Re: request for input re: OpenVPN API

Thanks for the quick response,

I have been looking at the management interface as a tool for this API. 
But I am new to OpenVPN, and I am not sure if it has all the essentials 
at this stage to qualify as a full-blown interface, or if it is a tool 
in development. I thought maybe I could be enlightened here.

I have found that an API is a nebulous concept. It is quite difficult to 
find a concrete definition. Here is how I have decided to define an API 
in my paper, using API design material provided by the Netbeans site 
(there is remarkably little written about how to go about designing an 
API. I suspect it is one of those things that is so intrinsic to what 
programmers do, that they don't often stop to think about it. Maybe it's 
only a topic for academics):

“The API is everything that another team or application can depend on.” 
Also, it can be seen as an “interface between the internals of an 
application and a programatic (sic) usage of its functionality”. 
(Netbeans) To be more specific, the everything mentioned above includes 
method and field signatures, files and file content, environment 
variables, protocols, program behaviour, and localization issues 
(regarding culture and language, often referred to as L10n)

I was hoping to get feedback from OpenVPN developers about what kinds of 
controls/communications/data flow would be necessary between the OpenVPN 
software and a program trying to automatically maintain VPN connections 
over an extended period of time. I have been looking through the source 
code, trying to piece together the method and field signatures, files 
and file content, env vars.etc., with some success, but I thought some 
feedback from those who know it intimately might help me decide what are 
the vital bits of functionality which should be accessible to an 
interface with this other program, and where in the source code to look. 
The ssl.h header file has been good to me in terms of understanding 
security protocols. I am looking through others at the moment. I have 
some ideas, but I'm new here, and was hoping to draw on some willing 
expertise. Perhaps the management interface does contain all that is 
necessary. My research in API design suggests that it is best to start 
small - get only the absolutely necessary interface components defined 
first, and then add carefully with experience. It is easy to add to an 
API, it is impossible to remove. So the question is, what are the bare 
essentials for another program to interface with OpenVPN, and where can 
their implementation be found in the source code? I thought the 
perspective of developers would make for some valuable research, hence 
my email.

Is that any more clear? Anyway, Once again, any feedback is welcome. If 
this is an unwelcome discussion, please let me know, and I'll quietly go 
back to lurking.

Thanks again,

Mike

Alon Bar-Lev wrote:
> I don't understand what you are calling an API, but please refer to:
> http://svn.openvpn.net/projects/openvpn/trunk/openvpn/management/management-notes.txt
>
> Maybe it will answer some of your questions.
>
> On 9/16/06, Mike Martin <Mike.Martin@xxxxxxxxxxxxx> wrote:
>   
>> Hello,
>>
>> My name is Mike Martin, and I am currently working on my M. Sc. I am
>> writing a research paper investigating the feasibility of developing an
>> API for a VPN, as discussed in the following quote:
>>
>> "It would be nice if the Grid application could access the VPN console,
>> re-affirm credentials, and register for notifications through an API
>> like the GSS or the Advance Reservation API listed above."
>> -Volker Sander (ed.) (2004) /Networking Issues for Grid Infrastructure/.
>> Global Grid Forum Document Series GFD-37. Available from:
>> http://www.ggf.org/documents/GFD.37.pdf
>>
>> I started this knowing very little about VPNs, or about API design, but
>> my research has led me to believe that OpenVPN would be the best tool
>> for the job (I am a firm believer in Open Source Software). I am
>> wondering if any OpenVPN developers would be willing to fill out a short
>> (from my perspective) questionnaire regarding the requirements for such
>> an API for OpenVPN, either for Grid applications specifically, or for
>> any client application in general, as I have come to the conclusion that
>> an API should not be specific to the client application, but should be
>> as general as possible. Any help at all would be greatly appreciated.
>>
>> If anyone is interested in participating, please email me off line so we
>> don't clutter your mailing list - unless there is such great interest
>> you would like to see it in the discussion.
>>
>> I am a professor of Computer Studies at Seneca College in Toronto:
>> mike.martin@xxxxxxxxxxxxx
>>
>> Thanks, you guys have created a great piece of software,
>>
>> Mike
>>
>> P.S. We are having our annual Open Source Software Conference in
>> October. Here is the url:
>> http://cs.senecac.on.ca/fsoss/2006/
>>
>> It would be good to see OpenVPN people there. Next year I would like to
>> do a presentation about OpenVPN, because I am getting so tired of
>> everyone thinking IPSec is the only high quality VPN technology. They
>> all suffer from the same misconceptions about SSL VPNs that are
>> discussed by Charlie Hosner in his SANS paper. I feel like a prophet
>> lost in the wilderness.
>>
>>
>>
>>
>> -------------------------------------------------------------------------
>> Using Tomcat but need to do more? Need to support web services, security?
>> Get stuff done quickly with pre-integrated technology to make your job easier
>> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
>> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>> _______________________________________________
>> Openvpn-devel mailing list
>> Openvpn-devel@xxxxxxxxxxxxxxxxxxxxx
>> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>>
>>     
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>   



-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642