From 6b8371c73ec8d1d8b9b4e1c32da52476298c5c5f Mon Sep 17 00:00:00 2001
From: Dan Williams <dcbw@redhat.com>
Date: Sun, 21 May 2006 20:28:25 +0000
Subject: [PATCH] 2006-05-21  Dan Williams  <dcbw@redhat.com>

	* src/nm-vpnc-service.c
		- Better rekey patch; honor user-specified interval but default
			to 2 hours if unspecified


git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@1754 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
---
 vpn-daemons/vpnc/ChangeLog             |  6 +++++
 vpn-daemons/vpnc/src/nm-vpnc-service.c | 32 ++++++++++++++++----------
 2 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/vpn-daemons/vpnc/ChangeLog b/vpn-daemons/vpnc/ChangeLog
index 3bf58b41b7..19cded3568 100644
--- a/vpn-daemons/vpnc/ChangeLog
+++ b/vpn-daemons/vpnc/ChangeLog
@@ -1,3 +1,9 @@
+2006-05-21  Dan Williams  <dcbw@redhat.com>
+
+	* src/nm-vpnc-service.c
+		- Better rekey patch; honor user-specified interval but default
+			to 2 hours if unspecified
+
 2006-05-21  Dan Williams  <dcbw@redhat.com>
 
     * configure.in: bump version to 0.7.0 to match NM HEAD
diff --git a/vpn-daemons/vpnc/src/nm-vpnc-service.c b/vpn-daemons/vpnc/src/nm-vpnc-service.c
index 9915fd62c0..fbef9c670c 100644
--- a/vpn-daemons/vpnc/src/nm-vpnc-service.c
+++ b/vpn-daemons/vpnc/src/nm-vpnc-service.c
@@ -57,6 +57,7 @@ static const char *vpnc_binary_paths[] =
 
 #define NM_VPNC_HELPER_PATH		BINDIR"/nm-vpnc-service-vpnc-helper"
 #define NM_VPNC_UDP_ENCAPSULATION_PORT	0 /* random port */
+#define NM_VPNC_REKEYING_INTERVAL 7200 /* default interval of 2 hours */
 
 typedef struct NmVpncData
 {
@@ -435,6 +436,7 @@ static gboolean nm_vpnc_config_write (guint vpnc_fd, const char *user_name, char
 {
 	int     i;
 	gboolean has_user_name = FALSE;
+	gboolean has_rekey_interval = FALSE;
 
 	g_return_val_if_fail (user_name != NULL, FALSE);
 	g_return_val_if_fail (password_items != NULL, FALSE);
@@ -452,12 +454,17 @@ static gboolean nm_vpnc_config_write (guint vpnc_fd, const char *user_name, char
 		write_config_option (vpnc_fd, "%s %s\n", data_items[i], data_items[i+1]);
 		if (strcmp (data_items[i], "Xauth username") == 0)
 			has_user_name = TRUE;
+		else if (strcmp (data_items[i], "Rekeying interval") == 0)
+			has_rekey_interval = TRUE;
 	}
 
 	/* if user name isn't specified, use the name of the logged in user */
 	if (!has_user_name)
 		write_config_option (vpnc_fd, "Xauth username %s\n", user_name);
 
+	if (!has_rekey_interval)
+		write_config_option (vpnc_fd, "Rekeying interval %d\n", NM_VPNC_REKEYING_INTERVAL);
+
 	return TRUE;
 }
 
@@ -485,18 +492,19 @@ typedef struct Option
 static gboolean nm_vpnc_config_options_validate (char **data_items, int num_items)
 {
 	Option	allowed_opts[] = {
-					{ "IPSec gateway",			OPT_TYPE_ADDRESS },
-					{ "IPSec ID",				OPT_TYPE_ASCII },
-					{ "IPSec secret",			OPT_TYPE_ASCII },
-					{ "Xauth username",			OPT_TYPE_ASCII },
-					{ "UDP Encapsulate",		OPT_TYPE_NONE },
-					{ "UDP Encapsulation Port",	OPT_TYPE_ASCII },
-					{ "Domain",				OPT_TYPE_ASCII },
-					{ "IKE DH Group",			OPT_TYPE_ASCII },
-					{ "Perfect Forward Secrecy",	OPT_TYPE_ASCII },
-					{ "Application Version",		OPT_TYPE_ASCII },
-					{ "Rekeying interval",		OPT_TYPE_ASCII },
-					{ NULL,					OPT_TYPE_UNKNOWN } };
+		{ "IPSec gateway",            OPT_TYPE_ADDRESS },
+		{ "IPSec ID",                 OPT_TYPE_ASCII },
+		{ "IPSec secret",             OPT_TYPE_ASCII },
+		{ "Xauth username",           OPT_TYPE_ASCII },
+		{ "UDP Encapsulate",          OPT_TYPE_NONE },
+		{ "UDP Encapsulation Port",   OPT_TYPE_ASCII },
+		{ "Domain",                   OPT_TYPE_ASCII },
+		{ "IKE DH Group",             OPT_TYPE_ASCII },
+		{ "Perfect Forward Secrecy",  OPT_TYPE_ASCII },
+		{ "Application Version",      OPT_TYPE_ASCII },
+		{ "Rekeying interval",        OPT_TYPE_ASCII },
+		{ NULL,                       OPT_TYPE_UNKNOWN }
+	};
 
 	unsigned int	i;