10
9
Fork
You've already forked linux-app
14

Method for certificate/token expiry #188

Closed
opened 2019年08月29日 13:30:44 +02:00 by efef · 4 comments
efef commented 2019年08月29日 13:30:44 +02:00 (Migrated from github.com)
Copy link

-research how to detect certificate expiry when client is not active (maybe cron..)
-research how to notify user , make sure it works in a generic way (not only gnome)
-code implementation

edit: the scope of this issue changed, see comment below.

-research how to detect certificate expiry when client is not active (maybe cron..) -research how to notify user , make sure it works in a generic way (not only gnome) -code implementation edit: the scope of this issue changed, see comment below.
gijzelaerr commented 2020年05月25日 14:07:54 +02:00 (Migrated from github.com)
Copy link

The CLI implemented in the 2.0 branch is partially enabling this solution, but I'm not convinced it's going to be easy to build a solution that will solve all use cases for advanced novice users simultaneously.

The CLI implemented in the 2.0 branch is partially enabling this solution, but I'm not convinced it's going to be easy to build a solution that will solve all use cases for advanced novice users simultaneously.
gijzelaerr commented 2020年05月26日 16:48:30 +02:00 (Migrated from github.com)
Copy link

the eduvpn-client refresh subcommand should now be fully functional, and hopefully, this is enough for now.

the `eduvpn-client refresh` subcommand should now be fully functional, and hopefully, this is enough for now.
alvra commented 2021年07月21日 11:46:20 +02:00 (Migrated from github.com)
Copy link

To address both this issue and #352, I propose separating the app from the interface.

I'm considering defining a Gtk Application, which would:

  • ensure there's only a single instance
  • manage the tray icon
  • track the network state
  • track session expiry and automatically renew

The app remains running the background if the interface window is closed.
The interface window would then interact with the app to update the connection and subscribe to state changes.
We could theoretically have multiple interface windows open simultaniously,
although we maybe want to limit that to a single interface window.

If the app is explicitly closed, we could disconnect from the server to prevent it from becoming unmanaged. Maybe we could also prevent connecting through NM when the app is not running by ending the session through the V3 api. That way, we can guaranty that the connection is always managed.

To address both this issue and #352, I propose separating the app from the interface. I'm considering defining a [Gtk Application](https://python-gtk-3-tutorial.readthedocs.io/en/latest/application.html), which would: - ensure there's only a single instance - manage the tray icon - track the network state - track session expiry and automatically renew The app remains running the background if the interface window is closed. The interface window would then interact with the app to update the connection and subscribe to state changes. We could theoretically have multiple interface windows open simultaniously, although we maybe want to limit that to a single interface window. If the app is explicitly closed, we could disconnect from the server to prevent it from becoming unmanaged. Maybe we could also prevent connecting through NM when the app is not running by ending the session through the V3 api. That way, we can guaranty that the connection is always managed.
gijzelaerr commented 2021年08月25日 09:55:00 +02:00 (Migrated from github.com)
Copy link

Since for now, we are not considering the headless mode (#404), we don't need to be able to renew certs without the UI running. We first need to make sure the UI is always running (#370). Then we need to implement the cert renewal procedure. I'm not sure if the splitting of the app from the interface is required, I propose just adding a GTK tray icon so the app is always running, it can be minimised to the tray and action can be taken with a certain interval. This can be done with a thread or other means of delayed calling the cert renewal procedure.

Since for now, we are not considering the headless mode (#404), we don't need to be able to renew certs without the UI running. We first need to make sure the UI is always running (#370). Then we need to implement the cert renewal procedure. I'm not sure if the splitting of the app from the interface is required, I propose just adding a GTK tray icon so the app is always running, it can be minimised to the tray and action can be taken with a certain interval. This can be done with a thread or other means of delayed calling the cert renewal procedure.
Sign in to join this conversation.
No Branch/Tag specified
master
upstream-deb
openvpn-persistent
1.x
4.7.2
4.7.1
4.7.0
4.6.0
4.5.1
4.5.0
4.4.99.0
4.4.0
4.3.1
4.3.0
4.2.99.1
4.2.99.0
4.2.1
4.2.0
4.1.99.0
4.1.3
4.1.2
4.1.1
4.1.0
3.1.1
4.0.1
4.0.0
pr-3.3.1
pr-3.3.0
pr-3.2.0
3.1.0
3.0.0
2.2.1
2.2.0
2.1.0
2.0.0
1.1
1.0.3
1.0.2
1.0.1
1.0rc17
1.0rc16
1.0rc15
1.0rc14
1.0rc13
1.0rc12
1.0rc11
1.0rc10
1.0rc9
1.0rc8
1.0rc7
1.0rc6
1.0rc5
1.0rc4
1.0rc3
1.0rc2
1.0rc1
0.8
0.7.2
0.7.1
0.7
0.6.1
0.6
0.5.1
0.5
0.3
0.2.1
0.2
0.1.1
0.1
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
eduVPN/linux-app#188
Reference in a new issue
eduVPN/linux-app
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?