Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Arne Schwabe
I am listing a few requirements that are not discussed before but may still be important and non obvious. These at least people not involved with the Android platform a better picture of required changes. > To allow OpenVPN to be properly refactored afterwards, the important > part is probably to

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Fabian Knittel
Hi, 2012/5/10 David Sommerseth : > On 10/05/12 16:50, Alon Bar-Lev wrote: >> Why? plugin is adding a custom logic, and you need custom logic. As >> I wrote it does not imply that you implement your JNI there. > > Okay ... fine ... there are plenty of big visions for

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 6:20 PM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 6:17 PM, David Sommerseth > wrote: >> Development is all about iterations.  Let's see what we can do NOW to >> get Arne's approach reviewed properly, see if there

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 6:17 PM, David Sommerseth wrote: > Development is all about iterations.  Let's see what we can do NOW to > get Arne's approach reviewed properly, see if there are things which > can be do to simplify the future somewhat ... but don't make

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 3:53 PM, Samuli Seppänen wrote: > >> On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: >>> Hi, >>> >>> I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran >>> into some issues: >>> >>> $ cd

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread David Sommerseth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 16:50, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 5:43 PM, Adriaan de Jong > wrote: >>> -Original Message- From: Alon Bar-Lev >>> [mailto:alon.bar...@gmail.com] Sent: donderdag 10 mei 2012 >>> 16:33 To:

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 5:43 PM, Adriaan de Jong wrote: >> -Original Message- >> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >> Sent: donderdag 10 mei 2012 16:33 >> To: Mendelt Siebenga >> Cc: openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel]

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Adriaan de Jong
> -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: donderdag 10 mei 2012 16:33 > To: Mendelt Siebenga > Cc: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset > > Hello Mendelt, > > Thank you for

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
Hello Mendelt, Thank you for taking the time to explain the process, now at least I can comment better. On Thu, May 10, 2012 at 5:03 PM, Mendelt Siebenga wrote: > Android has a lot of limitations on how you can get access to a TUN device > without rooting your

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Arne Schwabe
I generaly agree with Mendelt. A few additions > We considered two ways of doing this: > - Modify OpenVPN to make it possible to use JNI to call into OpenVPN directly from Java code. I implemented that in the first version of my app (<= 0.4.6). But that involed evil trickery like

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Mendelt Siebenga
Let me introduce myself first as this is my first post to this mailing list. I'm Mendelt Siebenga, a new colleague of Adriaan de Jong. I started working for Fox IT a couple of weeks ago. I've been working on something similar to what Arne has been doing but my background is more in higher level

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 3:42 PM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 3:39 PM, David Sommerseth > wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On 10/05/12 14:33, Alon Bar-Lev wrote: >>> On Thu, May 10, 2012 at

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

2012-05-10 Thread Samuli Seppänen
> On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: >> Hi, >> >> I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran >> into some issues: >> >> $ cd openvpn-build/windows-nsis >> $ ./build-snapshot >> --- snip --- >> >> make[3]: Leaving directory >>

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 12:48 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 09:28, Adriaan de Jong wrote: >> I still prefer using the management interface. It keeps the >> interface to the Java stuff very clean

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Samuli Seppänen
> >> -Original Message- >> From: David Sommerseth [mailto:openvpn.l...@topphemmelig.net] >> Sent: donderdag 10 mei 2012 11:49 >> To: Alon Bar-Lev >> Cc: Adriaan de Jong; openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset >> >>

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 3:39 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 14:33, Alon Bar-Lev wrote: >> On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen >> wrote: >>> On Tue, May 8, 2012 at

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

2012-05-10 Thread David Sommerseth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 14:33, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen > wrote: >> >>> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen >>> wrote: > Hello David, > > On Mon,

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 12:06 PM, David Sommerseth wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 10/05/12 00:36, Arne Schwabe wrote: > >>> I suggest you clone the repository at github, create a branch >>> and order your changes. >> >> >> that would

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 3:11 PM, Samuli Seppänen wrote: > Hi, > > I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran > into some issues: > > $ cd openvpn-build/windows-nsis > $ ./build-snapshot > --- snip --- > > make[3]: Leaving directory >

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 11:47 AM, Samuli Seppänen wrote: > >> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen wrote: Hello David, On Mon, May 7, 2012 at 10:33 AM, David Sommerseth wrote:

Re: [Openvpn-devel] Some issues with openvpn-build/windows-nsis

2012-05-10 Thread Samuli Seppänen
Il 10.05.2012 15:11, Samuli Seppänen ha scritto: > Hi, > > I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran > into some issues: > > $ cd openvpn-build/windows-nsis > $ ./build-snapshot > --- snip --- > > make[3]: Leaving directory >

[Openvpn-devel] Some issues with openvpn-build/windows-nsis

2012-05-10 Thread Samuli Seppänen
Hi, I tried to generate a Windows installer on Ubuntu 11.10 amd64, but ran into some issues: $ cd openvpn-build/windows-nsis $ ./build-snapshot --- snip --- make[3]: Leaving directory `/home/samuli/opt/openvpn-build/windows-nsis/tmp/build-i686/pkcs11-helper-1.10' make[2]: Leaving directory

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread David Sommerseth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 09:28, Adriaan de Jong wrote: > I still prefer using the management interface. It keeps the > interface to the Java stuff very clean (socket-based). Further you > potentially allow other systems, such as Apple or Windows Phone to > do the

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread David Sommerseth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/12 00:36, Arne Schwabe wrote: >> I suggest you clone the repository at github, create a branch >> and order your changes. > > > that would mean to revert all changes, making the changes in small > steps and commiting each step? (I am still

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Jan Just Keijser
Hi, Samuli Seppänen wrote: Hello, I have developed the port of openvpn for Android 4.0: https://play.google.com/store/apps/details?id=de.blinkt.openvpn and http://code.google.com/p/ics-openvpn/ The API of Android 4.0 requires that openvpn runs as completely unprivileged process. There all

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Samuli Seppänen
> Hello, > > I have developed the port of openvpn for Android 4.0: > https://play.google.com/store/apps/details?id=de.blinkt.openvpn and > http://code.google.com/p/ics-openvpn/ > > The API of Android 4.0 requires that openvpn runs as completely > unprivileged process. There all opening of tun,

Re: [Openvpn-devel] openvpn question

2012-05-10 Thread Jan Just Keijser
Hi Raj, Raj Kumar wrote: Hi all, I am new to openvpn. I am using openvpn on my linux machine. I have a basic question about openvpn. How openvpn process the incoming packets ? Is it processing incoming packets one by one, means receive one packet from the kernel, decrypt it and send it

Re: [Openvpn-devel] [RFC] Split plugins into their own repositories

2012-05-10 Thread Samuli Seppänen
> On Tue, May 8, 2012 at 11:28 AM, Samuli Seppänen wrote: >>> Hello David, >>> >>> On Mon, May 7, 2012 at 10:33 AM, David Sommerseth >>> wrote: >>> >>> >>> The reason I don't see the benefit of splitting out the plug-ins as much is

[Openvpn-devel] openvpn question

2012-05-10 Thread Raj Kumar
Hi all, I am new to openvpn. I am using openvpn on my  linux machine. I have a basic question about openvpn.  How openvpn process the incoming packets ? Is it processing incoming packets one by one, means receive one packet from the kernel, decrypt it and send it back to the kernel then

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Adriaan de Jong
I still prefer using the management interface. It keeps the interface to the Java stuff very clean (socket-based). Further you potentially allow other systems, such as Apple or Windows Phone to do the same. It avoids messy JNI stuff, and fits into the spirit of the management interface. It's

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
Thank you, Yes, I understand. If I narrow this to "feature requests", basically we say that: 1. we want direct tun management to the management interface. 2. we want to have some logic when openvpn socket is opened. 3. Pass pre opened tun. (1) - direct tun management to the management

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Adriaan de Jong
That would be another option. In the model we were using (which might be different), the order is as follows: 1. openvpn is started 2. openvpn opens a socket to the remote host 2. openvpn establishes the control channel across this socket 3. openvpn passes socket and control channel data (IP,

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 9:49 AM, Alon Bar-Lev wrote: > On Thu, May 10, 2012 at 9:35 AM, Adriaan de Jong wrote: >>> -Original Message- >>> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >>> Sent: donderdag 10 mei 2012 2:10 >>> To: Arne Schwabe

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 9:35 AM, Adriaan de Jong wrote: >> -Original Message- >> From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] >> Sent: donderdag 10 mei 2012 2:10 >> To: Arne Schwabe >> Cc: openvpn-devel@lists.sourceforge.net >> Subject: Re: [Openvpn-devel] [PATCH]

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Adriaan de Jong
> -Original Message- > From: Alon Bar-Lev [mailto:alon.bar...@gmail.com] > Sent: donderdag 10 mei 2012 2:10 > To: Arne Schwabe > Cc: openvpn-devel@lists.sourceforge.net > Subject: Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset > > On Thu, May 10, 2012 at 3:01 AM, Arne

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 3:01 AM, Arne Schwabe wrote: > Am 10.05.12 01:39, schrieb Alon Bar-Lev: >> On Thu, May 10, 2012 at 2:24 AM, Arne Schwabe wrote: I need a better description of the tun process... so far I did not understand why you cannot use

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Arne Schwabe
Am 10.05.12 01:39, schrieb Alon Bar-Lev: > On Thu, May 10, 2012 at 2:24 AM, Arne Schwabe wrote: >>> I need a better description of the tun process... so far I did not >>> understand why you cannot use standard approach of creating persistent >>> tun with non root access and then

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 2:24 AM, Arne Schwabe wrote: > >> I need a better description of the tun process... so far I did not >> understand why you cannot use standard approach of creating persistent >> tun with non root access and then use the iproute2 wrapper with suid >> or

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Arne Schwabe
> I need a better description of the tun process... so far I did not > understand why you cannot use standard approach of creating persistent > tun with non root access and then use the iproute2 wrapper with suid > or sudo to setup its configuration. > > Alon. I have no root access on the

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Alon Bar-Lev
On Thu, May 10, 2012 at 2:09 AM, Arne Schwabe wrote: > Am 10.05.12 00:50, schrieb Alon Bar-Lev: >> On Thu, May 10, 2012 at 1:36 AM, Arne Schwabe wrote: >>> Am 10.05.12 00:09, schrieb Alon Bar-Lev: Hmmm... the fact that you are not using git, and create

Re: [Openvpn-devel] [PATCH] Openvpn for Android 4.0 Changeset

2012-05-10 Thread Arne Schwabe
Am 10.05.12 00:50, schrieb Alon Bar-Lev: > On Thu, May 10, 2012 at 1:36 AM, Arne Schwabe wrote: >> Am 10.05.12 00:09, schrieb Alon Bar-Lev: >>> Hmmm... the fact that you are not using git, and create separate >>> branch for the changes makes it very difficult to peak. >> Sorry.