diff -Naur network-manager-openvpn-0.8.orig/debian/changelog network-manager-openvpn-0.8/debian/changelog --- network-manager-openvpn-0.8.orig/debian/changelog 2010-05-15 13:22:57.000000000 +0200 +++ network-manager-openvpn-0.8/debian/changelog 2010-05-15 13:26:11.000000000 +0200 @@ -1,3 +1,9 @@ +network-manager-openvpn (0.8-1mkulke0) lucid; urgency=low + + * Added fragmentation options. + + -- Magnus Kulke Fri, 14 May 2010 19:22:46 +0200 + network-manager-openvpn (0.8-0ubuntu3) lucid; urgency=low * Recommends network-manager-openvpn-kde instead of network-manager-kde diff -Naur network-manager-openvpn-0.8.orig/properties/auth-helpers.c network-manager-openvpn-0.8/properties/auth-helpers.c --- network-manager-openvpn-0.8.orig/properties/auth-helpers.c 2010-02-20 18:39:38.000000000 +0100 +++ network-manager-openvpn-0.8/properties/auth-helpers.c 2010-05-15 13:26:55.000000000 +0200 @@ -755,6 +755,15 @@ static const char *advanced_keys[] = { NM_OPENVPN_KEY_PORT, NM_OPENVPN_KEY_COMP_LZO, + + /* bes customization begin */ + + NM_OPENVPN_KEY_MSSFIX, + NM_OPENVPN_KEY_TUNMTU_SIZE, + NM_OPENVPN_KEY_FRAGMENT_SIZE, + + /* bes customization end */ + NM_OPENVPN_KEY_TAP_DEV, NM_OPENVPN_KEY_PROTO_TCP, NM_OPENVPN_KEY_CIPHER, @@ -804,6 +813,30 @@ gtk_widget_set_sensitive (widget, gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (check))); } +/* bes customization start */ + +static void +tunmtu_toggled_cb (GtkWidget *check, gpointer user_data) +{ + GladeXML *xml = (GladeXML *) user_data; + GtkWidget *widget; + + widget = glade_xml_get_widget (xml, "tunmtu_spinbutton"); + gtk_widget_set_sensitive (widget, gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (check))); +} + +static void +fragment_toggled_cb (GtkWidget *check, gpointer user_data) +{ + GladeXML *xml = (GladeXML *) user_data; + GtkWidget *widget; + + widget = glade_xml_get_widget (xml, "fragment_spinbutton"); + gtk_widget_set_sensitive (widget, gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (check))); +} + +/* bes customization end */ + static void reneg_toggled_cb (GtkWidget *check, gpointer user_data) { @@ -1047,6 +1080,66 @@ gtk_widget_set_sensitive (widget, FALSE); } + /* bes customization start */ + + widget = glade_xml_get_widget (xml, "tunmtu_checkbutton"); + g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (tunmtu_toggled_cb), xml); + + value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_TUNMTU_SIZE); + if (value && strlen (value)) { + long int tmp; + + errno = 0; + tmp = strtol (value, NULL, 10); + if (errno == 0 && tmp > 0 && tmp < 65536) { + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); + + widget = glade_xml_get_widget (xml, "tunmtu_spinbutton"); + gtk_spin_button_set_value (GTK_SPIN_BUTTON (widget), + (gdouble) tmp); + } + gtk_widget_set_sensitive (widget, TRUE); + } else { + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), FALSE); + + widget = glade_xml_get_widget (xml, "tunmtu_spinbutton"); + gtk_spin_button_set_value (GTK_SPIN_BUTTON (widget), 1500.0); + gtk_widget_set_sensitive (widget, FALSE); + } + + widget = glade_xml_get_widget (xml, "fragment_checkbutton"); + g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (fragment_toggled_cb), xml); + + value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_FRAGMENT_SIZE); + if (value && strlen (value)) { + long int tmp; + + errno = 0; + tmp = strtol (value, NULL, 10); + if (errno == 0 && tmp > 0 && tmp < 65536) { + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); + + widget = glade_xml_get_widget (xml, "fragment_spinbutton"); + gtk_spin_button_set_value (GTK_SPIN_BUTTON (widget), + (gdouble) tmp); + } + gtk_widget_set_sensitive (widget, TRUE); + } else { + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), FALSE); + + widget = glade_xml_get_widget (xml, "fragment_spinbutton"); + gtk_spin_button_set_value (GTK_SPIN_BUTTON (widget), 1300.0); + gtk_widget_set_sensitive (widget, FALSE); + } + + value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_MSSFIX); + if (value && !strcmp (value, "yes")) { + widget = glade_xml_get_widget (xml, "mssfix_checkbutton"); + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); + } + + /* bes customization end */ + widget = glade_xml_get_widget (xml, "port_checkbutton"); g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (port_toggled_cb), xml); @@ -1078,6 +1171,16 @@ gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); } + /* bes customization start */ + + value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_MSSFIX); + if (value && !strcmp (value, "yes")) { + widget = glade_xml_get_widget (xml, "mssfix_checkbutton"); + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE); + } + + /* bes customization end */ + value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_PROTO_TCP); if (value && !strcmp (value, "yes")) { widget = glade_xml_get_widget (xml, "tcp_checkbutton"); @@ -1188,6 +1291,28 @@ g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_RENEG_SECONDS), g_strdup_printf ("%d", reneg_seconds)); } + /* bes customization start */ + + widget = glade_xml_get_widget (xml, "tunmtu_checkbutton"); + if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { + int tunmtu_size; + + widget = glade_xml_get_widget (xml, "tunmtu_spinbutton"); + tunmtu_size = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget)); + g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_TUNMTU_SIZE), g_strdup_printf ("%d", tunmtu_size)); + } + + widget = glade_xml_get_widget (xml, "fragment_checkbutton"); + if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { + int fragment_size; + + widget = glade_xml_get_widget (xml, "fragment_spinbutton"); + fragment_size = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget)); + g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_FRAGMENT_SIZE), g_strdup_printf ("%d", fragment_size)); + } + + /* bes customization end */ + widget = glade_xml_get_widget (xml, "port_checkbutton"); if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { int port; @@ -1201,6 +1326,14 @@ if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_COMP_LZO), g_strdup ("yes")); + /* bes customization start */ + + widget = glade_xml_get_widget (xml, "mssfix_checkbutton"); + if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) + g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_MSSFIX), g_strdup ("yes")); + + /* bes customization end */ + widget = glade_xml_get_widget (xml, "tcp_checkbutton"); if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_PROTO_TCP), g_strdup ("yes")); diff -Naur network-manager-openvpn-0.8.orig/properties/import-export.c network-manager-openvpn-0.8/properties/import-export.c --- network-manager-openvpn-0.8.orig/properties/import-export.c 2010-02-20 18:39:38.000000000 +0100 +++ network-manager-openvpn-0.8/properties/import-export.c 2010-05-15 13:25:53.000000000 +0200 @@ -59,6 +59,15 @@ #define TLS_AUTH_TAG "tls-auth" #define AUTH_TAG "auth " #define RENEG_SEC_TAG "reneg-sec" + +/* bes customization start */ + +#define MSSFIX_TAG "mssfix" +#define TUNMTU_TAG "tun-mtu" +#define FRAGMENT_TAG "fragment" + +/* bes customization end */ + #define TLS_REMOTE_TAG "tls-remote" #define PORT_TAG "port" #define RPORT_TAG "rport" @@ -262,6 +271,57 @@ continue; } + /* bes customization start */ + + if (!strncmp (*line, MSSFIX_TAG, strlen (MSSFIX_TAG))) { + nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_MSSFIX, "yes"); + continue; + } + + if (!strncmp (*line, TUNMTU_TAG, strlen (TUNMTU_TAG))) { + items = get_args (*line + strlen (TUNMTU_TAG)); + if (!items) + continue; + + if (g_strv_length (items) >= 1) { + glong secs; + + errno = 0; + secs = strtol (items[0], NULL, 10); + if ((errno == 0) && (secs >= 0) && (secs < 0xffff)) { + char *tmp = g_strdup_printf ("%d", (guint32) secs); + nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_TUNMTU_SIZE, tmp); + g_free (tmp); + } else + g_warning ("%s: invalid size in option '%s'", __func__, *line); + } + g_strfreev (items); + continue; + } + + if (!strncmp (*line, FRAGMENT_TAG, strlen (FRAGMENT_TAG))) { + items = get_args (*line + strlen (FRAGMENT_TAG)); + if (!items) + continue; + + if (g_strv_length (items) >= 1) { + glong secs; + + errno = 0; + secs = strtol (items[0], NULL, 10); + if ((errno == 0) && (secs >= 0) && (secs < 0xffff)) { + char *tmp = g_strdup_printf ("%d", (guint32) secs); + nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_FRAGMENT_SIZE, tmp); + g_free (tmp); + } else + g_warning ("%s: invalid size in option '%s'", __func__, *line); + } + g_strfreev (items); + continue; + } + + /* bes customization end */ + if (!strncmp (*line, COMP_TAG, strlen (COMP_TAG))) { nm_setting_vpn_add_data_item (s_vpn, NM_OPENVPN_KEY_COMP_LZO, "yes"); continue; @@ -500,6 +560,17 @@ gboolean device_tun = TRUE; gboolean proto_udp = TRUE; gboolean use_lzo = FALSE; + + /* bes customization start */ + + gboolean mssfix = FALSE; + gboolean tunmtu_exists = FALSE; + guint32 tunmtu = 0; + gboolean fragment_exists = FALSE; + guint32 fragment = 0; + + /* bes customization end */ + gboolean reneg_exists = FALSE; guint32 reneg = 0; @@ -584,6 +655,26 @@ if (value && !strcmp (value, "yes")) use_lzo = TRUE; + /* bes customization start */ + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_MSSFIX); + if (value && !strcmp (value, "yes")) + mssfix = TRUE; + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TUNMTU_SIZE); + if (value && strlen (value)) { + tunmtu_exists = TRUE; + tunmtu = strtol (value, NULL, 10); + } + + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_FRAGMENT_SIZE); + if (value && strlen (value)) { + fragment_exists = TRUE; + fragment = strtol (value, NULL, 10); + } + + /* bes customization end */ + value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CIPHER); if (value && strlen (value)) cipher = value; @@ -642,6 +733,19 @@ if (use_lzo) fprintf (f, "comp-lzo yes\n"); + /* bes customization start */ + + if (mssfix) + fprintf (f, "mssfix yes\n"); + + if (tunmtu_exists) + fprintf (f, "tun-mtu %d\n", tunmtu); + + if (fragment_exists) + fprintf (f, "fragment %d\n", fragment); + + /* bes customization end */ + fprintf (f, "dev %s\n", device_tun ? "tun" : "tap"); fprintf (f, "proto %s\n", proto_udp ? "udp" : "tcp"); diff -Naur network-manager-openvpn-0.8.orig/properties/nm-openvpn-dialog.glade network-manager-openvpn-0.8/properties/nm-openvpn-dialog.glade --- network-manager-openvpn-0.8.orig/properties/nm-openvpn-dialog.glade 2010-02-20 18:39:38.000000000 +0100 +++ network-manager-openvpn-0.8/properties/nm-openvpn-dialog.glade 2010-05-15 13:25:31.000000000 +0200 @@ -835,7 +835,6 @@ True gtk-preferences - 4 False @@ -1115,7 +1114,6 @@ True - vertical 12 @@ -1302,6 +1300,105 @@ tab + + + True + + + True + + + Use custom _TUN MTU size: + True + True + False + True + True + + + 0 + + + + + True + True + + 1500 1 65535 1 10 10 + + + 1 + + + + + 0 + + + + + True + + + Use custom _fragment size: + True + True + False + True + 0.49000000953674316 + True + + + 0 + + + + + True + True + + 1300 0 65535 1 10 10 + True + + + 1 + + + + + 1 + + + + + Enable _mssfix + True + True + False + True + 0.49000000953674316 + True + + + 2 + + + + + 3 + + + + + True + Fragmentation + + + 3 + False + tab + + False diff -Naur network-manager-openvpn-0.8.orig/src/nm-openvpn-service.c network-manager-openvpn-0.8/src/nm-openvpn-service.c --- network-manager-openvpn-0.8.orig/src/nm-openvpn-service.c 2010-02-20 18:39:38.000000000 +0100 +++ network-manager-openvpn-0.8/src/nm-openvpn-service.c 2010-05-15 13:27:56.000000000 +0200 @@ -88,6 +88,15 @@ { NM_OPENVPN_KEY_CERT, G_TYPE_STRING, 0, 0, FALSE }, { NM_OPENVPN_KEY_CIPHER, G_TYPE_STRING, 0, 0, FALSE }, { NM_OPENVPN_KEY_COMP_LZO, G_TYPE_BOOLEAN, 0, 0, FALSE }, + +/* bes customization start */ + + { NM_OPENVPN_KEY_MSSFIX, G_TYPE_BOOLEAN, 0, 0, FALSE }, + { NM_OPENVPN_KEY_TUNMTU_SIZE, G_TYPE_INT, 0, G_MAXINT, FALSE }, + { NM_OPENVPN_KEY_FRAGMENT_SIZE, G_TYPE_INT, 0, G_MAXINT, FALSE }, + +/* bes customization end */ + { NM_OPENVPN_KEY_CONNECTION_TYPE, G_TYPE_STRING, 0, 0, FALSE }, { NM_OPENVPN_KEY_TAP_DEV, G_TYPE_BOOLEAN, 0, 0, FALSE }, { NM_OPENVPN_KEY_KEY, G_TYPE_STRING, 0, 0, FALSE }, @@ -778,6 +787,46 @@ add_openvpn_arg (args, "nm-openvpn"); } + /* bes customizations begin */ + + /* TUN MTU size */ + tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_TUNMTU_SIZE); + if (tmp && strlen (tmp)) { + add_openvpn_arg (args, "--tun-mtu"); + if (!add_openvpn_arg_int (args, tmp)) { + g_set_error (error, + NM_VPN_PLUGIN_ERROR, + NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, + "Invalid TUN MTU size '%s'.", + tmp); + free_openvpn_args (args); + return FALSE; + } + } + + /* fragment size */ + tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_FRAGMENT_SIZE); + if (tmp && strlen (tmp)) { + add_openvpn_arg (args, "--fragment"); + if (!add_openvpn_arg_int (args, tmp)) { + g_set_error (error, + NM_VPN_PLUGIN_ERROR, + NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, + "Invalid fragment size '%s'.", + tmp); + free_openvpn_args (args); + return FALSE; + } + } + + /* mssfix */ + tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_MSSFIX); + if (tmp && !strcmp (tmp, "yes")) { + add_openvpn_arg (args, "--mssfix"); + } + + /* bes customizations end */ + /* Punch script security in the face; this option was added to OpenVPN 2.1-rc9 * and defaults to disallowing any scripts, a behavior change from previous * versions. diff -Naur network-manager-openvpn-0.8.orig/src/nm-openvpn-service.h network-manager-openvpn-0.8/src/nm-openvpn-service.h --- network-manager-openvpn-0.8.orig/src/nm-openvpn-service.h 2010-02-20 18:39:38.000000000 +0100 +++ network-manager-openvpn-0.8/src/nm-openvpn-service.h 2010-05-15 13:28:03.000000000 +0200 @@ -43,6 +43,15 @@ #define NM_OPENVPN_KEY_CERT "cert" #define NM_OPENVPN_KEY_CIPHER "cipher" #define NM_OPENVPN_KEY_COMP_LZO "comp-lzo" + +/* bes customization start */ + +#define NM_OPENVPN_KEY_MSSFIX "mssfix" +#define NM_OPENVPN_KEY_TUNMTU_SIZE "tunmtu-size" +#define NM_OPENVPN_KEY_FRAGMENT_SIZE "fragment-size" + +/* bes customization end */ + #define NM_OPENVPN_KEY_CONNECTION_TYPE "connection-type" #define NM_OPENVPN_KEY_TAP_DEV "tap-dev" #define NM_OPENVPN_KEY_KEY "key"