Mathias Sundman wrote:
On Tue, 6 Jul 2004, Jan Kiszka wrote:James Yonan wrote:...If it's not a windows specific problem, then I suppost it's best to add the functionallity in the openvpn binary so we get the portability.I don't think the openvpn binary needs to know about this. But the service wrapper probably needs a second mode of operation, where instead of getting its config files by scanning a directory, it listens on a local socket for a command from the GUI to start an openvpn.exe instance.Then don't forget that we will need a similar wrapper for unix as well...Why do we need a wrapper in unix? Can't the openvpn binary be run as a normal user in unix?If we need root-privs, what's wrong with installing openvpn as suid root and have it drop its privs after start-up?
Yes, this will work. But I'm afraid - maybe I'm wrong - that the GUI will then have to be implemented quite differently on Windows and Unix. On Windows, we would open a socket and both send the commands over it and receive the status. On Unix, we would first start the process and then connect to a socket for status information (BTW, which socket would then be used when multiple instances of openvpn are running?).
We still need the management interface in openvpn though for all platforms so we can check the status of the connection from a gui, but that's another issue.
Don't think so. We should first find a concept for both topics so that we can be sure that nothing interfers later.
Jan
smime.p7s
Description: S/MIME Cryptographic Signature
