static void
update_from_filechooser (GtkBuilder *builder,
const char *key,
const char *widget_name,
NMSettingVPN *s_vpn)
{
GtkWidget *widget;
char *filename;
char *authtype;
g_return_if_fail (builder != NULL);
g_return_if_fail (key != NULL);
g_return_if_fail (widget_name != NULL);
g_return_if_fail (s_vpn != NULL);
widget = GTK_WIDGET (gtk_builder_get_object (builder, widget_name));
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (filename && strlen(filename)) {
nm_setting_vpn_add_data_item (s_vpn, key, filename);
authtype = "cert";
} else {
nm_setting_vpn_remove_data_item (s_vpn, key);
authtype = "password";
}
/* Hack to keep older nm-auth-dialog working */
if (!strcmp(key, NM_OPENCONNECT_KEY_USERCERT))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_AUTHTYPE, authtype);
g_free (filename);
}
static void
test_setting_vpn_items (void)
{
NMSettingVPN *s_vpn;
s_vpn = (NMSettingVPN *) nm_setting_vpn_new ();
ASSERT (s_vpn != NULL,
"vpn-items",
"error creating vpn setting");
nm_setting_vpn_add_data_item (s_vpn, "foobar1", "blahblah1");
nm_setting_vpn_add_data_item (s_vpn, "foobar2", "blahblah2");
nm_setting_vpn_add_data_item (s_vpn, "foobar3", "blahblah3");
nm_setting_vpn_add_data_item (s_vpn, "foobar4", "blahblah4");
/* Ensure that added values are all present */
nm_setting_vpn_foreach_data_item (s_vpn, vpn_check_func, "vpn-data");
nm_setting_vpn_remove_data_item (s_vpn, "foobar1");
nm_setting_vpn_remove_data_item (s_vpn, "foobar2");
nm_setting_vpn_remove_data_item (s_vpn, "foobar3");
nm_setting_vpn_remove_data_item (s_vpn, "foobar4");
nm_setting_vpn_add_secret (s_vpn, "foobar1", "blahblah1");
nm_setting_vpn_add_secret (s_vpn, "foobar2", "blahblah2");
nm_setting_vpn_add_secret (s_vpn, "foobar3", "blahblah3");
nm_setting_vpn_add_secret (s_vpn, "foobar4", "blahblah4");
/* Ensure that added values are all present */
nm_setting_vpn_foreach_secret (s_vpn, vpn_check_func, "vpn-secrets");
nm_setting_vpn_remove_secret (s_vpn, "foobar1");
nm_setting_vpn_remove_secret (s_vpn, "foobar2");
nm_setting_vpn_remove_secret (s_vpn, "foobar3");
nm_setting_vpn_remove_secret (s_vpn, "foobar4");
/* Try to add some blank values and make sure they are rejected */
nm_setting_vpn_add_data_item (s_vpn, NULL, NULL);
nm_setting_vpn_add_data_item (s_vpn, "", "");
nm_setting_vpn_add_data_item (s_vpn, "foobar1", NULL);
nm_setting_vpn_add_data_item (s_vpn, "foobar1", "");
nm_setting_vpn_add_data_item (s_vpn, NULL, "blahblah1");
nm_setting_vpn_add_data_item (s_vpn, "", "blahblah1");
nm_setting_vpn_foreach_data_item (s_vpn, vpn_check_empty_func, "vpn-data-empty");
/* Try to add some blank secrets and make sure they are rejected */
nm_setting_vpn_add_secret (s_vpn, NULL, NULL);
nm_setting_vpn_add_secret (s_vpn, "", "");
nm_setting_vpn_add_secret (s_vpn, "foobar1", NULL);
nm_setting_vpn_add_secret (s_vpn, "foobar1", "");
nm_setting_vpn_add_secret (s_vpn, NULL, "blahblah1");
nm_setting_vpn_add_secret (s_vpn, "", "blahblah1");
nm_setting_vpn_foreach_secret (s_vpn, vpn_check_empty_func, "vpn-secrets-empty");
g_object_unref (s_vpn);
}
static void
hash_copy_advanced (gpointer key, gpointer data, gpointer user_data)
{
NMSettingVPN *s_vpn = NM_SETTING_VPN (user_data);
nm_setting_vpn_add_data_item (s_vpn, (const char *) key, (const char *) data);
}
static void
read_hash_of_string (GKeyFile *file, NMSetting *setting, const char *key)
{
char **keys, **iter;
char *value;
const char *setting_name = nm_setting_get_name (setting);
keys = nm_keyfile_plugin_kf_get_keys (file, setting_name, NULL, NULL);
if (!keys || !*keys)
return;
for (iter = keys; *iter; iter++) {
value = nm_keyfile_plugin_kf_get_string (file, setting_name, *iter, NULL);
if (!value)
continue;
if (NM_IS_SETTING_VPN (setting)) {
if (strcmp (*iter, NM_SETTING_VPN_SERVICE_TYPE))
nm_setting_vpn_add_data_item (NM_SETTING_VPN (setting), *iter, value);
}
if (NM_IS_SETTING_BOND (setting)) {
if (strcmp (*iter, NM_SETTING_BOND_INTERFACE_NAME))
nm_setting_bond_add_option (NM_SETTING_BOND (setting), *iter, value);
}
g_free (value);
}
g_strfreev (keys);
}
static void
test_nat_export (NMVpnPluginUiInterface *plugin,
const char *dir,
const char *tmpdir,
const char *nat_mode)
{
NMConnection *connection;
NMSettingVPN *s_vpn;
NMConnection *reimported;
char *path;
gboolean success;
GError *error = NULL;
int ret;
connection = get_basic_connection ("nat-export", plugin, dir, "basic.pcf");
ASSERT (connection != NULL, "nat-export", "failed to import connection");
s_vpn = nm_connection_get_setting_vpn (connection);
ASSERT (s_vpn != NULL, "nat-export", "imported connection had no VPN setting");
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NAT_TRAVERSAL_MODE, nat_mode);
path = g_build_path ("/", tmpdir, NAT_EXPORTED_NAME, NULL);
success = nm_vpn_plugin_ui_interface_export (plugin, path, connection, &error);
if (!success) {
if (!error)
FAIL ("nat-export", "export failed with missing error");
else
FAIL ("nat-export", "export failed: %s", error->message);
}
/* Now re-import it and compare the connections to ensure they are the same */
reimported = get_basic_connection ("nat-export", plugin, tmpdir, NAT_EXPORTED_NAME);
ret = unlink (path);
ASSERT (connection != NULL, "nat-export", "failed to re-import connection");
/* Clear secrets first, since they don't get exported, and thus would
* make the connection comparison below fail.
*/
remove_user_password (connection);
/* Since we don't export the user password, but the original connection
* had one, we need to add secret flags to the re-imported connection.
*/
s_vpn = nm_connection_get_setting_vpn (reimported);
nm_setting_set_secret_flags (NM_SETTING (s_vpn),
NM_VPNC_KEY_SECRET,
NM_SETTING_SECRET_FLAG_AGENT_OWNED,
NULL);
ASSERT (nm_connection_compare (connection, reimported, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"nat-export", "original and reimported connection differ");
g_object_unref (reimported);
g_object_unref (connection);
g_free (path);
}
static gboolean
update_connection (NMVpnPluginUiWidgetInterface *iface,
NMConnection *connection,
GError **error)
{
L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (iface);
L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingVPN *s_vpn;
GtkWidget *widget;
const char *str;
gboolean valid = FALSE;
if (!check_validity (self, error))
return FALSE;
s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_L2TP, NULL);
/* Gateway */
widget = glade_xml_get_widget (priv->xml, "gateway_entry");
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_GATEWAY, str);
/* Username */
widget = glade_xml_get_widget (priv->xml, "user_entry");
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_USER, str);
/* Domain */
widget = glade_xml_get_widget (priv->xml, "domain_entry");
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_DOMAIN, str);
if (priv->advanced)
g_hash_table_foreach (priv->advanced, hash_copy_advanced, s_vpn);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
valid = TRUE;
return valid;
}
static gboolean
real_connect (NMVpnServicePlugin *plugin,
NMConnection *connection,
GError **error)
{
NMSstpPluginPrivate *priv = NM_SSTP_PLUGIN_GET_PRIVATE (plugin);
NMSettingVpn *s_vpn;
const char *gwaddr;
const char *value;
s_vpn = nm_connection_get_setting_vpn (connection);
g_assert (s_vpn);
gwaddr = nm_setting_vpn_get_data_item (s_vpn, NM_SSTP_KEY_GATEWAY);
if (!gwaddr || !strlen (gwaddr)) {
g_set_error_literal (error,
NM_VPN_PLUGIN_ERROR,
NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED,
_("Invalid or missing SSTP gateway."));
return FALSE;
}
/* Set the UUID of the connection */
value = nm_connection_get_uuid(connection);
if (value && strlen(value))
nm_setting_vpn_add_data_item(s_vpn, NM_SSTP_KEY_UUID, value);
if (!nm_sstp_properties_validate (s_vpn, error))
return FALSE;
if (!nm_sstp_secrets_validate (s_vpn, error))
return FALSE;
priv->connection = g_object_ref (connection);
if (getenv ("NM_PPP_DUMP_CONNECTION") || debug)
nm_connection_dump (connection);
return nm_sstp_start_pppd_binary (NM_SSTP_PLUGIN (plugin),
s_vpn,
gwaddr,
error);
}
static void
save_one_password (NMSettingVPN *s_vpn,
GtkBuilder *builder,
const char *entry_name,
const char *combo_name,
const char *secret_key,
const char *type_key)
{
NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
const char *data_val = NULL, *password;
GtkWidget *entry, *combo;
entry = GTK_WIDGET (gtk_builder_get_object (builder, entry_name));
flags = GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (entry), "flags"));
combo = GTK_WIDGET (gtk_builder_get_object (builder, combo_name));
switch (gtk_combo_box_get_active (GTK_COMBO_BOX (combo))) {
case PW_TYPE_SAVE:
password = gtk_entry_get_text (GTK_ENTRY (entry));
if (password && strlen (password))
nm_setting_vpn_add_secret (s_vpn, secret_key, password);
data_val = NM_OPENSWAN_PW_TYPE_SAVE;
break;
case PW_TYPE_UNUSED:
data_val = NM_OPENSWAN_PW_TYPE_UNUSED;
flags |= NM_SETTING_SECRET_FLAG_NOT_REQUIRED;
break;
case PW_TYPE_ASK:
default:
data_val = NM_OPENSWAN_PW_TYPE_ASK;
flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED;
break;
}
/* Set both new secret flags and old data item for backwards compat */
nm_setting_vpn_add_data_item (s_vpn, type_key, data_val);
nm_setting_set_secret_flags (NM_SETTING (s_vpn), secret_key, flags, NULL);
}
static void
save_one_password (NMSettingVpn *s_vpn,
GtkBuilder *builder,
const char *entry_name,
const char *secret_key,
const char *type_key)
{
NMSettingSecretFlags flags;
const char *data_val = NULL, *password;
GtkWidget *entry;
/* Get secret flags */
entry = GTK_WIDGET (gtk_builder_get_object (builder, entry_name));
flags = nma_utils_menu_to_secret_flags (entry);
/* Save password and convert flags to legacy data items */
switch (flags) {
case NM_SETTING_SECRET_FLAG_NONE:
case NM_SETTING_SECRET_FLAG_AGENT_OWNED:
password = gtk_entry_get_text (GTK_ENTRY (entry));
if (password && strlen (password))
nm_setting_vpn_add_secret (s_vpn, secret_key, password);
data_val = NM_VPNC_PW_TYPE_SAVE;
break;
case NM_SETTING_SECRET_FLAG_NOT_REQUIRED:
data_val = NM_VPNC_PW_TYPE_UNUSED;
break;
case NM_SETTING_SECRET_FLAG_NOT_SAVED:
default:
data_val = NM_VPNC_PW_TYPE_ASK;
break;
}
/* Set both new secret flags and old data item for backwards compat */
nm_setting_vpn_add_data_item (s_vpn, type_key, data_val);
nm_setting_set_secret_flags (NM_SETTING (s_vpn), secret_key, flags, NULL);
}
static NMConnection *
import (NMVpnPluginUiInterface *iface, const char *path, GError **error)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
NMSettingIP4Config *s_ip4;
GKeyFile *keyfile;
GKeyFileFlags flags;
const char *buf;
keyfile = g_key_file_new ();
flags = G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS;
if (!g_key_file_load_from_file (keyfile, path, flags, error)) {
g_set_error (error,
NM_IODINE_IMPORT_EXPORT_ERROR,
NM_IODINE_IMPORT_EXPORT_ERROR_NOT_IODINE,
"does not look like a %s VPN connection (parse failed)",
IODINE_PLUGIN_NAME);
return NULL;
}
connection = nm_connection_new ();
s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ());
nm_connection_add_setting (connection, NM_SETTING (s_con));
s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (s_vpn,
NM_SETTING_VPN_SERVICE_TYPE,
NM_DBUS_SERVICE_IODINE,
NULL);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
s_ip4 = NM_SETTING_IP4_CONFIG (nm_setting_ip4_config_new ());
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
/* top level domain */
buf = g_key_file_get_string (keyfile, "iodine", "topdomain", NULL);
if (buf) {
nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_TOPDOMAIN, buf);
} else {
g_set_error (error,
NM_IODINE_IMPORT_EXPORT_ERROR,
NM_IODINE_IMPORT_EXPORT_ERROR_NOT_IODINE,
"does not look like a %s VPN connection "
"(no top level domain)",
IODINE_PLUGIN_NAME);
g_object_unref (connection);
return NULL;
}
/* Optional Settings */
/* Description */
buf = g_key_file_get_string (keyfile, "iodine", "Description", NULL);
if (buf)
g_object_set (s_con, NM_SETTING_CONNECTION_ID, buf, NULL);
/* Name server */
buf = g_key_file_get_string (keyfile, "iodine", "Nameserver", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_NAMESERVER, buf);
/* Fragment size */
buf = g_key_file_get_string (keyfile, "iodine", "Fragsize", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_FRAGSIZE, "yes");
return connection;
}
static gboolean
update_connection (NMVpnPluginUiWidgetInterface *iface,
NMConnection *connection,
GError **error)
{
StrongswanPluginUiWidget *self = STRONGSWAN_PLUGIN_UI_WIDGET (iface);
StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingVPN *settings;
GtkWidget *widget;
gboolean active;
char *str;
if (!check_validity (self, error))
return FALSE;
settings = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (settings, NM_SETTING_VPN_SERVICE_TYPE,
NM_DBUS_SERVICE_STRONGSWAN, NULL);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "address-entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str)) {
nm_setting_vpn_add_data_item (settings, "address", str);
}
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "certificate-button"));
str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (str) {
nm_setting_vpn_add_data_item (settings, "certificate", str);
}
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "method-combo"));
switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)))
{
default:
case 0:
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-button"));
str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (str) {
nm_setting_vpn_add_data_item (settings, "userkey", str);
}
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button"));
str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (str) {
nm_setting_vpn_add_data_item (settings, "usercert", str);
}
str = "key";
break;
case 1:
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button"));
str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (str) {
nm_setting_vpn_add_data_item (settings, "usercert", str);
}
str = "agent";
break;
case 2:
str = "smartcard";
break;
case 3:
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str)) {
nm_setting_vpn_add_data_item (settings, "user", str);
}
str = "eap";
break;
case 4:
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str)) {
nm_setting_vpn_add_data_item (settings, "user", str);
}
str = "psk";
break;
}
nm_setting_vpn_add_data_item (settings, "method", str);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "virtual-check"));
active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
nm_setting_vpn_add_data_item (settings, "virtual", active ? "yes" : "no");
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encap-check"));
active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
nm_setting_vpn_add_data_item (settings, "encap", active ? "yes" : "no");
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ipcomp-check"));
active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
nm_setting_vpn_add_data_item (settings, "ipcomp", active ? "yes" : "no");
nm_setting_set_secret_flags (NM_SETTING (settings), "password",
NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL);
nm_connection_add_setting (connection, NM_SETTING (settings));
return TRUE;
}
void
vpn_connection_new (FUNC_TAG_PAGE_NEW_CONNECTION_IMPL,
GtkWindow *parent,
const char *detail,
gpointer detail_data,
NMConnection *connection,
NMClient *client,
PageNewConnectionResultFunc result_func,
gpointer user_data)
{
NMSetting *s_vpn;
const char *service_type;
gs_free char *service_type_free = NULL;
gs_free char *add_detail_key_free = NULL;
gs_free char *add_detail_val_free = NULL;
const CEPageVpnDetailData *vpn_data = detail_data;
gssize split_idx, l;
const char *add_detail_key = NULL;
const char *add_detail_val = NULL;
gs_unref_object NMConnection *connection_tmp = NULL;
if (!detail && !connection) {
NewVpnInfo *info;
/* This will happen if nm-c-e is launched from the command line
* with "--create --type vpn". Dump the user back into the
* new connection dialog to let them pick a subtype now.
*/
info = g_slice_new (NewVpnInfo);
info->result_func = result_func;
info->user_data = user_data;
new_connection_dialog_full (parent, client,
NEW_VPN_CONNECTION_PRIMARY_LABEL,
NEW_VPN_CONNECTION_SECONDARY_LABEL,
vpn_type_filter_func,
vpn_type_result_func, info);
return;
}
connection = _ensure_connection_other (connection, &connection_tmp);
if (detail) {
service_type = detail;
add_detail_key = vpn_data ? vpn_data->add_detail_key : NULL;
add_detail_val = vpn_data ? vpn_data->add_detail_val : NULL;
service_type_free = nm_vpn_plugin_info_list_find_service_type (vpn_get_plugin_infos (), detail);
if (service_type_free)
service_type = service_type_free;
else if (!vpn_data) {
/* when called without @vpn_data, it means that @detail may contain "<SERVICE_TYPE>:<ADD_DETAIL>".
* Try to parse them by spliting @detail at the colons and try to interpret the first part as
* @service_type and the remainder as add-detail. */
l = strlen (detail);
for (split_idx = 1; split_idx < l - 1; split_idx++) {
if (detail[split_idx] == ':') {
gs_free char *detail_main = g_strndup (detail, split_idx);
NMVpnEditorPlugin *plugin;
service_type_free = nm_vpn_plugin_info_list_find_service_type (vpn_get_plugin_infos (), detail_main);
if (!service_type_free)
continue;
plugin = vpn_get_plugin_by_service (service_type_free);
if (!plugin) {
g_clear_pointer (&service_type_free, g_free);
continue;
}
/* we found a @service_type. Try to use the remainder as add-detail. */
service_type = service_type_free;
if (nm_vpn_editor_plugin_get_service_add_detail (plugin, service_type, &detail[split_idx + 1],
NULL, NULL,
&add_detail_key_free, &add_detail_val_free, NULL)
&& add_detail_key_free && add_detail_key_free[0]
&& add_detail_val_free && add_detail_val_free[0]) {
add_detail_key = add_detail_key_free;
add_detail_val = add_detail_val_free;
}
break;
}
}
}
if (!service_type)
service_type = detail;
s_vpn = nm_setting_vpn_new ();
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, service_type, NULL);
if (add_detail_key)
nm_setting_vpn_add_data_item ((NMSettingVpn *) s_vpn, add_detail_key, add_detail_val);
nm_connection_add_setting (connection, s_vpn);
}
complete_vpn_connection (connection, client);
(*result_func) (FUNC_TAG_PAGE_NEW_CONNECTION_RESULT_CALL, connection, FALSE, NULL, user_data);
}
static gboolean
update_connection (NMVpnEditor *editor,
NMConnection *connection,
GError **error)
{
VpncEditor *self = VPNC_EDITOR (editor);
VpncEditorPrivate *priv = VPNC_EDITOR_GET_PRIVATE (self);
NMSettingConnection *s_con;
NMSettingVpn *s_vpn;
GtkWidget *widget;
char *str;
guint32 port;
GtkTreeModel *model;
GtkTreeIter iter;
if (!check_validity (self, error))
return FALSE;
s_con = nm_connection_get_setting_connection (connection);
s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_VPNC, NULL);
/* Interface name */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "interface_name_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_INTERFACE_NAME, str, NULL);
/* Gateway */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "gateway_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_GATEWAY, str);
/* Group name */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "group_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_ID, str);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_XAUTH_USER, str);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "domain_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DOMAIN, str);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "vendor_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) {
const char *vendor = NULL;
gtk_tree_model_get (model, &iter, 1, &vendor, -1);
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_VENDOR, vendor);
} else
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_VENDOR, NM_VPNC_VENDOR_CISCO);
/* Application version */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "application_version_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_APP_VERSION, str);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encryption_combo"));
switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget))) {
case ENC_TYPE_WEAK:
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_SINGLE_DES, "yes");
break;
case ENC_TYPE_NONE:
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NO_ENCRYPTION, "yes");
break;
case ENC_TYPE_SECURE:
default:
break;
}
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "natt_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) {
const char *mode = NULL;
gtk_tree_model_get (model, &iter, 1, &mode, -1);
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NAT_TRAVERSAL_MODE, mode);
} else
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NAT_TRAVERSAL_MODE, NM_VPNC_NATT_MODE_NATT);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "dhgroup_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) {
const char *dhgroup = NULL;
gtk_tree_model_get (model, &iter, 1, &dhgroup, -1);
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DHGROUP, dhgroup);
} else
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DHGROUP, NM_VPNC_DHGROUP_DH2);
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "pfsecrecy_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) {
const char *pfs = NULL;
gtk_tree_model_get (model, &iter, 1, &pfs, -1);
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_PERFECT_FORWARD, pfs);
} else
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_PERFECT_FORWARD, NM_VPNC_PFS_SERVER);
/* Local port */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "local_port_spinbutton"));
port = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget));
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT, g_strdup_printf ("%d", port));
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "disable_dpd_checkbutton"));
if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DPD_IDLE_TIMEOUT, "0");
} else {
/* If DPD was disabled and now the user wishes to enable it, just
* don't pass the DPD_IDLE_TIMEOUT option to vpnc and thus use the
* default DPD idle time. Otherwise keep the original DPD idle timeout.
*/
if (priv->orig_dpd_timeout >= 10) {
char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout);
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DPD_IDLE_TIMEOUT, tmp);
g_free (tmp);
}
}
/* User password */
save_one_password (s_vpn,
priv->builder,
"user_password_entry",
NM_VPNC_KEY_XAUTH_PASSWORD,
NM_VPNC_KEY_XAUTH_PASSWORD_TYPE);
/* Group password */
save_one_password (s_vpn,
priv->builder,
"group_password_entry",
NM_VPNC_KEY_SECRET,
NM_VPNC_KEY_SECRET_TYPE);
/* hybrid auth */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "hybrid_checkbutton"));
if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_AUTHMODE, "hybrid");
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ca_file_chooser"));
str = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_CA_FILE, str);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
return TRUE;
}
static gboolean
update_connection (NMVpnPluginUiWidgetInterface *iface,
NMConnection *connection,
GError **error)
{
OpenswanPluginUiWidget *self = OPENSWAN_PLUGIN_UI_WIDGET (iface);
OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingVPN *s_vpn;
GtkWidget *widget;
char *str;
if (!check_validity (self, error))
return FALSE;
s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_OPENSWAN, NULL);
/* Gateway */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "gateway_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_RIGHT, str);
/* Group name */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "group_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTID, str);
/* User name*/
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTXAUTHUSER, str);
/* Phase 1 Algorithms: ike */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "phase1_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_IKE, str);
/* Phase 2 Algorithms: esp */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "phase2_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_ESP, str);
/* Domain entry */
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "domain_entry"));
str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
if (str && strlen (str))
nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DOMAIN, str);
save_one_password (s_vpn,
priv->builder,
"user_password_entry",
"user_pass_type_combo",
NM_OPENSWAN_XAUTH_PASSWORD,
NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
save_one_password (s_vpn,
priv->builder,
"group_password_entry",
"group_pass_type_combo",
NM_OPENSWAN_PSK_VALUE,
NM_OPENSWAN_PSK_INPUT_MODES);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
return TRUE;
}
static NMConnection *
import (NMVpnPluginUiInterface *iface, const char *path, GError **error)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
NMSettingIP4Config *s_ip4;
GKeyFile *keyfile;
GKeyFileFlags flags;
const char *buf;
gboolean bval;
keyfile = g_key_file_new ();
flags = G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS;
if (!g_key_file_load_from_file (keyfile, path, flags, NULL)) {
g_set_error (error,
NM_OPENCONNECT_IMPORT_EXPORT_ERROR,
NM_OPENCONNECT_IMPORT_EXPORT_ERROR_NOT_OPENCONNECT,
"does not look like a %s VPN connection (parse failed)",
OPENCONNECT_PLUGIN_NAME);
return NULL;
}
connection = nm_connection_new ();
s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ());
nm_connection_add_setting (connection, NM_SETTING (s_con));
s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_OPENCONNECT, NULL);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
s_ip4 = NM_SETTING_IP4_CONFIG (nm_setting_ip4_config_new ());
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
/* Host */
buf = g_key_file_get_string (keyfile, "openconnect", "Host", NULL);
if (buf) {
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_GATEWAY, buf);
} else {
g_set_error (error,
NM_OPENCONNECT_IMPORT_EXPORT_ERROR,
NM_OPENCONNECT_IMPORT_EXPORT_ERROR_BAD_DATA,
"does not look like a %s VPN connection (no Host)",
OPENCONNECT_PLUGIN_NAME);
g_object_unref (connection);
return NULL;
}
/* Optional Settings */
/* Description */
buf = g_key_file_get_string (keyfile, "openconnect", "Description", NULL);
if (buf)
g_object_set (s_con, NM_SETTING_CONNECTION_ID, buf, NULL);
/* CA Certificate */
buf = g_key_file_get_string (keyfile, "openconnect", "CACert", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CACERT, buf);
/* Proxy */
buf = g_key_file_get_string (keyfile, "openconnect", "Proxy", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PROXY, buf);
/* Cisco Secure Desktop */
bval = g_key_file_get_boolean (keyfile, "openconnect", "CSDEnable", NULL);
if (bval)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CSD_ENABLE, "yes");
/* Cisco Secure Desktop wrapper */
buf = g_key_file_get_string (keyfile, "openconnect", "CSDWrapper", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CSD_WRAPPER, buf);
/* User Certificate */
buf = g_key_file_get_string (keyfile, "openconnect", "UserCertificate", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_USERCERT, buf);
/* Private Key */
buf = g_key_file_get_string (keyfile, "openconnect", "PrivateKey", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PRIVKEY, buf);
/* FSID */
bval = g_key_file_get_boolean (keyfile, "openconnect", "FSID", NULL);
if (bval)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID, "yes");
/* Soft token mode */
buf = g_key_file_get_string (keyfile, "openconnect", "StokenSource", NULL);
if (buf)
nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_MODE, buf);
/* Soft token secret */
buf = g_key_file_get_string (keyfile, "openconnect", "StokenString", NULL);
if (buf)
nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf);
return connection;
}
