/* Print details of connection */
static void
show_connection (NMConnection *connection)
{
NMSettingConnection *s_con;
guint64 timestamp;
char *timestamp_str;
char timestamp_real_str[64];
const char *val1, *val2, *val3, *val3a, *val4, *val5;
s_con = nm_connection_get_setting_connection (connection);
if (s_con) {
/* Get various info from NMSettingConnection and show it */
timestamp = nm_setting_connection_get_timestamp (s_con);
timestamp_str = g_strdup_printf ("%" G_GUINT64_FORMAT, timestamp);
strftime (timestamp_real_str, sizeof (timestamp_real_str), "%c", localtime ((time_t *) ×tamp));
val1 = nm_setting_connection_get_id (s_con);
val2 = nm_setting_connection_get_uuid (s_con);
val3 = nm_setting_connection_get_connection_type (s_con);
val3a = nm_setting_connection_get_interface_name (s_con);
val4 = nm_connection_get_path (connection);
val5 = timestamp ? timestamp_real_str : "never";
printf ("%-25s | %s | %-15s | %10s | %-43s | %s\n", val1, val2, val3, val3a, val4, val5);
g_free (timestamp_str);
}
}
void
nm_utils_complete_generic (NMConnection *connection,
const char *ctype,
const GSList *existing,
const char *format,
const char *preferred,
gboolean default_enable_ipv6)
{
NMSettingConnection *s_con;
NMSettingIP4Config *s_ip4;
NMSettingIP6Config *s_ip6;
const char *method;
char *id, *uuid;
s_con = nm_connection_get_setting_connection (connection);
if (!s_con) {
s_con = (NMSettingConnection *) nm_setting_connection_new ();
nm_connection_add_setting (connection, NM_SETTING (s_con));
}
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_TYPE, ctype, NULL);
if (!nm_setting_connection_get_uuid (s_con)) {
uuid = nm_utils_uuid_generate ();
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_UUID, uuid, NULL);
g_free (uuid);
}
/* Add a connection ID if absent */
if (!nm_setting_connection_get_id (s_con)) {
id = get_new_connection_name (existing, format, preferred);
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_ID, id, NULL);
g_free (id);
}
/* Add an 'auto' IPv4 connection if present */
s_ip4 = nm_connection_get_setting_ip4_config (connection);
if (!s_ip4) {
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
}
method = nm_setting_ip4_config_get_method (s_ip4);
if (!method) {
g_object_set (G_OBJECT (s_ip4),
NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO,
NULL);
}
/* Add an 'auto' IPv6 setting if allowed and not preset */
s_ip6 = nm_connection_get_setting_ip6_config (connection);
if (!s_ip6 && default_enable_ipv6) {
s_ip6 = (NMSettingIP6Config *) nm_setting_ip6_config_new ();
nm_connection_add_setting (connection, NM_SETTING (s_ip6));
}
if (s_ip6 && !nm_setting_ip6_config_get_method (s_ip6)) {
g_object_set (G_OBJECT (s_ip6),
NM_SETTING_IP6_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_AUTO,
NM_SETTING_IP6_CONFIG_MAY_FAIL, TRUE,
NULL);
}
}
static void
delete_secrets (NMSecretAgent *agent,
NMConnection *connection,
const char *connection_path,
NMSecretAgentDeleteSecretsFunc callback,
gpointer callback_data)
{
AppletAgentPrivate *priv = APPLET_AGENT_GET_PRIVATE (agent);
Request *r;
NMSettingConnection *s_con;
const char *uuid;
r = request_new (agent, connection, connection_path, NULL, NULL, FALSE, NULL, NULL, callback, callback_data);
g_hash_table_insert (priv->requests, GUINT_TO_POINTER (r->id), r);
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
g_assert (uuid);
secret_password_clear (&network_manager_secret_schema, r->cancellable,
delete_find_items_cb, r,
KEYRING_UUID_TAG, uuid,
NULL);
r->keyring_calls++;
}
static void
test_non_utf8_import (NMVpnPluginUiInterface *plugin, const char *dir)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
const char *expected_id = "Att äta en ko";
const char *charset = NULL;
/* Change charset to ISO-8859-15 to match iso885915.pcf */
g_get_charset (&charset);
setlocale (LC_ALL, "de_DE@euro");
connection = get_basic_connection ("non-utf8-import", plugin, dir, "iso885915.pcf");
setlocale (LC_ALL, charset);
ASSERT (connection != NULL, "non-utf8-import", "failed to import connection");
/* Connection setting */
s_con = nm_connection_get_setting_connection (connection);
ASSERT (s_con != NULL,
"non-utf8-import", "missing 'connection' setting");
ASSERT (strcmp (nm_setting_connection_get_id (s_con), expected_id) == 0,
"non-utf8-import", "unexpected connection ID");
ASSERT (nm_setting_connection_get_uuid (s_con) == NULL,
"non-utf8-import", "unexpected valid UUID");
/* VPN setting */
s_vpn = nm_connection_get_setting_vpn (connection);
ASSERT (s_vpn != NULL,
"non-utf8-import", "missing 'vpn' setting");
g_object_unref (connection);
}
static void
nmt_slave_list_set_property (GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec)
{
NmtSlaveListPrivate *priv = NMT_SLAVE_LIST_GET_PRIVATE (object);
switch (prop_id) {
case PROP_MASTER:
priv->master = g_value_dup_object (value);
if (priv->master) {
NMSettingConnection *s_con = nm_connection_get_setting_connection (priv->master);
priv->master_type = nm_setting_connection_get_connection_type (s_con);
priv->master_uuid = nm_setting_connection_get_uuid (s_con);
}
break;
case PROP_TYPE_FILTER:
priv->type_filter = g_value_get_pointer (value);
break;
case PROP_TYPE_FILTER_DATA:
priv->type_filter_data = g_value_get_pointer (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
}
}
static void
delete_secrets (NMSecretAgent *agent,
NMConnection *connection,
const char *connection_path,
NMSecretAgentDeleteSecretsFunc callback,
gpointer callback_data)
{
AppletAgentPrivate *priv = APPLET_AGENT_GET_PRIVATE (agent);
Request *r;
NMSettingConnection *s_con;
const char *uuid;
KeyringCall *call;
r = request_new (agent, connection, connection_path, NULL, NULL, FALSE, NULL, NULL, callback, callback_data);
g_hash_table_insert (priv->requests, GUINT_TO_POINTER (r->id), r);
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
g_assert (uuid);
call = keyring_call_new (r);
call->keyring_id = gnome_keyring_find_itemsv (GNOME_KEYRING_ITEM_GENERIC_SECRET,
delete_find_items_cb,
call,
keyring_call_free,
KEYRING_UUID_TAG,
GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
uuid,
NULL);
r->keyring_calls = g_slist_append (r->keyring_calls, call);
}
static void
impl_ifcfgrh_get_ifcfg_details (SettingsPluginIfcfg *plugin,
GDBusMethodInvocation *context,
const char *in_ifcfg)
{
NMIfcfgConnection *connection;
NMSettingConnection *s_con;
const char *uuid;
const char *path;
if (!g_path_is_absolute (in_ifcfg)) {
g_dbus_method_invocation_return_error (context,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,
"ifcfg path '%s' is not absolute", in_ifcfg);
return;
}
connection = find_by_path (plugin, in_ifcfg);
if ( !connection
|| nm_ifcfg_connection_get_unmanaged_spec (connection)
|| nm_ifcfg_connection_get_unrecognized_spec (connection)) {
g_dbus_method_invocation_return_error (context,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,
"ifcfg file '%s' unknown", in_ifcfg);
return;
}
s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection));
if (!s_con) {
g_dbus_method_invocation_return_error (context,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to retrieve the connection setting");
return;
}
uuid = nm_setting_connection_get_uuid (s_con);
if (!uuid) {
g_dbus_method_invocation_return_error (context,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to get the UUID");
return;
}
path = nm_connection_get_path (NM_CONNECTION (connection));
if (!path) {
g_dbus_method_invocation_return_error (context,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to get the connection D-Bus path");
return;
}
g_dbus_method_invocation_return_value (context,
g_variant_new ("(so)", uuid, path));
}
static void
import_cb (NMConnection *connection, gpointer user_data)
{
NewVpnInfo *info = (NewVpnInfo *) user_data;
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
const char *service_type;
char *s;
GError *error = NULL;
/* Basic sanity checks of the connection */
s_con = nm_connection_get_setting_connection (connection);
if (!s_con) {
s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ());
nm_connection_add_setting (connection, NM_SETTING (s_con));
}
s = (char *) nm_setting_connection_get_id (s_con);
if (!s) {
GSList *connections;
connections = nm_remote_settings_list_connections (info->settings);
s = ce_page_get_next_available_name (connections, _("VPN connection %d"));
g_object_set (s_con, NM_SETTING_CONNECTION_ID, s, NULL);
g_free (s);
g_slist_free (connections);
}
s = (char *) nm_setting_connection_get_connection_type (s_con);
if (!s || strcmp (s, NM_SETTING_VPN_SETTING_NAME))
g_object_set (s_con, NM_SETTING_CONNECTION_TYPE, NM_SETTING_VPN_SETTING_NAME, NULL);
s = (char *) nm_setting_connection_get_uuid (s_con);
if (!s) {
s = nm_utils_uuid_generate ();
g_object_set (s_con, NM_SETTING_CONNECTION_UUID, s, NULL);
g_free (s);
}
s_vpn = nm_connection_get_setting_vpn (connection);
service_type = s_vpn ? nm_setting_vpn_get_service_type (s_vpn) : NULL;
if (!service_type || !strlen (service_type)) {
g_object_unref (connection);
connection = NULL;
error = g_error_new_literal (NMA_ERROR, NMA_ERROR_GENERIC,
_("The VPN plugin failed to import the VPN connection correctly\n\nError: no VPN service type."));
}
info->result_func (connection, FALSE, error, info->user_data);
g_clear_error (&error);
g_object_unref (info->settings);
g_slice_free (NewVpnInfo, info);
}
gboolean
ifupdown_update_connection_from_if_block (NMConnection *connection,
if_block *block,
GError **error)
{
const char *type = NULL;
char *idstr = NULL;
char *uuid_base = NULL;
char *uuid = NULL;
NMSettingConnection *s_con;
gboolean success = FALSE;
s_con = nm_connection_get_setting_connection (connection);
if(!s_con) {
s_con = NM_SETTING_CONNECTION (nm_setting_connection_new());
g_assert (s_con);
nm_connection_add_setting (connection, NM_SETTING (s_con));
}
type = _ifupdownplugin_guess_connection_type (block);
idstr = g_strconcat ("Ifupdown (", block->name, ")", NULL);
uuid_base = idstr;
uuid = nm_utils_uuid_generate_from_string (uuid_base, -1, NM_UTILS_UUID_TYPE_LEGACY, NULL);
g_object_set (s_con,
NM_SETTING_CONNECTION_TYPE, type,
NM_SETTING_CONNECTION_INTERFACE_NAME, block->name,
NM_SETTING_CONNECTION_ID, idstr,
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_READ_ONLY, TRUE,
NM_SETTING_CONNECTION_AUTOCONNECT, FALSE,
NULL);
g_free (uuid);
nm_log_info (LOGD_SETTINGS, "update_connection_setting_from_if_block: name:%s, type:%s, id:%s, uuid: %s",
block->name, type, idstr, nm_setting_connection_get_uuid (s_con));
if (!strcmp (NM_SETTING_WIRED_SETTING_NAME, type))
update_wired_setting_from_if_block (connection, block);
else if (!strcmp (NM_SETTING_WIRELESS_SETTING_NAME, type)) {
update_wireless_setting_from_if_block (connection, block);
update_wireless_security_setting_from_if_block (connection, block);
}
if (ifparser_haskey(block, "inet6"))
success = update_ip6_setting_from_if_block (connection, block, error);
else
success = update_ip4_setting_from_if_block (connection, block, error);
if (success == TRUE)
success = nm_connection_verify (connection, error);
g_free (idstr);
return success;
}
void
nm_utils_complete_generic (NMPlatform *platform,
NMConnection *connection,
const char *ctype,
const GSList *existing,
const char *preferred_id,
const char *fallback_id_prefix,
const char *ifname_prefix,
gboolean default_enable_ipv6)
{
NMSettingConnection *s_con;
char *id, *uuid, *ifname;
GHashTable *parameters;
g_assert (fallback_id_prefix);
s_con = nm_connection_get_setting_connection (connection);
if (!s_con) {
s_con = (NMSettingConnection *) nm_setting_connection_new ();
nm_connection_add_setting (connection, NM_SETTING (s_con));
}
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_TYPE, ctype, NULL);
if (!nm_setting_connection_get_uuid (s_con)) {
uuid = nm_utils_uuid_generate ();
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_UUID, uuid, NULL);
g_free (uuid);
}
/* Add a connection ID if absent */
if (!nm_setting_connection_get_id (s_con)) {
id = get_new_connection_name (existing, preferred_id, fallback_id_prefix);
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_ID, id, NULL);
g_free (id);
}
/* Add an interface name, if requested */
if (ifname_prefix && !nm_setting_connection_get_interface_name (s_con)) {
ifname = get_new_connection_ifname (platform, existing, ifname_prefix);
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_INTERFACE_NAME, ifname, NULL);
g_free (ifname);
}
/* Normalize */
parameters = g_hash_table_new (g_str_hash, g_str_equal);
g_hash_table_insert (parameters, NM_CONNECTION_NORMALIZE_PARAM_IP6_CONFIG_METHOD,
default_enable_ipv6 ? NM_SETTING_IP6_CONFIG_METHOD_AUTO : NM_SETTING_IP6_CONFIG_METHOD_IGNORE);
nm_connection_normalize (connection, parameters, NULL, NULL);
g_hash_table_destroy (parameters);
}
static GtkWidget *
fill_password (GladeXML *xml,
const char *widget_name,
NMConnection *connection,
const char *password_type)
{
GtkWidget *widget = NULL;
gchar *password = NULL;
widget = glade_xml_get_widget (xml, widget_name);
g_assert (widget);
if (!connection)
return widget;
password = NULL;
if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
NMSettingVPN *s_vpn;
s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
if (s_vpn) {
const gchar *tmp = NULL;
tmp = nm_setting_vpn_get_secret (s_vpn, password_type);
if (tmp)
password = gnome_keyring_memory_strdup (tmp);
}
} else {
NMSettingConnection *s_con = NULL;
gboolean unused;
const char *uuid;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
uuid = nm_setting_connection_get_uuid (s_con);
password = keyring_helpers_lookup_secret (uuid,
password_type,
&unused);
}
if (password) {
gtk_entry_set_text (GTK_ENTRY (widget), password);
gnome_keyring_memory_free (password);
}
return widget;
}
static void
get_property (GObject *object, guint prop_id,
GValue *value, GParamSpec *pspec)
{
NMSettingConnection *setting = NM_SETTING_CONNECTION (object);
NMSettingConnectionPrivate *priv = NM_SETTING_CONNECTION_GET_PRIVATE (setting);
switch (prop_id) {
case PROP_ID:
g_value_set_string (value, nm_setting_connection_get_id (setting));
break;
case PROP_UUID:
g_value_set_string (value, nm_setting_connection_get_uuid (setting));
break;
case PROP_TYPE:
g_value_set_string (value, nm_setting_connection_get_connection_type (setting));
break;
case PROP_PERMISSIONS:
g_value_take_boxed (value, perm_permlist_to_stringlist (priv->permissions));
break;
case PROP_AUTOCONNECT:
g_value_set_boolean (value, nm_setting_connection_get_autoconnect (setting));
break;
case PROP_TIMESTAMP:
g_value_set_uint64 (value, nm_setting_connection_get_timestamp (setting));
break;
case PROP_READ_ONLY:
g_value_set_boolean (value, nm_setting_connection_get_read_only (setting));
break;
case PROP_ZONE:
g_value_set_string (value, nm_setting_connection_get_zone (setting));
break;
case PROP_MASTER:
g_value_set_string (value, nm_setting_connection_get_master (setting));
break;
case PROP_SLAVE_TYPE:
g_value_set_string (value, nm_setting_connection_get_slave_type (setting));
break;
case PROP_SECONDARIES:
g_value_set_boxed (value, priv->secondaries);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
}
}
static NMConnection *
find_connection(GSList *list, const char *uuid)
{
NMSettingConnection *s_con;
NMConnection *connection;
GSList *iterator;
iterator = list;
while (iterator) {
connection = NM_CONNECTION (iterator->data);
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
if (s_con && !strcmp(nm_setting_connection_get_uuid(s_con), uuid))
return connection;
iterator = g_slist_next (iterator);
}
return NULL;
}
GnomeKeyringAttributeList *
utils_create_keyring_add_attr_list (NMConnection *connection,
const char *connection_uuid,
const char *connection_id,
const char *setting_name,
const char *setting_key,
char **out_display_name)
{
GnomeKeyringAttributeList *attrs = NULL;
NMSettingConnection *s_con;
if (connection) {
s_con = nm_connection_get_setting_connection (connection);
g_return_val_if_fail (s_con != NULL, NULL);
connection_uuid = nm_setting_connection_get_uuid (s_con);
connection_id = nm_setting_connection_get_id (s_con);
}
g_return_val_if_fail (connection_uuid != NULL, NULL);
g_return_val_if_fail (connection_id != NULL, NULL);
g_return_val_if_fail (setting_name != NULL, NULL);
g_return_val_if_fail (setting_key != NULL, NULL);
if (out_display_name) {
*out_display_name = g_strdup_printf ("Network secret for %s/%s/%s",
connection_id,
setting_name,
setting_key);
}
attrs = gnome_keyring_attribute_list_new ();
gnome_keyring_attribute_list_append_string (attrs,
KEYRING_UUID_TAG,
connection_uuid);
gnome_keyring_attribute_list_append_string (attrs,
KEYRING_SN_TAG,
setting_name);
gnome_keyring_attribute_list_append_string (attrs,
KEYRING_SK_TAG,
setting_key);
return attrs;
}
static gboolean
save_secrets (NMVpnPluginUiWidgetInterface *iface,
NMConnection *connection,
GError **error)
{
L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (iface);
L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
GnomeKeyringResult ret;
NMSettingConnection *s_con;
GtkWidget *widget;
const char *str, *uuid, *id;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
if (!s_con) {
g_set_error (error,
L2TP_PLUGIN_UI_ERROR,
L2TP_PLUGIN_UI_ERROR_INVALID_CONNECTION,
"missing 'connection' setting");
return FALSE;
}
id = nm_setting_connection_get_id (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
widget = glade_xml_get_widget (priv->xml, "user_password_entry");
g_assert (widget);
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str)) {
ret = keyring_helpers_save_secret (uuid, id, NULL, NM_L2TP_KEY_PASSWORD, str);
if (ret != GNOME_KEYRING_RESULT_OK)
g_warning ("%s: failed to save user password to keyring.", __func__);
} else
keyring_helpers_delete_secret (uuid, NM_L2TP_KEY_PASSWORD);
return TRUE;
}
static gboolean
delete_connection (NMVpnPluginUiInterface *iface,
NMConnection *connection,
GError **error)
{
NMSettingConnection *s_con = NULL;
const char *uuid;
/* Remove any secrets in the keyring associated with this connection's UUID */
s_con = (NMSettingConnection *) nm_connection_get_setting (connection,
NM_TYPE_SETTING_CONNECTION);
if (!s_con) {
g_set_error (error,
L2TP_PLUGIN_UI_ERROR,
L2TP_PLUGIN_UI_ERROR_INVALID_CONNECTION,
"missing 'connection' setting");
return FALSE;
}
uuid = nm_setting_connection_get_uuid (s_con);
keyring_helpers_delete_secret (uuid, NM_L2TP_KEY_PASSWORD);
return TRUE;
}
gboolean
applet_vpn_request_get_secrets (SecretsRequest *req, GError **error)
{
VpnSecretsInfo *info = (VpnSecretsInfo *) req;
AppletVpnRequestPrivate *priv;
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
const char *connection_type;
const char *service_type;
char *bin_path;
const char *argv[10];
gboolean success = FALSE;
guint i = 0;
applet_secrets_request_set_free_func (req, free_vpn_secrets_info);
s_con = nm_connection_get_setting_connection (req->connection);
g_return_val_if_fail (s_con != NULL, FALSE);
connection_type = nm_setting_connection_get_connection_type (s_con);
g_return_val_if_fail (connection_type != NULL, FALSE);
g_return_val_if_fail (strcmp (connection_type, NM_SETTING_VPN_SETTING_NAME) == 0, FALSE);
s_vpn = nm_connection_get_setting_vpn (req->connection);
g_return_val_if_fail (s_vpn != NULL, FALSE);
service_type = nm_setting_vpn_get_service_type (s_vpn);
g_return_val_if_fail (service_type != NULL, FALSE);
/* find the auth-dialog binary */
bin_path = find_auth_dialog_binary (service_type, error);
if (!bin_path)
return FALSE;
info->vpn = (AppletVpnRequest *) g_object_new (APPLET_TYPE_VPN_REQUEST, NULL);
if (!info->vpn) {
g_set_error_literal (error,
NM_SECRET_AGENT_ERROR,
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
"Could not create VPN secrets request object");
goto out;
}
priv = APPLET_VPN_REQUEST_GET_PRIVATE (info->vpn);
memset (argv, 0, sizeof (argv));
argv[i++] = bin_path;
argv[i++] = "-u";
argv[i++] = nm_setting_connection_get_uuid (s_con);
argv[i++] = "-n";
argv[i++] = nm_setting_connection_get_id (s_con);
argv[i++] = "-s";
argv[i++] = service_type;
if (req->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION)
argv[i++] = "-i";
if (req->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW)
argv[i++] = "-r";
if (!g_spawn_async_with_pipes (NULL, /* working_directory */
(gchar **) argv, /* argv */
NULL, /* envp */
G_SPAWN_DO_NOT_REAP_CHILD, /* flags */
vpn_child_setup, /* child_setup */
NULL, /* user_data */
&priv->pid, /* child_pid */
&priv->child_stdin, /* standard_input */
&priv->child_stdout, /* standard_output */
NULL, /* standard_error */
error)) /* error */
goto out;
/* catch when child is reaped */
priv->watch_id = g_child_watch_add (priv->pid, child_finished_cb, info);
/* listen to what child has to say */
priv->channel = g_io_channel_unix_new (priv->child_stdout);
priv->channel_eventid = g_io_add_watch (priv->channel, G_IO_IN, child_stdout_data_cb, info);
g_io_channel_set_encoding (priv->channel, NULL, NULL);
/* Dump parts of the connection to the child */
success = write_connection_to_child (priv->child_stdin, req->connection, error);
out:
g_free (bin_path);
return success;
}
static void
test_basic_import (NMVpnPluginUiInterface *plugin, const char *dir)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingIP4Config *s_ip4;
NMSettingVPN *s_vpn;
NMIP4Route *route;
struct in_addr tmp;
const char *expected_id = "Basic VPN";
const char *expected_route1_dest = "10.0.0.0";
const char *expected_route1_gw = "0.0.0.0";
const char *expected_route2_dest = "172.16.0.0";
const char *expected_route2_gw = "0.0.0.0";
connection = get_basic_connection ("basic-import", plugin, dir, "basic.pcf");
ASSERT (connection != NULL, "basic-import", "failed to import connection");
/* Connection setting */
s_con = nm_connection_get_setting_connection (connection);
ASSERT (s_con != NULL,
"basic-import", "missing 'connection' setting");
ASSERT (strcmp (nm_setting_connection_get_id (s_con), expected_id) == 0,
"basic-import", "unexpected connection ID");
ASSERT (nm_setting_connection_get_uuid (s_con) == NULL,
"basic-import", "unexpected valid UUID");
/* IP4 setting */
s_ip4 = nm_connection_get_setting_ip4_config (connection);
ASSERT (s_ip4 != NULL,
"basic-import", "missing 'ip4-config' setting");
ASSERT (nm_setting_ip4_config_get_num_addresses (s_ip4) == 0,
"basic-import", "unexpected addresses");
ASSERT (nm_setting_ip4_config_get_never_default (s_ip4) == TRUE,
"basic-import", "never-default unexpectedly FALSE");
ASSERT (nm_setting_ip4_config_get_method (s_ip4) == NULL,
"basic-import", "unexpected IPv4 method");
ASSERT (nm_setting_ip4_config_get_dhcp_client_id (s_ip4) == NULL,
"basic-import", "unexpected valid DHCP client ID");
ASSERT (nm_setting_ip4_config_get_dhcp_hostname (s_ip4) == NULL,
"basic-import", "unexpected valid DHCP hostname");
ASSERT (nm_setting_ip4_config_get_num_dns_searches (s_ip4) == 0,
"basic-import", "unexpected DNS searches");
ASSERT (nm_setting_ip4_config_get_num_dns (s_ip4) == 0,
"basic-import", "unexpected DNS servers");
ASSERT (nm_setting_ip4_config_get_num_routes (s_ip4) == 2,
"basic-import", "unexpected number of routes");
/* Route #1 */
route = nm_setting_ip4_config_get_route (s_ip4, 0);
ASSERT (inet_pton (AF_INET, expected_route1_dest, &tmp) > 0,
"basic-import", "couldn't convert expected route destination #1");
ASSERT (nm_ip4_route_get_dest (route) == tmp.s_addr,
"basic-import", "unexpected route #1 destination");
ASSERT (inet_pton (AF_INET, expected_route1_gw, &tmp) > 0,
"basic-import", "couldn't convert expected route next hop #1");
ASSERT (nm_ip4_route_get_next_hop (route) == tmp.s_addr,
"basic-import", "unexpected route #1 next hop");
ASSERT (nm_ip4_route_get_prefix (route) == 8,
"basic-import", "unexpected route #1 prefix");
ASSERT (nm_ip4_route_get_metric (route) == 0,
"basic-import", "unexpected route #1 metric");
/* Route #2 */
route = nm_setting_ip4_config_get_route (s_ip4, 1);
ASSERT (inet_pton (AF_INET, expected_route2_dest, &tmp) > 0,
"basic-import", "couldn't convert expected route destination #2");
ASSERT (nm_ip4_route_get_dest (route) == tmp.s_addr,
"basic-import", "unexpected route #2 destination");
ASSERT (inet_pton (AF_INET, expected_route2_gw, &tmp) > 0,
"basic-import", "couldn't convert expected route next hop #2");
ASSERT (nm_ip4_route_get_next_hop (route) == tmp.s_addr,
"basic-import", "unexpected route #2 next hop");
ASSERT (nm_ip4_route_get_prefix (route) == 16,
"basic-import", "unexpected route #2 prefix");
ASSERT (nm_ip4_route_get_metric (route) == 0,
"basic-import", "unexpected route #2 metric");
/* VPN setting */
s_vpn = nm_connection_get_setting_vpn (connection);
ASSERT (s_vpn != NULL,
"basic-import", "missing 'vpn' setting");
/* Data items */
test_items ("basic-import-data", s_vpn, &basic_items[0], FALSE);
/* Secrets */
test_items ("basic-import-secrets", s_vpn, &basic_secrets[0], TRUE);
g_object_unref (connection);
}
gboolean
eap_method_nag_init (EAPMethod *method,
const char *ca_cert_chooser,
NMConnection *connection)
{
GtkWidget *dialog, *widget;
NagDialogResponseInfo *info;
GError *error = NULL;
char *text;
g_return_val_if_fail (method != NULL, FALSE);
g_return_val_if_fail (ca_cert_chooser != NULL, FALSE);
method->nag_builder = gtk_builder_new ();
if (!gtk_builder_add_from_resource (method->nag_builder, NAG_DIALOG_UI, &error)) {
g_warning ("Couldn't load UI builder file " NAG_DIALOG_UI ": %s",
error->message);
g_error_free (error);
return FALSE;
}
method->ca_cert_chooser = g_strdup (ca_cert_chooser);
if (connection) {
NMSettingConnection *s_con;
const char *uuid;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
g_assert (uuid);
/* Figure out if the user wants to ignore missing CA cert */
method->ignore_ca_cert = _get_ignore_ca_cert (uuid, method->phase2);
}
info = g_malloc0 (sizeof (NagDialogResponseInfo));
info->method = method;
info->connection = connection;
dialog = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "nag_user_dialog"));
g_assert (dialog);
g_signal_connect (dialog, "response", G_CALLBACK (nag_dialog_response_cb), info);
g_signal_connect (dialog, "delete-event", G_CALLBACK (nag_dialog_delete_event_cb), info);
g_object_weak_ref (G_OBJECT (dialog), nag_dialog_destroyed, info);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "content_label"));
g_assert (widget);
text = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s",
_("No Certificate Authority certificate chosen"),
_("Not using a Certificate Authority (CA) certificate can result in connections to insecure, rogue Wi-Fi networks. Would you like to choose a Certificate Authority certificate?"));
gtk_label_set_markup (GTK_LABEL (widget), text);
g_free (text);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "ignore_button"));
gtk_button_set_label (GTK_BUTTON (widget), _("Ignore"));
g_assert (widget);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "change_button"));
gtk_button_set_label (GTK_BUTTON (widget), _("Choose CA Certificate"));
g_assert (widget);
method->nag_dialog = dialog;
return TRUE;
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
{
EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
NMSetting8021x *s_8021x;
NMSettingConnection *s_con;
GtkWidget *widget;
char *ca_filename, *pk_filename, *cc_filename;
const char *password = NULL;
GError *error = NULL;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
g_assert (s_8021x);
if (method->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "tls", NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, "tls");
widget = glade_xml_get_widget (parent->xml, "eap_tls_identity_entry");
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
/* TLS private key */
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_password_entry");
g_assert (widget);
password = gtk_entry_get_text (GTK_ENTRY (widget));
g_assert (password);
widget = glade_xml_get_widget (parent->xml, "eap_tls_private_key_button");
g_assert (widget);
pk_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (pk_filename);
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
g_free (pk_filename);
/* TLS client certificate */
if (format != NM_SETTING_802_1X_CK_FORMAT_PKCS12) {
/* If the key is pkcs#12 nm_setting_802_1x_set_private_key() already
* set the client certificate for us.
*/
widget = glade_xml_get_widget (parent->xml, "eap_tls_user_cert_button");
g_assert (widget);
cc_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (cc_filename);
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_client_cert (s_8021x, cc_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 client certificate '%s': %s", cc_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_client_cert (s_8021x, cc_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read client certificate '%s': %s", cc_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
g_free (cc_filename);
}
/* TLS CA certificate */
widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_button");
g_assert (widget);
ca_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
if (method->phase2) {
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
} else {
if (!nm_setting_802_1x_set_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
}
nm_gconf_set_ignore_ca_cert (nm_setting_connection_get_uuid (s_con),
method->phase2,
eap_method_get_ignore_ca_cert (parent));
}
static gboolean
impl_ifcfgrh_get_ifcfg_details (SCPluginIfcfg *plugin,
const char *in_ifcfg,
const char **out_uuid,
const char **out_path,
GError **error)
{
NMIfcfgConnection *connection;
NMSettingConnection *s_con;
const char *uuid;
const char *path;
if (!g_path_is_absolute (in_ifcfg)) {
g_set_error (error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,
"ifcfg path '%s' is not absolute", in_ifcfg);
return FALSE;
}
connection = find_by_path (plugin, in_ifcfg);
if ( !connection
|| nm_ifcfg_connection_get_unmanaged_spec (connection)
|| nm_ifcfg_connection_get_unrecognized_spec (connection)) {
g_set_error (error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,
"ifcfg file '%s' unknown", in_ifcfg);
return FALSE;
}
s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection));
if (!s_con) {
g_set_error (error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to retrieve the connection setting");
return FALSE;
}
uuid = nm_setting_connection_get_uuid (s_con);
if (!uuid) {
g_set_error (error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to get the UUID");
return FALSE;
}
path = nm_connection_get_path (NM_CONNECTION (connection));
if (!path) {
g_set_error (error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"unable to get the connection D-Bus path");
return FALSE;
}
*out_uuid = g_strdup (uuid);
*out_path = g_strdup (path);
return TRUE;
}
