[network-manager-openvpn] service, properties: add support for connect-timeout
- From: Beniamino Galvani <bgalvani src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-openvpn] service, properties: add support for connect-timeout
- Date: Fri, 19 Jan 2018 16:22:46 +0000 (UTC)
commit 665ba502e27c962867b338a255957b6a9b9003ec
Author: Beniamino Galvani <bgalvani redhat com>
Date: Tue Jan 16 10:41:58 2018 +0100
service,properties: add support for connect-timeout
https://bugzilla.gnome.org/show_bug.cgi?id=792252
Makefile.am | 2 +
properties/import-export.c | 13 +++++++
properties/nm-openvpn-dialog.ui | 44 +++++++++++++++++++++++-
properties/nm-openvpn-editor.c | 13 +++++++
properties/tests/conf/connect-timeout.ovpn | 25 +++++++++++++
properties/tests/conf/server-poll-timeout.ovpn | 25 +++++++++++++
properties/tests/test-import-export.c | 32 +++++++++++++++++
shared/nm-service-defines.h | 1 +
shared/utils.h | 2 +
src/nm-openvpn-service.c | 14 +++++++
10 files changed, 170 insertions(+), 1 deletions(-)
---
diff --git a/Makefile.am b/Makefile.am
index abc5483..6cc7807 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -300,12 +300,14 @@ EXTRA_DIST += \
properties/tests/conf/proxy-socks.ovpn \
properties/tests/conf/proxy-http-with-auth.ovpn \
properties/tests/conf/keysize.ovpn \
+ properties/tests/conf/connect-timeout.ovpn \
properties/tests/conf/device.ovpn \
properties/tests/conf/device-notype.ovpn \
properties/tests/conf/keepalive.ovpn \
properties/tests/conf/ping-with-exit.ovpn \
properties/tests/conf/ping-with-restart.ovpn \
properties/tests/conf/route.ovpn \
+ properties/tests/conf/server-poll-timeout.ovpn \
properties/tests/conf/tls-inline.ovpn \
properties/tests/conf/tls-inline-ca.pem \
properties/tests/conf/tls-inline-cert.pem \
diff --git a/properties/import-export.c b/properties/import-export.c
index 8bce07c..e211df5 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -959,6 +959,17 @@ do_import (const char *path, const char *contents, gsize contents_len, GError **
continue;
}
+ if (NM_IN_STRSET (params[0],
+ NMV_OVPN_TAG_CONNECT_TIMEOUT,
+ NMV_OVPN_TAG_SERVER_POLL_TIMEOUT)) {
+ if (!args_params_check_nargs_n (params, 1, &line_error))
+ goto handle_line_error;
+ if (!args_params_parse_int64 (params, 1, 0, G_MAXINT, &v_int64, &line_error))
+ goto handle_line_error;
+ setting_vpn_add_data_item_int64 (s_vpn, NM_OPENVPN_KEY_CONNECT_TIMEOUT, v_int64);
+ continue;
+ }
+
if (NM_IN_STRSET (params[0], NMV_OVPN_TAG_FRAGMENT)) {
if (!args_params_check_nargs_n (params, 1, &line_error))
goto handle_line_error;
@@ -1924,6 +1935,8 @@ do_export_create (NMConnection *connection, const char *path, GError **error)
args_write_line_setting_value_int (f, NMV_OVPN_TAG_TUN_MTU, s_vpn, NM_OPENVPN_KEY_TUNNEL_MTU);
+ args_write_line_setting_value_int (f, NMV_OVPN_TAG_CONNECT_TIMEOUT, s_vpn,
NM_OPENVPN_KEY_CONNECT_TIMEOUT);
+
args_write_line_setting_value_int (f, NMV_OVPN_TAG_FRAGMENT, s_vpn, NM_OPENVPN_KEY_FRAGMENT_SIZE);
{
diff --git a/properties/nm-openvpn-dialog.ui b/properties/nm-openvpn-dialog.ui
index 9d4a271..bfe2de8 100644
--- a/properties/nm-openvpn-dialog.ui
+++ b/properties/nm-openvpn-dialog.ui
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- Generated with glade 3.20.0 -->
+<!-- Generated with glade 3.20.2 -->
<interface>
<requires lib="gtk+" version="3.4"/>
<object class="GtkAdjustment" id="adjustment1">
@@ -2333,6 +2333,48 @@ config: http-proxy-retry or socks-proxy-retry</property>
<property name="position">0</property>
</packing>
</child>
+ <child>
+ <object class="GtkBox">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="spacing">6</property>
+ <child>
+ <object class="GtkCheckButton" id="connect_timeout_checkbutton">
+ <property name="label" translatable="yes">Connect timeout</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="tooltip_text" translatable="yes">The timeout in seconds before
trying the next server. This timeout includes proxy and TCP connect timeouts.
+config:connect-timeout <n> | server-poll-timeout <n></property>
+ <property name="receives_default">False</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkSpinButton" id="connect_timeout_spinbutton">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="tooltip_text" translatable="yes">The timeout in seconds before
trying the next server. This timeout includes proxy and TCP connect timeouts.
+config:connect-timeout <n> | server-poll-timeout <n></property>
+ <property name="adjustment">adjustment5</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
+ </packing>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
+ </packing>
+ </child>
</object>
<packing>
<property name="position">4</property>
diff --git a/properties/nm-openvpn-editor.c b/properties/nm-openvpn-editor.c
index f8e0277..d5c83dd 100644
--- a/properties/nm-openvpn-editor.c
+++ b/properties/nm-openvpn-editor.c
@@ -715,6 +715,7 @@ static const char *advanced_keys[] = {
NM_OPENVPN_KEY_PING_RESTART,
NM_OPENVPN_KEY_MAX_ROUTES,
NM_OPENVPN_KEY_MTU_DISC,
+ NM_OPENVPN_KEY_CONNECT_TIMEOUT,
NULL
};
@@ -1543,6 +1544,9 @@ advanced_dialog_new (GHashTable *hash, const char *contype)
_builder_init_optional_spinbutton (builder, "tunmtu_checkbutton", "tunmtu_spinbutton", !!value,
_nm_utils_ascii_str_to_int64 (value, 10, 1, 65535, 1500));
+ value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_CONNECT_TIMEOUT);
+ _builder_init_optional_spinbutton (builder, "connect_timeout_checkbutton",
"connect_timeout_spinbutton", !!value,
+ _nm_utils_ascii_str_to_int64 (value, 10, 0, G_MAXINT, 120));
value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_FRAGMENT_SIZE);
_builder_init_optional_spinbutton (builder, "fragment_checkbutton", "fragment_spinbutton", !!value,
@@ -1794,6 +1798,15 @@ advanced_dialog_new_hash_from_dialog (GtkWidget *dialog, GError **error)
g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_TUNNEL_MTU), g_strdup_printf ("%d",
tunmtu_size));
}
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "connect_timeout_checkbutton"));
+ if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
+ int timeout;
+
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "connect_timeout_spinbutton"));
+ timeout = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget));
+ g_hash_table_insert (hash, g_strdup (NM_OPENVPN_KEY_CONNECT_TIMEOUT), g_strdup_printf ("%d",
timeout));
+ }
+
widget = GTK_WIDGET (gtk_builder_get_object (builder, "fragment_checkbutton"));
if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
int fragment_size;
diff --git a/properties/tests/conf/connect-timeout.ovpn b/properties/tests/conf/connect-timeout.ovpn
new file mode 100644
index 0000000..67efe83
--- /dev/null
+++ b/properties/tests/conf/connect-timeout.ovpn
@@ -0,0 +1,25 @@
+port 2345
+
+remote 173.8.149.245
+resolv-retry infinite
+connect-timeout 19
+
+dev tun
+persist-key
+persist-tun
+link-mtu 1400
+proto udp
+nobind
+pull
+tls-client
+
+ca keys/mg8.ca
+cert keys/clee.crt
+key keys/clee.key
+
+tls-auth keys/46.key 1
+tls-remote "/CN=myvpn.company.com"
+
+comp-lzo
+verb 4
+
diff --git a/properties/tests/conf/server-poll-timeout.ovpn b/properties/tests/conf/server-poll-timeout.ovpn
new file mode 100644
index 0000000..fa705c8
--- /dev/null
+++ b/properties/tests/conf/server-poll-timeout.ovpn
@@ -0,0 +1,25 @@
+port 2345
+
+remote 173.8.149.245
+resolv-retry infinite
+
+dev tun
+persist-key
+persist-tun
+link-mtu 1400
+proto udp
+nobind
+pull
+tls-client
+server-poll-timeout 23
+
+ca keys/mg8.ca
+cert keys/clee.crt
+key keys/clee.key
+
+tls-auth keys/46.key 1
+tls-remote "/CN=myvpn.company.com"
+
+comp-lzo
+verb 4
+
diff --git a/properties/tests/test-import-export.c b/properties/tests/test-import-export.c
index 64025ac..e28acee 100644
--- a/properties/tests/test-import-export.c
+++ b/properties/tests/test-import-export.c
@@ -671,6 +671,34 @@ test_port_import (gconstpointer test_data)
}
static void
+test_connect_timeout_import (gconstpointer test_data)
+{
+ _CREATE_PLUGIN (plugin);
+ NMConnection *connection;
+ NMSettingConnection *s_con;
+ NMSettingVpn *s_vpn;
+ const char *file, *expected_timeout;
+
+ nmtst_test_data_unpack (test_data, &file, &expected_timeout);
+
+ connection = get_basic_connection (plugin, SRCDIR, file);
+ g_assert (connection);
+
+ /* Connection setting */
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+
+ /* VPN setting */
+ s_vpn = nm_connection_get_setting_vpn (connection);
+ g_assert (s_vpn);
+
+ /* Data items */
+ _check_item (s_vpn, NM_OPENVPN_KEY_CONNECT_TIMEOUT, expected_timeout);
+
+ g_object_unref (connection);
+}
+
+static void
test_ping_import (gconstpointer test_data)
{
_CREATE_PLUGIN (plugin);
@@ -1188,6 +1216,10 @@ int main (int argc, char **argv)
_add_test_func ("rport-import", test_port_import, "rport.ovpn", "rport", "6789");
_add_test_func ("rport-export", test_export_compare, "rport.ovpn", "rport.ovpntest");
+ _add_test_func ("connect-timeout-import", test_connect_timeout_import, "connect-timeout.ovpn", "19");
+ _add_test_func ("server-poll-timeout-import", test_connect_timeout_import,
"server-poll-timeout.ovpn", "23");
+ _add_test_func ("connect-timeout-export", test_export_compare, "connect-timeout.ovpn",
"connect-timeout.ovpntest");
+
_add_test_func_simple (test_tun_opts_import);
_add_test_func ("tun-opts-export", test_export_compare, "tun-opts.conf", "tun-opts.ovpntest");
diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
index 513fec4..4790a3a 100644
--- a/shared/nm-service-defines.h
+++ b/shared/nm-service-defines.h
@@ -71,6 +71,7 @@
#define NM_OPENVPN_KEY_VERIFY_X509_NAME "verify-x509-name"
#define NM_OPENVPN_KEY_REMOTE_CERT_TLS "remote-cert-tls"
#define NM_OPENVPN_KEY_MAX_ROUTES "max-routes"
+#define NM_OPENVPN_KEY_CONNECT_TIMEOUT "connect-timeout"
#define NM_OPENVPN_KEY_PASSWORD "password"
#define NM_OPENVPN_KEY_CERTPASS "cert-pass"
diff --git a/shared/utils.h b/shared/utils.h
index 353ddef..d70436e 100644
--- a/shared/utils.h
+++ b/shared/utils.h
@@ -30,6 +30,7 @@
#define NMV_OVPN_TAG_CIPHER "cipher"
#define NMV_OVPN_TAG_CLIENT "client"
#define NMV_OVPN_TAG_COMP_LZO "comp-lzo"
+#define NMV_OVPN_TAG_CONNECT_TIMEOUT "connect-timeout"
#define NMV_OVPN_TAG_DEV "dev"
#define NMV_OVPN_TAG_DEV_TYPE "dev-type"
#define NMV_OVPN_TAG_FLOAT "float"
@@ -63,6 +64,7 @@
#define NMV_OVPN_TAG_RPORT "rport"
#define NMV_OVPN_TAG_SCRIPT_SECURITY "script-security"
#define NMV_OVPN_TAG_SECRET "secret"
+#define NMV_OVPN_TAG_SERVER_POLL_TIMEOUT "server-poll-timeout"
#define NMV_OVPN_TAG_SOCKS_PROXY_RETRY "socks-proxy-retry"
#define NMV_OVPN_TAG_SOCKS_PROXY "socks-proxy"
#define NMV_OVPN_TAG_TLS_AUTH "tls-auth"
diff --git a/src/nm-openvpn-service.c b/src/nm-openvpn-service.c
index 0f4e0cf..921050f 100644
--- a/src/nm-openvpn-service.c
+++ b/src/nm-openvpn-service.c
@@ -146,6 +146,7 @@ static const ValidProperty valid_properties[] = {
{ NM_OPENVPN_KEY_CIPHER, G_TYPE_STRING, 0, 0, FALSE },
{ NM_OPENVPN_KEY_KEYSIZE, G_TYPE_INT, 1, 65535, FALSE },
{ NM_OPENVPN_KEY_COMP_LZO, G_TYPE_STRING, 0, 0, FALSE },
+ { NM_OPENVPN_KEY_CONNECT_TIMEOUT, G_TYPE_INT, 0, G_MAXINT, FALSE },
{ NM_OPENVPN_KEY_CONNECTION_TYPE, G_TYPE_STRING, 0, 0, FALSE },
{ NM_OPENVPN_KEY_FLOAT, G_TYPE_BOOLEAN, 0, 0, FALSE },
{ NM_OPENVPN_KEY_FRAGMENT_SIZE, G_TYPE_INT, 0, G_MAXINT, FALSE },
@@ -1537,6 +1538,19 @@ nm_openvpn_start_openvpn_binary (NMOpenvpnPlugin *plugin,
}
}
+ tmp = nm_setting_vpn_get_data_item (s_vpn, NM_OPENVPN_KEY_CONNECT_TIMEOUT);
+ if (tmp) {
+ add_openvpn_arg (args, "--connect-timeout");
+ if (!add_openvpn_arg_int (args, tmp)) {
+ g_set_error (error,
+ NM_VPN_PLUGIN_ERROR,
+ NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+ _("Invalid connect timeout ā%sā."),
+ tmp);
+ return FALSE;
+ }
+ }
+
add_openvpn_arg (args, "--nobind");
/* max routes allowed from openvpn server */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
