On Sun, 2008-10-19 at 20:54 +0200, Christoph Höger wrote: > Hello, > > I've just closed > https://bugzilla.redhat.com/show_bug.cgi?id=467536 > because the option that was asked for depends on another option that > does not exist upstream. Having a look at openvpns manpage shows a lot
Because we only support client mode, not --tls-server. Even though openvpn is peer-to-peer, one still has to be the "server" for purposes of the TLS handshake. Admins probably should not let all their clients be the TLS server for the handshake. > of those "you can only use when..." options. I would argue that its > impossible to bring them all into buttons and sliders. So there will It is. OpenVPN is the definition of completely flexible, and utter unusable all at the same time. There will always be some options that the NM OpenVPN client does _not_ support, and I'm fine with that. 5 or 10% of people aren't going to be able to use the NM OpenVPN client because their admin decided to use some option that we couldn't possibly cram in to the GUI. And that's fine. > still be some people that cannot use their openvpn connection with > nm-openvpn. Also importing openvpn files (I saw that feature on some > roadmap) will never work completely. > My idea of a solution would be to add a textbox into which users can put > custom options in pure text, add that field to the config and send > attach it to the end of openvpn startup parameters. No, we should not have a "custom" options entry for _any_ VPN client UI. If it's important enough then we should add it to the GUI after debating exactly _how_ to add that to the GUI. If you have a finite set of options available, you can actually _test_ that set of options and ensure it works well for everyone, and then responsibly add in the features that a significant portion of your userbase requests, based on careful consideration of the tradeoffs. Every option we add makes the end product less usable. We must be thoughtful and responsible. Dan _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
