Initial copy from NetworkManager-pptp.

1dfd32bd · Alexey Torkhov · 1dfd32bd · 1dfd32bd · 1dfd32bd · 1dfd32bd
Commit 1dfd32bd authored Jan 14, 2011 by Alexey Torkhov
36 changed files
--- a/.gitignore
+++ b/.gitignore
+# Temporary files
+*~
+*.swp
+
+# Compiled files
+*.o
+*.la
+*.lo
+auth-dialog/nm-l2tp-auth-dialog
+src/nm-l2tp-service
+
+# Generated
+nm-l2tp-service.name
+src/nm-l2tp-pppd-service-glue.h
+
+# GNU Autotools
+.deps
+.libs
+aclocal.m4
+autom4te.cache/
+depcomp
+compile
+config.guess
+config.h
+config.h.in
+config.h~
+config.log
+config.status
+config.sub
+configure
+install-sh
+intltool-extract.in
+intltool-merge.in
+intltool-update.in
+libtool
+ltmain.sh
+m4/
+Makefile
+Makefile.in
+missing
+po/Makefile.in.in
+po/POTFILES
+po/stamp-it
+stamp-h1
--- a/AUTHORS
+++ b/AUTHORS
--- a/ChangeLog
+++ b/ChangeLog
--- a/Makefile.am
+++ b/Makefile.am
+AUTOMAKE_OPTIONS = foreign
+
+SUBDIRS = src
+
+if WITH_GNOME
+SUBDIRS += common-gnome auth-dialog properties po
+endif
+
+dbusservicedir = $(sysconfdir)/dbus-1/system.d
+dbusservice_DATA = nm-l2tp-service.conf
+
+nmvpnservicedir = $(sysconfdir)/NetworkManager/VPN
+nmvpnservice_DATA = nm-l2tp-service.name
+
+desktopfile = nm-l2tp.desktop.in
+iconfile = gnome-mime-application-x-l2tp-settings.png
+
+if WITH_GNOME
+# FIXME: uncomment when nmce gets --import support
+#desktopdir = $(datadir)/applications
+#desktop_in_files = $(desktopfile)
+#desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
+#@INTLTOOL_DESKTOP_RULE@
+
+#icondir = $(datadir)/icons/hicolor/48x48/apps
+#icon_DATA = $(iconfile)
+endif
+
+nm-l2tp-service.name: $(srcdir)/nm-l2tp-service.name.in
+	sed -e 's|[@]LIBEXECDIR[@]|$(libexecdir)|g' $< >$@
+
+EXTRA_DIST = nm-l2tp-service.name.in \
+             $(dbusservice_DATA)  \
+             $(desktopfile) \
+             $(iconfile) \
+             intltool-extract.in  \
+             intltool-merge.in    \
+             intltool-update.in
+
+CLEANFILES = $(nmvpnservice_DATA) $(desktop_DATA) *~
+DISTCLEANFILES = intltool-extract intltool-merge intltool-update
+
+ACLOCAL_AMFLAGS = -I m4
--- a/NEWS
+++ b/NEWS
--- a/README
+++ b/README
--- a/auth-dialog/Makefile.am
+++ b/auth-dialog/Makefile.am
+INCLUDES = -I${top_srcdir}
+
+libexec_PROGRAMS = nm-l2tp-auth-dialog
+
+nm_l2tp_auth_dialog_CPPFLAGS =			\
+	$(NM_UTILS_CFLAGS)			\
+	$(GTHREAD_CFLAGS)			\
+	$(GTK_CFLAGS)				\
+	$(GCONF_CFLAGS)				\
+	$(GNOMEKEYRING_CFLAGS)			\
+	-DICONDIR=\""$(datadir)/pixmaps"\"	\
+	-DGLADEDIR=\""$(gladedir)"\"		\
+	-DBINDIR=\""$(bindir)"\"		\
+	-DG_DISABLE_DEPRECATED			\
+	-DGDK_DISABLE_DEPRECATED		\
+	-DGNOME_DISABLE_DEPRECATED		\
+	-DGNOMELOCALEDIR=\"$(datadir)/locale\"	\
+	-DVERSION=\"$(VERSION)\"
+
+nm_l2tp_auth_dialog_SOURCES =			\
+	main.c					\
+	gnome-two-password-dialog.c		\
+	gnome-two-password-dialog.h
+
+nm_l2tp_auth_dialog_LDADD =			\
+	$(GTK_LIBS)				\
+	$(GCONF_LIBS)				\
+	$(top_builddir)/common-gnome/libnm-l2tp-common-gnome.la
+
+CLEANFILES = *~
--- a/auth-dialog/gnome-two-password-dialog.c
+++ b/auth-dialog/gnome-two-password-dialog.c
--- a/auth-dialog/gnome-two-password-dialog.h
+++ b/auth-dialog/gnome-two-password-dialog.h
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+
+/* gnome-two-password-dialog.h - A use password prompting dialog widget
+                                 asking for two passwords. Based of
+                                 gnome-password-dialog.[ch] from libgnomeui
+
+   Copyright (C) 1999, 2000 Eazel, Inc.
+   Copyright (C) 2005, Red Hat, Inc.
+
+   The Gnome Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The Gnome Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU General Public License along
+   with this program; if not, write to the Free Software Foundation, Inc.,
+   51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+   Authors: Ramiro Estrugo <ramiro@eazel.com>
+*/
+
+#ifndef GNOME_TWO_PASSWORD_DIALOG_H
+#define GNOME_TWO_PASSWORD_DIALOG_H
+
+#include <gtk/gtk.h>
+
+G_BEGIN_DECLS
+
+#define GNOME_TYPE_TWO_PASSWORD_DIALOG            (gnome_two_password_dialog_get_type ())
+#define GNOME_TWO_PASSWORD_DIALOG(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), GNOME_TYPE_TWO_PASSWORD_DIALOG, GnomeTwoPasswordDialog))
+#define GNOME_TWO_PASSWORD_DIALOG_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), GNOME_TYPE_TWO_PASSWORD_DIALOG, GnomeTwoPasswordDialogClass))
+#define GNOME_IS_TWO_PASSWORD_DIALOG(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GNOME_TYPE_TWO_PASSWORD_DIALOG))
+#define GNOME_IS_TWO_PASSWORD_DIALOG_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), GNOME_TYPE_TWO_PASSWORD_DIALOG))
+
+typedef struct GnomeTwoPasswordDialog        GnomeTwoPasswordDialog;
+typedef struct GnomeTwoPasswordDialogClass   GnomeTwoPasswordDialogClass;
+typedef struct GnomeTwoPasswordDialogDetails GnomeTwoPasswordDialogDetails;
+
+struct GnomeTwoPasswordDialog
+{
+	GtkDialog gtk_dialog;
+
+	GnomeTwoPasswordDialogDetails *details;
+};
+
+struct GnomeTwoPasswordDialogClass
+{
+	GtkDialogClass parent_class;
+};
+
+typedef enum {
+	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING,
+	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION,
+	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER
+} GnomeTwoPasswordDialogRemember;
+
+
+GType    gnome_two_password_dialog_get_type (void);
+GtkWidget* gnome_two_password_dialog_new      (const char *dialog_title,
+					   const char *message,
+					   const char *username,
+					   const char *password,
+					   gboolean    readonly_username);
+
+gboolean   gnome_two_password_dialog_run_and_block           (GnomeTwoPasswordDialog *password_dialog);
+
+/* Attribute mutators */
+void gnome_two_password_dialog_set_show_username           (GnomeTwoPasswordDialog *password_dialog,
+							    gboolean                show);
+void gnome_two_password_dialog_set_show_domain             (GnomeTwoPasswordDialog *password_dialog,
+							    gboolean                show);
+void gnome_two_password_dialog_set_show_password           (GnomeTwoPasswordDialog *password_dialog,
+							    gboolean                show);
+void gnome_two_password_dialog_set_show_password_secondary (GnomeTwoPasswordDialog *password_dialog,
+							    gboolean                show);
+void gnome_two_password_dialog_set_username                (GnomeTwoPasswordDialog  *password_dialog,
+							    const char              *username);
+void gnome_two_password_dialog_set_domain                  (GnomeTwoPasswordDialog  *password_dialog,
+							    const char              *domain);
+void gnome_two_password_dialog_set_password                (GnomeTwoPasswordDialog  *password_dialog,
+							    const char              *password);
+void gnome_two_password_dialog_set_password_secondary      (GnomeTwoPasswordDialog  *password_dialog,
+							    const char              *password_secondary);
+void gnome_two_password_dialog_set_readonly_username       (GnomeTwoPasswordDialog  *password_dialog,
+							    gboolean                 readonly);
+void gnome_two_password_dialog_set_readonly_domain         (GnomeTwoPasswordDialog  *password_dialog,
+							    gboolean                 readonly);
+
+void gnome_two_password_dialog_set_password_secondary_label (GnomeTwoPasswordDialog  *password_dialog,
+							     const char              *password_secondary_description);
+
+void                           gnome_two_password_dialog_set_show_remember         (GnomeTwoPasswordDialog         *password_dialog,
+										    gboolean                        show_remember);
+void                           gnome_two_password_dialog_set_remember              (GnomeTwoPasswordDialog         *password_dialog,
+										    GnomeTwoPasswordDialogRemember  remember);
+GnomeTwoPasswordDialogRemember gnome_two_password_dialog_get_remember              (GnomeTwoPasswordDialog         *password_dialog);
+void                           gnome_two_password_dialog_set_show_userpass_buttons (GnomeTwoPasswordDialog         *password_dialog,
+										    gboolean                        show_userpass_buttons);
+
+/* Attribute accessors */
+char *     gnome_two_password_dialog_get_username            (GnomeTwoPasswordDialog *password_dialog);
+char *     gnome_two_password_dialog_get_domain              (GnomeTwoPasswordDialog *password_dialog);
+char *     gnome_two_password_dialog_get_password            (GnomeTwoPasswordDialog *password_dialog);
+char *     gnome_two_password_dialog_get_password_secondary  (GnomeTwoPasswordDialog *password_dialog);
+
+gboolean   gnome_two_password_dialog_anon_selected           (GnomeTwoPasswordDialog *password_dialog);
+
+G_END_DECLS
+
+#endif /* GNOME_TWO_PASSWORD_DIALOG_H */
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * (C) Copyright 2008 Red Hat, Inc.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <string.h>
+#include <stdlib.h>
+#include <glib/gi18n.h>
+#include <gtk/gtk.h>
+
+#include <nm-setting-vpn.h>
+
+#include "src/nm-l2tp-service.h"
+#include "common-gnome/keyring-helpers.h"
+#include "gnome-two-password-dialog.h"
+
+#define KEYRING_UUID_TAG "connection-uuid"
+#define KEYRING_SN_TAG "setting-name"
+#define KEYRING_SK_TAG "setting-key"
+
+static gboolean
+get_secrets (const char *vpn_uuid,
+             const char *vpn_name,
+             const char *vpn_service,
+             gboolean retry,
+             char **password)
+{
+	GnomeTwoPasswordDialog *dialog;
+	gboolean is_session = TRUE;
+	char *prompt;
+
+	g_return_val_if_fail (vpn_uuid != NULL, FALSE);
+	g_return_val_if_fail (vpn_name != NULL, FALSE);
+	g_return_val_if_fail (password != NULL, FALSE);
+	g_return_val_if_fail (*password == NULL, FALSE);
+
+	*password = keyring_helpers_lookup_secret (vpn_uuid, NM_L2TP_KEY_PASSWORD, &is_session);
+	if (!retry && *password)
+		return TRUE;
+
+	prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network '%s'."), vpn_name);
+	dialog = GNOME_TWO_PASSWORD_DIALOG (gnome_two_password_dialog_new (_("Authenticate VPN"), prompt, NULL, NULL, FALSE));
+	g_free (prompt);
+
+	gnome_two_password_dialog_set_show_username (dialog, FALSE);
+	gnome_two_password_dialog_set_show_userpass_buttons (dialog, FALSE);
+	gnome_two_password_dialog_set_show_domain (dialog, FALSE);
+	gnome_two_password_dialog_set_show_remember (dialog, TRUE);
+	gnome_two_password_dialog_set_show_password_secondary (dialog, FALSE);
+
+	/* If nothing was found in the keyring, default to not remembering any secrets */
+	if (*password) {
+		/* Otherwise set default remember based on which keyring the secrets were found in */
+		if (is_session)
+			gnome_two_password_dialog_set_remember (dialog, GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION);
+		else
+			gnome_two_password_dialog_set_remember (dialog, GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER);
+	} else
+		gnome_two_password_dialog_set_remember (dialog, GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING);
+
+	/* if retrying, pre-fill dialog with the password */
+	if (*password) {
+		gnome_two_password_dialog_set_password (dialog, *password);
+		g_free (*password);
+		*password = NULL;
+	}
+
+	gtk_widget_show (GTK_WIDGET (dialog));
+
+	if (gnome_two_password_dialog_run_and_block (dialog)) {
+		const char *keyring = NULL;
+		gboolean save = FALSE;
+
+		*password = gnome_two_password_dialog_get_password (dialog);
+
+		switch (gnome_two_password_dialog_get_remember (dialog)) {
+		case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION:
+			keyring = "session";
+			/* Fall through */
+		case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER:
+			save = TRUE;
+			break;
+		default:
+			break;
+		}
+
+		if (save) {
+			if (*password) {
+				keyring_helpers_save_secret (vpn_uuid, vpn_name, keyring,
+					   	NM_L2TP_KEY_PASSWORD, *password);
+			}
+		}
+	}
+
+	gtk_widget_hide (GTK_WIDGET (dialog));
+	gtk_widget_destroy (GTK_WIDGET (dialog));
+
+	return TRUE;
+}
+
+int 
+main (int argc, char *argv[])
+{
+	gboolean retry = FALSE;
+	gchar *vpn_name = NULL;
+	gchar *vpn_uuid = NULL;
+	gchar *vpn_service = NULL;
+	char *password = NULL;
+	char buf[1];
+	int ret;
+	GOptionContext *context;
+	GOptionEntry entries[] = {
+			{ "reprompt", 'r', 0, G_OPTION_ARG_NONE, &retry, "Reprompt for passwords", NULL},
+			{ "uuid", 'u', 0, G_OPTION_ARG_STRING, &vpn_uuid, "UUID of VPN connection", NULL},
+			{ "name", 'n', 0, G_OPTION_ARG_STRING, &vpn_name, "Name of VPN connection", NULL},
+			{ "service", 's', 0, G_OPTION_ARG_STRING, &vpn_service, "VPN service type", NULL},
+			{ NULL }
+		};
+
+	bindtextdomain (GETTEXT_PACKAGE, NULL);
+	bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
+	textdomain (GETTEXT_PACKAGE);
+
+	gtk_init (&argc, &argv);
+
+	context = g_option_context_new ("- l2tp auth dialog");
+	g_option_context_add_main_entries (context, entries, GETTEXT_PACKAGE);
+	g_option_context_parse (context, &argc, &argv, NULL);
+	g_option_context_free (context);
+
+
+	if (vpn_uuid == NULL || vpn_name == NULL || vpn_service == NULL) {
+		fprintf (stderr, "Have to supply UUID, name, and service\n");
+		return EXIT_FAILURE;
+	}
+
+	if (strcmp (vpn_service, NM_DBUS_SERVICE_L2TP) != 0) {
+		fprintf (stderr, "This dialog only works with the '%s' service\n", NM_DBUS_SERVICE_L2TP);
+		return EXIT_FAILURE;
+	}
+
+	if (!get_secrets (vpn_uuid, vpn_name, vpn_service, retry, &password))
+		return EXIT_FAILURE;
+
+	/* dump the passwords to stdout */
+	printf ("%s\n%s\n", NM_L2TP_KEY_PASSWORD, password);
+	printf ("\n\n");
+
+	if (password) {
+		memset (password, 0, strlen (password));
+		gnome_keyring_memory_free (password);
+	}
+
+	/* for good measure, flush stdout since Kansas is going Bye-Bye */
+	fflush (stdout);
+
+	/* wait for data on stdin  */
+	ret = fread (buf, sizeof (char), sizeof (buf), stdin);
+
+	return EXIT_SUCCESS;
+}
--- a/autogen.sh
+++ b/autogen.sh
+#!/bin/sh
+
+autoreconf --verbose --install --force
+intltoolize --copy --force --automake
--- a/common-gnome/Makefile.am
+++ b/common-gnome/Makefile.am
+noinst_LTLIBRARIES=libnm-l2tp-common-gnome.la
+
+libnm_l2tp_common_gnome_la_CPPFLAGS = \
+	$(NM_UTILS_CFLAGS) \
+	$(GLIB_CFLAGS) \
+	$(GNOMEKEYRING_CFLAGS) \
+	-DG_DISABLE_DEPRECATED
+
+libnm_l2tp_common_gnome_la_SOURCES= \
+	keyring-helpers.c \
+	keyring-helpers.h
+
+libnm_l2tp_common_gnome_la_LIBADD = \
+	$(NM_UTILS_LIBS) \
+	$(GLIB_LIBS) \
+	$(GNOMEKEYRING_LIBS)
+
--- a/common-gnome/keyring-helpers.c
+++ b/common-gnome/keyring-helpers.c
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * (C) Copyright 2004 - 2008 Red Hat, Inc.
+ */
+
+#include <string.h>
+#include <gnome-keyring-memory.h>
+
+#include <nm-setting-vpn.h>
+
+#include "keyring-helpers.h"
+#include "../src/nm-l2tp-service.h"
+
+#define KEYRING_UUID_TAG "connection-uuid"
+#define KEYRING_SN_TAG "setting-name"
+#define KEYRING_SK_TAG "setting-key"
+
+char *
+keyring_helpers_lookup_secret (const char *vpn_uuid,
+                   const char *secret_name,
+                   gboolean *is_session)
+{
+	GList *found_list = NULL;
+	GnomeKeyringResult ret;
+	GnomeKeyringFound *found;
+	char *secret;
+
+	ret = gnome_keyring_find_itemsv_sync (GNOME_KEYRING_ITEM_GENERIC_SECRET,
+	                                      &found_list,
+	                                      KEYRING_UUID_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      vpn_uuid,
+	                                      KEYRING_SN_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      NM_SETTING_VPN_SETTING_NAME,
+	                                      KEYRING_SK_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      secret_name,
+	                                      NULL);
+	if ((ret != GNOME_KEYRING_RESULT_OK) || (g_list_length (found_list) == 0))
+		return NULL;
+
+	found = (GnomeKeyringFound *) found_list->data;
+
+	if (is_session) {
+		if (strcmp (found->keyring, "session") == 0)
+			*is_session = TRUE;
+		else
+			*is_session = FALSE;
+	}
+
+	secret = found->secret ? gnome_keyring_memory_strdup (found->secret) : NULL;
+	gnome_keyring_found_list_free (found_list);
+
+	return secret;
+}
+
+GnomeKeyringResult
+keyring_helpers_save_secret (const char *vpn_uuid,
+                             const char *vpn_name,
+                             const char *keyring,
+                             const char *secret_name,
+                             const char *secret)
+{
+	char *display_name;
+	GnomeKeyringResult ret;
+	GnomeKeyringAttributeList *attrs = NULL;
+	guint32 id = 0;
+
+	display_name = g_strdup_printf ("VPN %s secret for %s/%s/" NM_SETTING_VPN_SETTING_NAME,
+	                                secret_name,
+	                                vpn_name,
+	                                NM_DBUS_SERVICE_L2TP);
+
+	attrs = gnome_keyring_attribute_list_new ();
+	gnome_keyring_attribute_list_append_string (attrs,
+	                                            KEYRING_UUID_TAG,
+	                                            vpn_uuid);
+	gnome_keyring_attribute_list_append_string (attrs,
+	                                            KEYRING_SN_TAG,
+	                                            NM_SETTING_VPN_SETTING_NAME);
+	gnome_keyring_attribute_list_append_string (attrs,
+	                                            KEYRING_SK_TAG,
+	                                            secret_name);
+
+	ret = gnome_keyring_item_create_sync (keyring,
+	                                      GNOME_KEYRING_ITEM_GENERIC_SECRET,
+	                                      display_name,
+	                                      attrs,
+	                                      secret,
+	                                      TRUE,
+	                                      &id);
+	gnome_keyring_attribute_list_free (attrs);
+	g_free (display_name);
+	return ret;
+}
+
+static void
+ignore_callback (GnomeKeyringResult result, gpointer data)
+{
+}
+
+gboolean
+keyring_helpers_delete_secret (const char *vpn_uuid,
+                               const char *secret_name)
+{
+	GList *found = NULL, *iter;
+	GnomeKeyringResult ret;
+
+	g_return_val_if_fail (vpn_uuid != NULL, FALSE);
+	g_return_val_if_fail (secret_name != NULL, FALSE);
+
+	ret = gnome_keyring_find_itemsv_sync (GNOME_KEYRING_ITEM_GENERIC_SECRET,
+	                                      &found,
+	                                      KEYRING_UUID_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      vpn_uuid,
+	                                      KEYRING_SN_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      NM_SETTING_VPN_SETTING_NAME,
+	                                      KEYRING_SK_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      secret_name,
+	                                      NULL);
+	if (ret != GNOME_KEYRING_RESULT_OK && ret != GNOME_KEYRING_RESULT_NO_MATCH)
+		return FALSE;
+	if (g_list_length (found) == 0)
+		return TRUE;
+
+	/* delete them all */
+	for (iter = found; iter; iter = g_list_next (iter)) {
+		GnomeKeyringFound *item = (GnomeKeyringFound *) iter->data;
+
+		gnome_keyring_item_delete (item->keyring, item->item_id,
+		                           ignore_callback, NULL, NULL);
+	}
+
+	gnome_keyring_found_list_free (found);
+	return TRUE;
+}
+
--- a/common-gnome/keyring-helpers.h
+++ b/common-gnome/keyring-helpers.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * (C) Copyright 2004 - 2008 Red Hat, Inc.
+ */
+
+#ifndef KEYRING_HELPERS_H
+#define KEYRING_HELPERS_H
+
+#include <glib.h>
+#include <gnome-keyring.h>
+#include <gnome-keyring-memory.h>
+
+char *keyring_helpers_lookup_secret (
+		const char *vpn_uuid,
+		const char *secret_name,
+		gboolean *is_session);
+
+GnomeKeyringResult keyring_helpers_save_secret (
+		const char *vpn_uuid,
+		const char *vpn_name,
+		const char *keyring,
+		const char *secret_name,
+		const char *secret);
+
+gboolean keyring_helpers_delete_secret (
+		const char *vpn_uuid,
+		const char *secret_name);
+
+#endif  /* KEYRING_HELPERS_H */
+
--- a/configure.ac
+++ b/configure.ac
+AC_PREREQ(2.59)
+
+AC_INIT(NetworkManager-l2tp, 0.8.1, dcbw@redhat.com, NetworkManager-l2tp)
+AM_INIT_AUTOMAKE([1.9 foreign no-dist-gzip dist-bzip2 subdir-objects])
+AM_MAINTAINER_MODE
+
+AC_CONFIG_MACRO_DIR([m4])
+
+AC_CONFIG_HEADERS([config.h])
+
+dnl
+dnl Require programs
+dnl
+AC_PROG_CC
+AM_PROG_CC_C_O
+AC_PROG_INSTALL
+AC_PROG_LIBTOOL
+
+dnl
+dnl Required headers
+dnl
+AC_HEADER_STDC
+AC_CHECK_HEADERS(fcntl.h paths.h sys/ioctl.h sys/time.h syslog.h unistd.h)
+
+AC_CHECK_HEADERS(pppd/pppd.h,,
+  AC_MSG_ERROR(couldn't find pppd.h. pppd development headers are required.))
+
+AC_ARG_WITH([pppd-plugin-dir], AS_HELP_STRING([--with-pppd-plugin-dir=DIR], [path to the pppd plugins directory]))
+
+if test -n "$with_pppd_plugin_dir" ; then
+	PPPD_PLUGIN_DIR="$with_pppd_plugin_dir"
+else
+	PPPD_PLUGIN_DIR="${libdir}/pppd/2.4.4"
+fi
+AC_SUBST(PPPD_PLUGIN_DIR)
+
+dnl
+dnl Checks for typedefs, structures, and compiler characteristics.
+dnl
+AC_TYPE_MODE_T
+AC_TYPE_PID_T
+AC_HEADER_TIME
+
+dnl
+dnl Checks for library functions.
+dnl
+AC_PROG_GCC_TRADITIONAL
+AC_FUNC_MEMCMP
+AC_CHECK_FUNCS(select socket uname)
+
+dnl
+dnl GNOME support
+dnl
+AC_ARG_WITH(gnome, AS_HELP_STRING([--without-gnome], [Build NetworkManager-l2tp without GNOME support, e.g. vpn service only]))
+AM_CONDITIONAL(WITH_GNOME, test x"$with_gnome" != xno)
+
+GETTEXT_PACKAGE=NetworkManager-l2tp
+AC_SUBST(GETTEXT_PACKAGE)
+AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE,"$GETTEXT_PACKAGE", [Gettext package])
+
+IT_PROG_INTLTOOL([0.35])
+AM_GLIB_GNU_GETTEXT
+
+PKG_CHECK_MODULES(GTHREAD, gthread-2.0)
+AC_SUBST(GTHREAD_CFLAGS)
+AC_SUBST(GTHREAD_LIBS)
+
+PKG_CHECK_MODULES(DBUS, dbus-glib-1 >= 0.74)
+AC_SUBST(DBUS_GLIB_CFLAGS)
+AC_SUBST(DBUS_GLIB_LIBS)
+
+PKG_CHECK_MODULES(NM_UTILS, NetworkManager >= 0.8.1 libnm-util libnm-glib libnm-glib-vpn)
+AC_SUBST(NM_UTILS_CFLAGS)
+AC_SUBST(NM_UTILS_LIBS)
+
+if test x"$with_gnome" != xno; then
+	PKG_CHECK_MODULES(GTK, gtk+-2.0 >= 2.6)
+	AC_SUBST(GTK_CFLAGS)
+	AC_SUBST(GTK_LIBS)
+
+	PKG_CHECK_MODULES(GDK_PIXBUF, gdk-pixbuf-2.0)
+	AC_SUBST(GDK_PIXBUF_CFLAGS)
+	AC_SUBST(GDK_PIXBUF_LIBS)
+
+	PKG_CHECK_MODULES(GLADE, libglade-2.0)
+	AC_SUBST(GLADE_CFLAGS)
+	AC_SUBST(GLADE_LIBS)
+
+	PKG_CHECK_MODULES(GCONF, gconf-2.0)
+	AC_SUBST(GCONF_CFLAGS)
+	AC_SUBST(GCONF_LIBS)
+
+	PKG_CHECK_MODULES(GNOMEKEYRING, gnome-keyring-1)
+	AC_SUBST(GNOMEKEYRING_CFLAGS)
+	AC_SUBST(GNOMEKEYRING_LIBS)
+fi
+
+NM_COMPILER_WARNINGS
+
+AC_CONFIG_FILES([
+Makefile
+src/Makefile
+common-gnome/Makefile
+auth-dialog/Makefile
+properties/Makefile
+po/Makefile.in
+])
+AC_OUTPUT
--- a/gnome-mime-application-x-l2tp-settings.png
+++ b/gnome-mime-application-x-l2tp-settings.png
--- a/nm-l2tp-service.conf
+++ b/nm-l2tp-service.conf
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+	<policy user="root">
+		<allow own="org.freedesktop.NetworkManager.l2tp"/>
+		<allow send_destination="org.freedesktop.NetworkManager.l2tp"/>
+
+		<allow own="org.freedesktop.NetworkManager.l2tp-ppp"/>
+		<allow send_destination="org.freedesktop.NetworkManager.l2tp-ppp"/>
+	</policy>
+	<policy context="default">
+		<deny own="org.freedesktop.NetworkManager.l2tp"/>
+		<deny send_destination="org.freedesktop.NetworkManager.l2tp"/>
+
+		<deny own="org.freedesktop.NetworkManager.l2tp-ppp"/>
+		<deny send_destination="org.freedesktop.NetworkManager.l2tp-ppp"/>
+	</policy>
+</busconfig>
+
--- a/nm-l2tp-service.name.in
+++ b/nm-l2tp-service.name.in
+[VPN Connection]
+name=l2tp
+service=org.freedesktop.NetworkManager.l2tp
+program=@LIBEXECDIR@/nm-l2tp-service
+
+[GNOME]
+auth-dialog=nm-l2tp-auth-dialog
+properties=libnm-l2tp-properties
--- a/nm-l2tp.desktop.in
+++ b/nm-l2tp.desktop.in
+[Desktop Entry]
+_Name=L2TP VPN Connection Manager
+_GenericName=L2TP VPN Connection Manager
+_Comment=Add, Remove, and Edit L2TP VPN Connections
+Exec=nm-vpn-properties --import-service org.freedesktop.NetworkManager.l2tp --import-file %f
+Icon=gnome-mime-application-x-l2tp-settings
+Terminal=false
+Type=Application
+Categories=GNOME;Network;
+MimeType=application/x-ppp-settings;
+NoDisplay=true
--- a/po/ChangeLog
+++ b/po/ChangeLog
--- a/po/LINGUAS
+++ b/po/LINGUAS
+# please keep this list sorted alphabetically
+#
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
+# List of source files containing translatable strings.
+# Please keep this file sorted alphabetically.
+auth-dialog/gnome-two-password-dialog.c
+auth-dialog/main.c
+nm-l2tp.desktop.in
+properties/nm-l2tp.c
+properties/nm-l2tp-dialog.glade
+src/nm-l2tp-service.c
+
+
--- a/properties/Makefile.am
+++ b/properties/Makefile.am
+plugindir = $(libdir)/NetworkManager
+plugin_LTLIBRARIES = libnm-l2tp-properties.la
+
+libnm_l2tp_properties_la_SOURCES = \
+	nm-l2tp.c \
+	nm-l2tp.h \
+	advanced-dialog.c \
+	advanced-dialog.h \
+	import-export.c \
+	import-export.h
+
+gladedir = $(datadir)/gnome-vpn-properties/l2tp
+glade_DATA = nm-l2tp-dialog.glade
+
+libnm_l2tp_properties_la_CFLAGS =                    \
+        $(GLADE_CFLAGS)                                 \
+        $(GTK_CFLAGS)                                   \
+        $(GCONF_CFLAGS)                                 \
+        $(LIBGNOMEUI_CFLAGS)                            \
+        $(GNOMEKEYRING_CFLAGS)                          \
+        $(NM_UTILS_CFLAGS)                              \
+        -DICONDIR=\""$(datadir)/pixmaps"\"              \
+        -DGLADEDIR=\""$(gladedir)"\"                    \
+        -DG_DISABLE_DEPRECATED                          \
+        -DGDK_DISABLE_DEPRECATED                        \
+        -DGNOME_DISABLE_DEPRECATED                      \
+        -DGNOMELOCALEDIR=\"$(datadir)/locale\"          \
+        -DVERSION=\"$(VERSION)\"
+
+libnm_l2tp_properties_la_LIBADD =    \
+        $(GLADE_LIBS)                   \
+        $(GTK_LIBS)                     \
+        $(GCONF_LIBS)                   \
+        $(LIBGNOMEUI_LIBS)              \
+        $(top_builddir)/common-gnome/libnm-l2tp-common-gnome.la	\
+        $(NM_UTILS_LIBS)
+
+libnm_l2tp_properties_la_LDFLAGS =   \
+        -avoid-version
+
+CLEANFILES = *.bak *.gladep *~
+
+EXTRA_DIST =                            \
+        $(glade_DATA)
--- a/properties/advanced-dialog.c
+++ b/properties/advanced-dialog.c
--- a/properties/advanced-dialog.h
+++ b/properties/advanced-dialog.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ *
+ * Copyright (C) 2008 Dan Williams, <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifndef _AUTH_HELPERS_H_
+#define _AUTH_HELPERS_H_
+
+#include <glib.h>
+#include <gtk/gtk.h>
+
+#include <nm-connection.h>
+
+GtkWidget *advanced_dialog_new (GHashTable *hash);
+
+GHashTable *advanced_dialog_new_hash_from_connection (NMConnection *connection, GError **error);
+
+GHashTable *advanced_dialog_new_hash_from_dialog (GtkWidget *dialog, GError **error);
+
+#endif
--- a/properties/import-export.c
+++ b/properties/import-export.c
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ *
+ * Copyright (C) 2008 Dan Williams, <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <string.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <ctype.h>
+
+#include <glib/gi18n-lib.h>
+
+#include <nm-setting-vpn.h>
+#include <nm-setting-connection.h>
+#include <nm-setting-ip4-config.h>
+
+#include "import-export.h"
+#include "nm-l2tp.h"
+#include "../src/nm-l2tp-service.h"
+
+NMConnection *
+do_import (const char *path, char **lines, GError **error)
+{
+	return NULL;
+}
+
+gboolean
+do_export (const char *path, NMConnection *connection, GError **error)
+{
+	return FALSE;
+}
+
+
+
--- a/properties/import-export.h
+++ b/properties/import-export.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ *
+ * Copyright (C) 2008 Dan Williams, <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifndef _IMPORT_EXPORT_H_
+#define _IMPORT_EXPORT_H_
+
+#include <glib.h>
+#include <nm-connection.h>
+
+NMConnection *do_import (const char *path, char **lines, GError **error);
+
+gboolean do_export (const char *path, NMConnection *connection, GError **error);
+
+#endif
--- a/properties/nm-l2tp-dialog.glade
+++ b/properties/nm-l2tp-dialog.glade
--- a/properties/nm-l2tp.c
+++ b/properties/nm-l2tp.c
--- a/properties/nm-l2tp.h
+++ b/properties/nm-l2tp.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ * nm-l2tp.h : GNOME UI dialogs for configuring l2tp VPN connections
+ *
+ * Copyright (C) 2008 Dan Williams, <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifndef _NM_L2TP_H_
+#define _NM_L2TP_H_
+
+#include <glib-object.h>
+
+typedef enum
+{
+	L2TP_PLUGIN_UI_ERROR_UNKNOWN = 0,
+	L2TP_PLUGIN_UI_ERROR_INVALID_CONNECTION,
+	L2TP_PLUGIN_UI_ERROR_INVALID_PROPERTY,
+	L2TP_PLUGIN_UI_ERROR_MISSING_PROPERTY,
+	L2TP_PLUGIN_UI_ERROR_FILE_NOT_READABLE,
+	L2TP_PLUGIN_UI_ERROR_FILE_NOT_L2TP
+} L2tpPluginUiError;
+
+#define L2TP_TYPE_PLUGIN_UI_ERROR (l2tp_plugin_ui_error_get_type ()) 
+GType l2tp_plugin_ui_error_get_type (void);
+
+#define L2TP_PLUGIN_UI_ERROR (l2tp_plugin_ui_error_quark ())
+GQuark l2tp_plugin_ui_error_quark (void);
+
+
+#define L2TP_TYPE_PLUGIN_UI            (l2tp_plugin_ui_get_type ())
+#define L2TP_PLUGIN_UI(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), L2TP_TYPE_PLUGIN_UI, L2tpPluginUi))
+#define L2TP_PLUGIN_UI_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), L2TP_TYPE_PLUGIN_UI, L2tpPluginUiClass))
+#define L2TP_IS_PLUGIN_UI(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), L2TP_TYPE_PLUGIN_UI))
+#define L2TP_IS_PLUGIN_UI_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), L2TP_TYPE_PLUGIN_UI))
+#define L2TP_PLUGIN_UI_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), L2TP_TYPE_PLUGIN_UI, L2tpPluginUiClass))
+
+typedef struct _L2tpPluginUi L2tpPluginUi;
+typedef struct _L2tpPluginUiClass L2tpPluginUiClass;
+
+struct _L2tpPluginUi {
+	GObject parent;
+};
+
+struct _L2tpPluginUiClass {
+	GObjectClass parent;
+};
+
+GType l2tp_plugin_ui_get_type (void);
+
+
+#define L2TP_TYPE_PLUGIN_UI_WIDGET            (l2tp_plugin_ui_widget_get_type ())
+#define L2TP_PLUGIN_UI_WIDGET(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), L2TP_TYPE_PLUGIN_UI_WIDGET, L2tpPluginUiWidget))
+#define L2TP_PLUGIN_UI_WIDGET_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), L2TP_TYPE_PLUGIN_UI_WIDGET, L2tpPluginUiWidgetClass))
+#define L2TP_IS_PLUGIN_UI_WIDGET(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), L2TP_TYPE_PLUGIN_UI_WIDGET))
+#define L2TP_IS_PLUGIN_UI_WIDGET_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), L2TP_TYPE_PLUGIN_UI_WIDGET))
+#define L2TP_PLUGIN_UI_WIDGET_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), L2TP_TYPE_PLUGIN_UI_WIDGET, L2tpPluginUiWidgetClass))
+
+typedef struct _L2tpPluginUiWidget L2tpPluginUiWidget;
+typedef struct _L2tpPluginUiWidgetClass L2tpPluginUiWidgetClass;
+
+struct _L2tpPluginUiWidget {
+	GObject parent;
+};
+
+struct _L2tpPluginUiWidgetClass {
+	GObjectClass parent;
+};
+
+GType l2tp_plugin_ui_widget_get_type (void);
+
+#endif	/* _NM_L2TP_H_ */
+
--- a/src/Makefile.am
+++ b/src/Makefile.am
+INCLUDES = -I${top_srcdir}
+
+AM_CPPFLAGS =							\
+	$(DBUS_GLIB_CFLAGS)						\
+	$(GTHREAD_CFLAGS)					\
+	$(NM_UTILS_CFLAGS)				\
+	-DG_DISABLE_DEPRECATED					\
+	-DBINDIR=\"$(bindir)\"					\
+	-DPREFIX=\""$(prefix)"\"				\
+	-DSYSCONFDIR=\""$(sysconfdir)"\"			\
+	-DNM_VERSION="\"$(VERSION)\""				\
+	-DLIBDIR=\""$(libdir)"\"				\
+	-DLIBEXECDIR=\""$(libexecdir)"\"			\
+	-DLOCALSTATEDIR=\""$(localstatedir)"\"		 	\
+	-DDATADIR=\"$(datadir)\"				\
+	-DPLUGINDIR=\"$(PPPD_PLUGIN_DIR)\" 
+
+libexec_PROGRAMS = nm-l2tp-service
+
+nm_l2tp_service_SOURCES = \
+				nm-l2tp-service.c \
+				nm-l2tp-service.h
+
+nm-l2tp-pppd-service-glue.h: $(top_srcdir)/src/nm-l2tp-pppd-service.xml
+	dbus-binding-tool --prefix=nm_l2tp_pppd_service --mode=glib-server --output=$@ $<
+
+nm_l2tp_service_LDADD = 				\
+				$(DBUS_GLIB_LIBS)		\
+				$(GTHREAD_LIBS)		\
+				$(NM_UTILS_LIBS)
+
+pppd_plugindir = $(PPPD_PLUGIN_DIR)
+pppd_plugin_LTLIBRARIES = nm-l2tp-pppd-plugin.la
+
+nm_l2tp_pppd_plugin_la_SOURCES = \
+	nm-l2tp-pppd-plugin.c \
+	nm-ppp-status.h
+
+nm_l2tp_pppd_plugin_la_CPPFLAGS = \
+	$(DBUS_GLIB_CFLAGS) \
+	$(GLIB_CFLAGS) \
+	$(NM_UTILS_CFLAGS)
+
+nm_l2tp_pppd_plugin_la_LDFLAGS = -module -avoid-version
+
+nm_l2tp_pppd_plugin_la_LIBADD = \
+	$(DBUS_GLIB_LIBS) \
+	$(GLIB_LIBS) \
+	$(NM_UTILS_LIBS)
+
+BUILT_SOURCES = nm-l2tp-pppd-service-glue.h
+
+CLEANFILES = $(BUILT_SOURCES)
+
+EXTRA_DIST = nm-l2tp-pppd-service.xml
+
--- a/src/nm-l2tp-pppd-plugin.c
+++ b/src/nm-l2tp-pppd-plugin.c
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* nm-l2tp-service - l2tp (and other pppd) integration with NetworkManager
+ *
+ * (C) 2007 - 2008 Novell, Inc.
+ * (C) 2008 - 2009 Red Hat, Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * 
+ */
+
+#include <string.h>
+#include <pppd/pppd.h>
+#include <pppd/fsm.h>
+#include <pppd/ipcp.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <glib.h>
+#include <glib-object.h>
+#include <dbus/dbus-glib.h>
+
+#include "nm-l2tp-service.h"
+#include "nm-ppp-status.h"
+
+#include <nm-utils.h>
+
+int plugin_init (void);
+
+char pppd_version[] = VERSION;
+
+static DBusGProxy *proxy = NULL;
+
+static void
+nm_phasechange (void *data, int arg)
+{
+	NMPPPStatus ppp_status = NM_PPP_STATUS_UNKNOWN;
+	char *ppp_phase;
+
+	g_return_if_fail (DBUS_IS_G_PROXY (proxy));
+
+	switch (arg) {
+	case PHASE_DEAD:
+		ppp_status = NM_PPP_STATUS_DEAD;
+		ppp_phase = "dead";
+		break;
+	case PHASE_INITIALIZE:
+		ppp_status = NM_PPP_STATUS_INITIALIZE;
+		ppp_phase = "initialize";
+		break;
+	case PHASE_SERIALCONN:
+		ppp_status = NM_PPP_STATUS_SERIALCONN;
+		ppp_phase = "serial connection";
+		break;
+	case PHASE_DORMANT:
+		ppp_status = NM_PPP_STATUS_DORMANT;
+		ppp_phase = "dormant";
+		break;
+	case PHASE_ESTABLISH:
+		ppp_status = NM_PPP_STATUS_ESTABLISH;
+		ppp_phase = "establish";
+		break;
+	case PHASE_AUTHENTICATE:
+		ppp_status = NM_PPP_STATUS_AUTHENTICATE;
+		ppp_phase = "authenticate";
+		break;
+	case PHASE_CALLBACK:
+		ppp_status = NM_PPP_STATUS_CALLBACK;
+		ppp_phase = "callback";
+		break;
+	case PHASE_NETWORK:
+		ppp_status = NM_PPP_STATUS_NETWORK;
+		ppp_phase = "network";
+		break;
+	case PHASE_RUNNING:
+		ppp_status = NM_PPP_STATUS_RUNNING;
+		ppp_phase = "running";
+		break;
+	case PHASE_TERMINATE:
+		ppp_status = NM_PPP_STATUS_TERMINATE;
+		ppp_phase = "terminate";
+		break;
+	case PHASE_DISCONNECT:
+		ppp_status = NM_PPP_STATUS_DISCONNECT;
+		ppp_phase = "disconnect";
+		break;
+	case PHASE_HOLDOFF:
+		ppp_status = NM_PPP_STATUS_HOLDOFF;
+		ppp_phase = "holdoff";
+		break;
+	case PHASE_MASTER:
+		ppp_status = NM_PPP_STATUS_MASTER;
+		ppp_phase = "master";
+		break;
+
+	default:
+		ppp_phase = "unknown";
+		break;
+	}
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): status %d / phase '%s'",
+	           __func__,
+	           ppp_status,
+	           ppp_phase);
+
+	if (ppp_status != NM_PPP_STATUS_UNKNOWN) {
+		dbus_g_proxy_call_no_reply (proxy, "SetState",
+		                            G_TYPE_UINT, ppp_status,
+		                            G_TYPE_INVALID,
+		                            G_TYPE_INVALID);
+	}
+}
+
+static GValue *
+str_to_gvalue (const char *str)
+{
+	GValue *val;
+
+	val = g_slice_new0 (GValue);
+	g_value_init (val, G_TYPE_STRING);
+	g_value_set_string (val, str);
+
+	return val;
+}
+
+static GValue *
+uint_to_gvalue (guint32 i)
+{
+	GValue *val;
+
+	val = g_slice_new0 (GValue);
+	g_value_init (val, G_TYPE_UINT);
+	g_value_set_uint (val, i);
+
+	return val;
+}
+
+static void
+value_destroy (gpointer data)
+{
+	GValue *val = (GValue *) data;
+
+	g_value_unset (val);
+	g_slice_free (GValue, val);
+}
+
+static void
+nm_ip_up (void *data, int arg)
+{
+	guint32 pppd_made_up_address = htonl (0x0a404040 + ifunit);
+	ipcp_options opts = ipcp_gotoptions[0];
+	ipcp_options peer_opts = ipcp_hisoptions[0];
+	GHashTable *hash;
+	GArray *array;
+	GValue *val;
+
+	g_return_if_fail (DBUS_IS_G_PROXY (proxy));
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): ip-up event", __func__);
+
+	if (!opts.ouraddr) {
+		g_warning ("nm-l2tp-ppp-plugin: (%s): didn't receive an internal IP from pppd!", __func__);
+		return;
+	}
+
+	hash = g_hash_table_new_full (g_str_hash, g_str_equal,
+							NULL, value_destroy);
+
+	g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, 
+					 str_to_gvalue (ifname));
+
+	/* Prefer the peer options remote address first, _unless_ pppd made the
+	 * address up, at which point prefer the local options remote address,
+	 * and if that's not right, use the made-up address as a last resort.
+	 */
+	if (peer_opts.hisaddr && (peer_opts.hisaddr != pppd_made_up_address)) {
+		g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_PTP,
+		                     uint_to_gvalue (peer_opts.hisaddr));
+	} else if (opts.hisaddr) {
+		g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_PTP,
+		                     uint_to_gvalue (opts.hisaddr));
+	} else if (peer_opts.hisaddr == pppd_made_up_address) {
+		/* As a last resort, use the made-up address */
+		g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_PTP,
+		                     uint_to_gvalue (peer_opts.hisaddr));
+	}
+
+	g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, 
+					 uint_to_gvalue (opts.ouraddr));
+
+	g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, uint_to_gvalue (32));
+
+	if (opts.dnsaddr[0] || opts.dnsaddr[1]) {
+		array = g_array_new (FALSE, FALSE, sizeof (guint32));
+
+		if (opts.dnsaddr[0])
+			g_array_append_val (array, opts.dnsaddr[0]);
+		if (opts.dnsaddr[1])
+			g_array_append_val (array, opts.dnsaddr[1]);
+
+		val = g_slice_new0 (GValue);
+		g_value_init (val, DBUS_TYPE_G_UINT_ARRAY);
+		g_value_set_boxed (val, array);
+
+		g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_DNS, val);
+	}
+
+	/* Default MTU to 1400, which is also what Windows XP/Vista use */
+	g_hash_table_insert (hash, NM_VPN_PLUGIN_IP4_CONFIG_MTU, uint_to_gvalue (1400));
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): sending Ip4Config to NetworkManager-l2tp...", __func__);
+
+	dbus_g_proxy_call_no_reply (proxy, "SetIp4Config",
+	                            DBUS_TYPE_G_MAP_OF_VARIANT, hash, G_TYPE_INVALID,
+	                            G_TYPE_INVALID);
+
+	g_hash_table_destroy (hash);
+}
+
+static int
+get_chap_check()
+{
+	return 1;
+}
+
+static int
+get_pap_check()
+{
+	return 1;
+}
+
+static int
+get_credentials (char *username, char *password)
+{
+	char *my_username = NULL;
+	char *my_password = NULL;
+	size_t len;
+	GError *err = NULL;
+
+	if (username && !password) {
+		/* pppd is checking pap support; return 1 for supported */
+		return 1;
+	}
+
+	g_return_val_if_fail (DBUS_IS_G_PROXY (proxy), -1);
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): passwd-hook, requesting credentials...", __func__);
+
+	dbus_g_proxy_call (proxy, "NeedSecrets", &err,
+	                   G_TYPE_INVALID,
+	                   G_TYPE_STRING, &my_username,
+	                   G_TYPE_STRING, &my_password,
+	                   G_TYPE_INVALID);
+
+	if (err) {
+		g_warning ("nm-l2tp-ppp-plugin: (%s): could not get secrets: (%d) %s",
+		           __func__,
+		           err ? err->code : -1,
+		           err->message ? err->message : "(unknown)");
+		g_error_free (err);
+		return -1;
+	}
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): got credentials from NetworkManager-l2tp", __func__);
+
+	if (my_username) {
+		len = strlen (my_username) + 1;
+		len = len < MAXNAMELEN ? len : MAXNAMELEN;
+
+		strncpy (username, my_username, len);
+		username[len - 1] = '\0';
+
+		g_free (my_username);
+	}
+
+	if (my_password) {
+		len = strlen (my_password) + 1;
+		len = len < MAXSECRETLEN ? len : MAXSECRETLEN;
+
+		strncpy (password, my_password, len);
+		password[len - 1] = '\0';
+
+		g_free (my_password);
+	}
+
+	return 1;
+}
+
+static void
+nm_exit_notify (void *data, int arg)
+{
+	g_return_if_fail (DBUS_IS_G_PROXY (proxy));
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): cleaning up", __func__);
+
+	g_object_unref (proxy);
+	proxy = NULL;
+}
+
+int
+plugin_init (void)
+{
+	DBusGConnection *bus;
+	GError *err = NULL;
+
+	g_type_init ();
+
+	g_message ("nm-l2tp-ppp-plugin: (%s): initializing", __func__);
+
+	bus = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
+	if (!bus) {
+		g_warning ("nm-l2tp-pppd-plugin: (%s): couldn't connect to system bus: (%d) %s",
+		           __func__,
+		           err ? err->code : -1,
+		           err && err->message ? err->message : "(unknown)");
+		g_error_free (err);
+		return -1;
+	}
+
+	proxy = dbus_g_proxy_new_for_name (bus,
+								NM_DBUS_SERVICE_L2TP_PPP,
+								NM_DBUS_PATH_L2TP_PPP,
+								NM_DBUS_INTERFACE_L2TP_PPP);
+
+	dbus_g_connection_unref (bus);
+
+	chap_passwd_hook = get_credentials;
+	chap_check_hook = get_chap_check;
+	pap_passwd_hook = get_credentials;
+	pap_check_hook = get_pap_check;
+
+	add_notifier (&phasechange, nm_phasechange, NULL);
+	add_notifier (&ip_up_notifier, nm_ip_up, NULL);
+	add_notifier (&exitnotify, nm_exit_notify, proxy);
+
+	return 0;
+}
--- a/src/nm-l2tp-pppd-service.xml
+++ b/src/nm-l2tp-pppd-service.xml
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<node name="/">
+  <interface name="org.freedesktop.NetworkManager.l2tp.ppp">
+    <method name="NeedSecrets">
+      <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_l2tp_service_need_secrets"/>
+      <arg name="username" type="s" direction="out"/>
+      <arg name="password" type="s" direction="out"/>
+    </method>
+
+    <method name="SetIp4Config">
+      <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_l2tp_service_set_ip4_config"/>
+      <arg name="config" type="a{sv}" direction="in"/>
+    </method>
+
+    <method name="SetState">
+      <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_l2tp_service_set_state"/>
+      <arg name="state" type="u" direction="in"/>
+    </method>
+  </interface>
+</node>
--- a/src/nm-l2tp-service.c
+++ b/src/nm-l2tp-service.c
--- a/src/nm-l2tp-service.h
+++ b/src/nm-l2tp-service.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* nm-l2tp-service - L2TP VPN integration with NetworkManager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * (C) Copyright 2008 Red Hat, Inc.
+ */
+
+#ifndef NM_L2TP_PLUGIN_H
+#define NM_L2TP_PLUGIN_H
+
+#include <glib.h>
+#include <glib-object.h>
+#include <nm-vpn-plugin.h>
+
+#define NM_TYPE_L2TP_PLUGIN            (nm_l2tp_plugin_get_type ())
+#define NM_L2TP_PLUGIN(obj)            (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_L2TP_PLUGIN, NML2tpPlugin))
+#define NM_L2TP_PLUGIN_CLASS(klass)    (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_L2TP_PLUGIN, NML2tpPluginClass))
+#define NM_IS_L2TP_PLUGIN(obj)         (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_L2TP_PLUGIN))
+#define NM_IS_L2TP_PLUGIN_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), NM_TYPE_L2TP_PLUGIN))
+#define NM_L2TP_PLUGIN_GET_CLASS(obj)  (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_L2TP_PLUGIN, NML2tpPluginClass))
+
+/* For the pppd plugin <-> VPN plugin service */
+#define DBUS_TYPE_G_MAP_OF_VARIANT (dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_VALUE))
+
+#define NM_DBUS_SERVICE_L2TP_PPP    "org.freedesktop.NetworkManager.l2tp-ppp"
+#define NM_DBUS_PATH_L2TP_PPP       "/org/freedesktop/NetworkManager/l2tp/ppp"
+#define NM_DBUS_INTERFACE_L2TP_PPP  "org.freedesktop.NetworkManager.l2tp.ppp"
+
+
+/* For the NM <-> VPN plugin service */
+#define NM_DBUS_SERVICE_L2TP    "org.freedesktop.NetworkManager.l2tp"
+#define NM_DBUS_INTERFACE_L2TP  "org.freedesktop.NetworkManager.l2tp"
+#define NM_DBUS_PATH_L2TP       "/org/freedesktop/NetworkManager/l2tp"
+
+#define NM_L2TP_KEY_GATEWAY           "gateway"
+#define NM_L2TP_KEY_USER              "user"
+#define NM_L2TP_KEY_PASSWORD          "password"
+#define NM_L2TP_KEY_DOMAIN            "domain"
+#define NM_L2TP_KEY_REFUSE_EAP        "refuse-eap"
+#define NM_L2TP_KEY_REFUSE_PAP        "refuse-pap"
+#define NM_L2TP_KEY_REFUSE_CHAP       "refuse-chap"
+#define NM_L2TP_KEY_REFUSE_MSCHAP     "refuse-mschap"
+#define NM_L2TP_KEY_REFUSE_MSCHAPV2   "refuse-mschapv2"
+#define NM_L2TP_KEY_REQUIRE_MPPE      "require-mppe"
+#define NM_L2TP_KEY_REQUIRE_MPPE_40   "require-mppe-40"
+#define NM_L2TP_KEY_REQUIRE_MPPE_128  "require-mppe-128"
+#define NM_L2TP_KEY_MPPE_STATEFUL     "mppe-stateful"
+#define NM_L2TP_KEY_NOBSDCOMP         "nobsdcomp"
+#define NM_L2TP_KEY_NODEFLATE         "nodeflate"
+#define NM_L2TP_KEY_NO_VJ_COMP        "no-vj-comp"
+#define NM_L2TP_KEY_LCP_ECHO_FAILURE  "lcp-echo-failure"
+#define NM_L2TP_KEY_LCP_ECHO_INTERVAL "lcp-echo-interval"
+
+
+typedef struct {
+	NMVPNPlugin parent;
+} NML2tpPlugin;
+
+typedef struct {
+	NMVPNPluginClass parent;
+} NML2tpPluginClass;
+
+GType nm_l2tp_plugin_get_type (void);
+
+NML2tpPlugin *nm_l2tp_plugin_new (void);
+
+#endif /* NM_L2TP_PLUGIN_H */
--- a/src/nm-ppp-status.h
+++ b/src/nm-ppp-status.h
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* nm-l2tp-service - L2TP VPN integration with NetworkManager
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * (C) Copyright 2007 - 2008 Novell, Inc.
+ */
+
+#ifndef NM_PPP_STATUS_H
+#define NM_PPP_STATUS_H
+
+typedef enum {
+	NM_PPP_STATUS_UNKNOWN,
+
+	NM_PPP_STATUS_DEAD,
+	NM_PPP_STATUS_INITIALIZE,
+	NM_PPP_STATUS_SERIALCONN,
+	NM_PPP_STATUS_DORMANT,
+	NM_PPP_STATUS_ESTABLISH,
+	NM_PPP_STATUS_AUTHENTICATE,
+	NM_PPP_STATUS_CALLBACK,
+	NM_PPP_STATUS_NETWORK,
+	NM_PPP_STATUS_RUNNING,
+	NM_PPP_STATUS_TERMINATE,
+	NM_PPP_STATUS_DISCONNECT,
+	NM_PPP_STATUS_HOLDOFF,
+	NM_PPP_STATUS_MASTER
+} NMPPPStatus;
+
+#endif /* NM_PPP_STATUS_H */