After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 794695 - Plugin doesn't pass "user" and "remotename" options to pppd
Plugin doesn't pass "user" and "remotename" options to pppd
Status: RESOLVED FIXED
Product: NetworkManager
Classification: Platform
Component: VPN: pptp
git master
Other Linux
: Normal normal
: ---
Assigned To: NetworkManager maintainer(s)
NetworkManager maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2018-03-26 12:48 UTC by Alexander S. Salieff
Modified: 2018-03-29 05:39 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
[PATCH] Fix passing "user" field and add passing "remotename" (1.21 KB, patch)
2018-03-26 12:48 UTC, Alexander S. Salieff 		none Details | Review

Description Alexander S. Salieff 2018-03-26 12:48:30 UTC 
Created attachment 370147 [details] [review]
[PATCH] Fix passing "user" field and add passing "remotename"

Passing of "user" field doesn't work because of bug in code, and passing of "remotename" not implemented.
Comment 1 Thomas Haller 2018-03-26 13:08:39 UTC 
see also: https://bugzilla.redhat.com/show_bug.cgi?id=1546583
Comment 2 Thomas Haller 2018-03-26 13:23:09 UTC 
I have no setup to test this, nor am I familiar with pptp in particular. I gladly leave it to somebody else to review/ACK it.

Can you explain, why it is correct to set "remotename"? Not how other places in src/nm-pptp-service.c already use NM_PPTP_KEY_GATEWAY setting differently. Why also setting "remotename"?
The pppd man page cryptically comments: 
  remotename name
       Set the assumed name of the remote system for authentication purposes to 
       name.

Did you successfully test the patch?
Comment 3 Alexander S. Salieff 2018-03-26 17:26:00 UTC 
(In reply to Thomas Haller from comment #2)
> I have no setup to test this, nor am I familiar with pptp in particular. I
> gladly leave it to somebody else to review/ACK it.
> 
> Can you explain, why it is correct to set "remotename"? Not how other places
> in src/nm-pptp-service.c already use NM_PPTP_KEY_GATEWAY setting
> differently. Why also setting "remotename"?
> The pppd man page cryptically comments: 
>   remotename name
>        Set the assumed name of the remote system for authentication purposes
> to 
>        name.
> 
> Did you successfully test the patch?

Remotename is used to define server name. For example, I have different certificates for different servers:

$ cat /etc/ppp/eaptls-client
* server1.org pkcs11:12345 - /usr/local/server1.cer pkcs11:34567
* server2.org pkcs11:67890 - /usr/local/server2.cer pkcs11:90678

and I should pass to pppd which server I'm using with the "remotename"

Yes, I successfully tested the patch. After upgrade Fedora 22 to Fedora 27 I got broken VPN to my work. I figured it out, repaired my VPN and sent patches here.
Comment 4 Dan Williams 2018-03-28 16:07:14 UTC 
The username fix is clearly correct.  The remotename bit also looks OK; the only reservation I have is whether somebody might use a different gateway value than remotename, like if you use an IP address for the gateway, but the certificate uses a domain name for matching.  But I think for now, it's probably fine...