 2 | dev tun 3 | client 4 | ca ca.crt 5 | 6 | push-peer-info 7 | -------------------------------------------------------------------------------- /properties/tests/conf/route.ovpn: -------------------------------------------------------------------------------- 1 | route 1.2.3.0 255.255.255.0 1.2.3.254 99 2 | route 5.6.7.8 255.255.255.252 3 | route 192.168.0.0 255.255.0.0 192.168.44.1 4 | 5 | remote 173.8.149.245 6 | resolv-retry infinite 7 | 8 | dev tun 9 | persist-key 10 | persist-tun 11 | link-mtu 1400 12 | proto udp 13 | nobind 14 | pull 15 | tls-client 16 | 17 | ca keys/mg8.ca 18 | cert keys/clee.crt 19 | key keys/clee.key 20 | 21 | tls-auth keys/46.key 1 22 | tls-remote "/CN=myvpn.company.com" 23 | 24 | compress 25 | verb 3 26 | 27 | -------------------------------------------------------------------------------- /properties/tests/conf/rport.ovpn: -------------------------------------------------------------------------------- 1 | rport 6789 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 1 20 | tls-remote "/CN=myvpn.company.com" 21 | 22 | compress 23 | verb 3 24 | 25 | -------------------------------------------------------------------------------- /properties/tests/conf/server-poll-timeout.ovpn: -------------------------------------------------------------------------------- 1 | port 2345 2 | 3 | remote 173.8.149.245 4 | resolv-retry infinite 5 | 6 | dev tun 7 | persist-key 8 | persist-tun 9 | link-mtu 1400 10 | proto udp 11 | nobind 12 | pull 13 | tls-client 14 | server-poll-timeout 23 15 | 16 | ca keys/mg8.ca 17 | cert keys/clee.crt 18 | key keys/clee.key 19 | 20 | tls-auth keys/46.key 1 21 | tls-remote "/CN=myvpn.company.com" 22 | 23 | compress 24 | verb 4 25 | 26 | -------------------------------------------------------------------------------- /properties/tests/conf/static.key: -------------------------------------------------------------------------------- 1 | # 2 | # 2048 bit OpenVPN static key 3 | # 4 | -----BEGIN OpenVPN Static key V1----- 5 | 378e209d0fe8efe398afa86bdb19b9a8 6 | f9cc3ae06e42f9468f97d81724101046 7 | 1722e4888756212c05dd0e9341e28388 8 | aa6f1ea6fbb46779a2e1ce6db1fcef47 9 | 69bd0266c9e14f02a2f19760e77d2f71 10 | 59f6e96769bcc09eda1786adbbd51a50 11 | f027a829b0a71106b01a046972b1cd20 12 | 41774be1515f81e8760da576077f543d 13 | 75d6deb92c9bfd7760a12b0f05938e7d 14 | 63fc0c663cdbb623d3f45fcfcbc2009c 15 | 1fc36c7b8ecc147462fb7c8747676574 16 | 3b7bd0d6a89aa90514d453b9f1b92e22 17 | 57bb24180cd867357131ac9972f118b8 18 | d4cebc0da588fed8ec73b9b9be86962d 19 | 1a28946996a012767fae84851c126bab 20 | 65fee86c5e72d11c6d10c01728e33000 21 | -----END OpenVPN Static key V1----- 22 | -------------------------------------------------------------------------------- /properties/tests/conf/static.ovpn: -------------------------------------------------------------------------------- 1 | remote 10.11.12.13 2 | dev tun 3 | ifconfig 10.8.0.2 10.8.0.1 4 | secret static.key 1 5 | 6 | -------------------------------------------------------------------------------- /properties/tests/conf/static2.ovpn: -------------------------------------------------------------------------------- 1 | remote 10.11.12.13 2 | dev tun 3 | ifconfig 10.8.0.2 10.8.0.1 4 | secret static.key 5 | key-direction 0 6 | 7 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline-ca.pem: -------------------------------------------------------------------------------- 1 | # comments are allowed here! 2 | 3 | # and so are empty lines 4 | -----BEGIN CERTIFICATE----- 5 | MIIC9zCCAd+gAwIBAgIJAMiKuqrHoqE2MA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV 6 | BAMMB3Rlc3QtY2EwHhcNMTYwMTIyMTMxNzQ5WhcNMTgxMTExMTMxNzQ5WjASMRAw 7 | DgYDVQQDDAd0ZXN0LWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 8 | pg9t+Tuwi6yU+rGz+TkNMwYMvyAAxImfcclrLDoUxL6pA8qdAEqxtLqeoJaY5pzX 9 | cxBbr6ZgXuBvWF3D6la8D86vLOfP7mJxSiktEVae3Z/RrPuwqX1x/wkQRK4e1o9w 10 | VwTNVka0p2phJUOtALGfufIsHkL54iushxwVJ9NWDrObA9fPIJTfsAyTpBuQgIzm 11 | qb91nn50aF/shSdzRDhvs/BIRh+IIqUtgm5LbwDNz4gZnQRpkL2Ta5wUVc8/+iH9 12 | EY60AbbCtAnji278YT2IeFLCjezH1JwEiccbC3+g4mn2oHsd48cgppDV/tENWAzP 13 | yBjdPxikDYOSg7F4UuA8fQIDAQABo1AwTjAdBgNVHQ4EFgQUIbmxkSfwBRkbgiAM 14 | w+H9ccZnStQwHwYDVR0jBBgwFoAUIbmxkSfwBRkbgiAMw+H9ccZnStQwDAYDVR0T 15 | BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAjTsHpzg1zOI9z7CxYy66XLOMA/tO 16 | Vy6i1lqtwHsOn540y91W1dkpNe1DxI3qbWedAsEvgjCwgmBNI5Za6d48ot4vqx7j 17 | ItWtfJFCtX6LRKkLR97yR6ZeqdcnuZuc0hnofo0NDhbUa8RAaHuVLIgMqn3L/ET4 18 | HmO3GpQ81Y4pWqQCPbWbQIwGQ3gBBcfn8+g3Q5GZ0r2oCYGl7QlDvZnbLn1frDrV 19 | ALPX6sA/1Fzx+VFMdwJFuhupZYXTA+NSiPu4mqGkedQwzdeQRyStlYo51hi5Af2B 20 | LZR3iq5pNe7DW2YaqcSdQsrFVl3y5btaw/+R2lyZtiStTMGA+SphvLn4/w== 21 | -----END CERTIFICATE----- 22 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline-cert.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIDojCCAooCCQCu+mQn9w/PJDANBgkqhkiG9w0BAQ0FADASMRAwDgYDVQQDDAd0 3 | ZXN0LWNhMB4XDTE2MDEyMjEzMjAwNFoXDTE3MDEyMTEzMjAwNFowFDESMBAGA1UE 4 | AwwJdGVzdC1jZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/dC 5 | /LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjUD03kJJBzrzAnV+EOCg94 6 | 5Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCqcOv+BCMKovuqavlzmN/o 7 | yO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9fdaXb+/DuOlqvLQNHrfm 8 | VnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuYdtarJIcMoOzXN7BmO2XZ 9 | EI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz2R66l3MLCng6dI+2f6sM 10 | duFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTawEnMTW7fvHdZtK7Geqsc 11 | /mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHlsVvDPBk2UBiXicL45jaD 12 | xARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+ZmDm1mfVdGseBjTcrBFbi 13 | ZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/cTV/+SEpzv+o6lROycN/+ 14 | PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuNmo6KfNujcqRqZInkk6HS 15 | BPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEAATANBgkqhkiG9w0BAQ0F 16 | AAOCAQEAkUVsxyanQN1iPW3d17hfZ3o0lmSihZkw396FXP34tGUeIvk2EbFHS1Jy 17 | 3Gh4r1adB5bil0X1GYU8AFPKaM+CqWagyBAYXwX6YaXb1pzFn8Ixw6t0gRoAW9ex 18 | MW4Eduh8JOYi+KkJaXj5SAVDd3ZDCIwW3rN+jIMy2tvnuWW07UW5HvOZ4qRXyOlZ 19 | mqUBgft97uOiVEor8KEhrBzgGzT72ELOykzZGWEuWWy0ytbPrAc+XyodvylvAGzR 20 | lj74pDerwl/oUl80vRgEl8M1o4nGdoe17SfaGhD7MP+YD2HmY2kTCw8ks70KBpxJ 21 | nCtKkguacJwDtUeh2jpbXZKBQAgqkw== 22 | -----END CERTIFICATE----- 23 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline-crl-verify-file.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN X509 CRL----- 2 | MIHxMFwwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKT3BlblZQTiBDQRcNMTQw 3 | NDIyMDQzOTI3WhcNMjQwNDE5MDQzOTI3WjAWMBQCAQEYDzIwMTQwNDIyMDQzOTI3 4 | WjANBgkqhkiG9w0BAQQFAAOBgQBQXzbNjXkx8+/TeG8qbFQD5wd6wOTe8HnypQTt 5 | eELsI7eyNtiRRhJD3qKfawPVUabSijnwhAPHfhoIOLKe67RLfzOwAsFKPNJAVdmq 6 | rYw1t2eucHvGjH8PnTh0aJPJaI67jmNbSI4CnHNcRgZ+1ow1GS+RAK7kotS+dZz9 7 | 0tc7Qw== 8 | -----END X509 CRL----- 9 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline-key.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIJKgIBAAKCAgEAv/dC/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjU 3 | D03kJJBzrzAnV+EOCg945Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCq 4 | cOv+BCMKovuqavlzmN/oyO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9 5 | fdaXb+/DuOlqvLQNHrfmVnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuY 6 | dtarJIcMoOzXN7BmO2XZEI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz 7 | 2R66l3MLCng6dI+2f6sMduFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTa 8 | wEnMTW7fvHdZtK7Geqsc/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHl 9 | sVvDPBk2UBiXicL45jaDxARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+Z 10 | mDm1mfVdGseBjTcrBFbiZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/c 11 | TV/+SEpzv+o6lROycN/+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuN 12 | mo6KfNujcqRqZInkk6HSBPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEA 13 | AQKCAgAlSagvYjiA7vgl5wK5MwWgwGSLc/6jYp3w0t0dRQlSQ4sIlVWLq3uXRp/R 14 | 9a6OuV56wcqf2c9QYSRAxNKOXkWr6HleEOYLWCcY0NzR6sOsRWSvESbKTGzI7O2R 15 | /wR5Rv8XQNb8wJV4uofSVBtZhG3V+j5ZSqHoOCvo1iYXdgPVwUiOPlf264n66j3A 16 | W0aqZObvgpUxUfZkafqUkyKJZQgaUxZxefsQc6rP7Twa8AamSKOjBB53ZvdTXxAq 17 | 6hZb8N3Kx9vEBV7tzmF9KNi+D5NoMZv55X86xQfZoBvodV9cpeKL/5CLKhbgeC46 18 | 2GOyZH/0iIshRF2kgF1UGzkQqsjzF2YPAgIXYA5nCSln/qf9Xt9/iXzMvkEsD94J 19 | SGxPrjoNpcd0JXsQRiEuxJnQUZrFlP1egFC1sHmGDt9NJ2T1nGFGeaX0yfpjwo8o 20 | wSqYC4/fzFwED80OFNujWQBKeposBztzmYviSh/ls+lAXFPSki+UTld9XmI5Ju/6 21 | 6yMiORUVGNa+/Swc5ymXcbgD0x5lZtDtx7pAkkZJE7apdUTZWo9xgi9/WnBzZozE 22 | PEVVZjmnU7xfcxK2YQbgS5eAAScuh6T+Np4wBJinqdZpoTy33cNu4hquGMAvtfhZ 23 | MHQJ9mQb0ZzrYKYTqC/dCJmHcKozpoRlXExtkKKS1Uu6wCJmsQKCAQEA+L2M2Pb7 24 | O4vyJle0TVRi6T4s337T9JLXbyPXlD5KBF3VD3S4Wc1eks7oeORE20JeI4WdWbbI 25 | 5lF+fZCo7Uwok2SZDbdgVK5NeBl7P2eDWAOTTR+mcZ7XWhR5TD2Nu1fU1AagSnIH 26 | ac+q94vltojt8bGd0+wGPVr1jsUr/uWzS8dCuAttuXl2cgKO2rc1c6AkWGXX1W7d 27 | H283HoFHwbpeulTL0pULD5pFQtDwS1NI+T4Rr/E9lmm3V2/XZS06UklFA/C0ZpE4 28 | atVXWNPWkObeZP8U84h66jUisO40cHTSQRj6+0dqEYECmmDX1bOIkxGAPfdjhOgd 29 | VNYMQljpyIaKNQKCAQEAxZGGCgn/Ab6oX77R89/8QlJJlJcz5zl+qmKfdVCV2d+p 30 | B7TIlXEMwgxyGzmYQrmPGpLcolRGn+JHi43/8hkGegjhS9jCh5ndRoTQVlMxczR7 31 | aJH/fh9YVuvIl7hTiIUbuEklbYnuh9tSfGJtZG7gSICjx3YnKgMNbpMRrA00NX0h 32 | qtQS6kE1X4CjNIi4i6uUHziFJ3127kBN9WTzph1DhO5F9IfH91j+qnuzkQlKLoDP 33 | DTnv9dXuhAjOy87ugdNYrgfdlt9Jm36lY9x+WLiuRg1gdCj+6hGxZpgkAO+Hsqcc 34 | 0aRyVevBFGk8eiMSkHmMN1XeT/gb0w+DCO90iuCahwKCAQEAvQX2oe5WjzLTSrX9 35 | i4JkRBF+sjzEP6jTVF8tdTc8skLIJZ2ydnPtuazI1w3JEcJGncHtCH8x/mzRrgQf 36 | i20DrLaW5OiEqPVoY6shkNZN5rWY29QAfXmS9551ay2fpk2hq5p5dvlejtdEeify 37 | 4hr+j1xFrwU+3KNh1iQaQfM2pJCBMDFnKbqW+x7chnMRiJOa6x5Bva0pFrlCbskZ 38 | yauiTwEffyDKLgozNgpngSaCXv3/HPA7uDEQJb8VNYsANgX+D3d88DDNacpEPXmG 39 | Jcl8Gc4KkuMVXSQR/9iVOxxbpyKfoBLuFO0wGDcd7gUn9XMoPG7iTt7BY3XiDQ1a 40 | Y4tyPQKCAQEAjDySj1evGdbyfxvcvaX00kLEleOJ5QwLm/frRgOQiplWyvCJHIKl 41 | Uqww5qBIMryyFmO+lr8Jbn3Y2PdPgNJApajd+s9+rXAK//5QP6ZHyIWtP3m6iBTJ 42 | yNEOjps5OAN7vKC3H3yzwt1sPHxFN+/35Z7iIjf87rZB94YPGjg5IeqTVkW4s2zb 43 | 7NFLh4Owsvt0ZYDiCzjkjZM5gwFIbVYCUj4ri7pBt5IFGpA50q5saHvn/HRunupe 44 | pnv2Bfb5l0+kd8t/f5M5FVWdIjgluuZEVdcy6uEaqJ0sdi1yCPP9N1Olgi2fNtvk 45 | Lo/QbMWubLzKSZD6/3qWjYdKNLJ74AQzywKCAQEAxHLfZajXY4YYz1BXbsSQrzqq 46 | 7bgnZaXIsgK03McCrt5XQY7ghLF9j2w/rQLrvFA5pMZ8x6GKmoy95i6FGHm7i4rd 47 | Cu40r2tRUC5IugVxfa2/MUC4v94JjecwkozwgD0SPGwIQVyBDjewTeoQNXRUYZ/I 48 | hR/fOhfbcpPl9Z/EIkIy5qbCJxzNxG0L3sKMjSlywfC0yazyoaraNtdslHhHO+IP 49 | rwJTkcFBJ3zf3oYYfRJAzAs0IAfUL5XgQUnNarC8uExCjtcs6TAhNEkoopcvVwAM 50 | GV1Yd6yBQHcbi55KeCKYklG7YpX5nqTV5Sk3sTNeUPBcKMS+Mryry8yoTUtCQQ== 51 | -----END RSA PRIVATE KEY----- 52 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline-ta.pem: -------------------------------------------------------------------------------- 1 | # 2 | # 2048 bit OpenVPN static key 3 | # 4 | -----BEGIN OpenVPN Static key V1----- 5 | 378e209d0fe8efe398afa86bdb19b9a8 6 | f9cc3ae06e42f9468f97d81724101046 7 | 1722e4888756212c05dd0e9341e28388 8 | aa6f1ea6fbb46779a2e1ce6db1fcef47 9 | 69bd0266c9e14f02a2f19760e77d2f71 10 | 59f6e96769bcc09eda1786adbbd51a50 11 | f027a829b0a71106b01a046972b1cd20 12 | 41774be1515f81e8760da576077f543d 13 | 75d6deb92c9bfd7760a12b0f05938e7d 14 | 63fc0c663cdbb623d3f45fcfcbc2009c 15 | 1fc36c7b8ecc147462fb7c8747676574 16 | 3b7bd0d6a89aa90514d453b9f1b92e22 17 | 57bb24180cd867357131ac9972f118b8 18 | d4cebc0da588fed8ec73b9b9be86962d 19 | 1a28946996a012767fae84851c126bab 20 | 65fee86c5e72d11c6d10c01728e33000 21 | -----END OpenVPN Static key V1----- 22 | -------------------------------------------------------------------------------- /properties/tests/conf/tls-inline.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | float 14 | 15 | 16 | # comments are allowed here! 17 | 18 | # and so are empty lines 19 | -----BEGIN CERTIFICATE----- 20 | MIIC9zCCAd+gAwIBAgIJAMiKuqrHoqE2MA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV 21 | BAMMB3Rlc3QtY2EwHhcNMTYwMTIyMTMxNzQ5WhcNMTgxMTExMTMxNzQ5WjASMRAw 22 | DgYDVQQDDAd0ZXN0LWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 23 | pg9t+Tuwi6yU+rGz+TkNMwYMvyAAxImfcclrLDoUxL6pA8qdAEqxtLqeoJaY5pzX 24 | cxBbr6ZgXuBvWF3D6la8D86vLOfP7mJxSiktEVae3Z/RrPuwqX1x/wkQRK4e1o9w 25 | VwTNVka0p2phJUOtALGfufIsHkL54iushxwVJ9NWDrObA9fPIJTfsAyTpBuQgIzm 26 | qb91nn50aF/shSdzRDhvs/BIRh+IIqUtgm5LbwDNz4gZnQRpkL2Ta5wUVc8/+iH9 27 | EY60AbbCtAnji278YT2IeFLCjezH1JwEiccbC3+g4mn2oHsd48cgppDV/tENWAzP 28 | yBjdPxikDYOSg7F4UuA8fQIDAQABo1AwTjAdBgNVHQ4EFgQUIbmxkSfwBRkbgiAM 29 | w+H9ccZnStQwHwYDVR0jBBgwFoAUIbmxkSfwBRkbgiAMw+H9ccZnStQwDAYDVR0T 30 | BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAjTsHpzg1zOI9z7CxYy66XLOMA/tO 31 | Vy6i1lqtwHsOn540y91W1dkpNe1DxI3qbWedAsEvgjCwgmBNI5Za6d48ot4vqx7j 32 | ItWtfJFCtX6LRKkLR97yR6ZeqdcnuZuc0hnofo0NDhbUa8RAaHuVLIgMqn3L/ET4 33 | HmO3GpQ81Y4pWqQCPbWbQIwGQ3gBBcfn8+g3Q5GZ0r2oCYGl7QlDvZnbLn1frDrV 34 | ALPX6sA/1Fzx+VFMdwJFuhupZYXTA+NSiPu4mqGkedQwzdeQRyStlYo51hi5Af2B 35 | LZR3iq5pNe7DW2YaqcSdQsrFVl3y5btaw/+R2lyZtiStTMGA+SphvLn4/w== 36 | -----END CERTIFICATE----- 37 | 38 | 39 | -----BEGIN CERTIFICATE----- 40 | MIIDojCCAooCCQCu+mQn9w/PJDANBgkqhkiG9w0BAQ0FADASMRAwDgYDVQQDDAd0 41 | ZXN0LWNhMB4XDTE2MDEyMjEzMjAwNFoXDTE3MDEyMTEzMjAwNFowFDESMBAGA1UE 42 | AwwJdGVzdC1jZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/dC 43 | /LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjUD03kJJBzrzAnV+EOCg94 44 | 5Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCqcOv+BCMKovuqavlzmN/o 45 | yO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9fdaXb+/DuOlqvLQNHrfm 46 | VnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuYdtarJIcMoOzXN7BmO2XZ 47 | EI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz2R66l3MLCng6dI+2f6sM 48 | duFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTawEnMTW7fvHdZtK7Geqsc 49 | /mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHlsVvDPBk2UBiXicL45jaD 50 | xARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+ZmDm1mfVdGseBjTcrBFbi 51 | ZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/cTV/+SEpzv+o6lROycN/+ 52 | PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuNmo6KfNujcqRqZInkk6HS 53 | BPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEAATANBgkqhkiG9w0BAQ0F 54 | AAOCAQEAkUVsxyanQN1iPW3d17hfZ3o0lmSihZkw396FXP34tGUeIvk2EbFHS1Jy 55 | 3Gh4r1adB5bil0X1GYU8AFPKaM+CqWagyBAYXwX6YaXb1pzFn8Ixw6t0gRoAW9ex 56 | MW4Eduh8JOYi+KkJaXj5SAVDd3ZDCIwW3rN+jIMy2tvnuWW07UW5HvOZ4qRXyOlZ 57 | mqUBgft97uOiVEor8KEhrBzgGzT72ELOykzZGWEuWWy0ytbPrAc+XyodvylvAGzR 58 | lj74pDerwl/oUl80vRgEl8M1o4nGdoe17SfaGhD7MP+YD2HmY2kTCw8ks70KBpxJ 59 | nCtKkguacJwDtUeh2jpbXZKBQAgqkw== 60 | -----END CERTIFICATE----- 61 | 62 | 63 | -----BEGIN RSA PRIVATE KEY----- 64 | MIIJKgIBAAKCAgEAv/dC/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjU 65 | D03kJJBzrzAnV+EOCg945Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCq 66 | cOv+BCMKovuqavlzmN/oyO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9 67 | fdaXb+/DuOlqvLQNHrfmVnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuY 68 | dtarJIcMoOzXN7BmO2XZEI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz 69 | 2R66l3MLCng6dI+2f6sMduFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTa 70 | wEnMTW7fvHdZtK7Geqsc/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHl 71 | sVvDPBk2UBiXicL45jaDxARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+Z 72 | mDm1mfVdGseBjTcrBFbiZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/c 73 | TV/+SEpzv+o6lROycN/+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuN 74 | mo6KfNujcqRqZInkk6HSBPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEA 75 | AQKCAgAlSagvYjiA7vgl5wK5MwWgwGSLc/6jYp3w0t0dRQlSQ4sIlVWLq3uXRp/R 76 | 9a6OuV56wcqf2c9QYSRAxNKOXkWr6HleEOYLWCcY0NzR6sOsRWSvESbKTGzI7O2R 77 | /wR5Rv8XQNb8wJV4uofSVBtZhG3V+j5ZSqHoOCvo1iYXdgPVwUiOPlf264n66j3A 78 | W0aqZObvgpUxUfZkafqUkyKJZQgaUxZxefsQc6rP7Twa8AamSKOjBB53ZvdTXxAq 79 | 6hZb8N3Kx9vEBV7tzmF9KNi+D5NoMZv55X86xQfZoBvodV9cpeKL/5CLKhbgeC46 80 | 2GOyZH/0iIshRF2kgF1UGzkQqsjzF2YPAgIXYA5nCSln/qf9Xt9/iXzMvkEsD94J 81 | SGxPrjoNpcd0JXsQRiEuxJnQUZrFlP1egFC1sHmGDt9NJ2T1nGFGeaX0yfpjwo8o 82 | wSqYC4/fzFwED80OFNujWQBKeposBztzmYviSh/ls+lAXFPSki+UTld9XmI5Ju/6 83 | 6yMiORUVGNa+/Swc5ymXcbgD0x5lZtDtx7pAkkZJE7apdUTZWo9xgi9/WnBzZozE 84 | PEVVZjmnU7xfcxK2YQbgS5eAAScuh6T+Np4wBJinqdZpoTy33cNu4hquGMAvtfhZ 85 | MHQJ9mQb0ZzrYKYTqC/dCJmHcKozpoRlXExtkKKS1Uu6wCJmsQKCAQEA+L2M2Pb7 86 | O4vyJle0TVRi6T4s337T9JLXbyPXlD5KBF3VD3S4Wc1eks7oeORE20JeI4WdWbbI 87 | 5lF+fZCo7Uwok2SZDbdgVK5NeBl7P2eDWAOTTR+mcZ7XWhR5TD2Nu1fU1AagSnIH 88 | ac+q94vltojt8bGd0+wGPVr1jsUr/uWzS8dCuAttuXl2cgKO2rc1c6AkWGXX1W7d 89 | H283HoFHwbpeulTL0pULD5pFQtDwS1NI+T4Rr/E9lmm3V2/XZS06UklFA/C0ZpE4 90 | atVXWNPWkObeZP8U84h66jUisO40cHTSQRj6+0dqEYECmmDX1bOIkxGAPfdjhOgd 91 | VNYMQljpyIaKNQKCAQEAxZGGCgn/Ab6oX77R89/8QlJJlJcz5zl+qmKfdVCV2d+p 92 | B7TIlXEMwgxyGzmYQrmPGpLcolRGn+JHi43/8hkGegjhS9jCh5ndRoTQVlMxczR7 93 | aJH/fh9YVuvIl7hTiIUbuEklbYnuh9tSfGJtZG7gSICjx3YnKgMNbpMRrA00NX0h 94 | qtQS6kE1X4CjNIi4i6uUHziFJ3127kBN9WTzph1DhO5F9IfH91j+qnuzkQlKLoDP 95 | DTnv9dXuhAjOy87ugdNYrgfdlt9Jm36lY9x+WLiuRg1gdCj+6hGxZpgkAO+Hsqcc 96 | 0aRyVevBFGk8eiMSkHmMN1XeT/gb0w+DCO90iuCahwKCAQEAvQX2oe5WjzLTSrX9 97 | i4JkRBF+sjzEP6jTVF8tdTc8skLIJZ2ydnPtuazI1w3JEcJGncHtCH8x/mzRrgQf 98 | i20DrLaW5OiEqPVoY6shkNZN5rWY29QAfXmS9551ay2fpk2hq5p5dvlejtdEeify 99 | 4hr+j1xFrwU+3KNh1iQaQfM2pJCBMDFnKbqW+x7chnMRiJOa6x5Bva0pFrlCbskZ 100 | yauiTwEffyDKLgozNgpngSaCXv3/HPA7uDEQJb8VNYsANgX+D3d88DDNacpEPXmG 101 | Jcl8Gc4KkuMVXSQR/9iVOxxbpyKfoBLuFO0wGDcd7gUn9XMoPG7iTt7BY3XiDQ1a 102 | Y4tyPQKCAQEAjDySj1evGdbyfxvcvaX00kLEleOJ5QwLm/frRgOQiplWyvCJHIKl 103 | Uqww5qBIMryyFmO+lr8Jbn3Y2PdPgNJApajd+s9+rXAK//5QP6ZHyIWtP3m6iBTJ 104 | yNEOjps5OAN7vKC3H3yzwt1sPHxFN+/35Z7iIjf87rZB94YPGjg5IeqTVkW4s2zb 105 | 7NFLh4Owsvt0ZYDiCzjkjZM5gwFIbVYCUj4ri7pBt5IFGpA50q5saHvn/HRunupe 106 | pnv2Bfb5l0+kd8t/f5M5FVWdIjgluuZEVdcy6uEaqJ0sdi1yCPP9N1Olgi2fNtvk 107 | Lo/QbMWubLzKSZD6/3qWjYdKNLJ74AQzywKCAQEAxHLfZajXY4YYz1BXbsSQrzqq 108 | 7bgnZaXIsgK03McCrt5XQY7ghLF9j2w/rQLrvFA5pMZ8x6GKmoy95i6FGHm7i4rd 109 | Cu40r2tRUC5IugVxfa2/MUC4v94JjecwkozwgD0SPGwIQVyBDjewTeoQNXRUYZ/I 110 | hR/fOhfbcpPl9Z/EIkIy5qbCJxzNxG0L3sKMjSlywfC0yazyoaraNtdslHhHO+IP 111 | rwJTkcFBJ3zf3oYYfRJAzAs0IAfUL5XgQUnNarC8uExCjtcs6TAhNEkoopcvVwAM 112 | GV1Yd6yBQHcbi55KeCKYklG7YpX5nqTV5Sk3sTNeUPBcKMS+Mryry8yoTUtCQQ== 113 | -----END RSA PRIVATE KEY----- 114 | 115 | 116 | key-direction 1 117 | 118 | # 119 | # 2048 bit OpenVPN static key 120 | # 121 | -----BEGIN OpenVPN Static key V1----- 122 | 378e209d0fe8efe398afa86bdb19b9a8 123 | f9cc3ae06e42f9468f97d81724101046 124 | 1722e4888756212c05dd0e9341e28388 125 | aa6f1ea6fbb46779a2e1ce6db1fcef47 126 | 69bd0266c9e14f02a2f19760e77d2f71 127 | 59f6e96769bcc09eda1786adbbd51a50 128 | f027a829b0a71106b01a046972b1cd20 129 | 41774be1515f81e8760da576077f543d 130 | 75d6deb92c9bfd7760a12b0f05938e7d 131 | 63fc0c663cdbb623d3f45fcfcbc2009c 132 | 1fc36c7b8ecc147462fb7c8747676574 133 | 3b7bd0d6a89aa90514d453b9f1b92e22 134 | 57bb24180cd867357131ac9972f118b8 135 | d4cebc0da588fed8ec73b9b9be86962d 136 | 1a28946996a012767fae84851c126bab 137 | 65fee86c5e72d11c6d10c01728e33000 138 | -----END OpenVPN Static key V1----- 139 | 140 | 141 | 142 | -----BEGIN X509 CRL----- 143 | MIHxMFwwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKT3BlblZQTiBDQRcNMTQw 144 | NDIyMDQzOTI3WhcNMjQwNDE5MDQzOTI3WjAWMBQCAQEYDzIwMTQwNDIyMDQzOTI3 145 | WjANBgkqhkiG9w0BAQQFAAOBgQBQXzbNjXkx8+/TeG8qbFQD5wd6wOTe8HnypQTt 146 | eELsI7eyNtiRRhJD3qKfawPVUabSijnwhAPHfhoIOLKe67RLfzOwAsFKPNJAVdmq 147 | rYw1t2eucHvGjH8PnTh0aJPJaI67jmNbSI4CnHNcRgZ+1ow1GS+RAK7kotS+dZz9 148 | 0tc7Qw== 149 | -----END X509 CRL----- 150 | 151 | 152 | remote-cert-tls server 153 | tls-remote "/CN=myvpn.company.com" 154 | 155 | compress lz4-v2 156 | verb 3 157 | 158 | -------------------------------------------------------------------------------- /properties/tests/conf/tls.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | float 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-auth keys/46.key 20 | remote-cert-tls server 21 | tls-remote "/CN=myvpn.company.com" 22 | verify-x509-name "C=US, L=Cambridge, CN=GNOME, emailAddress=networkmanager-list@gnome.org" subject 23 | 24 | key-direction 1 25 | 26 | comp-lzo no 27 | verb 3 28 | 29 | -------------------------------------------------------------------------------- /properties/tests/conf/tls2.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | float 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-crypt keys/46.key 20 | remote-cert-tls server 21 | tls-remote "/CN=myvpn.company.com" 22 | verify-x509-name "C=US, L=Cambridge, CN=GNOME, emailAddress=networkmanager-list@gnome.org" subject 23 | 24 | compress lz4 25 | verb 3 26 | 27 | -------------------------------------------------------------------------------- /properties/tests/conf/tls3.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | float 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-crypt keys/46.key 20 | remote-cert-tls server 21 | tls-remote "/CN=myvpn.company.com" 22 | verify-x509-name "C=US, L=Cambridge, CN=GNOME, emailAddress=networkmanager-list@gnome.org" subject 23 | 24 | comp-lzo 25 | verb 3 26 | 27 | tls-version-min 1.0 28 | tls-version-max 1.2 -------------------------------------------------------------------------------- /properties/tests/conf/tls4.ovpn: -------------------------------------------------------------------------------- 1 | remote 173.8.149.245 1194 2 | resolv-retry infinite 3 | 4 | dev tun 5 | persist-key 6 | persist-tun 7 | link-mtu 1400 8 | proto udp 9 | nobind 10 | pull 11 | tls-client 12 | 13 | float 14 | 15 | ca keys/mg8.ca 16 | cert keys/clee.crt 17 | key keys/clee.key 18 | 19 | tls-crypt-v2 keys/46.key 20 | remote-cert-tls server 21 | tls-remote "/CN=myvpn.company.com" 22 | verify-x509-name "C=US, L=Cambridge, CN=GNOME, emailAddress=networkmanager-list@gnome.org" subject 23 | 24 | comp-lzo 25 | verb 3 26 | 27 | tls-version-min 1.0 28 | tls-version-max 1.2 29 | -------------------------------------------------------------------------------- /properties/tests/conf/tun-opts.conf: -------------------------------------------------------------------------------- 1 | client 2 | dev tun 3 | 4 | proto udp 5 | topology subnet 6 | 7 | tun-mtu 1300 8 | mssfix 9 | fragment 1200 10 | 11 | rport 2352 12 | remote test.server.com 443 13 | nobind 14 | persist-key 15 | persist-tun 16 | user openvpn 17 | group openvpn 18 | 19 | 20 | ca cacert.pem 21 | cipher AES-256-CBC 22 | reneg-sec 0 23 | 24 | auth-user-pass 25 | auth-nocache 26 | 27 | ping 30 28 | ping-exit 120 29 | 30 | # random comment 31 | 32 | script-security 2 33 | 34 | 35 | -------------------------------------------------------------------------------- /shared/README: -------------------------------------------------------------------------------- 1 | The files in the "shared/" directory are used by all components 2 | inside the VPN plugin repository (src, properties, auth-dialog). 3 | 4 | The files in shared/nm-utils are copied from NetworkManager 5 | repository and used as is: 6 | Do *not* modify these files locally so that they don't diverge 7 | from their original. Fix/extend them in their respective origin 8 | first, and re-import the files as a whole. 9 | 10 | -------------------------------------------------------------------------------- /shared/nm-default.h: -------------------------------------------------------------------------------- 1 | /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ 2 | /* NetworkManager -- Network link manager 3 | * 4 | * This library is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU Lesser General Public 6 | * License as published by the Free Software Foundation; either 7 | * version 2 of the License, or (at your option) any later version. 8 | * 9 | * This library is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 | * Lesser General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU Lesser General Public 15 | * License along with this library; if not, write to the 16 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 17 | * Boston, MA 02110-1301 USA. 18 | * 19 | * (C) Copyright 2015 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef __NM_DEFAULT_H__ 23 | #define __NM_DEFAULT_H__ 24 | 25 | /* makefiles define NETWORKMANAGER_COMPILATION for compiling NetworkManager. 26 | * Depending on which parts are compiled, different values are set. */ 27 | #define NM_NETWORKMANAGER_COMPILATION_DEFAULT 0x0001 28 | #define NM_NETWORKMANAGER_COMPILATION_LIB_BASE 0x0002 29 | #define NM_NETWORKMANAGER_COMPILATION_LIB_EDITOR 0x0004 30 | #define NM_NETWORKMANAGER_COMPILATION_LIB (0x0002 | 0x0004) 31 | 32 | /* special flag, to indicate that we build a legacy library. That is, we link against 33 | * deprecated libnm-util/libnm-glib instead against libnm. */ 34 | #define NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL 0x0010 35 | 36 | /*****************************************************************************/ 37 | 38 | #include 39 | 40 | /* always include these headers for our internal source files. */ 41 | 42 | #include "nm-utils/nm-macros-internal.h" 43 | 44 | #include "nm-version.h" 45 | #include "nm-service-defines.h" 46 | 47 | /*****************************************************************************/ 48 | 49 | #if ((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_LIB) 50 | 51 | #include 52 | 53 | #else 54 | 55 | #include 56 | 57 | #endif /* NM_NETWORKMANAGER_COMPILATION_LIB */ 58 | 59 | /*****************************************************************************/ 60 | 61 | #if ((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL) 62 | 63 | #define NM_VPN_LIBNM_COMPAT 64 | #include 65 | #include 66 | #include 67 | #include 68 | #include 69 | #include 70 | #include 71 | 72 | #define nm_simple_connection_new nm_connection_new 73 | #define NM_SETTING_IP_CONFIG NM_SETTING_IP4_CONFIG 74 | #define NM_SETTING_IP_CONFIG_METHOD NM_SETTING_IP4_CONFIG_METHOD 75 | #define NM_SETTING_IP_CONFIG_NEVER_DEFAULT NM_SETTING_IP4_CONFIG_NEVER_DEFAULT 76 | #define NMSettingIPConfig NMSettingIP4Config 77 | 78 | #define NMV_EDITOR_PLUGIN_ERROR NM_SETTING_VPN_ERROR 79 | #define NMV_EDITOR_PLUGIN_ERROR_FAILED NM_SETTING_VPN_ERROR_UNKNOWN 80 | #define NMV_EDITOR_PLUGIN_ERROR_INVALID_PROPERTY NM_SETTING_VPN_ERROR_INVALID_PROPERTY 81 | #define NMV_EDITOR_PLUGIN_ERROR_MISSING_PROPERTY NM_SETTING_VPN_ERROR_MISSING_PROPERTY 82 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_VPN NM_SETTING_VPN_ERROR_UNKNOWN 83 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_READABLE NM_SETTING_VPN_ERROR_UNKNOWN 84 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_INVALID NM_SETTING_VPN_ERROR_UNKNOWN 85 | 86 | #define _nm_utils_is_valid_iface_name(n) nm_utils_iface_valid_name(n) 87 | 88 | #else /* NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL */ 89 | 90 | #include 91 | 92 | #define NMV_EDITOR_PLUGIN_ERROR NM_CONNECTION_ERROR 93 | #define NMV_EDITOR_PLUGIN_ERROR_FAILED NM_CONNECTION_ERROR_FAILED 94 | #define NMV_EDITOR_PLUGIN_ERROR_INVALID_PROPERTY NM_CONNECTION_ERROR_INVALID_PROPERTY 95 | #define NMV_EDITOR_PLUGIN_ERROR_MISSING_PROPERTY NM_CONNECTION_ERROR_MISSING_PROPERTY 96 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_VPN NM_CONNECTION_ERROR_FAILED 97 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_READABLE NM_CONNECTION_ERROR_FAILED 98 | #define NMV_EDITOR_PLUGIN_ERROR_FILE_INVALID NM_CONNECTION_ERROR_FAILED 99 | 100 | #define _nm_utils_is_valid_iface_name(n) nm_utils_is_valid_iface_name(n, NULL) 101 | 102 | #endif /* NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL */ 103 | 104 | /*****************************************************************************/ 105 | 106 | #if (NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_LIB_EDITOR 107 | 108 | #if ((NETWORKMANAGER_COMPILATION) & NM_NETWORKMANAGER_COMPILATION_WITH_LIBNM_UTIL) 109 | #include 110 | #include 111 | #else 112 | #include 113 | #include 114 | #endif 115 | 116 | #endif /* NM_NETWORKMANAGER_COMPILATION_LIB_EDITOR */ 117 | 118 | /*****************************************************************************/ 119 | 120 | #endif /* __NM_DEFAULT_H__ */ 121 | -------------------------------------------------------------------------------- /shared/nm-service-defines.h: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * This program is free software; you can redistribute it and/or modify 5 | * it under the terms of the GNU General Public License as published by 6 | * the Free Software Foundation; either version 2 of the License, or 7 | * (at your option) any later version. 8 | * 9 | * This program is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | * GNU General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU General Public License along 15 | * with this program; if not, write to the Free Software Foundation, Inc., 16 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 17 | * 18 | * Copyright (C) 2005 - 2008 Tim Niemueller 19 | * Copyright (C) 2005 - 2008 Dan Williams 20 | * Copyright (C) 2010 - 2018 Red Hat, Inc. 21 | */ 22 | 23 | #ifndef __NM_SERVICE_DEFINES_H__ 24 | #define __NM_SERVICE_DEFINES_H__ 25 | 26 | #define NM_VPN_SERVICE_TYPE_OPENVPN "org.freedesktop.NetworkManager.openvpn" 27 | 28 | #define NM_DBUS_SERVICE_OPENVPN "org.freedesktop.NetworkManager.openvpn" 29 | #define NM_DBUS_INTERFACE_OPENVPN "org.freedesktop.NetworkManager.openvpn" 30 | #define NM_DBUS_PATH_OPENVPN "/org/freedesktop/NetworkManager/openvpn" 31 | 32 | #define NM_OPENVPN_KEY_ALLOW_PULL_FQDN "allow-pull-fqdn" 33 | #define NM_OPENVPN_KEY_AUTH "auth" 34 | #define NM_OPENVPN_KEY_CA "ca" 35 | #define NM_OPENVPN_KEY_CERT "cert" 36 | #define NM_OPENVPN_KEY_CIPHER "cipher" 37 | #define NM_OPENVPN_KEY_COMPRESS "compress" 38 | #define NM_OPENVPN_KEY_COMP_LZO "comp-lzo" 39 | #define NM_OPENVPN_KEY_CONNECTION_TYPE "connection-type" 40 | #define NM_OPENVPN_KEY_CONNECT_TIMEOUT "connect-timeout" 41 | #define NM_OPENVPN_KEY_CRL_VERIFY_FILE "crl-verify-file" 42 | #define NM_OPENVPN_KEY_CRL_VERIFY_DIR "crl-verify-dir" 43 | #define NM_OPENVPN_KEY_DEV "dev" 44 | #define NM_OPENVPN_KEY_DEV_TYPE "dev-type" 45 | #define NM_OPENVPN_KEY_EXTRA_CERTS "extra-certs" 46 | #define NM_OPENVPN_KEY_FLOAT "float" 47 | #define NM_OPENVPN_KEY_NCP_DISABLE "ncp-disable" 48 | #define NM_OPENVPN_KEY_FRAGMENT_SIZE "fragment-size" 49 | #define NM_OPENVPN_KEY_HTTP_PROXY_USERNAME "http-proxy-username" 50 | #define NM_OPENVPN_KEY_KEY "key" 51 | #define NM_OPENVPN_KEY_KEYSIZE "keysize" 52 | #define NM_OPENVPN_KEY_LOCAL_IP "local-ip" /* ??? */ 53 | #define NM_OPENVPN_KEY_MAX_ROUTES "max-routes" 54 | #define NM_OPENVPN_KEY_MSSFIX "mssfix" 55 | #define NM_OPENVPN_KEY_MTU_DISC "mtu-disc" 56 | #define NM_OPENVPN_KEY_NS_CERT_TYPE "ns-cert-type" 57 | #define NM_OPENVPN_KEY_PING "ping" 58 | #define NM_OPENVPN_KEY_PING_EXIT "ping-exit" 59 | #define NM_OPENVPN_KEY_PING_RESTART "ping-restart" 60 | #define NM_OPENVPN_KEY_PORT "port" 61 | #define NM_OPENVPN_KEY_PROTO_TCP "proto-tcp" 62 | #define NM_OPENVPN_KEY_PROXY_PORT "proxy-port" 63 | #define NM_OPENVPN_KEY_PROXY_RETRY "proxy-retry" 64 | #define NM_OPENVPN_KEY_PROXY_SERVER "proxy-server" 65 | #define NM_OPENVPN_KEY_PROXY_TYPE "proxy-type" 66 | #define NM_OPENVPN_KEY_PUSH_PEER_INFO "push-peer-info" 67 | #define NM_OPENVPN_KEY_REMOTE "remote" 68 | #define NM_OPENVPN_KEY_REMOTE_CERT_TLS "remote-cert-tls" 69 | #define NM_OPENVPN_KEY_REMOTE_IP "remote-ip" 70 | #define NM_OPENVPN_KEY_REMOTE_RANDOM "remote-random" 71 | #define NM_OPENVPN_KEY_REMOTE_RANDOM_HOSTNAME "remote-random-hostname" 72 | #define NM_OPENVPN_KEY_RENEG_SECONDS "reneg-seconds" 73 | #define NM_OPENVPN_KEY_STATIC_KEY "static-key" 74 | #define NM_OPENVPN_KEY_STATIC_KEY_DIRECTION "static-key-direction" 75 | #define NM_OPENVPN_KEY_TA "ta" 76 | #define NM_OPENVPN_KEY_TAP_DEV "tap-dev" 77 | #define NM_OPENVPN_KEY_TA_DIR "ta-dir" 78 | #define NM_OPENVPN_KEY_TLS_CIPHER "tls-cipher" 79 | #define NM_OPENVPN_KEY_TLS_CRYPT "tls-crypt" 80 | #define NM_OPENVPN_KEY_TLS_CRYPT_V2 "tls-crypt-v2" 81 | #define NM_OPENVPN_KEY_TLS_REMOTE "tls-remote" 82 | #define NM_OPENVPN_KEY_TLS_VERSION_MIN "tls-version-min" 83 | #define NM_OPENVPN_KEY_TLS_VERSION_MAX "tls-version-max" 84 | #define NM_OPENVPN_KEY_TUNNEL_MTU "tunnel-mtu" 85 | #define NM_OPENVPN_KEY_TUN_IPV6 "tun-ipv6" 86 | #define NM_OPENVPN_KEY_USERNAME "username" 87 | #define NM_OPENVPN_KEY_VERIFY_X509_NAME "verify-x509-name" 88 | 89 | #define NM_OPENVPN_KEY_PASSWORD "password" 90 | #define NM_OPENVPN_KEY_CERTPASS "cert-pass" 91 | #define NM_OPENVPN_KEY_HTTP_PROXY_PASSWORD "http-proxy-password" 92 | 93 | #define NM_OPENVPN_KEY_PASSWORD_FLAGS "password-flags" 94 | #define NM_OPENVPN_KEY_CERTPASS_FLAGS "cert-pass-flags" 95 | #define NM_OPENVPN_KEY_HTTP_PROXY_PASSWORD_FLAGS "http-proxy-password-flags" 96 | 97 | 98 | /* Internal auth-dialog -> service token indicating that no secrets are 99 | * required for the connection. 100 | */ 101 | #define NM_OPENVPN_KEY_NOSECRET "no-secret" 102 | 103 | 104 | #define NM_OPENVPN_AUTH_MD5 "MD5" 105 | #define NM_OPENVPN_AUTH_NONE "none" 106 | #define NM_OPENVPN_AUTH_RIPEMD160 "RIPEMD160" 107 | #define NM_OPENVPN_AUTH_RSA_MD4 "RSA-MD4" 108 | #define NM_OPENVPN_AUTH_SHA1 "SHA1" 109 | #define NM_OPENVPN_AUTH_SHA224 "SHA224" 110 | #define NM_OPENVPN_AUTH_SHA256 "SHA256" 111 | #define NM_OPENVPN_AUTH_SHA384 "SHA384" 112 | #define NM_OPENVPN_AUTH_SHA512 "SHA512" 113 | 114 | #define NM_OPENVPN_CONTYPE_PASSWORD "password" 115 | #define NM_OPENVPN_CONTYPE_PASSWORD_TLS "password-tls" 116 | #define NM_OPENVPN_CONTYPE_STATIC_KEY "static-key" 117 | #define NM_OPENVPN_CONTYPE_TLS "tls" 118 | 119 | /* arguments of "--remote-cert-tls" */ 120 | #define NM_OPENVPN_REM_CERT_TLS_CLIENT "client" 121 | #define NM_OPENVPN_REM_CERT_TLS_SERVER "server" 122 | 123 | /* arguments of "--ns-cert-type" */ 124 | #define NM_OPENVPN_NS_CERT_TYPE_CLIENT "client" 125 | #define NM_OPENVPN_NS_CERT_TYPE_SERVER "server" 126 | 127 | /* possible types for verify-x509-name */ 128 | #define NM_OPENVPN_VERIFY_X509_NAME_TYPE_NAME "name" 129 | #define NM_OPENVPN_VERIFY_X509_NAME_TYPE_NAME_PREFIX "name-prefix" 130 | #define NM_OPENVPN_VERIFY_X509_NAME_TYPE_SUBJECT "subject" 131 | 132 | /* User name and group to run nm-openvpn-service under */ 133 | #define NM_OPENVPN_USER "nm-openvpn" 134 | #define NM_OPENVPN_GROUP "nm-openvpn" 135 | #define NM_OPENVPN_CHROOT LOCALSTATEDIR "/lib/openvpn/chroot" 136 | 137 | #endif /* __NM_SERVICE_DEFINES_H__ */ 138 | -------------------------------------------------------------------------------- /shared/nm-utils/gsystem-local-alloc.h: -------------------------------------------------------------------------------- 1 | /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- 2 | * 3 | * Copyright (C) 2012 Colin Walters . 4 | * 5 | * This library is free software; you can redistribute it and/or 6 | * modify it under the terms of the GNU Lesser General Public 7 | * License as published by the Free Software Foundation; either 8 | * version 2 of the License, or (at your option) any later version. 9 | * 10 | * This library is distributed in the hope that it will be useful, 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 | * Lesser General Public License for more details. 14 | * 15 | * You should have received a copy of the GNU Lesser General Public 16 | * License along with this library; if not, write to the 17 | * Free Software Foundation, Inc., 59 Temple Place - Suite 330, 18 | * Boston, MA 02111-1307, USA. 19 | */ 20 | 21 | #ifndef __GSYSTEM_LOCAL_ALLOC_H__ 22 | #define __GSYSTEM_LOCAL_ALLOC_H__ 23 | 24 | #include 25 | 26 | G_BEGIN_DECLS 27 | 28 | #define GS_DEFINE_CLEANUP_FUNCTION(Type, name, func) \ 29 | static inline void name (void *v) \ 30 | { \ 31 | func (*(Type*)v); \ 32 | } 33 | 34 | #define GS_DEFINE_CLEANUP_FUNCTION0(Type, name, func) \ 35 | static inline void name (void *v) \ 36 | { \ 37 | if (*(Type*)v) \ 38 | func (*(Type*)v); \ 39 | } 40 | 41 | /* These functions shouldn't be invoked directly; 42 | * they are stubs that: 43 | * 1) Take a pointer to the location (typically itself a pointer). 44 | * 2) Provide %NULL-safety where it doesn't exist already (e.g. g_object_unref) 45 | */ 46 | 47 | /** 48 | * gs_free: 49 | * 50 | * Call g_free() on a variable location when it goes out of scope. 51 | */ 52 | #define gs_free __attribute__ ((cleanup(gs_local_free))) 53 | GS_DEFINE_CLEANUP_FUNCTION(void*, gs_local_free, g_free) 54 | 55 | /** 56 | * gs_unref_object: 57 | * 58 | * Call g_object_unref() on a variable location when it goes out of 59 | * scope. Note that unlike g_object_unref(), the variable may be 60 | * %NULL. 61 | */ 62 | #define gs_unref_object __attribute__ ((cleanup(gs_local_obj_unref))) 63 | GS_DEFINE_CLEANUP_FUNCTION0(GObject*, gs_local_obj_unref, g_object_unref) 64 | 65 | /** 66 | * gs_unref_variant: 67 | * 68 | * Call g_variant_unref() on a variable location when it goes out of 69 | * scope. Note that unlike g_variant_unref(), the variable may be 70 | * %NULL. 71 | */ 72 | #define gs_unref_variant __attribute__ ((cleanup(gs_local_variant_unref))) 73 | GS_DEFINE_CLEANUP_FUNCTION0(GVariant*, gs_local_variant_unref, g_variant_unref) 74 | 75 | /** 76 | * gs_free_variant_iter: 77 | * 78 | * Call g_variant_iter_free() on a variable location when it goes out of 79 | * scope. 80 | */ 81 | #define gs_free_variant_iter __attribute__ ((cleanup(gs_local_variant_iter_free))) 82 | GS_DEFINE_CLEANUP_FUNCTION0(GVariantIter*, gs_local_variant_iter_free, g_variant_iter_free) 83 | 84 | /** 85 | * gs_free_variant_builder: 86 | * 87 | * Call g_variant_builder_unref() on a variable location when it goes out of 88 | * scope. 89 | */ 90 | #define gs_unref_variant_builder __attribute__ ((cleanup(gs_local_variant_builder_unref))) 91 | GS_DEFINE_CLEANUP_FUNCTION0(GVariantBuilder*, gs_local_variant_builder_unref, g_variant_builder_unref) 92 | 93 | /** 94 | * gs_unref_array: 95 | * 96 | * Call g_array_unref() on a variable location when it goes out of 97 | * scope. Note that unlike g_array_unref(), the variable may be 98 | * %NULL. 99 | 100 | */ 101 | #define gs_unref_array __attribute__ ((cleanup(gs_local_array_unref))) 102 | GS_DEFINE_CLEANUP_FUNCTION0(GArray*, gs_local_array_unref, g_array_unref) 103 | 104 | /** 105 | * gs_unref_ptrarray: 106 | * 107 | * Call g_ptr_array_unref() on a variable location when it goes out of 108 | * scope. Note that unlike g_ptr_array_unref(), the variable may be 109 | * %NULL. 110 | 111 | */ 112 | #define gs_unref_ptrarray __attribute__ ((cleanup(gs_local_ptrarray_unref))) 113 | GS_DEFINE_CLEANUP_FUNCTION0(GPtrArray*, gs_local_ptrarray_unref, g_ptr_array_unref) 114 | 115 | /** 116 | * gs_unref_hashtable: 117 | * 118 | * Call g_hash_table_unref() on a variable location when it goes out 119 | * of scope. Note that unlike g_hash_table_unref(), the variable may 120 | * be %NULL. 121 | */ 122 | #define gs_unref_hashtable __attribute__ ((cleanup(gs_local_hashtable_unref))) 123 | GS_DEFINE_CLEANUP_FUNCTION0(GHashTable*, gs_local_hashtable_unref, g_hash_table_unref) 124 | 125 | /** 126 | * gs_free_list: 127 | * 128 | * Call g_list_free() on a variable location when it goes out 129 | * of scope. 130 | */ 131 | #define gs_free_list __attribute__ ((cleanup(gs_local_free_list))) 132 | GS_DEFINE_CLEANUP_FUNCTION(GList*, gs_local_free_list, g_list_free) 133 | 134 | /** 135 | * gs_free_slist: 136 | * 137 | * Call g_slist_free() on a variable location when it goes out 138 | * of scope. 139 | */ 140 | #define gs_free_slist __attribute__ ((cleanup(gs_local_free_slist))) 141 | GS_DEFINE_CLEANUP_FUNCTION(GSList*, gs_local_free_slist, g_slist_free) 142 | 143 | /** 144 | * gs_free_checksum: 145 | * 146 | * Call g_checksum_free() on a variable location when it goes out 147 | * of scope. Note that unlike g_checksum_free(), the variable may 148 | * be %NULL. 149 | */ 150 | #define gs_free_checksum __attribute__ ((cleanup(gs_local_checksum_free))) 151 | GS_DEFINE_CLEANUP_FUNCTION0(GChecksum*, gs_local_checksum_free, g_checksum_free) 152 | 153 | /** 154 | * gs_unref_bytes: 155 | * 156 | * Call g_bytes_unref() on a variable location when it goes out 157 | * of scope. Note that unlike g_bytes_unref(), the variable may 158 | * be %NULL. 159 | */ 160 | #define gs_unref_bytes __attribute__ ((cleanup(gs_local_bytes_unref))) 161 | GS_DEFINE_CLEANUP_FUNCTION0(GBytes*, gs_local_bytes_unref, g_bytes_unref) 162 | 163 | /** 164 | * gs_strfreev: 165 | * 166 | * Call g_strfreev() on a variable location when it goes out of scope. 167 | */ 168 | #define gs_strfreev __attribute__ ((cleanup(gs_local_strfreev))) 169 | GS_DEFINE_CLEANUP_FUNCTION(char**, gs_local_strfreev, g_strfreev) 170 | 171 | /** 172 | * gs_free_error: 173 | * 174 | * Call g_error_free() on a variable location when it goes out of scope. 175 | */ 176 | #define gs_free_error __attribute__ ((cleanup(gs_local_free_error))) 177 | GS_DEFINE_CLEANUP_FUNCTION0(GError*, gs_local_free_error, g_error_free) 178 | 179 | /** 180 | * gs_unref_keyfile: 181 | * 182 | * Call g_key_file_unref() on a variable location when it goes out of scope. 183 | */ 184 | #define gs_unref_keyfile __attribute__ ((cleanup(gs_local_keyfile_unref))) 185 | GS_DEFINE_CLEANUP_FUNCTION0(GKeyFile*, gs_local_keyfile_unref, g_key_file_unref) 186 | 187 | static inline void 188 | gs_cleanup_close_fdp (int *fdp) 189 | { 190 | int fd; 191 | 192 | g_assert (fdp); 193 | 194 | fd = *fdp; 195 | if (fd != -1) 196 | (void) close (fd); 197 | } 198 | 199 | /** 200 | * gs_fd_close: 201 | * 202 | * Call close() on a variable location when it goes out of scope. 203 | */ 204 | #define gs_fd_close __attribute__((cleanup(gs_cleanup_close_fdp))) 205 | 206 | G_END_DECLS 207 | 208 | #endif 209 | -------------------------------------------------------------------------------- /shared/nm-utils/nm-glib.h: -------------------------------------------------------------------------------- 1 | /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ 2 | /* 3 | * This program is free software; you can redistribute it and/or modify 4 | * it under the terms of the GNU General Public License as published by 5 | * the Free Software Foundation; either version 2 of the License, or 6 | * (at your option) any later version. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * GNU General Public License for more details. 12 | * 13 | * You should have received a copy of the GNU General Public License along 14 | * with this program; if not, write to the Free Software Foundation, Inc., 15 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 16 | * 17 | * Copyright 2008 - 2018 Red Hat, Inc. 18 | */ 19 | 20 | #ifndef __NM_GLIB_H__ 21 | #define __NM_GLIB_H__ 22 | 23 | /*****************************************************************************/ 24 | 25 | #ifndef __NM_MACROS_INTERNAL_H__ 26 | #error "nm-glib.h requires nm-macros-internal.h. Do not include this directly" 27 | #endif 28 | 29 | /*****************************************************************************/ 30 | 31 | #include 32 | #include 33 | 34 | #include "gsystem-local-alloc.h" 35 | 36 | /*****************************************************************************/ 37 | 38 | #ifdef __clang__ 39 | 40 | #undef G_GNUC_BEGIN_IGNORE_DEPRECATIONS 41 | #undef G_GNUC_END_IGNORE_DEPRECATIONS 42 | 43 | #define G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 44 | _Pragma("clang diagnostic push") \ 45 | _Pragma("clang diagnostic ignored \"-Wdeprecated-declarations\"") 46 | 47 | #define G_GNUC_END_IGNORE_DEPRECATIONS \ 48 | _Pragma("clang diagnostic pop") 49 | 50 | #endif 51 | 52 | /*****************************************************************************/ 53 | 54 | static inline void 55 | __g_type_ensure (GType type) 56 | { 57 | #if !GLIB_CHECK_VERSION(2,34,0) 58 | if (G_UNLIKELY (type == (GType)-1)) 59 | g_error ("can't happen"); 60 | #else 61 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS; 62 | g_type_ensure (type); 63 | G_GNUC_END_IGNORE_DEPRECATIONS; 64 | #endif 65 | } 66 | #define g_type_ensure __g_type_ensure 67 | 68 | /*****************************************************************************/ 69 | 70 | #if !GLIB_CHECK_VERSION(2,34,0) 71 | 72 | #define g_clear_pointer(pp, destroy) \ 73 | G_STMT_START { \ 74 | G_STATIC_ASSERT (sizeof *(pp) == sizeof (gpointer)); \ 75 | /* Only one access, please */ \ 76 | gpointer *_pp = (gpointer *) (pp); \ 77 | gpointer _p; \ 78 | /* This assignment is needed to avoid a gcc warning */ \ 79 | GDestroyNotify _destroy = (GDestroyNotify) (destroy); \ 80 | \ 81 | _p = *_pp; \ 82 | if (_p) \ 83 | { \ 84 | *_pp = NULL; \ 85 | _destroy (_p); \ 86 | } \ 87 | } G_STMT_END 88 | 89 | #endif 90 | 91 | /*****************************************************************************/ 92 | 93 | #if !GLIB_CHECK_VERSION(2,34,0) 94 | 95 | /* These are used to clean up the output of test programs; we can just let 96 | * them no-op in older glib. 97 | */ 98 | #define g_test_expect_message(log_domain, log_level, pattern) 99 | #define g_test_assert_expected_messages() 100 | 101 | #else 102 | 103 | /* We build with -DGLIB_MAX_ALLOWED_VERSION set to 2.32 to make sure we don't 104 | * accidentally use new API that we shouldn't. But we don't want warnings for 105 | * the APIs that we emulate above. 106 | */ 107 | 108 | #define g_test_expect_message(domain, level, format...) \ 109 | G_STMT_START { \ 110 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 111 | g_test_expect_message (domain, level, format); \ 112 | G_GNUC_END_IGNORE_DEPRECATIONS \ 113 | } G_STMT_END 114 | 115 | #define g_test_assert_expected_messages_internal(domain, file, line, func) \ 116 | G_STMT_START { \ 117 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 118 | g_test_assert_expected_messages_internal (domain, file, line, func); \ 119 | G_GNUC_END_IGNORE_DEPRECATIONS \ 120 | } G_STMT_END 121 | 122 | #endif 123 | 124 | /*****************************************************************************/ 125 | 126 | #if GLIB_CHECK_VERSION (2, 35, 0) 127 | /* For glib >= 2.36, g_type_init() is deprecated. 128 | * But since 2.35.1 (7c42ab23b55c43ab96d0ac2124b550bf1f49c1ec) this function 129 | * does nothing. Replace the call with empty statement. */ 130 | #define nm_g_type_init() G_STMT_START { (void) 0; } G_STMT_END 131 | #else 132 | #define nm_g_type_init() G_STMT_START { g_type_init (); } G_STMT_END 133 | #endif 134 | 135 | /*****************************************************************************/ 136 | 137 | /* g_test_initialized() is only available since glib 2.36. */ 138 | #if !GLIB_CHECK_VERSION (2, 36, 0) 139 | #define g_test_initialized() (g_test_config_vars->test_initialized) 140 | #endif 141 | 142 | /*****************************************************************************/ 143 | 144 | /* g_assert_cmpmem() is only available since glib 2.46. */ 145 | #if !GLIB_CHECK_VERSION (2, 45, 7) 146 | #define g_assert_cmpmem(m1, l1, m2, l2) G_STMT_START {\ 147 | gconstpointer __m1 = m1, __m2 = m2; \ 148 | int __l1 = l1, __l2 = l2; \ 149 | if (__l1 != __l2) \ 150 | g_assertion_message_cmpnum (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ 151 | #l1 " (len(" #m1 ")) == " #l2 " (len(" #m2 "))", __l1, "==", __l2, 'i'); \ 152 | else if (memcmp (__m1, __m2, __l1) != 0) \ 153 | g_assertion_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, \ 154 | "assertion failed (" #m1 " == " #m2 ")"); \ 155 | } G_STMT_END 156 | #endif 157 | 158 | /*****************************************************************************/ 159 | 160 | /* Rumtime check for glib version. First do a compile time check which 161 | * (if satisfied) shortcuts the runtime check. */ 162 | static inline gboolean 163 | nm_glib_check_version (guint major, guint minor, guint micro) 164 | { 165 | return GLIB_CHECK_VERSION (major, minor, micro) 166 | || ( ( glib_major_version > major) 167 | || ( glib_major_version == major 168 | && glib_minor_version > minor) 169 | || ( glib_major_version == major 170 | && glib_minor_version == minor 171 | && glib_micro_version < micro)); 172 | } 173 | 174 | /*****************************************************************************/ 175 | 176 | /* g_test_skip() is only available since glib 2.38. Add a compatibility wrapper. */ 177 | static inline void 178 | __nmtst_g_test_skip (const gchar *msg) 179 | { 180 | #if GLIB_CHECK_VERSION (2, 38, 0) 181 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS 182 | g_test_skip (msg); 183 | G_GNUC_END_IGNORE_DEPRECATIONS 184 | #else 185 | g_debug ("%s", msg); 186 | #endif 187 | } 188 | #define g_test_skip __nmtst_g_test_skip 189 | 190 | /*****************************************************************************/ 191 | 192 | /* g_test_add_data_func_full() is only available since glib 2.34. Add a compatibility wrapper. */ 193 | static inline void 194 | __g_test_add_data_func_full (const char *testpath, 195 | gpointer test_data, 196 | GTestDataFunc test_func, 197 | GDestroyNotify data_free_func) 198 | { 199 | #if GLIB_CHECK_VERSION (2, 34, 0) 200 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS 201 | g_test_add_data_func_full (testpath, test_data, test_func, data_free_func); 202 | G_GNUC_END_IGNORE_DEPRECATIONS 203 | #else 204 | g_return_if_fail (testpath != NULL); 205 | g_return_if_fail (testpath[0] == '/'); 206 | g_return_if_fail (test_func != NULL); 207 | 208 | g_test_add_vtable (testpath, 0, test_data, NULL, 209 | (GTestFixtureFunc) test_func, 210 | (GTestFixtureFunc) data_free_func); 211 | #endif 212 | } 213 | #define g_test_add_data_func_full __g_test_add_data_func_full 214 | 215 | /*****************************************************************************/ 216 | 217 | #if !GLIB_CHECK_VERSION (2, 34, 0) 218 | #define G_DEFINE_QUARK(QN, q_n) \ 219 | GQuark \ 220 | q_n##_quark (void) \ 221 | { \ 222 | static GQuark q; \ 223 | \ 224 | if G_UNLIKELY (q == 0) \ 225 | q = g_quark_from_static_string (#QN); \ 226 | \ 227 | return q; \ 228 | } 229 | #endif 230 | 231 | /*****************************************************************************/ 232 | 233 | static inline gboolean 234 | nm_g_hash_table_replace (GHashTable *hash, gpointer key, gpointer value) 235 | { 236 | /* glib 2.40 added a return value indicating whether the key already existed 237 | * (910191597a6c2e5d5d460e9ce9efb4f47d9cc63c). */ 238 | #if GLIB_CHECK_VERSION(2, 40, 0) 239 | return g_hash_table_replace (hash, key, value); 240 | #else 241 | gboolean contained = g_hash_table_contains (hash, key); 242 | 243 | g_hash_table_replace (hash, key, value); 244 | return !contained; 245 | #endif 246 | } 247 | 248 | static inline gboolean 249 | nm_g_hash_table_insert (GHashTable *hash, gpointer key, gpointer value) 250 | { 251 | /* glib 2.40 added a return value indicating whether the key already existed 252 | * (910191597a6c2e5d5d460e9ce9efb4f47d9cc63c). */ 253 | #if GLIB_CHECK_VERSION(2, 40, 0) 254 | return g_hash_table_insert (hash, key, value); 255 | #else 256 | gboolean contained = g_hash_table_contains (hash, key); 257 | 258 | g_hash_table_insert (hash, key, value); 259 | return !contained; 260 | #endif 261 | } 262 | 263 | static inline gboolean 264 | nm_g_hash_table_add (GHashTable *hash, gpointer key) 265 | { 266 | /* glib 2.40 added a return value indicating whether the key already existed 267 | * (910191597a6c2e5d5d460e9ce9efb4f47d9cc63c). */ 268 | #if GLIB_CHECK_VERSION(2, 40, 0) 269 | return g_hash_table_add (hash, key); 270 | #else 271 | gboolean contained = g_hash_table_contains (hash, key); 272 | 273 | g_hash_table_add (hash, key); 274 | return !contained; 275 | #endif 276 | } 277 | 278 | /*****************************************************************************/ 279 | 280 | #if !GLIB_CHECK_VERSION(2, 40, 0) || defined (NM_GLIB_COMPAT_H_TEST) 281 | static inline void 282 | _nm_g_ptr_array_insert (GPtrArray *array, 283 | gint index_, 284 | gpointer data) 285 | { 286 | g_return_if_fail (array); 287 | g_return_if_fail (index_ >= -1); 288 | g_return_if_fail (index_ <= (gint) array->len); 289 | 290 | g_ptr_array_add (array, data); 291 | 292 | if (index_ != -1 && index_ != (gint) (array->len - 1)) { 293 | memmove (&(array->pdata[index_ + 1]), 294 | &(array->pdata[index_]), 295 | (array->len - index_ - 1) * sizeof (gpointer)); 296 | array->pdata[index_] = data; 297 | } 298 | } 299 | #endif 300 | 301 | #if !GLIB_CHECK_VERSION(2, 40, 0) 302 | #define g_ptr_array_insert(array, index, data) G_STMT_START { _nm_g_ptr_array_insert (array, index, data); } G_STMT_END 303 | #else 304 | #define g_ptr_array_insert(array, index, data) \ 305 | G_STMT_START { \ 306 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 307 | g_ptr_array_insert (array, index, data); \ 308 | G_GNUC_END_IGNORE_DEPRECATIONS \ 309 | } G_STMT_END 310 | #endif 311 | 312 | /*****************************************************************************/ 313 | 314 | #if !GLIB_CHECK_VERSION (2, 40, 0) 315 | static inline gboolean 316 | _g_key_file_save_to_file (GKeyFile *key_file, 317 | const gchar *filename, 318 | GError **error) 319 | { 320 | gchar *contents; 321 | gboolean success; 322 | gsize length; 323 | 324 | g_return_val_if_fail (key_file != NULL, FALSE); 325 | g_return_val_if_fail (filename != NULL, FALSE); 326 | g_return_val_if_fail (error == NULL || *error == NULL, FALSE); 327 | 328 | contents = g_key_file_to_data (key_file, &length, NULL); 329 | g_assert (contents != NULL); 330 | 331 | success = g_file_set_contents (filename, contents, length, error); 332 | g_free (contents); 333 | 334 | return success; 335 | } 336 | #define g_key_file_save_to_file(key_file, filename, error) \ 337 | _g_key_file_save_to_file (key_file, filename, error) 338 | #else 339 | #define g_key_file_save_to_file(key_file, filename, error) \ 340 | ({ \ 341 | gboolean _success; \ 342 | \ 343 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 344 | _success = g_key_file_save_to_file (key_file, filename, error); \ 345 | G_GNUC_END_IGNORE_DEPRECATIONS \ 346 | _success; \ 347 | }) 348 | #endif 349 | 350 | /*****************************************************************************/ 351 | 352 | #if GLIB_CHECK_VERSION (2, 36, 0) 353 | #define g_credentials_get_unix_pid(creds, error) \ 354 | ({ \ 355 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 356 | (g_credentials_get_unix_pid) ((creds), (error)); \ 357 | G_GNUC_END_IGNORE_DEPRECATIONS \ 358 | }) 359 | #else 360 | #define g_credentials_get_unix_pid(creds, error) \ 361 | ({ \ 362 | struct ucred *native_creds; \ 363 | \ 364 | native_creds = g_credentials_get_native ((creds), G_CREDENTIALS_TYPE_LINUX_UCRED); \ 365 | g_assert (native_creds); \ 366 | native_creds->pid; \ 367 | }) 368 | #endif 369 | 370 | /*****************************************************************************/ 371 | 372 | #if !GLIB_CHECK_VERSION(2, 40, 0) || defined (NM_GLIB_COMPAT_H_TEST) 373 | static inline gpointer * 374 | _nm_g_hash_table_get_keys_as_array (GHashTable *hash_table, 375 | guint *length) 376 | { 377 | GHashTableIter iter; 378 | gpointer key, *ret; 379 | guint i = 0; 380 | 381 | g_return_val_if_fail (hash_table, NULL); 382 | 383 | ret = g_new0 (gpointer, g_hash_table_size (hash_table) + 1); 384 | g_hash_table_iter_init (&iter, hash_table); 385 | 386 | while (g_hash_table_iter_next (&iter, &key, NULL)) 387 | ret[i++] = key; 388 | 389 | ret[i] = NULL; 390 | 391 | if (length) 392 | *length = i; 393 | 394 | return ret; 395 | } 396 | #endif 397 | #if !GLIB_CHECK_VERSION(2, 40, 0) 398 | #define g_hash_table_get_keys_as_array(hash_table, length) \ 399 | ({ \ 400 | _nm_g_hash_table_get_keys_as_array (hash_table, length); \ 401 | }) 402 | #else 403 | #define g_hash_table_get_keys_as_array(hash_table, length) \ 404 | ({ \ 405 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 406 | (g_hash_table_get_keys_as_array) ((hash_table), (length)); \ 407 | G_GNUC_END_IGNORE_DEPRECATIONS \ 408 | }) 409 | #endif 410 | 411 | /*****************************************************************************/ 412 | 413 | #ifndef g_info 414 | /* g_info was only added with 2.39.2 */ 415 | #define g_info(...) g_log (G_LOG_DOMAIN, \ 416 | G_LOG_LEVEL_INFO, \ 417 | __VA_ARGS__) 418 | #endif 419 | 420 | /*****************************************************************************/ 421 | 422 | static inline gpointer 423 | _nm_g_steal_pointer (gpointer pp) 424 | { 425 | gpointer *ptr = (gpointer *) pp; 426 | gpointer ref; 427 | 428 | ref = *ptr; 429 | *ptr = NULL; 430 | 431 | return ref; 432 | } 433 | 434 | #if !GLIB_CHECK_VERSION(2, 44, 0) 435 | static inline gpointer 436 | g_steal_pointer (gpointer pp) 437 | { 438 | return _nm_g_steal_pointer (pp); 439 | } 440 | #endif 441 | 442 | #ifdef g_steal_pointer 443 | #undef g_steal_pointer 444 | #endif 445 | #define g_steal_pointer(pp) \ 446 | ((typeof (*(pp))) _nm_g_steal_pointer (pp)) 447 | 448 | /*****************************************************************************/ 449 | 450 | static inline gboolean 451 | _nm_g_strv_contains (const gchar * const *strv, 452 | const gchar *str) 453 | { 454 | #if !GLIB_CHECK_VERSION(2, 44, 0) 455 | g_return_val_if_fail (strv != NULL, FALSE); 456 | g_return_val_if_fail (str != NULL, FALSE); 457 | 458 | for (; *strv != NULL; strv++) { 459 | if (g_str_equal (str, *strv)) 460 | return TRUE; 461 | } 462 | 463 | return FALSE; 464 | #else 465 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS 466 | return g_strv_contains (strv, str); 467 | G_GNUC_END_IGNORE_DEPRECATIONS 468 | #endif 469 | } 470 | #define g_strv_contains _nm_g_strv_contains 471 | 472 | /*****************************************************************************/ 473 | 474 | static inline GVariant * 475 | _nm_g_variant_new_take_string (gchar *string) 476 | { 477 | #if !GLIB_CHECK_VERSION(2, 36, 0) 478 | GVariant *value; 479 | 480 | g_return_val_if_fail (string != NULL, NULL); 481 | g_return_val_if_fail (g_utf8_validate (string, -1, NULL), NULL); 482 | 483 | value = g_variant_new_string (string); 484 | g_free (string); 485 | return value; 486 | #elif !GLIB_CHECK_VERSION(2, 38, 0) 487 | GVariant *value; 488 | GBytes *bytes; 489 | 490 | g_return_val_if_fail (string != NULL, NULL); 491 | g_return_val_if_fail (g_utf8_validate (string, -1, NULL), NULL); 492 | 493 | bytes = g_bytes_new_take (string, strlen (string) + 1); 494 | value = g_variant_new_from_bytes (G_VARIANT_TYPE_STRING, bytes, TRUE); 495 | g_bytes_unref (bytes); 496 | 497 | return value; 498 | #else 499 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS 500 | return g_variant_new_take_string (string); 501 | G_GNUC_END_IGNORE_DEPRECATIONS 502 | #endif 503 | } 504 | #define g_variant_new_take_string _nm_g_variant_new_take_string 505 | 506 | /*****************************************************************************/ 507 | 508 | #if !GLIB_CHECK_VERSION(2, 38, 0) 509 | _nm_printf (1, 2) 510 | static inline GVariant * 511 | _nm_g_variant_new_printf (const char *format_string, ...) 512 | { 513 | char *string; 514 | va_list ap; 515 | 516 | g_return_val_if_fail (format_string, NULL); 517 | 518 | va_start (ap, format_string); 519 | string = g_strdup_vprintf (format_string, ap); 520 | va_end (ap); 521 | 522 | return g_variant_new_take_string (string); 523 | } 524 | #define g_variant_new_printf(...) _nm_g_variant_new_printf(__VA_ARGS__) 525 | #else 526 | #define g_variant_new_printf(...) \ 527 | ({ \ 528 | GVariant *_v; \ 529 | \ 530 | G_GNUC_BEGIN_IGNORE_DEPRECATIONS \ 531 | _v = g_variant_new_printf (__VA_ARGS__); \ 532 | G_GNUC_END_IGNORE_DEPRECATIONS \ 533 | _v; \ 534 | }) 535 | #endif 536 | 537 | /*****************************************************************************/ 538 | 539 | #if !GLIB_CHECK_VERSION (2, 56, 0) 540 | #define g_object_ref(Obj) ((typeof(Obj)) g_object_ref (Obj)) 541 | #define g_object_ref_sink(Obj) ((typeof(Obj)) g_object_ref_sink (Obj)) 542 | #endif 543 | 544 | /*****************************************************************************/ 545 | 546 | #ifndef g_autofree 547 | /* we still don't rely on recent glib to provide g_autofree. Hence, we continue 548 | * to use our gs_* free macros that we took from libgsystem. 549 | * 550 | * To ease migration towards g_auto*, add a compat define for g_autofree. */ 551 | #define g_autofree gs_free 552 | #endif 553 | 554 | /*****************************************************************************/ 555 | 556 | #endif /* __NM_GLIB_H__ */ 557 | -------------------------------------------------------------------------------- /shared/nm-utils/nm-vpn-plugin-macros.h: -------------------------------------------------------------------------------- 1 | /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ 2 | 3 | /* 4 | * This library is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU Lesser General Public 6 | * License as published by the Free Software Foundation; either 7 | * version 2 of the License, or (at your option) any later version. 8 | * 9 | * This library is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 | * Lesser General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU Lesser General Public 15 | * License along with this library; if not, write to the 16 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 17 | * Boston, MA 02110-1301 USA. 18 | * 19 | * Copyright 2016 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef __NM_VPN_PLUGIN_MACROS_H__ 23 | #define __NM_VPN_PLUGIN_MACROS_H__ 24 | 25 | #include 26 | 27 | static inline int 28 | nm_utils_syslog_coerce_from_nm (int syslog_level) 29 | { 30 | /* NetworkManager uses internally NMLogLevel levels. When spawning 31 | * the VPN plugin, it maps those levels to syslog levels as follows: 32 | * 33 | * LOGL_INFO = LOG_NOTICE, 34 | * LOGL_DEBUG = LOG_INFO, 35 | * LOGL_TRACE = LOG_DEBUG, 36 | * 37 | * However, when actually printing to syslog, we don't want to print messages 38 | * with LOGL_INFO level as LOG_NOTICE, because they are *not* to be highlighted. 39 | * 40 | * In other words: NetworkManager has 3 levels that should not require highlighting: 41 | * LOGL_INFO, LOGL_DEBUG, LOGL_TRACE. syslog on the other hand has only LOG_INFO and LOG_DEBUG. 42 | * 43 | * So, coerce those values before printing to syslog. When you receive the syslog_level 44 | * from NetworkManager, instead of calling 45 | * syslog(syslog_level, ...) 46 | * you should call 47 | * syslog(nm_utils_syslog_coerce_from_nm(syslog_level), ...) 48 | */ 49 | switch (syslog_level) { 50 | case LOG_INFO: 51 | return LOG_DEBUG; 52 | case LOG_NOTICE: 53 | return LOG_INFO; 54 | default: 55 | return syslog_level; 56 | } 57 | } 58 | 59 | static inline const char * 60 | nm_utils_syslog_to_str (int syslog_level) 61 | { 62 | /* Maps the levels the same way as NetworkManager's nm-logging.c does */ 63 | if (syslog_level >= LOG_DEBUG) 64 | return ""; 65 | if (syslog_level >= LOG_INFO) 66 | return ""; 67 | if (syslog_level >= LOG_NOTICE) 68 | return ""; 69 | if (syslog_level >= LOG_WARNING) 70 | return ""; 71 | return ""; 72 | } 73 | 74 | /*****************************************************************************/ 75 | 76 | /* possibly missing defines from newer libnm API. */ 77 | 78 | #ifndef NM_VPN_PLUGIN_CONFIG_PROXY_PAC 79 | #define NM_VPN_PLUGIN_CONFIG_PROXY_PAC "pac" 80 | #endif 81 | 82 | #ifndef NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES 83 | #define NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES "preserve-routes" 84 | #endif 85 | 86 | #ifndef NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES 87 | #define NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES "preserve-routes" 88 | #endif 89 | 90 | /*****************************************************************************/ 91 | 92 | #endif /* __NM_VPN_PLUGIN_MACROS_H__ */ 93 | 94 | -------------------------------------------------------------------------------- /shared/nm-utils/nm-vpn-plugin-utils.c: -------------------------------------------------------------------------------- 1 | /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ 2 | 3 | /* 4 | * This library is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU Lesser General Public 6 | * License as published by the Free Software Foundation; either 7 | * version 2 of the License, or (at your option) any later version. 8 | * 9 | * This library is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 | * Lesser General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU Lesser General Public 15 | * License along with this library; if not, write to the 16 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 17 | * Boston, MA 02110-1301 USA. 18 | * 19 | * Copyright 2016,2018 Red Hat, Inc. 20 | */ 21 | 22 | #include "nm-default.h" 23 | 24 | #include "nm-vpn-plugin-utils.h" 25 | 26 | #include 27 | 28 | /*****************************************************************************/ 29 | 30 | NMVpnEditor * 31 | nm_vpn_plugin_utils_load_editor (const char *module_name, 32 | const char *factory_name, 33 | NMVpnPluginUtilsEditorFactory editor_factory, 34 | NMVpnEditorPlugin *editor_plugin, 35 | NMConnection *connection, 36 | gpointer user_data, 37 | GError **error) 38 | 39 | { 40 | static struct { 41 | gpointer factory; 42 | void *dl_module; 43 | char *module_name; 44 | char *factory_name; 45 | } cached = { 0 }; 46 | NMVpnEditor *editor; 47 | gs_free char *module_path = NULL; 48 | gs_free char *dirname = NULL; 49 | Dl_info plugin_info; 50 | 51 | g_return_val_if_fail (module_name, NULL); 52 | g_return_val_if_fail (factory_name && factory_name[0], NULL); 53 | g_return_val_if_fail (editor_factory, NULL); 54 | g_return_val_if_fail (NM_IS_VPN_EDITOR_PLUGIN (editor_plugin), NULL); 55 | g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL); 56 | g_return_val_if_fail (!error || !*error, NULL); 57 | 58 | if (!g_path_is_absolute (module_name)) { 59 | /* 60 | * Load an editor from the same directory this plugin is in. 61 | * Ideally, we'd get our .so name from the NMVpnEditorPlugin if it 62 | * would just have a property with it... 63 | */ 64 | if (!dladdr(nm_vpn_plugin_utils_load_editor, &plugin_info)) { 65 | /* Really a "can not happen" scenario. */ 66 | g_set_error (error, 67 | NM_VPN_PLUGIN_ERROR, 68 | NM_VPN_PLUGIN_ERROR_FAILED, 69 | _("unable to get editor plugin name: %s"), dlerror ()); 70 | } 71 | 72 | dirname = g_path_get_dirname (plugin_info.dli_fname); 73 | module_path = g_build_filename (dirname, module_name, NULL); 74 | } else { 75 | module_path = g_strdup (module_name); 76 | } 77 | 78 | /* we really expect this function to be called with unchanging @module_name 79 | * and @factory_name. And we only want to load the module once, hence it would 80 | * be more complicated to accept changing @module_name/@factory_name arguments. 81 | * 82 | * The reason for only loading once is that due to glib types, we cannot create a 83 | * certain type-name more then once, so loading the same module or another version 84 | * of the same module will fail horribly as both try to create a GType with the same 85 | * name. 86 | * 87 | * Only support loading once, any future calls will reuse the handle. To simplify 88 | * that, we enforce that the @factory_name and @module_name is the same. */ 89 | if (cached.factory) { 90 | g_return_val_if_fail (cached.dl_module, NULL); 91 | g_return_val_if_fail (cached.factory_name && nm_streq0 (cached.factory_name, factory_name), NULL); 92 | g_return_val_if_fail (cached.module_name && nm_streq0 (cached.module_name, module_name), NULL); 93 | } else { 94 | gpointer factory; 95 | void *dl_module; 96 | 97 | dl_module = dlopen (module_path, RTLD_LAZY | RTLD_LOCAL); 98 | if (!dl_module) { 99 | if (!g_file_test (module_path, G_FILE_TEST_EXISTS)) { 100 | g_set_error (error, 101 | G_FILE_ERROR, 102 | G_FILE_ERROR_NOENT, 103 | _("missing plugin file \"%s\""), module_path); 104 | return NULL; 105 | } 106 | g_set_error (error, 107 | NM_VPN_PLUGIN_ERROR, 108 | NM_VPN_PLUGIN_ERROR_FAILED, 109 | _("cannot load editor plugin: %s"), dlerror ()); 110 | return NULL; 111 | } 112 | 113 | factory = dlsym (dl_module, factory_name); 114 | if (!factory) { 115 | g_set_error (error, 116 | NM_VPN_PLUGIN_ERROR, 117 | NM_VPN_PLUGIN_ERROR_FAILED, 118 | _("cannot load factory %s from plugin: %s"), 119 | factory_name, dlerror ()); 120 | dlclose (dl_module); 121 | return NULL; 122 | } 123 | 124 | /* we cannot ever unload the module because it creates glib types, which 125 | * cannot be unregistered. 126 | * 127 | * Thus we just leak the dl_module handle indefinitely. */ 128 | cached.factory = factory; 129 | cached.dl_module = dl_module; 130 | cached.module_name = g_strdup (module_name); 131 | cached.factory_name = g_strdup (factory_name); 132 | } 133 | 134 | editor = editor_factory (cached.factory, 135 | editor_plugin, 136 | connection, 137 | user_data, 138 | error); 139 | if (!editor) { 140 | if (error && !*error ) { 141 | g_set_error_literal (error, 142 | NM_VPN_PLUGIN_ERROR, 143 | NM_VPN_PLUGIN_ERROR_FAILED, 144 | _("unknown error creating editor instance")); 145 | g_return_val_if_reached (NULL); 146 | } 147 | return NULL; 148 | } 149 | 150 | g_return_val_if_fail (NM_IS_VPN_EDITOR (editor), NULL); 151 | return editor; 152 | } 153 | -------------------------------------------------------------------------------- /shared/nm-utils/nm-vpn-plugin-utils.h: -------------------------------------------------------------------------------- 1 | /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ 2 | 3 | /* 4 | * This library is free software; you can redistribute it and/or 5 | * modify it under the terms of the GNU Lesser General Public 6 | * License as published by the Free Software Foundation; either 7 | * version 2 of the License, or (at your option) any later version. 8 | * 9 | * This library is distributed in the hope that it will be useful, 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 | * Lesser General Public License for more details. 13 | * 14 | * You should have received a copy of the GNU Lesser General Public 15 | * License along with this library; if not, write to the 16 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 17 | * Boston, MA 02110-1301 USA. 18 | * 19 | * Copyright 2016 Red Hat, Inc. 20 | */ 21 | 22 | #ifndef __NM_VPN_PLUGIN_UTILS_H__ 23 | #define __NM_VPN_PLUGIN_UTILS_H__ 24 | 25 | #include 26 | 27 | typedef NMVpnEditor *(NMVpnPluginUtilsEditorFactory) (gpointer factory, 28 | NMVpnEditorPlugin *editor_plugin, 29 | NMConnection *connection, 30 | gpointer user_data, 31 | GError **error); 32 | 33 | NMVpnEditor *nm_vpn_plugin_utils_load_editor (const char *module_name, 34 | const char *factory_name, 35 | NMVpnPluginUtilsEditorFactory editor_factory, 36 | NMVpnEditorPlugin *editor_plugin, 37 | NMConnection *connection, 38 | gpointer user_data, 39 | GError **error); 40 | 41 | #endif /* __NM_VPN_PLUGIN_UTILS_H__ */ 42 | 43 | -------------------------------------------------------------------------------- /shared/utils.c: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * Dan Williams 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 2 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | * 16 | * You should have received a copy of the GNU General Public License along 17 | * with this program; if not, write to the Free Software Foundation, Inc., 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 19 | * 20 | * Copyright (C) 2010 - 2018 Red Hat, Inc. 21 | */ 22 | 23 | #include "nm-default.h" 24 | 25 | #include "utils.h" 26 | 27 | #include 28 | #include 29 | #include 30 | 31 | #include "nm-utils/nm-shared-utils.h" 32 | 33 | gboolean 34 | is_pkcs12 (const char *filepath) 35 | { 36 | NMSetting8021xCKFormat ck_format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; 37 | NMSetting8021x *s_8021x; 38 | 39 | if (!filepath || !strlen (filepath)) 40 | return FALSE; 41 | 42 | if (!g_file_test (filepath, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR)) 43 | return FALSE; 44 | 45 | s_8021x = (NMSetting8021x *) nm_setting_802_1x_new (); 46 | g_return_val_if_fail (s_8021x != NULL, FALSE); 47 | 48 | nm_setting_802_1x_set_private_key (s_8021x, 49 | filepath, 50 | NULL, 51 | NM_SETTING_802_1X_CK_SCHEME_PATH, 52 | &ck_format, 53 | NULL); 54 | g_object_unref (s_8021x); 55 | 56 | return (ck_format == NM_SETTING_802_1X_CK_FORMAT_PKCS12); 57 | } 58 | 59 | #define PROC_TYPE_TAG "Proc-Type: 4,ENCRYPTED" 60 | #define PKCS8_TAG "-----BEGIN ENCRYPTED PRIVATE KEY-----" 61 | 62 | /** Checks if a file appears to be an encrypted private key. 63 | * @param filename the path to the file 64 | * @return returns true if the key is encrypted, false otherwise 65 | */ 66 | gboolean 67 | is_encrypted (const char *filename) 68 | { 69 | GIOChannel *pem_chan; 70 | char *str = NULL; 71 | gboolean encrypted = FALSE; 72 | 73 | if (!filename || !strlen (filename)) 74 | return FALSE; 75 | 76 | if (is_pkcs12 (filename)) 77 | return TRUE; 78 | 79 | pem_chan = g_io_channel_new_file (filename, "r", NULL); 80 | if (!pem_chan) 81 | return FALSE; 82 | 83 | while (g_io_channel_read_line (pem_chan, &str, NULL, NULL, NULL) == G_IO_STATUS_NORMAL) { 84 | if (str) { 85 | if (g_str_has_prefix (str, PROC_TYPE_TAG) || g_str_has_prefix (str, PKCS8_TAG)) { 86 | encrypted = TRUE; 87 | break; 88 | } 89 | g_free (str); 90 | } 91 | } 92 | 93 | g_io_channel_shutdown (pem_chan, FALSE, NULL); 94 | g_io_channel_unref (pem_chan); 95 | return encrypted; 96 | } 97 | 98 | static gboolean 99 | _is_inet6_addr (const char *str, gboolean with_square_brackets) 100 | { 101 | struct in6_addr a; 102 | gsize l; 103 | 104 | if ( with_square_brackets 105 | && str[0] == '[') { 106 | l = strlen (str); 107 | if (str[l - 1] == ']') { 108 | gs_free char *s = g_strndup (&str[1], l - 2); 109 | 110 | return inet_pton (AF_INET6, s, &a) == 1; 111 | } 112 | } 113 | return inet_pton (AF_INET6, str, &a) == 1; 114 | } 115 | 116 | NMOvpnComp 117 | nmovpn_compression_from_options (const char *comp_lzo, const char *compress) 118 | { 119 | if (nm_streq0 (compress, "lzo")) 120 | return NMOVPN_COMP_LZO; 121 | if (nm_streq0 (compress, "lz4")) 122 | return NMOVPN_COMP_LZ4; 123 | if (nm_streq0 (compress, "lz4-v2")) 124 | return NMOVPN_COMP_LZ4_V2; 125 | if (nm_streq0 (compress, "yes")) 126 | return NMOVPN_COMP_AUTO; 127 | 128 | if (nm_streq0 (comp_lzo, "yes")) 129 | return NMOVPN_COMP_LZO; 130 | if (nm_streq0 (comp_lzo, "no-by-default")) 131 | return NMOVPN_COMP_LEGACY_LZO_DISABLED; 132 | if (nm_streq0 (comp_lzo, "adaptive")) 133 | return NMOVPN_COMP_LEGACY_LZO_ADAPTIVE; 134 | 135 | return NMOVPN_COMP_DISABLED; 136 | } 137 | 138 | void 139 | nmovpn_compression_to_options (NMOvpnComp comp, 140 | const char **comp_lzo, 141 | const char **compress) 142 | { 143 | NM_SET_OUT (comp_lzo, NULL); 144 | NM_SET_OUT (compress, NULL); 145 | 146 | switch (comp) { 147 | case NMOVPN_COMP_DISABLED: 148 | break; 149 | case NMOVPN_COMP_LZO: 150 | NM_SET_OUT (compress, "lzo"); 151 | break; 152 | case NMOVPN_COMP_LZ4: 153 | NM_SET_OUT (compress, "lz4"); 154 | break; 155 | case NMOVPN_COMP_LZ4_V2: 156 | NM_SET_OUT (compress, "lz4-v2"); 157 | break; 158 | case NMOVPN_COMP_AUTO: 159 | NM_SET_OUT (compress, "yes"); 160 | break; 161 | case NMOVPN_COMP_LEGACY_LZO_DISABLED: 162 | NM_SET_OUT (comp_lzo, "no-by-default"); 163 | break; 164 | case NMOVPN_COMP_LEGACY_LZO_ADAPTIVE: 165 | NM_SET_OUT (comp_lzo, "adaptive"); 166 | break; 167 | } 168 | } 169 | 170 | /** 171 | * nmovpn_remote_parse: 172 | * @str: the input string to be split. It is modified inplace. 173 | * @out_buf: an allocated string, to which the other arguments 174 | * point to. Must be freed by caller. 175 | * @out_host: pointer to the host out argument. 176 | * @out_port: pointer to the port out argument. 177 | * @out_proto: pointer to the proto out argument. 178 | * @error: 179 | * 180 | * Splits @str in three parts host, port and proto. 181 | * 182 | * Returns: -1 on success or index in @str of first invalid character. 183 | * Note that the error index can be at strlen(str), if some data is missing. 184 | **/ 185 | gssize 186 | nmovpn_remote_parse (const char *str, 187 | char **out_buf, 188 | const char **out_host, 189 | const char **out_port, 190 | const char **out_proto, 191 | GError **error) 192 | { 193 | gs_free char *str_copy = NULL; 194 | char *t; 195 | char *host = NULL; 196 | char *port = NULL; 197 | char *proto = NULL; 198 | gssize idx_fail; 199 | 200 | g_return_val_if_fail (str, 0); 201 | if (!out_buf) { 202 | /* one can omit @out_buf only if also no other out-arguments 203 | * are requested. */ 204 | if (out_host || out_port || out_proto) 205 | g_return_val_if_reached (0); 206 | } 207 | g_return_val_if_fail (!error || !*error, 0); 208 | 209 | t = strchr (str, ' '); 210 | if (!t) 211 | t = strchr (str, ','); 212 | if (t) { 213 | g_set_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_UNKNOWN, 214 | _("invalid delimiter character '%c'"), t[0]); 215 | idx_fail = t - str; 216 | goto out_fail; 217 | } 218 | 219 | if (!g_utf8_validate (str, -1, (const char **) &t)) { 220 | g_set_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_UNKNOWN, 221 | _("invalid non-utf-8 character")); 222 | idx_fail = t - str; 223 | goto out_fail; 224 | } 225 | 226 | str_copy = g_strdup (str); 227 | 228 | /* we already checked that there is no space above. 229 | * Strip tabs nonetheless. */ 230 | host = nm_str_skip_leading_spaces (str_copy); 231 | g_strchomp (host); 232 | 233 | t = strrchr (host, ':'); 234 | if ( t 235 | && !_is_inet6_addr (host, TRUE)) { 236 | t[0] = '\0'; 237 | port = &t[1]; 238 | t = strrchr (host, ':'); 239 | if ( t 240 | && !_is_inet6_addr (host, TRUE)) { 241 | t[0] = '\0'; 242 | proto = port; 243 | port = &t[1]; 244 | } 245 | } 246 | 247 | if (!host[0]) { 248 | g_set_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_UNKNOWN, 249 | _("empty host")); 250 | idx_fail = host - str_copy; 251 | goto out_fail; 252 | } 253 | if (port) { 254 | if (!port[0]) { 255 | /* allow empty port like "host::udp". */ 256 | port = NULL; 257 | } else if (_nm_utils_ascii_str_to_int64 (port, 10, 1, 0xFFFF, 0) == 0) { 258 | g_set_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_UNKNOWN, 259 | _("invalid port")); 260 | idx_fail = port - str_copy; 261 | goto out_fail; 262 | } 263 | } 264 | if (proto) { 265 | if (!proto[0]) { 266 | /* allow empty proto, so that host can contain ':'. */ 267 | proto = NULL; 268 | } else if (!NM_IN_STRSET (proto, NMOVPN_PROTCOL_TYPES)) { 269 | g_set_error (error, NM_UTILS_ERROR, NM_UTILS_ERROR_UNKNOWN, 270 | _("invalid protocol")); 271 | idx_fail = proto - str_copy; 272 | goto out_fail; 273 | } 274 | } 275 | 276 | if (out_buf) { 277 | *out_buf = g_steal_pointer (&str_copy); 278 | if ( host[0] == '[' 279 | && _is_inet6_addr (host, TRUE) 280 | && !_is_inet6_addr (host, FALSE)) { 281 | gsize l; 282 | 283 | host++; 284 | l = strlen (host); 285 | nm_assert (l > 0 && host[l - 1] == ']'); 286 | host[l - 1] = '\0'; 287 | nm_assert (_is_inet6_addr (host, FALSE)); 288 | } 289 | NM_SET_OUT (out_host, host); 290 | NM_SET_OUT (out_port, port); 291 | NM_SET_OUT (out_proto, proto); 292 | } 293 | return -1; 294 | 295 | out_fail: 296 | if (out_buf) { 297 | *out_buf = NULL; 298 | NM_SET_OUT (out_host, NULL); 299 | NM_SET_OUT (out_port, NULL); 300 | NM_SET_OUT (out_proto, NULL); 301 | } 302 | return idx_fail; 303 | } 304 | 305 | /*****************************************************************************/ 306 | -------------------------------------------------------------------------------- /shared/utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * network-manager-openvpn - OpenVPN integration with NetworkManager 3 | * 4 | * Dan Williams 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 2 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | * 16 | * You should have received a copy of the GNU General Public License along 17 | * with this program; if not, write to the Free Software Foundation, Inc., 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 19 | * 20 | * Copyright (C) 2010 - 2018 Red Hat, Inc. 21 | */ 22 | 23 | #ifndef UTILS_H 24 | #define UTILS_H 25 | 26 | #define NMV_OVPN_TAG_ALLOW_PULL_FQDN "allow-pull-fqdn" 27 | #define NMV_OVPN_TAG_AUTH "auth" 28 | #define NMV_OVPN_TAG_AUTH_NOCACHE "auth-nocache" 29 | #define NMV_OVPN_TAG_NCP_DISABLE "ncp-disable" 30 | #define NMV_OVPN_TAG_AUTH_USER_PASS "auth-user-pass" 31 | #define NMV_OVPN_TAG_CA "ca" 32 | #define NMV_OVPN_TAG_CERT "cert" 33 | #define NMV_OVPN_TAG_CIPHER "cipher" 34 | #define NMV_OVPN_TAG_CLIENT "client" 35 | #define NMV_OVPN_TAG_COMP_LZO "comp-lzo" 36 | #define NMV_OVPN_TAG_COMPRESS "compress" 37 | #define NMV_OVPN_TAG_CONNECT_TIMEOUT "connect-timeout" 38 | #define NMV_OVPN_TAG_CRL_VERIFY "crl-verify" 39 | #define NMV_OVPN_TAG_DEV "dev" 40 | #define NMV_OVPN_TAG_DEV_TYPE "dev-type" 41 | #define NMV_OVPN_TAG_EXTRA_CERTS "extra-certs" 42 | #define NMV_OVPN_TAG_FLOAT "float" 43 | #define NMV_OVPN_TAG_FRAGMENT "fragment" 44 | #define NMV_OVPN_TAG_GROUP "group" 45 | #define NMV_OVPN_TAG_HTTP_PROXY "http-proxy" 46 | #define NMV_OVPN_TAG_HTTP_PROXY_RETRY "http-proxy-retry" 47 | #define NMV_OVPN_TAG_IFCONFIG "ifconfig" 48 | #define NMV_OVPN_TAG_KEEPALIVE "keepalive" 49 | #define NMV_OVPN_TAG_KEY "key" 50 | #define NMV_OVPN_TAG_KEYSIZE "keysize" 51 | #define NMV_OVPN_TAG_KEY_DIRECTION "key-direction" 52 | #define NMV_OVPN_TAG_MAX_ROUTES "max-routes" 53 | #define NMV_OVPN_TAG_MSSFIX "mssfix" 54 | #define NMV_OVPN_TAG_MTU_DISC "mtu-disc" 55 | #define NMV_OVPN_TAG_NOBIND "nobind" 56 | #define NMV_OVPN_TAG_NS_CERT_TYPE "ns-cert-type" 57 | #define NMV_OVPN_TAG_PERSIST_KEY "persist-key" 58 | #define NMV_OVPN_TAG_PERSIST_TUN "persist-tun" 59 | #define NMV_OVPN_TAG_PING "ping" 60 | #define NMV_OVPN_TAG_PING_EXIT "ping-exit" 61 | #define NMV_OVPN_TAG_PING_RESTART "ping-restart" 62 | #define NMV_OVPN_TAG_PKCS12 "pkcs12" 63 | #define NMV_OVPN_TAG_PORT "port" 64 | #define NMV_OVPN_TAG_PROTO "proto" 65 | #define NMV_OVPN_TAG_PUSH_PEER_INFO "push-peer-info" 66 | #define NMV_OVPN_TAG_REMOTE "remote" 67 | #define NMV_OVPN_TAG_REMOTE_CERT_TLS "remote-cert-tls" 68 | #define NMV_OVPN_TAG_REMOTE_RANDOM "remote-random" 69 | #define NMV_OVPN_TAG_REMOTE_RANDOM_HOSTNAME "remote-random-hostname" 70 | #define NMV_OVPN_TAG_RENEG_SEC "reneg-sec" 71 | #define NMV_OVPN_TAG_ROUTE "route" 72 | #define NMV_OVPN_TAG_RPORT "rport" 73 | #define NMV_OVPN_TAG_SCRIPT_SECURITY "script-security" 74 | #define NMV_OVPN_TAG_SECRET "secret" 75 | #define NMV_OVPN_TAG_SERVER_POLL_TIMEOUT "server-poll-timeout" 76 | #define NMV_OVPN_TAG_SOCKS_PROXY "socks-proxy" 77 | #define NMV_OVPN_TAG_SOCKS_PROXY_RETRY "socks-proxy-retry" 78 | #define NMV_OVPN_TAG_TLS_AUTH "tls-auth" 79 | #define NMV_OVPN_TAG_TLS_CIPHER "tls-cipher" 80 | #define NMV_OVPN_TAG_TLS_CLIENT "tls-client" 81 | #define NMV_OVPN_TAG_TLS_CRYPT "tls-crypt" 82 | #define NMV_OVPN_TAG_TLS_CRYPT_V2 "tls-crypt-v2" 83 | #define NMV_OVPN_TAG_TLS_REMOTE "tls-remote" 84 | #define NMV_OVPN_TAG_TLS_VERSION_MIN "tls-version-min" 85 | #define NMV_OVPN_TAG_TLS_VERSION_MAX "tls-version-max" 86 | #define NMV_OVPN_TAG_TOPOLOGY "topology" 87 | #define NMV_OVPN_TAG_TUN_IPV6 "tun-ipv6" 88 | #define NMV_OVPN_TAG_TUN_MTU "tun-mtu" 89 | #define NMV_OVPN_TAG_USER "user" 90 | #define NMV_OVPN_TAG_VERIFY_X509_NAME "verify-x509-name" 91 | 92 | typedef enum { 93 | NMOVPN_COMP_DISABLED, /* no option */ 94 | NMOVPN_COMP_LZO, /* "--compress lzo" or "--comp-lzo yes" */ 95 | NMOVPN_COMP_LZ4, /* "--compress lz4" */ 96 | NMOVPN_COMP_LZ4_V2, /* "--compress lz4-v2" */ 97 | NMOVPN_COMP_AUTO, /* "--compress" */ 98 | NMOVPN_COMP_LEGACY_LZO_DISABLED, /* "--comp-lzo no" */ 99 | NMOVPN_COMP_LEGACY_LZO_ADAPTIVE, /* "--comp-lzo [adaptive]" */ 100 | } NMOvpnComp; 101 | 102 | gboolean is_pkcs12 (const char *filepath); 103 | 104 | gboolean is_encrypted (const char *filename); 105 | 106 | #define NMOVPN_PROTCOL_TYPES \ 107 | "udp", \ 108 | "udp4", \ 109 | "udp6", \ 110 | "tcp", \ 111 | "tcp4", \ 112 | "tcp6", \ 113 | "tcp-client", \ 114 | "tcp4-client", \ 115 | "tcp6-client" 116 | 117 | gssize nmovpn_remote_parse (const char *str, 118 | char **out_buf, 119 | const char **out_host, 120 | const char **out_port, 121 | const char **out_proto, 122 | GError **error); 123 | 124 | static inline const char * 125 | nmovpn_arg_is_set (const char *value) 126 | { 127 | return (value && value[0]) ? value : NULL; 128 | } 129 | 130 | NMOvpnComp nmovpn_compression_from_options (const char *comp_lzo, 131 | const char *compress); 132 | void nmovpn_compression_to_options (NMOvpnComp comp, 133 | const char **comp_lzo, 134 | const char **compress); 135 | 136 | #endif /* UTILS_H */ 137 | --------------------------------------------------------------------------------