NM previously only cleared secrets when the VPN service daemon quit, and the service daemons are on a 10-second inactivity timer. So if the user tried to re-activate the failed VPN connection within 10 seconds the old secrets would get used, which clearly isn't what we want. Ensure that whenever the VPN connection fails or disconnects, we ask the settings service for secrets again the next time. http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=bc653d222519965e552736b0ab30dc1b40539152 We need this patch in RHEL as soon as possible.
Just to be sure, when testing you might want to do steps 7 - 10 a few times.
rh528425-clear-vpn-secrets-on-failure.patch
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~ RHEL 5.5 Beta has been released! There should be a fix present in this release that addresses your request. Please test and report back results here, by March 3rd 2010 (2010-03-03) or sooner. Upon successful verification of this request, post your results and update the Verified field in Bugzilla with the appropriate value. If you encounter any issues while testing, please describe them and set this bug into NEED_INFO. If you encounter new defects or have additional patch(es) to request for inclusion, please clone this bug per each request and escalate through your support representative.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.