diff -Naur NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c
--- NetworkManager-openvpn-0.7.0/src/nm-openvpn-service-openvpn-helper.c 2008-12-12 01:22:57.000000000 +0530
+++ NetworkManager-openvpn-0.7.0.route/src/nm-openvpn-service-openvpn-helper.c 2009-10-09 12:59:38.000000000 +0530
@@ -287,6 +287,7 @@
GValue *nbns_list = NULL;
GValue *dns_domain = NULL;
struct in_addr temp_addr;
+ gboolean tapdev = FALSE;
g_type_init ();
@@ -310,13 +311,17 @@
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, val);
- /* Tunnel device */
- val = str_to_gvalue (getenv ("dev"), FALSE);
+ /* VPN device */
+ tmp = getenv ("dev");
+ val = str_to_gvalue (tmp, FALSE);
if (val)
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
else
helper_failed (connection, "Tunnel Device");
+ if (strncmp (tmp, "tap", 3) == 0)
+ tapdev = TRUE;
+
/* IP address */
val = addr_to_gvalue (getenv ("ifconfig_local"));
if (val)
@@ -326,20 +331,45 @@
/* PTP address; for vpnc PTP address == internal IP4 address */
val = addr_to_gvalue (getenv ("ifconfig_remote"));
- if (val)
- g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+ if (val) {
+ /* Sigh. Openvpn added 'topology' stuff in 2.1 that changes the meaning
+ * of the ifconfig bits without actually telling you what they are
+ * supposed to mean; basically relying on specific 'ifconfig' behavior.
+ */
+ tmp = getenv ("ifconfig_remote");
+ if (tmp && !strncmp (tmp, "255.", 4)) {
+ guint32 addr;
+
+ /* probably a netmask, not a PTP address; topology == subnet */
+ addr = g_value_get_uint (val);
+ g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (addr));
+ g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
+ } else
+ g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
+ }
- /* Netmask */
- tmp = getenv ("route_netmask_1");
+ /* Netmask
+ *
+ * Either TAP or TUN modes can have an arbitrary netmask in newer versions
+ * of openvpn, while in older versions only TAP mode would. So accept a
+ * netmask if passed, otherwise default to /32 for TUN devices since they
+ * are usually point-to-point.
+ */
+ tmp = getenv ("ifconfig_netmask");
if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
- GValue *val;
-
val = g_slice_new0 (GValue);
g_value_init (val, G_TYPE_UINT);
g_value_set_uint (val, nm_utils_ip4_netmask_to_prefix (temp_addr.s_addr));
-
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
- }
+ } else if (!tapdev) {
+ if (!g_hash_table_lookup (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX)) {
+ val = g_slice_new0 (GValue);
+ g_value_init (val, G_TYPE_UINT);
+ g_value_set_uint (val, 32);
+ g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
+ }
+ } else
+ nm_warning ("No IP4 netmask/prefix (missing or invalid 'ifconfig_netmask')");
val = get_routes ();
if (val)