Hi,
On Sat, 2014-12-06 at 18:25 +0100, Anton Voyl wrote:
> Tinc triggers scripts upon events, e.g. tinc-up after tinc comes up,
> tinc-down before tinc comes down, etc. This feature could
> advantageously be used to keep the tinc vpn plugin to a bare minimum,
> e.g. tinc-up could call "connmanctl config service ipv4...", rather
> than the tinc vpn plugin.
>
> Does this correspond to the philosophy of connman?
Not really. The service presented by the tinc plugin should get its
configuration data via the vpn_driver notfify() function. This means
sending off the configuration from tinc via D-Bus(). connmanctl won't
work correctly at this stage in the process. The configuration details
should not come from some external part; that looks like a security hole
when setting up tinc.
The D-Bus message contents are free for specification for the plugin,
for examples on how to define and parse the message see the oc_notify()
and vc_notify() functions in ./vpn/plugins/openconnect.c and
vpn/plugins/vpnc.c files respectively.
Examples of the sending part are in scripts/openconnect-script.c and
scripts/openvpn-script.c. These "scripts" are actual programs, and both
openconnect and openvpn are directed to use this "script" by giving the
'--up' and '--script' command line parameters to the vpn binaries. The
expected D-Bus interface and path are passed as environment variables
(in src/task.c) when the daemon is started.
So you are almost there, just add a minimal program that will send off
the needed configuration data as a D-Bus message to connman-vpnd.
Thanks for your efforts so far.
Cheers,
Patrik
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
