2006-05-21 Dan Williams <dcbw@redhat.com>

* src/nm-vpnc-service.c - Better rekey patch; honor user-specified interval but default to 2 hours if unspecified git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@1754 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2026-02-07 01:40:53 +01:00 · 2006-05-21 20:28:25 +00:00 · 2006-05-21 20:28:25 +00:00 · 6b8371c73e
commit 6b8371c73e
parent 1048e9b068
2 changed files with 26 additions and 12 deletions
--- a/vpn-daemons/vpnc/ChangeLog
+++ b/vpn-daemons/vpnc/ChangeLog
@ -1,3 +1,9 @@
+2006-05-21  Dan Williams  <dcbw@redhat.com>
+
+	* src/nm-vpnc-service.c
+		- Better rekey patch; honor user-specified interval but default
+			to 2 hours if unspecified
+
 2006-05-21  Dan Williams  <dcbw@redhat.com>

    * configure.in: bump version to 0.7.0 to match NM HEAD
--- a/vpn-daemons/vpnc/src/nm-vpnc-service.c
+++ b/vpn-daemons/vpnc/src/nm-vpnc-service.c
@ -57,6 +57,7 @@ static const char *vpnc_binary_paths[] =

 #define NM_VPNC_HELPER_PATH		BINDIR"/nm-vpnc-service-vpnc-helper"
 #define NM_VPNC_UDP_ENCAPSULATION_PORT	0 /* random port */
+#define NM_VPNC_REKEYING_INTERVAL 7200 /* default interval of 2 hours */

 typedef struct NmVpncData
 {
@ -435,6 +436,7 @@ static gboolean nm_vpnc_config_write (guint vpnc_fd, const char *user_name, char
 {
 	int     i;
 	gboolean has_user_name = FALSE;
+	gboolean has_rekey_interval = FALSE;

 	g_return_val_if_fail (user_name != NULL, FALSE);
 	g_return_val_if_fail (password_items != NULL, FALSE);
@ -452,12 +454,17 @@ static gboolean nm_vpnc_config_write (guint vpnc_fd, const char *user_name, char
 		write_config_option (vpnc_fd, "%s %s\n", data_items[i], data_items[i+1]);
 		if (strcmp (data_items[i], "Xauth username") == 0)
 			has_user_name = TRUE;
+		else if (strcmp (data_items[i], "Rekeying interval") == 0)
+			has_rekey_interval = TRUE;
 	}

 	/* if user name isn't specified, use the name of the logged in user */
 	if (!has_user_name)
 		write_config_option (vpnc_fd, "Xauth username %s\n", user_name);

+	if (!has_rekey_interval)
+		write_config_option (vpnc_fd, "Rekeying interval %d\n", NM_VPNC_REKEYING_INTERVAL);
+
 	return TRUE;
 }

@ -485,18 +492,19 @@ typedef struct Option
 static gboolean nm_vpnc_config_options_validate (char **data_items, int num_items)
 {
 	Option	allowed_opts[] = {
-					{ "IPSec gateway",			OPT_TYPE_ADDRESS },
-					{ "IPSec ID",				OPT_TYPE_ASCII },
-					{ "IPSec secret",			OPT_TYPE_ASCII },
-					{ "Xauth username",			OPT_TYPE_ASCII },
-					{ "UDP Encapsulate",		OPT_TYPE_NONE },
-					{ "UDP Encapsulation Port",	OPT_TYPE_ASCII },
-					{ "Domain",				OPT_TYPE_ASCII },
-					{ "IKE DH Group",			OPT_TYPE_ASCII },
-					{ "Perfect Forward Secrecy",	OPT_TYPE_ASCII },
-					{ "Application Version",		OPT_TYPE_ASCII },
-					{ "Rekeying interval",		OPT_TYPE_ASCII },
-					{ NULL,					OPT_TYPE_UNKNOWN } };
+		{ "IPSec gateway",            OPT_TYPE_ADDRESS },
+		{ "IPSec ID",                 OPT_TYPE_ASCII },
+		{ "IPSec secret",             OPT_TYPE_ASCII },
+		{ "Xauth username",           OPT_TYPE_ASCII },
+		{ "UDP Encapsulate",          OPT_TYPE_NONE },
+		{ "UDP Encapsulation Port",   OPT_TYPE_ASCII },
+		{ "Domain",                   OPT_TYPE_ASCII },
+		{ "IKE DH Group",             OPT_TYPE_ASCII },
+		{ "Perfect Forward Secrecy",  OPT_TYPE_ASCII },
+		{ "Application Version",      OPT_TYPE_ASCII },
+		{ "Rekeying interval",        OPT_TYPE_ASCII },
+		{ NULL,                       OPT_TYPE_UNKNOWN }
+	};

 	unsigned int	i;